SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0001872: update openssl-CFLAGS to increase speed - MantisBT Endian Bugtracker
Endian Issue Tracker





Please see now our new Bugtracker system: JIRA








View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001872Endian FirewallNetwork related (VPN, uplinks)public2009-05-14 12:432010-09-20 18:02
Reportermike-f 
Assigned Topeter-endian 
PrioritynormalSeveritytweakReproducibilityalways
StatusacknowledgedResolutionopen 
PlatformOSOS Version
Product Version2.2-rc3 
Target Version2.5Fixed in Version 
Summary0001872: update openssl-CFLAGS to increase speed
Descriptionreview the current openssl-CFLAGS as this might give a better performance on i.e. VPNs

endian 2.2-rc3

OpenSSL 0.9.7a Feb 19 2003
built on: Sun Oct 1 19:59:55 EDT 2006
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx)
compiler: gcc -fPIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DOPENSSL_NO_ASM -DOPENSSL_NO_IDEA -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_EC -DL_ENDIAN -DTERMIO -Wall -O2 -g -march=i386 -mcpu=i686 -Wa,--noexecstack
Additional InformationCentOS 5.3
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
built on: Tue Mar 3 12:54:01 EST 2009
options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) aes(partial) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -I/usr/kerberos/include -DL_ENDIAN -DTERMIO -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=generic -fasynchronous-unwind-tables -Wa,--noexecstack -DOPENSSL_USE_NEW_FUNCTIONS -fno-strict-aliasing -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM


osx-10.5.7
OpenSSL 0.9.8j 07 Jan 2009
built on: Thu Jan 29 23:15:39 CET 2009
options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) aes(partial) idea(int) blowfish(ptr)
compiler: cc -fPIC -fno-common -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch i386 -O3 -fomit-frame-pointer -DL_ENDIAN
TagsNo tags attached.
Attached Files

- Relationships
related to 0001883confirmed update openssl to a more recent version 

-  Notes
(0002342)
mike-f (updater)
2009-05-14 13:02
edited on: 2009-05-14 13:03

here are some results on different hosts
we did't use -multi in these cases as CentOS-machine has only one core


EF: AMD Athlon Dual Core Processor 4450B - cpu MHz: 2298.917
CentOS 5.3: Intel Celeron CPU 2.00GHz - cpu MHz: 2660.185 (quite old box)


The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
E: sha1 12020.63k 38240.50k 71965.52k 100481.99k 157444.55k
C: sha1 14305.50k 46721.15k 114080.00k 180954.45k 214269.95k


E: md5 12283.26k 41224.13k 107307.15k 186743.24k 183010.38k
C: md5 14308.17k 50122.43k 138555.31k 245786.37k 316891.14k


E: aes-256 cbc 36732.65k 36885.90k 37686.70k 37584.90k 37792.43k
C: aes-256 cbc 31519.87k 34265.62k 35389.27k 86484.47k 87315.80k

-----
                  sign verify sign/s verify/s
E: rsa 1024 bits 0.006888s 0.000358s 145.2 2790.3
C: rsa 1024 bits 0.002076s 0.000111s 481.6 9000.7

E: rsa 2048 bits 0.044798s 0.001301s 22.3 768.7
C: rsa 2048 bits 0.013477s 0.000387s 74.2 2586.2

E: rsa 4096 bits 0.320937s 0.004780s 3.1 209.2
F: rsa 4096 bits 0.092685s 0.001434s 10.8 697.2

-----
indeed - the old machine performs quite nice
we didn't include the osx-tests as the results ware really ugly to see...
could't test sha256 and sha512 as the EF-binaries don't support them at the moment


- Issue History
Date Modified Username Field Change
2009-05-14 12:43 mike-f New Issue
2009-05-14 12:43 mike-f Assigned To => peter-endian
2009-05-14 13:02 mike-f Note Added: 0002342
2009-05-14 13:03 mike-f Note Edited: 0002342
2009-05-19 07:33 luca-endian Relationship added related to 0001883
2010-09-20 18:02 peter-endian Status new => acknowledged
2010-09-20 18:02 peter-endian Target Version => 2.5

Copyright © 2005-2008 Endian, SRL. All rights reserved.


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker