From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id A23C9431FC0; Fri, 27 Nov 2009 22:22:16 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id H7hjlaqb09Jg; Fri, 27 Nov 2009 22:22:16 -0800 (PST) Received: from cworth.org (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id EB12D431FAE; Fri, 27 Nov 2009 22:22:15 -0800 (PST) From: Carl Worth To: "Jeffrey C. Ollie" , Not Much Mail In-Reply-To: <1259378883-9181-1-git-send-email-jeff@ocjtech.us> References: <1259378883-9181-1-git-send-email-jeff@ocjtech.us> Date: Fri, 27 Nov 2009 22:22:01 -0800 Message-ID: <87zl67rwxi.fsf@yoom.home.cworth.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" Subject: Re: [PATCH] Use libgcrypt for hashing. X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Nov 2009 06:22:16 -0000 --=-=-= On Fri, 27 Nov 2009 21:28:03 -0600, "Jeffrey C. Ollie" wrote: > Instead of including a private implementation of the SHA1 hash, use > libgcrypt. This means less code of our own to maintain and it will be > easier to switch to a different hash function like SHA256. I don't believe we have a significant code-maintenance burden with libsha1.c. And as for different hash functions, the only use of sha-1 in notmuch is as a fallback in the case of a message not including a Message-ID header. So I don't see it as important at all to try to remove this code. > libgcrypt was chosen because it has a fairly simple API, it's well > tested (it's used in gnutls and gnupg2), and it's licensed under the > LGPL. What might make more sense is an option to compile against an existing library (if present) but not to introduce an error in the build if the library is not present, (in which case just build the builtin libsha1.c code). But if that wouldn't solve the problem you were trying to solve, (to actually remove libsha1.c), then maybe we don't need to do anything for now? -Carl --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iD8DBQFLEMGJ6JDdNq8qSWgRAvfWAJ4oS+MggzMOlvdSsXg7pkkdII/KYgCfaC2d klL7VI/fykiVkVECXRP9OJI= =3s26 -----END PGP SIGNATURE----- --=-=-=--