From f9c4233b61a4d446448a0eef5ac2deccba099365 Mon Sep 17 00:00:00 2001 From: Mikael Arguedas Date: Sat, 27 Jun 2020 23:39:21 +0200 Subject: [PATCH 1/2] use openssl 1.0.2 only when connext is used Signed-off-by: Mikael Arguedas --- test_security/CMakeLists.txt | 50 +++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 23 deletions(-) diff --git a/test_security/CMakeLists.txt b/test_security/CMakeLists.txt index c078f64a..da614b67 100644 --- a/test_security/CMakeLists.txt +++ b/test_security/CMakeLists.txt @@ -262,6 +262,33 @@ if(BUILD_TESTING) set(RTI_BIN_PATH "$ENV{RTI_OPENSSL_BIN}") file(TO_CMAKE_PATH "${RTI_BIN_PATH}" RTI_BIN_PATH) set(TEST_PATH "${RTI_BIN_PATH};${ENV_PATH}") + if(WIN32) + string(REPLACE "\\" "\\\\" RTI_OPENSSL_LIBS "$ENV{RTI_OPENSSL_LIBS}") + set(append_library_dirs "${append_library_dirs};${RTI_OPENSSL_LIBS}") + else() + set(append_library_dirs "${append_library_dirs}:$ENV{RTI_OPENSSL_LIBS}") + endif() + + else() + # TODO(mikaelarguedas) Move this outside the 'if not connext' block once Connext supports OpenSSL 1.1.1 + if(APPLE) + # connext need the openssl libraries to be on the DYLD_LIBRARY_PATH at runtime + # as SIP strips these variables on recent MacOS we populate them here + # see https://github.com/ros2/ros2/issues/409 + execute_process( + COMMAND "brew" "--prefix" "openssl" + RESULT_VARIABLE _retcode + OUTPUT_VARIABLE _out_var + ERROR_VARIABLE _error_var + ) + if(NOT _retcode EQUAL 0) + message(FATAL_ERROR "command 'brew --prefix openssl' failed with error code '${_retcode}' and error message '${_error_var}'") + endif() + string(STRIP "${_out_var}" _out_var) + set(openssl_lib_path "${_out_var}/lib") + file(TO_NATIVE_PATH "${openssl_lib_path}" openssl_lib_path) + set(append_library_dirs "${append_library_dirs};${openssl_lib_path}") + endif() endif() if(NOT WIN32) @@ -292,29 +319,6 @@ if(BUILD_TESTING) set(append_library_dirs "${CMAKE_CURRENT_BINARY_DIR}") if(WIN32) set(append_library_dirs "${append_library_dirs}/$") - string(REPLACE "\\" "\\\\" RTI_OPENSSL_LIBS "$ENV{RTI_OPENSSL_LIBS}") - set(append_library_dirs "${append_library_dirs};${RTI_OPENSSL_LIBS}") - # TODO(mikaelarguedas) uncomment this once Connext supports OpenSSL 1.1.1 - # in the meantime use RTI_OPENSSL_LIBS - # elseif(APPLE) - # # connext need the openssl libraries to be on the DYLD_LIBRARY_PATH at runtime - # # as SIP strips these variables on recent MacOS we populate them here - # # see https://github.com/ros2/ros2/issues/409 - # execute_process( - # COMMAND "brew" "--prefix" "openssl" - # RESULT_VARIABLE _retcode - # OUTPUT_VARIABLE _out_var - # ERROR_VARIABLE _error_var - # ) - # if(NOT _retcode EQUAL 0) - # message(FATAL_ERROR "command 'brew --prefix openssl' failed with error code '${_retcode}' and error message '${_error_var}'") - # endif() - # string(STRIP "${_out_var}" _out_var) - # set(openssl_lib_path "${_out_var}/lib") - # file(TO_NATIVE_PATH "${openssl_lib_path}" openssl_lib_path) - # set(append_library_dirs "${append_library_dirs};${openssl_lib_path}") - else() - set(append_library_dirs "${append_library_dirs}:$ENV{RTI_OPENSSL_LIBS}") endif() # finding gtest once in the highest scope From 4d72c71a2b42e789370280f33958bb9ae9e0baaa Mon Sep 17 00:00:00 2001 From: Mikael Arguedas Date: Sun, 28 Jun 2020 00:48:11 +0200 Subject: [PATCH 2/2] set append_library_dir inside the macro to avoid accumulating values over macro calls Signed-off-by: Mikael Arguedas --- test_security/CMakeLists.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/test_security/CMakeLists.txt b/test_security/CMakeLists.txt index da614b67..8a552781 100644 --- a/test_security/CMakeLists.txt +++ b/test_security/CMakeLists.txt @@ -256,6 +256,11 @@ if(BUILD_TESTING) set(ENV_PATH "$ENV{PATH}") file(TO_CMAKE_PATH "${ENV_PATH}" ENV_PATH) set(TEST_PATH "${ENV_PATH}") + set(append_library_dirs "${CMAKE_CURRENT_BINARY_DIR}") + if(WIN32) + set(append_library_dirs "${append_library_dirs}/$") + endif() + if(rmw_implementation STREQUAL "rmw_connext_cpp") # Connext 5.3.1 needs RTI's OpenSSL binaries (based on EOL 1.0.2) to be # on the PATH at runtime as the system version of OpenSSL is not supported @@ -316,11 +321,6 @@ if(BUILD_TESTING) custom_executable(test_secure_subscriber_cpp "test/test_secure_subscriber.cpp") - set(append_library_dirs "${CMAKE_CURRENT_BINARY_DIR}") - if(WIN32) - set(append_library_dirs "${append_library_dirs}/$") - endif() - # finding gtest once in the highest scope # prevents finding it repeatedly in each local scope ament_find_gtest()