Cro: libraries and tools for building reactive services in Perl 6 | cro.services/ | Logs: irclog.perlgeek.de/cro/
Set by moderator on 18 January 2018.
00:48 lizmat joined 02:59 ilbot3 joined
moderator Cro: libraries and tools for building reactive services in Perl 6 | cro.services/ | Logs: irclog.perlgeek.de/cro/
japhb Lots of Cro commits! \\o/ 03:59
07:41 sena_kun joined
Geth cro: 2bb4156dac | Altai-man++ | lib/Cro/Tools/Template/HTTPService.pm6
Make directory lowercase
 10:42
sena_kun jnthn, o/ 11:26
can you please try out https? A plain stub with https and then at least `openssl s_client -connect localhost:20000 -alpn 'h2' -msg` is enough. Because it seems we have some bad news. :/ 11:27
jnthn Can do 11:28
sena_kun I'm getting "140120833484480:error:140040E5:SSL routines:CONNECT_CR_SRVR_HELLO:ssl handshake failure:ssl_pkt.c:585:" 11:29
it is either my libressl instead of openssl, or it's something worse. :/ 11:30
jnthn Do the cro-ssl tests pass or fail for you?
sena_kun let's see... 11:31
*cro-tls
jnthn ooh, yes :)
sena_kun All tests successful. 11:32
like 5 times in a row, everything works. :/
cro trace doesn't output anything. 11:33
jnthn Yeah, it sounds like it's going wrong before it gets there
(e.g. in IO::Socket::Async::SSL) 11:34
sena_kun pulling it and testing...
so it doesn't work for you too?
jnthn I didn't get there yet
Geth cro-http/push-promise: 18d1ab5f0b | (Jonathan Worthington)++ | META6.json
Add Cro::HTTP::PushPromise to META6.json
sena_kun ah
jnthn Installing latest was broken by ^
sena_kun oh, thanks. 11:35
Testing [OK] for IO::Socket::Async::SSL:ver<0.5> 11:36
we have https tests in cro-http, e.g. http-client, and it passes 11:43
jnthn urgh, the push promise branch manages to cause problems installing websocket, and other things 11:46
Will have to look at that later
šŸ““ test-app Listening at localhost:20000 11:47
^Tāš  test-app error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher
Urgh
sena_kun good news: a plain server with https server works 11:48
*https support
probably something with a stub 11:49
jnthn Yeah, I'm getting the "no shared cipher" thing out of calling it with openssl s_client too 11:50
sena_kun gah 11:53
hmm, or not. 11:54
jnthn With the stub, didn't try anything else
*sigh*
And one of the PRs merged into HEAD of IO::Socket::Async::SSL breaks it completely
sena_kun %?RESOURCES evaluates to Nil on `perl6 -Ilib service.p6`.
not sure if it's a bug.
but if we have no certs, it's quite sane we cannot send them. 11:55
jnthn Indeed
sena_kun and this stub is `zef install`ed, so it's not like RESOURCES are not there. 11:56
ok, the issue is not so bad, but now I need to think on how to fix that. 11:58
jnthn I guess for now we could just // slurp('resources/fake-tls/...') 12:01
So if we get Nil from %?RESOURCES and we're not installed, we take it from the file system
sena_kun yup
jnthn It's a bit of a pain for development that we can't get at any of the resources though, I wonder if there's a way for Rakudo to do better there
sena_kun >NS_ERROR_NET_INADEQUATE_SECURITY 12:02
I feel like it's not an error. 12:03
Just a plain statement.
Net - inadequate security.
/ IT - INADEQUATE_SECURITY. 12:04
jnthn heh 12:07
I wonder if it's because of a missing cipher or something
Aha 12:08
So the reason HEAD of IO::Socket::Async::SSL failed is because it uses stuff from the OpenSSL module 12:09
That, I suspect, isn't in a release of it yet
sena_kun with openssl client I'm getting `Cipher : AES256-GCM-SHA384`, so it works. 12:10
missing cypher is probably due to Nil in RESOURCES.
But I cannot find what security level browser wants.
jnthn Hm, no, it was bumped 12:11
lunch time, will look more afterwards 12:14
sena_kun >Protocol : TLSv1.2 12:32
I wonder what the browser dislikes. :/
>TLS 1.2 is latest version of TLS and it is recommended for clients to implement. 12:34
nice
it's not just websockets. 13:05
can confirm that using Cro::HTTP from push-promise branch gives you `Could not find symbol '&Server'` on cro run with a normal stub, which is a nonsense error. :/ 13:07
Geth cro: 431b7b7ffa | Altai-man++ | lib/Cro/Tools/Template/HTTPService.pm6
Use a local backup for RESOURCES
jnthn sena_kun: Yeah, I suspect some kind of pre-comp issue 13:11
sena_kun I pushed local fake-tls backup usage. 13:12
(obvious from the commit above, yup)
jnthn pulls and tries 13:13
sena_kun ah, no, it won't help. 13:14
grrrrr~
jnthn It'd need at least .IO on there, I think? 13:15
sena_kun let's see.
Geth cro: 30f4af41cb | Altai-man++ | lib/Cro/Tools/Template/HTTPService.pm6
Fix names
 13:37
sena_kun so you can get a certs if you're inside of a project directory and run `cro run`. Of course, it doesn't work if you're in one directory level above. :/
no, it's actually ok if used after `zef install`. 13:40
jnthn zef install of what exactly? 13:43
sena_kun cro stub foo, cd foo, zef install ., cd .., cro run; 13:44
jnthn oh, it shouldn't need that 13:45
But uh
sena_kun ah, of course, cro stub foo, zef install foo, cro run;
without that RESOURCES doesn't work.
jnthn Doesn't cro run execute the service with the correct cwd?
No, but the fallback should?
Hm, how does -Ilib even work if we had the wrong cwd
sena_kun fallback is hardcoded now, so it works only on cro stub foo; cd foo; cro run. 13:46
jnthn Why is the cd needed, though? That's what I don't understand
sena_kun It shouldn't? It makes things quite different then. :/
jnthn I thought when we started the service we did so with the cwd set
To the directory of the service 13:47
So a relative path should just work
sena_kun I see `cwd` set.
jnthn Hm 13:48
sena_kun testing that now
yes, it works as relative. 13:49
ok, so the results are: 1)openssl client is ok; 2)curl client is ok(with -k); 3)firefox with some exceptions gave me "Header table index 70 out of range". 13:51
but at least it's some trace now.
jnthn ah, firefox does connect now though? :)
sena_kun it depends on what do you mean by "connect". :) 13:52
jnthn Gets past the SSL stuff?
No more security error (well, beyond the untrusted cert)?
sena_kun if "I see answer" - nope. I see "Header table index 70 out of range" now.
No more security error(I use fake cert so I added it as exception though). 13:53
jnthn *nod*
Hmm, I think that maybe comes from the HTTP/2 header thing
sena_kun that I've changed yesterday?
jnthn No, I mean HPACK 13:55
sena_kun was it changed recently?
jnthn To be clear, it sounds like an error that comes out of our HPACK library
No
sena_kun It is.
then we need to fix it, probably.
jnthn Is there any way we could be feeding headers to HPACK in any order other than that which they arrive to us?
They need to be put through the decoder in precisely the order they arrive over the network 13:56
I'd check that first
sena_kun should I debug it today(to be able to check push promises in browser by the end of the day) then? 13:57
it == this whole case 13:58
jnthn Yeah, may as well while it's in your head :)
sena_kun ok.
well, it's a bit uncomfortable when you don't have a clear goal and some floating multiply_various_issues_related messages around. :] Ok, will investigate hpack issues then. 14:00
jnthn Well, goal is that we can merge the push promise branch and ship it comfortable that it basically works :-)
sena_kun >`Server` is not found when it's here 14:01
jnthn Yeah, that one is weird 14:02
I can maybe look at that a bit while you do HPACK stuff
Well, I'm actually a tad distracted with some other work tasks at the moment, but will look at it after that.
sena_kun Surely, no problem. :) The thing with precomp is that I am not sure even from where to start, so looking at hpack is probably a better option. I'll do it. 14:04
damn 14:06
This day is... Fun. I actually turned off the security error by disabling `spdy.enforce-tls-profile` in firefox. But it's still an error without that manual patch. 14:07
jnthn sena_kun: Heh, reverting the commit "sort imports" unbreaks things, it seems 15:04
sena_kun o.O 15:05
That's not how imports should work if you ask me. Or it should.
Hmmmm.
jnthn No, I think it's a bug
Can report it, but we'll perhaps have to try and golf it also
sena_kun meanwhile, I've installed h2i here and trying to debug it frame-by-frame. The problem is it's completely okay in the debugger. 15:06
Geth cro-http/push-promise: 3aa5e9a899 | (Jonathan Worthington)++ | lib/Cro/HTTP/Response.pm6
Revert "Sort imports"

This reverts commit 7d52928f0b4f2495ede19be8cb7cc048e2ea6486, which for no good reason makes `use Cro::HTTP::Server; use Cro::HTTP::Router` result in it being impossible to see `Cro::HTTP::Server`.		 15:08
jnthn Filed github.com/rakudo/rakudo/issues/1419 15:14
sena_kun Tested all available cyphers supported by cro service, among which e.g. "Testing AES256-GCM-SHA384...YES" is present. But firefox thinks it's not secure enough. 15:34
jnthn, btw, it means that websocket is fixed now? 15:36
jnthn Yes 15:37
sena_kun at least something. :) 15:38
15:41 Zoffix joined
Zoffix Drive-by drop: github.com/gothinkster/realworld "The mother of all demo apps" where demo apps in different frameworks/backends are shown side by side. Could show a Cro/Perl 6 example 15:42
15:42 Zoffix left
sena_kun dxr.mozilla.org/mozilla-release/so...lenum.c#60 - odd. 15:55
16:18 scovit joined
sena_kun jnthn, github.com/jnthn/p6-io-socket-asyn.../issues/25 - it's 100% confirmed. I think we need to resolve this issue to serve anything in both firefox/chromium. 16:26
jnthn urgh 16:29
OK
japhb Zoffix: Looks pretty good (realworld) -- passed that onto a friend who is deciding on a new stack for their next project, thanks! 16:31
And yes, I'd love to see a Cro implementation. :-) 16:32
sena_kun: And here I thought it was just me doing something wrong on my machine when I was having trouble actually using an https stub from my browser. :-( 16:36
sena_kun japhb, first 15 minutes I thought so too. :/ 16:37

Powered by Cro and the RakuĀ® Programming Language.

Please report any issues / comments / feature requests as an issue on App::Raku::Log.

Thank you!