You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@apr.apache.org by Justin Erenkrantz <je...@ebuilt.com> on 2001/06/07 01:06:23 UTC

Re: apr-util, crypto and openssl

On Thu, Jun 07, 2001 at 01:09:28AM +0200, Sander Striker wrote:
> This will mean introducing a dependency on openssl
> for applications, (and until md5 is replaced by something
> that provides randomness, apr too).

That's the problem.  I think introducing OpenSSL is going to be a big
nightmare for httpd (and I'll bet we get tons of -1s on the httpd side
for this).  Whatever httpd needs should probably be in apr-util 
(sha and md5) - everything else can use OpenSSL.

I'd like to hear feedback from others.  I already stated my position
earlier this week.  -- justin