On Sat, Feb 25, 2023 at 12:43 PM Patrick Schlangen <patrick@xxxxxxxxxxxx> wrote:
>
> Hi,
>
> > Am 24.02.2023 um 16:55 schrieb Patrick Schlangen <patrick@xxxxxxxxxxxx>:
> > I observe that using PHP's libcurl integration and other features which rely on OpenSSL randomly fail when opening a TLS connection. I suspect that librados somehow initializes or uninitializes OpenSSL in a way that interferes with the OpenSSL usage of libcurl / PHP's fsockopen.
>
> some more details: This happens when trying to use OpenSSL after rados_shutdown(). It looks like rados_shutdown() causes TOPNSPC::crypto::shutdown() to be called which tears down OpenSSL and, by doing so, breaks SSL usage in libcurl / PHP afterwards.
>
> This only happens with OpenSSL 1.0 since with 1.1 the init/uninit concept has changed and ceph doesn't do an explicit uninit anymore.
>
> I think it would be good if librados would give an option to avoid OpenSSL teardown at rados_shutdown() to not break other OpenSSL users in the same process.
Hi Patrick,
Isn't OpenSSL 1.0 long out of support? I'm not sure if extending
librados API to support a workaround for something that went EOL over
three years ago is worth it.
Thanks,
Ilya
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
