In message <[EMAIL PROTECTED]> on Fri, 29 Nov 2002 10:03:08
+0100, Nils Larsch <[EMAIL PROTECTED]> said:
nlarsch> may I ask why you didn't replace the 'memset()' in
nlarsch> BN_clear_free() with the new OPENSSL_cleanse() function ?
Quite simple: the memset()s I felt safe modifying at that point in
time were the really obvious ones, like those immediately followed by
OPENSSL_free(), or those where I could quickly determine that they
cleared local variables.
I'm going to do a second replacement where I do a more thorough check
of what is being cleared and why.
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
