2:23 p.m.
--089e082f9ab494ea2405638d1cae
Content-Type: text/plain; charset="UTF-8"
Is there anything else I need to do in order to get this committed?
Bradley
On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <bbaetz(a)google.com> wrote:
Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc(a)symas.com> wrote:
> bbaetz(a)google.com wrote:
> > Full_Name: Bradley Baetz
> > Version: 2.4.45
> > OS: linux
> > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>
> Thanks for the patch. The initialization of the static tlso_bio_method is
> racy. One-time initializations should be done in tlso_init, and the
> allocated
> memory should be freed in tlso_destroy.
>
> >
> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
> struct.
> >
> > However, it did this by re-defining the now-private structure, using
> the OpenSSL
> > 1.0 version. That will fail when OpenSSL changes their structure, which
> they
> > have already done for v1.1.1 - see
> >
>
https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/b...
> >
> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
> define,
> > but has not yet hidden the struct definition.
> >
> > The attached file is derived from OpenLDAP Software. All of the
> modifications to
> > OpenLDAP Software represented in the following patch(es) were developed
> by
> > Google, LLC. Google, LLC has not assigned rights and/or interest in
> this work to
> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
> to
> > release this work under the following terms.
> >
> > The attached modifications to OpenLDAP Software are subject to the
> following
> > notice:
> > Copyright 2017 Google, LLC.
> > Redistribution and use in source and binary forms, with or without
> modification,
> > are permitted only as authorized by the OpenLDAP Public License.
> >
> >
>
>
> --
> -- Howard Chu
> CTO, Symas Corp. http://www.symas.com
> Director, Highland Sun http://highlandsun.com/hyc/
> Chief Architect, OpenLDAP http://www.openldap.org/project/
>
--089e082f9ab494ea2405638d1cae
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Is there anything else I need to do in order to get this
c=
ommitted?<div><br></div><div>Bradley</div></div><br><div
class=3D"gmail_quo=
te"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 12:08 Bradley Baetz
<<a href=
=3D"mailto:bbaetz@google.com">bbaetz@google.com</a>>
wrote:<br></div><bl=
ockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px
#=
ccc solid;padding-left:1ex"><div dir=3D"ltr"><span
style=3D"font-size:small=
">Done in=C2=A0</span><a
href=3D"ftp://ftp.openldap.org/incoming/bradley-ba=
etz-20171215.patch" style=3D"font-size:small"
target=3D"_blank">ftp://ftp.o=
penldap.org/incoming/bradley-baetz-20171215.patch</a><br><br
class=3D"m_906=
2438285945864329inbox-inbox-Apple-interchange-newline"></div><br><div
class=
=3D"gmail_quote"><div dir=3D"ltr">On Fri, 15 Dec 2017 at
04:36 Howard Chu &=
lt;<a href=3D"mailto:hyc@symas.com"
target=3D"_blank">hyc(a)symas.com</a>&gt;=
wrote:<br></div><blockquote class=3D"gmail_quote"
style=3D"margin:0 0 0 .8=
ex;border-left:1px #ccc solid;padding-left:1ex"><a
href=3D"mailto:bbaetz@go=
ogle.com" target=3D"_blank">bbaetz(a)google.com</a>
wrote:<br>
> Full_Name: Bradley Baetz<br>
> Version: 2.4.45<br>
> OS: linux<br>
> URL: <a href=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214=
.patch" rel=3D"noreferrer"
target=3D"_blank">ftp://ftp.openldap.org/incomin=
g/bradley-baetz-20171214.patch</a><br>
> Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br>
<br>
Thanks for the patch. The initialization of the static tlso_bio_method is<b=
r>
racy. One-time initializations should be done in tlso_init, and the allocat=
ed<br>
memory should be freed in tlso_destroy.<br>
<br>
><br>
> ITS#8533 added support for the OpenSSL's hiding of the bio_method_=
st struct.<br>
><br>
> However, it did this by re-defining the now-private structure, using t=
he OpenSSL<br>
> 1.0 version. That will fail when OpenSSL changes their structure, whic=
h they<br>
> have already done for v1.1.1 - see<br>
> <a href=3D"https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f=
=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16=
" rel=3D"noreferrer"
target=3D"_blank">https://git.openssl.org/gitweb/?p=3D=
openssl.git;a=3Dblob;f=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b02=
4dac7657a8d8a9b451#l16</a><br>
><br>
> It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUM=
BER define,<br>
> but has not yet hidden the struct definition.<br>
><br>
> The attached file is derived from OpenLDAP Software. All of the modifi=
cations to<br>
> OpenLDAP Software represented in the following patch(es) were develope=
d by<br>
> Google, LLC. Google, LLC has not assigned rights and/or interest in th=
is work to<br>
> any party. I, Bradley Baetz am authorized by Google, LLC, my employer,=
to<br>
> release this work under the following terms.<br>
><br>
> The attached modifications to OpenLDAP Software are subject to the fol=
lowing<br>
> notice:<br>
> Copyright 2017 Google, LLC.<br>
> Redistribution and use in source and binary forms, with or without mod=
ification,<br>
> are permitted only as authorized by the OpenLDAP Public License.<br>
><br>
><br>
<br>
<br>
--<br>
=C2=A0 =C2=A0-- Howard Chu<br>
=C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a hr=
ef=3D"http://www.symas.com" rel=3D"noreferrer"
target=3D"_blank">http://www=
.symas.com</a><br>
=C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a href=3D"http://hi=
ghlandsun.com/hyc/" rel=3D"noreferrer"
target=3D"_blank">http://highlandsun=
.com/hyc/</a><br>
=C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a href=3D"http://www.openldap=
.org/project/" rel=3D"noreferrer"
target=3D"_blank">http://www.openldap.org=
/project/</a><br>
</blockquote></div></blockquote></div>
--089e082f9ab494ea2405638d1cae--