``portability'' patch for OpenSSH S/Key support

Damien Miller djm at mindrot.org
Sun Jul 2 19:15:59 EST 2000

On Sun, 2 Jul 2000, Chris, the Young One wrote:

> More specifically, the hashing functions in most operating systems will
> be provided by OpenSSL, rather than libc. OpenSSL does not have SHA1_End
> but since it is used only for generating fake challenges, the impact of
> changing it to SHA1_Final should be small.

Thanks, patch applied.

> A more general solution would be to have configure.in test for sha1.h,
> openssl/sha.h, and SHA1_End. configure.in should also add auth-skey.o to
> SSHDOBJS in Makefile if S/Key is enabled; my patch below does not cover
> those issues. Perhaps another time.

SHA1 is SHA1 :) We are linking against OpenSSL, so we might as well 
use their routines.

> If any GNU/Linux admins want to play with S/Key, I have some patches on
> the OpenBSD versions at http://ftp.m.org.nz/users/cky/patches/skey/ (or,
> of course, ftp://...).

Do you intend to roll your patches into a tarball with a Makefile, etc?
It would be great to be able to point people to a ported version
of OpenBSD's S/Key libs.


| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)

More information about the openssh-unix-dev mailing list