'Twas brillig, and Zbigniew Jędrzejewski-Szmek at 16/01/13 20:55 did
gyre and gimble:
> On Wed, Jan 16, 2013 at 09:33:22PM +0100, Holger Winkelmann wrote:
>> Can't speak from person experience, but my team has worked with the libevent
>> and
>> libev libraries which contain http libraries as well.
On Fri, Jan 11, 2013 at 10:08:54AM +1000, David Strauss wrote:
> On Thu, Jan 10, 2013 at 10:54 PM, Zbigniew Jędrzejewski-Szmek
> wrote:
> > Can you say how things would work in your scheme?
>
> The scheme we use at Pantheon is that plus mapping the CN to "user"
> and OU to "group." Then, we typic
On Thu, Jan 17, 2013 at 12:36 AM, Lennart Poettering
wrote:
> we already link against gcrypt via the FSS stuff, and indirectly via
> libcryptsetup. gnutls is the natural next step of that i guess.
IIRC, current GnuTLS versions now use Nettle as the crypto library.
The gcrypt backend was removed a
On Wed, 16.01.13 21:57, Zbigniew Jędrzejewski-Szmek ([email protected]) wrote:
> On Wed, Jan 16, 2013 at 09:18:22PM +0100, Holger Winkelmann wrote:
> > Thanks for the feedback. In our design we also think about some remote
> > journal
> > logging but want to transport the messages via some form o
On Wed, 16.01.13 21:07, Zbigniew Jędrzejewski-Szmek ([email protected]) wrote:
> > > search for "openvas gnutls" and "openvas libmicrohttpd"
> > > and you become an overview of the quality of both libraries
> > Er had Some relative Good Results with PolarSSL and lately the fork
> > tropicSSL
> >
On Jan 16, 2013, at 9:55 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> On Wed, Jan 16, 2013 at 09:33:22PM +0100, Holger Winkelmann wrote:
>> Can't speak from person experience, but my team has worked with the libevent
>> and
>> libev libraries which contain http libraries as well.
> IIUC, libev use
On Jan 16, 2013, at 9:57 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> On Wed, Jan 16, 2013 at 09:18:22PM +0100, Holger Winkelmann wrote:
>> Thanks for the feedback. In our design we also think about some remote
>> journal
>> logging but want to transport the messages via some form of message proto
On Wed, Jan 16, 2013 at 12:55 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> libmicrohttpd at least
> abstracts this to the point where I only have to provide a callback
> to consume buffers with data.
It also supports combination event loops with thread pools. I doubt
the journal gateway needs to scal
On Wed, Jan 16, 2013 at 09:18:22PM +0100, Holger Winkelmann wrote:
> Thanks for the feedback. In our design we also think about some remote journal
> logging but want to transport the messages via some form of message protocol.
>
> On the final receiving host we could present the logs via http(s)
On Wed, Jan 16, 2013 at 09:33:22PM +0100, Holger Winkelmann wrote:
> Can't speak from person experience, but my team has worked with the libevent
> and
> libev libraries which contain http libraries as well.
IIUC, libev uses libevent code for HTTP through a compatibility
layer. libevent has only v
Can't speak from person experience, but my team has worked with the libevent and
libev libraries which contain http libraries as well. libevent http library is
linked
to openssl.
just my 2ct...
On Jan 16, 2013, at 9:18 PM, David Strauss wrote:
> On Wed, Jan 16, 2013 at 12:07 PM, Zbigniew Jędr
Thanks for the feedback. In our design we also think about some remote journal
logging but want to transport the messages via some form of message protocol.
On the final receiving host we could present the logs via http(s)
Holger
On Jan 16, 2013, at 9:07 PM, Zbigniew Jędrzejewski-Szmek
wrote:
On Wed, Jan 16, 2013 at 12:07 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> I would be happy to replace it with something different.
Any recommendations? I've built a few projects with libmicrohttpd. I
don't find the library intuitive, but many of the reasons behind
design decisions have become clear
On Wed, Jan 16, 2013 at 07:11:31PM +0100, Holger Winkelmann wrote:
> Holger Winkelmann
> Travelping GmbH
> +49-171-5594745
>
> ### Sent from a mobile device. Sorry for brevity and typos... ###
>
> On 16.01.2013, at 18:54, Reindl Harald wrote:
>
> >
> >
> > Am 16.01.2013 18:12, schrieb Lennart
Er had Some relative Good Results with PolarSSL and lately the fork tropicSSL
I was Not following the full discussion here, any reasons against classic
openSSL apart from size of the library
Holger
--
Holger Winkelmann
Travelping GmbH
+49-171-5594745
### Sent from a mobile device. Sorry for
Am 16.01.2013 18:12, schrieb Lennart Poettering:
> Sounds good!
>
> gntils is a pretty awful library, but the others aren't better, and it
> appears to be the right choice here.
search for "openvas gnutls" and "openvas libmicrohttpd"
and you become an overview of the quality of both libraries
On Wed, 09.01.13 17:09, Zbigniew Jędrzejewski-Szmek ([email protected]) wrote:
> Hi,
>
> I'm still working on my journal-logging-over-the-network daemon
> (systemd-journal-remote), and in the process I've created some pathes
> to systemd-journal-gatewayd:
>
> http://kawka.in.waw.pl/git/systemd
On Thu, Jan 10, 2013 at 10:54 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> Can you say how things would work in your scheme?
The scheme we use at Pantheon is that plus mapping the CN to "user"
and OU to "group." Then, we typically manage a grant list based on
groups but with a logging trail that reco
On Thu, Jan 10, 2013 at 09:59:59AM +0200, Oleksii Shevchuk wrote:
> > But for the normal
> > use case, where you just want to browse messages from one computer
> > and another computer under your control
>
> In this situation CA shouldn't be used. SSH-like scheme (without third-party)
> is
> ok f
> But for the normal
> use case, where you just want to browse messages from one computer
> and another computer under your control
In this situation CA shouldn't be used. SSH-like scheme (without third-party) is
ok for this usecase. Or maybe SASL authentication + TLS/brokenPKI combo
should be use
On Wed, Jan 09, 2013 at 09:43:54PM +0200, Oleksii Shevchuk wrote:
> > - systemd-journal-gatewayd --trust ca.cert
> > will cause the daemon to require clients to present a client
> > certificate signed by this authority.
>
> Subject/CN whitelist and/or CRL/OCSP/etc should be used for this use-c
> - systemd-journal-gatewayd --trust ca.cert
> will cause the daemon to require clients to present a client
> certificate signed by this authority.
Subject/CN whitelist and/or CRL/OCSP/etc should be used for this use-case.
// wbr Alex
___
systemd-de
Hi,
I'm still working on my journal-logging-over-the-network daemon
(systemd-journal-remote), and in the process I've created some pathes
to systemd-journal-gatewayd:
http://kawka.in.waw.pl/git/systemd/shortlog/refs/heads/gatewayd-ssl (4982b67)
I'll not post them here in order to reduce amount
23 matches
Mail list logo
