Re: [Chicken-users] OpenSSL egg option defaults poll
Hi, I'd be glad if some of you could test this out and tell me what you think about it Can you give some tips for how to test this from a spiffy applications? I usually just pass in ssl-accept instead of tcp-accept. [...] Hello, actually I have very little experience with spiffy, but if it can use ssl-accept, it must use ssl-listen somewhere and that's the point that would need to be adapted. Judging by Spiffy's documentation in the Wiki you could do something like this: (define ear (ssl-listen* hostname: localhost port: 44344 certificate: my-server-cert.pem private-key: my-server-key.pem)) (accept-loop ear ssl-accept) Beware, this snippet of code is completely untested! I've just tried this. I have openssl 1.0.1e-2+deb7u13 on my localhost With ssl-listen: $ nmap --script ssl-enum-ciphers -sV -p 8080 127.0.0.1 - | ssl-enum-ciphers: | SSLv3 | Ciphers (9) | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_DES_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_MD5 - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | TLS_RSA_WITH_SEED_CBC_SHA - unknown strength | Compressors (1) | NULL | TLSv1.0 | Ciphers (9) | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_DES_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_MD5 - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | TLS_RSA_WITH_SEED_CBC_SHA - unknown strength | Compressors (1) | NULL | TLSv1.1 | Ciphers (9) | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_DES_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_MD5 - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | TLS_RSA_WITH_SEED_CBC_SHA - unknown strength | Compressors (1) | NULL | TLSv1.2 | Ciphers (13) | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA256 - strong | TLS_RSA_WITH_AES_128_GCM_SHA256 - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_AES_256_CBC_SHA256 - unknown strength | TLS_RSA_WITH_AES_256_GCM_SHA384 - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_DES_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_MD5 - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | TLS_RSA_WITH_SEED_CBC_SHA - unknown strength | Compressors (1) | NULL |_ Least strength = unknown strength - With ssl-listen*: - | ssl-enum-ciphers: | TLSv1.2 | Ciphers (13) | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA256 - strong | TLS_RSA_WITH_AES_128_GCM_SHA256 - strong | TLS_RSA_WITH_AES_256_CBC_SHA - unknown strength | TLS_RSA_WITH_AES_256_CBC_SHA256 - unknown strength | TLS_RSA_WITH_AES_256_GCM_SHA384 - unknown strength | TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - unknown strength | TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - unknown strength | TLS_RSA_WITH_DES_CBC_SHA - unknown strength | TLS_RSA_WITH_RC4_128_MD5 - unknown strength | TLS_RSA_WITH_RC4_128_SHA - strong | TLS_RSA_WITH_SEED_CBC_SHA - unknown strength | Compressors (1) | NULL |_ Least strength = unknown strength - I'm not sure I entirely trust nmap as other the openssl tool shows that zlib compression is negotiated when using either ssl-listen or ssl-listen* ssl-listen: - New, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression SSL-Session: Protocol : TLSv1.2 Cipher: AES256-GCM-SHA384 Session-ID: ADB914DDE44B74FABB090BFAA419BCE65B3969B5C1CA1981007B43E4DFEE21BE Session-ID-ctx: Master-Key: F148213C9B6AA23159CFD29129833A3DBB283B611B6234636B3F5F355FB5BA06C9BB740B4408ADF2B404817BCE24F27C Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: - 48 89 c5 a7 75 7f 03 c9-a3 1a 9d fd 61 5c 4e 8d
Re: [Chicken-users] OpenSSL egg option defaults poll
Hi, ;; close (lambda () (when (startup #t) (if outbuf - (begin -(output outbuf) -(set! outbuf ))) +(begin + (unbuffered-write outbuf 0 outbufsize) + (set! outbufsize 0))) (set! out-open? #f) (shutdown))) AFAICS, this makes it impossible to close the file descriptors behind ports where the remote end has closed the connection while there is still data queued for transmission. Florian ___ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users
[Chicken-users] Enhancement request for the trace egg
I have two enhancement/suggestions for the trace egg: 1. Adding the line highlighted below to trace.scm gives me information on were the call was made, something I find very useful. 2. With huge or hierarchal data structures trace output gets annoyingly long. A mechanism for triming the output would be helpful. (define (traced-procedure-entry name args) (let ((port (trace-output-port))) (trace-indent) (set! *trace-indent-level* (fx+ 1 *trace-indent-level*)) (write (cons name args) port) (write , Called from: port) * (write (conc (car (reverse (get-call-chain)* (write-char #\newline port) (flush-output port) ) ) Thanks, -- Matt -=- 90% of the nations wealth is held by 2% of the people. Bummer to be in the majority... ___ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] Working on Geiser integration
A short update: I've made fairly good progress in the last few days. I would say about 3/4 of the features are complete. A special thanks to the authors of the Apropos and Chicken-Doc eggs! -Dan On 14-11-21 03:48 PM, Daniel Leslie wrote: As a follow-up to my earlier inquiries regarding SLIME, I'd like to notify those who were interested that I've opted to instead work on Geiser support. The path to full support seems a little easier and, IMHO, the integration with Scheme is more natural. AFAICT, previous efforts to support Chicken in Geiser have been abandoned and never made it much farther than launching the interpreter. Please inform me if I am mistaken in this regard. My efforts are here: https://github.com/dleslie/geiser Currently, CAPF is working, so by extension I expect ac-geiser works as well, though I haven't tried yet. I expect to have the bulk of the remaining work done in the next few weeks, as I have a whole lot of free time. At the moment there's a three week old little girl wrapped to my chest, and I've been taking the long night shifts for bottle feeding which give me plenty of time to hack. Take care, -Dan PS- I cross-posted to chicken-hackers because I believe this is relevant to those who may be able to provide some advice in sussing out the internals. ___ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users
Re: [Chicken-users] ffi howto
On 21 Nov 2014, at 18:48, chicken-us...@shorbaji.com wrote: Hello, I need some help getting started with ffi. I am attempting to bind libuv to scheme code. Hello. You can not just call lambda from foreign code because garbage collector moves those around and the program will eventually crash. You need to declare it as an external function like Richard suggested so it essentially becomes C function. Incidentally, I’m experimenting with adding libuv to CHICKEN too. The idea is to just suspend the thread waiting for a callback and let the scheduler to figure out which lambda to call later. You can look at my early draft on: https://github.com/bazurbat/chicken-scheme/blob/next/src/scheduler/scheduler-uv.scm and accompanying scheduler.c which might give you ideas about FFI. -- Regards, Oleg Art System ___ Chicken-users mailing list Chicken-users@nongnu.org https://lists.nongnu.org/mailman/listinfo/chicken-users