From b852adfa930b787c10699bbe052efb5397e72fe6 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Sun, 1 Mar 2020 18:37:27 +0800 Subject: [PATCH 01/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Add=20OpenSSL=20and=20debug=20options=20to=20the=20?= =?UTF-8?q?=E2=80=98build.sh=E2=80=99=20script.=20=EF=BC=882=EF=BC=89Add?= =?UTF-8?q?=20the=20=E2=80=98ENABLE=5FOPENSSL=E2=80=99=20macro=20to=20cmak?= =?UTF-8?q?elist.txt.=20=EF=BC=883=EF=BC=89Link=20the=20=E2=80=98libevent?= =?UTF-8?q?=5Fopenssl.a=E2=80=99=20static=20library=20to=20support=20OpenS?= =?UTF-8?q?SL.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CMakeLists.txt | 9 +++++++- build.sh | 56 ++++++++++++++++++++++++++++++++++++++------------ 2 files changed, 51 insertions(+), 14 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index a2b178c63..231716d8c 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -83,7 +83,8 @@ else () #find_package(Libevent 2.0.22 REQUIRED COMPONENTS) set(LIBEVENT_INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/bin/include) set(LIBEVENT_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib) - set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a;${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a) + set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a;${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a; + ${LIBEVENT_LIBRARIES_DIR}/libevent_openssl.a) include_directories(${LIBEVENT_INCLUDE_DIRS}) endif () @@ -180,6 +181,12 @@ ELSE () message(STATUS "** ENABLE_ASAN: ${ENABLE_ASAN} Enable asan reporting") endif () + option(ENABLE_OPENSSL "Enable openssl" OFF) + if (ENABLE_OPENSSL) + add_definitions(-DENABLE_OPENSSL) + message(STATUS "** ENABLE_OPENSSL: ${ENABLE_OPENSSL} Enable openssl") + endif () + option(ENABLE_LSAN "Enable lsan reporting" OFF) if (ENABLE_LSAN) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=leak -fno-omit-frame-pointer -static-liblsan") diff --git a/build.sh b/build.sh index 06530a78c..dcfa121ec 100755 --- a/build.sh +++ b/build.sh @@ -47,10 +47,12 @@ fi declare need_build_jsoncpp=1 declare need_build_libevent=1 declare need_build_boost=1 +declare enable_openssl=0 declare enable_asan=0 declare enable_lsan=0 declare verbose=1 declare codecov=0 +declare debug=0 declare test=0 pasres_arguments() { @@ -65,6 +67,9 @@ pasres_arguments() { noBoost) need_build_boost=0 ;; + openssl) + enable_openssl=1 + ;; asan) enable_asan=1 ;; @@ -77,6 +82,9 @@ pasres_arguments() { codecov) codecov=1 ;; + debug) + debug=1 + ;; test) test=1 ;; @@ -88,21 +96,26 @@ pasres_arguments $@ PrintParams() { echo "###########################################################################" - if [ $need_build_libevent -eq 0 ]; then - echo "no need build libevent lib" - else - echo "need build libevent lib" - fi if [ $need_build_jsoncpp -eq 0 ]; then echo "no need build jsoncpp lib" else echo "need build jsoncpp lib" fi + if [ $need_build_libevent -eq 0 ]; then + echo "no need build libevent lib" + else + echo "need build libevent lib" + fi if [ $need_build_boost -eq 0 ]; then echo "no need build boost lib" else echo "need build boost lib" fi + if [ $enable_openssl -eq 1 ]; then + echo "enable openssl" + else + echo "disable openssl" + fi if [ $enable_asan -eq 1 ]; then echo "enable asan reporting" else @@ -113,18 +126,25 @@ PrintParams() { else echo "disable lsan reporting" fi - if [ $test -eq 1 ]; then - echo "build unit tests" + if [ $verbose -eq 0 ]; then + echo "no need print detail logs" else - echo "without build unit tests" + echo "need print detail logs" fi if [ $codecov -eq 1 ]; then echo "run unit tests with code coverage" + else + echo "run unit tests without code coverage" fi - if [ $verbose -eq 0 ]; then - echo "no need print detail logs" + if [ $debug -eq 1 ]; then + echo "enable debug" else - echo "need print detail logs" + echo "disable debug" + fi + if [ $test -eq 1 ]; then + echo "build unit tests" + else + echo "without build unit tests" fi echo "###########################################################################" @@ -202,9 +222,9 @@ BuildLibevent() { fi echo "build libevent static #####################" if [ $verbose -eq 0 ]; then - ./configure --disable-openssl --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} &> libeventconfig.txt + ./configure --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} &> libeventconfig.txt else - ./configure --disable-openssl --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} + ./configure --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} fi if [ $? -ne 0 ]; then exit 1 @@ -320,6 +340,11 @@ BuildRocketMQClient() { else ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DRUN_UNIT_TEST=OFF -DCODE_COVERAGE=OFF" fi + if [ $enable_openssl -eq 1 ]; then + ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_OPENSSL=ON" + else + ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_OPENSSL=OFF" + fi if [ $enable_asan -eq 1 ]; then ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_ASAN=ON" else @@ -330,6 +355,11 @@ BuildRocketMQClient() { else ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_LSAN=OFF" fi + if [ $debug -eq 1 ]; then + ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DCMAKE_BUILD_TYPE=Debug" + else + ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DCMAKE_BUILD_TYPE=Release" + fi cmake .. $ROCKETMQ_CMAKE_FLAG if [ $verbose -eq 0 ]; then echo "build rocketmq without detail log." From c7c202c4cca3b1c63b80385636b79b079da8890f Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Sun, 1 Mar 2020 23:53:55 +0800 Subject: [PATCH 02/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Link=20static=20libraries=20on=20demand.=20=EF=BC=882?= =?UTF-8?q?=EF=BC=89Add=20OpenSSL=20support=20and=20use=20the=20macro=20?= =?UTF-8?q?=E2=80=98ENABLE=5FOPENSSL=E2=80=99=20to=20control=20OpenSSL=20c?= =?UTF-8?q?ompilation=20blocks.=20=EF=BC=883=EF=BC=89Inline=20member=20def?= =?UTF-8?q?aults.=20The=20default=20value=20of=20the=20inline=20member=20i?= =?UTF-8?q?s=20intuitive=20and=20error=20free,=20and=20the=20redundant=20s?= =?UTF-8?q?tructure=20list=20can=20be=20removed,=20which=20is=20also=20rec?= =?UTF-8?q?ommended.=20=EF=BC=884=EF=BC=89Add=20ignore=20for=20vscode=20co?= =?UTF-8?q?nfiguration=20in=20.gitignore.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .gitignore | 1 + CMakeLists.txt | 7 ++++-- src/transport/EventLoop.cpp | 46 +++++++++++++++++++++++++++++++++++-- src/transport/EventLoop.h | 19 +++++++++++---- 4 files changed, 64 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 22c735062..0640d20b1 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ build libs/signature/lib tmp_* Testing +.vscode diff --git a/CMakeLists.txt b/CMakeLists.txt index 231716d8c..54ffb4a06 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -83,8 +83,7 @@ else () #find_package(Libevent 2.0.22 REQUIRED COMPONENTS) set(LIBEVENT_INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/bin/include) set(LIBEVENT_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib) - set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a;${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a; - ${LIBEVENT_LIBRARIES_DIR}/libevent_openssl.a) + set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a;${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a) include_directories(${LIBEVENT_INCLUDE_DIRS}) endif () @@ -183,6 +182,7 @@ ELSE () option(ENABLE_OPENSSL "Enable openssl" OFF) if (ENABLE_OPENSSL) + list(APPEND LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent_openssl.a) add_definitions(-DENABLE_OPENSSL) message(STATUS "** ENABLE_OPENSSL: ${ENABLE_OPENSSL} Enable openssl") endif () @@ -206,6 +206,9 @@ ELSE () # For some reason, the check_function_exists macro doesn't detect # the inet_aton on some pure Unix platforms (e.g. sunos5). So we # need to do a more detailed check and also include some extra deplibs. + if (ENABLE_OPENSSL) + list(APPEND deplibs ssl crypto) + endif () list(APPEND deplibs dl) list(APPEND deplibs pthread) if (NOT APPLE) diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 3d674056d..29dde9e28 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -32,8 +32,7 @@ EventLoop* EventLoop::GetDefaultEventLoop() { return &defaultEventLoop; } -EventLoop::EventLoop(const struct event_config* config, bool run_immediately) - : m_eventBase(nullptr), m_loopThread(nullptr), _is_running(false) { +EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { // tell libevent support multi-threads #ifdef WIN32 evthread_use_windows_threads(); @@ -67,6 +66,17 @@ EventLoop::~EventLoop() { event_base_free(m_eventBase); m_eventBase = nullptr; } + +#ifdef ENABLE_OPENSSL + if (m_ssl != nullptr) { + SSL_free(m_ssl); + } + + if (m_ssl_ctx != nullptr) { + SSL_CTX_free(m_ssl_ctx); + } +#endif + } void EventLoop::start() { @@ -112,7 +122,39 @@ void EventLoop::runLoop() { #define OPT_UNLOCK_CALLBACKS (BEV_OPT_DEFER_CALLBACKS | BEV_OPT_UNLOCK_CALLBACKS) BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options) { + +#ifdef ENABLE_OPENSSL + // init ssl context. + SSL_library_init(); + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + SSL_load_error_strings(); + + m_ssl_ctx = SSL_CTX_new(SSLv23_client_method()); + if (m_ssl_ctx == nullptr) { + LOG_ERROR("Failed to create ssl context!"); + return nullptr; + } + + m_ssl = SSL_new(m_ssl_ctx); + if (m_ssl == nullptr) { + LOG_ERROR("Failed to create ssl handle!"); + return nullptr; + } + + // create ssl bufferevent + struct bufferevent* event = bufferevent_openssl_socket_new(m_eventBase, fd, m_ssl, + BUFFEREVENT_SSL_CONNECTING, options); + + /* create filter ssl bufferevent + struct bufferevent *bev = bufferevent_socket_new(m_eventBase, fd, options); + struct bufferevent* event = bufferevent_openssl_filter_new(m_eventBase, bev, m_ssl, + BUFFEREVENT_SSL_CONNECTING, options); + */ +#else struct bufferevent* event = bufferevent_socket_new(m_eventBase, fd, options); +#endif + if (event == nullptr) { return nullptr; } diff --git a/src/transport/EventLoop.h b/src/transport/EventLoop.h index c974479f0..1bdc3c7f6 100644 --- a/src/transport/EventLoop.h +++ b/src/transport/EventLoop.h @@ -20,9 +20,15 @@ #include #include +#ifdef ENABLE_OPENSSL +#include +#include +#include +#endif + +#include #include #include -#include #include "noncopyable.h" @@ -49,10 +55,13 @@ class EventLoop : public noncopyable { void runLoop(); private: - struct event_base* m_eventBase; - std::thread* m_loopThread; - - bool _is_running; // aotmic is unnecessary + struct event_base* m_eventBase { nullptr }; + std::thread* m_loopThread { nullptr }; +#ifdef ENABLE_OPENSSL + SSL* m_ssl { nullptr }; + SSL_CTX* m_ssl_ctx { nullptr }; +#endif + bool _is_running { false }; // aotmic is unnecessary }; class TcpTransport; From 88440622fc13c62fadae00480b59132fc0b300eb Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 3 Mar 2020 20:02:58 +0800 Subject: [PATCH 03/16] Add debugging information in debug mode. --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 54ffb4a06..ac8d21335 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -194,7 +194,7 @@ ELSE () message(STATUS "** ENABLE_LSAN: ${ENABLE_LSAN} Enable lsan reporting") endif () - set(CMAKE_CXX_FLAGS_DEBUG "-O0 -DDEBUG") + set(CMAKE_CXX_FLAGS_DEBUG "-g -O0 -DDEBUG") set(CMAKE_CXX_FLAGS_RELEASE "-O3 -DNDEBUG") From 26f4bfd2055c39ec19e198df9e7f71b9a5bfa0bc Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Wed, 4 Mar 2020 02:11:03 +0800 Subject: [PATCH 04/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Add=20C=20compiler=20debugging=20options.=20=EF=BC=882?= =?UTF-8?q?=EF=BC=89Remove=20the=20compiler=20debugging=20option=20from=20?= =?UTF-8?q?the=20child=20test=20cmake,=20which=20will=20result=20in=20inco?= =?UTF-8?q?nsistent=20behavior=20between=20the=20upper=20and=20lower=20cma?= =?UTF-8?q?kes.=20=EF=BC=883=EF=BC=89Move=20the=20SSL=20initialization=20c?= =?UTF-8?q?ontext=20into=20the=20constructor=20so=20that=20it=20is=20const?= =?UTF-8?q?ructed=20only=20once=20and=20the=20memory=20leak=20in=20the=20l?= =?UTF-8?q?ast=20commit=20code=20is=20fixed.=20=EF=BC=884=EF=BC=89SSL=20ha?= =?UTF-8?q?ndle=20is=20managed=20to=20bufferevent=20without=20memory=20man?= =?UTF-8?q?agement.=20Forced=20release=20will=20result=20in=20double-free.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CMakeLists.txt | 2 ++ src/transport/EventLoop.cpp | 37 +++++++++++++++++-------------------- src/transport/EventLoop.h | 1 - test/CMakeLists.txt | 2 -- 4 files changed, 19 insertions(+), 23 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index ac8d21335..4f5959e2e 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -196,6 +196,8 @@ ELSE () set(CMAKE_CXX_FLAGS_DEBUG "-g -O0 -DDEBUG") set(CMAKE_CXX_FLAGS_RELEASE "-O3 -DNDEBUG") + set(CMAKE_C_FLAGS_DEBUG "-g -O0 -DDEBUG") + set(CMAKE_C_FLAGS_RELEASE "-O3 -DNDEBUG") # Declare deplibs, so we can use list in linker later. There's probably diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 29dde9e28..22577c6f1 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -54,6 +54,18 @@ EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { evthread_make_base_notifiable(m_eventBase); +#ifdef ENABLE_OPENSSL + SSL_library_init(); + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + SSL_load_error_strings(); + + if ((m_ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == nullptr) { + LOG_ERROR("Failed to create ssl context!"); + return ; + } +#endif + if (run_immediately) { start(); } @@ -68,10 +80,6 @@ EventLoop::~EventLoop() { } #ifdef ENABLE_OPENSSL - if (m_ssl != nullptr) { - SSL_free(m_ssl); - } - if (m_ssl_ctx != nullptr) { SSL_CTX_free(m_ssl_ctx); } @@ -124,31 +132,19 @@ void EventLoop::runLoop() { BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options) { #ifdef ENABLE_OPENSSL - // init ssl context. - SSL_library_init(); - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - SSL_load_error_strings(); - - m_ssl_ctx = SSL_CTX_new(SSLv23_client_method()); - if (m_ssl_ctx == nullptr) { - LOG_ERROR("Failed to create ssl context!"); - return nullptr; - } - - m_ssl = SSL_new(m_ssl_ctx); - if (m_ssl == nullptr) { + SSL* ssl = SSL_new(m_ssl_ctx); + if (ssl == nullptr) { LOG_ERROR("Failed to create ssl handle!"); return nullptr; } // create ssl bufferevent - struct bufferevent* event = bufferevent_openssl_socket_new(m_eventBase, fd, m_ssl, + struct bufferevent* event = bufferevent_openssl_socket_new(m_eventBase, fd, ssl, BUFFEREVENT_SSL_CONNECTING, options); /* create filter ssl bufferevent struct bufferevent *bev = bufferevent_socket_new(m_eventBase, fd, options); - struct bufferevent* event = bufferevent_openssl_filter_new(m_eventBase, bev, m_ssl, + struct bufferevent* event = bufferevent_openssl_filter_new(m_eventBase, bev, ssl, BUFFEREVENT_SSL_CONNECTING, options); */ #else @@ -156,6 +152,7 @@ BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options) { #endif if (event == nullptr) { + LOG_ERROR("Failed to create bufferevent!"); return nullptr; } diff --git a/src/transport/EventLoop.h b/src/transport/EventLoop.h index 1bdc3c7f6..5537a47e1 100644 --- a/src/transport/EventLoop.h +++ b/src/transport/EventLoop.h @@ -58,7 +58,6 @@ class EventLoop : public noncopyable { struct event_base* m_eventBase { nullptr }; std::thread* m_loopThread { nullptr }; #ifdef ENABLE_OPENSSL - SSL* m_ssl { nullptr }; SSL_CTX* m_ssl_ctx { nullptr }; #endif bool _is_running { false }; // aotmic is unnecessary diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 68085c76a..e14be5165 100755 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -51,8 +51,6 @@ link_directories(${JSONCPP_LIBRARY}) set(ROCKETMQ_LIBRARIES ${CMAKE_SOURCE_DIR}/bin/librocketmq.a) message(STATUS "** ROCKETMQ_LIBRARIES ${ROCKETMQ_LIBRARIES}") -set(CMAKE_BUILD_TYPE "Debug") - function(compile files) foreach (file ${files}) get_filename_component(basename ${file} NAME_WE) From 1c990c7be981e10bdf4e66bf75d7655550a10b48 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Sat, 7 Mar 2020 20:28:53 +0800 Subject: [PATCH 05/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Extract=20SSL=20context=20initialization=20into=20a=20?= =?UTF-8?q?function.=20=EF=BC=882=EF=BC=89Customize=20std::unique=5Fptr=20?= =?UTF-8?q?to=20manage=20SSL=20content=20and=20strengthen=20memory=20leak?= =?UTF-8?q?=20management.=20=EF=BC=883=EF=BC=89Add=20the=20default=20certi?= =?UTF-8?q?ficate=20configuration=20path.=20=EF=BC=884=EF=BC=89Add=20envir?= =?UTF-8?q?onment=20variables=20to=20dynamically=20modify=20the=20certific?= =?UTF-8?q?ate=20configuration=20path.=20=EF=BC=885=EF=BC=89Enhance=20frie?= =?UTF-8?q?ndly=20output=20prompt.=20=EF=BC=886=EF=BC=89The=20communicatio?= =?UTF-8?q?n=20function=20with=20the=20server=20is=20verified=20by=20self?= =?UTF-8?q?=20signed=20certificate.=20=EF=BC=887=EF=BC=89Asan=20and=20lsan?= =?UTF-8?q?=20tests=20have=20been=20passed.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/transport/EventLoop.cpp | 97 +++++++++++++++++++++++++++++++------ src/transport/EventLoop.h | 6 ++- 2 files changed, 87 insertions(+), 16 deletions(-) diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 22577c6f1..f783aab73 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -22,6 +22,8 @@ #include +#include + #include "Logging.h" #include "UtilAll.h" @@ -55,14 +57,9 @@ EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { evthread_make_base_notifiable(m_eventBase); #ifdef ENABLE_OPENSSL - SSL_library_init(); - OpenSSL_add_all_algorithms(); - ERR_load_crypto_strings(); - SSL_load_error_strings(); - - if ((m_ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == nullptr) { + if (!CreateSslContext()) { LOG_ERROR("Failed to create ssl context!"); - return ; + return; } #endif @@ -78,13 +75,6 @@ EventLoop::~EventLoop() { event_base_free(m_eventBase); m_eventBase = nullptr; } - -#ifdef ENABLE_OPENSSL - if (m_ssl_ctx != nullptr) { - SSL_CTX_free(m_ssl_ctx); - } -#endif - } void EventLoop::start() { @@ -127,12 +117,89 @@ void EventLoop::runLoop() { } } +#ifdef ENABLE_OPENSSL +bool EventLoop::CreateSslContext() { + ERR_load_crypto_strings(); + SSL_load_error_strings(); + SSL_library_init(); + OpenSSL_add_all_algorithms(); + + m_ssl_ctx.reset(SSL_CTX_new(SSLv23_client_method())); + if (m_ssl_ctx.get() == nullptr) { + LOG_ERROR("Failed to create ssl context!"); + return false; + } + + const char* CA_CERT_FILE_DEFAULT = "/etc/rocketmq/ca.pem"; + const char* CLIENT_CERT_FILE_DEFAULT = "/etc/rocketmq/client.pem"; + const char* CLIENT_KEY_FILE_DEFAULT = "/etc/rocketmq/client.key"; + + const char* CA_CERT_FILE = std::getenv("CA_CERT_FILE"); + const char* CLIENT_CERT_FILE = std::getenv("CLIENT_CERT_FILE"); + const char* CLIENT_KEY_FILE = std::getenv("CLIENT_KEY_FILE"); + const char* PASS_PHRASE = std::getenv("PASS_PHRASE"); + + if (!CA_CERT_FILE) { CA_CERT_FILE = CA_CERT_FILE_DEFAULT; } + if (!CLIENT_CERT_FILE) { CLIENT_CERT_FILE = CLIENT_CERT_FILE_DEFAULT; } + if (!CLIENT_KEY_FILE) { CLIENT_KEY_FILE = CLIENT_KEY_FILE_DEFAULT; } + + SSL_CTX_set_verify(m_ssl_ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + SSL_CTX_set_mode(m_ssl_ctx.get(), SSL_MODE_AUTO_RETRY); + + if (!PASS_PHRASE) { + LOG_WARN("The pass phrase is not specified. Set it by modifying the environment variable 'PASS_PHRASE'.", CA_CERT_FILE); + } else { + SSL_CTX_set_default_passwd_cb_userdata(m_ssl_ctx.get(), (void*)PASS_PHRASE); + } + + bool check_flag { true }; + if (!boost::filesystem::exists(CA_CERT_FILE)) { + check_flag = false; + LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " + "or modify the environment variable 'CA_CERT_FILE' to point to its location.", CA_CERT_FILE); + } else if (SSL_CTX_load_verify_locations(m_ssl_ctx.get(), CA_CERT_FILE, NULL) <= 0) { + LOG_ERROR("SSL_CTX_load_verify_locations error!"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!boost::filesystem::exists(CLIENT_CERT_FILE)) { + check_flag = false; + LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " + "or modify the environment variable 'CLIENT_CERT_FILE' to point to its location.", CLIENT_CERT_FILE); + } else if (SSL_CTX_use_certificate_file(m_ssl_ctx.get(), CLIENT_CERT_FILE, SSL_FILETYPE_PEM) <= 0) { + LOG_ERROR("SSL_CTX_use_certificate_file error!"); + ERR_print_errors_fp(stderr); + return false; + } + + if (!boost::filesystem::exists(CLIENT_KEY_FILE)) { + check_flag = false; + LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " + "or modify the environment variable 'CLIENT_KEY_FILE' to point to its location.", CLIENT_KEY_FILE); + } else if (SSL_CTX_use_PrivateKey_file(m_ssl_ctx.get(), CLIENT_KEY_FILE, SSL_FILETYPE_PEM) <= 0) { + LOG_ERROR("SSL_CTX_use_PrivateKey_file error!"); + ERR_print_errors_fp(stderr); + return false; + } + + if(check_flag && SSL_CTX_check_private_key(m_ssl_ctx.get()) <= 0) + { + LOG_ERROR("SSL_CTX_check_private_key error!"); + ERR_print_errors_fp(stderr); + return false; + } + + return true; +} +#endif + #define OPT_UNLOCK_CALLBACKS (BEV_OPT_DEFER_CALLBACKS | BEV_OPT_UNLOCK_CALLBACKS) BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options) { #ifdef ENABLE_OPENSSL - SSL* ssl = SSL_new(m_ssl_ctx); + SSL* ssl = SSL_new(m_ssl_ctx.get()); if (ssl == nullptr) { LOG_ERROR("Failed to create ssl handle!"); return nullptr; diff --git a/src/transport/EventLoop.h b/src/transport/EventLoop.h index 5537a47e1..3d3b01fe6 100644 --- a/src/transport/EventLoop.h +++ b/src/transport/EventLoop.h @@ -53,12 +53,16 @@ class EventLoop : public noncopyable { private: void runLoop(); +#ifdef ENABLE_OPENSSL + bool CreateSslContext(); +#endif private: struct event_base* m_eventBase { nullptr }; std::thread* m_loopThread { nullptr }; #ifdef ENABLE_OPENSSL - SSL_CTX* m_ssl_ctx { nullptr }; + using SSL_CTX_ptr = std::unique_ptr; + SSL_CTX_ptr m_ssl_ctx { nullptr, ::SSL_CTX_free }; #endif bool _is_running { false }; // aotmic is unnecessary }; From 4b020e727839849504d042c49b81791d4d484fc2 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 10 Mar 2020 04:57:50 +0800 Subject: [PATCH 06/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Add=20OpenSSL=20library=20and=20compile=20script.=20?= =?UTF-8?q?=EF=BC=882=EF=BC=89Remove=20the=20system=20dynamic=20library=20?= =?UTF-8?q?connection,=20and=20use=20the=20project=20OpenSSL=20static=20li?= =?UTF-8?q?brary=20link=20instead.=20=EF=BC=883=EF=BC=89Fix=20some=20error?= =?UTF-8?q?s=20in=20CMakeList.txt.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- example/CMakeLists.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/example/CMakeLists.txt b/example/CMakeLists.txt index aecec5cf2..daf9c3bc2 100755 --- a/example/CMakeLists.txt +++ b/example/CMakeLists.txt @@ -23,6 +23,7 @@ include_directories(${Boost_INCLUDE_DIRS}) link_directories(${Boost_LIBRARY_DIRS}) link_directories(${LIBEVENT_LIBRARY}) link_directories(${JSONCPP_LIBRARY}) +link_directories(${OPENSSL_LIBRARIES_DIR}) #if (BUILD_ROCKETMQ_SHARED) # set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -DBOOST_ALL_DYN_LINK -shared ") @@ -43,10 +44,10 @@ foreach(file ${files}) if (MSVC) if (BUILD_ROCKETMQ_SHARED) target_link_libraries (${basename} rocketmq_shared ${deplibs} - ${Boost_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES}) + ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES}) else() target_link_libraries (${basename} rocketmq_static ${deplibs} - ${Boost_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES}) + ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES}) endif() else() if (BUILD_ROCKETMQ_SHARED) From 0fd06cc4c67476d991e1b1c6076e68821ba3b26c Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 10 Mar 2020 04:58:54 +0800 Subject: [PATCH 07/16] =?UTF-8?q?=20=20=20=20Modification=20item:=20=20=20?= =?UTF-8?q?=20=20=EF=BC=881=EF=BC=89Add=20OpenSSL=20library=20and=20compil?= =?UTF-8?q?e=20script.=20=20=20=20=20=EF=BC=882=EF=BC=89Remove=20the=20sys?= =?UTF-8?q?tem=20dynamic=20library=20connection,=20and=20use=20the=20proje?= =?UTF-8?q?ct=20OpenSSL=20static=20library=20link=20instead.=20=20=20=20?= =?UTF-8?q?=20=EF=BC=883=EF=BC=89Fix=20some=20errors=20in=20CMakeList.txt.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CMakeLists.txt | 39 +++++++++++++++-------- build.sh | 70 ++++++++++++++++++++++++++++++++++++++++-- project/CMakeLists.txt | 2 ++ test/CMakeLists.txt | 5 +-- 4 files changed, 99 insertions(+), 17 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 4f5959e2e..7856aba2d 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -44,6 +44,24 @@ set(CMAKE_VERBOSE_MAKEFILE 1) option(BUILD_ROCKETMQ_STATIC "build rocketmq-client static library" ON) option(BUILD_ROCKETMQ_SHARED "build rocketmq-client shared library" ON) +option(OPENSSL_USE_STATIC_LIBS "only find openssl static libs" ON) # only find static libs +if (WIN32) + find_package(OpenSSL 1.1.1 REQUIRED COMPONENTS) + if (OPENSSL_FOUND) + include_directories(${OPENSSL_INCLUDE_DIR}) + message(STATUS "** OpenSSL Include dir: ${OPENSSL_INCLUDE_DIR}") + message(STATUS "** OpenSSL Libraries: ${OPENSSL_LIBRARIES}") + endif () +else () + #find_package(OpenSSL 1.1.1 REQUIRED COMPONENTS) + set(OPENSSL_INCLUDE_DIR ${PROJECT_SOURCE_DIR}/bin/include) + set(OPENSSL_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib64) + set(OPENSSL_LIBRARIES ${OPENSSL_LIBRARIES_DIR}/libssl.a;${OPENSSL_LIBRARIES_DIR}/libcrypto.a) + include_directories(${OPENSSL_INCLUDE_DIR}) +endif () +message(STATUS "** OpenSSL_INCLUDE_DIR: ${OPENSSL_INCLUDE_DIR}") +message(STATUS "** OpenSSL_LIBRARIES: ${OPENSSL_LIBRARIES}") + #Find dependency option(Boost_USE_STATIC_LIBS "only find boost static libs" ON) # only find static libs set(Boost_USE_MULTITHREADED ON) @@ -61,11 +79,11 @@ else () #find_package(Boost 1.56 REQUIRED COMPONENTS atomic thread system chrono date_time log log_setup regex serialization filesystem locale iostreams) set(Boost_INCLUDE_DIR ${PROJECT_SOURCE_DIR}/bin/include) set(Boost_LIBRARY_DIRS ${PROJECT_SOURCE_DIR}/bin/lib) - set(Boost_LIBRARIES ${Boost_LIBRARY_DIRS}/libboost_atomic.a;${Boost_LIBRARY_DIRS}/libboost_thread.a;${Boost_LIBRARY_DIRS}/libboost_system.a;${Boost_LIBRARY_DIRS}/libboost_chrono.a; - ${Boost_LIBRARY_DIRS}/libboost_date_time.a;${Boost_LIBRARY_DIRS}/libboost_log.a;${Boost_LIBRARY_DIRS}/libboost_log_setup.a; - ${Boost_LIBRARY_DIRS}/libboost_regex.a;${Boost_LIBRARY_DIRS}/libboost_serialization.a;${Boost_LIBRARY_DIRS}/libboost_filesystem.a; - ${Boost_LIBRARY_DIRS}/libboost_locale.a;${Boost_LIBRARY_DIRS}/libboost_iostreams.a) - include_directories(${Boost_INCLUDE_DIRS}) + set(Boost_LIBRARIES ${Boost_LIBRARY_DIRS}/libboost_atomic.a;${Boost_LIBRARY_DIRS}/libboost_thread.a;${Boost_LIBRARY_DIRS}/libboost_system.a; + ${Boost_LIBRARY_DIRS}/libboost_chrono.a;${Boost_LIBRARY_DIRS}/libboost_date_time.a;${Boost_LIBRARY_DIRS}/libboost_log.a; + ${Boost_LIBRARY_DIRS}/libboost_log_setup.a;${Boost_LIBRARY_DIRS}/libboost_regex.a;${Boost_LIBRARY_DIRS}/libboost_serialization.a; + ${Boost_LIBRARY_DIRS}/libboost_filesystem.a;${Boost_LIBRARY_DIRS}/libboost_locale.a;${Boost_LIBRARY_DIRS}/libboost_iostreams.a) + include_directories(${Boost_INCLUDE_DIR}) endif () message(STATUS "** Boost_INCLUDE_DIR: ${Boost_INCLUDE_DIR}") @@ -76,18 +94,19 @@ if (WIN32) find_package(Libevent 2.0.22 REQUIRED COMPONENTS) if (LIBEVENT_FOUND) include_directories(${LIBEVENT_INCLUDE_DIRS}) - message(STATUS "** libevent Include dir: ${LIBEVENT_INCLUDE_DIR}") + message(STATUS "** libevent Include dir: ${LIBEVENT_INCLUDE_DIRS}") message(STATUS "** libevent Libraries: ${LIBEVENT_LIBRARIES}") endif () else () #find_package(Libevent 2.0.22 REQUIRED COMPONENTS) set(LIBEVENT_INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/bin/include) set(LIBEVENT_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib) - set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a;${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a) + set(LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent.a;${LIBEVENT_LIBRARIES_DIR}/libevent_core.a;${LIBEVENT_LIBRARIES_DIR}/libevent_extra.a; + ${LIBEVENT_LIBRARIES_DIR}/libevent_pthreads.a;${LIBEVENT_LIBRARIES_DIR}/libevent_openssl.a) include_directories(${LIBEVENT_INCLUDE_DIRS}) endif () -message(STATUS "** LIBEVENT_INCLUDE_DIR: ${LIBEVENT_INCLUDE_DIR}") +message(STATUS "** LIBEVENT_INCLUDE_DIR: ${LIBEVENT_INCLUDE_DIRS}") message(STATUS "** LIBEVENT_LIBRARIES: ${LIBEVENT_LIBRARIES}") option(JSONCPP_USE_STATIC_LIBS "only find jsoncpp static libs" ON) # only find static libs @@ -182,7 +201,6 @@ ELSE () option(ENABLE_OPENSSL "Enable openssl" OFF) if (ENABLE_OPENSSL) - list(APPEND LIBEVENT_LIBRARIES ${LIBEVENT_LIBRARIES_DIR}/libevent_openssl.a) add_definitions(-DENABLE_OPENSSL) message(STATUS "** ENABLE_OPENSSL: ${ENABLE_OPENSSL} Enable openssl") endif () @@ -208,9 +226,6 @@ ELSE () # For some reason, the check_function_exists macro doesn't detect # the inet_aton on some pure Unix platforms (e.g. sunos5). So we # need to do a more detailed check and also include some extra deplibs. - if (ENABLE_OPENSSL) - list(APPEND deplibs ssl crypto) - endif () list(APPEND deplibs dl) list(APPEND deplibs pthread) if (NOT APPLE) diff --git a/build.sh b/build.sh index dcfa121ec..5d3fad1f4 100755 --- a/build.sh +++ b/build.sh @@ -24,9 +24,12 @@ declare build_dir="${basepath}/tmp_build_dir" declare packet_dir="${basepath}/tmp_packet_dir" declare install_lib_dir="${basepath}/bin" declare static_package_dir="${basepath}/tmp_static_package_dir" +declare fname_openssl="openssl*.tar.gz" + declare fname_libevent="libevent*.zip" declare fname_jsoncpp="jsoncpp*.zip" declare fname_boost="boost*.tar.gz" +declare fname_openssl_down="openssl-1.1.1d.tar.gz" declare fname_libevent_down="release-2.1.11-stable.zip" declare fname_jsoncpp_down="0.10.7.zip" declare fname_boost_down="1.58.0/boost_1_58_0.tar.gz" @@ -44,8 +47,10 @@ if test "$(uname)" = "Linux"; then elif test "$(uname)" = "Darwin" ; then declare cpu_num=$(sysctl -n machdep.cpu.thread_count) fi -declare need_build_jsoncpp=1 + +declare need_build_openssl=1 declare need_build_libevent=1 +declare need_build_jsoncpp=1 declare need_build_boost=1 declare enable_openssl=0 declare enable_asan=0 @@ -58,12 +63,15 @@ declare test=0 pasres_arguments() { for var in "$@"; do case "$var" in - noJson) - need_build_jsoncpp=0 + noOpenSSL) + need_build_openssl=0 ;; noEvent) need_build_libevent=0 ;; + noJson) + need_build_jsoncpp=0 + ;; noBoost) need_build_boost=0 ;; @@ -96,6 +104,11 @@ pasres_arguments $@ PrintParams() { echo "###########################################################################" + if [ $need_build_openssl -eq 0 ]; then + echo "no need build openssl lib" + else + echo "need build openssl lib" + fi if [ $need_build_jsoncpp -eq 0 ]; then echo "no need build jsoncpp lib" else @@ -161,6 +174,10 @@ Prepare() { fi cd ${basepath} + if [ -e ${fname_openssl} ]; then + mv -f ${basepath}/${fname_openssl} ${down_dir} + fi + if [ -e ${fname_libevent} ]; then mv -f ${basepath}/${fname_libevent} ${down_dir} fi @@ -194,6 +211,52 @@ Prepare() { fi } +BuildOpenSSL() { + if [ $need_build_openssl -eq 0 ]; then + echo "no need build openssl lib" + return 0 + fi + + cd ${down_dir} + if [ -e ${fname_openssl} ]; then + echo "${fname_openssl} is exist" + else + wget https://www.openssl.org/source/${fname_openssl_down} -O ${fname_openssl_down} + fi + tar -zxvf ${fname_openssl} &> unzipopenssl.txt + if [ $? -ne 0 ]; then + exit 1 + fi + + openssl_dir=$(ls | grep ^openssl | grep .*[^gz]$) + cd ${openssl_dir} + if [ $? -ne 0 ]; then + exit 1 + fi + echo "build openssl static #####################" + if [ $verbose -eq 0 ]; then + ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} &> opensslconfig.txt + else + ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} + fi + if [ $? -ne 0 ]; then + exit 1 + fi + if [ $verbose -eq 0 ]; then + echo "build openssl without detail log." + make depend + make -j $cpu_num &> opensslbuild.txt + else + make depend + make -j $cpu_num + fi + if [ $? -ne 0 ]; then + exit 1 + fi + make install + echo "build openssl success." +} + BuildLibevent() { if [ $need_build_libevent -eq 0 ]; then echo "no need build libevent lib" @@ -480,6 +543,7 @@ PackageRocketMQStatic() { PrintParams Prepare +BuildOpenSSL BuildLibevent BuildJsonCPP BuildBoost diff --git a/project/CMakeLists.txt b/project/CMakeLists.txt index 60b5d0db2..efd2a815d 100755 --- a/project/CMakeLists.txt +++ b/project/CMakeLists.txt @@ -50,6 +50,7 @@ if (BUILD_ROCKETMQ_STATIC) target_link_libraries(rocketmq_static ${JSONCPP_LIBRARIES}) target_link_libraries(rocketmq_static ${LIBEVENT_LIBRARIES}) target_link_libraries(rocketmq_static ${Boost_LIBRARIES}) + target_link_libraries(rocketmq_static ${OPENSSL_LIBRARIES}) target_link_libraries(rocketmq_static ${deplibs}) endif () @@ -63,6 +64,7 @@ if (BUILD_ROCKETMQ_SHARED) target_link_libraries(rocketmq_shared ${JSONCPP_LIBRARIES}) target_link_libraries(rocketmq_shared ${LIBEVENT_LIBRARIES}) target_link_libraries(rocketmq_shared ${Boost_LIBRARIES}) + target_link_libraries(rocketmq_shared ${OPENSSL_LIBRARIES}) target_link_libraries(rocketmq_shared ${deplibs}) endif () diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index e14be5165..ce3845d89 100755 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -45,6 +45,7 @@ set(Gmock_LIBRARIES ${Gtest_LIBRARY_DIRS}/libgmock_main.a;${Gtest_LIBRARY_DIRS}/ message(STATUS "** Gmock_LIBRARIES: ${Gmock_LIBRARIES}") link_directories(${Boost_LIBRARY_DIRS}) +link_directories(${OPENSSL_LIBRARIES_DIR}) link_directories(${LIBEVENT_LIBRARY}) link_directories(${JSONCPP_LIBRARY}) @@ -67,10 +68,10 @@ function(compile files) if (MSVC) if (BUILD_ROCKETMQ_SHARED) target_link_libraries(${basename} rocketmq_shared ${deplibs} - ${Boost_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES} ${x`}) + ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES} ${x`}) else () target_link_libraries(${basename} rocketmq_static ${deplibs} - ${Boost_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES} ${Gtest_LIBRARIES}) + ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${LIBEVENT_LIBRARIES} ${JSONCPP_LIBRARIES} ${Gtest_LIBRARIES}) endif () else () target_link_libraries(${basename} rocketmq_shared ${deplibs}) From f18d8e227ca070e6904236fe0d688c0f69e24e21 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Sat, 14 Mar 2020 21:44:16 +0800 Subject: [PATCH 08/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Remove=20the=20OpenSSL=20option=20that=20controls=20wh?= =?UTF-8?q?ether=20or=20not=20it=20is=20required.=20=EF=BC=882=EF=BC=89Rem?= =?UTF-8?q?ove=20the=20ENABLE=5FOPENSSL=20macro.=20OpenSSL=20is=20supporte?= =?UTF-8?q?d=20by=20default.=20=EF=BC=883=EF=BC=89Add=20API=20to=20control?= =?UTF-8?q?=20whether=20OpenSSL=20support=20is=20enabled.=20=EF=BC=884?= =?UTF-8?q?=EF=BC=89Add=20the=20ReadProperties=20utility=20function.=20?= =?UTF-8?q?=EF=BC=885=EF=BC=89Add=20certificate=20related=20configuration?= =?UTF-8?q?=20in=20the=20properties=20configuration=20file.=20=EF=BC=886?= =?UTF-8?q?=EF=BC=89Add=20friendly=20output=20prompts.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CMakeLists.txt | 6 - build.sh | 14 -- include/DefaultMQProducer.h | 6 + include/DefaultMQPullConsumer.h | 6 + include/DefaultMQPushConsumer.h | 6 + src/MQClientAPIImpl.cpp | 8 +- src/MQClientAPIImpl.h | 5 +- src/MQClientFactory.cpp | 7 +- src/MQClientFactory.h | 8 +- src/MQClientManager.cpp | 7 +- src/MQClientManager.h | 4 +- src/common/DefaultMQClient.cpp | 21 ++- src/common/UtilAll.cpp | 30 ++++ src/common/UtilAll.h | 22 ++- src/consumer/DefaultMQPullConsumer.cpp | 16 +++ src/consumer/DefaultMQPushConsumer.cpp | 16 +++ src/include/DefaultMQClient.h | 9 ++ src/producer/DefaultMQProducer.cpp | 16 +++ src/transport/EventLoop.cpp | 135 +++++++++--------- src/transport/EventLoop.h | 16 +-- src/transport/TcpRemotingClient.cpp | 11 +- src/transport/TcpRemotingClient.h | 7 +- src/transport/TcpTransport.cpp | 8 +- src/transport/TcpTransport.h | 8 +- test/src/MQClientAPIImpTest.cpp | 4 +- test/src/MQClientFactoryTest.cpp | 4 +- test/src/MQClientManagerTest.cpp | 4 +- .../producer/DefaultMQProducerImplTest.cpp | 4 +- .../transport/ClientRemotingProcessorTest.cpp | 2 +- 29 files changed, 274 insertions(+), 136 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 7856aba2d..0e9b34cdb 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -199,12 +199,6 @@ ELSE () message(STATUS "** ENABLE_ASAN: ${ENABLE_ASAN} Enable asan reporting") endif () - option(ENABLE_OPENSSL "Enable openssl" OFF) - if (ENABLE_OPENSSL) - add_definitions(-DENABLE_OPENSSL) - message(STATUS "** ENABLE_OPENSSL: ${ENABLE_OPENSSL} Enable openssl") - endif () - option(ENABLE_LSAN "Enable lsan reporting" OFF) if (ENABLE_LSAN) set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=leak -fno-omit-frame-pointer -static-liblsan") diff --git a/build.sh b/build.sh index 5d3fad1f4..828b0d932 100755 --- a/build.sh +++ b/build.sh @@ -52,7 +52,6 @@ declare need_build_openssl=1 declare need_build_libevent=1 declare need_build_jsoncpp=1 declare need_build_boost=1 -declare enable_openssl=0 declare enable_asan=0 declare enable_lsan=0 declare verbose=1 @@ -75,9 +74,6 @@ pasres_arguments() { noBoost) need_build_boost=0 ;; - openssl) - enable_openssl=1 - ;; asan) enable_asan=1 ;; @@ -124,11 +120,6 @@ PrintParams() { else echo "need build boost lib" fi - if [ $enable_openssl -eq 1 ]; then - echo "enable openssl" - else - echo "disable openssl" - fi if [ $enable_asan -eq 1 ]; then echo "enable asan reporting" else @@ -403,11 +394,6 @@ BuildRocketMQClient() { else ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DRUN_UNIT_TEST=OFF -DCODE_COVERAGE=OFF" fi - if [ $enable_openssl -eq 1 ]; then - ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_OPENSSL=ON" - else - ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_OPENSSL=OFF" - fi if [ $enable_asan -eq 1 ]; then ROCKETMQ_CMAKE_FLAG=$ROCKETMQ_CMAKE_FLAG" -DENABLE_ASAN=ON" else diff --git a/include/DefaultMQProducer.h b/include/DefaultMQProducer.h index 991d27de5..391b819e9 100644 --- a/include/DefaultMQProducer.h +++ b/include/DefaultMQProducer.h @@ -137,6 +137,12 @@ class ROCKETMQCLIENT_API DefaultMQProducer { void setUnitName(std::string unitName); const std::string& getUnitName() const; + void setEnableSsl(bool enableSsl); + bool getEnableSsl() const; + + void setSslPropertyFile(const std::string& sslPropertyFile); + const std::string& getSslPropertyFile() const; + private: DefaultMQProducerImpl* impl; }; diff --git a/include/DefaultMQPullConsumer.h b/include/DefaultMQPullConsumer.h index 6ed6c62e3..0883bca0b 100644 --- a/include/DefaultMQPullConsumer.h +++ b/include/DefaultMQPullConsumer.h @@ -63,6 +63,12 @@ class ROCKETMQCLIENT_API DefaultMQPullConsumer { const std::string& getGroupName() const; void setGroupName(const std::string& groupname); + void setEnableSsl(bool enableSsl); + bool getEnableSsl() const; + + void setSslPropertyFile(const std::string& sslPropertyFile); + const std::string& getSslPropertyFile() const; + /** * Log configuration interface, default LOG_LEVEL is LOG_LEVEL_INFO, default * log file num is 3, each log size is 100M diff --git a/include/DefaultMQPushConsumer.h b/include/DefaultMQPushConsumer.h index 5b10b3df0..a92e93ddc 100644 --- a/include/DefaultMQPushConsumer.h +++ b/include/DefaultMQPushConsumer.h @@ -69,6 +69,12 @@ class ROCKETMQCLIENT_API DefaultMQPushConsumer { const std::string& getGroupName() const; void setGroupName(const std::string& groupname); + void setEnableSsl(bool enableSsl); + bool getEnableSsl() const; + + void setSslPropertyFile(const std::string& sslPropertyFile); + const std::string& getSslPropertyFile() const; + /** * Log configuration interface, default LOG_LEVEL is LOG_LEVEL_INFO, default * log file num is 3, each log size is 100M diff --git a/src/MQClientAPIImpl.cpp b/src/MQClientAPIImpl.cpp index 7d16d6735..f2f4806f4 100644 --- a/src/MQClientAPIImpl.cpp +++ b/src/MQClientAPIImpl.cpp @@ -27,15 +27,17 @@ namespace rocketmq { //registerProcessor(CHECK_TRANSACTION_STATE, clientRemotingProcessor); m_pRemotingClient->registerProcessor(RESET_CONSUMER_CLIENT_OFFSET, clientRemotingProcessor); m_pRemotingClient->registerProcessor(GET_CONSUMER_STATUS_FROM_CLIENT, clientRemotingProcessor); diff --git a/src/MQClientAPIImpl.h b/src/MQClientAPIImpl.h index 0e47df0e7..5e5a7ca92 100644 --- a/src/MQClientAPIImpl.h +++ b/src/MQClientAPIImpl.h @@ -42,13 +42,14 @@ namespace rocketmq { //second; } else { MQClientFactory* factory = - new MQClientFactory(clientId, pullThreadNum, tcpConnectTimeout, tcpTransportTryLockTimeout, unitName); + new MQClientFactory(clientId, pullThreadNum, tcpConnectTimeout, + tcpTransportTryLockTimeout, unitName, enableSsl, sslPropertyFile); m_factoryTable[clientId] = factory; return factory; } diff --git a/src/MQClientManager.h b/src/MQClientManager.h index d846f96c2..d0ddd4929 100644 --- a/src/MQClientManager.h +++ b/src/MQClientManager.h @@ -31,7 +31,9 @@ class MQClientManager { int pullThreadNum, uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, - string unitName); + string unitName, + bool enableSsl, + const std::string& sslPropertyFile); void removeClientFactory(const string& clientId); static MQClientManager* getInstance(); diff --git a/src/common/DefaultMQClient.cpp b/src/common/DefaultMQClient.cpp index 269ce6185..c7974bcdc 100644 --- a/src/common/DefaultMQClient.cpp +++ b/src/common/DefaultMQClient.cpp @@ -146,7 +146,7 @@ vector DefaultMQClient::getTopicMessageQueueInfo(const string& t void DefaultMQClient::start() { if (getFactory() == NULL) { m_clientFactory = MQClientManager::getInstance()->getMQClientFactory( - getMQClientId(), m_pullThreadNum, m_tcpConnectTimeout, m_tcpTransportTryLockTimeout, m_unitName); + getMQClientId(), m_pullThreadNum, m_tcpConnectTimeout, m_tcpTransportTryLockTimeout, m_unitName, m_enableSsl, m_sslPropertyFile); } LOG_INFO( "MQClient " @@ -227,6 +227,23 @@ void DefaultMQClient::setSessionCredentials(const string& input_accessKey, const SessionCredentials& DefaultMQClient::getSessionCredentials() const { return m_SessionCredentials; } + +void DefaultMQClient::setEnableSsl(bool enableSsl) { + m_enableSsl = enableSsl; +} + +bool DefaultMQClient::getEnableSsl() const { + return m_enableSsl; +} + +void DefaultMQClient::setSslPropertyFile(const std::string& sslPropertyFile) { + m_sslPropertyFile = sslPropertyFile; +} + +const std::string& DefaultMQClient::getSslPropertyFile() const { + return m_sslPropertyFile; +} + void DefaultMQClient::showClientConfigs() { // LOG_WARN("*****************************************************************************"); LOG_WARN("ClientID:%s", getMQClientId().c_str()); @@ -239,6 +256,8 @@ void DefaultMQClient::showClientConfigs() { LOG_WARN("PullThreadNum:%d", m_pullThreadNum); LOG_WARN("TcpConnectTimeout:%lld ms", m_tcpConnectTimeout); LOG_WARN("TcpTransportTryLockTimeout:%lld s", m_tcpTransportTryLockTimeout); + LOG_WARN("EnableSsl:%s", m_enableSsl ? "true" : "false"); + LOG_WARN("SslPropertyFile:%s", m_sslPropertyFile.c_str()); // LOG_WARN("*****************************************************************************"); } // UtilAll::ReadProperties(const std::string& path) { + std::map property_map; + std::ifstream property_file; + property_file.open(path); + std::string line_buffer; + + if (property_file.is_open()) { + while (!property_file.eof()) { + std::getline(property_file, line_buffer); + std::size_t pos { 0 }; + pos = line_buffer.find('#'); + if (pos != string::npos) { + line_buffer = std::move(line_buffer.substr(0, pos)); + } + if (line_buffer.empty()) { + continue; + } + pos = line_buffer.find('='); + if (pos != string::npos) { + std::string key = std::move(boost::trim_copy(line_buffer.substr(0, pos))); + std::string value = std::move(boost::trim_copy(line_buffer.substr(pos + 1))); + property_map[key] = value; + } + } + } + + return std::move(property_map); +} + } // namespace rocketmq diff --git a/src/common/UtilAll.h b/src/common/UtilAll.h index 6d021f876..aa9d63b87 100644 --- a/src/common/UtilAll.h +++ b/src/common/UtilAll.h @@ -34,17 +34,20 @@ #include #include #include +#include #include #include #include #include +#include +#include #include "RocketMQClient.h" using namespace std; namespace rocketmq { // inline void deleteAndZero(Type& pointer) { @@ -134,6 +140,8 @@ class UtilAll { // Returns false on failure.. static bool ReplaceFile(const std::string& from_path, const std::string& to_path); + static std::map ReadProperties(const std::string& path); + private: static std::string s_localHostName; static std::string s_localIpAddress; diff --git a/src/consumer/DefaultMQPullConsumer.cpp b/src/consumer/DefaultMQPullConsumer.cpp index 363c5cc6d..a5ccfc49a 100644 --- a/src/consumer/DefaultMQPullConsumer.cpp +++ b/src/consumer/DefaultMQPullConsumer.cpp @@ -91,6 +91,22 @@ void DefaultMQPullConsumer::setGroupName(const std::string& groupName) { impl->setGroupName(groupName); } +void DefaultMQPullConsumer::setEnableSsl(bool enableSsl) { + impl->setEnableSsl(enableSsl); +} + +bool DefaultMQPullConsumer::getEnableSsl() const { + return impl->getEnableSsl(); +} + +void DefaultMQPullConsumer::setSslPropertyFile(const std::string& sslPropertyFile) { + impl->setSslPropertyFile(sslPropertyFile); +} + +const std::string& DefaultMQPullConsumer::getSslPropertyFile() const { + return impl->getSslPropertyFile(); +} + void DefaultMQPullConsumer::setLogLevel(elogLevel inputLevel) { impl->setLogLevel(inputLevel); } diff --git a/src/consumer/DefaultMQPushConsumer.cpp b/src/consumer/DefaultMQPushConsumer.cpp index 5034051b5..c37f0255e 100644 --- a/src/consumer/DefaultMQPushConsumer.cpp +++ b/src/consumer/DefaultMQPushConsumer.cpp @@ -163,6 +163,22 @@ void DefaultMQPushConsumer::setGroupName(const std::string& groupName) { impl->setGroupName(groupName); } +void DefaultMQPushConsumer::setEnableSsl(bool enableSsl) { + impl->setEnableSsl(enableSsl); +} + +bool DefaultMQPushConsumer::getEnableSsl() const { + return impl->getEnableSsl(); +} + +void DefaultMQPushConsumer::setSslPropertyFile(const std::string& sslPropertyFile) { + impl->setSslPropertyFile(sslPropertyFile); +} + +const std::string& DefaultMQPushConsumer::getSslPropertyFile() const { + return impl->getSslPropertyFile(); +} + void DefaultMQPushConsumer::setLogLevel(elogLevel inputLevel) { impl->setLogLevel(inputLevel); } diff --git a/src/include/DefaultMQClient.h b/src/include/DefaultMQClient.h index a2e5ce56f..61e8dd781 100644 --- a/src/include/DefaultMQClient.h +++ b/src/include/DefaultMQClient.h @@ -23,6 +23,7 @@ #include #include #include +#include "UtilAll.h" #include "MQClient.h" #include "MQMessageExt.h" #include "MQMessageQueue.h" @@ -170,6 +171,12 @@ class DefaultMQClient { virtual void setFactory(MQClientFactory*); + void setEnableSsl(bool enableSsl); + bool getEnableSsl() const; + + void setSslPropertyFile(const std::string& sslPropertyFile); + const std::string& getSslPropertyFile() const; + protected: virtual void start(); virtual void shutdown(); @@ -183,6 +190,8 @@ class DefaultMQClient { std::string m_instanceName; std::string m_nameSpace; std::string m_GroupName; + std::string m_sslPropertyFile { DEFAULT_SSL_PROPERTY_FILE }; + bool m_enableSsl { true }; MQClientFactory* m_clientFactory; int m_serviceState; int m_pullThreadNum; diff --git a/src/producer/DefaultMQProducer.cpp b/src/producer/DefaultMQProducer.cpp index 197729956..e665229b0 100644 --- a/src/producer/DefaultMQProducer.cpp +++ b/src/producer/DefaultMQProducer.cpp @@ -233,4 +233,20 @@ void DefaultMQProducer::sendOneway(MQMessage& msg, MessageQueueSelector* selecto impl->sendOneway(msg, selector, arg); } +void DefaultMQProducer::setEnableSsl(bool enableSsl) { + impl->setEnableSsl(enableSsl); +} + +bool DefaultMQProducer::getEnableSsl() const { + return impl->getEnableSsl(); +} + +void DefaultMQProducer::setSslPropertyFile(const std::string& sslPropertyFile) { + impl->setSslPropertyFile(sslPropertyFile); +} + +const std::string& DefaultMQProducer::getSslPropertyFile() const { + return impl->getSslPropertyFile(); +} + } // namespace rocketmq \ No newline at end of file diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index f783aab73..fe11387fa 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -25,7 +25,6 @@ #include #include "Logging.h" -#include "UtilAll.h" namespace rocketmq { @@ -56,13 +55,6 @@ EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { evthread_make_base_notifiable(m_eventBase); -#ifdef ENABLE_OPENSSL - if (!CreateSslContext()) { - LOG_ERROR("Failed to create ssl context!"); - return; - } -#endif - if (run_immediately) { start(); } @@ -93,7 +85,7 @@ void EventLoop::start() { void EventLoop::stop() { if (m_loopThread != nullptr /*&& m_loopThread.joinable()*/) { - _is_running = false; + m_isRuning = false; m_loopThread->join(); delete m_loopThread; @@ -102,9 +94,9 @@ void EventLoop::stop() { } void EventLoop::runLoop() { - _is_running = true; + m_isRuning = true; - while (_is_running) { + while (m_isRuning) { int ret; ret = event_base_dispatch(m_eventBase); @@ -117,73 +109,83 @@ void EventLoop::runLoop() { } } -#ifdef ENABLE_OPENSSL -bool EventLoop::CreateSslContext() { +bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { ERR_load_crypto_strings(); SSL_load_error_strings(); SSL_library_init(); OpenSSL_add_all_algorithms(); - m_ssl_ctx.reset(SSL_CTX_new(SSLv23_client_method())); - if (m_ssl_ctx.get() == nullptr) { + m_sslCtx.reset(SSL_CTX_new(SSLv23_client_method())); + if (!m_sslCtx) { LOG_ERROR("Failed to create ssl context!"); return false; } - const char* CA_CERT_FILE_DEFAULT = "/etc/rocketmq/ca.pem"; - const char* CLIENT_CERT_FILE_DEFAULT = "/etc/rocketmq/client.pem"; - const char* CLIENT_KEY_FILE_DEFAULT = "/etc/rocketmq/client.key"; - - const char* CA_CERT_FILE = std::getenv("CA_CERT_FILE"); - const char* CLIENT_CERT_FILE = std::getenv("CLIENT_CERT_FILE"); - const char* CLIENT_KEY_FILE = std::getenv("CLIENT_KEY_FILE"); - const char* PASS_PHRASE = std::getenv("PASS_PHRASE"); - - if (!CA_CERT_FILE) { CA_CERT_FILE = CA_CERT_FILE_DEFAULT; } - if (!CLIENT_CERT_FILE) { CLIENT_CERT_FILE = CLIENT_CERT_FILE_DEFAULT; } - if (!CLIENT_KEY_FILE) { CLIENT_KEY_FILE = CLIENT_KEY_FILE_DEFAULT; } + std::string client_key_file = DEFAULT_CLIENT_KEY_FILE; + std::string client_key_passwd = DEFAULT_CLIENT_KEY_PASSWD; + std::string client_cert_file = DEFAULT_CLIENT_CERT_FILE; + std::string ca_cert_file = DEFAULT_CA_CERT_FILE; + auto properties = UtilAll::ReadProperties(ssl_property_file); + if (!properties.empty()) { + if (properties.find("tls.client.keyPath") != properties.end()) { + client_key_file = properties["tls.client.keyPath"]; + } + if (properties.find("tls.client.keyPassword") != properties.end()) { + client_key_passwd = properties["tls.client.keyPassword"]; + } + if (properties.find("tls.client.certPath") != properties.end()) { + client_cert_file = properties["tls.client.certPath"]; + } + if (properties.find("tls.client.trustCertPath") != properties.end()) { + ca_cert_file = properties["tls.client.trustCertPath"]; + } + } else { + LOG_WARN("The tls properties file is not specified or empty. " + "Set it by modifying the api of setTlsPropertyFile and fill the configuration content."); + } - SSL_CTX_set_verify(m_ssl_ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); - SSL_CTX_set_mode(m_ssl_ctx.get(), SSL_MODE_AUTO_RETRY); + SSL_CTX_set_verify(m_sslCtx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + SSL_CTX_set_mode(m_sslCtx.get(), SSL_MODE_AUTO_RETRY); - if (!PASS_PHRASE) { - LOG_WARN("The pass phrase is not specified. Set it by modifying the environment variable 'PASS_PHRASE'.", CA_CERT_FILE); + if (client_key_passwd.empty()) { + LOG_WARN("The pass phrase is not specified. " + "Set it by adding the 'tls.client.keyPassword' property in configuration file."); } else { - SSL_CTX_set_default_passwd_cb_userdata(m_ssl_ctx.get(), (void*)PASS_PHRASE); + SSL_CTX_set_default_passwd_cb_userdata(m_sslCtx.get(), (void*)client_key_passwd.c_str()); } bool check_flag { true }; - if (!boost::filesystem::exists(CA_CERT_FILE)) { + if (!boost::filesystem::exists(ca_cert_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " - "or modify the environment variable 'CA_CERT_FILE' to point to its location.", CA_CERT_FILE); - } else if (SSL_CTX_load_verify_locations(m_ssl_ctx.get(), CA_CERT_FILE, NULL) <= 0) { + LOG_WARN("'%s' does not exist. Please make sure the 'ls.client.trustCertPath' property " + "in the configuration file is configured correctly.", ca_cert_file.c_str()); + } else if (SSL_CTX_load_verify_locations(m_sslCtx.get(), ca_cert_file.c_str(), NULL) <= 0) { LOG_ERROR("SSL_CTX_load_verify_locations error!"); ERR_print_errors_fp(stderr); return false; } - if (!boost::filesystem::exists(CLIENT_CERT_FILE)) { + if (!boost::filesystem::exists(client_cert_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " - "or modify the environment variable 'CLIENT_CERT_FILE' to point to its location.", CLIENT_CERT_FILE); - } else if (SSL_CTX_use_certificate_file(m_ssl_ctx.get(), CLIENT_CERT_FILE, SSL_FILETYPE_PEM) <= 0) { + LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.certPath' property " + "in the configuration file is configured correctly.", client_cert_file.c_str()); + } else if (SSL_CTX_use_certificate_file(m_sslCtx.get(), client_cert_file.c_str(), SSL_FILETYPE_PEM) <= 0) { LOG_ERROR("SSL_CTX_use_certificate_file error!"); ERR_print_errors_fp(stderr); return false; } - if (!boost::filesystem::exists(CLIENT_KEY_FILE)) { + if (!boost::filesystem::exists(client_key_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please apply for a certificate from the relevant authority " - "or modify the environment variable 'CLIENT_KEY_FILE' to point to its location.", CLIENT_KEY_FILE); - } else if (SSL_CTX_use_PrivateKey_file(m_ssl_ctx.get(), CLIENT_KEY_FILE, SSL_FILETYPE_PEM) <= 0) { + LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.keyPath' property " + "in the configuration file is configured correctly.", client_key_file.c_str()); + } else if (SSL_CTX_use_PrivateKey_file(m_sslCtx.get(), client_key_file.c_str(), SSL_FILETYPE_PEM) <= 0) { LOG_ERROR("SSL_CTX_use_PrivateKey_file error!"); ERR_print_errors_fp(stderr); return false; } - if(check_flag && SSL_CTX_check_private_key(m_ssl_ctx.get()) <= 0) + if(check_flag && SSL_CTX_check_private_key(m_sslCtx.get()) <= 0) { LOG_ERROR("SSL_CTX_check_private_key error!"); ERR_print_errors_fp(stderr); @@ -192,31 +194,36 @@ bool EventLoop::CreateSslContext() { return true; } -#endif #define OPT_UNLOCK_CALLBACKS (BEV_OPT_DEFER_CALLBACKS | BEV_OPT_UNLOCK_CALLBACKS) -BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options) { +BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options, bool enable_ssl, const std::string& ssl_property_file) { + struct bufferevent* event { nullptr }; -#ifdef ENABLE_OPENSSL - SSL* ssl = SSL_new(m_ssl_ctx.get()); - if (ssl == nullptr) { - LOG_ERROR("Failed to create ssl handle!"); - return nullptr; - } + if (enable_ssl) { + if (!m_sslCtx && !CreateSslContext(ssl_property_file)) { + LOG_ERROR("Failed to create ssl context!"); + return nullptr; + } - // create ssl bufferevent - struct bufferevent* event = bufferevent_openssl_socket_new(m_eventBase, fd, ssl, - BUFFEREVENT_SSL_CONNECTING, options); + SSL* ssl = SSL_new(m_sslCtx.get()); + if (ssl == nullptr) { + LOG_ERROR("Failed to create ssl handle!"); + return nullptr; + } + + // create ssl bufferevent + event = bufferevent_openssl_socket_new(m_eventBase, fd, ssl, + BUFFEREVENT_SSL_CONNECTING, options); - /* create filter ssl bufferevent - struct bufferevent *bev = bufferevent_socket_new(m_eventBase, fd, options); - struct bufferevent* event = bufferevent_openssl_filter_new(m_eventBase, bev, ssl, - BUFFEREVENT_SSL_CONNECTING, options); - */ -#else - struct bufferevent* event = bufferevent_socket_new(m_eventBase, fd, options); -#endif + /* create filter ssl bufferevent + struct bufferevent *bev = bufferevent_socket_new(m_eventBase, fd, options); + event = bufferevent_openssl_filter_new(m_eventBase, bev, ssl, + BUFFEREVENT_SSL_CONNECTING, options); + */ + } else { + event = bufferevent_socket_new(m_eventBase, fd, options); + } if (event == nullptr) { LOG_ERROR("Failed to create bufferevent!"); diff --git a/src/transport/EventLoop.h b/src/transport/EventLoop.h index 3d3b01fe6..d53a04f86 100644 --- a/src/transport/EventLoop.h +++ b/src/transport/EventLoop.h @@ -20,17 +20,15 @@ #include #include -#ifdef ENABLE_OPENSSL #include #include #include -#endif - #include #include #include #include "noncopyable.h" +#include "UtilAll.h" using socket_t = evutil_socket_t; @@ -49,22 +47,18 @@ class EventLoop : public noncopyable { void start(); void stop(); - BufferEvent* createBufferEvent(socket_t fd, int options); + BufferEvent* createBufferEvent(socket_t fd, int options, bool enable_ssl, const std::string& ssl_property_file); private: void runLoop(); -#ifdef ENABLE_OPENSSL - bool CreateSslContext(); -#endif + bool CreateSslContext(const std::string& ssl_property_file); private: struct event_base* m_eventBase { nullptr }; std::thread* m_loopThread { nullptr }; -#ifdef ENABLE_OPENSSL using SSL_CTX_ptr = std::unique_ptr; - SSL_CTX_ptr m_ssl_ctx { nullptr, ::SSL_CTX_free }; -#endif - bool _is_running { false }; // aotmic is unnecessary + SSL_CTX_ptr m_sslCtx { nullptr, ::SSL_CTX_free }; + bool m_isRuning { false }; // aotmic is unnecessary }; class TcpTransport; diff --git a/src/transport/TcpRemotingClient.cpp b/src/transport/TcpRemotingClient.cpp index 294c319d9..583d9d943 100644 --- a/src/transport/TcpRemotingClient.cpp +++ b/src/transport/TcpRemotingClient.cpp @@ -28,13 +28,16 @@ namespace rocketmq { // TcpRemotingClient::CreateTransport(const string& a //connect(addr, 0); // use non-block if (connectStatus != TCP_CONNECT_STATUS_WAIT) { LOG_WARN("can not connect to:%s", addr.c_str()); diff --git a/src/transport/TcpRemotingClient.h b/src/transport/TcpRemotingClient.h index 856026ac2..3011a562d 100644 --- a/src/transport/TcpRemotingClient.h +++ b/src/transport/TcpRemotingClient.h @@ -36,8 +36,8 @@ namespace rocketmq { class TcpRemotingClient { public: - TcpRemotingClient(); - TcpRemotingClient(int pullThreadNum, uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout); + TcpRemotingClient(bool enableSsl, const string& sslPropertyFile); + TcpRemotingClient(int pullThreadNum, uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, bool enableSsl, const string& sslPropertyFile); virtual ~TcpRemotingClient(); virtual void stopAllTcpTransportThread(); @@ -109,6 +109,9 @@ class TcpRemotingClient { uint64_t m_tcpConnectTimeout; // ms uint64_t m_tcpTransportTryLockTimeout; // s + bool m_enableSsl; + std::string m_sslPropertyFile; + // m_namesrvAddrList; diff --git a/src/transport/TcpTransport.cpp b/src/transport/TcpTransport.cpp index 641c51655..8f9e12e6c 100644 --- a/src/transport/TcpTransport.cpp +++ b/src/transport/TcpTransport.cpp @@ -31,13 +31,15 @@ namespace rocketmq { //createBufferEvent(-1, BEV_OPT_CLOSE_ON_FREE | BEV_OPT_THREADSAFE)); + m_event.reset(EventLoop::GetDefaultEventLoop()->createBufferEvent(-1, BEV_OPT_CLOSE_ON_FREE | BEV_OPT_THREADSAFE, m_enableSsl, m_sslPropertyFile)); m_event->setCallback(readNextMessageIntCallback, nullptr, eventCallback, shared_from_this()); m_event->setWatermark(EV_READ, 4, 0); m_event->enable(EV_READ | EV_WRITE); diff --git a/src/transport/TcpTransport.h b/src/transport/TcpTransport.h index bff23ddfc..d657d0ddb 100755 --- a/src/transport/TcpTransport.h +++ b/src/transport/TcpTransport.h @@ -41,9 +41,10 @@ class TcpRemotingClient; class TcpTransport : public std::enable_shared_from_this { public: static std::shared_ptr CreateTransport(TcpRemotingClient* pTcpRemotingClient, + bool enableSsl, const std::string& sslPropertyFile, TcpTransportReadCallback handle = nullptr) { // transport must be managed by smart pointer - std::shared_ptr transport(new TcpTransport(pTcpRemotingClient, handle)); + std::shared_ptr transport(new TcpTransport(pTcpRemotingClient, enableSsl, sslPropertyFile, handle)); return transport; } @@ -59,7 +60,7 @@ class TcpTransport : public std::enable_shared_from_this { const uint64_t getStartTime() const; private: - TcpTransport(TcpRemotingClient* pTcpRemotingClient, TcpTransportReadCallback handle = nullptr); + TcpTransport(TcpRemotingClient* pTcpRemotingClient, bool enableSsl, const std::string& sslPropertyFile, TcpTransportReadCallback handle = nullptr); static void readNextMessageIntCallback(BufferEvent* event, TcpTransport* transport); static void eventCallback(BufferEvent* event, short what, TcpTransport* transport); @@ -85,6 +86,9 @@ class TcpTransport : public std::enable_shared_from_this { //, int64, int, int)); @@ -48,7 +48,7 @@ class MockMQClientAPIImpl : public MQClientAPIImpl { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName) - : MQClientAPIImpl(mqClientId) {} + : MQClientAPIImpl(mqClientId, true, DEFAULT_SSL_PROPERTY_FILE) {} void reInitRemoteClient(TcpRemotingClient* client) { m_pRemotingClient.reset(client); } }; diff --git a/test/src/MQClientFactoryTest.cpp b/test/src/MQClientFactoryTest.cpp index eb78cf757..cab4f32e7 100644 --- a/test/src/MQClientFactoryTest.cpp +++ b/test/src/MQClientFactoryTest.cpp @@ -50,7 +50,7 @@ class MockMQClientAPIImpl : public MQClientAPIImpl { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName) - : MQClientAPIImpl(mqClientId) {} + : MQClientAPIImpl(mqClientId, true, DEFAULT_SSL_PROPERTY_FILE) {} MOCK_METHOD5(getMinOffset, int64(const string&, const string&, int, int, const SessionCredentials&)); MOCK_METHOD3(getTopicRouteInfoFromNameServer, TopicRouteData*(const string&, int, const SessionCredentials&)); @@ -62,7 +62,7 @@ class MockMQClientFactory : public MQClientFactory { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName) - : MQClientFactory(mqClientId) {} + : MQClientFactory(mqClientId, true, DEFAULT_SSL_PROPERTY_FILE) {} void reInitClientImpl(MQClientAPIImpl* pImpl) { m_pClientAPIImpl.reset(pImpl); } void addTestConsumer(const string& consumerName, MQConsumer* pMQConsumer) { addConsumerToTable(consumerName, pMQConsumer); diff --git a/test/src/MQClientManagerTest.cpp b/test/src/MQClientManagerTest.cpp index 830be4684..842f10864 100644 --- a/test/src/MQClientManagerTest.cpp +++ b/test/src/MQClientManagerTest.cpp @@ -33,8 +33,8 @@ using testing::Return; TEST(MQClientManagerTest, getClientFactory) { string clientId = "testClientId"; string unitName = "central"; - MQClientFactory* factory = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName); - MQClientFactory* factory2 = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName); + MQClientFactory* factory = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, true, DEFAULT_SSL_PROPERTY_FILE); + MQClientFactory* factory2 = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, true, DEFAULT_SSL_PROPERTY_FILE); EXPECT_EQ(factory, factory2); MQClientManager::getInstance()->removeClientFactory(clientId); diff --git a/test/src/producer/DefaultMQProducerImplTest.cpp b/test/src/producer/DefaultMQProducerImplTest.cpp index b9a042beb..487b7fa5b 100644 --- a/test/src/producer/DefaultMQProducerImplTest.cpp +++ b/test/src/producer/DefaultMQProducerImplTest.cpp @@ -48,7 +48,7 @@ class MyMessageQueueSelector : public MessageQueueSelector { }; class MockMQClientFactory : public MQClientFactory { public: - MockMQClientFactory(const string& mqClientId) : MQClientFactory(mqClientId) {} + MockMQClientFactory(const string& mqClientId) : MQClientFactory(mqClientId, true, DEFAULT_SSL_PROPERTY_FILE) {} MOCK_METHOD0(start, void()); MOCK_METHOD0(shutdown, void()); MOCK_METHOD0(sendHeartbeatToAllBroker, void()); @@ -61,7 +61,7 @@ class MockMQClientFactory : public MQClientFactory { }; class MockMQClientAPIImpl : public MQClientAPIImpl { public: - MockMQClientAPIImpl() : MQClientAPIImpl("testMockMQClientAPIImpl") {} + MockMQClientAPIImpl() : MQClientAPIImpl("testMockMQClientAPIImpl", true, DEFAULT_SSL_PROPERTY_FILE) {} MOCK_METHOD9(sendMessage, SendResult(const string&, diff --git a/test/src/transport/ClientRemotingProcessorTest.cpp b/test/src/transport/ClientRemotingProcessorTest.cpp index 3664d893f..f90a1ce97 100644 --- a/test/src/transport/ClientRemotingProcessorTest.cpp +++ b/test/src/transport/ClientRemotingProcessorTest.cpp @@ -80,7 +80,7 @@ class MockMQClientFactory : public MQClientFactory { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName) - : MQClientFactory(clientID, pullThreadNum, tcpConnectTimeout, tcpTransportTryLockTimeout, unitName) {} + : MQClientFactory(clientID, pullThreadNum, tcpConnectTimeout, tcpTransportTryLockTimeout, unitName, true, rocketmq::DEFAULT_SSL_PROPERTY_FILE) {} MOCK_METHOD3(resetOffset, void(const string& group, const string& topic, const map& offsetTable)); From 8169d7c8fce2446d98429bb299162890481c49db Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 17 Mar 2020 11:46:40 +0800 Subject: [PATCH 09/16] =?UTF-8?q?By=20mistake,=20I=20wrote=20a=20letter=20?= =?UTF-8?q?=E2=80=98t=E2=80=99=20short.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/transport/EventLoop.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index fe11387fa..929ef74a6 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -157,7 +157,7 @@ bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { bool check_flag { true }; if (!boost::filesystem::exists(ca_cert_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please make sure the 'ls.client.trustCertPath' property " + LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.trustCertPath' property " "in the configuration file is configured correctly.", ca_cert_file.c_str()); } else if (SSL_CTX_load_verify_locations(m_sslCtx.get(), ca_cert_file.c_str(), NULL) <= 0) { LOG_ERROR("SSL_CTX_load_verify_locations error!"); From 7c3df09f6d0f368779aadd661174d835d67fb24a Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 17 Mar 2020 16:23:02 +0800 Subject: [PATCH 10/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Format=20the=20code=20with=20the=20'format.sh'=20scrip?= =?UTF-8?q?t.=20=EF=BC=882=EF=BC=89SSL=20is=20turned=20off=20by=20default.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- example/common.h | 2 +- src/MQClientAPIImpl.cpp | 6 ++- src/MQClientAPIImpl.h | 3 +- src/MQClientFactory.cpp | 9 ++-- src/MQClientFactory.h | 4 +- src/MQClientManager.cpp | 5 +- src/common/DefaultMQClient.cpp | 3 +- src/common/UtilAll.cpp | 2 +- src/common/UtilAll.h | 8 +-- src/include/DefaultMQClient.h | 6 +-- src/transport/ClientRemotingProcessor.cpp | 30 ++++++------ src/transport/ClientRemotingProcessor.h | 32 ++++++------ src/transport/EventLoop.cpp | 49 +++++++++++-------- src/transport/EventLoop.h | 18 +++---- src/transport/SocketUtil.cpp | 2 +- src/transport/SocketUtil.h | 9 ++-- src/transport/TcpRemotingClient.cpp | 12 +++-- src/transport/TcpRemotingClient.h | 6 ++- src/transport/TcpTransport.cpp | 8 ++- src/transport/TcpTransport.h | 8 ++- test/src/MQClientManagerTest.cpp | 6 ++- .../transport/ClientRemotingProcessorTest.cpp | 8 ++- 22 files changed, 137 insertions(+), 99 deletions(-) mode change 100755 => 100644 src/transport/TcpTransport.h diff --git a/example/common.h b/example/common.h index 7dbd3d981..58d4b4e7b 100644 --- a/example/common.h +++ b/example/common.h @@ -17,9 +17,9 @@ #ifndef ROCKETMQ_CLIENT4CPP_EXAMPLE_COMMON_H_ #define ROCKETMQ_CLIENT4CPP_EXAMPLE_COMMON_H_ -#include #include #include +#include #include #include #include diff --git a/src/MQClientAPIImpl.cpp b/src/MQClientAPIImpl.cpp index f2f4806f4..07dfad094 100644 --- a/src/MQClientAPIImpl.cpp +++ b/src/MQClientAPIImpl.cpp @@ -27,7 +27,8 @@ namespace rocketmq { //registerProcessor(CHECK_TRANSACTION_STATE, clientRemotingProcessor); m_pRemotingClient->registerProcessor(RESET_CONSUMER_CLIENT_OFFSET, clientRemotingProcessor); m_pRemotingClient->registerProcessor(GET_CONSUMER_STATUS_FROM_CLIENT, clientRemotingProcessor); diff --git a/src/MQClientAPIImpl.h b/src/MQClientAPIImpl.h index 5e5a7ca92..b8bd8837b 100644 --- a/src/MQClientAPIImpl.h +++ b/src/MQClientAPIImpl.h @@ -49,7 +49,8 @@ class MQClientAPIImpl { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName, - bool enableSsl, const std::string& sslPropertyFile); + bool enableSsl, + const std::string& sslPropertyFile); virtual ~MQClientAPIImpl(); virtual void stopAllTcpTransportThread(); virtual bool writeDataToFile(string filename, string data, bool isSync); diff --git a/src/MQClientFactory.cpp b/src/MQClientFactory.cpp index 6ec5c1fb3..feb3c3ac3 100644 --- a/src/MQClientFactory.cpp +++ b/src/MQClientFactory.cpp @@ -30,7 +30,8 @@ namespace rocketmq { //second; } else { - MQClientFactory* factory = - new MQClientFactory(clientId, pullThreadNum, tcpConnectTimeout, - tcpTransportTryLockTimeout, unitName, enableSsl, sslPropertyFile); + MQClientFactory* factory = new MQClientFactory(clientId, pullThreadNum, tcpConnectTimeout, + tcpTransportTryLockTimeout, unitName, enableSsl, sslPropertyFile); m_factoryTable[clientId] = factory; return factory; } diff --git a/src/common/DefaultMQClient.cpp b/src/common/DefaultMQClient.cpp index ca83356b0..31b29db5f 100644 --- a/src/common/DefaultMQClient.cpp +++ b/src/common/DefaultMQClient.cpp @@ -147,7 +147,8 @@ vector DefaultMQClient::getTopicMessageQueueInfo(const string& t void DefaultMQClient::start() { if (getFactory() == NULL) { m_clientFactory = MQClientManager::getInstance()->getMQClientFactory( - getMQClientId(), m_pullThreadNum, m_tcpConnectTimeout, m_tcpTransportTryLockTimeout, m_unitName, m_enableSsl, m_sslPropertyFile); + getMQClientId(), m_pullThreadNum, m_tcpConnectTimeout, m_tcpTransportTryLockTimeout, m_unitName, m_enableSsl, + m_sslPropertyFile); } LOG_INFO( "MQClient " diff --git a/src/common/UtilAll.cpp b/src/common/UtilAll.cpp index 1375d95a9..d0d792650 100644 --- a/src/common/UtilAll.cpp +++ b/src/common/UtilAll.cpp @@ -363,7 +363,7 @@ std::map UtilAll::ReadProperties(const std::string& pa if (property_file.is_open()) { while (!property_file.eof()) { std::getline(property_file, line_buffer); - std::size_t pos { 0 }; + std::size_t pos{0}; pos = line_buffer.find('#'); if (pos != string::npos) { line_buffer = std::move(line_buffer.substr(0, pos)); diff --git a/src/common/UtilAll.h b/src/common/UtilAll.h index aa9d63b87..4f34419ce 100644 --- a/src/common/UtilAll.h +++ b/src/common/UtilAll.h @@ -28,19 +28,19 @@ #include #include #endif +#include #include #include #include #include #include #include -#include #include #include #include -#include #include #include +#include #include "RocketMQClient.h" using namespace std; @@ -72,8 +72,8 @@ const string WS_ADDR = const int POLL_NAMESERVER_INTEVAL = 1000 * 30; const int HEARTBEAT_BROKER_INTERVAL = 1000 * 30; const int PERSIST_CONSUMER_OFFSET_INTERVAL = 1000 * 5; -const int LINE_SEPARATOR = 1; // rocketmq::UtilAll::charToString((char) 1); -const int WORD_SEPARATOR = 2; // rocketmq::UtilAll::charToString((char) 2); +const int LINE_SEPARATOR = 1; // rocketmq::UtilAll::charToString((char) 1); +const int WORD_SEPARATOR = 2; // rocketmq::UtilAll::charToString((char) 2); const int HTTP_TIMEOUT = 3000; // 3S const int HTTP_CONFLICT = 409; const int HTTP_OK = 200; diff --git a/src/include/DefaultMQClient.h b/src/include/DefaultMQClient.h index 8a15e099e..92ce318d0 100644 --- a/src/include/DefaultMQClient.h +++ b/src/include/DefaultMQClient.h @@ -23,13 +23,13 @@ #include #include #include -#include "UtilAll.h" #include "MQClient.h" #include "MQMessageExt.h" #include "MQMessageQueue.h" #include "QueryResult.h" #include "RocketMQClient.h" #include "SessionCredentials.h" +#include "UtilAll.h" namespace rocketmq { class MQClientFactory; @@ -192,8 +192,8 @@ class DefaultMQClient { std::string m_instanceName; std::string m_nameSpace; std::string m_GroupName; - std::string m_sslPropertyFile { DEFAULT_SSL_PROPERTY_FILE }; - bool m_enableSsl { true }; + std::string m_sslPropertyFile{DEFAULT_SSL_PROPERTY_FILE}; + bool m_enableSsl{false}; MQClientFactory* m_clientFactory; int m_serviceState; int m_pullThreadNum; diff --git a/src/transport/ClientRemotingProcessor.cpp b/src/transport/ClientRemotingProcessor.cpp index 63736c5ba..2c67a0c44 100644 --- a/src/transport/ClientRemotingProcessor.cpp +++ b/src/transport/ClientRemotingProcessor.cpp @@ -1,19 +1,19 @@ /* -* Licensed to the Apache Software Foundation (ASF) under one or more -* contributor license agreements. See the NOTICE file distributed with -* this work for additional information regarding copyright ownership. -* The ASF licenses this file to You under the Apache License, Version 2.0 -* (the "License"); you may not use this file except in compliance with -* the License. You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ #include "ClientRemotingProcessor.h" #include "ClientRPCHook.h" #include "ConsumerRunningInfo.h" diff --git a/src/transport/ClientRemotingProcessor.h b/src/transport/ClientRemotingProcessor.h index c88b8bb4b..2b26f28e4 100644 --- a/src/transport/ClientRemotingProcessor.h +++ b/src/transport/ClientRemotingProcessor.h @@ -1,19 +1,19 @@ /* -* Licensed to the Apache Software Foundation (ASF) under one or more -* contributor license agreements. See the NOTICE file distributed with -* this work for additional information regarding copyright ownership. -* The ASF licenses this file to You under the Apache License, Version 2.0 -* (the "License"); you may not use this file except in compliance with -* the License. You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ #ifndef __CLIENTREMOTINGPROCESSOR_H__ #define __CLIENTREMOTINGPROCESSOR_H__ @@ -62,6 +62,6 @@ class CheckTransactionStateBody { private: std::map m_offsetTable; }; -} +} // namespace rocketmq #endif diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 929ef74a6..4f3b25692 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -140,25 +140,29 @@ bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { ca_cert_file = properties["tls.client.trustCertPath"]; } } else { - LOG_WARN("The tls properties file is not specified or empty. " - "Set it by modifying the api of setTlsPropertyFile and fill the configuration content."); + LOG_WARN( + "The tls properties file is not specified or empty. " + "Set it by modifying the api of setTlsPropertyFile and fill the configuration content."); } - SSL_CTX_set_verify(m_sslCtx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); + SSL_CTX_set_verify(m_sslCtx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL); SSL_CTX_set_mode(m_sslCtx.get(), SSL_MODE_AUTO_RETRY); if (client_key_passwd.empty()) { - LOG_WARN("The pass phrase is not specified. " - "Set it by adding the 'tls.client.keyPassword' property in configuration file."); + LOG_WARN( + "The pass phrase is not specified. " + "Set it by adding the 'tls.client.keyPassword' property in configuration file."); } else { SSL_CTX_set_default_passwd_cb_userdata(m_sslCtx.get(), (void*)client_key_passwd.c_str()); } - bool check_flag { true }; + bool check_flag{true}; if (!boost::filesystem::exists(ca_cert_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.trustCertPath' property " - "in the configuration file is configured correctly.", ca_cert_file.c_str()); + LOG_WARN( + "'%s' does not exist. Please make sure the 'tls.client.trustCertPath' property " + "in the configuration file is configured correctly.", + ca_cert_file.c_str()); } else if (SSL_CTX_load_verify_locations(m_sslCtx.get(), ca_cert_file.c_str(), NULL) <= 0) { LOG_ERROR("SSL_CTX_load_verify_locations error!"); ERR_print_errors_fp(stderr); @@ -167,8 +171,10 @@ bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { if (!boost::filesystem::exists(client_cert_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.certPath' property " - "in the configuration file is configured correctly.", client_cert_file.c_str()); + LOG_WARN( + "'%s' does not exist. Please make sure the 'tls.client.certPath' property " + "in the configuration file is configured correctly.", + client_cert_file.c_str()); } else if (SSL_CTX_use_certificate_file(m_sslCtx.get(), client_cert_file.c_str(), SSL_FILETYPE_PEM) <= 0) { LOG_ERROR("SSL_CTX_use_certificate_file error!"); ERR_print_errors_fp(stderr); @@ -177,16 +183,17 @@ bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { if (!boost::filesystem::exists(client_key_file.c_str())) { check_flag = false; - LOG_WARN("'%s' does not exist. Please make sure the 'tls.client.keyPath' property " - "in the configuration file is configured correctly.", client_key_file.c_str()); + LOG_WARN( + "'%s' does not exist. Please make sure the 'tls.client.keyPath' property " + "in the configuration file is configured correctly.", + client_key_file.c_str()); } else if (SSL_CTX_use_PrivateKey_file(m_sslCtx.get(), client_key_file.c_str(), SSL_FILETYPE_PEM) <= 0) { LOG_ERROR("SSL_CTX_use_PrivateKey_file error!"); ERR_print_errors_fp(stderr); return false; } - if(check_flag && SSL_CTX_check_private_key(m_sslCtx.get()) <= 0) - { + if (check_flag && SSL_CTX_check_private_key(m_sslCtx.get()) <= 0) { LOG_ERROR("SSL_CTX_check_private_key error!"); ERR_print_errors_fp(stderr); return false; @@ -197,8 +204,11 @@ bool EventLoop::CreateSslContext(const std::string& ssl_property_file) { #define OPT_UNLOCK_CALLBACKS (BEV_OPT_DEFER_CALLBACKS | BEV_OPT_UNLOCK_CALLBACKS) -BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options, bool enable_ssl, const std::string& ssl_property_file) { - struct bufferevent* event { nullptr }; +BufferEvent* EventLoop::createBufferEvent(socket_t fd, + int options, + bool enable_ssl, + const std::string& ssl_property_file) { + struct bufferevent* event{nullptr}; if (enable_ssl) { if (!m_sslCtx && !CreateSslContext(ssl_property_file)) { @@ -213,10 +223,9 @@ BufferEvent* EventLoop::createBufferEvent(socket_t fd, int options, bool enable_ } // create ssl bufferevent - event = bufferevent_openssl_socket_new(m_eventBase, fd, ssl, - BUFFEREVENT_SSL_CONNECTING, options); - - /* create filter ssl bufferevent + event = bufferevent_openssl_socket_new(m_eventBase, fd, ssl, BUFFEREVENT_SSL_CONNECTING, options); + + /* create filter ssl bufferevent struct bufferevent *bev = bufferevent_socket_new(m_eventBase, fd, options); event = bufferevent_openssl_filter_new(m_eventBase, bev, ssl, BUFFEREVENT_SSL_CONNECTING, options); diff --git a/src/transport/EventLoop.h b/src/transport/EventLoop.h index d53a04f86..24eb9bafb 100644 --- a/src/transport/EventLoop.h +++ b/src/transport/EventLoop.h @@ -20,15 +20,15 @@ #include #include -#include -#include -#include -#include #include #include +#include +#include +#include +#include -#include "noncopyable.h" #include "UtilAll.h" +#include "noncopyable.h" using socket_t = evutil_socket_t; @@ -54,11 +54,11 @@ class EventLoop : public noncopyable { bool CreateSslContext(const std::string& ssl_property_file); private: - struct event_base* m_eventBase { nullptr }; - std::thread* m_loopThread { nullptr }; + struct event_base* m_eventBase{nullptr}; + std::thread* m_loopThread{nullptr}; using SSL_CTX_ptr = std::unique_ptr; - SSL_CTX_ptr m_sslCtx { nullptr, ::SSL_CTX_free }; - bool m_isRuning { false }; // aotmic is unnecessary + SSL_CTX_ptr m_sslCtx{nullptr, ::SSL_CTX_free}; + bool m_isRuning{false}; // aotmic is unnecessary }; class TcpTransport; diff --git a/src/transport/SocketUtil.cpp b/src/transport/SocketUtil.cpp index daa369c3f..3e8f26907 100644 --- a/src/transport/SocketUtil.cpp +++ b/src/transport/SocketUtil.cpp @@ -86,4 +86,4 @@ uint64 h2nll(uint64 v) { uint64 n2hll(uint64 v) { return swapll(v); } -} // -#include #include +#include #pragma comment(lib, "ws2_32.lib") #else #include @@ -34,7 +34,6 @@ #include #include #include -#include #include #include #include @@ -45,8 +44,8 @@ namespace rocketmq { //createBufferEvent(-1, BEV_OPT_CLOSE_ON_FREE | BEV_OPT_THREADSAFE, m_enableSsl, m_sslPropertyFile)); + m_event.reset(EventLoop::GetDefaultEventLoop()->createBufferEvent(-1, BEV_OPT_CLOSE_ON_FREE | BEV_OPT_THREADSAFE, + m_enableSsl, m_sslPropertyFile)); m_event->setCallback(readNextMessageIntCallback, nullptr, eventCallback, shared_from_this()); m_event->setWatermark(EV_READ, 4, 0); m_event->enable(EV_READ | EV_WRITE); diff --git a/src/transport/TcpTransport.h b/src/transport/TcpTransport.h old mode 100755 new mode 100644 index d657d0ddb..79b14d799 --- a/src/transport/TcpTransport.h +++ b/src/transport/TcpTransport.h @@ -41,7 +41,8 @@ class TcpRemotingClient; class TcpTransport : public std::enable_shared_from_this { public: static std::shared_ptr CreateTransport(TcpRemotingClient* pTcpRemotingClient, - bool enableSsl, const std::string& sslPropertyFile, + bool enableSsl, + const std::string& sslPropertyFile, TcpTransportReadCallback handle = nullptr) { // transport must be managed by smart pointer std::shared_ptr transport(new TcpTransport(pTcpRemotingClient, enableSsl, sslPropertyFile, handle)); @@ -60,7 +61,10 @@ class TcpTransport : public std::enable_shared_from_this { const uint64_t getStartTime() const; private: - TcpTransport(TcpRemotingClient* pTcpRemotingClient, bool enableSsl, const std::string& sslPropertyFile, TcpTransportReadCallback handle = nullptr); + TcpTransport(TcpRemotingClient* pTcpRemotingClient, + bool enableSsl, + const std::string& sslPropertyFile, + TcpTransportReadCallback handle = nullptr); static void readNextMessageIntCallback(BufferEvent* event, TcpTransport* transport); static void eventCallback(BufferEvent* event, short what, TcpTransport* transport); diff --git a/test/src/MQClientManagerTest.cpp b/test/src/MQClientManagerTest.cpp index 1406e6fb9..208770e69 100644 --- a/test/src/MQClientManagerTest.cpp +++ b/test/src/MQClientManagerTest.cpp @@ -33,8 +33,10 @@ using testing::Return; TEST(MQClientManagerTest, getClientFactory) { string clientId = "testClientId"; string unitName = "central"; - MQClientFactory* factory = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, true, DEFAULT_SSL_PROPERTY_FILE); - MQClientFactory* factory2 = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, true, DEFAULT_SSL_PROPERTY_FILE); + MQClientFactory* factory = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, true, + DEFAULT_SSL_PROPERTY_FILE); + MQClientFactory* factory2 = MQClientManager::getInstance()->getMQClientFactory(clientId, 1, 1000, 3000, unitName, + true, DEFAULT_SSL_PROPERTY_FILE); EXPECT_EQ(factory, factory2); factory->shutdown(); diff --git a/test/src/transport/ClientRemotingProcessorTest.cpp b/test/src/transport/ClientRemotingProcessorTest.cpp index f90a1ce97..716150d1c 100644 --- a/test/src/transport/ClientRemotingProcessorTest.cpp +++ b/test/src/transport/ClientRemotingProcessorTest.cpp @@ -80,7 +80,13 @@ class MockMQClientFactory : public MQClientFactory { uint64_t tcpConnectTimeout, uint64_t tcpTransportTryLockTimeout, string unitName) - : MQClientFactory(clientID, pullThreadNum, tcpConnectTimeout, tcpTransportTryLockTimeout, unitName, true, rocketmq::DEFAULT_SSL_PROPERTY_FILE) {} + : MQClientFactory(clientID, + pullThreadNum, + tcpConnectTimeout, + tcpTransportTryLockTimeout, + unitName, + true, + rocketmq::DEFAULT_SSL_PROPERTY_FILE) {} MOCK_METHOD3(resetOffset, void(const string& group, const string& topic, const map& offsetTable)); From c8cd0ec6d582e7b6e3e46fd9839cee1130fa1385 Mon Sep 17 00:00:00 2001 From: dinglei Date: Tue, 17 Mar 2020 21:18:17 +0800 Subject: [PATCH 11/16] change openssl static library install path. --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0e9b34cdb..baa227d0d 100755 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -55,7 +55,7 @@ if (WIN32) else () #find_package(OpenSSL 1.1.1 REQUIRED COMPONENTS) set(OPENSSL_INCLUDE_DIR ${PROJECT_SOURCE_DIR}/bin/include) - set(OPENSSL_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib64) + set(OPENSSL_LIBRARIES_DIR ${PROJECT_SOURCE_DIR}/bin/lib) set(OPENSSL_LIBRARIES ${OPENSSL_LIBRARIES_DIR}/libssl.a;${OPENSSL_LIBRARIES_DIR}/libcrypto.a) include_directories(${OPENSSL_INCLUDE_DIR}) endif () From 66da941974b0057617366b101bf53a24e39e3877 Mon Sep 17 00:00:00 2001 From: dinglei Date: Tue, 17 Mar 2020 21:24:45 +0800 Subject: [PATCH 12/16] using built-in openssl to compile libevent. --- build.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/build.sh b/build.sh index 828b0d932..003939986 100755 --- a/build.sh +++ b/build.sh @@ -226,16 +226,16 @@ BuildOpenSSL() { fi echo "build openssl static #####################" if [ $verbose -eq 0 ]; then - ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} &> opensslconfig.txt + ./config no-shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} &> opensslconfig.txt else - ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} + ./config no-shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} fi if [ $? -ne 0 ]; then exit 1 fi if [ $verbose -eq 0 ]; then echo "build openssl without detail log." - make depend + make depend &> opensslbuild.txt make -j $cpu_num &> opensslbuild.txt else make depend @@ -276,9 +276,9 @@ BuildLibevent() { fi echo "build libevent static #####################" if [ $verbose -eq 0 ]; then - ./configure --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} &> libeventconfig.txt + ./configure --enable-static=yes --enable-shared=no CFLAGS="-fPIC -I${install_lib_dir}/include" CPPFLAGS="-fPIC -I${install_lib_dir}/include" LDFLAGS="-L${install_lib_dir}/lib" --prefix=${install_lib_dir} &> libeventconfig.txt else - ./configure --enable-static=yes --enable-shared=no CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} + ./configure --enable-static=yes --enable-shared=no CFLAGS="-fPIC -I${install_lib_dir}/include" CPPFLAGS="-fPIC -I${install_lib_dir}/include" LDFLAGS="-L${install_lib_dir}/lib" --prefix=${install_lib_dir} fi if [ $? -ne 0 ]; then exit 1 From c3e2ed6d43c2ca62b0c642b15cc41c6a4592ab48 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Wed, 18 Mar 2020 05:22:19 +0800 Subject: [PATCH 13/16] =?UTF-8?q?Modification=20item:=20=EF=BC=881?= =?UTF-8?q?=EF=BC=89Moving/Returning=20temporary=20object=20prevents=20cop?= =?UTF-8?q?y=20elision,=20which=20may=20cause=20RVO=20and=20NRVO=20are=20i?= =?UTF-8?q?nvalid=20technologies.=20=EF=BC=882=EF=BC=89Libevent=20only=20v?= =?UTF-8?q?erifies=20whether=20the=20OpenSSL=20dynamic=20library=20has=20'?= =?UTF-8?q?SSL=5Fnew'=20function=20as=20the=20basis=20for=20the=20existenc?= =?UTF-8?q?e=20of=20OpenSSL.=20=EF=BC=883=EF=BC=89Add=20a=20dependent=20st?= =?UTF-8?q?atic=20library=20to=20MRI.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.sh | 4 ++-- package_rocketmq.mri | 3 +++ src/common/UtilAll.cpp | 8 ++++---- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/build.sh b/build.sh index 003939986..d2dbae005 100755 --- a/build.sh +++ b/build.sh @@ -226,9 +226,9 @@ BuildOpenSSL() { fi echo "build openssl static #####################" if [ $verbose -eq 0 ]; then - ./config no-shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} &> opensslconfig.txt + ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} &> opensslconfig.txt else - ./config no-shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} + ./config shared CFLAGS=-fPIC CPPFLAGS=-fPIC --prefix=${install_lib_dir} --openssldir=${install_lib_dir} fi if [ $? -ne 0 ]; then exit 1 diff --git a/package_rocketmq.mri b/package_rocketmq.mri index fc5f6900e..f19383ed1 100644 --- a/package_rocketmq.mri +++ b/package_rocketmq.mri @@ -11,10 +11,13 @@ addlib ../bin/lib/libboost_serialization.a addlib ../bin/lib/libboost_system.a addlib ../bin/lib/libboost_thread.a addlib ../bin/lib/libboost_wserialization.a +addlib ../bin/lib/libssl.a +addlib ../bin/lib/libcrypto.a addlib ../bin/lib/libevent.a addlib ../bin/lib/libevent_core.a addlib ../bin/lib/libevent_extra.a addlib ../bin/lib/libevent_pthreads.a +addlib ../bin/lib/libevent_openssl.a addlib ../bin/lib/libjsoncpp.a addlib ../bin/lib/libSignature.a addlib ../bin/librocketmq.a diff --git a/src/common/UtilAll.cpp b/src/common/UtilAll.cpp index d0d792650..8faa8b12d 100644 --- a/src/common/UtilAll.cpp +++ b/src/common/UtilAll.cpp @@ -366,21 +366,21 @@ std::map UtilAll::ReadProperties(const std::string& pa std::size_t pos{0}; pos = line_buffer.find('#'); if (pos != string::npos) { - line_buffer = std::move(line_buffer.substr(0, pos)); + line_buffer = line_buffer.substr(0, pos); } if (line_buffer.empty()) { continue; } pos = line_buffer.find('='); if (pos != string::npos) { - std::string key = std::move(boost::trim_copy(line_buffer.substr(0, pos))); - std::string value = std::move(boost::trim_copy(line_buffer.substr(pos + 1))); + std::string key = boost::trim_copy(line_buffer.substr(0, pos)); + std::string value = boost::trim_copy(line_buffer.substr(pos + 1)); property_map[key] = value; } } } - return std::move(property_map); + return property_map; } } // namespace rocketmq From 191c3d254bc3cf412bd2f6b048a3a21ab95a4091 Mon Sep 17 00:00:00 2001 From: dinglei Date: Mon, 23 Mar 2020 21:03:28 +0800 Subject: [PATCH 14/16] remove comments for code format. --- src/transport/EventLoop.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 4f3b25692..303eb1f91 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -34,7 +34,7 @@ EventLoop* EventLoop::GetDefaultEventLoop() { } EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { - // tell libevent support multi-threads + #ifdef WIN32 evthread_use_windows_threads(); #else From d27353efd8dd68a40058bd131cfd6b4e0fe76a20 Mon Sep 17 00:00:00 2001 From: "yizhe.wcm" Date: Tue, 24 Mar 2020 16:44:19 +0800 Subject: [PATCH 15/16] Fix the missing packing problem of static library packing script under Mac OS. For example, there is buffer. o in libcrypto. a, and buffer. o in libevent_core. a, but the symbols of the two are complementary. The method of using 'ar x' and 'ar cru' will result in the loss of symbol in one of the above two buffer. o. --- build.sh | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/build.sh b/build.sh index d2dbae005..4a76f9e31 100755 --- a/build.sh +++ b/build.sh @@ -505,22 +505,16 @@ PackageRocketMQStatic() { cp -f ${install_lib_dir}/librocketmq.a . echo "Md5 Hash RocketMQ Before:" md5sum librocketmq.a - local dir=`ls *.a | grep -v gtest | grep -v gmock ` + local dir=`ls *.a | grep -E 'gtest|gmock'` for i in $dir do - echo $i - ar x $i + rm -rf $i done - echo "At last, ar libboost_filesystem" - ar x libboost_filesystem.a - ar cru librocketmq.a *.o - ranlib librocketmq.a + libtool -no_warning_for_no_symbols -static -o librocketmq.a *.a echo "Md5 Hash RocketMQ After:" md5sum librocketmq.a echo "Try to copy $(pwd)/librocketmq.a to ${install_lib_dir}/" cp -f librocketmq.a ${install_lib_dir}/ - rm -rf *.o - rm -rf __.* cd ${basepath} rm -rf ${static_package_dir} fi From 98e3bba567adb002954e03baefe07a37e3bd9ff4 Mon Sep 17 00:00:00 2001 From: ShannonDing Date: Tue, 24 Mar 2020 17:42:15 +0800 Subject: [PATCH 16/16] chors(style): format code style for eventloop. --- src/transport/EventLoop.cpp | 1 - 1 file changed, 1 deletion(-) diff --git a/src/transport/EventLoop.cpp b/src/transport/EventLoop.cpp index 303eb1f91..e66ceb5f6 100644 --- a/src/transport/EventLoop.cpp +++ b/src/transport/EventLoop.cpp @@ -34,7 +34,6 @@ EventLoop* EventLoop::GetDefaultEventLoop() { } EventLoop::EventLoop(const struct event_config* config, bool run_immediately) { - #ifdef WIN32 evthread_use_windows_threads(); #else