Use openssl instead of tls in federator http2 client#3154
Merged
akshaymankar merged 5 commits intodevelopfrom Mar 21, 2023
Merged
Use openssl instead of tls in federator http2 client#3154akshaymankar merged 5 commits intodevelopfrom
akshaymankar merged 5 commits intodevelopfrom
Conversation
zebot
added
the
ok-to-test
`SSL.read ssl n` doesn't always return `n` bytes, so reading data multiple times is necessary. Upstream PR has been made to warn future users: haskell-cryptography/HsOpenSSL#81
akshaymankar
force-pushed
the
openssl-attempt-2
branch
from
6393d66 to
c65bd0a
Compare
akshaymankar
changed the title
pcapriotti
approved these changes
Mar 21, 2023
Contributor
pcapriotti
left a comment
pcapriotti
left a comment
There was a problem hiding this comment.
LGTM. Minor comment below.
| readData 0 = pure "" | ||
| readData n = SSL.read ssl n `catch` \(_ :: SSL.ConnectionAbruptlyTerminated) -> pure mempty | ||
| ref <- newIORef mempty | ||
| let readData n = do |
Contributor
There was a problem hiding this comment.
It looks like now we're also handling the case where SSL.read returns more than n bytes. Is that necessary? If not, we can get rid of the IORef, and simply have a tail-recursive loop that calls SSL.read until it reaches n bytes or EOF.
Member
Author
There was a problem hiding this comment.
Sounds great! I made another commit, can you please look at it?
pcapriotti
reviewed
Mar 21, 2023
| | chunkLen > n -> | ||
| error "openssl: SSL.read returned more bytes than asked for, this is probably a bug" | ||
| | otherwise -> | ||
| mappend chunk <$> readData (n - chunkLen) |
Contributor
There was a problem hiding this comment.
This is not tail-recursive, but probably it doesn't matter too much. To make it tail-recursive, you can make an inner loop with an accumulator argument.
Member
Author
There was a problem hiding this comment.
Ah right, totally forgot about tail recursion, thanks! How about now?
2 tasks
akshaymankar
added a commit
that referenced
this pull request
Mar 29, 2023
akshaymankar
added a commit
that referenced
this pull request
Mar 29, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
In #3051 it was assumed that
SSL.read ssl nwould always returnnbytes. But unfortunately this is not true. A proposal to change upstream docs is here: haskell-cryptography/HsOpenSSL#81Checklist
changelog.d