Subject: Re: openssl w/o rc5 & idea, was Re: openssl like in NetBSD
To: Bill Studenmund <>
From: None <>
List: tech-pkg
Date: 09/27/2001 11:50:36
>The intent was to make no-rc5 no-idea the default, and have documented in
>the package how to add them back.


>What exactly did you do to the in-tree sources to make the libidea and
>librc5 bits seperate, with stubs in libopenssl to support them? If the ABI
>varies depending on what is in there and what not (other than idea calls
>exist or don't), then this might be the best option.

	I've put a dummy function (which printf and abort) in place of idea/rc5
	functions, into libcrypto.  if you link libcrypto_{idea,rc5} earlier
	than libcrypto, you can override these dummy function with the real one.
	in this way we won't change any ABI of libcrypto.  if some thirdparty
	application tries to use idea/rc5 function without libcrypto_{idea,rc5}
	they terminates by themselves.

	i don't think it is workable for package.

>I'd like to make it so that the default openssl package has no LICENSE

	i would say you shouldn't bother.  you will make other packages (that
	depend on openssl) harder to get right.  also, i'm not sure if RC5
	and IDEA are the only tainted algorithms.  there could be others
	(like RC4 - oops, ARCFOUR).