[flac-dev] [PATCH] Optionally, allow distros to use openssl for MD5 verification

[Cristian Rodríguez]

El 07/05/12 06:23, Miroslav Lichvar escribió:
> On Sat, May 05, 2012 at 05:34:31PM -0400, Cristian Rodríguez wrote:
>> This has the advantage of being more efficient than the included
>> routines and allows distros to centralize crypto mainteniance on
>> a few libraries.
>
> Isn't the OpenSSL license incompatible with GPL? IANAL, but I think
> the flac and metaflac utilities can't be linked with OpenSSL unless
> there is an exception in the flac license which would require getting
> the permission from all contributors.

flac and metaflac do not use openSSL, only libFLAC does.

> I'd suggest to use the NSS library instead. It has an API just for
> hashing (NSSLOWHASH) which can be used with just one small library
> (freebl3) instead of the whole NSS stack.

And hence loosing all benefits from my patch, NSS does not have :

- Hardware assisted hashing
- NSSLOWHASH does not have documentation
- freedbl is not linked to any application in my full blow desktop, but 
openssl libcrypto is used widely, hence at least its codepaths are 
better excersized.

Personally I don't see any technical reason to use a different library 
other than politics and obscure potential license incompatibilities.

PS: I know NSS is the choice for this "design by comittee" thing "Crypto 
consolidation" in distributions that some suits are trying to push on, 
but Im glad to see it has failed miserably ;-)