ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] Remove our bundled crypto library (in favor of Libgcrypt)?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Bálint Réczey <balint@xxxxxxxxxxxxxxx>
Date: Thu, 9 Feb 2017 12:22:06 +0100
Hi All,

2017-02-09 11:34 GMT+01:00 Bálint Réczey <balint@xxxxxxxxxxxxxxx>:
> Hi Guy,
>
> 2017-02-08 19:51 GMT+01:00 Guy Harris <guy@xxxxxxxxxxxx>:
>> On Feb 8, 2017, at 5:40 AM, Peter Wu <peter@xxxxxxxxxxxxx> wrote:
>>
>>> I did not expect Libgcrypt to consume entropy when it is just doing
>>> decryption.
>>
>> I'm concerned with consuming CPU and wall-clock time - i.e., slowing *shark startup - not entropy.
>
> perf would show that.
>
> rbalint@chaos:~/Downloads$ cat exit.lua
> os.exit(1)
> rbalint@chaos:~/Downloads$ wireshark -X lua_script:exit.lua
> rbalint@chaos:~/Downloads$ perf record -g -- wireshark -X lua_script:exit.lua
> [ perf record: Woken up 1 times to write data ]
> [ perf record: Captured and wrote 0.249 MB perf.data (~10883 samples) ]
> rbalint@chaos:~/Downloads$ perf report --sort comm,dso
> +   58.47%     0.00%        wireshark  [unknown]
> +   34.86%    15.55%        wireshark  libQt5Gui.so.5.3.2
> +   21.56%    20.78%        wireshark  libQt5Widgets.so.5.3.2
> +   11.88%     8.99%        wireshark  libc-2.19.so
> +    9.50%     9.42%        wireshark  libglib-2.0.so.0.4800.0
> +    8.90%     7.35%        wireshark  libwireshark.so.8.1.2
> +    8.75%     8.75%        wireshark  [kernel.kallsyms]
> +    8.06%     7.51%        wireshark  libQt5Core.so.5.3.2
> +    7.12%     3.97%        wireshark  ld-2.19.so
> +    5.45%     5.45%        wireshark  libfontconfig.so.1.8.0
> +    5.33%     5.33%        wireshark  libz.so.1.2.8
> +    1.75%     1.75%        wireshark  libpng12.so.0.50.0
> +    1.29%     1.29%          QThread  [kernel.kallsyms]
> +    1.15%     1.13%        wireshark  i965_dri.so
> +    0.82%     0.13%        wireshark  wireshark
> +    0.50%     0.50%        wireshark  libfreetype.so.6.11.1
> +    0.46%     0.15%        wireshark  libX11.so.6.3.0
> +    0.40%     0.40%        wireshark  libharfbuzz.so.0.935.0
> +    0.30%     0.30%        wireshark  libexpat.so.1.6.0
> +    0.28%     0.00%        wireshark  libnl-genl-3.so.200.19.0
> +    0.28%     0.16%        wireshark  libqxcb.so
> +    0.20%     0.20%        wireshark  libnettle.so.4.7
> +    0.16%     0.00%  QXcbEventReader  [unknown]
> +    0.16%     0.16%  QXcbEventReader  [kernel.kallsyms]
> +    0.16%     0.03%  QXcbEventReader  libpthread-2.19.so
> +    0.16%     0.16%        wireshark  liblua5.2.so.0.0.0
> +    0.15%     0.00%        wireshark  libdl-2.19.so
> +    0.15%     0.08%        wireshark  libpthread-2.19.so
>
> I don't see anything related to that.

Seeing the Qt libs made me curious and ran another test on Debian
Jessie with packaged 2.2.2 :
rbalint@chaos:~/Downloads$ time wireshark-gtk -X lua_script:exit.lua

real    0m0.304s
user    0m0.244s
sys    0m0.044s
rbalint@chaos:~/Downloads$ time wireshark -X lua_script:exit.lua

real    0m0.906s
user    0m0.556s
sys    0m0.128s

Cheers,
Balint
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube