Restricted IP crypto in OpenSSL

DJ Lucas dj at
Fri Jun 6 09:37:50 PDT 2003

Dagmar d'Surreal wrote:

> In the course of trying to update someone's machine that's _really_
> behind, I noticed that RH's openssl srpm has a script in it to yank out
> ("hobble" is the word alright) the three cryptographic methods that
> aren't kosher to use inside the US due to intellectual property
> constraints (longhand for "copyrighted methods").  I'm somewhat
> embarrassed to admit that I've known about it and never bother to remove
> them from the library in my own builds, mainly because I try to get
> everything to use either twofish, blowfish, or RSA when I can so those
> methods just don't get used by me.
> Is BLFS going to address doing that with OpenSSL with a patch or a
> mention or is it going to be left up to the user to figure things out on
> their own?  It's something I think should probably be at least
> mentioned, but it's going to be three weeks or more before I can get
> back to that.  I figured I'd mention it while it was still fresh in my
> mind and maybe someone else can jump on this...

Is it as simple as a switch passed to configure,
or an 'rm -f whatever'?


Unsubscribe: send email to listar at
and put 'unsubscribe blfs-dev' in the subject header of the message

More information about the blfs-dev mailing list