Building openssh-3.5p1 with new DES functions
Martin MOKREJŠ
mmokrejs at natur.cuni.cz
Tue Dec 10 23:57:13 EST 2002
On Tue, 10 Dec 2002, Richard Levitte - VMS Whacker wrote:
> In message <20021210110227.GA10920 at folly> on Tue, 10 Dec 2002 12:02:27 +0100, Markus Friedl <markus at openbsd.org> said:
>
> markus> hm, i think this happens if kerberos is included before evp.h
>
> Interesting. That would mean one of two things:
>
> 1. Kerberos (was that with the KTH-KRB and Heimdal implementations?)
krb4-1.2.1
> was built with it's own copy of libdes instead of OpenSSL's, and
All older versions of krb4 before 1.1 or /usr/athena directories, which
where not cleaned up have /usr/athena/lib/lides.(a|so) lying there, same
with header file. The administrator has to delete them manually, after
installing newer krb4 version with openssl "support".
> the header reinclusion protector is exactly the same (hindering the
> OpenSSL des.h being included). OpenSSH includes the kerberos
> headers, and thereby any des.h it happens to include.
> 2. Kerberos was built against an older version of OpenSSL, and again,
> we get an inclusion that excludes the new names.
KTH KRB4 supported openssl I think since 1.1 release. Even with newer
version you canget libdes compiled and installed, you just say to
configure --without-openssl ^H^H^H^H^H--disable-openssl.
That's what I've done this time to test, if this would be solution to get
rid of des originating from openssl. ;)
>
> I think the best way to solve this is to change the name of the
> protecting macro in OpenSSL 0.9.7's des.h, and give it's des_old.h the
> same protecting macro name as older versions use (and presumably
> libdes as well).
>
> Does that sound like a good idea?
If you plan to rename des.h to des_old.h, fine for me, then only one
des.h will be present. As I'm not a programmer, I can't comment the rest.
--
Martin Mokrejs <mmokrejs at natur.cuni.cz>, <m.mokrejs at gsf.de>
PGP5.0i key is at http://www.natur.cuni.cz/~mmokrejs
MIPS / Institute for Bioinformatics <http://mips.gsf.de>
GSF - National Research Center for Environment and Health
Ingolstaedter Landstrasse 1, D-85764 Neuherberg, Germany
tel.: +49-89-3187 3683 , fax: +49-89-3187 3585
More information about the openssh-unix-dev
mailing list