Jeffrey Altman wrote: > > > From: Jeffrey Altman <[EMAIL PROTECTED]> > > > > jaltman> I prefer that des_old.h be compatible with libdes since that apps that > > jaltman> are built using it assume that the api they were using was constant > > jaltman> and unchanging. > > > > The way things work now, there is at least no clash with libdes on the > > symbol level. > > > > The whole situation is otherwise a lose-lose one. There will always > > be someone loseing from the changes we make. Either we lose libdes > > compatibility by default or we lose the openssl 0.9.6 one. Take your > > pick. It has been pointed out (and I think I agree) that OpenSSL > > should prefer to be as compatible with the previous version of itself > > before being compatible with anything external (like libdes). > > Yes, but let's remember the reason this whole situation came up in the > first place. There are a large number of applications that link to > both Kerberos 4 and OpenSSL in place of libdes.a. These applications > are not likely to be updated nor supported and yet we don't want to > see all of them break simply because they load des.h. >
Is there some particular reason why such applications couldn't use the EVP layer? An attempt has been made to keep this consistent and to make any enhancements backwards compatible. In fact some of the more recent changes would have been substantially easier if EVP compatibility wasn't an issue. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]