Hi,
does anyone know if the aes-ni support of the motherboard is used by default? (I saw nothing in the logs.) At the beginning I thought so but than I stumbled upon this option:
HardwareAccel 1
After I edited my torrc, this line showed up in my logs:
Dec 21 17:34:41.000 [notice] Default OpenSSL engine for RSA is RSAX engine support [rsax]
-------------------------------
And my other question is, does tor recognize this option?
MaxMemInQueues 7000 MByte
Because I see nothing in the logs. I am not 100% sure but I think tor gave a feedback when I used this option in the earlier versions.
Cheers, Patrice
Please don't mix multiple questions into one thread.
Patrice:
does anyone know if the aes-ni support of the motherboard is used by default? (I saw nothing in the logs.)
Tor does not implement crypto itself (mostly) and relies on a cryptolibrary (which is OpenSSL/LibreSSL/etc) instead. Thus you should check if AES-NI is enabled in your cryptolibrary.
An excerpt from StackOverflow answer [1] about it:
$ openssl speed -elapsed -evp aes-128-cbc
$ OPENSSL_ia32cap="~0x200000200000000" openssl speed -elapsed -evp aes-128-cbc
"Output of the first line should be significantly faster than the second." If there is no AES-NI enabled in "OpenSSL" these two should give similar results.
N.B. AES-NI is not a feature of *motherboard* - it's CPU instructions (NI stands for "New Instructions").
[1] http://stackoverflow.com/questions/25284119/how-can-i-check-if-openssl-is-su... -- Ivan Markin
Patrice:
And my other question is, does tor recognize this option?
MaxMemInQueues 7000 MByte
It does, see the man page or the source code.
Because I see nothing in the logs. I am not 100% sure but I think tor gave a feedback when I used this option in the earlier versions.
You will not see anything in logs until this value isn't good and was adjusted by tor. For details, see compute_real_max_mem_in_queues() function in /src/or/config.c.
-- Ivan Markin
tor-relays@lists.torproject.org
-
Ivan Markin -
Patrice