From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9993 invoked by alias); 23 Feb 2004 15:15:33 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 9946 invoked from network); 23 Feb 2004 15:15:32 -0000 Received: from unknown (HELO ims2.hub.nih.gov) (128.231.90.112) by sources.redhat.com with SMTP; 23 Feb 2004 15:15:32 -0000 Received: by ims2.hub.nih.gov with Internet Mail Service (5.5.2657.72) id ; Mon, 23 Feb 2004 10:15:32 -0500 Message-ID: From: "Buchbinder, Barry (NIH/NIAID)" To: cygwin@cygwin.com Subject: RE: zip with encryption Date: Mon, 23 Feb 2004 16:43:00 -0000 MIME-Version: 1.0 Content-Type: text/plain X-IsSubscribed: yes X-SW-Source: 2004-02/txt/msg01233.txt.bz2 I appreciate that Red Hat's lawyers are busy. However, Cygwin already includes crypt and libcrypt (and vim can encrypt files) and Red Hat must have covered encryption binaries in their Linux distribution. I work in an office that handles legal agreements, and I'd bet that the Red Hat lawyers have some boilerplate that they could just plug in the particulars. See ftp://ftp.info-zip.org/pub/infozip/src/zcrypt.msg for a possible example. But if Chris doesn't feel comfortable asking them if they have time to do this, I won't argue with his decision. -- I had tried recompiling with a non-dummy crypt.h and crypt.c (from ftp://ftp.icce.rug.nl/infozip/src/zcrypt29.zip ), but that proved to be non-trivial. Running zip-2.3-5.sh all doesn't allow one a pause to copy in the crypt.? files. I modified zip-2.3-5.sh to copy them with cp -pv ${topdir}/crypt.? ${srcdir} in prep() just after tar runs and before patch. zip-2.3-5.sh all now bombed out, gave error messages that talked about includes being too deeply nested. I then commented out #include "crypt.h" in crypt.h. Now zip-2.3-5.sh all dies with the following. gcc -o zip.exe -s zip.o zipfile.o zipup.o fileio.o util.o globals.o crypt.o ttyio.o unix.o crc32.o crctab.o deflate.o trees.o zipup.o(.text+0x687):zipup.c: undefined reference to `_zfwrite' zipup.o(.text+0x6b8):zipup.c: undefined reference to `_zfwrite' zipup.o(.text+0xbae):zipup.c: undefined reference to `_zfwrite' collect2: ld returned 1 exit status At this point, my debugging ability was exhausted. (I'm not a programmer.) So I fulfilled my need for zip with encryption by using a DOS/Windows version of zip (ftp://ftp.icce.rug.nl/infozip/WIN32/zcr23xN.zip). What might be useful to others who cannot use DOS/Windows zip would be to modify the source package to contain both the dummy and non-dummy, fixed crypt.? files, and to modify zip-2.3-5.sh to ask one whether or not one wants encryption. (As I understand it, encryption source code can be exported from the U.S. without notifying the U.s. government; but again, IANAL.) Or if one is really worried about being legal, have the script download zcrypt29.zip, unzip it, etc. Then again, maybe the need for encryption-enabled zip is so rare that its not worth bother. :-) Thanks again for all the work that goes into Cygwin and its packages. - Barry -----Original Message----- From: Charles Wilson [mailto:cygwin@cwilson.fastmail.fm] Sent: Saturday, February 21, 2004 12:11 AM To: cygwin@cygwin.com Subject: Re: zip with encryption bbuchbinder wrote: > I was wondering if it might be possible to have zip 2.3 re-compiled > with encryption and re-released. Chuck Wilson stated in > http://www.cygwin.com/ml/cygwin-announce/2001/msg00005.html > and > http://www.cygwin.com/ml/cygwin-announce/2002-05/msg00018.html > that it can be done but that first Red Hat needs to inform the U.S. > government that binaries with encryption will be exported. I know > that there are other ways to get encrypted zip files but it would > be convenient if the official Cygwin zip would be encryption-enabled. Also, I'm not sure what the implications are for our mirroring hosts. Does the law require them to also notify the US govt, simply because they mirror what sourceware's server provides? Surely the kernel mirrors have dealt with this issue; perhaps only the "primary source" needs to make the notification. I don't know. I'm not a lawyer so I don't even WANT to know. But it's Yet Another Thing RH's lawyers would have to look into, just for little old me to include encryption code in cygwin's port of the zip package. Not likely to happen -- especially with Red Hat's current legal issues taking up all the lawyering time. SCO, XFree86 licensing GPL incompatibilities, etc etc etc -- Chuck -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/