division of code into libraries - openssl dependancy
Mark_Andrews at isc.org
Mark_Andrews at isc.org
Tue Dec 10 01:30:46 UTC 2002
> Currently, there is:
>
> libisc
> libisccc
> libisccfg
> libdns
> liblwdns
>
> Useful uses of liblwdns requires libdns and libisc. libdns contains dst_*,
> which requires openssl. This makes programs that aren't doing any crypto at
> all depend upon openssl. Reducing dependancies on things that maybe either
> export/import controlled, or... buggy!... would be good.
>
> This is, for static linking, not a problem, since if the program doesn't use
> the crypto, it doesn't pull dst_* in. For dynamic linking, ironically, the
> program winds up bigger...
>
> I would like to propose that the dnssec functions be moved out of libdns,
> into libdnssec, perhaps.
libdst would be more appropriate. You could then have a crypto
aware libdst and crypto unaware libdst instead of a crypto aware
libdns and a crypto unaware libdns. However you would still need
to link against libcrypto even if the upper layers don't make use
of crypto when linking against the crypto aware libdst.
Pulling out all the crypto aware parts and putting them in a
seperate library would be extremely difficult.
Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark.Andrews at isc.org
More information about the bind-workers
mailing list