~mcf

https://mforney.org

~mcf/cproc

Last active 19 days ago

~mcf/libtls-bearssl

Last active 6 months ago

~mcf/dnssec-rr

Last active 1 year, 4 days ago

~mcf/test

Last active 1 year, 5 months ago
View more

Recent activity

Re: [RFC PATCH] WIP: client side certificates 2 days ago

From Michael Forney to ~sircmpwn/gmni-devel

On 2021-03-04, Michael Forney <mforney@mforney.org> wrote:
> Drew DeVault <sir@cmpwn.com> wrote:
>> Also, BearSSL lacks support for creating new certificates, so automatic
>> certificate creation will have to be postponed. I might actually end up
>> ditching BearSSL over this, mere hours after I decided to switch to it,
>> which I'm rather annoyed about.
>
> I think it wouldn't be too difficult to write a small utility/library
> to wrap a public key in a self-signed certificate. This would be
> quite useful even outside the context of gemini.

I ended up writing such a utility/library: https://git.sr.ht/~mcf/x509cert

> It should just be

Re: [PATCH v3 2/2] handle prefixed string literals 27 days ago

From Michael Forney to ~mcf/cproc

Thanks! This is shaping up pretty well.

On 2021-04-14, Nihal Jere <nihal@nihaljere.xyz> wrote:
> ---
> The patch now handles initializers inside structs and functions
> properly, and the tests for these have been updated for wide strings as
> well.
>
> I'm not sure my change in parseinit is correct, but it seems to work
> well in my testing.
>
> While testing, I found that gcc treats wide prefixed literals as type
> int, and complains when you try to assign it to an unsigned int array,

Re: [PATCH v2 3/5] allow for different width strings in string expressions a month ago

From Michael Forney to ~mcf/cproc

On 2021-04-04, Nihal Jere <nihal@nihaljere.xyz> wrote:
> ---
>  cc.h   | 8 +++++++-
>  decl.c | 4 ++--
>  qbe.c  | 4 ++--
>  3 files changed, 11 insertions(+), 5 deletions(-)
>
> diff --git a/cc.h b/cc.h
> index 482b2a2..1763894 100644
> --- a/cc.h
> +++ b/cc.h
> @@ -1,4 +1,6 @@
>  #include <stdio.h>
> +#include <wchar.h>

Re: [PATCH v2 2/5] qbe.c: put explicit 0 at the end of strings a month ago

From Michael Forney to ~mcf/cproc

Thanks for the v2!

On 2021-04-04, Nihal Jere <nihal@nihaljere.xyz> wrote:
> I would imagine there's probably a good reason that the 'z' is used to
> fill out the data field, but this is the simplest way I found to deal
> with an empty string if there isn't.

The reason is for cases like this:

	char s[4] = "a"
	=>
	data $s = align 1 { b "a", z 3 }

in order to avoid a bunch of 0s when the array size is large (imagine

Re: [PATCH 2/3] expr.c: handle prefixed string literals a month ago

From Michael Forney to ~mcf/cproc

On 2021-03-27, Nihal Jere <nihal@nihaljere.xyz> wrote:
> ---
>  expr.c | 110 +++++++++++++++++++++++++++++++++++++++++++++++++++------
>  qbe.c  |   2 +-
>  2 files changed, 101 insertions(+), 11 deletions(-)
>
> diff --git a/expr.c b/expr.c
> index 8b10bf4..d20e8c2 100644
> --- a/expr.c
> +++ b/expr.c
> @@ -7,9 +7,51 @@
>  #include <stdlib.h>
>  #include <string.h>
>  #include <strings.h>

Re: [PATCH 1/3] qbe.c: always output strings as byte type a month ago

From Michael Forney to ~mcf/cproc

Thanks so much for the patches! This is something I have put off for
too long, but really needs to be done. Your patches look like a really
good first attempt.

On 2021-03-27, Nihal Jere <nihal@nihaljere.xyz> wrote:
> I would have also written a test for it, but the wide character types
> require headers. I suppose they could be typedefed to the right types in
> the test, but that might be unportable.

Hmm, yeah, not sure about that. For char16_t and char32_t, you should
just assume that they are unsigned short and unsigned respectively.

So like

Re: [RFC PATCH] WIP: client side certificates 2 months ago

From Michael Forney to ~sircmpwn/gmni-devel

Drew DeVault <sir@cmpwn.com> wrote:
> This is a WIP patch which implements client-side certificates, at first
> only for gmni, but later for gmnlm as well. Posting to the mailing list
> for general feedback, but also in case there's any BearSSL users around
> who might be able to help work out the bugs - it doesn't actually appear
> to work. BR_ERR_INVALID_ALGORITHM.
> 
> Also, BearSSL lacks support for creating new certificates, so automatic
> certificate creation will have to be postponed. I might actually end up
> ditching BearSSL over this, mere hours after I decided to switch to it,
> which I'm rather annoyed about.

I think it wouldn't be too difficult to write a small utility/library
to wrap a public key in a self-signed certificate. This would be

Re: [PATCH 2/3] Remove unused _DEFAULT_SOURCE 6 months ago

From Michael Forney to ~mcf/libtls-bearssl

On 2020-10-16, Issam E. Maghni <issam.e.maghni@mailbox.org> wrote:
> How about adding this to tls_conninfo.c, tls_keypair.c an
> compat/freezero.c:
> /* explicit_bzero */
> #define _GNU_SOURCE
>
> To tls_config.c and bearssl.c:
> /* strsep */
> #define _GNU_SOURCE
>
> I find that using global _GNU_SOURCE is a bad idea because you are
> forced to add it into all the build system. I prefer to keep the compile
> arguments minimal, and compilation units self sufficient.
>

Re: [PATCH 1/3] Split code into include/ and src/ 6 months ago

From Michael Forney to ~mcf/libtls-bearssl

On 2020-10-16, Issam E. Maghni <issam.e.maghni@mailbox.org> wrote:
> Well, it cleans the repository by having a clear cut between source
> code, headers, documentation, build systems, etc.

I actually find that the source is easier to work with a flat
hierarchy. Occasionally I am fine with an "include" directory, but I
think it should only contain headers meant to be installed into
$PREFIX/include, not internal headers like tls_internal.h.

> I maintain a forked version where I added Meson build system to ease the
> development (e.g. auto generation of compile_commands.json) and fixed
> some defines. See https://git.sr.ht/~iemaghni/libtls-bearssl. Feel free
> to upstream my changes if you want :)

Re: [PATCH 2/3] Remove unused _DEFAULT_SOURCE 6 months ago

From Michael Forney to ~mcf/libtls-bearssl

These last two patches remove _DEFAULT_SOURCE and then add
_GNU_SOURCE, but only for one file (tls.c).

The following non-POSIX functions are used by libtls-bearssl:
- strsep (tls_config.c, bearssl.c)
- [v]asprintf (tls.c)
- explicit_bzero (tls_conninfo.c tls_keypair.c compat/freezero.c)

strsep and explicit_bzero originated on BSD, as well as libtls itself,
which is why I had the project-wide _DEFAULT_SOURCE (this is used on
Linux to enable BSD extensions, along with some other stuff).

But, I think the problem you are trying to address is that glibc
doesn't expose [v]asprintf without _GNU_SOURCE (though on all other