Date: Sat, 11 Dec 2004 09:06:26 +0100 From: Andrea Campi <andrea+freebsd_arch@webcom.it> To: Colin Percival <colin.percival@wadham.ox.ac.uk> Cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code Message-ID: <20041211080625.GA11190@webcom.it> In-Reply-To: <41BA702C.3010909@wadham.ox.ac.uk> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Dec 10, 2004 at 07:57:32PM -0800, Colin Percival wrote:
> David O'Brien wrote:
> >In other words, rather than create an RSA library that your code links
> >against, just build .o's and list the .c's in your FreeBSD Update's
> >Makefile. That way you can use this RSA code that you want to, but it
> >isn't exposed as a consumable library in FreeBSD's {,/usr}/lib.
>
> Ah, now I understand. FreeBSD Update is a shell script, so I'd still need
> to add an rsa-verify program into /usr/sbin, but I'm quite happy to have
> it statically link my RSA code rather than installing a separate library,
> if that's what people would prefer. Honestly, I thought that people would
> complain if I did it that way.
Can you offer a choice between using and installing your rsa-verify
and calling openssl? I guess it's just a matter of sed'ing FreeBSD
Update shell script to use one or the other.
Speaking as one user that values space over time in some installations,
I think this would be a win-win and would allow people to adopt
rsa-verify at their own pace. Or vice versa, if (when) rsa-verify
would become default, would allow security-conscious critics
that would prefer to stick with OpenSSL to just do so.
Bye,
Andrea
--
Give a man a fish and you feed him for a day;
teach him to use the Net and he won't bother you for weeks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041211080625.GA11190>