heimdal 1.1 and openssl 1.0

xenomorph at univ.kiev.ua xenomorph at univ.kiev.ua
Thu Dec 2 01:24:05 PST 2010


In openssl 1.0 MD2 disabled  in the default configuration. I tried to
install heimdal and I got an error due to lack of MD2. I spent some time
searching the web and reading the sources and made patch, which allows to
build heimdal without MD2 or with MD2.
--- work/heimdal-1.1/include/crypto-headers.h	2010-12-01 23:21:29 +0200
+++ work/heimdal-1.1-patched/include/crypto-headers.h	2010-12-01 23:21:10 +0200
@@ -7,7 +7,9 @@
 #include <openssl/des.h>
 #include <openssl/rc4.h>
 #include <openssl/rc2.h>
+#ifdef HAVE_OPENSSL_MD2_H
 #include <openssl/md2.h>
+#endif
 #include <openssl/md4.h>
 #include <openssl/md5.h>
 #include <openssl/sha.h>
--- work/heimdal-1.1/lib/hx509/crypto.c	2010-12-01 23:21:29 +0200
+++ work/heimdal-1.1-patched/lib/hx509/crypto.c	2010-12-01 23:21:10 +0200
@@ -840,7 +840,7 @@
 
     return 0;
 }
-
+#ifdef HAVE_OPENSSL_MD2_H
 static int
 md2_verify_signature(hx509_context context,
 		     const struct signature_alg *sig_alg,
@@ -870,7 +870,7 @@
 
     return 0;
 }
-
+#endif
 static const struct signature_alg heim_rsa_pkcs1_x509 = {
     "rsa-pkcs1-x509",
     oid_id_heim_rsa_pkcs1_x509,
@@ -925,7 +925,7 @@
     rsa_verify_signature,
     rsa_create_signature
 };
-
+#ifdef HAVE_OPENSSL_MD2_H
 static const struct signature_alg rsa_with_md2_alg = {
     "rsa-with-md2",
     oid_id_pkcs1_md2WithRSAEncryption,
@@ -936,6 +936,7 @@
     rsa_verify_signature,
     rsa_create_signature
 };
+#endif
 
 static const struct signature_alg dsa_sha1_alg = {
     "dsa-with-sha1",
@@ -980,6 +981,7 @@
     md5_verify_signature
 };
 
+#ifdef HAVE_OPENSSL_MD2_H
 static const struct signature_alg md2_alg = {
     "rsa-md2",
     oid_id_rsa_digest_md2,
@@ -989,6 +991,7 @@
     SIG_DIGEST,
     md2_verify_signature
 };
+#endif
 
 /* 
  * Order matter in this structure, "best" first for each "key
@@ -1000,13 +1003,17 @@
     &rsa_with_sha1_alg,
     &pkcs1_rsa_sha1_alg,
     &rsa_with_md5_alg,
+#ifdef HAVE_OPENSSL_MD2_H 
     &rsa_with_md2_alg,
+#endif
     &heim_rsa_pkcs1_x509,
     &dsa_sha1_alg,
     &sha256_alg,
     &sha1_alg,
     &md5_alg,
+#ifdef HAVE_OPENSSL_MD2_H 
     &md2_alg,
+#endif
     NULL
 };



More information about the Users mailing list