NOCRYPT / NOSECURE
Mark Murray
mark at grondar.org
Thu May 15 11:18:38 PDT 2003
Dag-Erling Smorgrav writes:
> I would therefore like to remove NOSECURE, preferably before 5.1.
I will applaud this!
> NO_OPENSSL is also a subset of NOCRYPT. There is so little that
> builds with NO_OPENSSL but not with NOCRYPT that I think it might be
> worthwhile to deprecate NO_OPENSSL and change the description of
> NOCRYPT from "will prevent building of crypt versions" to "do not
> build crypto-related software"
I like this too.
> We also have something called libcipher which is only used by bdes(1);
> the OpenSSL distribution contains a similar and AFAIK compatible
> utility (src/crypto/openssl/crypto/des/des.c) which we don't currently
> build. We should probably ditch both libcipher and bdes(1), and
> perhaps add OpenSSL's des(1) to the build if our users really want it,
> though 'ln -s /usr/bin/openssl /usr/bin/des' goes a long way.
If openssl's des(1) is the same as our bdes(1) (ie, gives the same results)
then I'm in support of this. I'd also approve of a wrapper script that
calls openssl(1) or des(1) and make a compatible bdes(1). Similar scripts
may be a good idea for md5(1) and sha1(1).
If folks don't shoot the idea down, I'm happy to help out.
M
--
Mark Murray
iumop ap!sdn w,I idlaH
More information about the freebsd-arch
mailing list