Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src: revert removal of SecureContext _external getter #21711

Closed
wants to merge 5 commits into from

Conversation

dyatlov
Copy link
Contributor

@dyatlov dyatlov commented Jul 8, 2018

This _external getter is essential for some libs to work:
uWebSockets as an example.

It reverts this PR: #20237
Use case which that PR broke: https://github.com/uNetworking/uWebSockets-bindings/blob/master/nodejs/src/uws.js#L508

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • commit message follows commit guidelines

This `_external` getter is essential for some libs to work:
uWebSockets as an example.
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Jul 8, 2018
@dyatlov
Copy link
Contributor Author

dyatlov commented Jul 8, 2018

@addaleax created a PR as you suggested.

@addaleax
Copy link
Member

addaleax commented Jul 8, 2018

Can you link to the original PR in the commit message?

Also, I think you need to fix this up a bit:

  CXX(target) /home/travis/build/nodejs/node/out/Release/obj.target/node_lib/src/tls_wrap.o
../src/node_crypto.cc:1365:58: error: no viable conversion from 'node::crypto::SSLCtxPointer' (aka 'std::unique_ptr<ssl_ctx_st, node::FunctionDeleter<ssl_ctx_st, &SSL_CTX_free> >') to 'void *'
  Local<External> ext = External::New(info.GetIsolate(), sc->ctx_);
                                                         ^~~~~~~~
../deps/v8/include/v8.h:5092:54: note: passing argument to parameter 'value' here
  static Local<External> New(Isolate* isolate, void* value);
                                                     ^
1 error generated.

Adding .get() to sc->ctx_ might be enough.

dyatlov added 2 commits July 8, 2018 20:35
This `_external` getter is essential for some libs to work:
uWebSockets as an example.
Copy link
Member

@addaleax addaleax left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM as a short-term fix, but just to be clear, this does not mean that this is a supported API and will be kept around longer than necessary.

If you want to expect being able to use the library without risking breakage, you need to take the larger issue of internals misuse up with the library’s maintainers as soon as possible and push it through.

@jasnell
Copy link
Member

jasnell commented Jul 12, 2018

@jasnell
Copy link
Member

jasnell commented Sep 10, 2018

What's the status on this one?

@jasnell jasnell added the stalled Issues and PRs that are stalled. label Sep 10, 2018
@addaleax
Copy link
Member

I think it could land, if somebody just started a new CI (I can currently not access the interface).

@addaleax addaleax removed the stalled Issues and PRs that are stalled. label Sep 11, 2018
@jasnell jasnell added this to the 11.0.0 milestone Oct 9, 2018
@addaleax addaleax added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Oct 9, 2018
@addaleax
Copy link
Member

addaleax commented Oct 9, 2018

Still LGTM, but again, this is a temporary workaround; you should expect this to be deprecated and removed again at some point, and you need to address this in the library’s code.

If necessary, we can work out a public API.

CI: https://ci.nodejs.org/job/node-test-pull-request/17707/

@addaleax
Copy link
Member

addaleax commented Oct 9, 2018

@dyatlov Sorry, we don’t usually do merge commits here – CI can’t handle that…

New CI (without automatic rebasing): https://ci.nodejs.org/job/node-test-pull-request/17708/

@SirAnthony
Copy link

Still LGTM, but again, this is a temporary workaround; you should expect this to be deprecated and removed again at some point, and you need to address this in the library’s code.

If necessary, we can work out a public API.

Since it is just wrapper for c++ SSL structure pointer and useful only inside node c++ addons, maybe it will be enough to provide a way to get that pointer only in c++ code?

@addaleax
Copy link
Member

Since it is just wrapper for c++ SSL structure pointer and useful only inside node c++ addons, maybe it will be enough to provide a way to get that pointer only in c++ code?

Yes, that would most likely be a C++ API… It’s a bit hard to tell what the expected semantics are, since the original repository linked in the PR description seems to be gone?

@addaleax
Copy link
Member

Landed in 3f08c00

@addaleax addaleax closed this Oct 12, 2018
addaleax pushed a commit that referenced this pull request Oct 12, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Trott pushed a commit that referenced this pull request Oct 13, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
targos pushed a commit that referenced this pull request Oct 13, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
jasnell pushed a commit that referenced this pull request Oct 17, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request Oct 30, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
@hermanbanken
Copy link

hermanbanken commented Nov 7, 2018

@dyatlov, did you get UWS to work with Node 11 again after this?

I'm still struggling. I patched uws.js to look into ssl._secureContext.context._external, but that doesn't seem to be enough.

- const sslState = socket.ssl ? socket.ssl._external : null;
+ const sslState = socket.ssl ? (socket.ssl._external || socket.ssl._secureContext.context._external) : null;

@sam-github
Copy link
Contributor

@hermanbanken I found uws was using V8 APIs deprecated in 11.x and wouldn't compile at all. On the other hand, this PR is in https://github.com/nodejs/node/commits/v10.x-staging so should be in the upcoming 10.x release. Try building against that branch.

@addaleax
Copy link
Member

addaleax commented Nov 7, 2018

@hermanbanken @sam-github That’s good to know… since you mentioned it’s unmaintained, should we go back to removing or at least deprecating this?

@sam-github
Copy link
Contributor

Removing is demonstrably semver-major, so I don't think we should do that 10.x. Deprecating in 11.x and removing in 12.x would be workable.

I understand why you removed it, @addaleax , less code := more maintainable almost by definition... but the cost of this code is pretty low. I don't object to its orderly removal, but I also don't see see any problem leaving it around.

@addaleax
Copy link
Member

addaleax commented Nov 7, 2018

@sam-github Yeah, I don’t disagree. And I’m still open to providing some sort of official public API to achieve these goals, but … I am somewhat afraid of this being a blocker for some future refactor.

I would aim for a runtime deprecation not before Node 12 (and so removal not before Node 13), just to be clear.

@sam-github
Copy link
Contributor

As long as there is an OpenSSL, there will be an SSL context. Its more work for a fringe use-case, but maybe there is some way to have a pure C++ API, perhaps node::crypto::GetSecureContextFromHandle(), that would allow C++ addons to get the SecureContext? This would make more sense to me, given that the SecureContext can only be used with the SSL_ APIs by C++ code, only C++ needs to get it. This would still have the positive effect of removing the context from the js API. Just a thought.

@addaleax
Copy link
Member

addaleax commented Nov 7, 2018

@sam-github Yes, that sounds about right for an “official public API” :)

@sam-github sam-github mentioned this pull request Nov 8, 2018
4 tasks
@codebytere codebytere mentioned this pull request Nov 27, 2018
rvagg pushed a commit that referenced this pull request Nov 28, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
MylesBorins pushed a commit that referenced this pull request Nov 29, 2018
This `_external` getter is essential for some libs to work:
uWebSockets as an example.

PR-URL: #21711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
@codebytere codebytere mentioned this pull request Nov 29, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants