[Swan] libreswan without nss
D. Hugh Redelmeier
hugh at mimosa.com
Fri Feb 14 21:14:51 EET 2014
| From: Erich Titl <erich.titl at think.ch>
| I am attempting to move from OpenSwan to libreSwan on an embedded
| project. I found a thread from last spring in the mailing list and I am
| wondering if you still require nss.
Yes, NSS is required (as Paul said).
There is some hope that (enough of) NSS could run on an embedded
platform. As far as I know, no concerted effort has been made to
attempt this.
Hearsay / possibly misremembered:
The build system for NSS only knows about an enumerated set of systems
and MIPS isn't one of them. This sounds like something that ought to
be "easy" to change. Easy probably means: a few lines to add or
change, but it requiring an unknown amount of spelunking to figure
those out.
We have no idea of the size of NSS. I think libreswan uses it as a shared
library and that is full of stuff that isn't needed. Static linking
might get the weight down. NSS as a shared library makes a lot of
sense on a many systems because NSS is used by a number of different
projects.
We'd love to hear about any experiences with trying this.
More information about the Swan
mailing list