Date: Sat, 11 Dec 2004 09:06:26 +0100 From: Andrea Campi <andrea+freebsd_arch@webcom.it> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code Message-ID: <20041211080625.GA11190@webcom.it> In-Reply-To: <41BA702C.3010909@wadham.ox.ac.uk> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 10, 2004 at 07:57:32PM -0800, Colin Percival wrote: > David O'Brien wrote: > >In other words, rather than create an RSA library that your code links > >against, just build .o's and list the .c's in your FreeBSD Update's > >Makefile. That way you can use this RSA code that you want to, but it > >isn't exposed as a consumable library in FreeBSD's {,/usr}/lib. > > Ah, now I understand. FreeBSD Update is a shell script, so I'd still need > to add an rsa-verify program into /usr/sbin, but I'm quite happy to have > it statically link my RSA code rather than installing a separate library, > if that's what people would prefer. Honestly, I thought that people would > complain if I did it that way. Can you offer a choice between using and installing your rsa-verify and calling openssl? I guess it's just a matter of sed'ing FreeBSD Update shell script to use one or the other. Speaking as one user that values space over time in some installations, I think this would be a win-win and would allow people to adopt rsa-verify at their own pace. Or vice versa, if (when) rsa-verify would become default, would allow security-conscious critics that would prefer to stick with OpenSSL to just do so. Bye, Andrea -- Give a man a fish and you feed him for a day; teach him to use the Net and he won't bother you for weeks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041211080625.GA11190>