New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add sys.ssl for neko and cpp #5014

Merged
merged 9 commits into from Apr 5, 2016

Conversation

Projects
None yet
5 participants
@pperidont
Copy link
Contributor

pperidont commented Apr 2, 2016

New Merged PR (see #4929)

It requires HaxeFoundation/hxcpp#393

Main known limitations :

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

There seems to be something wrong with travis.yml, try checking it with http://lint.travis-ci.org/:

syntax error: (<unknown>): did not find expected '-' indicator while parsing a block collection at line 126 column 3
@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

There's some issue with haxelib according to our CI:

0.02s$ mkdir ~/haxelib && haxelib setup ~/haxelib
Called from /home/travis/build/HaxeFoundation/haxe/std/neko/_std/sys/ssl/Certificate.hx line 120
Uncaught exception - load.c(237) : Failed to load library : ssl.ndll (ssl.ndll: cannot open shared object file: No such file or directory)
@ncannasse

This comment has been minimized.

Copy link
Member

ncannasse commented Apr 2, 2016

Which version of neko is used ? It should use Git one.

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

It does use git neko, but I don't think git neko actually builds ssl.ndll.

@ncannasse

This comment has been minimized.

Copy link
Member

ncannasse commented Apr 2, 2016

@pperidont @andyli should it not be done automatically as part of install script?

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

Ok that was not so easy to spot in the travis log, but there's an error when trying to compile ssl.ndll: Include file mbedtls/error.h not found, skipping mbedTLS library compilation

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

Ah, but that was a previous build, probably has been fixed by b784091 already.

@ncannasse

This comment has been minimized.

Copy link
Member

ncannasse commented Apr 2, 2016

@pperidont I would be interested to see if it's possible to change java/cs specific SslSocket into the standard sys one, if you have some time to look into that, pinging also @waneck

@pperidont

This comment has been minimized.

Copy link
Contributor

pperidont commented Apr 2, 2016

The first error was during mbedtls installation : sudo: must be setuid root.
I add sudo: required in my last commit, that should fix this error,

neko need mbedtls installed on system to compile ssl.ndll and it will be available as apt-get package only in next Ubuntu (xenial 16.04). I add a make && make install in travis.yml, but it requires sudo.

@Simn Simn self-assigned this Apr 2, 2016

@Simn Simn added this to the 3.3.0-rc1 milestone Apr 2, 2016

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 2, 2016

Great, now it looks much better and only fails on hxcpp because the PR isn't merged yet. I'll merge both for the RC because this is pretty important.

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 3, 2016

@pperidont: Now this can't be merged again, probably due to the haxe.Http changes from your other PRs. Could you update again?

@pperidont

This comment has been minimized.

Copy link
Contributor

pperidont commented Apr 3, 2016

Merge done, the conflict was in .travis.yml

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 3, 2016

I have merged the hxcpp PR but this still seems to fail:

Called from sys.ssl.Certificate::boot /home/travis/build/HaxeFoundation/haxe/std/cpp/_std/sys/ssl/Certificate.hx line 116
Called from cpp.Lib::load /home/travis/build/HaxeFoundation/haxe/std/cpp/Lib.hx line 34
Error : Could not load module ssl@cert_load_defaults__0
Command exited with 255 in 0s: /home/travis/build/HaxeFoundation/haxe/tests/unit/bin/cpp/Test-debug []

Simn referenced this pull request in HaxeFoundation/hxcpp Apr 4, 2016

SSL lib
* Add SSL lib

* Add cert_load_defaults (Windows)

* Add support for certificate_load_defaults() on Mac

* Add SSL certificate(s) in chain from bytes or string
@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

There's another problem: Uncaught exception - Incompatibilities between sys.ssl.DigestAlgorithm in neko,macro and cpp (could not merge definition)

Could you add @:coreApi to all the platform-specific public types? If DigestAlgorithm is the same on all implementations it should probably be moved to its own file so it can be shared. If it's different then the type should be made private.

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

/home/travis/build/HaxeFoundation/haxe/std/sys/ssl/Certificate.hx:19: characters 8-38 : No overloaded method named get_notAfter was compatible with the property notAfter with expected type Void -> Date

Not sure yet where that originates from...

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

Probably fixed by HaxeFoundation/dox@6e1ed4d (not sure yet, travis is not very fast right now).

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

Or not, still failing the same way.

@pperidont

This comment has been minimized.

Copy link
Contributor

pperidont commented Apr 5, 2016

Ok, my last commit bbcc08c should be better.

As discussed with Nicolas, sys.ssl.Socket now extends sys.net.Socket, this is more consistent with sys.net.UpdSocket and the existing net.SslSocket in java and php.

The tests on Mac should requires HaxeFoundation/hxcpp#410

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

It passed!

Thank you for the patience and the contribution.

@Simn Simn merged commit 5f96567 into HaxeFoundation:development Apr 5, 2016

2 checks passed

continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@nadako nadako referenced this pull request Apr 5, 2016

Closed

Server upgrades #177

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

Hmm, merging this caused the hxcpp tests to start failing:

$ mkdir ~/haxelib && haxelib setup ~/haxelib
Called from /home/travis/haxe/std/neko/_std/sys/ssl/Certificate.hx line 120
Uncaught exception - load.c(237) : Failed to load library : ssl.ndll (ssl.ndll: cannot open shared object file: No such file or directory)
@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

Ah, I overlooked the error again:

Compiling ssl...
Include file mbedtls/error.h not found, skipping mbedTLS library compilation
@andyli

This comment has been minimized.

Copy link
Member

andyli commented Apr 5, 2016

I'm updating the config to install mbedTLS now ;)

@andyli

This comment has been minimized.

Copy link
Member

andyli commented Apr 5, 2016

It's still failing:

Test Socket
  Spawn client..
  connect localhost..
Test Failed:Unexpected error in Socket: Invalid socket handle
############# Errors running tests:
   Unexpected error in Socket: Invalid socket handle
RunTests.hx:94: Error running std32 : failed:cpp32/Test 
Skip test std64
There were errors:
Error running std32 : failed:cpp32/Test 
The command "haxe --run RunTests std32" exited with 255.
@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

People are coming across this too:

<PSvils> Simn: `Called from C:/Projects/haxe/std/neko/_std/sys/ssl/Certificate.hx line 120
<PSvils> Uncaught exception - load.c(237) : Failed to load library : ssl.ndll`
<PSvils> latest haxe from git
<PSvils> can't find the ssl.ndll in the haxe repo anywhere :(
@andyli

This comment has been minimized.

Copy link
Member

andyli commented Apr 5, 2016

I think we should look into supporting neko 2.0 by making the loading of ssl.ndll lazy.
I mean unless the user really use https or any of the ssl functions, it shouldn't fail like this.

@Simn

This comment has been minimized.

Copy link
Member

Simn commented Apr 5, 2016

I agree

@ncannasse

This comment has been minimized.

Copy link
Member

ncannasse commented Apr 5, 2016

That's for sure, @pperidont you need to replace neko.Lib.load by neko.Lib.loadLazy so in case there is no ssl lib you get the error at runtime when calling the function instead of when loading it.

@mastef

This comment has been minimized.

Copy link
Contributor

mastef commented Jun 30, 2016

Trying to make calls to a https webservice with neko and it's been a pain so far :-/

On a windows build getting a "Failed to load library : ssl.ndll" - which should be solvable with a recompile.

On a Mac build https requests through http fail throwing an error: ssl@conf_new, which happens in http when attempting a sock.connect(new Host(host),port);, which then calls buildSSLContext and fails on var ctx : CTX = conf_new( server );

I'm a little bit at the end of debugging, have been trying to narrow it down further in neko, e.g. to see if the library hasn't been loaded fully, but with no success. No errors thrown in Lib LazyLoad or Load. Https requests work on the cpp target, just haven't been able to get it working on neko.

Any pointers how to get it running? Are there any additional settings to get SSL running on neko, or any settings that can be double-checked? Haxe is on 3.3.0, neko 2.1.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment