After looking at ASN1_INTEGER_get and ASN1_INTEGER_set I noticed there were
minor optimizations possible.
There were all value assignements that had no reasons to be there.
The patch is based on openssl-0.9.7c.
Frédéric Giudicelli
http://www.newpki.org
In message [EMAIL PROTECTED] on Mon, 1 Dec 2003 17:27:46 -0500, Geoff Thorpe [EMAIL
PROTECTED] said:
geoff Hi Andy (and anyone else that's interested),
geoff
geoff As part of the general hackathon/audit we're doing in
geoff crypto/bn/ I once again came across the curious zeroing code in
geoff
On December 2, 2003 05:19 am, Richard Levitte - VMS Whacker wrote:
geoff I understand the desire to cater for CPU pipelining with the
geoff 8-wise loop unrolling, but is this a better solution than just
geoff using memset() and letting the compiler take care of the same
geoff sort of thing?
In message [EMAIL PROTECTED] on Tue, 2 Dec 2003 08:52:04 -0500, Geoff Thorpe [EMAIL
PROTECTED] said:
geoff If we switch to use the mem* variant in bn_expand_internal(), it needs
geoff to be corrected. The current form is unbelievingly buggy (I didn't
geoff even look at it last I played
On December 2, 2003 09:35 am, Richard Levitte - VMS Whacker wrote:
geoff afterwards by the memcpy(), and likewise the use of
geoff sizeof(b-d[0]) seems strange given the logic in the previous
geoff line uses sizeof(BN_ULONG) (which is better). But unbelievably
geoff buggy? How so?
A missing
Comment:
valgrind on x86 Linux picks up
those off-by-one errors quite well if you want an extra screening test.
For some reason there was a significant
reduction in noise from valgrind in the transition from
OpenSSL-0.9.7b-OpenSSL-0.9.7c.
Peter
Geoff Thorpe [EMAIL PROTECTED]
Sent by:
[EMAIL PROTECTED] - Thu Mar 20 12:01:22 2003]:
I'd like to ask you to please consider fetching
ftp://ftp.openssl.org/snapshot/openssl-0.9.7-stable-SNAP-
20030319.tar.gz
and test it, to determine if we need to do more fixing *before*
release of 0.9.7b (if possible). Otherwise, you
Addressing the points in order:
ERR_free_state_table() is not meant to do the same as
ERR_remove_state(). It is indeed meant to clean up the entire table and
is used for process cleanup, not thread cleanup. NetWare will clean up
process resources, but does complain when you don't clean up after
Although OpenSSL has an initialization routine (SSL_library_init), it
does not have a corresponding cleanup routine (SSL_library_cleanup). It
does have a few cleanup routines (e.g. EVP_cleanup, OBJ_cleanup, etc.)
but no overall cleanup function.
This has been an issue for us when running OpenSSL
Potentially useful, but ...
A problem we frequently hit is multiple
instances of libraries in a single process - often due to applications
dragging in shared library dependencies they aren't explicitly aware of.
For that reason, this is only mostly
safe if you can reference count somehow,
10 matches
Mail list logo