What if a system already has expat?

[Kean Johnston <jk...@caldera.com>]

Hi,

Shouldn't APU's configure allow the user to use their own
local copy of expat? Quite a few systems already distribute
it with the OS (most Linuxes, the BSD variants and some
SCO products, that I know of). These are also usually modern
up to date versions too. So is there any reason why APU
should compile its own version? If not, I can twiddle
things in configure.in to allow a --with-system-expat or
some such option.

Similarily, if the system has OpenSSH with its crypto library,
wouldn't it be nice if APU's crypto stuff acted as a simple
wrapper?

Kean

Re: What if a system already has expat?

[Ben Laurie <be...@algroup.co.uk>]

Greg Stein wrote:
>>Similarily, if the system has OpenSSH with its crypto library,
>>wouldn't it be nice if APU's crypto stuff acted as a simple
>>wrapper?

Incidentally, OpenSSH's crypto library is OpenSSL.

> We've got md4, md5, and sha hashes in our crypto support. IOW, it is only
> cryptographic hashing algorithms -- not full cryptography. I don't really
> see much need to reuse those functions from an installed library -- it could
> cause more problems that its worth.
> 
> Is there a specific problem with apu including those hashing algorithms?

OpenSSL's are almost certainly faster. Though that probably doesn't matter.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Re: What if a system already has expat?

[Greg Stein <gs...@lyra.org>]

On Sun, Sep 22, 2002 at 07:32:10PM -0400, Ryan Bloom wrote:
> 
> > > Similarily, if the system has OpenSSH with its crypto library,
> > > wouldn't it be nice if APU's crypto stuff acted as a simple
> > > wrapper?
> > 
> > We've got md4, md5, and sha hashes in our crypto support. IOW, it is only
> > cryptographic hashing algorithms -- not full cryptography. I don't really
> > see much need to reuse those functions from an installed library -- it could
> > cause more problems that its worth.
> > 
> > Is there a specific problem with apu including those hashing algorithms?
> 
> I am pretty sure that our MD5 algorithm is slightly modified.  I remember
> when we put MD5 into Apache 1.3 we found that the BSD platforms had used a
> modified MD5 algorithm.  I can't remember if we took theirs, or somebody
> elses implementation.  I do remember that one of the reasons we don't just
> wrap the platform MD5 algorithm, is so that we know the resoluts from our
> MD5 algorithm are portable to other platforms.

Euh... there is only *one* MD5 algorithm. I would be immensely surprised if
ours (or FreeBSD's) is any different. It would completely blow away all
interop over the wire.

I believe you're thinking of the crypt() function when MD5 hashes are
enabled. FreeBSD adds in some $foo$ gunk at the beginning while other
platforms might just stick with DES hashing.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Re: What if a system already has expat?

[Ryan Bloom <rb...@ntrnet.net>]

> > Similarily, if the system has OpenSSH with its crypto library,
> > wouldn't it be nice if APU's crypto stuff acted as a simple
> > wrapper?
> 
> We've got md4, md5, and sha hashes in our crypto support. IOW, it is only
> cryptographic hashing algorithms -- not full cryptography. I don't really
> see much need to reuse those functions from an installed library -- it could
> cause more problems that its worth.
> 
> Is there a specific problem with apu including those hashing algorithms?

I am pretty sure that our MD5 algorithm is slightly modified.  I remember
when we put MD5 into Apache 1.3 we found that the BSD platforms had used a
modified MD5 algorithm.  I can't remember if we took theirs, or somebody
elses implementation.  I do remember that one of the reasons we don't just
wrap the platform MD5 algorithm, is so that we know the resoluts from our
MD5 algorithm are portable to other platforms.

Ryan

_______________________________________________________________________________
Ryan Bloom                        	rbb@apache.org
550 Jean St
Oakland CA 94610
-------------------------------------------------------------------------------

RE: What if a system already has expat?

[Kean Johnston <jk...@caldera.com>]

> It already attempts to find Expat. Only when it doesn't find 
> it, does it build and include its own copy. There is already a 
> --with-expat switch to configure to point to your own Expat.
Mea culpa. I missed it when my eye glazed over the Berkely DB
dissertation :) My expat installation is as standard as it can
get though ... library in /usr/lib, include file in /usr/include.
I am surprised I guess that it didn't find it there by default.
I had to specify --with-expat=/usr.

Kean.

Re: What if a system already has expat?

[Greg Stein <gs...@lyra.org>]

On Sun, Sep 22, 2002 at 03:40:25PM -0700, Kean Johnston wrote:
> Hi,
> 
> Shouldn't APU's configure allow the user to use their own
> local copy of expat? Quite a few systems already distribute
> it with the OS (most Linuxes, the BSD variants and some
> SCO products, that I know of). These are also usually modern
> up to date versions too. So is there any reason why APU
> should compile its own version? If not, I can twiddle
> things in configure.in to allow a --with-system-expat or
> some such option.

It already attempts to find Expat. Only when it doesn't find it, does it
build and include its own copy. There is already a --with-expat switch to
configure to point to your own Expat.

So... if that switch isn't working for you, or the auto-detection is not
working, then it may be simply that we aren't looking for Expat properly.
That you've got some particular organization of the headers and libs that we
aren't expecting, so we think it isn't there.

Can you describe your Expat installation? Maybe try out the --with-expat
switch to see if that works? etc

> Similarily, if the system has OpenSSH with its crypto library,
> wouldn't it be nice if APU's crypto stuff acted as a simple
> wrapper?

We've got md4, md5, and sha hashes in our crypto support. IOW, it is only
cryptographic hashing algorithms -- not full cryptography. I don't really
see much need to reuse those functions from an installed library -- it could
cause more problems that its worth.

Is there a specific problem with apu including those hashing algorithms?

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/