World: r3wp
[Red] Red language group
| older newer | first last |
| BrianH 9-Nov-2011 [3758x2] | Geomol, the recent exploits of SSL don't affect TLS (at least 1.1 iirc). So yes, we need to implement TLS, but maybe not SSL. |
Has the PuTTY code been updated to patch the latest exploits? | |
| Dockimbel 9-Nov-2011 [3760] | Some serious bugs seem to have been fixed in the latest release: http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html |
| Kaj 9-Nov-2011 [3761x5] | Including PolarSSL in Red would not only require every Red program to provide the library source code, it would require every Red program to be open source. That's unacceptable for business purposes |
As far as I know, OpenSSL is the only TLS implementation under BSD, but it's the old BSD licence with advertising clause. This makes it incompatible with GPL software such as libraries one may want to use with Red, if they don't have an explicit exception for OpenSSL | |
Much GPL software that is relevant has that exception, so it's a limited problem | |
From a technical standpoint, Jaromil has advised me that GNU TLS is of higher quality. It is LGPL, so it's acceptable as long as you agree to provide the source code to GNU TLS only, as with many other libraries | |
It would be great to eventually implement many libraries in Red, but this is a gargantuan task, and security code is very specialised and critical | |
| Andreas 9-Nov-2011 [3766] | GnuTLS is indeed of _much_ higher quality than OpenSSL. It is not as widespread, though. |
| Dockimbel 9-Nov-2011 [3767] | Kaj: you're right, I misunderstood the extend of article 2.4 in License Exception. We can't use it. |
| Kaj 9-Nov-2011 [3768] | Apparently, PuTTY has its own BSD SSL implementation, so that's interesting. But it's not structured as a library, but entirely integrated in the other protocols, seems somewhat limited and lacking in portability. The only way to use it would be to rip out the source code and make a portable library out of it, or reimplement it in Red |
| Geomol 9-Nov-2011 [3769] | Kaj, can you see, if it's a SSL implementation or just SSH? Or is SSL there by automatic, when making SSH implementations? |
| Kaj 9-Nov-2011 [3770] | There is hardly any talk of SSL, but of the separate authentication methods that it comprises. Indeed, SSH implies what is called SSL, so it's in there in some form |
| Geomol 9-Nov-2011 [3771] | Thanks! |
| Kaj 9-Nov-2011 [3772] | It could be completely entangled with the SSH protocol, but since they also do SFTP, one can hope it is somewhat abstracted internally |
| Andreas 9-Nov-2011 [3773x2] | SFTP is basically nothing more than a set of specific commands sent over SSH. |
That alone won't require much abstraction, I fear. | |
| Kaj 9-Nov-2011 [3775] | Ah, right, so it could still be entangled. I was thinking of FTPS |
| Dockimbel 9-Nov-2011 [3776] | AFAIK, SSL and SSH are different communication protocols that rely on common hashing and encryption algorithms on the low-level layer. |
| Kaj 9-Nov-2011 [3777] | Yes, it doesn't seem to be called SSL within SSH, but there is talk of TLS |
| Andreas 9-Nov-2011 [3778x3] | Didn't PuTTY also do telnet/ssl? |
Hmm, seems it doesn't. | |
Well, then there's probably hardly anything SSL/TLS-specific in there, except for some common crypto primitives as Doc mentioned. | |
| Geomol 9-Nov-2011 [3781] | There is a "telnet.c" in the PuTTY sources. |
| Dockimbel 12-Nov-2011 [3782x3] | I have just bricked my Sheevaplug by doing a simple "apt-get upgrade"...:-( |
No way to get access to it anymore even using the USB direct connection. | |
So I need to find a suitable ARM emulator now to be able to finish the ARM port... | |
| GrahamC 12-Nov-2011 [3785x2] | No warranty? |
Seem to be several howtos on how to unbrick a sheevaplug | |
| Dockimbel 12-Nov-2011 [3787x2] | Warranty: I don't think that warranties apply on "bricked" hardware, anyway, I never rely on warranties. |
I will see if I can setup QEMU to emulate an ARM and install a suitable Linux image over it. | |
| Luis 13-Nov-2011 [3789x2] | Can not be reflashed ? |
http://myubuntublog.wordpress.com/tag/sheevaplug/ | |
| Dockimbel 13-Nov-2011 [3791x3] | Yes it can, but the procedure is long and complicated. It also requires a USB stick that will be recognized by the sheeva. |
I can't get the QEMU network emulation to work at all... | |
Just spent my whole day trying to make QEMU work fully, I'm giving up that option for now. I will try tomorrow to get my sheeva back to life. | |
| Kaj 13-Nov-2011 [3794x2] | Never trust update systems |
I've been working on a GoboLinux upgrade for the past days after nuking my installation, and there are all sorts of problems | |
| Dockimbel 13-Nov-2011 [3796x3] | Got networking partially working with QEMU, let's see if it's enough to setup the tools I need. |
Kaj: you got a message here: https://gist.github.com/1326101 | |
Got my QEMU/ARM Debian instance working properly now. I am using WinSCP to automatically transfer the compiled binary files between the host and guest OS. | |
| Luis 13-Nov-2011 [3799] | green lights for Red !! |
| MikeL 18-Nov-2011 [3800] | I am trying more Red examples from Kaj's bindings. Some working well.... but GTK failing on libgio-2.0-0.dll Other DLLs that were needed for WinXP seemed to be in the mysql distribution ... except this one. Little hits on reliable downloads of pre-built DLL. Anybody used it in WinXP? |
| Dockimbel 18-Nov-2011 [3801] | I've uploaded a zipped copy of mine: http://sidl.fr/tmp/libgio-2.0-0.zip |
| MikeL 18-Nov-2011 [3802] | merci |
| Dockimbel 18-Nov-2011 [3803] | But, I have tested it on Seven only... |
| MikeL 18-Nov-2011 [3804x2] | Soon on XP |
Cascading DLL problems ... libglib*.... Can you provide the full DLL list that works with GTK? | |
| Dockimbel 18-Nov-2011 [3806x2] | Let me find that... |
Here's the direct download link for the GTK runtime I'm using: http://freefr.dl.sourceforge.net/project/gtk-win/GTK%2B Runtime Environment/GTK%2B 2.22/gtk2-runtime-2.22.0-2010-10-21-ash.exe | |
| older newer | first last |