Is there any performance penalty using --with-ssl?
Hi!
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args? Of course,
if SSL is actually *used*, I know what'll happen ;-) Just wondering
whether there is any reason not to include it by default if it exists on
the system; will it decrease performance for those who don't use it?
Regards,
Palle
Palle Girgensohn <girgen@partitur.se> writes:
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args?
Failure to build/run if SSL libraries are not available?
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.
regards, tom lane
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args?
No, the only reason that the switch exists is that some hosts may not have
OpenSSL
installed (including related legal reasons).
--
GMX - Die Kommunikationsplattform im Internet.
http://www.gmx.net
Attachments:
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.
Well, FreeBSD has come with OpenSSL in the base system by default for a long
time now.
What about the memory size overhead it adds to every postgres process?
Chris
--On Thursday, January 03, 2002 23:03:11 -0500 Tom Lane <tgl@sss.pgh.pa.us>
wrote:
Palle Girgensohn <girgen@partitur.se> writes:
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args?Failure to build/run if SSL libraries are not available?
The main problem, of course, but this is can be handled in the port.
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.
True. Thanks for the input.
Cheers,
Palle
Failure to build/run if SSL libraries are not available?
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.
Palle - the current Postgres Port uses the 'dialog' command to present a
menu of what people can optionally compile in. Why not just leave it in
that menu?
Chris
On Thu, 3 Jan 2002, Tom Lane wrote:
Palle Girgensohn <girgen@partitur.se> writes:
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args?Failure to build/run if SSL libraries are not available?
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.
SSL libraries are default with a FreeBSD install, as its required by SSH
...
"Christopher Kings-Lynne" <chriskl@familyhealth.com.au> writes:
What about the memory size overhead it adds to every postgres process?
AFAIK, on all modern OSes there's no significant performance penalty
for code that's nominally part of your address space but is never
actually swapped in/executed.
regards, tom lane
--On Friday, January 04, 2002 12:32:26 +0800 Christopher Kings-Lynne
<chriskl@familyhealth.com.au> wrote:
Failure to build/run if SSL libraries are not available?
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.Palle - the current Postgres Port uses the 'dialog' command to present a
menu of what people can optionally compile in. Why not just leave it in
that menu?
Reason is, I am invesigating the possibility of totally removing the dialog
and split all interfaces into separate ports. There are pros and cons to
this idea, but IMO the pros win.
/Palle
--On Friday, January 04, 2002 00:50:08 -0500 "Marc G. Fournier"
<scrappy@hub.org> wrote:
On Thu, 3 Jan 2002, Tom Lane wrote:
Palle Girgensohn <girgen@partitur.se> writes:
I am preparing the update of the FreeBSD port of PostgreSQL with the
upcoming 7.2, and I'm just wondering: is there any performance penalty
intoduced by including --with-ssl in the default configure args?Failure to build/run if SSL libraries are not available?
AFAIK there is no run-time penalty, especially not if the server is
started without the enable-ssl switch. But there had better be an
SSL library to link with.SSL libraries are default with a FreeBSD install, as its required by SSH
True. I was thinking of the obscure cases where
#NO_OPENSSL= true # do not build OpenSSL (implies NO_OPENSSH)
is uncommented in make.conf... The port can handle that, no problem, but a
package would fail at runtime. Those freebsd'ers can probably live with
this, I guess?
/Palle