things), especially as the RSA keys are fixed. However, DSA only fixes the
DSA parameters and then generates the public and private components on the
fly each time - this commit hard-codes some sampled key values so that this
is no longer the case.

Jeffrey Altman <jaltman@columbia.edu>

(Really, the time that's being parsed is a GeneralizedTime, so if
ASN1_GENERALIZEDTIME_get() ever gets implemented, it should be used
instead)

His comments are:

 . Fixed all of the Windows dynamic loading functions, prototypes, etc.

 . Corrected all of the unsigned/signed comparison warnings

 . Replaced the references to krb5_cksumarray[] for two reasons.
   First, it was an internal variable that should not have been
   referenced outside the library; nor could it have been with
   a shared library with restricted exports.  Second, the
   variable is no longer used in current Kerberos implementations.
   I replaced the code with equivalent functionality using functions
   that are exported from the library.

exported header files.

the term "simultaneous multiplication" (which -- acording to the
paper, at least -- applies only to certain methods which we don't use
here)

things will work much more smoothly.

SSL according to RFC 2712.  His comment is:

This is a patch to openssl-SNAP-20010702 to support Kerberized SSL
authentication.  I'm expecting to have the full kssl-0.5 kit up on
sourceforge by the end of the week.  The full kit includes patches
for mod-ssl, apache, and a few text clients.  The sourceforge URL
is http://sourceforge.net/projects/kssl/ .

Thanks to a note from Simon Wilkinson I've replaced my KRB5 AP_REQ
message with a real KerberosWrapper struct.  I think this is fully
RFC 2712 compliant now, including support for the optional
authenticator field.  I also added openssl-style ASN.1 macros for
a few Kerberos structs; see crypto/krb5/ if you're interested.

for encrypt?).

Worth around 5% for encrypt. Slows down decrypt slightly, but I expect to
regain that later.

(found by Andy Brown <logic@warthog.com>).

used.

Changes to have OpenSSL compile on OS/2.
Contributed by "Brian Havard" <brianh@kheldar.apana.org.au>