> My recommendation is to build for the generic case, and document the
> optimizations available for each platform, and why someone would want
> to (or not want to) use them. Slow and working is always preferable to
> a fast crash.
Let me explain why we need the CPU version:
OpenSSL contains optimized assembler implementations for a number of
cryptographic algorithms. They are only used when you configure the
library for Intel processors, not in the generic case ("Configure cc").
The SHA-1 implementation uses the bswap instruction, which is not
available on the i386. (I consider it a bug if an operating system
doesn't catch the exception and emulate bswap, but apparently OS
authors don't buy into the "slow and working" philosophy.) SHA-1 is
considerably slower with the swap done stepwise, so we do that only
when OpenSSL is built on a 386 or the user explicitly requests it.
The INSTALL file contains the following explanation in a prominent
position:
| There are several options to ./config to customize the build:
|
| rsaref Build with RSADSI's RSAREF toolkit.
| no-asm Build with no assembler code.
| 386 Use the 80386 instruction set only (the default x86 code is
| more efficient, but requires at least a 486).
Given the current market share of i386 processors, I believe that is a
reasonable solution.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
