Date: Wed, 8 Jun 2011 21:20:52 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: 1.7.7-jumbo-6 On Wed, Jun 08, 2011 at 08:37:58PM +0400, Solar Designer wrote: > On Tue, Jun 07, 2011 at 10:41:43PM -0700, Dhiru Kholia wrote: > > 1. What about limiting the patch to OpenSSL 1.0.0 series (which > > hopefully works!)? > > This is what I did in -RC4. I also added a check for "compiled against > 1.0.0+, but running with older version" (which may happen with dynamic > linking). This is totally untested. This was slightly buggy. Fixed in -RC5 (on the wiki). > The warning message I added says it disables OpenMP, although it > actually only reduces max_keys_per_crypt to 1. This appears to have > almost no performance impact for this format, so I think it's OK as a > workaround (definitely better than a crash). On a dual Xeon E5420 (8 cores total, 2.5 GHz, no HT), Owl-current (OpenSSL 1.0.0d), I am getting: Non-OpenMP build: Benchmarking: ssh [32/64]... DONE Many salts: 79008 c/s real, 79008 c/s virtual Only one salt: 78035 c/s real, 78035 c/s virtual OpenMP: Benchmarking: ssh [32/64]... (8xOMP) DONE Many salts: 352204 c/s real, 44324 c/s virtual Only one salt: 353625 c/s real, 44225 c/s virtual Somehow only a 4.5x speedup, even though we have 8 "true" cores and zero system load (the machine is totally unused). Testing of the runtime check (I patched the check to require non-existent OpenSSL 2.0 at runtime, just to test it): Benchmarking: ssh [32/64]... (8xOMP) Warning: compiled against OpenSSL 1.0+, but running with an older version - disabling OpenMP for SSH because of thread-safety issues of older OpenSSL DONE Many salts: 62003 c/s real, 7760 c/s virtual Only one salt: 61797 c/s real, 7714 c/s virtual $ ./john ../src/unused/sshdump Warning: compiled against OpenSSL 1.0+, but running with an older version - disabling OpenMP for SSH because of thread-safety issues of older OpenSSL Loaded 2 password hashes with 2 different salts (ssh [32/64]) 12345 (rsa_test.key) 12345 (dsa_test.key) guesses: 2 time: 0:00:00:00 DONE (Wed Jun 8 21:19:07 2011) c/s: 64437 trying: 12345 Use the "--show" option to display all of the cracked passwords reliably Well, it's not pretty and there's performance impact (vs. non-OpenMP build), but it works. Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.