including list. On Fri, Dec 26, 2014 at 5:35 PM, stephen Turner <[email protected]> wrote:
> speaking of which (and going back to "simple is complex"), i have an >> openssl- (or boringssl-)based md5sum/sha1sum implementation that adds >> all the other shas too. (a toybox built with all these is actually a >> couple of hundred bytes larger than the one with just md5/sha1sum, but >> that's because of the duplicated help strings.) >> >> i know one of your goals is to minimize dependencies, but for us the >> goal of minimizing duplication (and thus amount of code to audit) is >> probably stronger. i suspect no one really cares that the toybox >> hashes are slower than the openssl ones, but the security folks >> probably will care about having another TLS implementation. (and >> things like reimplementing zlib and bunzip2 probably fall somewhere in >> between.) >> > > in regards to openssl, tls, and the like, would these be reusable > implementations for webkit and other web browser backends? If other > programs will be able to use then i would say to implement it to its > fullest needed to support the majority of applications. otherwise if its > only for internal support the bare minimum needed would be fine. > > >> yeah, i was hoping to abdicate responsibility for subsetting and was >> disappointed to find that 'default' didn't mean "you probably want >> this". but it makes sense, and the subset that one project needs isn't >> necessarily going to be the same as any other project. >> >> > If were referring to defconfig i would hope it would include all intended > to be included toybox apps that are currently stable or at least have an > option that behaves in the same way. >
_______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
