[SERVER-31499] Support libssl 1.1.0f or above for better scalability Created: 10/Oct/17 Updated: 01/Jun/22 Resolved: 01/Jun/22 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Build |
| Affects Version/s: | 3.4.9, 3.5.13 |
| Fix Version/s: | 4.1 Desired |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Chad Kreimendahl | Assignee: | Alex Neben |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: |
| Description |
|
For those of us already using Intel's new Scalable processors, the improvements in performance of ssl transactions significantly reduce CPU usage and increase throughput maximums. Both are beneficial to scaling. AVX-512 support was added in 1.1.0f of openssl. This would also be a great time to add in support for Debian Stretch, which uses more recent versions of the openssl libraries. See |
| Comments |
| Comment by Chad Kreimendahl [ 13/Oct/17 ] |
|
I'm curious if mongo has a policy on keeping up-to-date on current patched versions of openssl libraries, such that you're avoiding any vulnerabilities in your code? |