Date: Sat, 19 Feb 2000 14:53:00 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: Victor Salaman <salaman@teknos.com>, freebsd-current@FreeBSD.org Subject: Re: openssl in -current Message-ID: <Pine.BSF.4.21.0002191444110.82105-100000@freefall.freebsd.org> In-Reply-To: <41344.950999828@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Feb 2000, Jordan K. Hubbard wrote: > > Okay, so what do I need to do to make this happen? > > 1. Make openssl build as part of the standard "world" and depend > on the setting of USA_RESIDENT, which will be initially set by > sysinstall. It already does this if you get your crypto from internat. US mirror sites only carry the neutered (no-RSA) version, but internat carries RSA and builds it conditional on USA_RESIDENT. > 2. Let me look at where things are installed in each case (if there's > any difference at all) and figure out how to hack release/Makefile > to package up the extra bits. The only differences are: 1) if you build with rsaref (which it's only sensible to do if USA_RESIDENT == YES) you get a librsaglue.* and include/rsaref.h in addition to the "standard" files. 2) if you don't build with any sort of RSA (i.e. USA_RESIDENT == YES and you don't have the rsaref package installed) then you don't get include/rsa.h but get everything else "standard". See the packages at http://www.freebsd.org/~kris/openssl/ for a better definition of "standard". Mark should be putting the international ones on internat sometime (*nudge*). > 3. I add another "crypto" flag for this chunk of stuff in the > now-not-very-well-named des/ distribution directory and add > sysinstall menu entries for it appropriately. > > Of course, this all begs the question as to whether or not the current > DES/openssl division is even meaningful now. The DES code we have in > the tree is rapidly falling under the radar of what the US government > considers interesting and this whole openssl thing is over a patent, > which is in a rather different category. We're sort of trying to > skate in-between the lines here and I think we're only confusing > ourselves as a result. Did you ever hear back from the lawyers about whether (and how) we can freely distribute openssl (and other stuff) from the US? Apart from that it does just reduce to the case of keeping the patent lawyers happy by keeping the patented code away from US people. Kris ---- "How many roads must a man walk down, before you call him a man?" "Eight!" "That was a rhetorical question!" "Oh..then, seven!" -- Homer Simpson To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0002191444110.82105-100000>