#26116: OpenSSL 1.1.1 changed the semantics of the password callback return value -------------------------------------------------+------------------------- Reporter: nickm | Owner: nickm Type: defect | Status: | merge_ready Priority: Medium | Milestone: Tor: | 0.3.4.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: 029-backport 031-backport | Actual Points: 032-backport 033-backport | Parent ID: | Points: Reviewer: catalyst | Sponsor: -------------------------------------------------+-------------------------
Comment (by nickm): aeb4be1d5a17f8ff836e370f8942c09c66b31e1d has a unit test to check these cases. We don't expect to get a legit password-protected key, but somebody could maliciously (or accidentally) send one in. I'm merging this to 0.2.9 and forward -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26116#comment:6> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs