Using newer verison of OpenSSL and exposing ALPN header negotiation

[psvensson]

Hi, I'm looking into implementing HTTP/2 for the Zinc Webservice. HTTP/2 require an extension to the TLS negotiation called ALPN (https://tools.ietf.org/html/rfc7301) which let arbitraty applications use and reuse TLS/SSL on port 443 to communicate.

The required API for this can be found from OpenSSL 1.0.2 (https://www.openssl.org/docs/man1.1.1/man3/SSL_set_alpn_protos.html) and I wonder if it would be possible to bump up the OpenSSL version of all three platforms to then make it possible to expose the API so it can be accessible from Smalltalk primitives.

maybe this is simple and something I can do myself, but this is the first time I dive this deep into the stack and would just liek to know if it is possible or any hints on how to do it.

Thx!

[krono]

Hi @psvensson,

Its a bit complicated with OpenSSL, since the version avaiable on the build machines (ie, Travis) and the ones on the runtime machines (eg, yours) might not match.

That said, there's already a variant over at OpenSmalltalk/opensmalltalk-vm@Cog...hesiod:squeakssl-alpn
Could you check whether this already does what you need? I could then reconsider this one; I admit that it has "marinated" for quite a while...

[psvensson]

Hi Tobias, no worries. I am also a bit bogged down with work :) It turned out that in my quest to implement grpc (via http2 and then need ALPN) I've now switched focus and instead collaborate with Holger Freyther, who have a project which used the grpc dll/.so directly through uffi calls, where everything is compiled in already. I do support exposing all of the OpenSSL API that there is, to Smalltalk, of course. but I also appreciate that it is not always a straightforward effort. But for now, for me at leas, we can close this ticket. Thanks!

…

On Tue, Feb 18, 2020 at 8:50 PM Tobias Pape ***@***.***> wrote: Hi @psvensson <https://github.com/psvensson>, Its a bit complicated with OpenSSL, since the version avaiable on the build machines (ie, Travis) and the ones on the runtime machines (eg, yours) might not match. That said, there's already a variant over at ***@***.***:squeakssl-alpn <OpenSmalltalk/opensmalltalk-vm@Cog...hesiod:squeakssl-alpn> Could you check whether this already does what you need? I could then reconsider this one; I admit that it has "marinated" for quite a while... — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#6?email_source=notifications&email_token=AAAJVAQZVBZAHJABWEBM6TLRDQ3Z7A5CNFSM4KSIAFI2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMEC7LY#issuecomment-587739055>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAAJVAWDCJSEIYSS7HMHEY3RDQ3Z7ANCNFSM4KSIAFIQ> .

-- Peter Svensson http://se.linkedin.com/in/petersvensson (LinkedIn) http://twitter.com/psvensson (@psvensson)