Subject: citadel-client have some ssl security problemes
Hi guys,
Recently, our group are trying to find ssl security problems by static anlysis. Now we have find some problems in citadel-client and report this bugs to the launchpad, but we haven't receive any responses.
Could you please take a look at this bug:
https://bugs.launchpad.net/ubuntu/+source/citadel-client/+bug/1380449
Thanks,
Rainkin
For this visit I am logged in via the GUI. I hate it.
It's comparatively slow; no - it's REALLY slow.
The text client is snappy - it's VERY fast.
Only thing I like about doing it this way is the display of images and text enhancements.
That, however, is absolutely not essential to the primary task - communicating.
--K2NE
Yeah, I find it considerably more snappy than the web client, which isn't a cut against the web client, just a note that sometimes the old ways kinda work better for certain things.
"goosh is written by Stefan Grothkopp <goosh@xsg.de>
it is NOT an official google product!" but you get the google ads still :) actually very cool! I think!? :/
Try another browser instead of the IE replacement Firefox. Or stop using SSL :D
Currently only chrome/chromium based browsers are reasonably fast with Webcit and SSL enabled.
Just because. All communicating with the same data. That is the thing I like most about the system.
Uncoincidentally, since 2009 I have been working on a "ctdlsh" utility which no one will ever use. :)
(Don't get excited, I've probably spent a couple of hours tops on this idea. It's basically just a system administration shell. Right now all it can do is shut the server down, change a user's password, and tell you what time it is.)
Basically though, this seems to be the way people write command line utilities in the 21st century (on real computers anyway; in wintendo-land they have powershell crap that no one can figure out) -- build a "shell" for the application domain, give it a bunch of subcommands that can perform any task, and allow it to run in scripts or using GNU readline when running interactively.
Alternatively, you could build Python extensions that integrate with Citadel, to give you all the power of a shell with none of the extra hassle of figuring out language constructs.
Thu Nov 27 2014 01:14:30 PM EST from fleeb @ Uncensored
Alternatively, you could build Python extensions that integrate with Citadel, to give you all the power of a shell with none of the extra hassle of figuring out language constructs.
Yes. Do this and I will come to the party. If this happens, I will also try to extend or even write c extensions to the base libs (assuming what I wrote would pass muster).
That's been considered more than once, and it may yet happen.
I haven't had much coding time over the last two years and am hoping that 2015 will be when that changes. I want to focus on simplifying some things -- yes, even Citadel, which is dead simple compared to other solutions, could stand to have a couple of things made easier.
Most of them will revolve around removing features which address use cases that don't exist. For example, absolutely *nobody* is networking Citadel nodes in non-federated mode, so the distributed address book goes away. This removes half a box full of options from the domain configuration screen and eliminates a couple of different failure modes.
Someday I'll finish ctdlsh, which will allow the removal of numerous sysadmin functions from our beloved Text Client. Or perhaps the entire client could be rewritten in Python. Who knows. There's a *lot* of bit rot in there.
Mon Dec 29 2014 11:57:30 EST from IGnatius T Foobar @ Uncensored
Someday I'll finish ctdlsh, which will allow the removal of numerous sysadmin functions from our beloved Text Client. Or perhaps the entire client could be rewritten in Python. Who knows. There's a *lot* of bit rot in there.
I'd realy love to see something with ctdlsh (maybe even with python) which enables us to write unit tests in a very compact manner.
I realy enjoy the arangodb way of writing unittests in .js - one can use the full arango js api for all the setup & teardown - like creating specific collections, filtering the results, expecting whats to be there...
That way AQL is revalidated - the Arango db Query language. We also reach a pretty descent code coverage ratio that way.
and - yes - I realy enjoy my day to day work can be viewed publicaly at github ;-)