David Benjamin
David Benjamin
Well, we have a webathena.js now. But it's not what this bug's referring it. It should at least be mostly reusable if people want random Kerberos objects minus all the...
Maybe call this one webathena-include.js.
We're actually much better about this than I thought. I believe only code from assumed wrapper plugins gets executed, so npwrapper.FOO.so and some other things. Some refactoring can probably make...
Where in the assembly does that correspond to?
Friendly ping. Is this waiting on anything from my end?
> BTW, I have created some unit tests for DHE key exchange here: https://github.com/tomato42/tlslite-1/tree/dhe-kex-2 you may want to reuse them. Oh, handy. It looks like you have some bits of...
tlsfuzzer: Neat. If you haven't seen them, we have some fairly extensive tests in BoringSSL based using Go's TLS implementation as a hackable base. It's not quite a fuzzer, but...
The `EVP_AEAD` API has worked well for us and indeed avoids the efail-like pitfalls of `EVP_CIPHER`. Along the way, I would suggest avoiding the odd TLS-specific hooks inside the `EVP_CIPHER`...
> However, if `out` and `*out` are both NULL, OpenSSL tries to reuse the existing X509 object. Minor correction (this was my fault; I had a typo in my description)....
Also worth noting, here's OpenSSL's documentation that discourages the object reuse mode. > On a successful return, if *a is not NULL then it is assumed that > *a contains...