Subject: RE: muhah
To: Andrew Brown <>
From: Dave Burgess <>
List: tech-pkg
Date: 04/12/2001 08:20:26
> From Andrew Brown
> >From ????
> >And since the support for these hashes hasn't been in md5/cksum(1) for a
> >week, changing it shouldn't be too big a deal.
> that's also true.  someone has already suggested that md2 and md4
> simply be removed since they're "broken".

I just finished fixing up a package for OpenSSL 0.9.6 and found that we
already don't support md4 (in the 0.9.5a package, anyway).  I was building
ap-ssl (the SSL implementation for Apache) which relied on md4 as a digest
option and it failed on that, and a couple of other .h files. I had to add
the md4 file support back into the 'file list' in the install target in
order to get through the ap-ssl package installation.  I've sent in the PR
for this and updated the openssl.pck.tar.gz file on to reflect these files.

I don't intend to claim to be an expert on the software, but it's working
and seems to do everything it's supposed to.  A brief test showed it to be
operating correctly for SSL pages on the server.

> --
> |-----< "CODE WARRIOR" >-----|
>             * "ah!  i see you have the internet
> (Andrew Brown)                that goes *ping*!"
>       * "information is power -- share the wealth."