Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 9 Apr 2003 14:32:06 -0400
From: Nalin Dahyabhai <nalin@...hat.com>
To: xvendor@...ts.openwall.com
Subject: Re: openssl blinding and threads?

On Wed, Apr 09, 2003 at 09:38:11AM -0700, Seth Arnold wrote:
> Yesterday, I saw someone on IRC mention that Red Hat's OpenSSL update
> (either to turn on blinding, or the oracle fix) broke threading, backed up
> with the idea that recompiling stunnel to use fork() instead of whatever
> thread library it had been using, caused some problems of his to go away.
> 
> I wasn't able to drag out better information from him before he
> dissapeared, but I thought I'd mention it as a heads-up, in case any of
> you run into similar problems.

There's been some traffic about this on the openssl development list as
well.  Apparently the blinding changes aren't safe for threaded apps,
and fixes are coming in 0.9.6j and 0.9.7b (and should be in the current
snapshots, too), probably Thursday.

Nalin

Powered by blists - more mailing lists

Your e-mail address:

Please check out the xvendor mailing list charter.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ