[OPEN-ILS-DEV] ***SPAM*** RE: ***SPAM*** Re: ***SPAM*** Re: SHA1 code in sha.c

Steve Wills steve.wills at lyrasis.org
Tue Dec 22 09:47:11 EST 2009 

It's also bundled in my Apple osX where my iPhone development environment lives, not to stray TOO far afield. *g*

Stev3
Lyrasis

-----Original Message-----
From: open-ils-dev-bounces at list.georgialibraries.org [mailto:open-ils-dev-bounces at list.georgialibraries.org] On Behalf Of Thomas Berezansky
Sent: Tuesday, December 22, 2009 9:25 AM
To: open-ils-dev at list.georgialibraries.org
Subject: Re: [OPEN-ILS-DEV] ***SPAM*** Re: ***SPAM*** Re: SHA1 code in sha.c

Additional note:

Several things, such as postgresql (client and server) and apache with
SSL, already require that the openssl implementation be installed on
the system. The SSH implementation installed on the systems will
likely also require it. Adding another makes no sense, especially when
we already have openssl's sitting there from everything else. Given
that we can SSH across endianess and int sizes I assume that all of
that is covered properly in the openssl implementation.

Thomas Berezansky
Merrimack Valley Library Consortium


Quoting Jason Stephenson <jstephenson at mvlc.org>:

> Quoting Scott McKellar <mck9 at swbell.net>:
>
>>
>>
>> --- On Mon, 12/21/09, Jason Stephenson <jstephenson at mvlc.org> wrote:
>>> Why reinvent the wheel? Why not just
>>> farm the work out to libcrypto? Last I checked OpenSSL
>>> typically has a SHA1 implementation that you don't have to
>>> fiddle with.
>>>
>>> Jason
>>
>> I have no intention of reinventing any wheels.  I did a quick Google and
>> saw the OpenSSL project among others.  What I don't know is how portable
>> they are.  The ones I looked at so far don't say very much on their
>> websites about architectures, int sizes, endianness, or other aspects of
>> portability.  I'd rather not have to decipher a dozen different
>> implementations of an algorithm I don't understand in order to figure
>> out which ones are better than what we've got.
>
> OpenSSL is about as portable as you can get, and is pretty much
> guaranteed to be installed on any machine that can host OpenILS.
>
>
>>
>> If anybody already knows of a suitable implementation, or knows of one
>> that we should avoid, you may be able to save me some time.
>>
>> Scott McKellar
>>
>>
>
>
>

More information about the Open-ils-dev mailing list