[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: tor plus openssl hardware?



On Tue, Feb 06, 2007 at 05:37:44PM +0100, Udo van den Heuvel wrote:
> Eugen Leitl wrote:
> > I am also interested in answers to these.
> > 
> >> Anybody here got some experience with tor and openssl hardware
> >> accelleration?
> >>
> >> I run a tiny tor server on my ADSL line, on a VIA EK8000 board which
> >> supports VIA PadLock (no-RNG, ACE). (i.e. AES support and a hardware RNG)
> >> I compiled support in the kernel and patched openssl with patches from
> >> http://www.logix.cz/michal/devel/padlock/ to make padlock static and
> >> default, etc.
> >> Is this enough for tor to use openssl with the hardware support?
> >> Do I need to patch tor?
> >> (like openssh?)
> 
> The debug log does not show any of the OpenSSL loggging that crypto.c
> can do. How do I enable this?

From the manual:

       HardwareAccel 0|1
              If non-zero, try to use crypto hardware acceleration
              when available. This is untested and probably buggy.
              (Default: 0)

Hardware acceleration is off by default because some people have
reported that it makes their Tor server crash.  We'd like more data
here; please feel free to try it out and let us know if it works for
you.

peace,
-- 
Nick Mathewson

Attachment: pgprmJN7Oxd3j.pgp
Description: PGP signature