1..
2	Copyright (c) 2011-2014 Varnish Software AS
3	SPDX-License-Identifier: BSD-2-Clause
4	See LICENSE file for full text of license
5
6.. _phk_ssl:
7
8============
9Why no SSL ?
10============
11
12This is turning into a bit of a FAQ, but the answer is too big to fit
13in the margin we use for those.
14
15There are a number of reasons why there are no plans in sight that will
16grow SSL support in Varnish.
17
18First, I have yet to see a SSL library where the source code is not
19a nightmare.
20
21As I am writing this, the varnish source-code tree contains 82.595
22lines of .c and .h files, including JEmalloc (12.236 lines) and
23Zlib (12.344 lines).
24
25OpenSSL, as imported into FreeBSD, is 340.722 lines of code, nine
26times larger than the Varnish source code, 27 times larger than
27each of Zlib or JEmalloc.
28
29This should give you some indication of how insanely complex
30the canonical implementation of SSL is.
31
32Second, it is not exactly the best source-code in the world.  Even
33if I have no idea what it does, there are many aspect of it that
34scares me.
35
36Take this example in a comment, randomly found in s3-srvr.c::
37
38	/* Throw away what we have done so far in the current handshake,
39	 * which will now be aborted. (A full SSL_clear would be too much.)
40	 * I hope that tmp.dh is the only thing that may need to be cleared
41	 * when a handshake is not completed ... */
42
43I hope they know what they are doing, but this comment doesn't exactly
44carry that point home, does it ?
45
46But let us assume that a good SSL library can be found, what would
47Varnish do with it ?
48
49We would terminate SSL sessions, and we would burn CPU cycles doing
50that.  You can kiss the highly optimized delivery path in Varnish
51goodbye for SSL, we cannot simply tell the kernel to put the bytes
52on the socket, rather, we have to corkscrew the data through
53the SSL library and then write it to the socket.
54
55Will that be significantly different, performance wise, from running
56a SSL proxy in separate process ?
57
58No, it will not, because the way varnish would have to do it would
59be to ... start a separate process to do the SSL handling.
60
61There is no other way we can guarantee that secret krypto-bits do
62not leak anywhere they should not, than by fencing in the code that
63deals with them in a child process, so the bulk of varnish never
64gets anywhere near the certificates, not even during a core-dump.
65
66Would I be able to write a better stand-alone SSL proxy process
67than the many which already exists ?
68
69Probably not, unless I also write my own SSL implementation library,
70including support for hardware crypto engines and the works.
71
72That is not one of the things I dreamt about doing as a kid and
73if I dream about it now I call it a nightmare.
74
75So the balance sheet, as far as I can see it, lists "It would be
76a bit easier to configure" on the plus side, and everything else
77piles up on the minus side, making it a huge waste of time
78and effort to even think about it..
79
80Poul-Henning, 2011-02-15
81