‘CRYPTO_LOCK’ undeclared when compiling with custom openssl and libcurl

[sathishk-r]

Hi,
I am trying to build aws kinsesis c++ sdk in ubuntu 18.04.6 with custom openssl and libcurl. in my case OPENSSL_API_COMPAT 0x10100000L is explicitly defined in our opensslconf.h file because of this i am getting error while compiling kinesis sdk.

 aws-sdk-cpp-1.9.318/crt/aws-crt-cpp/crt/aws-c-cal/source/unix/openssl_platform_init.c:524:16: error: ‘CRYPTO_LOCK’ undeclared (first use in this function); did you mean ‘CRYPTO_RWLOCK’?
 if (mode & CRYPTO_LOCK)
            ^~~~~~~~~~~
            CRYPTO_RWLOCK

 is there a way to fix this ?

[jmklix]

Can you provide more info on the steps you are taking to build the sdk and how to reproduce this error message that you are seeing with kinesis?

[sathishk-r]

@jmklix
in my case our openssl is a customised version of 1.1.1n and it is built without deprecated api's (i.e openssl library was built with no-deprecated option which disables all the deprecated api's so no CRYPTO_LOCK defined)

cmake ../aws-sdk-cpp-1.9.298/ -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=../build/ -DBUILD_ONLY=kinesis -DBUILD_SHARED_LIBS=OFF -DUSE_OPENSSL=ON -DENABLE_TESTING=OFF -Dcrypto_INCLUDE_DIR="/home/dev/openssl-1.1.1n/include;/home/dev/openssl-1.1.1n/include/linux.2_6.x86_64/" -Dcrypto_STATIC_LIBRARY=/home/dev/openssl-1.1.1n/lib/linux.2_6.x86_64/libcrypto.a

[jmklix]

This is a problem with our dependency (aws-c-cal) trying to use CRYPTO_LOCK. It is only used here in aws-c-cal:

    if (mode & CRYPTO_LOCK) {
        aws_mutex_lock(&s_libcrypto_locks[n]);
    } else {
        aws_mutex_unlock(&s_libcrypto_locks[n]);
    } 

It might be possible to try to use CRYPTO_LOCK only if it is defined. If you are still wanting to get this working with your custom openssl/libcurl I would suggest opening an issue on that repo and/or try making your own PR. You can see an example of #if !defined used a few lines above the one use of CRYPTO_LOCK

[DmitriyMusatkin]

why is your custom version of 1.1.1n reporting 0x10100000L as version (which is 1.1.0)?

current c-cal logic is to use CRYPTO_LOCK for openssl versions below 1.1.1 where it should be defined and is required for operations we use.

So im not sure if def checking is a good thing here. aws-c-cal relies on version number to be accurate and if its not, all the guarantees are out the window