[stunnel-users] num_clients Undeclared

• Previous message (by thread): [stunnel-users] num_clients Undeclared
• Next message (by thread): [stunnel-users] Mongo Replication using Stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Abdelkader Chelouah wrote:
> Indeed, I'm using
> 
> /configure --build="x86_64-unknown-linux-gnu" \ 
> --prefix=${STUNNEL_DIR} \ --mandir="${STUNNEL_DIR}/man" \ 
> --docdir="${STUNNEL_DIR}/doc" \ --enable-ipv6   \ --disable-libwrap
> \ --disable-fips \ --with-threads=fork \ --with-ssl=${OPENSSL_DIR}
> \ --enable-shared \ --disable-static
> 
> As far as concerns the threading model, several linux distributions
> use the fork model.

Most likely it's because their package maintainers were not clever
enough to ask the upstream maintainer (myself) for an advice.

> Also http://devblog.bu.mp/post/40786230183/introducing-stud

This blog post is full of logical fallacies.  Its reasoning can be
best described as magical thinking:
http://en.wikipedia.org/wiki/Magical_thinking

Using the fork model slows stunnel down *a lot*, as it makes stunnel
renegotiate the SSL/TLS keys on each subsequent connection.

> seems to conclude the same way. Actually, I'am not really sure
> about the best threading model under RH Linux. Maybe, can you give
> some advices.

Let me give you a hint: the default threading model is "PTHREAD".

BTW: Despite exaggerated claims and extremely limited functionality,
stud is actually *slower* than stunnel:
http://vincent.bernat.im/en/blog/2011-ssl-benchmark-round2.html

Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlQ6l8IACgkQ/NU+nXTHMtFG2QCeN0xd7yS7mSEdPROqgi23Vwud
xhUAn1VqZrd7eMUoPiCR972DFjMm4WUg
=E9S0
-----END PGP SIGNATURE-----

• Previous message (by thread): [stunnel-users] num_clients Undeclared
• Next message (by thread): [stunnel-users] Mongo Replication using Stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]