Ge0rGYay! I am not alone! https://gist.github.com/ValdikSS/30f866602413c036e4e6924c1895b838
goffiGe0rG: you are not alone willing to improve clients, but you should understand that we (clients developers) have limited time and resources.
mathieuiI think Ge0rG understands that just as much as other client developers
Ge0rGmathieui: or even more so.
Ge0rGThe last yaxim release has been two years ago.
Ge0rGBut I have good news to announce. I found a critical vulnerability in yaxim that requires an immediate release!
ZashNothing like a security issue to speed up the release schedule :D
mathieuislowly fades out in the background
Guushas left
manchohas left
Viniloxhas joined
Steve Killehas left
Guushas joined
Steve Killehas left
Guushas left
Guushas joined
intosihas left
intosihas joined
Guushas left
Guushas joined
Ge0rGdoes anyone know if xabber is still considered as maintained?
FlowGe0rG: yes, gregory is very active
Flowhe's contributing to smack as well as commiting to xabber
Ge0rGFlow: do you happen to have his jid?
manchohas left
FlowNo, I'd contact him via mail
Flowbtw, the development seems to happen in the 'develop' branch and not in 'master': https://github.com/redsolution/xabber-android/tree/develop
FlowWhich is a pitty as it makes the project appear inactive while it isn't
Flowuh, grigory that is
Valerianhas left
Valerianhas joined
Ge0rGhas joined
Valerianhas left
Valerianhas joined
Steve Killehas left
liebrehas joined
Guushas left
Guushas joined
Valerianhas left
intosihas left
intosihas joined
danielhas left
danielhas joined
Sonnyhas left
Sonnyhas joined
kalkinhas left
Ge0rGO tempora, o mores! Some mediated MUC invitations contain <x xmlns="jabber:x:conference"/>, despite not being required, others don't.
moparisthebesthas left
moparisthebesthas joined
Ge0rGis that a groupchat 1.0 invitation?
ZashYes, and also direct MUC invitation.
Ge0rGwhich have a different schema.
Ge0rGthe MUC code I inherited first checks for presence of <x xmlns="jabber:x:conference"/>, then parses <x xmlns="http://jabber.org/protocol/muc#user"><invite /></x>
Ge0rGwhich is bound to fail on non-groupchat1-servers and for direct invitations
liebrehas left
Sonnyhas left
Steve Killehas left
Sonnyhas joined
Valerianhas joined
Sonnyhas left
Sonnyhas joined
Ge0rGhas left
Guushas left
Guushas joined
Guushas left
Guushas joined
Ge0rGhas left
Ge0rGhas left
intosihas left
intosihas joined
Ge0rGhas left
Yagizahas joined
manchohas left
Guushas left
Guushas joined
Alexhas left
Ge0rGhas left
jerehas joined
waqashas joined
SamWhitedhas left
SamWhitedhas joined
vanitasvitaehas left
daurnimatorhas left
Guushas left
Guushas joined
daurnimatorhas left
Steve Killehas left
Guushas left
Guushas joined
Steve Killehas joined
Sonnyhas left
Sonnyhas joined
Zashfippo, do you have a socket library with MSG_PEEK support?
Ge0rGhas left
waqashas left
Alexhas joined
TobiasZash, it's supported by BSDs and Linux, end even abstraction libs like libuv
ZashHigh level socket library*
ZashLuaSocket doesn't afaik
SamWhitedhas left
SamWhitedhas joined
Tobiaslibuv is pretty high level
fippozash: proper C and good old select() :-)
Ge0rGhas left
pep.has left
fippozash: it doesn't have to be peek. if you can get your first batch of tcp data and then decide whether to put it into openssl or your xml parser that is sufficient. i found peek very convenient for the way i dealt with openssl (not using bios... a decade later i know how to do that too :-))
manchohas left
daurnimatorhas left
daurnimatorhas left
Ge0rGhas left
moparisthebestand that's a nifty feature, but I just let sslh handle all that for me
moparisthebestbecause I don't want an xmpp server doing xml and TLS on 443, I want https, imaps, smtps, xmpps, ircs etc etc etc all on 443
Holgersslh is nice indeed, except that it currently only supports select() or fork().
mhterreshas left
HolgerIt should just use libev or something ...
moparisthebesthe's very receptive to patches Holger, wink wink :)
moparisthebesthaproxy supposedly supports doing the same stuff and I think it uses libev and zero-copy stuff etc
moparisthebestI haven't tried it though
Zashlibev, libuv, libevent hrrrrr
Holgermoparisthebest: :-) Yes I was going to add libev support next time I'm bored.
TobiasZash, yeah...all the same stuff that requires to give up runtime control :/
ZashI'll just write my own network lib, with hookers, and blackjack!
Holgermoparisthebest: Should be really simple.
Tobiasbite my shiny little network lib :P
moparisthebestI'm hoping you get bored soon Holger , the sslh code is rather nice for C in my opinion, I'm not really a C developer
ZashWhy hasn't that moved into systemd yet?
Tobiashow can you judge the niceness of C code, when you're not really a C developer?
TobiasZash, too few CVE potential
TobiasZash, too small CVE potential
moparisthebestI mean, I write C code sometimes, but I'm primarily a Java developer
moparisthebestand some C code makes me wince and other looks nice :)
ZashTobias: TLS support in the socket activation bits of the init system? Surely you can get a few CVEs out of that?
TobiasZash, but it seems they go for low hanging CVEs instead of complicated TLS/socket CVEs ...as soon as OpenSSL and systemd reach the same code quality level they could merge that in...running OpenSSL code in PID 1, a dream come true
intosimoparisthebest: isn't that true in any language?
moparisthebestintosi, yes of course, I was only commenting that in my opinion the sslh code looked like nice C code
intosiBad coders will create awful code, no matter how nice the language. C doesn't only hand you the gun, it detaults to pointing it at your feet, making bad coding that much more obvious, but bad devs will go at lenghts to point guns towards feet.
waqashas joined
kaboomhas joined
kaboomhas left
kaboomhas joined
kaboomhas left
jubalhhas joined
Guushas left
Guushas joined
winfriedhas joined
winfriedhas joined
jcbrandhas left
mimi89999has left
jubalhhas left
xyzhas joined
jubalhhas joined
tim@boese-ban.dehas left
Guushas left
Guushas joined
Ge0rGhas left
mimi89999has left
mimi89999has left
mimi89999has joined
mimi89999has left
mimi89999has left
mimi89999has joined
xyzhas left
Yagizahas left
danielhas left
danielhas joined
Ge0rGintosi: C is rather easy to use correctly when compared to C++
manchohas left
Zashpointer to pointer to array of pointer to structs full of pointers to pointers hurts my head tho
danielhas left
danielhas joined
HolgerActually it's one of the few languages that feels like it more or less completely fits into my brain.
HolgerUnlike these C++/Scala/whatever monsters.
ZashSure, yeah. C and Lua <3
ZashC with moderate use of pointer indirection :)
HolgerYes C and Lua, and Erlang falls into that category as well :-) Most others don't.
Sonnyhas left
Sonnyhas joined
Ge0rGZash: arrays in C are a lie!
kalkinYou guys should try forth. Its so easy to implement it itself in asm.
ZashGe0rG: No, all memory is a giant array.
kalkinIt's minimal and your software ends up written in a DSL like language which makes fits your software
kalkinS/makes//
ZashSo many languages. So few ideas about what to do with them.
Ge0rGkalkin: I've written a robot control application in Z80 Forth some 20 years ago. Most find some time to blog it
Zashthrows a handfull of tiny magnetic rings at Ge0rG
intosiWait, I need to fix things on my SPARC, glad Openboot has forth built in ;)
xyzhas joined
Ge0rGZash: damn it, you just made me realize that /me notifications in yaxim are broken.
ZashGe0rG: You are welcome
SamWhitedhas left
Lancehas joined
xyzhas left
Ge0rGZash: thanks! βΊοΈ
ZashGe0rG: Speaking of which, is Yaxim still built with Smack versions from before SCRAM was implemented?
Holgerhas left
SamWhitedhas left
dwdBoth major C++ projects I've done recently went sailing through COverity et al without anything major being found. OTOH, their C dependencies were pretty scary.
danielhas left
danielhas joined
danielhas left
danielhas joined
Ge0rGZash: smack 3.something
danielhas left
danielhas joined
blipphas left
blipphas joined
brahas left
Valerianhas left
Valerianhas joined
danielhas left
danielhas joined
brahas joined
danielhas left
danielhas joined
Valerianhas left
danielhas left
danielhas joined
Alexhas left
danielhas left
danielhas joined
mimi89999has left
holgerhas joined
holgerhas left
holgerhas joined
holgerhas left
holgerhas joined
holgerhas left
Lancehas left
Steve Killehas left
Steve Killehas left
Sonnyhas left
Sonnyhas joined
Steve Killehas joined
brahas left
brahas joined
brahas left
brahas joined
brahas left
brahas joined
brahas left
brahas joined
danielhas left
danielhas joined
danielhas left
danielhas joined
SamWhitedhas left
danielhas left
danielhas joined
Sonnyhas left
Sonnyhas joined
archas left
archas joined
Sonnyhas left
Sonnyhas joined
brahas left
Steve Killehas left
manchohas left
danielhas left
Sonnyhas left
Sonnyhas joined
danielhas joined
Valerianhas joined
danielhas left
danielhas joined
brahas joined
Valerianhas left
Valerianhas joined
Guushas left
Guushas joined
daurnimatorhas left
danielhas left
brahas left
brahas joined
danielhas joined
intosihas left
danielhas left
danielhas joined
Guushas left
Guushas joined
Guushas left
Sonnyhas left
Sonnyhas joined
Guushas joined
danielhas left
danielhas joined
Sonnyhas left
Sonnyhas joined
jubalhhas joined
intosihas joined
manchohas left
Flowhas joined
danielhas left
danielhas joined
Guushas left
Guushas joined
jubalhhas left
Guushas left
Guushas joined
bearhas joined
pep.has left
Flowhas left
intosihas left
liebrehas joined
liebrehas left
Valerianhas left
intosihas joined
Alexhas left
lonerzhas joined
archas left
archas joined
Alexhas joined
Flowhas joined
Flowhas left
dwdhas left
Ge0rGhas left
lonerzhas left
Alexhas left
Ge0rGhas left
Alexhas joined
jubalhhas joined
jubalhhas left
intosihas left
jubalhhas joined
Guushas left
Guushas joined
waqashas left
waqashas joined
SamWhitedhas left
intosihas joined
SamWhitedhas left
SamWhitedhas joined
SamWhitedhas left
SamWhitedhas joined
Tobiasi don't get the value of default ports if you have a requirement for SRV lookup anyway
pep.has left
jubalhhas joined
intosihas left
Flowhas joined
MattJI don't get the value of ports if you tunnel everything over 443
intosihas joined
TobiasI don't get the value of firewalls, if you move all applications to a single port
manchohas left
TobiasMattJ, was more refering to standards ML discussion about new direct TLS only ports for C2S and S2S xmpp
SamWhitedhas left
SamWhitedhas joined
goffihas left
blipphas left
blipphas joined
moparisthebesthas joined
intosihas left
Ge0rGthe bike shedding debate about whether real tls is more securer than start tls?
Ge0rGwe all know that startssl is insecure since it was bought by China
intosihas joined
Flowhas joined
moparisthebestTobias: yea I don't think default ports are useful there either
Ge0rGjust default to 443!
jerehas joined
intosihas left
danielhas left
danielhas joined
Alexhas left
danielhas left
danielhas joined
moparisthebestThere you go Ge0rG ! :-) you are getting it now