From f70dc2184de757dc46da24c4a1e93e60a698408a Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Tue, 30 Jul 2024 18:10:51 +0000 Subject: [PATCH 01/11] Revert "Fix bus error from boost socket.shutdown in tcp_socket_error() and link statically to OpenSSL (#145)" This reverts commit 2df9b599a8852610310f3f9b9a83c5ee4b10e0f2. --- CMakeLists.txt | 11 ++++------- src/TcpAdapterProxy.cpp | 5 ++--- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b89682cf..d54b8eb5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -61,9 +61,6 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess ######################################### set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) -include_directories(${OPENSSL_INCLUDE_DIR}) -string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_SSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) -string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_CRYPTO_LIBRARY ${OPENSSL_CRYPTO_LIBRARY}) ######################################### # Test framework dependency # @@ -114,8 +111,8 @@ endif() include_directories(${PROJECT_SOURCE_DIR}/src) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_THREAD_LIBS_INIT}) -target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) -target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) +target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) +target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_DL_LIBS}) @@ -123,8 +120,8 @@ set_property(TARGET ${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} APPEND_STRING PROPERTY if(BUILD_TESTS) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_THREAD_LIBS_INIT}) - target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) - target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) + target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::SSL) + target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_DL_LIBS}) diff --git a/src/TcpAdapterProxy.cpp b/src/TcpAdapterProxy.cpp index 82da9a87..019ba129 100644 --- a/src/TcpAdapterProxy.cpp +++ b/src/TcpAdapterProxy.cpp @@ -511,8 +511,7 @@ namespace aws { namespace iot { namespace securedtunneling { BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found"; } connection->tcp_write_buffer_.consume(connection->tcp_write_buffer_.max_size()); - // this works on Linux x86_64 but causes a bus error on Darwin arm64, commenting it out - //connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); + connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); connection->socket_.close(); connection->on_web_socket_write_buffer_drain_complete = [&, service_id, connection_id]() @@ -2310,4 +2309,4 @@ namespace aws { namespace iot { namespace securedtunneling { return false; } } -}}} +}}} \ No newline at end of file From a1d57d3ceecd3a45fb4cb835699903b40c5f7fb4 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Mon, 5 Aug 2024 22:49:44 +0000 Subject: [PATCH 02/11] upgrade boost version for mac os CI --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ffb924be..bc565473 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,9 +23,9 @@ jobs: - name: Install boost working-directory: ${{ github.workspace }} run: | - wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz + wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz tar xzvf /tmp/boost.tar.gz - cd boost_1_81_0 + cd boost_1_84_0 ./bootstrap.sh --with-toolset=clang ./b2 install toolset=clang link=static - name: Install protobuf From bcfb856ecd4a29dfce001f3c8894254d644c8e54 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Mon, 5 Aug 2024 22:53:55 +0000 Subject: [PATCH 03/11] run b2 install as sudo --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bc565473..d24099a7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,7 +27,7 @@ jobs: tar xzvf /tmp/boost.tar.gz cd boost_1_84_0 ./bootstrap.sh --with-toolset=clang - ./b2 install toolset=clang link=static + sudo ./b2 install toolset=clang link=static - name: Install protobuf working-directory: ${{ github.workspace }} run: | From 1387c6379158552cbbe24d81727f21ff75321688 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Mon, 5 Aug 2024 23:06:27 +0000 Subject: [PATCH 04/11] run make install as sudo --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d24099a7..2c207382 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -38,7 +38,7 @@ jobs: cd build_make cmake ../cmake make - make install + sudo make install - name: Building localproxy working-directory: ${{ github.workspace }} run: | From f97f64a174756fca422eee6bed19ae2825b68c17 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Mon, 5 Aug 2024 23:48:51 +0000 Subject: [PATCH 05/11] update README, modify cmakefile for static compilation --- CMakeLists.txt | 11 +++++++++++ README.md | 3 +++ src/TcpAdapterProxy.cpp | 2 +- 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index d54b8eb5..424b90c1 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -62,6 +62,11 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) +### Uncomment below 3 lines to enable static linking +# include_directories(${OPENSSL_INCLUDE_DIR}) +# string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_SSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) +# string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_CRYPTO_LIBRARY ${OPENSSL_CRYPTO_LIBRARY}) + ######################################### # Test framework dependency # ######################################### @@ -113,6 +118,9 @@ include_directories(${PROJECT_SOURCE_DIR}/src) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_THREAD_LIBS_INIT}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) +### uncomment below 2 lines and remove above 2 lines to enable static linking +# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) +# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_DL_LIBS}) @@ -122,6 +130,9 @@ if(BUILD_TESTS) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_THREAD_LIBS_INIT}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::SSL) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) + ### uncomment below 2 lines and remove above 2 lines to enable static linking + # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) + # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_DL_LIBS}) diff --git a/README.md b/README.md index 770e7875..0084838d 100644 --- a/README.md +++ b/README.md @@ -169,6 +169,9 @@ Source install example: Run the ./Configure command without any arguments to check the available platform configuration options and the documentation here: https://wiki.openssl.org/index.php/Compilation_and_Installation +##### Static linking OpenSSL +In the `CMakeLists.txt`, there are marked sections with commented code that when uncommented, allow users to static compile OpenSSL libraries into their binary. Choosing to do so is completely optional depending on your own operational requirements. This is following guidance from https://github.com/aws-samples/aws-iot-securetunneling-localproxy/pull/145. + #### 5. Download and install Catch2 test framework git clone --branch v2.13.6 https://github.com/catchorg/Catch2.git diff --git a/src/TcpAdapterProxy.cpp b/src/TcpAdapterProxy.cpp index 019ba129..f675654a 100644 --- a/src/TcpAdapterProxy.cpp +++ b/src/TcpAdapterProxy.cpp @@ -344,7 +344,6 @@ namespace aws { namespace iot { namespace securedtunneling { } BOOST_LOG_SEV(log, debug) << "Handling explicit reset by closing TCP for service id: " << service_id << " connection id: " << connection_id; - connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); std::shared_ptr web_socket_write_buffer_drain_complete = std::make_shared(false); std::shared_ptr tcp_write_buffer_drain_complete = std::make_shared(false); @@ -511,6 +510,7 @@ namespace aws { namespace iot { namespace securedtunneling { BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found"; } connection->tcp_write_buffer_.consume(connection->tcp_write_buffer_.max_size()); + // this works on Linux x86_64 but causes a bus error on Darwin arm64, commenting it out connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); connection->socket_.close(); From 53e5a290fe587a3fc69bdcc1466a845e63572a66 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Wed, 14 Aug 2024 18:27:05 +0000 Subject: [PATCH 06/11] update boost to 1.84 for ubuntu and windows ci --- .github/workflows/ci.yml | 14 +++++++------- src/TcpAdapterProxy.cpp | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2c207382..acf5878c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,9 +65,9 @@ jobs: - name: Install boost working-directory: ${{ github.workspace }} run: | - wget https://boostorg.jfrog.io/artifactory/main/release/1.81.0/source/boost_1_81_0.tar.gz -O /tmp/boost.tar.gz + wget https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.tar.gz -O /tmp/boost.tar.gz tar xzvf /tmp/boost.tar.gz - cd boost_1_81_0 + cd boost_1_84_0 ./bootstrap.sh sudo ./b2 install link=static - name: Install protobuf @@ -145,11 +145,11 @@ jobs: $env:Path += ";C:\Program Files (x86)\zlib\bin" - name: Install boost run: | - Invoke-WebRequest "https://boostorg.jfrog.io/artifactory/main/release/1.76.0/source/boost_1_76_0.zip" -OutFile "boost_1_76_0.zip" - Expand-Archive "boost_1_76_0.zip" -Force - cd .\boost_1_76_0\boost_1_76_0\ + Invoke-WebRequest "https://boostorg.jfrog.io/artifactory/main/release/1.84.0/source/boost_1_84_0.zip" -OutFile "boost_1_84_0.zip" + Expand-Archive "boost_1_84_0.zip" -Force + cd .\boost_1_84_0\boost_1_84_0\ .\bootstrap.bat - .\b2 toolset=msvc-14.2 address-model=64 install define=BOOST_WINAPI_VERSION_WIN10 link=static + .\b2 toolset=msvc-14.2 address-model=64 install define=_WIN32_WINNT=0x0601 define=BOOST_WINAPI_VERSION_WIN7 link=static - name: Install protobuf run: | cd \ @@ -169,7 +169,7 @@ jobs: run: | mkdir build cd build - cmake -DBUILD_TESTS=OFF -DBOOST_PKG_VERSION=1.76.0 -DWIN32_WINNT=0x0A00 -DBoost_USE_STATIC_LIBS=ON -DCMAKE_PREFIX_PATH="C:\Boost;C:\Program Files (x86)\Catch2;C:\Program Files (x86)\protobuf;C:\Program Files\OpenSSL" -G "Visual Studio 16 2019" -A x64 ..\ + cmake -DBUILD_TESTS=OFF -DBOOST_PKG_VERSION=1.84.0 -DWIN32_WINNT=0x0601 -DBoost_USE_STATIC_LIBS=ON -DCMAKE_PREFIX_PATH="C:\Boost;C:\Program Files (x86)\Catch2;C:\Program Files (x86)\protobuf;C:\Program Files\OpenSSL" -G "Visual Studio 16 2019" -A x64 ..\ msbuild localproxy.vcxproj -p:Configuration=Release - name: Upload Artifact uses: actions/upload-artifact@v3 diff --git a/src/TcpAdapterProxy.cpp b/src/TcpAdapterProxy.cpp index f675654a..9fc7c0af 100644 --- a/src/TcpAdapterProxy.cpp +++ b/src/TcpAdapterProxy.cpp @@ -511,7 +511,7 @@ namespace aws { namespace iot { namespace securedtunneling { } connection->tcp_write_buffer_.consume(connection->tcp_write_buffer_.max_size()); // this works on Linux x86_64 but causes a bus error on Darwin arm64, commenting it out - connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); + // connection->socket_.shutdown(boost::asio::ip::tcp::socket::shutdown_receive); connection->socket_.close(); connection->on_web_socket_write_buffer_drain_complete = [&, service_id, connection_id]() From 13081c60528eb7603d5d65d01f3aa569cbb0a29c Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Wed, 14 Aug 2024 21:43:10 +0000 Subject: [PATCH 07/11] upgrade openssl windows to 3 --- .github/workflows/ci.yml | 6 +++--- src/TcpAdapterProxy.cpp | 20 +++++++++++++++++--- 2 files changed, 20 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index acf5878c..d9bb2661 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -117,9 +117,9 @@ jobs: Invoke-WebRequest "https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/win64/nasm-2.15.05-win64.zip" -OutFile "nasm-2.15.05-win64.zip" Expand-Archive "nasm-2.15.05-win64.zip" -Force -DestinationPath "C:\NASM" $env:Path += ";C:\NASM\nasm-2.15.05\" - git clone https://github.com/openssl/openssl.git - cd openssl - git checkout OpenSSL_1_1_1-stable + Invoke-WebRequest "https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.12.zip" -OutFile "openssl-3.0.12.zip" + Expand-Archive "openssl-3.0.12.zip" -Force + cd .\openssl-3.0.12\openssl-3.0.12\ perl Configure VC-WIN64A nmake nmake install diff --git a/src/TcpAdapterProxy.cpp b/src/TcpAdapterProxy.cpp index 9fc7c0af..7c1820b9 100644 --- a/src/TcpAdapterProxy.cpp +++ b/src/TcpAdapterProxy.cpp @@ -377,7 +377,14 @@ namespace aws { namespace iot { namespace securedtunneling { { tcp_connection::pointer connection_to_reset = get_tcp_connection(tac, service_id, connection_id); BOOST_LOG_SEV(this->log, trace) << "Post-reset TCP drain complete. Closing TCP socket for service id " << service_id << " connection id " << connection_id; - BOOST_LOG_SEV(this->log, info) << "Disconnected from: " << connection_to_reset->socket().remote_endpoint(); + try + { + BOOST_LOG_SEV(this->log, info) << "Disconnected from: " << connection_to_reset->socket().remote_endpoint(); + } + catch (std::exception& e) + { + BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found due to TCP connection already terminated"; + } connection_to_reset->socket_.close(); delete_tcp_socket(tac, service_id, connection_id); *tcp_write_buffer_drain_complete = true; @@ -416,7 +423,14 @@ namespace aws { namespace iot { namespace securedtunneling { { tcp_connection::pointer connection_to_reset = get_tcp_connection(tac, service_id, connection_id); BOOST_LOG_SEV(this->log, trace) << "Post-reset TCP drain complete. Closing TCP socket for service id " << service_id << " connection id " << connection_id; - BOOST_LOG_SEV(this->log, info) << "Disconnected from: " << connection_to_reset->socket().remote_endpoint(); + try + { + BOOST_LOG_SEV(this->log, info) << "Disconnected from: " << connection_to_reset->socket().remote_endpoint(); + } + catch (std::exception& e) + { + BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found due to TCP connection already terminated"; + } connection_to_reset->socket_.close(); delete_tcp_socket(tac, service_id, connection_id); }; @@ -507,7 +521,7 @@ namespace aws { namespace iot { namespace securedtunneling { } catch (std::exception& e) { - BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found"; + BOOST_LOG_SEV(this->log, info) << "Disconnecting... remote endpoint not found due to TCP connection already terminated"; } connection->tcp_write_buffer_.consume(connection->tcp_write_buffer_.max_size()); // this works on Linux x86_64 but causes a bus error on Darwin arm64, commenting it out From 82af042d220b6bab49692c46d3da596ac52afa91 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Wed, 14 Aug 2024 21:51:06 +0000 Subject: [PATCH 08/11] fix openssl download dir --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d9bb2661..b5aaea47 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -119,7 +119,7 @@ jobs: $env:Path += ";C:\NASM\nasm-2.15.05\" Invoke-WebRequest "https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.12.zip" -OutFile "openssl-3.0.12.zip" Expand-Archive "openssl-3.0.12.zip" -Force - cd .\openssl-3.0.12\openssl-3.0.12\ + cd .\openssl-3.0.12\openssl-openssl-3.0.12\ perl Configure VC-WIN64A nmake nmake install From 420fab4c22635073f98d0d6aaac94521c507f09a Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Wed, 14 Aug 2024 23:02:43 +0000 Subject: [PATCH 09/11] try static linking --- CMakeLists.txt | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 424b90c1..413cd618 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -63,9 +63,9 @@ set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) ### Uncomment below 3 lines to enable static linking -# include_directories(${OPENSSL_INCLUDE_DIR}) -# string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_SSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) -# string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_CRYPTO_LIBRARY ${OPENSSL_CRYPTO_LIBRARY}) +include_directories(${OPENSSL_INCLUDE_DIR}) +string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_SSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) +string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_CRYPTO_LIBRARY ${OPENSSL_CRYPTO_LIBRARY}) ######################################### # Test framework dependency # @@ -116,11 +116,11 @@ endif() include_directories(${PROJECT_SOURCE_DIR}/src) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_THREAD_LIBS_INIT}) -target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) -target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) +# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) +# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) ### uncomment below 2 lines and remove above 2 lines to enable static linking -# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) -# target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) +target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) +target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_DL_LIBS}) @@ -128,11 +128,11 @@ set_property(TARGET ${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} APPEND_STRING PROPERTY if(BUILD_TESTS) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_THREAD_LIBS_INIT}) - target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::SSL) - target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) + # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::SSL) + # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) ### uncomment below 2 lines and remove above 2 lines to enable static linking - # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) - # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) + target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) + target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Boost_STATIC_LIBRARIES}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Protobuf_LITE_STATIC_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_DL_LIBS}) From 4236fa3629217117f48ea4c7a8f73e8548b7746d Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 15 Aug 2024 18:28:04 +0000 Subject: [PATCH 10/11] update comments --- CMakeLists.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 413cd618..24cedf40 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -62,7 +62,6 @@ protobuf_generate_cpp(PROTO_SRCS PROTO_HDRS ${PROJECT_SOURCE_DIR}/resources/Mess set(OPENSSL_USE_STATIC_LIBS TRUE) find_package(OpenSSL REQUIRED) -### Uncomment below 3 lines to enable static linking include_directories(${OPENSSL_INCLUDE_DIR}) string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_SSL_LIBRARY ${OPENSSL_SSL_LIBRARY}) string(REPLACE ${CMAKE_SHARED_LIBRARY_SUFFIX} ${CMAKE_STATIC_LIBRARY_SUFFIX} OpenSSL_STATIC_CRYPTO_LIBRARY ${OPENSSL_CRYPTO_LIBRARY}) @@ -118,7 +117,7 @@ include_directories(${PROJECT_SOURCE_DIR}/src) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${CMAKE_THREAD_LIBS_INIT}) # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::SSL) # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} OpenSSL::Crypto) -### uncomment below 2 lines and remove above 2 lines to enable static linking +### uncomment above 2 lines and remove below 2 lines to link against OpenSSL shared libs target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${Boost_STATIC_LIBRARIES}) @@ -130,7 +129,7 @@ if(BUILD_TESTS) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${CMAKE_THREAD_LIBS_INIT}) # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::SSL) # target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} OpenSSL::Crypto) - ### uncomment below 2 lines and remove above 2 lines to enable static linking + ### uncomment above 2 lines and remove below 2 lines to link against OpenSSL shared libs target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${OpenSSL_STATIC_SSL_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TARGET_NAME} ${OpenSSL_STATIC_CRYPTO_LIBRARY}) target_link_libraries(${AWS_TUNNEL_LOCAL_PROXY_TEST_NAME} ${Boost_STATIC_LIBRARIES}) From cbe9b6142d75af6b1f54334baee6b45e61a32641 Mon Sep 17 00:00:00 2001 From: RogerZhongAWS Date: Thu, 15 Aug 2024 23:00:31 +0000 Subject: [PATCH 11/11] edit README --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0084838d..84a6eeb0 100644 --- a/README.md +++ b/README.md @@ -169,8 +169,8 @@ Source install example: Run the ./Configure command without any arguments to check the available platform configuration options and the documentation here: https://wiki.openssl.org/index.php/Compilation_and_Installation -##### Static linking OpenSSL -In the `CMakeLists.txt`, there are marked sections with commented code that when uncommented, allow users to static compile OpenSSL libraries into their binary. Choosing to do so is completely optional depending on your own operational requirements. This is following guidance from https://github.com/aws-samples/aws-iot-securetunneling-localproxy/pull/145. +##### Static vs. Dynamic linking OpenSSL +In the `CMakeLists.txt`, there are marked sections with commented code that when uncommented, allow users to switch between using static vs shared OpenSSL libraries. Choosing to do so is completely optional depending on your own operational requirements. This is following guidance from https://github.com/aws-samples/aws-iot-securetunneling-localproxy/pull/145. The localproxy uses static libs by default #### 5. Download and install Catch2 test framework