Richard Levitte - VMS Whacker wrote:
>
> From: Ben Laurie <[EMAIL PROTECTED]>
>
> ben> I find it hard to believe that the Kerberos data structures are as
> ben> broken as the OpenSSL ones were.
> ben>
> ben> Are you saying that you use the same data structure for calls to
> ben> Kerberos DES as to OpenSSL DES? Initialised by the same routines? Or
> ben> what?
>
> IIRC, libdes, which is what SSLeay has in crypto/des, and thusly
> OpenSSL as well (or at least originally :-)), was written to be
> compatible with MIT KRB's DES library, so EAY would be able to write
> eBones-Kerberos, which in turn is the basis for KTH-krb4. MIT KRB5
> and Heimdal (the krb5 implementation made at KTH in Sweden) both still
> use libdes, as far as I know, so they do come with some compatibility
> problems.
>
> It's worth noting that libdes has evolved a little here and there.
> With Heimdal, there are some new functions that are not present in
> OpenSSL.
>
> All this makes for some very interestring hacks to be able to use
> OpenSSL where libdes in various forms were previously used...
Well, I guess I'm missing something - if they now use OpenSSL instead of
libdes, why do we need compatibility with libdes?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
