Shared Libraries

[Lewiscowles1986]

Just tried running this on Ubuntu 22.04

First it says libssl.so.1.1 is missing (the system default is libssl.so)
Then libcrypto.so.1.1. Same behhavior...

I'd installed something that put these into snap packages, so I copied from
/snap/core20/1434/usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 to /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1
(same with libssl.so.1.1)

Seems like this should either ship with those or link to something that can be statically compiled in.

[mefellows]

Right, so Ubuntu defaults to openssl 3.x.x. Should we consider not using openssl in that library @uglyog and instead use the rust tls stuff like we're using elsewhere?

What's the broader impact of dropping openssl?

[rholshausen]

The only issue was the certificate loading issue on Windows, but that is now resolved

[Lewiscowles1986]

I Guess my confusion here is. Why is Linux client requiring OpenSSL if windows is not?

I Just verified @rholshausen is correct; however my windows machine is a pet machine, not deployed with infrastructure as code. So It's very possible that some other dependency brings in OpenSSL.

I'll try to ask my wife who is not a coder to try this. Because if it's not an issue for Windows, I can't see why it should be an issue for Linux... Are the builds so different?

Update: https://github.com/pact-foundation/pact-stub-server/blob/master/Cargo.lock#L814-L830

[rholshausen]

On Windows and OSX there are OS specific APIs to provide TLS, on Linux it has to use openssl.

From: https://github.com/sfackler/rust-native-tls

Specifically, this crate uses SChannel on Windows (via the schannel crate), Secure Transport on macOS (via the security-framework crate), and OpenSSL (via the openssl crate) on all other platforms.

By default, openssl will be dynamically linked on Linux.

[Lewiscowles1986]

Just looking for how to statically link openssl then following sfackler/rust-native-tls#190 (comment)

[Lewiscowles1986]

OpenSSL as always... not fun to play with smol attempt.

I wonder if https://github.com/rustls/rustls might drop in with less fuss...

I'll try to make some time on this at some point, but it can't be a priority for me at the moment (sorry).

How likely is this library/utility to be maintained in the future? I noticed master mentions an unpublished release that didn't pass github actions on mac, and hasn't updated since Jan 2021... Is this repo deprecated?

One other approach that could work would be (maintenance burden), maintaining a generic docs warning for Linux users, with specific community contributed guides to setting up openssl and crypto shared objects of the correct version.

[rholshausen]

I have migrated the other Rust-based Pact utilities to use Rust TLS, so it won't be a big change. I just haven't had the time to get around to this one. But it is still supported.

[rholshausen]

The binary is now only linked to the standard Linux libs

❯ ldd target/debug/pact-stub-server
        linux-vdso.so.1 (0x00007fff4bae8000)
        libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f899cd64000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f899cd41000)
        libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f899cbf2000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f899cbec000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f899c9fa000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f899ed2e000)

[Lewiscowles1986]

Awesome, I'll take https://github.com/pact-foundation/pact-stub-server/releases/tag/v0.5.0 for a spin. Should definitely be more stable than shell scripts.