Debian considers switching curl to use libssh instead of libssh2

Red M libssh2 at red-m.net
Fri Jan 14 04:29:02 CET 2022


Re: performance
In my testing libssh is 20-25% slower than libssh2. I can publish more
about this figure soon but not only is it slower, it consumes more cycles
to get the same job done.

Another thing to note is that libssh does not fully implement
async/nonblocking IO for SCP and SFTP, making it an incomplete API.

Additionally while I'd like to provide patches for such features I am not
able to sign my commits, as I will not drop my pseudonym simply for someone
else's benefit.


On Thu, 6 Jan 2022, 3:18 am Will Cosgrove via libssh2-devel, <
libssh2-devel at lists.haxx.se> wrote:

> Yes, we use SecureZeroMemory() and memset_s().
>
> Will
>
> > On Jan 5, 2022, at 7:05 AM, Andreas Schneider <asn at cryptomilk.org>
> wrote:
> >
> > On Tuesday, January 4, 2022 6:05:05 PM CET Will Cosgrove via
> libssh2-devel
> > wrote:
> >> We do zero some sensitive data, but could be reviewed for completeness.
> >
> > I don't know how you exactly zero sensitive data, but be aware that if
> you do:
> >
> > memset()
> > free()
> >
> > The optimizer will optimize away the memset(). You either use
> explicit_bzero()
> > or protect the memset() with additional assembler code. There is also
> > memset_s() or memset_secure() on some platforms.
> >
> >
> >       Andreas
> >
> > --
> > Andreas Schneider                 asn at cryptomilk.org
> > GPG-ID:     8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
> >
> >
>
> --
> libssh2-devel mailing list
> libssh2-devel at lists.haxx.se
> https://lists.haxx.se/listinfo/libssh2-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.haxx.se/pipermail/libssh2-devel/attachments/20220114/556b0217/attachment.htm>


More information about the libssh2-devel mailing list