Is there somewhere that I can check to verify this? I want to make sure that
this patch is in the latest build.
Thanks,
Kevin
-Original Message-
From: Stephen Henson via RT [mailto:r...@openssl.org]
Sent: Tuesday, January 26, 2010 10:09 AM
To: Kevin Regan
Subject
for -DPURIFY
builds.
On Tue, Jan 26, 2010, Kevin Regan via RT wrote:
Is there somewhere that I can check to verify this? I want to make sure that
this patch is in the latest build.
You can either wait until tomorrow snapshots or pull the latest CVS using the
information at:
http
This patch fixes a bug with the -DPURIFY flag. The stat structure contains
padding and unused fields that are not initialized with the stat call. This
causes applications such as Valgrind to be unable to analyze OpenSSL
executables that are compiled with the -DPURIFY flag.
This is for
);
if (bytes == 0) return(ret);
From: Kevin Regan
Sent: Friday, January 08, 2010 11:01 AM
To: Kevin Regan; 'openssl-dev@openssl.org'
Subject: RE: RE: Change needed for -DPURIFY builds.
I also wanted to mention that the -DPURIFY flag should not weaken the PRNG (you
should be able to run
Sent: Monday, January 11, 2010 4:35 PM
To: openssl-dev@openssl.org
Subject: Re: [PATCH] Change needed for -DPURIFY builds.
On Mon, Jan 11, 2010, Kevin Regan wrote:
Any further thoughts on this patch? I'd love to get these -DPURIFY builds
working properly.
Please send the patch to the request
You're missing the point -- your comment is the height of irony, in a
way.
Use a suppression to make Valgrind shut up.
/r$
I think you misunderstand his issue. His issue is not valgrind reports a
spurious error/warning. His issue is -DPURIFY does not do what I think
it's supposed
.
--Kevin
From: Kevin Regan
Sent: Friday, January 08, 2010 10:53 AM
To: 'openssl-dev@openssl.org'
Subject: RE: Change needed for -DPURIFY builds.
You're missing the point -- your comment is the height of irony, in a
way.
Use a suppression to make Valgrind shut up.
/r$
I think you
look at
each RAND_add() call and determine if any additional memsets are needed with
the PURIFY flag (with an eye towards structures that may not be fully
initialized).
Sincerely,
Kevin Regan
F5 Networks
. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
As a workaround, I changed the above line to:
GCCVER=3.1
--Kevin
Kevin Regan
NetIQ Corporation (www.netiq.com)
Technical Lead
Houston UNIX Team
Office: 2200
Phone: 713-548-1767
:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
This happens when I select TLSv1 on the Java side and
TLSv1_server_method on the OpenSSL side. TLSv1 on the Java side and
SSLv23_server_method (but not SSLv3_server_method) works fine.
Sincerely,
Kevin Regan
p.s
? Also, who is doing the correct thing
here, JSSE or OpenSSL?
Sincerely,
Kevin Regan
Kevin Regan
Technical Lead
Houston UNIX Team
Office: 2200
Phone: 713-548-1767
__
OpenSSL Project http
11 matches
Mail list logo