[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: https://polarssl.org/

On May 1, 2013, at 7:39 PM, "David Sheets" <kosmo.zb@xxxxxxxxx> wrote:

> On Wed, May 1, 2013 at 7:18 PM, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:
>> On 1 May 2013, at 19:15, David Sheets <kosmo.zb@xxxxxxxxx> wrote:
>>> On Wed, May 1, 2013 at 7:07 PM, Anil Madhavapeddy <anil@xxxxxxxxxx> wrote:
>>>> On 1 May 2013, at 19:04, Vincent Bernardoff <vb@xxxxxxxxxxxxxx> wrote:
>>>>> Another embeddded SSL lib, I just found out that mini-os is using it. 
>>>>> Might be worth a look if not already done ?
>>>> It's also dual commercial GPLv2 licensed, unfortunately, and so roughly 
>>>> the same as MatrixSSL.  I've not looked in more depth though, as MatrixSSL 
>>>> has a really nice low-level API that is perfect for our binding needs...
>>> Perhaps you can avoid <https://polarssl.org/foss-license-exception>
>>> the GPL? It's not clear to me.
>> Doesnt make any practical difference afaict:
>> "You obey the GPL in all respects for the Program and all portions 
>> (including modifications) of the Program included in the Derivative Work 
>> (provided that this condition does not apply to Independent Works);"
>> So, uh... it's effectively GPL then, right?
> "Program" is their library. I believe this is essentially a linking exception.

We've talked a bit about SSL offload before (particularly to hardware). We 
could link one of these libs with minios and make a C SSL proxy using libvchan. 
Or we could a concept of a "process" to mirage -- perhaps one static process 
per vCPU -- and use inter process communication to communicate with the ocaml 




Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.