AK's weblog

Today I ported an OpenSSL-based application over to GNU TLS (which implements SSL 3.0 and TLS 1.0), just to see how easily it can be done and how GNU TLS is different from OpenSSL. Well, first of all, GNU TLS is a bit simpler to program than OpenSSL. While you still need a lot of function calls to get SSL established, it's a lot less than in OpenSSL, and - most importantly - all library calls are lower case. Regarding key and certificate files, GNU TLS is perfectly compatible with OpenSSL. So applications that already have some kind of abstraction layer to make it easier to use OpenSSL or to make the use of SSL optional can be ported within an hour.



But still, GNU TLS has some issues: what is most annoying is that the SSL handshake takes almost infinitely long (around 5 to 10 seconds), while OpenSSL does that within a second (in my test scenario, it was always OpenSSL on the client side and OpenSSL and GNU TLS on the server side). When a had a look at GNU TLS using strace(1), I immediately saw what the problem was: GNU TLS continously polls the PID, the current time and some resource usage stuff. This is absolutely not necessary, and should be improved.



Another annoying thing was that GNU TLS has major issues with certain rlimits set. For example, when you limit the maximum CPU time using setrlimit(2), the SSL handshake is likely to fail with too few CPU time set (with OpenSSL, I experienced no problems so far). GNU TLS also gets problems when you set the maximum number of open files too low. The symptom: SSL handshake issues. GNU TLS needs to have more than 32 open files at the same time. I don't exactly know how many, but 64 work. On the contrary, OpenSSL works with less than 16 open files.