- 16 Aug, 2001 1 commit
-
-
Lutz Jänicke authored
or not.
-
- 10 Aug, 2001 1 commit
-
-
Richard Levitte authored
His comments are: 1) Changes all references for `True64' to be `Tru64', which is the correct spelling for the OS name. 2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc' entry that is the same as the previous `alpha-cc'. The reason is that most people these days are using the newer compiler, so it should be the default. 3) Adds a bit of commentary to Configure, regarding the name changes of the OS over the years, so it's not so confusing to people that haven't been with the OS for a while. 4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically by Configure under any circumstance) that builds an RPATH into the shared libraries. This is explained in the comment in Configure. It's very very useful for people that want it, and people that don't want it just shouldn't choose that target. 5) Adds the `-pthread' flag as the best way to get POSIX thread support from the newer compiler. 6) Updates the Makefile targets, so that when the `alpha164-cc', `alpha-cc', or `alpha-cc-rpath' target is what Configure is set to use, it uses a Makefile target that includes the `-msym' option when building the shared library. This is a performance enhancement. 7) Updates `config' so that if it detects you're running version 4 or 5 of the OS, it automatically selects `alpha-cc', but uses `alphaold-cc' for versions 1-3 of the OS. 8) Updates the comment in opensslv.h, fixing both the OS name typo and adding a reference to IRIX 6.x, since the shared library semantics are virtually identical there.
-
- 08 Aug, 2001 1 commit
-
-
Bodo Möller authored
-
- 07 Aug, 2001 2 commits
-
-
Bodo Möller authored
ServerKeyExchange message may be skipped. Submitted by: Petr Lampa <lampa@fee.vutbr.cz>
-
Lutz Jänicke authored
-
- 31 Jul, 2001 2 commits
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- 30 Jul, 2001 3 commits
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- 27 Jul, 2001 3 commits
-
-
Bodo Möller authored
-
Bodo Möller authored
-
Lutz Jänicke authored
circumstances.
-
- 26 Jul, 2001 1 commit
-
-
Lutz Jänicke authored
-
- 25 Jul, 2001 5 commits
-
-
Bodo Möller authored
or bogus DH parameters can be used for launching DOS attacks
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
-
Lutz Jänicke authored
-
- 24 Jul, 2001 1 commit
-
-
Bodo Möller authored
Submitted by: Travis Vitek <vitek@roguewave.com>
-
- 23 Jul, 2001 2 commits
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
- 21 Jul, 2001 5 commits
-
-
Lutz Jänicke authored
-
cvs2svn authored
'OpenSSL_0_9_6-stable'.
-
Lutz Jänicke authored
-
Ben Laurie authored
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery is available).
-
Richard Levitte authored
His comments are: This patch fixes the problem of modern Kerberos using "derived keys" to encrypt the authenticator by disabling the authenticator check for all derived keys enctypes. I think I've got all the bugfixes that Jeffrey and I discussed rolled into this. There were some problems with Jeffrey's code to convert the authenticator's Kerberos timestring into struct tm (e.g. Z, -1900; it helps to have an actual decryptable authenticator to play with). So I've shamelessly pushed in my code, while stealing some bits from Jeffrey.
-
- 20 Jul, 2001 6 commits
-
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
Lutz Jänicke authored
-
cvs2svn authored
'OpenSSL_0_9_6-stable'.
-
Lutz Jänicke authored
-
Geoff Thorpe authored
does not contain more bytes than the RSA modulus 'n' - it does not check that the input is strictly *less* than 'n'. Whether this should be the case or not is open to debate - however, due to security problems with returning miscalculated CRT results, the 'rsa_mod_exp' implementation in rsa_eay.c now performs a public-key exponentiation to verify the CRT result and in the event of an error will instead recalculate and return a non-CRT (more expensive) mod_exp calculation. As the mod_exp of 'I' is equivalent to the mod_exp of 'I mod n', and the verify result is automatically between 0 and n-1 inclusive, the verify only matches the input if 'I' was less than 'n', otherwise even a correct CRT calculation is only congruent to 'I' (ie. they differ by a multiple of 'n'). Rather than rejecting correct calculations and doing redundant and slower ones instead, this changes the equality check in the verification code to a congruence check.
-
- 17 Jul, 2001 1 commit
-
-
Andy Polyakov authored
-
- 16 Jul, 2001 2 commits
-
-
Richard Levitte authored
-
Richard Levitte authored
-
- 15 Jul, 2001 2 commits
-
-
Richard Levitte authored
-
Richard Levitte authored
-
- 13 Jul, 2001 1 commit
-
-
Dr. Stephen Henson authored
Allow OCSP server to handle multiple requests. Document new OCSP options.
-
- 12 Jul, 2001 1 commit
-
-
Dr. Stephen Henson authored
Initial OCSP server support, using index.txt format. This can process internal requests or behave like a mini responder. Todo: documentation, update usage info.
-