[Python-Dev] openSSL and windows binaries (original) (raw)

Gregory P. Smith greg at electricrain.com
Wed Aug 9 00:07:48 CEST 2006

• Previous message: [Python-Dev] openSSL and windows binaries - license
• Next message: [Python-Dev] openSSL and windows binaries - license
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 08, 2006 at 04:54:44PM -0400, Jim Jewett wrote:

On 8/8/06, "Martin v. L?wis" <martin at v.loewis.de> wrote: > Jim Jewett schrieb: > > The OpenSSL library implements some algorithms that are patented. The > > source code should be fine to (re)distribute, but but there may be a > > slight legal risk with distributing a binary.

> I don't want to change the build process in that way (i.e. dropping a > feature) just before a release. OK, but this does argue against making the fast version available by default on windows. :{

disabling/enabling a cipher in openssl that isn't commonly used and isn't even directly exposed via any API to a python user hardly sounds like dropping a feature to me. it'll make your _ssl.pyd smaller if anything at all. (any sane SSL connection will negotiate AES or 3DES as its cipher; IDEA isn't required)

If the release manager declares, "absolutely no changes to the windows build process!" Then clearly none of the changes I submitted will make it in and neither would removing any hint of IDEA in 2.5 as they're both too late.

The 2.5c1 windows binary does not ship with hashlib, so IDEA is only available if someone else has compiled it.

IDEA is a cipher not a hash algorithm. it won't appear in _hashlib. the code is probably already linked and present in _ssl.pyd even if the ssl protocol itself doesn't allow that as a cipher.

But for a binary release, I think that IDEA should be added to the Configure exclude. http://svn.python.org/view/external/openssl-0.9.8a/Configure

# All of the following is disabled by default (RC5 was enabled before 0.9.8): my %disabled = ( # "what" => "comment" "gmp" => "default", + "idea" => "default", "mdc2" => "default", "rc5" => "default", "shared" => "default", "zlib" => "default", "zlib-dynamic" => "default" );

yeah i'd just do that if you're worried about the code being in the binary causing a problem.

• Previous message: [Python-Dev] openSSL and windows binaries - license
• Next message: [Python-Dev] openSSL and windows binaries - license
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list