> > Please be very careful with the changes that are made to DES. The DES > > structures and functions from OpenSSL were originally designed by Eric > > to be compatible with the MIT Kerberos DES implementation. This has > > allowed applications such as C-Kermit to implement both Kerberos and > > SSL/TLS (as is needed for Telnet and SSH) by using only the OpenSSL > > DES implementation. Changes that result in name conflicts or data > > structure conflicts will be a serious problem for application that > > require both Kerberos and SSL/TLS. > > I find it hard to believe that the Kerberos data structures are as > broken as the OpenSSL ones were. Actually, I would think that they were identical because Eric Young was reverse engineering the MIT implementation in order to add DES back into the Bones implementation of Kerberos IV. > Are you saying that you use the same data structure for calls to > Kerberos DES as to OpenSSL DES? Initialised by the same routines? Or > what? When linking the app to both Kerberos IV and OpenSSL there is a conflict between the libdes.a from MIT and libcrypto.a from OpenSSL since they both implement the same functions. So what I have done in the past is link to libkrb4.a and libcrypto.a instead of libdes.a. Since they implemented identical data structures and the function calls were the same, the OpenSSL DES routines would simply just work. Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
