directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dran...@apache.org
Subject [4/4] directory-kerberos git commit: Removed many unrelated
Date Sun, 25 Jan 2015 08:34:05 GMT
Removed many unrelated


Project: http://git-wip-us.apache.org/repos/asf/directory-kerberos/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-kerberos/commit/06a2c229
Tree: http://git-wip-us.apache.org/repos/asf/directory-kerberos/tree/06a2c229
Diff: http://git-wip-us.apache.org/repos/asf/directory-kerberos/diff/06a2c229

Branch: refs/heads/cleanssl
Commit: 06a2c229d647971ea6725975513088b73b20e829
Parents: 3917f3c
Author: Drankye <drankye@gmail.com>
Authored: Sun Jan 25 16:33:32 2015 +0800
Committer: Drankye <drankye@gmail.com>
Committed: Sun Jan 25 16:33:32 2015 +0800

----------------------------------------------------------------------
 3rdparty/not-yet-commons-ssl/README.txt         |   10 +-
 3rdparty/not-yet-commons-ssl/docs/.htaccess     |    3 -
 3rdparty/not-yet-commons-ssl/docs/404.html      |   55 -
 .../not-yet-commons-ssl/docs/TrustExample.java  |  114 --
 .../docs/TrustExample.java.html                 |  131 --
 3rdparty/not-yet-commons-ssl/docs/about.html    |   73 --
 3rdparty/not-yet-commons-ssl/docs/download.html |  263 ----
 3rdparty/not-yet-commons-ssl/docs/index.html    |  119 --
 .../docs/openssl/compare.txt                    |   28 -
 .../docs/openssl/profile.3.10                   |   72 --
 .../docs/openssl/profile.3.9                    |   72 --
 3rdparty/not-yet-commons-ssl/docs/pbe.html      |  204 ----
 3rdparty/not-yet-commons-ssl/docs/ping.html     |   93 --
 3rdparty/not-yet-commons-ssl/docs/pkcs8.html    |  156 ---
 3rdparty/not-yet-commons-ssl/docs/rmi.html      |  102 --
 3rdparty/not-yet-commons-ssl/docs/roadmap.html  |   86 --
 3rdparty/not-yet-commons-ssl/docs/source.html   |   38 -
 3rdparty/not-yet-commons-ssl/docs/ssl.html      |  106 --
 3rdparty/not-yet-commons-ssl/docs/tree.html     | 1137 ------------------
 .../not-yet-commons-ssl/docs/utilities.html     |   91 --
 .../not-yet-commons-ssl-0.3.16.jar              |  Bin 273191 -> 0 bytes
 21 files changed, 1 insertion(+), 2952 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/README.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/README.txt b/3rdparty/not-yet-commons-ssl/README.txt
index 2497e38..365bf3d 100644
--- a/3rdparty/not-yet-commons-ssl/README.txt
+++ b/3rdparty/not-yet-commons-ssl/README.txt
@@ -1,9 +1 @@
-Jakarta Commons SSL 
-===========================
-Welcome to the SSL component of the Jakarta Commons
-project.
-
-This is not a real Jakarta Project yet.  I'm just 
-trying to copy their directory structure while I work
-on this proposal.
-
+This module is adapted from not-yet-commons-ssl library, with much simplified, only focusing on PKI and SSL related.

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/.htaccess
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/.htaccess b/3rdparty/not-yet-commons-ssl/docs/.htaccess
deleted file mode 100644
index 6f20845..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/.htaccess
+++ /dev/null
@@ -1,3 +0,0 @@
-AddType text/html .html
-AddHandler server-parsed .html
-ErrorDocument 404 /commons-ssl/404.html 

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/404.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/404.html b/3rdparty/not-yet-commons-ssl/docs/404.html
deleted file mode 100644
index 794a625..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/404.html
+++ /dev/null
@@ -1,55 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - 404 Page Not Found</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-td.v { text-align: center; }
-dt { padding: 8px 0 8px 5px; }
-dd { padding-left: 15px; }
-li { padding-bottom: 6px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="/commons-ssl/index.html">main</a> |
-<a href="/commons-ssl/ssl.html">ssl</a> |
-
-<a href="/commons-ssl/pkcs8.html">pkcs8</a> |
-<a href="/commons-ssl/pbe.html">pbe</a> |
-<a href="/commons-ssl/rmi.html">rmi</a> |
-<a href="/commons-ssl/utilities.html">utilities</a> |
-<a href="/commons-ssl/source.html">source</a> |
-<a href="/commons-ssl/javadocs/">javadocs</a> |
-
-<a href="/commons-ssl/download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>404 - Page Not Found</h2>
-<p>The path you requested is not available.</p>
-<table cellpadding="6" cellspacing="0" border="0" style="margin-top: 9px;">
-<tr><th colspan="3">Current Version (September 23rd, 2014):</th></tr>
-<tr><td>Full source:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.zip">not-yet-commons-ssl-0.3.16.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
-<tr><td>Binary only:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.jar">not-yet-commons-ssl-0.3.16.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
-<tr><th colspan="3">Previous Version (September 8th, 2014):</th></tr>
-<tr><td>Full source:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.zip">not-yet-commons-ssl-0.3.15.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: f62d7f7f890ac03a0210d1be7571b21e</td></tr>
-<tr><td>Binary only:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.jar">not-yet-commons-ssl-0.3.15.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
-<tr><th colspan="3">All Previous Versions (use "svn export"):</th></tr>
-<tr><td>&nbsp;</td><td colspan="2"><a href='http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/'>/svn/not-yet-commons-ssl/tags/</a></td></tr>
-</table>
-<br/><b>Warning:</b>
-&nbsp;<span style="color: red; font-weight: bold;">All versions (to date) of not-yet-commons-ssl should be considered to be of "Alpha" quality!
-This code probably contains bugs.  This code may have security issues.</span>
-<p>Future versions will definitely break the current API in a non-reverse compatible way.  After commons-ssl-0.5.0, though, we
-plan on always being reverse compatible with ourselves.
-<hr/>
-
-</body>
-</html>

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java b/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
deleted file mode 100644
index c4561de..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java
+++ /dev/null
@@ -1,114 +0,0 @@
-
-import org.apache.commons.httpclient.HttpClient;
-import org.apache.commons.httpclient.methods.GetMethod;
-import org.apache.commons.httpclient.protocol.Protocol;
-import org.apache.commons.ssl.HttpSecureProtocol;
-import org.apache.commons.ssl.TrustMaterial;
-
-import javax.net.ssl.SSLHandshakeException;
-import java.net.URL;
-
-/**
- *
- * Example of trusting certs to answer a question Sudip Shrestha posed on the
- * httpclient-user@jakarta.apache.org mailing list, Fri 5/5/2006.
- *
- * @author Julius Davies
- * @since May 5, 2006
- */
-public class TrustExample {
-
-/*
-Microsoft IE trusts usertrust.com CA certs by default, but Java doesn't, so we need
-to tell Java to.
-
-Cert is good until 2019 !
-
-openssl x509 -in cert.pem -noout -text
-=======================================
-
-Serial Number:
-    44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
-Signature Algorithm: sha1WithRSAEncryption
-Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-Validity
-    Not Before: Jul  9 18:10:42 1999 GMT
-    Not After : Jul  9 18:19:22 2019 GMT
-Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
-
-X509v3 extensions:
-    X509v3 Key Usage:
-        Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
-    X509v3 Basic Constraints: critical
-        CA:TRUE
-    X509v3 Subject Key Identifier:
-        A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
-    X509v3 CRL Distribution Points:
-        URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl
-
-    X509v3 Extended Key Usage:
-        TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User
-
-*/
-    private static byte[] pemCert = (
-            "-----BEGIN CERTIFICATE-----\n" +
-            "MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB\n" +
-            "lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug\n" +
-            "Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho\n" +
-            "dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt\n" +
-            "SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG\n" +
-            "A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe\n" +
-            "MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v\n" +
-            "d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh\n" +
-            "cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn\n" +
-            "0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ\n" +
-            "M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a\n" +
-            "MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd\n" +
-            "oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI\n" +
-            "DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy\n" +
-            "oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD\n" +
-            "VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0\n" +
-            "dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy\n" +
-            "bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF\n" +
-            "BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM\n" +
-            "//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli\n" +
-            "CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE\n" +
-            "CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t\n" +
-            "3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS\n" +
-            "KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==\n" +
-            "-----END CERTIFICATE-----\n" ).getBytes();
-
-    public static void main( String[] args ) throws Exception
-    {
-        HttpSecureProtocol f = new HttpSecureProtocol();
-
-        // might as well trust the usual suspects:
-        f.addTrustMaterial(TrustMaterial.CACERTS);
-
-        // here's where we start trusting usertrust.com's CA:
-        f.addTrustMaterial(new TrustMaterial( pemCert ));
-
-        Protocol trustHttps = new Protocol("https", f, 443);
-        Protocol.registerProtocol("https", trustHttps);
-
-        HttpClient client = new HttpClient();
-        GetMethod httpget = new GetMethod("https://www.usertrust.com/");
-        client.executeMethod(httpget);
-        String s = httpget.getStatusLine().toString();
-        System.out.println( "HTTPClient: " + s );
-
-        // Notice that Java still can't access it.  Only HTTPClient knows
-        // to trust the cert!
-        URL u = new URL( "https://www.usertrust.com/" );
-        try
-        {
-            // This will throw an SSLHandshakeException
-            u.openStream();
-        }
-        catch ( SSLHandshakeException she )
-        {
-            System.out.println( "Java:       " + she );
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html b/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
deleted file mode 100644
index ec2752d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/TrustExample.java.html
+++ /dev/null
@@ -1,131 +0,0 @@
-<HTML>
-<HEAD>
-<TITLE>/home/julius/dev/commons-ssl/src/java/TrustExample.java</TITLE>
-<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=windows-1252">
-<META NAME="KEYWORDS" CONTENT="IntelliJ_IDEA_Html">
-</HEAD>
-<BODY BGCOLOR="#ffffff">
-<TABLE CELLSPACING=0 CELLPADDING=5 COLS=1 WIDTH="100%" BGCOLOR="#C0C0C0" >
-<TR><TD><CENTER>
-<FONT FACE="Arial, Helvetica" COLOR="#000000">
-/home/julius/dev/commons-ssl/src/java/TrustExample.java</FONT>
-</center></TD></TR></TABLE>
-<PRE>
-
-<FONT COLOR=0 STYLE="font-style:normal">1    </FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">2    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.HttpClient; 
-<FONT COLOR=0 STYLE="font-style:normal">3    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.methods.GetMethod; 
-<FONT COLOR=0 STYLE="font-style:normal">4    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.httpclient.protocol.Protocol; 
-<FONT COLOR=0 STYLE="font-style:normal">5    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.ssl.HttpSecureProtocol; 
-<FONT COLOR=0 STYLE="font-style:normal">6    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> org.apache.commons.ssl.TrustMaterial; 
-<FONT COLOR=0 STYLE="font-style:normal">7    </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">8    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> javax.net.ssl.SSLHandshakeException; 
-<FONT COLOR=0 STYLE="font-style:normal">9    </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>import</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> java.net.URL; 
-<FONT COLOR=0 STYLE="font-style:normal">10   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">11   </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>/** 
-<FONT COLOR=0 STYLE="font-style:normal">12   </FONT> * 
-<FONT COLOR=0 STYLE="font-style:normal">13   </FONT> * Example of trusting certs to answer a question Sudip Shrestha posed on the 
-<FONT COLOR=0 STYLE="font-style:normal">14   </FONT> * httpclient-user@jakarta.apache.org mailing list, Fri 5/5/2006. 
-<FONT COLOR=0 STYLE="font-style:normal">15   </FONT> * 
-<FONT COLOR=0 STYLE="font-style:normal">16   </FONT> * </I></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><B>@author</B></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I> Julius Davies 
-<FONT COLOR=0 STYLE="font-style:normal">17   </FONT> * </I></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><B>@since</B></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I> May 5, 2006 
-<FONT COLOR=0 STYLE="font-style:normal">18   </FONT> */</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">19   </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>public</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>class</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> TrustExample { 
-<FONT COLOR=0 STYLE="font-style:normal">20   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">21   </FONT></FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>/* 
-<FONT COLOR=0 STYLE="font-style:normal">22   </FONT>Microsoft IE trusts usertrust.com CA certs by default, but Java doesn't, so we need 
-<FONT COLOR=0 STYLE="font-style:normal">23   </FONT>to tell Java to. 
-<FONT COLOR=0 STYLE="font-style:normal">24   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">25   </FONT>Cert is good until 2019 ! 
-<FONT COLOR=0 STYLE="font-style:normal">26   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">27   </FONT>openssl x509 -in cert.pem -noout -text 
-<FONT COLOR=0 STYLE="font-style:normal">28   </FONT>======================================= 
-<FONT COLOR=0 STYLE="font-style:normal">29   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">30   </FONT>Serial Number: 
-<FONT COLOR=0 STYLE="font-style:normal">31   </FONT>    44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd 
-<FONT COLOR=0 STYLE="font-style:normal">32   </FONT>Signature Algorithm: sha1WithRSAEncryption 
-<FONT COLOR=0 STYLE="font-style:normal">33   </FONT>Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware 
-<FONT COLOR=0 STYLE="font-style:normal">34   </FONT>Validity 
-<FONT COLOR=0 STYLE="font-style:normal">35   </FONT>    Not Before: Jul  9 18:10:42 1999 GMT 
-<FONT COLOR=0 STYLE="font-style:normal">36   </FONT>    Not After : Jul  9 18:19:22 2019 GMT 
-<FONT COLOR=0 STYLE="font-style:normal">37   </FONT>Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware 
-<FONT COLOR=0 STYLE="font-style:normal">38   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">39   </FONT>X509v3 extensions: 
-<FONT COLOR=0 STYLE="font-style:normal">40   </FONT>    X509v3 Key Usage: 
-<FONT COLOR=0 STYLE="font-style:normal">41   </FONT>        Digital Signature, Non Repudiation, Certificate Sign, CRL Sign 
-<FONT COLOR=0 STYLE="font-style:normal">42   </FONT>    X509v3 Basic Constraints: critical 
-<FONT COLOR=0 STYLE="font-style:normal">43   </FONT>        CA:TRUE 
-<FONT COLOR=0 STYLE="font-style:normal">44   </FONT>    X509v3 Subject Key Identifier: 
-<FONT COLOR=0 STYLE="font-style:normal">45   </FONT>        A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45 
-<FONT COLOR=0 STYLE="font-style:normal">46   </FONT>    X509v3 CRL Distribution Points: 
-<FONT COLOR=0 STYLE="font-style:normal">47   </FONT>        URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl 
-<FONT COLOR=0 STYLE="font-style:normal">48   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">49   </FONT>    X509v3 Extended Key Usage: 
-<FONT COLOR=0 STYLE="font-style:normal">50   </FONT>        TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User 
-<FONT COLOR=0 STYLE="font-style:normal">51   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">52   </FONT>*/</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">53   </FONT>    </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>private</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>static</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>byte</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000">[] pemCert = ( 
-<FONT COLOR=0 STYLE="font-style:normal">54   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;-----BEGIN CERTIFICATE-----</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">55   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">56   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">57   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">58   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">59   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">60   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">61   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">62   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">63   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">64   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">65   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">66   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">67   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">68   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">69   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">70   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">71   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">72   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">73   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">74   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">75   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">76   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">77   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">78   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + 
-<FONT COLOR=0 STYLE="font-style:normal">79   </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;-----END CERTIFICATE-----</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>\n</B></FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> ).getBytes(); 
-<FONT COLOR=0 STYLE="font-style:normal">80   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">81   </FONT>    </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>public</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>static</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>void</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> main( String[] args ) </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>throws</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> Exception 
-<FONT COLOR=0 STYLE="font-style:normal">82   </FONT>    { 
-<FONT COLOR=0 STYLE="font-style:normal">83   </FONT>        HttpSecureProtocol f = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> HttpSecureProtocol(); 
-<FONT COLOR=0 STYLE="font-style:normal">84   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">85   </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// might as well trust the usual suspects:</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">86   </FONT>        f.addTrustMaterial(TrustMaterial.CACERTS); 
-<FONT COLOR=0 STYLE="font-style:normal">87   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">88   </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// here's where we start trusting usertrust.com's CA:</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">89   </FONT>        f.addTrustMaterial(</FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> TrustMaterial( pemCert )); 
-<FONT COLOR=0 STYLE="font-style:normal">90   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">91   </FONT>        Protocol trustHttps = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> Protocol(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;https&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000">, f, </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">443</FONT><FONT style="font-family:monospaced;" COLOR="#000000">); 
-<FONT COLOR=0 STYLE="font-style:normal">92   </FONT>        Protocol.registerProtocol(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;https&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000">, trustHttps); 
-<FONT COLOR=0 STYLE="font-style:normal">93   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">94   </FONT>        HttpClient client = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> HttpClient(); 
-<FONT COLOR=0 STYLE="font-style:normal">95   </FONT>        GetMethod httpget = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> GetMethod(</FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;https://www.usertrust.com/&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000">); 
-<FONT COLOR=0 STYLE="font-style:normal">96   </FONT>        client.executeMethod(httpget); 
-<FONT COLOR=0 STYLE="font-style:normal">97   </FONT>        String s = httpget.getStatusLine().toString(); 
-<FONT COLOR=0 STYLE="font-style:normal">98   </FONT>        System.out.println( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;HTTPClient: &quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + s ); 
-<FONT COLOR=0 STYLE="font-style:normal">99   </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">100  </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// Notice that Java still can't access it.  Only HTTPClient knows</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">101  </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// to trust the cert!</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">102  </FONT>        URL u = </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>new</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> URL( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;https://www.usertrust.com/&quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> ); 
-<FONT COLOR=0 STYLE="font-style:normal">103  </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>try</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">104  </FONT>        { 
-<FONT COLOR=0 STYLE="font-style:normal">105  </FONT>            </FONT><FONT style="font-family:monospaced;" COLOR="#008000"><I>// This will throw an SSLHandshakeException</I></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> 
-<FONT COLOR=0 STYLE="font-style:normal">106  </FONT>            u.openStream(); 
-<FONT COLOR=0 STYLE="font-style:normal">107  </FONT>        } 
-<FONT COLOR=0 STYLE="font-style:normal">108  </FONT>        </FONT><FONT style="font-family:monospaced;" COLOR="#000080"><B>catch</B></FONT><FONT style="font-family:monospaced;" COLOR="#000000"> ( SSLHandshakeException she ) 
-<FONT COLOR=0 STYLE="font-style:normal">109  </FONT>        { 
-<FONT COLOR=0 STYLE="font-style:normal">110  </FONT>            System.out.println( </FONT><FONT style="font-family:monospaced;" COLOR="#0000ff">&quot;Java:       &quot;</FONT><FONT style="font-family:monospaced;" COLOR="#000000"> + she ); 
-<FONT COLOR=0 STYLE="font-style:normal">111  </FONT>        } 
-<FONT COLOR=0 STYLE="font-style:normal">112  </FONT>    } 
-<FONT COLOR=0 STYLE="font-style:normal">113  </FONT> 
-<FONT COLOR=0 STYLE="font-style:normal">114  </FONT>} 
-<FONT COLOR=0 STYLE="font-style:normal">115  </FONT></FONT></PRE>
-</BODY>
-</HTML>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/about.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/about.html b/3rdparty/not-yet-commons-ssl/docs/about.html
deleted file mode 100644
index 5ef231e..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/about.html
+++ /dev/null
@@ -1,73 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<meta name="Author" content="Julius Davies">
-<title>About Not-Yet-Commons-SSL</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl, a.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-.nav a.hl { color: white; }
-dt { padding: 8px 0 8px 5px; }
-li { padding-bottom: 6px; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html" class="hl">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>About Not-Yet-Commons-SSL</h2>
-
-<h4 style="margin-top: 1em;">5 Design Goals:</h4>
-<ol>
-<li  style="margin-top: 6px;"><b>Make SSL and Java Easier.</b>  Ever wanted to work with self-signed
-certificates in your Java application in a secure fashion?  Ever wanted to use more than one client
-certificate in a single running JVM?  You can edit your <code>$JAVA_HOME/jre/lib/security/cacerts</code>
-file, and you can invoke Java with <code>-Djavax.net.ssl.keyStore=/path/to/keystore</code>.  Both of
-these approaches are great at first, but they don't scale well.  Do you really want to pollute every
-SSL socket in your JVM (HTTP, LDAP, JDBC, RMI, etc...) with those system-wide changes?  Commons-SSL let's you
-control the SSL options you need in an natural way for each SSLSocketFactory, and those options
-won't bleed into the rest of your system.</li>
-<li  style="margin-top: 6px;"><b>Improve Security.</b>
-<a href="http://en.wikipedia.org/wiki/Certificate_revocation_list">CRL</a> checking turned on by default.
-We hope to add support for
-<a href="http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol">OCSP</a> soon!
-It's obnoxious to have to download CRL files around 500KB each from Thawte and Verisign every 24 hours.
-OCSP improves on that.</li>
-<li  style="margin-top: 6px;"><b>Improve Flexibility.</b>  Checking hostnames, expirations, CRL's, and many
-other options can be enabled/disabled for each SSLSocketFactory created.</li>
-<li style="margin-top: 6px;"><b>Support more file formats, and support these formats more robustly.</b>
-<ul>
-<li>commons-ssl supports over <a href="samples/rsa_result.html">50 formats</a> of PKCS8 and OpenSSL Encrypted Private Keys in PEM or DER</li>
-<li>X.509 Certificates can be PEM or DER encoded.  Can also come in PKCS7 chains.  (To be fair, Java always supported this.)</li>
-<li>PKCS12 files can be in <a href="samples/pkcs12/pkcs12_client_cert.pem">PEM</a> (as created by <code>openssl pkcs12</code>).</li>
-<li>Parsing of Base64-PEM is more tolerant of extra whitespace or comments, especially outside the Base64 sections:
-<pre style="padding-left: 100px;">any comments or whitespace up here are ignored
-
------BEGIN TYPE-----
-[...base64....]
------END TYPE-----
-
-any comments or whitespace down here are also ignored</pre></li></ul></li>
-<li><b>Automatically detect type of KeyMaterial or TrustMaterial.</b>  Consumer does not need to know
-whether keystore is PKCS12 or JKS.  They just need to know the password to decrypt the private key.</li>
-</ol>
-
-</body>
-</html>
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/download.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/download.html b/3rdparty/not-yet-commons-ssl/docs/download.html
deleted file mode 100644
index 5e8a8cb..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/download.html
+++ /dev/null
@@ -1,263 +0,0 @@
-<html>
-<head>
-<title>Not-Yet-Commons-SSL - Downloads, Features, Future Directions</title>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-td.v { text-align: center; }
-dt { padding: 8px 0 8px 5px; }
-dd { padding-left: 15px; }
-li { padding-bottom: 6px; }
-tr.released td, tr.released th { background-color: yellow; font-weight: bold; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-
-<span class="hl" href="download.html">download</span>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Download Not-Yet-Commons-SSL!</em></h2>
-<p>Not-Yet-Commons-SSL currently has NO affiliation with the <a href="http://apache.org/">Apache Software Foundation</a> (apache.org), but we're hoping
-to start <a href="http://incubator.apache.org/incubation/Incubation_Policy.html">Incubation</a> one day.
-<table cellpadding="6" cellspacing="0" border="0" style="margin-top: 9px;">
-    <tr><th colspan="3">Current Version (September 23rd, 2014):</th></tr>
-    <tr><td>Full source:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.zip">not-yet-commons-ssl-0.3.16.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: </td></tr>
-    <tr><td>Binary only:</td><td><a href="/commons-ssl/not-yet-commons-ssl-0.3.16.jar">not-yet-commons-ssl-0.3.16.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
-    <tr><th colspan="3">Previous Version (September 8th, 2014):</th></tr>
-    <tr><td>Full source:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.zip">not-yet-commons-ssl-0.3.15.zip</a></td><td>5.1MB</td><td><span style="color: red;">Alpha</span></td><td>MD5: f62d7f7f890ac03a0210d1be7571b21e</td></tr>
-    <tr><td>Binary only:</td><td><a href="/not-yet-commons-ssl-0.3.15/not-yet-commons-ssl-0.3.15.jar">not-yet-commons-ssl-0.3.15.jar</a></td><td>267KB</td><td><span style="color: red;">Alpha</span></td><td>MD5: cebc58b8367c253688426043fdf08221</td></tr>
-    <tr><th colspan="3">All Previous Versions (use "svn export"):</th></tr>
-    <tr><td>&nbsp;</td><td colspan="2"><a href='http://juliusdavies.ca/svn/not-yet-commons-ssl/tags/'>/svn/not-yet-commons-ssl/tags/</a></td></tr>
-</table>
-<br/><b>Warning:</b>
-&nbsp;<span style="color: red; font-weight: bold;">All versions of not-yet-commons-ssl should be considered to be of "Alpha" quality!
-This code probably contains bugs.  This code may have security issues.</span>
-<p>Future versions will definitely break the current API in a non-reverse compatible way.  After commons-ssl-0.5.0, though, we
-plan on always being reverse compatible with ourselves.
-<hr/>
-<h3>Changelog for not-yet-commons-ssl-0.3.16:</h3>
-<dl>
-    <dt>1. Bug fix for TrustMaterial constructor.</dt>
-    <dd>Re-introduce ability to load an X509 certificate specified as raw bytes (e.g., byte[]) in the constructor.  (Thanks to Brent Putnam for the bug report).</dd></dd>
-    <dt>2. Remove protocol / cipher whitelists.</dt>
-    <dd>
-Got rid of useStrongCiphers() method (and its converse, useDefaultCiphers()), since all ciphers in Java 7 are at least 128 bit, and my approach used a white list that was starting to get out-of-date.  If users want to ensure only strong ciphers are used in their SSL connections, they can either upgrade to Java 7 or newer, or invoke SSLClient.setEnabledCiphers() or SSLServer.setEnabledCiphers().   Also got rid of all logic that was setting default protocols, because again it was a white list that was getting out of date.  We do still call SSLContext.getInstance("TLS") by default (can be overridden), but I figure that one should be okay for at least another decade.
-    </dd>
-</dl>
-
-<h3>Changelog for not-yet-commons-ssl-0.3.15:</h3>
-<dl>
-    <dt>1. Security patch from Redhat for CVE alert.</dt>
-    <dd>The way we parse the Principal (e.g., "CN=a,OU=b,O=c") from an X509 Certificate had a serious security flaw.
-    Thanks to Redhat, Arun Babu Neelicattu, and David Jorm for notifying us, and for the patch they submitted.</dd></dd>
-    <dt>2. Upgrade to Java 1.5.</dt>
-    <dd>Not-yet-commons-ssl now requires at least Java 1.5 to run (a.k.a. Java 5).
-    If you really need Java 1.3 or Java 1.4 compatibility, please email the mailing list; it's not too late for us to
-    rejig things to bring that back, but we're not going to bother unless someone actually needs it.
-    </dd>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.13:</h3>
-<dl>
-<dt>1. Fix bugs in AuthSSLProtocolSocketFactory and TrustSSLProtocolSocketFactory.</dt>
-<dd>KeyMaterial's constructor has been checking that KeyMaterial contains at least one
-private key, but this assumption was invalid with these guys.  The fall-back to the
-TrustMaterial constructor if necessary.   (Wonder how long this has been broken!   Oops!)</dd>
-
-<dt>2. Upgraded from JUnit3 to JUnit4.  Added some extra unit tests.</dt>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.12:</h3>
-<dl>
-<dt>1. Avoid reverse-DNS lookups with literal IP address connections.</dt>
-<dd>Based on my own investigation, InetAddress.getByAddress(String, byte[]) does not do the reverse-DNS lookup that plagues Java SSL users, so we call that whenever possible.</dd>
-</dl>
-<h3>Changelog for not-yet-commons-ssl-0.3.11:</h3>
-<dl>
-<dt>1.  Fixed KeyStoreBuilder.</dt>
-<dd>It really can handle KeyStores now where the store-password and key-password differ.  It can
-also now handle all the things 0.3.9 couuld handle, too.  Whoops.  Sorry about 0.3.10, everyone.</dd>
-
-<dt>2.  KeyStoreBuilder auto-detects BouncyCastle BKS and UBER keystore types.</dt>
-
-<dt>3.  CRL checking no longer blocks forever in bad network situations (Java 5 and newer).</dt>
-<dd>CRL checking was using default java.net.URL behaviour, which unfortunately can
-cause infinite blocking.  CRL checking now waits at most 5 seconds for the CRL server
-to respond.  <b>Note:  Only works on Java 1.5 and above.</b></dd>
-
-<dt>4.  Lot's more unit tests.  Especially for KeyStoreBuilder.</dt>
-
-<dt>5.  Base64InputStream's default behaviour changed to DECODE.  VERY SORRY!</dt>
-
-<dt>6.  PKCS8Key.getPublicKey() and PEMUtil.toPEM() methods added. </dt>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.10:</h3>
-<dl>
-<dt>1. <a href="utilities.html#KSB">KeyStoreBuilder</a> broken.
-<dd>
-<b>Version 0.3.10 should be avoided!</b>
-</dd>
-</dl>
-
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.9:</h3>
-<dl>
-<dt>1. <a href="pbe.html">PBE</a> is now Compatible with <code>openssl enc -K [key] -iv [IV]</code>.</dt>
-<dd>People were asking for this.  See the PBE page for more details.</dd>
-<dt>2. DES2 with PBE was broken.</dt>
-<dd>Fixed.</dd>
-
-<dt>3. directory.apache.org didn't write the ASN.1 code.  BouncyCastle did.</dt>
-<dd>Now using latest ASN.1 parsing code from BC, and attributing it properly.</dd>
-<dt>4. The "ping" utility has a few more options.</dt>
-<dd>For those who need more than just a "HEAD /" request.  You can also set the HTTP host header,
-independant of the target host/ip.</dd>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.8:</h3>
-<dl>
-<dt>1. useDefaultJavaCiphers() actually works now.</dt>
-<dd>When you want to allow 40 bit, 56 bit, and MD5 based SSL ciphers, use this.  It was 99% functional in 0.3.7, but there was a
-rare situation where setting ciphers was causing SSL handshake errors.</dd>
-
-<dt>2. <a href="pbe.html">PBE</a> (password-based-encryption) improved.</dt>
-<dd>PBE now has its own <a href="pbe.html">HTML page</a>.  Support for all of OpenSSL's PBE ciphers implemented and tested, including
-IDEA and RC5.  (DES-X might work, but couldn't find a JCE provider that supported it).  Threw in support for some
-additional BouncyCastle ciphers even though OpenSSL doesn't support them (cast6, gost28147, rc6, seed, serpent,
-skipjack, tea, twofish, xtea).  Around <a href="samples/pbe/">650 test files</a> created to make sure PBE is working properly.
-</dd>
-<dt>3. PBE API changed on <a href="javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20java.io.InputStream)">OpenSSL.encrypt()</a> and <a href="javadocs/org/apache/commons/ssl/OpenSSL.html#decrypt(java.lang.String,%20char[],%20java.io.InputStream)">OpenSSL.decrypt()</a>.</dt>
-
-<dd>The password is now char[] instead of byte[] (sorry!).  Encrypt/decrypt on byte[] introduced.  Encrypt/decrypt on InputStream
-is still available, and is properly streamed so that even extremely large files can be encrypted/decrypted.</dd>
-</dl>
-<br/>
-<h3>Features as of not-yet-commons-ssl-0.3.7:</h3>
-<dl>
-<dt>1. useStrongCiphers() used by default.</dt>
-<dd>40 bit and 56 bit ciphers are now disabled by default.  To turn them back on call useDefaultJavaCiphers().</dd>
-<dt>2. addAllowedName() adds some flexibility to the CN verification.</dt>
-<dd>
-Here's a code example using "cucbc.com" to connect, but anticipating "www.cucbc.com" in the server's certificate:
-<pre>
-SSLClient client = new SSLClient();
-client.addAllowedName( "www.cucbc.com" );
-Socket s = client.createSocket( "cucbc.com", 443 );
-
-</pre>
-This technique is also useful if you don't want to use DNS, and want to
-connect using the IP address.
-</dd>
-<dt>3. SSLServer can re-use a Tomcat-8443 private key if running from inside Tomcat.</dt>
-<dd>
-<pre>
-SSLClient server = new SSLServer();
-server.useTomcatSSLMaterial();
-</pre>
-</dd>
-<dt>4. RMI-SSL support improved.</dt>
-<dd>Attempts to re-use the Tomcat-8443 private key for all RMI SSL Server sockets.
-Anonymous server-sockets (port 0) will always be set to port 31099.  Analyzes the
-server certificate CN field and tries to set "java.rmi.server.hostname" to something
-compatible with that.  Probably the only free implementation around that does a good
-job on the hostname verification!
-</dd>
-<dt>5. KeyMaterial constructor blows up earlier.</dt>
-<dd>If a JKS or PKCS12 file is provided that isn't going to work (e.g. no private keys),
-the KeyMaterial constructor throws an exception right away.</dd>
-
-<dt>6. getSSLContext() now available to help inter-op with Java 5 SSL-NIO libraries.</dt>
-<dd>Oleg has been working hard on SSL-NIO for the Apache httpcomponents library.  Go
-check it out!</dd>
-<dt>7. Fixed bug where SSLClient couldn't be used with javax.net.ssl.HttpsURLConnection
-on Java 1.4.x</dt>
-<dd>I was wrapping the SSLSocket, but Java 1.4.x guards against that inside HttpsURLConnection
-and throws this exciting exception:
-<pre>
-java.lang.RuntimeException: Export restriction: this JSSE implementation is non-pluggable.
-  at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.checkCreate(DashoA6275)
-  at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
-  at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA6275)
-  at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:560)
-  at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA6275)
-</pre>
-Silly Java - I'm still using <em>your</em> JSSE implementation, I'm just wrapping it!
-</dd>
-</dl>
-<br/>
-
-<h3>Features as of not-yet-commons-ssl-0.3.4:</h3>
-<dl>
-<dt>1. &nbsp;<code>"javax.net.ssl.keyStore"</code> and <code>"javax.net.ssl.trustStore"</code></dt>
-<dd>SSLClient and SSLServer now set their default TrustMaterial and KeyMaterial from these
- system properties if they are present.</dd>
-<dt>2. &nbsp;<code>ssl.setCheckCRL( true/false )</code> <em>Note: <a href="http://en.wikipedia.org/wiki/Certificate_revocation_list">CRL</a> is an abbreviation for "Certificate Revocation List"</em></dt>
-
-<dd>Set to <code>true</code> by default.  If you're using SSLClient, then the remote
-server's certificate chain is checked.  If you're using SSLServer, CRL checking is ignored <em>unless</em>
-client certificates are presented.  Commons-SSL tries to perform the CRL check against each certificate in
-the chain, but we're not sure if we always know the entire chain.
-<p><em>Implementation note:</em>
-To reduce memory consumption all CRL's are saved to disk using
-<code>File.createTempFile()</code> and <code>File.deleteOnExit()</code>.
-CRL's are re-downloaded every 24 hours.  To reduce disk IO
-the "pass/fail" result of a CRL check for a given X.509 Certificate is cached using the 20 byte SHA1 hash of the
-certificate as the key.  The cached "pass" result is discarded every 24 hours.  The cached "fail" result is retained 
-until the JVM restarts.
-</p>
-</dd>
-
-<dt>3. &nbsp;<code>ssl.setCheckExpiry( true/false )</code></dt>
-<dd>Certificate expiry checking can be turned off.  Turned on by default.  For Java 1.4 and newer we're
-intercepting the CertificateException thrown by the TrustManager.  But we still implemented our own
-expiry checking because Java 1.3 doesn't check expiry.  We check every certificate in
-the chain, but we're not sure if we always know the entire chain.</dd>
-<dt>4. &nbsp;<code>ssl.setCheckHostname( true/false )</code></dt>
-<dd>Certificate hostname checking improved.  Turned on by default for SSLClient, but turned off by
-default for SSLServer.  If turned on for SSLServer, only applied to client certificates by checking
-against a reverse DNS lookup of the client's IP address.  Turning on for SSLServer will probably be
-quite rare.  We imagine that applications (such as Tomcat) will pass the client chain back up into
-the business layer where people can code in any kind of validation logic they like.  But we put
-it in anyway to keep things consistent.
-<p>Support added for certificates with wildcards in the CN field 
-(e.g. <a href="https://www.credential.com/">*.credential.com</a>). 
-Java already had this, to be fair.  We broke it
-by accident!
-<pre style="font-style: 90%; padding: 0 30px;">
-s: CN=*.credential.com, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/cps (c)05,
-   OU=businessprofile.geotrust.com/get.jsp?GT27402892, O=*.credential.com, C=CA
-i: CN=Equifax Secure Global eBusiness CA-1, O=Equifax Secure Inc., C=US
-</pre>
-</p>
-</dd>
-
-<dt>5. &nbsp;PKCS8 support.</dt>
-<dd>Support for OpenSSL "Traditional" and PKCS8 encrypted private keys added.
-Private keys can be RSA or DSA.  See our <a href="pkcs8.html">pkcs8 page</a> for more details.</dt>
-<dt>6. &nbsp;New Utility: "<code>KeyStoreBuilder</code>"</dt>
-<dd>Command line utility converts an OpenSSL pair (private key + certificate) into a Java Keystore ("JKS")
-file.  To see the command-line options, visit our <a href="utilities.html">utilities page</a>, or just run:
-<pre style="font-style: 90%; padding: 0 30px;">
-
-java -cp commons-ssl-0.3.4.jar org.apache.commons.ssl.KeyStoreBuilder
-</pre></dd>
-</dl>
-
-</body>
-</html>

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/index.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/index.html b/3rdparty/not-yet-commons-ssl/docs/index.html
deleted file mode 100644
index db39c4d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/index.html
+++ /dev/null
@@ -1,119 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
-<meta name="Author" content="Julius Davies">
-<title>Java and SSL/TLS Made Easier - Not-Yet-Commons-SSL</title>
-<meta name="description" content="Java library for controlling aspects of SSL.  Also helps interop between Java and OpenSSL."/>
-<meta name="keywords" content="Java, SSL, TLS, OpenSSL, HTTPS, Certificates, X.509, X509, Secure Socket Layer, Transport Layer Security, Client Auth, Client Certificate, Client Cert, Client Certificates, Server Cert, Server Certificate, Server Certificates"/>
-<style type="text/css">
-dl, h1, h2, h3, h4 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-dt { padding: 8px 0 8px 5px; }
-li { padding-bottom: 6px; }
-th { text-align: right; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<span class="hl">main</span> |
-
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Not-Yet-Commons-SSL</h2>
-<p><a href="download.html">not-yet-commons-ssl-0.3.16</a> released! (September 23rd, 2014)</p>
-<p>Requires Java 1.5.x or higher.
-
-<p>Please see our <a href="ssl.html">ssl page</a> for code examples on how to use this library.</a></p>
-
-<h3>Resources:</h3>
-<table border="0" cellpadding="5" cellspacing="5">
-<tr>
-    <th>Design Goals:</th>
-    <td><a href="about.html">about.html</a></td>
-</tr>
-
-<tr>
-    <th>Code Examples:</th>
-    <td><a href="ssl.html">SSL/TLS</a> &nbsp;|&nbsp; <a href="pkcs8.html">PKCS #8</a> &nbsp;|&nbsp; <a href="pbe.html">PBE</a></td>
-</tr>
-<tr>
-
-    <th>Join Mailing List:</th>
-    <td><a href="http://lists.juliusdavies.ca/listinfo.cgi/not-yet-commons-ssl-juliusdavies.ca/">http://lists.juliusdavies.ca/listinfo.cgi/not-yet-commons-ssl-juliusdavies.ca/</a></td>
-</tr>
-<tr>
-    <th>Mailing&nbsp;List&nbsp;Archives:</th>
-    <td><a href="http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/">http://lists.juliusdavies.ca/pipermail/not-yet-commons-ssl-juliusdavies.ca/</a></td>
-</tr>    
-
-<tr>
-    <th>Downloads:</th>
-    <td><a href="download.html">http://juliusdavies.ca/commons-ssl/download.html</a></td>
-</tr>
-<tr>
-    <th>Checkout&nbsp;From&nbsp;Subversion:</th>
-    <td><code>svn&nbsp;co&nbsp;<a style="text-decoration: none;" href="http://juliusdavies.ca/svn/not-yet-commons-ssl/trunk">http://juliusdavies.ca/svn/not-yet-commons-ssl/trunk</a>&nbsp;not-yet-commons-ssl</code></td>
-
-</tr>
-<tr>
-    <th>Browse&nbsp;Subversion&nbsp;(via&nbsp;viewvc):</th>
-    <td><a href="http://juliusdavies.ca/svn/viewvc.cgi/not-yet-commons-ssl/">http://juliusdavies.ca/svn/not-yet-commons-ssl/viewvc.cgi/not-yet-commons-ssl/</a></td>
-</tr>
-<tr>
-    <th>License (Apache 2.0):</th>
-    <td><a href="LICENSE.txt">LICENSE.txt</a></td>
-
-</tr>
-</table>
-<hr/>
-<h4>About</h4>
-<p>We're calling this library "Not-Yet-Commons-SSL" since we have the intention of one day
-becoming an official Apache project.  Not-Yet-Commons-SSL was originally developed by
-<a href="https://www.cucbc.com">Credit Union Central of British Columbia</a>.
-The webpages, releases, and code here on <a href="http://juliusdavies.ca/">juliusdavies.ca</a> have no relationship to
-the Apache Software Foundation, but all code is licensed under <a href="LICENSE.txt">ASL 2.0</a>.
-</p>
-<p>The <a href="http://juliusdavies.ca/svn/viewvc.cgi/trunk/src/java/org/apache/commons/ssl/asn1/">ASN.1 parsing code</a>
-
-comes directly from BouncyCastle (<a href="http://bouncycastle.org/">bouncycastle.org</a>).  Our only modification to this
-code was an accidental "reformat" to bring it inline with our code style.  Also, in two places, we switched the BC code
-to use <em>our</em> Hex.java
-for encoding/decoding instead of their own.
-The PKCS12 key derivation function (for some PKCS8 version 1.5 encrypted keys) also comes from BouncyCastle.
-Presumably they  got it from RSA's PKCS12 specification
-(<a href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf">ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf</a>).
-BouncyCastle maintains copyright over all the code used, but allows us to reuse and redistribute
-(the BouncyCastle license is compatible with ASL 2.0).  We are very thankful for their excellent code.
-</p>
-
-<p>Not-Yet-Commons-SSL would never have happened without Oleg Kalnichevski's excellent
-"<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/">contrib</a>"
-example in the <a href="http://jakarta.apache.org/httpcomponents/">HttpComponents</a> SVN repository.
-His
-<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLProtocolSocketFactory.java?view=markup">AuthSSLProtocolSocketFactory.java</a>
-
-and
-<a href="http://svn.apache.org/viewvc/jakarta/httpcomponents/oac.hc3x/trunk/src/contrib/org/apache/commons/httpclient/contrib/ssl/AuthSSLX509TrustManager.java?view=markup">AuthSSLX509TrustManager.java</a>
-examples
-were the seeds for all of this.  Evil Comrade Oleg's Javadocs on those classes were also extremely helpful.  We
-only one day hope that we can write Javadocs like that (hopefully by <a href="download.html#roadmap">0.7.0</a>!).
-</p>
-</body>
-</html>

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt b/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
deleted file mode 100644
index 40c469d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/compare.txt
+++ /dev/null
@@ -1,28 +0,0 @@
-
-Performance of org.apache.commons.ssl.OpenSSL.decrypt()
-
-Decrypting the same 946MB Base64 DES-3 encrypted file.
-
-
-OpenSSL 0.9.7l 28 Sep 2006
---------------------
-real	1m40.578s
-user	1m34.223s
-sys	0m04.039s
-
-
-not-yet-commons-ssl-0.3.10
-(22% slower than OpenSSL!)
---------------------
-real	2m03.270s
-user	1m56.959s
-sys	0m03.605s
-
-
-not-yet-commons-ssl-0.3.9
-(3,000% slower than OpenSSL!)
---------------------
-real	50m47.424s
-user	18m47.687s
-sys	31m30.298s
-

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10 b/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
deleted file mode 100644
index d52bd7d..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.10
+++ /dev/null
@@ -1,72 +0,0 @@
-Flat profile of 140.04 secs (12528 total ticks): main
-
-  Interpreted + native   Method                        
-  0.7%     0  +    90    java.io.FileOutputStream.writeBytes
-  0.4%     0  +    56    java.io.FileInputStream.readBytes
-  0.2%     0  +    24    java.lang.System.arraycopy
-  0.0%     5  +     0    org.apache.commons.ssl.ComboInputStream.read
-  0.0%     4  +     0    com.sun.crypto.provider.SunJCE_h.a
-  0.0%     3  +     0    javax.crypto.CipherInputStream.available
-  0.0%     2  +     0    com.sun.crypto.provider.SunJCE_h.a
-  0.0%     2  +     0    org.apache.commons.ssl.Base64.decodeBase64
-  0.0%     0  +     2    java.io.FileInputStream.read
-  0.0%     2  +     0    java.io.PrintStream.write
-  0.0%     0  +     2    java.lang.String.intern
-  0.0%     2  +     0    com.sun.crypto.provider.SunJCE_e.a
-  0.0%     1  +     0    java.math.BigInteger.addOne
-  0.0%     1  +     0    java.util.HashMap.getEntry
-  0.0%     1  +     0    java.lang.String.<init>
-  0.0%     1  +     0    sun.security.x509.RDN.<init>
-  0.0%     0  +     1    java.lang.ClassLoader.defineClass1
-  0.0%     1  +     0    java.math.BigInteger.mulAdd
-  0.0%     0  +     1    java.util.zip.Inflater.inflateBytes
-  0.0%     0  +     1    java.util.zip.ZipFile.getEntry
-  0.0%     1  +     0    org.apache.commons.ssl.Util.pipeStream
-  0.0%     0  +     1    java.lang.Class.forName0
-  0.0%     1  +     0    java.lang.StringCoding$CharsetSD.decode
-  0.0%     1  +     0    java.util.HashMap.<init>
-  0.0%     0  +     1    java.lang.Object.clone
-  1.8%    46  +   180    Total interpreted (including elided)
-
-     Compiled + native   Method                        
- 71.9%  8987  +     0    com.sun.crypto.provider.SunJCE_y.c
-  7.0%   706  +   167    org.apache.commons.ssl.util.ReadLine.nextAsBytes
-  3.1%   391  +     0    com.sun.crypto.provider.SunJCE_m.b
-  2.2%   252  +    28    org.apache.commons.ssl.Base64.decodeBase64
-  2.0%   249  +     0    org.apache.commons.ssl.Base64InputStream.getLine
-  1.3%     0  +   168    org.apache.commons.ssl.Base64.discardNonBase64
-  1.2%     8  +   144    javax.crypto.Cipher.update
-  0.8%     1  +    96    com.sun.crypto.provider.SunJCE_h.a
-  0.3%    37  +     0    javax.crypto.CipherInputStream.read
-  0.2%    22  +     0    org.apache.commons.ssl.Util.pipeStream
-  0.1%    13  +     0    java.io.BufferedInputStream.read1
-  0.1%     7  +     0    java.io.FilterInputStream.read
-  0.0%     2  +     0    adapters
-  0.0%     1  +     0    java.math.BigInteger.squareToLen
- 90.3% 10676  +   603    Total compiled
-
-         Stub + native   Method                        
-  4.6%     0  +   575    java.io.FileOutputStream.writeBytes
-  3.0%     0  +   380    java.io.FileInputStream.readBytes
-  7.6%     0  +   955    Total stub
-
-  Thread-local ticks:
-  0.3%    36             Blocked (of total)
-  0.1%     7             Class loader
-  0.0%     1             Compilation
-  0.2%    24             Unknown: thread_state
-
-
-Flat profile of 0.01 secs (1 total ticks): DestroyJavaVM
-
-  Thread-local ticks:
-100.0%     1             Blocked (of total)
-
-
-Global summary of 140.06 seconds:
-100.0% 12563             Received ticks
-  0.2%    29             Received GC ticks
-  0.5%    65             Compilation
-  0.0%     4             Other VM operations
-  0.1%     7             Class loader
-  0.2%    24             Unknown code

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9 b/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
deleted file mode 100644
index cdff246..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/openssl/profile.3.9
+++ /dev/null
@@ -1,72 +0,0 @@
-Flat profile of 3230.62 secs (320463 total ticks): main
-
-  Interpreted + native   Method                        
-  0.0%     0  +    17    java.lang.System.arraycopy
-  0.0%     0  +     7    java.io.FileOutputStream.writeBytes
-  0.0%     0  +     6    java.io.FileInputStream.read
-  0.0%     0  +     4    java.lang.Object.clone
-  0.0%     0  +     3    java.io.FileInputStream.readBytes
-  0.0%     2  +     0    com.sun.crypto.provider.SunJCE_e.<clinit>
-  0.0%     2  +     0    java.lang.StringCoding.trim
-  0.0%     0  +     2    java.util.zip.Inflater.inflateBytes
-  0.0%     2  +     0    java.math.BigInteger.multiplyToLen
-  0.0%     2  +     0    com.sun.crypto.provider.SunJCE_h.a
-  0.0%     1  +     0    sun.security.util.DerValue.init
-  0.0%     1  +     0    com.sun.crypto.provider.SunJCE_y.a
-  0.0%     1  +     0    org.apache.commons.ssl.Base64.decodeBase64
-  0.0%     1  +     0    com.sun.crypto.provider.SunJCE_y.c
-  0.0%     1  +     0    com.sun.crypto.provider.SunJCE_h.a
-  0.0%     1  +     0    java.lang.String.toLowerCase
-  0.0%     1  +     0    sun.security.pkcs.PKCS7.parse
-  0.0%     0  +     1    java.lang.ClassLoader.findBootstrapClass
-  0.0%     1  +     0    sun.misc.CharacterDecoder.decodeLinePrefix
-  0.0%     1  +     0    java.lang.String.lastIndexOf
-  0.0%     1  +     0    java.util.AbstractList.iterator
-  0.0%     1  +     0    java.util.HashMap.newValueIterator
-  0.0%     1  +     0    java.io.DataInputStream.<init>
-  0.0%     0  +     1    org.apache.commons.ssl.JavaImpl.<clinit>
-  0.0%     1  +     0    java.util.HashMap.resize
-  0.0%    28  +    42    Total interpreted (including elided)
-
-     Compiled + native   Method                        
-  0.0%   111  +     0    com.sun.crypto.provider.SunJCE_y.c
-  0.0%     0  +    76    javax.crypto.Cipher.update
-  0.0%    16  +     0    org.apache.commons.ssl.Util.readLine
-  0.0%    12  +     0    org.apache.commons.ssl.Base64.decodeBase64
-  0.0%    11  +     0    java.nio.charset.CharsetEncoder.encode
-  0.0%     9  +     0    org.apache.commons.ssl.Base64InputStream.getLine
-  0.0%     7  +     1    java.lang.StringCoding$CharsetSE.encode
-  0.0%     5  +     0    com.sun.crypto.provider.SunJCE_m.b
-  0.0%     3  +     0    org.apache.commons.ssl.Util.pipeStream
-  0.0%     1  +     0    javax.crypto.CipherInputStream.read
-  0.0%     0  +     1    org.apache.commons.ssl.Base64.discardNonBase64
-  0.0%     1  +     0    java.lang.StringCoding.encode
-  0.0%     1  +     0    java.math.BigInteger.squareToLen
-  0.1%   177  +    78    Total compiled
-
-         Stub + native   Method                        
- 92.6%     0  + 296801   java.io.FileInputStream.read
-  7.3%     0  + 23277    java.io.FileOutputStream.writeBytes
- 99.9%     0  + 320078   Total stub
-
-  Thread-local ticks:
-  0.0%    22             Blocked (of total)
-  0.0%     7             Class loader
-  0.0%     1             Compilation
-  0.0%     1             Unknown: no last frame
-  0.0%    29             Unknown: thread_state
-
-
-Flat profile of 0.01 secs (1 total ticks): DestroyJavaVM
-
-  Thread-local ticks:
-100.0%     1             Blocked (of total)
-
-
-Global summary of 3230.64 seconds:
-100.0% 320556            Received ticks
-  0.0%    73             Received GC ticks
-  0.0%    61             Compilation
-  0.0%    16             Other VM operations
-  0.0%     7             Class loader
-  0.0%    30             Unknown code

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/pbe.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/pbe.html b/3rdparty/not-yet-commons-ssl/docs/pbe.html
deleted file mode 100644
index eab326a..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/pbe.html
+++ /dev/null
@@ -1,204 +0,0 @@
-<html>
-<head>
-<title>OpenSSL's "enc" in Java (PBE / Password Based Encryption)</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-li { margin-top: 6px; width: 750px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-i { color: purple; }
-i.special { color: red; }
-dt { font-weight: bold; }
-dd { margin-top: 1em; margin-bottom: 1em; }
-sup a { text-decoration: none; }
-</style>
-</head>
-<body>
-<h1>not-yet-commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<span class="hl" href="pbe.html">pbe</span> |
-<a href="rmi.html">rmi</a> |
-<a href="utilities.html">utilities</a> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>OpenSSL's "enc" in Java (PBE / Password Based Encryption)</h2>
-<p>Not-Yet-Commons-SSL has an implementation of PBE ("password based encryption") that is 100%
-compatible with OpenSSL's command-line "enc" utility.  PBE is a form of symmetric encryption where
-the same key or password is used to encrypt and decrypt the file.
-</p>
-<p>
-We are also compatible with <code>openssl enc -K [key] -iv [IV]</code>, where the key and IV are provided explicitly,
-instead of being derived from a password.  Look for encrypt()/decrypt() methods that take
-<a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20byte[],%20byte[],%20byte[])">byte[] key, byte[] iv</a>
-instead of char[] password.  
-
-</p>
-<p>Please visit the <a href="#Quick-FAQ">Quick-FAQ</a> if you are having problems.</p>
-
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>PBE code example (DES-3):</b></u><sup><a href="#fn">*</a></sup>
-
-char[] password = {'c','h','a','n','g','e','i','t'};
-byte[] data = "Hello World!".getBytes();
-
-<em style="color: green;">// Encrypt!</em>
-byte[] encrypted = OpenSSL.encrypt("des3", password, data);
-System.out.println("ENCRYPTED: [" + new String(encrypted) + "]");
-
-<em style="color: green;">// Decrypt results of previous!</em>
-data = OpenSSL.decrypt("des3", password, encrypted);
-System.out.println("DECRYPTED: [" + new String(data) + "]");
-
-
-OUTPUT:
-=======================
-ENCRYPTED: [U2FsdGVkX19qplb9qVDVVEYxH8wjJDGpMS+F4/2pS2c=]
-DECRYPTED: [Hello World!]
-
-<sup><a name="fn">*</a></sup> <span style="font-size: 85%;">- This code example is <a href="#nqr">not quite right</a>.</span>
-</pre>
-<br clear="all"/>
-<p>Some notes:
-<ul>
-    <li>The OpenSSL.encrypt() and OpenSSL.decrypt() methods have InputStream and byte[] versions.  For large
-    files you're going to have to use the InputStream versions.</li>
-    <li>OpenSSL.encrypt() produces base64 output by default.  Use
-<a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20byte[],%20boolean)">OpenSSL.encrypt(alg, pwd, data, false)</a>
-    to turn that off.</li>
-    <li>OpenSSL.decrypt() auto-detects whether input is base64 or raw binary, so you don't need to worry about it
-    when decrypting.  The base64 "true/false" parameter is only applicable when encrypting.</li>
-    <li>We also have methods that are compatible with "<code>openssl enc -K [key] -iv [IV]</code>" where key and iv
-    are explicitly provided, rather than being derived from a password.  The [key] and [IV] should be specified
-    in either raw binary, or hexidecimal (4 bits per character).  This isn't really PBE anymore, but it's a
-    common use case.</li>
-</ul>
-</p>
-
-<p>Here's a list of supported OpenSSL ciphers.  The <i>purple ones</i> require the <a href="http://www.bouncycastle.org/latest_releases.html">BouncyCastle JCE</a>.
-The <i class="special">red ones (desx, desx-cbc)</i> probably require RSA's <a href="http://www.rsa.com/node.aspx?id=1204">BSAFE JCE</a>,
-and have not been tested.
-</p>
-<pre>
-aes-128-cbc               aes-128-cfb               <!-- aes-128-cfb1 -->
-aes-128-cfb8              aes-128-ecb               aes-128-ofb
-aes-192-cbc               aes-192-cfb               <!-- aes-192-cfb1 -->
-aes-192-cfb8              aes-192-ecb               aes-192-ofb
-aes-256-cbc               aes-256-cfb               <!-- aes-256-cfb1 -->
-aes-256-cfb8              aes-256-ecb               aes-256-ofb
-aes128                    aes192                    aes256
-bf                        bf-cbc                    bf-cfb
-bf-ecb                    bf-ofb                    blowfish
-<i>camellia-128-cbc</i>          <i>camellia-128-cfb</i>          <!-- <i>camellia-128-cfb1</i> -->
-<i>camellia-128-cfb8</i>         <i>camellia-128-ecb</i>          <i>camellia-128-ofb</i>
-<i>camellia-192-cbc</i>          <i>camellia-192-cfb</i>          <!-- <i>camellia-192-cfb1</i> -->
-<i>camellia-192-cfb8</i>         <i>camellia-192-ecb</i>          <i>camellia-192-ofb</i>
-<i>camellia-256-cbc</i>          <i>camellia-256-cfb</i>          <!-- <i>camellia-256-cfb1</i> -->
-<i>camellia-256-cfb8</i>         <i>camellia-256-ecb</i>          <i>camellia-256-ofb</i>
-<i>camellia128</i>               <i>camellia192</i>               <i>camellia256</i>
-<i>cast</i>                      <i>cast-cbc</i>                  <i>cast5-cbc</i>
-<i>cast5-cfb</i>                 <i>cast5-ecb</i>                 <i>cast5-ofb</i>
-des                       des-cbc                   des-cfb
-<!-- des-cfb1 -->                          des-cfb8                  des-ecb
-des-ede                   des-ede-cbc               des-ede-cfb
-des-ede-ofb               des-ede3                  des-ede3-cbc
-des-ede3-cfb              des-ede3-ofb              des-ofb
-des3                      <i class="special">desx</i>                      <i class="special">desx-cbc</i>
-<i>idea</i>                      <i>idea-cbc</i>                  <i>idea-cfb</i>
-<i>idea-ecb</i>                  <i>idea-ofb</i>                  rc2
-rc2-40-cbc                rc2-64-cbc                rc2-cbc
-rc2-cfb                   rc2-ecb                   rc2-ofb
-rc4                       rc4-40                    <i>rc5</i>
-<i>rc5-cbc</i>                   <i>rc5-cfb</i>                   <i>rc5-ecb</i>
-<i>rc5-ofb</i>
-</pre>
-
-<p>Here are some additional ciphers supported by BouncyCastle, but not by OpenSSL:</p>
-<pre>
-<i>cast6</i>
-<i>gost</i> (aka: <i>gost28147</i>)
-<i>rc6</i>
-<i>seed</i>
-<i>serpent</i>
-<i>skipjack</i>
-<i>tea</i>
-<i>twofish</i>
-<i>xtea</i>
-</pre>
-
-<hr/>
-<h3><a name="Quick-FAQ">Quick FAQ about PBE and Java</a></h3>
-<hr/>
-<dl>
-<dt>Why do I keep getting "java.security.InvalidKeyException: Illegal key size"?</dt>
-<dd>
-Don't forget to install your JVM's Unlimited Strength
-Jurisdiction Policy Files if you want AES-192 and AES-256 to work.  (Same is true
-for Camillia-192, Camellia-256, and GOST28147).
-
-Visit <a href="http://java.sun.com/javase/downloads/">http://java.sun.com/javase/downloads/</a>
-and scroll to the bottom:
-<blockquote>
-Other Downloads
-<br/>Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6
-</blockquote>
-You can use DES-3 (168 bit keys) without
-installing the extra policy files.
-</dd>
-<dt>Why do the encrypted files always start with "Salted__" ("U2FsdGVkX1" in base64)?
-Isn't giving away information like this insecure?</dt>
-<dd>
-The encrypted files must always start with "Salted__" to interoperate with OpenSSL.
-OpenSSL expects this.  The 8 bytes that spell "Salted__" are always immediately followed
-by another random 8 bytes of salt.  The encrypted stream starts at the 17th byte.
-This way, even if you use the same password to encrypt 2 different files, the actual
-secret keys used to encrypt these 2 files are very different.
-<br/>
-<br/>
-It is possible to omit the salt, but this is highly discouraged:
-
-<pre style="padding: 10px; float: left;">
-boolean useBase64 = true;
-boolean useSalt = false; <em style="color: green;">// Omitting the salt is bad for security!</em>
-byte[] result = <a href="http://juliusdavies.ca/commons-ssl/javadocs/org/apache/commons/ssl/OpenSSL.html#encrypt(java.lang.String,%20char[],%20byte[],%20boolean,%20boolean)">OpenSSL.encrypt(alg, pwd, data, useBase64, useSalt);</a>
-</pre>
-<br clear="all"/>
-</dd>
-<dt><a name="nqr">Why</a> is code example above "not quite right"?</dt>
-<dd>It relies on the platform's default character set.  Here is the proper version (forcing UTF-8):
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>PBE example (DES-3):</b></u>
-
-char[] password = {'c','h','a','n','g','e','i','t'};
-byte[] data = "Hello World!".getBytes("UTF-8");
-
-<em style="color: green;">// Encrypt!</em>
-byte[] encrypted = OpenSSL.encrypt("des3", password, data);
-System.out.println("ENCRYPTED: [" + new String(encrypted, "UTF-8") + "]");
-
-<em style="color: green;">// Decrypt results of previous!</em>
-data = OpenSSL.decrypt("des3", password, encrypted);
-System.out.println("DECRYPTED: [" + new String(data, "UTF-8") + "]");
-
-OUTPUT:
-======================
-ENCRYPTED: [U2FsdGVkX19qplb9qVDVVEYxH8wjJDGpMS+F4/2pS2c=]
-DECRYPTED: [Hello World!]
-</pre>
-</dd>
-</dl>
-</body>
-</html>

http://git-wip-us.apache.org/repos/asf/directory-kerberos/blob/06a2c229/3rdparty/not-yet-commons-ssl/docs/ping.html
----------------------------------------------------------------------
diff --git a/3rdparty/not-yet-commons-ssl/docs/ping.html b/3rdparty/not-yet-commons-ssl/docs/ping.html
deleted file mode 100644
index 3458d07..0000000
--- a/3rdparty/not-yet-commons-ssl/docs/ping.html
+++ /dev/null
@@ -1,93 +0,0 @@
-<html>
-<head>
-<title>Commons-SSL - Utilities</title>
-<style type="text/css">
-h1, h2, h3 { margin: 0; border: 0; padding: 0; font-size: 100%; }
-h1 { float: left; color: red; }
-b.n { font-family: arial; font-weight: bold; }
-span.hl { color: white; background-color: green; }
-div.nav { float: left; margin-left: 20px; font-weight: bold; }
-.nav a, .nav span { padding: 0 5px; }
-.nav a { color: blue; }
-li.top { margin-top: 10px; }
-ul.openssl { float: left; width: 100px; margin-top: 8px; }
-ul.pkcs8 { float: left; width: 200px; margin-top: 8px; }
-</style>
-</head>
-<body>
-<h1>commons-ssl</h1>
-<div class="nav">
-<a href="index.html">main</a> |
-<a href="ssl.html">ssl</a> |
-<a href="pkcs8.html">pkcs8</a> |
-<a href="pbe.html">pbe</a> |
-<a href="rmi.html">rmi</a> |
-<span class="hl" href="utilities.html">utilities</span> |
-<a href="source.html">source</a> |
-<a href="javadocs/">javadocs</a> |
-<a href="download.html">download</a>
-</div>
-<br clear="all"/>
-<hr/>
-<h2>Ping</h2>
-
-<p>"org.apache.commons.ssl.Ping" contains a main method to help you diagnose SSL issues.
-It's modeled on OpenSSL's very handy "s_client" utility.  We've been very careful to
-make sure "org.apache.commons.ssl.Ping" can execute without any additional jar files
-on the classpath (except if using Java 1.3 - then you'll need jsse.jar).</p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>"Ping" Utility Attempts "HEAD / HTTP/1.1" Request</b></u>
-This utility is very handy because it can get you the server's public
-certificate even if your client certificate is bad (so even though the SSL
-handshake fails).  And unlike "openssl s_client", this utility can bind
-against any IP address available.
-
-Usage:  java -jar not-yet-commons-ssl-0.3.13.jar [options]
-Version: 0.3.13   Compiled: [PDT:2014-05-08/14:15:16.000]
-Options:   (*=required)
-*  -t  --target           [hostname[:port]]              default port=443
-   -b  --bind             [hostname[:port]]              default port=0 "ANY"
-   -r  --proxy            [hostname[:port]]              default port=80
-   -tm --trust-cert       [path to trust material]       {pem, der, crt, jks}
-   -km --client-cert      [path to client's private key] {jks, pkcs12, pkcs8}
-   -cc --cert-chain       [path to client's cert chain for pkcs8/OpenSSL key]
-   -p  --password         [client cert password]
-   -h  --host-header      [http-host-header]      in case -t is an IP address
-   -u  --path             [path for GET/HEAD request]    default=/
-   -m  --method           [http method to use]           default=HEAD
-
-Example:
-
-java -jar commons-ssl.jar -t host.com:443 -c ./client.pfx -p `cat ./pass.txt` </pre><br clear="all"/>
-
-<p style="margin-top: 8px;"><b>TODO:</b><br/>Apparently Java 6.0 includes support for grabbing passwords from
-standard-in without echoing the typed characters.  Would be nice to use that feature when it's
-available, instead of requiring the password to be specified as a command-line argument.</p>
-
-<hr/>
-<h2>KeyStoreBuilder</em></h2>
-<p><code>java -cp not-yet-commons-ssl-0.3.13.jar org.apache.commons.ssl.KeyStoreBuilder</code></p>
-
-<pre style="border: 1px solid red; padding: 10px; float: left;"><u><b>KeyStoreBuilder converts PKCS12 and PKCS8 to Java "Keystore", and vice versa.</b></u>
-KeyStoreBuilder:  creates '[alias].jks' (Java Key Store)
-    -topk8 mode:  creates '[alias].pem' (x509 chain + unencrypted pkcs8)
-[alias] will be set to the first CN value of the X509 certificate.
--------------------------------------------------------------------
-Usage1: [password] [file:pkcs12]
-Usage2: [password] [file:private-key] [file:certificate-chain]
-Usage3: -topk8 [password] [file:jks]
--------------------------------------------------------------------
-[private-key] can be openssl format, or pkcs8.
-[password] decrypts [private-key], and also encrypts outputted JKS file.
-All files can be PEM or DER.</pre><br clear="all"/>
-
-<br/><b>Warning:</b>
-&nbsp;<span style="color: red; font-weight: bold;">-topk8 outputs the private key UNENCRYPTED!
-Cut and paste the private key into a separate file, and then use "openssl rsa" or "openssl dsa"
-to encrypt it with a password.</span>
-<br/>&nbsp;
-<br/>&nbsp;
-
-
-</body>
-</html>


Mime
View raw message