rgw/kms/vault - need libicu to make canonical json for encryption contexts.

for encryption, aws s3 provides an "encryption" context to vary per-object
keys.  The encryption context is a base64 encoded json structure, which
must be converted to a determinstic form -- "canonical json".  This
requires converting all strings to a normalized canonical form: "utf-8 nfc",
it also requires thta keys in objects be sorted in a fixed order; so some
form of sorting based on nfc.

It turns out that libicu was the best way to produce utf-8 nfc (boost also
provides a mechanism, but it has many quirks).  So, here are the hooks
to pull the system libicu into the build.

Fixes: http://tracker.ceph.com/issues/48746
Signed-off-by: Marcus Watts <mwatts@redhat.com>
(cherry picked from commit 8afd92425b69c7556bda040c02833d3a4a39210d)

diff --git a/ceph.spec.in b/ceph.spec.in
index e2f456ed27b3004daa6d81c8194b52a4ca110ac4..a05c8d043ccbca4861e128035414f65443717361 100644 (file)
--- a/ceph.spec.in
+++ b/ceph.spec.in
@@ -186,6 +186,7 @@ BuildRequires:      libtool
 BuildRequires: libxml2-devel
 BuildRequires: make
 BuildRequires: ncurses-devel
+BuildRequires: libicu-devel
 BuildRequires: parted
 BuildRequires: patch
 BuildRequires: perl

diff --git a/debian/control b/debian/control
index 48fee481f72ed6dc57ee5c1d122f394265e116c9..42044b802d8083e52bf0963147706a85a91487b3 100644 (file)
--- a/debian/control
+++ b/debian/control
@@ -44,6 +44,7 @@ Build-Depends: automake,
 # Crimson      libgnutls28-dev,
 # Crimson      libhwloc-dev,
                libibverbs-dev,
+               libicu-dev,
                librdmacm-dev,
                libkeyutils-dev,
                libldap2-dev,

diff --git a/src/rgw/CMakeLists.txt b/src/rgw/CMakeLists.txt
index 24ef4f2acbb4dd18fc17c6711f5f3b9a362140b2..f9f2ed13c553b212b703de1028c0793c054f1eba 100644 (file)
--- a/src/rgw/CMakeLists.txt
+++ b/src/rgw/CMakeLists.txt
@@ -23,6 +23,8 @@ function(gperf_generate input output)
     )
 endfunction()
 
+find_package(ICU 52.0 COMPONENTS uc REQUIRED)
+
 set(librgw_common_srcs
   services/svc_finisher.cc
   services/svc_bi_rados.cc
@@ -179,6 +181,7 @@ target_include_directories(rgw_common PUBLIC "${CMAKE_SOURCE_DIR}/src/dmclock/su
 target_include_directories(rgw_common PUBLIC "${CMAKE_SOURCE_DIR}/src/fmt/include")
 target_include_directories(rgw_common PUBLIC "${CMAKE_SOURCE_DIR}/src/rgw")
 target_include_directories(rgw_common PRIVATE "${LUA_INCLUDE_DIR}")
+target_include_directories(rgw_common SYSTEM PRIVATE "${ICU_INCLUDE_DIRS}")
 
 
 set(librgw_kmip_srcs
@@ -270,6 +273,7 @@ target_link_libraries(rgw_a
   ${CURL_LIBRARIES}
   ${EXPAT_LIBRARIES}
   ${OPENLDAP_LIBRARIES} ${CRYPTO_LIBS}
+  ICU::uc
   OATH::OATH)
 
 if(WITH_CURL_OPENSSL)