From ec96220eb66a0033b09cc0d0f5d1799cbab206e0 Mon Sep 17 00:00:00 2001 From: Andrew Belt Date: Fri, 29 Oct 2021 16:39:33 -0400 Subject: [PATCH] Upgrade curl and openssl. Compile OpenSSL with no-pinshared. Initialize/destroy openssl in network::init/destroy(). --- Makefile | 2 +- adapters/standalone.cpp | 1 + dep/Makefile | 52 +++++++++++++++++++++-------------------- include/network.hpp | 1 + src/network.cpp | 9 +++++++ 5 files changed, 39 insertions(+), 26 deletions(-) diff --git a/Makefile b/Makefile index 8a6fc2f9..73153ce2 100644 --- a/Makefile +++ b/Makefile @@ -73,7 +73,7 @@ ifdef ARCH_WIN LDFLAGS += -Wl,-Bstatic -Wl,--whole-archive LDFLAGS += dep/lib/libglew32.a dep/lib/libglfw3.a dep/lib/libjansson.a dep/lib/libspeexdsp.a dep/lib/libsamplerate.a dep/lib/libarchive_static.a dep/lib/libzstd.a dep/lib/libcurl.a dep/lib/libssl.a dep/lib/libcrypto.a dep/lib/librtaudio.a dep/lib/librtmidi.a LDFLAGS += -Wl,-Bdynamic -Wl,--no-whole-archive - LDFLAGS += -lpthread -lopengl32 -lgdi32 -lws2_32 -lcomdlg32 -lole32 -ldsound -lwinmm -lksuser -lshlwapi -lmfplat -lmfuuid -lwmcodecdspuuid -ldbghelp + LDFLAGS += -lpthread -lopengl32 -lgdi32 -lws2_32 -lcomdlg32 -lole32 -ldsound -lwinmm -lksuser -lshlwapi -lmfplat -lmfuuid -lwmcodecdspuuid -ldbghelp -lcrypt32 STANDALONE_TARGET := Rack.exe STANDALONE_LDFLAGS += -mwindows diff --git a/adapters/standalone.cpp b/adapters/standalone.cpp index 535a6f9c..6b3e303f 100644 --- a/adapters/standalone.cpp +++ b/adapters/standalone.cpp @@ -257,6 +257,7 @@ int main(int argc, char* argv[]) { midi::destroy(); audio::destroy(); plugin::destroy(); + network::destroy(); INFO("Destroying logger"); logger::destroy(); diff --git a/dep/Makefile b/dep/Makefile index 61303b62..8eed084f 100755 --- a/dep/Makefile +++ b/dep/Makefile @@ -111,32 +111,34 @@ $(jansson): | jansson-2.12 $(MAKE) -C jansson-2.12 $(MAKE) -C jansson-2.12 install -openssl-1.1.1d: - $(WGET) "https://www.openssl.org/source/openssl-1.1.1d.tar.gz" - $(SHA256) openssl-1.1.1d.tar.gz 1e3a91bc1f9dfce01af26026f856e064eab4c8ee0a8f457b5ae30b40b8b711f2 - $(UNTAR) openssl-1.1.1d.tar.gz - rm openssl-1.1.1d.tar.gz - -$(openssl): | openssl-1.1.1d - @# ./config ignores CFLAGS, so hack it in with CC - cd openssl-1.1.1d && CC="$(CC) $(CFLAGS)" ./config --prefix="$(DEP_PATH)" - $(MAKE) -C openssl-1.1.1d - $(MAKE) -C openssl-1.1.1d install_sw - -curl-7.66.0: - $(WGET) "https://curl.haxx.se/download/curl-7.66.0.tar.gz" - $(SHA256) curl-7.66.0.tar.gz d0393da38ac74ffac67313072d7fe75b1fa1010eb5987f63f349b024a36b7ffb - $(UNTAR) curl-7.66.0.tar.gz - rm curl-7.66.0.tar.gz - -CURL_FLAGS += --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --enable-proxy --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smb --disable-smtp --disable-gopher --disable-manual --disable-shared --disable-symbol-hiding -CURL_FLAGS += --without-zlib --without-libpsl --without-libmetalink --without-libssh2 --without-librtmp --without-winidn --without-libidn2 --without-nghttp2 --without-brotli +openssl-1.1.1l: + $(WGET) "https://www.openssl.org/source/openssl-1.1.1l.tar.gz" + $(SHA256) openssl-1.1.1l.tar.gz 0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1 + $(UNTAR) openssl-1.1.1l.tar.gz + rm openssl-1.1.1l.tar.gz + +$(openssl): | openssl-1.1.1l + # The CFLAGS environment variable is ignored, so pass CFLAGS to their custom ./config script, which passes them to the compiler. + # Set no-pinshared so OpenSSL doesn't call GetModuleHandleEx(GET_MODULE_HANDLE_EX_FLAG_PIN, ...) on initialization on Windows. This prevents libRack from being unloaded on Windows with FreeLibrary(). + cd openssl-1.1.1l && ./config --prefix="$(DEP_PATH)" no-shared no-hw no-threads no-zlib no-capieng no-pinshared $(CFLAGS) + $(MAKE) -C openssl-1.1.1l + $(MAKE) -C openssl-1.1.1l install_sw + +curl-7.79.1: + $(WGET) "https://curl.se/download/curl-7.79.1.tar.gz" + $(SHA256) curl-7.79.1.tar.gz 370b11201349816287fb0ccc995e420277fbfcaf76206e309b3f60f0eda090c2 + $(UNTAR) curl-7.79.1.tar.gz + rm curl-7.79.1.tar.gz + +CURL_FLAGS += --enable-symbol-hiding --enable-shared=no +CURL_FLAGS += --enable-http --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --enable-proxy --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smb --disable-smtp --disable-gopher --disable-mqtt --disable-manual --disable-threaded-resolver --disable-pthreads --disable-verbose --disable-sspi --disable-ntlm --disable-ntlm-wb --disable-tls-srp --disable-unix-sockets --disable-doh --disable-mime --disable-dateparse --disable-netrc --disable-progress-meter --disable-alt-svc +CURL_FLAGS += --without-hyper --without-zlib --without-brotli --without-zstd --without-libpsl --without-libgsasl --without-libssh2 --without-librtmp --without-winidn --without-libidn2 --without-nghttp2 --without-ngtcp2 --without-nghttp3 --without-quiche CURL_FLAGS += --with-ssl="$(DEP_PATH)" -$(libcurl): | $(openssl) curl-7.66.0 - cd curl-7.66.0 && PKG_CONFIG_PATH= $(CONFIGURE) $(CURL_FLAGS) - $(MAKE) -C curl-7.66.0 - $(MAKE) -C curl-7.66.0 install +$(libcurl): | $(openssl) curl-7.79.1 + cd curl-7.79.1 && PKG_CONFIG_PATH= $(CONFIGURE) $(CURL_FLAGS) + $(MAKE) -C curl-7.79.1 + $(MAKE) -C curl-7.79.1 install zstd-1.4.5: $(WGET) "https://github.com/facebook/zstd/releases/download/v1.4.5/zstd-1.4.5.tar.gz" @@ -260,7 +262,7 @@ $(ghcfilesystem): filesystem/include/ghc # Helpers -src: glew-2.1.0 glfw jansson-2.12 speexdsp-SpeexDSP-1.2rc3 openssl-1.1.1d curl-7.66.0 zstd-1.4.5 libarchive-3.4.3 rtmidi-4.0.0 rtaudio nanovg nanosvg oui-blendish osdialog +src: glew-2.1.0 glfw jansson-2.12 speexdsp-SpeexDSP-1.2rc3 openssl-1.1.1l curl-7.79.1 zstd-1.4.5 libarchive-3.4.3 rtmidi-4.0.0 rtaudio nanovg nanosvg oui-blendish osdialog clean: git clean -fdx diff --git a/include/network.hpp b/include/network.hpp index 61b6eb93..889734e0 100644 --- a/include/network.hpp +++ b/include/network.hpp @@ -21,6 +21,7 @@ enum Method { }; void init(); +void destroy(); /** Requests a JSON API URL over HTTP(S), using the data as the query (GET) or the body (POST, etc) Caller must json_decref() if return value is non-NULL. */ diff --git a/src/network.cpp b/src/network.cpp index a50d7b81..833fff63 100644 --- a/src/network.cpp +++ b/src/network.cpp @@ -1,5 +1,6 @@ #include +#include #define CURL_STATICLIB #include @@ -54,12 +55,20 @@ static std::string getCookieString(const CookieMap& cookies) { void init() { + // Because OpenSSL is compiled with no-pinshared, we need to initialize without defining atexit(), since we want to destroy it when libRack is unloaded. + OPENSSL_init_crypto(OPENSSL_INIT_NO_ATEXIT, NULL); // curl_easy_init() calls this automatically, but it's good to make sure this is done on the main thread before other threads are spawned. // https://curl.haxx.se/libcurl/c/curl_easy_init.html curl_global_init(CURL_GLOBAL_ALL); } +void destroy() { + curl_global_cleanup(); + OPENSSL_cleanup(); +} + + json_t* requestJson(Method method, const std::string& url, json_t* dataJ, const CookieMap& cookies) { std::string urlS = url; CURL* curl = createCurl();