Building openssh-3.5p1 with new DES functions

Martin MOKREJŠ mmokrejs at natur.cuni.cz
Tue Dec 10 22:54:32 EST 2002 

On Tue, 10 Dec 2002, Markus Friedl wrote:

> On Mon, Dec 09, 2002 at 05:45:47PM +0100, Richard Levitte - VMS Whacker wrote:
> > In message <20021209122438.GB16737 at folly> on Mon, 9 Dec 2002 13:24:38 +0100, Markus Friedl <markus at openbsd.org> said:
> >
> > markus> On Sun, Dec 08, 2002 at 12:39:04PM +0100, Martin MOKREJ? wrote:
> > markus> > cc: Error: /usr/local/openssl/include/openssl/mdc2.h, line 79: Missing type specifier or type qualifier. (missingtype)
> > markus> >         DES_cblock h,hh;
> > markus> > --------^
> > markus>
> > markus> i don't think openssl's evp.h should include mdc2.h
> >
> > It's including all those headers because it used to, and people will
> > complain if they don't get all those algorithms just by including
> > evp.h.
>
> evp.h is supposed to hide the details of the algorithms.
>
> you should either use the EVP_ or the DES_ interface, but not both.

You are the judge. Possibly requires some change in openssl, right? ;-)

>
> > However, that's not the problem here.  Rather, it would seem that for
> > some reason, des.h isn't included, and it should, from mdc2.h for
> > example.
>
> it's probably not included because some other des.h is already included.

Let me describe once more the problem. I want to use krb4-1.2.1 with it's
own libdes. If I understood right, symbols will not clash anylonger
between openssl-0.9.7 and krb4 version if libdes. The openssh configure
has detected -lkrb -ldes, both from krb4,s o it should take care of the
rest.

Openssh should the make sure des.h from kerberos would be included too.

--- sshconnect1.c.ori   2002-12-10 12:38:38.000000000 +0100
+++ sshconnect1.c       2002-12-10 12:49:20.000000000 +0100
@@ -20,6 +20,15 @@

 #ifdef KRB4
 #include <krb.h>
+/* Include <des.h> from /usr/athena/include from krb4 installation in case
+   user has built krb4 without "support" for openssl. The "support" for openssl
+   means no /usr/athena/lib/libdes.* and no /usr/athena/include/des.h
+   will were installed. In case openssl*/configure has detected libdes
+   from /usr/athena/lib, include also /usr/athena/include/des.h.
+   The DES used in krb4 is from Eric Young. */
+#ifdef HAVE_LIBDES
+#include <des.h>
+#endif
 #endif
 #ifdef KRB5
 #include <krb5.h>

This still doesn't solve my problem with openssl/include/openssl/mdc2.h.
Would it be possible to rename openssl/include/openssl/des.h to
openssl-des.h as the functions in it aren't same as in openssl-0.9.6, so
not Eric Young's DES compatible?

-- 
Martin Mokrejs <mmokrejs at natur.cuni.cz>, <m.mokrejs at gsf.de>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany
tel.: +49-89-3187 3683 , fax: +49-89-3187 3585

More information about the openssh-unix-dev mailing list