Subject: Re: libssh2 master 9ea5b06... Add global init/exit points, to do crypto initialization in one place.

Re: libssh2 master 9ea5b06... Add global init/exit points, to do crypto initialization in one place.

From: Simon Josefsson <simon_at_josefsson.org>
Date: Sun, 21 Mar 2010 19:49:57 +0100

Peter Stuge <peter_at_stuge.se> writes:

> libssh2_at_git.stuge.se wrote:
>> +void
>> +libssh2_md5(const unsigned char *message, unsigned long len,
>> + unsigned char *out)
>> +{
>> + EVP_MD_CTX ctx;
>> +
>> + EVP_DigestInit(&ctx, EVP_get_digestbyname("md5"));
>> + EVP_DigestUpdate(&ctx, message, len);
>> + EVP_DigestFinal(&ctx, out, NULL);
>> +}
>
> Guys, MD5 is not required for SSH so it MUST NOT be required for
> libssh2!

How does the patch change anything compared to before? That function is
not used if md5 support is disabled.

We can wrap the libssh2_md5 function in a '#if !LIBSSH2_MD5' if you
want? It won't change anything as far as I can tell though.

If the patch DID change anything in libssh2's behaviour, I'd like to
understand what, because then I have misunderstood some logic in how the
code worked.

> I'm quite annoyed with some of these changes from Lars that have been
> committed in a hurry.
>
> Don't get me wrong - we must make libssh2 work also for Lars, but we
> should remember that his requirements seem to be fairly specialized
> and I do not think it is acceptable for libssh2 to be optimized for,
> or assume, such situations.

I agree fully. Any such change is accidental. Libssh2 should be a
standards-compliant implementation, and it should ideally warn the user
if she tries to build it in any other way.

/Simon
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-03-21