[Cryptography-dev] Bundling OpenSSL
Donald Stufft
donald at stufft.io
Mon Oct 7 22:41:53 CEST 2013
Something that's come up in the terms of Camella, but is going to keep
coming up, is that sometimes the OpenSSL on a system is really old
(OSX), or neutered (RHEL), or non existent (Windows). In these cases
it would be useful to bundle a copy of OpenSSL with cryptography in
order to be assured we have a minimal and consistent base to work off of.
Bundling does not mean we must always use it, in PyNaCl I've worked
my setup.py so that it will detect if it's backing library is available on the
system and if the system version is new enough for what I require. There
is also the ability to force it to either use or not use the bundled library.
Questions:
1 Do we want to bundle a backing library to ensure that there is always
a minimal level of support?
2 Do we want to bundle OpenSSL or is there another backing library
that we'd want to bundle? (Easier to build, more portable etc?)
-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20131007/1e95695e/attachment.sig>
More information about the Cryptography-dev
mailing list