Forum: Building VoltDB Clients

Post: C++ client core in SHA1_Final (voltdb-client-cpp-x86_64-2.5, CentOS 6.3)

C++ client core in SHA1_Final (voltdb-client-cpp-x86_64-2.5, CentOS 6.3)
phealy
Feb 19, 2013
We see this stack:

#0 0x00007f97af8ea80b in SHA1_Final () from [...]/Product/lib/libssl.so
#1 0x00007f9760714fbf in voltdb::ClientImpl::ClientImpl (this=0x7f973401fd50, config=...) at src/ClientImpl.cpp:211
#2 0x00007f976071280e in voltdb::Client::create (config=<value optimized out>) at src/Client.cpp:30
...

From: https://github.com/VoltDB/voltdb-client-cpp/blob/master/src/sha1.c - Eliminate usage of open ssl. (2 years ago).

Workaround is to LD_PRELOAD the voltdbcpp shared library (so that SHA1_Final in libssl.so is not used). Anything better welcome.

There doesn't appear to be much reported on the C++ client at issues.voltdb.com (all fixed) - anyone using it much?

Thanks,

Paul
rbetts
Feb 19, 2013
We see this stack:

#0 0x00007f97af8ea80b in SHA1_Final () from [...]/Product/lib/libssl.so
#1 0x00007f9760714fbf in voltdb::ClientImpl::ClientImpl (this=0x7f973401fd50, config=...) at src/ClientImpl.cpp:211
#2 0x00007f976071280e in voltdb::Client::create (config=<value optimized out>) at src/Client.cpp:30
...

From: https://github.com/VoltDB/voltdb-client-cpp/blob/master/src/sha1.c - Eliminate usage of open ssl. (2 years ago).

Workaround is to LD_PRELOAD the voltdbcpp shared library (so that SHA1_Final in libssl.so is not used). Anything better welcome.

There doesn't appear to be much reported on the C++ client at issues.voltdb.com (all fixed) - anyone using it much?

Paul


Paul,

The C++ driver(s) are used in production - and are also the basis of the PHP client which is one of the more popular VoltDB client drivers. Are you linking the application that uses the CPP driver against openssl? Not sure offhand which part of the driver needs the SHA1_Final symbol and if we can namespace that more defensively. Will follow-up.

Ryan.
phealy
Feb 19, 2013
Hi Ryan,

Yes, we link against openssl - the sha1 calls are there for password hashing, and avoiding collisions would be good:

src/ClientImpl.cpp: SHA1_CTX context;
src/ClientImpl.cpp: SHA1_Init(&context);
src/ClientImpl.cpp: SHA1_Update( &context, reinterpret_cast<const unsigned char*>(config.m_password.data()), config.m_password.size());
src/ClientImpl.cpp: SHA1_Final ( &context, m_passwordHash);


Thanks,

Paul
rbetts
Feb 21, 2013
Hi Ryan,

Yes, we link against openssl - the sha1 calls are there for password hashing, and avoiding collisions would be good:

src/ClientImpl.cpp: SHA1_CTX context;
src/ClientImpl.cpp: SHA1_Init(&context);
src/ClientImpl.cpp: SHA1_Update( &context, reinterpret_cast<const unsigned char*>(config.m_password.data()), config.m_password.size());
src/ClientImpl.cpp: SHA1_Final ( &context, m_passwordHash);


Thanks,

Paul


Looks like the patch for this is present on a separate version of the client - but not merged to the version that owns master.

https://github.com/VoltDB/voltdb-client-cpp/commit/cdc7dc2804c7d9355a51f75ee2b5bf02e14ac0a4

We will make this change universal - sorry for the troubles.

Ryan.
phealy
Feb 21, 2013
Hi Ryan,

Thanks - that looks good here.

Picked/rebuilt with:

$ git cherry-pick cdc7dc2804c7d9355a51f75ee2b5bf02e14ac0a4
Finished one cherry-pick.
[master 74a4cc6] Fix symbol collision on Solaris with SHA1 and libcrypto
Author: Ariel Weisberg <aweisberg@voltdb.com>
3 files changed, 32 insertions(+), 32 deletions(-)
$


Paul
richardortizi
Feb 26, 2013
Thanks - that looks good here.