On Wed, May 07, 2014 at 13:49, Stuart Henderson wrote: > On 2014/05/05 12:38, Ted Unangst wrote: >> CVSROOT: /cvs >> Module name: src >> Changes by: [email protected] 2014/05/05 12:38:42 >> >> Modified files: >> lib/libssl/src/crypto/bn: bn_lib.c >> >> Log message: >> inspired by a cloudflare diff, cleanse old memory when expanding a bignum. >> however, instead of trying to audit all the places where a secret bignum >> is used, apply the big hammer and clear all bignums when freed. >> ok deraadt miod >> > > this breaks rsa, backout diff below. > > openssl openssl genrsa -out some.key 2048 > openssl req -new -key some.key -out some.csr > <fill out the fields> > <hangs>
After putting the diff back in, I can't reproduce any trouble. Are you sure? I tried both the above tests, and libcrypto and libssl regress.
