Analysis of the problems many relay operators are currently facing

Adam Langley agl at
Thu Apr 22 23:54:52 UTC 2010

On Thu, Apr 22, 2010 at 7:48 PM, Roger Dingledine <arma at> wrote:
> Actually Nick got a patch accepted to OpenSSL mainline that dynamically
> reduces buffers as they're not needed. See item #2 on
> The remaining challenge is that roughly nobody is running OpenSSL
> 1.0.0-beta5, and roughly nobody knows how to recompile their OpenSSL. :)
> (Is your patch better or orthogonal to Nick's? Maybe we should get yours
> in too?)

Our patch reduces the default size of the buffers, but the buffers
stick around all the time. Based on Nick's email, your patch is
probably better.

We've just bumped up to OpenSSL 1.0.0 for Android trunk, so hopefully
we can drop our local patch when 1.0.1 comes around!

Why not ship your own OpenSSL and statically link as an option? The
OpenSSL build probably is a little scary, but I'm guessing that most
of your big relays are running on Windows where a simple "./config &&
make" will produce .a's for you.


Adam Langley agl at

More information about the tor-dev mailing list