Alexey Serbin has submitted this change and it was merged. ( )

Change subject: [security] KUDU-2695 fix CheckOpenSSLInitialized()

[security] KUDU-2695 fix CheckOpenSSLInitialized()

With OpenSSL 1.1.0, the CRYPTO_get_locking_callback() and the whole old
threading API has been removed.  With the new threading API in OpenSSL,
there is no need to set locking callbacks.  In other words, starting
with OpenSSL 1.1.0, the library is initialized to be multithread-safe,
and that's exactly what Kudu needs from the OpenSSL's initialization.

Prior to this patch, the sample C++ Kudu client application from
with added call of
would fail on Ubuntu 18.04 with error message like below:
  Bad status: Runtime error: Locking callback not initialized

Prior to this patch, the sample Python Kudu client application from
was failing exactly as reported in KUDU-2695.

With this patch, the same modified C++ Kudu client application
works fine at Ubuntu 18.04 (OpenSSL 1.1.0g, with packages
libssl-dev:amd64@1.1.0g-2ubuntu4.3, libssl1.1:amd64@1.1.0g-2ubuntu4.3).
The above mentioned Python example also works as intended with this fix.
I also verified that the kudu CLI utility works fine and uses TLS wire
encryption with this patch.

Change-Id: Ica7cf22ef81bbeffd25ef2826d925c41b97dc2d8
Reviewed-by: Adar Dembo <>
Tested-by: Kudu Jenkins
(cherry picked from commit 1b138a06a4222ad822a2b5cf05dcd0bf988371ef)
Reviewed-by: Andrew Wong <>
M src/kudu/client/
M src/kudu/security/
2 files changed, 43 insertions(+), 8 deletions(-)

  Andrew Wong: Looks good to me, approved
  Kudu Jenkins: Verified

To view, visit
To unsubscribe, visit

Gerrit-Project: kudu
Gerrit-Branch: branch-1.9.x
Gerrit-MessageType: merged
Gerrit-Change-Id: Ica7cf22ef81bbeffd25ef2826d925c41b97dc2d8
Gerrit-Change-Number: 12464
Gerrit-PatchSet: 2
Gerrit-Owner: Alexey Serbin <>
Gerrit-Reviewer: Adar Dembo <>
Gerrit-Reviewer: Alexey Serbin <>
Gerrit-Reviewer: Andrew Wong <>
Gerrit-Reviewer: Kudu Jenkins (120)

Reply via email to