sergot / io-socket-ssl Goto Github PK
View Code? Open in Web Editor NEWIO::Socket::SSL for Perl 6 using OpenSSL
io-socket-ssl's People
Contributors
Stargazers
Watchers
Forkers
peschwa paultcochrane leedo dabedotcom bduggan zoffixznet jonathanstowe seaker elerille melezhik patrickbkrio-socket-ssl's Issues
Cannot assign to a variable with an IO::Socket constraint
The below code works as expected:
$ raku -MIO::Socket::SSL -e '
my $socket = IO::Socket::SSL.new: host => "httpbin.org", port => 443;
$socket.print("GET /get HTTP/1.1\r\nHost: httpbin.org\r\nConnection: close\r\n\r\n");
say $socket.recv;
$socket.close;
'
HTTP/1.1 200 OK
... etc ...
But setting an IO::Socket constraint on that variable makes the code die with a
segmentation fault:
$ raku -MIO::Socket::SSL -e '
my IO::Socket $ssl = IO::Socket::SSL.new: host => "httpbin.org", port => 443
'
Segmentation fault (core dumped)
Applying the role after construction makes the assignment succeed, but using it
results in an unexpected error:
$ raku -MIO::Socket::SSL -e '
my IO::Socket $socket = IO::Socket::SSL.new(
host => "httpbin.org",
port => 443,
) but IO::Socket;
$socket.print("GET /get HTTP/1.1\r\nHost: httpbin.org\r\nConnection: close\r\n\r\n");
say $socket.recv;
$socket.close
'
Socket not available
in block <unit> at -e line 6
malformed UTF-8 in t/01-basic.t test on mac
$ perl6 --version
This is Rakudo version 2017.07-126-g86cb1363d built on MoarVM version 2017.07-305-g0df98ee0
implementing Perl 6.c.
$ zef locate zef
===> From Distribution: zef:ver<0.1.26>:auth<github:ugexe>:api<>
$ zef install IO::Socket::SSL
===> Searching for: IO::Socket::SSL
===> Searching for missing dependencies: OpenSSL
===> Testing: OpenSSL:ver('0.1.14'):auth('github:sergot')
===> Testing [OK] for OpenSSL:ver('0.1.14'):auth('github:sergot')
===> Testing: IO::Socket::SSL:auth('github:sergot')
Malformed termination of UTF-8 string
in method get at /Users/coke/.zef/store/io-socket-ssl.git/7b426376380b58d27458a15c06aead6f448258ec/lib/IO/Socket/SSL.pm6 (IO::Socket::SSL) line 135
in block <unit> at t/01-basic.t line 14
===> Testing [FAIL]: IO::Socket::SSL:auth('github:sergot')
<snip>
$ sw_vers
$ sw_vers
ProductName: Mac OS X
ProductVersion: 10.12.6
BuildVersion: 16G29
Feature request: wrap existing TCP connection
Hello!
I see that this module supports establishing new SSL connections over TCP, but with the module I'm working on right now, I need to be able to take an existing TCP connection and upgrade it to an SSL one.
Please "git tag" your RAKU modules with it's versions
Can you please "GIT TAG" your RAKU modules with it's version, similar and at the same time you maintain it's "version": "x.y.z" in your META6.json file?
I was told, this will happen "for free" going forward with mi6 anyhow, but for now it would be great if you spend those 2 seconds already now :)
"Tagging" is generally highly appreciated in regards to "reproducible builds" and here especially for the "Rakudo Star" modules
THANK YOU!
Should be a drop-in replacement for IO::Socket::INET
You should be able to replace IO::Socket::INET with IO::Socket::SSL and still have things working. So far it's missing some methods (like .get())
Failing test
perl6 -Ilib t/01-basic.t
1..1
err code: 336130329
error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
ok 1 - new 1/1
note it says "ok" after the error, but panda reports failure
perl6 -v
This is perl6 version 2014.12-9-gfb9127c built on MoarVM version 2014.12
uname -a
Linux 3.16.0-28-generic #38-Ubuntu SMP Sat Dec 13 16:13:28 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
Doesn't appear to deal with unrecognised peer certificate well
Hi,
It seems that the test t/090-ua-ssl.t of HTTP::UserAgent has recently started failing:
1..2
1..3
err code: 336130315
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Use of Nil in numeric context in method new at /home/jonathan/devel/perl6/http-useragent/lib/HTTP/Response.pm6:27
ok 1 - 'use HTTP::UserAgent; my $ssl = HTTP::UserAgent.new(:throw-exceptions); $ssl.get("https://filip.sergot.pl/")' died
not ok 2 - right exception type (HTTP::UserAgent::X::HTTP::Response)
# Failed test 'right exception type (HTTP::UserAgent::X::HTTP::Response)'
# at /home/jonathan/.rakudobrew/moar-nom/install/share/perl6/lib/Test.pm.moarvm line 1
# Expected: HTTP::UserAgent::X::HTTP::Response
# Got: X::Method::NotFound
# Exception message: No such method 'subst' for invocant of type 'Any'
ok 3 - # SKIP wrong exception type
# Looks like you failed 1 test of 3
not ok 1 - did we throws-like HTTP::UserAgent::X::HTTP::Response?
# Failed test 'did we throws-like HTTP::UserAgent::X::HTTP::Response?'
# at t/090-ua-ssl.t line 15
It would appear that this is because the peer certificate issuer is not recognised:
[jonathan@coriolanus http-useragent]$ curl -v https://filip.sergot.pl/
* Trying 88.198.10.70...
* Connected to filip.sergot.pl (88.198.10.70) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* Server certificate:
* subject: CN=*.linuxpl.com,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)15,OU=GT01172648
* start date: Mar 19 00:59:07 2015 GMT
* expire date: Apr 20 12:20:36 2016 GMT
* common name: *.linuxpl.com
* issuer: CN=RapidSSL SHA256 CA - G3,O=GeoTrust Inc.,C=US
* NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER)
* Peer's Certificate issuer is not recognized.
* Closing connection 0
curl: (60) Peer's Certificate issuer is not recognized.
It would seem that in this case that IO::Socket::SSL is simply outputting some diagnostic information and not returning anything, it would probably be better if an exception were thrown that somehow contained the errors from the SSL layer and could be caught by a client (e.g. HTTP::UserAgent) which can do something sensible (as it stands now HTTP::UserAgent simply ploughs on trying to build the response from the empty return and fails.)
Obviously it would ultimately be nicer if there was some mechanism to ignore the unrecognised certificate.
POD code fails on older MacOS (possible TLS1.2 requirement issue)
Hello, I tried running the POD code below with a fresh install of Rakudo_2020.10 on an older MacOS.
use IO::Socket::SSL;
my $ssl = IO::Socket::SSL.new(:host<github.com>, :port(443));
my $content = Buf.new;
$ssl.print("GET /\r\n\r\n");
while my $read = $ssl.recv {
$content ~= $read;
}
say $content;
The code hangs with an SSL error, which I surmise has to do with a TLS1.2 requirement at http://github.com. I don't know if I can set an OS environment variable to overcome this issue, or whether the IO::SOCKET::SSL module in various other iterations (Perl5, etc.) accepts a TLS parameter.
user@mbook:~$ raku sergot_PODcode_IO-Socket-SSL.p6
err code: 336032814
error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
Buf:0x<>
user@mbook:~$
Of course, it's unreasonable to expect that Raku modules support ancient OS versions, but it is useful for new users to know they can try out the Raku programming language with a reasonable expectation of success without running the 'latest-and-greatest' hardware. Thank you.
Can't connect to server which only allows ≥TLSv1
perl6 -MIO::Socket::SSL -e "IO::Socket::SSL.new(:host(<jabber.org>), :5222port)"
Error message:
err code: 336130315
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
Server TLS details https://xmpp.net/result.php?domain=jabber.org&type=client#tls
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.