Use deprecated OpenSSL APIs for MD5 and SHA256 if available #9469
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
|
Do we need this for 9.2.x as well? |
Member
Author
|
On 9.2.x, only sha256 use non-deprecated API. We wouldn't be able to simply cherry-pick this change, but the change for 9.2.x should not be too difficult. |
Contributor
|
Even with jemalloc, this makes master ~15% more RPS and ~15% lower latency, running at close to 1M RPS. Without jemalloc, the improvements are even more. Lesson is: don't malloc :). |
bryancall
approved these changes
Feb 28, 2023
maskit
added a commit
to maskit/trafficserver
that referenced
this pull request
Feb 28, 2023
) (cherry picked from commit 2c1c6d2) Conflicts: include/tscore/INK_MD5.h include/tscore/SHA256.h
Member
Author
|
#9473 is for 9.2.x. |
zwoop
pushed a commit
that referenced
this pull request
Mar 5, 2023
masaori335
pushed a commit
to masaori335/trafficserver
that referenced
this pull request
Jul 24, 2023
) (apache#9473) * Use deprecated OpenSSL APIs for MD5 and SHA256 if available (apache#9469) (cherry picked from commit 2c1c6d2) Conflicts: include/tscore/INK_MD5.h include/tscore/SHA256.h * Fix compile errors (cherry picked from commit b83f535)
cmcfarlen
pushed a commit
to cmcfarlen/trafficserver
that referenced
this pull request
Jun 3, 2024
* asf/master: (28 commits) Human readable timestamp for traffic_ctl config status (apache#9440) traffic_ctl - Remove legacy/pretty format output options (apache#9471) TSAN fix for fake_global_for_ink_queue. (apache#9183) libswoc: replace TextView in src/tscore/HostLookup.cc (apache#9437) records.yaml: Make sure when a string field is set to NULL then this (apache#9472) QUIC: Make sure the some of the quic configs get set into the quiche impl. (apache#9477) Replace httpbin with go-httpbin (apache#9475) Ethread::process_event(): make sure event mutex is unlocked before freeing event. (apache#9433) Use deprecated OpenSSL APIs for MD5 and SHA256 if available (apache#9469) Adds a --enable-lto option (Link Time Optimization) (apache#9464) traffic_ctl: Add support to monitor metrics. (apache#9423) QUIC: Make some adjustment to the qlog configuration (apache#9461) Added more debugging output for the xdebug plugin (apache#9467) Build: remove configure check for sys/mount.h, use C++17 builtin. (apache#9463) Fix SSLSessionDup for old OpenSSL and BoringSSL (apache#9444) Run autest tls_hooks17 and tls_hooks18 on BoringSSL build (apache#9455) Stabilize autest tls_hook18 (apache#9454) Fix parameter parser in ssl_hook_test plugin (apache#9453) Use SSL_get1_peer_certificate on OpenSSL3 build (apache#9460) records.yaml - Make some changes on the convert script. (apache#9466) ...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The new API requires heap allocation. We want to stick with the old API that doesn't require it as long as it's available.