division of code into libraries - openssl dependancy

Michael Richardson mcr at sandelman.ottawa.on.ca
Mon Dec 9 22:55:06 UTC 2002


-----BEGIN PGP SIGNED MESSAGE-----


Currently, there is:

libisc
libisccc
libisccfg
libdns
liblwdns

Useful uses of liblwdns requires libdns and libisc. libdns contains dst_*,
which requires openssl. This makes programs that aren't doing any crypto at
all depend upon openssl. Reducing dependancies on things that maybe either
export/import controlled, or... buggy!... would be good.

This is, for static linking, not a problem, since if the program doesn't use
the crypto, it doesn't pull dst_* in. For dynamic linking, ironically, the
program winds up bigger...

I would like to propose that the dnssec functions be moved out of libdns,
into libdnssec, perhaps.

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBPfUfR4qHRg3pndX9AQFPhgP/e4sjS2vYxg+fbhhqaAJXPzk+bJkkEI28
4Kzzl2TQfr0ysMLzE68xdaoVgULSlrqWxs58oXyIkm94VZHmsWlKEt+5w7DRjoRD
FQFHmE8uyGLfaEWVJJuF6iVL4AJkIvDLcVHf7YruUYIjFbnhz9fN1PQEwerbg5Xr
LFp60WI2+DU=
=vRwE
-----END PGP SIGNATURE-----


More information about the bind-workers mailing list