gnunet-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-developers] avoiding openssl, take 2

From: Glenn McGrath
Subject: [GNUnet-developers] avoiding openssl, take 2
Date: Wed, 3 Jul 2002 15:05:31 +1000 
I meet with Christian and Krista (in real life) yesterday, and i'd now
like to clarfiy a few things.

As previously mentioned i would like it to be possible to compile gnunet
without openssl, the reason for this is that i would like gnunet to be
distributable by debian, i would also like investigate using gnunet to
suppliment existing debian package and metadata delivery methods.

Debian takes are fairly strict interpretation of licences and linking
GPL'ed bianries with openssl has bene mentioned many times on the
debian-legal mailing list, a fairly concise thread can be found at
http://lists.debian.org/debian-legal/2002/debian-legal-200205/msg00126.html

Openssl is used by gnunet to
 - Parse the gnunet.conf file
 - Provide the Blowish symetric cipher, used by the functions in
./src/common/cymcipher.c
 - Provide the RSA public/private key encryption as used in
./src/util/hostkey.c

RSA and blowfish functionality are provided by libgcrypt which recently
changed from GPL to LGPL, and will also soon be provided by beecrypt which
is LGPL. I previosuly mentioned gnutls, thats is a higher level library
for ssl communications, gnunet doesnt require ssl so we can just use the
lower level libraries.

I previously thought the config file functionality provided by openssl had
something to do with asn.1, this is not the case. Openssl uses its config
file handling code to parse its own config files and also provides them
for external applications to use, nothing to do with encryption, ssl, or
asn.1

Christian is pretty keep to keep the existing gnunet.conf file format, so
it looks like the only way forward is to write openssl compatable config
file parseing code, which can be used internally by gnunet, gnutls might
be interested in this code to put with Andrews compatability layer (as
mentioned by Branden yesterday) however we dont need gnutls so we dont
need the compatability layer.

Writting the openssl compatable config file parse shouldnt be too hard,
but it would have to handle multiple section and variable substition, so
its not completely trivial.



Glenn
reply via email to
[Prev in Thread] Current Thread [Next in Thread]