Re: convert libgmp to a port?

2001-06-21 Thread Kris Kennaway

On Tue, Jun 19, 2001 at 12:44:40PM -0700, Terry Lambert wrote:
 Giorgos Keramidas wrote:
  
  On Sun, Jun 17, 2001 at 01:51:56PM -0700, Kris Kennaway wrote:
  
   libbn is already part of OpenSSH; it's a trivial matter to make it
   ^^^
I meant to say OpenSSL here, of course.

   into a standalone library.  In other words, we already include two
   functionally equivalent bignum libraries in FreeBSD, so one of them
   should go.
  
  I couldn't agree more :)
 
 I'm going to word this strongly, mostly because I feel
 strongly about the underlying issues.
 
 The SSL one is known to be very slow, and was written
 as a proof of concept by the author.  Please read the
 release notes; it is seriously slow.  Replacing it will
 increase your SSL performance significantly.

I know of no-one who has developed patches to make OpenSSL work with
an external math library (e.g. libgmp).  The OpenSSL guys are very
interested in cleaning up their legacy code; you should work with them
if you are interested.

In FreeBSD, the only use of the libgmp code is for non-speed-critical
applications, so replacing it with a less efficient library doesn't
cost anything.  libgmp will still exist in ports for applications
which want to make use of a more efficient library.

Kris

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-21 Thread GH

On Thu, Jun 21, 2001 at 01:15:12PM -0700, some SMTP stream spewed forth: 
 On Tue, Jun 19, 2001 at 12:44:40PM -0700, Terry Lambert wrote:
  Giorgos Keramidas wrote:
   
   On Sun, Jun 17, 2001 at 01:51:56PM -0700, Kris Kennaway wrote:
   
libbn is already part of OpenSSH; it's a trivial matter to make it
^^^
 I meant to say OpenSSL here, of course.
 
into a standalone library.  In other words, we already include two
functionally equivalent bignum libraries in FreeBSD, so one of them
should go.
   
   I couldn't agree more :)
  
  I'm going to word this strongly, mostly because I feel
  strongly about the underlying issues.
  
  The SSL one is known to be very slow, and was written
  as a proof of concept by the author.  Please read the
  release notes; it is seriously slow.  Replacing it will
  increase your SSL performance significantly.
 
 I know of no-one who has developed patches to make OpenSSL work with
 an external math library (e.g. libgmp).  The OpenSSL guys are very
 interested in cleaning up their legacy code; you should work with them
 if you are interested.
 
 In FreeBSD, the only use of the libgmp code is for non-speed-critical
 applications, so replacing it with a less efficient library doesn't
 cost anything.  libgmp will still exist in ports for applications
 which want to make use of a more efficient library.
 

Am I understanding this correctly?
We currently have implemented a more efficient library than one you
propose expending effort to plug in?

You propose that people remove the currently implemented and more
efficient library and replace it with a less-efficient library of
non-native BSD origin?

Really? This hardly seems like a good idea.

gh

 Kris

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-21 Thread GH

*snip*
 No.  We are talking about removing a GPL infected library from the base
 tree that is used by a couple of utterly performance irrelevant utilities
 and making these couple of utilities (secure-rpc key generation tools)
 use the OpenSSL bignum API - where OpenSSL has a BSD-style license.
 
 This has absolutely no effect on openssl at all.
 
  Really? This hardly seems like a good idea.
 
 No.  We can't plug libgmp into openssl anyway due to GPL infection and the
 resulting license conflicts.  openssl *explicitly* may not be distributed
 under GPL.  And building libgmp into openssl would require exactly that.
*snip*

Oh, I see.
Nevermind then, sounds good. (Somehow I missed the libgmp-GPL
relationship.)

gh

(Apologies to the CC's who didn't need this aside.)

 Cheers,
 -Peter
 --
 Peter Wemm - [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
 All of this is for nothing if we don't go to the stars - JMS/B5
 

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-18 Thread Garrett Wollman

On 18 Jun 2001 03:32:10 +0200, Assar Westerlund [EMAIL PROTECTED] said:

 But telnet in historic BSD didn't have sra or any other authentication
 mechanism that uses libmp.  Or are you saying that we cannot change
 `historical BSD software'?

No, I'm saying that the author of the SRA patches did the right thing
and used the traditional BSD math library when extending the
traditional BSD telnet utility.  I am furthermore making the point
that FreeBSD should continue to ship with a library that provides
the `libmp' interface, regardless of how it is implemented internally.

-GAWollman


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-18 Thread Mark Murray

 No, I'm saying that the author of the SRA patches did the right thing
 and used the traditional BSD math library when extending the
 traditional BSD telnet utility.  I am furthermore making the point
 that FreeBSD should continue to ship with a library that provides
 the `libmp' interface, regardless of how it is implemented internally.

Strongly disagree.

The libmp interface is not very fault-tolerant, and not well used
(anymore).

The bignum (BN) bits of libcrypto are much more fault tolerant and
ubiquitous.

Time to throw out the trash. The its traditionally part of BSD
argument holds no water - the BSD books that I have point to MH and
Emacs in the same way.

M
-- 
Mark Murray
Warning: this .sig is umop ap!sdn

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Peter Wemm

Steve Kargl wrote:
 On Sun, Jun 17, 2001 at 05:48:48AM +0300, Giorgos Keramidas wrote:
  
  I dont seem to be able to find some part of the base system that
  actually *does* use libgmp.  Being out of date as it is, do you think
  it's proper to remove it from the base system and make it a port?
  
 
 It is a port.  See ports/math/libgmp3.  Note also that libmp depends
 on sources from libgmp.
 
 kargl[219] find . -name Makefile | xargs grep lmp
 ./kerberosIV/libexec/telnetd/Makefile:  -L${KRBOBJDIR} -lkrb -lcrypt 
-lcom_err -lmp ${MINUSLPAM}
 ./kerberosIV/usr.bin/telnet/Makefile:   -L${KRBOBJDIR} -lkrb -lcrypt 
-lcom_err -lmp -lipsec ${MINUSLPAM}
 ./secure/libexec/telnetd/Makefile:  -lcrypt -lmp ${MINUSLPAM}
 ./secure/usr.bin/telnet/Makefile:LDADD= -ltermcap ${LIBTELNET} -lcryp
to -lcrypt -lmp \
 ./usr.bin/chkey/Makefile:LDADD= -lrpcsvc -lmp -lgmp
 ./usr.bin/newkey/Makefile:LDADD=-lrpcsvc -lmp -lgmp
 ./usr.sbin/keyserv/Makefile:LDADD=  -lmp -lrpcsvc
 kargl[220] find . -name Makefile | xargs grep lgmp
 ./usr.bin/chkey/Makefile:LDADD= -lrpcsvc -lmp -lgmp
 ./usr.bin/newkey/Makefile:LDADD=-lrpcsvc -lmp -lgmp

It should not be too hard to have build a lightweight 'libbignum' that
is extracted from the openssl sources and make that available in the base
system.  It would not be hard to convert the lib*mp consumers to use the
libbignum (libbn, -lbn ?) and then we can get rid of it.

telnet* should never have used libmp in the first place, it should have
used libcrypto/bignum.  chkey/newkey/keyserv are using libmp for
diffie-helmann key exchange.  (just large integer multiplication).  It
should be really easy to convert those three.

Cheers,
-Peter
--
Peter Wemm - [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]
All of this is for nothing if we don't go to the stars - JMS/B5


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Giorgos Keramidas

On Sat, Jun 16, 2001 at 11:38:45PM -0700, Peter Wemm wrote:

 It should not be too hard to have build a lightweight 'libbignum' that
 is extracted from the openssl sources and make that available in the base
 system.  It would not be hard to convert the lib*mp consumers to use the
 libbignum (libbn, -lbn ?) and then we can get rid of it.
 
 telnet* should never have used libmp in the first place, it should have
 used libcrypto/bignum.  chkey/newkey/keyserv are using libmp for
 diffie-helmann key exchange.  (just large integer multiplication).  It
 should be really easy to convert those three.

Since there are a few things that are using libgmp (and I missed them
in my quick search through the sources), no I would not prefer
removing libgmp and making a new, probably buggier, libbignum that
will replace our current libgmp.

If we do need some of the functionality of libgmp in the base-system,
then we really should import some newer version of libgmp, instead of
trying to make our own new library.  I dont really like reinventing
wheels :)

-giorgos

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Joseph A. Mallett

On Sun, 17 Jun 2001, Giorgos Keramidas wrote:

 If we do need some of the functionality of libgmp in the base-system,
 then we really should import some newer version of libgmp, instead of
 trying to make our own new library.  I dont really like reinventing
 wheels :)


Unless you are the one charged with doing the work, you shouldn't complain
about the circumstances of the job. If someone wants to implement
something which already exists with a good reason for doing so, let them.
It can't hurt.

Honestly, the odds that you would end up doing this, are NULL. Giving
concise reasons as to why it doesn't need replaced would be nice, rather
than why not bring in more vendor code.

--
[ Joseph Mallett[EMAIL PROTECTED] ] [ http://srcsys.org ]
[ xMach Core Team xMach: Proactively Unbloated Microkernel BSD ]
[ FreeBSD, NetBSD,  xMach User; (Obj)C(++) Coder ] [ http://xMach.org ]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Kris Kennaway

On Sun, Jun 17, 2001 at 06:22:56PM +0300, Giorgos Keramidas wrote:
 On Sat, Jun 16, 2001 at 11:38:45PM -0700, Peter Wemm wrote:
 
  It should not be too hard to have build a lightweight 'libbignum' that
  is extracted from the openssl sources and make that available in the base
  system.  It would not be hard to convert the lib*mp consumers to use the
  libbignum (libbn, -lbn ?) and then we can get rid of it.
  
  telnet* should never have used libmp in the first place, it should have
  used libcrypto/bignum.  chkey/newkey/keyserv are using libmp for
  diffie-helmann key exchange.  (just large integer multiplication).  It
  should be really easy to convert those three.
 
 Since there are a few things that are using libgmp (and I missed them
 in my quick search through the sources), no I would not prefer
 removing libgmp and making a new, probably buggier, libbignum that
 will replace our current libgmp.
 
 If we do need some of the functionality of libgmp in the base-system,
 then we really should import some newer version of libgmp, instead of
 trying to make our own new library.  I dont really like reinventing
 wheels :)

libbn is already part of OpenSSH; it's a trivial matter to make it
into a standalone library.  In other words, we already include two
functionally equivalent bignum libraries in FreeBSD, so one of them
should go.

Kris

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Giorgos Keramidas

On Sun, Jun 17, 2001 at 01:51:56PM -0700, Kris Kennaway wrote:

 libbn is already part of OpenSSH; it's a trivial matter to make it
 into a standalone library.  In other words, we already include two
 functionally equivalent bignum libraries in FreeBSD, so one of them
 should go.

I couldn't agree more :)

-giorgos

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: convert libgmp to a port?

2001-06-17 Thread Assar Westerlund

Garrett Wollman [EMAIL PROTECTED] writes:
 On Sat, 16 Jun 2001 23:38:45 -0700, Peter Wemm [EMAIL PROTECTED] said:
 
  telnet* should never have used libmp in the first place,
 
 Yes, it should have, since telnet is historic BSD software and libmp
 is the historic BSD arbitrary-precision-math library.

But telnet in historic BSD didn't have sra or any other authentication
mechanism that uses libmp.  Or are you saying that we cannot change
`historical BSD software'?

/assar

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



convert libgmp to a port?

2001-06-16 Thread Giorgos Keramidas

I was looking at PR/9233 from Dec 1998 the other day, and I saw that
the version of libgmp thats included in the base-system seems to be
very outdated (version 2.x in our tree, while version 3.x is available
at the homepage of libgmp).

After discussing this with [EMAIL PROTECTED] about it through mail, I
started looking through the sources to see where libgmp is used.  It
may be a false impression of mine, but in the -STABLE sources that I
checked, I didn't seem to find anyone in the base-system `using'
libgmp.  I tried grepping through the entire /usr/src to find one
place except for contrib/libgmp that seems to be using functions from
libgmp (I was looking for functions that matched \mp[.]*_.*).

I dont seem to be able to find some part of the base system that
actually *does* use libgmp.  Being out of date as it is, do you think
it's proper to remove it from the base system and make it a port?

/me ducks to save his head from the flames

-giorgos

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message