Comments (33)
I'll take a look on Monday
from babashka.
Can you give a full standalone snippet of the usage, so I can write a test?
from babashka.
Sure. Assuming a reverse echo SSL socket server running on localhost on port 4444 (see below), this should do:
(import [java.io BufferedWriter BufferedReader OutputStreamWriter InputStreamReader]
[javax.net.ssl SSLSocket SSLSocketFactory]))
(let [server "localhost"
port 4444
socket (doto (.createSocket (SSLSocketFactory/getDefault) server port)
.startHandshake)
writer (BufferedWriter. (OutputStreamWriter. (.getOutputStream socket)))
reader (BufferedReader. (InputStreamReader. (.getInputStream socket)))
_ (do (.write writer "OK\n") (.flush writer))
response (.readLine reader)
_ (.close socket)]
(= response "KO"))
This assumes a reverse echo server like the following one:
openssl req -subj "/C=GB" -x509 -nodes -days 365 -newkey rsa -keyout keyfile.key -out certfile.crt
openssl s_server -accept 4444 -rev -key keyfile.key -cert certfile.crt
For the handshake to succeed, the pem
file should either be imported with keytool
(which is how I test on my local machine) or loaded directly from the Clojure code. You could also test without the handshake, but that misses the point, I guess.
This is how I get the pem
file from the running server and import it for the JVM to know about it.
openssl s_client -showcerts -connect localhost:4444 </dev/null 2>/dev/null | openssl x509 -outform PEM > localhost.pem
$JAVA_HOME/bin/keytool -import -trustcacerts -file tmp/localhost.pem -alias localhost -keystore $JAVA_HOME/lib/security/cacerts
Probably not very convenient to implement a test. I may try to find a better idea, if necessary.
(By the way, I take the opportunity to thank you for all your great work with and around babashka).
from babashka.
Which OS are you using? Then I can point you to a version that contains the above classes so you can test yourself.
from babashka.
Thanks btw!
from babashka.
I am using Mac OS (albeit an older one 10.13). I can test on Linux, if necessary.
(I forgot a (.flush writer)
in the code above. Adding it now).
from babashka.
m1 or intel?
from babashka.
Intel. (You're welcome btw :))
from babashka.
ok, try this one: https://output.circle-artifacts.com/output/job/bf9907a6-2219-4832-b071-53700d11d2e3/artifacts/0/release/babashka-1.3.189-SNAPSHOT-macos-amd64.tar.gz
from babashka.
Oops. It was probably compiled for a newer version of MacOS. I run 10.13 (High Sierra).
./bb
dyld: cannot load 'bb' (load command 0x80000034 is unknown)
Abort trap: 6
Interestingly enough, I run a pretty recent version of babashka (v0.8.156). Meaning your default compilation pipeline targets my system.
from babashka.
0.8.166 is from 2022-06-08
, I wouldn't call that pretty recent :)
You can also test on linux x64:
from babashka.
The bb you just tried is compiled using xcode "15.2.0"
. I don't know how backward compatibility works on macos. I can try an older xcode and see if that works (https://circleci.com/docs/using-macos/#supported-xcode-versions-intel)
from babashka.
@i-blis Please try this one for macOS, I compiled it using xcode 12.5.1, perhaps it helps:
from babashka.
This one launches. Thanks.
from babashka.
And does it also work for your program above?
from babashka.
I got clojure.lang.ExceptionInfo: Method createSocket on class sun.security.ssl.SSLSocketFactoryImpl not allowed!
.
(Please do not ruin your evening with it :))
EDIT whole stacktrace:
at sci.impl.utils$rethrow_with_location_of_node.invokeStatic (utils.cljc:135)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
from babashka.
This is a solvable problem, hold on. (There might be other similar ones later on, but we'll get there).
from babashka.
Try this one and report back: https://output.circle-artifacts.com/output/job/bb481147-ec43-4f0c-896f-9a5008679897/artifacts/0/release/babashka-1.3.189-SNAPSHOT-macos-amd64.tar.gz
from babashka.
(There might be other similar ones later on, but we'll get there).
Indeed :) :
clojure.lang.ExceptionInfo: startHandshake
{:type :sci/error, :line 1, :column 1, :message "startHandshake", :sci.impl/callstack #object[clojure.lang.Volatile 0x1ce51795 {:status :ready, :val ({:line 1, :column 1, :ns #object[sci.lang.Namespace 0x75e24969 "sslsocket"], :file "/Users/fra/notes/scraps/ssl_socket.clj", :special true})}], :file "/Users/fra/notes/scraps/ssl_socket.clj"}
at sci.impl.utils$rethrow_with_location_of_node.invokeStatic (utils.cljc:135)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
Caused by: java.lang.NoSuchFieldException: startHandshake
at java.lang.Class.checkField (DynamicHub.java:1041)
java.lang.Class.getField (DynamicHub.java:1026)
sci.impl.interop$invoke_instance_field.invokeStatic (interop.cljc:20)
sci.impl.interop$invoke_instance_method.invokeStatic (interop.cljc:49)
sci.impl.evaluator$eval_instance_method_invocation.invokeStatic (evaluator.cljc:155)
sci.impl.analyzer$analyze_dot$reify__4345.eval (analyzer.cljc:1055)
sci.impl.analyzer$return_do$reify__3979.eval (analyzer.cljc:130)
sci.impl.analyzer$analyze_let_STAR_$reify__4234.eval (analyzer.cljc:627)
sci.impl.analyzer$analyze_let_STAR_$reify__4242.eval (analyzer.cljc:689)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
(I realise now that I have been running a pretty old version of babashka on my home computer. Time to break the piggy bank in order to buy a new machine and update the OS!).
from babashka.
Try writing (doto ... (.startHandshake))
from babashka.
Same exception :(
from babashka.
Can you do (prn (class ...))
instead of (doto ...)
to see which class this is?
from babashka.
Sure: sun.security.ssl.SSLSocketImpl
from babashka.
OK, will post another version tomorrow.
from babashka.
Thanks again.
from babashka.
Try this one and please report back:
from babashka.
Thanks.
Now throws clojure.lang.ExceptionInfo: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.ssl.Alert.createSSLException (Alert.java:130)
sun.security.ssl.TransportContext.fatal (TransportContext.java:378)
sun.security.ssl.TransportContext.fatal (TransportContext.java:321)
sun.security.ssl.TransportContext.fatal (TransportContext.java:316)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts (CertificateMessage.java:1318)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate (CertificateMessage.java:1195)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume (CertificateMessage.java:1138)
sun.security.ssl.SSLHandshake.consume (SSLHandshake.java:393)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:476)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:447)
sun.security.ssl.TransportContext.dispatch (TransportContext.java:201)
sun.security.ssl.SSLTransport.decode (SSLTransport.java:172)
sun.security.ssl.SSLSocketImpl.decode (SSLSocketImpl.java:1506)
sun.security.ssl.SSLSocketImpl.readHandshakeRecord (SSLSocketImpl.java:1421)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:455)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:426)
java.lang.reflect.Method.invoke (Method.java:580)
sci.impl.Reflector.invokeMatchingMethod (Reflector.java:172)
sci.impl.interop$invoke_instance_method.invokeStatic (interop.cljc:56)
sci.impl.evaluator$eval_instance_method_invocation.invokeStatic (evaluator.cljc:155)
sci.impl.analyzer$analyze_dot$reify__4345.eval (analyzer.cljc:1055)
sci.impl.analyzer$return_do$reify__3979.eval (analyzer.cljc:130)
sci.impl.analyzer$analyze_let_STAR_$reify__4234.eval (analyzer.cljc:627)
sci.impl.analyzer$analyze_let_STAR_$reify__4242.eval (analyzer.cljc:689)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild (PKIXValidator.java:388)
sun.security.validator.PKIXValidator.engineValidate (PKIXValidator.java:271)
sun.security.validator.Validator.validate (Validator.java:256)
sun.security.ssl.X509TrustManagerImpl.checkTrusted (X509TrustManagerImpl.java:230)
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted (X509TrustManagerImpl.java:132)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts (CertificateMessage.java:1302)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate (CertificateMessage.java:1195)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume (CertificateMessage.java:1138)
sun.security.ssl.SSLHandshake.consume (SSLHandshake.java:393)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:476)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:447)
sun.security.ssl.TransportContext.dispatch (TransportContext.java:201)
sun.security.ssl.SSLTransport.decode (SSLTransport.java:172)
sun.security.ssl.SSLSocketImpl.decode (SSLSocketImpl.java:1506)
sun.security.ssl.SSLSocketImpl.readHandshakeRecord (SSLSocketImpl.java:1421)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:455)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:426)
java.lang.reflect.Method.invoke (Method.java:580)
sci.impl.Reflector.invokeMatchingMethod (Reflector.java:172)
sci.impl.interop$invoke_instance_method.invokeStatic (interop.cljc:56)
sci.impl.evaluator$eval_instance_method_invocation.invokeStatic (evaluator.cljc:155)
sci.impl.analyzer$analyze_dot$reify__4345.eval (analyzer.cljc:1055)
sci.impl.analyzer$return_do$reify__3979.eval (analyzer.cljc:130)
sci.impl.analyzer$analyze_let_STAR_$reify__4234.eval (analyzer.cljc:627)
sci.impl.analyzer$analyze_let_STAR_$reify__4242.eval (analyzer.cljc:689)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build (SunCertPathBuilder.java:148)
sun.security.provider.certpath.SunCertPathBuilder.engineBuild (SunCertPathBuilder.java:129)
java.security.cert.CertPathBuilder.build (CertPathBuilder.java:297)
sun.security.validator.PKIXValidator.doBuild (PKIXValidator.java:383)
sun.security.validator.PKIXValidator.engineValidate (PKIXValidator.java:271)
sun.security.validator.Validator.validate (Validator.java:256)
sun.security.ssl.X509TrustManagerImpl.checkTrusted (X509TrustManagerImpl.java:230)
sun.security.ssl.X509TrustManagerImpl.checkServerTrusted (X509TrustManagerImpl.java:132)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts (CertificateMessage.java:1302)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate (CertificateMessage.java:1195)
sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume (CertificateMessage.java:1138)
sun.security.ssl.SSLHandshake.consume (SSLHandshake.java:393)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:476)
sun.security.ssl.HandshakeContext.dispatch (HandshakeContext.java:447)
sun.security.ssl.TransportContext.dispatch (TransportContext.java:201)
sun.security.ssl.SSLTransport.decode (SSLTransport.java:172)
sun.security.ssl.SSLSocketImpl.decode (SSLSocketImpl.java:1506)
sun.security.ssl.SSLSocketImpl.readHandshakeRecord (SSLSocketImpl.java:1421)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:455)
sun.security.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:426)
java.lang.reflect.Method.invoke (Method.java:580)
sci.impl.Reflector.invokeMatchingMethod (Reflector.java:172)
sci.impl.interop$invoke_instance_method.invokeStatic (interop.cljc:56)
sci.impl.evaluator$eval_instance_method_invocation.invokeStatic (evaluator.cljc:155)
sci.impl.analyzer$analyze_dot$reify__4345.eval (analyzer.cljc:1055)
sci.impl.analyzer$return_do$reify__3979.eval (analyzer.cljc:130)
sci.impl.analyzer$analyze_let_STAR_$reify__4234.eval (analyzer.cljc:627)
sci.impl.analyzer$analyze_let_STAR_$reify__4242.eval (analyzer.cljc:689)
sci.impl.interpreter$eval_form.invokeStatic (interpreter.cljc:40)
sci.core$eval_form.invokeStatic (core.cljc:344)
babashka.nrepl.impl.server$eval_msg$fn__27804$fn__27805.invoke (server.clj:108)
babashka.nrepl.impl.server$eval_msg$fn__27804.invoke (server.clj:104)
babashka.nrepl.impl.server$eval_msg.invokeStatic (server.clj:94)
babashka.nrepl.impl.server$fn__27908.invokeStatic (server.clj:373)
babashka.nrepl.impl.server/fn (server.clj:373)
clojure.lang.MultiFn.invoke (MultiFn.java:239)
babashka.nrepl.server.middleware$default_process_msg.invokeStatic (middleware.clj:13)
babashka.nrepl.server.middleware$wrap_process_message$fn__27974.invoke (middleware.clj:31)
clojure.core$completing$fn__8528.invoke (core.clj:6931)
clojure.core$map$fn__5931$fn__5932.invoke (core.clj:2759)
babashka.nrepl.impl.server$session_loop.invokeStatic (server.clj:445)
babashka.nrepl.impl.server$listen$fn__27958.invoke (server.clj:465)
sci.impl.vars$binding_conveyor_fn$fn__440.invoke (vars.cljc:133)
clojure.core$binding_conveyor_fn$fn__5823.invoke (core.clj:2047)
clojure.lang.AFn.call (AFn.java:18)
java.util.concurrent.FutureTask.run (FutureTask.java:317)
java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1144)
java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:642)
java.lang.Thread.runWith (Thread.java:1596)
java.lang.Thread.run (Thread.java:1583)
com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine (PlatformThreads.java:833)
com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine (PosixPlatformThreads.java:211)
from babashka.
Try recommendations from this page:
https://www.graalvm.org/latest/reference-manual/native-image/dynamic-features/CertificateManagement/
from babashka.
Looks good (1) and still-not-there (2).
- When testing against a production IMAP server (as shown below) does not throw any exception and connects.
(let [{:keys [host port ssl]} config
context (doto (SSLContext/getInstance "TLSv1.2")
(.init nil nil (java.security.SecureRandom.)))
factory (.getSocketFactory context)
socket (.createSocket factory host port)
_ (.startHandshake socket)]
(-> socket .isConnected))
;; => true
or, equivalently (setting TLS just for the given instance as we did before),
(let [{:keys [host port ssl]} config
socket (doto (.createSocket (SSLSocketFactory/getDefault) host port)
(.setEnabledProtocols (into-array String ["TLSv1.2"]))
(.startHandshake))]
(-> socket .isConnected))
;; => true
- But when testing against the test reverse echo openssl server, it throws, even after I set the
javax.net.ssl.trustStore
property.
(System/setProperty
"javax.net.ssl.trustStore"
"/Library/Java/JavaVirtualMachines/adoptopenjdk-11.jdk/Contents/Home/lib/security/cacerts")
from babashka.
Maybe it helps when doing on the command line:
bb -Djavax.net.ssl.trustStore=...
from babashka.
@i-blis I would merge what I have in the branch if this is useful to you, or else I'll wait a bit. I want to do a new release on Thursday probably.
from babashka.
Thanks for the command line option, I did not think of it. Unsurprisingly, it doesn't change much.
All in all I am very happy with how it works at the moment. I could connect to two IMAP servers over SSL (TLS v1.2 and v1.3) and a custom raw bytes SSL socket running in our lab. It is seems to work pretty well. I am confident it could be useful to others.
I couldn't figure out the problem with the test openssl server. Encryption is hard, as they say.
Thanks again a lot for your reactivity.
from babashka.
As far as I am concerned, you could very well close the issue. It works as expected in real use cases. We even got an up-to-date build that works on MacOS 10.13, as a bonus. Thanks again for your patience and all.
from babashka.
Related Issues (20)
- Feature flags ignored in custom builds with GraalVM 21 HOT 10
- Cannot import `shadow.css.build` HOT 5
- eximia compatibility
- empty bb.edn blowup babashka
- Unable to resolve classname: java.time.temporal.WeekFields HOT 2
- #{a b} set initialization doesn't throw if there are duplicates (in clj it does) HOT 6
- Command line parameters not being parsed by scripts, passing right through if Babashka has the same ones. HOT 2
- Change in v1.3.187 release breaks use of the `version` literal as an input to scripts
- Caching issue with relative local/root by same name, used in bb.edn in different directories HOT 1
- Resolve bb.edn when script is invoked via symlink HOT 1
- No dispatch macro for: ? HOT 9
- metadata added by read-string (as compared to clj implementation). HOT 9
- Embedding META-INF/bb.edn with :deps results in: Cannot run program "java"
- bb execution fails on Gentoo HOT 6
- Static-linked binary file for armv7(32-bit) platform. HOT 1
- hash-ordered-coll not found in clojure.core HOT 1
- Try to support latest changes in at-at
- Wrapping built-in timbre/log! throws an error HOT 3
- exec-task description
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from babashka.