Merge V1_0_FREEZE_3 into the mainline. (Note this merge does *not*

include the doc subtree!!) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9632 dc483132-0cff-0310-8789-dd5450dbe970
author: Theodore Tso <tytso@mit.edu> 1996-12-13 19:28:16 +0000
committer: Theodore Tso <tytso@mit.edu> 1996-12-13 19:28:16 +0000
commit: e73566996463fb1947cf80ad2e11fadce3dc0b66 (patch)
tree: 4c75494b8a5a0e1169c37bcac34cc0aeccda7de2 /src/lib/crypto
parent: 20b3f46e04d4d0104dc971d22793011f20f2e51c (diff)
3 files changed, 59 insertions, 38 deletions
diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog
index 680319932..ecdb1d41e 100644
--- a/src/lib/crypto/ChangeLog
+++ b/src/lib/crypto/ChangeLog
@@ -1,3 +1,17 @@
+Sat Nov 23 00:22:20 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
+
+	* cryptoconf.c: Also zero out the entries in cryptoconf, to make
+		sure no one tries to use triple DES and SHA.
+
+Fri Nov 22 20:49:13 1996  Theodore Ts'o  <tytso@rsts-11.mit.edu>
+
+	* configure.in (enableval): Disable triple DES and SHA, since
+		what's there isn't the final triple DES.  [PR#231]
+
+Mon Nov 18 20:38:24 1996  Ezra Peisach  <epeisach@mit.edu>
+ [krb5-libs/201]
+	* configure.in: Set shared library version to 1.0.
+
 Thu Jun  6 00:04:38 1996  Theodore Y. Ts'o  <tytso@mit.edu>
 
 	* Makefile.in (all-windows): Don't pass $(LIBCMD) on the command
diff --git a/src/lib/crypto/configure.in b/src/lib/crypto/configure.in
index 9e0451004..53f9fcc39 100644
--- a/src/lib/crypto/configure.in
+++ b/src/lib/crypto/configure.in
@@ -19,17 +19,17 @@ if test "$enableval" = yes; then
 else
 	AC_MSG_RESULT(Disabling DES_CBC_MD5)
 fi
-AC_ARG_ENABLE([des3-cbc-sha],
-[ --enable-des3-cbc-sha		enable DES3_CBC_SHA (DEFAULT).
- --disable-des3-cbc-sha		disable DES3_CBC_SHA.],
-,
-enableval=yes)dnl
-if test "$enableval" = yes; then
-	AC_MSG_RESULT(Enabling DES3_CBC_SHA)
-	AC_DEFINE(PROVIDE_DES3_CBC_SHA)
-else
-	AC_MSG_RESULT(Disabling DES3_CBC_SHA)
-fi
+dnl AC_ARG_ENABLE([des3-cbc-sha],
+dnl [ --enable-des3-cbc-sha		enable DES3_CBC_SHA (DEFAULT).
+dnl  --disable-des3-cbc-sha		disable DES3_CBC_SHA.],
+dnl ,
+dnl enableval=yes)dnl
+dnl if test "$enableval" = yes; then
+dnl 	AC_MSG_RESULT(Enabling DES3_CBC_SHA)
+dnl 	AC_DEFINE(PROVIDE_DES3_CBC_SHA)
+dnl else
+dnl 	AC_MSG_RESULT(Disabling DES3_CBC_SHA)
+dnl fi
 AC_ARG_WITH([des-cbc-crc],
 [ --enable-des-cbc-crc		enable DES_CBC_CRC (DEFAULT).
  --disable-des-cbc-crc		disable DES_CBC_CRC.],
@@ -52,17 +52,17 @@ if test "$enableval" = yes; then
 else
 	AC_MSG_RESULT(Disabling DES_CBC_RAW)
 fi
-AC_ARG_WITH([des3-cbc-raw],
-[ --enable-des3-cbc-raw		enable DES3_CBC_RAW (DEFAULT).
- --disable-des3-cbc-raw		disable DES3_CBC_RAW.],
-,
-enableval=yes)dnl
-if test "$enableval" = yes; then
-	AC_MSG_RESULT(Enabling DES3_CBC_RAW)
-	AC_DEFINE(PROVIDE_DES3_CBC_RAW)
-else
-	AC_MSG_RESULT(Disabling DES3_CBC_RAW)
-fi
+dnl AC_ARG_WITH([des3-cbc-raw],
+dnl [ --enable-des3-cbc-raw		enable DES3_CBC_RAW (DEFAULT).
+dnl  --disable-des3-cbc-raw		disable DES3_CBC_RAW.],
+dnl ,
+dnl enableval=yes)dnl
+dnl if test "$enableval" = yes; then
+dnl 	AC_MSG_RESULT(Enabling DES3_CBC_RAW)
+dnl 	AC_DEFINE(PROVIDE_DES3_CBC_RAW)
+dnl else
+dnl 	AC_MSG_RESULT(Disabling DES3_CBC_RAW)
+dnl fi
 AC_ARG_WITH([des-cbc-cksum],
 [ --enable-des-cbc-cksum		enable DES_CBC_CKSUM (DEFAULT).
  --disable-des-cbc-cksum	disable DES_CBC_CKSUM.],
@@ -107,20 +107,20 @@ if test "$enableval" = yes; then
 else
 	AC_MSG_RESULT(Disabling RSA_MD5)
 fi
-AC_ARG_WITH([nist-sha],
-[ --enable-nist-sha		enable NIST_SHA (DEFAULT).
- --disable-nist-sha		disable NIST_SHA.],
-,
-enableval=yes)dnl
-if test "$enableval" = yes; then
-	AC_MSG_RESULT(Enabling NIST_SHA)
-	AC_DEFINE(PROVIDE_NIST_SHA)
-else
-	AC_MSG_RESULT(Disabling NIST_SHA)
-fi
+dnl AC_ARG_WITH([nist-sha],
+dnl [ --enable-nist-sha		enable NIST_SHA (DEFAULT).
+dnl  --disable-nist-sha		disable NIST_SHA.],
+dnl ,
+dnl enableval=yes)dnl
+dnl if test "$enableval" = yes; then
+dnl 	AC_MSG_RESULT(Enabling NIST_SHA)
+dnl 	AC_DEFINE(PROVIDE_NIST_SHA)
+dnl else
+dnl 	AC_MSG_RESULT(Disabling NIST_SHA)
+dnl fi
 
 V5_SHARED_LIB_OBJS
 SubdirLibraryRule([${OBJS}])
 DO_SUBDIRS
-V5_MAKE_SHARED_LIB(libcrypto,0.1,.., ./crypto)
+V5_MAKE_SHARED_LIB(libcrypto,1.0,.., ./crypto)
 V5_AC_OUTPUT_MAKEFILE
diff --git a/src/lib/crypto/cryptoconf.c b/src/lib/crypto/cryptoconf.c
index 768c6cf3c..62be74581 100644
--- a/src/lib/crypto/cryptoconf.c
+++ b/src/lib/crypto/cryptoconf.c
@@ -53,8 +53,10 @@
 
 #ifdef PROVIDE_NIST_SHA
 #include "shs.h"
-#define SHA_CKENTRY &nist_sha_cksumtable_entry
-#define HMAC_SHA_CKENTRY &hmac_sha_cksumtable_entry
+/* #define SHA_CKENTRY &nist_sha_cksumtable_entry */
+/* #define HMAC_SHA_CKENTRY &hmac_sha_cksumtable_entry */
+#define SHA_CKENTRY 0
+#define HMAC_SHA_CKENTRY 0
 #else
 #define SHA_CKENTRY 0
 #define HMAC_SHA_CKENTRY 0
@@ -109,7 +111,11 @@
 #include "des_int.h"
 #define _DES_DONE__
 #endif
-#define DES3_CBC_SHA_CSENTRY &krb5_des3_sha_cst_entry
+/* Don't try to enable triple DES unless you know what you are doing; */
+/* the current implementation of triple DES is NOT the final and */
+/* correct implementation.!!!  */
+/* #define DES3_CBC_SHA_CSENTRY &krb5_des3_sha_cst_entry */
+#define DES3_CBC_SHA_CSENTRY 0
 #else
 #define DES3_CBC_SHA_CSENTRY 0
 #endif
@@ -119,7 +125,8 @@
 #include "des_int.h"
 #define _DES_DONE__
 #endif
-#define DES3_CBC_RAW_CSENTRY &krb5_des3_raw_cst_entry
+/* #define DES3_CBC_RAW_CSENTRY &krb5_des3_raw_cst_entry */
+#define DES3_CBC_RAW_CSENTRY 0
 #else
 #define DES3_CBC_RAW_CSENTRY 0
 #endif
author	Theodore Tso <tytso@mit.edu>	1996-12-13 19:28:16 +0000
committer	Theodore Tso <tytso@mit.edu>	1996-12-13 19:28:16 +0000
commit	e73566996463fb1947cf80ad2e11fadce3dc0b66 (patch)
tree	4c75494b8a5a0e1169c37bcac34cc0aeccda7de2 /src/lib/crypto
parent	20b3f46e04d4d0104dc971d22793011f20f2e51c (diff)