From: Marcus Watts Date: Mon, 11 Jul 2016 21:54:07 +0000 (-0400) Subject: rgw: civetweb/openssl: Load libssl.so and libcrypto.so by soname. X-Git-Tag: v12.0.0~269^2~4 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=7caa0bd002110b62514da83a37a2a3deb841267a;p=ceph.git rgw: civetweb/openssl: Load libssl.so and libcrypto.so by soname. If building with radosgw, always look for openssl library (even when building with nss). Then, use objdump to fetch SONAME from the copies of libssl and libcrypto that were found. When building civetweb; pass the library soname values in as the libraries to load with "dlopen". This is a problem that went away for a bit, but came back with some changes for http://tracker.ceph.com/issues/16535 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1341775 Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1258961 Fixes: http://tracker.ceph.com/issues/11239 Signed-off-by: Marcus Watts --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 24c835bac8c4..a000fb7ab167 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -315,7 +315,7 @@ if(USE_NSS) else(USE_NSS) #openssl find_package(OpenSSL REQUIRED) - set(HAVE_OPENSSL ON) + set(USE_OPENSSL ON) set(SSL_LIBRARIES ${OPENSSL_LIBRARIES}) message(STATUS "SSL with OpenSSL selected (Libs: ${SSL_LIBRARIES})") endif(USE_NSS) @@ -341,6 +341,47 @@ endif(WITH_RADOSGW) option(WITH_RADOSGW_ASIO_FRONTEND "Rados Gateway's ASIO frontend is enabled" ON) +if (WITH_RADOSGW) + if (NOT DEFINED OPENSSL_FOUND) + message(STATUS "Looking for openssl anyways, because radosgw selected") + find_package(OpenSSL) + endif() + if (OPENSSL_FOUND) + execute_process( + COMMAND + "sh" "-c" + "objdump -p ${OPENSSL_SSL_LIBRARY} | sed -n 's/^ SONAME *//p'" + OUTPUT_VARIABLE LIBSSL_SONAME + ERROR_VARIABLE OBJDUMP_ERRORS + RESULT_VARIABLE OBJDUMP_RESULTS + OUTPUT_STRIP_TRAILING_WHITESPACE) + if (OBJDUMP_RESULTS) + message(FATAL_ERROR "can't run objdump: ${OBJDUMP_RESULTS}") + endif() + if (NOT OBJDUMP_ERRORS STREQUAL "") + message(WARNING "message from objdump: ${OBJDUMP_ERRORS}") + endif() + execute_process( + COMMAND + "sh" "-c" + "objdump -p ${OPENSSL_CRYPTO_LIBRARY} | sed -n 's/^ SONAME *//p'" + OUTPUT_VARIABLE LIBCRYPTO_SONAME + ERROR_VARIABLE OBJDUMP_ERRORS + RESULT_VARIABLE OBJDUMP_RESULTS + OUTPUT_STRIP_TRAILING_WHITESPACE) + if (OBJDUMP_RESULTS) + message(FATAL_ERROR "can't run objdump: ${OBJDUMP_RESULTS}") + endif() + if (NOT OBJDUMP_ERRORS STREQUAL "") + message(WARNING "message from objdump: ${OBJDUMP_ERRORS}") + endif() + message(STATUS "ssl soname: ${LIBSSL_SONAME}") + message(STATUS "crypto soname: ${LIBCRYPTO_SONAME}") + else() + message(WARNING "ssl not found: rgw civetweb may fail to dlopen libssl libcrypto") + endif() +endif (WITH_RADOSGW) + #option for CephFS option(WITH_CEPHFS "CephFS is enabled" ON) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 256b061904a0..e708270d1c58 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -909,13 +909,21 @@ if(WITH_RADOSGW) "${CMAKE_SOURCE_DIR}/src/civetweb/include") set_property(TARGET civetweb_common_objs APPEND PROPERTY COMPILE_DEFINITIONS USE_IPV6=1) - if(HAVE_SSL) + if(USE_OPENSSL) set_property(TARGET civetweb_common_objs APPEND PROPERTY COMPILE_DEFINITIONS NO_SSL_DL=1) - target_include_directories(civetweb_common_objs PUBLIC + target_include_directories(civetweb_common_objs PRIVATE "${SSL_INCLUDE_DIR}") - endif(HAVE_SSL) + endif(USE_OPENSSL) + if (LIBSSL_SONAME) + set_property(TARGET civetweb_common_objs + APPEND PROPERTY COMPILE_DEFINITIONS SSL_LIB="${LIBSSL_SONAME}") + set_property(TARGET civetweb_common_objs + APPEND PROPERTY COMPILE_DEFINITIONS CRYPTO_LIB="${LIBCRYPTO_SONAME}") + endif() + add_subdirectory(rgw) + endif(WITH_RADOSGW) install(FILES