[Bug 1291] aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL 0.9.8e

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Mar 5 10:09:48 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=1291





------- Comment #9 from dtucker at zip.com.au  2007-03-05 10:09 -------
(In reply to comment #8)
> 1. should there be a #undef here?

Not as long as it targets only 0.9.8e as EVP_CIPHER_CTX_key_length is a
function not a macro in that version.

> 2. Have OpenSSL acknowledged that this is a bug? 

Yes, I got a response from Lutz Jaenicke saying that my suggested
change in comment #4 was correct and that it had already been applied
to OpenSSL's CVS within the last week.

> If not, perhaps this needs to run of a configure test?

Maybe, but I would be concerned that it may interact something else in
future.  The proposed patch targets only the known problem version and
is a no-op for every other version.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


More information about the openssh-bugs mailing list