Re: [fpc-pascal] client certificate mandatory and verification

2024-04-09 Thread Flávio Etrusco via fpc-pascal 
Hello,

This doesn't seem to have an easy solution right now. Many of the functions
needed to set up openssl for this doesn't even seem to have imports in the
FPC package.
You'd then have to import the functions and implement a custom
TSSLSocketHandler, and then hook it using either
(fphttpapp.)Application.HTTPHandler.HTTPServer.OnGetSocketHandler or
TSSLSocketHandler.SetDefaultHandlerClass();

Some pointers:
https://stackoverflow.com/questions/4261369/openssl-verify-peer-client-certificate-in-c
https://stackoverflow.com/questions/21050366/testing-ssl-tls-client-authentication-with-openssl
https://stackoverflow.com/questions/16291809/programmatically-verify-certificate-chain-using-openssl-api
https://stackoverflow.com/questions/3412032/how-do-you-verify-a-public-key-was-issued-by-your-private-ca

Best regards,
Flávio


Em sáb., 23 de mar. de 2024 às 08:47, Jos Wegman via fpc-pascal <
fpc-pascal@lists.freepascal.org> escreveu:

> Hi,
>
> Out of the info on the wiki I created a simple Webserver with a
> server-certificate.
> To get this code working you need to create the necessary certificate.
> For this I used xca from https://hohnstaedt.de but you can use OpenSSL to
> do the same.
>
>
> [code=pascal]
> program webserver;
>
> {$mode objfpc}{$H+}
>
> uses
>   {$ifdef UNIX}
>   cthreads, cmem,
>   {$endif}
>   fphttpapp,
>   httpdefs,
>   httproute,
>   opensslsockets;
>
> var
>   fUseSSL: boolean;
> const
>   fCertificatePassword: string = 'hello';
>   fCertificateHostName: string = 'localhost';
>   fCertificateFileName: string = 'Server.crt';
>   fCertificatePrivateKey: string = 'Server.key';
>
>   procedure route1(aReq: TRequest; aResp: TResponse);
>   begin
> aResp.Content := 'Route 1 The
> Default';
>   end;
>
>   procedure route2(aReq: TRequest; aResp: TResponse);
>   begin
> aResp.Content := 'Route 2';
>   end;
>
> begin
>   HTTPRouter.RegisterRoute('/', @route1);
>   HTTPRouter.RegisterRoute('/2', @route2);
>   Application.Port := 1999;
>   fUseSSL :=true;
>   Application.UseSSL := fUseSSL;
>   if fUseSSL then
>   begin
> Application.CertificateData.KeyPassword := fCertificatePassword;
> Application.CertificateData.HostName := fCertificateHostName;
> Application.CertificateData.Certificate.FileName :=
> fCertificateFileName;
> Application.CertificateData.PrivateKey.FileName :=
> fCertificatePrivateKey;
>   end;
>   Application.Threaded := True;
>   Application.Initialize;
>   Application.Run;
> end.
> [/code]
>
> My questions are:
>
> *- How can I modify this example to enforce the use of a client
> certificate? - How can I verify a client certificate in the server?*
>
> In the TLS handshake a client certificate is optional but the server can
> ensure that it is mandatory.
>
> Any help, pointers, sample code is appreciated.
>
> Sincerely,
>
> Jos
> ___
> fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
> https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal
>
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] How to inline CompareFunc to Sort method in generic abstract class

2022-11-21 Thread Flávio Etrusco via fpc-pascal 
Em sáb., 19 de nov. de 2022 18:27, Sven Barth via fpc-pascal <
fpc-pascal@lists.freepascal.org> escreveu:

>  (...)
>
>// this kind of constraint that uses T does not work yet
>generic TList> = class
>  procedure Sort;
>end;
>
> (...)
>

No? Sad, I use this all the time in Java.

Best regards,
Flávio


>
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] How to inline CompareFunc to Sort method in generic abstract class

2022-11-21 Thread Flávio Etrusco via fpc-pascal 
Hi,

Thanks for the clarifications (although in some aspects I'm more confused
now LOL).

If you really want the performance gains (and if you're convinced of these
gains, of course) maybe you could implement inlined functions for each key
native datatype taking an offset for the field.

And if you have computed or complex keys, creating an indirection list
would probably have speed gains.

--
Best regards,
Flavio

Em sáb., 19 de nov. de 2022 00:26, Vojtěch Čihák via fpc-pascal <
fpc-pascal@lists.freepascal.org> escreveu:

> Hi,
>
>
>
> I specialized my generic abstract class in a different unit with this type:
>
>
>
> TRec = record
>
> A: Integer;
>
> B: Integer;
>
>   end;
>
>
>
> (A is for sorting, B is for testing of stability, i.e. for MergeSort,
> TimSort)
>
>
>
> and compare function, declared with inline; directive:
>
>
>
> function MyComptFunc(const ARec, BRec: TRec): Integer;
>
> var i, aCnt: Integer;
>
> begin
>
>   aCnt:=CFComplex;
>
>   for i:=0 to aCnt do
>
> Result:=(BRec.A-ARec.A);
>
>   inc(CFCnt);
>
>   //InterlockedIncrement(CFCnt);
>
> end;
>
>
>
> The reason for this complex compare function is that it also measure
> number of comparisons and it can simulate more expensive comparisons (like
> sorting strings).
>
>
>
> For a while, I added this unit to the second "uses" section
> (implementation) of the other unit, which is impractical, but I had
>
> temporary access to the compare function. I tested again with ShellSort,
> sorting 2'000'000 values takes:
>
> 1380ms inlined
>
> 1515ms not inlined, ~9% slower
>
> 1430ms when compare func. is a parameter ~4% slower
>
>
>
> I pass variables by value. But you are right, when I shave the function
> like this:
>
>
>
> function MyComptFunc(const ARec, BRec: TRec): Integer;
>
> begin
>
>   Result:=(BRec.A-ARec.A);
>
> end;
>
>
>
> the results are:
>
> 750ms inlined
>
> 950ms not inlined, ~21% slower
>
> 835ms when compare func. is a parameter ~10% slower
>
>
>
> so the gain of inlining is higher for sorting primitive types.
> V.
>
> __
> > Od: "Flávio Etrusco via fpc-pascal" 
> > Komu: "FPC-Pascal users discussions" 
> > Datum: 18.11.2022 20:45
> > Předmět: Re: [fpc-pascal] How to inline CompareFunc to Sort method in
> generic abstract class
> >
>
>
> Em seg., 14 de nov. de 2022 15:26, Vojtěch Čihák via fpc-pascal <
> fpc-pascal@lists.freepascal.org> escreveu:,
> What do you mean by "be inlined"? The 'inline' directive instructs the
> compiler (or is it the linker? ) to try copying the whole function
> inline, also avoiding the call (stack) setup; you can't do this for this
> for a general purpose method.
> I'm curious how you got that 6% figure, it seems rather large. Is this
> comparing the parameter vs virtual method approach or comparing a fully
> inline (no indirect call of any kind) sort function to some other option?
> Are you passing the variables by reference?
> Best regards,
> Flávio
>
>
> --
>
> ___
> fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
> https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal
> ___
> fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
> https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal
>
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] How to inline CompareFunc to Sort method in generic abstract class

2022-11-18 Thread Flávio Etrusco via fpc-pascal 
Em seg., 14 de nov. de 2022 15:26, Vojtěch Čihák via fpc-pascal <
fpc-pascal@lists.freepascal.org> escreveu:

> Hi,
>
> I wrote a generic abstract class - a list based on dynamic array (i.e.
> array of T;) and this class can be specialized elsewhere with any type
> (records or classes).
> Part of the class is sorting. There are more ways how to deliver *compare
> function* to sorting method. I can pass it as a parameter or I can define
> it as: function Compare(A, B: T): Integer; virtual; abstract;. But this way
> the function cannot be inlined.
>
> Question: Is there a way how to *inline* compare function to sorting
> method in this general purpose generic abstract class?
>
> Thanks.
>
> PS: The gain is 6-7%.
>

Hi,

What do you mean by "be inlined"? The 'inline' directive instructs the
compiler (or is it the linker? ) to try copying the whole function
inline, also avoiding the call (stack) setup; you can't do this for this
for a general purpose method.
I'm curious how you got that 6% figure, it seems rather large. Is this
comparing the parameter vs virtual method approach or comparing a fully
inline (no indirect call of any kind) sort function to some other option?
Are you passing the variables by reference?

Best regards,
Flávio
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal

Re: [fpc-pascal] Feature announcement: implicit generic function specializations

2022-04-30 Thread Flávio Etrusco via fpc-pascal 
Hi,

Em sáb., 30 de abr. de 2022 às 09:13, Mattias Gaertner via fpc-pascal
 escreveu:
>
> AFAIK it is planned for mode objfpc to support distinguishing types via
> template count as in mode delphi:
>
> type
>   TMyClass = class
>   end;
>   generic TMyClass = class
>   end;
>   generic TMyClass = class
>   end;

This seems very likely to generate confusion, doesn`t it?


Best regards,
Flávio
___
fpc-pascal maillist  -  fpc-pascal@lists.freepascal.org
https://lists.freepascal.org/cgi-bin/mailman/listinfo/fpc-pascal