[email protected] wrote: > Full_Name: Bradley Baetz > Version: 2.4.45 > OS: linux > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
Thanks for the patch. The initialization of the static tlso_bio_method is racy. One-time initializations should be done in tlso_init, and the allocated memory should be freed in tlso_destroy. > > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st struct. > > However, it did this by re-defining the now-private structure, using the > OpenSSL > 1.0 version. That will fail when OpenSSL changes their structure, which they > have already done for v1.1.1 - see > https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16 > > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER define, > but has not yet hidden the struct definition. > > The attached file is derived from OpenLDAP Software. All of the modifications > to > OpenLDAP Software represented in the following patch(es) were developed by > Google, LLC. Google, LLC has not assigned rights and/or interest in this work > to > any party. I, Bradley Baetz am authorized by Google, LLC, my employer, to > release this work under the following terms. > > The attached modifications to OpenLDAP Software are subject to the following > notice: > Copyright 2017 Google, LLC. > Redistribution and use in source and binary forms, with or without > modification, > are permitted only as authorized by the OpenLDAP Public License. > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
