Hi Tim, On Mon, Jun 08, 2020 at 02:06:29PM +0200, Tim Duesterhus wrote: > Willy, > > I know it's late in the cycle, but I don't expect a new converter to break > anything unrelated. > > I also made sure to add a very exhaustive reg-test verifying the correct > behavior of the new converter to make sure that it does not need any last > minute fixes. This time I also made sure to specify a proper value for > REQUIRE_VERSION to avoid you needing to fix up my reg-tests, using new > features within reg-tests is just too tempting :-/ > > Best regards > Tim Düsterhus > > Apply with `git am --scissors` to automatically cut the commit message. > > -- >8 -- > memcmp compares two binary strings in constant time.
(...) I'd say that the name is quite misleading if you want to enforce the constant time requirement, because memcmp() is well known and initially I didn't understand the forced dependency on openssl which can be quite surprizing for the user, especially since no other converter proceeds like this. I think that instead it could be done slightly differently, by using CRYPTO_memcmp() when openssl is present or memcmp() when not, and documenting that the constant time is enforced when haproxy is compiled with openssl. Otherwise, maybe create two converters, memcmp() and maybe secure_memcmp() or whatever, the latter being only available with openssl, and promising constant time. But quite frankly I don't think there's much interest in constant time in environments where openssl is not built in. What do you think ? Thanks, Willy
