[krbdev.mit.edu #6747] openssl k5crypto back end should not require openssl-1.0
Tom Yu via RT
rt-comment at krbdev.mit.edu
Tue Jun 29 11:39:52 EDT 2010
Currently, the OpenSSL k5crypto back end requires the use of openssl-1.0, because earlier
releases did not support CTS mode. For portability reasons (and minor performance
improvement in the IOV case), we should implement CTS mode using CBC mode interfaces that
already exist in older OpenSSL releases.
More information about the krb5-bugs
mailing list