[openssl] OpenSSL_1_1_1-stable update

matthias.st.pierre at ncp-e.com matthias.st.pierre at ncp-e.com
Thu Sep 30 12:10:23 UTC 2021

The branch OpenSSL_1_1_1-stable has been updated
       via  c23abef43ef482e129f440d40c98eb6d3a094e2b (commit)
      from  b9b45aa45873c63b8207eb527249f430288c17a0 (commit)

- Log -----------------------------------------------------------------
commit c23abef43ef482e129f440d40c98eb6d3a094e2b
Author: Dr. Matthias St. Pierre <matthias.st.pierre at ncp-e.com>
Date:   Tue Sep 28 16:12:32 2021 +0200

    doc/man3/SSL_set_fd.pod: add note about Windows compiler warning
    According to an old stackoverflow thread [1], citing an even older comment by
    Andy Polyakov (1875e6db29, Pull up Win64 support from 0.9.8., 2005-07-05),
    a cast of 'SOCKET' (UINT_PTR) to 'int' does not create a problem, because although
    the documentation [2] claims that the upper limit is INVALID_SOCKET-1 (2^64 - 2),
    in practice the socket() implementation on Windows returns an index into the kernel
    handle table, the size of which is limited to 2^24 [3].
    Add this note to the manual page to avoid unnecessary roundtrips to StackOverflow.
    [1] https://stackoverflow.com/questions/1953639/is-it-safe-to-cast-socket-to-int-under-win64
    [2] https://docs.microsoft.com/en-us/windows/win32/winsock/socket-data-type-2
    [3] https://docs.microsoft.com/en-us/windows/win32/sysinfo/kernel-objects
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/16699)
    (cherry picked from commit f8dd5869bca047a23599ac925aace70efcf487ad)


Summary of changes:
 doc/man3/SSL_set_fd.pod | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/doc/man3/SSL_set_fd.pod b/doc/man3/SSL_set_fd.pod
index 6780d515f9..1e1496cfee 100644
--- a/doc/man3/SSL_set_fd.pod
+++ b/doc/man3/SSL_set_fd.pod
@@ -45,6 +45,17 @@ The operation succeeded.
+=head1 NOTES
+On Windows, a socket handle is a 64-bit data type (UINT_PTR), which leads to a
+compiler warning (conversion from 'SOCKET' to 'int', possible loss of data) when
+passing the socket handle to SSL_set_*fd(). For the time being, this warning can
+safely be ignored, because although the Microsoft documentation claims that the
+upper limit is INVALID_SOCKET-1 (2^64 - 2), in practice the current socket()
+implementation returns an index into the kernel handle table, the size of which
+is limited to 2^24.
 =head1 SEE ALSO
 L<SSL_get_fd(3)>, L<SSL_set_bio(3)>,

More information about the openssl-commits mailing list