diff --git a/admin/ktutil_locl.h b/admin/ktutil_locl.h index 61e0dc5a1..43021dbc1 100644 --- a/admin/ktutil_locl.h +++ b/admin/ktutil_locl.h @@ -54,7 +54,7 @@ #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/appl/ftp/ftp/ftp_locl.h b/appl/ftp/ftp/ftp_locl.h index 33f27457f..4c37d9c8b 100644 --- a/appl/ftp/ftp/ftp_locl.h +++ b/appl/ftp/ftp/ftp_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -131,7 +131,7 @@ struct hostent *gethostbyname(const char *); #include "security.h" /* des_read_pw_string */ -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/appl/kx/common.c b/appl/kx/common.c index eb8f84acf..d180a01bf 100644 --- a/appl/kx/common.c +++ b/appl/kx/common.c @@ -421,7 +421,7 @@ create_and_write_cookie (char *xauthfile, auth.name_length = strlen(auth.name); auth.data_length = cookie_sz; auth.data = (char*)cookie; -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL krb5_generate_random_block (cookie, cookie_sz); #else des_rand_data (cookie, cookie_sz); diff --git a/appl/otp/otp_locl.h b/appl/otp/otp_locl.h index 71176bb22..b6823a2f8 100644 --- a/appl/otp/otp_locl.h +++ b/appl/otp/otp_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -52,7 +52,7 @@ #endif #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/appl/telnet/libtelnet/enc_des.c b/appl/telnet/libtelnet/enc_des.c index 7bf21ea85..42de2e5ba 100644 --- a/appl/telnet/libtelnet/enc_des.c +++ b/appl/telnet/libtelnet/enc_des.c @@ -50,7 +50,7 @@ RCSID("$Id$"); #include "encrypt.h" #include "misc-proto.h" -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include @@ -408,7 +408,7 @@ static void fb64_session(Session_Key *key, int server, struct fb *fbp) fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]); if (fbp->once == 0) { -#if !defined(OLD_DES_RANDOM_KEY) && !defined(HAVE_OPENSSL_DES_H) +#if !defined(OLD_DES_RANDOM_KEY) && !defined(HAVE_OPENSSL) des_init_random_number_generator(&fbp->krbdes_key); #endif fbp->once = 1; diff --git a/appl/telnet/libtelnet/encrypt.h b/appl/telnet/libtelnet/encrypt.h index 503448b9e..1b37cb582 100644 --- a/appl/telnet/libtelnet/encrypt.h +++ b/appl/telnet/libtelnet/encrypt.h @@ -90,7 +90,7 @@ typedef struct { #define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */ -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #define des_new_random_key des_random_key #else diff --git a/appl/telnet/libtelnet/kerberos.c b/appl/telnet/libtelnet/kerberos.c index 6232d967f..f64c80cbb 100644 --- a/appl/telnet/libtelnet/kerberos.c +++ b/appl/telnet/libtelnet/kerberos.c @@ -220,7 +220,7 @@ kerberos4_send(char *name, Authenticator *ap) des_key_sched(&cred.session, sched); memcpy (&cred_session, &cred.session, sizeof(cred_session)); -#ifndef HAVE_OPENSSL_DES_H +#ifndef HAVE_OPENSSL des_init_random_number_generator(&cred.session); #endif des_new_random_key(&session_key); diff --git a/cf/crypto.m4 b/cf/crypto.m4 new file mode 100644 index 000000000..025a8325e --- /dev/null +++ b/cf/crypto.m4 @@ -0,0 +1,114 @@ +dnl $Id$ +dnl +dnl test for crypto libraries: +dnl - libcrypto (from openssl) +dnl - libdes (from krb4) +dnl - own-built libdes + +AC_DEFUN([KRB_CRYPTO],[ +crypto_lib=unknown +AC_ARG_WITH(openssl, +[ --with-openssl=dir if you want to use openssl's libcrypto in dir]) + +DIR_des= + +AC_MSG_CHECKING([for crypto library]) + +if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then + + save_CPPFLAGS="$CPPFLAGS" + save_LIBS="$LIBS" + INCLUDE_des= + LIB_des= + if test "$with_openssl" != ""; then + INCLUDE_des="-I${with_openssl}/include" + CPPFLAGS="${INCLUDE_des} ${CPPFLAGS}" + LIB_des="-L${with_openssl}/lib" + fi + LIB_des_a="$LIB_des" + LIB_des_so="$LIB_des" + LIB_des_appl="$LIB_des" + LIBS="${LIBS} ${LIB_des}" + AC_TRY_LINK([ + #include + #include + #include + #include + #include + ], + [ + MD4_CTX md4; + MD5_CTX md5; + SHA1_CTX sha1; + + MD4_Init(&md4); + MD5_Init(&md5); + SHA1_Init(&sha1); + + des_cbc_encrypt(NULL, NULL, 0, NULL, NULL, 0); + RC4(NULL, 0, NULL, NULL); + ], [ + crypto_lib=libcrypto + AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto]) + AC_MSG_RESULT([libcrypto])]) + CPPFLAGS="$save_CPPFLAGS" + LIBS="$save_LIBS" +fi + +if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then + + save_CPPFLAGS="$CPPFLAGS" + save_LIBS="$LIBS" + INCLUDE_des="${INCLUDE_krb4}" + LIB_des= + if test "$krb4_libdir"; then + LIB_des="-L${krb4_libdir}" + fi + CPPFLAGS="${CPPFLAGS} ${INCLUDE_des}" + LIBS="${LIBS} ${LIB_des}" + LIB_des_a="$LIB_des" + LIB_des_so="$LIB_des" + LIB_des_appl="$LIB_des" + LIBS="${LIBS} ${LIB_des}" + AC_TRY_LINK([ + #undef KRB5 /* makes md4.h et al unhappy */ + #define KRB4 + #include + #include + #include + #include + #include + ], + [ + MD4_CTX md4; + MD5_CTX md5; + SHA1_CTX sha1; + + MD4_Init(&md4); + MD5_Init(&md5); + SHA1_Init(&sha1); + + des_cbc_encrypt(NULL, NULL, 0, NULL, NULL, 0); + RC4(NULL, 0, NULL, NULL); + ], [crypto_lib=krb4; AC_MSG_RESULT([krb4's libdes])]) + +fi + +if test "$crypto_lib" = "unknown"; then + + DIR_des='des' + LIB_des='$(top_builddir)/lib/des/libdes.la' + LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a' + LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so' + LIB_des_appl="-ldes" + + AC_MSG_RESULT([included libdes]) + +fi + +AC_SUBST(DIR_des) +AC_SUBST(LIB_des) +AC_SUBST(LIB_des_a) +AC_SUBST(LIB_des_so) +AC_SUBST(LIB_des_appl) +]) diff --git a/configure.in b/configure.in index 31318e898..028ca83eb 100644 --- a/configure.in +++ b/configure.in @@ -523,49 +523,7 @@ AC_GROK_TYPES([int8_t int16_t int32_t int64_t \ u_int8_t u_int16_t u_int32_t u_int64_t \ uint8_t uint16_t uint32_t uint64_t]) -dnl -dnl crypto functions tests -dnl - -AC_CHECK_HEADERS([ \ - openssl/md4.h \ - openssl/md5.h \ - openssl/sha.h \ - openssl/des.h \ - openssl/rc4.h \ -]) - -AC_FIND_FUNC_NO_LIBS2(MD4_Init, crypto des, [], [], [], [$test_LIB_krb4]) -AC_FIND_FUNC_NO_LIBS2(MD5_Init, crypto des, [], [], [], [$test_LIB_krb4]) -AC_FIND_FUNC_NO_LIBS2(SHA1_Init, crypto des, [], [], [], [$test_LIB_krb4]) -AC_FIND_FUNC_NO_LIBS2(des_cbc_encrypt, crypto des, [], [], [], [$test_LIB_krb4]) -AC_FIND_FUNC_NO_LIBS2(RC4, crypto des, [], [], [], [$test_LIB_krb4]) -if test "$ac_cv_func_des_cbc_encrypt" = "yes" -a \ -"$ac_cv_func_MD4_Init" = "yes" -a \ -"$ac_cv_func_MD5_Init" = "yes" -a \ -"$ac_cv_func_SHA1_Init" = "yes" -a \ -"$ac_cv_func_RC4" = "yes"; then - DIR_des='' - LIB_des='' - if test "$krb4_libdir" != "" -a "$ac_cv_funclib_des_cbc_encrypt" = "-ldes"; then - LIB_des="-R $krb4_libdir -L$krb4_libdir" - fi - LIB_des="$LIB_des $ac_cv_funclib_MD4_Init" - LIB_des_a="$LIB_des" - LIB_des_so="$LIB_des" - LIB_des_appl="$LIB_des" -else - DIR_des='des' - LIB_des='$(top_builddir)/lib/des/libdes.la' - LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a' - LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so' - LIB_des_appl="-ldes" -fi -AC_SUBST(DIR_des) -AC_SUBST(LIB_des) -AC_SUBST(LIB_des_a) -AC_SUBST(LIB_des_so) -AC_SUBST(LIB_des_appl) +KRB_CRYPTO KRB_READLINE diff --git a/kadmin/kadmin_locl.h b/kadmin/kadmin_locl.h index 7f12f65d5..ccb90a447 100644 --- a/kadmin/kadmin_locl.h +++ b/kadmin/kadmin_locl.h @@ -86,7 +86,7 @@ #endif #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/kdc/headers.h b/kdc/headers.h index 956235271..521856269 100644 --- a/kdc/headers.h +++ b/kdc/headers.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -85,7 +85,7 @@ #include #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/kdc/kdc_locl.h b/kdc/kdc_locl.h index 63dae79ef..d9173f6fb 100644 --- a/kdc/kdc_locl.h +++ b/kdc/kdc_locl.h @@ -113,7 +113,7 @@ krb5_error_code do_kaserver (unsigned char*, size_t, krb5_data*, const char*, struct sockaddr_in*); #endif -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #define des_new_random_key des_random_key #endif diff --git a/kpasswd/kpasswd_locl.h b/kpasswd/kpasswd_locl.h index 501863308..b2269d4c8 100644 --- a/kpasswd/kpasswd_locl.h +++ b/kpasswd/kpasswd_locl.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). * All rights reserved. * @@ -98,7 +98,7 @@ #include #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/lib/hdb/hdb_locl.h b/lib/hdb/hdb_locl.h index 61e43ceff..fdec3683b 100644 --- a/lib/hdb/hdb_locl.h +++ b/lib/hdb/hdb_locl.h @@ -56,7 +56,7 @@ #endif #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include #else #include diff --git a/lib/krb5/Makefile.am b/lib/krb5/Makefile.am index 1365fb396..9224c2c26 100644 --- a/lib/krb5/Makefile.am +++ b/lib/krb5/Makefile.am @@ -2,7 +2,7 @@ include $(top_srcdir)/Makefile.am.common -INCLUDES += $(INCLUDE_krb4) +INCLUDES += $(INCLUDE_krb4) $(INCLUDE_des) bin_PROGRAMS = verify_krb5_conf diff --git a/lib/krb5/crypto.c b/lib/krb5/crypto.c index e1c88a439..8016745bf 100644 --- a/lib/krb5/crypto.c +++ b/lib/krb5/crypto.c @@ -2655,7 +2655,7 @@ krb5_decrypt_EncryptedData(krb5_context context, * * ************************************************************/ -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include /* From openssl/crypto/rand/rand_lcl.h */ diff --git a/lib/krb5/krb5_locl.h b/lib/krb5/krb5_locl.h index 3d09e249c..0d6c0591e 100644 --- a/lib/krb5/krb5_locl.h +++ b/lib/krb5/krb5_locl.h @@ -109,29 +109,17 @@ struct sockaddr_dl; #include #include -#ifdef HAVE_OPENSSL_DES_H +#ifdef HAVE_OPENSSL #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_MD4_H #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_MD5_H #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_SHA_H #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_RC4_H #include #else +#include +#include +#include +#include #include #endif diff --git a/lib/otp/Makefile.am b/lib/otp/Makefile.am index 11a780719..91c947d66 100644 --- a/lib/otp/Makefile.am +++ b/lib/otp/Makefile.am @@ -2,7 +2,7 @@ include $(top_srcdir)/Makefile.am.common -INCLUDES += $(INCLUDE_krb4) +INCLUDES += $(INCLUDE_des) noinst_PROGRAMS = otptest diff --git a/lib/otp/otp_md.c b/lib/otp/otp_md.c index 50764b52b..60900bb6b 100644 --- a/lib/otp/otp_md.c +++ b/lib/otp/otp_md.c @@ -38,19 +38,13 @@ RCSID("$Id$"); #include "otp_locl.h" #include "otp_md.h" -#ifdef HAVE_OPENSSL_MD4_H +#ifdef HAVE_OPENSSL #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_MD5_H #include -#else -#include -#endif -#ifdef HAVE_OPENSSL_SHA_H #include #else +#include +#include #include #endif