[tor-relays] HW-Accelerated OpenSSL & Tor not playing nicely.
12xBTM
12xbtm at gmail.com
Sat May 2 15:09:38 UTC 2015
Thanks for your help. I left it out of my email, but I actually did do
it. Except for the ls bit. I originally ran the config without "shared",
encountered an error later down the road, deleted the extracted
directory, and redid the config correctly, and then just simply did
"sudo make" and then "sudo made install" without doing anything about
the original library, which i assume was overwritten. But maybe I just
corrupted it? Do I just delete the library's directory and retry, or is
there something more?
The "DUSE_CRYPTODEV_DIGESTS" is seen in the Tor error log because
cryptodev digests are giving errors. I also don't see an entry about the
"running the test suite" in the README. I see mention of a patch for
Crytodev for OPENSSL, but, when on the site it links, I have no idea how
to apply the patch for it says nothing patching it. (Sorry, I'm a total
linux newb) Also, on the cryptodev-linux page:
https://github.com/cryptodev-linux/cryptodev-linux/blob/master/NEWS , it
says 1.7 was released in 07 Feb, 2015, which is long after the release
of the patch that is talked about in the readme. Likewise, the patch
linked is a whole year older than the version of OpenSSL I'm using, but
it may not be part of the standard distribution of OpenSSL.
Also, I see the mention of GnuTLS in Crypodev, if there's a better way
to go about having HW-accelerated crypto for Tor (excluding Intel
aes-ni), please let me know.
On 2.5.15 10:46, Yawning Angel wrote:
> On Sat, 02 May 2015 09:42:42 -0400
> 12xBTM <12xbtm at gmail.com> wrote:
>
>> Step 1: Getting OpenSSL to become Hardware-Accelerated
>>
>> sudo apt-get install linux-image-3.14.39-ti-r61
>> sudo apt-get install linux-headers-3.14.39-ti-r61
>> wget
>> http://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz
>> tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/
>> sudo make
>> sudo make install
>> sudo depmod -a
>> sudo modprobe cryptodev
>> lsmod
>> sudo sh -c 'echo cryptodev>>/etc/modules'
>> cd ~
>> wget https://www.openssl.org/source/openssl-1.0.2a.tar.gz
>> tar zxf openssl-1.0.2a.tar.gz
>> cd openssl-1.0.2a/
> You left out, patching OpenSSL's cryptodev support to function.
>
>> ls
>> ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared
>> sudo make
>> sudo make install
> And you left out "running the test suite, which according to the bug in
> OpenSSL's bugtracker, would have failed".
>
> Both of these dastardly details are hidden in the depths of the file
> misleadingly titled "README" in cryptodev-linux-1.7.tar.gz, under the
> heading "* OpenSSL:".
>
> Regards,
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20150502/8648ae37/attachment.html>
More information about the tor-relays
mailing list