> ...I've just discovered that changing DES functions to be DES_* clashes > with Kerberos... for example: > > static void > DES_random_key(krb5_context context, > krb5_keyblock *key) > > - do we have any views on this? > > Cheers, > > Ben.
Ben: I thought one of the primary reasons for changing the function names was to ensure that there were no name clashes with Kerberos. (Kerberos Bones of course being the reason that Eric Young wrote the DES library in the first place.) Kerberos and OpenSSL need to be able to be built and used on the same system and in the same applications. Not just because an application wants to be able to support both a Kerberos authentication or a TLS session, but because several protocols including TLS provide the combination of TLS and Kerberos as an option. Someone suggested that the functions be named OPENSSL_DES_xxxxxx() I think we should accept that suggestion. FYI, this name collision does not take place with MIT Kerberos or I would have discovered it myself. Heimdal's crypto library uses the naming convention ALGORITHM_function() with ALGORITHM currently equal to DES, DES3, ARCFOUR - Jeff Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
