Current status of --enable-crypto
Eric S. Raymond
esr at thyrsus.com
Fri Jan 27 14:42:41 UTC 2017
Hal Murray <hmurray at megapathdsl.net>:
>
> [From gitlab]
> > It uses SHA1 but not SHA0 - SHA1 is an option for packet MACs. There should
> > be no problem with using the ISC version unconditionally.
>
> I though I saw something about getting rid of --enable-crypto
It's gone. It actually turned out to be a no-op - I think it became vestigial
when someone (probably me) taught waf how to autoconfigure based on the presence
or absence of OpenSSL.
> We currently require libsodium. Do we require libssl? If so, we can drop
> the ISC crypto code.
We do not require it. Without OpenSSL the code still has to be able to do
packet MACs, though; hence the apparently duplicative code.
> Does libsodium include SHA1 and friends? Do we still need libssl?
I don't know what libsodium includes. Daniel?
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list