From 5c6a7b517f4d96efc9b68cbc2b9e83d80732917d Mon Sep 17 00:00:00 2001 From: Yavor Georgiev Date: Thu, 8 Dec 2022 19:30:15 +0100 Subject: [PATCH] Upgrade to OpenSSL 3 --- .gitmodules | 3 - CHANGELOG.md | 3 +- CMakeLists.txt | 65 ++++++-------------- Jenkinsfile | 6 -- dependencies.list | 3 +- src/realm/util/network_ssl.cpp | 5 +- tools/cmake/AcquireRealmDependency.cmake | 49 +++++++++++++++ tools/cmake/RealmConfig.cmake.in | 68 +++++++-------------- tools/vcpkg/ports | 1 - tools/vcpkg/triplets/arm-uwp-static.cmake | 6 -- tools/vcpkg/triplets/arm64-uwp-static.cmake | 6 -- tools/vcpkg/triplets/x64-uwp-static.cmake | 6 -- tools/vcpkg/triplets/x86-uwp-static.cmake | 6 -- tools/vcpkg/vcpkg.json | 27 -------- 14 files changed, 99 insertions(+), 155 deletions(-) create mode 100644 tools/cmake/AcquireRealmDependency.cmake delete mode 160000 tools/vcpkg/ports delete mode 100644 tools/vcpkg/triplets/arm-uwp-static.cmake delete mode 100644 tools/vcpkg/triplets/arm64-uwp-static.cmake delete mode 100644 tools/vcpkg/triplets/x64-uwp-static.cmake delete mode 100644 tools/vcpkg/triplets/x86-uwp-static.cmake delete mode 100644 tools/vcpkg/vcpkg.json diff --git a/.gitmodules b/.gitmodules index 05b289b6c7b..8e54cadbecd 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,6 +1,3 @@ [submodule "external/catch"] path = external/catch url = https://github.com/catchorg/Catch2.git -[submodule "tools/vcpkg/ports"] - path = tools/vcpkg/ports - url = https://github.com/microsoft/vcpkg.git diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d019fd04da..9095fea016b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ ### Enhancements * (PR [#????](https://github.com/realm/realm-core/pull/????)) -* None. +* Upgrade OpenSSL from 1.1.1n to 3.0.7. ([#????](https://github.com/realm/realm-core/pull/????)) ### Fixed * ([#????](https://github.com/realm/realm-core/issues/????), since v?.?.?) @@ -18,6 +18,7 @@ * `SubscriptionSet::find()` overloads now return `const Subscription*` with `nullptr` to signal not-found, rather than an at-end iterator * `MutableSubscriptionSet::erase()` now has overloads taking a `StringData name` or a `Query`. Both return a bool to indicate if anything was found and removed. * `MutableSubscriptionSet::commit()` is no longer `&&`-qualified. This means you no longer need to `std::move()` the set when calling it. +* Core no longer provides any VCPKG infrastructure (the ports submodule and overlay triplets), because it handles dependant libraries internally now. ### Compatibility * Fileformat: Generates files with format v23. Reads and automatically upgrade from fileformat v5. diff --git a/CMakeLists.txt b/CMakeLists.txt index b9280746ac1..3d88d8fd2f2 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,6 +19,7 @@ include(SpecialtyBuilds) include(GetVersion) include(CheckCXXCompilerFlag) include(CheckCXXSourceRuns) +include(AcquireRealmDependency) include(CodeCoverage) @@ -228,52 +229,15 @@ elseif(CMAKE_SYSTEM_NAME MATCHES "Linux|Android") endif() if(REALM_NEEDS_OPENSSL OR REALM_FORCE_OPENSSL) - set(OPENSSL_USE_STATIC_LIBS ON) - if(VCPKG_TOOLCHAIN) - # If we're building with vcpkg, prefer to find OpenSSL there first - find_package(OpenSSL) - endif() - # We aren't building with vcpkg, or it didn't have OpenSSL - if(NOT OpenSSL_FOUND) - if(ANDROID OR (CMAKE_SYSTEM_NAME STREQUAL "Linux" AND CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64")) - # We have prebuilt OpenSSL tarballs for Android and Linux x86_64 - set(_realm_have_prebuilt_openssl ON) - endif() - if(NOT REALM_USE_SYSTEM_OPENSSL AND _realm_have_prebuilt_openssl) - # Use our own prebuilt OpenSSL - if(NOT OpenSSL_DIR) - if(NOT EXISTS ${CMAKE_CURRENT_BINARY_DIR}/openssl/lib/cmake/OpenSSL/OpenSSLConfig.cmake) - if(ANDROID) - set(OPENSSL_URL "http://static.realm.io/downloads/openssl/${OPENSSL_VERSION}/Android/${CMAKE_ANDROID_ARCH_ABI}/openssl.tar.gz") - else() - set(OPENSSL_URL "http://static.realm.io/downloads/openssl/${OPENSSL_VERSION}/Linux/x86_64/openssl.tar.gz") - endif() - - message(STATUS "Getting ${OPENSSL_URL}...") - file(DOWNLOAD "${OPENSSL_URL}" "${CMAKE_CURRENT_BINARY_DIR}/openssl/openssl.tar.gz" STATUS download_status) - - list(GET download_status 0 status_code) - if (NOT "${status_code}" STREQUAL "0") - message(FATAL_ERROR "Downloading ${url}... Failed. Status: ${download_status}") - endif() - - message(STATUS "Uncompressing OpenSSL...") - execute_process( - COMMAND ${CMAKE_COMMAND} -E tar xfz "openssl.tar.gz" - WORKING_DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}/openssl" - ) - endif() - - set(OpenSSL_DIR "${CMAKE_CURRENT_BINARY_DIR}/openssl/lib/cmake/OpenSSL") - endif() - find_package(OpenSSL REQUIRED CONFIG) - target_link_libraries(OpenSSL::SSL INTERFACE OpenSSL::Crypto) - else() - # Use whatever OpenSSL CMake finds on the system - find_package(OpenSSL REQUIRED) - endif() + if(NOT REALM_USE_SYSTEM_OPENSSL AND (ANDROID OR WIN32 OR CMAKE_SYSTEM_NAME STREQUAL "Linux")) + # Use our own prebuilt OpenSSL + realm_acquire_dependency(openssl ${OPENSSL_VERSION} OPENSSL_CMAKE_INCLUDE_FILE) + + include(${OPENSSL_CMAKE_INCLUDE_FILE}) endif() + set(OPENSSL_USE_STATIC_LIBS ON) + find_package(OpenSSL REQUIRED) set(REALM_HAVE_OPENSSL ON) string(REGEX MATCH "^([0-9]+)\\.([0-9]+)" OPENSSL_VERSION_MAJOR_MINOR ${OPENSSL_VERSION}) elseif(APPLE) @@ -285,7 +249,10 @@ endif() # so for an iOS build it'll use the path from the Device plaform, which is an error on Simulator. # Just use -lz and let Xcode figure it out if(NOT APPLE AND NOT TARGET ZLIB::ZLIB) - if(ANDROID) + if(WIN32) + realm_acquire_dependency(zlib ${WIN32_ZLIB_VERSION} ZLIB_CMAKE_INCLUDE_FILE) + include(${ZLIB_CMAKE_INCLUDE_FILE}) + elseif(ANDROID) # On Android FindZLIB chooses the static libz over the dynamic one, but this leads to issues # (see https://github.com/android/ndk/issues/1179) # We want to link against the stub library instead of statically linking anyway, @@ -364,7 +331,8 @@ if(REALM_ENABLE_SYNC) list(APPEND REALM_EXPORTED_TARGETS Sync) endif() export(TARGETS ${REALM_EXPORTED_TARGETS} NAMESPACE Realm:: FILE RealmTargets.cmake) -configure_file(${CMAKE_CURRENT_LIST_DIR}/tools/cmake/RealmConfig.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/RealmConfig.cmake @ONLY) +configure_file(tools/cmake/RealmConfig.cmake.in ${CMAKE_CURRENT_BINARY_DIR}/RealmConfig.cmake @ONLY) +configure_file(tools/cmake/AcquireRealmDependency.cmake ${CMAKE_CURRENT_BINARY_DIR}/AcquireRealmDependency.cmake @ONLY) # Make the project importable from the install directory install(EXPORT realm @@ -379,6 +347,11 @@ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/RealmConfig.cmake COMPONENT devel ) +install(FILES tools/cmake/AcquireRealmDependency.cmake + DESTINATION lib/cmake/Realm + COMPONENT devel +) + # CPack set(CPACK_GENERATOR "TGZ") set(CPACK_PACKAGE_VERSION ${REALM_VERSION}) diff --git a/Jenkinsfile b/Jenkinsfile index 15204345619..b202930fbf7 100755 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -547,12 +547,6 @@ def doBuildWindows(String buildType, boolean isUWP, String platform, boolean run CMAKE_BUILD_TYPE: buildType, REALM_ENABLE_SYNC: "ON", CPACK_SYSTEM_NAME: cpackSystemName, - CMAKE_TOOLCHAIN_FILE: '%WORKSPACE%/tools/vcpkg/ports/scripts/buildsystems/vcpkg.cmake', - VCPKG_MANIFEST_DIR: '%WORKSPACE%/tools/vcpkg', - VCPKG_OVERLAY_TRIPLETS: '%WORKSPACE%/tools/vcpkg/triplets', - // set a custom buildtrees path because the default one is too long and msbuild tasks fail - VCPKG_INSTALL_OPTIONS: '--x-buildtrees-root=%WORKSPACE%/vcpkg-buildtrees', - VCPKG_TARGET_TRIPLET: triplet, REALM_VERSION: gitDescribeVersion, ] diff --git a/dependencies.list b/dependencies.list index 8a8eba8f5e2..25ba0fc0775 100644 --- a/dependencies.list +++ b/dependencies.list @@ -1,4 +1,5 @@ PACKAGE_NAME=realm-core VERSION=13.1.1 -OPENSSL_VERSION=1.1.1n +OPENSSL_VERSION=3.0.7 +WIN32_ZLIB_VERSION=1.2.13 MDBREALM_TEST_SERVER_TAG=2022-10-21 diff --git a/src/realm/util/network_ssl.cpp b/src/realm/util/network_ssl.cpp index 20f935b4b5f..a9a07ce3fb3 100644 --- a/src/realm/util/network_ssl.cpp +++ b/src/realm/util/network_ssl.cpp @@ -835,6 +835,8 @@ int Stream::bio_puts(BIO* bio, const char* c_str) noexcept long Stream::bio_ctrl(BIO*, int cmd, long, void*) noexcept { switch (cmd) { + case BIO_CTRL_EOF: + return 0; case BIO_CTRL_PUSH: case BIO_CTRL_POP: // Ignoring in alignment with `crypto/bio/bss_sock.c` of OpenSSL. @@ -842,8 +844,9 @@ long Stream::bio_ctrl(BIO*, int cmd, long, void*) noexcept case BIO_CTRL_FLUSH: // Ignoring in alignment with `crypto/bio/bss_sock.c` of OpenSSL. return 1; + default: + REALM_ASSERT_EX(false, "Got BIO_ctrl with unknown command %d", cmd); } - REALM_ASSERT(false); return 0; } diff --git a/tools/cmake/AcquireRealmDependency.cmake b/tools/cmake/AcquireRealmDependency.cmake new file mode 100644 index 00000000000..b37cf658c62 --- /dev/null +++ b/tools/cmake/AcquireRealmDependency.cmake @@ -0,0 +1,49 @@ +function(realm_acquire_dependency dep_name dep_version out_dep_cmake) + set(_target_architecture_Android_armeabi-v7a arm) + set(_target_architecture_Android_arm64-v8a arm64) + set(_target_architecture_Android_x86 x86) + set(_target_architecture_Android_x86_64 x64) + set(_target_architecture_Windows_Win32 x86) + set(_target_architecture_Windows_x64 x64) + set(_target_architecture_Windows_ARM64 arm64) + set(_target_architecture_WindowsStore_Win32 x86) + set(_target_architecture_WindowsStore_x64 x64) + set(_target_architecture_WindowsStore_ARM arm) + set(_target_architecture_WindowsStore_ARM64 arm64) + set(_target_architecture_Linux_x86_64 x64) + set(_target_architecture_Linux_arm arm) + set(_target_architecture_Linux_armv7 arm) + set(_target_architecture_Linux_armv7l arm) + set(_target_architecture_Linux_aarch64 arm64) + set(_target_platform_name_Android android) + set(_target_platform_name_Windows windows-static) + set(_target_platform_name_WindowsStore uwp-static) + set(_target_platform_name_Linux linux-gnu) + + if(ANDROID) + set(_target_architecture ${CMAKE_ANDROID_ARCH_ABI}) + elseif(WIN32 AND CMAKE_GENERATOR MATCHES "^Visual Studio") + set(_target_architecture ${CMAKE_GENERATOR_PLATFORM}) + else() + set(_target_architecture ${CMAKE_SYSTEM_PROCESSOR}) + endif() + + if(NOT EXISTS ${CMAKE_CURRENT_BINARY_DIR}/${dep_name}/include.cmake) + set(DEP_URL "https://static.realm.io/downloads/dependencies/${dep_name}/${dep_version}/${dep_name}-${dep_version}-${_target_architecture_${CMAKE_SYSTEM_NAME}_${_target_architecture}}-${_target_platform_name_${CMAKE_SYSTEM_NAME}}.tar.gz") + message(STATUS "Getting ${DEP_URL}...") + file(DOWNLOAD "${DEP_URL}" "${CMAKE_CURRENT_BINARY_DIR}/${dep_name}/${dep_name}.tar.gz" STATUS download_status) + + list(GET download_status 0 status_code) + if (NOT "${status_code}" STREQUAL "0") + message(FATAL_ERROR "Downloading ${url}... Failed. Status: ${download_status}") + endif() + + message(STATUS "Uncompressing ${dep_name}...") + execute_process( + COMMAND ${CMAKE_COMMAND} -E tar xfz "${dep_name}.tar.gz" + WORKING_DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}/${dep_name}" + ) + endif() + + set(${out_dep_cmake} ${CMAKE_CURRENT_BINARY_DIR}/${dep_name}/include.cmake PARENT_SCOPE) +endfunction() diff --git a/tools/cmake/RealmConfig.cmake.in b/tools/cmake/RealmConfig.cmake.in index 2833b43ca91..814f89ea191 100644 --- a/tools/cmake/RealmConfig.cmake.in +++ b/tools/cmake/RealmConfig.cmake.in @@ -1,55 +1,19 @@ include("${CMAKE_CURRENT_LIST_DIR}/RealmTargets.cmake") +include("${CMAKE_CURRENT_LIST_DIR}/AcquireRealmDependency.cmake") # Find dependencies include(CMakeFindDependencyMacro) -set(REALM_FORCE_OPENSSL @REALM_HAVE_OPENSSL@) -if(REALM_FORCE_OPENSSL) - if(VCPKG_TOOLCHAIN) - # If we're building with vcpkg, prefer to find OpenSSL there first - if(Realm_FIND_QUIETLY) - set(_quiet_arg QUIET) - endif() - find_package(OpenSSL @OPENSSL_VERSION_MAJOR_MINOR@ ${_quiet_arg}) - endif() - # We aren't building with vcpkg, or it didn't have OpenSSL - if(NOT OpenSSL_FOUND) - if(ANDROID OR (CMAKE_SYSTEM_NAME STREQUAL "Linux" AND CMAKE_SYSTEM_PROCESSOR STREQUAL "x86_64")) - # We have prebuilt OpenSSL tarballs for Android and Linux x86_64 - set(_realm_have_prebuilt_openssl ON) - endif() - if(NOT REALM_USE_SYSTEM_OPENSSL AND _realm_have_prebuilt_openssl) - # Use our own prebuilt OpenSSL - if(NOT OpenSSL_DIR) - if(NOT EXISTS ${CMAKE_BINARY_DIR}/openssl/lib/cmake/OpenSSL/OpenSSLConfig.cmake) - if(ANDROID) - set(OPENSSL_URL "http://static.realm.io/downloads/openssl/@OPENSSL_VERSION@/Android/${CMAKE_ANDROID_ARCH_ABI}/openssl.tar.gz") - else() - set(OPENSSL_URL "http://static.realm.io/downloads/openssl/@OPENSSL_VERSION@/Linux/x86_64/openssl.tar.gz") - endif() - - message(STATUS "Getting ${OPENSSL_URL}...") - file(DOWNLOAD "${OPENSSL_URL}" "${CMAKE_BINARY_DIR}/openssl/openssl.tar.gz" STATUS download_status) - - list(GET download_status 0 status_code) - if (NOT "${status_code}" STREQUAL "0") - message(FATAL_ERROR "Downloading ${OPENSSL_URL}... Failed. Status: ${download_status}") - endif() - message(STATUS "Uncompressing OpenSSL...") - execute_process( - COMMAND ${CMAKE_COMMAND} -E tar xfz "openssl.tar.gz" - WORKING_DIRECTORY "${CMAKE_BINARY_DIR}/openssl" - ) - endif() +if(@REALM_HAVE_OPENSSL@) + if(NOT REALM_USE_SYSTEM_OPENSSL AND (ANDROID OR WIN32 OR CMAKE_SYSTEM_NAME STREQUAL "Linux")) + # Use our own prebuilt OpenSSL + realm_acquire_dependency(openssl @OPENSSL_VERSION@ OPENSSL_CMAKE_INCLUDE_FILE) - set(OpenSSL_DIR "${CMAKE_BINARY_DIR}/openssl/lib/cmake/OpenSSL") - endif() - find_package(OpenSSL REQUIRED CONFIG) - target_link_libraries(OpenSSL::SSL INTERFACE OpenSSL::Crypto) - else() - find_dependency(OpenSSL @OPENSSL_VERSION_MAJOR_MINOR@) - endif() + include(${OPENSSL_CMAKE_INCLUDE_FILE}) endif() + + set(OPENSSL_USE_STATIC_LIBS ON) + find_dependency(OpenSSL @OPENSSL_VERSION@) endif() set(THREADS_PREFER_PTHREAD_FLAG ON) @@ -60,5 +24,19 @@ find_dependency(Threads) # so for an iOS build it'll use the path from the Device plaform, which is an error on Simulator. # Just use -lz and let Xcode figure it out if(TARGET Realm::Sync AND NOT APPLE AND NOT TARGET ZLIB::ZLIB) + if(WIN32) + realm_acquire_dependency(zlib @WIN32_ZLIB_VERSION@ ZLIB_CMAKE_INCLUDE_FILE) + include(${ZLIB_CMAKE_INCLUDE_FILE}) + elseif(ANDROID) + # On Android FindZLIB chooses the static libz over the dynamic one, but this leads to issues + # (see https://github.com/android/ndk/issues/1179) + # We want to link against the stub library instead of statically linking anyway, + # so we hack find_library to only consider shared object libraries when looking for libz + set(_CMAKE_FIND_LIBRARY_SUFFIXES_orig ${CMAKE_FIND_LIBRARY_SUFFIXES}) + set(CMAKE_FIND_LIBRARY_SUFFIXES .so) + endif() find_dependency(ZLIB) + if(ANDROID) + set(CMAKE_FIND_LIBRARY_SUFFIXES ${_CMAKE_FIND_LIBRARY_SUFFIXES_orig}) + endif() endif() \ No newline at end of file diff --git a/tools/vcpkg/ports b/tools/vcpkg/ports deleted file mode 160000 index acc3bcf76b8..00000000000 --- a/tools/vcpkg/ports +++ /dev/null @@ -1 +0,0 @@ -Subproject commit acc3bcf76b84ae5041c86ab55fe138ae7b8255c7 diff --git a/tools/vcpkg/triplets/arm-uwp-static.cmake b/tools/vcpkg/triplets/arm-uwp-static.cmake deleted file mode 100644 index c305c8a4815..00000000000 --- a/tools/vcpkg/triplets/arm-uwp-static.cmake +++ /dev/null @@ -1,6 +0,0 @@ -set(VCPKG_TARGET_ARCHITECTURE arm) -set(VCPKG_CRT_LINKAGE dynamic) -set(VCPKG_LIBRARY_LINKAGE static) - -set(VCPKG_CMAKE_SYSTEM_NAME WindowsStore) -set(VCPKG_CMAKE_SYSTEM_VERSION 10.0) diff --git a/tools/vcpkg/triplets/arm64-uwp-static.cmake b/tools/vcpkg/triplets/arm64-uwp-static.cmake deleted file mode 100644 index e7322b759a4..00000000000 --- a/tools/vcpkg/triplets/arm64-uwp-static.cmake +++ /dev/null @@ -1,6 +0,0 @@ -set(VCPKG_TARGET_ARCHITECTURE arm64) -set(VCPKG_CRT_LINKAGE dynamic) -set(VCPKG_LIBRARY_LINKAGE static) - -set(VCPKG_CMAKE_SYSTEM_NAME WindowsStore) -set(VCPKG_CMAKE_SYSTEM_VERSION 10.0) diff --git a/tools/vcpkg/triplets/x64-uwp-static.cmake b/tools/vcpkg/triplets/x64-uwp-static.cmake deleted file mode 100644 index dea649ef5de..00000000000 --- a/tools/vcpkg/triplets/x64-uwp-static.cmake +++ /dev/null @@ -1,6 +0,0 @@ -set(VCPKG_TARGET_ARCHITECTURE x64) -set(VCPKG_CRT_LINKAGE dynamic) -set(VCPKG_LIBRARY_LINKAGE static) - -set(VCPKG_CMAKE_SYSTEM_NAME WindowsStore) -set(VCPKG_CMAKE_SYSTEM_VERSION 10.0) diff --git a/tools/vcpkg/triplets/x86-uwp-static.cmake b/tools/vcpkg/triplets/x86-uwp-static.cmake deleted file mode 100644 index abff8676151..00000000000 --- a/tools/vcpkg/triplets/x86-uwp-static.cmake +++ /dev/null @@ -1,6 +0,0 @@ -set(VCPKG_TARGET_ARCHITECTURE x86) -set(VCPKG_CRT_LINKAGE dynamic) -set(VCPKG_LIBRARY_LINKAGE static) - -set(VCPKG_CMAKE_SYSTEM_NAME WindowsStore) -set(VCPKG_CMAKE_SYSTEM_VERSION 10.0) diff --git a/tools/vcpkg/vcpkg.json b/tools/vcpkg/vcpkg.json deleted file mode 100644 index f4fb0b561ed..00000000000 --- a/tools/vcpkg/vcpkg.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "dependencies": [ - { - "name": "openssl", - "platform": "android | linux | windows" - }, - { - "name": "zlib", - "platform": "windows" - } - ], - "features": { - "tests": { - "description": "Build tests", - "dependencies": [ - "libuv" - ] - } - }, - "overrides": [ - { - "name": "openssl", - "version-string": "1.1.1n" - } - ], - "builtin-baseline": "acc3bcf76b84ae5041c86ab55fe138ae7b8255c7" -}