On Fri, Jul 26, 2013 at 12:13:45PM +1000, Peter Waltenberg wrote:
The compiler can't optimize if the symbols are called inter-module either.
If it knows they're hidden, it can. And it clearly can
optimize things if you mark them static so it knows they're
not called inter-module.
And
We believe our latest patch has addressed all feedback we have received so far.
As far as we can tell this is ready for inclusion in the main trunk of the
project. Naturally, if this is not the case and we still need to make changes
we are happy to work with the community. Assuming no further
Hi,
We're dealing with PEM_read_PrivateKey crashing intermittently when we use it
in a multi-threaded environment. We have tried both PEM_read_PrivateKey and
PEM_bio_read_PrivateKey. Two environments that are exhibiting the behavior are
Mac OSX 10.7 and CentOs 4.4. Two environments that are
Hello,
I've discovered a bug in OpenSSL HMAC handling -- when calling the HMAC()
(http://www.openssl.org/docs/crypto/hmac.html) function, an incorrect result
will be given if the `key` parameter is a NULL pointer, even when `key_len` is
zero. Much easier to notice when you're not using null
On Thu, Jul 25, 2013, David Wilcox wrote:
Hi,
We're dealing with PEM_read_PrivateKey crashing intermittently when we use it
in a multi-threaded environment. We have tried both PEM_read_PrivateKey and
PEM_bio_read_PrivateKey. Two environments that are exhibiting the behavior
are Mac OSX
On Fri Jul 26 09:26:23 2013, jake.petrou...@petroules.com wrote:
Hello,
I've discovered a bug in OpenSSL HMAC handling -- when calling the
HMAC() (http://www.openssl.org/docs/crypto/hmac.html) function, an
incorrect result will be given if the `key` parameter is a NULL
pointer, even when
After reviewing the documentation I see this behavior mentioned - easy to miss.
However I'd argue that this behavior is wrong, given that there is no context to
potentially re-use with the single shot function.
Wouldn't it make more sense to simply treat a NULL pointer to key the same as
passing
After reviewing the documentation I see this behavior mentioned - easy to miss.
However I'd argue that this behavior is wrong, given that there is no context to
potentially re-use with the single shot function.
Wouldn't it make more sense to simply treat a NULL pointer to key the same as
passing
After upgrading from OpenSSL 1.0.0k to 1.0.1e (Linux, x86_64) we see valgrind
errors of this kind although we always use -DPURIFY:
==11347== Conditional jump or move depends on uninitialised value(s)
==11347==at 0x5F5160: tls1_enc (t1_enc.c:832)
==11347==by 0x61AD11: ssl3_read_bytes