[gnutls-help] gnutls + courier-imap => very slow
Sam Varshavchik
mrsam at courier-mta.com
Fri Jan 10 05:46:51 CET 2014
Lenz Weber writes:
> Hello,
> I'm currently investigating some serious performance problems when using
> courier-0.66.1ubuntu4 in combination with
> gnutls-3.0.11+really2.12.14-5ubuntu3.5, which would be the usual
> combination if one were to compile courier using the --with-gnutls
> config flag in the lastest Ubuntu LTS version 12.04.
The key part in the strace, here, http://paste.ubuntu.com/6724497/ starting
around line 500. What should be happening there is nothing more than a
read()ing a nicely-sized chunk from a pipe, file descriptor 6, and then
tossing the whole thing to gnutls_record_send() which writes it to a socket
on file descriptor 0.
Between each call to read(), and a subsequent writev() of the encrypted
chunk, there are two sets of calls gettimeofday(), getrusage(), and times().
I can't see why that alone would be enough to grind things to a halt;
however it's hard to see the actual timings here.
However, I happened to have sources of 3.2.7 handy, and from poking around,
those syscalls appear to be coming out of wrap_nettle_rnd_refresh() in
lib/nettle/rnd.c, which appears to have something to do with reseeding an
internal random number pool. It looks like there's a lot of work happening
here; and I don't quite follow why that needs to be done for each call to
gnutls_record_send(); but that's as far as I could go, with what I know.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: </pipermail/attachments/20140109/7c879e8b/attachment.sig>
More information about the Gnutls-help
mailing list