You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@rocketmq.apache.org by GitBox <gi...@apache.org> on 2020/03/07 12:51:53 UTC
[GitHub] [rocketmq-client-cpp] WoodsCumming opened a new pull request #273:
Use OpenSSL to add support for SSL communication with the server. Script
add debug mode support.
WoodsCumming opened a new pull request #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273
## What is the purpose of the change
Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
## Brief changelog
(1)Add OpenSSL and debug options to the ‘build.sh’ script.
(2)Add the ‘ENABLE_OPENSSL’ macro to cmakelist.txt.
(3)Link the ‘libevent_openssl.a’ static library to support OpenSSL.
(4)Link static libraries on demand.
(5)Add OpenSSL support and use the macro ‘ENABLE_OPENSSL’ to control OpenSSL compilation blocks.
(6)Inline member defaults. The default value of the inline member is intuitive and error free, and the redundant structure list can be removed, which is also recommended.
(7)Add ignore for vscode configuration in .gitignore.
(8)Add debugging information in debug mode.
(9)Add C compiler debugging options.
(10)Remove the compiler debugging option from the child test cmake, which will result in inconsistent behavior between the upper and lower cmakes.
(11)Move the SSL initialization context into the constructor so that it is constructed only once and the memory leak in the last commit code is fixed.
(12)SSL handle is managed to bufferevent without memory management. Forced release will result in double-free.
(13)Extract SSL context initialization into a function.
(14)Customize std::unique_ptr to manage SSL context and strengthen memory leak management.
(15)Add the default certificate configuration path.
(16)Add environment variables to dynamically modify the certificate configuration path.
(17)Enhance friendly output prompt.
(18)The communication function with the server is verified by self signed certificate.
(19)Asan and lsan tests have been passed.
## Verifying this change
Has been verified. Need your code review.
Follow this checklist to help us incorporate your contribution quickly and easily. Notice, `it would be helpful if you could finish the following 5 checklist(the last one is not necessary)before request the community to review your PR`.
- [x] Make sure there is a [Github issue](https://github.com/apache/rocketmq/issues) filed for the change (usually before you start working on it). Trivial changes like typos do not require a Github issue. Your pull request should address just this issue, without pulling in other changes - one PR resolves one issue.
- [x] Format the pull request title like `[ISSUE #123] Fix UnknownException when host config not exist`. Each commit in the pull request should have a meaningful subject line and body.
- [x] Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
- [x] Write necessary unit-test(over 80% coverage) to verify your logic correction, more mock a little better when a cross-module dependency exists.
- [ ] If this contribution is large, please file an [Apache Individual Contributor License Agreement](http://www.apache.org/licenses/#clas).
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [rocketmq-client-cpp] ShannonDing commented on issue #273: Use
OpenSSL to add support for SSL communication with the server. Script add
debug mode support.
Posted by GitBox <gi...@apache.org>.
ShannonDing commented on issue #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273#issuecomment-599858612
> @WoodsCumming IMHO, we should guard SSL-code with a conditional compile macro, such that existing users won't have to install additional dependent packages when upgrading assuming they are using the shared library way.
Good idea! We must consider the issue of smooth upgrades,BTW, In this PR, the OpenSSL library was built by script and link static by both rocketmq dynamic and static libraries.
So I think the users will no longer need to consider the dependencies include OpenSSL.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [rocketmq-client-cpp] WoodsCumming commented on a change in pull
request #273: Use OpenSSL to add support for SSL communication with the
server. Script add debug mode support.
Posted by GitBox <gi...@apache.org>.
WoodsCumming commented on a change in pull request #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273#discussion_r393500660
##########
File path: src/include/DefaultMQClient.h
##########
@@ -187,6 +192,8 @@ class DefaultMQClient {
std::string m_instanceName;
std::string m_nameSpace;
std::string m_GroupName;
+ std::string m_sslPropertyFile { DEFAULT_SSL_PROPERTY_FILE };
+ bool m_enableSsl { true };
Review comment:
ACK.I will modify it.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [rocketmq-client-cpp] vongosling merged pull request #273: Use
OpenSSL to add support for SSL communication with the server. Script add
debug mode support.
Posted by GitBox <gi...@apache.org>.
vongosling merged pull request #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [rocketmq-client-cpp] ShannonDing commented on a change in pull
request #273: Use OpenSSL to add support for SSL communication with the
server. Script add debug mode support.
Posted by GitBox <gi...@apache.org>.
ShannonDing commented on a change in pull request #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273#discussion_r393487302
##########
File path: src/include/DefaultMQClient.h
##########
@@ -187,6 +192,8 @@ class DefaultMQClient {
std::string m_instanceName;
std::string m_nameSpace;
std::string m_GroupName;
+ std::string m_sslPropertyFile { DEFAULT_SSL_PROPERTY_FILE };
+ bool m_enableSsl { true };
Review comment:
IMO, it is better to keep ssl disabled.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [rocketmq-client-cpp] lizhanhui commented on issue #273: Use
OpenSSL to add support for SSL communication with the server. Script add
debug mode support.
Posted by GitBox <gi...@apache.org>.
lizhanhui commented on issue #273: Use OpenSSL to add support for SSL communication with the server. Script add debug mode support.
URL: https://github.com/apache/rocketmq-client-cpp/pull/273#issuecomment-599085158
@WoodsCumming IMHO, we should guard SSL-code with a conditional compile macro, such that existing users won't have to install additional dependent packages when upgrading assuming they are using the shared library way.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services