Hi,
I've noticed this while reviewing diffs between 0.9.6h and 0.9.6i:
--- openssl-0.9.6h/crypto/x509/x509_vfy.c Thu Nov 28 11:06:30 2002
+++ openssl-0.9.6i/crypto/x509/x509_vfy.c Tue Dec 10 11:28:16 2002
@@ -897,7 +897,7 @@
ctx->chain=NULL;
}
CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data));
- OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA));
+ memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
}
Is this change intentional, it appears to undo the change introduced
between 0.9.6g and 0.9.6h?
--
/sd
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
