[PATCH 0/2] When DC_SHA1 was made the default we missed a spot

[PATCH 0/2] When DC_SHA1 was made the default we missed a spot

[Ævar Arnfjörð Bjarmason]

When SHADC was made the default in 2.13.0 we forgot that NO_OPENSSL=1
would still turn it off implicitly, and that Windows would use
BLK_SHA1=1 by default thinking it would be getting the OpenSSL
version.

Ævar Arnfjörð Bjarmason (2):
  Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1
  Windows: stop supplying BLK_SHA1=YesPlease by default

 Makefile         | 2 --
 config.mak.uname | 1 -
 configure.ac     | 1 -
 3 files changed, 4 deletions(-)

-- 
2.15.1.424.g9478a66081

[PATCH 1/2] Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1

[Ævar Arnfjörð Bjarmason]

Stop supplying BLK_SHA1=YesPlease when NO_OPENSSL=UnfortunatelyYes is
supplied. This has been done ever since [1], when switching to DC_SHA1
by default in [2] this should have been changed as well.

1. dd53c7ab29 ("[PATCH] Support for NO_OPENSSL", 2005-07-29)

2. e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17)

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 Makefile     | 2 --
 configure.ac | 1 -
 2 files changed, 3 deletions(-)

diff --git a/Makefile b/Makefile
index 32c170687c..7e1da28b6f 100644
--- a/Makefile
+++ b/Makefile
@@ -23,7 +23,6 @@ all::
 # it at all).
 #
 # Define NO_OPENSSL environment variable if you do not have OpenSSL.
-# This also implies BLK_SHA1.
 #
 # Define USE_LIBPCRE if you have and want to use libpcre. Various
 # commands such as log and grep offer runtime options to use
@@ -1260,7 +1259,6 @@ ifndef NO_OPENSSL
 	endif
 else
 	BASIC_CFLAGS += -DNO_OPENSSL
-	BLK_SHA1 = 1
 	OPENSSL_LIBSSL =
 endif
 ifdef NO_OPENSSL
diff --git a/configure.ac b/configure.ac
index 2f55237e65..7f8415140f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -241,7 +241,6 @@ AC_MSG_NOTICE([CHECKS for site configuration])
 # a bundled SHA1 routine optimized for PowerPC.
 #
 # Define NO_OPENSSL environment variable if you do not have OpenSSL.
-# This also implies BLK_SHA1.
 #
 # Define OPENSSLDIR=/foo/bar if your openssl header and library files are in
 # /foo/bar/include and /foo/bar/lib directories.
-- 
2.15.1.424.g9478a66081

[PATCH 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Ævar Arnfjörð Bjarmason]

Using BLK_SHA1 in lieu of the OpenSSL routines was done in [1], but
since DC_SHA1 is now the default for git in general it makes sense for
Windows to use that too, this looks like something that was missed
back in [2].

As noted in [3] OpenSSL has a performance benefit compared to BLK_SHA1
on MinGW, so perhaps that and the Windows default should be changed
around again, but that's a topic for another series, it seems clear
that this specific flag is nobody's explicit intention.

1. 9bccfcdbff ("Windows: use BLK_SHA1 again", 2009-10-22)

2. e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17)

3. 2cfc70f0de ("mingw: use OpenSSL's SHA-1 routines", 2017-02-09)

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 config.mak.uname | 1 -
 1 file changed, 1 deletion(-)

diff --git a/config.mak.uname b/config.mak.uname
index 685a80d138..6a862abd35 100644
--- a/config.mak.uname
+++ b/config.mak.uname
@@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
 	NO_REGEX = YesPlease
 	NO_GETTEXT = YesPlease
 	NO_PYTHON = YesPlease
-	BLK_SHA1 = YesPlease
 	ETAGS_TARGET = ETAGS
 	NO_INET_PTON = YesPlease
 	NO_INET_NTOP = YesPlease
-- 
2.15.1.424.g9478a66081

Re: [PATCH 1/2] Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1

[Jonathan Nieder]

Hi,

Ævar Arnfjörð Bjarmason wrote:

> Stop supplying BLK_SHA1=YesPlease when NO_OPENSSL=UnfortunatelyYes is
> supplied. This has been done ever since [1], when switching to DC_SHA1
> by default in [2] this should have been changed as well.

I had trouble parsing this, I think for a few reasons:

 1. Too much 'this', so I end up not being able to keep track of what
    has been done ever since (1) and (2)

 2. The ',' should be a ';'

 3. Can the commit names go inline in the message instead of being
    footnotes?  That way, my eye doesn't have to chase so far to
    find what kind of dates you are talking about.

 4. Why should switching to DC_SHA1 by default have resulted in
    simply dropping the NO_OPENSSL => BLK_SHA1 behavior?  At first
    glance it would be more intuitive to change it to
    NO_OPENSSL => DC_SHA1 instead.

Putting those all together, I end up with

 Use the collision detecting SHA-1 implementation by default even
 when NO_OPENSSL is set.

 Setting NO_OPENSSL=UnfortunatelyYes has implied BLK_SHA1=1 ever since
 the former was introduced in dd53c7ab29 (Support for NO_OPENSSL,
 2005-07-29).  That implication should have been removed when the
 default SHA-1 implementation changed from OpenSSL to DC_SHA1 in
 e6b07da278 (Makefile: make DC_SHA1 the default, 2017-03-17).  Finish
 what that commit started by removing the BLK_SHA1 fallback setting so
 the default DC_SHA1 implementation can be used.

What happens if I set both OPENSSL_SHA1 and NO_OPENSSL?  Should this
block set

	OPENSSL_SHA1 =

so that the latter wins, or should we detect it as an error?

[...]
> --- a/Makefile
> +++ b/Makefile
> @@ -23,7 +23,6 @@ all::
>  # it at all).
>  #
>  # Define NO_OPENSSL environment variable if you do not have OpenSSL.
> -# This also implies BLK_SHA1.
>  #
>  # Define USE_LIBPCRE if you have and want to use libpcre. Various
>  # commands such as log and grep offer runtime options to use
> @@ -1260,7 +1259,6 @@ ifndef NO_OPENSSL
>  	endif
>  else
>  	BASIC_CFLAGS += -DNO_OPENSSL
> -	BLK_SHA1 = 1
>  	OPENSSL_LIBSSL =
>  endif
>  ifdef NO_OPENSSL
> diff --git a/configure.ac b/configure.ac
> index 2f55237e65..7f8415140f 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -241,7 +241,6 @@ AC_MSG_NOTICE([CHECKS for site configuration])
>  # a bundled SHA1 routine optimized for PowerPC.
>  #
>  # Define NO_OPENSSL environment variable if you do not have OpenSSL.
> -# This also implies BLK_SHA1.

With or without some of those commit message tweaks
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

Thanks,
Jonathan

Re: [PATCH 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Jonathan Nieder]

+git-for-windows
Ævar Arnfjörð Bjarmason wrote:

> Using BLK_SHA1 in lieu of the OpenSSL routines was done in [1], but
> since DC_SHA1 is now the default for git in general it makes sense for
> Windows to use that too, this looks like something that was missed
> back in [2].
>
> As noted in [3] OpenSSL has a performance benefit compared to BLK_SHA1
> on MinGW, so perhaps that and the Windows default should be changed
> around again, but that's a topic for another series, it seems clear
> that this specific flag is nobody's explicit intention.

I have some memory of performance issues on Windows when DC_SHA1 was
introduced leading to interest in a mixed configuration with DC_SHA1
only being used where it is security sensitive (e.g. for object naming
but not for packfile trailers).

Did anything come of that?

In any event removing this BLK_SHA1 setting looks like a good change
to me, but I'd rather that Windows folks weigh in.

Thanks,
Jonathan

[...]
> --- a/config.mak.uname
> +++ b/config.mak.uname
> @@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
>  	NO_REGEX = YesPlease
>  	NO_GETTEXT = YesPlease
>  	NO_PYTHON = YesPlease
> -	BLK_SHA1 = YesPlease
>  	ETAGS_TARGET = ETAGS
>  	NO_INET_PTON = YesPlease
>  	NO_INET_NTOP = YesPlease

Re: [PATCH 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Ævar Arnfjörð Bjarmason]

On Wed, Dec 27 2017, Jonathan Nieder jotted:

> +git-for-windows
> Ævar Arnfjörð Bjarmason wrote:
>
>> Using BLK_SHA1 in lieu of the OpenSSL routines was done in [1], but
>> since DC_SHA1 is now the default for git in general it makes sense for
>> Windows to use that too, this looks like something that was missed
>> back in [2].
>>
>> As noted in [3] OpenSSL has a performance benefit compared to BLK_SHA1
>> on MinGW, so perhaps that and the Windows default should be changed
>> around again, but that's a topic for another series, it seems clear
>> that this specific flag is nobody's explicit intention.
>
> I have some memory of performance issues on Windows when DC_SHA1 was
> introduced leading to interest in a mixed configuration with DC_SHA1
> only being used where it is security sensitive (e.g. for object naming
> but not for packfile trailers).
>
> Did anything come of that?

This was Johannes Schindelin (CC'd) on-list when the sha1dc discussion
first came up earlier this year. I.e. it's slower, so we could use
openssl on trusted data and sha1dc on untrusted data, but nothing came
of that.

> In any event removing this BLK_SHA1 setting looks like a good change
> to me, but I'd rather that Windows folks weigh in.

Yup, will CC them + Johannes for v2.

> Thanks,
> Jonathan
>
> [...]
>> --- a/config.mak.uname
>> +++ b/config.mak.uname
>> @@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
>>  	NO_REGEX = YesPlease
>>  	NO_GETTEXT = YesPlease
>>  	NO_PYTHON = YesPlease
>> -	BLK_SHA1 = YesPlease
>>  	ETAGS_TARGET = ETAGS
>>  	NO_INET_PTON = YesPlease
>>  	NO_INET_NTOP = YesPlease

[PATCH v2 0/2] When DC_SHA1 was made the default we missed a spot

[Ævar Arnfjörð Bjarmason]

On Wed, Dec 27 2017, Jonathan Nieder jotted:

Here's v2, the only changes are to the commit messages.

> Ævar Arnfjörð Bjarmason wrote:
>
>> Stop supplying BLK_SHA1=YesPlease when NO_OPENSSL=UnfortunatelyYes is
>> supplied. This has been done ever since [1], when switching to DC_SHA1
>> by default in [2] this should have been changed as well.
>
> I had trouble parsing this, I think for a few reasons:
>
>  1. Too much 'this', so I end up not being able to keep track of what
>     has been done ever since (1) and (2)
>
>  2. The ',' should be a ';'
>
>  3. Can the commit names go inline in the message instead of being
>     footnotes?  That way, my eye doesn't have to chase so far to
>     find what kind of dates you are talking about.
>
>  4. Why should switching to DC_SHA1 by default have resulted in
>     simply dropping the NO_OPENSSL => BLK_SHA1 behavior?  At first
>     glance it would be more intuitive to change it to
>     NO_OPENSSL => DC_SHA1 instead.
>
> Putting those all together, I end up with
>
>  Use the collision detecting SHA-1 implementation by default even
>  when NO_OPENSSL is set.
>
>  Setting NO_OPENSSL=UnfortunatelyYes has implied BLK_SHA1=1 ever since
>  the former was introduced in dd53c7ab29 (Support for NO_OPENSSL,
>  2005-07-29).  That implication should have been removed when the
>  default SHA-1 implementation changed from OpenSSL to DC_SHA1 in
>  e6b07da278 (Makefile: make DC_SHA1 the default, 2017-03-17).  Finish
>  what that commit started by removing the BLK_SHA1 fallback setting so
>  the default DC_SHA1 implementation can be used.

Thanks. I've used that as-is, and also changed 2/2 to inline the
comment references.

> What happens if I set both OPENSSL_SHA1 and NO_OPENSSL?  Should this
> block set
>
> 	OPENSSL_SHA1 =
>
> so that the latter wins, or should we detect it as an error?

We fail at link-time if you supply both, but that's something that
happens alredy in master.

It's probably not worth the effort to add an $(error ...) for that to
the Makefile (I've added some of these already) since the error should
be fairly obvious, as opposed to some of the subtle "that doesn't work
like that anymore" errorors I've added recently for other topics.

> [...]
>> --- a/Makefile
>> +++ b/Makefile
>> @@ -23,7 +23,6 @@ all::
>>  # it at all).
>>  #
>>  # Define NO_OPENSSL environment variable if you do not have OpenSSL.
>> -# This also implies BLK_SHA1.
>>  #
>>  # Define USE_LIBPCRE if you have and want to use libpcre. Various
>>  # commands such as log and grep offer runtime options to use
>> @@ -1260,7 +1259,6 @@ ifndef NO_OPENSSL
>>  	endif
>>  else
>>  	BASIC_CFLAGS += -DNO_OPENSSL
>> -	BLK_SHA1 = 1
>>  	OPENSSL_LIBSSL =
>>  endif
>>  ifdef NO_OPENSSL
>> diff --git a/configure.ac b/configure.ac
>> index 2f55237e65..7f8415140f 100644
>> --- a/configure.ac
>> +++ b/configure.ac
>> @@ -241,7 +241,6 @@ AC_MSG_NOTICE([CHECKS for site configuration])
>>  # a bundled SHA1 routine optimized for PowerPC.
>>  #
>>  # Define NO_OPENSSL environment variable if you do not have OpenSSL.
>> -# This also implies BLK_SHA1.
>
> With or without some of those commit message tweaks
> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

Thanks!

Ævar Arnfjörð Bjarmason (2):
  Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1
  Windows: stop supplying BLK_SHA1=YesPlease by default

 Makefile         | 2 --
 config.mak.uname | 1 -
 configure.ac     | 1 -
 3 files changed, 4 deletions(-)

-- 
2.15.1.424.g9478a66081

[PATCH v2 1/2] Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1

[Ævar Arnfjörð Bjarmason]

Use the collision detecting SHA-1 implementation by default even when
NO_OPENSSL is set.

Setting NO_OPENSSL=UnfortunatelyYes has implied BLK_SHA1=1 ever since
the former was introduced in dd53c7ab29 (Support for NO_OPENSSL,
2005-07-29).  That implication should have been removed when the
default SHA-1 implementation changed from OpenSSL to DC_SHA1 in
e6b07da278 (Makefile: make DC_SHA1 the default, 2017-03-17).  Finish
what that commit started by removing the BLK_SHA1 fallback setting so
the default DC_SHA1 implementation will be used.

Helped-by: Jonathan Nieder <jrnieder@gmail.com>
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 Makefile     | 2 --
 configure.ac | 1 -
 2 files changed, 3 deletions(-)

diff --git a/Makefile b/Makefile
index 32c170687c..7e1da28b6f 100644
--- a/Makefile
+++ b/Makefile
@@ -23,7 +23,6 @@ all::
 # it at all).
 #
 # Define NO_OPENSSL environment variable if you do not have OpenSSL.
-# This also implies BLK_SHA1.
 #
 # Define USE_LIBPCRE if you have and want to use libpcre. Various
 # commands such as log and grep offer runtime options to use
@@ -1260,7 +1259,6 @@ ifndef NO_OPENSSL
 	endif
 else
 	BASIC_CFLAGS += -DNO_OPENSSL
-	BLK_SHA1 = 1
 	OPENSSL_LIBSSL =
 endif
 ifdef NO_OPENSSL
diff --git a/configure.ac b/configure.ac
index 2f55237e65..7f8415140f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -241,7 +241,6 @@ AC_MSG_NOTICE([CHECKS for site configuration])
 # a bundled SHA1 routine optimized for PowerPC.
 #
 # Define NO_OPENSSL environment variable if you do not have OpenSSL.
-# This also implies BLK_SHA1.
 #
 # Define OPENSSLDIR=/foo/bar if your openssl header and library files are in
 # /foo/bar/include and /foo/bar/lib directories.
-- 
2.15.1.424.g9478a66081

[PATCH v2 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Ævar Arnfjörð Bjarmason]

Using BLK_SHA1 in lieu of the OpenSSL routines was done in
9bccfcdbff ("Windows: use BLK_SHA1 again", 2009-10-22), since DC_SHA1
is now the default for git in general it makes sense for Windows to
use that too, this looks like something that was missed back in
e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17).

As noted in 2cfc70f0de ("mingw: use OpenSSL's SHA-1 routines",
2017-02-09) OpenSSL has a performance benefit compared to BLK_SHA1 on
MinGW, so perhaps that and the Windows default should be changed
around again. That's a topic for another series, it seems clear that
this specific flag is nobody's explicit intention.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 config.mak.uname | 1 -
 1 file changed, 1 deletion(-)

diff --git a/config.mak.uname b/config.mak.uname
index 685a80d138..6a862abd35 100644
--- a/config.mak.uname
+++ b/config.mak.uname
@@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
 	NO_REGEX = YesPlease
 	NO_GETTEXT = YesPlease
 	NO_PYTHON = YesPlease
-	BLK_SHA1 = YesPlease
 	ETAGS_TARGET = ETAGS
 	NO_INET_PTON = YesPlease
 	NO_INET_NTOP = YesPlease
-- 
2.15.1.424.g9478a66081

Re: [PATCH v2 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Jonathan Nieder]

Ævar Arnfjörð Bjarmason wrote:

> Using BLK_SHA1 in lieu of the OpenSSL routines was done in
> 9bccfcdbff ("Windows: use BLK_SHA1 again", 2009-10-22), since DC_SHA1
> is now the default for git in general it makes sense for Windows to
> use that too, this looks like something that was missed back in
> e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17).

micronit: the commas should be periods.

With or without such a tweak, this is indeed
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

Thanks.

Re: [PATCH v2 1/2] Makefile: NO_OPENSSL=1 should no longer imply BLK_SHA1=1

[Jonathan Nieder]

Ævar Arnfjörð Bjarmason wrote:

> Use the collision detecting SHA-1 implementation by default even when
> NO_OPENSSL is set.
>
> Setting NO_OPENSSL=UnfortunatelyYes has implied BLK_SHA1=1 ever since
> the former was introduced in dd53c7ab29 (Support for NO_OPENSSL,
> 2005-07-29).  That implication should have been removed when the
> default SHA-1 implementation changed from OpenSSL to DC_SHA1 in
> e6b07da278 (Makefile: make DC_SHA1 the default, 2017-03-17).  Finish
> what that commit started by removing the BLK_SHA1 fallback setting so
> the default DC_SHA1 implementation will be used.
>
> Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

This is indeed
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>

Thanks for your patient work.

Re: [PATCH v2 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Johannes Schindelin]

[-- Attachment #1: Type: text/plain, Size: 1960 bytes --]

Hi,

On Thu, 28 Dec 2017, Ævar Arnfjörð Bjarmason wrote:

> Using BLK_SHA1 in lieu of the OpenSSL routines was done in
> 9bccfcdbff ("Windows: use BLK_SHA1 again", 2009-10-22), since DC_SHA1
> is now the default for git in general it makes sense for Windows to
> use that too, this looks like something that was missed back in
> e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17).
> 
> As noted in 2cfc70f0de ("mingw: use OpenSSL's SHA-1 routines",
> 2017-02-09) OpenSSL has a performance benefit compared to BLK_SHA1 on
> MinGW, so perhaps that and the Windows default should be changed
> around again. That's a topic for another series, it seems clear that
> this specific flag is nobody's explicit intention.
> 
> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
> Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
> ---
>  config.mak.uname | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/config.mak.uname b/config.mak.uname
> index 685a80d138..6a862abd35 100644
> --- a/config.mak.uname
> +++ b/config.mak.uname
> @@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
>  	NO_REGEX = YesPlease
>  	NO_GETTEXT = YesPlease
>  	NO_PYTHON = YesPlease
> -	BLK_SHA1 = YesPlease
>  	ETAGS_TARGET = ETAGS
>  	NO_INET_PTON = YesPlease
>  	NO_INET_NTOP = YesPlease

This patch is actually identical to 8756c75cd10 (msvc: use OpenSSL's SHA-1
routines, 2016-10-12) in Git for Windows' master.

I did plan to submit this, but it is part of a bigger effort to get Git to
build in current versions of Visual Studio again.

Before this work, the MSVC build could only use an ancient OpenSSL version
from pre-built binaries hosted on repo.or.cz, and those are unlikely to
get the performance benefits that you seek.

So I would like to ask to skip this patch for now, and take Jeff
Hostetler's patch as part of the MSVC patches later, once they have been
matured in Git for Windows?

Thanks,
Dscho

Re: [PATCH 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Johannes Schindelin]

[-- Attachment #1: Type: text/plain, Size: 1658 bytes --]

Hi,

On Thu, 28 Dec 2017, Ævar Arnfjörð Bjarmason wrote:

> On Wed, Dec 27 2017, Jonathan Nieder jotted:
> 
> > +git-for-windows
> > Ævar Arnfjörð Bjarmason wrote:
> >
> >> Using BLK_SHA1 in lieu of the OpenSSL routines was done in [1], but
> >> since DC_SHA1 is now the default for git in general it makes sense for
> >> Windows to use that too, this looks like something that was missed
> >> back in [2].
> >>
> >> As noted in [3] OpenSSL has a performance benefit compared to BLK_SHA1
> >> on MinGW, so perhaps that and the Windows default should be changed
> >> around again, but that's a topic for another series, it seems clear
> >> that this specific flag is nobody's explicit intention.
> >
> > I have some memory of performance issues on Windows when DC_SHA1 was
> > introduced leading to interest in a mixed configuration with DC_SHA1
> > only being used where it is security sensitive (e.g. for object naming
> > but not for packfile trailers).
> >
> > Did anything come of that?
> 
> This was Johannes Schindelin (CC'd) on-list when the sha1dc discussion
> first came up earlier this year. I.e. it's slower, so we could use
> openssl on trusted data and sha1dc on untrusted data, but nothing came
> of that.

The performance degradation is noticeable, as far as I can see. And no, we
have not yet worked on the hyprid SHA-1-DC solution, as we expect bigger
benefits from trying to avoid unnecessary SHA-1 calculation to begin with
(read: we will try to catch bigger fish first).

All of this may also become moot if we ever get off the ground with
SHA-256 (or whatever we will use then).

Ciao,
Dscho

Re: [PATCH v2 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Ævar Arnfjörð Bjarmason]

On Thu, Jan 04 2018, Johannes Schindelin jotted:

> Hi,
>
> On Thu, 28 Dec 2017, Ævar Arnfjörð Bjarmason wrote:
>
>> Using BLK_SHA1 in lieu of the OpenSSL routines was done in
>> 9bccfcdbff ("Windows: use BLK_SHA1 again", 2009-10-22), since DC_SHA1
>> is now the default for git in general it makes sense for Windows to
>> use that too, this looks like something that was missed back in
>> e6b07da278 ("Makefile: make DC_SHA1 the default", 2017-03-17).
>>
>> As noted in 2cfc70f0de ("mingw: use OpenSSL's SHA-1 routines",
>> 2017-02-09) OpenSSL has a performance benefit compared to BLK_SHA1 on
>> MinGW, so perhaps that and the Windows default should be changed
>> around again. That's a topic for another series, it seems clear that
>> this specific flag is nobody's explicit intention.
>>
>> Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
>> Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
>> ---
>>  config.mak.uname | 1 -
>>  1 file changed, 1 deletion(-)
>>
>> diff --git a/config.mak.uname b/config.mak.uname
>> index 685a80d138..6a862abd35 100644
>> --- a/config.mak.uname
>> +++ b/config.mak.uname
>> @@ -361,7 +361,6 @@ ifeq ($(uname_S),Windows)
>>  	NO_REGEX = YesPlease
>>  	NO_GETTEXT = YesPlease
>>  	NO_PYTHON = YesPlease
>> -	BLK_SHA1 = YesPlease
>>  	ETAGS_TARGET = ETAGS
>>  	NO_INET_PTON = YesPlease
>>  	NO_INET_NTOP = YesPlease
>
> This patch is actually identical to 8756c75cd10 (msvc: use OpenSSL's SHA-1
> routines, 2016-10-12) in Git for Windows' master.
>
> I did plan to submit this, but it is part of a bigger effort to get Git to
> build in current versions of Visual Studio again.
>
> Before this work, the MSVC build could only use an ancient OpenSSL version
> from pre-built binaries hosted on repo.or.cz, and those are unlikely to
> get the performance benefits that you seek.
>
> So I would like to ask to skip this patch for now, and take Jeff
> Hostetler's patch as part of the MSVC patches later, once they have been
> matured in Git for Windows?

Sounds good to me. Junio, could you please drop this one and just take
1/2?

Re: [PATCH v2 2/2] Windows: stop supplying BLK_SHA1=YesPlease by default

[Junio C Hamano]

Ævar Arnfjörð Bjarmason <avarab@gmail.com> writes:

>> So I would like to ask to skip this patch for now, and take Jeff
>> Hostetler's patch as part of the MSVC patches later, once they have been
>> matured in Git for Windows?
>
> Sounds good to me. Junio, could you please drop this one and just take
> 1/2?

Done. Thanks, both.