Closed JackDunnNZ closed 4 years ago
Merging #219 into master will decrease coverage by
0.04%
. The diff coverage isn/a
.
@@ Coverage Diff @@
## master #219 +/- ##
==========================================
- Coverage 72.63% 72.58% -0.05%
==========================================
Files 12 12
Lines 570 569 -1
==========================================
- Hits 414 413 -1
Misses 156 156
Impacted Files | Coverage Δ | |
---|---|---|
src/ssl.jl | 66.66% <ø> (-0.15%) |
:arrow_down: |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update c419ee2...5b30311. Read the comment docs.
Hi @JackDunnNZ , it looks like I still see this error where cert.pem
is missing. Could you please help?
@KwatMDPhD The problem seems to be that PackageCompiler doesn't bundle share/julia/cert.pem
when creating an application, whereas MbedTLS assumes this file is always present. PackageCompiler should probably be changed to bundle this file into compiled applications
Thanks for the explanation. @KristofferC could you please help?
@JackDunnNZ , it looks like PackageCompiler
upgraded with some breaking changes. Does MbedTLS
take these into account these changes? For example the changes about artifacts.
https://github.com/JuliaLang/PackageCompiler.jl#upgrading-from-packagecompiler-10
What version of MbedTLS is used? The point of this PR is to read the cert at compile time and not runtime so I don't see why PackageCompiler has to bundle anything.
Thanks for the response @KristofferC!
1.1.3.
Looks like this code has since been changed, most recently in #246, so now the cert is being read from share/julia
at init time:
So an alternative to PackageCompiler bundling it is to go back to reading the fallback cert at compile time, as this PR originally changed
I want to help fix this. Can I just revert this? https://github.com/JuliaLang/MbedTLS.jl/pull/246/commits/71bd43a05575fa332e952cea49ef50f4091c479b
@KristofferC I was looking at how the bundled cert is used in base, and it seems that MozillaCACerts_jll assumes it is always present at init time:
If I understand correctly, this would mean a compiled app can currently fail if it depends on MozillaCACerts_jll, since cacert
will point to a file that doesn't exist. If that's the case, it seems like it would be a reason to bundle the cert file in PackageCompiler?
Yes, that would solve it.
I know you are busy, but it would be amazing if you could update PackageCompiler @KristofferC 🙏
Fixes #218
@kmsquire can you check if this fixes the problem for you?