[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CAB&MiNTnet 1.82



This is not quite an announcement of availability, I am still working out
some of the details. I'm sending this sort of as a survey, and as a request
for assistance.

I have added support for the Secure Socket Layer (SSL) protocol developed
by Netscape into the overlay. I ported the SSLeay 0.8.0 release, so it
supports both SSL version 2 and 3. I cannot distribute the result, due to
US export restrictions on cryptography. So, I am looking for someone who
can build the library and make it available, outside the US.

Also, the library adds about 200K of code to the overlay, and allocates
about 10 times as much memory as before. As such, the overlay with the
SSL library is almost bigger than CAB itself. It doesn't make sense to
me to distribute it this way; I get the feeling that not many people will
be able to use it. On my system it looks like the total memory usage doubles,
from around 900K to 1.8M.

The survey part of this is just to see - does anyone really need this? How
often do you encounter a web page that you cannot access, because you cannot
connect securely, etc.?

The announcement bit is definitely premature, call this vaporware if you will.
I haven't done any optimization on the encryption libraries, and a couple of
the tests are failing. Also, I built the SSL stuff using 32 bit ints, just to
make it easier the first time 'round, which meant modifying the overlay code
to also use 32 bit ints. This also contributes to the code growing, and I'm
not too happy about its size right now. I don't know how much time it will
take to bring it all under control, so if anyone else is interested in hacking
on the SSL code, that would be good too.

So aside from that, there are a couple of bugfixes, etc. Nothing really major;
the authentication & SSL support are the main things.

PS - SSLeay is freeware written by Eric Young; you can find the distribution
at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL. You can get all the info on SSL
starting at http://www.psy.uq.oz.au/~ftp/Crypto. I found a couple bugs in the
0.8.0 code already, so if you want to build it contact me for patches first.
I've submitted them to the authors but don't know when they will be
incorporated.
  -- Howard