OpenSSH and OpenSSL snapshots

Richard Levitte - VMS Whacker levitte at stacken.kth.se
Thu Jan 24 18:22:28 EST 2002 

From: Damien Miller <djm at mindrot.org>

djm> On Thu, 24 Jan 2002, Richard Levitte - VMS Whacker wrote:
djm> 
djm> > My first attepmt was to do the whole thing with cpp macros.  However,
djm> > after giving it some thought, that could cause a number of problems;
djm> > one is that macros have zero type safety.  You can give those macros
djm> > exactly whatever without the compiler reacting, since a lot of casts
djm> > would be made in their expansion.
djm> 
djm> If there is a one-to-one mapping of arguments between the new and old
djm> functions, and the macros merely rearrange the order (and change the
djm> names) then type safety shouldn't be a problem.

Take a look, there are type casts in the wrappers, so it's not merely
a rearrangement of the order.

djm> >  The other problem is applications
djm> > that link either with libdes or with openssl's libcrypto.  The latter
djm> > will very suddenly fail.
djm> 
djm> How? These apps would need to be recompiled anyway - that way they would
djm> pick up the macros.

If we retain the old symbols in the library, which is currently
expected, they don't need to recompile.  Re*linking* would be
sufficient to satisfy the linkers idea of what the program needs.

djm> > But, this isn't the end of the story.  On some architectures, there
djm> > are binary incompatibilities between openssl's libcrypto and libdes.
djm> 
djm> Aren't these what you are trying to avoid in the first place? 
djm> The libdes shipped with MIT krbIV is an ongoing source of frustration for
djm> the portable OpenSSH developers.

Yes, you're right, that's what we try to avoid.  However, we've
already had complaints about not providing the old symbols by default,
so guess how people will react if they are missing in the library as
well.

This mess is our own fault in a way.  We changed the des API from the
libdes form, and thereby created a number of source-level
incompatibilities, which leads to clashes when people need to
interchange libdes and libcrypto in a fairly elegant way.

-- 
Richard Levitte   \ Spannvägen 38, II \ LeViMS at stacken.kth.se
Redakteur at Stacken  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-733-72 88 11
Procurator Odiosus Ex Infernis                -- poei at bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, GemPlus:             http://www.gemplus.com/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.

More information about the openssh-unix-dev mailing list