luciano/babashka
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

enable SSL via Java property (#21)

Browse source
This commit is contained in:
Michiel Borkent 2019-08-17 22:19:46 +02:00 committed by GitHub
parent 8341407cbe
commit 4607016910
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 48 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
.circleci/config.yml
View file

@ -38,10 +38,10 @@ jobs:
curl -O -sL https://github.com/oracle/graal/releases/download/vm-19.2.0-dev-b01/graalvm-ce-linux-amd64-19.2.0-dev-b01.tar.gz
tar xzf graalvm-ce-linux-amd64-19.2.0-dev-b01.tar.gz
fi
- run:
name: Install GraalVM SSL libs
command: |
.circleci/script/graalvm_ssl
# - run:
# name: Install GraalVM SSL libs
# command: |
# .circleci/script/graalvm_ssl
- run:
name: Run JVM tests
command: |
@ -96,10 +96,10 @@ jobs:
curl -O -sL https://github.com/oracle/graal/releases/download/vm-19.2.0-dev-b01/graalvm-ce-linux-amd64-19.2.0-dev-b01.tar.gz
tar xzf graalvm-ce-linux-amd64-19.2.0-dev-b01.tar.gz
fi
- run:
name: Install GraalVM SSL libs
command: |
.circleci/script/graalvm_ssl
# - run:
# name: Install GraalVM SSL libs
# command: |
# .circleci/script/graalvm_ssl
- run:
name: Build binary
command: |
@ -159,10 +159,10 @@ jobs:
curl -O -sL https://github.com/oracle/graal/releases/download/vm-19.2.0-dev-b01/graalvm-ce-darwin-amd64-19.2.0-dev-b01.tar.gz
tar xzf graalvm-ce-darwin-amd64-19.2.0-dev-b01.tar.gz
fi
- run:
name: Install GraalVM SSL libs
command: |
.circleci/script/graalvm_ssl
# - run:
# name: Install GraalVM SSL libs
# command: |
# .circleci/script/graalvm_ssl
- run:
name: Build binary
command: |

45
README.md
View file

@ -99,7 +99,7 @@ through the aliases:
From Java the following is available:
- `System`: `exit`, `getProperty`, `getProperties`, `getenv`
- `System`: `exit`, `getProperty`, `setProperty`, `getProperties`, `getenv`
Special vars:
@ -185,39 +185,30 @@ Writing file: /tmp/clojure.org.html
## Enabling SSL
If you want to be able to use SSL to e.g. `(slurp "https://www.clojure.org")`
you will need install a runtime dependency called `libsunec.so`. Because I don't
know if I'm allowed to ship this library with babashka, I have chosen to let the
user take care of these and put them in a known location. This also allows you
to include a different `cacerts`.
If you want to be able to use SSL to e.g. run `(slurp
"https://www.clojure.org")` you will need to add the location where
`libsunec.so` or `libsunec.dylib` is located to the `java.library.path` Java
property. This library comes with most JVM installations, so you might already
have it on your machine. It is usually located in `<JAVA_HOME>/jre/lib` or
`<JAVA_HOME>/jre/<platform>/lib`. It is also bundled with GraalVM.
To enable SSL, create a `~/.babashka/lib` directory and copy the`libsunec.so`
(Linux) or `libsunec.dylib` (Mac) to it. This library comes with GraalVM and is
located in `<GRAALVM_HOME>/jre/lib/<platform>` inside the distribution. Also create a and
`~/.babashka/lib/security` directory and copy `cacerts` to it which comes
bundled with GraalVM and is located in
`<GRAALVM_HOME>/jre/lib/security`.
As a shell script:
Example:
``` shellsession
mkdir -p ~/.babashka/lib/security
$ cat /tmp/https_get.clj
#!/usr/bin/env bb -f
# Linux:
cp $GRAALVM_HOME/jre/lib/amd64/libsunec.so ~/.babashka/lib
(System/setProperty
"java.library.path"
"/Library/Java/JavaVirtualMachines/adoptopenjdk-8.jdk/Contents/Home/jre/lib")
# Mac:
cp $GRAALVM_HOME/jre/lib/libsunec.dylib ~/.babashka/lib
cp $GRAALVM_HOME/jre/lib/security/cacerts ~/.babashka/lib/security
(slurp (first *command-line-args*))
```
You can download a distribution of GraalVM for your platform on
[Github](https://github.com/oracle/graal/releases).
More information about GraalVM and SSL can be found
[here](https://blog.taylorwood.io/2018/10/04/graalvm-https.html) and
[here](https://quarkus.io/guides/native-and-ssl-guide).
``` shellsession
$ /tmp/https_get.clj https://www.google.com | bb '(subs *in* 0 50)'
"<!doctype html><html itemscope=\"\" itemtype=\"http:/"
```
## Test

16
src/babashka/main.clj
View file

@ -97,6 +97,9 @@
([s d]
(System/getProperty s d)))
(defn set-property [k v]
(System/setProperty k v))
(defn get-properties []
(System/getProperties))
@ -117,6 +120,7 @@
'edn/read-string edn/read-string
'System/getenv get-env
'System/getProperty get-property
'System/setProperty set-property
'System/getProperties get-properties
'System/exit exit})
@ -124,10 +128,7 @@
(edn/read {;;:readers *data-readers*
:eof ::EOF} *in*))
(defn main
[& args]
#_(binding [*out* *err*]
(prn ">> args" args))
#_(defn set-ssl []
(let [home (System/getProperty "user.home")
bb-lib-dir (io/file home ".babashka" "lib")
lib-path (System/getProperty "java.library.path")
@ -135,7 +136,12 @@
ca-certs (.getPath (io/file ca-certs-dir "cacerts"))]
(System/setProperty "java.library.path" (str (.getPath bb-lib-dir) ":" lib-path))
(System/setProperty "javax.net.ssl.trustStore" ca-certs)
(System/setProperty "javax.net.ssl.trustAnchors" ca-certs))
(System/setProperty "javax.net.ssl.tru stAnchors" ca-certs)))
(defn main
[& args]
#_(binding [*out* *err*]
(prn ">> args" args))
(let [t0 (System/currentTimeMillis)
{:keys [:version :raw-in :raw-out :println?
:help? :file :command-line-args

8
test/babashka/main_test.clj
View file

@ -84,7 +84,13 @@
(bb nil))))
(deftest ssl-test
(is (re-find #"doctype html" (bb nil "(slurp \"https://www.google.com\")"))))
(let [graalvm-home (System/getenv "GRAALVM_HOME")
lib-path (format "%1$s/jre/lib:%1$s/jre/lib/amd64" graalvm-home)
_ (prn "lib-path" lib-path)
resp (bb nil (format "(System/setProperty \"java.library.path\" \"%s\")
(slurp \"https://www.google.com\")"
lib-path))]
(is (re-find #"doctype html" resp))))
(deftest stream-test
(is (= "2\n3\n4\n" (test-utils/bb "1 2 3" "--stream" "(inc *in*)")))