EldoS | Feel safer!

Software components for data protection, secure storage and transfer

TElSSLServer and concurrent clients

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
Posted: 12/09/2015 12:40:31
by Doug Summersgill (Standard support level)
Joined: 05/14/2015
Posts: 12

Do you have an example of using TElSSLServer which handles concurrent client connections?

The Chat example is kind of what I'm looking for, but it can only handle 1 connection at a time.

Posted: 12/09/2015 15:06:42
by Vsevolod Ievgiienko (EldoS Corp.)

Thank you for contacting us.

We don't have such sample for TElSSLServer, but you can use \HTTPBlackbox\Desktop\Server\HTTPServer sample as a reference - TElHTTPSServer is built on top of TElSSLServer and the general idea will be the same except you will not need to adjust HTTP related properties.
Posted: 12/10/2015 14:28:21
by Doug Summersgill (Standard support level)
Joined: 05/14/2015
Posts: 12

Thanks for the help.

I have my server working, but wondering if there is any way to speed it up.

My app is on a Windows CE device and the first connection to the server takes almost 2 minutes. The device is very cpu bound during this time.

Subsequent connections take just a little over 3 seconds, which is fine.

Posted: 12/10/2015 14:45:47
by Ken Ivanov (EldoS Corp.)

Hi Doug,

I believe the major contribution to the CPU burden is caused by DH parameters generation. This involves a lot of heavy cryptographic operations and may cause delays on slow systems.

While you can't avoid this at the moment (as you have to generate a DH keypair anyway), you can move the generation to a different place in your application, before the first connection is accepted. You can do it quietly at the background on application start without affecting the UI and the server accessibility.

To generate the DH keypair forcefully, just call the SBSSLServer.Unit.PrepareSSLServerEnvironment() method. It is likely to take a couple of minutes on your system, but you'll be able to accept TLS connections quickly from the very start.

Posted: 12/10/2015 15:15:29
by Doug Summersgill (Standard support level)
Joined: 05/14/2015
Posts: 12

Yes, that is it.

The prepare call takes most of the 2 minutes, then connections take between 3.5 and 4.5 seconds.

Don't really like the slow startup, but if that's my only option, it's ok.

Posted: 12/10/2015 15:58:10
by Eugene Mayevski (EldoS Corp.)

We are discussing the component to let you generate a set of keys beforehand and use them afterwards. That will be more productive, than to generate everything again and again on startup.

Sincerely yours
Eugene Mayevski
Posted: 12/10/2015 16:07:30
by Doug Summersgill (Standard support level)
Joined: 05/14/2015
Posts: 12

That would be great.

I can tell you though that the performance difference between my CE device (an Atom 1.2 GHz processor) and my i7 desktop when calling PrepareSSLServerEnvironment is hard to believe.

CE = 70 to 120 seconds
Desktop = < .5 seconds

I realize there's some big OS differences, but I kind of think something is wrong.

Posted: 12/10/2015 16:16:29
by Eugene Mayevski (EldoS Corp.)

Unfortunately that's the difference between processor architectures. If you take a look at the server market, you can see that a couple of years ago some guys decided that ARM-based servers could replace Intel-based ones (at least for web). Simply, this didn't work due to performance reasons and you won't find any serious offer that uses ARM.

Sincerely yours
Eugene Mayevski
Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.



Topic viewed 2522 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!