>RAND_poll runs very quickly with a near-empty heap. Do you mean that the calls to Heap32First, Heap32Next, Heap32ListFirst, Heap32ListNext are failing? Can you check the return values from these calls? (using GetLastError?). In any case, the heap traversals are bounded by the 1 sec limit. Even if the variable "good" is 0, the very first block of heap allocated by the current process is retrieved. Can you exactly specify which CryptoAPI is taking so much time?
-Sandeep On Fri, Nov 6, 2009 at 11:45 AM, James Baker <j...@j-baker.org> wrote: > Background: Testing a Ruby app on 64-bit Windows 7 Ultimate, I found > that OpenSSL::PKey::RSA.generate() was taking 98 seconds. Jumping to > C, sampling showed that the great majority of this time was spent in > Heap32Next, which led me to the "heap list and heap walking" section > of RAND_poll in crypto/rand/rand_win.c > > The heap walking (and thread and module walking) are limited to 1s > unless the variable "good" is set, and advapi32.dll is loaded, which > means that "poll the CryptoAPI PRNG" using the conjunction of > CryptAcquireContextW and CryptGenRandom must be failing. > > The 98 seconds comes from walking the contents of the heap after > loading a Rails environment - RAND_poll runs very quickly with a > near-empty heap. Are the crypo-API calls ever expected to fail under > any Windows platform, or is this the abnormality? I'm not aware of any > changes in Win7 that would break those calls (though I'm investigating > whether something permission/security-related is in play here), but > I'm not aware of much about Win7 in general. I also don't see any > Win7-related changes in the OpenSSL changelog - has this platform been > validated already? > > Thanks, > James > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
