On Fri, Apr 11, 2014 at 08:15:27PM -0600, Bob Beck wrote:
On Fri, Apr 11, 2014 at 6:09 PM, Reyk Floeter r...@openbsd.org wrote:
I did some testing with apache bench (ab) and it shows a negative
performance impact when running with multiple preforked relays and
concurrent requests.
On Wed, Apr 09, 2014 at 04:20:23PM +0200, Reyk Floeter wrote:
relayd uses privsep to mitigate the risk of potential attacks.
OpenSSL's SSL code wasn't designed with privsep in mind. We already
have a hack to load the keys and certificates in the parent process
and to send them via imsg to the
On Fri, Apr 11, 2014 at 6:09 PM, Reyk Floeter r...@openbsd.org wrote:
I did some testing with apache bench (ab) and it shows a negative
performance impact when running with multiple preforked relays and
concurrent requests. But this is expected because all processes have
to wait for the
Hi,
relayd uses privsep to mitigate the risk of potential attacks.
OpenSSL's SSL code wasn't designed with privsep in mind. We already
have a hack to load the keys and certificates in the parent process
and to send them via imsg to the chroot'ed relays; OpenSSL normally
wants to load them from