kudu-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ale...@apache.org
Subject [2/3] kudu git commit: [security] enhance warning on conflicting OpenSSL initialization
Date Fri, 14 Dec 2018 21:01:47 GMT
[security] enhance warning on conflicting OpenSSL initialization

This patch enhances the warning message on detected conflicting
initialization of the OpenSSL library, making it more actionable.

This patch does not contain any functional changes.

Change-Id: I72e989dce82586ba43d2cb4c00e2ef6948c2bd2a
Reviewed-on: http://gerrit.cloudera.org:8080/12089
Tested-by: Alexey Serbin <aserbin@cloudera.com>
Reviewed-by: Adar Dembo <adar@cloudera.com>


Project: http://git-wip-us.apache.org/repos/asf/kudu/repo
Commit: http://git-wip-us.apache.org/repos/asf/kudu/commit/9be2911c
Tree: http://git-wip-us.apache.org/repos/asf/kudu/tree/9be2911c
Diff: http://git-wip-us.apache.org/repos/asf/kudu/diff/9be2911c

Branch: refs/heads/master
Commit: 9be2911c908acfa8b8cc30775599a4607660d3ac
Parents: 72328e9
Author: Alexey Serbin <alexey@apache.org>
Authored: Thu Dec 13 19:25:51 2018 -0800
Committer: Alexey Serbin <aserbin@cloudera.com>
Committed: Fri Dec 14 21:00:01 2018 +0000

----------------------------------------------------------------------
 src/kudu/security/openssl_util.cc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/kudu/blob/9be2911c/src/kudu/security/openssl_util.cc
----------------------------------------------------------------------
diff --git a/src/kudu/security/openssl_util.cc b/src/kudu/security/openssl_util.cc
index a32140f..1576ea8 100644
--- a/src/kudu/security/openssl_util.cc
+++ b/src/kudu/security/openssl_util.cc
@@ -130,8 +130,11 @@ void DoInitializeOpenSSL() {
   auto ctx = ssl_make_unique(SSL_CTX_new(SSLv23_method()));
   if (ctx) {
     LOG(WARNING) << "It appears that OpenSSL has been previously initialized by "
-                 << "code outside of Kudu. Please use kudu::client::DisableOpenSSLInitialization()
"
-                 << "to avoid potential crashes due to conflicting initialization.";
+                    "code outside of Kudu. Please first properly initialize "
+                    "OpenSSL for multi-threaded usage (setting thread callback "
+                    "functions for OpenSSL of versions earlier than 1.1.0) and "
+                    "then call kudu::client::DisableOpenSSLInitialization() "
+                    "to avoid potential crashes due to conflicting initialization.";
     // Continue anyway; all of the below is idempotent, except for the locking callback,
     // which we check before overriding. They aren't thread-safe, however -- that's why
     // we try to get embedding applications to do the right thing here rather than risk a


Mime
View raw message