Oops, I forgot to include a link to the OpenSSL GH issue, which describes the specific commit that made the change: https://github.com/openssl/openssl/issues/29340
On Mon, Dec 8, 2025 at 2:02 PM Jack O'Connor <[email protected]> wrote: > > Upgrading OpenSSL from v3.5 to v3.6 causes a ~3x slowdown for > `sha256sum` (~2x for `sha1sum`) on machines that support SHA-NI. It > looks like this was caused by a change in why/how > `OPENSSL_cpuid_setup` gets called. > > I don't know who's "to blame" or what the proper fix will be, but as a > hacky example here's a patch that fixes the performance regression in > `sha256sum` by calling `OpenSSL_add_all_algorithms` early in `main`: > > diff --git a/src/cksum.c b/src/cksum.c > index ac3e3f1..c7c20f0 100644 > --- a/src/cksum.c > +++ b/src/cksum.c > @@ -52,6 +52,9 @@ > #if HASH_ALGO_SHA256 || HASH_ALGO_SHA224 || HASH_ALGO_CKSUM > # include "sha256.h" > #endif > +#if HASH_ALGO_SHA256 && HAVE_OPENSSL_SHA256 > +# include <openssl/evp.h> > +#endif > #if HASH_ALGO_SHA512 || HASH_ALGO_SHA384 || HASH_ALGO_CKSUM > # include "sha512.h" > #endif > @@ -1505,6 +1508,10 @@ main (int argc, char **argv) > so that processes running in parallel do not intersperse their output. > */ > setvbuf (stdout, nullptr, _IOLBF, 0); > > +#if HASH_ALGO_SHA256 && HAVE_OPENSSL_SHA256 > + OpenSSL_add_all_algorithms(); > +#endif > + > #if HASH_ALGO_SUM > char const *short_opts = "rs"; > #elif HASH_ALGO_CKSUM
