diff options
| author |  Jarred Sumner <jarred@jarredsumner.com>
| 2022-04-04 06:37:39 -0700 |
|---|---|---|
| committer | Jarred Sumner <jarred@jarredsumner.com>
| 2022-04-04 06:37:39 -0700 |
| commit | 9554dd1c336a204c7808ac03125a876b03556e46 (patch) | |
| tree | c35068107b46ddbcf48ae1beca95a16017473ff1 | |
| parent | 7fd12ca3ae2bf5bc98c45777af4e1e657fcd50f0 (diff) | |
| download | bun-9554dd1c336a204c7808ac03125a876b03556e46.tar.gz bun-9554dd1c336a204c7808ac03125a876b03556e46.tar.zst bun-9554dd1c336a204c7808ac03125a876b03556e46.zip | |
fix https
| -rw-r--r-- | Makefile | 35 | ||||
| -rw-r--r-- | examples/bun/html-rewriter.ts | 10 | ||||
| -rw-r--r-- | src/deps/libuwsockets.cpp | 15 | ||||
| -rw-r--r-- | src/javascript/jsc/api/server.zig | 89 |
4 files changed, 109 insertions, 40 deletions
@@ -101,7 +101,7 @@ AR=llvm-ar-13 endif OPTIMIZATION_LEVEL=-O3 -CFLAGS = $(MACOS_MIN_FLAG) $(MARCH_NATIVE) -ffunction-sections -fdata-sections -g $(OPTIMIZATION_LEVEL) +CFLAGS = $(MACOS_MIN_FLAG) $(MARCH_NATIVE) -fembed-bitcode=all -g $(OPTIMIZATION_LEVEL) BUN_TMP_DIR := /tmp/make-bun BUN_DEPLOY_DIR = /tmp/bun-v$(PACKAGE_JSON_VERSION)/$(PACKAGE_NAME) @@ -265,9 +265,7 @@ PLATFORM_LINKER_FLAGS = ifeq ($(OS_NAME), darwin) PLATFORM_LINKER_FLAGS += -DDU_DISABLE_RENAMING=1 \ -lstdc++ \ - -fno-keep-static-consts \ - -ffunction-sections \ - -fdata-sections + -fno-keep-static-consts endif @@ -294,11 +292,14 @@ ARCHIVE_FILES_WITHOUT_LIBCRYPTO = $(MIMALLOC_FILE_PATH) \ $(BUN_DEPS_OUT_DIR)/libssl.a \ $(BUN_DEPS_OUT_DIR)/picohttpparser.o \ $(BUN_DEPS_OUT_DIR)/liblolhtml.a \ - $(BUN_DEPS_OUT_DIR)/uSockets.a \ - $(BUN_DEPS_OUT_DIR)/libuwsockets.o ARCHIVE_FILES = $(ARCHIVE_FILES_WITHOUT_LIBCRYPTO) $(BUN_DEPS_OUT_DIR)/libcrypto.boring.a +ifeq ($(OS_NAME), darwin) + ARCHIVE_FILES += $(wildcard $(BUN_DEPS_DIR)/uws/uSockets/src/*.o) $(wildcard $(BUN_DEPS_DIR)/uws/uSockets/src/**/*.o) $(BUN_DEPS_OUT_DIR)/libuwsockets.o +else + ARCHIVE_FILES += $(BUN_DEPS_OUT_DIR)/uSockets.a $(BUN_DEPS_OUT_DIR)/libuwsockets.o +endif STATIC_MUSL_FLAG ?= @@ -333,7 +334,7 @@ BUN_LLD_FLAGS_WITHOUT_JSC = $(ARCHIVE_FILES) \ -BUN_LLD_FLAGS = $(JSC_BINDINGS) ${ICU_FLAGS} $(BUN_LLD_FLAGS_WITHOUT_JSC) +BUN_LLD_FLAGS = $(BUN_LLD_FLAGS_WITHOUT_JSC) $(JSC_BINDINGS) ${ICU_FLAGS} CLANG_VERSION = $(shell $(CC) --version | awk '/version/ {for(i=1; i<=NF; i++){if($$i=="version"){split($$(i+1),v,".");print v[1]}}}') @@ -463,14 +464,21 @@ UWS_CXX_FLAGS = $(UWS_CC_FLAGS) -std=gnu++17 UWS_LDFLAGS = -I$(BUN_DEPS_DIR)/boringssl/include usockets: - rm -rf $(BUN_DEPS_DIR)/uws/uSockets/*.o $(BUN_DEPS_DIR)/uws/uSockets/*.a - cd $(BUN_DEPS_DIR)/uws/uSockets && \ - $(CC) $(CFLAGS) $(UWS_CC_FLAGS) $(UWS_LDFLAGS) $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c -c src/*.c src/eventing/*.c src/crypto/*.c -flto && \ - $(CXX) $(CXXFLAGS) $(UWS_CXX_FLAGS) $(UWS_LDFLAGS) $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c src/crypto/*.cpp && \ - $(AR) rvs $(BUN_DEPS_OUT_DIR)/uSockets.a *.o + rm -rf $(BUN_DEPS_DIR)/uws/uSockets/*.o $(BUN_DEPS_DIR)/uws/uSockets/**/*.o $(BUN_DEPS_DIR)/uws/uSockets/*.a + + cd $(BUN_DEPS_DIR)/uws/uSockets/src && \ + $(CC) -fPIC $(CFLAGS) $(UWS_CC_FLAGS) -I$(BUN_DEPS_DIR)/uws/uSockets/src $(UWS_LDFLAGS) -g $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c *.c && \ + cd $(BUN_DEPS_DIR)/uws/uSockets/src/eventing && \ + $(CC) -fPIC $(CFLAGS) $(UWS_CC_FLAGS) -I$(BUN_DEPS_DIR)/uws/uSockets/src $(UWS_LDFLAGS) -g $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c *.c && \ + cd $(BUN_DEPS_DIR)/uws/uSockets/src/crypto && \ + $(CC) -fPIC $(CFLAGS) $(UWS_CC_FLAGS) -I$(BUN_DEPS_DIR)/uws/uSockets/src $(UWS_LDFLAGS) -g $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c *.c && \ + $(CXX) -fPIC $(CXXFLAGS) $(UWS_CXX_FLAGS) -Isrc $(UWS_LDFLAGS) -g $(DEFAULT_LINKER_FLAGS) $(PLATFORM_LINKER_FLAGS) $(OPTIMIZATION_LEVEL) -g -c *.cpp; + + cd $(BUN_DEPS_DIR)/uws/uSockets && \ + $(AR) rcvs $(BUN_DEPS_OUT_DIR)/uSockets.a src/*.o src/eventing/*.o src/crypto/*.o uws: usockets - $(CXX) -I$(BUN_DEPS_DIR)/uws/uSockets/src $(CLANG_FLAGS) $(UWS_CXX_FLAGS) $(UWS_LDFLAGS) $(PLATFORM_LINKER_FLAGS) -c -flto -I$(BUN_DEPS_DIR) $(BUN_DEPS_OUT_DIR)/uSockets.a $(BUN_DEPS_DIR)/libuwsockets.cpp -o $(BUN_DEPS_OUT_DIR)/libuwsockets.o + $(CXX) -fPIC -I$(BUN_DEPS_DIR)/uws/uSockets/src $(CLANG_FLAGS) $(CFLAGS) $(UWS_CXX_FLAGS) $(UWS_LDFLAGS) $(PLATFORM_LINKER_FLAGS) -c -I$(BUN_DEPS_DIR) $(BUN_DEPS_OUT_DIR)/uSockets.a $(BUN_DEPS_DIR)/libuwsockets.cpp -o $(BUN_DEPS_OUT_DIR)/libuwsockets.o @@ -958,6 +966,7 @@ mimalloc: -DMI_OSX_ZONE=OFF \ -DMI_OSX_INTERPOSE=OFF \ -DMI_BUILD_OBJECT=ON \ + -DCMAKE_C_FLAGS="$(CFLAGS)" \ ${MIMALLOC_OVERRIDE_FLAG} \ -DMI_USE_CXX=OFF .\ && make -j $(CPUS); diff --git a/examples/bun/html-rewriter.ts b/examples/bun/html-rewriter.ts index b5811f4e6..2b370c5ed 100644 --- a/examples/bun/html-rewriter.ts +++ b/examples/bun/html-rewriter.ts @@ -5,7 +5,7 @@ Bun.serve({ return new Response( "Enter a path that starts with https:// or http://\n", { - status: 404, + status: 400, } ); } @@ -30,12 +30,8 @@ Bun.serve({ }, // this is called when fetch() throws or rejects - error(err: Error) { - return new Response("uh oh! :(\n" + String(err.toString()), { - status: 500, - headers: { "Content-Type": "text/plain" }, - }); - }, + // error(err: Error) { + // }, // this boolean enables the bun's default error handler // sometime after the initial release, it will auto reload as well diff --git a/src/deps/libuwsockets.cpp b/src/deps/libuwsockets.cpp index 47f0c0a77..75e8efa69 100644 --- a/src/deps/libuwsockets.cpp +++ b/src/deps/libuwsockets.cpp @@ -1,3 +1,6 @@ +// This file is not included directly +// It is included in bindings.cpp + #include "_libusockets.h" #include <string_view> #include <uws/src/App.h> @@ -7,14 +10,10 @@ extern "C" { uws_app_t *uws_create_app(int ssl, struct us_socket_context_options_t options) { if (ssl) { - uWS::SocketContextOptions sco; - sco.ca_file_name = options.ca_file_name; - sco.cert_file_name = options.cert_file_name; - sco.dh_params_file_name = options.dh_params_file_name; - sco.key_file_name = options.key_file_name; - sco.passphrase = options.passphrase; - sco.ssl_prefer_low_memory_usage = options.ssl_prefer_low_memory_usage; - return (uws_app_t *)new uWS::SSLApp(sco); + uWS::SocketContextOptions socket_context_options; + memcpy(&socket_context_options, &options, + sizeof(uWS::SocketContextOptions)); + return (uws_app_t *)new uWS::SSLApp(socket_context_options); } return (uws_app_t *)new uWS::App(); diff --git a/src/javascript/jsc/api/server.zig b/src/javascript/jsc/api/server.zig index c3380cbe3..01854eecb 100644 --- a/src/javascript/jsc/api/server.zig +++ b/src/javascript/jsc/api/server.zig @@ -81,6 +81,7 @@ const uws = @import("uws"); const Fallback = Runtime.Fallback; const MimeType = HTTP.MimeType; const Blob = JSC.WebCore.Blob; +const BoringSSL = @import("boringssl"); const SendfileContext = struct { fd: i32, socket_fd: i32 = 0, @@ -102,15 +103,15 @@ pub const ServerConfig = struct { onRequest: JSC.JSValue = JSC.JSValue.zero, pub const SSLConfig = struct { - server_name: [*:0]const u8 = "", + server_name: [*c]const u8 = null, - key_file_name: [*:0]const u8 = "", - cert_file_name: [*:0]const u8 = "", + key_file_name: [*c]const u8 = null, + cert_file_name: [*c]const u8 = null, - ca_file_name: [*:0]const u8 = "", - dh_params_file_name: [*:0]const u8 = "", + ca_file_name: [*c]const u8 = null, + dh_params_file_name: [*c]const u8 = null, - passphrase: [*:0]const u8 = "", + passphrase: [*c]const u8 = null, low_memory_mode: bool = false, pub fn deinit(this: *SSLConfig) void { @@ -140,10 +141,11 @@ pub const ServerConfig = struct { // Required if (obj.getTruthy(global, "keyFile")) |key_file_name| { var sliced = key_file_name.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.key_file_name = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; if (std.os.system.access(result.key_file_name, std.os.F_OK) != 0) { - JSC.throwInvalidArguments("Invalid keyFile path", .{}, global.ref(), exception); + JSC.throwInvalidArguments("Unable to access keyFile path", .{}, global.ref(), exception); result.deinit(); return null; @@ -153,10 +155,11 @@ pub const ServerConfig = struct { } if (obj.getTruthy(global, "certFile")) |cert_file_name| { var sliced = cert_file_name.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.cert_file_name = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; if (std.os.system.access(result.cert_file_name, std.os.F_OK) != 0) { - JSC.throwInvalidArguments("Invalid certFile path", .{}, global.ref(), exception); + JSC.throwInvalidArguments("Unable to access certFile path", .{}, global.ref(), exception); result.deinit(); return null; } @@ -168,6 +171,7 @@ pub const ServerConfig = struct { if (any) { if (obj.getTruthy(global, "serverName")) |key_file_name| { var sliced = key_file_name.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.server_name = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; } @@ -175,6 +179,7 @@ pub const ServerConfig = struct { if (obj.getTruthy(global, "caFile")) |ca_file_name| { var sliced = ca_file_name.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.ca_file_name = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; if (std.os.system.access(result.ca_file_name, std.os.F_OK) != 0) { @@ -186,6 +191,7 @@ pub const ServerConfig = struct { } if (obj.getTruthy(global, "dhParamsFile")) |dh_params_file_name| { var sliced = dh_params_file_name.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.dh_params_file_name = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; if (std.os.system.access(result.dh_params_file_name, std.os.F_OK) != 0) { @@ -198,6 +204,7 @@ pub const ServerConfig = struct { if (obj.getTruthy(global, "passphrase")) |passphrase| { var sliced = passphrase.toSlice(global, bun.default_allocator); + defer sliced.deinit(); if (sliced.len > 0) { result.passphrase = bun.default_allocator.dupeZ(u8, sliced.slice()) catch unreachable; } @@ -943,7 +950,6 @@ fn NewRequestContext(comptime ssl_enabled: bool, comptime debug_mode: bool, comp pub fn onBodyChunk(this: *RequestContext, _: *App.Response, chunk: []const u8, last: bool) void { if (this.aborted) return; this.request_body_buf.appendSlice(bun.default_allocator, chunk) catch @panic("Out of memory while allocating request body"); - if (last) { if (JSC.JSValue.fromRef(this.request_js_object).as(Request) != null) { uws.Loop.get().?.nextTick(*RequestContext, this, resolveRequestBody); @@ -1027,10 +1033,68 @@ pub fn NewServer(comptime ssl_enabled_: bool, comptime debug_mode_: bool) type { return server; } + noinline fn onListenFailed(this: *ThisServer) void { + var zig_str: ZigString = ZigString.init("Failed to start server"); + if (comptime ssl_enabled) { + var output_buf: [4096]u8 = undefined; + output_buf[0] = 0; + var written: usize = 0; + var ssl_error = BoringSSL.ERR_get_error(); + while (ssl_error != 0 and written < output_buf.len) : (ssl_error = BoringSSL.ERR_get_error()) { + if (written > 0) { + output_buf[written] = '\n'; + written += 1; + } + + if (BoringSSL.ERR_reason_error_string( + ssl_error, + )) |reason_ptr| { + const reason = std.mem.span(reason_ptr); + if (reason.len == 0) { + break; + } + @memcpy(output_buf[written..].ptr, reason.ptr, reason.len); + written += reason.len; + } + + if (BoringSSL.ERR_func_error_string( + ssl_error, + )) |reason_ptr| { + const reason = std.mem.span(reason_ptr); + if (reason.len > 0) { + output_buf[written..][0.." via ".len].* = " via ".*; + written += " via ".len; + @memcpy(output_buf[written..].ptr, reason.ptr, reason.len); + written += reason.len; + } + } + + if (BoringSSL.ERR_lib_error_string( + ssl_error, + )) |reason_ptr| { + const reason = std.mem.span(reason_ptr); + if (reason.len > 0) { + output_buf[written..][0] = ' '; + written += 1; + @memcpy(output_buf[written..].ptr, reason.ptr, reason.len); + written += reason.len; + } + } + } + + if (written > 0) { + var message = output_buf[0..written]; + zig_str = ZigString.init(std.fmt.allocPrint(bun.default_allocator, "OpenSSL {s}", .{message}) catch unreachable); + zig_str.withEncoding().mark(); + } + } + JSC.VirtualMachine.vm.defaultErrorHandler(zig_str.toErrorInstance(this.globalThis), null); + return; + } + pub fn onListen(this: *ThisServer, socket: ?*App.ListenSocket, _: uws.uws_app_listen_config_t) void { if (socket == null) { - JSC.VirtualMachine.vm.defaultErrorHandler(ZigString.init("Bun.serve failed to start").toErrorInstance(this.globalThis), null); - return; + return this.onListenFailed(); } this.listener = socket; @@ -1166,6 +1230,7 @@ pub fn NewServer(comptime ssl_enabled_: bool, comptime debug_mode_: bool) type { pub fn listen(this: *ThisServer) void { if (ssl_enabled) { + BoringSSL.load(); const ssl_config = this.config.ssl_config orelse @panic("Assertion failure: ssl_config"); this.app = App.create(.{ .key_file_name = ssl_config.key_file_name, @@ -1176,7 +1241,7 @@ pub fn NewServer(comptime ssl_enabled_: bool, comptime debug_mode_: bool) type { .ssl_prefer_low_memory_usage = @as(c_int, @boolToInt(ssl_config.low_memory_mode)), }); - if (std.mem.span(ssl_config.server_name).len > 0) { + if (ssl_config.server_name != null and std.mem.span(ssl_config.server_name).len > 0) { this.app.addServerName(ssl_config.server_name); } } else { |