On Tue, 5 Feb 2002, Duane Kehoe wrote:
> Is it not possible to hook into the base SSL support of the OS via it's
> APIs rather than building based on a specific SSL package external to the
> project and OS? I always thought that SSL was just a wrapper put around the
> packet of information right before sending and if this is true any SSL
> wrapper should suffice, right?
Unfortunately, the API calls aren't the same. If you use a different API,
you need to call different functions and take different steps to make
the SSL work.
Furthermore, until recently SSL wasn't included in the base OS. Now,
the OpenSSL package is included with *BSD, and at least RedHat Linux.
Are the others all the same? I don't know. I know that Windows isn't
the same, and not all versions of Windows come with an SSL API. OpenSSL
compiles & works on every operating system that we need to support. It's
a powerful API, and it's open source. Operating systems that don't come
with an SSL API can all get OpenSSL for free and install it. It sure
seemed like the right choice!
> This is just a theory I had, during the install/build of tn5250 the user
> could be asked to point at the correct file already installed therefore
> instantly adding secure support. Like I said this is just a theory I had, I
> do not know the Win API nor do I really know if it would work.
Well, it couldn't just automagically work with any SSL API, for the
reasons explained above. The SSL part of it could probably be distributed
as a seperate DLL that could be included / not included at run-time with a
little work.
That might actually solve the license problem, I'm not sure.
> Also it might be worth while to look into openoffice's SSL
> support as it is OSS GPL'd and has SSL included.
>
Unless I'm confused, this is all getting blown way out of proportion. All
we really need is to get the copyright holders (Mike, Jay and myself) to
add the following clause:
"This program is released under the GPL with the additional exemption
that compiling, linking, and/or using OpenSSL is allowed."
>
> All just ideas, maybe I should start contributing to this project( just
> another idea ;| ) instead of just using it!
That's up to you. :)
_______________________________________________
This is the Linux 5250 Development Project (LINUX5250) mailing list
To post a message email: [EMAIL PROTECTED]
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/linux5250
or email: [EMAIL PROTECTED]
Before posting, please take a moment to review the archives
at http://archive.midrange.com/linux5250.
