From: Junio C Hamano <gitster@pobox.com>
To: David Aguilar <davvid@gmail.com>
Cc: Tim Harper <timcharper@gmail.com>,
Eric Sunshine <sunshine@sunshineco.com>,
Jack Nagel <jacknagel@gmail.com>, Git List <git@vger.kernel.org>
Subject: Re: Combining APPLE_COMMON_CRYPTO=1 and NO_OPENSSL=1 produces unexpected result
Date: Fri, 15 Jan 2016 10:52:42 -0800 [thread overview]
Message-ID: <xmqqfuxyisjp.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <20160102234923.GA14424@gmail.com> (David Aguilar's message of "Sat, 2 Jan 2016 15:49:23 -0800")
David Aguilar <davvid@gmail.com> writes:
> I think the best long-term solution would be to abandon the
> CommonCrypto backend, if possible. There's not a strong reason
> for its existence. It always seemed kinda hacky, and bolted-on.
> ...
>> A few questions we should be asking Apple users are:
>>
>> - Is there a strong-enough reason why those who do not want to use
>> SSL should be able to choose the SHA-1 implementation available
>> from CommonCrypto over block-sha1?
>
> IMO, no.
>
>> - Is CommonCrypto SHA-1 a better implementation than block-sha1?
>
> I do not believe this to be true.
>
> My gut feeling is that we cannot rely on the long-term stability
> and availability of Apple's APIs. Block-sha1 works fine on
> the current Apple hardware and I suspect that it (or openssl)
> will continue to work fine in the future.
> ...
>> If people do not care, we can leave things as they are. It would
>> seem mysterious to use block-sha1 when we are not using CommonCrypto
>> for SSL (i.e. NO_OPENSSL), and otherwise CommonCrypto SHA-1, and
>> would invite a puzzlement we saw in this thread, though.
>
> I'm curious to see what others think about dropping CommonCrypto.
> It seems like a good choice from a maintenance POV.
Judging by a week-long silence, it seems nobody seems to have much
to say on this issue. Let me summon the git_osx_installer
maintainer to hear from somebody who know a lot better than me about
things around OS X.
Thanks.
next prev parent reply other threads:[~2016-01-15 18:52 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-25 15:10 Combining APPLE_COMMON_CRYPTO=1 and NO_OPENSSL=1 produces unexpected result Jack Nagel
2015-12-23 8:51 ` Eric Sunshine
2015-12-28 2:29 ` Junio C Hamano
2016-01-02 23:49 ` David Aguilar
2016-01-15 18:52 ` Junio C Hamano [this message]
2016-01-15 20:28 ` Eric Sunshine
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqfuxyisjp.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=davvid@gmail.com \
--cc=git@vger.kernel.org \
--cc=jacknagel@gmail.com \
--cc=sunshine@sunshineco.com \
--cc=timcharper@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.