apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject Re: SHA2 in APR
Date Wed, 16 Oct 2013 14:22:29 GMT
On Thu, Oct 10, 2013 at 4:49 PM, Dirkjan Ochtman <djc@apache.org> wrote:

> Hi,
> (Sending again from the right mail address, please ignore the other one.)
> I've been hanging out in #apr on Freenode recently, but it appears the
> intersection of people hanging out there and active APR committers is
> pretty much the empty set.
> I recently filed
> https://issues.apache.org/bugzilla/show_bug.cgi?id=55520 and I wonder
> if people had actually seen that. There seems to have been a lot of
> talk about an 1.5 release, so I might be late with this, but since the
> implementation has already been there, maybe exposing this isn't so
> hard? In any case, this seems like a no-brainer to me.
> The reason I've recently gotten interested in APR (and SHA support) is
> my work on https://github.com/mozilla/mod_authn_persona.
> Cheers,
> Dirkjan

(Only since nobody responded yet...)

Somebody in APR-land with an interest in hashes needs to take a bite.  What
it looks like to my very untrained eye is an implementation of one of a
handful of the SHA2 hashes* (i.e., incomplete) which was taken in 10 years
ago from another source and maintained independently and never used in a
way that would expose implementation defects beyond what various compilers
and static analysis tools complained about over the years.

*Maybe it is more complete in the 1.x branches; I just noticed that some
unused hashes were ripped out of trunk 10 months ago.

Surely there's a more appropriate place to pick up SHA2?

(But really, somebody with a real interest will hopefully respond.)

Born in Roswell... married an alien...

View raw message