MD4 checksum fix

jw schultz jw at
Wed Apr 9 19:41:26 EST 2003

On Sun, Apr 06, 2003 at 05:29:56PM +1000, Donovan Baarda wrote:
> On Sun, 2003-04-06 at 16:29, cbarratt at wrote:
> > > It looks like it will work OK, but it's kinda ugly in that starts
> > > embedding version stuff into the mdfour implementation. Still... its
> > > better than the nothing I've produced :-)
> > 
> > Yes, it's certainly not elegant.  An alternative would be to
> > have two different sets of MD4 routines and then have more
> > logic in checksum.c to call the correct routines.  That makes
> > for more changes to checksum.c but avoids a library depending
> > upon a global variable.
> I don't think you need two whole implementations of MD4 routines, just a
> replacement _tail function and replacement _result function to use it.
> Note that truncating the bit count to 32 bits can be done in the _tail
> function.
> It might even turn out easier to just write a _result replacement that
> munges the mdfour struct (ie, truncs the byte count and empties the tail
> buffer) before calling the correct _result implementation.
> These can be put into the checksum.c with the appropriate protocol
> version logic. That way the mdfour.c implementation becomes a fixed
> stand-alone md4 implementation (that can be replaced with faster/cleaner
> standard implementations further down the track).
> > Or we could add a new function in mdfour.c, eg: mdfour_broken(),
> > that gets called once at startup if remote_version < 27.  This
> > would avoid the need for md4 to pull in remote_version.
> This still puts protocol version specific code into mdfour.c, making it
> harder further down the track to drop in a replacement implementation or
> link against a standard md4 library implementation.

I prefer having the remote_version tests in mdfour.c.  That
way it is clear what is going on and when
MIN_PROTOCOL_VERSION <= 27 the old code can be cleaned out.
>From a housekeeping perspective that is better than having a
version of the tail function that eventually has no callers.
This doesn't prevent a drop-in replacement provided the
drop-in replacement still supports the broken checksums as
long as needed.

In any case as there has been no alternative put forward and
this code seems to be accepted as a result-correct solution
i'll commit it tomorrow.

	J.W. Schultz            Pegasystems Technologies
	email address:		jw at

		Remember Cernan and Schmitt

More information about the rsync mailing list