Re: Disabling the crypt() macro.
Sam Leffler wrote: 0.9.7 caused massive havoc compiling kerberos 4 (and to some extent 5) when I integrated beta 3 into the freebsd tree. The crypt() macro was a minor annoyance. The bigger problem was the redefinition of the DES key state block (from array to struct). openbsd apparently has workarounds that include mods to evp.h but I haven't looked closely at them. I just took the brute force approach and wacked the kerberos code which is probably unnacceptable for long term maintenance. The underlying problem is that kerberos 4 includes bits of 3 and makes unwarranted assumptions about the compatibility of doing so (in particular, if memory serves, using kerberos 3 headers for OpenSSL libraries). I'm not sure how its best to fix this, but when I was looking it did seem to me to be clearly a bug in kerberos. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Disabling the crypt() macro.
In message 00d501c264ae$1bf4f280$[EMAIL PROTECTED] on Wed, 25 Sep 2002 09:10:47 -0700, Sam Leffler [EMAIL PROTECTED] said: sam 0.9.7 caused massive havoc compiling kerberos 4 (and to some sam extent 5) when I integrated beta 3 into the freebsd tree. The sam crypt() macro was a minor annoyance. The bigger problem was the sam redefinition of the DES key state block (from array to struct). sam openbsd apparently has workarounds that include mods to evp.h but sam I haven't looked closely at them. I just took the brute force sam approach and wacked the kerberos code which is probably sam unnacceptable for long term maintenance. To get definitions compatible with 0.9.5 and 0.9.6, you must define OPENSSL_ENABLE_OLD_DES_SUPPORT before openssl/des.h gets included. Also, which Kerberos code are we talking about? I believe that kth-krb4 and heimdal have adapted already... -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Disabling the crypt() macro.
In message 00d501c264ae$1bf4f280$[EMAIL PROTECTED] on Wed, 25 Sep 2002 09:10:47 -0700, Sam Leffler [EMAIL PROTECTED] said: sam 0.9.7 caused massive havoc compiling kerberos 4 (and to some extent 5) when sam I integrated beta 3 into the freebsd tree. The crypt() macro was a minor sam annoyance. The bigger problem was the redefinition of the DES key state sam block (from array to struct). openbsd apparently has workarounds that sam include mods to evp.h but I haven't looked closely at them. I just took the sam brute force approach and wacked the kerberos code which is probably sam unnacceptable for long term maintenance. BTW, I'm assuming that you wouldn't complain about the removal of crypt(). I can see your complaint about other things, but nothing that answered my specific question. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Disabling the crypt() macro.
--- Richard Levitte - VMS Whacker [EMAIL PROTECTED] wrote: BTW, I'm assuming that you wouldn't complain about the removal of crypt(). I can see your complaint about other things, but nothing that answered my specific question. I assume it is this bit in des_old.h which you are referring to when talking about removing the crypt() macro: #if !defined(PERL5) !defined(__FreeBSD__) !defined(NeXT) !defined(__OpenBSD__) #define crypt(b,s)\ DES_crypt((b),(s)) #endif In my app, those lines cause problems with the two following lines (304-305) from Perl/lib/CORE/win32iop.h, which was included before des.h (via EXTERN.h/perl.h/XSUB.h for embedded perl) : #undef crypt #define crypt(t,s) win32_crypt(t,s) I'm using VC++ on Win2K with ActiveSate's ActivePerl 5.6.1 build 631, so __FreeBSD__, NeXT __OpenBSD__ are not defined, and from searching through all the headers in Perl/lib/CORE the closest to a define of PERL5 is _INC_WIN32_PERL5 (just your standard #ifndef wrapper to make sure a .h file doens't get included more than once). This problem doesn't appear if I define OPENSSL_DISABLE_OLD_DES_SUPPORT. __ Do you Yahoo!? New DSL Internet Access from SBC Yahoo! http://sbc.yahoo.com __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Disabling the crypt() macro.
0.9.7 caused massive havoc compiling kerberos 4 (and to some extent 5) when I integrated beta 3 into the freebsd tree. The crypt() macro was a minor annoyance. The bigger problem was the redefinition of the DES key state block (from array to struct). openbsd apparently has workarounds that include mods to evp.h but I haven't looked closely at them. I just took the brute force approach and wacked the kerberos code which is probably unnacceptable for long term maintenance. Sam - Original Message - From: Richard Levitte - VMS Whacker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 25, 2002 8:15 AM Subject: Disabling the crypt() macro. I get reports again that the crypt() macro gets in the way for some applications. I'm strongly thinking of disabling it entirely. Anyone against? If I don't hear any complaints about the thought before the weekend, I'll carry on with it, in 0.9.7 and 0.9.7-dev. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]