I just read the conversation on that trouble ticket. I would strongly suggest
adding OPENSSL_NO_CRYPT to 0.9.6 as well and making it the default. Just
about
every Unix variant that has shipped in at least the past 20 years includes
crypt() in
its native C library. There are only two reasons this code is ever useful:
a) the fcrypt implementation is faster than the traditional Unix version
this seems to me to only matter if you're cracking passwords.
b) you need it if you want crypt() compatibility on a Windows PC or Mac.
On actual Unix machines, this code is not only unnecessary, it's detrimental
since it doesn't support the extensions that recent Unix releases include,
such as 16 character (or longer) passwords, MD5-based hashes, etc. I.e., it
is
incompatible with the system's native crypt() implementation, and this causes
no end of trouble when people try to use their /etc/passwd passwords with
this
library.
I believe you could get by with only compiling it for PCs and Macs; no one
working on a Unix system should miss it. Omitting it will only make their
current apps run better, by removing one source of incompatibilities from
their environment.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Lutz Jaenicke
> Sent: Monday, August 12, 2002 2:31 AM
> To: [EMAIL PROTECTED]
> Subject: Re: linux-glibc/openssl des.h/crypt.h conflict
>
>
> On Sat, Aug 10, 2002 at 04:02:10PM -0700, Mike Castle wrote:
> >
> > Using openssl-0.9.7-beta3, glibc-2.2.5, and linux-2.4.19.
> >
> > nexus@thune[3:58pm]~(529) cat a.c
> > #include <openssl/des.h>
> > #include <crypt.h>
> > nexus@thune[3:58pm]~(530) gcc -c a.c
> > In file included from a.c:2:
> > /usr/include/crypt.h:33: parse error before `('
> > /usr/include/crypt.h:33: parse error before `__const'
> >
> > nexus@thune[3:58pm]~(531) cat -n /usr/include/crypt.h | grep -w 33
> > 33 extern char *crypt (__const char *__key, __const char
> *__salt) __THROW;
> >
> > Unsurpising it's the #define crypt DES_crypt causing the issue.
> >
> > I'm just having issues building other software (in this case,
> > openldap-2.1.3), but, should this be a supported set of includes?
>
> It is already attacked under
> http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=172
>
> Best regards,
> Lutz
> --
> Lutz Jaenicke [EMAIL PROTECTED]
> http://www.aet.TU-Cottbus.DE/personen/jaenicke/
> BTU Cottbus, Allgemeine Elektrotechnik
> Universitaetsplatz 3-4, D-03044 Cottbus
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
