-
Notifications
You must be signed in to change notification settings - Fork 6.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
curl package upgraded to 7.81.0 #35130
Conversation
LGTM. But the proper solution will be to remove |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Meena-Renganathan It does not build on Mac OS X,
see the "special build check".
@Meena-Renganathan Let's fix the build or close this. |
Sorry, I'm working on it. I will make the changes to fix the build error soon. |
Hi @alexey-milovidov, I've tried to reproduce the error by building curl (with openssl option) in my local MacOS but it's getting built successfully. Here is the details of my MacOS: macOS Monterey CC libcurl_la-hostip.lo Could you help how it can take it up further to get this fixed? |
Let's check the build log: https://s3.amazonaws.com/clickhouse-builds/35130/d19090fdaf89162ba5527f7f376394a6cdd4081f/binary_darwin/build_log.log Maybe it is related to some defines. Also another suggestion: maybe remove curl instead of updating it? |
Thank you @alexey-milovidov. But, while trying upgrade the curl package to 7.81.0, observed the curl is getting referenced by sentry-native and azure modules. So, decided to upgrade the curl. |
1 similar comment
Thank you @alexey-milovidov. But, while trying upgrade the curl package to 7.81.0, observed the curl is getting referenced by sentry-native and azure modules. So, decided to upgrade the curl. |
Is it possible to remove curl from Azure? |
It is not possible to directly remove the curl dependency from azure. Azure module uses the libcurl and WinHTTP libraries as HTTP stacks for communicating with Azure services over the network. When no specific configuration is set, the default transport adapter will be selected based on the OS. But custom transport adapter needs to be implemented to avoid the dependency on curl. |
Ok, then we need to fix this remaining build. PS. There was similar problem in AWS library. They used curl and it led to buffering all data in memory (I believe that it is not a downside of a curl, it is actually a good, very well tested library), and we replaced it by Poco. Maybe do similar with Azure? |
Still not fixed. |
Hi @alexey-milovidov, yeah noticed the error and working on it to fix. |
contrib/curl-cmake/CMakeLists.txt
Outdated
set(CURL_LIBS "") | ||
if(APPLE) | ||
|
||
find_library(SYSTEMCONFIGURATION_FRAMEWORK "SystemConfiguration") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't allow find_library
in our cmake files.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi @alexey-milovidov, any specific reason we are restricting the find_library in cmake files?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is needed for hermetic builds - to avoid dependence on the environment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the new curl version started to need something from SystemConfiguration,
maybe better to chop it from the library?
I did not check, but need to figure out where exactly these dependencies are needed? Is it possible to avoid them? |
@Meena-Renganathan |
To get better clarity, underlining the macro ENABLE_IPV6 doesn't allow to support IPV6 addressing format in ClickHouse. Is that my understanding, correct? |
No. We must support IPv6. |
This. I don't know what is "copy proxies" on OS X, and so we don't need it. |
Also please grep the code base for all instances of CURL_OSX_*. |
Undefining this macro would require a code change in curl repo (curl/lib/curl_setup.h). |
Another option is to disable |
Also getting rid of |
I'm planning to proceed with the option of disabling curl, azure and sentry on Mac OS. |
@Mergifyio update |
❌ Pull request can't be updated with latest base branch changesMergify needs the author permission to update the base branch of the pull request. |
This is ready to be merged. |
Ok, let's try as is. |
Looks like the problem with |
ClickHouse build check (actions) — 22/22 builds are OK |
- Ported necessary changes from ClickHouse/ClickHouse#35130. - Addressed compatibility post curl upgrade in commit ef02092.
Changelog category (leave one):
Changelog entry (a user-readable short description of the changes that goes to CHANGELOG.md):
To fix vulnerabilities reported by WhiteSource