Bug #30921806 ENABLE CUSTOM KERBEROS FOR STANDALONE LINUX BUILDS

WL#13759 MySQL 8.0: Support linking with 3rd party OpenLDAP and Cyrus SASL added support for custom LDAP and SASL libraries for standalone linux builds. This patch adds support for custom KERBEROS as well. Pushbuild will now build LDAP/SASL/KERBEROS/SSL as one "package" and invoke cmake with -DWITH_LDAP=</path/to/ldap> -DWITH_SASL=</path/to/sasl> -DWITH_KERBEROS=<path/to/kerberos> -DWITH_SSL=<path/to/ssl> These builds depend on each other, so that the SASL build will use the KERBEROS and SSL builds, the LDAP build will use the SASL and SSL builds. The result is a set of headers and shared libraries which consistently use OpenSSL 1.1.1 We also need to support building *without* KERBEROS, i.e. LDAP/SASL/SSL where libsasl2.so does not depend on libkrb5 and the SASL kerberos plugins are missing. Change-Id: I4078c67cd41ce15842bbf139babe386d6d0e9e2d (cherry picked from commit 9c3f7e6d28fdf4cb29e3b0eedc8ecbf5671434a2)
zwang28 · Mar 5, 2020 · 450c1e6 · 450c1e6
1 parent 53d4254
commit 450c1e6
Show file tree

Hide file tree

Showing 15 changed files with 331 additions and 119 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -571,7 +571,7 @@ IF(NOT DEFINED WITH_INTERNAL)
 ENDIF()
 
 # On windows we need a non-standard package for SASL.
-IF(WITH_INTERNAL AND NOT WIN32)
+IF(WITH_INTERNAL AND (NOT WIN32 OR WITH_SASL))
   SET(WITH_AUTHENTICATION_LDAP_DEFAULT ON)
 ELSE()
   SET(WITH_AUTHENTICATION_LDAP_DEFAULT OFF)
@@ -1241,12 +1241,29 @@ IF(LINUX)
   SET(KNOWN_CUSTOM_LIBRARIES "" CACHE INTERNAL "" FORCE)
 ENDIF()
 
+# If all custom packages are in the same directory:
+IF(WITH_CUSTOM_LIBRARIES)
+  FILE(GLOB WITH_SSL      "${WITH_CUSTOM_LIBRARIES}/openssl*")
+  FILE(GLOB WITH_KERBEROS "${WITH_CUSTOM_LIBRARIES}/krb5*")
+  FILE(GLOB WITH_SASL     "${WITH_CUSTOM_LIBRARIES}/cyrus-sasl*")
+  FILE(GLOB WITH_LDAP     "${WITH_CUSTOM_LIBRARIES}/openldap*")
+  FOREACH(WITH_OPT WITH_SSL WITH_KERBEROS WITH_SASL WITH_LDAP)
+    IF(IS_DIRECTORY ${${WITH_OPT}})
+      SET(${WITH_OPT} ${${WITH_OPT}} CACHE INTERNAL "" FORCE)
+      MESSAGE(STATUS "${WITH_OPT} ${${WITH_SSL}}")
+    ELSE()
+      MESSAGE(WARNING "${WITH_OPT} not found") # This should be FATAL_ERROR
+    ENDIF()
+  ENDFOREACH()
+ENDIF()
+
 # Add system/custom openssl.
 MYSQL_CHECK_SSL()
 MYSQL_CHECK_SSL_DLLS()
 
-# Add Kerberos library (custom DLLS not yet supported)
+# Add Kerberos library
 MYSQL_CHECK_KERBEROS()
+MYSQL_CHECK_KERBEROS_DLLS()
 
 # Add SASL library
 MYSQL_CHECK_SASL()
@@ -1279,12 +1296,13 @@ ENDIF()
 
 IF(WITH_AUTHENTICATION_LDAP)
   IF(LINUX AND KNOWN_CUSTOM_LIBRARIES)
-    # LDAP / SASL / SSL must all be "system" or "custom", not a mix.
+    # LDAP / SASL / KERBEROS / SSL must all be "system" or "custom", not a mix.
     IF(WITH_LDAP STREQUAL "system" OR
         WITH_SASL STREQUAL "system" OR
+#       WITH_KERBEROS STREQUAL "system" OR # enable this later
         WITH_SSL STREQUAL "system")
       MESSAGE(WARNING "-DWITH_AUTHENTICATION_LDAP=ON")
-      MESSAGE(FATAL_ERROR "Inconsistent options for LDAP/SASL/SSL")
+      MESSAGE(FATAL_ERROR "Inconsistent options for LDAP/SASL/KERBEROS/SSL")
     ENDIF()
   ELSEIF(WIN32)
     # system LDAP, but SASL needs to be explicitly added
@@ -1297,12 +1315,14 @@ IF(WITH_AUTHENTICATION_LDAP)
   ELSEIF(SOLARIS)
     # 11.3 has system LDAP and SASL, but there is no scram plugin.
   ELSE()
-    # We must have "system" LDAP and SASL (SSL is always required)
+    # We must have "system" LDAP, KERBEROS and SASL (SSL is always required)
     SET(LDAP_WARN_GIVEN)
     SET(SASL_WARN_GIVEN)
+    SET(KERBEROS_WARN_GIVEN)
     WARN_MISSING_SYSTEM_LDAP(LDAP_WARN_GIVEN)
     WARN_MISSING_SYSTEM_SASL(SASL_WARN_GIVEN)
-    IF(LDAP_WARN_GIVEN OR SASL_WARN_GIVEN)
+    WARN_MISSING_SYSTEM_KERBEROS(KERBEROS_WARN_GIVEN)
+    IF(LDAP_WARN_GIVEN OR SASL_WARN_GIVEN OR KERBEROS_WARN_GIVEN)
       # SUSE linux: may or may not have SCRAM, do not break the build.
       IF(LINUX_SUSE)
         MESSAGE(WARNING

diff --git a/cmake/install_macros.cmake b/cmake/install_macros.cmake
@@ -388,8 +388,8 @@ FUNCTION(SET_PATH_TO_SSL target target_out_dir)
 ENDFUNCTION()
 
 
-# For standalone Linux build and -DWITH_LDAP -DWITH_SASL -DWITH_SSL
-# set to custom path.
+# For standalone Linux build and -DWITH_LDAP -DWITH_SASL -DWITH_SSL and
+# -DWITH_KERBEROS set to custom path.
 #
 # Move the custom shared library and symlinks to library_output_directory.
 # The subdir argument is typically empty, but set to "sasl2" for SASL plugins,
@@ -427,11 +427,11 @@ FUNCTION(COPY_CUSTOM_SHARED_LIBRARY library_full_filename subdir
   FIND_OBJECT_DEPENDENCIES(${library_full_filename} library_dependencies)
 
   MESSAGE(STATUS "CUSTOM library ${library_full_filename}")
-  MESSAGE(STATUS "CUSTOM version ${library_version}")
-  MESSAGE(STATUS "CUSTOM directory ${library_directory}")
-  MESSAGE(STATUS "CUSTOM name ${library_name}")
-  MESSAGE(STATUS "CUSTOM name_we ${library_name_we}")
-  MESSAGE(STATUS "CUSTOM soname ${library_soname}")
+# MESSAGE(STATUS "CUSTOM version ${library_version}")
+# MESSAGE(STATUS "CUSTOM directory ${library_directory}")
+# MESSAGE(STATUS "CUSTOM name ${library_name}")
+# MESSAGE(STATUS "CUSTOM name_we ${library_name_we}")
+# MESSAGE(STATUS "CUSTOM soname ${library_soname}")
 
   SET(COPIED_LIBRARY_NAME
     "${CMAKE_BINARY_DIR}/library_output_directory/${subdir}/${library_name}")
@@ -471,7 +471,7 @@ FUNCTION(COPY_CUSTOM_SHARED_LIBRARY library_full_filename subdir
 
   ADD_DEPENDENCIES(copy_linux_custom_dlls ${COPY_TARGET_NAME})
 
-  MESSAGE(STATUS "INSTALL ${library_name} to ${INSTALL_PRIV_LIBDIR}")
+  MESSAGE(STATUS "INSTALL ${library_name} to ${INSTALL_PRIV_LIBDIR}/${subdir}")
 
   # Cannot use INSTALL_PRIVATE_LIBRARY because these are not targets.
   INSTALL(FILES