On Fri, Sep 14, 2001 at 03:17:42PM -0700, Greg Broiles wrote:
Specifically, the OpenSSL that's integrated into FreeBSD doesn't include IDEA, by default, because of patent concerns. To remedy that, one needs to change the line in /etc/defaults/make.conf so that it reads "MAKE_IDEA=YES".
Then - this is the part I missed before - it's necessary to recompile the system libraries, so that they're rebuilt with IDEA support included. It sounds simple in retrospect . . . go to /usr/src and run "make buildworld; make installworld", which may take 12 hours or so on a slow PC. There's got to be a better way to just rebuild the crypto parts, but I didn't stumble across it yet.
The OpenSSL bundled with FreeBSD is installed in /usr. The simplest way to get a different OpenSSL (with IDEA, RC5, etc.) is to build from source and install into /usr/local. Then, when configuring Mixmaster or whatever software, specify that OpenSSL lives in /usr/local. I last built Mix when it was still using rsaref, but I've used the above method to build any number of OpenSSL-using software, including my own M2Crypto. No need to remake the world. Cheers. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps