Sorry for following up on my own mail, but I just wanted to say that reverting the change now seems right to me (it's setting ex_data->sk to NULL, not zeroing out sensitive data).
On Thu, Feb 20, 2003 at 10:06:55AM +0300, Solar Designer wrote: > Hi, > > I've noticed this while reviewing diffs between 0.9.6h and 0.9.6i: > > --- openssl-0.9.6h/crypto/x509/x509_vfy.c Thu Nov 28 11:06:30 2002 > +++ openssl-0.9.6i/crypto/x509/x509_vfy.c Tue Dec 10 11:28:16 2002 > @@ -897,7 +897,7 @@ > ctx->chain=NULL; > } > CRYPTO_free_ex_data(x509_store_ctx_method,ctx,&(ctx->ex_data)); > - OPENSSL_cleanse(&ctx->ex_data,sizeof(CRYPTO_EX_DATA)); > + memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); > } > > Is this change intentional, it appears to undo the change introduced > between 0.9.6g and 0.9.6h? > > -- > /sd ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
