[PATCH] Revert "Revert "Render: Use built-in SHA1 library""

Tiago Vignatti tiago.vignatti at nokia.com
Tue Apr 13 10:54:06 PDT 2010


On Tue, Apr 13, 2010 at 06:56:56PM +0200, ext Carl Worth wrote:
> 
> It does seem clear to me that several people/projects want a tiny SHA1
> implementation. In the notmuch project, I needed SHA1 and ended up not
> linking against openssl, but instead included a copy of the libsha1 code
> From Brian Gladman and Mikhail Gusarov. (Code which I originally found
> in my email inbox in response to using openssl for SHA1 in X).
> 
> Of course, people complained about me embedding a copy of code, and that
> I should instead be using some library function to ease the ability of
> distributions tracking security bugs, etc.
> 
> It does seem to me that it would be useful to have a tiny library that
> just did SHA1. Then it could be packaged in the distributions, both the
> X server and notmuch could use it, and everyone could be happy.

Seems openssl can be used by all our supported OSes. Therefore we could use a 
black and white approach: either openssl or libsha1. That's fine for me.

Julian, Jeremy, Matthieu, Mikhail, Keith [0]? 


> Are the linker bugs that make it expensive to load many small libraries
> instead of one large library still prevalent, or have those been fixed?

I don't think this is a issue here. Would be nice to hear someone else input
about this.

 
> "Eventual" performance regressions? Are you trying to set things up so
> that we can test future problems when they arise? Or are there current
> regressions you've seen that you'd like to investigate?

I tried to say that I haven't seen any problem so far, neither tested for 
performance regressions.


Cheers,

[0] thanks git-blame!
                            Tiago


More information about the xorg-devel mailing list