Fix static build SSL (#15842)

collectors/freeipmi.plugin/freeipmi_plugin.c

@@ -1450,6 +1450,9 @@ int main (int argc, char **argv) {
     error_log_errors_per_period = 100;
     error_log_throttle_period = 3600;
 
+    // initialize the threads
+    netdata_threads_init_for_external_plugins(0); // set the default threads stack size here
+
     // ------------------------------------------------------------------------
     // parse command line parameters
 

collectors/systemd-journal.plugin/systemd-journal.c

@@ -546,6 +546,9 @@ int main(int argc __maybe_unused, char **argv __maybe_unused) {
     error_log_errors_per_period = 100;
     error_log_throttle_period = 3600;
 
+    // initialize the threads
+    netdata_threads_init_for_external_plugins(0); // set the default threads stack size here
+
     uids = dictionary_create(0);
     gids = dictionary_create(0);
 

libnetdata/threads/threads.c

@@ -123,10 +123,12 @@ size_t netdata_threads_init(void) {
     // --------------------------------------------------------------------
     // get the required stack size of the threads of netdata
 
-    netdata_threads_attr = callocz(1, sizeof(pthread_attr_t));
-    i = pthread_attr_init(netdata_threads_attr);
-    if(i != 0)
-        fatal("pthread_attr_init() failed with code %d.", i);
+    if(!netdata_threads_attr) {
+        netdata_threads_attr = callocz(1, sizeof(pthread_attr_t));
+        i = pthread_attr_init(netdata_threads_attr);
+        if (i != 0)
+            fatal("pthread_attr_init() failed with code %d.", i);
+    }
 
     size_t stacksize = 0;
     i = pthread_attr_getstacksize(netdata_threads_attr, &stacksize);
@@ -158,6 +160,17 @@ void netdata_threads_init_after_fork(size_t stacksize) {
         netdata_log_error("Invalid pthread stacksize %zu", stacksize);
 }
 
+// ----------------------------------------------------------------------------
+// threads init for external plugins
+
+void netdata_threads_init_for_external_plugins(size_t stacksize) {
+    size_t default_stacksize = netdata_threads_init();
+    if(default_stacksize < 1 * 1024 * 1024)
+        default_stacksize = 1 * 1024 * 1024;
+
+    netdata_threads_init_after_fork(stacksize ? stacksize : default_stacksize);
+}
+
 // ----------------------------------------------------------------------------
 // netdata_thread_create
 

libnetdata/threads/threads.h

@@ -59,6 +59,7 @@ int netdata_thread_tag_exists(void);
 
 size_t netdata_threads_init(void);
 void netdata_threads_init_after_fork(size_t stacksize);
+void netdata_threads_init_for_external_plugins(size_t stacksize);
 
 int netdata_thread_create(netdata_thread_t *thread, const char *tag, NETDATA_THREAD_OPTIONS options, void *(*start_routine) (void *), void *arg);
 

packaging/docker/Dockerfile

@@ -28,7 +28,7 @@ WORKDIR /opt/netdata.git
 RUN chmod +x netdata-installer.sh && \
    cp -rp /deps/* /usr/local/ && \
    /bin/echo -e "INSTALL_TYPE='oci'\nPREBUILT_ARCH='$(uname -m)'" > ./system/.install-type && \
-   CFLAGS="$(packaging/docker/gen-cflags.sh)" LDFLAGS="-Wl,--gc-sections" ./netdata-installer.sh --dont-wait --dont-start-it --use-system-protobuf \
+   CFLAGS="$(packaging/docker/gen-cflags.sh)" LDFLAGS="-Wl,--gc-sections -Wl,-z,stack-size=8388608" ./netdata-installer.sh --dont-wait --dont-start-it --use-system-protobuf \
    ${EXTRA_INSTALL_OPTS} --one-time-build --enable-lto "$([ "$RELEASE_CHANNEL" = stable ] && echo --stable-channel)"
 
 # files to one directory

packaging/makeself/curl.version

@@ -0,0 +1 @@
+curl-8_2_1

packaging/makeself/jobs/20-openssl.install.sh

@@ -36,7 +36,8 @@ fi
 cd "${NETDATA_MAKESELF_PATH}/tmp/openssl" || exit 1
 
 if [ "${CACHE_HIT:-0}" -eq 0 ]; then
-    run ./config -static no-tests --prefix=/openssl-static --openssldir=/opt/netdata/etc/ssl
+    sed -i "s/disable('static', 'pic', 'threads');/disable('static', 'pic');/" Configure
+    run ./config -static threads no-tests --prefix=/openssl-static --openssldir=/opt/netdata/etc/ssl
     run make -j "$(nproc)"
 fi
 
@@ -44,5 +45,7 @@ run make -j "$(nproc)" install_sw
 
 store_cache openssl "${NETDATA_MAKESELF_PATH}/tmp/openssl"
 
+perl configdata.pm --dump
+
 # shellcheck disable=SC2015
 [ "${GITHUB_ACTIONS}" = "true" ] && echo "::endgroup::" || true

packaging/makeself/jobs/50-bash-5.1.16.install.sh

@@ -13,7 +13,7 @@ fetch "bash-${version}" "http://ftp.gnu.org/gnu/bash/bash-${version}.tar.gz" \
     5bac17218d3911834520dad13cd1f85ab944e1c09ae1aba55906be1f8192f558 bash
 
 export CFLAGS="-pipe"
-export PKG_CONFIG_PATH="/openssl-static/lib/pkgconfig"
+export PKG_CONFIG_PATH="/openssl-static/lib64/pkgconfig"
 
 if [ "${CACHE_HIT:-0}" -eq 0 ]; then
     run ./configure \

packaging/makeself/jobs/50-curl-7.87.0.install.sh → packaging/makeself/jobs/50-curl.install.sh

@@ -4,18 +4,33 @@
 # shellcheck source=packaging/makeself/functions.sh
 . "$(dirname "${0}")/../functions.sh" "${@}" || exit 1
 
-version="7.87.0"
+version="$(cat "$(dirname "${0}")/../curl.version")"
 
 # shellcheck disable=SC2015
 [ "${GITHUB_ACTIONS}" = "true" ] && echo "::group::Building cURL" || true
 
-fetch "curl-${version}" "https://curl.haxx.se/download/curl-${version}.tar.gz" \
-    8a063d664d1c23d35526b87a2bf15514962ffdd8ef7fd40519191b3c23e39548 curl
+if [ -d "${NETDATA_MAKESELF_PATH}/tmp/curl" ]; then
+  rm -rf "${NETDATA_MAKESELF_PATH}/tmp/curl"
+fi
+
+cache="${NETDATA_SOURCE_PATH}/artifacts/cache/${BUILDARCH}/curl"
+
+if [ -d "${cache}" ]; then
+  echo "Found cached copy of build directory for curl, using it."
+  cp -a "${cache}/curl" "${NETDATA_MAKESELF_PATH}/tmp/"
+  CACHE_HIT=1
+else
+  echo "No cached copy of build directory for curl found, fetching sources instead."
+  run git clone --branch "${version}" --single-branch --depth 1 'https://github.com/curl/curl.git' "${NETDATA_MAKESELF_PATH}/tmp/curl"
+  CACHE_HIT=0
+fi
+
+cd "${NETDATA_MAKESELF_PATH}/tmp/curl" || exit 1
 
 export CFLAGS="-I/openssl-static/include -pipe"
-export LDFLAGS="-static -L/openssl-static/lib"
+export LDFLAGS="-static -L/openssl-static/lib64"
 export PKG_CONFIG="pkg-config --static"
-export PKG_CONFIG_PATH="/openssl-static/lib/pkgconfig"
+export PKG_CONFIG_PATH="/openssl-static/lib64/pkgconfig"
 
 if [ "${CACHE_HIT:-0}" -eq 0 ]; then
     run autoreconf -fi
@@ -52,7 +67,7 @@ fi
 
 run make install
 
-store_cache curl "${NETDATA_MAKESELF_PATH}/tmp/curl-${version}"
+store_cache curl "${NETDATA_MAKESELF_PATH}/tmp/curl"
 
 if [ "${NETDATA_BUILD_WITH_DEBUG}" -eq 0 ]; then
   run strip "${NETDATA_INSTALL_PATH}"/bin/curl

packaging/makeself/jobs/70-netdata-git.install.sh

@@ -12,7 +12,7 @@ else
   export CFLAGS="-static -O1 -pipe -ggdb -Wall -Wextra -Wformat-signedness -DNETDATA_INTERNAL_CHECKS=1 -I/openssl-static/include -I/libnetfilter-acct-static/include/libnetfilter_acct -I/usr/include/libmnl"
 fi
 
-export LDFLAGS="-Wl,--gc-sections -static -L/openssl-static/lib -L/libnetfilter-acct-static/lib -lnetfilter_acct -L/usr/lib -lmnl"
+export LDFLAGS="-Wl,--gc-sections -Wl,-z,stack-size=$[8 * 1024 * 1024] -static -L/openssl-static/lib64 -L/libnetfilter-acct-static/lib -lnetfilter_acct -L/usr/lib -lmnl"
 
 # We export this to 'yes', installer sets this to .environment.
 # The updater consumes this one, so that it can tell whether it should update a static install or a non-static one
@@ -21,11 +21,11 @@ export IS_NETDATA_STATIC_BINARY="yes"
 # Set eBPF LIBC to "static" to bundle the `-static` variant of the kernel-collector
 export EBPF_LIBC="static"
 export PKG_CONFIG="pkg-config --static"
-export PKG_CONFIG_PATH="/openssl-static/lib/pkgconfig:/libnetfilter-acct-static/lib/pkgconfig:/usr/lib/pkgconfig"
+export PKG_CONFIG_PATH="/openssl-static/lib64/pkgconfig:/libnetfilter-acct-static/lib/pkgconfig:/usr/lib/pkgconfig"
 
 # Set correct CMake flags for building against non-System OpenSSL
 # See: https://github.com/warmcat/libwebsockets/blob/master/READMEs/README.build.md
-export CMAKE_FLAGS="-DOPENSSL_ROOT_DIR=/openssl-static -DOPENSSL_LIBRARIES=/openssl-static/lib -DCMAKE_INCLUDE_DIRECTORIES_PROJECT_BEFORE=/openssl-static -DLWS_OPENSSL_INCLUDE_DIRS=/openssl-static/include -DLWS_OPENSSL_LIBRARIES=/openssl-static/lib/libssl.a;/openssl-static/lib/libcrypto.a"
+export CMAKE_FLAGS="-DOPENSSL_ROOT_DIR=/openssl-static -DOPENSSL_LIBRARIES=/openssl-static/lib64 -DCMAKE_INCLUDE_DIRECTORIES_PROJECT_BEFORE=/openssl-static -DLWS_OPENSSL_INCLUDE_DIRS=/openssl-static/include -DLWS_OPENSSL_LIBRARIES=/openssl-static/lib64/libssl.a;/openssl-static/lib64/libcrypto.a"
 
 run ./netdata-installer.sh \
   --install-prefix "${NETDATA_INSTALL_PARENT}" \