Open kitanic opened 1 day ago
mmastrac
commented
1 day ago Agreed. I've been seeing numerous crash and bug reports coming from Secure Transport -- it randomly throws permission errors for no discernable reason (possibly JAMF), and a user with nix installed is seeing Secure Transport in a crash report.
sfackler
commented
1 day ago How would that be implemented in a way that conforms to the native-tls APIs? In particular, the implementation needs to support a arbitrary stream under the TLS implementation.
mmastrac
commented
1 day ago To help Googleability of this issue -- this is a crash report that results from the interaction of Secure Transport + nix macOS.
(lldb) cont
Process 68893 resuming
Process 68893 stopped
* thread #9, name = 'edgedb-http', stop reason = signal SIGABRT
frame #0: 0x000000019de715d0 libsystem_kernel.dylib`__pthread_kill + 8
libsystem_kernel.dylib`__pthread_kill:
-> 0x19de715d0 <+8>: b.lo 0x19de715f0 ; <+40>
0x19de715d4 <+12>: pacibsp
0x19de715d8 <+16>: stp x29, x30, [sp, #-0x10]!
0x19de715dc <+20>: mov x29, sp
Target 0: (python3.12) stopped.
(lldb) bt
* thread #9, name = 'edgedb-http', stop reason = signal SIGABRT
* frame #0: 0x000000019de715d0 libsystem_kernel.dylib`__pthread_kill + 8
frame #1: 0x000000019dea9c20 libsystem_pthread.dylib`pthread_kill + 288
frame #2: 0x000000019ddb6a30 libsystem_c.dylib`abort + 180
frame #3: 0x000000010e606af0 libtcmalloc_minimal.4.dylib`tcmalloc::Log(tcmalloc::LogMode, char const*, int, tcmalloc::LogItem, tcmalloc::LogItem, tcmalloc::LogItem, tcmalloc::LogItem) + 760
frame #4: 0x000000010e603868 libtcmalloc_minimal.4.dylib`(anonymous namespace)::InvalidFree(void*) + 64
frame #5: 0x000000019e01e140 CoreFoundation`_CFArrayReplaceValues + 1112
frame #6: 0x000000019df29384 CoreFoundation`CFArrayAppendValue + 152
frame #7: 0x000000019e0323c4 CoreFoundation`_CFBundleAddToTablesLocked + 156
frame #8: 0x000000019e01cd38 CoreFoundation`_CFBundleCreate + 1016
frame #9: 0x00000001a0f07090 Security`Security::MDSAttrParser::MDSAttrParser(char const*, Security::MDSSession&, long, long) + 136
frame #10: 0x00000001a0c42680 Security`Security::MDSSession::DbFilesInfo::updateForBundle(char const*) + 652
frame #11: 0x00000001a0c422b0 Security`Security::MDSSession::DbFilesInfo::updateForBundleDir(char const*) + 180
frame #12: 0x00000001a0c3b3e8 Security`Security::MDSSession::updateDataBases() + 3420
frame #13: 0x00000001a0c994f4 Security`Security::MDSSession::DbOpen(char const*, cssm_net_address const*, unsigned int, Security::AccessCredentials const*, void const*, long&) + 156
frame #14: 0x00000001a0c99334 Security`mds_DbOpen(long, char const*, cssm_net_address const*, unsigned int, cssm_access_credentials const*, void const*, long*) + 340
frame #15: 0x00000001a0c3a238 Security`Security::MDSClient::Directory::cdsa() const + 108
frame #16: 0x00000001a0de89d8 Security`Security::MDSClient::Directory::dlGetFirst(cssm_query const&, cssm_db_record_attribute_data&, cssm_data*, cssm_db_unique_record*&) + 60
frame #17: 0x00000001a0c39c78 Security`Security::CssmClient::Table<Security::MDSClient::Common>::startQuery(Security::CssmQuery const&, bool) + 312
frame #18: 0x00000001a0c398b0 Security`Security::CssmClient::Table<Security::MDSClient::Common>::fetch(Security::CssmClient::Query const&, int) + 112
frame #19: 0x00000001a0c387a8 Security`CSSM_ModuleLoad + 872
frame #20: 0x00000001a0c37f60 Security`Security::CssmClient::ModuleImpl::activate() + 220
frame #21: 0x00000001a0c37d0c Security`Security::CssmClient::AttachmentImpl::activate() + 172
frame #22: 0x00000001a0c37b98 Security`Security::KeychainCore::Certificate::clHandle() + 180
frame #23: 0x00000001a0c6517c Security`Security::KeychainCore::Certificate::copyFirstFieldValue(cssm_data const&) + 64
frame #24: 0x00000001a0c64ff4 Security`Security::KeychainCore::Certificate::publicKey() + 96
frame #25: 0x00000001a0eb4f70 Security`SecCertificateCopyPublicKey$LEGACYMAC + 180
frame #26: 0x00000001a0ef0b2c Security`SecTrustCopyPublicKey + 36
frame #27: 0x00000001abfa9e3c libcoretls_cfhelpers.dylib`tls_helper_set_peer_pubkey + 76
frame #28: 0x00000001a0f1d158 Security`tls_handshake_message_callback + 64
frame #29: 0x00000001a9fae958 libcoretls.dylib`SSLProcessHandshakeRecordInner + 184
frame #30: 0x00000001a9fae2c8 libcoretls.dylib`tls_handshake_process + 112
frame #31: 0x00000001a0c902a8 Security`SSLHandshakeProceed + 168
frame #32: 0x00000001a0c90188 Security`SSLHandshake + 228
frame #33: 0x000000010d05961c _http.cpython-312-darwin.so`security_framework::secure_transport::SslStream$LT$S$GT$::handshake::h94f020ab8649a619 + 40
frame #34: 0x000000010d05a174 _http.cpython-312-darwin.so`security_framework::secure_transport::MidHandshakeClientBuilder$LT$S$GT$::handshake::hb13355eb849707af + 172
frame #35: 0x000000010d0543dc _http.cpython-312-darwin.so`native_tls::imp::MidHandshakeTlsStream$LT$S$GT$::handshake::h6de3e88d90bee568 + 156
frame #36: 0x000000010d0436c4 _http.cpython-312-darwin.so`native_tls::MidHandshakeTlsStream$LT$S$GT$::handshake::he38db0a7f84c9784 + 56
frame #37: 0x000000010d0b04fc _http.cpython-312-darwin.so`_$LT$tokio_native_tls..MidHandshake$LT$S$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h361695de06b7dcb6 + 220
frame #38: 0x000000010d0a5220 _http.cpython-312-darwin.so`tokio_native_tls::handshake::_$u7b$$u7b$closure$u7d$$u7d$::h8c267cf09922bf92 + 1028
frame #39: 0x000000010d0a335c _http.cpython-312-darwin.so`tokio_native_tls::TlsConnector::connect::_$u7b$$u7b$closure$u7d$$u7d$::h4aab271f783b6b7d + 424
frame #40: 0x000000010d08ea50 _http.cpython-312-darwin.so`_$LT$hyper_tls..client..HttpsConnector$LT$T$GT$$u20$as$u20$tower_service..Service$LT$http..uri..Uri$GT$$GT$::call::_$u7b$$u7b$closure$u7d$$u7d$::h7657f8a499bf13ac + 1128
frame #41: 0x000000010d0dcfbc _http.cpython-312-darwin.so`_$LT$core..pin..Pin$LT$P$GT$$u20$as$u20$core..future..future..Future$GT$::poll::hffe4c0004b840e32 + 80
frame #42: 0x000000010d0a0d9c _http.cpython-312-darwin.so`_$LT$hyper_tls..client..HttpsConnecting$LT$T$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h42319fea7d628839 + 60
frame #43: 0x000000010d04c0a0 _http.cpython-312-darwin.so`reqwest::connect::Connector::connect_with_maybe_proxy::_$u7b$$u7b$closure$u7d$$u7d$::h0b0de38d29ef0e41 + 920
frame #44: 0x000000010d1017a4 _http.cpython-312-darwin.so`_$LT$tokio..time..timeout..Timeout$LT$T$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h4b17fd80b5b933df + 100
frame #45: 0x000000010d04e938 _http.cpython-312-darwin.so`reqwest::connect::with_timeout::_$u7b$$u7b$closure$u7d$$u7d$::hde3a6ae13775de3f + 568
frame #46: 0x000000010d0dce74 _http.cpython-312-darwin.so`_$LT$core..pin..Pin$LT$P$GT$$u20$as$u20$core..future..future..Future$GT$::poll::hace6f8ca5cbbdf00 + 80
frame #47: 0x000000010d103484 _http.cpython-312-darwin.so`_$LT$hyper_util..service..oneshot..Oneshot$LT$S$C$Req$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h38ee7c320c30e730 + 216
frame #48: 0x000000010d109c48 _http.cpython-312-darwin.so`_$LT$F$u20$as$u20$futures_core..future..TryFuture$GT$::try_poll::h52b6165d2a7924fc + 32
frame #49: 0x000000010d06a8dc _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..into_future..IntoFuture$LT$Fut$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h21e1c0ecbf7e980b + 48
frame #50: 0x000000010d10406c _http.cpython-312-darwin.so`_$LT$futures_util..future..future..map..Map$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h5bd8b7391c2de65a + 120
frame #51: 0x000000010d1144ec _http.cpython-312-darwin.so`_$LT$futures_util..future..future..Map$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h4a8e318ef5cf0099 + 48
frame #52: 0x000000010d0d49f0 _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..MapErr$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::ha8c833397ae774de + 48
frame #53: 0x000000010d0d6b74 _http.cpython-312-darwin.so`_$LT$F$u20$as$u20$futures_core..future..TryFuture$GT$::try_poll::ha6c36ecde2f91162 + 32
frame #54: 0x000000010d06a94c _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..into_future..IntoFuture$LT$Fut$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h6b982386f6770f03 + 48
frame #55: 0x000000010d103c80 _http.cpython-312-darwin.so`_$LT$futures_util..future..future..map..Map$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h17683e58f742fb19 + 124
frame #56: 0x000000010d11455c _http.cpython-312-darwin.so`_$LT$futures_util..future..future..Map$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h564c4c66d042bc08 + 48
frame #57: 0x000000010d0d4944 _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..MapOk$LT$Fut$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h73c0303b3d7b0d04 + 48
frame #58: 0x000000010d0d6b48 _http.cpython-312-darwin.so`_$LT$F$u20$as$u20$futures_core..future..TryFuture$GT$::try_poll::h9d35090c834efd91 + 32
frame #59: 0x000000010d02d478 _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..try_flatten..TryFlatten$LT$Fut$C$$LT$Fut$u20$as$u20$futures_core..future..TryFuture$GT$..Ok$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h39edc060533b7ce0 + 144
frame #60: 0x000000010d0d4e7c _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..TryFlatten$LT$Fut1$C$Fut2$GT$$u20$as$u20$core..future..future..Future$GT$::poll::hc927e697639d7890 + 48
frame #61: 0x000000010d0d4eb8 _http.cpython-312-darwin.so`_$LT$futures_util..future..try_future..AndThen$LT$Fut1$C$Fut2$C$F$GT$$u20$as$u20$core..future..future..Future$GT$::poll::ha067c8445a35d23c + 48
frame #62: 0x000000010d074ef0 _http.cpython-312-darwin.so`_$LT$futures_util..future..either..Either$LT$A$C$B$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h1d73665a2c70bac2 + 76
frame #63: 0x000000010d0dde60 _http.cpython-312-darwin.so`_$LT$hyper_util..common..lazy..Lazy$LT$F$C$R$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h39c1db9fd7687262 + 128
frame #64: 0x000000010d0d55fc _http.cpython-312-darwin.so`futures_util::future::future::FutureExt::poll_unpin::h32b4dfc2b5928e35 + 40
frame #65: 0x000000010d0ed198 _http.cpython-312-darwin.so`_$LT$futures_util..future..select..Select$LT$A$C$B$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h005ef39abba72b23 + 232
frame #66: 0x000000010d0681b4 _http.cpython-312-darwin.so`hyper_util::client::legacy::client::Client$LT$C$C$B$GT$::one_connection_for::_$u7b$$u7b$closure$u7d$$u7d$::hd211316772d40d81 + 1284
frame #67: 0x000000010d065b5c _http.cpython-312-darwin.so`hyper_util::client::legacy::client::Client$LT$C$C$B$GT$::connection_for::_$u7b$$u7b$closure$u7d$$u7d$::h56122e6b19b957a7 + 324
frame #68: 0x000000010d06653c _http.cpython-312-darwin.so`hyper_util::client::legacy::client::Client$LT$C$C$B$GT$::try_send_request::_$u7b$$u7b$closure$u7d$$u7d$::h05b5a52ffb99a36b + 560
frame #69: 0x000000010d064f88 _http.cpython-312-darwin.so`hyper_util::client::legacy::client::Client$LT$C$C$B$GT$::send_request::_$u7b$$u7b$closure$u7d$$u7d$::ha7c4177e68337969 + 536
frame #70: 0x000000010d1671e8 _http.cpython-312-darwin.so`_$LT$hyper_util..client..legacy..client..ResponseFuture$u20$as$u20$core..future..future..Future$GT$::poll::hf9f4f94ff5395d77 + 92
frame #71: 0x000000010d0e1c4c _http.cpython-312-darwin.so`_$LT$reqwest..async_impl..client..PendingRequest$u20$as$u20$core..future..future..Future$GT$::poll::h1461eb4b84b71eda + 680
frame #72: 0x000000010d0e193c _http.cpython-312-darwin.so`_$LT$reqwest..async_impl..client..Pending$u20$as$u20$core..future..future..Future$GT$::poll::h0ceb34e210167b91 + 112
frame #73: 0x000000010cff9698 _http.cpython-312-darwin.so`http::python::request::_$u7b$$u7b$closure$u7d$$u7d$::hef2dc9b17f4168c6 + 1376
frame #74: 0x000000010cff9cc0 _http.cpython-312-darwin.so`http::python::request_bytes::_$u7b$$u7b$closure$u7d$$u7d$::h3fc791c254c1e313 + 488
frame #75: 0x000000010cfff8e8 _http.cpython-312-darwin.so`http::python::execute::_$u7b$$u7b$closure$u7d$$u7d$::h644f34a186a9268a + 3904
frame #76: 0x000000010cfe1b98 _http.cpython-312-darwin.so`tokio::runtime::task::core::Core$LT$T$C$S$GT$::poll::_$u7b$$u7b$closure$u7d$$u7d$::h5043bb9547a9c35d + 120
frame #77: 0x000000010cfe18ac _http.cpython-312-darwin.so`tokio::runtime::task::core::Core$LT$T$C$S$GT$::poll::hf2821e785685f153 + 72
frame #78: 0x000000010cff1c54 _http.cpython-312-darwin.so`tokio::runtime::task::harness::poll_future::_$u7b$$u7b$closure$u7d$$u7d$::h62365a32b1a2d877 + 64
frame #79: 0x000000010cfcfbdc _http.cpython-312-darwin.so`_$LT$core..panic..unwind_safe..AssertUnwindSafe$LT$F$GT$$u20$as$u20$core..ops..function..FnOnce$LT$$LP$$RP$$GT$$GT$::call_once::hceca6c0dc7cefd9e + 44
frame #80: 0x000000010cfdeb70 _http.cpython-312-darwin.so`std::panicking::try::do_call::h24f3fe9b50250006 + 80
frame #81: 0x000000010cfdfe7c _http.cpython-312-darwin.so`__rust_try + 32
frame #82: 0x000000010cfddcd0 _http.cpython-312-darwin.so`std::panicking::try::h27b9876860586d3a + 96
frame #83: 0x000000010cfd2f50 _http.cpython-312-darwin.so`std::panic::catch_unwind::h79b6fc99bb45cfa2 + 12
frame #84: 0x000000010cff1758 _http.cpython-312-darwin.so`tokio::runtime::task::harness::poll_future::hc96d0741e5e77d70 + 96
frame #85: 0x000000010cff2188 _http.cpython-312-darwin.so`tokio::runtime::task::harness::Harness$LT$T$C$S$GT$::poll_inner::h43cc6a83fe2a4c3f + 160
frame #86: 0x000000010cff2ef4 _http.cpython-312-darwin.so`tokio::runtime::task::harness::Harness$LT$T$C$S$GT$::poll::hff8bef115964f726 + 28
frame #87: 0x000000010cfed9a0 _http.cpython-312-darwin.so`tokio::runtime::task::raw::poll::hbc4bd431b9123f02 + 36
frame #88: 0x000000010d2ae738 _http.cpython-312-darwin.so`tokio::runtime::task::raw::RawTask::poll::h7e5040ee088abec1 + 52
frame #89: 0x000000010d2a8fc8 _http.cpython-312-darwin.so`tokio::runtime::task::LocalNotified$LT$S$GT$::run::hf4508f7dee15a7ba + 44
frame #90: 0x000000010d28a060 _http.cpython-312-darwin.so`tokio::task::local::LocalSet::tick::_$u7b$$u7b$closure$u7d$$u7d$::ha63d92460060e47e + 24
frame #91: 0x000000010d289fd0 _http.cpython-312-darwin.so`tokio::task::local::LocalSet::tick::h058caf83805f095a + 476
frame #92: 0x000000010cfe7058 _http.cpython-312-darwin.so`_$LT$tokio..task..local..RunUntil$LT$T$GT$$u20$as$u20$core..future..future..Future$GT$::poll::_$u7b$$u7b$closure$u7d$$u7d$::h0954e442cc6a17a2 + 228
frame #93: 0x000000010cfe6c14 _http.cpython-312-darwin.so`tokio::task::local::LocalSet::with::_$u7b$$u7b$closure$u7d$$u7d$::h5e29807fef6d51e4 + 132
frame #94: 0x000000010cfeb9b4 _http.cpython-312-darwin.so`std::thread::local::LocalKey$LT$T$GT$::try_with::h1c063faf8f6def1b + 192
frame #95: 0x000000010cfeb604 _http.cpython-312-darwin.so`std::thread::local::LocalKey$LT$T$GT$::with::h35b1068c5f16658b + 24
frame #96: 0x000000010cfe6b84 _http.cpython-312-darwin.so`tokio::task::local::LocalSet::with::hb7a56aa2358c77f0 + 60
frame #97: 0x000000010cfe6f68 _http.cpython-312-darwin.so`_$LT$tokio..task..local..RunUntil$LT$T$GT$$u20$as$u20$core..future..future..Future$GT$::poll::h6f0a9f5d8bf0e271 + 84
frame #98: 0x000000010cfe6e78 _http.cpython-312-darwin.so`tokio::task::local::LocalSet::run_until::_$u7b$$u7b$closure$u7d$$u7d$::h63b00c439e79b883 + 376
frame #99: 0x000000010d02a79c _http.cpython-312-darwin.so`_$LT$core..pin..Pin$LT$P$GT$$u20$as$u20$core..future..future..Future$GT$::poll::he7dec624659c06b1 + 56
frame #100: 0x000000010cfd2de8 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::block_on::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::hd31d11e3fbfedf1e + 48
frame #101: 0x000000010cfd2d54 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::block_on::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::hf4a2ba02c08a1669 + 248
frame #102: 0x000000010cfd0dc4 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::Context::enter::h291883014ddb245a + 308
frame #103: 0x000000010cfd264c _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::block_on::_$u7b$$u7b$closure$u7d$$u7d$::hb490cb0f5e660283 + 404
frame #104: 0x000000010cfd1dd4 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::enter::_$u7b$$u7b$closure$u7d$$u7d$::h12a4771e067b2eec + 28
frame #105: 0x000000010cff53cc _http.cpython-312-darwin.so`tokio::runtime::context::scoped::Scoped$LT$T$GT$::set::h5e4724f4dae4ce64 + 160
frame #106: 0x000000010cfcf610 _http.cpython-312-darwin.so`tokio::runtime::context::set_scheduler::_$u7b$$u7b$closure$u7d$$u7d$::h503353b00d58cde9 + 52
frame #107: 0x000000010cfecca0 _http.cpython-312-darwin.so`std::thread::local::LocalKey$LT$T$GT$::try_with::hb54c469cfc7d3914 + 212
frame #108: 0x000000010cfeb72c _http.cpython-312-darwin.so`std::thread::local::LocalKey$LT$T$GT$::with::h99cfccfcf6e985b8 + 24
frame #109: 0x000000010cfcf53c _http.cpython-312-darwin.so`tokio::runtime::context::set_scheduler::h4180ff58dd91ea38 + 60
frame #110: 0x000000010cfd1c28 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::enter::hf7c6b27f2f105993 + 352
frame #111: 0x000000010cfd1e7c _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CoreGuard::block_on::hb315d7ecb58312b8 + 28
frame #112: 0x000000010cfd0328 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CurrentThread::block_on::_$u7b$$u7b$closure$u7d$$u7d$::h8f909348ea799d24 + 368
frame #113: 0x000000010cfd33bc _http.cpython-312-darwin.so`tokio::runtime::context::runtime::enter_runtime::h7c4a6d1d27ead813 + 220
frame #114: 0x000000010cfd0190 _http.cpython-312-darwin.so`tokio::runtime::scheduler::current_thread::CurrentThread::block_on::ha34163c16e71f243 + 160
frame #115: 0x000000010cff050c _http.cpython-312-darwin.so`tokio::runtime::runtime::Runtime::block_on_inner::hb6d64282d0f8c459 + 176
frame #116: 0x000000010cff0650 _http.cpython-312-darwin.so`tokio::runtime::runtime::Runtime::block_on::h66b04045b5062bc9 + 160
frame #117: 0x000000010cfe6cac _http.cpython-312-darwin.so`tokio::task::local::LocalSet::block_on::hb86af03807cfc3b1 + 72
frame #118: 0x000000010d001ef8 _http.cpython-312-darwin.so`http::python::Http::new::_$u7b$$u7b$closure$u7d$$u7d$::h0f79398a66263eef + 2660
frame #119: 0x000000010cfe2938 _http.cpython-312-darwin.so`std::sys_common::backtrace::__rust_begin_short_backtrace::h4cacfb6651d964dc + 16
frame #120: 0x000000010cfe5258 _http.cpython-312-darwin.so`std::thread::Builder::spawn_unchecked_::_$u7b$$u7b$closure$u7d$$u7d$::_$u7b$$u7b$closure$u7d$$u7d$::ha0d0376f1bf3e976 + 44
frame #121: 0x000000010cfcfc9c _http.cpython-312-darwin.so`_$LT$core..panic..unwind_safe..AssertUnwindSafe$LT$F$GT$$u20$as$u20$core..ops..function..FnOnce$LT$$LP$$RP$$GT$$GT$::call_once::hee995994c61cfd9a + 44
frame #122: 0x000000010cfdef7c _http.cpython-312-darwin.so`std::panicking::try::do_call::h96a9a4e96d5ee24e + 76
frame #123: 0x000000010cfdfe7c _http.cpython-312-darwin.so`__rust_try + 32
frame #124: 0x000000010cfde7b4 _http.cpython-312-darwin.so`std::panicking::try::he345529e81bfd56d + 92
frame #125: 0x000000010cfe50d0 _http.cpython-312-darwin.so`std::thread::Builder::spawn_unchecked_::_$u7b$$u7b$closure$u7d$$u7d$::hf94e01e7d9aebd5a + 404
frame #126: 0x000000010d005468 _http.cpython-312-darwin.so`core::ops::function::FnOnce::call_once$u7b$$u7b$vtable.shim$u7d$$u7d$::hb6a41aaa76d2d7a5 + 24
frame #127: 0x000000010d38ff1c _http.cpython-312-darwin.so`std::sys::pal::unix::thread::Thread::new::thread_start::hb184f2abd415aef7 [inlined] _$LT$alloc..boxed..Box$LT$F$C$A$GT$$u20$as$u20$core..ops..function..FnOnce$LT$Args$GT$$GT$::call_once::hf621d68debdec6cc at boxed.rs:2063:9 [opt]
frame #128: 0x000000010d38ff10 _http.cpython-312-darwin.so`std::sys::pal::unix::thread::Thread::new::thread_start::hb184f2abd415aef7 [inlined] _$LT$alloc..boxed..Box$LT$F$C$A$GT$$u20$as$u20$core..ops..function..FnOnce$LT$Args$GT$$GT$::call_once::h4b545caf97b7e0d0 at boxed.rs:2063:9 [opt]
frame #129: 0x000000010d38ff0c _http.cpython-312-darwin.so`std::sys::pal::unix::thread::Thread::new::thread_start::hb184f2abd415aef7 at thread.rs:108:17 [opt]
frame #130: 0x000000019dea9f94 libsystem_pthread.dylib`_pthread_start + 136@sfackler If possible, could we get native openssl (aka LibreSSL) support on MacOS instead?
sfackler
commented
1 day ago It's possible, but not really "native" then anymore.
mmastrac
commented
1 day ago I understand. It's stretching the limits of the word for sure, but a modern LibreSSL has been installed by default in /usr/lib for a while and it solves some of the deprecation issues.
sfackler
commented
1 day ago IIRC Apple does not want anyone linking to that and stopped shipping headers back when they switched from OpenSSL 0.9.8 to LibreSSL.
mmastrac
commented
1 day ago I tried to understand the state of LibreSSL support -- apparently Apple stopped shipping the OpenSSL headers but continued to update and maintain the LibreSSL binary itself.
TBH it's not clear what the state of this library is. It's possible that it's stable, but it's also possible that it exists purely to satisfy older MacOS apps and scripts that expect the openssl command-line tool.
https://github.com/drduh/macOS-Security-and-Privacy-Guide/issues/356
OTOH, the Network.framework looks somewhat challenging to program against but not necessarily a bad fit.
native-tls on Apple platform uses Secure Transport via security-framework crate, however it is already deprecated and unsupported.
Apple is asking for a move to the Network framework instead. I don't know if it is in this crate or in a sub-crate, implementation must be migrated.