cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Support for GnuTLS/nettle

From: Martin Storsjö <martin_at_martin.st>
Date: Tue, 15 Nov 2011 14:41:59 +0200 (EET)

On Tue, 15 Nov 2011, Daniel Stenberg wrote:

> On Tue, 15 Nov 2011, Martin Storsjö wrote:
>
>> The big question that remains, however, is how to detect this setup - the
>> current gnutls+gcrypt check in configure simply checks that we can link to
>> gcrypt.
>
> The check for gcrypt explicitly is actually there for a reason. We rely on
> gcrypt for the NTLM code when GnuTLS is used. So unless you modified that
> part of the code, you actually need both nettle and gcrypt for the moment.

This is exactly what the patch I attached does - it adds code for using
nettle instead of gcrypt in the NTLM (and md5), which I've tested to pass
all tests.

> Once add support to the NTLM code to use nettle instead, we could probably
> use the GnuTLS version as a way to tell which crypto layer to check for first
> (nettle, gcrypt) and if the primary fails we can check for the other.

That might also be a good indicator, yeah.

// Martin

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-11-15