Closed jvantuyl closed 2 years ago
Thank you for this port! I agree that using the MacPorts or Homebrew versions of OpenSSL is a good approach. However, I cannot verify functionality after I apply your patch. I get the following error when invoking the unit test suite - should I be taking any other steps before starting the test? (The "no handlers" part of the error can be ignored, but it appears that the OpenSSL library does not successfully complete the CTRL_LISTEN sequence.)
rays-imac:pydtls ray$ python -m dtls.test.unit -v Suite run: demux: platform-native, protocol: 2 test_ciphers (main.BasicSocketTests) ... No handlers could be found for logger "dtls.openssl" Exception in thread Thread-1: Traceback (most recent call last): File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 808, in __bootstrap_inner self.run() File "/Users/ray/src/pydtls/dtls/test/unit.py", line 721, in run asyncore.loop(first_timeout.total_seconds(), count=1) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 220, in loop poll_fun(timeout, map) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 156, in poll read(obj) File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 87, in read obj.handle_error() File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 83, in read obj.handle_read_event() File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 443, in handle_read_event self.handle_accept() File "/Users/ray/src/pydtls/dtls/test/unit.py", line 658, in handle_accept acc_ret = self.accept() File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/asyncore.py", line 361, in accept conn, addr = self.socket.accept() File "dtls/patch.py", line 179, in _SSLSocket_accept acc_ret = self._sslobj.accept() File "dtls/sslconnection.py", line 460, in accept if not self.listen(): File "dtls/sslconnection.py", line 426, in listen dtls_peer_address = DTLSv1_listen(self._ssl.value) File "dtls/openssl.py", line 750, in DTLSv1_listen errcheck_ord(ret, _SSL_ctrl, (ssl, DTLS_CTRL_LISTEN, 0, byref(su))) File "dtls/openssl.py", line 426, in errcheck_ord raise_ssl_error(result, func, args, find_ssl_arg(args)) File "dtls/openssl.py", line 417, in raise_ssl_error raise openssl_error()(ssl_error, errqueue, result, func, args) __OpenSSLError: (1, [(336625732, 'error:14108044:SSL routines:DTLS1_SEND_HELLO_VERIFY_REQUEST:internal error')], 0, <CFunctionType object at 0x102418120>, (<dtls.openssl.SSL object at 0x102506550>, 75, 0, <cparam 'P' (0x7ffe99f01a60)>))
This is fantastically old and (I believe) long-ago fixed. Closing.
Add support for installing on MacOS X. This is complicated a bit because even the newest MacOS doesn't provide a new enough libssl (i.e. only 0.9.8, not 1.0.0). It's also a bit complicated to compile your own from scratch, because MacOS doesn't take kindly to installing a newer libssl. Rather than fight with this, it's most common to use MacPorts or HomeBrew to install libssl, with the caveat that you have to know where to look for it.
This patch adds support to look in the normal places for HomeBrew and MacPorts, before defaulting to some system version. It also updates the README.txt to mention why it doesn't use the built-in OpenSSL and to give a vague hint at how to get one that works.