On Sun, 2010-09-12 at 20:13, Nikos Balkanas wrote: > I don't believe so. The openssl RC5 is licensed under the openssl > license (similar to kannel's). > > http://www.openssl.org/source/license.html
Licence is for software implementation and it is free but the RC5 algorithm is patented, AFAIK. I'm not a lawyer and I don't all details but I think that the RC5 cannot be used in USA (and possible other countries) without licence from the patent holder (in that case RSA Data Security). A quick look at WTLS specification shows that the RC5 isn't mandatory but optional. > Yes it is necessary, as mentioned in a previous mail. Incorrectly I > said that it is used in key generation. Actually it is one of the 3 > cipher algorithms used for content according to the wtls spec: > > enum bulk_algorithms { > NULL_bulk, > RC5_CBC_40, > RC5_CBC_56, > RC5_CBC, > DES_CBC_40, > DES_CBC, > TRIPLE_DES_CBC_EDE, > IDEA_CBC_40, > IDEA_CBC_56, > IDEA_CBC > }; > > This implementation supports the RC5 and DES algorithms. Not the IDEA. > > Kannel already has wtls with RC5 for all these years, except that it > doesn't work. > > BR, > Nikos > > ----- Original Message ----- From: "Milan P. Stanic" > <m...@arvanta.net> > To: <devel@kannel.org> > Sent: Sunday, September 12, 2010 7:42 PM > Subject: Re: wtls branch merged > > > >On Sun, 2010-09-12 at 17:35, Nikos Balkanas wrote: > >>But you don't need an rpm if you build from sources. You have all > >>the includes and sources that you need. > >>If you are referring about the binary kannel rpms, these are > >>seriously outdated. Besides rpms are for the masses, and wtls is for > >>the few...You should disable wtls when building for the masses. > > > >It could be problem for distributors (RH, Debian, Suse, xxxBSD and > >others) if they cannot distribute Kannel with WTLS enabled because RC5 > >is patented and distributors don't want to go court. > > > >Is the RC5 mandatory for WTLS? > > > >>Nikos > >>. > >>----- Original Message ----- From: "Rene Kluwen" > >><rene.klu...@chimit.nl> > >>To: "'Nikos Balkanas'" <nbalka...@gmail.com>; "'Alexander Malysh'" > >><amal...@kannel.org> > >>Cc: "'Kannel Devel'" <devel@kannel.org> > >>Sent: Sunday, September 12, 2010 5:29 PM > >>Subject: RE: wtls branch merged > >> > >> > >>>Okay... suppose you can build it in one step. > >>> > >>>That still won't solve the rpm dependency. > >>> > >>>== Rene > >>> > >>>-----Original Message----- > >>>From: Nikos Balkanas [mailto:nbalka...@gmail.com] > >>>Sent: Sunday, 12 September, 2010 16:23 > >>>To: Rene Kluwen; 'Alexander Malysh' > >>>Cc: 'Kannel Devel' > >>>Subject: Re: wtls branch merged > >>> > >>>Actually it is not that bad. Openssl compiles from sources in one step: > >>> > >>>config threads no-krb5 shared enable-rc5 --prefix=/usr/local/64 > >>> > >>>Clean, nothing to it. > >>> > >>>BR, > >>>Nikos > >>>----- Original Message ----- From: "Rene Kluwen" > >>><rene.klu...@chimit.nl> > >>>To: "'Nikos Balkanas'" <nbalka...@gmail.com>; "'Alexander Malysh'" > >>><amal...@kannel.org> > >>>Cc: "'Kannel Devel'" <devel@kannel.org> > >>>Sent: Sunday, September 12, 2010 5:12 PM > >>>Subject: RE: wtls branch merged > >>> > >>> > >>>>Hmmm... too much of a bother. I wonder if anybody still uses wap > >>>>nowadays. > >>>> > >>>>Maybe in combination with mbuni, wap might be convenient. But > >>even >>then, > >>>>people won't use wtls. > >>>> > >>>>@Alexander: What dependencies does the pre-compiled package need when > >>>>using > >>>>this 'feature'? Because otherwise nobody (at least I won't) be able to > >>>>install it from rpm, because the CentOS packages include > >>openssl >>without > >>>>RC5 > >>>>support. Not sure about other distributions. > >>>> > >>>>== Rene > >>>> > >>>>-----Original Message----- > >>>>From: Nikos Balkanas [mailto:nbalka...@gmail.com] > >>>>Sent: Sunday, 12 September, 2010 15:58 > >>>>To: Rene Kluwen; 'Alexander Malysh' > >>>>Cc: 'Kannel Devel' > >>>>Subject: Re: wtls branch merged > >>>> > >>>>Actually you get these errors because you didn't solve your > >>rc5 issue >>and > >>>>proceeded nevertheless. > >>>> > >>>>rc5 is needed for cryptography of wtls. Otherwise you won't be able to > >>>>produce the keys. Either install openssl with rc5 enabled or build from > >>>>sources with --enable-rc5. When you get these, your > >>gw-config.h will >>set > >>>>the > >>>> > >>>>correct directives and compile cleanly. > >>>> > >>>>After compilation, you will have to configure wtls group in your > >>>>kannel.conf > >>>> > >>>>and produce a pair of self-signed RSA keys for that. > >>>> > >>>>BR, > >>>>Nikos > >>>> > >>>>----- Original Message ----- From: "Nikos Balkanas" > >>>><nbalka...@gmail.com> > >>>>To: "Rene Kluwen" <rene.klu...@chimit.nl>; "'Alexander Malysh'" > >>>><amal...@kannel.org> > >>>>Cc: "'Kannel Devel'" <devel@kannel.org> > >>>>Sent: Sunday, September 12, 2010 4:45 PM > >>>>Subject: Re: wtls branch merged > >>>> > >>>> > >>>>>OK. I think you solved the RC5 issue. You need headers (openssl-devel) > >>>>>with rc5 enabled. > >>>>> > >>>>>About the rest: > >>>>> > >>>>>After configure --with-wtls=openssl you should end up with > >>>>>gw-config.h: > >>>>> > >>>>>/* Defined if we're using OpenSSL WTLS */ > >>>>>211: #define HAVE_WTLS_OPENSSL 1 > >>>>> > >>>>>If not, enable it manually and rebuild. > >>>>> > >>>>>BR, > >>>>>Nikos > >>>>>----- Original Message ----- From: "Rene Kluwen" > >>>>><rene.klu...@chimit.nl> > >>>>>To: "'Rene Kluwen'" <rene.klu...@chimit.nl>; "'Nikos Balkanas'" > >>>>><nbalka...@gmail.com>; "'Alexander Malysh'" <amal...@kannel.org> > >>>>>Cc: "'Kannel Devel'" <devel@kannel.org> > >>>>>Sent: Sunday, September 12, 2010 3:38 PM > >>>>>Subject: RE: wtls branch merged > >>>>> > >>>>> > >>>>>>Clearly I am missing something. After ./configure > >>>>>>--with-wtls=openssl, I > >>>>>>get: > >>>>>>(openssl-devel is installed). > >>>>>> > >>>>>>/home/system/adm_rene/svn/pam/trunk/gw/wapbox.c:235: > >>>>>>undefined reference > >>>>>>to > >>>>>>`private_key' > >>>>>>/home/system/adm_rene/svn/pam/trunk/gw/wapbox.c:236: > >>>>>>undefined reference > >>>>>>to > >>>>>>`private_key' > >>>>>>/home/system/adm_rene/svn/pam/trunk/gw/wapbox.c:219: > >>>>>>undefined reference > >>>>>>to > >>>>>>`x509_cert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/gw/wapbox.c:220: > >>>>>>undefined reference > >>>>>>to > >>>>>>`x509_cert' > >>>>>>libwap.a(wtls.o): In function `clientHello': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:453: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_choose_ciphersuite' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:472: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_choose_clientkeyid' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:484: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_choose_snmode' > >>>>>>libwap.a(wtls.o): In function `wtls_event_handle': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:302: > >>>>>>undefined > >>>>>>reference to `packet_contains_changecipherspec' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:314: > >>>>>>undefined > >>>>>>reference to `packet_contains_changecipherspec' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:328: > >>>>>>undefined > >>>>>>reference to `is_critical_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:338: > >>>>>>undefined > >>>>>>reference to `is_warning_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:397: > >>>>>>undefined > >>>>>>reference to `packet_is_application_data' > >>>>>>libwap.a(wtls.o): In function `serverHello': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:533: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_get_random' > >>>>>>libwap.a(wtls.o): In function `wtls_event_handle': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:826: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_decrypt_pdu_list' > >>>>>>libwap.a(wtls.o): In function `wtls_event_handle': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:77: > >>>>>>undefined > >>>>>>reference to `packet_contains_clienthello' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:480: > >>>>>>undefined > >>>>>>reference to `packet_contains_clienthello' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:210: > >>>>>>undefined > >>>>>>reference to `clienthellos_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:231: > >>>>>>undefined > >>>>>>reference to `is_warning_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:240: > >>>>>>undefined > >>>>>>reference to `is_critical_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:281: > >>>>>>undefined > >>>>>>reference to `clienthellos_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:421: > >>>>>>undefined > >>>>>>reference to `is_critical_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:431: > >>>>>>undefined > >>>>>>reference to `is_warning_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:502: > >>>>>>undefined > >>>>>>reference to `packet_contains_changecipherspec' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:514: > >>>>>>undefined > >>>>>>reference to `packet_contains_changecipherspec' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:528: > >>>>>>undefined > >>>>>>reference to `is_critical_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:538: > >>>>>>undefined > >>>>>>reference to `is_warning_alert' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:302: > >>>>>>undefined > >>>>>>reference to `packet_contains_finished' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:302: > >>>>>>undefined > >>>>>>reference to `packet_contains_userdata' > >>>>>>libwap.a(wtls.o): In function `exchange_keys': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:627: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_decrypt_key' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:638: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_get_rsapublickey' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:654: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_calculate_prf' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:710: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_hash' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:710: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_calculate_prf' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:751: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_hash' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:751: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_calculate_prf' > >>>>>>libwap.a(wtls.o): In function `wtls_event_handle': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:132: > >>>>>>undefined > >>>>>>reference to `wtls_get_rsapublickey' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:493: > >>>>>>undefined > >>>>>>reference to `packet_is_application_data' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:406: > >>>>>>undefined > >>>>>>reference to `certificates_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:292: > >>>>>>undefined > >>>>>>reference to `clienthellos_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:502: > >>>>>>undefined > >>>>>>reference to `packet_contains_finished' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:502: > >>>>>>undefined > >>>>>>reference to `packet_contains_userdata' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:502: > >>>>>>undefined > >>>>>>reference to `finishes_are_indentical' > >>>>>>libwap.a(wtls.o): In function `exchange_keys': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls.c:684: > >>undefined >>>>reference > >>>>>>to > >>>>>>`wtls_decrypt_pdu_list' > >>>>>>libwap.a(wtls.o): In function `wtls_event_handle': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:406: > >>>>>>undefined > >>>>>>reference to `clientkeyexchanges_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:406: > >>>>>>undefined > >>>>>>reference to `certifcateverifys_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:406: > >>>>>>undefined > >>>>>>reference to `changecipherspecs_are_identical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:406: > >>>>>>undefined > >>>>>>reference to `finishes_are_indentical' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:314: > >>>>>>undefined > >>>>>>reference to `packet_contains_finished' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:314: > >>>>>>undefined > >>>>>>reference to `packet_contains_userdata' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:514: > >>>>>>undefined > >>>>>>reference to `packet_contains_finished' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:514: > >>>>>>undefined > >>>>>>reference to `packet_contains_userdata' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_state-decl.h:514: > >>>>>>undefined > >>>>>>reference to `finishes_are_indentical' > >>>>>>libwap.a(wtls_pdu.o): In function `wtls_pdu_dump': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1156: undefined > >>>>>>reference > >>>>>>to `pduName' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1159: undefined > >>>>>>reference > >>>>>>to `hsName' > >>>>>>libwap.a(wtls_pdu.o): In function `wtls_payload_dump': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1128: undefined > >>>>>>reference > >>>>>>to `pduName' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1134: undefined > >>>>>>reference > >>>>>>to `alertName' > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1131: undefined > >>>>>>reference > >>>>>>to `hsName' > >>>>>>libwap.a(wtls_pdu.o): In function `wtls_pdu_pack': > >>>>>>/home/system/adm_rene/svn/pam/trunk/wap/wtls_pdu.c:1106: undefined > >>>>>>reference > >>>>>>to `wtls_encrypt' > >>>>>>collect2: ld returned 1 exit status > >>>>>> > >>>>>> > >>>>>>-----Original Message----- > >>>>>>From: devel-boun...@kannel.org [mailto:devel-boun...@kannel.org] On > >>>>>>Behalf > >>>>>>Of Rene Kluwen > >>>>>>Sent: Sunday, 12 September, 2010 14:35 > >>>>>>To: 'Nikos Balkanas'; 'Alexander Malysh' > >>>>>>Cc: 'Kannel Devel' > >>>>>>Subject: RE: wtls branch merged > >>>>>> > >>>>>>I get: > >>>>>> > >>>>>>Configuring WTLS support ... > >>>>>>checking for WTLS library... openssl > >>>>>>checking for RSA_new in -lcrypto... yes > >>>>>>checking openssl/objects.h usability... yes > >>>>>>checking openssl/objects.h presence... yes > >>>>>>checking for openssl/objects.h... yes > >>>>>>checking openssl/rc5.h usability... no > >>>>>>checking openssl/rc5.h presence... no > >>>>>>checking for openssl/rc5.h... no > >>>>>>configure: WARNING: OpenSSL installation seems to lack RC5 algorithm! > >>>>>> > >>>>>>Is this bad? > >>>>>> > >>>>>>== Rene > >>>>>> > >>>>>> > >>>>>>-----Original Message----- > >>>>>>From: devel-boun...@kannel.org [mailto:devel-boun...@kannel.org] On > >>>>>>Behalf > >>>>>>Of Nikos Balkanas > >>>>>>Sent: Sunday, 12 September, 2010 13:16 > >>>>>>To: Alexander Malysh > >>>>>>Cc: Kannel Devel > >>>>>>Subject: Re: wtls branch merged > >>>>>> > >>>>>>Hi, > >>>>>> > >>>>>>Reporting from Solaris 10.5 amd64, 64bit compilation. > >>>>>>Configured --with-wtls=openssl > >>>>>> > >>>>>>1) Compilation: Clean. A couple of unrelated warnings fixed. > >>>>>>Attaching > >>>>>>patch. > >>>>>> > >>>>>>2) Emulators used: > >>>>>> > >>>>>>a) Openwave SDK 6.2.2 wap: no problems (connection tested) > >>>>>>b) Nokia NMBS 4.0: no problems (connection & connectionless tested) > >>>>>> > >>>>>>Sites tested, following through links: > >>>>>> > >>>>>>http://wap.google.com > >>>>>>http://wap.yahoo.com > >>>>>>http://m.facebook > >>>>>> > >>>>>>Only facebook had a warning with nokia's emulator (b) about > >>>>>>unsupported > >>>>>>content. This was not observed with Openwave (a) and in any > >>case it >>>>is > >>>>>>related to wap, not wtls. The same happens in plain wtp > >>>>>>communication. > >>>>>> > >>>>>>Overall a succesful merge. > >>>>>> > >>>>>>Thanks, > >>>>>>Nikos > >>>>>>----- Original Message ----- > >>>>>>From: "Alexander Malysh" <amal...@kannel.org> > >>>>>>To: "Kannel Devel" <devel@kannel.org> > >>>>>>Cc: "Nikos Balkanas" <nbalka...@gmail.com> > >>>>>>Sent: Sunday, September 12, 2010 1:04 PM > >>>>>>Subject: wtls branch merged > >>>>>> > >>>>>> > >>>>>>>Hi together, > >>>>>>> > >>>>>>>just merged and commited wtls branch into trunk. > >>>>>>>Please check it and let me know if something went wrong. > >>>>>>> > >>>>>>>Thanks, > >>>>>>>Alexander Malysh > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >>>>> > >>>> > >>>> > >>>> > >>> > >>> > >>> > >> > >> > > > >-- > >Kind regards, Milan > >-------------------------------------------------- > >Arvanta, IT Security http://www.arvanta.net > >Please do not send me e-mail containing HTML code. > > > -- Kind regards, Milan -------------------------------------------------- Arvanta, IT Security http://www.arvanta.net Please do not send me e-mail containing HTML code.