Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 17 Mar 2012 08:15:26 +0400
From: Solar Designer <solar@...nwall.com>
To: john-dev@...ts.openwall.com
Subject: Re: SSH thread-safety

On Sat, Mar 17, 2012 at 08:54:29AM +0530, Dhiru Kholia wrote:
> On Sat, Mar 17, 2012 at 7:38 AM, Dhiru Kholia <dhiru.kholia@...il.com> wrote:
> > I have an (untested idea). Why not copy PEM_do_header function from
> > OpenSSL and remove all thread-unsafe error handling which we don't use
> > anyway?
> 
> I have implemented this idea. Performance is back and no random
> segfaults :-). Please give the latest code a shot. Thanks!

Wow, that was quick.

So I got an "undeclared" error about EVP_CIPH_FLAG_CUSTOM_CIPHER.
I simply #if 0'ed that piece, and the thing compiled and seems to work.
The speed is slightly better than it was before this round of changes
(that is, before your introduction of locking). :-)  I am getting almost
700k c/s on 8-core.  I am running the high thread count tests now.

My biggest concern is that the code is highly non-portable to different
versions of OpenSSL now.  I am not sure what we can do about that.

Thanks,

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ