View Issue Details

IDProjectCategoryView StatusLast Update
0000052LDMud 3.3Compilation, Installationpublic2018-01-29 21:57
ReporterlarsAssigned ToGnomi  
PrioritynormalSeveritytweakReproducibilityalways
Status resolvedResolutionfixed 
Fixed in Version3.3.719 
Summary0000052: Use crypto functions from ssl libs when available.
DescriptionIf the ssl-libs are available, use their implementation of sha1() and md5() instead of compiling our own. This of course requires checking for the existence of those libs, and wrapping those functions into my-xxx files.
TagsNo tags attached.

Activities

fippo

2006-05-07 05:05

reporter   ~0000506

the addition of hash() resolves this bug (more or less, I would to let the old-style md5() and sha1() raise errors sometime)

zesstra

2008-12-15 12:45

administrator   ~0000825

It would be much nicer to call hash() by md5() and sha1(), if available, than to deprecate them. In fact, I prefer the latter in mudlibs, because I don't have to check with __EFUN_DEFINED__() or use an sefun.
If we want to deprecate md5() and sha1(), I suggest to make OpenSSL a requirement for the driver.

Gnomi

2008-12-26 09:02

manager   ~0000829

I like the new hash() function, because the development of cryptographic algorithms will continue (NIST is currently searching for the next hash function, which is to be named SHA-3) and I don't like adding new efuns for each new algorithm.

What I don't like is the dependancy on OpenSSL (due to its license conditions). So I propose to always have a hash() and a hash_crypt() efun (the latter should be similar to md5_crypt), that uses OpenSSL or GCrypt (when using GNUTLS) or the internal md5 and sha1 routines.

zesstra

2008-12-29 04:44

administrator   ~0000834

I fully concur that hash() is nice. I am just not the opinion that the bug is solved and we should just obsolete md5() and sha1().
If we actually move the functionality of md5() and sha1() as fall-back into hash() so that it is always available independent of OpenSSL, it is fine for me.

Gnomi

2009-04-12 11:30

manager   ~0001019

Since r2542 hash() is always available and uses OpenSSL, libgcrypt (used by GnuTLS) or the internal md5() and sha1() implementations. I marked md5() and sha1() as obsoleted by hash().

Issue History

Date Modified Username Field Change
2004-04-18 22:09 lars New Issue
2006-05-07 05:05 fippo Note Added: 0000506
2008-12-15 12:45 zesstra Note Added: 0000825
2008-12-26 09:02 Gnomi Note Added: 0000829
2008-12-26 17:31 Gnomi Status new => assigned
2008-12-26 17:31 Gnomi Assigned To => Gnomi
2008-12-29 04:44 zesstra Note Added: 0000834
2009-04-12 11:30 Gnomi Note Added: 0001019
2009-04-12 11:30 Gnomi Status assigned => resolved
2009-04-12 11:30 Gnomi Fixed in Version => 3.3.719
2009-04-12 11:30 Gnomi Resolution open => fixed
2010-11-16 09:42 Gnomi Source_changeset_attached => ldmud.git master 2d12e0f1
2018-01-29 18:59 Gnomi Source_changeset_attached => ldmud.git master 2d12e0f1
2018-01-29 21:57 Gnomi Source_changeset_attached => ldmud.git master 2d12e0f1