AROS World Exec
Development => Development (General) => Topic started by: paolone on April 12, 2019, 02:01:37 AM
-
Hello. I remember having brought this topic to your attention a couple of year ago on the 'old' aros-exec, unluckily it's gone so I can't recover how it finished. IIRC, one of the main opposition was the fact that we could embed SSL/TSL encryption directly in applications using a static library while applications actually using the shared AmiSSL library were not so many.
Well, just a week ago Andreas Falkenhahn released hURL (http://os4depot.net/?function=showfile&file=library/hollywood/hwp_hurl.lha) for Hollywood and, as you can see, there are version for any damn operating system out there (from ancient OS3 to Android, including Windows, MacOS, Linux and ALL other Amiganoid systems) EXCEPT AROS. And, guess what? The motivation is only one: we miss AmiSSL. I think hURL would be good to have, since it helps making networking applications with Hollywood, apps that won't be available on AROS since we miss the crucial hwp used by them.
Moreover, there are many Amiga applications using AmiSSL, like Netsurf, Charon, the latest versions of the cloud drivers (which are not available to AROS), YAM, SimpleMail and others. Pleaser consider this a plea: bring AmiSSL to AROS, if you can.
AmiSSL
https://github.com/jens-maus/amissl
-
but it's so hard to do I'm damn porting
hi
-
I can try to contact someone, we'll see
-
Nick doesnt want amissl because he considers the way this is maintained too orthodox and not efficient so to ssy, if i get him right..
We already have current openssl in contribs. All we probably need is to make a shared lib with amissl compatible interface instead of static one.
-
the problem with what I understand is that amissl is the standard for amiga software
-
because hollywood coders complain afair, i understand. whether its standard or not we wont gather developers if we dont encourage less invasive approach..
(edited to be a bit more undestandable since it was posted from mobile phone originaly)
-
nt
-
I understand your point of view, but maybe you could integrate applications that use amissl and those that don't use it
-
im not sure if i understand. the logical step, perhaps, as i wrote, would be to write an interface for openssl or rather adopt amissl interface as much as it is possible. someone needs to do that, simply.
-
i understand
hi
-
I want to co-sign on that. We need AmiSSL for AROS! Please would someone look into and port it?
It's not only Hollywood using it, it looks like pascal will use it as well in the future.
https://blog.alb42.de/2019/05/02/secure-transport-with-amissl/ (https://blog.alb42.de/2019/05/02/secure-transport-with-amissl/)
-
Hi jacko,
It's not so much that Pascal needs amissl but in more general prefers shared libraries (or actually i do). Whether that be a amissl wrapper around openssl or a shared openssl library does not matter much (unless relying on consistency amongst (amiga-like) platforms).
Yes, Pascal can statically link as well... that is a bit similar like taking a shite through a straw. And especially with things like ssl libs (:sarcasm: which are static as hell and not ever change) this is so much fun to do every 2-3 months they fix another leak/bug.
As always the coin has two sides: All nice to be able to safely connect to the interwebs... but AROS/Amiga architecture is as unsafe as can be :)
Oh, and the shite analogy is not because Pascal lacks or anything (which is the normal (first) reaction we get) but is rather because the intrusive entanglement of (static) libraries with the OS api. That works relatively easy for every other OS out there... Aros not being one of them. Reason: lack of proper documentation of how things actually work or are required/suppose to work. Even with the help of an experienced Aros developer it took several weeks/months to finally be able to get things going... to discover the solution only works for a specifc target.
Ah well.... it's open source so we can read how it is suppose to work....
It is basically the same story over and over again *sigh*
Sincerely,
Ron.
-
Try to load anything from network, nearly every webpage or service needs some kind of ssl support
-
@jacko:
What makes you think AROS does not have any form of SSL ? There you go https://www.flickr.com/photos/fce2/2036697949
Having a shared library makes it easier for software developers to add support for it in their software and having a mean to upgrade without the need for a recompile.
Although i agree with your statement that websites and services hardly work anymore without, it is just another victory for the false sense of security maffia. Even when you got the latest security fixes it is still a system based on trust (a system that can't be trusted to begin with if only because of its objective). Ah, but i am just an ignorant conspiracy theorist ;)
-
@jacko:
What makes you think AROS does not have any form of SSL ? There you go https://www.flickr.com/photos/fce2/2036697949
Having a shared library makes it easier for software developers to add support for it in their software and having a mean to upgrade without the need for a recompile.
Although i agree with your statement that websites and services hardly work anymore without, it is just another victory for the false sense of security maffia. Even when you got the latest security fixes it is still a system based on trust (a system that can't be trusted to begin with if only because of its objective). Ah, but i am just an ignorant conspiracy theorist ;)
Their main weapon is to discredit, or simply laugh at "the dissidents" which point out their lies of the official arguments.
-
Although i agree with your statement that websites and services hardly work anymore without, it is just another victory for the false sense of security maffia. Even when you got the latest security fixes it is still a system based on trust (a system that can't be trusted to begin with if only because of its objective). Ah, but i am just an ignorant conspiracy theorist ;)
Sure you still need to have to trust to the site you visit but the point of SSL/TLS is that not third party can listen in on the communication you have with a site.
-
Sorry if I don't follow so happily discussions and conspirancy teories about security by encryption, however can at least we all agree on these points?
a) compiling and updating a single shared library would be easier and quicker than doing the same for many applications
b) there are already programs not ported to AROS due to lack of AROS AmiSSL
They are both true, unluckily.
-
I ended up using SimpleMail on OS3 because both AROS YAM and SimpleMail require AmiSSl.
Nathan
-
email.it to be able no ssl connection