Date: Fri, 11 Apr 2003 12:37:27 +0200 From: Martin Schulze <joey@...odrom.org> To: xvendor@...ts.openwall.com Subject: Re: openssl blinding and threads? Martin Schulze wrote: > Ryan W. Maple wrote: > > > On Wed, Apr 09, 2003 at 09:38:11AM -0700, Seth Arnold wrote: > > > > Yesterday, I saw someone on IRC mention that Red Hat's OpenSSL update > > > > (either to turn on blinding, or the oracle fix) broke threading, backed up > > > > with the idea that recompiling stunnel to use fork() instead of whatever > > > > thread library it had been using, caused some problems of his to go away. > > > > > > > > I wasn't able to drag out better information from him before he > > > > dissapeared, but I thought I'd mention it as a heads-up, in case any of > > > > you run into similar problems. > > > > > > There's been some traffic about this on the openssl development list as > > > well. Apparently the blinding changes aren't safe for threaded apps, > > > and fixes are coming in 0.9.6j and 0.9.7b (and should be in the current > > > snapshots, too), probably Thursday. > > > > This looks like it here: > > > > http://marc.theaimsgroup.com/?l=openssl-cvs&m=104927702431768&w=2 > > If you use it, use the 'Download message RAW' link since the url above > contains a broken patch, the raw message contains the correct one (or > at least one without that showstopper). Sorry, I guess I made a fool out of myself. The superflous  is a numbered link which was inserted for  arbitrarily and lynx displayed links numbered. However, still very confusing if lynx with numbered links is your main browser. Regards, Joey -- The only stupid question is the unasked one.
Powered by blists - more mailing lists
Please check out the xvendor mailing list charter.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ