Category Archives: apple

Mac vs Open Source

I develop software.

The kind of software I work on rarely concerns itself with details of the platforms it runs on, and is therefore inherently platform-neutral.  Of course complete cross-platform compatibility is elusive, but one does one’s best to adhere to widely-supported standards, libraries known to be cross-platform, etc.  And if something non-standard is unavoidable, try to package it so that switching it out will be clean and straightforward as and when someone has the need.

So it’s with some concern that I see the Mac platform apparently moving to distance itself from the open source world I inhabit.  I’ve got used to the idea that I sometimes have to use clang instead of gcc, and that that gives rise to annoying gotchas when autoconf stuff picks up gcc/g++ in spite of the standard names cc, c++ et al all being the clang versions!  Still, I guess it’s not the platform’s fault if
CC=cc CXX=c++ ./configure –options
behaves inconsistently.

Now it’s OpenSSL that’s been giving me grief.  Working with it on Mac for the first time, I see all the OpenSSL APIs I’m using appear to be deprecated.  Huh?  Googling finds that the whole of OpenSSL is deprecated on Mac.  Thou shalt use CC_crypto(3cc) instead!  Damn!!

OK, what’s CC_crypto?  Given that lots of software I work on uses OpenSSL, it’s only going to be of interest if it emulates OpenSSL (well, if for example it was an OpenSSL fork then that would be a reasonable expectation).  There’s a CC_crypto manpage, and google finds similar information at Apple’s developer site, but therein lies nothing more enlightening than cryptic hints:

To use the digest functions with existing code which uses the corresponding openssl functions, #define the symbol COMMON_DIGEST_FOR_OPENSSL in your client code (BEFORE including <CommonCrypto/CommonDigest.h>).

and

The interfaces to the encryption and HMAC algorithms have a calling interface that is different from that provided by OpenSSL.

Well, if that means it’s mostly OpenSSL-dropin-compatible, why not say so?  Even googling “CC_crypto openssl emulation” doesn’t turn up anything that looks promising, so I haven’t found any relevant documentation.  And since the header files are different, it will at the very least require some preprocessor crap.  OK, ignore it, stick to OpenSSL, kill off the -Werror compiler option, and maybe revisit the issue at some later date.

Not good enough.  The build bombs out when something (not my code, and I’d rather not have to hack it) uses HMAC functions, whose signature on Mac is different to other platforms.  So openssl on Mac – specifically /usr/include/openssl/hmac.h – is nonstandard!  Grrr …  In fact it appears to be some bastardised hybrid: OpenSSL function names with CCHmac-like declarations.  Is this OpenSSL in fact a wrapper for CC_crypto?  If so, why is it all deprecated?  Or if not, who has mutilated the API?

Well OK, that’ll be what Homebrew was talking about when it flashed up some message about installing OpenSSL only under Cellar, and not as a standard/system-wide lib.  So I have another OpenSSL.  Perhaps more?  locate hmac.h finds a whole bunch of versions (ignoring duplicates and glib’s ghmac.h):

/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.7.sdk/usr/include/openssl/hmac.h
/private/var/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.7.sdk/usr/include/openssl/hmac.h
/usr/include/openssl/hmac.h
/usr/local/Cellar/openssl/1.0.2/include/openssl/hmac.h

Of those, only the Cellar version is compatible with the canonical OpenSSL.  A –with-openssl configure option fixes my immediate problem, but throws up a bunch of questions:

  • Why have I had to jump through these hoops?
  • Where would I start if I want to use CC_crypto as advised in existing OpenSSL-using code?
  • What do I need to keep up-to-date on my system?  Presumably standard apps use the version in /usr , but is anything keeping that updated if homebrew isn’t touching it?

Dammit, looks like this Mac may be vulnerable!  Everything in /usr/include/openssl is dated 2011 (when the macbook was new).  The libssl in /usr/lib is dated September 2014 – which suggests it has been updated by some package manager.  But it identifies itself as libssl.0.9.8, which is not exactly current.  Maybe it’s a Good Thing the macbook’s wifi died, so it no longer travels with me outside the house.

WTF is Apple doing to us?

Advertisements

Technology FAIL

After the weekend’s high of singing Mahler, it was down to Earth with a bump today, as I found myself doing battle with the Macbook and Apple’s UK operations.

It started when it didn’t start, so to speak.  That is to say, the laptop screen remained resolutely blank, no matter what I did.  In other matters the machine seemed OK: turning it off and then powering up gave the characteristic startup sound and the disc spun into motion, but nothing on the screen.

Shining a bike light on it close up revealed the faint apple logo, indicating that it is in fact the backlight that failed (dammit, why can’t I get a laptop with e-ink screen?)  And given that for a few days I’ve had intermittent issues with it going blank when adjusting the screen angle, it seems likely to be a connection that’s at fault.

In a desktop context I would of course expect to identify and fix or replace the faulty component fairly easily.  In a laptop, my reaction is to take it to the professionals and hope they can do something within the bounds of my bank balance.  So I googled for Apple UK store.  That got me their online store, but no hint of a store locator!  I know there’s a store in Exeter, but even typing “Exeter” into Apple UK’s search box drew a blank.

Come on Apple.  What’s the use of physical shops if you won’t tell us how to find or contact them?

Phoning Apple UK’s number from the site got me eventually to a human.  He started by insisting on my serial number, then told me in accusatory terms that the computer belonged to someone completely different.  A nasty moment was resolved when it turned out he’d misheard a single “B” as “D”, and Apple’s database does indeed list me as owner of my macbook.  But isn’t it alarming that valid serial numbers should differ only by something so easily confusable?  If the other machine had been reported lost/stolen, they could’ve been accusing me of theft!

Having got through that, the man was friendly and helpful enough, but couldn’t answer my question: whether it would be worth my while to take it to an apple store.  I mean, if they can fix it for £50 then great – well worth the time and trouble of taking it in.  But if they charge £50 to tell me they can’t do anything – or that they would charge a further £500 – I should be well p***ed off.  Of course he wasn’t going to diagnose it on the phone, but I’d hoped he’d at least have a feel for whether this class of problem could usually be fixed or whether I was wasting my time.

He did give me a phone number for a Plymouth store called Stormfront, which is my nearest Apple dealer.  Phoning that number got altogether more bizarre.  Their menu tells me to select one of just two options, but after selecting either option, nothing happens.  Until, after about a minute, a tone indicates the call has died.  Googling the Plymouth store found a second ‘phone number, but that got me exactly the same thing.  Seems the Plymouth store isn’t contactable: so much for their technology!  I’ve emailed them, but no great expectation of that going anywhere more productive than the ‘phone.

Should I just try and fix it myself?  If it’s anything like a loose connection, I’m in contention for the world’s worst person with a soldering iron.  Unfortunately I don’t know how much I’ve got to lose (or rather, to gain compared to writing it off by taking it to someone competent).  Bah, Humbug.