- Jul 17, 2001
-
-
Andy Polyakov authored
-
- Jul 16, 2001
-
-
Richard Levitte authored
-
- Jul 15, 2001
-
-
Richard Levitte authored
-
- Jul 13, 2001
-
-
Dr. Stephen Henson authored
Allow OCSP server to handle multiple requests. Document new OCSP options.
-
- Jul 12, 2001
-
-
Dr. Stephen Henson authored
Initial OCSP server support, using index.txt format. This can process internal requests or behave like a mini responder. Todo: documentation, update usage info.
-
Richard Levitte authored
Submitted by Jeffrey Altman <jaltman@columbia.edu>
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
decompression. It can be set up to link at link time or to load the zlib library at run-time.
-
Lutz Jänicke authored
-
Richard Levitte authored
-
Richard Levitte authored
-
- Jul 11, 2001
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
certificate so need to match its subject with the certificate IDs in the response.
-
Richard Levitte authored
Note that since some private kssl functions were exported, the simplest way to rebuild the number table was to toss everything that was new since OpenSSL 0.9.6b. This is safe, since those functions have not yet been exported in an OpenSSL release. Beware, people who trust intermediary snapshots!
-
Richard Levitte authored
-
Richard Levitte authored
them to one that won't get exported.
-
Richard Levitte authored
His comments are: . adds use of replay cache to protect against replay attacks . adds functions kssl_tgt_is_available() and kssl_keytab_is_available() which are used within s3_lib.c and ssl_lib.c to determine at runtime whether or not KRB5 ciphers can be supported during the current session.
-
Geoff Thorpe authored
things), especially as the RSA keys are fixed. However, DSA only fixes the DSA parameters and then generates the public and private components on the fly each time - this commit hard-codes some sampled key values so that this is no longer the case.
-
Richard Levitte authored
Jeffrey Altman <jaltman@columbia.edu> (Really, the time that's being parsed is a GeneralizedTime, so if ASN1_GENERALIZEDTIME_get() ever gets implemented, it should be used instead)
-
Lutz Jänicke authored
-
Richard Levitte authored
His comments are: . Fixed all of the Windows dynamic loading functions, prototypes, etc. . Corrected all of the unsigned/signed comparison warnings . Replaced the references to krb5_cksumarray[] for two reasons. First, it was an internal variable that should not have been referenced outside the library; nor could it have been with a shared library with restricted exports. Second, the variable is no longer used in current Kerberos implementations. I replaced the code with equivalent functionality using functions that are exported from the library.
-
Lutz Jänicke authored
-
Richard Levitte authored
-
Richard Levitte authored
-
Richard Levitte authored
exported header files.
-
Richard Levitte authored
-
Lutz Jänicke authored
-
Richard Levitte authored
-
- Jul 10, 2001
-
-
Richard Levitte authored
-
Richard Levitte authored
-
Bodo Möller authored
the term "simultaneous multiplication" (which -- acording to the paper, at least -- applies only to certain methods which we don't use here)
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
-
- Jul 09, 2001
-
-
Richard Levitte authored
things will work much more smoothly.
-
Richard Levitte authored
SSL according to RFC 2712. His comment is: This is a patch to openssl-SNAP-20010702 to support Kerberized SSL authentication. I'm expecting to have the full kssl-0.5 kit up on sourceforge by the end of the week. The full kit includes patches for mod-ssl, apache, and a few text clients. The sourceforge URL is http://sourceforge.net/projects/kssl/ . Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ message with a real KerberosWrapper struct. I think this is fully RFC 2712 compliant now, including support for the optional authenticator field. I also added openssl-style ASN.1 macros for a few Kerberos structs; see crypto/krb5/ if you're interested.
-
Ben Laurie authored
for encrypt?).
-
- Jul 08, 2001
-
-
Ben Laurie authored
Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to regain that later.
-