From owner-freebsd-current@FreeBSD.ORG Thu Jan 9 08:58:17 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 525FE7A0 for ; Thu, 9 Jan 2014 08:58:17 +0000 (UTC) Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id C278B1CCA for ; Thu, 9 Jan 2014 08:58:16 +0000 (UTC) Received: from mandree.no-ip.org ([78.49.136.219]) by mail.gmx.com (mrgmx101) with ESMTPSA (Nemesis) id 0LfXmv-1VdOD00Btx-00p8a5 for ; Thu, 09 Jan 2014 09:58:15 +0100 Received: from [IPv6:::1] (localhost6.localdomain6 [IPv6:::1]) by apollo.emma.line.org (Postfix) with ESMTP id 7D8B923CEEB; Thu, 9 Jan 2014 09:58:13 +0100 (CET) Message-ID: <52CE64A5.7000703@gmx.de> Date: Thu, 09 Jan 2014 09:58:13 +0100 From: Matthias Andree User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: freebsd-current@freebsd.org, "Mikhail T." Subject: Re: md2 on current and 10. References: <52B392D9.4030507@aldan.algebra.com> <52B483D7.7080302@gmx.de> <52B486AD.7080102@aldan.algebra.com> <52B48E8C.5070804@gmx.de> <52BB2979.5040008@aldan.algebra.com> <52CD6808.1080307@aldan.algebra.com> <52CDF5EF.407@wemm.org> <52CE0296.1060606@aldan.algebra.com> In-Reply-To: <52CE0296.1060606@aldan.algebra.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:kiJAlA1M2k5FuWXhzL1qskaEucmOmSSnlg/T+xYhJhNVxY2Xp4W jU/1clCK6euqoGyAygWhIiQ/QRxpmWK2X6ekQ1uaVNZpYr4Bt2+cabdaGQJbOtr5kO2ChlU 8RQX3Lg5ONbhQkTsjmk3aqiFfcAj12HocyVMcSxZlUPyyEilHuWbVOhrwCbJEWSwPQPwAd0 MJro45t3MGj3o5bCwu0Uw== X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Jan 2014 08:58:17 -0000 Am 09.01.2014 02:59, schrieb Mikhail T.: > On 08.01.2014 20:05, Peter Wemm wrote: >> The path of least resistance is to make a libmd2 port. It's the only way I >> can see you getting to use it on 10.0. > *I* don't really care. *I* don't use md2 myself. I became aware of the problem > by accident -- because one of my ports was affected (tcl-trf). But I can fix the > port, no huhu. > > It just seems to me, FreeBSD as a project goofed by abruptly removing the > functions, that have been in the base for many years. But if the src-committers > don't care to "ungoof" it -- despite my raising awareness as much (and, perhaps, > even above) as permissible by politeness -- then so be it... Mikhail, There have been license concerns raised about the MD2 algorithm, and apparently it is FreeBSD policy to not burden our users with known/surprising license restrictions. It would also appear that this license policy would overrule compatibility with an old algorithm (MD2). You have _not_ responded to these license concerns, but _only_ argued with compatibility, and along the lines of user/maintainer convenience. The MD2 functionality can be offered through a port, where it is much easier to handle legal concerns. It may be inconvenient to a maintainer, and you may be disappointed or frustrated about a lack of a proper discontinual phase, but I see a port as the _only_ viable option. Making a port use libmd2, or OpenSSL-from-ports-built-with-MD2 should (1) satisfy compatibility and (2) base system licensing requirements, all at the same time. What is the reason why you don't find it acceptable to offer an option to build your affected tcl-trf port against a ports OpenSSL? Is there a technical concern beyond adding proper _DEPENDS lines? Is there a social concern beyond the maintainer's one-time work? Do we have a release note entry for MD2 removal? (I haven't checked.) If not, can we add it before 10.0-RELEASE given there is a -RC5 now? Cheers, Matthias