Skip to content

Commit b611eb9

Browse files
thevar1ablethevar1able
authored
Merge pull request ClickHouse#80231 from ClickHouse/aws-sdk-disable-openssl-init
Disable OpenSSL init and cleanup for AWS SDK
2 parents b9b996d + c21b96b commit b611eb9

File tree

2 files changed

+18
-3
lines changed

2 files changed

+18
-3
lines changed

src/Common/OpenSSLHelpers.cpp

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@
88
#include <openssl/evp.h>
99
#include <openssl/sha.h>
1010
#include <openssl/kdf.h>
11+
#include <openssl/core_names.h>
1112

1213

1314
namespace DB
@@ -73,7 +74,7 @@ std::vector<uint8_t> hmacSHA256(const std::vector<uint8_t> & key, const std::str
7374
throw Exception(ErrorCodes::OPENSSL_ERROR, "EVP_MAC_CTX_new failed: {}", getOpenSSLErrors());
7475

7576
OSSL_PARAM params[] = {
76-
OSSL_PARAM_utf8_string("digest", const_cast<char*>("SHA256"), 0),
77+
OSSL_PARAM_utf8_string(OSSL_MAC_PARAM_DIGEST, const_cast<char*>("SHA256"), 0),
7778
OSSL_PARAM_END
7879
};
7980

src/IO/S3/Client.cpp

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44

55
#if USE_AWS_S3
66

7+
#include <aws/core/Aws.h>
78
#include <aws/core/client/CoreErrors.h>
89
#include <aws/s3/model/HeadBucketRequest.h>
910
#include <aws/s3/model/GetObjectRequest.h>
@@ -963,9 +964,22 @@ void ClientCacheRegistry::clearCacheForAll()
963964
ClientFactory::ClientFactory()
964965
{
965966
aws_options = Aws::SDKOptions{};
967+
968+
aws_options.cryptoOptions = Aws::CryptoOptions{};
969+
aws_options.cryptoOptions.initAndCleanupOpenSSL = false;
970+
971+
aws_options.httpOptions = Aws::HttpOptions{};
972+
aws_options.httpOptions.initAndCleanupCurl = false;
973+
aws_options.httpOptions.httpClientFactory_create_fn = []() { return std::make_shared<PocoHTTPClientFactory>(); };
974+
975+
aws_options.loggingOptions = Aws::LoggingOptions{};
976+
aws_options.loggingOptions.logger_create_fn = []() { return std::make_shared<AWSLogger>(false); };
977+
978+
aws_options.ioOptions = Aws::IoOptions{};
979+
/// We don't need to initialize TLS, because we use PocoHTTPClientFactory
980+
aws_options.ioOptions.tlsConnectionOptions_create_fn = []() { return nullptr; };
981+
966982
Aws::InitAPI(aws_options);
967-
Aws::Utils::Logging::InitializeAWSLogging(std::make_shared<AWSLogger>(false));
968-
Aws::Http::SetHttpClientFactory(std::make_shared<PocoHTTPClientFactory>());
969983
}
970984

971985
ClientFactory::~ClientFactory()

0 commit comments

Comments
 (0)