I have a Windows-only OpenSSL application developed in VS 2010. I have now been tasked with creating parallel "regular" and "exportable" (from the US) distributions of the application.
I UNDERSTAND YOU CAN'T GIVE LEGAL ADVICE. I'M ONLY LOOKING FOR TECHNICAL INPUT HERE. The application statically links to libeay32XX.lib and ssleay32XX.lib. The application starts out by calling "applink()." The distribution includes libeay32.dll and ssleay32.dll. Am I correct in the following premises? - All of the actual encryption algorithms are in libeay32.dll? (And ssleay32.dll?) As I describe my architecture above, my distributed main executable does not contain actual encryption algorithms; they're only in the DLL(s)? - It should be possible to create and distribute a "weak encryption only" build of libeay32.dll? Personal confession/personal advice time: I have 44 years of experience as a programmer, 40 of it as a successful commercial product developer, but no knowledge of "make" beyond a grasp of the purpose and concept. (Most of those 44 years are on a platform with no tradition of make; the remainder are exclusively with the MS VS IDE and its predecessors. Make fun of me if you wish.) Question: assuming I am correct that I need to build my own version of libeay32.dll, do you think it's a shorter path to learn make, or to try to do it with MS VS 2010? I am guessing the former. Is there somewhere a "ready to roll" MS VS project that builds the DLLs? Is there a configure (is that the right term?) option for "weak encryption only"? I see the no-<specific cipher> flag but is there a no-strong-ciphers sort of option? I know that SSL_CTX_set_cipher_list() supports the LOW and EXP keywords so OpenSSL must "know" what are the so-called export ciphers. Would appreciate any additional miscellaneous tips. Charles ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
