In case anyone's still interested, I've got the latest round of Win32 patches up: http://dillo-win32.sourceforge.net/dillo/patches.php It's still based on dillo2, but since most of the patches are "behind the scenes" (network code, etc.), they should work fine with dillo3. (I'm planning to switch over eventually.) Apart from the portability code, most of it isn't even Windows-specific; I've personally been using it quite a bit lately on OpenBSD. Some highlights: - Cleaned up sockets portability layer (dsock) - Transparent SSL support (through dsock) using OpenSSL/CyaSSL - Built-in libcurl-based downloader with glitch-free user interface ;-) - Built-in preferences GUI (no manual dillorc editing needed) - Sane in-memory cookies implementation (no cookies.txt needed) - Various small tweaks, usability improvements, and bugfixes Just thought I'd share, ~Benjamin
Hi Benjamin, On Sat, Jul 02, 2011 at 01:12:51PM -0400, Benjamin Johnson wrote:
In case anyone's still interested, I've got the latest round of Win32 patches up: http://dillo-win32.sourceforge.net/dillo/patches.php
It's still based on dillo2, but since most of the patches are "behind the scenes" (network code, etc.), they should work fine with dillo3. (I'm planning to switch over eventually.) Apart from the portability code, most of it isn't even Windows-specific; I've personally been using it quite a bit lately on OpenBSD.
Some highlights: - Cleaned up sockets portability layer (dsock) - Transparent SSL support (through dsock) using OpenSSL/CyaSSL
I haven't looked at the code yet, but if this could be extended to get proper SSL support it would be really great.
- Built-in libcurl-based downloader with glitch-free user interface ;-) - Built-in preferences GUI (no manual dillorc editing needed)
This is the old plugin or not-plugin discussion, I guess.
- Sane in-memory cookies implementation (no cookies.txt needed)
But that means it doesn't support persistent cookies, right?
- Various small tweaks, usability improvements, and bugfixes
Just thought I'd share, ~Benjamin
That's always appreciated. Cheers, Johannes
On Sun, 03 Jul 2011 14:29:32 -0400, Johannes Hofmann <Johannes.Hofmann@gmx.de> wrote:
- Cleaned up sockets portability layer (dsock) - Transparent SSL support (through dsock) using OpenSSL/CyaSSL
I haven't looked at the code yet, but if this could be extended to get proper SSL support it would be really great.
You mean certificate checking, error prompting, etc.?
- Sane in-memory cookies implementation (no cookies.txt needed)
But that means it doesn't support persistent cookies, right?
They can be re-enabled with a ./configure option. ~Benjamin
On Sun, Jul 03, 2011 at 03:09:52PM -0400, Benjamin Johnson wrote:
On Sun, 03 Jul 2011 14:29:32 -0400, Johannes Hofmann <Johannes.Hofmann@gmx.de> wrote:
- Cleaned up sockets portability layer (dsock) - Transparent SSL support (through dsock) using OpenSSL/CyaSSL
I haven't looked at the code yet, but if this could be extended to get proper SSL support it would be really great.
You mean certificate checking, error prompting, etc.?
Yes, plus reliable SSL connections of course. Cheers, Johannes
On Wed, 06 Jul 2011 15:51:32 -0400, Johannes Hofmann <Johannes.Hofmann@gmx.de> wrote:
On Sun, Jul 03, 2011 at 03:09:52PM -0400, Benjamin Johnson wrote:
You mean certificate checking, error prompting, etc.?
Yes, plus reliable SSL connections of course.
I'm not quite sure what you mean by "reliable" there -- could you explain? I should mention that the code to handle HTTP CONNECT requests for proxying SSL is a rather ugly kludge, since I wasn't sure how to correctly hook that through the CCC's. Besides that and the missing features, I can't think of any issues off the top of my head. For what it's worth, I've been using it every day for several months with no problems. I *would* like to add that my implementation is more secure than the DPI, since there's no Unix domain sockets or other interprocess communication to worry about. And since it's hooked in through the sockets code, it can reuse Dillo's existing HTTP code with all its features, making it a much more functional and elegant solution overall (aforementioned kludge excepted). ~Benjamin
Benjamin: I'm curious about the addition of CyaSSL support. I don't know anything about it -- is it useful to you mostly for Windows reasons, or would it be useful for everyone in the general case?
On Wed, 06 Jul 2011 23:29:59 -0400, corvid <corvid@lavabit.com> wrote:
Benjamin: I'm curious about the addition of CyaSSL support. I don't know anything about it -- is it useful to you mostly for Windows reasons, or would it be useful for everyone in the general case?
Useful to everyone, I think. CyaSSL is a cross-platform, embedded SSL library; here's its homepage: http://www.yassl.com/yaSSL/Home.html I started using it with the Windows version because it has an OpenSSL-compatible API, and a much smaller footprint -- 1.3 MB with CyaSSL versus 1.7 MB with OpenSSL. (I like that in 2011, Dillo can still fit on a floppy disk!) It's not quite as big a deal on Unix, since most distributions ship with OpenSSL, but I think it fits nicely with Dillo's goal of high software efficiency. The CyaSSL patch actually doesn't change any source code, just some linker flags. On Unix it usually creates its own directory structure, like /usr/local/cyassl, with OpenSSL-compatible symlinks, so even that much isn't necessary. Cheers, ~Benjamin
On Wed, Jul 06, 2011 at 11:55:13PM -0400, Benjamin Johnson wrote: On Wed, 06 Jul 2011 23:29:59 -0400, corvid <corvid@lavabit.com> wrote:
Benjamin: I'm curious about the addition of CyaSSL support. I don't know anything about it -- is it useful to you mostly for Windows reasons, or would it be useful for everyone in the general case?
Useful to everyone, I think. CyaSSL is a cross-platform, embedded SSL library; here's its homepage: http://www.yassl.com/yaSSL/Home.html
I started using it with the Windows version because it has an OpenSSL-compatible API, and a much smaller footprint -- 1.3 MB with CyaSSL versus 1.7 MB with OpenSSL. (I like that in 2011, Dillo can still fit on a floppy disk!) It's not quite as big a deal on Unix, since most distributions ship with OpenSSL, but I think it fits nicely with Dillo's goal of high software efficiency.
The CyaSSL patch actually doesn't change any source code, just some linker flags. On Unix it usually creates its own directory structure, like /usr/local/cyassl, with OpenSSL-compatible symlinks, so even that much isn't necessary.
On my Gentoo box: $ locate cyassl Returns a null search here. It sounds binary only or closed source? -- Roger http://rogerx.freeshell.org/
On Wed, Jul 06, 2011 at 10:04:48PM -0800, Roger wrote:
On Wed, Jul 06, 2011 at 11:55:13PM -0400, Benjamin Johnson wrote: On Wed, 06 Jul 2011 23:29:59 -0400, corvid <corvid@lavabit.com> wrote:
Benjamin: I'm curious about the addition of CyaSSL support. I don't know anything about it -- is it useful to you mostly for Windows reasons, or would it be useful for everyone in the general case?
Useful to everyone, I think. CyaSSL is a cross-platform, embedded SSL library; here's its homepage: http://www.yassl.com/yaSSL/Home.html
I started using it with the Windows version because it has an OpenSSL-compatible API, and a much smaller footprint -- 1.3 MB with CyaSSL versus 1.7 MB with OpenSSL. (I like that in 2011, Dillo can still fit on a floppy disk!) It's not quite as big a deal on Unix, since most distributions ship with OpenSSL, but I think it fits nicely with Dillo's goal of high software efficiency.
The CyaSSL patch actually doesn't change any source code, just some linker flags. On Unix it usually creates its own directory structure, like /usr/local/cyassl, with OpenSSL-compatible symlinks, so even that much isn't necessary.
On my Gentoo box:
$ locate cyassl
Returns a null search here. It sounds binary only or closed source?
polarssl might also be worth looking at. Cheers, Johannes
On Thu, Jul 07, 2011 at 09:01:00AM +0200, Johannes Hofmann wrote: On Wed, Jul 06, 2011 at 10:04:48PM -0800, Roger wrote:
On Wed, Jul 06, 2011 at 11:55:13PM -0400, Benjamin Johnson wrote: On Wed, 06 Jul 2011 23:29:59 -0400, corvid <corvid@lavabit.com> wrote:
Benjamin: I'm curious about the addition of CyaSSL support. I don't know anything about it -- is it useful to you mostly for Windows reasons, or would it be useful for everyone in the general case?
Useful to everyone, I think. CyaSSL is a cross-platform, embedded SSL library; here's its homepage: http://www.yassl.com/yaSSL/Home.html
I started using it with the Windows version because it has an OpenSSL-compatible API, and a much smaller footprint -- 1.3 MB with CyaSSL versus 1.7 MB with OpenSSL. (I like that in 2011, Dillo can still fit on a floppy disk!) It's not quite as big a deal on Unix, since most distributions ship with OpenSSL, but I think it fits nicely with Dillo's goal of high software efficiency.
The CyaSSL patch actually doesn't change any source code, just some linker flags. On Unix it usually creates its own directory structure, like /usr/local/cyassl, with OpenSSL-compatible symlinks, so even that much isn't necessary.
On my Gentoo box:
$ locate cyassl
Returns a null search here. It sounds binary only or closed source?
polarssl might also be worth looking at.
Yup, polarssl is included within Gentoo Portage. ( ...and likely the other Linux distros.) -- Roger http://rogerx.freeshell.org/
On Thu, 07 Jul 2011 02:04:48 -0400, Roger <rogerx.oss@gmail.com> wrote:
On my Gentoo box:
$ locate cyassl
Returns a null search here. It sounds binary only or closed source?
GPLv2. I think it's a relatively new project; and considering how many distros' repositories *we're* in, I don't think that's the most accurate way to determine a project's license ;-) Their download page doesn't seem to like Dillo, so here's the source for the version I use: http://dillo-win32.sourceforge.net/deps/cyassl-2.0.0rc1.zip On Thu, 07 Jul 2011 03:28:51 -0400, Roger <rogerx.oss@gmail.com> wrote:
On Thu, Jul 07, 2011 at 09:01:00AM +0200, Johannes Hofmann wrote: polarssl might also be worth looking at.
Yup, polarssl is included within Gentoo Portage. ( ...and likely the other Linux distros.)
Unfortunately their build system is badly broken on Windows; neither the included Makefile nor cmake can produce a working library, at least not on my system. I'm not against it, I just wouldn't be able to implement or use it myself. Again, CyaSSL support isn't really for desktop Linux users, since everyone and their brother already includes OpenSSL. But it could be nice for embedded systems that don't need/can't support OpenSSL's additional features or overhead. And of course, it trims bloat on Windows, where we don't really have a sane or consistently available system SSL library. ~Benjamin
participants (5)
-
corvid@lavabit.com -
Johannes.Hofmann@gmx.de -
johannes.hofmann@gmx.de
-
obeythepenguin@gmail.com -
rogerx.oss@gmail.com