use libcrypt before libcrypto
Jim Knoble
jmknoble at pobox.com
Wed Jun 26 02:15:40 EST 2002
[Copied to openssl-users at openssl.org]
Circa 2002-Jun-25 11:31:04 +0900 dixit itojun at iijlab.net:
: >> +# use libcrypt if there is
: >> +AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
: >> +
: >AC_CHECK_LIB(crypt, crypt) will automatically add -lcrypt to $LIBS. It
: >will also define HAVE_LIBCRYPT (is this what you're trying to avoid)?
: >Anyway, I'd prefer:
: > AC_CHECK_FUNCS(crypt, , AC_CHECK_LIB(crypt, crypt))
: >This way we check if crypt is resolvable using the existing $LIBS and,
: >if not, use $LIBS+-lcrypt.
:
: either way is fine for me, as long as crypt() supplied by the
: native system is preferred than openssl crypt(). thanks.
:
: itojun
Isn't this really a problem for OpenSSL? I know that several vendors
(notably Linux ones...) already patch OpenSSL to remove crypt() from
OpenSSL's libcrypto, so that crypt() is only available via the system
libcrypt. Even the stock OpenSSL-0.9.6d sources omit crypt() under
FreeBSD, NeXT, and Darwin.
I really think that OpenSSL should not contain crypt() at all. For
situations where the system crypt() is so broken as to prefer OpenSSL's
implementation, the symbol should be openssl_crypt(), or something
similarly named, and it's up to the calling application to #define it
as crypt() or not.
--
jim knoble | jmknoble at pobox.com | http://www.pobox.com/~jmknoble/
(GnuPG fingerprint: 31C4:8AAC:F24E:A70C:4000::BBF4:289F:EAA8:1381:1491)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 262 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020625/0b4bf641/attachment.bin
More information about the openssh-unix-dev
mailing list