be found by using ::dis on each address,
thus rebuilding the stack.
--
Jan Pechanec
http://blogs.sun.com/janp
__
OpenSSL Project http://www.openssl.org
Development Mailing List
think we should file a bug in the RT. Is there anything else
we should provide?
thanks, Jan.
--
Jan Pechanec
http://blogs.sun.com/janp
/*
* Demo for the SSL memory corruption bug. The problem is if libssl is
* dlopen()ed, SSL error strings loaded, and the library is dlclose()d
on Linux as well.
thanks, Jan.
--
Jan Pechanec
http://blogs.sun.com/janp
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
this stop function, I believe we may end up in a similar
situation and crash again.
Jan.
--
Jan Pechanec
http://blogs.sun.com/janp
__
OpenSSL Project http://www.openssl.org
Development
in the RT. Is there anything else
we should provide?
thanks, Jan.
--
Jan Pechanec
http://blogs.sun.com/janp
/*
* Demo for the SSL memory corruption bug. The problem is if libssl is
* dlopen()ed, SSL error strings loaded, and the library is dlclose()d then. The
* hash string table built
and reconfigure/rebuild. Or,
just put #define HAVE_FORK 1 after the endif and rebuild. J.
--
Jan Pechanec
http://blogs.sun.com/janp
__
OpenSSL Project http://www.openssl.org
Development Mailing List
, fixing it in speed.c
could bring the problem back again, just for yet another architecture
not specified in the #ifdef.
cheers, Jan.
--
Jan Pechanec
http://blogs.sun.com/janp
__
OpenSSL Project
On Tue, 8 Dec 2009, Jan Pechanec wrote:
sorry, forgot to include a link to the OpenSolaris bugster:
http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6441083
with an explanation of a person who reported the problem.
J.
hi,
there are some places
-gate/usr/src/common/openssl/crypto/engine/hw_pk11.c
--
Jan Pechanec
to modify OpenSSL at all.
aha, thanks, that's a good idea. It seems to me that I can't use
OBJ_create() without providing an OID but ASN1_OBJECT_create() +
OBJ_add_object() is OK for me and no phony OIDs are used then.
J.
--
Jan Pechanec
bits
long counter for AES counter mode so that's why OpenSSH can work with its
own EVP functions for this mode. However, above mentioned changes are needed
so that CTR mode can be offloaded to the engine.
thanks, Jan.
--
Jan Pechanec
, from reading the code this is not really usable.
correct, not with the current bits in Solaris (I guess we talk about
accesing tokens). We plan to work on that but it's not top priority for now.
cheers, Jan.
--
Jan Pechanec
it to printf, or to replace it with printf right away, or something
different. After the fix the module builds fine. For more information about
echo's in Solaris, see:
man -M /usr/man echo
regards, Jan.
--
Jan Pechanec
to deallocate memory in the token allocated in
C_DigestInit() is to call C_DigestFinal(), which means unless app calls
EVP_DigestFinal() there is a leak.
Jan.
--
Jan Pechanec
__
OpenSSL Project
would like to fix it the same way as in OpenSSL - if you
decide to fix it of course. Having separate patches is too painful.
thanks, Jan.
--
Jan Pechanec
__
OpenSSL Project http
)?' ':'\n'); }
printf(pre-master\n);
{ int z; for (z=0; zs-session-master_key_length; z++)
printf(%02X%c,s-session-master_key[z],((z+1)%16)?' ':'\n'); }
#endif
which uses pre-master\n in printf(). However,
s-session-master_key is a master key.
Jan.
--
Jan Pechanec
.
Jan.
--
Jan Pechanec
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL
0.9.8e, s3_srvr.c claims this in a comment:
* s-tmp.new_cipher- the new cipher to use.
it should read s-s3-tmp.new_cipher ...
Jan.
--
Jan Pechanec
__
OpenSSL Project
as per $subj:
* The word 'cryptographic' can be left out if the rouines from the library
it seems to be everywhere:
janp:ananke:/export/openssl$ ggrep -e rouines -R openssl-0.9.8e/* | wc -l
541
--
Jan Pechanec
these backslashes are unnecessary, and they're a maintenance hazard.
If somebody puts non-null text on the following line, it will get sucked
into the macro.
thanks, Jan.
--
Jan Pechanec
Software Engineer
Security Technologies | OS Hardening
hi, SSL_SESSION_get_time(3) mentions SSL_SESSION_get_timeout twice
in NAME section instead of SSL_SESSION_set_timeout. Patch included.
Jan.
--
Jan Pechanec
Software Engineer
Security Technologies | OS Hardening
hi, man page for CONF_modules_free mistakenly mentions
CONF_modules_load instead of CONF_modules_finish (CONF_modules_load has its
own manual page). Patch attached.
checked against snapshot from 2006-06-20.
Jan.
--
Jan Pechanec
22 matches
Mail list logo