On Fri, Jun 06, 2003 at 01:48:43PM -0400, Geoff Thorpe wrote: ... > I'll remove this memset() because it clearly breaks this rule, and if that > in turn leaves anything screwy with ubsec (which could be the only > explanation for why that memset was there in the first place) then it'll > have to be fixed locally to use temporary storage or something. If either > of you are able to run tests on the result, I would be very grateful - I > think we should eventually turn off blinding for these ENGINEs but I'd > like to check how the resulting code holds up first in case there are > other bugs or behavioural problems lurking that might have required the > memset in the first place. Should be in CVS shortly, and so the next > nightly snapshots too.
I've done some minimal manual testing of openssl-0.9.7-stable-SNAP-20030611 using ubsec: it does fix the regresssion, and I don't see any other new problems. Regards, joe ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
