On 5/13/2015 10:19 AM, Matt Caswell wrote:
On 08/05/15 09:40, Matt Caswell wrote:
On 08/05/15 02:28, Jeffrey Altman wrote:
Regardless, the inability to improve the support in this area has left
the those organizations that rely upon 2712 with the choice of use
insecure protocols or re
. Or perhaps hold an IETF BOF first to
explore the interest. The last time I was involved the work product was
https://tools.ietf.org/html/draft-santesson-tls-gssapi-03
I still believe that is a reasonable approach.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
that any sane OS or application vendor can with a straight face continue
to ship 2712 support. As such it should be removed from OpenSSL master.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
___
openssl-dev mailing list
To unsubscribe
and it would bad
form to remove it from an existing release series. Removal on the
current master branch should not be an issue.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
for EXEs and DLLs. To disable, use /DYNAMICBASE:NO when
linking. (Or disable the Randomized Base Address property in Visual
Studio.)
Jeffrey Altman
Secure Endpoints, Inc.
signature.asc
Description: OpenPGP digital signature
to configuring and building with nasm.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
dreadfully ignorant of the blogosphere.
The Debian patch is the highly publicized patch that kills the PRNG
outright.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
think you are being foolish. It is not
worth the cost of a production system going down or valuable data being
lost or corrupted.
Jeffrey Altman
Secure Endpoints Inc.
smime.p7s
Description: S/MIME Cryptographic Signature
to the BN_get_flags()
macro are parameters passed into the BN_mod_inverse() and BN_div()
functions. In BN_MONT_CTX_set() those BIGNUM objects are initialized.
I do not see why this warning is being triggered.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
This paper justifies the decision not to rely on the Windows Random
Number Generator.
http://eprint.iacr.org/2007/419.pdf
Quoting:
We analyzed the security of the algorithm and found a non-trivial
attack: given the internal state of the generator, the previous state
can be computed in O(223)
Shobhit Gupta wrote:
Hi,
We were using OpenSSL in our product, but lately after testing on
Vista, our application was was crashing (only in Vista) in
SSL_Connect(). (It worked fine in XP)
After debugging through OpenSSL we found that within RAND_poll() it
was crashing in a win32 api
Andy Polyakov wrote:
The purpose of the CreateToolhelp32Snapshot function is to permit
walking data structures that are constantly changing by creating a
read-only copy that will not change. The returned HANDLE points to a
unique snapshot. Walking the contents of the data structures in this
Andy Polyakov wrote:
Yes, of course. It's just that as you answered yes to question has
anyone else had problem I assumed that you ran into it at some point
too. I mean my where was it targeted you as potential somebody
else:-) A.
The 'yes' applies to the complaints that have been reported on
Shobhit Gupta wrote:
Thanks all for responses.
Andy::I will try appending your piece of code in the end of md_rand.c
--
I would like to see a minidump with heap for an instance of an
application crashing in this
Testing from [EMAIL PROTECTED] which subscribed to the list
on 17 Sep 2006.
smime.p7s
Description: S/MIME Cryptographic Signature
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
I need to extend the OpenSSL ASN.1 support to include the PKINIT
SubjectAltName extension and the Kerberized Certificate Authority extension.
Is there any documentation or guidelines available to assist developers
wishing to add new extensions?
Thanks.
Jeffrey Altman
smime.p7s
Description
Last month, Peter Runestig [EMAIL PROTECTED] passed away from a heart
attack. Peter was an active participant in the openssl community. He
will be dearly missed by all that knew him.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
The following build issue exists:
cl /Fotmp32dll\c_zlib.obj -Iinc32 -Itmp32dll -DZLIB_SHARED
-DZLIB -DKRB5_MIT /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo
-DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32
-DOPENSSL_SYSNAME_WINNT -DOPENSSL_USE_APPLINK -I.
the benefits of.
Cheers,
Richard
As long as OpenSSL only accepts the extended behavior as input and
never generates the extended behavior on output I do not see there
being a problem.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
()
as part of the DLL initialization. This would solve many problems.
Jeffrey Altman
Jiang Lei wrote:
Hi,
Sorry if this message is sent twice.
I got problem running RAND_poll() in multi-threaded programs. The
function sometimes crashes at heap_next(hentry):
...
if (heaplist_first(handle, hlist
entries; one
for each of the UTF8 representation and the ACE representation.
Jeffrey Altman
Gisle Vanem wrote:
How is the /CN= supposed to be encoded for a host/domain-
name using international characters? In some specified charset
(utf8?) or in the ASCII Compatible Encoded form?
I ask since
only be useful to applications which
statically link in all libraries. Therefore, the openssl distributions
which are shipped by Linux vendors in RPMs cannot be considered
FIPS certified. Correct?
Jeffrey Altman
Marquess, Steve Mr JMLFDC wrote:
RE: Inclusion of FIPS
Jeffrey Altman
and not the crypto library?
Can you provide some insight?
Thanks.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
as a means to remote login via SSH
for the purpose of automating the execution of the build process on
Windows in a manner equivalent to that which is done on their supported
Unix/Linux systems.
Jeffrey Altman
__
OpenSSL
The libssl.a and libcrypto.a binaries are linked to cygwin1.dll. This
is not what you want.
You do not want to be using the cygwin build process but the MS Visual
Studio build environment.
Perhaps you can use the cygwin environment to kick off a normal OpenSSL
build in the background.
Jeffrey
will be the same. I know that with other packages such
as Kerberos you absolutely do not get the same result when building
under cygwin because the environment is more Unix like and therefore
different assumptions are made.
Jeffrey Altman
Steven Reddie wrote:
Jeffrey,
Are you saying that using
Richard Levitte - VMS Whacker wrote:
In message [EMAIL PROTECTED] on Thu, 6 May 2004 08:24:57 -0400, "Erik Tkal" [EMAIL PROTECTED] said:
etssl Can anyone answer this? How do I tell if this is a known
etssl problem with OpenSSL or if the RFC is incorrect, or if this is
etssl just a
is that the specification of a certificate authority should
not be
required.
TLS 1.1 has passed last call and is currently being reviewed by the
IESG.
Jeffrey Altman
Erik Tkal wrote:
Jeff,
Look ins3_srvr.c -
ssl3_send_certificate_requestcalls SSL_get_client_CA_list to get the
stack of CA names
Andy Polyakov wrote:
Now let's imagine we pick Microsoft compiler. I'd suggest to perform an
MT build and link it dynamically with MSVCRT.DLL. Idea is to use MSVCRT
primarily for BIO and other strictly internal purposes (keep in mind
that MSCVRT.DLL can be redistributed). At the same time I'd
the easiest to implement.
Jeffrey Altman
Richard Levitte - VMS Whacker wrote:
In message [EMAIL PROTECTED] on Sun, 25 Jan 2004 11:02:06 -0500, Jeffrey Altman [EMAIL PROTECTED] said:
jaltman I think there are two very different markets. One is the
jaltman cygwin (unix on windows) environments which
that there are no such crossings then you
do not have
a dependency. However, with the BIO code I am not sure this is a
possibility.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
Dr. Stephen Henson wrote:
That I believe is the main problem: all the runtime library dependencies which
directly or indirectly call incompatible library functions.
There was an attempt to fix this back in SSLeay where the application called
one function which passed pointers to the malloc
of the use of fopen()
is local to its own implementation. Threading issues if any are handled
internally by ensuring that calls are not made outside of a mutex semaphore
lock.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
. If anything
I would argue that the naming convention needs to be modified to include
the version number so as to prevent conflicts between 0.9.5, 0.9.6, 0.9.7,
and 0.9.8 all of which have incompatible ABIs.
Jeffrey Altman
Martin Germann wrote:
Hi,
I noticed an inconsistency in the windows library names
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
The inclusion of e_os.h in crypto\des\cfb_enc.c must be specified as
either
#include openssl/e_os.h
or
#include ../e_os.h
This is not performed in a consistent manner in OpenSSL 0.9.6.
__
OpenSSL Project
Richard Levitte - VMS Whacker via RT wrote:
In message [EMAIL PROTECTED] on Wed, 5 Nov 2003 08:42:39 +0100 (MET), Jeffrey Altman via RT [EMAIL PROTECTED] said:
rt
rt The inclusion of e_os.h in crypto\des\cfb_enc.c must be specified as
rt either
rt
rt #include openssl/e_os.h
Absolutely
If that is the case, then THAT is the bug to be fixed.
- Jeffrey Altman
Lee Dilkie wrote:
You can always implement your own source of random data and
push it into
the OpenSSL engine. If you do that the rand_win code will not be
executed.
Jeffrey Altman
As far as I can tell from reading
hundred megs. You should be initializing the random number generator
when your application starts; not when you have to perform your first
SSL/TLS handshake.
Jeffrey Altman
[EMAIL PROTECTED] wrote:
I know this has been brought up a few times on this list - but since I
consider it a severe
library
calls that the application can pick and choose.
-lee
You can always implement your own source of random data and push it into
the OpenSSL engine. If you do that the rand_win code will not be
executed.
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
were running as a
service. If so, we might be able to tailor this code to behave differently.
Jeffrey Altman
Richard Levitte - VMS Whacker wrote:
cardbox As for the Windows 2003 Server crash: I agree that disabling
cardbox sections of code is a Bad Thing. What I've done (pending more
cardbox
the crashes on some servers and not others.
There is still an issue of dependence on the COM engine. Services
employing OpenSSL must be loaded after the DCOM service has started.
Jeffrey Altman
Martin Kochanski wrote:
If we're going to try exception handling then I suppose
Ingo:
In other words, this test cannot work in all cases based upon the
knowledge of the OpenSSL developers because the account under which the
program executes is determined by the local system administrator OR the
application developer.
All three of these tests would fail for my use of
article explains why exceptions may be thrown or why the data
returned from a performance data call would be invalid:
http://support.microsoft.com/default.aspx?scid=kb;en-us;178887
We may need to wrap calls probing HKEY_PERFORMANCE_DATA in an exception
handling block.
Jeffrey Altman
Ingo:
Thanks for the function. Can you provide a complete blackbox solution
that is simply
BOOL IsService(void)
Please keep in mind that within the RAND_poll() function we have no
input from the application as to the service name, logon session or
account. All of that information would
Remove FAR from the two locations it is specified in the KSSL_CTX data
structure.
MIT Kerberos 1.3 no longer provides dummy definitions for FAR as all
support for
16-bit platforms (MS-DOS) has been removed.
Jeffrey Altman
Wayne Rasmussen via RT wrote:
config -t results in:
Configuring
This is not a bug. You must recompile SSH if you want the header
version within the executable to change.
[EMAIL PROTECTED] via RT wrote:
Hi Folks
I have noticed that the internal version number of of opensslv.h (0x0090701fL)
and the internal version number of libcrypto.so.0.9.7 and
This is a different vulnerability. The one you patched two weeks ago
was caused by a failure to decrypt messages when the MAC comparison
failed. This vulnerability is a timing attack against the RSA algorithms.
The Slashdot discussion is here:
I will look into this in a few days. I am sorry but I do not have the
time at the moment.
- Jeff
Markus Moeller wrote:
On Wednesday 12 Mar 2003 16:48, [EMAIL PROTECTED] via RT wrote:
A further check showed it is in kssl_TKT2tkt after the kssl_build_principal_2,
because
Richard Levitte via RT wrote:
OK, does anyone know a good way to detect (in run-time!) when the program is running as a service? If there's a way, the rest should be easy.
Sorry I have been out of contact on this issue but the problems here are
not about OpenSSL being used within a service
By any chance did you install the Visual C++ Processor Pack? It
replaces the Back End compiler (C2.DLL). Apparently, this upgrade to
support new processors is a bit buggy. If you need support for new
instruction sets upgrade to VC++ 7.0.
Michael Hunley via RT wrote:
OpenSSl v0.9.7
on
Andy Polyakov via RT wrote:
cl ... -c .\crypto\asn1\n_pkey.c
.\crypto\asn1\n_pkey.c(96) : error C2370: 'NETSCAPE_ENCRYPTED_PKEY_it' :
redefinition; different storage class
.\crypto\asn1\n_pkey.c(93) : see declaration of
'NETSCAPE_ENCRYPTED_PKEY_it'
comments inline:
Lutz Jaenicke wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server: cvs.openssl.org Name: Lutz Jaenicke
Root: /e/openssl/cvs Email: [EMAIL
SUBMISSION TYPE: TSU
SUBMITTED BY: Jeffrey Altman
SUBMITTED FOR:
POINT OF CONTACT:[EMAIL PROTECTED]
PHONE and/or FAX:
MANUFACTURER: (if relevant)
PRODUCT NAME/MODEL #: openssl 0.9.7
ECCN: 5D002
NOTIFICATION: The attached patch is against the 20021220 snapshot of
openssl
Not entirely true. I implemented the dynamic locks on Windows in Kermit
95. I do not have any hardware to test it with though.
+ *) The hw_ncipher.c engine requires dynamic locks. Unfortunately, it
+ seems that in spite of existing for more than a year, no application
+ author
not know if this is the same problem reported by Jeffrey Altman.
File crypto\rand\rand_win.c - OpenSSL 0.9.6g 9 Aug 2002
Code from the RAND_poll() function.
Line:
253/* It appears like this can cause an exception deep within ADVAPI32.DLL
254 * at random times on Windows 2000. Reported
I'm tracking down the cause of an exception that did not occur with
Kermit 95 with previous
0.9.7 builds. In the process I noticed that in
X509_STORE_CTX_cleanup
the buffer ctx-ex_data is freed with
CRYPTO_free_ex_data
prior to it being cleansed with
OPENSSL_cleanse
I'm pretty sure
Please ignore my previous e-mail, the problem is located in
X509_STORE_CTX_init()
The memset((ctx-ex_data),0,sizeof(CRYPTO_EX_DATA)) that was commented out
needs to be restored due to the use of OPENSSL_cleanse() on that data
structure. In previous
releases this data structure would have
Rich Salz wrote:
Hmm, so OpenSSL is depending on NULL being all-bytes-zero. :)
Funny about that. :-)
Probably a safe assumption, although theoretically you shouldn't do that.
It really wouldn't matter what assumption you made. At some point there
needs to be a test:
Is this structure
I think we need to take a very close look at the situations when it is
safe to replace memset(buf,0,sizeof(buf)) with
OPENSSL_cleanse(buf,sizeof(buf)).
It is clearly safe to make this replacement when the buffer is a stack
allocation because there can be no future use of the data can take
and CRLs.
Could some post a description of what is considered standard practice?
Thanks.
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured
!= c-id))
I do wonder why the SSL_SESSION cipher_id field is not consistently
set when the cipher itself is set.
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit
What is the appropriate size for 'buf' in DSA_size()?
4 bytes is certainly not correct. My guess is that we want to support at
least 256 bits and so it needs to be at least 32 bytes. Does anyone
have a better recommendation?
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI
http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet
Thanks. That is very reassuring.
Jeffrey Altman via RT wrote:
What is the appropriate size for 'buf' in DSA_size()?
4 bytes is certainly not correct.
Hi Jeffry,
I think it's correct :-)
int DSA_size(const DSA *r)
{
int ret,i
bytes could not be touched in the future
though.
In message [EMAIL PROTECTED] on Mon, 25 Nov 2002 09:32:30
+0100 (MET), Jeffrey Altman via RT [EMAIL PROTECTED] said:
rt
rt What is the appropriate size for 'buf' in DSA_size()?
rt
rt 4 bytes is certainly not correct. My guess
other bytes could not be touched in the future
though.
In message [EMAIL PROTECTED] on Mon, 25 Nov 2002 09:32:30
+0100 (MET), Jeffrey Altman via RT [EMAIL PROTECTED] said:
rt
rt What is the appropriate size for 'buf' in DSA_size()?
rt
rt 4 bytes is certainly not correct. My guess
Then the assertion should be removed because as it is now it will
always fail.
Jeffrey Altman wrote:
The code is the same in both 0.9.6- and 0.9.7-beta4. in 0.9.7-b4
there is an assertion added that is being triggered because the buf
size is considered too small. However, tracing
Then the assertion should be removed because as it is now it will
always fail.
Jeffrey Altman wrote:
The code is the same in both 0.9.6- and 0.9.7-beta4. in 0.9.7-b4
there is an assertion added that is being triggered because the buf
size is considered too small. However, tracing
://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI
multiple directory entries are
supported in NTFS however very few shells understand how to manipulate
them.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP
[EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP, and
[EMAIL
[EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP, and
[EMAIL PROTECTED
Manager [EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP
]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP
Jeffrey Altman wrote:
The answer to your questions is 'yes'. As I understand it, the
patches were released as they are for the time being because it is
better to crash your application then allow the attacker to compromise
your computer.
New patches will have to be released
cleared first.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP, and
[EMAIL PROTECTED] OpenSSL
where checks for input lengths vs
buffer lengths are performed. Never has OpenSSL called abort() in the
past.
Also, the exploit error should preferably be sent to a call back so
that proper logging can be performed.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
ssl\s3_srver.c (1591) error: pms_length is not a member of
evp_cipher_st
I believe the correct reference is
if (enc_pms.length sizeof pms)
instead of
if (enc.pms_length sizeof pms)
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project
. That is why we want it
removed.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP, and
[EMAIL PROTECTED
, in ssl_sess.c ssl_get_new_session() the error
SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH is returned if tmp
ss-session_id_length. I don't see why we need to call abort() (via
die()) if s-sid_ctx_length sizeof ss-sid_ctx.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
, in ssl_sess.c ssl_get_new_session() the error
SSL_R_SSL_SESSION_ID_HAS_BAD_LENGTH is returned if tmp
ss-session_id_length. I don't see why we need to call abort() (via
die()) if s-sid_ctx_length sizeof ss-sid_ctx.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
rt Need to add it to the exports list.
For anyone who has the time, the fix is to move the declaration (but
not the macro die()) from cryptlib.h to crypto.h, then do a make
update.
And this will auto-generate the entry for util/libeay.num ? Cool.
Jeffrey Altman * Sr.Software Designer
an error value 0
server_finish() is safe to return an error value 0
So it seems that we should be able to safely return errors from all of
them with minor interface changes to two functions. (void - int)
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
an error value 0
server_finish() is safe to return an error value 0
So it seems that we should be able to safely return errors from all of
them with minor interface changes to two functions. (void - int)
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now
In message [EMAIL PROTECTED] on Tue, 30 Jul
2002 11:31:17 EDT, Jeffrey Altman [EMAIL PROTECTED] said:
jaltman since they do not compile on two major platforms.
On VMS, creating OpenSSL shared libraries is not the norm yet, so
it'll build fine :-).
fine. shared libraries won't work
In message [EMAIL PROTECTED] on Tue, 30 Jul
2002 11:31:17 EDT, Jeffrey Altman [EMAIL PROTECTED] said:
jaltman since they do not compile on two major platforms.
On VMS, creating OpenSSL shared libraries is not the norm yet, so
it'll build fine :-).
fine. shared libraries won't work
uninterpreted data from higher layers
in non-empty blocks of arbitrary size.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos
it. (And, of course, security considerations speak for it.)
--
Bodo Möller [EMAIL PROTECTED]
Thanks Bodo. This is exactly the response I needed.
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure
[EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!!
The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP
http://www.kermit-project.org/Secured with MIT Kerberos, SRP, and
[EMAIL PROTECTED
not
conforming to the new naming will not compile instead of silently using
a wrong interpretation.
I completely agree with this approach. It did not come up for me in
the last week because C-Kermit has consistently been kept in sync with
the 0.9.7 development builds.
Jeffrey Altman
[EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 1.1.21 available now!!!
The Kermit Project @ Columbia University SSH plus Telnet, FTP and HTTP
http://www.kermit-project.org/ secured with Kerberos, SRP, and
[EMAIL PROTECTED
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Jeffrey Altman * Sr.Software Designer Kermit 95 1.1.21 available now
\
-DDSO_WIN32 -DKRB5_MIT -DOPENSSL_NO_IDEA
However, the CFLAG values are not imported into ms\nt*.mak when
ms\do_*.bat is executed. The resulting .mak files need to be edited
by hand to include the flags
-DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -DDSO_WIN32 -DKRB5_MIT
Jeffrey Altman * Sr.Software
From: Jeffrey Altman [EMAIL PROTECTED]
jaltman I prefer that des_old.h be compatible with libdes since that apps that
jaltman are built using it assume that the api they were using was constant
jaltman and unchanging.
The way things work now, there is at least no clash with libdes
1 - 100 of 257 matches
Mail list logo