[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OpenSSL patch for Heimdal 0.3d


If anyone is interested, my patch for making Heimdal use the crypto library
from OpenSSL instead of the included lib/des library, can be found at
As I have been told the Hungarian academic network will be down for general
reorganization this weekend, so our web server might not be accessible
during that period.

The patch should support OpenSSL-0.9.6; it was tested on AIX,
Solaris 7 and Debian Linux 2.2 (well, the actually tested version contains
more local changes, but they are orthogonal to the changes in the published

One important change: if your OS does not have /dev/urandom, you need to
install & run egd (see http://www.lothar.com/tech/crypto). You must add
a line containing "egd_socket = /where/the/egd/socket/is" to the
[libdefaults] section in krb5.conf. If you do not do this, Heimdal will
abort your applications. The upside is that Heimdal will no longer lock
up if an application happens to disable SIGALRM :)

Comments are welcome.


Gabor Gombas                                       Eotvos Lorand University
E-mail: gombasg@inf.elte.hu                        Hungary