Alexey Serbin has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/12464 )
Change subject: [security] KUDU-2695 fix CheckOpenSSLInitialized() ...................................................................... [security] KUDU-2695 fix CheckOpenSSLInitialized() With OpenSSL 1.1.0, the CRYPTO_get_locking_callback() and the whole old threading API has been removed. With the new threading API in OpenSSL, there is no need to set locking callbacks. In other words, starting with OpenSSL 1.1.0, the library is initialized to be multithread-safe, and that's exactly what Kudu needs from the OpenSSL's initialization. Prior to this patch, the sample C++ Kudu client application from $KUDU_ROOT/examples/cpp with added call of KUDU_CHECK_OK(kudu::client::DisableOpenSSLInitialization()); would fail on Ubuntu 18.04 with error message like below: Bad status: Runtime error: Locking callback not initialized Prior to this patch, the sample Python Kudu client application from $KUDU_HOME/examples/python/basic-python-example/basic_example.py was failing exactly as reported in KUDU-2695. With this patch, the same modified C++ Kudu client application works fine at Ubuntu 18.04 (OpenSSL 1.1.0g, with packages libssl-dev:[email protected], libssl1.1:[email protected]). The above mentioned Python example also works as intended with this fix. I also verified that the kudu CLI utility works fine and uses TLS wire encryption with this patch. Change-Id: Ica7cf22ef81bbeffd25ef2826d925c41b97dc2d8 Reviewed-on: http://gerrit.cloudera.org:8080/12445 Reviewed-by: Adar Dembo <[email protected]> Tested-by: Kudu Jenkins (cherry picked from commit 1b138a06a4222ad822a2b5cf05dcd0bf988371ef) Reviewed-on: http://gerrit.cloudera.org:8080/12464 Reviewed-by: Andrew Wong <[email protected]> --- M src/kudu/client/client-unittest.cc M src/kudu/security/openssl_util.cc 2 files changed, 43 insertions(+), 8 deletions(-) Approvals: Andrew Wong: Looks good to me, approved Kudu Jenkins: Verified -- To view, visit http://gerrit.cloudera.org:8080/12464 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: branch-1.9.x Gerrit-MessageType: merged Gerrit-Change-Id: Ica7cf22ef81bbeffd25ef2826d925c41b97dc2d8 Gerrit-Change-Number: 12464 Gerrit-PatchSet: 2 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120)
