Date: Thu, 10 Apr 2003 16:33:56 -0400 (EDT) From: "Ryan W. Maple" <ryan@...rdiandigital.com> To: xvendor@...ts.openwall.com Subject: Re: openssl blinding and threads? On Wed, 9 Apr 2003, Nalin Dahyabhai wrote: > On Wed, Apr 09, 2003 at 09:38:11AM -0700, Seth Arnold wrote: > > Yesterday, I saw someone on IRC mention that Red Hat's OpenSSL update > > (either to turn on blinding, or the oracle fix) broke threading, backed up > > with the idea that recompiling stunnel to use fork() instead of whatever > > thread library it had been using, caused some problems of his to go away. > > > > I wasn't able to drag out better information from him before he > > dissapeared, but I thought I'd mention it as a heads-up, in case any of > > you run into similar problems. > > There's been some traffic about this on the openssl development list as > well. Apparently the blinding changes aren't safe for threaded apps, > and fixes are coming in 0.9.6j and 0.9.7b (and should be in the current > snapshots, too), probably Thursday. This looks like it here: http://marc.theaimsgroup.com/?l=openssl-cvs&m=104927702431768&w=2 -r
Powered by blists - more mailing lists
Please check out the xvendor mailing list charter.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ