Login
Username:

Password:

Remember me



Lost Password?

Register now!

Sections

Who's Online
42 user(s) are online (30 user(s) are browsing Forums)

Members: 0
Guests: 42

more...

Headlines

Forum Index


Board index » All Posts (Futaura)




Re: IBrowse 2.5.7 crashes on startup
Just popping in
Just popping in


@eliyahu

Quote:
eliyahu wrote:

Looks like the 'hotfix' released earlier this morning addressed this. At least it doesn't crash any more. I wonder what the root cause of this was....

My stupidity? . The history log entry in question is "Fixed major bug in the updated lock relative i/o code".

Basically, I changed this code to directly support the new vector port filesystems. At the same time, I made some optimisations to the old code and changed a memcpy to a CopyMem without changing the argument order - ooops! The first crash would happen when trying to load the download log, with CopyMem writing to read-only memory.

Since I recently upgraded my A1XE with a SSD, with most partitions using NGFS, my system was not affected, so I didn't notice. Those using FFS2 or SFS would get the crash. It also didn't crash on my A1200, but the bug was there too and caused things to not function correctly (crashing is better to be honest!).

IBrowse, AmiSSL and Warp Datatype Developer
Go to top


Re: Updater tool: latest releases and updates
Just popping in
Just popping in


@broadblues

Quote:
broadblues wrote:@Futaura

Quote:

It appears to be using libcurl too - the latest libcurl has built-in AmiSSL v5 support, but you may not even need to use libcurl at all either. OpenSSL 3.0 has its own simple built-in HTTP(S) client.


Two bbits of useful info thanks. Does the inbuilt https support cookies etc??

Not directly - as you might expect with OpenSSL, things are a bit more low-level than Curl. However, you are free to add any outgoing HTTP headers as you wish, which includes adding a cookie header. See https://github.com/jens-maus/amissl/blob/master/test/httpget.c for a general example.

Retrieving a "Set-Cookie" header from the response might be more problematic. I've not played to see how or if this is possible, but it seems not. I've opened a feature request at https://github.com/openssl/openssl/issues/19609.


Edited by Futaura on 2022/11/5 18:02:19
IBrowse, AmiSSL and Warp Datatype Developer
Go to top


Re: Updater tool: latest releases and updates
Just popping in
Just popping in


@amigakit

Quote:
amigakit wrote:Today the following public releases have been made available to download on Updater utility:

AmiSSL v5.5

To download goto the Packages tab

May I ask why AmiSphereServer (and therefore Updater) doesn't itself use AmiSSL and instead uses an outdated, obsolete, statically linked OpenSSL 1.0.2o? It should be easy to make the switch and it'll make AmiSphereServer much smaller too! Please support AmiSSL, rather than waste time messing with OpenSSL directly.

As the OpenSSL team itself says: "All older versions (including 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of support and should not be used."

It appears to be using libcurl too - the latest libcurl has built-in AmiSSL v5 support, but you may not even need to use libcurl at all either. OpenSSL 3.0 has its own simple built-in HTTP(S) client.


Edited by Futaura on 2022/11/3 17:28:25
Go to top


Re: Updater tool: latest releases and updates
Just popping in
Just popping in


Quote:
redfox wrote:@walkero

Thanks for the security alert regarding OpenSSL ...

I have rolled back to AmiSSL 5.3 and will await a future update.

AmiSSL 5.5 is now available - be sure to always use AmiUpdate to grab the latest release. I'm still a bit confused why they pulled OpenSSL 3.0.6. The regression issues were relatively minor, especially when compared to the high severity buffer overflow bugs which are also fixed in 3.0.7 and were present in all OpenSSL 3.0 versions (and therefore all AmiSSL v5 releases).

Go to top


Re: New verson of CLiB2 from Andrea (afxgroup)
Just popping in
Just popping in


@afxgroup

IIRC, the whole reason clib2 and clib2-ts co-existed in the first place was so that single threaded applications did not have all the extra overhead (both in terms of speed and size) imposed on them unnecessarily.

Go to top


Re: New verson of CLiB2 from Andrea (afxgroup)
Just popping in
Just popping in


@trgswe

This would require the compiler suites to be changed. IMHO, it makes more sense to keep the original clib2 and name this new one clib2-ts instead, replacing the old clib2-ts which probably not many people use or have installed. The bonus being that the compilers (even going back to GCC 4), support -mcrt=clib2-ts already. That said, there may be an issue in that clib2 and clib2-ts share the same headers (but have different link libs).

Go to top


Re: New verson of CLiB2 from Andrea (afxgroup)
Just popping in
Just popping in


@afxgroup

Having looked into this more closely, it appears GCC itself sets __CLIB2__, __THREAD_SAFE and __NEWLIB__, before any include files.

#if defined(__NEWLIB__)
#error crt=newlib
#elif defined(__CLIB2__) && defined(__THREAD_SAFE)
#error crt=clib2-ts
#elif defined(__CLIB2__)
#error crt=clib2
#else
#error unknown
#endif

With this in mind, would it not make more sense for your clib2 libs to belong in SDK:clib2/lib.threadsafe opposed to SDK:clib2/lib? And then -mcrt=clib-ts would be used to use your library and that also means __THREAD_SAFE will be defined by the compiler. I've checked and -mcrt=clib2-ts still works and links fine with GCC 11. I mean your library is technically replacement for the old clib2-ts (I still have it installed!), not clib2, IYSWIM.

Go to top


Re: New verson of CLiB2 from Andrea (afxgroup)
Just popping in
Just popping in


@afxgroup

But, how can code conditionally detect that your clib2 is in use and not the original? For example:

#if defined(__NEWLIB__) || defined(__THREAD SAFE)
// Newlib or clib-ts
#define MALLOC_IS_THREADSAFE
#emdof

Is there some other preprocessor symbol that can be checked?

I wouldn't worry if it was for my own code as I know what I'm using, but it is for open source code that needs to be compilable on multiple configurations.

Go to top


Re: New verson of CLiB2 from Andrea (afxgroup)
Just popping in
Just popping in


With the original clib2, it is possible for user code to check if it is thread safe using the __THREAD_SAFE preprocessor symbol. This is/was set only when using -mcrt=clib2-ts (causes libs to be used from SDK:clib2/lib.threadsafe) and not -mcrt=clib2. Does this check still work with this replacement clib2, which I understand is thread safe by default? If not, how can it be detected at compile-time?

The context to this question is that I am doing some work on adding proper OS4 support to libcurl and it really needs to detect whether clib2 is thread safe or not, in order to allow the threaded resolver to be enabled (which needs a thread safe malloc/calloc/free).

IBrowse, AmiSSL and Warp Datatype Developer
Go to top


Re: Ibrowse
Just popping in
Just popping in


@devils_advisor

It is a solution, but not the best solution . What do you have the "Max. number of connections" set to in the network preferences? This also affects the number of sockets cached for persistent connections.

You can use "shownetstatus tcpsockets" in a shell to show the currently allocated sockets. It smells like a bug in the network card driver to me, which could be falling over if there are too many connections. It could be a bug in IBrowse, but I don't see it on my A1200 with PCMCIA network card + Miami, or on my A1XE with onboard networking.

Go to top


Re: Ibrowse
Just popping in
Just popping in


@devils_advisor

Under the network settings, in IBrowse, try switching "Persistent connections" off. That would be the one thing I would think could cause a problem, although if it does, it is possibly a bug in the network driver.

It works fine on my A1XE. I saw a similar report of this elsewhere - will try to find it, to remember what the resolution was .

Go to top


Re: AK DataType vs. WarpDT
Just popping in
Just popping in


@ktadd

The one that will get used for reading is defined by which BMP descriptor you have installed in DEVS:Datatypes. "AddDatatypes LIST" will show you which are active.

Go to top


Re: AmiSSL usage (compliling) question
Just popping in
Just popping in


It is impossible to support stdio OpenSSL functions in AmiSSL. However, try using the BIO versions of the functions instead, which will work fine. See test/https.c for an example of how to use ERR_print_errors().

Don't link with -lssl and -lcrypto. Just use -lamisslauto or -lamisslauto_newlib if you are not manually opening AmiSSL.

The stack/safestack stuff has always been a bit of headache - fortunately, this has been reworked a lot for OpenSSL 3.0 (now uses macros instead of inline functions). Did you get it working? You shouldn't need to create stubs for those functions - just make sure to compile with -D__USE_INLINE__ and it should be ok.

Go to top


Re: AK DataType vs. WarpDT
Just popping in
Just popping in


@tomsoniq

Datatype classes do not need to specifically support DTST_MEMORY. Datatypes.library itself handles DTST_MEMORY, creating a pseudo file handler, so that classes still see a normal file handle. As far as classes are concerned, they're reading from a file, yet in the case of DTST_MEMORY, datatypes.library feeds the file handle with the memory buffer instead.

Go to top


Re: AK DataType vs. WarpDT
Just popping in
Just popping in


@broadblues

Good to hear much work has gone into improving the AK datatypes. The AK name is something of a double-edged sword really. In one sense, those datatypes were popular and well known in the 1990s (helped because there were no other alternatives for some years), but I'm sure people will remember the many updates that fixed some bug, only to break something else entirely. The basic coding bugs that you mention are precisely why some classed the old AK datatypes as unstable. They were never really mature in that sense. So, I guess it's 50/50 whether it would have been wiser to drop the name and rebrand them, particularly as it sounds like the new ones bear little resemblance to the original versions, in a good way.

I agree it was never wise to version chase libpng, libtiff, libjpeg, etc, as it's hard to pick a stable version sometimes, as those come with their own bugs too. However, in the last couple of years, development of libjpeg, libpng and zlib has stagnated. Particularly with libpng, some of those more recently involved have been making pointless changes, such as changing types, formatting comments, etc, which do not affect functionality at all.

In contrast to the old AK datatypes, I'd argue that the WarpDTs are far more muture, having of course been in constant development and refinement over the last 20+ years and are no less modern than the new AK datatypes. Not saying they are perfect, but I hope closer to perfection than they were at the beginning .

Go to top


Re: A question about AmiSSL:openssl.cnf or rather lack thereof
Just popping in
Just popping in


The CA.pl helper script would possibly have been useful here too. AmiSSL 4.9 will come with that too, as well as openssl.cnf.

IBrowse, AmiSSL and Warp Datatype Developer
Go to top


Re: A question about AmiSSL:openssl.cnf or rather lack thereof
Just popping in
Just popping in


Just discovered I had put a vanilla copy of openssl.cnf in AmiSSL: on my install 14 months ago and completely forgotten about it since then! :)

Since that didn't interfere with IBrowse, or seemingly anything else, since then, I'll add a modified openssl.cnf to the AmiSSL installation.

Go to top


Re: A question about AmiSSL:openssl.cnf or rather lack thereof
Just popping in
Just popping in


@broadblues

Ah, ok - perhaps I should include it with the next release then. Obviously, only if it doesn't already exist. Just need to check if it interferes with Amiga apps.

What was the OpenSSL command line that you used to create the cert and key?


Edited by Futaura on 2021/3/31 8:41:51
Go to top


Re: AK DataType vs. WarpDT
Just popping in
Just popping in


Just to clear a few things up:

1. WarpDTPrefs comes in OS3, OS4 and MorphOS native versions, albeit only since May 2020 (it was 68K only before then).

2. The WarpDTs have never supported DTM_WRITE - I've always felt the datatype system doesn't lend itself well to saving, partly due to lack of control over encoding options.

3. The OS4 datatypes were originally written by me, but I don't tend to get involved with them much anymore (only to fix bugs that were my fault), for various reasons. DTM_WRITE support was added more recently by another developer. I got a bit sick of other developers slowing my code down and breaking stuff.

4. The stability issues mentioned probably are in reference to the ancient original AK datatypes, which were indeed a bit flakey (especially akTIFF), even if they were "mature". I would hope the new ones are more stable and complete than those.

If you care about DTM_WRITE, either stick with the datatypes supplied with OS4 or try the AK datatypes. Otherwise, you are probably better off with the WarpDTs if you have already purchased them - they outperform the OS4 supplied datatypes for reading images.

Go to top


Re: A question about AmiSSL:openssl.cnf or rather lack thereof
Just popping in
Just popping in


@broadblues

No, we've never included one - users are free to create their own, but generally Amiga applications provide their own configuration, so it perhaps is not necessary in most cases.

There is a sample at https://github.com/jens-maus/amissl/bl ... /openssl/apps/openssl.cnf if it is any use. To be honest though, I've never really tried messing with those config files.

Go to top



TopTop
(1) 2 3 4 5 »




Powered by XOOPS 2.0 © 2001-2016 The XOOPS Project