Remove dependency on apr by using c++11 / c++14 features

Motivation:

We had some limited use of apr left in our tcnative fork which complicated the deployment. This apr usages can be replaced by using c++.

Modification:

Remove the dependency on apr by using c++11 / c++14 features

Result:

No apr dependeny

.github/workflows/codeql-analysis.yml

@@ -64,7 +64,7 @@ jobs:
     #    uses a compiled language
 
     - name: Install tools / libraries 
-      run: sudo apt-get update && sudo apt-get -y install autoconf automake libtool libtool-bin make tar libapr1-dev libssl-dev cmake perl ninja-build
+      run: sudo apt-get update && sudo apt-get -y install autoconf automake libtool libtool-bin make tar libssl-dev cmake perl ninja-build
 
     - name: Build project
       run: ./mvnw clean package -pl openssl-dynamic -DskipTests=true

Brewfile

@@ -6,4 +6,3 @@ brew 'perl'
 brew 'ninja'
 brew 'golang'
 brew 'cmake'
-brew 'apr'

boringssl-static/pom.xml

@@ -27,7 +27,7 @@
   <name>Netty/TomcatNative [BoringSSL - Static]</name>
   <description>
     A Mavenized fork of Tomcat Native which incorporates various patches. This artifact is statically linked
-    to BoringSSL and Apache APR.
+    to BoringSSL.
   </description>
 
   <build>
@@ -130,7 +130,6 @@
             <artifactId>maven-bundle-plugin</artifactId>
             <configuration>
               <instructions>
-                <Apr-Version>${aprVersion}</Apr-Version>
                 <BoringSSL-Revision>${boringsslCommitSha}</BoringSSL-Revision>
                 <BoringSSL-Branch>${boringsslBranch}</BoringSSL-Branch>
               </instructions>
@@ -320,7 +319,7 @@
             </executions>
           </plugin>
 
-          <!-- Configure the distribution statically linked against OpenSSL and APR -->
+          <!-- Configure the distribution statically linked against OpenSSL -->
           <plugin>
             <groupId>org.fusesource.hawtjni</groupId>
             <artifactId>maven-hawtjni-plugin</artifactId>
@@ -343,7 +342,6 @@
                   <!-- <verbose>true</verbose> -->
                   <configureArgs>
                     <configureArg>--with-ssl=no</configureArg>
-                    <configureArg>--with-apr=${aprHome}</configureArg>
                     <configureArg>--with-static-libs</configureArg>
                     <configureArg>--libdir=${project.build.directory}/native-build/target/lib</configureArg>
                     <configureArg>${macOsxDeploymentTarget}</configureArg>
@@ -421,10 +419,6 @@
                       </files>
                       <content>release 7.6</content>
                     </requireFilesContent>
-                    <requireProperty>
-                      <property>aprArmHome</property>
-                      <message>The folder of APR for aarch64 must be specified by hand. Please try -DaprArmHome=</message>
-                    </requireProperty>
                   </rules>
                   <ignoreCache>true</ignoreCache>
                 </configuration>
@@ -477,7 +471,6 @@
             <artifactId>maven-bundle-plugin</artifactId>
             <configuration>
               <instructions>
-                <Apr-Version>${aprVersion}</Apr-Version>
                 <BoringSSL-Revision>${boringsslCommitSha}</BoringSSL-Revision>
                 <BoringSSL-Branch>${boringsslBranch}</BoringSSL-Branch>
               </instructions>
@@ -655,7 +648,7 @@
             </executions>
           </plugin>
 
-          <!-- Configure the distribution statically linked against OpenSSL and APR -->
+          <!-- Configure the distribution statically linked against OpenSSL -->
           <plugin>
             <groupId>org.fusesource.hawtjni</groupId>
             <artifactId>maven-hawtjni-plugin</artifactId>
@@ -678,14 +671,14 @@
                   <!-- <verbose>true</verbose> -->
                   <configureArgs>
                     <configureArg>--with-ssl=no</configureArg>
-                    <configureArg>--with-apr=${aprArmHome}</configureArg>
                     <configureArg>--with-static-libs</configureArg>
                     <configureArg>--libdir=${project.build.directory}/native-build/target/lib</configureArg>
                     <configureArg>CFLAGS=-O3 -Werror -fno-omit-frame-pointer -fvisibility=hidden -Wunused -Wno-unused-value</configureArg>
                     <configureArg>CPPFLAGS=-DHAVE_OPENSSL -I${boringsslSourceDir}/include</configureArg>
                     <configureArg>LDFLAGS=-L${boringsslHome}/ssl -L${boringsslHome}/crypto -lssl -lcrypto</configureArg>
                     <configureArg>--host=aarch64-linux-gnu</configureArg>
                     <configureArg>CC=aarch64-none-linux-gnu-gcc</configureArg>
+                    <configureArg>CXX=aarch64-none-linux-gnu-g++</configureArg>
                   </configureArgs>
                 </configuration>
               </execution>
@@ -939,7 +932,6 @@
             <artifactId>maven-bundle-plugin</artifactId>
             <configuration>
               <instructions>
-                <Apr-Version>${aprVersion}</Apr-Version>
                 <BoringSSL-Revision>${boringsslCommitSha}</BoringSSL-Revision>
                 <BoringSSL-Branch>${boringsslBranch}</BoringSSL-Branch>
               </instructions>
@@ -1075,7 +1067,7 @@
             </executions>
           </plugin>
 
-          <!-- Configure the distribution statically linked against OpenSSL and APR -->
+          <!-- Configure the distribution statically linked against OpenSSL -->
           <plugin>
             <groupId>org.fusesource.hawtjni</groupId>
             <artifactId>maven-hawtjni-plugin</artifactId>
@@ -1097,7 +1089,6 @@
                   <!-- <verbose>true</verbose> -->
                   <configureArgs>
                     <configureArg>--with-ssl=no</configureArg>
-                    <configureArg>--with-apr=${aprHome}</configureArg>
                     <configureArg>--with-static-libs</configureArg>
                     <configureArg>--libdir=${project.build.directory}/native-build/target/lib</configureArg>
                     <configureArg>--host=aarch64-apple-darwin</configureArg>
@@ -1187,7 +1178,6 @@
             <artifactId>maven-bundle-plugin</artifactId>
             <configuration>
               <instructions>
-                <Apr-Version>${aprVersion}</Apr-Version>
                 <BoringSSL-Revision>${boringsslCommitSha}</BoringSSL-Revision>
                 <BoringSSL-Branch>${boringsslBranch}</BoringSSL-Branch>
               </instructions>
@@ -1323,7 +1313,7 @@
             </executions>
           </plugin>
 
-          <!-- Configure the distribution statically linked against OpenSSL and APR -->
+          <!-- Configure the distribution statically linked against OpenSSL -->
           <plugin>
             <groupId>org.fusesource.hawtjni</groupId>
             <artifactId>maven-hawtjni-plugin</artifactId>
@@ -1345,7 +1335,6 @@
                   <!-- <verbose>true</verbose> -->
                   <configureArgs>
                     <configureArg>--with-ssl=no</configureArg>
-                    <configureArg>--with-apr=${aprHome}</configureArg>
                     <configureArg>--with-static-libs</configureArg>
                     <configureArg>--libdir=${project.build.directory}/native-build/target/lib</configureArg>
                     <configureArg>--host=x86_64-apple-darwin</configureArg>

docker/Dockerfile.arch

@@ -6,7 +6,6 @@ ENV JAVA_VERSION $java_version
 # install dependencies
 # use openSSL 1.0.x for now, for highest compatibility
 RUN pacman -Sy --noconfirm --needed \
- apr \
  autoconf \
  automake \
  bzip2 \

docker/Dockerfile.centos6

@@ -11,14 +11,12 @@ RUN sed -i -e 's/^mirrorlist/#mirrorlist/g' -e 's/^#baseurl=http:\/\/mirror.cent
 
 # install dependencies
 RUN yum install -y \
- apr-devel \
  autoconf \
  automake \
  bzip2 \
  git \
  glibc-devel \
  gnupg \
- libapr1-dev \
  libtool \
  lsb-core \
  make \

docker/Dockerfile.cross_compile_aarch64

@@ -2,11 +2,9 @@ FROM centos:7.6.1810
 
 ARG gcc_version=10.2-2020.11
 ARG openssl_version=1_1_1d
-ARG apr_version=1.6.5
 ENV SOURCE_DIR /root/source
 ENV GCC_VERSION $gcc_version
 ENV OPENSSL_VERSION $openssl_version
-ENV APR_VERSION $apr_version
 
 # We want to have git 2.x for the maven scm plugin and also for boringssl
 RUN yum install -y http://opensource.wandisco.com/centos/6/git/x86_64/wandisco-git-release-6-1.noarch.rpm
@@ -29,32 +27,6 @@ ENV PATH="/gcc-arm-$GCC_VERSION-x86_64-aarch64-none-linux-gnu/bin:${PATH}"
 # Install CMake
 RUN yum install -y cmake3 && ln -s /usr/bin/cmake3 /usr/bin/cmake
 
-# Cross compile Apache Apr for aarch64 - static
-RUN set -x && \
-  wget https://downloads.apache.org//apr/apr-$APR_VERSION.tar.gz && \
-  tar xvf apr-$APR_VERSION.tar.gz && \
-  pushd apr-$APR_VERSION && \
-  CC=aarch64-none-linux-gnu-gcc CFLAGS='-O3 -fno-omit-frame-pointer -fPIC' ./configure --disable-shared --prefix=/opt/apr-$APR_VERSION-static --host=aarch64-none-linux-gnu ac_cv_file__dev_zero=yes ac_cv_func_setpgrp_void=yes apr_cv_tcp_nodelay_with_cork=yes ac_cv_sizeof_struct_iovec=8 && \
-  make || true && \
-  pushd tools && \
-  gcc -Wall -O2 -DCROSS_COMPILE gen_test_char.c -s -o gen_test_char && \
-  popd && \
-  make && make install && \
-  popd
-
-# Cross compile Apache Apr for aarch64 - share
-RUN set -x && \
-  wget https://downloads.apache.org//apr/apr-$APR_VERSION.tar.gz && \
-  tar xvf apr-$APR_VERSION.tar.gz && \
-  pushd apr-$APR_VERSION && \
-  CC=aarch64-none-linux-gnu-gcc CFLAGS='-O3 -fno-omit-frame-pointer -fPIC' ./configure --prefix=/opt/apr-$APR_VERSION-share --host=aarch64-none-linux-gnu ac_cv_file__dev_zero=yes ac_cv_func_setpgrp_void=yes apr_cv_tcp_nodelay_with_cork=yes ac_cv_sizeof_struct_iovec=8 && \
-  make || true && \
-  pushd tools && \
-  gcc -Wall -O2 -DCROSS_COMPILE gen_test_char.c -s -o gen_test_char && \
-  popd && \
-  make && make install && \
-  popd
-
 # Cross compile OpenSSL for aarch64 - share
 RUN set -x && \
   wget https://github.com/openssl/openssl/archive/OpenSSL_$OPENSSL_VERSION.tar.gz && \

docker/Dockerfile.debian

@@ -24,7 +24,6 @@ RUN echo "deb http://archive.debian.org/debian/ wheezy contrib main non-free" >
  git \
  gnupg \
  g++ \
- libapr1-dev \
  libssl1.0.0=1.0.1e-2+deb7u20 \
  libssl-dev \
  libtool \

docker/Dockerfile.opensuse

@@ -9,7 +9,6 @@ ENV JAVA_VERSION $java_version
 # install dependencies
 # use openSSL 1.0.x for now, for highest compatibility
 RUN zypper install --force-resolution --no-recommends --no-confirm \
- apr-devel \
  autoconf \
  automake \
  bzip2 \

docker/docker-compose.centos-7.yaml

@@ -9,7 +9,6 @@ services:
       dockerfile: docker/Dockerfile.cross_compile_aarch64
       args:
         gcc_version: "10.2-2020.11"
-        apr_version: "1.7.0"
         openssl_version: "1_1_1k"
 
   cross-compile-aarch64-common: &cross-compile-aarch64-common
@@ -40,7 +39,7 @@ services:
 
   cross-compile-aarch64-build:
     <<: *cross-compile-aarch64-common
-    command: /bin/bash -cl "mvn clean package -Plinux-aarch64 -am -pl openssl-dynamic -DaprArmHome=/opt/apr-$$APR_VERSION-share -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share -DskipTests && mvn clean package -Plinux-aarch64 -am -pl boringssl-static -DaprArmHome=/opt/apr-$$APR_VERSION-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl -DskipTests"
+    command: /bin/bash -cl "mvn clean package -Plinux-aarch64 -am -pl openssl-dynamic -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share -DskipTests && mvn clean package -Plinux-aarch64 -am -pl boringssl-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl -DskipTests"
 
   cross-compile-aarch64-deploy:
     <<: *cross-compile-aarch64-common
@@ -50,7 +49,7 @@ services:
       - ~/.m2/repository:/root/.m2/repository
       - ~/.m2/settings.xml:/root/.m2/settings.xml
       - ..:/code
-    command: /bin/bash -cl "mvn clean deploy -Plinux-aarch64 -am -pl openssl-dynamic -DaprArmHome=/opt/apr-$$APR_VERSION-share -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share -DskipTests && mvn clean deploy -Plinux-aarch64 -am -pl boringssl-static -DaprArmHome=/opt/apr-$$APR_VERSION-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl -DskipTests"
+    command: /bin/bash -cl "mvn clean deploy -Plinux-aarch64 -am -pl openssl-dynamic -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share -DskipTests && mvn clean deploy -Plinux-aarch64 -am -pl boringssl-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl -DskipTests"
 
   cross-compile-aarch64-stage-snapshot:
     <<: *cross-compile-aarch64-common
@@ -60,7 +59,7 @@ services:
       - ~/.m2/repository:/root/.m2/repository
       - ~/local-staging:/root/local-staging
       - ..:/code
-    command: /bin/bash -cl "mvn -Plinux-aarch64 -am -pl openssl-dynamic -DaprArmHome=/opt/apr-$$APR_VERSION-share -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share clean package org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true && mvn -Plinux-aarch64 -am -pl boringssl-static -DaprArmHome=/opt/apr-$$APR_VERSION-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl clean package org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true"
+    command: /bin/bash -cl "mvn -Plinux-aarch64 -am -pl openssl-dynamic -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share clean package org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true && mvn -Plinux-aarch64 -am -pl boringssl-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl clean package org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true"
 
   cross-compile-aarch64-stage-release:
     <<: *cross-compile-aarch64-common
@@ -70,4 +69,4 @@ services:
       - ~/.m2/settings.xml:/root/.m2/settings.xml
       - ~/local-staging:/root/local-staging
       - ..:/code
-    command: /bin/bash -cl "cat <(echo -e \"${GPG_PRIVATE_KEY}\") | gpg --batch --import && mvn -Plinux-aarch64 -am -pl openssl-dynamic -DaprArmHome=/opt/apr-$$APR_VERSION-share -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share clean javadoc:jar package gpg:sign org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true -Dgpg.passphrase=${GPG_PASSPHRASE} -Dgpg.keyname=${GPG_KEYNAME} && mvn -Plinux-aarch64 -am -pl boringssl-static -DaprArmHome=/opt/apr-$$APR_VERSION-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl clean javadoc:jar package gpg:sign org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true -Dgpg.passphrase=${GPG_PASSPHRASE} -Dgpg.keyname=${GPG_KEYNAME}"
+    command: /bin/bash -cl "cat <(echo -e \"${GPG_PRIVATE_KEY}\") | gpg --batch --import && mvn -Plinux-aarch64 -am -pl openssl-dynamic -DopensslArmHome=/opt/openssl-$$OPENSSL_VERSION-share clean javadoc:jar package gpg:sign org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true -Dgpg.passphrase=${GPG_PASSPHRASE} -Dgpg.keyname=${GPG_KEYNAME} && mvn -Plinux-aarch64 -am -pl boringssl-static -DboringsslSourceDir=/root/workspace/boringssl-source -DboringsslHome=/root/workspace/boringssl clean javadoc:jar package gpg:sign org.sonatype.plugins:nexus-staging-maven-plugin:deploy -DnexusUrl=https://oss.sonatype.org -DserverId=sonatype-nexus-staging -DaltStagingDirectory=/root/local-staging -DskipRemoteStaging=true -DskipTests=true -Dgpg.passphrase=${GPG_PASSPHRASE} -Dgpg.keyname=${GPG_KEYNAME}"

libressl-static/pom.xml

@@ -27,7 +27,7 @@
   <name>Netty/TomcatNative [LibreSSL - Static]</name>
   <description>
     A Mavenized fork of Tomcat Native which incorporates various patches. This artifact is statically linked
-    to LibreSSL and Apache APR.
+    to LibreSSL.
   </description>
 
   <properties>
@@ -61,14 +61,12 @@
     </pluginManagement>
 
     <plugins>
-
       <!-- Add the LibreSSL version to the manifest. -->
       <plugin>
         <groupId>org.apache.felix</groupId>
         <artifactId>maven-bundle-plugin</artifactId>
         <configuration>
           <instructions>
-            <Apr-Version>${aprVersion}</Apr-Version>
             <LibreSSL-Version>${libresslVersion}</LibreSSL-Version>
           </instructions>
         </configuration>
@@ -161,7 +159,7 @@
         </executions>
       </plugin>
 
-      <!-- Configure the distribution statically linked against OpenSSL and APR -->
+      <!-- Configure the distribution statically linked against OpenSSL -->
       <plugin>
         <groupId>org.fusesource.hawtjni</groupId>
         <artifactId>maven-hawtjni-plugin</artifactId>
@@ -183,7 +181,6 @@
               <windowsBuildTool>msbuild</windowsBuildTool>
               <configureArgs>
                 <configureArg>--with-ssl=no</configureArg>
-                <configureArg>--with-apr=${aprHome}</configureArg>
                 <configureArg>--with-static-libs</configureArg>
                 <configureArg>--libdir=${project.build.directory}/native-build/target/lib</configureArg>
                 <configureArg>${macOsxDeploymentTarget}</configureArg>

openssl-classes/pom.xml

@@ -27,7 +27,7 @@
   <name>Netty/TomcatNative [OpenSSL - Classes]</name>
   <description>
     A Mavenized fork of Tomcat Native which incorporates various patches. This artifact is dynamically linked
-    to OpenSSL and Apache APR.
+    to OpenSSL.
   </description>
 
   <properties>

openssl-classes/src/main/java/io/netty/internal/tcnative/Library.java

@@ -154,17 +154,6 @@ private static String calculatePackagePrefix() {
         return maybeShaded.substring(0, maybeShaded.length() - expected.length());
     }
 
-    /* create global TCN's APR pool
-     * This has to be the first call to TCN library.
-     */
-    private static native boolean initialize0();
-
-    private static native boolean aprHasThreads();
-
-    private static native int aprMajorVersion();
-
-    /* APR_VERSION_STRING */
-    private static native String aprVersionString();
 
     /**
      * Calls {@link #initialize(String, String)} with {@code "provided"} and {@code null}.
@@ -187,16 +176,8 @@ public static boolean initialize() throws Exception {
     public static boolean initialize(String libraryName, String engine) throws Exception {
         if (_instance == null) {
             _instance = libraryName == null ? new Library() : new Library(libraryName);
-
-            if (aprMajorVersion() < 1) {
-                throw new UnsatisfiedLinkError("Unsupported APR Version (" +
-                                               aprVersionString() + ")");
-            }
-
-            if (!aprHasThreads()) {
-                throw new UnsatisfiedLinkError("Missing APR_HAS_THREADS");
-            }
         }
-        return initialize0() && SSL.initialize(engine) == 0;
+        SSL.initialize(engine);
+        return true;
     }
 }

openssl-classes/src/main/java/io/netty/internal/tcnative/SSL.java

@@ -138,9 +138,8 @@ private SSL() { }
      *
      * @param engine Support for external a Crypto Device ("engine"),
      *                usually a hardware accelerator card for crypto operations.
-     * @return APR status code
      */
-    static native int initialize(String engine);
+    static native void initialize(String engine);
 
     /**
      * Initialize new in-memory BIO that is located in the secure heap.

openssl-classes/src/main/java/io/netty/internal/tcnative/SSLContext.java

@@ -68,7 +68,7 @@ public static native long make(int protocol, int mode)
     /**
      * Free the resources used by the Context
      * @param ctx Server or Client context to free.
-     * @return APR Status code.
+     * @return {@code 0} on success.
      */
     public static native int free(long ctx);