One question that has been asked is "If I buy the BSAFE library, can't I just use SSLeay entirely instead of linking in BSAFE?" I don't have any legal opinion on this, so I don't know the correct answer. You might very well be able to do this. I don't think you can because I believe RSA can decide what restrictions to place on your use of the patented RSA algorithm. Since this patch allows you to use the BSAFE code to do the RSA operations, it is at least a safe route to go to stay out of legal hassles.
Previously, SSLeay could be built with the RSAref distribution. This patch makes similar changes that allow SSLeay to be built with BSAFE 3.0 or 4.0. This patch works for both Unix and Windows NT.
To apply as patch, do
On Unix, the location of the BSAFE includes and libraries is set in Makefile.ssl.
If you use the perl script to generate your makefiles on either Windows NT, Win95, or Unix, the patch assumes that the BSAFE includes can be found in ../bsafe/include and the BSAFE library can be found in ../bsafe/lib On Windows NT and Windows 95, you will need to generate a new makefile that includes BSAFE. This patch assumes that by default, you want to use BSAFE. If you do not want to use the, use the no-bsafe option to mk1mf.pl, the makefile generation script. Here is the way I generate my typical NT makefiles.
Makefile for Debug and Release static libraries on NT:
perl util/mk1mf.pl debug no-asm no-sock OUT=Debug TMP=Debug-temp VC-NT >ms\nt-debug.mak
perl util/mk1mf.pl no-asm no-sock OUT=Release TMP=Release-temp VC-NT >ms\nt-release.mak
Makefile for Debug and Release Dynamic libraries on NT:
perl util/mk1mf.pl shlib no-asm no-sock OUT=Release TMP=Release-temp VC-NT >ms\ntdll-release.mak
Linux debug Makefile