Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add mbedtls to support https & crypto #349

Open
Gary-Hobson opened this issue Jan 3, 2023 · 12 comments
Open

Add mbedtls to support https & crypto #349

Gary-Hobson opened this issue Jan 3, 2023 · 12 comments

Comments

@Gary-Hobson
Copy link

I noticed that now in txiki, http is implemented using curl, can we add support for https?
This may require adding a new dependency library mbedtls, if this is allowed I might be able to get this working

mbedtls also comes with a variety of encryption and decryption algorithms
Adding it can throw away the existing hashlib.js, it is very inefficient to let JS execute these algorithms
@saghul
Copy link
Owner

saghul commented Jan 3, 2023

Hey there!

Sure thing, I do want us to have mbedtls integrated, and migrate all the hashing stuff to it.

That should not be a requirement for https in curl today though, since we link with the system one on most platforms, which in turn uses WinSSL, whatever calls it's thing or OpenSSL. Not ideal, I know, but one step at a time :-)

@guest271314
Copy link
Contributor

I'm wondering if we can import serveTls from Deno's https://deno.land/std@0.167.0/http/server.ts?

When I run

./deno repl --allow-net --allow-read --allow-write
Deno 1.29.2
exit using ctrl+d, ctrl+c, or close()
> import { serveTls } from "https://deno.land/std@0.167.0/http/server.ts";

the C source code is downloaded to /home/user/.cache/deno/deps/https/deno.land/.

@saghul
Copy link
Owner

saghul commented Jan 23, 2023

Deno uses Rust and OpenSSL and I'd like to keep txikiJS simple, so I think mbedtls is a better fit for the project.

@junsik
Copy link

junsik commented Mar 9, 2023

FYI

https://github.com/czanyou/wotjs-core/blob/main/src/tls.c
https://github.com/czanyou/wotjs-core/blob/main/src/crypto.c

@saghul
Copy link
Owner

saghul commented Mar 9, 2023

Oh, nice! Might be able to reuse some of that!

@guest271314
Copy link
Contributor

I tried building wotjs-core. Error thrown at

wotjs-core/src/misc.c:27:10: fatal error: version.h: No such file or directory
   27 | #include "version.h"
      |          ^~~~~~~~~~~

Can't the HTTP server parts be extracted and used within QuickJS?

@saghul
Copy link
Owner

saghul commented Mar 11, 2023

They can likely be migrated to txiki.js, since that's a fork, but a 2 year old one, and a lot has changed since.

@guest271314
Copy link
Contributor

I've been testing server implementations, C and other languages. I think busybox's httpd https://github.com/mirror/busybox/blob/master/networking/httpd.c is simple enough to port to QuickJS.

For my use case I just need to create a server to load an HTML page so I can hand off handling the request and response to a local ServiceWorker.

Other options include coralmicro HTTP server https://github.com/google-coral/coralmicro/blob/main/libs/base/http_server.cc, and Chromium's HTTP servr https://github.com/chromium/chromium/blob/main/net/server/http_server.cc.

@saghul
Copy link
Owner

saghul commented Mar 12, 2023

Unfortunately none of those options are a good fit for txiki.js.

The BusyBox implementation is GPL, so incompatible with the current license.

The other 2 are written in C++ and I don't want to start adding c++ code here.

I think https://github.com/rsenn/qjs-net is a better option, but I need to integrate the event loop with libuv instead of using the default in libwebsockets, and last I checked it wasn't very well documented.

@guest271314
Copy link
Contributor

@saghul I couldn't get https://github.com/rsenn/qjs-net to compile the last time I tried. There is also https://github.com/QuickJS-Web-project/quickwebserver, which I also had issues compiling after upstream updates.

@guest271314
Copy link
Contributor

qjs-net is failing to build on Debian/Ubuntu Linux due to this

Compile module '/home/user/qjs-net/js/rpc.js' ...
Compiling module js/rpc.js
-- Compile QuickJS module 'rpc.c' from 'js/rpc.js'
-- Configuring incomplete, errors occurred!
See also "/home/user/qjs-net/build/CMakeFiles/CMakeOutput.log".
See also "/home/user/qjs-net/build/CMakeFiles/CMakeError.log".

/usr/bin/cc  -DCHECK_FUNCTION_EXISTS=strlcpy -rdynamic CMakeFiles/cmTC_49f1a.dir/CheckFunctionExists.c.o -o cmTC_49f1a 
/usr/bin/ld: CMakeFiles/cmTC_49f1a.dir/CheckFunctionExists.c.o: in function `main':
CheckFunctionExists.c:(.text+0x14): undefined reference to `strlcpy'
collect2: error: ld returned 1 exit status
gmake[1]: *** [CMakeFiles/cmTC_49f1a.dir/build.make:99: cmTC_49f1a] Error 1
gmake[1]: Leaving directory '/home/user/qjs-net/build/CMakeFiles/CMakeTmp'
gmake: *** [Makefile:127: cmTC_49f1a/fast] Error 2

I'm not sure what to modify or pass to cmake to link to strlcpy (https://stackoverflow.com/questions/72492507/how-to-link-strlcpy-in-makefile-in-c-undefined-reference-to-strlcpy).

@saghul
Copy link
Owner

saghul commented Mar 13, 2023

I'd suggest you open an issue on their repo. IIRC strlcpy comes from BSD.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@saghul @junsik @guest271314 @Gary-Hobson