[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

A Pragmatic Approach to OpenSSL/Mutt License Incompatibility [Was: Re: orphaning fetchmail]



On Fri, Dec 15, 2000 at 10:35:36PM -0500, Raul Miller wrote:
> 
> Which sounds easier: rewriting open ssl, or rewriting all GPLed programs
> which use sockets to communicate with other systems?
> 

This isn't neccessary. It's possible to create two sockets with
socketpair(), and fork(). Then close FD's 0 and 1 in the child and clone one
of the socket FD's onto FD's 0 and 1 before closing it. Then you can exec()
openssl s_client or stunnel -c and use the socket in the parent just like
one you would have called connect() on.

If you want to run a server with SSL, you can always fork() and then exec()
stunnel in the child to relay SSL connections in plaintext to the parent via
a listening port on the loopback adaptor.

Sure, these solutions aren't optimal from a performance standpoint, but
they're easy to implement and more than sufficient for simple things like
getting IMAP+SSL working in Mutt.

-- 
Brian Ristuccia
brian@ristuccia.com
bristucc@cs.uml.edu



Reply to: