On Wed, Oct 20, 2021 at 2:11 PM Rob Landley wrote:
> On 10/20/21 12:50 PM, enh wrote:
> > general idea. To be honest, making puppy eyes at him to use his work
> under 0BSD
> > and then cleaning it up to be a proper lib/tls.c that toybox and
> busybox could
> > share would be good.
On Wed, Oct 20, 2021 at 1:45 PM Eric Molitor wrote:
> I need to sort out a few more defects but will try both BoringSSL and the
> FIPS Version of OpenSSL 3.0. In theory both should "just work" with this
> integration. Albeit with the caveat that FIPS 140-2 verification ended last
> mouth and I
On 10/20/21 3:45 PM, Eric Molitor wrote:
> I need to sort out a few more defects but will try both BoringSSL and the FIPS
> Version of OpenSSL 3.0. In theory both should "just work" with this
> integration.
> Albeit with the caveat that FIPS 140-2 verification ended last mouth and I
> don't
>
On 10/20/21 12:50 PM, enh wrote:
> general idea. To be honest, making puppy eyes at him to use his work
> under 0BSD
> and then cleaning it up to be a proper lib/tls.c that toybox and busybox
> could
> share would be good. Busybox already has )
>
> does that seem likely?
If I ask
I need to sort out a few more defects but will try both BoringSSL and the
FIPS Version of OpenSSL 3.0. In theory both should "just work" with this
integration. Albeit with the caveat that FIPS 140-2 verification ended last
mouth and I don't believe either BoringSSL or OpenSSL 3 are FIPS 140-3
On Wed, Oct 20, 2021 at 10:35 AM Rob Landley wrote:
> On 10/20/21 11:51 AM, enh wrote:
> > for the ignorant (like me) --- are these libraries like BearSSL an extra
> > abstraction on top of stuff like openssl/boringssl, or are they roughly
> equivalent?
>
> Roughly equivalent. Think openssh vs
On 10/20/21 11:51 AM, enh wrote:
> for the ignorant (like me) --- are these libraries like BearSSL an extra
> abstraction on top of stuff like openssl/boringssl, or are they roughly
> equivalent?
Roughly equivalent. Think openssh vs dropbear.
> (i'm just thinking ahead to what i'd have to do to
for the ignorant (like me) --- are these libraries like BearSSL an extra
abstraction on top of stuff like openssl/boringssl, or are they roughly
equivalent?
(i'm just thinking ahead to what i'd have to do to get toybox wget working
with boringssl because of FIPS. which, yes, makes about as much
Thanks Rob,
I'll take a bit deeper dive and send a new set of patches with the
following...
* Add hooks for TLS support and a simple abstraction to do so
* Add content disposition support, making -O optional
* Fix HTTP response header processing
* General cleanup of the wget toy
* I'll also take
On 10/17/21 2:48 PM, Eric Molitor wrote:
> Let me take a look at signify I'll also send the missing part of the patch
> with
> -ltls shortly.
>
> Alpine has libtls, either the openssl port in the libretls package or the
> original openbsd lbressl-tls. For my embedded stuff I'm statically linking
On 10/18/21 4:22 AM, Eric Molitor wrote:
> Updated patch including make.sh.
>
> On Alpine to build install libretls-dev which should pull in the dependencies.
> For my embedded builds I manually build BearSSL and
> https://github.com/michaelforney/libtls-bearssl
>
Updated patch including make.sh.
On Alpine to build install libretls-dev which should pull in the
dependencies. For my embedded builds I manually build BearSSL and
https://github.com/michaelforney/libtls-bearssl adding appropriate -L flags
in LDFLAGS. I've also tested that it works with
Let me take a look at signify I'll also send the missing part of the patch
with -ltls shortly.
Alpine has libtls, either the openssl port in the libretls package or the
original openbsd lbressl-tls. For my embedded stuff I'm statically linking
BearSSL and
On 10/17/21 8:44 AM, Eric Molitor wrote:
> Attached is a relatively quick and certainly dirty patch to wget adding TLS
> support via libtls.
https://landley.net/toybox/design.html#:~:text=policy%20on%20shared%20libraries
> I threw this together on a plane but it's working reasonably
> well for
Attached is a relatively quick and certainly dirty patch to wget adding TLS
support via libtls. I threw this together on a plane but it's working
reasonably well for me allowing me to remove Curl/libcurl on a few
projects. I will submit further patches to clean up this toy as it's in
pretty dire
15 matches
Mail list logo
