On Tue, Aug 08, 2006 at 04:54:44PM -0400, Jim Jewett wrote: > On 8/8/06, "Martin v. L?wis" <[EMAIL PROTECTED]> wrote: > > Jim Jewett schrieb: > > > The OpenSSL library implements some algorithms that are patented. The > > > source code should be fine to (re)distribute, but but there may be a > > > slight legal risk with distributing a binary. > > > I don't want to change the build process in that way (i.e. dropping a > > feature) just before a release. > > OK, but this does argue against making the fast version available by > default on windows. :{
disabling/enabling a cipher in openssl that isn't commonly used and isn't even directly exposed via any API to a python user hardly sounds like dropping a feature to me. it'll make your _ssl.pyd smaller if anything at all. (any sane SSL connection will negotiate AES or 3DES as its cipher; IDEA isn't required) If the release manager declares, "absolutely no changes to the windows build process!" Then clearly none of the changes I submitted will make it in and neither would removing any hint of IDEA in 2.5 as they're both too late. > The 2.5c1 windows binary does not ship with _hashlib, so IDEA is only > available if someone else has compiled it. IDEA is a cipher not a hash algorithm. it won't appear in _hashlib. the code is probably already linked and present in _ssl.pyd even if the ssl protocol itself doesn't allow that as a cipher. > But for a binary release, I think that IDEA should be added to the > Configure exclude. > http://svn.python.org/view/external/openssl-0.9.8a/Configure > > # All of the following is disabled by default (RC5 was enabled > before 0.9.8): > > my %disabled = ( # "what" => "comment" > "gmp" => "default", > + "idea" => "default", > "mdc2" => "default", > "rc5" => "default", > "shared" => "default", > "zlib" => "default", > "zlib-dynamic" => "default" > ); yeah i'd just do that if you're worried about the code being in the binary causing a problem. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com