Hi,
> The kernel.org mail thread, about cryptodev, starts here:
> http://www.ussg.iu.edu/hypermail/linux/kernel/0408.3/0250.html
They have refused it for it's "crappyness" and bad API design. As
usualy, they are probably true (they are kernel guys after all).
> Currently md5sum (from coreutils), passwd (from shadow), util-linux,
Why don't build OpenSSL sooner and make them use it instead?
> openssh,
It uses OpenSSL:
#if defined(HAVE_MD5_PASSWORDS) && !defined(HAVE_MD5_CRYPT)
#include <openssl/md5.h>
> and many others, each build in their own md5 library. If there were a
> vulnerability in md5 tommorrow we would have to investigate every installed
> package to check which are affected.
Agreed.
> Using a kernel module for all md5 hashes
> means only one module would need to be upgraded. This performs better, makes
> things easier to upgrade, and uses less storage space.
As well as shared library.
# EOF
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
