Announcement

Collapse
No announcement yet.

Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer

    Phoronix: Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer

    Rustls is the modern TLS library written in the Rust programming language with a large emphasis on memory safety and security. Rustls is backed by Google, AWS, and others as well as being a recipient of Germany's Sovereign Tech Fund. The latest exciting milestone for the open-source project is that Rustls can now work with Nginx...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    And suddenly it became interesting, moving to Rustls if you have a big infrastructure with Nginx (if I understand this right).

    Comment


    • #3
      Nice, I might try this!

      Comment


      • #4
        So what is the binary code size of that compatibility layer and/or how many times that layer is bigger than entire binary nginx code?🤔

        Comment


        • #5
          Originally posted by kloczek View Post
          So what is the binary code size of that compatibility layer and/or how many times that layer is bigger than entire binary nginx code?🤔
          Their .deb ships a shared library that's 5.7 Mb in size, or 4.8 Mb if you strip debug info. This is comparable to the size of Ubuntu's OpenSSL's libssl+libcrypto.

          The compatibility layer isn't a lot of code - not compared to OpenSSL itself at least:

          Code:
          ===============================================================================
           Language            Files        Lines         Code     Comments       Blanks
          ===============================================================================
           C                       4          521          427           28           66
           C Header                1           75           62            1           12
           Dockerfile              2           28           22            2            4
           Makefile                1          108           81            1           26
           Python                  2          270          239            7           24
           Shell                   5           69           44           13           12
           TOML                    1           18           16            0            2
           YAML                    1           35           29            0            6
          -------------------------------------------------------------------------------
           Markdown                3          604            0          583           21
           |- Shell                1            6            6            0            0
           (Total)                            610            6          583           21
          -------------------------------------------------------------------------------
           Rust                   17         7996         6667          241         1088
           |- Markdown            15          382            0          300           82
           (Total)                           8378         6667          541         1170
          ===============================================================================
           Total                  37         9724         7587          876         1261
          ===============================================================================​
          ​

          Comment


          • #6
            Originally posted by kloczek View Post
            So what is the binary code size of that compatibility layer and/or how many times that layer is bigger than entire binary nginx code?🤔
            The repository for the compatibility layer is there in the announcement: https://github.com/rustls/rustls-ope...mpat/tree/main
            I can not verify it in my phone but I would estimate several orders of magnitud smaller compared to nginx. What's your take?

            Comment


            • #7
              Originally posted by darkonix View Post

              The repository for the compatibility layer is there in the announcement: https://github.com/rustls/rustls-ope...mpat/tree/main
              I can not verify it in my phone but I would estimate several orders of magnitud smaller compared to nginx. What's your take?
              Currently nginx executable is about 1.46MB.
              So now big is that binary with compatibility layer?

              Comment


              • #8
                Originally posted by kloczek View Post

                Currently nginx executable is about 1.46MB.
                So now big is that binary with compatibility layer?
                If you're this interested in the answer, why don't you find out for yourself? Or are you simply concern trolling?

                Comment


                • #9
                  Originally posted by dlq84 View Post

                  If you're this interested in the answer, why don't you find out for yourself? Or are you simply concern trolling?
                  He's just trolling. If he wasn't, he would be asking how big Rusttls + compatibility layer is vs OpenSSL on a system, which is basically equal. Also, 4.8MB is basically nothing, even on embedded systems. Not sure why he's so concerned by the binary size to begin with, other than "Rust bad" trolling.

                  Comment


                  • #10
                    Originally posted by Daktyl198 View Post

                    Not sure why he's so concerned by the binary size to begin with, other than "Rust bad".
                    Exactly. If you want to state that "Rust is bad", just go for the dependencies in the rusttls cargo.lock file.

                    That is a lot of dependencies haha, get that shite out of here.

                    Comment

                    Working...
                    X