Re: missing file

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: missing file

From:	Nikos Mavrogiannopoulos
Subject:	Re: missing file
Date:	Thu, 3 Dec 2009 17:17:15 +0200

On Thu, Dec 3, 2009 at 3:59 PM, Simon Josefsson <address@hidden> wrote:
> Nikos Mavrogiannopoulos <address@hidden> writes:
>
>> The cryptodev for linux module is at:
>> http://www.logix.cz/michal/devel/cryptodev/
>> (note that it may not install the crypto/cryptodev.h correctly, thus you 
>> might
>> need to copy it by yourself).
>
> Thanks!  My debian kernel doesn't have /dev/crytpo, so I'll think I'll
> defer testing this for a while...

I think you will wait for long then :) This is an OpenBSD and FreeBSD
interface, I don't know when and if will ever be added to linux
(except for the external patch mentioned above).

>> I will but I need more time to finish this. I might change more stuff.
>> ABI compatibility on the crypto.h is not really an issue- the new code
>> can know whether the old abi is used an return an error.
> ABI compatibility is always an issue, we cannot remove any existing
> interfaces unless we bump the ABI version (and that will cause a
> significant amount of pain for packagers so let's not).  So please add
> compatibility hooks for everything that was removed.

The ABI is part of the API in register functions of crypto.h. It is
different than the other parts of gnutls since you explicitly specify
the ABI version in the calls. Thus ABI is not breaking with my changes
and the compat.c file.

> Maybe the cryptodev stuff should be developed on a branch until your new
> crypto.h ABI has stabilized, if you are thinking of changing more
> things?  I was thinking of making a GnuTLS 2.10.x release with official
> stable support for TLS 1.2 soon, and the 2.9.x branch was relatively
> stable before these changes.

Maybe I should have elaborated on the changes that have occurred. Those are:
1. crypto API cleanup
2. cryptodev

The cleanup merged the MAC and HASH interfaces to a single one to
avoid code duplication and to allow future use of crypto acceleration
of hashes.

The cryptodev change uses kernel drivers for symmetric crypto
algorithms and is not enabled by default.

Both of the changes are currently stable.

(unrelated but I don't think there should be a release without the fix
for renegotiation.)

> compat.c:35: error: no previous prototype for 
> 'gnutls_crypto_single_mac_register2' [-Wmissing-prototypes]
> compat.c:40: error: no previous prototype for 'gnutls_crypto_mac_register2' 
> [-Wmissing-prototypes]

That is because you used -Wmissing-prototypes. Those are compatibility
functions to keep the ABI. I'll add prototypes later.

regards,
Nikos

[Prev in Thread]

Current Thread

[Next in Thread]

Re: missing file, Simon Josefsson, 2009/12/01
- Re: missing file, Nikos Mavrogiannopoulos, 2009/12/01
  - Re: missing file, Simon Josefsson, 2009/12/03
    - Re: missing file, Nikos Mavrogiannopoulos <=
    - Re: missing file, Nikos Mavrogiannopoulos, 2009/12/03

Prev by Date: Re: missing file
Next by Date: Warnings: pointer size vs. integer size
Previous by thread: Re: missing file
Next by thread: Re: missing file
Index(es):
- Date
- Thread