[stunnel-users] stunnel 5.18 may keep high CPU usage

Dod dodfr at yahoo.com
Sun Jun 14 17:49:48 CEST 2015

Hello Javier,

Well after writing my answer to michal a few hours ago (and restart
stunnel again) ... still 25% !

For sure something is wrong... and looking at log file no "DH
parameters end" event since I restarted stunnel 3 hours ago.

Something goes wrong with this calculation cycle that make it never end.


J> On Sun, 14 Jun 2015 06:59:52 +0200
J> Michal Trojnara <Michal.Trojnara at mirt.net> wrote:

>> After 1 minute of running stunnel running in server mode starts
>> computing new DH parameters.  This usually takes a few minutes
>> depending on your hardware.  The process is repeated every 24 hours.

J> Hi,

J> depending on your hardware, and what hardware we need now to run
J> stunnel in server mode...

J> I see that the difference with previous versions are these 2 lines:
J> Using hardcoded DH parameters
J> DH initialized with 2048-bit key

J> Looking that I'm over 15 minutes now (and waiting) running the
J> command openssl dhparam 2048 to generate static one, this could be a
J> nightmare every 24 hours. For me isn't 25%CPU it is above 50% (or
J> 100% in one thread) in a humble Pentium 4.

J> For me, too much. That is why I decided to follow your advice but,
J> anyway, this takes so much to be by default for every system where
J> stunnel runs. Some people might have stunnel running in lower specs
J> hardware for a tiny server.

J> It is only my opinion.

J> Regards.

J> P.S.: I waited till end before send this to the list and took,
J> finally, over 20 minutes...
J> _______________________________________________
J> stunnel-users mailing list
J> stunnel-users at stunnel.org
J> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

                      mailto:dodfr at yahoo.com

More information about the stunnel-users mailing list