itojun%iijlab.net@localhost writes: >>I'm fine with having kerberos 4 die now, and really, it should. > > so upgrade plan would be: > - disable kerberos4 by default > - import openssl 0.9.7b (or latest), with kerberos-and-ssl stuff > disabled. shlib major bump. kerberos portion would not build > for a while, i guess? so, how do we deal with the api problem with openssl ? keep old libdes and don't remove the compat glue (by defining OPENSSL_DISABLE_OLD_DES_SUPPORT not including <openssl/des_old.h>) ? > - massage kerberos5 portion to work with openssl 0.9.7 I've got a patch for this already, at least the kerberos lib part, but lots of other code still uses the old des_ api. Love
Attachment:
pgpInNZqMnuWa.pgp
Description: PGP signature