Re: [Freeipmi-devel] md2/md5 ...

[Anand Babu]

,----[ Albert Chu <address@hidden> ]
| > I think it is not worth having dependency on another library just
| > for MD2/5 algorithm.
| 
| Agreed.  I think I initially thought md2/md5 was far more difficult to
| code than it really is.  I've already integrated md2/md5 into
| ipmipower.  The code is extremely ugly though.
`----
Don't bother about code cleanliness. Call it version 0.0.1 ;)
It is some times easy to get a working version and then clean it up.

,----[ Albert Chu <address@hidden> ]
| Once we can get savannah back, my plan is to modify the
| assemble_lan_packet to assemble the lan packet based on the
| authentication type passed in.
| 
| i.e.
| 
| if authtype == NONE, build packet with no authcode buffer in session
| header if authtype == passwd, build packet with password copied in if
| authtype == md2, build packet with md2 checksum in authcode if
| authtype == md5, build packet with md2 checksum in authcode
| 
| Otherwise the code gets ridiculously ugly.
`----
Clean and Perfect. 

-ab

----- Original Message -----
From: Anand Babu <address@hidden>
Date: Saturday, December 20, 2003 11:22 am
Subject: Re: [Freeipmi-devel] md2/md5 ...

> ,----[ Albert Chu <address@hidden> ]
> | Last night I decided to program md2 just for fun.  I have a bit of
> | debugging to do, but for the most part it was very easy.  Took 
> around| an hour or so to get the core code done.  I may have grossly
> | overestimated the difficulting of programming md2/md5.  Perhaps we
> | should write our own implementations for freeipmi.
> `----
> 
> I think it is not worth having dependency on another library just for
> MD2/5 algorithm. Doesn't matter if we copy and strip down a version
> into our source just for IPMI.
> 
> Having lot of dependencies for system tools is a hassle for System
> Administrators, especially when they are in trouble-shooting
> mode. Most of the time, only when some thing breaks, network goes
> down, or in a panic situation, a system administrator's attention will
> be required. If has to meet package dependencies to bring up the
> system, ...
> 
> -ab
> 
> 
> ----- Original Message -----
> From: Albert Chu <address@hidden>
> Date: Tuesday, December 16, 2003 4:02 pm
> Subject: [Freeipmi-devel] md2/md5 ...
> 
> > Hey AB,
> > 
> > I'd like to look at adding md2 and md5 authentication to ipmipower
> > semi-soon.  What do you see as the best method for adding md2/md5
> > hashing algorithms to freeipmi ... 
> > 
> > A) Make a freeipmi rpm module dependency to some other common crypto
> > library, like openssl or nss.
> > B) Package some sub-library along with freeipmi ("libfoocrypto"). 
> 
> > C) write our own md2/md5 hashing algorithms for freeipmi ...
> > 
> > Pros
> > 
> > A) Easiest, put development on other people
> > 
> > B) Pretty darn easy, have to update as other developers update, 
> not a
> > huge deal.
> > 
> > C) no restrictions on licensing/anything ... 
> > 
> > Cons
> > 
> > A) I haven't the slightest idea how popular/widespread packages like
> > openssl or nss are.  Yeah they are reasonably popular, but I don't
> > really know.
> > 
> > B) Some of the good crypto libraries seem to have funny licensing 
> > issues.  Like we'd have to package their entire library, not just 
> > the md2/md5
> > algorithms.  
> > 
> > C) I think it'd be a good excercise to code these algorithms out, 
> but> they're not exactly a walk in the park.  I can't help but see 
> porting> issues.  Not to mention wasted effort, since there are 
> tons of
> > implementations out there already.
> > 
> > Al
> > 
> > --
> > Albert Chu
> > address@hidden
> > Lawrence Livermore National Laboratory
> > 
> > 
> > 
> > _______________________________________________
> > Freeipmi-devel mailing list
> > address@hidden
> > http://mail.nongnu.org/mailman/listinfo/freeipmi-devel
> > 
> 
> 
> 
> _______________________________________________
> Freeipmi-devel mailing list
> address@hidden
> http://mail.nongnu.org/mailman/listinfo/freeipmi-devel
> 
> 
> -- 
> _.|_ 
> (_||_)
> Free as in Freedom <www.gnu.org>
> 



-- 
 _.|_ 
(_||_)
Free as in Freedom <www.gnu.org>