Our great sponsors
libevent | OpenSSL | |
---|---|---|
12 | 149 | |
10,708 | 24,090 | |
1.3% | 1.3% | |
8.7 | 9.9 | |
2 days ago | 7 days ago | |
C | C | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
libevent
- Epoll: The API that powers the modern internet (2022)
-
Help running crystal on remote server
However, you should be able to use a different version of the library that is compatible with your system. Maybe you can install the development package for `libevent` via the system package manager? That should assure a working state. Otherwise you should be able to download a compatible version from https://libevent.org/ (either binary or source and build it yourself).
- Concurrency Model in JavaScript Runtime Environments
-
Understand the underlying Javascript - event loop
They're different. Node uses libuv while chromium uses libevent. You're also seeing different APIs for working with the event loop like nextTick() in Node that doesn't exist in browsers.
- Libevent - Event notification library
-
Tmux install script I made to install the latest stable version
Unknown OS, continue trying to install? Menu? Develope this area! Querying Versions on https://libevent.org... Please be patient.
- Looking for low footprint c++ library to build a REST client
- Io_uring is not an event system
-
Packaging your Crystal app into a Flatpak
app-id: dev.geopjr.Hashbrown runtime: org.gnome.Platform runtime-version: "3.38" sdk: org.gnome.Sdk command: hashbrown finish-args: - --socket=wayland - --socket=fallback-x11 - --share=ipc cleanup: - /include - /lib/pkgconfig - /share/doc - /share/man - "*.a" - "*.la" modules: - name: libevent sources: - type: git url: https://github.com/libevent/libevent.git tag: release-2.1.12-stable - name: hashbrown buildsystem: simple build-commands: - $(pwd)/crystal/bin/crystal build ./src/hashbrown.cr --no-debug --release - install -D -m 0755 hashbrown /app/bin/hashbrown - install -D -m 0644 extra/Hashbrown.desktop /app/share/applications/dev.geopjr.Hashbrown.desktop - install -D -m 0644 extra/icons/logo.svg /app/share/icons/hicolor/scalable/apps/dev.geopjr.Hashbrown.svg - install -D -m 0644 extra/icons/symbolic.svg /app/share/icons/hicolor/symbolic/apps/dev.geopjr.Hashbrown-symbolic.svg post-install: - install -D -m 0644 extra/dev.geopjr.Hashbrown.metainfo.xml /app/share/metainfo/dev.geopjr.Hashbrown.metainfo.xml sources: - type: git url: https://github.com/GeopJr/Hashbrown.git tag: v1.2.0 commit: 02ecf5cc5aacc32fc484fd9e348d2b1220168295 - type: archive dest: crystal/ url: https://github.com/crystal-lang/crystal/releases/download/1.0.0/crystal-1.0.0-1-linux-x86_64.tar.gz sha256: 00211ca77758e99210ec40b8c5517b086d2ff9909e089400f6d847a95e5689a4 - type: git url: https://github.com/jhass/crystal-gobject.git commit: 6468c57f8aa54b71c766d27b1e59e87a09ee8552 dest: lib/gobject - type: git url: https://github.com/elorest/compiled_license.git tag: v0.1.3 commit: f287c2c8c95579688fa5620df954d8cc1272cbbf dest: lib/compiled_license
OpenSSL
-
Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
Today, April 7th, 2024, marks the 10-year anniversary since CVE-2014-0160 was published. This security vulnerability known as "Heartbleed" was a flaw in the OpenSSL cryptography software, the most popular option to implement Transport Layer Security (TLS). In more layman's terms, if you type https:// in your browser address bar, chances are high that you are interacting with OpenSSL.
-
Ask HN: How does the xz backdoor replace RSA_public_decrypt?
At this point I pretty much understand the entire process on how the xz backdoor came to be: its execution stages, extraction from binary "test" files etc. But one thing puzzles me: how can the ifunc mechanism be used to replace something like RSA_public_decrypt? Granted this probably stems from my lack of understanding of ifunc, but I was under the impression that in order for the ifunc mechanism to work in your code, you have to explicitly mark specific function with multiple implementations with __attribute__ ((ifunc ("the_resolver_function"))). Looking at the source code of the RSA function in question, ifunc attribute isn't present:
https://github.com/openssl/openssl/blob/master/crypto/rsa/rsa_crpt.c#L51
So how does the backdoor actually replace the call? Does this means that the ifunc mechanism can be used to override pretty much anything on the system?
-
Use of HTTPS Resource Records
OpenSSL and Go crypt/tls has no support yet, so none of the webservers that depend on them support it. Apache, Nginx, and Caddy, they all need upstream ECH support first.
- https://github.com/openssl/openssl/issues/7482
- openssl-3.2.0 released
- Large performance degradation in OpenSSL 3
- OpenSSL 3.2 Alpha 2
-
Encrypted Client Hello – the last puzzle piece to privacy
If I'm understanding the draft correctly, I think the webserver you're hosting your sites on would need it implemented as it requires private keys and ECH configuration. In the example of nginx since it uses openssl, openssl would need to implement it. I found an issue on their Github but it's still open: https://github.com/openssl/openssl/issues/7482
- eBPF Practical Tutorial: Capturing SSL/TLS Plain Text Data Using uprobe
-
OpenSSL Versions... whats the plan here
I confirmed that the systm was on 1.1.1f with openssl version command. Hmm...... I check the openssl version in the repo with apt list... LOL package names wernt helpful. finally went to the repo pages and found that its still on 1.1.1f, https://launchpad.net/ubuntu/+source/openssl. Meenwhile I looked up the version history on https://www.openssl.org/ and saw that 1.1.1v was released at the beginning of this month... ok. I can understand it it was out less then 30 days. I looked up when f came out, end of MARCH 2020. NEARLY 3-1/2 YEARS
- I am looking for a troubled/bad open source codebase
What are some alternatives?
libuv - Cross-platform asynchronous I/O
GnuTLS - GnuTLS
Boost.Asio - Asio C++ Library
Crypto++ - free C++ class library of cryptographic schemes
libev - Full-featured high-performance event loop loosely modelled after libevent
mbedTLS - An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months between releases.
liburing
libsodium - A modern, portable, easy to use crypto library.
C++ Actor Framework - An Open Source Implementation of the Actor Model in C++
LibreSSL - LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to [email protected] are welcome.
uvw - Header-only, event based, tiny and easy to use libuv wrapper in modern C++ - now available as also shared/static library!
cfssl - CFSSL: Cloudflare's PKI and TLS toolkit