Jan Pechanec's weblog

I didn't generate the patch for OpenSSL 0.9.8k. Given the few changes between 0.9.8j and 0.9.8k it is no suprise that you can apply the PKCS#11 engine patch for 0.9.8j on 0.9.8k.[Read More]

I resynced the ChrootDirectory option from OpenSSH to SunSSH, and pushed the change to the repository today. It wasn't a straightforward resync since we have different privilege separation code. I also found a few very minor issues in the OpenSSH code, and filed bugs with patches (1562, 1564, and 1566). [Read More]

I've updated the PKCS#11 patch for the latest OpenSSL 0.9.8j version. The patch also includes a few minor bug fixes integrated into OpenSolaris since the last patch release. I've also moved the README file out of the patch and created a tarball with those 2 files instead. You can now read the README before applying the patch. The patch is pkcs11_engine-0.9.8j.2009-03-11.tgz.

I co-authored a paper titled: "Transparent Multi-core Cryptographic Support on Niagara CMT Processors" along with James Hughes, Gary Morton, Lawrence Spracklen, Krishna Yenduri, and Christoph Schuba. This has been accepted for the International Workshop on Multicore Software Engineering in Vancouver. Lawrence will present there. Thanks to Christoph who put us together and also assumed a role of an editor of the paper. Christoph's blog entry has more details, including a link to the paper itself.

In my first OpenSolaris blog post, I explained why we decided to add some additional information into the default OpenSSL version string. In the current OpenSolaris 2008.11 release it says:[Read More]

We admit that SunSSH versioning could have been more helpful during the last few years. However, there were a few good reasons for the fact that the version number hasn't changed much... [Read More]

I'd like to explain two SSH messages that are seen from time to time. Those are generic SSH protocol version 2 messages but the actual wording can change, of course. The wording here comes from OpenSSH (and thus was inherited by SunSSH).[Read More]

As noted in the SunSSH with HW crypto announcement in September we worked on backporting this to S10. I'm glad to say that this week the code went to the S10U7 code base which, as of now, seems to be released during 2Q/2009 (Apr-Jun). Also, the patch(es) for this RFE for other S10 updates should be released at the time when S10U7 is out.