Date: Fri, 16 May 2003 08:20:07 +0100 From: Mark Murray <mark@grondar.org> To: Dag-Erling Smorgrav <des@ofug.org> Cc: arch@freebsd.org Subject: Re: NOCRYPT / NOSECURE Message-ID: <200305160720.h4G7K7gN028186@grimreaper.grondar.org> In-Reply-To: Your message of "Fri, 16 May 2003 02:22:19 %2B0200." <xzp8yt7hhac.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smorgrav writes: > Mark Murray <mark@grondar.org> writes: > > Dag-Erling Smorgrav writes: > >> 'ln -s /usr/bin/openssl /usr/bin/md5' is almost right for md5(1), > >> except for some parentheses in the output IIRC. ISTR the same goes > >> for sha1(1). > > A one-liner shell script does it :-). > > but as others have pointed out, we need md5 even in the NOCRYPT case > (and it's not export-controlled anyway), so we can't touch it. Hmm. You are right. But... I can clean up the world build pretty extensively if it can be mostly guaranteed that src/crypto is present. We currently have 2 telnets; the non-crypto telnet is constructed with unifdef(1), and could easily be made by NOT defining some "naughty" macros (-DENCRYPTION, -DAUTHENTICATION). This would kill for ever the 'thou must commit to both telnets in the prescribed manner' rule, at the risk of possibly not having telnet after make world if src/crypto is not present. Likewise, we have libmd, which is a duplicate of some of the functionality of libcrypto. I'd like to see if a "safe" libhash (say) can be made from src/crypto/openssl/..., which libcrypto (if present) could depend on. The downside of this is requiring that src/crypto is present or else losing some functionality. SO - my query reduces to "How many folks are there out there who can NOT have crypto SOURCES on their system, even if they are doing a non crypto build?" M -- Mark Murray iumop ap!sdn w,I idlaH
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200305160720.h4G7K7gN028186>