Renier Morales píše v St 23. 04. 2008 v 10:08 -0400:
>
> [EMAIL PROTECTED] wrote on 04/23/2008
> 08:50:10 AM:
>
> > Hi,
> >
> > Fedora started a project called Crypto Consolidation [1], [2] some
> time
> > ago. The conclusion is that for licensing and certification reasons
> we
> > will standardize on the NSS library. That's why I would like to
> start
> > adding support for NSS library into OpenHPI as a alternative to the
> > currently used OpenSSL library.
> > If I have read the sources carefully, there are 2 areas in OpenHPI
> where
> > OpenSSL is used now - the first one is digest/hash computing in the
> > ipmidirect plugin and the second one is SSL support in the oa_soap
> and
> > ilo2_ribcl plugins. The first area can be done easily in parallel
> with
> > NSS primitives and for the second area it can be either
> reimplemented
> > for NSS or a compatibility library nss_compat_ossl could be used. I
> have
> > seen that some form of modular SSL/crypto support was just being
> added,
> > so I would like to coordinate my work with the one that is already
> in
> > progress.
>
> No problem. We (Bryan and me) discussed about modularizing the SSL
> support oa_soap and ilo2_ribcl used. I checked in code yesterday to
> put it in the ssl/ directory. The SSL support code is wrapper code
> around the openssl library.
I have seen this and I think this an ideal time for stepping in.
>
> I think we could do something like:
> - Get configure.ac to detect nss and set a define/vars.
> - If nss is not detected look for openssl and set its define/vars.
> - ifdef' out the code that will not be compiled from the wrapper (nss
> or openssl)
>
I working on this. I will post a theoretical proposal, how to handle the
2 libs, later followed with patches.
> Of course, whatever code is in the wrapper using openssl will need to
> be reimplemented using nss (unless the compatibility lib is used?).
Even when the compatibility lib is used, then some code must
reimplemented. The author is saying that about 80% of code can stay
"openssl"-ized.
Dan
--
Dan Horák
Software Engineer, BaseOS
Red Hat Czech s.r.o., Purkyňova 99, 612 45 Brno
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Openhpi-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openhpi-devel
