rsync & SSL 'for real'

gregorcy gregorcy at
Wed Apr 18 22:34:15 GMT 2007

Hash: SHA1

that was a little harsh

Carson Gaspar wrote:
> Aaron W Morris wrote:
>> On 4/18/07, Carson Gaspar <carson at> wrote:
>>> Lawrence D. Dunn wrote:
>>> > Colleagues,
>>> >   If you do pursue SSL functionality directly in rsync,
>>> >   please be sure to take a look at Chris Rapier's work
>>> >   to "fix" standard ssh implementations, at:
>>> >
>>> >
>>> >   Turns out "-e ssh" using most libraries puts a fixed-window-size
>>> > ssh-windowing
>>> >   behavior on top of TCP - so for large bandwidth*delay product paths,
>>> >   even if you use large TCP buffers (which Wayne added for such
>>> paths),
>>> >   an "un-fixed" SSL library can clobber overall
>>> performance/throughput,
>>> >   even for a perfectly clean (no  errors/loss) path.
>>> SSL != SSH.
>> This still applies (depending on the ssl toolkit being used).  The
>> problem referenced here is the TCP window size is hard coded inside
>> the openssl library.  In order to change the window size, one must
>> patch openssl.
> TCP window size is not, and can not, be hard coded inside openssl. Do
> you know what TCP window size is?
>> Of course, there is also the question of if openssl is the appropriate
>> toolkit to use with rsync.  I am not sure of the issues with a GPL
>> binary linking against a BSD library.  Perhaps GnuTLS is more
>> appropriate...  (I know... this is probably a whole different can of
>> worms.   :-) ).
> There is no license issue. This is just a troll.
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla -


More information about the rsync mailing list