[PATCH] Revert "lib: Fix deps for LIBCRYPTO" because arcfour need DATA_BLOB
Volker.Lendecke at SerNet.DE
Mon Jun 29 00:42:28 MDT 2015
On Sat, Jun 27, 2015 at 06:17:49PM +1200, Andrew Bartlett wrote:
> I realise that the lack of separate header dependencies vs linker
> dependencies is annoying in some corner cases, but if we start this, it
> will end in some quite strange places, and undo the good work we have
> done in avoiding many of the the security and overflow issues that bare
> length-value pairs encourage.
I'm with you at a higher level. But the very basic arcfour routines,
is that really required there? I'd rather create a small wrapper where
the core engine has no dependencies to Samba libraries at all and then
write a tiny wrapper wrapping the DATA_BLOB.
When we exchange our crypto to something system-provided, that won't
have DATA_BLOB either.
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical