Subject: Re: libssh2 master 9ea5b06... Add global init/exit points, to do crypto initialization in one place.

Re: libssh2 master 9ea5b06... Add global init/exit points, to do crypto initialization in one place.

From: Lars Nordin <Lars.Nordin_at_sdlabs.se>
Date: Fri, 19 Mar 2010 14:14:51 +0100

On 2010-03-19 13:30, Peter Stuge wrote:
> libssh2_at_git.stuge.se wrote:
>
>> +void
>> +libssh2_md5(const unsigned char *message, unsigned long len,
>> + unsigned char *out)
>> +{
>> + EVP_MD_CTX ctx;
>> +
>> + EVP_DigestInit(&ctx, EVP_get_digestbyname("md5"));
>> + EVP_DigestUpdate(&ctx, message, len);
>> + EVP_DigestFinal(&ctx, out, NULL);
>> +}
>>
> Guys, MD5 is not required for SSH so it MUST NOT be required for
> libssh2!
>
>
Peter,

A lot of the code in libssh2 is missing #ifdef's around definitions for
MD5. and Yes, I missed that to. But the complain should not be pointed
to me, please.

> I'm quite annoyed with some of these changes from Lars that have been
> committed in a hurry.
>
> Don't get me wrong - we must make libssh2 work also for Lars, but we
> should remember that his requirements seem to be fairly specialized
> and I do not think it is acceptable for libssh2 to be optimized for,
> or assume, such situations.
>
>
The openssl part of libssh2 is using part (like AES, MD5 and SHA) that
is using the direct calls to the internal function. This is not working
for my use BUT it's also recommended by openssl to use the EVP-functions
from www.openssl.org
"Applications should use the higher level functions EVP_DigestInit(3)
<http://www.openssl.org/docs/crypto/EVP_DigestInit.html#> etc. instead
of calling the hash functions directly."

> //Peter
> _______________________________________________
> libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>
>
/Lars

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-03-19