- Aug 16, 2001
-
-
Lutz Jänicke authored
or not.
-
- Aug 10, 2001
-
-
Richard Levitte authored
His comments are: 1) Changes all references for `True64' to be `Tru64', which is the correct spelling for the OS name. 2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc' entry that is the same as the previous `alpha-cc'. The reason is that most people these days are using the newer compiler, so it should be the default. 3) Adds a bit of commentary to Configure, regarding the name changes of the OS over the years, so it's not so confusing to people that haven't been with the OS for a while. 4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically by Configure under any circumstance) that builds an RPATH into the shared libraries. This is explained in the comment in Configure. It's very very useful for people that want it, and people that don't want it just shouldn't choose that target. 5) Adds the `-pthread' flag as the best way to get POSIX thread support from the newer compiler. 6) ...
-
- Aug 08, 2001
-
-
Bodo Möller authored
-
- Aug 07, 2001
-
-
Bodo Möller authored
ServerKeyExchange message may be skipped. Submitted by: Petr Lampa <lampa@fee.vutbr.cz>
-
Lutz Jänicke authored
-
- Jul 31, 2001
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- Jul 30, 2001
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- Jul 27, 2001
-
-
Bodo Möller authored
-
Bodo Möller authored
-
Lutz Jänicke authored
circumstances.
-
- Jul 26, 2001
-
-
Lutz Jänicke authored
-
- Jul 25, 2001
-
-
Bodo Möller authored
or bogus DH parameters can be used for launching DOS attacks
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
-
Lutz Jänicke authored
-
- Jul 24, 2001
-
-
Bodo Möller authored
Submitted by: Travis Vitek <vitek@roguewave.com>
-
- Jul 23, 2001
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- Jul 21, 2001
-
-
Lutz Jänicke authored
-
cvs2svn authored
'OpenSSL_0_9_6-stable'.
-
Lutz Jänicke authored
-
Ben Laurie authored
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery is available).
-
Richard Levitte authored
His comments are: This patch fixes the problem of modern Kerberos using "derived keys" to encrypt the authenticator by disabling the authenticator check for all derived keys enctypes. I think I've got all the bugfixes that Jeffrey and I discussed rolled into this. There were some problems with Jeffrey's code to convert the authenticator's Kerberos timestring into struct tm (e.g. Z, -1900; it helps to have an actual decryptable authenticator to play with). So I've shamelessly pushed in my code, while stealing some bits from Jeffrey.
-
- Jul 20, 2001
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
cvs2svn authored
'OpenSSL_0_9_6-stable'.
-
Lutz Jänicke authored
-
Geoff Thorpe authored
does not contain more bytes than the RSA modulus 'n' - it does not check that the input is strictly *less* than 'n'. Whether this should be the case or not is open to debate - however, due to security problems with returning miscalculated CRT results, the 'rsa_mod_exp' implementation in rsa_eay.c now performs a public-key exponentiation to verify the CRT result and in the event of an error will instead recalculate and return a non-CRT (more expensive) mod_exp calculation. As the mod_exp of 'I' is equivalent to the mod_exp of 'I mod n', and the verify result is automatically between 0 and n-1 inclusive, the verify only matches the input if 'I' was less than 'n', otherwise even a correct CRT calculation is only congruent to 'I' (ie. they differ by a multiple of 'n'). Rather than rejecting correct calculations and doing redundant and slower ones instead, this changes the equality check in the verification code to a congruence check.
-
- Jul 17, 2001
-
-
Andy Polyakov authored
-
- Jul 16, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
-
- Jul 15, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
-
- Jul 13, 2001
-
-
Dr. Stephen Henson authored
Allow OCSP server to handle multiple requests. Document new OCSP options.
-
- Jul 12, 2001
-
-
Dr. Stephen Henson authored
Initial OCSP server support, using index.txt format. This can process internal requests or behave like a mini responder. Todo: documentation, update usage info.
-