Skip to content

fixes compatibility with macos big sur. #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Jul 8, 2020
Merged

fixes compatibility with macos big sur. #47

merged 14 commits into from
Jul 8, 2020

Conversation

@TerminalFi
Copy link
Contributor

@TerminalFi TerminalFi commented Jun 26, 2020

MacOS Big Sur had dynamic linker changes. Shared libraries are now stored only in /System/Library/dyld/dyld_shared_cache_x86_64 and no longer present on the actual file system. This changes makes the find_library not return the paths of the libraries such as find_library("ssl")

@TerminalFi
fixes compatibility with macos big sur.
02f53c0 
MacOS Big Sur had dynamic linker changes. Shared libraries are now
stored only in `/System/Library/dyld/dyld_shared_cache_x86_64`
and no longer present on the actual file system. This changes makes the
`find_library` not return the paths of the libraries such as
`find_library("ssl")`
@TerminalFi
flake8 compliance and some missing indentation
900505b
@TerminalFi
remove old howsmyssl test
8531e69
wbond
wbond requested changes Jun 26, 2020
View reviewed changes
Copy link
Owner

@wbond wbond left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we just need a few little tweaks making sure that we only set the OpenSSL paths if we didn't find anything.

FichteFoll
FichteFoll reviewed Jun 27, 2020
View reviewed changes
oscrypto/_openssl/_libcrypto_cffi.py Outdated
libcrypto_path == '/usr/lib/libcrypto.42.dylib'
# if we are on macOS 10.15+, we want to strongly version libcrypto since unversioned libcrypto has a non-stable ABI
if sys.platform == 'darwin' and list(map(int, platform.mac_ver()[0].split('.')))[1] >= 15 and \
if sys.platform == 'darwin' and tuple(map(int, platform.mac_ver()[0].split('.'))) >= (10, 15) and \
Copy link

@FichteFoll FichteFoll Jun 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably become an elif. While it running for 10.16+ doesn't change because the last condition won't apply, this seems more fragile than needs be.

oscrypto/_openssl/_libcrypto_ctypes.py Outdated
libcrypto_path == '/usr/lib/libcrypto.42.dylib'
# if we are on macOS 10.15+, we want to strongly version libcrypto since unversioned libcrypto has a non-stable ABI
if sys.platform == 'darwin' and list(map(int, platform.mac_ver()[0].split('.')))[1] >= 15 and \
if sys.platform == 'darwin' and tuple(map(int, platform.mac_ver()[0].split('.'))) >= (10, 15) and \
Copy link

@FichteFoll FichteFoll Jun 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above.

oscrypto/_openssl/_libssl_cffi.py Outdated
tuple(map(int, platform.mac_ver()[0].split('.'))) >= (10, 16):
libssl_path = '/usr/lib/libssl.44.dylib'
# if we are on macOS 10.15+, we want to strongly version libssl since unversioned libcrypto has a non-stable ABI
if sys.platform == 'darwin' and list(map(int, platform.mac_ver()[0].split('.')))[1] >= 15 and \
Copy link

@FichteFoll FichteFoll Jun 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above.

oscrypto/_openssl/_libssl_ctypes.py Outdated
tuple(map(int, platform.mac_ver()[0].split('.'))) >= (10, 16):
libssl_path = '/usr/lib/libssl.44.dylib'
# if we are on macOS 10.15+, we want to strongly version libssl since unversioned libcrypto has a non-stable ABI
if sys.platform == 'darwin' and list(map(int, platform.mac_ver()[0].split('.')))[1] >= 15 and \
Copy link

@FichteFoll FichteFoll Jun 27, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above.

@FichteFoll
Copy link

FichteFoll commented Jun 27, 2020

Actually, seeing how frequently this pattern is used, it seems reasonable to factor it out into a function of some sort.

@TerminalFi
Copy link
Contributor Author

TerminalFi commented Jun 27, 2020

Actually, seeing how frequently this pattern is used, it seems reasonable to factor it out into a function of some sort.

Have something in mind? This? Welcomed suggestions, I am on the road currently.

def get_library(library, fallback, unverisoned):
    ...

@TerminalFi
Copy link
Contributor Author

TerminalFi commented Jun 28, 2020
edited
Loading

Not sure I like this

def get_library(name, unversioned, fallback):
    library = find_library(name)
    if not library and sys.platform == 'darwin' and tuple(map(int,  platform.mac_ver()[0].split('.'))) >= (10, 16):
        library == fallback
    elif sys.platform == 'darwin' and tuple(map(int,  platform.mac_ver()[0].split('.'))) >= (10, 15) and \
            library == unversioned:
        library = fallback
    return library

in use

libssl_path = _backend_config().get('libssl_path')
if libssl_path is None:
    libssl_path = get_library('ssl', '/usr/lib/libssl.dylib', '/usr/lib/libssl.44.dylib')
if not libssl_path:
    raise LibraryNotFoundError('The library libssl could not be found')

@TerminalFi
Copy link
Contributor Author

TerminalFi commented Jun 28, 2020

@FichteFoll mind helping out with this test issue? I I am guessing I need to fix something in the tests themselves, unless my logic is wrong.

Running tests (via coverage.py)
Traceback (most recent call last):
  File "run.py", line 8, in <module>
    run_task()
  File "/Users/terminal/.projects/oscrypto/dev/_task.py", line 162, in run_task
    result = run(*args, **kwargs)
  File "/Users/terminal/.projects/oscrypto/dev/ci.py", line 49, in run
    tests_result = run_coverage(ci=True)
  File "/Users/terminal/.projects/oscrypto/dev/coverage.py", line 57, in run
    result = run_tests(ci=ci)
  File "/Users/terminal/.projects/oscrypto/dev/tests.py", line 61, in run
    for test_class in test_classes():
  File "/Users/terminal/.projects/oscrypto/tests/__init__.py", line 136, in test_classes
    from .test_kdf import KDFTests
  File "/Users/terminal/.projects/oscrypto/tests/test_kdf.py", line 7, in <module>
    from oscrypto import kdf, _pkcs5
  File "/Users/terminal/.projects/oscrypto/oscrypto/kdf.py", line 9, in <module>
    from .util import rand_bytes
  File "/Users/terminal/.projects/oscrypto/oscrypto/util.py", line 13, in <module>
    from ._mac.util import rand_bytes
  File "/Users/terminal/.projects/oscrypto/oscrypto/_mac/util.py", line 208, in <module>
    from .._openssl._libcrypto import libcrypto
  File "/Users/terminal/.projects/oscrypto/oscrypto/_openssl/_libcrypto.py", line 9, in <module>
    from ._libcrypto_cffi import (
  File "/Users/terminal/.projects/oscrypto/oscrypto/_openssl/_libcrypto_cffi.py", line 7, in <module>
    from ..util import get_library
ImportError: cannot import name 'get_library' from 'oscrypto.util' (/Users/terminal/.projects/oscrypto/oscrypto/util.py)

@wbond
Copy link
Owner

wbond commented Jun 28, 2020

I believe you have an include loop since the root util.py is importing the platform-specific one to get rand_bytes().

This helper function really shouldn’t be part of the public API, so it should go in a file with an _, probably _ffi.py.

FichteFoll
FichteFoll suggested changes Jun 30, 2020
View reviewed changes
Copy link

@FichteFoll FichteFoll left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function made this much better to handle, but there were still some rough edges.

TerminalFi and others added 5 commits June 30, 2020 08:14
@TerminalFi @FichteFoll
Update oscrypto/_ffi.py
6be9cd9 
Co-authored-by: FichteFoll <fichtefoll2@googlemail.com>
@TerminalFi @FichteFoll
Update oscrypto/_openssl/_libssl_ctypes.py
2a4f65c 
Co-authored-by: FichteFoll <fichtefoll2@googlemail.com>
@TerminalFi @FichteFoll
Update oscrypto/_openssl/_libssl_cffi.py
399adfa 
Co-authored-by: FichteFoll <fichtefoll2@googlemail.com>
@TerminalFi @FichteFoll
Update oscrypto/_openssl/_libcrypto_ctypes.py
40b4e3a 
Co-authored-by: FichteFoll <fichtefoll2@googlemail.com>
@TerminalFi @FichteFoll
Update oscrypto/_openssl/_libcrypto_cffi.py
505e5aa 
Co-authored-by: FichteFoll <fichtefoll2@googlemail.com>
@michaelblyons
Copy link

michaelblyons commented Jun 30, 2020

/backlink-ing to wbond/package_control#1477

wbond
wbond reviewed Jul 7, 2020
View reviewed changes
@wbond
Copy link
Owner

wbond commented Jul 7, 2020

The error seen with Python 3.7 on Mac can be resolved by rebasing on master, although you may not see it every time the tests are run.

@wbond wbond merged commit 6c5abfd into wbond:master Jul 8, 2020
@wbond
Copy link
Owner

wbond commented Jul 8, 2020

Apparently installing PyPy via homebrew is broken, so I'm just going to ignore that error for now.

Thanks for the work on this!

@aydumoulin aydumoulin mentioned this pull request Jul 20, 2020
Closed
@noah-vetcove noah-vetcove mentioned this pull request Jan 11, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wbond wbond wbond requested changes

+2 more reviewers

@FichteFoll FichteFoll FichteFoll requested changes

@michaelblyons michaelblyons michaelblyons left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@TerminalFi @FichteFoll @wbond @michaelblyons