OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

deps: update comment about PURIFY define

Browse Source 
PURIFY makes OpenSSL zero out some buffers.  It also stops RAND_bytes()
from using the existing contents of the destination buffer as a source
of entropy, which according to some papers, is a possible attack vector
for reducing the overall entropy.

PR-URL: https://github.com/nodejs/node/pull/6582
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Ben Noordhuis
2016-05-04 21:27:18 +02:00
parent f6940dfa46
commit a4f94b4271
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
deps/openssl/openssl.gypi vendored
View File

@@ -1244,10 +1244,14 @@
'openssl/include',
],
'openssl_default_defines_all': [
# No clue what these are for.
'PURIFY',
'_REENTRANT',
# PURIFY makes OpenSSL zero out some buffers. It also stops RAND_bytes()
# from using the existing contents of the destination buffer as a source
# of entropy, which according to some papers, is a possible attack vector
# for reducing the overall entropy.
'PURIFY',
# Compression is not used and considered insecure (CRIME.)
'OPENSSL_NO_COMP',