Jeff Saremi wrote:
That's right. Not only the actual implementation but more the API do not
support 64bit values being passed around.
jeff
That's right. Not only the actual implementation but more the API do not
support 64bit values being passed around, even on systems where the
native lseek() kernel API is using a 64bit wide off_t. This is because
a cast to
int is being performed errornously in the macro that implements BIO_seek()
from include/openssl/bio.h as highlighted by Victor in the other thread.
Please see Jeff's "other" thread "64bit BIOs and support in OpenSSL" on
openssl-users list for more background from 04-Oct-2010.
To reiterate my thoughts for openssl-dev list:
* bio.h cast is an error, replace "(int)" with "(off_t)" in the
BIO_tell() macro. Check other similar APIs for similar errors.
* Create a new API call (that is a real function, not a macro) that:
** implements BIO_tell64() that returns "loff_t" type. Maybe
someone can confirm my expectation that the loff_t will ALWAYS be (at
least) 64bit wide on all platforms.
** The BIO may need to pass pointers through internal OpenSSL API,
this means BIO_ctrl() would be handling a pointer to "struct
temp_loff_storage_encapsulation { loff_t offset; }". Which works on
systems to preserve the value, even when pointers are 32bit wide.
** The function that is BIO_tell64() would then remove the storage
encapsulation (i.e. unencapsulate the value) so that a "loff_t" C type
could be returned as-is.
** Ensure the OpenSSL build can detect platforms that do not
support a 64bit C language type "long long" as a variable. If "long
long" and therefore "loff_t" is not supported then no BIO_tell64() API
call should be implemented. For all intents and purposes OpenSSL would
not support BIO_tell64() on systems/compilers that do not support
loff_t/long long. I can't see anyone objecting to this matter.
* Final stage, audit the internal use of OpenSSL itself with regards
to the API.
** Ensure the correct type off_t/loff_t is being used to store file
offset values.
** Ensure the best possible API on the platform is being used, i.e.
if BIO_tell64() is available then ensure under the bonnet OpenSSL is
using it (for its own internal needs).
** If there are any concerns/issues in this investigative process
feel free the air them to the openssl-dev list.
Darryl
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
