Fortunately other non deprecated algos like sha256 are way
faster.
Faster than when --with-openssl is used? Can you show me how to benchmark that?
After reading Assaf's comments I confess that I'm not getting the point of the
recent changes. As I understand it, the hardware support in question is
typically available to user-mode code so why go to the kernel at all? And even
if there are magic features not available outside the kernel, why not let the
OpenSSL library worry about the tradeoffs involved in user vs kernel mode rather
than reinvent its wheel? It's a real pain to ship data off to the kernel with
all the overheads and other hassles involved, and I don't see why it's a good
idea for Gnulib to get involved.
At this point I am leaning towards reverting these changes. If we keep them, the
default should be to disable this new feature; plus, several bugs (at least one
of which I introduced; sorry!) need to be fixed. I'm not sure it's worth the
maintenance effort to keep this stuff in, at least if it's coreutils we're
talking about.
