Wireshark mailing list archives
Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed?
From: Pascal Quantin <pascal () wireshark org>
Date: Mon, 12 Jul 2021 21:26:00 +0200
Hi Matthias, Le lun. 12 juil. 2021 à 21:22, Dr. Matthias St. Pierre < Matthias.St.Pierre () ncp-e com> a écrit :
Hi all, in wsgcrypt.h the libgcrypt version is checked to ensure that it supports AEAD ciphers: #if GCRYPT_VERSION_NUMBER >= 0x010600 /* 1.6.0 */ /* Whether to provide support for authentication in addition to decryption. */ #define HAVE_LIBGCRYPT_AEAD #endif (see [1]) Given the fact that libgcrypt 1.6.0 was released in 2013-12-16 (see [2]), I was wondering whether after such a long time it would be acceptable to simplify all the conditional code depending on HAVE_LIBGCRYPT_AEAD by making GCRYPT_VERSION_NUMBER >= 0x010600 a requirement and removing the #else code parts. The reason why I am asking is because the packet-isakmp dissector has some conditional code to emulate AES-GCM using AES-CTR in the absence of HAVE_LIBGCRYPT_AEAD which I'd like to remove. I did some git history research and noticed that there were some recent commits in 2020 related to fixing compilation without HAVE_LIBGCRYPT_AEAD (see [3]). However, I'm not sure whether this was done deliberately to support libgcrypt < 1.6.0 or just out of habit because nobody considered the option of removing the legacy check.
If some changes were done to fix the compilation, it means that some people still use a libgcrypt version older than 1.6.0. And as seen in our CMakeLists.txt file, the minimum version required for now is 1.5.0. Best regards, Pascal.
Regards, Matthias [1] https://gitlab.com/wireshark/wireshark/-/blob/06ed6930dc602b5b3b1a79a176272c1846840f8f/wsutil/wsgcrypt.h#L32-35 [2] https://github.com/gpg/libgcrypt/blob/ccfa9f2c1427b40483984198c3df41f8057f69f8/NEWS#L673 [3] output of: for f in $(git grep -l HAVE_LIBGCRYPT_AEAD); do \ git annotate $f | grep HAVE_LIBGCRYPT_AEAD; \ done | awk '{print $1}' | sort | uniq | xargs git show --oneline --pretty=reference --no-patch | grep -w fix 03af5553eb (ssl-utils: fix compilation if not HAVE_LIBGCRYPT_AEAD., 2018-03-15) 151ee60555 (http3: fix build without support for AEAD cipher suites., 2020-08-10) 8c99f4de8d (QUIC: fix compilation without HAVE_LIBGCRYPT_AEAD, 2020-11-19) 90c3e7dead (QUIC: fix build error without LIBGCRYPT_AEAD, 2020-07-13) e7642e162f (TLS: fix build error without LIBGCRYPT_AEAD, 2020-07-13) e846d238d7 (QUIC: fix compile without LIBGCRYPT_AEAD, 2020-08-10)___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Dr. Matthias St. Pierre (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Pascal Quantin (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? John Thacker (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Dr. Matthias St. Pierre (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Joakim (Jul 18)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Dr. Matthias St. Pierre (Jul 19)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? John Thacker (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Pascal Quantin (Jul 12)
- Re: Can the legacy HAVE_LIBGCRYPT_AEAD check be removed? Dr. Matthias St. Pierre (Jul 12)