commit 95f79606901e64c1d494a4b786350e2287cf8fa7
author David Benjamin <davidben@google.com> Sat May 03 14:40:34 2025 -0400
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Wed May 07 10:45:59 2025 -0700
tree 843485ec720c30b167e07a2360d9f525fb21b1b0
parent 60c7f790009c142ab0ddb92a568300e82e3da628

Also add BIO_meth_get_write and BIO_meth_get_read

The Folly library has also fallen to this folly and uses these functions
to even get at read/write hooks (although they then replace them). These
are the problem ones that will break if the library ever moves to
size_t-clean hooks, but so it goes.

When we go to size_t-clean these functions, we can just make int-based
ones just for these broken APIs to return.

Bug: 412269080
Change-Id: I9def3d67cb751b2a85c00527d63231983f0f02c4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/79047
Reviewed-by: Adam Langley <agl@google.com>
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>

crypto/bio/socket.cc

diff --git a/crypto/bio/socket.cc b/crypto/bio/socket.cc
index 9888fa2..d80b796 100644
--- a/crypto/bio/socket.cc
+++ b/crypto/bio/socket.cc
@@ -132,13 +132,15 @@
   return ret;
 }
 
-// These functions are provided solely for compatibility with older versions of
-// PostgreSQL. See bio.h for details. PostgreSQL's use makes several fragile
-// assumptions on |BIO_s_socket|:
+// These functions are provided solely for compatibility with software that
+// tries to copy and then modify |BIO_s_socket|. See bio.h for details.
+// PostgreSQL's use makes several fragile assumptions on |BIO_s_socket|:
 //
 // - We do not store anything in |BIO_set_data|. (Broken in upstream OpenSSL,
 //   which broke PostgreSQL.)
 // - We do not store anything in |BIO_set_app_data|.
+// - |BIO_s_socket| is implemented internally using the non-|size_t|-clean
+//   I/O functions rather than the |size_t|-clean ones.
 // - |BIO_METHOD| never gains another function pointer that is used in concert
 //   with any of the functions here.
 //
@@ -148,17 +150,27 @@
 // implemented in BoringSSL.)
 //
 // This is hopelessly fragile. PostgreSQL 18 will include a fix to stop using
-// these APIs, but older versions remain impact, so we implement these
-// functions, but only support |BIO_s_socket|. For now they just return the
-// underlying functions, but if we ever need to break the above assumptions, we
-// can return an older, frozen version of |BIO_s_socket|. Limiting to exactly
-// one allowed |BIO_METHOD| lets us do this.
+// these APIs, but older versions and other software remain impacted, so we
+// implement these functions, but only support |BIO_s_socket|. For now they just
+// return the underlying functions, but if we ever need to break the above
+// assumptions, we can return an older, frozen version of |BIO_s_socket|.
+// Limiting to exactly one allowed |BIO_METHOD| lets us do this.
 //
 // These functions are also deprecated in upstream OpenSSL. See
 // https://github.com/openssl/openssl/issues/26047
 //
-// TODO(davidben): Once all versions of PostgreSQL we care about are updated or
-// patched, remove these functions.
+// TODO(davidben): Once Folly and all versions of PostgreSQL we care about are
+// updated or patched, remove these functions.
+
+int (*BIO_meth_get_write(const BIO_METHOD *method))(BIO *, const char *, int) {
+  BSSL_CHECK(method == BIO_s_socket());
+  return method->bwrite;
+}
+
+int (*BIO_meth_get_read(const BIO_METHOD *method))(BIO *, char *, int) {
+  BSSL_CHECK(method == BIO_s_socket());
+  return method->bread;
+}
 
 int (*BIO_meth_get_gets(const BIO_METHOD *method))(BIO *, char *, int) {
   BSSL_CHECK(method == BIO_s_socket());

include/openssl/bio.h

diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index a3e7609..7a576b4 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -809,9 +809,9 @@
 // Using these functions is inherently unsafe and fragile. It is not possible to
 // use them in a future-proof way. See
 // https://github.com/openssl/openssl/issues/26047 for details. BoringSSL
-// implements them solely for compatibility with older versions of PostgreSQL.
-// To work around the future-proofing problems, the return values may diverge
-// from the true implementation of |BIO_s_socket|.
+// implements them solely for compatibility with Folly and older versions of
+// PostgreSQL. To work around the future-proofing problems, the return values
+// may diverge from the true implementation of |BIO_s_socket|.
 //
 // Caller should not use these functions. They are not necessary to define
 // custom |BIO_METHOD|s. Instead, callers should either:
@@ -825,6 +825,11 @@
 // - Define a custom |BIO_METHOD| without |BIO_s_socket| at all. If not using
 //   the built-in read or write functions, |BIO_s_socket| only provides a no-op
 //   |BIO_CTRL_FLUSH| implementation. This can be implemented by the caller.
+OPENSSL_EXPORT int (*BIO_meth_get_write(const BIO_METHOD *method))(BIO *,
+                                                                   const char *,
+                                                                   int);
+OPENSSL_EXPORT int (*BIO_meth_get_read(const BIO_METHOD *method))(BIO *, char *,
+                                                                  int);
 OPENSSL_EXPORT int (*BIO_meth_get_gets(const BIO_METHOD *method))(BIO *, char *,
                                                                   int);
 OPENSSL_EXPORT int (*BIO_meth_get_puts(const BIO_METHOD *method))(BIO *,