Bodo Moeller wrote:
>
> On Tue, Jul 31, 2001 at 01:49:24PM -0400, Jeffrey Altman wrote:
>
> >>> Please be very careful with the changes that are made to DES. The DES
> >>> structures and functions from OpenSSL were originally designed by Eric
> >>> to be compatible with the MIT Kerberos DES implementation. This has
> >>> allowed applications such as C-Kermit to implement both Kerberos and
> >>> SSL/TLS (as is needed for Telnet and SSH) by using only the OpenSSL
> >>> DES implementation. Changes that result in name conflicts or data
> >>> structure conflicts will be a serious problem for application that
> >>> require both Kerberos and SSL/TLS.
>
> > When linking the app to both Kerberos IV and OpenSSL there is a
> > conflict between the libdes.a from MIT and libcrypto.a from OpenSSL
> > since they both implement the same functions. So what I have done in
> > the past is link to libkrb4.a and libcrypto.a instead of libdes.a.
> > Since they implemented identical data structures and the function
> > calls were the same, the OpenSSL DES routines would simply just work.
>
> In SSLeay, des_key_schedule looked like this:
>
> typedef unsigned char des_cblock[8];
> typedef struct des_ks_struct
> {
> union {
> des_cblock _;
> /* make sure things are correct size on machines with
> * 8 byte longs */
> DES_LONG pad[2];
> } ks;
> } des_key_schedule[16];
>
> With the current OpenSSL CVS state, it looks like this (if
> OPENBSD_DEV_CRYPTO is not defined):
>
> typedef struct des_ks
> {
> union
> {
> des_cblock cblock;
> /* make sure things are correct size on machines with
> * 8 byte longs */
> DES_LONG deslong[2];
> } ks[16];
> } des_key_schedule;
>
> So local 'des_key_schedule' variables should still have the same size
> and representation. Also pointer passed to functions such as
> des_set_key() will still look the same internally (although this is
> not guaranteed by the C standard).
Since the DES functions actually ignore the struct anyway, all you
really require is the structure to be the same size (incidentally, when
did the weak_key member get introduced [in the wrong place]?).
You are correct that locally declared variables would be the same size.
Also, code compiled expecting the old representation will automatically
pass pointers to functions, whereas the new have to prefix them with &,
but it will still work.
So I guess it is a non-problem. Thanks!
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
