Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Patches adding TLS support #52

Closed
wants to merge 18 commits into from
Closed

Patches adding TLS support #52

wants to merge 18 commits into from

Conversation

@talex5
Copy link
Contributor

@talex5 talex5 commented Jan 15, 2015

This builds and tests everything with all the TLS patches in. I assume we now wait for these patches to be accepted upstream and update to the release archives as they happen?

Things needing to be merged/released:

And, afterwards:

@hannesm
Copy link
Member

@hannesm hannesm commented Jan 15, 2015

should mirleft/ocaml-nocrypto#44 also be in this list??

@talex5
Copy link
Contributor Author

@talex5 talex5 commented Jan 16, 2015

@hannesm you're right - I didn't realise that still wasn't merged. Is there a problem with it?

@hannesm
Copy link
Member

@hannesm hannesm commented Jan 16, 2015

@talex5 I think it's fine, but it's @pqwy territory (whom I keep busy with various PRs) ;)

@talex5 talex5 force-pushed the talex5:tls branch from d7e819c to 930cabb Jan 16, 2015
@talex5 talex5 force-pushed the talex5:tls branch from 930cabb to 2c630bb Jan 17, 2015
@talex5 talex5 force-pushed the talex5:tls branch from c0f1f2d to f3ae903 Jan 17, 2015
talex5 added 2 commits Jan 17, 2015
@talex5
Copy link
Contributor Author

@talex5 talex5 commented Jan 17, 2015

OK, I think we have all the required libraries in now! I added a Travis check to try building mirage-skeleton with --xen and also an https_website example that checks the TLS stuff builds for Xen.

@avsm
Copy link
Member

@avsm avsm commented Jan 23, 2015

mirage-console 2.1.1 in ocaml/opam-repository#3445

@pqwy
Copy link
Contributor

@pqwy pqwy commented Jan 26, 2015

mirleft/ocaml-nocrypto#44 can be crossed off the list too.

@talex5
Copy link
Contributor Author

@talex5 talex5 commented Jan 26, 2015

@pqwy - not yet - it hasn't been released yet.

talex5 added 7 commits Jan 27, 2015
Required by latest TLS, which is required by latest conduit support.
The latest release was newer that our 0.7.1 version.
Mirage 2.2.1 is out.
@avsm
Copy link
Member

@avsm avsm commented Mar 4, 2015

tcpip.2.2.3 is now released, so checked that one off.

@avsm
Copy link
Member

@avsm avsm commented Mar 4, 2015

I've added a ctypes.0.4.0 working version in #55, as that's necessary for the Xen compilation.

@hannesm
Copy link
Member

@hannesm hannesm commented Mar 4, 2015

I believe mirage-entropy needs to be somewhere in here... and to get this released, mirage/mirage-platform#120 needs to be merged and released first..

@avsm
Copy link
Member

@avsm avsm commented Mar 4, 2015

mirage-platform 2.2.2 packages going out in ocaml/opam-repository#3667, so mirage-entropy is releasable now.

@hannesm
Copy link
Member

@hannesm hannesm commented Mar 10, 2015

there is no mirage-types-lwt-2.3.0?

@avsm
Copy link
Member

@avsm avsm commented Mar 10, 2015

am just adding it now!

@avsm
Copy link
Member

@avsm avsm commented Mar 10, 2015

ocaml/opam-repository#3694 has mirage-types-lwt.2.3.0

@amirmc
Copy link

@amirmc amirmc commented Mar 11, 2015

Seems to me that mirleft/ocaml-nocrypto#44 was released. Checking it off this list.

@talex5
Copy link
Contributor Author

@talex5 talex5 commented Mar 17, 2015

Seems various APIs had changed. I've updated the mirage and conduit PRs to the new APIs and removed the released components from this repository. Should be working again now.

@hannesm
Copy link
Member

@hannesm hannesm commented Mar 19, 2015

getting there... ocaml/opam-repository#3770

@samoht
Copy link
Member

@samoht samoht commented Apr 22, 2015

I've checked more boxes, the missing bits are cleaning-up out TLS support forconduit and solving the entropy/nocrypto coupling (which is worked on)

@pqwy
Copy link
Contributor

@pqwy pqwy commented Apr 23, 2015

That last bit is being tracked here.

@hannesm
Copy link
Member

@hannesm hannesm commented Apr 28, 2015

once mirage mirage/mirage#394 PR is merged, and there are some releases (nocrypto, tls, mirage-entropy-xen), we'll need gmp-xen and zarith-xen; which might both be sensible to drag in via a mirage-no-xen | (mirage-xen & x) dependency (zarith onto gmp, nocrypto onto zarith)..

@samoht
Copy link
Member

@samoht samoht commented Apr 28, 2015

Indeed, we need the mirage-no-xen stuff. Do you want to look into that tomorrow (I'm fine to do it too)?

@hannesm
Copy link
Member

@hannesm hannesm commented Apr 28, 2015

@samoht as a start #63

@hannesm
Copy link
Member

@hannesm hannesm commented Apr 29, 2015

would also be nice to release a mirage-xen which is compatible with cstruct-1.6.0 (e.g. master)

@samoht
Copy link
Member

@samoht samoht commented May 5, 2015

Almost done now, I've merged most of the things in mirage-dev. Only missing parts are optional but which would be nice to have:

  • support cstruct 1.6.0 in mirage-xen
  • better entropy and conduit integration (without mirage) mirage/ocaml-conduit#67
@hannesm
Copy link
Member

@hannesm hannesm commented May 5, 2015

@samoht great work, thanks! I believe #74 should be there as well. we can do some more testing, and then move it towards the main opam repository!?

@samoht
Copy link
Member

@samoht samoht commented May 5, 2015

Ha yes good point! Indeed, I plan to run a bit of more tests and then we can do a big pull-request to opam-repository with a coordinated announcement and blog post.

@hannesm
Copy link
Member

@hannesm hannesm commented May 11, 2015

this can be closed as well, or?

@talex5
Copy link
Contributor Author

@talex5 talex5 commented May 11, 2015

The extra tests added to .travis-ci.sh are probably worth keeping (it now checks we can build mirage-skeleton for Xen, and also tests building a tls example). Apart from that, if the work is now happening on master then we can close this.

@samoht
Copy link
Member

@samoht samoht commented May 11, 2015

@talex5 can you create a new PR with your travis improvement? thanks!

@talex5
Copy link
Contributor Author

@talex5 talex5 commented May 11, 2015

@samoht I've made a PR here: #77

The mirage-skeleton TLS example was for the old API, so I've left that out for now. I assume someone else has a test for the new API.

@samoht samoht closed this May 12, 2015
@samoht
Copy link
Member

@samoht samoht commented May 12, 2015

Thanks all for the efforts, we are almost seeing the light :-)

@avsm
Copy link
Member

@avsm avsm commented May 12, 2015

Just one thing I'm missing for the record: mirleft/ocaml-tls#250 (comment) -- will release this to get it working with cstruct 1.6.0 (@samoht tells me its cstruct 1.5.0 only atm)

@hannesm
Copy link
Member

@hannesm hannesm commented May 12, 2015

this PR in tls is intentionally not merged, to not introduce a dependency on cstruct-1.6.0. there are various other libraries (such as mirage-xen and dns) which required < cstruct-1.6.0.. will merge the tls PR (and maybe re-release) once releases of mirage-xen/dns/.. are done which support cstruct >= 1.6.0.

@hannesm
Copy link
Member

@hannesm hannesm commented May 12, 2015

also, keep in mind that tls-0.5.0 already works flawlessly with cstruct-1.6.0!

@pqwy
Copy link
Contributor

@pqwy pqwy commented May 13, 2015

Congrats, everyone!

This turned out to be soooo much hairier than initially expected... 😄

avsm pushed a commit to avsm/mirage-dev that referenced this pull request Jan 22, 2017
When the Vfs code got split out from the 9p support, the unique inode
ID wasn't included. Instead, the 9p support started minting a new ID
each time it was asked for one. This meant that clients saw a new inode
number each time they asked for it. This confused cp at least, which
checks that the inode number is the same before and after opening the
file.

Fixes mirage#52.

Signed-off-by: Thomas Leonard <thomas.leonard@docker.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

6 participants
You can’t perform that action at this time.