ssl: support libssls with no ENGINE implementation#4852
Closed
Luke Chen (showuon) wants to merge 1 commit intoconfluentinc:masterfrom
Closed
ssl: support libssls with no ENGINE implementation#4852Luke Chen (showuon) wants to merge 1 commit intoconfluentinc:masterfrom
Luke Chen (showuon) wants to merge 1 commit intoconfluentinc:masterfrom
Conversation
|
🎉 All Contributor License Agreements have been signed. Ready to merge. |
|
|
Co-authored-by: Chris Novakovic <[email protected]>
Luke Chen (showuon)
force-pushed
the
ssl-no-engine-luke
branch
from
206d9cc to
0a11b3a
Compare
Author
|
Milind L (@milindl) Emanuele Sabellico (@emasab) Anchit Jain (@anchitj) , call for review for this 1 line change, and had already approved by Magnus Edenhill (@edenhill) before. Without this change, it will impact some users adopt librdkafka. Thank you. |
Contributor
|
This duplicates #3535, which I've now rebased cleanly on master (and has a changelog update). |
Author
Thank you Chris Novakovic (@chrisnovakovic) ! Closing this PR. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
OpenSSL can be built without ENGINE support, and some libssl-compatible forks (e.g. BoringSSL) don't contain any ENGINE implementation at all - guard all references to the ENGINE API using OPENSSL_NO_ENGINE so these libssls can be used with librdkafka.
The definition of WITH_SSL_ENGINE incorrectly assumes that libssl is always built with support for the ENGINE API if it is provided by OpenSSL >= 1.1.0 or LibreSSL. OPENSSL_NO_ENGINE is defined by OpenSSL and all of its forks if the ENGINE API was disabled at compile-time - ensure that the definition of OPENSSL_NO_ENGINE is taken into account
when defining WITH_SSL_ENGINE.
Without this PR, it might impact some linux users to adopt librdkafka project because some Linux distros are removing openssl engines support from their openssl package (ex: fedora).
Note: This PR is from #3535 (which had approved by Magnus Edenhill (@edenhill)) , since the change log version is out-dated, and the original author is not working on it anymore.
Co-authored-by: Chris Novakovic [email protected]