Skip to content

/ servo

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hyper sync rustls 0.6.1 #17938

Closed
wants to merge 1 commit into from
Closed

Hyper sync rustls 0.6.1 #17938

wants to merge 1 commit into from
+117 −38

Conversation

@SimranGujral
Copy link
Contributor

SimranGujral commented Aug 1, 2017
edited

This change removes Hyper-OpenSSL and integrates HyperSyncRustls v 0.6.1 with servo.
It also removes ciphers depending on DHE and SHA1

  • ./mach build -d does not report any errors
  • ./mach test-tidy does not report any errors
  • These changes fix #__ (github issue number if applicable).
  • There are tests for these changes OR
  • These changes do not require tests because _____

This change is Reviewable
@highfive
Copy link

highfive commented Aug 1, 2017

Thanks for the pull request, and welcome! The Servo team is excited to review your changes, and you should hear from @pcwalton (or someone else) soon.
@highfive
Copy link

highfive commented Aug 1, 2017

Heads up! This PR modifies the following files:

  • @edunham: servo-tidy.toml
  • @KiChjang: components/net/Cargo.toml, components/net/lib.rs, components/net/http_loader.rs, components/net/connector.rs
@highfive
Copy link

highfive commented Aug 1, 2017

warning Warning warning

  • These commits modify net code, but no tests are modified. Please consider adding a test!
@SimranGujral
Copy link
Contributor Author

SimranGujral commented Aug 1, 2017

r? @avadacatavra
@highfive highfive assigned avadacatavra and unassigned pcwalton Aug 1, 2017
@avadacatavra
avadacatavra requested changes Aug 2, 2017
View changes
servo-tidy.toml Outdated
@@ -36,6 +36,8 @@ packages = [
"error-chain",
"bitflags",
"libloading", # Conflicting version is only used at build-time by geckolib.
"base64", # Conflicting version is used for ring
"rayon", # Conflicting verswon is used for rustls

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 2, 2017

Contributor

nit: "verswon"
components/net/connector.rs Outdated
pub fn create_ssl_client(ca_file: &PathBuf) -> TlsClient {
let mut ca = {
let f = fs::File::open(ca_file).unwrap();
let rd = io::BufReader::new(f);

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 2, 2017

Contributor

you should be able to change this to just
io::BufReader::new(f)
and omit the semicolon on this line, the rd, and the end of the nested scope

This comment has been minimized.

Sign in to view
@KiChjang

KiChjang Aug 2, 2017

Member

Additionally, do we want to unwrap here? The old code uses expect() instead of unwrap().
components/net/connector.rs Outdated
let mut tls = rustls::ClientConfig::new();
tls.root_store.add_pem_file(&mut ca).unwrap();
let tls = Arc::new(tls);
let client = TlsClient { cfg: tls };

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 2, 2017

Contributor

TlsClient { cfg: Arc::new(tls) }
Rust automatically returns the last expression of a function: https://rustbyexample.com/fn.html
@avadacatavra
Copy link
Contributor

avadacatavra commented Aug 2, 2017

This also needs to be squashed into one commit -- we can go over that tomorrow

http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html
@SimranGujral SimranGujral force-pushed the SimranGujral:HyperSyncRustls_0.6.1 branch from f8f4a2d to e28cf76 Aug 2, 2017
@SimranGujral
Copy link
Contributor Author

SimranGujral commented Aug 2, 2017

All changes have been made and are ready for review.
@avadacatavra
avadacatavra requested changes Aug 3, 2017
View changes
Copy link
Contributor

avadacatavra left a comment

The squash is good--I would clean up the commit comments to be more succinct. Currently they restate the same thing multiple times
components/net/connector.rs Outdated
@@ -1,32 +1,31 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 3, 2017

Contributor

nit: put this line back in
components/net/connector.rs
let ssl_connector = ssl_connector_builder.build();
OpensslClient::from(ssl_connector)
pub fn create_ssl_client(ca_file: &PathBuf) -> TlsClient {
let mut ca = {

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 3, 2017

Contributor

let mut ca = { let f = fs::File::open(ca_file).expect("cannot open CA file"); io::BufReader::new(f) }
components/net/lib.rs Outdated
@@ -5,15 +5,14 @@
#![deny(unsafe_code)]
#![feature(box_syntax)]
#![feature(iterator_step_by)]

This comment has been minimized.

Sign in to view
@avadacatavra

avadacatavra Aug 3, 2017

Contributor

nit: put this line back in
@SimranGujral SimranGujral force-pushed the SimranGujral:HyperSyncRustls_0.6.1 branch from e28cf76 to ad07861 Aug 3, 2017
@SimranGujral
Copy link
Contributor Author

SimranGujral commented Aug 3, 2017

Changes have been made. Ready for review.
@jdm
Copy link
Member

jdm commented Aug 4, 2017

test fetch::test_fetch_with_hsts has been running for over 60 seconds
That's worrying! I bet that running any HTTPS WPT test will end up timing out.
@bors-servo: try
@bors-servo
Copy link
Contributor

bors-servo commented Aug 4, 2017

Trying commit ad07861 with merge 90aac87...
bors-servo added a commit that referenced this pull request Aug 4, 2017
@bors-servo
Auto merge of #17938 - SimranGujral:HyperSyncRustls_0.6.1, r=<try>
Loading status checks…
90aac87 
Hyper sync rustls 0.6.1

<!-- Please describe your changes on the following line: -->
This change removes Hyper-OpenSSL and integrates HyperSyncRustls v 0.6.1 with servo.
It also removes ciphers depending on DHE and SHA1

---
<!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: -->
- [X] `./mach build -d` does not report any errors
- [ ] `./mach test-tidy` does not report any errors
- [ ] These changes fix #__ (github issue number if applicable).

<!-- Either: -->
- [ ] There are tests for these changes OR
- [ ] These changes do not require tests because _____

<!-- Also, please make sure that "Allow edits from maintainers" checkbox is checked, so that we can help you if you get stuck somewhere along the way.-->

<!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. -->

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/17938)
<!-- Reviewable:end -->
@bors-servo
Copy link
Contributor

bors-servo commented Aug 4, 2017

💔 Test failed - android
@jdm
Copy link
Member

jdm commented Aug 4, 2017 

	thread 'fetch::test_fetch_with_hsts' panicked at 'called `Option::unwrap()` on a `None` value', /checkout/src/libcore/option.rs:335:20
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
stack backtrace:
   0: std::sys::imp::backtrace::tracing::imp::unwind_backtrace
             at /checkout/src/libstd/sys/unix/backtrace/tracing/gcc_s.rs:49
   1: std::sys_common::backtrace::_print
             at /checkout/src/libstd/sys_common/backtrace.rs:71
   2: std::panicking::default_hook::{{closure}}
             at /checkout/src/libstd/sys_common/backtrace.rs:60
             at /checkout/src/libstd/panicking.rs:380
   3: std::panicking::default_hook
             at /checkout/src/libstd/panicking.rs:390
   4: std::panicking::rust_panic_with_hook
             at /checkout/src/libstd/panicking.rs:611
   5: std::panicking::begin_panic_new
             at /checkout/src/libstd/panicking.rs:553
   6: std::panicking::begin_panic_fmt
             at /checkout/src/libstd/panicking.rs:521
   7: rust_begin_unwind
             at /checkout/src/libstd/panicking.rs:497
   8: core::panicking::panic_fmt
             at /checkout/src/libcore/panicking.rs:71
   9: core::panicking::panic
             at /checkout/src/libcore/panicking.rs:51
  10: <core::option::Option<T>>::unwrap
             at /checkout/src/libcore/macros.rs:22
  11: net_tests::fetch::test_fetch_with_hsts
             at ./fetch.rs:557
  12: <F as test::FnBox<T>>::call_box
             at /checkout/src/libtest/lib.rs:1477
             at /checkout/src/libcore/ops/function.rs:143
             at /checkout/src/libtest/lib.rs:138
  13: __rust_maybe_catch_panic
             at /checkout/src/libpanic_unwind/lib.rs:98

WPT tests worked, so that's good. The android build appears to break while building ring.
@avadacatavra
Copy link
Contributor

avadacatavra commented Aug 7, 2017

@jdm my suspicion is that we'll need to specify android to ring in the build command based on https://github.com/briansmith/ring/blob/master/build.rs#L613
@jdm
Copy link
Member

jdm commented Aug 7, 2017

The target is provided automatically since we're invoking Cargo with --target, and the C commands have android-specific include directories appended to them:

running "arm-linux-androideabi-gcc" "-O0" "-ffunction-sections" "-fdata-sections" "-fPIC" "--sysroot" "/home/servo/android/ndk/current/platforms/android-18/arch-arm" "-I/home/servo/android/ndk/current/sources/android/support/include" "-g" "-march=armv7-a" "-march=armv7-a" "-mfpu=vfpv3-d16" "-mfloat-abi=softfp" "-I" "include" "-std=c1x" "-Wbad-function-cast" "-Wmissing-prototypes" "-Wnested-externs" "-Wstrict-prototypes" "-fdata-sections" "-ffunction-sections" "-pedantic" "-pedantic-errors" "-Wall" "-Wextra" "-Wcast-align" "-Wcast-qual" "-Wenum-compare" "-Wfloat-equal" "-Wformat=2" "-Winline" "-Winvalid-pch" "-Wmissing-declarations" "-Wmissing-field-initializers" "-Wmissing-include-dirs" "-Wredundant-decls" "-Wshadow" "-Wsign-compare" "-Wundef" "-Wuninitialized" "-Wwrite-strings" "-fno-strict-aliasing" "-fvisibility=hidden" "-Wno-cast-align" "-fstack-protector" "-g3" "-D_XOPEN_SOURCE=700" "-D__ANDROID_API__=18" "-c" "-o/home/servo/buildbot/slave/android/build/target/armv7-linux-androideabi/debug/build/ring-a621dfbd7d7ae5c7/out/ecp_nistz256.o" "crypto/ec/ecp_nistz256.c"
@jdm
Copy link
Member

jdm commented Aug 7, 2017

https://github.com/briansmith/ring/blob/5f8d332ed0f38415ee003712d1bb93647ed34afe/build.rs#L560 is the line that is adding the include directory that contains the standard library headers that clang does not like:

In file included from include/GFp/base.h:60:0,
                 from include/GFp/bn.h:126,
                 from crypto/bn/montgomery_inv.c:15:
/home/servo/android/ndk/current/sources/android/support/include/stdint.h:31:2: error: #include_next is a GCC extension
 #include_next <stdint.h>
  ^
thread '<unnamed>' panicked at 'execution failed', /home/servo/.cargo/registry/src/github.com-1ecc6299db9ec823/ring-0.11.0/build.rs:658:8
@SimranGujral
Servo using Hyper-Rustls for verification
Loading status checks…
31133c0 
Removed OpenSSL imports

Using Hyper-Sync-Rustls instead of Rust-OpenSSL

Servo integrated with HyperSyncRustls- v 0.6.1

Making Formatting changes after review
@SimranGujral SimranGujral force-pushed the SimranGujral:HyperSyncRustls_0.6.1 branch from ad07861 to 31133c0 Aug 7, 2017
@SimranGujral
Copy link
Contributor Author

SimranGujral commented Aug 7, 2017

The android issue is still in progress, Other issues have been resolved. Ready for review.
r? @avadacatavra
@avadacatavra
avadacatavra approved these changes Aug 7, 2017
View changes
@jdm
Copy link
Member

jdm commented Aug 8, 2017

test fetch::test_fetch_with_hsts has been running for over 60 seconds. TravisCI still does not like running that test now.
@Manishearth
Copy link
Member

Manishearth commented Aug 10, 2017

Apparently if we pass --disable-werror as a cflag when compiling this should go away.

But I'm not sure, since the warning doesn't actually mention Werror.
@jdm
Copy link
Member

jdm commented Aug 10, 2017

@Manishearth What should go away?
@Manishearth
Copy link
Member

Manishearth commented Aug 10, 2017

Oh. The GCC extension warning.
@bors-servo
Copy link
Contributor

bors-servo commented Aug 18, 2017

The latest upstream changes (presumably #18096) made this pull request unmergeable. Please resolve the merge conflicts.
@avadacatavra
Copy link
Contributor

avadacatavra commented Nov 2, 2017

I'm going to close this until I have more time to bring it up to date :)
@Darkspirit Darkspirit mentioned this pull request Nov 17, 2019
Closed
3 of 3 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KiChjang KiChjang

@avadacatavra avadacatavra

Assignees

@avadacatavra avadacatavra

Labels
S-awaiting-review S-needs-rebase
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

8 participants
@SimranGujral @highfive @avadacatavra @jdm @bors-servo @Manishearth @KiChjang @pcwalton
You can’t perform that action at this time.