From bbaetz@google.com Wed Jan 24 22:23:35 2018
From: bbaetz@google.com
To: openldap-bugs@openldap.org
Subject: Re: (ITS#8791) OpenSSL 1.1.1 compat issue
Date: Wed, 24 Jan 2018 22:23:33 +0000
Message-ID: <E1eeTS9-0001kO-AL@gauss.openldap.net>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============8456380985849587973=="

--===============8456380985849587973==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

--089e082f9ab494ea2405638d1cae
Content-Type: text/plain; charset=3D"UTF-8"

Is there anything else I need to do in order to get this committed?

Bradley

On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <bbaetz(a)google.com> wrote:

> Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
>
>
> On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc(a)symas.com> wrote:
>
>> bbaetz(a)google.com wrote:
>> > Full_Name: Bradley Baetz
>> > Version: 2.4.45
>> > OS: linux
>> > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
>> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>>
>> Thanks for the patch. The initialization of the static tlso_bio_method is
>> racy. One-time initializations should be done in tlso_init, and the
>> allocated
>> memory should be freed in tlso_destroy.
>>
>> >
>> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
>> struct.
>> >
>> > However, it did this by re-defining the now-private structure, using
>> the OpenSSL
>> > 1.0 version. That will fail when OpenSSL changes their structure, which
>> they
>> > have already done for v1.1.1 - see
>> >
>> https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f=3Dinclude/inter=
nal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
>> >
>> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
>> define,
>> > but has not yet hidden the struct definition.
>> >
>> > The attached file is derived from OpenLDAP Software. All of the
>> modifications to
>> > OpenLDAP Software represented in the following patch(es) were developed
>> by
>> > Google, LLC. Google, LLC has not assigned rights and/or interest in
>> this work to
>> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
>> to
>> > release this work under the following terms.
>> >
>> > The attached modifications to OpenLDAP Software are subject to the
>> following
>> > notice:
>> > Copyright 2017 Google, LLC.
>> > Redistribution and use in source and binary forms, with or without
>> modification,
>> > are permitted only as authorized by the OpenLDAP Public License.
>> >
>> >
>>
>>
>> --
>>    -- Howard Chu
>>    CTO, Symas Corp.           http://www.symas.com
>>    Director, Highland Sun     http://highlandsun.com/hyc/
>>    Chief Architect, OpenLDAP  http://www.openldap.org/project/
>>
>

--089e082f9ab494ea2405638d1cae
Content-Type: text/html; charset=3D"UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D3D"ltr">Is there anything else I need to do in order to get this c=
=3D
ommitted?<div><br></div><div>Bradley</div></div><br><div class=3D3D"gmail_quo=
=3D
te"><div dir=3D3D"ltr">On Fri, 15 Dec 2017 at 12:08 Bradley Baetz &lt;<a href=
=3D
=3D3D"mailto:bbaetz(a)google.com">bbaetz(a)google.com</a>&gt; wrote:<br></div=
><bl=3D
ockquote class=3D3D"gmail_quote" style=3D3D"margin:0 0 0 .8ex;border-left:1px=
 #=3D
ccc solid;padding-left:1ex"><div dir=3D3D"ltr"><span style=3D3D"font-size:sma=
ll=3D
">Done in=3DC2=3DA0</span><a href=3D3D"ftp://ftp.openldap.org/incoming/bradle=
y-ba=3D
etz-20171215.patch" style=3D3D"font-size:small" target=3D3D"_blank">ftp://ftp=
.o=3D
penldap.org/incoming/bradley-baetz-20171215.patch</a><br><br class=3D3D"m_906=
=3D
2438285945864329inbox-inbox-Apple-interchange-newline"></div><br><div class=3D
=3D3D"gmail_quote"><div dir=3D3D"ltr">On Fri, 15 Dec 2017 at 04:36 Howard Chu=
 &=3D
lt;<a href=3D3D"mailto:hyc(a)symas.com" target=3D3D"_blank">hyc(a)symas.com</=
a>&gt;=3D
 wrote:<br></div><blockquote class=3D3D"gmail_quote" style=3D3D"margin:0 0 0 =
.8=3D
ex;border-left:1px #ccc solid;padding-left:1ex"><a href=3D3D"mailto:bbaetz(a)=
go=3D
ogle.com" target=3D3D"_blank">bbaetz(a)google.com</a> wrote:<br>
&gt; Full_Name: Bradley Baetz<br>
&gt; Version: 2.4.45<br>
&gt; OS: linux<br>
&gt; URL: <a href=3D3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214=
=3D
.patch" rel=3D3D"noreferrer" target=3D3D"_blank">ftp://ftp.openldap.org/incom=
in=3D
g/bradley-baetz-20171214.patch</a><br>
&gt; Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br>
<br>
Thanks for the patch. The initialization of the static tlso_bio_method is<b=3D
r>
racy. One-time initializations should be done in tlso_init, and the allocat=3D
ed<br>
memory should be freed in tlso_destroy.<br>
<br>
&gt;<br>
&gt; ITS#8533 added support for the OpenSSL&#39;s hiding of the bio_method_=3D
st struct.<br>
&gt;<br>
&gt; However, it did this by re-defining the now-private structure, using t=3D
he OpenSSL<br>
&gt; 1.0 version. That will fail when OpenSSL changes their structure, whic=3D
h they<br>
&gt; have already done for v1.1.1 - see<br>
&gt; <a href=3D3D"https://git.openssl.org/gitweb/?p=3D3Dopenssl.git;a=3D3Dblo=
b;f=3D
=3D3Dinclude/internal/bio.h;hb=3D3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l=
16=3D
" rel=3D3D"noreferrer" target=3D3D"_blank">https://git.openssl.org/gitweb/?p=
=3D3D=3D
openssl.git;a=3D3Dblob;f=3D3Dinclude/internal/bio.h;hb=3D3De1dd8fa00a1e06d27c=
8b02=3D
4dac7657a8d8a9b451#l16</a><br>
&gt;<br>
&gt; It also fails with BoringSSL, which has v1.0&#39;s OPENSSL_VERSION_NUM=3D
BER define,<br>
&gt; but has not yet hidden the struct definition.<br>
&gt;<br>
&gt; The attached file is derived from OpenLDAP Software. All of the modifi=3D
cations to<br>
&gt; OpenLDAP Software represented in the following patch(es) were develope=3D
d by<br>
&gt; Google, LLC. Google, LLC has not assigned rights and/or interest in th=3D
is work to<br>
&gt; any party. I, Bradley Baetz am authorized by Google, LLC, my employer,=3D
 to<br>
&gt; release this work under the following terms.<br>
&gt;<br>
&gt; The attached modifications to OpenLDAP Software are subject to the fol=3D
lowing<br>
&gt; notice:<br>
&gt; Copyright 2017 Google, LLC.<br>
&gt; Redistribution and use in source and binary forms, with or without mod=3D
ification,<br>
&gt; are permitted only as authorized by the OpenLDAP Public License.<br>
&gt;<br>
&gt;<br>
<br>
<br>
--<br>
=3DC2=3DA0 =3DC2=3DA0-- Howard Chu<br>
=3DC2=3DA0 =3DC2=3DA0CTO, Symas Corp.=3DC2=3DA0 =3DC2=3DA0 =3DC2=3DA0 =3DC2=
=3DA0 =3DC2=3DA0 =3DC2=3DA0<a hr=3D
ef=3D3D"http://www.symas.com" rel=3D3D"noreferrer" target=3D3D"_blank">http:/=
/www=3D
.symas.com</a><br>
=3DC2=3DA0 =3DC2=3DA0Director, Highland Sun=3DC2=3DA0 =3DC2=3DA0 =3DC2=3DA0<a=
 href=3D3D"http://hi=3D
ghlandsun.com/hyc/" rel=3D3D"noreferrer" target=3D3D"_blank">http://highlands=
un=3D
.com/hyc/</a><br>
=3DC2=3DA0 =3DC2=3DA0Chief Architect, OpenLDAP=3DC2=3DA0 <a href=3D3D"http://=
www.openldap=3D
.org/project/" rel=3D3D"noreferrer" target=3D3D"_blank">http://www.openldap.o=
rg=3D
/project/</a><br>
</blockquote></div></blockquote></div>

--089e082f9ab494ea2405638d1cae--




--===============8456380985849587973==--