Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 8 Jun 2011 20:37:58 +0400
From: Solar Designer <>
Subject: Re: 1.7.7-jumbo-6

On Tue, Jun 07, 2011 at 10:41:43PM -0700, Dhiru Kholia wrote:
> I have managed to replicate the problem on Ubuntu 11.04 which uses
> openssl (0.9.8o-5ubuntu1) with OpenMP enabled.
> Even removing all free calls from program doesn't prevent the crash
> from happening.
> 1. What about limiting the patch to OpenSSL 1.0.0 series (which
> hopefully works!)?

This is what I did in -RC4.  I also added a check for "compiled against
1.0.0+, but running with older version" (which may happen with dynamic
linking).  This is totally untested.

The warning message I added says it disables OpenMP, although it
actually only reduces max_keys_per_crypt to 1.  This appears to have
almost no performance impact for this format, so I think it's OK as a
workaround (definitely better than a crash).

> 2. What about building 0.9.8r and testing against that?
> Will test out option 2 tomorrow morning.

Is there a non-negligible number of systems running versions newer than
0.9.8o but not newer than 0.9.8r?  I mean, enough for us to care to
enable OpenMP for SSH for (some of) those, if we can.  Your time might
be better spent improving the code in other aspects first.



Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.