Re: [PATCH] Avoid mixing custom and OpenSSL BIO functions

Thanks! I got asked about release branches, so I thought I'd pass it along:
how do you all handle merges to release branches and would it make sense to
merge this change? On the one hand, nothing is actively on fire yet, but
the current setup does risk breakage if OpenSSL ever migrates BIO_s_socket
to their new size_t-clean internals.

On my end, I found some time to write up the compatibility riskiness to
OpenSSL upstream and they agreed with me that BIO_meth_get_* are
problematic:
https://github.com/openssl/openssl/issues/26047
https://github.com/openssl/openssl/pull/26056

I also sent them a documentation fix so the BIO_CTRL_FLUSH requirement is
clearly written down.
https://github.com/openssl/openssl/pull/26060
I didn't write down the expectations around BIO_CTRL_EOF yet because I'm
still not really sure what they are with
https://github.com/openssl/openssl/issues/8208 and all. (If we get around
to adding BIO_read_ex to BoringSSL, I'll see if we can do something better
there---have some half-baked ideas---and, if successful, I'll try to
convince OpenSSL to do the same.)

David

On Fri, Oct 11, 2024 at 5:20 PM Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:

> > On 5 Sep 2024, at 00:10, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>
> > Thanks for reviewing, I plan on going ahead with this patch shortly.
>
> That ended up not being shortly, but having spent a fair bit of time
> reading
> the diff over and testing on multiple versions of OpenSSL and LibreSSL
> I've now
> pushed it. The buildfarm has built green on multiple platforms tonight but
> I'll keep monitoring it.
>
> --
> Daniel Gustafsson
>
>