diff --git a/CMakeLists.txt b/CMakeLists.txt index cd32630f91..375f55e22a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -148,6 +148,7 @@ find_package(ICU COMPONENTS uc i18n REQUIRED) find_package(fmt 10.0.0 REQUIRED) find_package(libdeflate REQUIRED) find_package(libxcrypt REQUIRED) +find_package(p11-kit REQUIRED) find_package(Snappy REQUIRED) find_package(RapidJSON REQUIRED) find_package(xxHash REQUIRED) @@ -345,6 +346,7 @@ if(Scylla_ENABLE_LTO) endif() target_link_libraries(scylla PRIVATE + p11-kit::p11-kit Seastar::seastar absl::headers yaml-cpp::yaml-cpp diff --git a/cmake/Findp11-kit.cmake b/cmake/Findp11-kit.cmake new file mode 100644 index 0000000000..e9188ec1c7 --- /dev/null +++ b/cmake/Findp11-kit.cmake @@ -0,0 +1,48 @@ +# +# Copyright 2023-present ScyllaDB +# + +# +# SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0 +# +find_package(PkgConfig REQUIRED) + +pkg_check_modules(PC_p11_kit QUIET p11-kit-1) + +find_library(p11-kit_LIBRARY + NAMES p11-kit + PATH_SUFFIXES p11-kit-1 + HINTS + ${PC_p11_kit_LIBDIR} + ${PC_p11_kit_LIBRARY_DIRS}) + +find_path(p11-kit_INCLUDE_DIR + NAMES p11-kit/p11-kit.h + HINTS + ${PC_p11_kit_INCLUDEDIR} + ${PC_p11_kit_INCLUDE_DIRS}) + +mark_as_advanced( + p11-kit_LIBRARY + p11-kit_INCLUDE_DIR) + +include(FindPackageHandleStandardArgs) + +find_package_handle_standard_args(p11-kit + REQUIRED_VARS + p11-kit_LIBRARY + p11-kit_INCLUDE_DIR + VERSION_VAR PC_p11_kit_VERSION) + +if(p11-kit_FOUND) + set(p11-kit_LIBRARIES ${p11-kit_LIBRARY}) + set(p11-kit_INCLUDE_DIRS ${p11-kit_INCLUDE_DIR}) + if(NOT(TARGET p11-kit::p11-kit)) + add_library(p11-kit::p11-kit UNKNOWN IMPORTED) + + set_target_properties(p11-kit::p11-kit + PROPERTIES + IMPORTED_LOCATION ${p11-kit_LIBRARY} + INTERFACE_INCLUDE_DIRECTORIES ${p11-kit_INCLUDE_DIRS}) + endif() +endif() diff --git a/configure.py b/configure.py index 2d5b947823..956c59d970 100755 --- a/configure.py +++ b/configure.py @@ -2004,7 +2004,6 @@ def query_seastar_flags(pc_file, use_shared_libs, link_static_cxx=False): libs = f"-Wl,-rpath='{rpath}' {libs}" if link_static_cxx: libs = libs.replace('-lstdc++ ', '') - testing_libs = pkg_config(pc_file.replace('seastar.pc', 'seastar-testing.pc'), '--libs', '--static') return {'seastar_cflags': cflags, 'seastar_libs': libs, @@ -2028,6 +2027,8 @@ libs = ' '.join([maybe_static(args.staticyamlcpp, '-lyaml-cpp'), '-latomic', '-l '-ldeflate', ]) +args.user_cflags += " " + pkg_config('p11-kit-1', '--cflags') + if not args.staticboost: user_cflags += ' -DBOOST_ALL_DYN_LINK' diff --git a/main.cc b/main.cc index 2eef9bf599..6b07eb1189 100644 --- a/main.cc +++ b/main.cc @@ -118,6 +118,12 @@ #include "utils/shared_dict.hh" #include "message/dictionary_service.hh" + +#define P11_KIT_FUTURE_UNSTABLE_API +extern "C" { +#include +} + seastar::metrics::metric_groups app_metrics; using namespace std::chrono_literals; @@ -2451,5 +2457,20 @@ int main(int ac, char** av) { return 0; } + // We have to override p11-kit config path before p11-kit initialization. + // And the initialization will invoke on seastar initalization, so it has to + // be before app.run() + // #3583 - need to potentially ensure this for tools as well, since at least + // sstable* might need crypto libraries. + auto scylla_path = fs::read_symlink(fs::path("/proc/self/exe")); // could just be argv[0] I guess... + auto p11_modules = scylla_path.parent_path().parent_path().append("share/p11-kit/modules"); + // Note: must be in scope for application lifetime. p11_kit_override_system_files does _not_ + // copy input strings. + auto p11_modules_str = p11_modules.string(); + // #3392 only do this if we are actually packaged and the path exists. + if (fs::exists(p11_modules)) { + ::p11_kit_override_system_files(NULL, NULL, p11_modules_str.c_str(), NULL, NULL); + } + return main_func(ac, av); }