[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: heimdal and OpenSSL

On Thu, Jan 04, 2001 at 10:42:21AM -0600, Jacques A. Vidrine wrote:
> The crypto APIs in Heimdal's libdes appear different from those
> in OpenSSL, e.g. MD5Init versus MD5_Init.  Could I suggest the
> following for hiemdal-0.3e?

I argue against it: either leave lib/des alone so existing binaries using
it will continue to work or simply drop it and say "you need OpenSSL to
build Heimdal". I have a near complete patch for building with either
OpenSSL or the current lib/des; I'll post it if I finish sorting out my
other changes.

Your patch has other problems too:

1. OpenSSL does not have des_new_random_key(), which Heimdal uses
2. It breaks on every operating system which do not have /dev/urandom
   (see the OpenSSL sources); my patch has egd support too

I'm using Heimdal with OpenSSL since 0.2l or something so I would not mind
dropping lib/des completely and depending on OpenSSL instead...


Gabor Gombas                                       Eotvos Lorand University
E-mail: gombasg@inf.elte.hu                        Hungary