--94eb2c05eb72af425f056056a2cc Content-Type: text/plain; charset="UTF-8"
Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch On Fri, 15 Dec 2017 at 04:36 Howard Chu <[email protected]> wrote: > [email protected] wrote: > > Full_Name: Bradley Baetz > > Version: 2.4.45 > > OS: linux > > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch > > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb) > > Thanks for the patch. The initialization of the static tlso_bio_method is > racy. One-time initializations should be done in tlso_init, and the > allocated > memory should be freed in tlso_destroy. > > > > > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st > struct. > > > > However, it did this by re-defining the now-private structure, using the > OpenSSL > > 1.0 version. That will fail when OpenSSL changes their structure, which > they > > have already done for v1.1.1 - see > > > https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16 > > > > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER > define, > > but has not yet hidden the struct definition. > > > > The attached file is derived from OpenLDAP Software. All of the > modifications to > > OpenLDAP Software represented in the following patch(es) were developed > by > > Google, LLC. Google, LLC has not assigned rights and/or interest in this > work to > > any party. I, Bradley Baetz am authorized by Google, LLC, my employer, to > > release this work under the following terms. > > > > The attached modifications to OpenLDAP Software are subject to the > following > > notice: > > Copyright 2017 Google, LLC. > > Redistribution and use in source and binary forms, with or without > modification, > > are permitted only as authorized by the OpenLDAP Public License. > > > > > > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > --94eb2c05eb72af425f056056a2cc Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><span style=3D"font-size:small">Done in=C2=A0</span><a hre= f=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch"; style=3D= "font-size:small">ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.pa= tch</a><br><br class=3D"inbox-inbox-Apple-interchange-newline"></div><br><d= iv class=3D"gmail_quote"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 04:36 Howa= rd Chu <<a href=3D"mailto:[email protected]";>[email protected]</a>> wrote:<br= ></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-= left:1px #ccc solid;padding-left:1ex"><a href=3D"mailto:[email protected]"; = target=3D"_blank">[email protected]</a> wrote:<br> > Full_Name: Bradley Baetz<br> > Version: 2.4.45<br> > OS: linux<br> > URL: <a href=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214= .patch" rel=3D"noreferrer" target=3D"_blank">ftp://ftp.openldap.org/incomin= g/bradley-baetz-20171214.patch</a><br> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br> <br> Thanks for the patch. The initialization of the static tlso_bio_method is<b= r> racy. One-time initializations should be done in tlso_init, and the allocat= ed<br> memory should be freed in tlso_destroy.<br> <br> ><br> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_= st struct.<br> ><br> > However, it did this by re-defining the now-private structure, using t= he OpenSSL<br> > 1.0 version. That will fail when OpenSSL changes their structure, whic= h they<br> > have already done for v1.1.1 - see<br> > <a href=3D"https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f= =3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16= " rel=3D"noreferrer" target=3D"_blank">https://git.openssl.org/gitweb/?p=3D= openssl.git;a=3Dblob;f=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b02= 4dac7657a8d8a9b451#l16</a><br> ><br> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUM= BER define,<br> > but has not yet hidden the struct definition.<br> ><br> > The attached file is derived from OpenLDAP Software. All of the modifi= cations to<br> > OpenLDAP Software represented in the following patch(es) were develope= d by<br> > Google, LLC. Google, LLC has not assigned rights and/or interest in th= is work to<br> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,= to<br> > release this work under the following terms.<br> ><br> > The attached modifications to OpenLDAP Software are subject to the fol= lowing<br> > notice:<br> > Copyright 2017 Google, LLC.<br> > Redistribution and use in source and binary forms, with or without mod= ification,<br> > are permitted only as authorized by the OpenLDAP Public License.<br> ><br> ><br> <br> <br> --<br> =C2=A0 =C2=A0-- Howard Chu<br> =C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a hr= ef=3D"http://www.symas.com"; rel=3D"noreferrer" target=3D"_blank">http://www= .symas.com</a><br> =C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a href=3D"http://hi= ghlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highlandsun= .com/hyc/</a><br> =C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a href=3D"http://www.openldap= .org/project/" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org= /project/</a><br> </blockquote></div> --94eb2c05eb72af425f056056a2cc--
