sergot / io-socket-ssl Goto Github PK
View Code? Open in Web Editor NEWIO::Socket::SSL for Perl 6 using OpenSSL
IO::Socket::SSL for Perl 6 using OpenSSL
The below code works as expected:
$ raku -MIO::Socket::SSL -e '
my $socket = IO::Socket::SSL.new: host => "httpbin.org", port => 443;
$socket.print("GET /get HTTP/1.1\r\nHost: httpbin.org\r\nConnection: close\r\n\r\n");
say $socket.recv;
$socket.close;
'
HTTP/1.1 200 OK
... etc ...
But setting an IO::Socket constraint on that variable makes the code die with a
segmentation fault:
$ raku -MIO::Socket::SSL -e '
my IO::Socket $ssl = IO::Socket::SSL.new: host => "httpbin.org", port => 443
'
Segmentation fault (core dumped)
Applying the role after construction makes the assignment succeed, but using it
results in an unexpected error:
$ raku -MIO::Socket::SSL -e '
my IO::Socket $socket = IO::Socket::SSL.new(
host => "httpbin.org",
port => 443,
) but IO::Socket;
$socket.print("GET /get HTTP/1.1\r\nHost: httpbin.org\r\nConnection: close\r\n\r\n");
say $socket.recv;
$socket.close
'
Socket not available
in block <unit> at -e line 6
$ perl6 --version
This is Rakudo version 2017.07-126-g86cb1363d built on MoarVM version 2017.07-305-g0df98ee0
implementing Perl 6.c.
$ zef locate zef
===> From Distribution: zef:ver<0.1.26>:auth<github:ugexe>:api<>
$ zef install IO::Socket::SSL
===> Searching for: IO::Socket::SSL
===> Searching for missing dependencies: OpenSSL
===> Testing: OpenSSL:ver('0.1.14'):auth('github:sergot')
===> Testing [OK] for OpenSSL:ver('0.1.14'):auth('github:sergot')
===> Testing: IO::Socket::SSL:auth('github:sergot')
Malformed termination of UTF-8 string
in method get at /Users/coke/.zef/store/io-socket-ssl.git/7b426376380b58d27458a15c06aead6f448258ec/lib/IO/Socket/SSL.pm6 (IO::Socket::SSL) line 135
in block <unit> at t/01-basic.t line 14
===> Testing [FAIL]: IO::Socket::SSL:auth('github:sergot')
<snip>
$ sw_vers
$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.12.6
BuildVersion: 16G29
Hello!
I see that this module supports establishing new SSL connections over TCP, but with the module I'm working on right now, I need to be able to take an existing TCP connection and upgrade it to an SSL one.
Can you please "GIT TAG" your RAKU modules with it's version, similar and at the same time you maintain it's "version": "x.y.z" in your META6.json
file?
I was told, this will happen "for free" going forward with mi6 anyhow, but for now it would be great if you spend those 2 seconds already now :)
"Tagging" is generally highly appreciated in regards to "reproducible builds" and here especially for the "Rakudo Star" modules
THANK YOU!
You should be able to replace IO::Socket::INET with IO::Socket::SSL and still have things working. So far it's missing some methods (like .get())
perl6 -Ilib t/01-basic.t
1..1
err code: 336130329
error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
ok 1 - new 1/1
perl6 -v
This is perl6 version 2014.12-9-gfb9127c built on MoarVM version 2014.12
uname -a
Linux 3.16.0-28-generic #38-Ubuntu SMP Sat Dec 13 16:13:28 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Hi,
It seems that the test t/090-ua-ssl.t of HTTP::UserAgent
has recently started failing:
1..2
1..3
err code: 336130315
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Use of Nil in numeric context in method new at /home/jonathan/devel/perl6/http-useragent/lib/HTTP/Response.pm6:27
ok 1 - 'use HTTP::UserAgent; my $ssl = HTTP::UserAgent.new(:throw-exceptions); $ssl.get("https://filip.sergot.pl/")' died
not ok 2 - right exception type (HTTP::UserAgent::X::HTTP::Response)
# Failed test 'right exception type (HTTP::UserAgent::X::HTTP::Response)'
# at /home/jonathan/.rakudobrew/moar-nom/install/share/perl6/lib/Test.pm.moarvm line 1
# Expected: HTTP::UserAgent::X::HTTP::Response
# Got: X::Method::NotFound
# Exception message: No such method 'subst' for invocant of type 'Any'
ok 3 - # SKIP wrong exception type
# Looks like you failed 1 test of 3
not ok 1 - did we throws-like HTTP::UserAgent::X::HTTP::Response?
# Failed test 'did we throws-like HTTP::UserAgent::X::HTTP::Response?'
# at t/090-ua-ssl.t line 15
It would appear that this is because the peer certificate issuer is not recognised:
[jonathan@coriolanus http-useragent]$ curl -v https://filip.sergot.pl/
* Trying 88.198.10.70...
* Connected to filip.sergot.pl (88.198.10.70) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* Server certificate:
* subject: CN=*.linuxpl.com,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)15,OU=GT01172648
* start date: Mar 19 00:59:07 2015 GMT
* expire date: Apr 20 12:20:36 2016 GMT
* common name: *.linuxpl.com
* issuer: CN=RapidSSL SHA256 CA - G3,O=GeoTrust Inc.,C=US
* NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER)
* Peer's Certificate issuer is not recognized.
* Closing connection 0
curl: (60) Peer's Certificate issuer is not recognized.
It would seem that in this case that IO::Socket::SSL is simply outputting some diagnostic information and not returning anything, it would probably be better if an exception were thrown that somehow contained the errors from the SSL layer and could be caught by a client (e.g. HTTP::UserAgent) which can do something sensible (as it stands now HTTP::UserAgent simply ploughs on trying to build the response from the empty return and fails.)
Obviously it would ultimately be nicer if there was some mechanism to ignore the unrecognised certificate.
Hello, I tried running the POD code below with a fresh install of Rakudo_2020.10 on an older MacOS.
use IO::Socket::SSL;
my $ssl = IO::Socket::SSL.new(:host<github.com>, :port(443));
my $content = Buf.new;
$ssl.print("GET /\r\n\r\n");
while my $read = $ssl.recv {
$content ~= $read;
}
say $content;
The code hangs with an SSL error, which I surmise has to do with a TLS1.2 requirement at http://github.com. I don't know if I can set an OS environment variable to overcome this issue, or whether the IO::SOCKET::SSL module in various other iterations (Perl5, etc.) accepts a TLS parameter.
user@mbook:~$ raku sergot_PODcode_IO-Socket-SSL.p6
err code: 336032814
error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
Buf:0x<>
user@mbook:~$
Of course, it's unreasonable to expect that Raku modules support ancient OS versions, but it is useful for new users to know they can try out the Raku programming language with a reasonable expectation of success without running the 'latest-and-greatest' hardware. Thank you.
perl6 -MIO::Socket::SSL -e "IO::Socket::SSL.new(:host(<jabber.org>), :5222port)"
Error message:
err code: 336130315
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Server TLS details https://xmpp.net/result.php?domain=jabber.org&type=client#tls
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.