Switch to MbedTLS #447
Switch to MbedTLS #447
Conversation
|
As far as I can tell, the AppVeyor failure doesn't seem related to this PR. |
|
Julia 0.4 has this? |
|
mbedtls doesn't ship with .4, but MbedTLS will still build(/binaries will be fetched) fine on .4. |
|
Yeah, looks like a separate AppVeyor problem (with Conda). |
| function hmac(s1,s2,s3,s4) | ||
| if isempty(hmacstate) | ||
| if !isdefined(hmacstate, :x) |
There was a problem hiding this comment.
Julia should really have an isdefined(x::Ref) = isdefined(x, :x) method...
|
Bump. |
|
what is wrong with nettle exactly? |
|
It's just one more binary dependency that can cause trouble. With mbedtls
|
|
except that mbedtls.jl doesn't use the bundled library yet, so you're trading one download for another. |
|
It's just a matter of getting that PR in On Wed, Sep 7, 2016 at 4:13 PM Tony Kelman notifications@github.com wrote:
|
|
by "in" you mean "working" right? ref JuliaLang/MbedTLS.jl#66 |
|
I believe MbedTLS now indeed correctly uses the pre-shipped binaries, so time to revisit this. |
|
only on Julia 0.5 |
|
Still, MbedTLS will just build/download as a normal external dependency on .4 as Nettle does now. Or were you thinking on Julia <.5 IJulia would still use Nettle? For that, I guess we'd to tag a minor version of IJulia that bumps the Julia requirement to .5. |
|
That's probably worth doing when making this change, rather than trying to worry about one more permutation in which we need to keep things working. If Nettle works fine on 0.4, probably better to leave it be. |
| @@ -1,5 +1,5 @@ | |||
| julia 0.4 | |||
There was a problem hiding this comment.
also in travis and appveyor, if stevengj agrees about now (well, after #502 gets merged and tagged first) being an okay time to drop 0.4
There was a problem hiding this comment.
Yes, I think dropping 0.4 should be fine.
|
@stevengj I think this is good to go now |
| @@ -64,7 +64,7 @@ function init(args) | |||
| if signature_scheme[1] != "hmac" || length(signature_scheme) != 2 | |||
| error("unrecognized signature_scheme $signature_scheme") | |||
| end | |||
| push!(hmacstate, HMACState(signature_scheme[2], profile["key"])) | |||
| hmacstate[] = MbedTLS.MD(MbedTLS.MD_SHA256, profile["key"]) | |||
There was a problem hiding this comment.
I just noticed that this assumes signature_scheme[2] == "sha256"
|
I'll take a look today
…On Mon, Jan 23, 2017 at 12:40 PM Steven G. Johnson ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In src/init.jl
<#447 (review)>
:
> @@ -64,7 +64,7 @@ function init(args)
if signature_scheme[1] != "hmac" || length(signature_scheme) != 2
error("unrecognized signature_scheme $signature_scheme")
end
- push!(hmacstate, HMACState(signature_scheme[2], profile["key"]))
+ hmacstate[] = MbedTLS.MD(MbedTLS.MD_SHA256, profile["key"])
I just noticed that this assumes signature_scheme[2] == "sha256"
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#447 (review)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA8Svaf46l3WSkVmi-qdV224kzBKxpnIks5rVPP_gaJpZM4JjzsY>
.
|
Since Julia ships with MbedTLS binaries now, I'm trying to switch over packages from Nettle.