You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@mesos.apache.org by "Till Toenshoff (Jira)" <ji...@apache.org> on 2019/10/18 01:07:00 UTC

[jira] [Created] (MESOS-10013) Have fine grained control over OpenSSL dependency.

Till Toenshoff created MESOS-10013:
--------------------------------------

             Summary: Have fine grained control over OpenSSL dependency.
                 Key: MESOS-10013
                 URL: https://issues.apache.org/jira/browse/MESOS-10013
             Project: Mesos
          Issue Type: Improvement
          Components: build, libprocess
    Affects Versions: 1.10.0
            Reporter: Till Toenshoff


We currently decide during the build configuration phase whether to link against OpenSSL or not. Whenever the developer enabled both  libevent+openssl, we internally signal via {{USE_SSL_SOCKET}}.

OpenSSL already provides more to us than only code used for TLS – our JWT handling also relies on OpenSSL.

We should consider cleaning this up. We could introduce another internal configuration signal, say {{HAS_SSL}}. When configuring, the user could enable SSL without  libevent and get our JWT specific code but no TLS.

In our CMake code, we could replace  [https://github.com/apache/mesos/blob/558829eb24f4ad636348497075bbc0428a4794a4/cmake/CompilationConfigure.cmake#L583-L586] with
{noformat}
if (ENABLE_SSL)
  add_definitions(-DHAVE_SSL=1)
  if (ENABLE_LIBEVENT)
    add_definitions(-DUSE_SSL_SOCKET=1)
  endif ()
endif () {noformat}
When {{-DENABLE_SSL}} gets supplied, the preprocessor would see {{HAS_SSL}}. When the user supplies {{-DENABLE_SSL}} and {{-DENABLE_LIBVENT}}, the resulting defines would be {{USE_SSL_SOCKET}} and {{HAS_SSL}}.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)