[Pythonmac-SIG] Package Manager idea, adding a URL scheme

Glenn Andreas gandreas at delver.com
Fri Oct 10 09:53:22 EDT 2003


At 11:45 PM -0400 10/9/03, Bob Ippolito wrote:
>On Oct 9, 2003, at 20:34, John W. Baxter wrote:
>
>>On 10/9/2003 13:24, "Ronald Oussoren" <oussoren at cistron.nl> wrote:
>>
>>>
>>>On 9 okt 2003, at 21:43, Bob Ippolito wrote:
>>>>   I think we could get away with including M2Crypto or PyOpenSSL with
>>>>(Mac)Python 2.4 since OS X comes with OpenSSL.  Actually, since OS X
>>>>is probably only salable in countries where OpenSSL is allowed, I
>>>>don't see how distributing any cryptography libraries with the OS X
>>>>version would be a legal problem.
>>>
>>>We could also use the commandline openssl interface (/usr/bin/openssl)
>>>to avoid including crypto code with Python.
>>>
>>
>>This message reminded me...are we assuming installation of the "BSD
>>subsystem" when the user installed Mac OS X?  Sub question: is OpenSSL in
>>the basic installation or in that optional part that should [almost] never
>>be omitted?
>
>I think if anyone omits the BSD layer they're just asking for 
>serious trouble.  I don't care about these people, personally.  In 
>any case, I'm relatively sure that CoreFoundation uses OpenSSL so I 
>think that it's safe.

I'm not so sure (at least not directly via a link to OpenSSL) - I 
just looked at Safari, which uses the SecurityFramework.

SecurityFramework doesn't (dynamically) link with OpenSSL.

However, it does contain routines like "DSA_do_sign" and 
"DSA_do_verify", so it appears that the library is statically linked 
into the SecurityFramework. However, the headers don't appear to 
mention these routines.

SecurityFramework isn't part of the "optional BSD" layer, so if we 
link (dynamically) to it, everything should work.

-- 
Glenn Andreas                      gandreas at delver.com 
Theldrow, Blobbo, Cythera, oh my!
Be good, and you will be lonesome



More information about the Pythonmac-SIG mailing list