[racket-dev] ECDHE patch for Racket's OpenSSL bindings.
I've committed your patch and the changes I suggested earlier, plus docs
and tests. Thanks for the patch, and for the reminder!
Ryan
On 04/11/2014 09:30 PM, Edward Lee wrote:
> Thanks. I will not have time until Monday; if you can wait
> until then, I will have an updated patch then.
>
> --Edward
>
> On Fri, Apr 11, 2014 at 06:44:17PM -0400, Ryan Culpepper wrote:
>> IIRC, most of the code in openssl/mzssl.rkt predates
>> ffi/unsafe/alloc. So yes, BIO_new etc should use (allocator _) etc,
>> and that would simplify some of the code that currently uses the
>> local with-failure macro to do deallocation. But no need to fix that
>> in this patch.
>>
>> Some comments on the patch:
>>
>> - Regarding curves/c, the curve NID_* definitions, and symbol->nid:
>> There's some redundancy here that could be eliminated with the
>> following pattern:
>>
>> (define curve-nid-alist
>> '((sect163k1 . 721)
>> ....))
>>
>> (define curve/c (apply or/c (map car curve-nid-alist)))
>>
>> (define (curve->nid sym)
>> (cond [(assq sym curve-nid-alist)
>> => cdr]
>> [else (error ....)]))
>>
>> That eliminates the problem of keeping the enumeration of curves in
>> sync in three places.
>>
>> - SSL_CTRL_SET_ECDH_AUTO is unused; it should be removed.
>>
>> - There's a missing "!" in some of the symbols passed to error in
>> ssl-server-context-enable-dhe!.
>>
>> If you send a new version of the patch I'll commit that; otherwise I
>> can make the changes above myself when I get a chance.
>>
>> Ryan
>>
>>
>> On 04/11/2014 01:46 PM, Edward Lee wrote:
>>> Thanks for catching the typo. I don't have a good answer to your second
>>> question; I really don't know if they should.
>>>
>>> --Edward
>>>
>>> On Thu, Apr 10, 2014 at 02:54:36PM -0400, Stephen Chang wrote:
>>>> Ok thanks. Sorry, I think one more is missing from curve/c (sect283r1)?
>>>>
>>>> Another question: Should BIO_new_mem_buf have an additional "#:wrap
>>>> (allocator BIO_free)" argument, similar to other allocating functions?
>>>>
>>>> More generally, should BIO_new and BIO_free have #:wrap arguments like
>>>> the other allocating/deallocating functions?
>>>>
>>>> On Thu, Apr 10, 2014 at 2:11 PM, Edward Lee <e45lee at uwaterloo.ca> wrote:
>>>>> Those are accidental omissions; I've attached a patch that should fix
>>>>> the contract and symbol->nid.
>>>>>
>>>>> --Edward
>>>>>
>>>>> On Thu, Apr 10, 2014 at 01:39:13AM -0400, Stephen Chang wrote:
>>>>>> I checked out the patch and have a few questions. (I'm a non-expert.)
>>>>>>
>>>>>> How come some curves are omitted from the curve/c contract (eg
>>>>>> sect163k1 and sect193r2)?
>>>>>>
>>>>>> Is there also a curve missing from symbol->nid (eg sect571r1)?
>>>>>>
>>>>>>
>>>>>> On Wed, Apr 9, 2014 at 7:52 PM, Neil Van Dyke <neil at neilvandyke.org> wrote:
>>>>>>> Edward, your patch sounds OK to me, FWIW.
>>>>>>>
>>>>>>> Neil V.
>>>>>>>
>>>>>>>
>>>>>>> _________________________
>>>>>>> Racket Developers list:
>>>>>>> http://lists.racket-lang.org/dev
>>>>>>>
>>>>>>>
>>>>>>> _________________________
>>>>>>> Racket Developers list:
>>>>>>> http://lists.racket-lang.org/dev