Zack Weinberg
Zack Weinberg
(Originally mentioned in issue 4, but that's been closed with provision of server support for secure renegotiation, which is reasonable.) The webapp should report whether the connected client supports [RFC...
I have discovered that skip-if-exec-format-error doesn't work reliably. Observe: ``` $ ./m4/skip-if-exec-format-error ./wrong-arch-true; echo $? ./m4/skip-if-exec-format-error:line 17: ./wrong-arch-true: cannot execute binary file: Exec format error 77 ``` but ``` $...
I looked over the yescrypt core code, mostly for integration problems with the libxcrypt environment. I didn’t do a thorough review; this code is already mature, and I’m not qualified...
This change makes crypt and crypt_gensalt as thread-safe as they can be without changing their interfaces. Solaris already made this change, and it’s being discussed by glibc (with suggestion that...
Addressing issue #4, I've written up a bunch of documentation for a hypothetical new feature in which the set of hashing methods that may be used, and the default cost...
This came up during the review of yescrypt, but should be discussed separately. We support generation of new "setting strings", via `crypt_gensalt`, for all of the supported hashing methods, including...
On Linux, glibc's libcrypt forbids the use of MD5 and DES password hashes if `/proc/sys/crypto/fips_enabled` exists and contains a positive integer. As I understand it, this was a kludge for...
This updates the dependencies on debug and js-beautify to current versions (^4.3.0 and ^1.14.0 respectively). It also removes the dependency on lodash, which was only being used for things that...
This plugin hasn't had its dependencies updated in quite some time and `npm audit` is quite cranky about it. Here's a PR which updates everything. Note in particular the change...
This PR fixes issues #7, #18, #19, #21, #26, #27, and #30, and partially addresses issue #16. It subsumes PRs #12, #14, #17, #20, #29, #31, #33, and #36. See...