💾 Archived View for bbs.geminispace.org › u › norayr › 15720 captured on 2024-06-16 at 17:42:47. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-26)
-=-=-=-=-=-=-
Re: "Examples of handling TOFU and client certificates with..."
you can find the oberon code there that uses the /etc/ssl/ca-certificates bundle or it can just present root certificate of letsencrypt if the server certificate is issued by letsencrypt. this way the memory footprint is much less.
i think i stumbled upon memory bug in recent versions of mbedtls and i was using older versions from other branch, i think something like 2.16 didn't have memory problems i encountered with newer versions.
my c test program was crashing and i tried moving a global variable in to a function and got the program killed by shack protector. so it looked to me that newer versions have memory bug, so normal for c project.
i also want to implement gemini protocol one day in oberon.
Mar 23 · 3 months ago
Examples of handling TOFU and client certificates with mbedTLS (in C)? — As a rite of passage I've decided to make a Gemini client in C, and as I'm new to SSL/networking, I have no idea how to handle TOFU or client certificates with mbedTLS. Has anyone else specifically made a gemini client with it? Or would you recommend that I try to figure out another SSL library? I avoided OpenSSL because the documentation seemed incomprehensible, but mbedTLS' documentation isn't much better. As an aside, I...