On 05/07/12 20:00, [email protected] wrote: > Source: aircrack-ng > Version: 1:1.1-3 > Severity: important > > Hi, > > aircrack-ng currently fails to build from source on most > architectures: > https://buildd.debian.org/status/package.php?p=aircrack-ng > > If nobody plans to fix the actual problem soon, > I suggest building the package for i386 and amd64 only. > > I'd rather see Wheezy shipped with aircrack-ng built for these > architectures (where it's the most likely to be used) only for none > at all. > > Thanks for maintaining aircrack-ng in Debian! > > >
Hello, The problem is related to the GnuTLS/gcrypt patch (See #642934) . This patch broke the function calc_pmk() on crypto.c However, on x86/AMD64 this function is not used because there is a SSE2 optimized version that is used instead (calc_4pmk() on sha1-sse2.h). So this bug is completely unnoticed until you test aircrack-ng on a non-sse2 machine. I am already aware of this and I have a new version of the patch that fixes this issue... However it turns out that GnuTLS/gcrypt is terribly slow when compared with OpenSSL doing sha1 calculations. The previous benchmarks that I did were completely wrong because I did it on a AMD64 machine, and therefore aircrack-ng was using the SSE2 optimized calc_4pmk() function instead of calc_pmk(). So I have been researching about the fastest sha1 implementations, and I ported the calc_pmk() function to 5 different sha1 implementations: Number of wpa keys tested per second (on a Nokia N9 (armel)): ------------------------------------------------------------- Sha1 code from OpenSSL (original one): 163.76 k/s Sha1 code from Gcrypt (GnuTLS) : 23.02 k/s Sha1 code from GNUlib (sha1sum from coreutils) : 146.08 k/s Sha1 code from wpa_supplicant (1.0) : 73.81 k/s Sha1 code from Beecrypt : 116.85 k/s Sha1 code from git : 162.33 k/s It turns out that the fastest sha1 implementation (after OpenSSL) is the git one. So for the time being, I think I am going to borrow the sha1 code from git and use it wherever possible instead of the GnuTLS/gcrypt sha1 functions. I want also to build a small testcase to automatic test all functions of crypto.c to ensure that everything behave exactly in the same way with OpenSSL than with this patch (GnuTLS/sha1-git) to prevent more issues related to this on the future. I don't think that the current version (1:1.1-3) should go into Wheezy because of this issues. Perhaps (1:1.1-4) if the release team give an exception could be the only chance of having aircrack-ng on Wheezy. Will be working on this... thanks for reporting the issue! Best regards! -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Carlos Alberto Lopez Perez http://neutrino.es Igalia - Free Software Engineering http://www.igalia.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
signature.asc
Description: OpenPGP digital signature

