[Nut-upsdev] porting nut to use nss for crypto (was: Re: /sbin/upsdrvctl unable to shutdown UPS due to (unmounted) shared library)

Michal Hlavinka mhlavink at redhat.com
Tue Sep 1 09:40:52 UTC 2009


On Tuesday 01 September 2009 09:07:09 Arjen de Korte wrote:
> Citeren Michal Hlavinka <mhlavink at redhat.com>:
> > We would like to use nss for cryptography instead of OpenSSL. Reason for
> > this is mostly for FIPS 140 validation.
> >
> > See:
> > http://fedoraproject.org/wiki/FedoraCryptoConsolidation
> > http://fedoraproject.org/wiki/CryptoConsolidationEval
> > http://fedoraproject.org/wiki/CryptoConsolidationScorecard
> >
> > also OpenSuSE prefers to use the nss for cryptography for the same reason
> > ( http://en.opensuse.org/SharedCertStore )
>
> The above makes lots of sense.
>
> > Would it be possible to use nss instead of openssl?
>
> Most likely, yes.
>
> > #ifdef blocks would be enough. I can prepare patches. What's your
> > opinion?
>
> I would certainly welcome an effort to standardize here, so please
> provide patches if you have any available. Preferably for the SVN
> trunk version, but if you only have them for older versions, I could
> probably port them to the latest version.
>
> Best regards, Arjen

No, I don't have them yet. I prefer to ask before investing paid time to 
anything. Not every upstream accept patches. I'll prepare them for the trunk 
version and let you know when it's ready.

Michal



More information about the Nut-upsdev mailing list