Attached is "commit candidate," which is prepared for future processor steppings (*_cipher_omnivorous), optimized for small input (alloca instead of fixed realign buffer size), as well as "ported" to Windows. Could you verify that it works?
As far as I can tell it works - I have built it in 0.9.7 tree and am using it system-wide (e.g. for ssh/sshd). So far no problems :-)
Wait ... sometimes it fails. Interactive SSH sessions typically run well, but in some cases I get a segfault:
Oops! Just noticed a bug. I alloca realign buffer depending on input size, but still wipe as much as PADLOCK_CHUNK. To fix it do this:
padlock_aes_cipher(EVP_CIPHER_CTX *ctx, ...
{ ... size_t chunk,out_size;
...
if (out_misaligned) {
out_size = chunk<nbytes?PADLOCK_CHUNK:nbytes;
out = alloca(0x10+out_size);
...
...
if (out_misaligned) {
volatile unsigned long *p=out;
size_t n=out_size/sizeof(*p);
while (n--) *p++=0;
}A. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
