On Thu, Oct 10, 2013 at 4:49 PM, Dirkjan Ochtman <[email protected]> wrote:
> Hi, > > (Sending again from the right mail address, please ignore the other one.) > > I've been hanging out in #apr on Freenode recently, but it appears the > intersection of people hanging out there and active APR committers is > pretty much the empty set. > > I recently filed > https://issues.apache.org/bugzilla/show_bug.cgi?id=55520 and I wonder > if people had actually seen that. There seems to have been a lot of > talk about an 1.5 release, so I might be late with this, but since the > implementation has already been there, maybe exposing this isn't so > hard? In any case, this seems like a no-brainer to me. > > The reason I've recently gotten interested in APR (and SHA support) is > my work on https://github.com/mozilla/mod_authn_persona. > > Cheers, > > Dirkjan > (Only since nobody responded yet...) Somebody in APR-land with an interest in hashes needs to take a bite. What it looks like to my very untrained eye is an implementation of one of a handful of the SHA2 hashes* (i.e., incomplete) which was taken in 10 years ago from another source and maintained independently and never used in a way that would expose implementation defects beyond what various compilers and static analysis tools complained about over the years. *Maybe it is more complete in the 1.x branches; I just noticed that some unused hashes were ripped out of trunk 10 months ago. Surely there's a more appropriate place to pick up SHA2? (But really, somebody with a real interest will hopefully respond.) -- Born in Roswell... married an alien... http://emptyhammock.com/
