Building openssh-3.5p1 with new DES functions
Markus Friedl
markus at openbsd.org
Wed Dec 11 00:28:51 EST 2002
On Tue, Dec 10, 2002 at 01:58:28PM +0100, Richard Levitte - VMS Whacker wrote:
> In message <20021210085038.GA166 at folly> on Tue, 10 Dec 2002 09:50:38 +0100, Markus Friedl <markus at openbsd.org> said:
>
> markus> > It's including all those headers because it used to, and people will
> markus> > complain if they don't get all those algorithms just by including
> markus> > evp.h.
> markus>
> markus> evp.h is supposed to hide the details of the algorithms.
>
> I totally agree with the sentiment. And we did remove those
> inclusions at one point in the 0.9.7 branch. At some point (after
> another storm with Theo), I did a test compile of an old OpenSSH
> against whatever was in the HEAD fo OpenSSL development at that time.
no need to run old versions of OpenSSH. if i used the wrong interface
then it's my fault.
> It went *KABOOM*, and the single cause for that *KABOOM* was that
> evp.h didn't include all those algorithm headers any more.
then this was:
1. a bug in the old openssh, misusing evp.h, my bad.
2. a bug in older openssl, sucking in all includes.
> After I
> placed them back, I got just a couple of warnings that were a piec of
> cake to deal with.
>
> So, in light of a huge complaint from Theo that we're changing so damn
> much between versions and breaking compiles of old programs that used
> to work fine, I put those inclusions back.
I've been asking Theo about this serveral times and he agrees with
me, so i think this is some kind of miscommunication.
> I think that for 0.9.7, this part is staying as it is.
I don't think people should be encourage to only include "evp.h"
when they want "md5.h"
> markus> you should either use the EVP_ or the DES_ interface, but not
> markus> both.
>
> Quite true.
-m
More information about the openssh-unix-dev
mailing list