IRC log of #maemo for Thursday, 2018-06-07

DocScrutinizer05PukeAudio is poettering00:33
infobot'sth is poettering' means it acts invasive, possessive, destructive, and generally in an egocentric exacerbating negative way. ``this cancer is extremely poettering'', or you look here for Linus' notion on what's poettering:, or, or see ~systemd cabal00:33
DocScrutinizer05also Mr L. Poettering has a record to opt out of portability, even when he needs to invest a few more days into coding to achive killing portability for good00:34
*** Pali has quit IRC00:47
*** florian has quit IRC00:52
*** florian has joined #maemo01:04
*** florian has quit IRC01:10
*** xy2_ has quit IRC01:21
*** florian has joined #maemo01:23
*** Kabouik- has joined #maemo01:34
*** Kabouik_ has quit IRC01:36
*** florian has quit IRC02:02
*** jonwil has joined #maemo02:30
*** xorly has quit IRC02:39
*** M4rtinK has joined #maemo02:39
*** Kabouik- has quit IRC03:02
*** infobot has quit IRC03:20
*** infobot has joined #maemo03:21
*** ChanServ sets mode: +v infobot03:21
*** M4rtinK has quit IRC03:50
*** Kilroo has joined #maemo04:49
jonwilhmmm, getting newer OpenSSL to work on Maemo QT isn't as easy as I thought. There is a Debian patch for QT4 but that's for 4.8.7, we only have 4.7.405:13
*** vahe has joined #maemo05:49
*** LauRoman|Alt has quit IRC06:37
*** LauRoman|Alt has joined #maemo06:45
*** vahe has quit IRC06:50
*** LauRoman|Alt has quit IRC06:56
jonwilI think I got a solution now.07:11
*** spiiroin has quit IRC07:24
OksanaSounds nice. Will it help with getting MicroB to work with some of those stubborn websites?07:30
jonwilNope, this is OpenSSL and QT, not microb-engine07:33
jonwilwhich uses NSS07:33
jonwilThe work to get Firefox 24 going is a different project07:34
KotCzarnyi wonder if there is a way to make nss use openssl07:34
jonwilGetting FF24 to work is still the best option.07:35
jonwilI need to go back and see about grabbing debug symbols for Firefox 24 on Linux and see if those debug symbols contain any useful info about how FF24 was compiled.07:35
jonwilOfficial Mozilla FF24 that is07:35
KotCzarnybut thats backwards07:36
jonwilGetting FF24 going will give you more than just TLS 1.207:39
jonwilThat's an engine to allow OpenSSL to read NSS certificate databases and such07:40
jonwilSo that doesn't do anything useful.07:41
jonwiltrust me when I say getting FF24 going is the best hope for a browser that supports TLS 1.207:42
jonwilunless you find some weird hacky webkit fork that can be compiled properly on the ancient versions of the libraries the N900 is stuck at07:42
OksanaFirefox 24 does sound nice.07:48
*** Kilroo has quit IRC07:49
jonwilGetting Fahrplan going again is important to me so I can do transport journey planning when I am out and about :)07:57
jonwilhence why I am putting the effort into OpenSSL and QT07:58
OksanaNice :-) Would Gtk+ applications be able to use the OpenSSL? Or would it require specific adaptation, like Qt does?08:05
KotCzarnyi dont think gtk is the same level of toolkitness as qt08:06
KotCzarnymaybe glib has some connectivity functions08:06
*** spiiroin has joined #maemo08:21
*** vahe has joined #maemo08:46
ceenejonwil: the QT thing, I did something to it to use openssl1.008:49
ceeneyou have that on my repos too08:50
ceene this branch should have been merged on maemo's n900, but i think nobody finally did it, even though it was approved08:51
ceeneapproved or whatever the process is to have patches applied to maemo repos08:51
ceenei don't remember the bureaucracy of that08:51
parazydjonwil: You do realize FF24 has like, a hundred CVEs?08:51
ceeneand also you have
ceenewhich does compile against newer openssl08:51
ceeneand backports support for new protocols: tlsv1_1, tlsv1_208:52
MaxdamantusCould always just write some tun-based proxy that everything is routed to.08:56
MaxdamantusBrowser just has some self-signed certificate that matches every host, gets routed through the tun proxy, using its old version of OpenSSL, tun proxy then connects to the actual IP address using its newer version of OpenSSL, doing host verification, etc08:58
jonwilGTK doesn't have any networking code at all09:03
jonwilIts just a UI toolkit09:04
jonwilAny GTK app can use OpenSSL 1.1.0h no problems09:04
jonwilThe removessl thing is already on the cssu version of QT and already in CSSU09:05
jonwilSo nothing needs to happen there09:06
jonwilThe upgradessl stuff is for 1.0.x, the debian patch makes everything work for 1.1.0h (much better to use 1.1.0 with less bugs etc than 1.0.x)09:08
jonwilAnd I see nothing specific that makes it hard to get that going09:08
jonwilAs for FF24, I bet the 1.9.2 based microb-engine has a lot of security flaws as well09:09
jonwilI doubt upgrading to FF24 is going to make things any LESS secure09:10
KotCzarnyi just hope it will be usable09:10
KotCzarnynot that many exploits would work on n90009:10
ceeneah, so debian already has patches for qt4+openssl1.1?09:13
ceenedidn't know that09:13
jonwilYes they do09:13
ceenewell, so much better then09:14
jonwilThey have a patch for OpenSSL 1.1 support on QT 4.8.7 which I need to get going on the QT 4.7.4 we have09:14
jonwilNo-one is going to write something that targets an exploit in an ancient version of Firefox that has been fixed for years now, let alone one running on a linux armel target (as opposed to android)09:14
jonwilNot when they can write an exploit for Windoze and get far more machines infected09:15
KotCzarnyi suspect even static arm binaries might fail because of old kernel09:15
jonwilI already have the results of compiling the FF24 tree running on my device (so etc) with as the front end.09:16
jonwilSo its definitely working.09:16
jonwilA long way from where I need it to be but its definitely at least working.09:16
jonwilSo we know its ok in regards to dependencies, kernel, libc, gtk etc09:17
ceenenot to be confused with
jonwilI did have to turn off a bunch of stuff though including gstreamer, WebRTC, WebM and a bunch of audio stuff like ogg.09:18
jonwilBut other than that its definitely usable and working :)09:18
ceenei don't think i've ever run any of those things on my pc09:18
jonwilYou will have if you are running a recent browser and e.g. accessed YouTube09:18
KotCzarnyjonwil, most people need functionality for utility sites09:18
KotCzarnyso audio isnt on top of the needed features09:19
*** xy2_ has joined #maemo09:19
KotCzarnyand might even be good because it will use fewer resources09:19
Maxdamantusbut not in microb/rtcom-messaging-ui, right?09:20
KotCzarnyi would like functioning browser, no need for device wide engine09:20
MaxdamantusCan already do that with a debian root (oldstable's xulrunner is also version 24 iirc)09:22
jonwilMy end goal is to hopefully replace microb-engine without breaking anything (except possibly support for the piece of garbage known as Flash)09:26
*** xy2_ has quit IRC09:28
jonwilAlthough given how slow conkeror was when I tried it, I think I need to see if there are more optimization flags I can turn on (either mozilla config options or compiler/linker flags)09:29
jonwilAnything that doesn't require a new kernel is an option I will consider :)09:29
KotCzarnyi think all kernels in any cssu support thumb binaries09:30
jonwilExcept that CSSU doesn't install a new kernel09:30
jonwilI have everything from CSSU-testing running on my phone right now and I am still running the stock Nokia kernel09:31
MaxdamantusNothing should install a new kernel except the user.09:31
KotCzarnyho hum09:31
Maxdamantusbut cssu does have custom kernels.09:31
jonwilCSSU-thumb does09:32
jonwilCSSU-devel does09:32
jonwilBut cssu-testing and cssu-stable do not09:32
jonwilI know for sure cssu-devel has a custom kernel since I accidentally screwed up my phone by installing the modules for it by mistake without installing the kernel itself (thankfully I ended up finding a solution)09:33
*** spiiroin has quit IRC09:51
*** spiiroin has joined #maemo09:55
*** florian_kc is now known as florian10:22
*** Guest75409 has quit IRC10:30
*** geaaru has joined #maemo10:35
*** ruskie has joined #maemo10:35
sixwheeledbeast^CSSU -devel is just a repo of random devel packages, it's not a "standard" repo to pull everything from.10:40
sixwheeledbeast^You can install KP or "kernel-cssu" from thumb repo for thumb support.10:43
*** Kabouik has joined #maemo10:57
*** xy2_ has joined #maemo11:07
*** jskarvad has joined #maemo11:08
*** xy2_ has quit IRC11:27
jonwilYeah I learned from that mistake pretty quickly and now I know to be more careful in what I install from cssu-devel11:31
*** M4rtinK has joined #maemo11:35
*** xorly has joined #maemo11:48
*** kalin has quit IRC11:59
*** M4rtinK has quit IRC12:13
*** parazyd has quit IRC12:16
*** how900 has quit IRC12:16
*** how900 has joined #maemo12:17
*** how900 has joined #maemo12:17
*** parazyd has joined #maemo12:17
*** parazyd has joined #maemo12:17
*** Venemo has quit IRC12:55
*** Venemo has joined #maemo12:57
*** jon_y has quit IRC13:01
*** sunshavi has quit IRC13:07
*** jskarvad is now known as jskarvad_afk13:15
*** xy2_ has joined #maemo13:20
*** jon_y has joined #maemo13:21
*** jon_y has quit IRC13:21
*** jon_y has joined #maemo13:26
*** jon_y has quit IRC13:28
*** jon_y has joined #maemo13:29
*** sunshavi has joined #maemo14:11
*** jskarvad_afk is now known as jskarvad14:32
*** APic has quit IRC14:49
*** vahe has quit IRC15:05
*** xy2_ has quit IRC15:21
*** APic has joined #maemo15:23
*** spiiroin has quit IRC15:46
*** jskarvad has quit IRC15:49
*** kalin has joined #maemo15:53
*** xy2_ has joined #maemo16:04
*** kalin has quit IRC16:30
DocScrutinizer05wrap the damn browser into a chroot16:46
DocScrutinizer05for messing with repos:
DocScrutinizer05even speedyham is a PITA to enable/disable repos16:52
*** jonwil has quit IRC16:54
DocScrutinizer05enable-catalogs all&&apt-get update&&apt-get install foobar-devel;enable-catalogs standard    at very least runs unattended, though also several minutes16:54
DocScrutinizer05enable-catalogs save tmp&&enable-catalogs all&&apt-get update&&apt-get install foobar-devel;enable-catalogs tmp&&enable-catalogs delete tmp16:56
DocScrutinizer05might make a wrapper out of this, s/foobar-devel/\$1/16:57
DocScrutinizer05install_X_with(){ enable-catalogs save tmp&&enable-catalogs ${2:-all}&&apt-get update&&apt-get install $1;enable-catalogs tmp&&enable-catalogs delete tmp }17:00
DocScrutinizer05install_X_with foobar-devel allPlusThumb17:01
*** xorly has quit IRC17:10
*** jonwil has joined #maemo17:10
*** till has joined #maemo17:19
*** spiiroin has joined #maemo17:23
*** jonwil has quit IRC17:30
*** trx has quit IRC17:50
*** trx has joined #maemo17:54
*** trx has quit IRC17:54
*** trx has joined #maemo17:54
*** xy2_ has quit IRC18:13
*** xy2_ has joined #maemo18:14
*** xy2_ has quit IRC18:15
*** xy2_ has joined #maemo18:17
*** ravelo has joined #maemo18:23
*** vahe has joined #maemo18:24
*** Pali has joined #maemo18:52
*** LauRoman|Alt has joined #maemo18:52
*** Kabouik has quit IRC19:09
*** florian has quit IRC19:22
*** Venemo has quit IRC19:48
*** Kabouik- has joined #maemo19:58
*** M4rtinK has joined #maemo20:38
*** LauRoman has quit IRC20:47
*** LauRoman has joined #maemo20:50
*** xorly has joined #maemo20:50
*** florian has joined #maemo20:51
*** Kabouik has joined #maemo20:54
*** Kabouik- has quit IRC20:56
*** geaaru has quit IRC21:02
*** florian has quit IRC21:02
*** vahe has quit IRC21:18
*** vahe has joined #maemo21:20
*** drrty has joined #maemo21:33
*** vahe has quit IRC21:58
*** florian has joined #maemo22:19
*** louisdk has joined #maemo22:33
*** LauRoman|Alt has quit IRC22:50
*** LauRoman|Alt has joined #maemo22:53
*** louisdk has quit IRC22:56
*** kalin has joined #maemo23:17
*** xorly has quit IRC23:39
*** xorly has joined #maemo23:59

Generated by 2.15.1 by Marius Gedminas - find it at!