[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: heimdal and OpenSSL
On Thu, Jan 04, 2001 at 07:28:45PM +0100, GOMBAS Gabor wrote:
> On Thu, Jan 04, 2001 at 10:42:21AM -0600, Jacques A. Vidrine wrote:
> > The crypto APIs in Heimdal's libdes appear different from those
> > in OpenSSL, e.g. MD5Init versus MD5_Init. Could I suggest the
> > following for hiemdal-0.3e?
> I argue against it: either leave lib/des alone so existing binaries using
> it will continue to work
I am not convinced that this would break any binaries. In general,
applications do not call these APIs directly.
> or simply drop it and say "you need OpenSSL to build Heimdal". I
> have a near complete patch for building with either OpenSSL or the
> current lib/des; I'll post it if I finish sorting out my other
> Your patch has other problems too:
No it doesn't. My patch simply renames the APIs. What you list below
seem to be what you think are problems with Heimdal/OpenSSL.
> 1. OpenSSL does not have des_new_random_key(), which Heimdal uses
The *BSD systems provide this in libcrypto. One could always use the
one Heimdal provides on systems without it.
> 2. It breaks on every operating system which do not have /dev/urandom
> (see the OpenSSL sources); my patch has egd support too
What is `It' in the sentence above?
> I'm using Heimdal with OpenSSL since 0.2l or something so I would not mind
> dropping lib/des completely and depending on OpenSSL instead...
I don't really mind either way.
Jacques Vidrine / firstname.lastname@example.org / email@example.com / nectar@FreeBSD.org