AW: Performance Issue With OpenSSL 1.1.1c
Dr. Matthias St. Pierre
Matthias.St.Pierre at ncp-e.com
Wed May 29 06:20:38 UTC 2019
> I think I have tracked down the change in 1.1.1c that is causing this.
> It is the addition of the DEVRANDOM_WAIT functionality for linux in
> e_os.h and crypto/rand/rand_unix.c. lighttpd (libcrypto) is waiting in
> a select() call on /dev/random. After this eventually wakes up, it then
> reads from /dev/urandom. OpenSSL 1.1.1b did not do this, but instead
> just read from /dev/urandom. Is there more information about this
> change (i.e., a rationale)? I did not see anything in the CHANGES file
> about it.
The original discussions for this change can be found on GitHub:
- issue #8215, fixed by pull request #8251
- issue #8416, fixed by pull request #8428
(see links below).
And you are right, the change should have been mentioned in
the CHANGES file. Apologies for that.
HTH,
Matthias
https://github.com/openssl/openssl/issues/8215
https://github.com/openssl/openssl/pull/8251
https://github.com/openssl/openssl/issues/8416
https://github.com/openssl/openssl/pull/8428
More information about the openssl-users
mailing list