NetBSD/crypto
wiz 658b9c6d28 In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked
via timing by performing a MAC computation even if incorrect
block cipher padding has been found.  This is a countermeasure
against active attacks where the attacker has to distinguish
between bad padding and a MAC verification error. (CAN-2003-0078)
2003-02-20 07:39:17 +00:00
..
dist In ssl3_get_record (ssl/s3_pkt.c), minimize information leaked 2003-02-20 07:39:17 +00:00
Makefile.openssl apply patch supplied with OpenSSL Security Advisory [30 July 2002] 2002-07-30 12:55:08 +00:00
TODO Remove another one, noted by Love <lha@stacken.kth.se>, confirmed by thorpej. 2001-07-10 21:52:46 +00:00