oweals/openssl.git
23 years agoAllow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)
Lutz Jänicke [Sat, 25 Aug 2001 11:48:35 +0000 (11:48 +0000)]
Allow client certificate lists > 16kB ("Douglas E. Engert" <deengert@anl.gov>.)

23 years agoNeeded for build on SunOS 4.1.x with gcc (Jeffrey Hutzelman <jhutz@cmu.edu>).
Lutz Jänicke [Sat, 25 Aug 2001 11:34:53 +0000 (11:34 +0000)]
Needed for build on SunOS 4.1.x with gcc (Jeffrey Hutzelman <jhutz@cmu.edu>).

23 years agoMore docs.
Lutz Jänicke [Fri, 24 Aug 2001 14:31:36 +0000 (14:31 +0000)]
More docs.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Fri, 24 Aug 2001 14:29:49 +0000 (14:29 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoMore docs.
Lutz Jänicke [Fri, 24 Aug 2001 14:29:48 +0000 (14:29 +0000)]
More docs.

23 years ago-passin argument not used when actually loading the key
Lutz Jänicke [Fri, 24 Aug 2001 13:33:15 +0000 (13:33 +0000)]
-passin argument not used when actually loading the key
(found by Massimiliano Pala <madwolf@hackmasters.net>).

23 years agoLoad OCSP responder key before waiting for an incoming
Dr. Stephen Henson [Thu, 23 Aug 2001 23:54:11 +0000 (23:54 +0000)]
Load OCSP responder key before waiting for an incoming
connection so it can prompt for pass phrase on startup
instead of after the first connection.

Add -port switch to usage message.

23 years agoAdd #ifdefs to some devcrypto code
Dr. Stephen Henson [Thu, 23 Aug 2001 23:52:38 +0000 (23:52 +0000)]
Add #ifdefs to some devcrypto code

23 years agoMore manual pages, no constification.
Lutz Jänicke [Thu, 23 Aug 2001 18:50:16 +0000 (18:50 +0000)]
More manual pages, no constification.

23 years agoTypo.
Lutz Jänicke [Thu, 23 Aug 2001 17:41:20 +0000 (17:41 +0000)]
Typo.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Thu, 23 Aug 2001 17:22:44 +0000 (17:22 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoMore manual pages. Constify.
Lutz Jänicke [Thu, 23 Aug 2001 17:22:43 +0000 (17:22 +0000)]
More manual pages. Constify.

23 years agoAs discussed recently on openssl-users.
Lutz Jänicke [Thu, 23 Aug 2001 15:01:36 +0000 (15:01 +0000)]
As discussed recently on openssl-users.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Thu, 23 Aug 2001 15:00:12 +0000 (15:00 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoAs discussed recently on openssl-users.
Lutz Jänicke [Thu, 23 Aug 2001 15:00:11 +0000 (15:00 +0000)]
As discussed recently on openssl-users.

23 years agoMake clear, that using the compression layer is currently not recommended.
Lutz Jänicke [Thu, 23 Aug 2001 09:42:56 +0000 (09:42 +0000)]
Make clear, that using the compression layer is currently not recommended.

23 years agoMake clear, that using the compression layer is currently not recommended.
Lutz Jänicke [Thu, 23 Aug 2001 09:42:12 +0000 (09:42 +0000)]
Make clear, that using the compression layer is currently not recommended.

23 years agotypo.
Ulf Möller [Wed, 22 Aug 2001 18:35:17 +0000 (18:35 +0000)]
typo.

23 years agoMore tests.
Ben Laurie [Wed, 22 Aug 2001 16:09:57 +0000 (16:09 +0000)]
More tests.

23 years agoMissed the page...
Lutz Jänicke [Tue, 21 Aug 2001 14:57:25 +0000 (14:57 +0000)]
Missed the page...

23 years agoOne more manual page...
Lutz Jänicke [Tue, 21 Aug 2001 14:55:58 +0000 (14:55 +0000)]
One more manual page...

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Tue, 21 Aug 2001 14:54:55 +0000 (14:54 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoOne more manual page...
Lutz Jänicke [Tue, 21 Aug 2001 14:54:54 +0000 (14:54 +0000)]
One more manual page...

23 years agoDocumentation on how to handle compression methods.
Lutz Jänicke [Tue, 21 Aug 2001 13:04:26 +0000 (13:04 +0000)]
Documentation on how to handle compression methods.
Hopefully it is clear enough, that it is currently not recommended.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Tue, 21 Aug 2001 13:02:59 +0000 (13:02 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoDocumentation on how to handle compression methods.
Lutz Jänicke [Tue, 21 Aug 2001 13:02:58 +0000 (13:02 +0000)]
Documentation on how to handle compression methods.
Hopefully it is clear enough, that it is currently not recommended.

23 years agoChecked in from the wrong !@#$%^&*() copy...
Lutz Jänicke [Tue, 21 Aug 2001 07:27:47 +0000 (07:27 +0000)]
Checked in from the wrong !@#$%^&*() copy...

23 years agoChecked in from the wrong !@#$%&*() copy...
Lutz Jänicke [Tue, 21 Aug 2001 07:27:02 +0000 (07:27 +0000)]
Checked in from the wrong !@#$%&*() copy...

23 years agoMore interdependencies with respect to shutdown behaviour.
Lutz Jänicke [Mon, 20 Aug 2001 14:35:17 +0000 (14:35 +0000)]
More interdependencies with respect to shutdown behaviour.

23 years agoMore interdependencies with respect to shutdown behaviour.
Lutz Jänicke [Mon, 20 Aug 2001 14:34:16 +0000 (14:34 +0000)]
More interdependencies with respect to shutdown behaviour.

23 years agoAlert description strings for TLSv1 and documentation.
Lutz Jänicke [Sun, 19 Aug 2001 16:23:57 +0000 (16:23 +0000)]
Alert description strings for TLSv1 and documentation.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Sun, 19 Aug 2001 16:20:43 +0000 (16:20 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoAlert description strings for TLSv1 and documentation.
Lutz Jänicke [Sun, 19 Aug 2001 16:20:42 +0000 (16:20 +0000)]
Alert description strings for TLSv1 and documentation.

23 years agoAdd RC4 support to OpenBSD.
Ben Laurie [Sat, 18 Aug 2001 16:04:36 +0000 (16:04 +0000)]
Add RC4 support to OpenBSD.

23 years agoAdd AES tests.
Ben Laurie [Sat, 18 Aug 2001 16:02:52 +0000 (16:02 +0000)]
Add AES tests.

23 years agoAdd EVP test program.
Ben Laurie [Sat, 18 Aug 2001 13:53:01 +0000 (13:53 +0000)]
Add EVP test program.

23 years agoAdd first cut symmetric crypto support.
Ben Laurie [Sat, 18 Aug 2001 10:22:54 +0000 (10:22 +0000)]
Add first cut symmetric crypto support.

23 years agoMore details about session timeout settings.
Lutz Jänicke [Fri, 17 Aug 2001 16:38:06 +0000 (16:38 +0000)]
More details about session timeout settings.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Fri, 17 Aug 2001 16:36:52 +0000 (16:36 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoMore details about session timeout settings.
Lutz Jänicke [Fri, 17 Aug 2001 16:36:51 +0000 (16:36 +0000)]
More details about session timeout settings.

23 years agoOne more function documented.
Lutz Jänicke [Fri, 17 Aug 2001 15:56:30 +0000 (15:56 +0000)]
One more function documented.

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Fri, 17 Aug 2001 15:54:51 +0000 (15:54 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoOne more function documented.
Lutz Jänicke [Fri, 17 Aug 2001 15:54:50 +0000 (15:54 +0000)]
One more function documented.

23 years agoSSL_shutdown() has even more properties...
Lutz Jänicke [Fri, 17 Aug 2001 15:10:47 +0000 (15:10 +0000)]
SSL_shutdown() has even more properties...

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Fri, 17 Aug 2001 15:09:32 +0000 (15:09 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoSSL_shutdown() has even more properties...
Lutz Jänicke [Fri, 17 Aug 2001 15:09:31 +0000 (15:09 +0000)]
SSL_shutdown() has even more properties...

23 years agoOne more step on the way for complete documentation...
Lutz Jänicke [Fri, 17 Aug 2001 14:34:44 +0000 (14:34 +0000)]
One more step on the way for complete documentation...

23 years agoThis commit was manufactured by cvs2svn to create branch
cvs2svn [Fri, 17 Aug 2001 14:32:39 +0000 (14:32 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_6-stable'.

23 years agoOne more step on the way for complete documentation...
Lutz Jänicke [Fri, 17 Aug 2001 14:32:38 +0000 (14:32 +0000)]
One more step on the way for complete documentation...

23 years agoUnidirectional shutdown is allowed according to the RFC.
Lutz Jänicke [Fri, 17 Aug 2001 09:09:17 +0000 (09:09 +0000)]
Unidirectional shutdown is allowed according to the RFC.

23 years agoUnidirectional shutdown is allowed according to the RFC.
Lutz Jänicke [Fri, 17 Aug 2001 09:08:32 +0000 (09:08 +0000)]
Unidirectional shutdown is allowed according to the RFC.

23 years agoMake sure evil file name characters, like spaces or ampersands (!),
Richard Levitte [Fri, 17 Aug 2001 04:35:58 +0000 (04:35 +0000)]
Make sure evil file name characters, like spaces or ampersands (!),
don't disturb the rehashing process.
Spotted and suggested patch from Rudo Thomas <rudo@internet.sk>

23 years agoMake -passin -passout etc work again.
Dr. Stephen Henson [Fri, 17 Aug 2001 01:09:54 +0000 (01:09 +0000)]
Make -passin -passout etc work again.

Fix leak in ca.c when using -passin.

23 years agoAdd CRL utility functions to allow CRLs to be
Dr. Stephen Henson [Fri, 17 Aug 2001 00:33:43 +0000 (00:33 +0000)]
Add CRL utility functions to allow CRLs to be
built up without accessing structures directly.

Update ca.c to use new functions.

Fix ca.c so it now build CRLs correctly again.

23 years agoBugfixes provided by "Stephen Hinton" <shinton@netopia.com>.
Lutz Jänicke [Thu, 16 Aug 2001 15:30:37 +0000 (15:30 +0000)]
Bugfixes provided by "Stephen Hinton" <shinton@netopia.com>.

23 years agoBugfixes provided by "Stephen Hinton" <shinton@netopia.com>.
Lutz Jänicke [Thu, 16 Aug 2001 15:28:00 +0000 (15:28 +0000)]
Bugfixes provided by "Stephen Hinton" <shinton@netopia.com>.

23 years agoBetter description of the behaviour of SSL_shutdown() as it is now, broken
Lutz Jänicke [Thu, 16 Aug 2001 14:29:50 +0000 (14:29 +0000)]
Better description of the behaviour of SSL_shutdown() as it is now, broken
or not.

23 years agoBetter description of the behaviour of SSL_shutdown() as it is now, broken
Lutz Jänicke [Thu, 16 Aug 2001 14:27:55 +0000 (14:27 +0000)]
Better description of the behaviour of SSL_shutdown() as it is now, broken
or not.

23 years agogcc 3.0 tells me that -m486 is deprecated. The gcc 2.95 manual tells
Richard Levitte [Mon, 13 Aug 2001 14:09:31 +0000 (14:09 +0000)]
gcc 3.0 tells me that -m486 is deprecated.  The gcc 2.95 manual tells
me the same and that the correct option is -mcpu=i486.  I'm assuming
-mcpu has been around for some time, and that it's therefore safe to
change all occurences of -m486 to -mcpu=i486.

23 years agoThe indexes returned by ***_get_ex_new_index() functions are used when
Geoff Thorpe [Sun, 12 Aug 2001 17:14:35 +0000 (17:14 +0000)]
The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.

23 years agoThe indexes returned by ***_get_ex_new_index() functions are used when
Geoff Thorpe [Sun, 12 Aug 2001 16:52:00 +0000 (16:52 +0000)]
The indexes returned by ***_get_ex_new_index() functions are used when
setting stack (actually, array) values in ex_data. So only increment the
global counters if the underlying CRYPTO_get_ex_new_index() call succeeds.
This change doesn't make "ex_data" right (see the comment at the head of
ex_data.c to know why), but at least makes the source code marginally less
frustrating.

23 years agoMove CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids
Ben Laurie [Sat, 11 Aug 2001 11:32:54 +0000 (11:32 +0000)]
Move CIPHER_CTX cleanups to _Final routines instead of _Init, which avoids
problems with leaks and uninitialised structures.

23 years agoApply the Tru64 patch from Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>
Richard Levitte [Fri, 10 Aug 2001 15:26:21 +0000 (15:26 +0000)]
Apply the Tru64 patch from Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>

His comments are:

1) Changes all references for `True64' to be `Tru64', which is the correct
spelling for the OS name.

2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc'
entry that is the same as the previous `alpha-cc'.  The reason is that most
people these days are using the newer compiler, so it should be the default.

3) Adds a bit of commentary to Configure, regarding the name changes of
the OS over the years, so it's not so confusing to people that haven't been
with the OS for a while.

4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically
by Configure under any circumstance) that builds an RPATH into the
shared libraries.  This is explained in the comment in Configure.  It's
very very useful for people that want it, and people that don't want it
just shouldn't choose that target.

5) Adds the `-pthread' flag as the best way to get POSIX thread support
from the newer compiler.

6) Updates the Makefile targets, so that when the `alpha164-cc', `alpha-cc',
or `alpha-cc-rpath' target is what Configure is set to use, it uses a Makefile
target that includes the `-msym' option when building the shared library.
This is a performance enhancement.

7) Updates `config' so that if it detects you're running version 4 or 5
of the OS, it automatically selects `alpha-cc', but uses `alphaold-cc'
for versions 1-3 of the OS.

8) Updates the comment in opensslv.h, fixing both the OS name typo and
adding a reference to IRIX 6.x, since the shared library semantics are
virtually identical there.

23 years agoApply the Tru64 patch from Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>
Richard Levitte [Fri, 10 Aug 2001 15:25:50 +0000 (15:25 +0000)]
Apply the Tru64 patch from Tim Mooney <mooney@dogbert.cc.ndsu.NoDak.edu>

His comments are:

1) Changes all references for `True64' to be `Tru64', which is the correct
spelling for the OS name.

2) Makes `alpha-cc' be the same as `alpha164-cc', and adds an `alphaold-cc'
entry that is the same as the previous `alpha-cc'.  The reason is that most
people these days are using the newer compiler, so it should be the default.

3) Adds a bit of commentary to Configure, regarding the name changes of
the OS over the years, so it's not so confusing to people that haven't been
with the OS for a while.

4) Adds an `alpha-cc-rpath' target (which is *not* selected automatically
by Configure under any circumstance) that builds an RPATH into the
shared libraries.  This is explained in the comment in Configure.  It's
very very useful for people that want it, and people that don't want it
just shouldn't choose that target.

5) Adds the `-pthread' flag as the best way to get POSIX thread support
from the newer compiler.

6) Updates the Makefile targets, so that when the `alpha164-cc', `alpha-cc',
or `alpha-cc-rpath' target is what Configure is set to use, it uses a Makefile
target that includes the `-msym' option when building the shared library.
This is a performance enhancement.

7) Updates `config' so that if it detects you're running version 4 or 5
of the OS, it automatically selects `alpha-cc', but uses `alphaold-cc'
for versions 1-3 of the OS.

8) Updates the comment in opensslv.h, fixing both the OS name typo and
adding a reference to IRIX 6.x, since the shared library semantics are
virtually identical there.

23 years agoadd missing link
Bodo Möller [Wed, 8 Aug 2001 15:09:06 +0000 (15:09 +0000)]
add missing link

23 years agoadd missing link
Bodo Möller [Wed, 8 Aug 2001 15:08:54 +0000 (15:08 +0000)]
add missing link

23 years agoBugfix: larger message size in ssl3_get_key_exchange() because
Bodo Möller [Tue, 7 Aug 2001 09:31:03 +0000 (09:31 +0000)]
Bugfix: larger message size in ssl3_get_key_exchange() because
ServerKeyExchange message may be skipped.

Submitted by:  Petr Lampa <lampa@fee.vutbr.cz>

23 years agoBugfix: larger message size in ssl3_get_key_exchange() because
Bodo Möller [Tue, 7 Aug 2001 09:30:18 +0000 (09:30 +0000)]
Bugfix: larger message size in ssl3_get_key_exchange() because
ServerKeyExchange message may be skipped.

Submitted by:  Petr Lampa <lampa@fee.vutbr.cz>

23 years agoFix typos (shinagawa@star.zko.dec.com).
Lutz Jänicke [Tue, 7 Aug 2001 07:53:53 +0000 (07:53 +0000)]
Fix typos (shinagawa@star.zko.dec.com).

23 years agoFix typos (shinagawa@star.zko.dec.com)
Lutz Jänicke [Tue, 7 Aug 2001 07:52:53 +0000 (07:52 +0000)]
Fix typos (shinagawa@star.zko.dec.com)

23 years agoMore typedef'd struct names as search targets
Bodo Möller [Mon, 6 Aug 2001 11:57:08 +0000 (11:57 +0000)]
More typedef'd struct names as search targets

23 years agoReinsert typedef'ed names for structs to help those trying to read the
Bodo Möller [Mon, 6 Aug 2001 11:49:31 +0000 (11:49 +0000)]
Reinsert typedef'ed names for structs to help those trying to read the
sourcecode (including fgrep)

23 years agoStart to reduce some of the header bloat.
Ben Laurie [Sun, 5 Aug 2001 18:02:16 +0000 (18:02 +0000)]
Start to reduce some of the header bloat.

23 years agoFix memory leak.
Ben Laurie [Sun, 5 Aug 2001 16:13:49 +0000 (16:13 +0000)]
Fix memory leak.

23 years agoParameter correction for CIOFSESSION.
Ben Laurie [Sat, 4 Aug 2001 12:16:56 +0000 (12:16 +0000)]
Parameter correction for CIOFSESSION.

23 years agoRemove extra whitespace. Sorry.
Ben Laurie [Fri, 3 Aug 2001 21:09:21 +0000 (21:09 +0000)]
Remove extra whitespace. Sorry.

23 years agoReinstate accidentally deleted code.
Ben Laurie [Fri, 3 Aug 2001 19:00:43 +0000 (19:00 +0000)]
Reinstate accidentally deleted code.

23 years agoGet rid of the stuff we, err, got rid of.
Ben Laurie [Fri, 3 Aug 2001 18:52:50 +0000 (18:52 +0000)]
Get rid of the stuff we, err, got rid of.

23 years agoHeader bloat reduction for EVP_PKEY.
Ben Laurie [Fri, 3 Aug 2001 18:48:35 +0000 (18:48 +0000)]
Header bloat reduction for EVP_PKEY.

23 years agoThis ghastly hack prevents CVS wars over Kerberos (which is disabled by default).
Ben Laurie [Fri, 3 Aug 2001 18:45:35 +0000 (18:45 +0000)]
This ghastly hack prevents CVS wars over Kerberos (which is disabled by default).

23 years agoOops, one SSL_OP_NON_EXPORT_FIRST was left.
Lutz Jänicke [Fri, 3 Aug 2001 13:05:44 +0000 (13:05 +0000)]
Oops, one SSL_OP_NON_EXPORT_FIRST was left.

23 years agoMake /dev/crypto work with new EVP structures.
Ben Laurie [Fri, 3 Aug 2001 11:54:37 +0000 (11:54 +0000)]
Make /dev/crypto work with new EVP structures.

23 years agoMake sure memcpy() gets properly declared by including string.h.
Richard Levitte [Fri, 3 Aug 2001 10:54:00 +0000 (10:54 +0000)]
Make sure memcpy() gets properly declared by including string.h.

23 years agoremove a comma
Bodo Möller [Fri, 3 Aug 2001 09:28:02 +0000 (09:28 +0000)]
remove a comma

23 years agoDon't disable rollback attack detection as a recommended bug workaround.
Lutz Jänicke [Fri, 3 Aug 2001 08:45:13 +0000 (08:45 +0000)]
Don't disable rollback attack detection as a recommended bug workaround.

23 years agoMention removed option.
Lutz Jänicke [Wed, 1 Aug 2001 10:07:55 +0000 (10:07 +0000)]
Mention removed option.

23 years agoRemove SSL_OP_NON_EXPORT_FIRST:
Lutz Jänicke [Wed, 1 Aug 2001 10:06:32 +0000 (10:06 +0000)]
Remove SSL_OP_NON_EXPORT_FIRST:
It did not work, it was deactivated by #if 0/#endif anyway _and_ we now have
the working SSL_OP_CIPHER_SERVER_PREFERENCE.

23 years agomake update
Richard Levitte [Tue, 31 Jul 2001 17:07:24 +0000 (17:07 +0000)]
make update

23 years agoMake sure the source file is included among the dependencies. This is
Richard Levitte [Tue, 31 Jul 2001 17:02:44 +0000 (17:02 +0000)]
Make sure the source file is included among the dependencies.  This is
the norm for 'gcc -M' but not for 'makedepend', and is merely
introduced here to avoid commit wars.

23 years agoReworked manual pages with a lot of input from Bodo Moeller.
Lutz Jänicke [Tue, 31 Jul 2001 15:06:43 +0000 (15:06 +0000)]
Reworked manual pages with a lot of input from Bodo Moeller.

23 years agoReworked manual pages with a lot of input from Bodo Moeller.
Lutz Jänicke [Tue, 31 Jul 2001 15:04:50 +0000 (15:04 +0000)]
Reworked manual pages with a lot of input from Bodo Moeller.

23 years agoDocument DES changes better.
Ben Laurie [Tue, 31 Jul 2001 13:33:58 +0000 (13:33 +0000)]
Document DES changes better.

23 years agoRemove old unused stuff.
Ben Laurie [Tue, 31 Jul 2001 12:03:26 +0000 (12:03 +0000)]
Remove old unused stuff.

23 years agoOnly set the verify callback if there's one to set!
Lutz Jänicke [Tue, 31 Jul 2001 10:20:53 +0000 (10:20 +0000)]
Only set the verify callback if there's one to set!

23 years agoIndent.
Lutz Jänicke [Tue, 31 Jul 2001 10:19:20 +0000 (10:19 +0000)]
Indent.

23 years agoVade retro C++ comments!
Richard Levitte [Tue, 31 Jul 2001 09:15:52 +0000 (09:15 +0000)]
Vade retro C++ comments!

(Latin for "comments", anyone?)

23 years agoMake as sure as possible that gethostname() will be properly declared.
Richard Levitte [Tue, 31 Jul 2001 08:50:20 +0000 (08:50 +0000)]
Make as sure as possible that gethostname() will be properly declared.

23 years agoCorrect most of the unsigned vs. signed warnings (or int vs. size_t),
Richard Levitte [Tue, 31 Jul 2001 08:45:40 +0000 (08:45 +0000)]
Correct most of the unsigned vs. signed warnings (or int vs. size_t),
and rename some local variables to avoid name shadowing.

23 years agoWhoops, my fault, a backslash got converted to a slash...
Richard Levitte [Tue, 31 Jul 2001 08:44:28 +0000 (08:44 +0000)]
Whoops, my fault, a backslash got converted to a slash...

23 years agoMore Kerberos SSL changes from Jeffrey Altman <jaltman@columbia.edu>
Richard Levitte [Tue, 31 Jul 2001 07:21:06 +0000 (07:21 +0000)]
More Kerberos SSL changes from Jeffrey Altman <jaltman@columbia.edu>
His comments are:

First, it corrects a problem introduced in the last patch where the
kssl_map_enc() would intentionally return NULL for valid ENCTYPE
values.  This was done to prevent verification of the kerberos 5
authenticator from being performed when Derived Key ciphers were
in use.  Unfortunately, the authenticator verification routine was
not the only place that function was used.  And it caused core dumps.

Second, it attempt to add to SSL_SESSION the Kerberos 5 Client
Principal Name.