Re: OpenSSL on the MacOS

Sat, 6 Mar 1999 09:55:24 -0500 


In article <v04011710b303b8e72b78@[24.116.9.21]> you wrote:

> I had just finished porting SSLeay 0.9.0 to MacOS 8.x when I learned (quite
> by accident) that it had become OpenSSL.  I was at once elated that the
> library would continue to evolve, and consternated that a 0.9.1 had been
> available for some time!  (Do I upgrade now even though I'm under strenuous
> deadline pressures, or just keep the code that's already working?  Choices,
> choices.)
> 
> I have some questions:
> 
> 1) Should I use the SSLeay copyright/licensing, or the OpenSSL copyright?
> It sounds like I should just use the OpenSSL version, but I'd like to make
> sure.

I don't know for _what_ you want to use it, but when you're using OpenSSL
_both_ the OpenSSL _and_ the SSLeay license applies. It's a dual-license
situation because of some nasty attached conditions inside the original SSLeay
license.
 
> 2) How many changes are there between 0.9.0 and 0.9.1?  Reading the
> history, it appears most of the fixes are build/compile issues, not
> features or serious bug fixes.  Is there any compelling reason to upgrade
> right away?

I would wait until we release 0.9.2. But then you'll find a lot of
improvements. The CHANGES file currently lists 156 changes between SSLeay
0.9.0b and the current pre-0.9.2 state.

> 3) Is there any interest in the idea of a MacOS port, or does anyone care?
> MacOS X is going to have a POSIX API, BSD sockets, etc., so there might be
> no point in trying to maintain a port for MacOS 8.x.  I only ported the
> library, not any of the applications.  It works, and only requires new code
> in one file (threads).  I did have to comment out lots of "#include
> <sys/whatever.h>" throughout the library, so they would need to be properly
> #ifdef'd.

When the porting-patch doesn't clutter too much original source code, it's
always interested to incorporate it, of course.  Post the patch and let us
look at it.
 
> 4) Are there any plans to support chained certificates?  This is an area
> that I'm willing to contribute some time to, if there is interest (an
> nobody has already done it).

Sorry, I don't know what exactly you mean with "chained certificates".
SSLeay/OpenSSL always supported certificate chains because that's how the
X.509 certificate systems works. Is "chained certificates" a different
concept I just don't know about?
                                       Ralf S. Engelschall
                                       [EMAIL PROTECTED]
                                       www.engelschall.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to