Learn about Centmin Mod LEMP Stack today
Register Now

OpenSSL OpenSSL 1.1.1 TLS 1.3 Nearly Here

Discussion in 'CentOS, Redhat & Oracle Linux News' started by eva2000, Aug 16, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    So close according to OpenSSL github mirror commits Update code for the final RFC version of TLSv1.3 (RFC8446) · openssl/[email protected]. TLS1.3 - OpenSSLWiki

    @bassie shame you moved to BoringSSL or are you moving back to OpenSSL 1.1.1 once final version is released ?

    Testing Nginx master branch 1.15.3 + OpenSSL 1.1.1 master branch build on Centmin Mod 123.09beta01 (without HPACK patch)
    FYI, seems Cloudflare HPACK patch fails with OpenSSL 1.1.1 master. Patch isn't enabled by default, unless you set NGINX_HPACK='y' in persistent config set with /etc/centminmod/custom_config.inc prior to Nginx recompiles via centmin.sh menu option 4. So will need to update my HPACK patch routines to detect for this and disable HPACK patch automatically. Edit: updated Centmin Mod 123.09beta01 code so will automatically set NGINX_HPACK='n' when OpenSSL 1.1.1 compiled Nginx is detected during centmin.sh menu option 4 runs.
    Code (Text):
    ccache gcc -c -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter -Werror -g -I/usr/local/include -m64 -march=native -DTCP_FASTOPEN=23 -g -O3 -Wno-error=strict-aliasing -fstack-protector-strong -flto -fuse-ld=gold --param=ssp-buffer-size=4 -Wformat -Werror=format-security -Wimplicit-fallthrough=0 -fcode-hoisting  -Wp,-D_FORTIFY_SOURCE=2 -Wno-deprecated-declarations -gsplit-dwarf -Wno-deprecated-declarations -DNDK_SET_VAR -DNDK_UPSTREAM_LIST -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/local/include -I ../ngx_devel_kit-0.3.0/objs -I objs/addon/ndk -I ../ngx_devel_kit-0.3.0/src -I ../ngx_devel_kit-0.3.0/objs -I objs/addon/ndk -I ../pcre-8.42 -I ../openssl-tls1.3/.openssl/include -I ../zlib-cloudflare-1.3.0 -I objs -I src/http -I src/http/modules -I src/http/v2 -I ../ngx_devel_kit-0.3.0/src \
            -o objs/src/http/modules/ngx_http_index_module.o \
            src/http/modules/ngx_http_index_module.c
    src/http/v2/ngx_http_v2.c: In function ‘ngx_http_v2_state_settings_params’:
    src/http/v2/ngx_http_v2.c:2083:9: error: duplicate case value
             case NGX_HTTP_V2_HEADER_TABLE_SIZE_SETTING:
             ^~~~
    src/http/v2/ngx_http_v2.c:2078:9: note: previously used here
             case NGX_HTTP_V2_HEADER_TABLE_SIZE_SETTING:
             ^~~~
    make[1]: *** [objs/src/http/v2/ngx_http_v2.o] Error 1
    make[1]: *** Waiting for unfinished jobs....
    make[1]: Leaving directory `/svr-setup/nginx-master'
    make: *** [build] Error 2
    

     
    Last edited: Aug 16, 2018
  2. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    4:14 AM
    shame? why?
     
  3. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    The grass is always greener on the 'other' side :LOL: Yeah shame might not be the right word though :)
     
  4. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    4:14 AM
    Perhaps the OpenSSL team can look each other in the mirror looking for their own identity.
    Not for nothing that Google, Cloudflare, OpenBSD, Facebook and Dropbox (have read that somewhere) have switched to BoringSSL, Fizz, LibreSSL or equivalent.

    But as always never say never again......
     
  5. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Quick OpenSSL RSA 2048 and ECDSA benchmarks for OpenSSL 1.1.0i with/without Cloudflare ECDSA performance patch vs OpenSSL 1.1.1 master branch build on Intel Xeon E3 1270v1 16GB 240GB SSD dedicated server with CentOS 7.5 64bit and Centmin Mod 123.09beta01. Looks like latest OpenSSL 1.1.1 master branch code lost the Cloudflare ECDSA patch performance which I tested was there in OpenSSL 1.1.1-pre1 ?

    openssl 1.1.0i before ECDSA patch
    Code (Text):
    /opt/openssl/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.0i  14 Aug 2018
    built on: reproducible build, date unspecified
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/opt/openssl\"" -DENGINESDIR="\"/opt/openssl/lib/engines-1.1\""  -Wa,--noexecstack
                     sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3710.0 127752.2
                                 sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0000s  86956.5  34483.7
    

    openssl 1.1.0i after ECDSA patch
    Code (Text):
    /opt/openssl/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.0i  14 Aug 2018
    built on: reproducible build, date unspecified
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/opt/openssl\"" -DENGINESDIR="\"/opt/openssl/lib/engines-1.1\""  -Wa,--noexecstack
                     sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3696.9 128008.2
                                 sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0000s 121212.1  37736.7
    

    openssl 1.1.1 older tls1.3-draft-18 branch
    Code (Text):
    /opt/openssl-tls1.3/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.1-dev  xx XXX xxxx
    built on: reproducible build, date unspecified
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR="\"/opt/openssl-tls1.3\"" -DENGINESDIR="\"/opt/openssl-tls1.3/lib/engines-1.1\""  -Wa,--noexecstack
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000269s 0.000008s   3710.6 127429.3
                                  sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0000s  84342.7  33439.4
    

    tested openssl 1.1.1-pre2 too
    Code (Text):
    /opt/openssl/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.1-pre2 (alpha) 27 Feb 2018
    built on: Wed Aug 15 22:12:03 2018 UTC
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -Wall -O3 -pthread -m64 -Wa,--noexecstack -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DL_ENDIAN
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3706.6 127548.8
                                  sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0000s 112018.1  37743.6
    

    tested openssl 1.1.1-pre8 too - even slower ECDSA
    Code (Text):
    /opt/openssl/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.1-pre8 (beta) 20 Jun 2018
    built on: Wed Aug 15 22:06:15 2018 UTC
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3709.9 127268.6
                                  sign    verify    sign/s verify/s
     256 bits ecdsa (nistp256)   0.0000s   0.0000s  60036.2  37857.1
    

    Add CentOS 7.5 system OpenSSL 1.0.2k results too
    Code (Text):
    openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.0.2k-fips  26 Jan 2017
    built on: reproducible build, date unspecified
    options:bn(64,64) md2(int) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
    compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DKRB5_MIT -m64 -DL_ENDIAN -Wall -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches   -m64 -mtune=generic -Wa,--noexecstack -DPURIFY -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000268s 0.000008s   3727.0 128008.2
                                  sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0000s  89762.8  34821.1
    

    Add LibreSSL 2.7.4
    Code (Text):
    /opt/libressl/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    LibreSSL 2.7.4
    built on: date not available
    options:bn(64,64) rc4(16x,int) des(idx,cisc,16,int) aes(partial) idea(int) blowfish(idx)
    compiler: information not available
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000300s 0.000016s   3328.5  64131.1
                                  sign    verify    sign/s verify/s
     256 bit ecdsa (nistp256)   0.0000s   0.0001s  33773.2   9121.5
    


    Update i mistakenly hard coded my OpenSSL 1.1.1 master to tls1.3-draft-18 branch which is much older so that is where the ECDSA regression was. So retested within latest OpenSSL 1.1.1 master and updated below results

    Code (Text):
    /opt/openssl-tls1.3/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.1-pre9-dev  xx XXX xxxx
    built on: Fri Aug 17 19:03:16 2018 UTC
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3706.3 127931.8
                                  sign    verify    sign/s verify/s
     256 bits ecdsa (nistp256)   0.0000s   0.0000s 128299.2  37842.9
    


    OpenSSL benchmarks rsa 2048 signs/s rsa 2048 verify/s ecdsa 256bit signs/s ecdsa 256bit verify/s
    LibreSSL 2.7.4 3328.5 64131.1 33773.2 9121.5
    OpenSSL 1.0.2k system 3727.0 128008.2 89762.8 34821.1
    OpenSSL 1.1.0i before ECDSA patch 3710.0 127752.2 86956.5 34483.7
    OpenSSL 1.1.0i after ECDSA patch 3696.9 128008.2 121212.1 37736.7
    OpenSSL 1.1.1-pre2 3706.6 127548.8 112018.1 37743.6
    OpenSSL 1.1.1-pre8 3709.9 127268.6 60036.2 37857.1
    OpenSSL 1.1.1 tls1.3-draft-18 branch 3710.6 127429.3 84342.7 33439.4
    OpenSSL 1.1.1 master (August 18, 2018) 3706.3 127931.8 128299.2 37842.9


    openssl-vs-libressl-170818-01.png

    Seems the later OpenSSL 1.1.1 builds lost the ECDSA performance improvements from the Cloudflare ECDSA patch which was originally commited in this pull request ec/ecp_nistz256.c: improve ECDSA sign by 30-40%. by dot-asm · Pull Request #5001 · openssl/openssl ?
     
    Last edited: Aug 18, 2018
  6. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah many options out there... though LibreSSL ECDSA performance lagging way behind OpenSSL 1.1 and BoringSSL
     
  7. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    4:14 AM
    Yes, instead of removing old compatibility code and weak code from OpenSSL releases and release it under own brand, they maintain an old OpenSSL version and build up their own functions. This way you will lag behind hopelessly. LibreSSL is doomed to fail.
     
    • Agree Agree x 1
  8. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yup was curious so added system OpenSSL 1.0.2k and LibreSSL 2.7.4 benchmarks to above post here. LibreSSL RSA 2048 and ECDSA performance is 1/3 to 1/2 performance of OpenSSL !
     
  9. bassie

    bassie Well-Known Member

    1,025
    246
    63
    Apr 29, 2016
    Ratings:
    +726
    Local Time:
    4:14 AM
    There is absolutely no reason to use LibreSSL rather than using it with OpenBSD.
     
    • Agree Agree x 1
  10. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    seems HPACK patch problem wasn't OpenSSL 1.1.1 but with Nginx 1.15.3 master branch due to probably the changes for boringssl. OpenSSL 1.1.1 + Nginx 1.15.2 were fine with Cloudflare HPACK patch - so the patch needs an update for Nginx 1.15.3 compatibility

     
  11. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  12. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Update i mistakenly hard coded my OpenSSL 1.1.1 master to tls1.3-draft-18 branch which is much older so that is where the ECDSA regression was. So retested within latest OpenSSL 1.1.1 master and updated below results

    Code (Text):
    /opt/openssl-tls1.3/bin/openssl speed -multi 8 rsa2048 ecdsap256
    
    OpenSSL 1.1.1-pre9-dev  xx XXX xxxx
    built on: Fri Aug 17 19:03:16 2018 UTC
    options:bn(64,64) rc4(16x,int) des(int) aes(partial) idea(int) blowfish(ptr)
    compiler: ccache gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DNDEBUG
                      sign    verify    sign/s verify/s
    rsa 2048 bits 0.000270s 0.000008s   3706.3 127931.8
                                  sign    verify    sign/s verify/s
     256 bits ecdsa (nistp256)   0.0000s   0.0000s 128299.2  37842.9
    


    OpenSSL benchmarks rsa 2048 signs/s rsa 2048 verify/s ecdsa 256bit signs/s ecdsa 256bit verify/s
    LibreSSL 2.7.4 3328.5 64131.1 33773.2 9121.5
    OpenSSL 1.0.2k system 3727.0 128008.2 89762.8 34821.1
    OpenSSL 1.1.0i before ECDSA patch 3710.0 127752.2 86956.5 34483.7
    OpenSSL 1.1.0i after ECDSA patch 3696.9 128008.2 121212.1 37736.7
    OpenSSL 1.1.1-pre2 3706.6 127548.8 112018.1 37743.6
    OpenSSL 1.1.1-pre8 3709.9 127268.6 60036.2 37857.1
    OpenSSL 1.1.1 tls1.3-draft-18 branch 3710.6 127429.3 84342.7 33439.4
    OpenSSL 1.1.1 master (August 18, 2018) 3706.3 127931.8 128299.2 37842.9
     
    • Like Like x 1
    • Informative Informative x 1
  13. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Google chrome/blink group discussing adding final TLS 1.3 version and interesting notes Google Groups
    So TLS 1.3 was delayed by the work on TLS 1.3 downgrade protections it seems and that TLS 1.3 is best used with ECDSA SSL certificates and ssl ciphers.
     
  14. upgrade81

    upgrade81 Premium Member Premium Member

    178
    9
    18
    Sep 5, 2016
    Italy
    Ratings:
    +13
    Local Time:
    4:14 AM
    1.13.8
    10
    Hello can you please kindly tell me the steps you need to do to enable tls 1.3? on centminmod beta.
     
  15. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Like Like x 1
  16. eva2000

    eva2000 Administrator Staff Member

    37,227
    8,132
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,520
    Local Time:
    1:14 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Like Like x 1
..