Re: OpenSSH slow on OSX High Sierra (maybe due to libcrypto)?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 12 July 2018 at 18:10, Darren Tucker <dtucker@xxxxxxxxxxx> wrote:
[...]
> vendor-supplied libcrypto being about 20x slower at bignum operations
> than nominally the same version of LibreSSL compiled locally.

I've discovered two data points that may or may not be clues.

1) the native libcrypto is a "fat" library with both i386 and x86_64 code:

$ file /usr/lib/libcrypto.dylib
/usr/lib/libcrypto.dylib: Mach-O universal binary with 2
architectures: [i386:Mach-O dynamically linked shared library i386]
[x86_64]
/usr/lib/libcrypto.dylib (for architecture i386): Mach-O dynamically
linked shared library i386
/usr/lib/libcrypto.dylib (for architecture x86_64): Mach-O 64-bit
dynamically linked shared library x86_64

2) if I build libressl forcing 32 bit mode, the resulting speed is
close to what I'm seeing from the native libcrypto + openssl tool
(which is also fat).

$ CFLAGS=-m32 ./configure --disable-asm && make -j4 && apps/openssl speed rsa
[...]
compiler: information not available
                  sign    verify    sign/s verify/s
rsa  512 bits 0.000950s 0.000072s   1052.2  13924.2
rsa 1024 bits 0.005181s 0.000227s    193.0   4406.0
rsa 2048 bits 0.031746s 0.000827s     31.5   1208.5
rsa 4096 bits 0.210208s 0.002916s      4.8    342.9

My ssh binaries are all x86_64 only so it's not as simple as just
having built the wrong binary type.

Does anyone know how to see what the linker/loader is actually doing?

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux