Kerberos 1.9, can it be compiled to use OpenSSL .9.8 (FIPS140-2)?
Garrett Wollman
wollman at bimajority.org
Tue Jan 11 16:38:01 EST 2011
In article <mailman.4.1294780153.4933.kerberos at mit.edu>,
Tom Yu <tlyu at MIT.EDU> wrote:
>It's a known issue due to the use of the CTS mode API that is only
>present in OpenSSL >=1.0:
>
> http://krbdev.mit.edu/rt/Ticket/Display.html?id=6747&user=guest&pass=guest
Just to make sure that I understand correctly: 1.8 and earlier
implemented CTS mode internally, and this code was ripped out in 1.9
in favor of the implementation in OpenSSL 1.0?
-GAWollman
--
Garrett A. Wollman | What intellectual phenomenon can be older, or more oft
wollman at bimajority.org| repeated, than the story of a large research program
Opinions not shared by| that impaled itself upon a false central assumption
my employers. | accepted by all practitioners? - S.J. Gould, 1993
More information about the Kerberos
mailing list