misleading log message related to used SSL vendor

At a stable Gentoo Linux with LibreSSL I do get :

We were built to run on a 64-bit CPU, with OpenSSL 1.0.1 or later, but with a version of OpenSSL that apparently lacks accelerated support for the NIST P-224 and P-256 groups. Building openssl with such support (using the enable-ec_nistp_64_gcc_128 option when configuring it) would make ECDH much faster.

That hint is however not applicable to LibreSSL, isn't it ?

changed milestone to %Tor: unspecified

added component::core tor/tor milestone::Tor: unspecified priority::low severity::trivial status::needs-information type::enhancement version::tor 0.3.1.5-alpha labels

Is it? I don't know if it is. Does LibreSSL always include the fast ecdh implementation, or never include it, or something else?

Trac:
Status: new to needs_information
Milestone: N/A to Tor: unspecified

Resolved #23448 (moved) as a duplicate.

Why should LibreSSL include more than one ECDH implementation? It is an OpenSSL specific option so the warning should only appear if tor is using OpenSSL.

LibreSSL offers the following optional features (excerpt from ./configure --help):

Optional Features:
  --disable-option-checking  ignore unrecognized --enable/--with options
  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
  --enable-silent-rules   less verbose build output (undo: "make V=1")
  --disable-silent-rules  verbose build output (undo: "make V=0")
  --enable-dependency-tracking
                          do not reject slow dependency extractors
  --disable-dependency-tracking
                          speeds up one-time build
  --enable-shared[=PKGS]  build shared libraries [default=yes]
  --enable-static[=PKGS]  build static libraries [default=yes]
  --enable-fast-install[=PKGS]
                          optimize for fast installation [default=yes]
  --disable-libtool-lock  avoid locking (might break parallel builds)
  --enable-nc             Enable installing TLS-enabled nc(1)
  --disable-hardening     Disable options to frustrate memory corruption
                          exploits
  --enable-windows-ssp    Enable building the stack smashing protection on
                          Windows. This currently distributing libssp-0.dll.
  --enable-extratests     Enable extra tests that may be unreliable on some
                          platforms
  --disable-asm           Disable assembly

Trac:
Username: svengo

Why should LibreSSL include more than one ECDH implementation?

Ask the LibreSSL developers that question, they ship several.

As far as I can tell, if the tor warning message is getting displayed on a LibreSSL system, the library isn't using any of the fast EC implementations that are present in the source tree (agl's or Gueron/Krasnov's).

https://github.com/libressl-portable/openbsd/tree/master/src/lib/libcrypto/ec

mentioned in issue #23448 (moved)

moved to tpo/core/tor#23232 (closed)