[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#9069) Stop setting custom GnuTLS mutex functions

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#9069) Stop setting custom GnuTLS mutex functions
From: ondra@mistotebe.net
Date: Wed, 28 Aug 2019 10:50:19 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

On Wed, Aug 28, 2019 at 01:04:25AM +0000, ryan@openldap.org wrote:
> The GnuTLS documentation states:
>> Do not call this function from a library, or preferably from any application
>> unless really needed to.
> 
> I disobeyed that guidance in commit 829027945, because I wasn't sure that
> GnuTLS's own threading support would cover all the platforms libldap does. This
> choice caused some bugs, e.g. <https://bugs.debian.org/803197> and
> <https://www.openldap.org/its/?findid=8797>.
> 
> I don't know how to find out for sure whether anyone builds libldap with GnuTLS
> on a system where it lacks native mutexes. I think at this point I would rather
> fix the known broken cases, over the risk of potentially breaking a theoretical
> setup I'm not sure actually exists.
> 
> Therefore: I now propose applying this change for 2.5.

A similar change (making tlso_thr_init a no-op) has been introduced in
ITS#8533 when compiling with OpenSSL 1.1.0+, so I gather it should be
fine for GnuTLS as well.

Regards,

-- 
OndÅ?ej KuznÃk
Senior Software Engineer
Symas Corporation                       http://www.symas.com
Packaged, certified, and supported LDAP solutions powered by OpenLDAP

Prev by Date: (ITS#9069) Stop setting custom GnuTLS mutex functions
Next by Date: Re: (ITS#9069) Stop setting custom GnuTLS mutex functions
Index(es):
- Chronological
- Thread