From owner-freebsd-ports@FreeBSD.ORG  Wed Aug 28 09:18:15 2013
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 51C83FE1;
 Wed, 28 Aug 2013 09:18:15 +0000 (UTC)
 (envelope-from roberto@keltia.freenix.fr)
Received: from keltia.net (aran.keltia.net [88.191.250.24])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1667D27D3;
 Wed, 28 Aug 2013 09:18:14 +0000 (UTC)
Received: from roberto02-aw.eurocontrol.fr (unknown [88.190.16.243])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested) (Authenticated sender: roberto)
 by keltia.net (Postfix) with ESMTPSA id D956452AE;
 Wed, 28 Aug 2013 11:18:13 +0200 (CEST)
Date: Wed, 28 Aug 2013 11:18:04 +0200
From: Ollivier Robert <roberto@keltia.freenix.fr>
To: freebsd-security@freebsd.org, freebsd-ports@freebsd.org
Subject: Re: security/openssl speed issues
Message-ID: <20130828091804.GA54134@roberto02-aw.eurocontrol.fr>
References: <20130827153205.GA48196@roberto02-aw.eurocontrol.fr>
 <20130828022728.GR29777@funkthat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20130828022728.GR29777@funkthat.com>
X-Operating-System: MacOS X / Macbook Pro - FreeBSD 7.2 / Dell D820 SMP
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Aug 2013 09:18:15 -0000

According to John-Mark Gurney on Tue, Aug 27, 2013 at 07:27:28PM -0700:
> I guess now we need to figure out how to teach OpenSSL to use AES-NI
> natively even when /dev/crypto is available...
> 
> but at least we did solve the (non-)issue of bad OpenSSL performance...

Excellent analysis, thank you.  I must admit it is not always easy to see how openssl works, it is a bit, ahem, messy around there :)

> I will submit a patch to OpenSSL to not make the documentation of the
> -elapsed option dependent on defines...

Thanks.

-- 
Ollivier ROBERT -=- FreeBSD: The Power to Serve! -=- roberto@keltia.net
In memoriam to Ondine, our 2nd child: http://ondine.keltia.net/