Subject: Re: openssl 0.9.7 in NetBSD?
To: None <itojun@iijlab.net>
From: Love <lha@stacken.kth.se>
List: tech-crypto
Date: 07/22/2003 11:49:04
--=-=-=
Content-Transfer-Encoding: quoted-printable
itojun@iijlab.net writes:
>>I'm fine with having kerberos 4 die now, and really, it should.
>
> so upgrade plan would be:
> - disable kerberos4 by default
> - import openssl 0.9.7b (or latest), with kerberos-and-ssl stuff
> disabled. shlib major bump. kerberos portion would not build
> for a while, i guess?
so, how do we deal with the api problem with openssl ?
keep old libdes and don't remove the compat glue (by defining
OPENSSL_DISABLE_OLD_DES_SUPPORT not including <openssl/des_old.h>) ?
> - massage kerberos5 portion to work with openssl 0.9.7
I've got a patch for this already, at least the kerberos lib part, but lots
of other code still uses the old des_ api.
Love
--=-=-=
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (NetBSD)
iQIVAwUAPx0IkhZyDLTSep3UAQIQyw//UTgAHbcZpXO4qDe8jH9e5ytf/Lv4c846
U1nQsIoCm0UtSfAwV6bVkNRFo0oRUcD8cIhcY4ccFiVjlYokxJ0N6qkQAcE5Hem+
yqpq8Mo/KpuWDMRRo62kWApjBRUxyazGFH8wHotGYHU30Euj60t9IQc2D6NmPG0X
/hQBr502qAorsBGN75VRjvA5PthVrlI5OlnFpxJoiaoHinu18Rsz9AujxEX+2rtv
P+iYWIjJNxUtkUyb3FZ9vOZpmUvDj4J3rE7QlFdn7K0kqolLvD4CMjiTONGGsBYq
TFTFic0gqjcou/Odv/1W85Lg37YG5YNcGYdXMwhg1XTFEV5j4sYxkW9ql/yrTk4i
GNJZNp8qRk0gCSCmzO2macaqZmXvLMJjUw8BsSW5j7btgxOgBkevuaFvvOZIIMET
TXdZUaiCQa30DQITMSZIDac8DCS1uopqen6f9dSXlvkQA1WZ4GsFO+vSLjU5O/fm
yM0Aqb9zeQ8+EHDoBWwv9Ei4Q2I3OHitT4NwQrssD/AC2IIxzvKORkc9uKwDu4lf
krCbWDByMqMc0nqOof2zaU+CnXqtVqjg420lVJFYaa5SxuPa+veq07wWQGJ7ITV4
H2b/bIHzSelX8ArOsIbjlfSW1Y8qRZw5D+DQWI5ULvCaPrHhDRc/IJDjm3cnwXW8
24YrSp5cWVw=
=IAFh
-----END PGP SIGNATURE-----
--=-=-=--