Skip to content

workaround SR-11125: @_implementationOnly import CNIOBoringSSL #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 17, 2019
Merged

workaround SR-11125: @_implementationOnly import CNIOBoringSSL #117

merged 1 commit into from
Jul 17, 2019

Conversation

@weissi
Copy link
Member

@weissi weissi commented Jul 16, 2019
edited
Loading

Motivation:

If we don't import CNIOBoringSSL @_implementationOnly, then some details
of libssl's C structs might leak into NIOSSL's ABI which might lead to
clashes further down the line.

Modification:

  • make all CNIOBoringSSL(Shims) imports @_implementationOnly
  • remove all concrete libssl types from instance variables

Result:

@weissi weissi requested a review from Lukasa July 16, 2019 19:53
Lukasa
Lukasa requested changes Jul 17, 2019
View reviewed changes
Sources/NIOSSL/SSLCertificate.swift
/// In general, however, this function should be avoided in favour of one of the convenience
/// initializers, which ensure that the lifetime of the `X509` object is better-managed.
static public func fromUnsafePointer(takingOwnership pointer: UnsafeMutablePointer<X509>) -> NIOSSLCertificate {
static func fromUnsafePointer(takingOwnership pointer: UnsafeMutablePointer<X509>) -> NIOSSLCertificate {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is technically a breaking API change. Do we want to ship a 3.0 here? Or do we think this can be made an exception?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, my vote goes for exception. There was never a legal way to obtain an UnsafeMutablePointer<X509> (with the right X509...).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think I agree.

@Lukasa Lukasa added the 🔨 semver/patch No public API change. label Jul 17, 2019
@Lukasa Lukasa added this to the 2.2.0 milestone Jul 17, 2019
@weissi
workaround SR-11125: @_implementationOnly import CNIOBoringSSL
049619d 
Motivation:

If we don't import CNIOBoringSSL @_implementationOnly, then some details
of libssl's C structs might leak into NIOSSL's ABI which might lead to
clashes further down the line.

Modification:
- make all CNIOBoringSSL(Shims) imports @_implementationOnly
- remove all concrete libssl types from instance variables

Result:
- fixes apple#116
- works around SR-11125
@weissi weissi force-pushed the jw-workaround-SR-11125 branch from aae6472 to 049619d Compare July 17, 2019 12:57
@weissi weissi requested a review from Lukasa July 17, 2019 12:57
@Lukasa Lukasa merged commit e548c72 into apple:master Jul 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Lukasa Lukasa Lukasa approved these changes

Assignees

No one assigned

Labels

🔨 semver/patch No public API change.

Projects

None yet

Milestone

2.2.0

Development

Successfully merging this pull request may close these issues.

build error on Ubuntu 18, Swift 5.1 : "reference to 'SHA256_CTX' is ambiguous"

2 participants

@weissi @Lukasa