[jira] [Commented] (HADOOP-11216) Improve Openssl library finding

Mon, 27 Oct 2014 23:16:24 -0700 

    [ 
https://issues.apache.org/jira/browse/HADOOP-11216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14186439#comment-14186439
 ] 

Yi Liu commented on HADOOP-11216:
---------------------------------

Thanks Colin for working on this. Certainly I don't mind you take this :-)
My comments are:
*1.* Existing {{openssl.prefix}}, {{openssl.lib}}, {{openssl.include}} will let 
people to specify custom openssl location, they will become {{-L}} and {{-I}} 
when doing compile using gcc.  Yes, I agree people can set 
{{CMAKE_LIBRARY_PATH}} and {{CMAKE_INCLUDE_PATH}}.  But snappy is in this way, 
should we make them consistent (keep openssl.\*\*, or remove snappy.\*\*)?
*2.* It's good that the patch solves compiling issue, but how about runtime, 
the cluster environment of customers may be different from compiling 
environment, currently the external libraries in Hadoop is shared linked, we 
still need to find the correct crypto library for runtime.

{quote}
We could depend on libcrypto.so rather than libcrypto.so.1.0.0
{quote}
Agree.

> Improve Openssl library finding
> -------------------------------
>
>                 Key: HADOOP-11216
>                 URL: https://issues.apache.org/jira/browse/HADOOP-11216
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.6.0
>            Reporter: Yi Liu
>            Assignee: Colin Patrick McCabe
>         Attachments: HADOOP-11216.003.patch
>
>
> When we compile Openssl 1.0.0\(x\) or 1.0.1\(x\) using default options, there 
> will be {{libcrypto.so.1.0.0}} in output lib dir, so we expect this version 
> suffix in cmake build file
> {code}
> SET(STORED_CMAKE_FIND_LIBRARY_SUFFIXES CMAKE_FIND_LIBRARY_SUFFIXES)
> set_find_shared_library_version("1.0.0")
> SET(OPENSSL_NAME "crypto")
> ....
> {code}
> If we don't bundle the crypto shared library in Hadoop distribution, then 
> Hadoop will try to find crypto library in system path when running.
> But in real linux distribution, there may be no {{libcrypto.so.1.0.0}} or 
> {{libcrypto.so}} even the system embedded openssl is 1.0.1\(x\).  Then we 
> need to make symbolic link.
> This JIRA is to improve the Openssl library finding.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to