Comments (13)
Carter we've simply not made a way to expose it - yet. A diff that would
address your needs would be considered.
On Mon, Jul 4, 2016 at 5:45 PM, Carter Tazio Schonwald <
[email protected]> wrote:
Hello!
I'm In the midst of writing a Haskell binding to libtls / libressl (in
their portable build incarnation), and it seems that I can't expose alpn
information unless I either violate / use the private struct rep at the
libtls layer or do a more direct wrapping of the underlying libressl APIs.
I'm totally fine with doing the latter. But seems like an oversight from
the perspective of making it easy for a libtls user to write a simple
https-v2 client or server library leveraging the libtls Api.This may or may not have been discussed previously or already be a known
issue, but I figure erring on the side of over communication :)Cheers!
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
#65, or mute the
thread
https://github.com/notifications/unsubscribe/AHv2dXIB-Bs1lmBVEQSnieqmxl8MS2Udks5qSZsZgaJpZM4JEsRI
.
from openbsd.
Cool! I'll have a look as I have time this week. What's your preferred mechanism for me to make such a patch / diff available for review ?
from openbsd.
Depends how serious you are with it.
If you know what you are doing make a diff against the OpenBSD sources for
real, if you aren't used to
that a --no-prefix git diff against portable will probably do - mailed to
[email protected] for us to peruse.
On Mon, Jul 4, 2016 at 9:23 PM, Carter Tazio Schonwald <
[email protected]> wrote:
Cool! I'll have a look as I have time this week. What's your preferred
mechanism for me to make such a patch / diff available for review ?—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AHv2dVrtKAIkdN89gJRTpjVLIifVmZwMks5qSc5CgaJpZM4JEsRI
.
from openbsd.
Cool. I'll see what I can do. I'm not familiar with CVS but I'll see what
I can do.
Do you want the patch set relative to the open BSD libressl repo or a
checkout of the libressl/portable repo if I do the latter git approach ?
On Jul 4, 2016 11:27 PM, "bob-beck" [email protected] wrote:
Depends how serious you are with it.
If you know what you are doing make a diff against the OpenBSD sources for
real, if you aren't used to
that a --no-prefix git diff against portable will probably do - mailed to
[email protected] for us to peruse.On Mon, Jul 4, 2016 at 9:23 PM, Carter Tazio Schonwald <
[email protected]> wrote:Cool! I'll have a look as I have time this week. What's your preferred
mechanism for me to make such a patch / diff available for review ?—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<
#65 (comment)
,
or mute the thread
<
https://github.com/notifications/unsubscribe/AHv2dVrtKAIkdN89gJRTpjVLIifVmZwMks5qSc5CgaJpZM4JEsRI.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AAAQwlvDzMS6_i-AxaiE7qwQoUPFoupqks5qSc8LgaJpZM4JEsRI
.
from openbsd.
A git patch relative to the openbsd repo here is just fine. It's a mirror of all of the relevant parts of the CVS repo. I've used git show or git format-patch on tech@openbsd a number of times. Just watch out for email whitespace damage :P
from openbsd.
Hehe. So maybe gzipped with a signnature of my pub key, which has been
signed by other folks?
Gotcha.
Also, I really appreciate how responsive you've been to my question :)
On Tuesday, July 5, 2016, Brent Cook [email protected] wrote:
A git patch relative to the openbsd repo here is just fine. It's a mirror
of all of the relevant parts of the CVS repo. I've used git show or git
format-patch on tech@openbsd a number of times. Just watch out for email
whitespace damage :P—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/AAAQwuoGl80qYSiRxFGdxJcoTuL6zv-Rks5qSnADgaJpZM4JEsRI
.
from openbsd.
inline is preferable please
from openbsd.
I started adding ALPN support to libtls a long time back, but never got around to finishing it off - I have a working diff, which I should be able to provide soon.
from openbsd.
I've just posted a diff that adds ALPN support to libtls:
https://marc.info/?l=openbsd-tech&m=146963880513549&w=2
from openbsd.
Sweet! Looks like a much better patch than I would have done (my c and
contributing to c code bases skills are rusty :))
What time line is this likely to be reflected in libressl portable? Also
what's the recommended way of detecting has an install that lacks that
feature?
On Wednesday, July 27, 2016, Joel Sing [email protected] wrote:
I've just posted a diff that adds ALPN support to libtls:
https://marc.info/?l=openbsd-tech&m=146963880513549&w=2
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAAQwsH3djrmrUp0k0Y5GLaxba8X6KEbks5qZ48AgaJpZM4JEsRI
.
from openbsd.
Sweet! Looks like a much better patch than I would have done (my c and
contributing to c code bases skills are rusty :))
What time line is this likely to be reflected in libressl portable? Also
what's the recommended way of detecting thst a user of my ffi binding would
have too old a copy of libressl portable?
On Wednesday, July 27, 2016, Joel Sing [email protected] wrote:
I've just posted a diff that adds ALPN support to libtls:
https://marc.info/?l=openbsd-tech&m=146963880513549&w=2
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAAQwsH3djrmrUp0k0Y5GLaxba8X6KEbks5qZ48AgaJpZM4JEsRI
.
from openbsd.
This has been committed in OpenBSD -current, so should show up in libressl portable git sometime soon (and be in the next unstable release).
Re detecting support, ideally check for the tls_config_set_alpn()/tls_conn_alpn_selected() functions, otherwise TLS_API >= 20160812.
from openbsd.
Thanks for being so incredible responsive and helpful. The level of
positive friendly helpful professionalism has really blown me away (also my
first time interacting with operating systemsy oss folks :) )
On Friday, August 12, 2016, Joel Sing [email protected] wrote:
This has been committed in OpenBSD -current, so should show up in libressl
portable git sometime soon (and be in the next unstable release).Re detecting support, ideally check for the tls_config_set_alpn()/tls_conn_alpn_selected()
functions, otherwise TLS_API >= 20160812.—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#65 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAAQwkSTI9GyIvuN2GlLRAbCHD5AEOqEks5qfI5DgaJpZM4JEsRI
.
from openbsd.
Related Issues (20)
- curl-7.73.0 w/ libressl-3.2.2 leaks memory HOT 11
- tls_keypair_load_cert() fail but return no error HOT 2
- SSL_CTX_{g,s}et_security_level HOT 3
- Any possibility of creating a ruby gem for this project? HOT 1
- Inconsistent cert verification errors returned between TLS 1.2 and 1.3 HOT 6
- License information not available HOT 1
- one bug
- stack-buffer-overflow in function x509_constraints_parse_mailbox HOT 2
- TLS 1.3 decrypting support
- SIGSEGV occurred in EVP_MD_CTX_cleanup() immediately after malloc() returned NULL in pkey_hmac_init(). HOT 3
- Missing DSA_meth_set1_name HOT 2
- URI Checks are too strict in subject alt name HOT 2
- netcat may read from invalid file descriptors
- libtls: make the TLS_EOF_NO_CLOSE_NOTIFY bit user-visible
- stack-buffer-overflow(max 5byte) in print_bin() when indent is specified as 124 or more
- SIGSEGV occurs if memory allocation fails in ssl3_setup_init_buffer() called by tls13_use_legacy_stack() when downgrading from TLS1.3. HOT 4
- SSL_get{_peer,}_signature_type_nid implemented but not exported HOT 1
- Compat: Ability to compile without IPv6 support HOT 2
- EVP_get_cipherbynid/EVP_get_digestbynid when given an invalid ID/EVP_get_digestbyname segfaults with NULL argument HOT 4
- !tlsv1.0 and !tlsv1.1 disables tlsv1.2 in `tls_config_parse_protocols` HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openbsd.