[PATCH] Crypto use in Samba (was: Re: SMB3 encryption performance)
Simo
simo at samba.org
Tue Feb 17 07:09:37 MST 2015
On Tue, 2015-02-17 at 09:14 +0100, Volker Lendecke wrote:
> On Tue, Feb 17, 2015 at 11:56:01AM +1300, Andrew Bartlett wrote:
> > The latest unreleased version of GnuTLS seems to provide it. Also, the
> > latest protocol version seems to use the GCM mode.
>
> It will take a couple of years before this trickles into the relevant
> distros. I think we need to drop GnuTLS then and look for something
> else. OpenSSL seems impossible because I don't think we can change our
> license. Another one that advertises HW support is libgcrypt then. Or
> for this special use case we might grow something on our own? This can't
> be rocket science.
Crypto is harder than rocket science, please let's not try to do our
own.
libgcrypt is also an option, but I wouldn't discard using OpenSSL, even
if it requires us to add an exception to the license. I do not think it
would be too hard. We changed license on parts of samba before, this is
not different.
Simo.
--
Simo Sorce
More information about the samba-technical
mailing list