Hi Bradley,
I believe it's waiting on a review from Howard. I also plan on throwing it
into my scratch repo and testing when I get the time, but my primary focus
at the moment is migrating the OpenLDAP project to new infrastructure and a
new bug tracking system. ;)
--Quanah
--On Wednesday, January 24, 2018 10:23 PM +0000 bbaetz(a)google.com wrote:
--089e082f9ab494ea2405638d1cae
Content-Type: text/plain; charset="UTF-8"
Is there anything else I need to do in order to get this committed?
Bradley
On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <bbaetz(a)google.com> wrote:
> Done in
ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
>
>
> On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc(a)symas.com> wrote:
>
>> bbaetz(a)google.com wrote:
>> > Full_Name: Bradley Baetz
>> > Version: 2.4.45
>> > OS: linux
>> > URL:
ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
>> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>>
>> Thanks for the patch. The initialization of the static tlso_bio_method
>> is racy. One-time initializations should be done in tlso_init, and the
>> allocated
>> memory should be freed in tlso_destroy.
>>
>> >
>> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
>> struct.
>> >
>> > However, it did this by re-defining the now-private structure, using
>> the OpenSSL
>> > 1.0 version. That will fail when OpenSSL changes their structure,
>> > which
>> they
>> > have already done for v1.1.1 - see
>> >
>>
https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal
>> /bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
>> >
>> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
>> define,
>> > but has not yet hidden the struct definition.
>> >
>> > The attached file is derived from OpenLDAP Software. All of the
>> modifications to
>> > OpenLDAP Software represented in the following patch(es) were
>> > developed
>> by
>> > Google, LLC. Google, LLC has not assigned rights and/or interest in
>> this work to
>> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
>> to
>> > release this work under the following terms.
>> >
>> > The attached modifications to OpenLDAP Software are subject to the
>> following
>> > notice:
>> > Copyright 2017 Google, LLC.
>> > Redistribution and use in source and binary forms, with or without
>> modification,
>> > are permitted only as authorized by the OpenLDAP Public License.
>> >
>> >
>>
>>
>> --
>> -- Howard Chu
>> CTO, Symas Corp.
http://www.symas.com
>> Director, Highland Sun
http://highlandsun.com/hyc/
>> Chief Architect, OpenLDAP
http://www.openldap.org/project/
>>
>
--089e082f9ab494ea2405638d1cae
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Is there anything else I need to do in order to get
this
c=
ommitted?<div><br></div><div>Bradley</div></div><br><div
class=3D"gmail_quo= te"><div dir=3D"ltr">On Fri, 15 Dec 2017
at 12:08
Bradley Baetz <<a href=
=3D"mailto:bbaetz@google.com">bbaetz@google.com</a>>
wrote:<br></div><bl= ockquote class=3D"gmail_quote"
style=3D"margin:0 0 0
.8ex;border-left:1px #= ccc solid;padding-left:1ex"><div
dir=3D"ltr"><span style=3D"font-size:small= ">Done
in=C2=A0</span><a
href=3D"ftp://ftp.openldap.org/incoming/bradley-ba= etz-20171215.patch"
style=3D"font-size:small" target=3D"_blank">ftp://ftp.o=
penldap.org/incoming/bradley-baetz-20171215.patch</a><br><br
class=3D"m_906=
2438285945864329inbox-inbox-Apple-interchange-newline"></div><br><div
class= =3D"gmail_quote"><div dir=3D"ltr">On Fri, 15 Dec 2017
at 04:36
Howard Chu &= lt;<a href=3D"mailto:hyc@symas.com"
target=3D"_blank">hyc(a)symas.com</a>&gt;=
wrote:<br></div><blockquote
class=3D"gmail_quote" style=3D"margin:0 0 0 .8= ex;border-left:1px #ccc
solid;padding-left:1ex"><a href=3D"mailto:bbaetz@go= ogle.com"
target=3D"_blank">bbaetz(a)google.com</a> wrote:<br>
> Full_Name: Bradley Baetz<br>
> Version: 2.4.45<br>
> OS: linux<br>
> URL: <a
href=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214= .patch"
rel=3D"noreferrer"
target=3D"_blank">ftp://ftp.openldap.org/incomin=
g/bradley-baetz-20171214.patch</a><br>
> Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br>
<br>
Thanks for the patch. The initialization of the static tlso_bio_method
is<b= r>
racy. One-time initializations should be done in tlso_init, and the
allocat= ed<br>
memory should be freed in tlso_destroy.<br>
<br>
><br>
> ITS#8533 added support for the OpenSSL's hiding of the
bio_method_= st struct.<br>
><br>
> However, it did this by re-defining the now-private structure, using
t= he OpenSSL<br>
> 1.0 version. That will fail when OpenSSL changes their structure,
whic= h they<br>
> have already done for v1.1.1 - see<br>
> <a
href=3D"https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f=
=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l
16= " rel=3D"noreferrer"
target=3D"_blank">https://git.openssl.org/gitweb/?p=3D=
openssl.git;a=3Dblob;f=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b
02= 4dac7657a8d8a9b451#l16</a><br>
><br>
> It also fails with BoringSSL, which has v1.0's
OPENSSL_VERSION_NUM= BER define,<br>
> but has not yet hidden the struct definition.<br>
><br>
> The attached file is derived from OpenLDAP Software. All of the
modifi= cations to<br>
> OpenLDAP Software represented in the following patch(es) were
develope= d by<br>
> Google, LLC. Google, LLC has not assigned rights and/or interest in
th= is work to<br>
> any party. I, Bradley Baetz am authorized by Google, LLC, my
employer,= to<br>
> release this work under the following terms.<br>
><br>
> The attached modifications to OpenLDAP Software are subject to the
fol= lowing<br>
> notice:<br>
> Copyright 2017 Google, LLC.<br>
> Redistribution and use in source and binary forms, with or without
mod= ification,<br>
> are permitted only as authorized by the OpenLDAP Public License.<br>
><br>
><br>
<br>
<br>
--<br>
=C2=A0 =C2=A0-- Howard Chu<br>
=C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a
hr= ef=3D"http://www.symas.com" rel=3D"noreferrer"
target=3D"_blank">http://www= .symas.com</a><br>
=C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a
href=3D"http://hi=
ghlandsun.com/hyc/" rel=3D"noreferrer"
target=3D"_blank">http://highlandsun= .com/hyc/</a><br>
=C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a
href=3D"http://www.openldap= .org/project/" rel=3D"noreferrer"
target=3D"_blank">http://www.openldap.org= /project/</a><br>
</blockquote></div></blockquote></div>
--089e082f9ab494ea2405638d1cae--
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<