[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Memory usage on relays



On Sun, Jan 17, 2010 at 8:31 PM, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
> On Sun, Jan 17, 2010 at 9:36 PM, Roger Dingledine <arma@xxxxxxx> wrote:
>> Nick wrote an OpenSSL patch to not waste so much memory in its internal
>> buffers. See item #3 on
>> http://archives.seul.org/or/dev/Jun-2008/msg00001.html
>>
>> That said, I don't know what the current state of the patch is, or where
>> you can get a copy. Nick?
>
> It's in recent versions of OpenSSL (recent as in the 1.0.0 beta versions.)
>
> If you would rather try patching an older version of OpenSSL yourself, try out
> http://freehaven.net/~nickm/openssl_mem/openssl-mem-patch-v17.txt
> I have no idea whether it applies cleanly (or at all) to older versions.

Thanks for the prompt replies. I've got a custom-built Tor with
openssl 1.0.0-beta4 running now; i'll keep an eye on it and see if
things run better that way.

As a vaguely related sidenote, is it intentional that openssl is
statically linked? I would expect that Tor more than anything would
want to benefit from security updates as quickly as possible, and most
package managers / people won't rebuild it after an openssl update.
Seems a bit dangerous. I was able to confirm that I was running with
the right version, though, by adding the following right under Tor's
version notice:

  log(LOG_NOTICE, LD_GENERAL, "Built for %s, using %s",
OPENSSL_VERSION_TEXT, SSLeay_version(SSLEAY_VERSION));

That may be worth adding, to make which version is being used visible,
especially if it's going to be statically linked.

I'll let you know in a few days how things are going with this new setup.

 - John
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/