bbaetz@google.com wrote:
> Full_Name: Bradley Baetz
> Version: 2.4.45
> OS: linux
> URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
> Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)

Thanks for the patch. The initialization of the static tlso_bio_method is 
racy. One-time initializations should be done in tlso_init, and the allocated 
memory should be freed in tlso_destroy.

> 
> ITS#8533 added support for the OpenSSL's hiding of the bio_method_st struct.
> 
> However, it did this by re-defining the now-private structure, using the OpenSSL
> 1.0 version. That will fail when OpenSSL changes their structure, which they
> have already done for v1.1.1 - see
> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
>      
> It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER define,
> but has not yet hidden the struct definition.
> 
> The attached file is derived from OpenLDAP Software. All of the modifications to
> OpenLDAP Software represented in the following patch(es) were developed by
> Google, LLC. Google, LLC has not assigned rights and/or interest in this work to
> any party. I, Bradley Baetz am authorized by Google, LLC, my employer, to
> release this work under the following terms.
> 
> The attached modifications to OpenLDAP Software are subject to the following
> notice:
> Copyright 2017 Google, LLC.
> Redistribution and use in source and binary forms, with or without modification,
> are permitted only as authorized by the OpenLDAP Public License.
> 
> 


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch


On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc@symas.com> wrote:

> bbaetz@google.com wrote:
> > Full_Name: Bradley Baetz
> > Version: 2.4.45
> > OS: linux
> > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>
> Thanks for the patch. The initialization of the static tlso_bio_method is
> racy. One-time initializations should be done in tlso_init, and the
> allocated
> memory should be freed in tlso_destroy.
>
> >
> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
> struct.
> >
> > However, it did this by re-defining the now-private structure, using the
> OpenSSL
> > 1.0 version. That will fail when OpenSSL changes their structure, which
> they
> > have already done for v1.1.1 - see
> >
> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
> >
> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
> define,
> > but has not yet hidden the struct definition.
> >
> > The attached file is derived from OpenLDAP Software. All of the
> modifications to
> > OpenLDAP Software represented in the following patch(es) were developed
> by
> > Google, LLC. Google, LLC has not assigned rights and/or interest in this
> work to
> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer, to
> > release this work under the following terms.
> >
> > The attached modifications to OpenLDAP Software are subject to the
> following
> > notice:
> > Copyright 2017 Google, LLC.
> > Redistribution and use in source and binary forms, with or without
> modification,
> > are permitted only as authorized by the OpenLDAP Public License.
> >
> >
>
>
> --
>    -- Howard Chu
>    CTO, Symas Corp.           http://www.symas.com
>    Director, Highland Sun     http://highlandsun.com/hyc/
>    Chief Architect, OpenLDAP  http://www.openldap.org/project/
>

Is there anything else I need to do in order to get this committed?

Bradley

On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <bbaetz@google.com> wrote:

> Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
>
>
> On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc@symas.com> wrote:
>
>> bbaetz@google.com wrote:
>> > Full_Name: Bradley Baetz
>> > Version: 2.4.45
>> > OS: linux
>> > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
>> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>>
>> Thanks for the patch. The initialization of the static tlso_bio_method is
>> racy. One-time initializations should be done in tlso_init, and the
>> allocated
>> memory should be freed in tlso_destroy.
>>
>> >
>> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
>> struct.
>> >
>> > However, it did this by re-defining the now-private structure, using
>> the OpenSSL
>> > 1.0 version. That will fail when OpenSSL changes their structure, which
>> they
>> > have already done for v1.1.1 - see
>> >
>> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal/bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
>> >
>> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
>> define,
>> > but has not yet hidden the struct definition.
>> >
>> > The attached file is derived from OpenLDAP Software. All of the
>> modifications to
>> > OpenLDAP Software represented in the following patch(es) were developed
>> by
>> > Google, LLC. Google, LLC has not assigned rights and/or interest in
>> this work to
>> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
>> to
>> > release this work under the following terms.
>> >
>> > The attached modifications to OpenLDAP Software are subject to the
>> following
>> > notice:
>> > Copyright 2017 Google, LLC.
>> > Redistribution and use in source and binary forms, with or without
>> modification,
>> > are permitted only as authorized by the OpenLDAP Public License.
>> >
>> >
>>
>>
>> --
>>    -- Howard Chu
>>    CTO, Symas Corp.           http://www.symas.com
>>    Director, Highland Sun     http://highlandsun.com/hyc/
>>    Chief Architect, OpenLDAP  http://www.openldap.org/project/
>>
>

changed notes

Hi Bradley,

I believe it's waiting on a review from Howard.  I also plan on throwing it 
into my scratch repo and testing when I get the time, but my primary focus 
at the moment is migrating the OpenLDAP project to new infrastructure and a 
new bug tracking system. ;)

--Quanah

--On Wednesday, January 24, 2018 10:23 PM +0000 bbaetz@google.com wrote:

> --089e082f9ab494ea2405638d1cae
> Content-Type: text/plain; charset="UTF-8"
>
> Is there anything else I need to do in order to get this committed?
>
> Bradley
>
> On Fri, 15 Dec 2017 at 12:08 Bradley Baetz <bbaetz@google.com> wrote:
>
>> Done in ftp://ftp.openldap.org/incoming/bradley-baetz-20171215.patch
>>
>>
>> On Fri, 15 Dec 2017 at 04:36 Howard Chu <hyc@symas.com> wrote:
>>
>>> bbaetz@google.com wrote:
>>> > Full_Name: Bradley Baetz
>>> > Version: 2.4.45
>>> > OS: linux
>>> > URL: ftp://ftp.openldap.org/incoming/bradley-baetz-20171214.patch
>>> > Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)
>>>
>>> Thanks for the patch. The initialization of the static tlso_bio_method
>>> is racy. One-time initializations should be done in tlso_init, and the
>>> allocated
>>> memory should be freed in tlso_destroy.
>>>
>>> >
>>> > ITS#8533 added support for the OpenSSL's hiding of the bio_method_st
>>> struct.
>>> >
>>> > However, it did this by re-defining the now-private structure, using
>>> the OpenSSL
>>> > 1.0 version. That will fail when OpenSSL changes their structure,
>>> > which
>>> they
>>> > have already done for v1.1.1 - see
>>> >
>>> https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=include/internal
>>> /bio.h;hb=e1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l16
>>> >
>>> > It also fails with BoringSSL, which has v1.0's OPENSSL_VERSION_NUMBER
>>> define,
>>> > but has not yet hidden the struct definition.
>>> >
>>> > The attached file is derived from OpenLDAP Software. All of the
>>> modifications to
>>> > OpenLDAP Software represented in the following patch(es) were
>>> > developed
>>> by
>>> > Google, LLC. Google, LLC has not assigned rights and/or interest in
>>> this work to
>>> > any party. I, Bradley Baetz am authorized by Google, LLC, my employer,
>>> to
>>> > release this work under the following terms.
>>> >
>>> > The attached modifications to OpenLDAP Software are subject to the
>>> following
>>> > notice:
>>> > Copyright 2017 Google, LLC.
>>> > Redistribution and use in source and binary forms, with or without
>>> modification,
>>> > are permitted only as authorized by the OpenLDAP Public License.
>>> >
>>> >
>>>
>>>
>>> --
>>>    -- Howard Chu
>>>    CTO, Symas Corp.           http://www.symas.com
>>>    Director, Highland Sun     http://highlandsun.com/hyc/
>>>    Chief Architect, OpenLDAP  http://www.openldap.org/project/
>>>
>>
>
> --089e082f9ab494ea2405638d1cae
> Content-Type: text/html; charset="UTF-8"
> Content-Transfer-Encoding: quoted-printable
>
> <div dir=3D"ltr">Is there anything else I need to do in order to get this
> c= ommitted?<div><br></div><div>Bradley</div></div><br><div
> class=3D"gmail_quo= te"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 12:08
> Bradley Baetz &lt;<a href=
> =3D"mailto:bbaetz@google.com">bbaetz@google.com</a>&gt;
> wrote:<br></div><bl= ockquote class=3D"gmail_quote" style=3D"margin:0 0 0
> .8ex;border-left:1px #= ccc solid;padding-left:1ex"><div
> dir=3D"ltr"><span style=3D"font-size:small= ">Done in=C2=A0</span><a
> href=3D"ftp://ftp.openldap.org/incoming/bradley-ba= etz-20171215.patch"
> style=3D"font-size:small" target=3D"_blank">ftp://ftp.o=
> penldap.org/incoming/bradley-baetz-20171215.patch</a><br><br
> class=3D"m_906=
> 2438285945864329inbox-inbox-Apple-interchange-newline"></div><br><div
> class= =3D"gmail_quote"><div dir=3D"ltr">On Fri, 15 Dec 2017 at 04:36
> Howard Chu &= lt;<a href=3D"mailto:hyc@symas.com"
> target=3D"_blank">hyc@symas.com</a>&gt;=  wrote:<br></div><blockquote
> class=3D"gmail_quote" style=3D"margin:0 0 0 .8= ex;border-left:1px #ccc
> solid;padding-left:1ex"><a href=3D"mailto:bbaetz@go= ogle.com"
> target=3D"_blank">bbaetz@google.com</a> wrote:<br>
> &gt; Full_Name: Bradley Baetz<br>
> &gt; Version: 2.4.45<br>
> &gt; OS: linux<br>
> &gt; URL: <a
> href=3D"ftp://ftp.openldap.org/incoming/bradley-baetz-20171214= .patch"
> rel=3D"noreferrer" target=3D"_blank">ftp://ftp.openldap.org/incomin=
> g/bradley-baetz-20171214.patch</a><br>
> &gt; Submission from: (NULL) (2401:fa00:9:11:7ac0:58b5:299c:bebb)<br>
> <br>
> Thanks for the patch. The initialization of the static tlso_bio_method
> is<b= r>
> racy. One-time initializations should be done in tlso_init, and the
> allocat= ed<br>
> memory should be freed in tlso_destroy.<br>
> <br>
> &gt;<br>
> &gt; ITS#8533 added support for the OpenSSL&#39;s hiding of the
> bio_method_= st struct.<br>
> &gt;<br>
> &gt; However, it did this by re-defining the now-private structure, using
> t= he OpenSSL<br>
> &gt; 1.0 version. That will fail when OpenSSL changes their structure,
> whic= h they<br>
> &gt; have already done for v1.1.1 - see<br>
> &gt; <a
> href=3D"https://git.openssl.org/gitweb/?p=3Dopenssl.git;a=3Dblob;f=
> =3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b024dac7657a8d8a9b451#l
> 16= " rel=3D"noreferrer"
> target=3D"_blank">https://git.openssl.org/gitweb/?p=3D=
> openssl.git;a=3Dblob;f=3Dinclude/internal/bio.h;hb=3De1dd8fa00a1e06d27c8b
> 02= 4dac7657a8d8a9b451#l16</a><br>
> &gt;<br>
> &gt; It also fails with BoringSSL, which has v1.0&#39;s
> OPENSSL_VERSION_NUM= BER define,<br>
> &gt; but has not yet hidden the struct definition.<br>
> &gt;<br>
> &gt; The attached file is derived from OpenLDAP Software. All of the
> modifi= cations to<br>
> &gt; OpenLDAP Software represented in the following patch(es) were
> develope= d by<br>
> &gt; Google, LLC. Google, LLC has not assigned rights and/or interest in
> th= is work to<br>
> &gt; any party. I, Bradley Baetz am authorized by Google, LLC, my
> employer,=  to<br>
> &gt; release this work under the following terms.<br>
> &gt;<br>
> &gt; The attached modifications to OpenLDAP Software are subject to the
> fol= lowing<br>
> &gt; notice:<br>
> &gt; Copyright 2017 Google, LLC.<br>
> &gt; Redistribution and use in source and binary forms, with or without
> mod= ification,<br>
> &gt; are permitted only as authorized by the OpenLDAP Public License.<br>
> &gt;<br>
> &gt;<br>
> <br>
> <br>
> --<br>
> =C2=A0 =C2=A0-- Howard Chu<br>
> =C2=A0 =C2=A0CTO, Symas Corp.=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0<a
> hr= ef=3D"http://www.symas.com" rel=3D"noreferrer"
> target=3D"_blank">http://www= .symas.com</a><br>
> =C2=A0 =C2=A0Director, Highland Sun=C2=A0 =C2=A0 =C2=A0<a
> href=3D"http://hi= ghlandsun.com/hyc/" rel=3D"noreferrer"
> target=3D"_blank">http://highlandsun= .com/hyc/</a><br>
> =C2=A0 =C2=A0Chief Architect, OpenLDAP=C2=A0 <a
> href=3D"http://www.openldap= .org/project/" rel=3D"noreferrer"
> target=3D"_blank">http://www.openldap.org= /project/</a><br>
> </blockquote></div></blockquote></div>
>
> --089e082f9ab494ea2405638d1cae--
>
>
>



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

changed notes
changed state Open to Release
moved from Incoming to Software Bugs

Fixed in master (e5ee07785e9d820ec8db08187aa39697584ca1b7)
Fixed in RE24 (2.4.46)

changed notes
changed state Release to Closed