Subject: Re: Building a domestic system...
To: Peter Seebach <email@example.com>
From: Miles Nordin <carton@Ivy.NET>
Date: 02/14/2000 14:43:13
On Mon, 14 Feb 2000, Peter Seebach wrote:
> So, obviously I don't just set DOMESTIC to /usr/src/domestic, or whatever.
> What am I supposed to be doing?
set CRYPTOBASE. If you have a crypto-us or crypto-intl directory,
bsd.crypto.mk will set CRYPTOBASE for you. You can just rename domestic
to crypto-us and not set anything.
It's weird--everyone is saying ``crypto-us'' now but if you sup you still
Also see crypto-*/README for an explanation of PATENTEDOPENSSLSRC. If you
want Idea and non-Rsaref RSA in your libssl, you need to point this
variable to some (relatively small) parts of the openssl-tarball's tree,
because these patented algorithms weren't checked into CVS.
Of course, you don't want to do this since it's illegal and therefore
Wrong, but it's, uh, interesting. :)
I've switched over to crypto-intl because the announcement sounded like
Heimdal was more likely to survive than krb5 (residual hatred for the US,
better-maintained, already IPv6-ready), but I may be wrong. Anyway it's
eomthing to consider if you've got nothing working now and want to get
_something_ up and running. I'm getting Heimdal with:
You get RCS files. You can get regular files quickly as follows:
gzip -dc ../cryptosrc-intl.tar.gz | pax -r
mv cryptosrc-intl/* .
( cd /usr/dist/src && (
CVSROOT=/usr/dist/cryptosrc-intl cvs co -P crypto-intl
find crypto-intl -type d -a -name CVS -a -print0 | xargs -0 rm -rf
These regular files can be slapped into crypto-intl, and it works (modulo
a few Makefile bugs).
Miles Nordin / v:+1 720 841-8308 fax:+1 530 579-8680
555 Bryant Street PMB 182 / Palo Alto, CA 94301-1700 / US