This is the mail archive of the
libc-hacker@cygnus.com
mailing list for the glibc project.
Re: Integrating BIND 8.2
- To: zack@rabi.columbia.edu
- Subject: Re: Integrating BIND 8.2
- From: Mark Kettenis <kettenis@wins.uva.nl>
- Date: Tue, 6 Apr 1999 19:07:56 +0200 (MET DST)
- CC: libc-hacker@cygnus.com
- References: <199904061321.JAA09794@blastula.phys.columbia.edu>
Hi Zack & other interested people,
I've looked a bit closer at the res_* routines in BIND 8.2. The only
algorithm that is needed by those functions is the HMAC_MD5
algorithm. And even this algorithm is only needed for the
(experimental?) TSIG functionality. Since HMAC_MD5 is a simple hash
algorithm I don't think it is export restricted, but I'm not sure.
If we can include it in glibc we should probably rewrite it to use the
md5 routines that are already present in glibc. The public key
encryption algorithms are only needed by named. From the various
documents (especially the TSIG draft) it is clear that the resolver in
libc should not do the crypto itself, but leave that to a (trusted)
named.
Anyway, integration of everything in the src/lib/resolv and
src/lib/nameser directories of the bind-8.2-src distribution, except
for res_sendsigned.c, ns_sign.c and ns_verify.c should be no problem
since there is absolutely no crypto code there.
Mark