On Tue, Feb 09, 2010 at 04:13:26PM +0100, Erik Faye-Lund wrote: > On Tue, Feb 9, 2010 at 4:06 PM, Jeff King <peff@xxxxxxxx> wrote: > > On Tue, Feb 09, 2010 at 09:09:01PM +0900, Hitoshi Mitake wrote: > > > >> base64.c | 122 ++++++++ > >> base64.h | 36 +++ > >> md5.c | 600 +++++++++++++++++++++++++++++++++++++++ > >> md5.h | 61 ++++ > >> md5_hmac.c | 137 +++++++++ > >> md5_hmac.h | 36 +++ > > > > That's a lot of extra code. Doesn't imap-send already conditionally > > compile against openssl for starttls support? Can't we just get all > > three of these algorithms from openssl? > > > > I don't think OpenSSL includes SASL-support that is needed for > STARTTLS. But it might make sense to use something like GSASL[1] > instead of rolling all the SASL-mechanisms ourselves. Did you mean "SASL-support that is needed for CRAM-MD5"? The SASL needed for that is pretty simple. Hitoshi's patch 3/4 does all of that already in less than 100 lines. Using a "real" sasl library might get us more authentication methods than CRAM-MD5, but I don't know that anyone necessarily cares about them. But using openssl to replace the low-level routines in patches 1+2 would drop almost 1000 lines, and not significantly change his 3/4. Personally, I don't care either way about using a SASL library. It's an extra dependency, but one that is optional for this feature. But somebody will have to do the work to integrate it, whereas I think using openssl is only a few lines of change. If somebody wants to do that work, then great. -Peff -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html