search for: openssl_free

...curity. -- Robert Jordan: A Crown of Swords ---------- Forwarded message ---------- Date: Fri, 12 Oct 2001 09:44:54 +0300 (EEST) From: Pekka Savola <pekkas at netcore.fi> To: Damien Miller <djm at mindrot.org> Cc: openssh-unix-dev at mindrot.org Subject: Recent openssl is required for OPENSSL_free [Re: Please test snapshots for 3.0 release] On Fri, 12 Oct 2001, Damien Miller wrote: > Could everyone please test the latest snapshots as we will be making a > new release soon. > > If you have any patches you would like us to consider, please resend > them to the list ASAP. 1...

The bug is pretty simple: bn_print.c in openssl-0.9.6's crypto lib says you must use OPENSSL_free on the return value from Bn_bn2dec, yet key.c simply calls free on the buffer. I changed it, but it didn't fix the problem I'm seeing. I don't know if what I'm seeing is a known bug (didn't see it anywhere on the web site). I get a core dump when trying to connect to another...

...FILE *f; *************** *** 164,169 **** --- 164,175 ---- /* Temporarily use the user's uid. */ temporarily_use_uid(pw); + /* log public key */ + + extpubkey = BN_bn2hex(client_n); + log("Attempt RSA authentication for %s with pubkey %s", pw->pw_name, extpubkey); + OPENSSL_free(extpubkey); + /* The authorized keys. */ file = authorized_keys_file(pw); debug("trying public RSA key file %s", file); *************** *** 249,254 **** --- 255,263 ---- log("Warning: %s, line %lu: keysize mismatch: " "actual %d vs. announced %d.&quo...

Outside the known 'Hang-on-exit' bug and the Solaris 'PAM_TTY_KLUDGE' required. *WHAT* other issues *MUST* be address before 3.0 which is approaching fast? Those running NeXTStep I need conformation that it works under NeXT. My current Slab is packed in a storage unit due to a fire in my apartment complex (happened above me so I'm wrapping up dealing with that crap =). -

...ast_log(LOG_WARNING,"Warning: allowing match on wildcard (%s =~ %s)\n", hostname, str); ret = 0; } else { ret = -1; } ast_debug(3, "SSL %s compare s1='%s' s2='%s'\n", desc, hostname, str); OPENSSL_free(str); return ret; } -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20230822/8ac3179f/attachment.html>

...long (*)())pthreads_thread_id); + CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback); + } + +void openssl_thread_locks_cleanup(void) + { + int i; + + CRYPTO_set_locking_callback(NULL); + for (i=0; i<CRYPTO_num_locks(); i++) + { + pthread_mutex_destroy(&(lock_cs[i])); + } + OPENSSL_free(lock_cs); + OPENSSL_free(lock_count); + + } + +void pthreads_locking_callback(int mode, int type, char *file, int line) + { + if (mode & CRYPTO_LOCK) + { + pthread_mutex_lock(&(lock_cs[type])); + lock_count[type]++; + } + else + { + pthread_mutex_unlock(&(lock_cs[type])); +...

Could everyone please test the latest snapshots as we will be making a new release soon. If you have any patches you would like us to consider, please resend them to the list ASAP. -d -- | Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor man's | http://www.mindrot.org / distributed filesystem'' - Dan Geer