Date: Wed, 8 Jun 2011 20:37:58 +0400 From: Solar Designer <solar@...nwall.com> To: john-dev@...ts.openwall.com Subject: Re: 1.7.7-jumbo-6 On Tue, Jun 07, 2011 at 10:41:43PM -0700, Dhiru Kholia wrote: > I have managed to replicate the problem on Ubuntu 11.04 which uses > openssl (0.9.8o-5ubuntu1) with OpenMP enabled. > http://packages.ubuntu.com/natty/openssl > Even removing all free calls from program doesn't prevent the crash > from happening. > > 1. What about limiting the patch to OpenSSL 1.0.0 series (which > hopefully works!)? This is what I did in -RC4. I also added a check for "compiled against 1.0.0+, but running with older version" (which may happen with dynamic linking). This is totally untested. The warning message I added says it disables OpenMP, although it actually only reduces max_keys_per_crypt to 1. This appears to have almost no performance impact for this format, so I think it's OK as a workaround (definitely better than a crash). > 2. What about building 0.9.8r and testing against that? > > Will test out option 2 tomorrow morning. Is there a non-negligible number of systems running versions newer than 0.9.8o but not newer than 0.9.8r? I mean, enough for us to care to enable OpenMP for SSH for (some of) those, if we can. Your time might be better spent improving the code in other aspects first. Thanks, Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.