RE: [PATCH] OpenSSL: Mark underlying BIO with the appropriate type flags

Not sure what is the expected use with previous versions. It used to be that the BIO_s_socket() would return a
non-constpointer, so the original socket methods object could be edited.
 
Copying it means there are two BIO_METHOD objects with the same type (ortig socket and its copy) but it's unclear if
that'san issue.
 

Itamar Gafni
Imperva

-----Original Message-----
From: Daniel Gustafsson <daniel@yesql.se>
Sent: Monday, 9 August 2021 18:36
To: Itamar Gafni <itamar.gafni@imperva.com>
Cc: pgsql-hackers@lists.postgresql.org
Subject: Re: [PATCH] OpenSSL: Mark underlying BIO with the appropriate type flags

CAUTION: This message was sent from outside the company. Do not click links or open attachments unless you recognize
thesender and know the content is safe.
 


> On 6 Aug 2021, at 12:16, Itamar Gafni <itamar.gafni@imperva.com> wrote:

> Previous to OpenSSL version 1.1.0, the BIO methods object would be copied directly from the existing socket type and
thenits read\write functions would be replaced.
 
> With 1.1.0 and up, the object is created from scratch and then all its methods are initialized to be the ones of the
sockettype, except read/write which are custom.
 
> In this newer way, a new type is given to it by calling “BIO_get_new_index”, but the related type flags aren’t
added.

According to the documentation (I haven't tested it yet but will) I think you are right that the type should be set
withthe appropriate BIO_TYPE_ flags.
 

For OpenSSL 1.0.1 and 1.0.2, wouldn't we need to set the .type with a randomly chosen index anded with
BIO_TYPE_DESCRIPTORand BIO_TYPE_SOURCE_SINK as well?
 

--
Daniel Gustafsson               https://vmware.com/

-------------------------------------------
NOTICE:
This email and all attachments are confidential, may be proprietary, and may be privileged or otherwise protected from
disclosure.They are intended solely for the individual or entity to whom the email is addressed. However, mistakes
sometimeshappen in addressing emails. If you believe that you are not an intended recipient, please stop reading
immediately.Do not copy, forward, or rely on the contents in any way. Notify the sender and/or Imperva, Inc. by
telephoneat +1 (650) 832-6006 and then delete or destroy any copy of this email and its attachments. The sender
reservesand asserts all rights to confidentiality, as well as any privileges that may apply. Any disclosure, copying,
distributionor action taken or omitted to be taken by an unintended recipient in reliance on this message is prohibited
andmay be unlawful.
 
Please consider the environment before printing this email.