At 1:55 AM +0200 4/5/03, Peter Eisentraut wrote:
>Henry B. Hotz writes:
>> Configure goes and looks for libkrb with some routine that is there.
>> Then it checks for libdes with des_encrypt. Now first of all there
>> is no libdes on Sol7. There's only the one that was put in when I
>> added ssl. Second there is no des_encrypt in openssl. Third there
>> is no des_encrypt in the Heimdal/KTH-KRB implementation either.
>> So is that routine actually one that's used? If so where did it come
>> from, and whose implementation of what actually provided it?
>Last time I reworked that code I used the KTH version to check it, so your
>report puzzles me a little. Basically we just want to make sure that the
>Kerberos installation is sufficient before proceeding. Feel free to
/usr/lib/libdes.a on NetBSD 1.6Q has des_encrypt1, des_encrypt2, and
des_encrypt3, but no unnumbered one. I don't know for sure if that
library is from ssl or from Heimdal/KTF-KRB, but I suspect the
latter. They have definitely done something to rationalize openssl
with Heimdal so it may be a merger of some kind.
OSX has an _k5_des_encrypt routine in libdes425.dylib.
Can't find anything in Solaris 7, which is actually odd because I
thought there was a cryptsoft libdes included with Solaris 2.6.
Perhaps my memory is fading though. That was a while ago. Looking
further on Sol7 I do find:
nm libcrypto.a | fgrep des_encr
 | 448| 28|FUNC |GLOB |0 |2 |_ossl_old_des_encrypt
 | 480| 28|FUNC |GLOB |0 |2 |_ossl_old_des_encrypt2
 | 512| 32|FUNC |GLOB |0 |2 |_ossl_old_des_encrypt3
in /usr/local/lib. Interesting. Now back to /usr/lib:
nm libcrypt.a | fgrep des_encr
 | 0| 0|NOTY |GLOB |0 |UNDEF |_des_encrypt
 | 0| 472|FUNC |GLOB |0 |2 |_des_encrypt1
 | 0| 0|FILE |LOCL |0 |ABS |des_encrypt.c
 | 0| 472|FUNC |WEAK |0 |2 |des_encrypt1
 | 604| 40|FUNC |GLOB |0 |2 |_des_encrypt
 | 0| 0|NOTY |GLOB |0 |UNDEF |_des_encrypt1
 | 604| 40|FUNC |WEAK |0 |2 |des_encrypt
 | 444| 160|FUNC |LOCL |0 |2 |des_encrypt_nolock
Going back to NetBSD and OSX I find that they both have the numbered
versions in /usr/lib/libcrypto... Still no unnumbered version.
Well, if there's built-in kerb5 then I would use that over kerb4
anyway. Kerberos 4 is only suitable for simple installations with no
cross-realm authentication needed now.
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry(dot)B(dot)Hotz(at)jpl(dot)nasa(dot)gov, or hbhotz(at)oxy(dot)edu
In response to
pgsql-ports by date
|Next:||From: Guillaume de Renty||Date: 2003-04-08 10:00:18|
|Subject: New Windows Postgresql platform|
|Previous:||From: Peter Eisentraut||Date: 2003-04-04 23:55:58|
|Subject: Re: Kerberos IV Support Broken?|