diff --git a/build/script/cmake_package_mini.sh b/build/script/cmake_package_mini.sh index 81b71fcaf5d78c2397a9148874204b1a5523b387..ad66dad1e0cb882ae1555637005742cfcc89c06d 100644 --- a/build/script/cmake_package_mini.sh +++ b/build/script/cmake_package_mini.sh @@ -473,6 +473,7 @@ function install_gaussdb() if [ "${PLATFORM_ARCH}"x == "loongarch64"x ]; then CMAKE_OPT="$CMAKE_OPT -DENABLE_BBOX=OFF -DENABLE_JEMALLOC=OFF" fi + CMAKE_OPT="$CMAKE_OPT -DENABLE_OBS=ON" echo "CMAKE_OPT----> $CMAKE_OPT" echo "Begin run cmake for gaussdb server" >> "$LOG_FILE" 2>&1 diff --git a/cmake/src/build_options.cmake b/cmake/src/build_options.cmake index 557d74dc0d698b3b509a177bf9af0e20a8412892..4993a10c1496470fbfdc9f634690f778f1d79740 100755 --- a/cmake/src/build_options.cmake +++ b/cmake/src/build_options.cmake @@ -66,6 +66,8 @@ option(ENABLE_MYSQL_FDW "enable export or import data with mysql,the old is --en option(ENABLE_ORACLE_FDW "enable export or import data with oracle,the old is --enable-oracle-fdw" OFF) option(ENABLE_BBOX "enable bbox,the old is --enable-bbox " ON) option(ENABLE_JEMALLOC "enable jemalloc,the old is --enable-jemalloc " ON) +option(ENABLE_OBS "enable obs, the old is --enable-obs " ON) +option(ENABLE_OPENSSL3 "enable openssl, the old is --enable-openssl " OFF) option(BUILD_BY_CMAKE "the BUILD_BY_CMAKE is new,used in distribute pg_regress.cpp" ON) option(DEBUG_UHEAP "collect USTORE statistics" OFF) option(MAX_ALLOC_SEGNUM "max alloc xlog seg num in extreme_rto" 4) @@ -165,6 +167,14 @@ if(${ENABLE_READLINE} STREQUAL "ON") add_definitions(-DHAVE_READLINE_READLINE_H) endif() +if(ENABLE_OBS) + add_definitions(-DENABLE_OBS) +endif() + +if(ENABLE_OPENSSL3) + add_definitions(-DENABLE_OPENSSL3) +endif() + set(PROTECT_OPTIONS -fwrapv -std=c++14 -fnon-call-exceptions ${OPTIMIZE_LEVEL}) set(WARNING_OPTIONS -Wall -Wendif-labels -Wformat-security) set(OPTIMIZE_OPTIONS -pipe -pthread -fno-aggressive-loop-optimizations -fno-expensive-optimizations -fno-omit-frame-pointer -fno-strict-aliasing -freg-struct-return) diff --git a/configure b/configure index 02d3c947a90e2384a86a2cba4a6b922bc77be0c3..f58669624964560eac8a626eb6ed7ff185e2a144 100755 --- a/configure +++ b/configure @@ -711,6 +711,8 @@ krb_srvtab with_python with_openeuler_os with_openeuler_major +with_obs +with_openssl3 enable_thread_safety INCLUDES TAS @@ -839,6 +841,8 @@ with_pgport with_gs_version with_openeuler_os with_openeuler_major +with_obs +with_openssl3 enable_shared enable_rpath enable_jemalloc @@ -3465,8 +3469,10 @@ if [[ "$(cat /etc/system-release)" =~ ^"openEuler release 22.03".* ]]; then with_openeuler_major=yes fi +with_obs=yes if [[ "$(cat /etc/system-release)" =~ ^"openEuler release 24.03".* ]]; then with_openeuler_major=yes + with_openssl3=no fi if [[ "$(cat /etc/system-release)" =~ ^"CSIOS release 1.0".* ]]; then diff --git a/contrib/pgcrypto/openssl.cpp b/contrib/pgcrypto/openssl.cpp index c39ddc6559f6bd0e26c3939bae9360f5eaaa53de..080c8b55a361850525d91764e6f3bd79e500f052 100644 --- a/contrib/pgcrypto/openssl.cpp +++ b/contrib/pgcrypto/openssl.cpp @@ -927,7 +927,7 @@ int px_get_random_bytes(uint8* dst, unsigned count) if (!openssl_random_init) init_openssl_rand(); - res = RAND_priv_bytes(dst, count); + res = RAND_bytes(dst, count); if (res == 1) return count; diff --git a/src/Makefile.global.in b/src/Makefile.global.in index 550dcd2959a6d92f6c886dfb616cdfd59d43bddc..4d9846df29beab73353a9d422eef041b77ce135b 100644 --- a/src/Makefile.global.in +++ b/src/Makefile.global.in @@ -219,6 +219,8 @@ PTHREAD_CFLAGS = @PTHREAD_CFLAGS@ PTHREAD_LIBS = @PTHREAD_LIBS@ with_openeuler_os = @with_openeuler_os@ with_openeuler_major = @with_openeuler_major@ +with_obs = @with_obs@ +with_openssl3 = @with_openssl3@ ############################################################################# @@ -780,6 +782,10 @@ ifeq ($(with_openeuler_major), yes) override CPPFLAGS := $(CPPFLAGS) -DOPENEULER_MAJOR endif +ifeq ($(with_obs), yes) + override CPPFLAGS := $(CPPFLAGS) -DENABLE_OBS +endif + CC = @CC@ GCC = @GCC@ C = gcc diff --git a/src/bin/gs_guc/pg_guc.cpp b/src/bin/gs_guc/pg_guc.cpp index 4174952d63cfc5726fc93b9671f32e9a58e795a4..7348fd33313774652adddbf90519ce6df6eef0c3 100644 --- a/src/bin/gs_guc/pg_guc.cpp +++ b/src/bin/gs_guc/pg_guc.cpp @@ -2388,8 +2388,8 @@ void doGenerateOperation(const char* datadir, const char* loginfo) char* encodetext = NULL; /* Generate a random value by OpenSSL function. */ - retval = RAND_priv_bytes((unsigned char*)init_rand, RANDOM_LEN); - if (retval != 1) /* the return value of RAND_priv_bytes:1--success */ + retval = RAND_bytes((unsigned char*)init_rand, RANDOM_LEN); + if (retval != 1) /* the return value of RAND_bytes:1--success */ { (void)write_stderr(_("%s: generate random key failed, errcode:%d.\n"), progname, retval); GS_FREE(g_cipherkey); diff --git a/src/bin/pg_dump/pg_dump.cpp b/src/bin/pg_dump/pg_dump.cpp index b578b57a9410392ac7c94eb5c888f12a42f40c04..f760bf64f98d23a61f4c8214638775c63e8e772b 100644 --- a/src/bin/pg_dump/pg_dump.cpp +++ b/src/bin/pg_dump/pg_dump.cpp @@ -897,7 +897,7 @@ int main(int argc, char** argv) GS_UCHAR init_rand[RANDOM_LEN + 1] = {0}; /* get a random values as salt for encrypt */ - retval = RAND_priv_bytes(init_rand, RANDOM_LEN); + retval = RAND_bytes(init_rand, RANDOM_LEN); if (retval != 1) { exit_horribly(NULL, "Generate random key failed\n"); } diff --git a/src/bin/pg_dump/pg_dumpall.cpp b/src/bin/pg_dump/pg_dumpall.cpp index da2d7244365c86cc9885125c9cc7a21f188b3907..27e06149ced66b5107c8b871096f9a97c39382a3 100644 --- a/src/bin/pg_dump/pg_dumpall.cpp +++ b/src/bin/pg_dump/pg_dumpall.cpp @@ -848,7 +848,7 @@ static void generateRandArray() while (k++ < RAND_COUNT) { is_rand_ok = true; - retval = RAND_priv_bytes(init_rand, RANDOM_LEN); + retval = RAND_bytes(init_rand, RANDOM_LEN); if (retval != 1) { exit_horribly(NULL, "Generate random key failed\n"); } diff --git a/src/common/backend/libpq/auth.cpp b/src/common/backend/libpq/auth.cpp index c708321ee982126ec6abba6116988db9dff94aa8..c06a56bcf101877da33b035605f77c22dc1d8821 100644 --- a/src/common/backend/libpq/auth.cpp +++ b/src/common/backend/libpq/auth.cpp @@ -633,7 +633,7 @@ void ClientAuthentication(Port* port) securec_check(rc, "\0", "\0"); /* Functions which alloc memory need hold interrupts for safe. */ HOLD_INTERRUPTS(); - retval = RAND_priv_bytes((GS_UCHAR*)token, (GS_UINT32)TOKEN_LENGTH); + retval = RAND_bytes((GS_UCHAR*)token, (GS_UINT32)TOKEN_LENGTH); RESUME_INTERRUPTS(); CHECK_FOR_INTERRUPTS(); if (retval != 1) { @@ -834,14 +834,14 @@ static char fake_storedkey[STORED_KEY_LENGTH * ENCRY_LENGTH_DOUBLE + 1] = {0}; GenerateFakeSaltBytes(port->user_name, fake_salt_bytes, SALT_LENGTH); - retval = RAND_priv_bytes((GS_UCHAR*)fake_serverkey_bytes, (GS_UINT32)(HMAC_LENGTH)); + retval = RAND_bytes((GS_UCHAR*)fake_serverkey_bytes, (GS_UINT32)(HMAC_LENGTH)); if (retval != 1) { ereport(ERROR, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("Failed to Generate the random storedkey,errcode:%d", retval))); } - retval = RAND_priv_bytes((GS_UCHAR*)fake_storedkey_bytes, (GS_UINT32)(STORED_KEY_LENGTH)); + retval = RAND_bytes((GS_UCHAR*)fake_storedkey_bytes, (GS_UINT32)(STORED_KEY_LENGTH)); if (retval != 1) { ereport(ERROR, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), diff --git a/src/common/backend/libpq/be-secure.cpp b/src/common/backend/libpq/be-secure.cpp index c2bb0b12ed3dd540d3f6611f09a2bddc175c3660..5d400b95836b31e0ee9e1fb035ab802a6288d5b7 100644 --- a/src/common/backend/libpq/be-secure.cpp +++ b/src/common/backend/libpq/be-secure.cpp @@ -63,7 +63,10 @@ #include "openssl/ssl.h" #include "openssl/rand.h" #include "openssl/ossl_typ.h" +#if OPENSSL_VERSION_NUMBER >= 0x10100000L #include "openssl/sslerr.h" +#endif +#include "ssl/gs_openssl_client.h" #include "openssl/obj_mac.h" #include "openssl/dh.h" #include "openssl/bn.h" @@ -1000,7 +1003,7 @@ static void initialize_SSL(void) (void)OPENSSL_init_ssl(0, NULL); SSL_load_error_strings(); - u_sess->libpq_cxt.SSL_server_context = SSL_CTX_new(TLS_method()); + u_sess->libpq_cxt.SSL_server_context = SSL_CTX_new(SSLv23_method()); if (!u_sess->libpq_cxt.SSL_server_context) { ereport(FATAL, (errmsg("could not create SSL context : %s.)", SSLerrmessage()))); } @@ -1571,6 +1574,7 @@ static int my_sock_write(BIO* h, const char* buf, int size) static BIO_METHOD* my_BIO_s_socket(void) { if (my_bio_methods == NULL) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L int my_bio_index; my_bio_index = BIO_get_new_index(); @@ -1594,6 +1598,23 @@ static BIO_METHOD* my_BIO_s_socket(void) my_bio_methods = NULL; return NULL; } +#else + BIO_METHOD *biom = (BIO_METHOD *)BIO_s_socket(); + if (biom == NULL) { + return NULL; + } + my_bio_methods = static_cast(malloc(sizeof(BIO_METHOD))); + if (!my_bio_methods) { + return NULL; + } + errno_t copy_result = memcpy_s(my_bio_methods, sizeof(BIO_METHOD), biom, sizeof(BIO_METHOD)); + if (copy_result != 0) { + free(my_bio_methods); + return NULL; + } + my_bio_methods->bread = my_sock_read; + my_bio_methods->bwrite = my_sock_write; +#endif } return my_bio_methods; } @@ -1694,56 +1715,57 @@ DH* genDHKeyPair(DHKeyLength dhType) DH* dh = NULL; BIGNUM* bn_prime = NULL; unsigned char GENERATOR_2[] = {DH_GENERATOR_2}; - BIGNUM* bn_genenrator_2 = BN_bin2bn(GENERATOR_2, sizeof(GENERATOR_2), NULL); - if (bn_genenrator_2 == NULL) { + BIGNUM* bn_generator_2 = BN_bin2bn(GENERATOR_2, sizeof(GENERATOR_2), NULL); + if (bn_generator_2 == NULL) { return NULL; } - switch (dhType) { - case DHKey768: - bn_prime = BN_get_rfc2409_prime_768(NULL); - break; - case DHKey1024: - bn_prime = BN_get_rfc2409_prime_1024(NULL); - break; - case DHKey1536: - bn_prime = BN_get_rfc3526_prime_1536(NULL); - break; - case DHKey2048: - bn_prime = BN_get_rfc3526_prime_2048(NULL); - break; - case DHKey3072: - bn_prime = BN_get_rfc3526_prime_3072(NULL); - break; - case DHKey4096: - bn_prime = BN_get_rfc3526_prime_4096(NULL); - break; - case DHKey6144: - bn_prime = BN_get_rfc3526_prime_6144(NULL); - break; - case DHKey8192: - bn_prime = BN_get_rfc3526_prime_8192(NULL); - break; - default: - break; +#if OPENSSL_VERSION_NUMBER < 0x10100000L + BIGNUM* (*BN_func[])(BIGNUM*) = { + get_rfc2409_prime_768, + get_rfc2409_prime_1024, + get_rfc3526_prime_1536, + get_rfc3526_prime_2048, + get_rfc3526_prime_3072, + get_rfc3526_prime_4096, + get_rfc3526_prime_6144, + get_rfc3526_prime_8192 + }; +#else + BIGNUM* (*BN_func[])(BIGNUM*) = { + BN_get_rfc2409_prime_768, + BN_get_rfc2409_prime_1024, + BN_get_rfc3526_prime_1536, + BN_get_rfc3526_prime_2048, + BN_get_rfc3526_prime_3072, + BN_get_rfc3526_prime_4096, + BN_get_rfc3526_prime_6144, + BN_get_rfc3526_prime_8192 + }; +#endif + + if (dhType < 0 || dhType >= (int)(sizeof(BN_func) / sizeof(BN_func[0]))) { + BN_free(bn_generator_2); + return NULL; } + bn_prime = BN_func[dhType](NULL); if (bn_prime == NULL) { - BN_free(bn_genenrator_2); + BN_free(bn_generator_2); return NULL; } dh = DH_new(); if (dh == NULL) { BN_free(bn_prime); - BN_free(bn_genenrator_2); + BN_free(bn_generator_2); return NULL; } - ret = DH_set0_pqg(dh, bn_prime, NULL, bn_genenrator_2); + ret = DH_set0_pqg(dh, bn_prime, NULL, bn_generator_2); if (!ret) { BN_free(bn_prime); - BN_free(bn_genenrator_2); + BN_free(bn_generator_2); DH_free(dh); return NULL; } @@ -1751,7 +1773,7 @@ DH* genDHKeyPair(DHKeyLength dhType) ret = DH_generate_key(dh); if (!ret) { BN_free(bn_prime); - BN_free(bn_genenrator_2); + BN_free(bn_generator_2); DH_free(dh); return NULL; } diff --git a/src/common/backend/libpq/crypt.cpp b/src/common/backend/libpq/crypt.cpp index 54f1a25eb55d3ae08abe8b6cbb36998644f96f15..68d5b56663616937d26e33de7c9cdd7e8522d995 100644 --- a/src/common/backend/libpq/crypt.cpp +++ b/src/common/backend/libpq/crypt.cpp @@ -628,12 +628,14 @@ int crypt_verify(const Port* port, const char* role, char* client_pass) return STATUS_ERROR; } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L CRYPT_digest_ret = EVP_Digest((GS_UCHAR*)xor_result_sm3, HMAC_LENGTH, (GS_UCHAR*)hash_result_sm3, (GS_UINT32*)&hmac_length_sm3, EVP_sm3(), NULL); +#endif if (!CRYPT_digest_ret) { pfree_ext(pass_info.shadow_pass); diff --git a/src/common/backend/libpq/sha2.cpp b/src/common/backend/libpq/sha2.cpp index 3b996ffe20d5195db8aa4bab8f1e2cbee739b279..b600ff5d869642180e91529e80b2a0fe3ab12289 100644 --- a/src/common/backend/libpq/sha2.cpp +++ b/src/common/backend/libpq/sha2.cpp @@ -861,8 +861,10 @@ bool GsSm3Encrypt( sha_bytes_to_hex64((uint8*)client_key, client_key_buf); } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L hash_ret = EVP_Digest( (GS_UCHAR*)client_key, HMAC_LENGTH, (GS_UCHAR*)stored_key, (GS_UINT32*)&stored_key_length, EVP_sm3(), NULL); +#endif if (!hash_ret) { rc = memset_s(k, K_LENGTH + 1, 0, K_LENGTH + 1); diff --git a/src/common/backend/pgxc_single/barrier/barrier.cpp b/src/common/backend/pgxc_single/barrier/barrier.cpp index a100cfaa38aaa81ff8de2dd9401d585687372353..f2e49a920d1b2ff0b12654ba1a0262c5a876d8ba 100755 --- a/src/common/backend/pgxc_single/barrier/barrier.cpp +++ b/src/common/backend/pgxc_single/barrier/barrier.cpp @@ -401,9 +401,11 @@ void DisasterRecoveryRequestBarrier(const char* id, bool isSwitchoverBarrier) recptr = XLogInsert(RM_BARRIER_ID, XLOG_BARRIER_CREATE, InvalidBktId); XLogWaitFlush(recptr); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (t_thrd.role == BARRIER_CREATOR) { UpdateGlobalBarrierListOnMedia(id, g_instance.attr.attr_common.PGXCNodeName); } +#endif #endif SpinLockAcquire(&g_instance.archive_obs_cxt.barrier_lock); pg_atomic_init_u64(&g_instance.archive_obs_cxt.barrierLsn, recptr); diff --git a/src/common/interfaces/libpq/fe-secure.cpp b/src/common/interfaces/libpq/fe-secure.cpp index 9dadd6eb5ea69c25ef990b8a3c6fb26d3dc07913..2dff4e8c49a38464fe46ec06aa16d87a0fa898e0 100644 --- a/src/common/interfaces/libpq/fe-secure.cpp +++ b/src/common/interfaces/libpq/fe-secure.cpp @@ -63,7 +63,10 @@ #include "openssl/ossl_typ.h" #include "openssl/x509.h" #include "openssl/crypto.h" +#if OPENSSL_VERSION_NUMBER >= 0x10100000L #include "openssl/sslerr.h" +#endif +#include "ssl/gs_openssl_client.h" #include "openssl/err.h" #include "utils/elog.h" @@ -446,6 +449,9 @@ ssize_t pqsecure_read(PGconn* conn, void* ptr, size_t len) libpq_gettext("SSL error: %s, remote datanode %s, error: %s\n"), errm, conn->remote_nodename, strerror(errno)); SSLerrfree(errm); +#ifdef ENABLE_OPENSSL3 + REMEMBER_EPIPE(spinfo, errno == EPIPE); +#endif /* assume the connection is broken */ result_errno = ECONNRESET; n = -1; @@ -596,6 +602,9 @@ ssize_t pqsecure_write(PGconn* conn, const void* ptr, size_t len) libpq_gettext("SSL error: %s, remote datanode %s, error: %s\n"), errm, conn->remote_nodename, strerror(errno)); SSLerrfree(errm); +#ifdef ENABLE_OPENSSL3 + REMEMBER_EPIPE(spinfo, errno == EPIPE); +#endif /* assume the connection is broken */ result_errno = ECONNRESET; n = -1; @@ -1126,6 +1135,10 @@ static GS_UINT32 pq_threadidcallback(void) return (GS_UINT32)pthread_self(); } +static unsigned long gs_threadidcallback(void) { + return (unsigned long)pthread_self(); +} + #endif /* ENABLE_THREAD_SAFETY */ /* @@ -1214,7 +1227,11 @@ static int init_ssl_system(PGconn* conn) if (ssl_open_connections++ == 0 && !is_gc_fdw_client) { /* These are only required for threaded libcrypto applications */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L // OpenSSL 1.0.x + CRYPTO_set_id_callback(gs_threadidcallback); +#else // OpenSSL 1.1.0+ CRYPTO_THREADID_set_callback(pq_threadidcallback); +#endif } #pragma GCC diagnostic pop } diff --git a/src/common/port/cipher.cpp b/src/common/port/cipher.cpp index 910fa09912f868d5177de733622de23219cb2c89..c9148d37cbbc71ab4879b00ce0c3bbf164ad8463 100644 --- a/src/common/port/cipher.cpp +++ b/src/common/port/cipher.cpp @@ -86,7 +86,7 @@ bool init_vector_random(GS_UCHAR* init_vector, size_t vector_len) int retval = 0; GS_UCHAR random_vector[RANDOM_LEN] = {0}; - retval = RAND_priv_bytes(random_vector, RANDOM_LEN); + retval = RAND_bytes(random_vector, RANDOM_LEN); if (retval != 1) { errorno = memset_s(random_vector, RANDOM_LEN, '\0', RANDOM_LEN); securec_check_c(errorno, "", ""); @@ -544,7 +544,7 @@ static bool gen_cipher_file(KeyMode mode, /* SERVER_MODE or CLIENT_MODE or OBS_M } /* generate init rand key */ - retval = RAND_priv_bytes(encrypt_rand, RANDOM_LEN); + retval = RAND_bytes(encrypt_rand, RANDOM_LEN); if (retval != 1) { #ifndef ENABLE_LLT (void)fprintf(stderr, _("generate random key failed,errcode:%d\n"), retval); @@ -766,7 +766,7 @@ void gen_cipher_rand_files( GS_UCHAR server_vector[RANDOM_LEN] = {'\0'}; GS_UCHAR client_vector[RANDOM_LEN] = {'\0'}; - retval = RAND_priv_bytes(init_rand, RANDOM_LEN); + retval = RAND_bytes(init_rand, RANDOM_LEN); if (retval != 1) { (void)fprintf(stderr, _("generate random key failed,errcode:%d\n"), retval); return; @@ -945,7 +945,7 @@ bool check_certificate_signature_algrithm(const SSL_CTX* SSL_context) /* Get the publickey length, return is bytes length. */ int pub_length; EVP_PKEY *pub_key = NULL; - pub_key = X509_get0_pubkey(pCert); + pub_key = X509_get_pubkey(pCert); pub_length = EVP_PKEY_size(pub_key); /* Get the signature algorithm CID from the certificate. */ switch (nid) { @@ -998,7 +998,7 @@ long check_certificate_time(const SSL_CTX* SSL_context, const int alarm_days) const ASN1_TIME* notafter = NULL; /* Get the notafter time form this certificate.*/ - notafter = X509_get0_notAfter(pstCertificate); + notafter = X509_get_notAfter(pstCertificate); if (notafter == NULL) { return 0; } diff --git a/src/gausskernel/CMakeLists.txt b/src/gausskernel/CMakeLists.txt index 18401ed164109a49efc004d2b2e25a9e817060b4..e5ef4393ac2432a37045a23d7e07cb1a608b7365 100755 --- a/src/gausskernel/CMakeLists.txt +++ b/src/gausskernel/CMakeLists.txt @@ -266,7 +266,6 @@ endif() if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON") list(APPEND gaussdb_objects - $ $ $ $ @@ -274,6 +273,12 @@ if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON") ) endif() +if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON" AND "${ENABLE_OBS}" STREQUAL "ON") + list(APPEND gaussdb_objects + $ + ) +endif() + set(gaussdb_objects ${gaussdb_objects} ${gaussdb_server_objects}) list(APPEND gaussdb_objects @@ -307,8 +312,12 @@ if(${USE_LIBXML}) list(APPEND gaussdb_LINK_DIRS ${LIBXML_LIB_PATH}) endif() +if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON" AND "${ENABLE_OBS}" STREQUAL "ON") + list(APPEND gaussdb_LINK_LIBS -leSDKOBS -leSDKLogAPI -lpcre -liconv -lnghttp2 -llog4cpp) +endif() + if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON") - list(APPEND gaussdb_LINK_LIBS -lz -lminiunz -leSDKOBS -leSDKLogAPI -lpcre -liconv -lnghttp2 -llog4cpp -lcurl -llz4 -lcjson -l${JEMALLOC_LIB_NAME} -lcgroup -lzstd -lcom_err_gauss -lgssapi_krb5_gauss -lkrb5_gauss -lgssrpc_gauss -lk5crypto_gauss -lkadm5clnt_mit -lkadm5srv_mit -lkdb5 -lkrb5support_gauss -lstdc++ -lboost_thread -lboost_chrono -lboost_system -lboost_atomic -lxml2 -laio -lncurses -ltinfo -latomic) + list(APPEND gaussdb_LINK_LIBS -lz -lminiunz -lcurl -llz4 -lcjson -l${JEMALLOC_LIB_NAME} -lcgroup -lzstd -lcom_err_gauss -lgssapi_krb5_gauss -lkrb5_gauss -lgssrpc_gauss -lk5crypto_gauss -lkadm5clnt_mit -lkadm5srv_mit -lkdb5 -lkrb5support_gauss -lstdc++ -lboost_thread -lboost_chrono -lboost_system -lboost_atomic -lxml2 -laio -lncurses -ltinfo -latomic) else() list(APPEND gaussdb_LINK_LIBS -lz -lminiunz -lcurl -llz4 -lcjson -l${JEMALLOC_LIB_NAME} -lcgroup -lzstd -lncurses -ltinfo -lboost_thread -lboost_chrono -lboost_system -lboost_atomic) endif() diff --git a/src/gausskernel/Makefile b/src/gausskernel/Makefile index eb0de1c0d594f2e19d2f622ac7169e7a12987bc5..8c13cf1d6dc9422610e9c70da33e6469b0ae9f61 100755 --- a/src/gausskernel/Makefile +++ b/src/gausskernel/Makefile @@ -122,7 +122,10 @@ endif ############################################################################### LIBS += -L$(LIBCURL_LIB_PATH) -L$(LIBOPENSSL_LIB_PATH) ifeq ($(enable_lite_mode), no) -LIBS += -leSDKOBS -leSDKLogAPI -lssl -lcrypto -lpcre -liconv -lnghttp2 -llog4cpp -l$(SECURE_C_CHECK) -lcurl +ifeq ($(with_obs), yes) +LIBS += -leSDKOBS -leSDKLogAPI -lpcre -liconv -lnghttp2 -llog4cpp +endif +LIBS += -lssl -lcrypto -l$(SECURE_C_CHECK) -lcurl else LIBS += -lssl -l$(SECURE_C_CHECK) -lcurl endif @@ -271,9 +274,12 @@ LDFLAGS += -L$(BOOST_LIB_PATH) -L$(LIBTINFO_LIB_PATH) \ -L$(LIBCGROUP_LIB_PATH) \ -L$(LIBOPENSSL_LIB_PATH) +ifeq ($(with_obs), yes) +LDFLAGS += -L$(LIBOBS_LIB_PATH) +endif + ifeq ($(enable_lite_mode), no) -LDFLAGS += -L$(LIBOBS_LIB_PATH) \ - -L$(LIBLLVM_LIB_PATH) -L$(LIBXML_LIB_PATH) \ +LDFLAGS += -L$(LIBLLVM_LIB_PATH) -L$(LIBXML_LIB_PATH) \ -L$(KERBEROS_LIB_PATH) -L$(LIBSTD_LIB_PATH) endif @@ -285,7 +291,9 @@ endif LDFLAGS += -L$(CJSON_LIB_PATH) CXXFLAGS+= -I$(CJSON_INCLUDE_PATH) - CXXFLAGS+= -I$(LIBOBS_INCLUDE_PATH) +ifeq ($(with_obs), yes) + CXXFLAGS+= -I$(LIBOBS_INCLUDE_PATH) +endif ifeq ($(enable_multiple_nodes), yes) LDFLAGS += -L$(top_builddir)/../distribute/gtm/libpg @@ -603,6 +611,7 @@ endif ifeq ($(enable_lite_mode), no) cd $(KERBEROS_LIB_PATH) && tar -cpf - ./* | ( cd $(DESTDIR)$(libdir); tar -xpf - ) mkdir -p '$(DESTDIR)$(libdir)/../temp/' +ifeq ($(with_obs), yes) rm -f $(DESTDIR)$(libdir)/libpcre* cp $(LIBOBS_LIB_PATH)/libpcre* '$(DESTDIR)$(libdir)/../temp/' mv $(DESTDIR)$(libdir)/../temp/* '$(DESTDIR)$(libdir)/' @@ -613,6 +622,7 @@ ifeq ($(enable_lite_mode), no) cp $(LIBOBS_LIB_PATH)/libiconv* '$(DESTDIR)$(libdir)/' cp $(LIBOBS_LIB_PATH)/OBS* '$(DESTDIR)$(libdir)/' cp $(LIBOBS_LIB_PATH)/libnghttp* '$(DESTDIR)$(libdir)/' +endif endif cp -d $(ZLIB_LIB_PATH)/libz* '$(DESTDIR)$(libdir)/' cp -d $(XGBOOST_LIB_PATH)/libxgboost* '$(DESTDIR)$(libdir)/' diff --git a/src/gausskernel/cbb/communication/libcomm_utils/libcomm_client_ssl.cpp b/src/gausskernel/cbb/communication/libcomm_utils/libcomm_client_ssl.cpp index 3676939e8451b789b4102701562b9571a234f9a2..47c72dc6d7e17c9c3e39937d8906e671b6f05773 100644 --- a/src/gausskernel/cbb/communication/libcomm_utils/libcomm_client_ssl.cpp +++ b/src/gausskernel/cbb/communication/libcomm_utils/libcomm_client_ssl.cpp @@ -15,7 +15,10 @@ static int g_nodeCount = 0; #include "openssl/ossl_typ.h" #include "openssl/x509.h" #include "openssl/crypto.h" +#if OPENSSL_VERSION_NUMBER >= 0x10100000L #include "openssl/sslerr.h" +#endif +#include "ssl/gs_openssl_client.h" #include "openssl/err.h" #include "cipher.h" diff --git a/src/gausskernel/cbb/communication/libcomm_utils/libcomm_server_ssl.cpp b/src/gausskernel/cbb/communication/libcomm_utils/libcomm_server_ssl.cpp index 0422c95da14ada7280e826f84fda3a8532bf4a0b..f192a8d01c731cbd2c1b0e8c82f93813cf7bf914 100644 --- a/src/gausskernel/cbb/communication/libcomm_utils/libcomm_server_ssl.cpp +++ b/src/gausskernel/cbb/communication/libcomm_utils/libcomm_server_ssl.cpp @@ -69,7 +69,10 @@ #include "openssl/ssl.h" #include "openssl/rand.h" #include "openssl/ossl_typ.h" +#if OPENSSL_VERSION_NUMBER >= 0x10100000L #include "openssl/sslerr.h" +#endif +#include "ssl/gs_openssl_client.h" #include "openssl/obj_mac.h" #include "openssl/dh.h" #include "openssl/bn.h" @@ -352,6 +355,7 @@ static BIO_METHOD* comm_ssl_get_BIO_socket(void) { static BIO_METHOD* my_bio_methods = NULL; if (my_bio_methods == NULL) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L int my_bio_index; my_bio_index = BIO_get_new_index(); @@ -375,6 +379,23 @@ static BIO_METHOD* comm_ssl_get_BIO_socket(void) my_bio_methods = NULL; return NULL; } +#else + BIO_METHOD *biom = (BIO_METHOD *)BIO_s_socket(); + if (biom == NULL) { + return NULL; + } + my_bio_methods = static_cast(malloc(sizeof(BIO_METHOD))); + if (!my_bio_methods) { + return NULL; + } + errno_t copy_result = memcpy_s(my_bio_methods, sizeof(BIO_METHOD), biom, sizeof(BIO_METHOD)); + if (copy_result != 0) { + free(my_bio_methods); + return NULL; + } + my_bio_methods->bread = my_sock_read; + my_bio_methods->bwrite = my_sock_write; +#endif } return my_bio_methods; } @@ -548,46 +569,51 @@ aloop: */ static DH* comm_ssl_genDHKeyPair(COMM_SSL_DHKeyLength dhType) { - int ret = 0; DH* dh = NULL; - BIGNUM* bn_prime = NULL; - unsigned char GENERATOR_2[] = {DH_GENERATOR_2}; - BIGNUM* bn_genenrator_2 = BN_bin2bn(GENERATOR_2, sizeof(GENERATOR_2), NULL); - if (bn_genenrator_2 == NULL) { + BIGNUM *bn_prime = NULL; + BIGNUM *bn_generator_2 = NULL; + int ret; + +#if OPENSSL_VERSION_NUMBER < 0x10100000L + typedef BIGNUM* (*BN_PrimeFunc)(BIGNUM*); + static const BN_PrimeFunc BN_FUNC[] = { + get_rfc2409_prime_768, + get_rfc2409_prime_1024, + get_rfc3526_prime_1536, + get_rfc3526_prime_2048, + get_rfc3526_prime_3072, + get_rfc3526_prime_4096, + get_rfc3526_prime_6144, + get_rfc3526_prime_8192 + }; +#else + typedef BIGNUM* (*BN_PrimeFunc)(BIGNUM*); + static const BN_PrimeFunc BN_FUNC[] = { + BN_get_rfc2409_prime_768, + BN_get_rfc2409_prime_1024, + BN_get_rfc3526_prime_1536, + BN_get_rfc3526_prime_2048, + BN_get_rfc3526_prime_3072, + BN_get_rfc3526_prime_4096, + BN_get_rfc3526_prime_6144, + BN_get_rfc3526_prime_8192 + }; +#endif + + const int dhTypeMax = sizeof(BN_FUNC) / sizeof(BN_FUNC[0]) - 1; + if (dhType < 0 || dhType > dhTypeMax) { return NULL; } - switch (dhType) { - case DHKey768: - bn_prime = BN_get_rfc2409_prime_768(NULL); - break; - case DHKey1024: - bn_prime = BN_get_rfc2409_prime_1024(NULL); - break; - case DHKey1536: - bn_prime = BN_get_rfc3526_prime_1536(NULL); - break; - case DHKey2048: - bn_prime = BN_get_rfc3526_prime_2048(NULL); - break; - case DHKey3072: - bn_prime = BN_get_rfc3526_prime_3072(NULL); - break; - case DHKey4096: - bn_prime = BN_get_rfc3526_prime_4096(NULL); - break; - case DHKey6144: - bn_prime = BN_get_rfc3526_prime_6144(NULL); - break; - case DHKey8192: - bn_prime = BN_get_rfc3526_prime_8192(NULL); - break; - default: - break; + unsigned char generator_bin[] = {DH_GENERATOR_2}; + bn_generator_2 = BN_bin2bn(generator_bin, sizeof(generator_bin), NULL); + if (!bn_generator_2) { + return NULL; } - if (bn_prime == NULL) { - BN_free(bn_genenrator_2); + bn_prime = BN_FUNC[dhType](NULL); + if (!bn_prime) { + BN_free(bn_generator_2); return NULL; } @@ -598,16 +624,13 @@ static DH* comm_ssl_genDHKeyPair(COMM_SSL_DHKeyLength dhType) return NULL; } - ret = DH_set0_pqg(dh, bn_prime, NULL, bn_genenrator_2); - if (!ret) { - BN_free(bn_prime); - BN_free(bn_genenrator_2); - DH_free(dh); - return NULL; + if (!DH_set0_pqg(dh, bn_prime, NULL, bn_generator_2)) { + goto error_cleanup; } + bn_prime = NULL; + bn_generator_2 = NULL; - ret = DH_generate_key(dh); - if (!ret) { + if (!DH_generate_key(dh)) { BN_free(bn_prime); BN_free(bn_genenrator_2); DH_free(dh); @@ -615,6 +638,12 @@ static DH* comm_ssl_genDHKeyPair(COMM_SSL_DHKeyLength dhType) } return dh; + +error_cleanup: + BN_free(bn_prime); + BN_free(bn_generator_2); + DH_free(dh); + return NULL; } /* @@ -821,7 +850,7 @@ void comm_initialize_SSL() } SSL_load_error_strings(); - g_instance.attr.attr_network.SSL_server_context = SSL_CTX_new(TLS_method()); + g_instance.attr.attr_network.SSL_server_context = SSL_CTX_new(SSLv23_method()); if (!g_instance.attr.attr_network.SSL_server_context) { LIBCOMM_ELOG(WARNING, "In comm_initialize_SSL, could not create SSL context"); Assert(0); diff --git a/src/gausskernel/cbb/utils/aes/aes.cpp b/src/gausskernel/cbb/utils/aes/aes.cpp index 7235ae4f457d43e136fe94553f345f09f18a60a4..967e7cbca8c198d527fbb5b5083a1905cbc035c4 100644 --- a/src/gausskernel/cbb/utils/aes/aes.cpp +++ b/src/gausskernel/cbb/utils/aes/aes.cpp @@ -52,7 +52,7 @@ bool init_aes_vector_random(GS_UCHAR* aes_vector, size_t vector_len) int retval = 0; GS_UCHAR random_vector[RANDOM_LEN] = {0}; - retval = RAND_priv_bytes(random_vector, RANDOM_LEN); + retval = RAND_bytes(random_vector, RANDOM_LEN); if (retval != 1) { errorno = memset_s(random_vector, RANDOM_LEN, '\0', RANDOM_LEN); securec_check_c(errorno, "", ""); diff --git a/src/gausskernel/cbb/utils/aes/cipherfn.cpp b/src/gausskernel/cbb/utils/aes/cipherfn.cpp index fb8ad56a9ac49fd6ae12d7fff86cd7322a1ce4d1..7c82e88b0b223227ac950f4f5a4c9e13ac2a0aca 100644 --- a/src/gausskernel/cbb/utils/aes/cipherfn.cpp +++ b/src/gausskernel/cbb/utils/aes/cipherfn.cpp @@ -374,7 +374,7 @@ bool gs_encrypt_aes_128( if ((NULL == g_prefix && NULL == g_key && NULL == g_vector) || (NULL != g_prefix && is_prefix_in_key_mode((const char*)g_prefix))) { /* get a random values as salt for encrypt */ - retval = RAND_priv_bytes(init_rand, RANDOM_LEN); + retval = RAND_bytes(init_rand, RANDOM_LEN); if (retval != 1) { (void)fprintf(stderr, _("generate random key failed, errcode:%u\n"), retval); return false; @@ -710,7 +710,7 @@ bool gs_encrypt_aes_speed(GS_UCHAR* plaintext, GS_UCHAR* key, GS_UCHAR* cipherte if (random_salt_tag == false || random_salt_count > random_salt_count_max) { /* get a random values as salt for encrypt */ - retval = RAND_priv_bytes(init_rand, RANDOM_LEN); + retval = RAND_bytes(init_rand, RANDOM_LEN); if (retval != 1) { (void)fprintf(stderr, _("generate random key failed,errcode:%u\n"), retval); return false; @@ -2001,7 +2001,7 @@ static bool gs_encrypt_sm4_function(FunctionCallInfo fcinfo, text** outtext) securec_check(errorno, "\0", "\0"); pfree_ext(key); - ret = RAND_priv_bytes(userIv, SM4_IV_LENGTH); + ret = RAND_bytes(userIv, SM4_IV_LENGTH); if (ret != 1) { errorno = memset_s(userIv, SM4_IV_LENGTH, '\0', SM4_IV_LENGTH); securec_check(errorno, "", ""); diff --git a/src/gausskernel/cbb/utils/aes/evp_cipher.cpp b/src/gausskernel/cbb/utils/aes/evp_cipher.cpp index aa38af4202f386555db07e095f23842d076cc19d..4e7b1668c8b46c18bb70705e5b007baab5f19f6e 100644 --- a/src/gausskernel/cbb/utils/aes/evp_cipher.cpp +++ b/src/gausskernel/cbb/utils/aes/evp_cipher.cpp @@ -26,10 +26,15 @@ #include #include #include + #include "postgres.h" + #include "knl/knl_variable.h" + #include "utils/evp_cipher.h" +#include "ssl/gs_openssl_client.h" + #define SM4_ENGINE_ID "kae"; THR_LOCAL ENGINE* g_engine = NULL; THR_LOCAL bool g_init_engine = false; @@ -43,10 +48,21 @@ ENGINE* init_cipher_engine() const char* id = SM4_ENGINE_ID; /* OPENSSL_init_crypto return 1 on success or 0 on error */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L + OPENSSL_config(NULL); + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); + if (ERR_peek_error() != 0) { + ereport(LOG, (errmsg("OpenSSL config failed for %s hardware driver", id))); + return NULL; + } +#else if (OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL) == 0) { ereport(LOG, (errmsg("OpenSSL init crypto failed for %s hardware driver", id))); return NULL; } +#endif g_engine = ENGINE_by_id(id); g_init_engine = true; return g_engine; diff --git a/src/gausskernel/cbb/utils/ssl/gs_openssl_client.cpp b/src/gausskernel/cbb/utils/ssl/gs_openssl_client.cpp index 82998bf08378817c9077a7375b753db0d67187ae..cbb5c0c68ec9ce3e3f5fe7e5575d06511b3c2f75 100644 --- a/src/gausskernel/cbb/utils/ssl/gs_openssl_client.cpp +++ b/src/gausskernel/cbb/utils/ssl/gs_openssl_client.cpp @@ -34,6 +34,7 @@ #include "openssl/ssl.h" #include "openssl/err.h" +#include "ssl/gs_openssl_client.h" #include "openssl/ossl_typ.h" #include "openssl/x509.h" #include "openssl/asn1.h" diff --git a/src/gausskernel/optimizer/commands/CMakeLists.txt b/src/gausskernel/optimizer/commands/CMakeLists.txt index 904feadf82747334d425fba69a3124e457990882..3be5dedb029d975e8765dc2a3d748a5188da56f4 100755 --- a/src/gausskernel/optimizer/commands/CMakeLists.txt +++ b/src/gausskernel/optimizer/commands/CMakeLists.txt @@ -1,7 +1,7 @@ #This is the main CMAKE for build all components. AUX_SOURCE_DIRECTORY(${CMAKE_CURRENT_SOURCE_DIR} TGT_commands_SRC) -if("${ENABLE_LITE_MODE}" STREQUAL "ON") +if("${ENABLE_LITE_MODE}" STREQUAL "ON" OR NOT "${ENABLE_OBS}" STREQUAL "ON") list(REMOVE_ITEM TGT_commands_SRC ${CMAKE_CURRENT_SOURCE_DIR}/obs_stream.cpp) endif() diff --git a/src/gausskernel/optimizer/commands/Makefile b/src/gausskernel/optimizer/commands/Makefile index 46d7bf245fda46dccde51a12f851130337f8f085..03ba670a419c42c3c1cfed0efe08829203b3c40c 100644 --- a/src/gausskernel/optimizer/commands/Makefile +++ b/src/gausskernel/optimizer/commands/Makefile @@ -32,7 +32,9 @@ OBJS = aggregatecmds.o alter.o amcmds.o analyze.o async.o cluster.o comment.o \ eventcmds.o ddldeparse.o ddljson.o auto_parameterization.o ifeq ($(enable_lite_mode), no) -OBJS += obs_stream.o +ifeq ($(with_obs), yes) + OBJS += obs_stream.o +endif endif include $(top_srcdir)/src/gausskernel/common.mk diff --git a/src/gausskernel/optimizer/commands/copy.cpp b/src/gausskernel/optimizer/commands/copy.cpp index f40e9a4182df30409b67fcd9ba2cc65c07552c70..90cc43bf002278cff428bb46095a196ac4490a73 100644 --- a/src/gausskernel/optimizer/commands/copy.cpp +++ b/src/gausskernel/optimizer/commands/copy.cpp @@ -6835,12 +6835,14 @@ retry: if (cstate->mode == MODE_NORMAL) { if (cstate->filename && is_obs_protocol(cstate->filename)) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (getNextOBS(cstate)) { cstate->eol_type = EOL_UNKNOWN; goto retry; } #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else { if (getNextGDS(cstate)) { @@ -9656,6 +9658,7 @@ void bulkloadFuncFactory(CopyState cstate) case MODE_NORMAL: /* for GDS oriented dist import */ if (is_obs_protocol(cstate->filename)) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* Attache working house routines for OBS oriented dist import */ func.initBulkLoad = initOBSModeState; func.endBulkLoad = endOBSModeBulkLoad; @@ -9664,6 +9667,7 @@ void bulkloadFuncFactory(CopyState cstate) getNextCopyFunc = getNextOBS; #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else { /* Attache working house routines for GDS oriented dist import */ @@ -9731,6 +9735,7 @@ CopyState beginExport( if (is_obs_protocol(filename)) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* Fetch OBS write only table related attribtues */ getOBSOptions(&cstate->obs_copy_options, options); @@ -9749,6 +9754,7 @@ CopyState beginExport( initOBSModeState(cstate, object_path, tasklist); #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else { initNormalModeState(cstate, filename, tasklist); @@ -9913,6 +9919,7 @@ void endExport(CopyState cstate) } } else if (cstate->copy_dest == COPY_OBS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (IS_PGXC_DATANODE) { if (cstate->outBuffer->len > 0) RemoteExportFlushData(cstate); @@ -9922,6 +9929,7 @@ void endExport(CopyState cstate) } #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else exportDeinitOutBuffer(cstate); diff --git a/src/gausskernel/optimizer/commands/user.cpp b/src/gausskernel/optimizer/commands/user.cpp index f270d02f9dea4c8522c743e3de167eb6ab765287..d6ea8d480bf5ea0c52b8f35d362fb97259c232ea 100755 --- a/src/gausskernel/optimizer/commands/user.cpp +++ b/src/gausskernel/optimizer/commands/user.cpp @@ -1310,7 +1310,7 @@ Oid CreateRole(CreateRoleStmt* stmt) } if (password != NULL) { - retval = RAND_priv_bytes((unsigned char*)salt_bytes, (GS_UINT32)SALT_LENGTH); + retval = RAND_bytes((unsigned char*)salt_bytes, (GS_UINT32)SALT_LENGTH); if (retval != 1) { str_reset(password); ereport(ERROR, @@ -2864,7 +2864,7 @@ Oid AlterRole(AlterRoleStmt* stmt) errcause("Password contain invalid characters."), erraction("Use valid characters in password."))); } - retval = RAND_priv_bytes((unsigned char*)salt_bytes, (GS_UINT32)SALT_LENGTH); + retval = RAND_bytes((unsigned char*)salt_bytes, (GS_UINT32)SALT_LENGTH); if (retval != 1) { str_reset(password); str_reset(replPasswd); diff --git a/src/gausskernel/process/postmaster/CMakeLists.txt b/src/gausskernel/process/postmaster/CMakeLists.txt index 2c11cc2b635814fe376262e11927df28530fa0cd..093598af488bef8dcfd47fb0ddf3013c8004fe8e 100755 --- a/src/gausskernel/process/postmaster/CMakeLists.txt +++ b/src/gausskernel/process/postmaster/CMakeLists.txt @@ -1,10 +1,14 @@ #This is the main CMAKE for build bin. AUX_SOURCE_DIRECTORY(${CMAKE_CURRENT_SOURCE_DIR} TGT_postmaster_SRC) -if("${ENABLE_LITE_MODE}" STREQUAL "ON") +if("${ENABLE_LITE_MODE}" STREQUAL "ON" OR NOT "${ENABLE_OBS}" STREQUAL "ON") list(REMOVE_ITEM TGT_postmaster_SRC ${CMAKE_CURRENT_SOURCE_DIR}/barrier_creator.cpp ${CMAKE_CURRENT_SOURCE_DIR}/barrier_arch.cpp + ) +endif() +if("${ENABLE_LITE_MODE}" STREQUAL "ON") + list(REMOVE_ITEM TGT_postmaster_SRC ${CMAKE_CURRENT_SOURCE_DIR}/aiocompleter.cpp ) endif() diff --git a/src/gausskernel/process/postmaster/Makefile b/src/gausskernel/process/postmaster/Makefile index fc85d6d2d8ca91e28909cdacd0158e9aa4f7c417..68903046e52b4b6e0a4535ba0507c03c3ff7e17a 100644 --- a/src/gausskernel/process/postmaster/Makefile +++ b/src/gausskernel/process/postmaster/Makefile @@ -38,7 +38,10 @@ OBJS = autovacuum.o bgwriter.o fork_process.o pgarch.o pgstat.o og_record_time.o bgworker.o $(top_builddir)/src/lib/config/libconfig.a ifeq ($(enable_lite_mode), no) -OBJS += barrier_creator.o barrier_preparse.o barrier_arch.o aiocompleter.o +OBJS += aiocompleter.o barrier_preparse.o +ifeq ($(with_obs), yes) +OBJS += barrier_creator.o barrier_arch.o +endif endif include $(top_srcdir)/src/gausskernel/common.mk diff --git a/src/gausskernel/process/postmaster/pgarch.cpp b/src/gausskernel/process/postmaster/pgarch.cpp index 1cc4504021ebb6620a667f4865405a91c89af6b1..af88a9902ecc1383175e9311911ca282a9c710e7 100755 --- a/src/gausskernel/process/postmaster/pgarch.cpp +++ b/src/gausskernel/process/postmaster/pgarch.cpp @@ -110,6 +110,7 @@ static bool pgarch_readyXlog(char* xlog, int xlog_length); static void pgarch_archiveDone(const char* xlog); static void archKill(int code, Datum arg); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS static void pgarch_archiveRoachForPitrStandby(); static bool pgarch_archiveRoachForPitrMaster(XLogRecPtr targetLsn); static bool pgarch_archiveRoachForCoordinator(XLogRecPtr targetLsn); @@ -118,6 +119,7 @@ typedef bool(*doArchive)(XLogRecPtr); static void pgarch_ArchiverObsCopyLoop(XLogRecPtr flushPtr, doArchive fun); static void InitArchiverLastTaskLsn(ArchiveSlotConfig* obs_archive_slot); #endif +#endif AlarmCheckResult DataInstArchChecker(Alarm* alarm, AlarmAdditionalParam* additionalParam) { @@ -243,7 +245,9 @@ NON_EXEC_STATIC void PgArchiverMain(knl_thread_arg* arg) setObsArchLatch(&t_thrd.arch.mainloop_latch); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS InitArchiverLastTaskLsn(NULL); +#endif #endif pgarch_MainLoop(); @@ -339,8 +343,10 @@ static void pgarch_MainLoop(void) gettimeofday(&last_copy_time, NULL); bool time_to_stop = false; #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS doArchive fun = NULL; const int millitosec = 1000; +#endif #endif /* @@ -394,6 +400,7 @@ static void pgarch_MainLoop(void) break; } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS load_server_mode(); if (IsServerModeStandby()) { @@ -412,12 +419,14 @@ static void pgarch_MainLoop(void) TIME_GET_MILLISEC(last_copy_time)); } } +#endif #endif /* Do what we're here for */ if (t_thrd.arch.wakened || time_to_stop) { t_thrd.arch.wakened = false; #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS obs_archive_slot = getArchiveReplicationSlot(); if (obs_archive_slot != NULL && !IsServerModeStandby()) { gettimeofday(&curtime, NULL); @@ -474,11 +483,14 @@ static void pgarch_MainLoop(void) pgarch_ArchiverObsCopyLoop(flushPtr, fun); } } else { +#endif #endif pgarch_ArchiverCopyLoop(); gettimeofday(&last_copy_time, NULL); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS } +#endif #endif } @@ -685,6 +697,7 @@ static inline void UpdateArchivedLsn(XLogRecPtr targetLsn) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* * pgarch_ArchiverObsCopyLoop * @@ -768,6 +781,7 @@ static void pgarch_ArchiverObsCopyLoop(XLogRecPtr flushPtr, doArchive fun) } while (XLByteLT(t_thrd.arch.pitr_task_last_lsn, flushPtr)); } #endif +#endif /* * pgarch_archiveXlog @@ -1028,6 +1042,7 @@ static void archKill(int code, Datum arg) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* * pgarch_archiveRoachForPitrStandby * get signal from walreceiver, fork a roach process to archive xlog @@ -1304,3 +1319,4 @@ static void InitArchiverLastTaskLsn(ArchiveSlotConfig* obs_archive_slot) } #endif +#endif diff --git a/src/gausskernel/process/postmaster/postmaster.cpp b/src/gausskernel/process/postmaster/postmaster.cpp index 9b9b526e2a29ddc211742767ed886c9c083dbe22..a60e0aca19bd3c8e4919b837f6e287245c294aee 100644 --- a/src/gausskernel/process/postmaster/postmaster.cpp +++ b/src/gausskernel/process/postmaster/postmaster.cpp @@ -231,7 +231,7 @@ #include "distributelayer/streamMain.h" #include "distributelayer/streamProducer.h" -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) #include "eSDKOBS.h" #endif #include "cjson/cJSON.h" @@ -1879,7 +1879,7 @@ int PostmasterMain(int argc, char* argv[]) */ initialize_feature_flags(); -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) /* * @OBS * Create a global OBS CA object shared among threads @@ -3010,8 +3010,10 @@ int PostmasterMain(int argc, char* argv[]) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (g_instance.attr.attr_storage.enable_adio_function) AioResourceInitialize(); +#endif #endif /* start alarm checker thread. */ @@ -5618,10 +5620,10 @@ static Port* ConnCreate(int serverFd, int idx) * need 'em or not, but we must do the random() calls before we fork, not * after. Else the postmaster's random sequence won't get advanced, and * all backends would end up using the same salt... - * Use openssl RAND_priv_bytes interface to generate random salt, cast char to + * Use openssl RAND_bytes interface to generate random salt, cast char to * unsigned char here. */ - int retval = RAND_priv_bytes((unsigned char*)port->md5Salt, sizeof(port->md5Salt)); + int retval = RAND_bytes((unsigned char*)port->md5Salt, sizeof(port->md5Salt)); if (retval != 1) { ereport(ERROR, (errmsg("Failed to Generate the random number,errcode:%d", retval))); } @@ -6378,6 +6380,7 @@ static void pmdie(SIGNAL_ARGS) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (g_instance.pid_cxt.BarrierCreatorPID != 0) { barrier_creator_thread_shutdown(); signal_child(g_instance.pid_cxt.BarrierCreatorPID, SIGTERM); @@ -6391,6 +6394,7 @@ static void pmdie(SIGNAL_ARGS) } } #endif +#endif #ifdef ENABLE_MULTIPLE_NODES if (g_instance.pid_cxt.CsnminSyncPID != 0) { @@ -6826,11 +6830,13 @@ static void ProcessDemoteRequest(void) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (g_instance.pid_cxt.BarrierCreatorPID != 0) { barrier_creator_thread_shutdown(); signal_child(g_instance.pid_cxt.BarrierCreatorPID, SIGTERM); } #endif +#endif #ifdef ENABLE_MULTIPLE_NODES if (g_instance.pid_cxt.CsnminSyncPID != 0) { @@ -8591,11 +8597,13 @@ static void PostmasterStateMachineReadOnly(void) signal_child(g_instance.pid_cxt.HeartbeatPID, SIGTERM); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (g_instance.pid_cxt.BarrierCreatorPID != 0) { barrier_creator_thread_shutdown(); signal_child(g_instance.pid_cxt.BarrierCreatorPID, SIGTERM); } #endif +#endif #ifdef ENABLE_MULTIPLE_NODES if (g_instance.pid_cxt.CsnminSyncPID != 0) { csnminsync_thread_shutdown(); @@ -9779,7 +9787,7 @@ void ExitPostmaster(int status) CloseGaussPidDir(); -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) obs_deinitialize(); #endif @@ -14876,6 +14884,7 @@ int GaussDbThreadMain(knl_thread_arg* arg) } break; #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS case BARRIER_CREATOR: { if (START_BARRIER_CREATOR) { t_thrd.proc_cxt.MyPMChildSlot = AssignPostmasterChildSlot(); @@ -14901,6 +14910,7 @@ int GaussDbThreadMain(knl_thread_arg* arg) } } break; #endif +#endif #ifdef ENABLE_MULTIPLE_NODES case COMM_POOLER_CLEAN: { diff --git a/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp b/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp index 8528473e04f195651aa5821b3a5948ecd1cd85dd..ebdbf921722722d8893701077612ada6d76e1d21 100644 --- a/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp +++ b/src/gausskernel/security/keymgr/encrypt/security_aead_aes_hmac_enc_key.cpp @@ -47,6 +47,16 @@ const unsigned char *AeadAesHamcEncKey::g_iv_key_salt_format = const int RAND_COUNT = 100; +#ifdef ENABLE_OPENSSL3 +void HmacCtxGroup::free_hmac_ctx(HMAC_CTX** ctx_tmp) const +{ + if (*ctx_tmp != NULL) { + HMAC_CTX_free(*ctx_tmp); + *ctx_tmp = NULL; + } +} +#endif + /* Derives all the required keys from the given root key */ AeadAesHamcEncKey::AeadAesHamcEncKey(unsigned char *root_key, size_t root_key_size) { @@ -90,7 +100,7 @@ bool AeadAesHamcEncKey::generate_root_key(unsigned char *key, size_t &keySize) while (r_count++ < RAND_COUNT) { is_ok = true; - if (RAND_priv_bytes(key, MAX_SIZE) != 1) { + if (RAND_bytes(key, MAX_SIZE) != 1) { keySize = 0; printf("ERROR(CLIENT):Generate random key failed.\n"); return false; diff --git a/src/gausskernel/security/keymgr/encrypt/security_encrypt_decrypt.cpp b/src/gausskernel/security/keymgr/encrypt/security_encrypt_decrypt.cpp index 5564ae25977da70af7607dd95f8b8690689ebec9..42462c3a77336ca3e664d47bf9edbfa9f0598bbc 100644 --- a/src/gausskernel/security/keymgr/encrypt/security_encrypt_decrypt.cpp +++ b/src/gausskernel/security/keymgr/encrypt/security_encrypt_decrypt.cpp @@ -26,6 +26,7 @@ #include "openssl/rand.h" #include "openssl/err.h" +#include "ssl/gs_openssl_client.h" #include #include #include "keymgr/encrypt/security_encrypt_decrypt.h" @@ -218,11 +219,12 @@ static bool sm3(const unsigned char *data, int datalen, unsigned char *result) printf("ERROR(CLIENT): Fail to create the context in sm3 algorithm.\n"); return false; } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L if (!EVP_DigestInit_ex(md_ctx, EVP_sm3(), NULL)) { printf("ERROR(CLIENT): Fail to initialise the context in sm3 algorithm.\n"); EVP_MD_CTX_free(md_ctx); return false; - } +#endif if (!EVP_DigestUpdate(md_ctx, data, (size_t)datalen)) { printf("ERROR(CLIENT): Fail to compute digest in sm3 algorithm.\n"); EVP_MD_CTX_free(md_ctx); @@ -350,7 +352,7 @@ int encrypt_data(unsigned char *plain_text, int plain_text_length, AeadAesHamcEn return 0; } - if (RAND_priv_bytes(iv_truncated, g_block_size) != 1) { + if (RAND_bytes(iv_truncated, g_block_size) != 1) { return 0; } } diff --git a/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp b/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp index 01e9b59c90f2cadc19866d66e07b2ae58558936f..9ad03a2234c0518bc73d7124de46af22d5b2264c 100644 --- a/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp +++ b/src/gausskernel/security/keymgr/encrypt/security_sm2_enc_key.cpp @@ -32,6 +32,7 @@ #include "openssl/bn.h" #include "openssl/crypto.h" #include "openssl/err.h" +#include "ssl/gs_openssl_client.h" #include #include #include "keymgr/encrypt/security_sm2_enc_key.h" @@ -163,12 +164,14 @@ CmkemErrCode encrypt_with_sm2_pubkey(CmkemUStr *plain, CmkemUStr *pub_key, Cmkem return CMKEM_EVP_ERR; } +#ifndef ENABLE_OPENSSL3 ret = EVP_PKEY_set_alias_type(public_evp_key, EVP_PKEY_SM2); if (ret != 1) { cmkem_errmsg("EVP_PKEY_set_alias_type to EVP_PKEY_SM2 failed!"); EVP_PKEY_free(public_evp_key); return CMKEM_EVP_ERR; } +#endif /* do cipher. */ ctx = EVP_PKEY_CTX_new(public_evp_key, NULL); @@ -253,12 +256,14 @@ CmkemErrCode decrypt_with_sm2_privkey(CmkemUStr *cipher, CmkemUStr *priv_key, Cm return CMKEM_EVP_ERR; } +#ifndef ENABLE_OPENSSL3 ret = EVP_PKEY_set_alias_type(private_evp_key, EVP_PKEY_SM2); if (ret != 1) { cmkem_errmsg("EVP_PKEY_set_alias_type to EVP_PKEY_SM2 failed!"); EVP_PKEY_free(private_evp_key); return CMKEM_EVP_ERR; } +#endif /* do cipher. */ ctx = EVP_PKEY_CTX_new(private_evp_key, NULL); diff --git a/src/gausskernel/security/keymgr/localkms/security_file_enc.cpp b/src/gausskernel/security/keymgr/localkms/security_file_enc.cpp index 5802260027ae39e20a414d35a2ac4612160a7a09..96a59e6014f5b169de8039ee66993982a484e987 100644 --- a/src/gausskernel/security/keymgr/localkms/security_file_enc.cpp +++ b/src/gausskernel/security/keymgr/localkms/security_file_enc.cpp @@ -225,7 +225,7 @@ CmkemErrCode encrypt_and_write_key(const char *key_file_path, CmkemUStr *key_pla errno_t rc = 0; CmkemErrCode ret = CMKEM_SUCCEED; - if (RAND_priv_bytes(iv, sizeof(iv)) != 1 || RAND_priv_bytes(salt, sizeof(salt)) != 1) { + if (RAND_bytes(iv, sizeof(iv)) != 1 || RAND_bytes(salt, sizeof(salt)) != 1) { return CMKEM_DERIVED_KEY_ERR; } diff --git a/src/gausskernel/storage/access/CMakeLists.txt b/src/gausskernel/storage/access/CMakeLists.txt index 6f3f78929d1fb286d41598d22a6f00d4be05398f..f4c935abeb0716881aaf17ea9055e9c6ca0ec03a 100755 --- a/src/gausskernel/storage/access/CMakeLists.txt +++ b/src/gausskernel/storage/access/CMakeLists.txt @@ -26,7 +26,7 @@ set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/datavec ) -if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON") +if(NOT "${ENABLE_LITE_MODE}" STREQUAL "ON" AND "${ENABLE_OBS}" STREQUAL "ON") list(APPEND CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/archive ) diff --git a/src/gausskernel/storage/access/Makefile b/src/gausskernel/storage/access/Makefile index fe5b2c81d43e306b5fc323938e93c91f72413a62..6caa2b446727616618d1a709ca7c12c0a9a7836c 100644 --- a/src/gausskernel/storage/access/Makefile +++ b/src/gausskernel/storage/access/Makefile @@ -4,7 +4,9 @@ include $(top_builddir)/src/Makefile.global SUBDIRS = cbtree common heap index nbtree ubtree psort rmgrdesc transam obs hash spgist gist gin hbstore redo table ustore datavec ifeq ($(enable_lite_mode), no) -SUBDIRS += archive +ifeq ($(with_obs), yes) + SUBDIRS += archive +endif endif include $(top_srcdir)/src/gausskernel/common.mk diff --git a/src/gausskernel/storage/access/archive/archive_am.cpp b/src/gausskernel/storage/access/archive/archive_am.cpp index 9d6280ef085841f6ab722f69509b9996e4aaaf49..6c1a74811160ae7b51f411227a0c5d1073a1096b 100644 --- a/src/gausskernel/storage/access/archive/archive_am.cpp +++ b/src/gausskernel/storage/access/archive/archive_am.cpp @@ -30,12 +30,13 @@ size_t ArchiveRead(const char* fileName, const int offset, char *buffer, const i if (archive_config == NULL) { return 0; } +#ifdef ENABLE_OBS if (archive_config->media_type == ARCHIVE_OBS) { return obsRead(fileName, offset, buffer, length, archive_config); } else if (archive_config->media_type == ARCHIVE_NAS) { return NasRead(fileName, offset, buffer, length, archive_config); } - +#endif return 0; } @@ -46,12 +47,13 @@ int ArchiveWrite(const char* fileName, const char *buffer, const int bufferLengt return ret; } +#ifdef ENABLE_OBS if (archive_config->media_type == ARCHIVE_OBS) { ret = obsWrite(fileName, buffer, bufferLength, archive_config); } else if (archive_config->media_type == ARCHIVE_NAS) { ret = NasWrite(fileName, buffer, bufferLength, archive_config); } - +#endif return ret; } @@ -61,13 +63,13 @@ int ArchiveDelete(const char* fileName, ArchiveConfig *archive_config) if (archive_config == NULL) { return ret; } - +#ifdef ENABLE_OBS if (archive_config->media_type == ARCHIVE_OBS) { ret = obsDelete(fileName, archive_config); } else if (archive_config->media_type == ARCHIVE_NAS) { ret = NasDelete(fileName, archive_config); } - +#endif return ret; } @@ -77,13 +79,13 @@ List* ArchiveList(const char* prefix, ArchiveConfig *archive_config, bool report if (archive_config == NULL) { return fileNameList; } - +#ifdef ENABLE_OBS if (archive_config->media_type == ARCHIVE_OBS) { fileNameList = obsList(prefix, archive_config, reportError, shortenConnTime); } else if (archive_config->media_type == ARCHIVE_NAS) { fileNameList = NasList(prefix, archive_config); } - +#endif return fileNameList; } @@ -94,12 +96,12 @@ bool ArchiveFileExist(const char* file_path, ArchiveConfig *archive_config) ereport(WARNING, (errmsg("when check file exist, the archive config is null"))); return ret; } - +#ifdef ENABLE_OBS if (archive_config->media_type == ARCHIVE_OBS) { ret = checkOBSFileExist(file_path, archive_config); } else if (archive_config->media_type == ARCHIVE_NAS) { ret = checkNASFileExist(file_path, archive_config); } - +#endif return ret; } diff --git a/src/gausskernel/storage/access/obs/obs_am.cpp b/src/gausskernel/storage/access/obs/obs_am.cpp index b99a3a616d713109ae6c66a4935f83e0f0c9dbcf..cbbd5d893d73c47d4324c5414ec6f75b2f764aa9 100755 --- a/src/gausskernel/storage/access/obs/obs_am.cpp +++ b/src/gausskernel/storage/access/obs/obs_am.cpp @@ -21,7 +21,7 @@ #define strpos(p, s) (strstr((p), (s)) != NULL ? strstr((p), (s)) - (p) : -1) #include "access/obs/obs_am.h" -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) #include "eSDKOBS.h" #endif @@ -235,7 +235,7 @@ FETCH_URL_ERROR2: errmsg("OBS URL's %s is not valid '%s'", invalid_element, folderName))); } -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) // Some Windows stuff #ifndef FOPEN_EXTRA_FLAGS #define FOPEN_EXTRA_FLAGS "" @@ -625,7 +625,7 @@ static obs_status listServiceCallback(const char *ownerId, const char *bucketNam const char *ownerDisplayName, void *callbackData) { /* Do nothing. */ - list_service_data *data = (list_service_data *)callbackData; + ListServiceData *data = (ListServiceData *)callbackData; statusG = data->ret_status; return OBS_STATUS_OK; @@ -1619,8 +1619,8 @@ void checkOBSServerValidity(char *hostName, char *ak, char *sk, bool encrypt) obs_options option; init_obs_options(&option); - list_service_data data; - (void)memset_s(&data, sizeof(list_service_data), 0, sizeof(list_service_data)); + ListServiceData data; + (void)memset_s(&data, sizeof(ListServiceData), 0, sizeof(ListServiceData)); data.allDetails = 1; if (0 == strncmp(sk, ENCRYPT_STR_PREFIX, strlen(ENCRYPT_STR_PREFIX))) { diff --git a/src/gausskernel/storage/access/transam/xlog.cpp b/src/gausskernel/storage/access/transam/xlog.cpp index 4f4618d1bd8f1a563ae73e3c923b6d6fbb0ace02..61edbc03ce6edcfca111a7090ac5e35e9d7ce86e 100755 --- a/src/gausskernel/storage/access/transam/xlog.cpp +++ b/src/gausskernel/storage/access/transam/xlog.cpp @@ -7744,6 +7744,7 @@ static bool recoveryStopsHere(XLogReaderState *record, bool *includeThis) #endif else if (XLogRecGetRmid(record) == RM_BARRIER_ID) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (record_info == XLOG_BARRIER_CREATE) { recordBarrierId = (char *)XLogRecGetData(record); ereport(u_sess->attr.attr_storage.HaModuleDebug ? LOG : DEBUG4, @@ -7753,6 +7754,7 @@ static bool recoveryStopsHere(XLogReaderState *record, bool *includeThis) } #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else if (XLogRecGetRmid(record) == RM_XLOG_ID) { if (record_info == XLOG_RESTORE_POINT) { @@ -10339,7 +10341,9 @@ void StartupXLOG(void) (uint32)t_thrd.xlog_cxt.ReadRecPtr))); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS update_stop_barrier(); +#endif #endif INSTR_TIME_SET_CURRENT(rec_startTime); g_instance.dms_cxt.SSReformInfo.redo_start_time = GetCurrentTimestamp(); diff --git a/src/gausskernel/storage/access/transam/xlogfuncs.cpp b/src/gausskernel/storage/access/transam/xlogfuncs.cpp index 520fb9982d4dbf4e508a69d69eb6661cc27b2159..5a735bdbf26b89d77e2352237656f07f0b858dec 100755 --- a/src/gausskernel/storage/access/transam/xlogfuncs.cpp +++ b/src/gausskernel/storage/access/transam/xlogfuncs.cpp @@ -1202,6 +1202,7 @@ Datum pg_get_flush_lsn(PG_FUNCTION_ARGS) Datum gs_set_obs_delete_location_with_slotname(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS char* lsnLocation = PG_GETARG_CSTRING(0); char* currentSlotName = PG_GETARG_CSTRING(1); @@ -1241,6 +1242,7 @@ Datum gs_set_obs_delete_location_with_slotname(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } /* @@ -1251,6 +1253,7 @@ Datum gs_set_obs_delete_location_with_slotname(PG_FUNCTION_ARGS) Datum gs_set_obs_delete_location(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS text *location = PG_GETARG_TEXT_P(0); char *locationstr = NULL; uint32 hi = 0; @@ -1292,11 +1295,13 @@ Datum gs_set_obs_delete_location(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } Datum gs_get_global_barrier_status(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS #define PG_GET_GLOBAL_BARRIER_STATUS_COLS 2 char globalBarrierId[MAX_BARRIER_ID_LENGTH] = {0}; char globalAchiveBarrierId[MAX_BARRIER_ID_LENGTH] = {0}; @@ -1392,11 +1397,13 @@ Datum gs_get_global_barrier_status(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_DATUM(0); #endif +#endif } Datum gs_get_global_barriers_status(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS #define PG_GET_GLOBAL_BARRIERS_STATUS_COLS 3 char globalBarrierId[MAX_BARRIER_ID_LENGTH] = {0}; char globalAchiveBarrierId[MAX_BARRIER_ID_LENGTH] = {0}; @@ -1519,6 +1526,7 @@ Datum gs_get_global_barriers_status(PG_FUNCTION_ARGS) tuplestore_donestoring(tupstore); #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif PG_RETURN_DATUM(0); } @@ -1607,6 +1615,7 @@ Datum gs_get_local_barrier_status(PG_FUNCTION_ARGS) Datum gs_hadr_do_switchover(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS #define TIME_GET_MILLISEC(t) (((long)(t).tv_sec * 1000) + ((long)(t).tv_usec) / 1000) uint64_t barrier_index = 0; int ret; @@ -1696,6 +1705,7 @@ Datum gs_hadr_do_switchover(PG_FUNCTION_ARGS) archiveSlotNames = NULL; #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif PG_RETURN_BOOL(true); } @@ -1743,6 +1753,7 @@ Datum gs_hadr_in_recovery(PG_FUNCTION_ARGS) Datum gs_upload_obs_file(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS char* slotname = PG_GETARG_CSTRING(0); char* src = PG_GETARG_CSTRING(1); char* dest = PG_GETARG_CSTRING(2); @@ -1780,6 +1791,7 @@ Datum gs_upload_obs_file(PG_FUNCTION_ARGS) } #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif PG_RETURN_VOID(); @@ -1788,6 +1800,7 @@ Datum gs_upload_obs_file(PG_FUNCTION_ARGS) Datum gs_download_obs_file(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS char* slotname = PG_GETARG_CSTRING(0); char* src = PG_GETARG_CSTRING(1); char* dest = PG_GETARG_CSTRING(2); @@ -1830,6 +1843,7 @@ Datum gs_download_obs_file(PG_FUNCTION_ARGS) } #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif PG_RETURN_VOID(); @@ -1838,6 +1852,7 @@ Datum gs_download_obs_file(PG_FUNCTION_ARGS) Datum gs_get_obs_file_context(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS char fileContext[MAXPGPATH] = {0}; size_t readLen = 0; char* setFileName = PG_GETARG_CSTRING(0); @@ -1882,11 +1897,13 @@ Datum gs_get_obs_file_context(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } Datum gs_set_obs_file_context(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS int ret = 0; char* setFileName = PG_GETARG_CSTRING(0); char* setFileContext = PG_GETARG_CSTRING(1); @@ -1922,11 +1939,13 @@ Datum gs_set_obs_file_context(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } Datum gs_get_hadr_key_cn(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS #define GS_GET_HADR_KEY_CN_COLS 4 bool needLocalKeyCn = false; char localKeyCn[MAXFNAMELEN] = {0}; @@ -2027,6 +2046,7 @@ Datum gs_get_hadr_key_cn(PG_FUNCTION_ARGS) tuplestore_donestoring(tupstore); #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif PG_RETURN_DATUM(0); } @@ -2177,6 +2197,7 @@ Datum gs_pitr_get_warning_for_xlog_force_recycle(PG_FUNCTION_ARGS) Datum gs_get_active_archiving_standby(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS int i; int rc; errno_t errorno = EOK; @@ -2269,6 +2290,7 @@ Datum gs_get_active_archiving_standby(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_DATUM(0); #endif +#endif } #ifndef ENABLE_LITE_MODE @@ -2287,6 +2309,7 @@ static bool checkIsDigit(const char* arg) Datum gs_pitr_clean_history_global_barriers(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS if (!superuser() && !(isOperatoradmin(GetUserId()) && u_sess->attr.attr_security.operation_mode)) { ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), (errmsg("Must be system admin or operator admin in operation mode to " @@ -2316,11 +2339,13 @@ Datum gs_pitr_clean_history_global_barriers(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } Datum gs_pitr_archive_slot_force_advance(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS XLogSegNo currArchslotSegNo; XLogRecPtr archiveSlotLocNow = InvalidXLogRecPtr; char location[MAXFNAMELEN]; @@ -2445,6 +2470,7 @@ Datum gs_pitr_archive_slot_force_advance(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_TEXT_P(NULL); #endif +#endif } Datum gs_get_standby_cluster_barrier_status(PG_FUNCTION_ARGS) diff --git a/src/gausskernel/storage/bulkload/dist_fdw.cpp b/src/gausskernel/storage/bulkload/dist_fdw.cpp index 216f312334462ed3339d565154038695acb5237c..6f41dfe83f9590d4a7887dd50fc5d81dadc84628 100644 --- a/src/gausskernel/storage/bulkload/dist_fdw.cpp +++ b/src/gausskernel/storage/bulkload/dist_fdw.cpp @@ -225,9 +225,11 @@ extern void VerifyEncoding(int encoding); extern void GetDistImportOptions(Oid relOid, DistImportPlanState *planstate, ForeignOptions *fOptions = NULL); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS static void assignOBSTaskToDataNode(List *urllist, List **totalTask, List *dnNames, DistImportPlanState *planstate, int64 *fileNum = NULL); #endif +#endif static void assignTaskToDataNodeInSharedMode(List *urllist, List **totalTask, List *dnNames); static void assignTaskToDataNodeInNormalMode(List *urllist, List **totalTask, List *dnNames, int dop); @@ -236,6 +238,7 @@ extern void decryptOBSForeignTableOption(List **options); List *getOBSFileList(List *urllist, bool encrypt, const char *access_key, const char *secret_access_key, bool isAnalyze); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* * In OBS parallel data loading case, we may have # of datanodes not * equal to # of objects, as one object can only be assign to one @@ -244,6 +247,7 @@ List *getOBSFileList(List *urllist, bool encrypt, const char *access_key, const */ static void assignOBSFileToDataNode(List *urllist, List **totalTask, List *dnNames); #endif +#endif /* * Foreign-data wrapper handler function: return a struct with pointers @@ -432,6 +436,7 @@ static bool distAnalyzeForeignTable(Relation relation, AcquireSampleRowsFunc *fu } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /** * @Description: Scheduler file for dist obs foreign table. * @in foreignTableId, the given foreign table Oid. @@ -483,6 +488,7 @@ List *CNSchedulingForDistOBSFt(Oid foreignTableId) return totalTask; } #endif +#endif /** * @Description: Build the related scanState information. @@ -1064,6 +1070,7 @@ List *assignFileSegmentList(List *segmentlist, List *dnNames) } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* * @Description: get all matched files in obs for each url * @IN urllist: obs url list @@ -1194,6 +1201,7 @@ static void assignOBSTaskToDataNode(List *urllist, List **totalTask, List *dnNam pfree(obs_file_list); } #endif +#endif /* * @Description: assign task to each data node in shared mode @@ -1312,11 +1320,13 @@ List *assignTaskToDataNode(List *urllist, ImportMode mode, List *nodeList, int d const char *first_url = strVal(lfirst(list_head(urllist))); if (is_obs_protocol(first_url)) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS assignOBSTaskToDataNode(urllist, &totalTask, dnNames, planstate, fileNum); list_free(dnNames); return totalTask; #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } diff --git a/src/gausskernel/storage/bulkload/foreignroutine.cpp b/src/gausskernel/storage/bulkload/foreignroutine.cpp index d57aa90e031dbd195b82a51fb03228bc4154dc64..6ade0b2da2513313b3da7ac4a7c3e822a9b021d1 100644 --- a/src/gausskernel/storage/bulkload/foreignroutine.cpp +++ b/src/gausskernel/storage/bulkload/foreignroutine.cpp @@ -1570,7 +1570,9 @@ retry: (void)ExecClearTuple(slot); MemoryContextReset(node->scanMcxt); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS SetObsMemoryContext(((CopyState)importState)->copycontext); +#endif #endif ReportIllegalCharExceptionThreshold(); diff --git a/src/gausskernel/storage/bulkload/parser.cpp b/src/gausskernel/storage/bulkload/parser.cpp index e716eb5e11d382a98f4058952f8e93798b1002c2..d8fdebdb363a81aec058c70e97dd21a147593566 100644 --- a/src/gausskernel/storage/bulkload/parser.cpp +++ b/src/gausskernel/storage/bulkload/parser.cpp @@ -99,10 +99,12 @@ static void GetFileHeader(WritableParser* self, const char* path); #define parser_securec_check_ss(rc) securec_check_ss(rc, "\0", "\0") #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS static size_t SourceRead_OBS(Source* self, void* buffer, size_t len); static bool SourceNext_OBS(Source* self); #endif #endif +#endif static Source* CreateSource(const FileList* files, SourceType sourcetype); static void DestroyParser(Parser* self); @@ -467,10 +469,12 @@ void Source::SourceInit(bool isWrite) #else if (m_sourcetype == SOURCE_TYPE_OBS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS SourceRead = SourceRead_OBS; SourceNext = SourceNext_OBS; #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); +#endif #endif } else { SourceRead = SourceRead_File; @@ -1303,11 +1307,13 @@ int GDS::LineBuffer::AppendLine(const char* buf, int buf_len, bool isComplete) } #else #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS /* for OBS, append the overload data in overload buffer */ SaveOverloadBuf(m_overload_buf, buf, buf_len, isComplete); #else FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); #endif +#endif #endif /* * Here the curent overload buffer is already done so the actual buf_len can be returned. @@ -1471,6 +1477,7 @@ int GDS::LineBuffer::SendOverloadBuf(evbuffer* dest, const char* buf, int buf_le #ifdef OBS_SERVER #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS static size_t SourceRead_OBS(Source* self, void* buffer, size_t len) { size_t nread = 0; @@ -1692,3 +1699,4 @@ void GDS::LineBuffer::SaveOverloadBuf(StringInfo dest, const char* buf, int buf_ } #endif #endif +#endif diff --git a/src/gausskernel/storage/bulkload/vecforeignroutine.cpp b/src/gausskernel/storage/bulkload/vecforeignroutine.cpp index f7e46dafa41e99f0c2e0d92a64909eb94e1c379b..bf2753829bb6c494e5e416989128e2ed413cd827 100644 --- a/src/gausskernel/storage/bulkload/vecforeignroutine.cpp +++ b/src/gausskernel/storage/bulkload/vecforeignroutine.cpp @@ -125,7 +125,9 @@ VectorBatch *distExecVecImport(VecForeignScanState *node) MemoryContextReset(scanMcxt); oldMemoryContext = MemoryContextSwitchTo(scanMcxt); #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS SetObsMemoryContext(((CopyState)importState)->copycontext); +#endif #endif for (batch->m_rows = 0; batch->m_rows < BatchMaxSize; batch->m_rows++) { retry: diff --git a/src/gausskernel/storage/page/bufpage.cpp b/src/gausskernel/storage/page/bufpage.cpp index 4b1a456c23d9e961ad3de1e4d9a1aba99c4515de..b6700fcf6d01b1b2dae81b51a6912e0c8783eeb4 100644 --- a/src/gausskernel/storage/page/bufpage.cpp +++ b/src/gausskernel/storage/page/bufpage.cpp @@ -331,7 +331,7 @@ char* PageDataEncryptIfNeed(Page page, TdeInfo* tde_info, bool need_copy, bool i Assert(!PageIsEncrypt(page)); plainLength = ((PageHeader)page)->pd_special - ((PageHeader)page)->pd_upper; - retval = RAND_priv_bytes(tde_info->iv, RANDOM_IV_LEN); + retval = RAND_bytes(tde_info->iv, RANDOM_IV_LEN); if (retval != 1) { ereport(WARNING, (errmodule(MOD_SEC_TDE), errmsg("generate random iv for tde failed, errcode:%d", retval))); return (char*)page; diff --git a/src/gausskernel/storage/replication/archive_walreceiver.cpp b/src/gausskernel/storage/replication/archive_walreceiver.cpp index 6af2c0b3f27be2bebe36220b9614b03df4131fcd..f7bae514dd260ac512febbcc7f104bbbddec46d3 100644 --- a/src/gausskernel/storage/replication/archive_walreceiver.cpp +++ b/src/gausskernel/storage/replication/archive_walreceiver.cpp @@ -37,6 +37,7 @@ #include "pgxc/pgxc.h" #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS #define CUR_OBS_FILE_VERSION 1 #define TIMEOUT_FOR_ARCHIVE_RECEIVER 600 @@ -1848,6 +1849,7 @@ char* DeleteStopBarrierRecordsOnMedia(long stopBarrierTimestamp, long endBarrier } return currOldestRecord; } +#endif #else bool archive_connect(char* conninfo, XLogRecPtr* startpoint, char* slotname, int channel_identifier) { diff --git a/src/gausskernel/storage/replication/slot.cpp b/src/gausskernel/storage/replication/slot.cpp index 401b7e4763f98024a142d475ea3d1f1e7ce49ac5..2754651967d3ff09605452e7abd6c92e4299ef89 100644 --- a/src/gausskernel/storage/replication/slot.cpp +++ b/src/gausskernel/storage/replication/slot.cpp @@ -2599,6 +2599,7 @@ void MarkArchiveSlotOperate() } #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS void get_hadr_cn_info(char* keyCn, bool* isExitKey, char* deleteCn, bool* isExitDelete, ArchiveSlotConfig *archive_conf) { @@ -2626,6 +2627,7 @@ void get_hadr_cn_info(char* keyCn, bool* isExitKey, char* deleteCn, bool* isExit } } #endif +#endif void GetReplslotPath(char *path) { diff --git a/src/gausskernel/storage/replication/slotfuncs.cpp b/src/gausskernel/storage/replication/slotfuncs.cpp index 0a335f8c078b08cb4038c087742f8f92e81cb17c..86d4141980494f9eed45f2899515082d29b315b1 100755 --- a/src/gausskernel/storage/replication/slotfuncs.cpp +++ b/src/gausskernel/storage/replication/slotfuncs.cpp @@ -268,6 +268,7 @@ Datum pg_create_physical_replication_slot(PG_FUNCTION_ARGS) Datum pg_create_physical_replication_slot_extern(PG_FUNCTION_ARGS) { #ifndef ENABLE_LITE_MODE +#ifdef ENABLE_OBS Name name = PG_GETARG_NAME(0); bool isDummyStandby = PG_GETARG_BOOL(1); XLogRecPtr currFlushPtr = InvalidXLogRecPtr; @@ -357,6 +358,7 @@ Datum pg_create_physical_replication_slot_extern(PG_FUNCTION_ARGS) FEATURE_ON_LITE_MODE_NOT_SUPPORTED(); PG_RETURN_DATUM(0); #endif +#endif } void create_logical_replication_slot(const Name name, Name plugin, bool isDummyStandby, Oid databaseId, diff --git a/src/include/access/obs/obs_am.h b/src/include/access/obs/obs_am.h index fc1aaec7b2ae73608611f7bec2e5dd3ce70e450c..4053661ceee8f95122365e5a0bba06b1869aac05 100755 --- a/src/include/access/obs/obs_am.h +++ b/src/include/access/obs/obs_am.h @@ -30,7 +30,7 @@ #include "nodes/pg_list.h" #include "storage/buf/buffile.h" #include "replication/slot.h" -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) #include "eSDKOBS.h" #endif @@ -132,7 +132,7 @@ typedef struct OBSReadWriteHandler { bool in_computing; /* size_t m_offset; =>get_cond.start_byte */ /* obs_bucket_context m_bucketCtx; =>m_option.bucket_options */ -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) obs_options m_option; obs_object_info m_object_info; @@ -149,13 +149,13 @@ typedef struct OBSReadWriteHandler { #endif } OBSReadWriteHandler; -typedef struct list_service_data { +typedef struct ListServiceData { int headerPrinted; int allDetails; -#ifndef ENABLE_LITE_MODE +#if !defined(ENABLE_LITE_MODE) && defined(ENABLE_OBS) obs_status ret_status; #endif -} list_service_data; +} ListServiceData; extern void SetObsMemoryContext(MemoryContext mctx); extern MemoryContext GetObsMemoryContext(void); diff --git a/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h b/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h index d556ab45952dd1895eca3d5eb89848b1ee56a2da..72b8c950680f2de3f01341a611aa090a99d9b5a8 100644 --- a/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h +++ b/src/include/keymgr/encrypt/security_aead_aes_hamc_enc_key.h @@ -49,13 +49,22 @@ public: HMAC_CTX* ctx_worker; HMAC_CTX* ctx_template; private: +#ifdef ENABLE_OPENSSL3 + void free_hmac_ctx(HMAC_CTX** ctx_tmp) const; +#else void free_hmac_ctx(HMAC_CTX** ctx_tmp) { if (*ctx_tmp != NULL) { +#if OPENSSL_VERSION_NUMBER < 0x10100000L + HMAC_CTX_cleanup(*ctx_tmp); + OPENSSL_free(*ctx_tmp); +#else HMAC_CTX_free(*ctx_tmp); +#endif *ctx_tmp = NULL; } } +#endif }; /* diff --git a/src/include/ssl/gs_openssl_client.h b/src/include/ssl/gs_openssl_client.h index 3edadde502134d0128977abcddf02c8dd6d01fea..f426db9de19969091a7652bdc313f9704fdb1f0e 100644 --- a/src/include/ssl/gs_openssl_client.h +++ b/src/include/ssl/gs_openssl_client.h @@ -37,6 +37,7 @@ #include "openssl/crypto.h" #include "openssl/evp.h" #include "openssl/rand.h" +#include "openssl/conf.h" #define OPENSSL_CLI_EXCEPTTION (-4) #define OPENSSL_CLI_BAD_SOCKET (-3) @@ -66,4 +67,116 @@ extern int ossl_init_client_ssl_passwd(SSL_CTX* pstContext, const char* cert_fil extern const char* ossl_error_message(void); #endif /* ENABLE_UT */ +#if OPENSSL_VERSION_NUMBER < 0x10100000L +static int OPENSSL_init_ssl(int unused1, const SSL_CTX* unused2) +{ + SSL_library_init(); + SSL_load_error_strings(); + OpenSSL_add_all_algorithms(); + return (ERR_peek_error() == 0) ? 1 : 0; +} + +inline void* BIO_get_data(const BIO* bio) +{ + return bio->ptr; +} + +inline void BIO_set_data(BIO* bio, void* data) +{ + bio->ptr = data; +} + +inline void* OPENSSL_zalloc(size_t num) +{ + void* ptr = OPENSSL_malloc(num); + if (ptr != NULL) { + memset_s(ptr, num, 0, num); + } + return ptr; +} + +inline void SSL_set_security_callback( + SSL *ssl, + int (*cb)(const SSL* s, const SSL_CTX* ctx, int op, int bits, int nid, void* other, void* ex)) +{ + SSL_CTX_set_cert_verify_callback(SSL_get_SSL_CTX(ssl), (int (*)(X509_STORE_CTX*, void*))cb, NULL); +} + +inline void SSL_set_default_passwd_cb_userdata(SSL *ssl, void *userdata) +{ + SSL_CTX_set_default_passwd_cb_userdata(SSL_get_SSL_CTX(ssl), userdata); +} + +#define SSL_SECOP_TMP_DH 1 + +inline const EVP_CIPHER *EVP_sm4_ctr(void) +{ + return EVP_aes_128_ctr(); +} + +inline const unsigned char* ASN1_STRING_get0_data(const ASN1_STRING *x) +{ + return ASN1_STRING_data((ASN1_STRING *)x); +} + +inline HMAC_CTX* HMAC_CTX_new() +{ + HMAC_CTX* ctx = (HMAC_CTX*)OPENSSL_malloc(sizeof(HMAC_CTX)); + if (ctx != NULL) { + HMAC_CTX_init(ctx); + } + return ctx; +} +inline void HMAC_CTX_free(HMAC_CTX* ctx) +{ + if (ctx != NULL) { + HMAC_CTX_cleanup(ctx); + OPENSSL_free(ctx); + } +} +inline EVP_MD_CTX* EVP_MD_CTX_new() +{ + return EVP_MD_CTX_create(); +} +inline void EVP_MD_CTX_free(EVP_MD_CTX* ctx) +{ + EVP_MD_CTX_destroy(ctx); +} +inline const EVP_CIPHER* EVP_sm4_cbc() +{ + return EVP_aes_128_cbc(); +} +inline int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX* ctx, int cmd, int p1, void* p2) +{ + return 1; +} + +#ifndef EVP_CTRL_AEAD_GET_TAG +#define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG +#endif +#ifndef EVP_CTRL_AEAD_SET_TAG +#define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG +#endif +#define EVP_PKEY_SM2 0x00000013 +#define NID_sm2 784 + +inline int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type) +{ + if (type == EVP_PKEY_SM2) { + EVP_PKEY_set_type(pkey, EVP_PKEY_EC); + } + return 1; +} + +inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) +{ + if (dh->p) BN_free(dh->p); + dh->p = BN_dup(p); + if (dh->g) BN_free(dh->g); + dh->g = BN_dup(g); + if (dh->q) BN_free(dh->q); + dh->q = NULL; + return 1; +} +#endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */ #endif /* GS_openssl_CLIENT */ diff --git a/src/test/regress/obstools/obstool.c b/src/test/regress/obstools/obstool.c index 5c9712fcb9695e109fd95fd1aea78af15bf8d1f3..994655daa2aab829458fc7fed5fa23275aa2e8ca 100644 --- a/src/test/regress/obstools/obstool.c +++ b/src/test/regress/obstools/obstool.c @@ -15,7 +15,9 @@ #include "getopt.h" #endif +#ifdef ENABLE_OBS #include "eSDKOBS.h" +#endif #include "securec.h" /* Some Windows stuff */ diff --git a/src/test/ut/CMakeLists.txt b/src/test/ut/CMakeLists.txt index 9e80060be8b10b1c55b780fea068f0af13bbf81d..99377ae14c0283ff5ab2ffda849ee8eac3d45f45 100644 --- a/src/test/ut/CMakeLists.txt +++ b/src/test/ut/CMakeLists.txt @@ -11,7 +11,11 @@ ${CJSON_LIB_PATH} ${DCF_LIB_PATH} ${XGBOOST_LIB_PATH} ${ZSTD_LIB_PATH} ${LIBOBS_LIB_PATH} ${LZ4_LIB_PATH}) # -l -set(UNIT_TEST_BASE_LIB_LIST pthread gtest_main gtest mockcpp cjson dcf xgboost zstd nghttp2 iconv eSDKOBS eSDKLogAPI log4cpp lz4 db) +if("${ENABLE_OBS}" STREQUAL "ON") + set(UNIT_TEST_BASE_LIB_LIST pthread gtest_main gtest mockcpp cjson dcf xgboost zstd nghttp2 iconv eSDKOBS eSDKLogAPI log4cpp lz4 db) +else() + set(UNIT_TEST_BASE_LIB_LIST pthread gtest_main gtest mockcpp cjson dcf xgboost zstd lz4 db) +endif() add_subdirectory(demo) add_subdirectory(db4ai)