Hi Bradley,
I believe it's waiting on a review from Howard. I also plan on throwing it into my scratch repo and testing when I get the time, but my primary focus at the moment is migrating the OpenLDAP project to new infrastructure and a new bug tracking system. ;)
--Quanah
--On Wednesday, January 24, 2018 10:23 PM +0000 bbaetz@google.com wrote:
--089e082f9ab494ea2405638d1cae Content-Type: text/plain; charset="UTF-8"
Is there anything else I need to do in order to get this committed?
Bradley
On Fri, 15 Dec 2017 at 12:08 Bradley Baetz bbaetz@google.com wrote:
Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
On Fri, 15 Dec 2017 at 04:36 Howard Chu hyc@symas.com wrote:
bbaetz@google.com wrote:
Full_Name: Bradley Baetz Version: 2.4.45 OS: linux URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
Thanks for the patch. The initialization of the static tlso_bio_method is racy. One-time initializations should be done in tlso_init, and the allocated memory should be freed in tlso_destroy.
ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
struct.
However, it did this by re-defining the now-private structure, using
the OpenSSL
1.0 version. That will fail when OpenSSL changes their structure, which
they
have already done for v1.1.1 - see
https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal /bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
define,
but has not yet hidden the struct definition.
The attached file is derived from OpenLDAP Software. All of the
modifications to
OpenLDAP Software represented in the following patch(es) were developed
by
Google, LLC. Google, LLC has not assigned rights and/or interest in
this work to
any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
to
release this work under the following terms.
The attached modifications to OpenLDAP Software are subject to the
following
notice: Copyright 2017 Google, LLC. Redistribution and use in source and binary forms, with or without
modification,
are permitted only as authorized by the OpenLDAP Public License.
-- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
--089e082f9ab494ea2405638d1cae Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Is there anything else I need to do in order to get this c= ommitted?<div><br></div><div>Bradley</div></div><br><div class=3D"gmail_quo= te"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <<a href= =3D"mailto:bbaetz@google.com">bbaetz@google.com</a>> wrote:<br></div><bl= ockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #= ccc solid;padding-left:1ex"><div dir=3D"ltr"><span style=3D"font-size:small= ">Done in=C2=A0</span><a href=3D"ftp://ftp.openldap.org/incoming/bradley-ba= etz-20171215.patch" style=3D"font-size:small" target=3D"_blank">ftp://ftp.o= penldap.org/incoming/bradley-baetz-20171215.patch</a><br><br class=3D"m_906= 2438285945864329inbox-inbox-Apple-interchange-newline"></div><br><div class= =3D"gmail_quote"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 04:36 Howard Chu &= lt;<a href=3D"mailto:hyc@symas.com" target=3D"_blank">hyc@symas.com</a>>= wrote:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8= ex;border-left:1px #ccc solid;padding-left:1ex"><a href=3D"mailto:bbaetz@go= ogle.com" target=3D"_blank">bbaetz@google.com</a> wrote:<br> > Full_Name: Bradley Baetz<br> > Version: 2.4.45<br> > OS: linux<br> > URL: <a href=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214= .patch" rel=3D"noreferrer" target=3D"_blank">ftp://ftp.openldap.org/incomin= g/bradley-baetz-20171214.patch</a><br> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br> <br> Thanks for the patch. The initialization of the static tlso_bio_method is<b= r> racy. One-time initializations should be done in tlso_init, and the allocat= ed<br> memory should be freed in tlso_destroy.<br> <br> ><br> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_= st struct.<br> ><br> > However, it did this by re-defining the now-private structure, using t= he OpenSSL<br> > 1.0 version. That will fail when OpenSSL changes their structure, whic= h they<br> > have already done for v1.1.1 - see<br> > <a href=3D"https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f= =3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l 16= " rel=3D"noreferrer" target=3D"_blank">https://git.openssl.org/gitweb/?p=3D= openssl.git;a=3Dblob;f=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b 02= 4dac7657a8d8a9b451#l16</a><br> ><br> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUM= BER define,<br> > but has not yet hidden the struct definition.<br> ><br> > The attached file is derived from OpenLDAP Software. All of the modifi= cations to<br> > OpenLDAP Software represented in the following patch(es) were develope= d by<br> > Google, LLC. Google, LLC has not assigned rights and/or interest in th= is work to<br> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,= to<br> > release this work under the following terms.<br> ><br> > The attached modifications to OpenLDAP Software are subject to the fol= lowing<br> > notice:<br> > Copyright 2017 Google, LLC.<br> > Redistribution and use in source and binary forms, with or without mod= ification,<br> > are permitted only as authorized by the OpenLDAP Public License.<br> ><br> ><br> <br> <br> --<br> =C2=A0 =C2=A0-- Howard Chu<br> =C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a hr= ef=3D"http://www.symas.com" rel=3D"noreferrer" target=3D"_blank">http://www= .symas.com</a><br> =C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a href=3D"http://hi= ghlandsun.com/hyc/" rel=3D"noreferrer" target=3D"_blank">http://highlandsun= .com/hyc/</a><br> =C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a href=3D"http://www.openldap= .org/project/" rel=3D"noreferrer" target=3D"_blank">http://www.openldap.org= /project/</a><br> </blockquote></div></blockquote></div>
--089e082f9ab494ea2405638d1cae--
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com