Comment 22 for bug 12605
Revision history for this message
|
|
#22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
4d1350f
(Get the code!)
On Feb 10, 2005, at 9:15 PM, Donovan Baarda wrote:
> On Tue, 2005-02-08 at 11:52 -0800, Gregory P. Smith wrote:
>>> The md5.h/md5c.c files allow "copy and use", but no modification of
>>> the files. There are some alternative implementations, i.e. in glibc,
>>> openssl, so a replacement should be sage. Any other requirements when
>>> considering a replacement?
>
> One thing to consider is "degree of difficulty" :-)
>
>>> Matthias
>>
>> I believe the "plan" for md5 and sha1 and such is to use the much
>> faster openssl versions "in the future" (based on a long thread
>> debating future interfaces to such things on python-dev last summer).
>> That'll sidestep any tedious license issue and give a better
>> implementation at the same time. i don't believe anyone has taken the
>> time to make such a patch yet.
>
> I wasn't around for that discussion. There are two viable replacements
> for the RSA implementation currently used;
>
> libmd <http://
> openssl <http://
--
> In the Linux world, openssl is starting to become ubiquitous, so not
> including it and statically or even dynamically linking against it is
> feasible. However, using Python in other lands will probably require
> something to be included.
>
> Long term, I think openssl is the way to go. Short term, libmd is a
> painless replacement that gets around the licencing issues.
OpenSSL is also ubiquitous on Mac OS X (as a shared lib):
Mac OS X 10.2.8 has OpenSSL 0.9.6i Feb 19 2003
Mac OS X 10.3.8 has OpenSSL 0.9.7b 10 Apr 2003
One possible alternative would be to bring in something like PyOpenSSL
<http://
extensions as Python modules that use that API.
-bob