Damien Miller <djm@xxxxxxxxxxx> wrote: > On Sun, 31 Aug 2025, Dimitri John Ledkov wrote: > > > From OpenSSL v3 documentation https://docs.openssl.org/3.0/man3/EVP_sha1/#notes: > > > > Developers should be aware of the negative performance implications > > of calling this function multiple times and should consider using > > EVP_MD_fetch(3) with EVP_MD-SHA1(7) instead. See "Performance" in > > crypto(7) for further information. > > hash/MAC instantiation doesn't happen very often in OpenSSH. Does this > change yield any observable performance benefit? ("make unit-bench" > might help here). I think that cpp (meaning #ifdef) is an amazing programming language with extremely strong negative incentive to not test the other codepath when a change is made. Dangerously so. There's got to be strong benefit, before this kind of thing gets done. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
