Date: Tue, 20 Jun 1995 08:23:31 -0700 (PDT) From: "Rodney W. Grimes" <rgrimes@gndrsh.aac.dev.com> To: mark@grondar.za (Mark Murray) Cc: Wollman@halloran-eldar.lcs.mit.edu, gibbs@freefall.cdrom.com, current@freebsd.org Subject: Re: The great crypt reshuffle Message-ID: <199506201523.IAA01730@gndrsh.aac.dev.com> In-Reply-To: <199506201457.QAA02441@grumble.grondar.za> from "Mark Murray" at Jun 20, 95 04:57:22 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > Hi > > There has been good discussion over the last couple of days, and this > is an attempt to summarise the concensus so far, and turn it into an > agreed-upon proposal. Where I have gotten wrong, please gently correct, > where I have forgotten please remind etc... > > 1) The DES library is to move from eBones to secure/lib/libdes. > des.h (the public header for this library) moves from > /usr/include/kerberosIV to /usr/include, and to be updated with > much more recent code from Eric Young, the original author. Fine, just remeber to add it to the list of places to install header files from when doing ``make includes'' in /usr/src. See target includes: in /usr/src/Makefile. > 2) crypt(3) and friends in libcipher to be replaced with faster code > from same author as libdes, and to merge with libdes. (I know, not > much concensus here - I'm just pushing my luck) We need to know just what it was that csgr had in mind when he was doing all of this. From the README.FreeBSD in libcipher I get the feeling he was going the other way, but evenutally wanted to collapse the libraries: gndrsh# more README.FreeBSD $Id: README.FreeBSD,v 1.1.1.1 1994/09/07 21:18:07 csgr Exp $ This is FreeSec package for NetBSD, unchanged for FreeBSD, except for the Makefile. The other stuff in libcrypt will be added in stages! gndrsh# > 3) libcrypts containing _only_ des crypt(3) and md5 crypt(3) to remain > unchanged (Except perhaps for newer code in des crypt(3)) to maintain > possible foreign licensing. One selected as the _real_ libcrypt by > symlink. Okay! > 4) (Very little discussion here) Other libraries containing crypto > code (ssl, rsa, md4, idea (where legal/appropriate)) be placed in > secure/lib/lib*/ and turned into a separate library. Some of this > code may cause serious trouble for owners in certain countries. (eg > rsa in US.) The public headers for these to be placed in /usr/include > for orthogonality with des.h in 1) above. I would just rather leave this code by the way side as far as /usr/src goes. We already have enough legal problems with the current set of code and I think doing this would open a can of works. Perhaps making a ``port'' collection that installed into /usr/local/lib would be a better path to take (pun intended). > 5) secure/usr.bin/telnet is kerberised, and as such should move to > eBones. Agreed. > 6) (not discussed at all - I think) Eric Young has not touched eBones > for _years_, and is not likely to. The code in eBones is a mess, and I > would like to rebuild it as a lib/ include/ usr.bin/ usr.sbin/ > structure for orthogonality with secure and gnu. This is more-or-less > how the original code looked. Then why was it changed to be the way it is now? We need this input and reasoning from Geoff before I can accept changing it yet again. There must have been (hopefully) some reason that he drastically changed it from the way that it was originally. > 7) More will follow as I start to work on it (Secure RPC etc). One thing at a time please... :-) :-) -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Custom computers for FreeBSD
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506201523.IAA01730>