The main reason I ask is because most people use OpenSSL and won't have LibreTLS installed so that'll be an extra step, vs. linking directly to OpenSSL/LibreSSl will make it usable without installing anything extra on many *nix systems, but will also be a lot more work.
Conversation
Notices
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 01:58:22 UTC 
nytpu
-
theruran ππ΄ (theruran@hackers.town)'s status on Thursday, 03-Feb-2022 01:58:18 UTC
theruran ππ΄
@nytpu @wolf480pl Drew's new programming language? :bloblul:
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 01:58:18 UTC
nytpu
@theruran
https://drewdevault.com/2021/03/19/A-new-systems-language.html
In 2020 he just contacted me out of the blue asking me for thoughts on it so I've been sorta following it as they're developing it.I dunno how I feel about it, it has some interesting aspects, although maybe it's a bit redundant with seemingly everyone releasing a new βC replacementβ language these days
Santa Claes πΈπͺππ°π likes this. -
theruran ππ΄ (theruran@hackers.town)'s status on Thursday, 03-Feb-2022 01:58:19 UTC
theruran ππ΄
@nytpu @wolf480pl yeah, I wouldn't fuck with OpenSSL. you can read the release notes from LibreSSL to see why.
is it feasible to use spark-nacl to write a libtls equivalent? fewer dependencies especially to C libs is more desirable but obviously more work.
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 01:58:19 UTC
nytpu
@theruran
Since *ssl use their own crypto primitives, if I was to use spark-nacl then I'd have to reimplement all of TLS (other than the cryptographic stuff) myself which is just a little bit beyond the scope of what I want to get into right now.Especially since I'm currently on the sidelines watching Drew DeVault and a few other people writing cryptographic primitives and TLS implementations for Drew's new programming language, it's only reinforcing that it's nothing I want to be getting into right now.
Maybe at some point in the far future but for right now I'll be fine with linking to a system C library.
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 01:58:20 UTC
nytpu
@wolf480pl Well, it wouldn't be particularly fun and a lot of work but I could probably get it working. The first step will be generating Ada imports from the OpenSSL headers so I'll see how hellish that turns out to be before deciding one way or the other.
I already have generated libtls imports and it's pretty nice so I'll probably end up writing a thick wrapper around those unless OpenSSL manages to somehow be better than expected.
-
Wolf480pl (wolf480pl@mstdn.io)'s status on Thursday, 03-Feb-2022 01:58:21 UTC
Wolf480pl
@nytpu I haven't seen OpenSSL API but I've heard it's hideous... but if you think you can make a libtls wrapper around it without introducing dangerous bugs then such a wrapper would be pretty cool!
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 01:58:50 UTC
nytpu
@theruran
Well think what you want (and I'm personally βmehβ on the language itself) but the standard library for it is pretty solid and they're writing it from scratch which is respectable.It has some of the more readable versions I've seen of many algorithms, I've already ~rewritten~ βused as a referenceβ a few parts of the stdlib so at the very least it's good for that :P
Santa Claes πΈπͺππ°π likes this. -
theruran ππ΄ (theruran@hackers.town)'s status on Thursday, 03-Feb-2022 01:58:51 UTC
theruran ππ΄
@nytpu @wolf480pl :picardfacepalm:
-
nytpu (nytpu@tilde.zone)'s status on Thursday, 03-Feb-2022 23:47:11 UTC
nytpu
@theruran @wolf480pl
Well I just came up with a third option: vendor LibreTLS with the project. If my configure script detects libtls is installed, link directly to it. If it isn't installed, then compile and statically link in the LibreTLS. The best of both worlds: I don't have to suffer using OpenSSL's API, and people don't have to install LibreTLS system-wide if they don't want to.Santa Claes πΈπͺππ°π likes this.
-
All Chirp! content and data are available under the