>>> So a build without CAPI would fix the issues for you?
>> Yes please! I didn't know that was an option. Disabling CAPI was
>> what we did in 1.5.x, but I thought you wanted to enable it for 1.7.x.
>> Here's the 1.5.4 thread where you ended up disabling it:
> Yes, but then I patched OpenSSL so I could enable it in the build again.
> Disabling it for all would be a bad idea.
>>> Maybe a patch to ENGINE_by_id() would help that doesn't error out if
>>> CAPI isn't loaded but just steps over it?
>> No, you'd need to not ask for the CAPI engine in the first place. I
>> think that would work.
>> I think disabling GOST in general is the right thing to do because
>> operations like opening the repo-browser still spin up multiple
>> threads that each call ENGINE_load_builtin_engines(), which could
>> cause the GOST double-free/memory leak. In my case, the problem is
>> more evident because each thread calls that function twice.
> I can't see any difference in calling ENGINE_load_builtin_engines() on
> my machine here, with or without the CAPI engine disabled with the
> registry setting.
> But I do see the double free of the GOST engine in the debugger - no
> crash in the release version though, but I guess that's just luck.
> And I don't see the double free every time, only some time (1 out of ten
Have you decided what you're going to do about GOST? I'm asking
because if you disabled it in the OpenSSL build, I'd be able to test
it in a nightly build, perhaps before you roll 1.7.2. I also wanted
to make sure that you understand you can disable just the GOST engine
in OpenSSL while still leaving all the CAPI features enabled.
Unfortunately, I don't have any way of knowing if any TSVN users use
the GOST cypher or not. I doubt it, but I won't be getting the angry
emails if I'm wrong! Thanks for all your help working through this
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_tortoisesvn.tigris.org].
Received on 2011-12-01 23:01:13 CET