News

News

RSS feed
05/01/2019
Marshall's April Update

There are four main areas where I spend my time. Libc++, where I am the “code owner” WG21, where I am the chair of the Library Working Group (LWG) Boost Speaking at conferences Libc++ The next big milestone for libc++ is the LLVM 9.0 release this summer. We’re working towards that, implementing new features and fixing bugs. As the “code owner” for libc++, I also have to review the contributions of other people to libc++, and evaluate and fix bugs that are reported. That’s a never-ending task; there are new contributions ever day. LWG papers implemented this month. P0811 Add std::midpoint and std::lerp for C++20 LWG issues resolved this month 2960 nonesuch is insufficiently useless 2977 unordered_meow::merge() has incorrect Throws: clause 2164 What are the semantics of vector.emplace(vector.begin(), vector.back())? LLVM features implemented this month (certainly incomplete) Fixed the implementations of list::remove_if and list::unique to deal with values or predicates that are elements in the list. Same for forward_list. We did this for remove already, but now we do it for the other operations as well. Added a bunch of new tests for things that we were missing ** list::sort and forward_list::sort are required to be stable. ** You can’t use...

Continue Reading
04/04/2019
Damian's March Update

This month I’ve been working on the following projects: Certify Boost.Beast Boost.Build BeastLounge Certify Certify now properly verifies the hostname of a TLS server according to RFC 2818 or TLS-DANE if available. Additionally, initial support for CRLSets has been merged, although it’s still missing integration into the verification code. I’ve also invested a fair bit of time into researching what other open source libraries do to perform certificate status checking. I’ve looked into BoringSSL, mbedTLS, Botan and even the Go standard library. It’s interesting that no library has a default way of performing the status check of a certificate and it’s left up to the user. The Windows implementation of the certificate store in Certify will now properly use the entire chain passed by the peer, which resolves certificate failures in less common cases. Don’t forget to star the repository: https://github.com/djarek/certify! Boost.Beast Most of the work this month involved making Beast compile faster and use less memory by expanding the code that can use split compilation and reducing redundant dependencies in a few places. Boost.Build I’ve worked on implementing 2 improvements that make it less painful to work with b2: support for finding OpenSSL support for sanitizers in gcc and...

Continue Reading
04/02/2019
Marshall's March Update

There are four main areas where I spend my time. Libc++, where I am the “code owner” WG21, where I am the chair of the Library Working Group (LWG) Boost Speaking at conferences This month, I spent far more time reviewing other people’s code and preparing talks for conferences than the previous few months. The Boost release process consumed a fair chunk of time as well. Libc++ The big news is: we released LLVM 8 this month! (March 20th). You can get the sources and pre-built binaries from the LLVM download page, or wait for your system vendor to provide you with an update. As the “code owner” for libc++, I also have to review the contributions of other people to libc++, and evaluate and fix bugs that are reported. That’s a never-ending task; there are new contributions ever day. LWG papers implemented this month. P0811 std::midpoint for integral and pointer types. This turned out to be quite involved, and spawned a clang bug report. On the plus side, now I have a topic for a talk for CppCon this fall. Still to do, std::midpoint for floating point types. This is done, but it needs better tests. LWG issues implemented...

Continue Reading
03/16/2019
Certify X509 Validation

Certify - X509 certificate validation I always knew that validating a certificate chain presented by a peer is not an easy procedure, but my recent work in Certify to port over the procedure from Chromium has only proven that I underestimated the complexity of it. Certificate revocation seems to be a particularly hard issue, with 2 main categories of solutions - offline and online validation. Online validation - OCSP OCSP is a protocol designed to allow checking the revocation status of a certificate by sending a request over a subset of HTTP/1.1. At first glance, it seems it solves the status checking problem on its own. However, OCSP has problems, inherent to online checking. First of all, the validation server might not be currently available - so a lack of response is most definitely not a state in which a chain can be trusted. Secondly, the check may be slow, after all, it requires connecting to a separate service. Additionally, the native Windows API for certificate verification does the status check synchronously, which means potentially blocking a user’s thread that typically services asynchronous operations. There is a feature that alleviates most of these issues, at least from the point of...

Continue Reading
03/06/2019
Gold sponsor of C++Now 2019

The Alliance is a Gold sponsor for C++Now 2019. This conference is a gathering of C++ experts and enthusiasts from around the world in beautiful Aspen, Colorado from May 5, 2019 - May 10, 2019.

Continue Reading