On 2009-08-23 Magnus Holmgren <holmg...@debian.org> wrote: > On lördagen den 22 augusti 2009, Aaron M. Ucko wrote: >> Magnus Holmgren <holmg...@debian.org> writes: >>> * Self-contained, no dependencies (except libc), thanks to code >>> included from the PolarSSL project.
>> From a Debian perspective, that's a policy violation, not a feature! >> Please arrange for it to use an external PolarSSL installation. > I know and agree and will talk to Tom about this. PolarSSL currently only > provides a static library however, which is also not good. I am somehow also not happy with a situation where any given exim installation would end linked dynamically (indirectly) against at least two full blown ssl libraries (OpenSSL or GnuTLS for STARTTLS, polarssl for DKIM). On a sidenote, is the cause for this ITP just exim or is general interest in this library? > AFAICT pdkim "borrows" the code needed to implement DKIM (i.e. RSA, SHA-1 > etc.), Afaiui this "gnulib style" usage of polarssl by picking a handful of files is supported upstream. http://polarssl.org/?page=features | All symmetric and hashing algorithms are not coupled to any other file | and can thus be easily integrated into existing projects. > but I haven't checked whether Tom has made any modifications to it. pdkim.(c|h) is new code, all the rest is basically unmodified from polarssl (stripped out selftest, disabled #include "polarssl/config.h" + check for #if defined(POLARSSL_....), except for rsa.(h|c). The latter contains the two newly written functions rsa_parse_public_key and rsa_parse_key which require asn1_get_tag and asn1_get_mpi. Sadly these asn_... functions are not (yet?) part of polarssl's public API. (They are part of x509parse.c). Which is why Tom has copied their sourcecode into rsa.(h|c). I agree that all this should at least be separared clearly (like gnulib/) in the pdkim distributions, be it just for easy updates. cu andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
