[rtmpdump] [PATCH] Add support for building with gnutls with nettle as backend

Howard Chu hyc at highlandsun.com
Mon Feb 27 10:11:06 CET 2012

Martin Storsjö wrote:
> On Sun, 26 Feb 2012, Howard Chu wrote:
>> Since gcrypt is an utter disaster, and gnutls is using nettle as the default
>> backend now, we could just use nettle and drop gcrypt.
> Yes, that's also totally ok with me.
> As I wrote earlier, this is still missing some verification of the swfhash
> codepaths, I think I've got the rest of it tested already. Once someone
> with access to test urls that actually require the swfhash stuff has
> verified it, please go ahead.

Perhaps we just need to write a separate test wrapper instead; running the 
SWFhash is just a matter of hashing a known input and making sure it matches a 
known output. As long as the underlying SHA functions are correct, this should 
be easy to verify.

>> Of course, gnutls itself is also an utter disaster, with API/ABI
>> compatibility breakages every few months. I really don't see the value in
>> supporting gnutls any further at all. If you want a comprehensive crypto
>> library that works, use OpenSSL. If you want a GPL'd crypto library that
>> works, use PolarSSL. We don't need to support every flavor-of-the-month
>> science project, we only need to support code that's actually usable.
> I'd still vote for keeping it - for many of my use cases, GPL isn't an
> option.

I'll leave it in for now. Gluttons for punishment can use it if they want.

More information about the rtmpdump mailing list