Opened 9 years ago

Closed 4 years ago

#1794 closed enhancement (wontfix)

Finish support for AES_CTR acceleration on Solaris

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay solaris lorax
Cc: ruebezahl Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Some Solaris hw/sw combinations have built-in support for AES_CTR acceleration. Wyllys Ingersoll started writing a patch to add support for this to our relay crypto, which can speed up relay performance a lot.

The latest version of this code is in branch "solaris-aes" in my public repository. It needs more work before it's ready to merge. The outstanding issues are:

  • We don't have an autoconf test to see if we're building on a host with PKCS11 support. We should add one, and have it set USE_PKCS11_FRAMEWORK when we are. The usual autoconf way would be to test for the presence of some header or function.
  • Last time I reviewed this patch, it looked like it didn't implement our aes_set_iv function. If that's so, the patch will break hidden services (and probably the unit tests too). So, aes_set_iv needs to get implemented.

Child Tickets

Change History (8)

comment:1 Changed 9 years ago by nickm

Milestone: Tor: unspecified

Moving to "Tor: unspecified" milestone; I don't think anybody in the Tor project has the hardware to work on this, or the knowhow to do it right without guidance from a more experienced solaris person.

comment:2 Changed 9 years ago by arma

Yeah -- it's also been a very long time since Wyllys sent us his patch.

Somebody should point Wyllys to this trac entry, or no progress is going to be made here.

comment:3 Changed 7 years ago by nickm

Keywords: tor-relay added

comment:4 Changed 7 years ago by nickm

Component: Tor RelayTor

comment:5 Changed 4 years ago by nickm

Cc: ruebezahl added
Keywords: solaris added
Status: newneeds_information

I wonder if this is still needed with recent openssls.

comment:6 Changed 4 years ago by arma

We have basically zero relays on solaris, right?

comment:7 Changed 4 years ago by nickm

Keywords: lorax added

Basically zero, yeah. But they are happy and enthusiastic people and I'm hoping maybe one of them would like to finish the code from back 5 years ago. :)

comment:8 Changed 4 years ago by yawning

Resolution: wontfix
Status: needs_informationclosed

0.2.7.x and later *REQUIRE* OpenSSL versions that have working and accelerated AES support, probably even on Slowlaris. Closing.

Note: See TracTickets for help on using tickets.