Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 11 Apr 2003 12:37:27 +0200
From: Martin Schulze <joey@...odrom.org>
To: xvendor@...ts.openwall.com
Subject: Re: openssl blinding and threads?

Martin Schulze wrote:
> Ryan W. Maple wrote:
> > > On Wed, Apr 09, 2003 at 09:38:11AM -0700, Seth Arnold wrote:
> > > > Yesterday, I saw someone on IRC mention that Red Hat's OpenSSL update
> > > > (either to turn on blinding, or the oracle fix) broke threading, backed up
> > > > with the idea that recompiling stunnel to use fork() instead of whatever
> > > > thread library it had been using, caused some problems of his to go away.
> > > >
> > > > I wasn't able to drag out better information from him before he
> > > > dissapeared, but I thought I'd mention it as a heads-up, in case any of
> > > > you run into similar problems.
> > >
> > > There's been some traffic about this on the openssl development list as
> > > well.  Apparently the blinding changes aren't safe for threaded apps,
> > > and fixes are coming in 0.9.6j and 0.9.7b (and should be in the current
> > > snapshots, too), probably Thursday.
> > 
> > This looks like it here:
> > 
> >   http://marc.theaimsgroup.com/?l=openssl-cvs&m=104927702431768&w=2
> 
> If you use it, use the 'Download message RAW' link since the url above
> contains a broken patch, the raw message contains the correct one (or
> at least one without that showstopper).

Sorry, I guess I made a fool out of myself.  The superflous [8] is a
numbered link which was inserted for [0] arbitrarily and lynx displayed
links numbered.  However, still very confusing if lynx with numbered
links is your main browser.

Regards,

	Joey

-- 
The only stupid question is the unasked one.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the xvendor mailing list charter.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ