In perl.git, the branch blead has been updated <http://perl5.git.perl.org/perl.git/commitdiff/fab3d10781b2a5e8067e1e72de1f16af573fe356?hp=5c24ac0b0c104d20c33f36ee47a3ab87844d7f7f>
- Log ----------------------------------------------------------------- commit fab3d10781b2a5e8067e1e72de1f16af573fe356 Author: Daniel Dragan <[email protected]> Date: Fri Jul 26 22:01:00 2013 -0400 comments only, explain the different ONE_AT_A_TIME algos Seeing 3 hash algos with the same name is confusing. If they are the same name ("one at a time"), then why are there 3 different ones? What are the differences (without reading the code)? What are the pros and cons of each? INSTALL lists the ONE_AT_A_TIME algos as existing, but doesn't explain why there are 3 of them. Patch with jkeenan suggestions. ----------------------------------------------------------------------- Summary of changes: hv_func.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/hv_func.h b/hv_func.h index 7678807..b2bde90 100644 --- a/hv_func.h +++ b/hv_func.h @@ -472,6 +472,16 @@ S_perl_hash_sdbm(const unsigned char * const seed, const unsigned char *str, con return hash; } +/* - ONE_AT_A_TIME_HARD is the 5.17+ recommend ONE_AT_A_TIME algorithm + * - ONE_AT_A_TIME_OLD is the unmodified 5.16 and older algorithm + * - ONE_AT_A_TIME is a 5.17+ tweak of ONE_AT_A_TIME_OLD to + * prevent strings of only \0 but different lengths from colliding + * + * Security-wise, from best to worst, + * ONE_AT_A_TIME_HARD > ONE_AT_A_TIME > ONE_AT_A_TIME_OLD + * There is a big drop-off in security between ONE_AT_A_TIME_HARD and + * ONE_AT_A_TIME + * */ /* This is the "One-at-a-Time" algorithm by Bob Jenkins * from requirements by Colin Plumb. -- Perl5 Master Repository
