Recent

Author Topic: openssl - https - mac  (Read 633 times)

upsidasi

  • New member
  • *
  • Posts: 6
openssl - https - mac
« on: November 20, 2018, 12:33:29 pm »
Hi, I'm testing HTTPS with fpc (http://wiki.freepascal.org/fphttpclient) on Mac:

Code: Pascal  [Select]
  1.   url := 'https://jsonplaceholder.typicode.com/posts/42';
  2.  
  3.   urlrequest := TFPHTTPClient.Create(nil);
  4.   res := urlrequest.Get(url);
  5.   urlrequest.Free;
  6.  

but I can't connect to the server (see error.jpg)

The server is reachable from the Mac (I can access it with Safari) and I tested the same code on Linux and Windows.

Here some extra info about my Mac and openssl:

$ uname -a
  Darwin Jacks-iMac.local 16.0.0 Darwin Kernel Version 16.0.0: Mon Aug 29 17:56:20 PDT 2016; root:xnu-3789.1.32~3/RELEASE_X86_64 x86_64

$ openssl version
  OpenSSL 0.9.8zh 14 Jan 2016

$ ll /usr/lib/libssl*
  -rwxr-xr-x  1 root  wheel   386K Sep 14  2016 libssl.0.9.7.dylib*
  -rwxr-xr-x  1 root  wheel   631K Sep 14  2016 libssl.0.9.8.dylib*
  -rw-r--r--  1 root  wheel   921K Sep 14  2016 libssl.35.dylib
  lrwxr-xr-x  1 root  wheel    18B Sep 21  2016 libssl.dylib@ -> libssl.0.9.8.dylib

$ ll /usr/lib/libcrypto*
  -rwxr-xr-x  1 root  wheel   1.9M Sep 14  2016 libcrypto.0.9.7.dylib*
  -rwxr-xr-x  1 root  wheel   2.6M Sep 14  2016 libcrypto.0.9.8.dylib*
  -rw-r--r--  1 root  wheel   4.0M Sep 14  2016 libcrypto.35.dylib
  lrwxr-xr-x  1 root  wheel    21B Sep 21  2016 libcrypto.dylib@ -> libcrypto.0.9.8.dylib

Any help?
Thanks!

CCRDude

  • Sr. Member
  • ****
  • Posts: 443
Re: openssl - https - mac
« Reply #1 on: November 20, 2018, 01:17:25 pm »
Are you using sandboxing?

If so, OpenSSL will not work.

I've changed my code to use NSURLRequest when compiled for Mac and it seems to work just fine.

upsidasi

  • New member
  • *
  • Posts: 6
Re: openssl - https - mac
« Reply #2 on: November 20, 2018, 01:29:24 pm »
I'm not using sandboxing or at least I don't think I am.
Sandboxing requires some configuration and specific operations around your application, right? (https://macpgmr.github.io/ObjP/SandboxingAppsOnMac.html)
If that's so I'm not doing any.

I'll give NSURLRequest a look, thanks

Thaddy

  • Hero Member
  • *****
  • Posts: 7182
Re: openssl - https - mac
« Reply #3 on: November 20, 2018, 02:02:11 pm »
Code: Pascal  [Select]
  1. {$mode objfpc}{$H+}
  2. uses fphttpclient, fpopenssl, openssl;
  3. Var
  4.   URLRequest : TFPHttpClient;
  5.   URL,Res:string;
  6. begin
  7.   url := 'https://jsonplaceholder.typicode.com/posts/42';
  8.   urlrequest := TFPHTTPClient.Create(nil);
  9.   try
  10.     res := urlrequest.Get(url);
  11.     writeln(res);
  12.   finally
  13.     urlrequest.Free;
  14.   end;
  15. end.

Now..... this happens to work too...But not with sandboxing on Macs (yet).

inline variables like in D10.3 are a bit like Brexit: if you are given the wrong information it sounds like a good idea. Every kid loves candy, but it makes you fat and your teeth will disappear.

upsidasi

  • New member
  • *
  • Posts: 6
Re: openssl - https - mac
« Reply #4 on: November 20, 2018, 04:25:12 pm »
Can you suggest me what should I do to turn off this "sandboxing"?

CCRDude

  • Sr. Member
  • ****
  • Posts: 443
Re: openssl - https - mac
« Reply #5 on: November 20, 2018, 04:34:51 pm »
Sandboxing is only enabled if you codesign an executable while providing an entitlements file.
Or, alternatively, configure a sandbox for the app at system level.

upsidasi

  • New member
  • *
  • Posts: 6
Re: openssl - https - mac
« Reply #6 on: November 20, 2018, 05:14:32 pm »
thanks! therefore sandboxing is not the issue here.

upsidasi

  • New member
  • *
  • Posts: 6
Re: openssl - https - mac
« Reply #7 on: November 23, 2018, 05:50:57 pm »
I tried the same code on a MacOS High Sierra 10.13.6 which has a slightly different libssl/libcrypto situation:

Code: Pascal  [Select]
  1.   $ ls -l /usr/lib/libssl*
  2.  
  3.     -rwxr-xr-x  1 root  wheel  392912 Dec  1  2017 /usr/lib/libssl.0.9.7.dylib
  4.     -rwxr-xr-x  1 root  wheel  630144 Dec  1  2017 /usr/lib/libssl.0.9.8.dylib
  5.     -rw-r--r--  1 root  wheel  947104 Mar 28  2018 /usr/lib/libssl.35.dylib
  6.     -rw-r--r--  1 root  wheel  890800 Mar 28  2018 /usr/lib/libssl.43.dylib
  7.     lrwxr-xr-x  1 root  wheel      15 Dec 31  2017 /usr/lib/libssl.dylib -> libssl.35.dylib
  8.  
  9.   $ ls -l /usr/lib/libcrypto*  
  10.  
  11.     -rwxr-xr-x  1 root  wheel  2023616 Mar 28  2018 /usr/lib/libcrypto.0.9.7.dylib
  12.     -rwxr-xr-x  1 root  wheel  2599488 Dec  1  2017 /usr/lib/libcrypto.0.9.8.dylib
  13.     -rw-r--r--  1 root  wheel  4232208 Mar 28  2018 /usr/lib/libcrypto.35.dylib
  14.     -rw-r--r--  1 root  wheel  4274832 Mar 28  2018 /usr/lib/libcrypto.41.dylib
  15.     lrwxr-xr-x  1 root  wheel       18 Dec 31  2017 /usr/lib/libcrypto.dylib -> libcrypto.35.dylib
  16.  

and it works fine there.

Anyhow I switched to NSURLRequest to make my program work on both Macs. Thank you CCRDude for the suggestion!