Full_Name: Bradley Baetz
Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
Thanks for the patch. The initialization of the static tlso_bio_method is
racy. One-time initializations should be done in tlso_init, and the allocated
memory should be freed in tlso_destroy.
ITS#8533 added support for the OpenSSL's hiding of the bio_method_st struct.
However, it did this by re-defining the now-private structure, using the OpenSSL
1.0 version. That will fail when OpenSSL changes their structure, which they
have already done for v1.1.1 - see
It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER define,
but has not yet hidden the struct definition.
The attached file is derived from OpenLDAP Software. All of the modifications to
OpenLDAP Software represented in the following patch(es) were developed by
Google, LLC. Google, LLC has not assigned rights and/or interest in this work to
any party. I, Bradley Baetz am authorized by Google, LLC, my employer, to
release this work under the following terms.
The attached modifications to OpenLDAP Software are subject to the following
Copyright 2017 Google, LLC.
Redistribution and use in source and binary forms, with or without modification,
are permitted only as authorized by the OpenLDAP Public License.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/