[PATCH] Crypto use in Samba (was: Re: SMB3 encryption performance)

Simo simo at samba.org
Tue Feb 17 07:09:37 MST 2015

On Tue, 2015-02-17 at 09:14 +0100, Volker Lendecke wrote:
> On Tue, Feb 17, 2015 at 11:56:01AM +1300, Andrew Bartlett wrote:
> > The latest unreleased version of GnuTLS seems to provide it.  Also, the
> > latest protocol version seems to use the GCM mode. 
> It will take a couple of years before this trickles into the relevant
> distros. I think we need to drop GnuTLS then and look for something
> else. OpenSSL seems impossible because I don't think we can change our
> license. Another one that advertises HW support is libgcrypt then. Or
> for this special use case we might grow something on our own? This can't
> be rocket science.

Crypto is harder than rocket science, please let's not try to do our
libgcrypt is also an option, but I wouldn't discard using OpenSSL, even
if it requires us to add an exception to the license. I do not think it
would be too hard. We changed license on parts of samba before, this is
not different.


Simo Sorce

More information about the samba-technical mailing list