#💽Programming Chat v2

it's closer to 6 AM on my timezone

READ

I thought you were trying to convert it to ATP’s time mb

REAAAAD

kys

:C

When

あなたへのおすすめ

米を買ったことがない（アメリカの国土を買収したことがないの意）

デバッカーにデバッグどころじゃないって涙目になってもらえて魔女みたいな笑い方してる

https://fixupx.com/i/status/1925322469847482479

https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417

okay actually doing this now

bmbmbmb

JDK 24 has no ASN.1 decoder so i must make my own

[ASN1Sequence[2][ASN1Integer(value=63364860536131611615359363549099209173057496495496730956199499144828307646458), ASN1Integer(value=109471171272462600455447291949628282112874345014106893364857269483312157901245)]]

hooray my ASN.1 parser works

thankfully it is quite similar to RIFF and with BSL's new Parser structure registering this is super easy

@spare quartz be like this person.

hop off

smh.

Lol

@timid quartz https://x.com/orhundev/status/1924814885076045936

oh shit that's me, husband and the yellow dude

https://fixupx.com/cia/status/1925518661713891793?s=46

Also btw

ASN.1 isn’t in the JDK!

It’s in bouncy castle 🤮

brah

I saw

GOD

i hate crypto so much

but this is making me learn a little

{
                                                                      "type": "urn:ietf:params:acme:error:unsupportedContact",
                                                                      "detail": "Error creating new account :: only contact scheme 'mailto:' is supported",
                                                                      "status": 400
                                                                    }

very close..

woohoo

our very own JWS signing / ASN.1 / ACME encoding works!!!

JWTs SUUUUCK

JWS

wtf is a jws

json web signing

if it’s affiliated with JWTs it sucks majorly

JWT is built on top of it

ok it sucks majorly

no

JWS just says "this thing was signed by this cert"

it doesn't assert anything other than authenticity

me when I mess with that because it’s given to the client and I trick your server

?

so, number one: i am the client here

number two: you can't fake an EC/P-256

if you can, you'd destroy 99% of the internet

but I CAN change the cert field and the signature :3

yeah but then the JWS isn't valid anymore

honestly like

funny thing with JWTs

which i am not using here btw!

yes aware

okay ACME time

^^

well then don't use JWTs

and also

and also

Yeah I don't lmfao

poor library design

whoever decided it was a good idea to hand the client the thing that directly controls their permission grants needs to be grounded from the internet forever

do you want a free public key btw

uh sure

Public Key: Sun EC public key, 256 bits
public x coord: 97207803913165164273933472566852445634313409367038390383487170261008944161352
public y coord: 73867857692135068274663726821417592846949822257689193740699179203258480209078
parameters: secp256r1 [NIST P-256,X9.62 prime256v1] (1.2.840.10045.3.1.7)

hmm

i wonder if i could make this a 512 bit EC and it'd still work

like versus cookies where the cookie indirectly controls the user's grants because the server uses it to check, vs the JWT where the server directly reads the permissions off of the JWT given it by the client

if the JWT was signed by the server, and the library/server designers aren't stupid, and the client just resends it like a cookie, i'd understand more

yes but the point is that

people are stupid

and because of that it's been bypassed

dumb

and like you said

"dont use jwts"

I personally never plan to

and I don't think anyone should

hmm

if i ever have to authenticate a client for something

and DONT wanna store cookies in my server

JWSes sound like an interesting idea

store cookies

objectively better method

memory wise no

otherwise I WILL bypass your security and I WILL give myself every single permission

cpu / simplicity wise i suppose

what? why would a client get to decide its permissions?

JWSes only intrinsically encode the certificate and a payload

because that's literally what you're doing with a JWT

nothing more

im saying JWS stupid

you're relying on something sent by the client to directly decide their permissions

idk what the difference is

JWS - json web signing (a payload is signed by someone with an embedded certificate)

idk how you'd use JWS for auth

JWT - json web token (a payload is signed by someone with something more... pretty sure this is built on top of JWS)

oh huh

you sign something with your servers private key, give that to the client

google says it's the other way around

JWS is a more specific kind of JWT

client gives it back, you check if its valid against your public key

if it is - OK, they're authenticated
otherwise - no

hmm thats interesting

so basically

JWS bad because it's a JWT

nuh uh

this is basic asymmetric cryptography

yep

ew

no

its not supposed to have that

no JWT is the payload

what?

the typ doesn't encode the payload

this is my header

ughghgh so much

so anyways

you're gonna get alg: "none"'d

actually no lemme rephrase that

rephrased: "nuh uh"

there

fixed it

well

alg none could be valid

for who

idk someone might not want to encrypt it for whatever reason

user choice

bad client design

ddosed

also it would be uhm

i dunno its just weird to me

DDOS(client) or client.DDOS()

how could you possibly rely on whatever the client gives you and

somehow let them forge a certificate

thats a total undermining of asymmetry

(and symmetric schemes are bad)

it's technically a valid option in jws :3

so

:3

nono DDOS is a builder with client as an option

yeah but when was beg ever rfc compliant

uhm

always?

never

i wrote our HTTP parser based on looks

the RFCs are so boring to read through

you were so rfc-compliant that you rejected HTTP headers because they weren't uppercased/lowercased properly

okay well i read through LITTLE BITS of rfcs

mhm sur

but if an rfc in some crevice says "no cheese header" i dont care im not listening

https://x.com/Edibleteacup/status/1925482568721605113/photo/1

buy me the kohkau merch

now

no

anyways I will personally never use jwt/jws/whatever

so

have fun

GUESS

WHO GOT

6 LITERS OF SODA1

1!!!!

not u

https://tenor.com/view/biden-joe-biden-joe-biden-speech-jill-biden-soda-gif-13746069287899435393

that's my soda

you're a college student you're ppoor

you have no soda

im actually abducting it rn

from you

you're gonna end up like bayachao

a freelance programmer whos schizo

OKAY ANYWAYS

now i need to uhh

figure out... how to get a certificate.. with my acme account

https://fixupx.com/i/status/1925386163742814597

btw

i hate to say this

their rust project is good.

key caching added

:3

UNFORTUNATELY!!

:3333333333333333333333

you're vibe coded

you ever wonder

where they keep the root certificate private keys

til https://en.wikipedia.org/wiki/Key_ceremony

still pending....

i should uninstall microsoft authenticator on my phone

the TOTP extractor is more than sufficient

mbmbm

need to make a DNS local protocol

TIL java has ACLs

user principal..

very very cool

should be vibe coding

enable JetBrains AI

IM EATING SALTINE CRACKERS

GO TO SLEEP

no

but actually yes

yes.

Go vibe code

no

im awing at my beautiful code.

which ill have to tear apart so it can be merged into BSL

asn1
acme
jws

dewit

ugh

you're making me mad aera. im going to include our ACME in breadmod

hhhhhhhhhhhhhh

need to create an X509 library

it worked!!!

OID...

so many

made it acceptable with java

hopefully it works with tls

FINALLY

woohoo it works!!!

finally

Received certificate with unexpected identifiers ("\f\x0fns-2.javart.zip, ns-2.javart.zip"): "identifier does not match expected identifier"

very close..

been coidng for 9 hours straight only just realized

IT VERIFIED

Shoulda vibe coded

our acme server is nearly donE!!!!!!!!

after 10 hours of straight work!!!

TIL

look at this certificate i literally wrote by paw!!!!

kemu hates me

QEMI*

QEMU*

https://wetdry.world/@ipg/114556851605376131

“by paw” you need help.

I JUST NEED TO WRITE ONE MORE CSR

did you get your own ca cert hmm

wdym

I assume you want to act as a ca with this acme server

i should elaborate on the name a little bit

right now it's essentially a two fold system

(or three fold depending on how you look at it)

• ACME microclient
• Loopback certificate retreival (gets a key pair from another CA, puts it in a P12, distributes)
• DNS temporary write server

to act as our own CA would require a LOT of money after doing some research

mainly in the focus of security and getting recognition

storing a root certificate on something less secure than an air gapped computer or HSM wouldn't bring the best reputation

we could act as a CA though, and write whatever certificates we want, as we have our own fully custom X.509 reader/writer

(that'd require more research in the ways of CRL/OCSP)

or manually importing your self-generated ca cert on your devices and giving everyone else a big fat warning

we don't operate any loopback services for that to be realistic though

need to export this to a module and create one for http-01

then when the DNS loopback service is up create dns-01

by the way

HSMs are incredibly expensive

but at least we'd have bragging rights?

there is one good thing about being a distributed organization though

we dont have to deal with switches or physical networking crap!

we're on completely different subnets

https://www.forbes.com/sites/danidiplacido/2025/05/21/its-official-michael-bay-will-direct-the-skibidi-toilet-movie/

hey networking is fun

no

yes

no

yes

http_router + maven_microserver is all you need

wrong

right

if you have more than a router and a modem your setup is bad

actually...

you've given me an idea!

i dunno if my codev will be receptive to me stealing ips from his router though

wow atp you have two whole devices for that? smh

yes

you need a modem and a router

bad design

it is conceptually the littlest you need

idiot

get a modem-router

you IDIOT

one device, both functions

i have a modem-router

!!!

its still conceptually a modem AND a router though

nah you just said you have a modem and also a router

omg

you're so stupid

what on his internal subnet?

and your code smells rusty

yes

seethe

DHCP is really easy to code

you have your own internal subnet use yours

and i wonder if i can go ahead and expand the amount of ports available on his server

by allocating more ips for the same server

my thinkcentre tiny isn't hardware ready for distributed setup yet

that's why i do most of my dev on his

leech

mf i am a co-owner of our org

rightful use of assets

the 2 japanese voices in my head are very nice to listen to.

you should add another router to route between your subnets

that's just not possible though

we are on completely different subnets [here].0.0.0

it’s totally possible

(or in in-addr notation 0.0.0.[here])

"get a job at ARIN miko"

"hijack their equipment miko"

yeah sure

no

you just get a machine with two NICs (or ig you could bind two IPs to one NIC) that’s connected to both subnets (either virtually or physically) and go from there

but why

direct connection :3

and thats not really a router

and ("physically")

that is a router because it would be directing traffic between the subnets

... let me just

im gonna need a BIG ethernet cable to get to his subnet..

physically could be like it’s connected to your home physically and your codev’s home virtually

stupid.

its not

theres still the ISP level

therefore its not a router

its just a fancy machine using the same ip

it’s still doing routing smh

MY OS HAS ROUTING BUILT IN!!!

It’s more of a virtual router

but it’s still a router

and

unless you had physical connections

the difference between a physical and virtual routers are neglible

but it would be cool :3

networking is fun

you're weird and lame.

networking is for stupid people who think getting a cybersecurity degree will get them paid stacks

ok bozo

says the one who rewrites literally every piece of software they can think of for 0 reason

blah blah blah

and also doesn’t go outside

okay well

that just means i have pracitcally infinite time

but outside looks REALLY nice rn

its overcast and on the verge of raining

I curse you to see no rain

no

it already rained and there was lightning too

tbh if I went full time after this internship ended I’d be making big bucks

well…pretty damn decent money

(working at a mcdonalds)

nope

that’s what you’re gonna do

unfortunately no company would want their own X.509 parsers

from a person without a diploma 💔

after you fail out of basic for not being able to run a mile under 15 minutes

mmmmmmm

not true!

the power of bayachao compels me to run fast

You’re right

Not under 20 :3

die .

can you just got o schoool or work already

nope

I don’t work Fridays :3

school

not yet at least

don’t have any summer classes :3

get rekt

ugh

and guess what I’d be doing atp.

making the big money.

I’d be networking

being poor

breaking companies servers

nah

getting datacenter guards to shoot you

nah

networking :3

I’ll just get your isp to disconnect you

AT&T would never

hard-code a rule in every router to not serve your IP

to black-hole any traffic destined for you

do you even know how to operate BIND?

get every isp to never issue you an ip again

man and you’re telling me you’re rewriting DNS instead of using BIND?

BECAUSE THE ISC SUCKS!!

“Whatever your application is, BIND 9 has the required features.”

sounds like you should use it

no.

we already have the features

grgrgrgrg

another day another hating it/cs/cybersec people

anyways your code is bad and you should feel bad

my code is peak and only my opinion matters

💯

you when you’re in the military and your network breaks but you killed all the IT people so there’s nobody who can fix it

LITERALLY ME

the it people would probably be mostly contractors though

mf be like “I hate external dependencies” but then uses the JVM (the biggest external dependency known to man)

and im fine with contractors

(base*)

not base

Your CPU and maybe your OS is the base

based

you're right

very based..

CPU as a base is bad design

very cringe

blah blah blah

go bootstrap your own assembler and rewrite all your code in assembly

ばにおばにおばにお

then you’ll have no external dependencies

ばにおばにおばにお

yknow

the funniest thing is that we've done that

god i love our experimental projects <333

bread experts more like slop experts

omg rust foundation mentioned!!!

slop language built by slop corporations and people

nah that was a JVM reference (you wouldn’t get it)

cause the JVM is peak

i know

nah

the JVM was the first piece of slop bloatware ever made

ever wonder why Sun went out of business? they died of cringe after they saw the JVM they made

best software and only software sun/oracle needed to develop to finish the human race

bought by oracle*

cause they died of cringe

and made into the physical manifestation of gods will

all hail the JVM

that’s called C89

❌

nmbmb

im hungry

oracle is bad

as a company

i despise oracle.

oracle is good

oracle is life

❌

but the OpenJDK community is better

yknow atp I think your entire purpose in life is just to rage bait people

HOW

my entire purpose is to write code.

I’d love to do some corporate SWE if getting a job in that field was even remotely possible rn

corporate swe...

probably involves java... or kotlin...

best job ever..

nah

realistically nowadays

probably involves TS

unfortunately still acceptable

TS is super easy to write but 99% of it is googling

eugh no TS is terrible

The T in TS stands for Terrible

the R in rust stands for

wait i cant say that

it stands for This

LOL

the K in kotlin stands for Keratitis

(i dont know any good words for K)

Reddit

TRUE

cause all rust users are redditors

ok have fun fighting with ts-node and ts-node-esm for 30 minutes trying every google solution known to man only do not know what you did to fix it

true..

jvm better

💪

I actually hate ts-node(-esm) so much

bun and Deno >>>

Java…?

JAVA VIRTUAL MACHINE

‼️

Java cringe machine

WAIT

java god machine

What do you need a JVM for

JAVA VOMIT MACHINE HAHAHAHAHAHAHAH

KYS

exactly this is what I’m saying

JAVA VERYGOOD MACHINE

you need a jvm for everything and thats how it should be

EWWWW JAVA

JVM == massive bloated external dependency

EWWWW JAVA

the JVM is NOT for running java

dont get that mixed up in your head

EWWWW JAVA

have you even read JVMS 2, 4 and 6????

TOO LATE! HAHAHAHAHA

search "rust" on gif search

and click on the second result

https://tenor.com/view/programming-rust-c-lang-cpp-cplusplus-gif-26743262

SO TRUE..

C users calling Rust “useless” after their 20th memory vulnerability of the day (their compiler didn’t tell them they did a use-after-free)

https://tenor.com/view/rust-femboy-gif-14213674384972433300

unfortunately i am a jvm user and am immune to every memory vulnerability

💪

Unfortunately I am a good programmer so I don’t need

Rust programs after they finish and look back at the JVM that’s still warming up

we found the c programmer

BAAHHH

Shit, they found me

I WILL MURDER YOUU

your stupid rust app is probably slower than it takes for startup

this might be you.

Id sooner gcc -std=c89 -pedantic than javac or kotlinc

what does that even mean

are you okay

Java user’s reaction to seeing a REAL compiler

this guys diseased

get him to a hospital

says the chaolet

ちゃお

ちゃお！！！！

What

https://tenor.com/view/makemon-bayachao-babio-furry-3d-gif-14086784688955344264

so sleepy

Mbmbmm

Sleeping

ACME CSR & Finalization shall commence ..???

18:00

commence NEVER

@spare quartz honestly terrorizing noelle with the mice is way more fun than snowgrave

saving this to use against you

Mbmb

Aera

I don’t wanna wake up

Please write my finalizing. Code

@timid quartz YO?

OK SO I WAS CHECKING VALVES STEAMOS PAGE

AND THEY UPDATED IT RECENTLY

https://store.steampowered.com/steamos/buildyourown

I SWEAR IT SAID STUFF ABOUT THE OLD ANICENT DEBIAN ONE

AND NOT THE NEWER ARCH ONE

another thing they updated

technically this SHOULD mean steamOS is public now (sort of)

kkkkkkkkkk

just stubeed my kenee

gonna die now

oh

are you okay??

https://youtu.be/X5czp2wjRV4https://youtu.be/X5czp2wjRV4

ok that just

sounds like it hurts

どんな曲作っても自分が作る限りもうダメかもしれんっていう無力感が襲ってきてなかなか動けない。作るのがただ楽しいってあんなに強いことだったんか

pretty cool

6月5日まで何日 works on google

Count your Days

oh it says Count Days lol mb

ye same

thats me

oh are they sick

thats not me then

biohazard

also hi how yall been

acme

whats that mean?

https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment

https://tenor.com/view/acme-daffy-duck-gif-8909993

your code

NO

hold on im validating again

invalid ‼️

KYS‼️

acme issuing authority response: kotlin user detected, invalidating all certs and banning ip...

how was that one discord "alternative" called

crow something?

crowdin??

corvy?

wait no that was the translation website

it's neat

snowdin

haven't used it much

yes that cabbage

OF COURSE IN SEATTLE.

OF COURSE.

nede to add... the... error reporting..

https://starfishneuroscience.com/blog/ultra-low-power-miniature-electrophysiological-electronics/

gabe newell SoC btw

"detail": "While processing CAA for tls-stage.javart.zip: DNS problem: query timed out looking up CAA for tls-stage.javart.zip"

GAHH

how

does it want a CAA on that domain..

oh ok

maybe this will work

I was dragged to a convention today

it won't

it will.

it was kinda fun but I didn't know anything there lol

if you used a pre-existing program it would /j

"pre existing program"

like?

idk if any of yall know https://www.momocon.com/ but ye

is that where moms meet or smth

yea I think so

I didn't know anything there but a some friends dragged me there

they were there to demo some robot

like idk. google for whatever ur trying to do.

there exists a program that someone already made

it was kinda cool ig

lots of people

no

there literally isn't

lots of traffic (haha atlanta traffic pt. 20281478274)

i hate it please get me out of this city please

uhm....

there's plenty of dns servers...

and none of them would work here you dolt.

they ALL would work there you dolt

no they dont

LOL are you still in downtown?

why not hmmmm

because our CAA operations work fine

or have to commute through downtown area

and also for your "acme" thing

https://letsencrypt.org/docs/client-options/

none of these are useful

they're all 100% useful

they're all useless

they have no knowledge of our DNS server

yknow what IS useless: the jvm

and cannot issue certificates locally

have you even USED certbot before

dude

certbot doesn't know how to configure DNS

and it cant support TLS-ALPN-01

you're so dumb

ok waah waah configure dns yourself

dumb stupid idiot.

who needs TLS-ALPN-01

blah blah balh.

https://cdn.discordapp.com/attachments/1108851440044232766/1238256437722091583/matpat_moment.gif

sounds like your use case is just bad

no

sounds like your server setup is just bad

everyones client is bad

idk vro the common denominator is you I think you're the one that's bad

nah

https://tenor.com/view/air-space-museum-gif-21352465

@spare quartz is it a bad idea to remove all checkmarks using ublock on twitter

no

(I also got rid of jobs, monetization and gork

@grok context?

me looking your code to find its usefulness

(my code is the house)

this is a high level joke

yeah and guess what the house is EMPTY

meaning 0 USEFULNESS FOUND INSIDE

idiot theres still STRUCTURE

you're still IN IT

ERROR 404 NO USE FOUND

COMFORTABLE!!!

in fact

i got rid of the concept of checkmarks

https://media.discordapp.net/attachments/906311605774614598/1206116357305933894/ok_blud_-_Made_with_Clipchamp.gif

I’m sending this to Terry

terryiscool160

what is kajiu paradise

Yeah I hope people don’t use me

I want people to like me not use me smh

literally what having a job means

ur mom

ur dad

(you are the coke bottle) (I am going to decapitate you)

how

oh the video said how too

yea agreed video

I HAVE A COKE BOTTLE

2 LITERS

yeah you BUILT like a 2L coke bottle

https://tenor.com/view/shower-duolingo-please-take-a-shower-immediately-take-a-shower-gif-23968576

https://media.discordapp.net/attachments/951608744729522227/1120878493908082718/IMG_7974.gif

yeah okay aera

im drinking my beer be quiet

ちゃお！！！

ちゃお死

https://kiro247.booth.pm/

耐ちゃお

https://kemobayashi.booth.pm/

smite

wasn't this atps profile pic at some point in time when neco was still a thing

I think so

https://cdn.discordapp.com/attachments/1274612080405905472/1290581810069110794/cat1611bearing.gif?ex=68322339&is=6830d1b9&hm=a4728ebdd32159f7b5e715d454e7a20d0493eb8e8ec304ea4584c8143ea5fedc&width=714&height=953&

Copyright (c) 1993-2009 Microsoft Corp.

This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

This file contains the mappings of IP addresses to host names. Each

@timid quartz do you wanna see furry basil

sure

probably bunny

yeah bunny guessed it

need 2 look into this dns errors...

though....why is it vaguely bayachao art style

that's

thats not

not bayachao

you can tell from the eyes

and paws

VAGUELY!!!

you're blind

its probably by an asian

im gonna take a guess and say korean/japanese

@lone sky whom is it

the latter

funnily enough, they follow said person that made it

hmm

i wonder why the memory stat for dns went up so high after retuning it?

it doesn't appear to be physical memory

but it does cause a tiny blip on cached

maybe its the -server and -XX:+AlwaysPreTouch

12 days until:

Allowing the GC to commit and uncommit memory while the application is running could have a negative impact on the latency of Java threads. If extremely low latency is the main reason for running with ZGC, consider running with the same value for -Xmx and -Xms, and use -XX:+AlwaysPreTouch to page in memory before the application starts.

i see

unfortunately with the update of our dns server

the last screen instance resident in our memory is gone

it lasted 4 days in there 💔

there

CAA fix complete

okay CSR time

cause it SUCKS!!!!

cause YOU suck

it vented like 90% of it anyways

theres this JVM thing called "flight recorder"

need to figure out what it does/if its useful

okay thats pretty cool

okay

jcmd might be the best thing ever

exposes a ton of data about the jvm

hmm

if you hyperfixate on deltarune instead of your gay japanese furry game instead im all for it

❓

boyacacho or whagever

i sent that image for aera since they're deltarune addicted

fuck

i will murder you eventually

valid

https://www.amazon.com/TEAMGROUP-Internal-Compatible-Desktop-TM8PS7001T0C101/dp/B07GL4M3HX

ngl

bro your about as bad as her when it comes to hyperfixations

you are just a hater of anything me and atp like

so sybau

smh

||and yes i'm kidding||

sigh

we need 314 more microservers

more mouse bites

@timid quartz

qsst logo

yeah

worst subreddit ever..

CSR made..

Error parsing certificate request: asn1: structure error: tags don't match (0 vs {class:2 tag:0 length:0 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:\u003cnil\u003e tag:0xc00169efa0 stringType:0 timeType:0 set:false omitEmpty:false} @129

apparently let's encrypt's ACME backend is written in go

that's pretty cool

Finalize ... [200] {
                                                                         "status": "processing",
                                                                         "expires": "2025-05-31T04:51:15Z",
                                                                         "identifiers": [
                                                                           {
                                                                             "type": "dns",
                                                                             "value": "tls-stage.javart.zip"
                                                                           }
                                                                         ],
                                                                         "authorizations": [
                                                                           "https://acme-staging-v02.api.letsencrypt.org/acme/authz/201708814/17554242134"
                                                                         ],
                                                                         "finalize": "https://acme-staging-v02.api.letsencrypt.org/acme/finalize/201708814/24855154234"
                                                                       }

it finalized!

our acme client works!!!

there

now just gotta put it in a P12..

works on the live version too

now to add some safety mechanisms to

• renew if a previous cert was detected
• (or revoke)
• issue P12 immediately if neither specified

so many flags

rust user.... vb,l,glfsdf023423;tg/b/

https://furry.engineer/@pastthepixels/113857643523891664

but it is pretty cool

right...

since ive got this working... that means i need to finally put all of this in BSL

pain

first need to make KeyPairFile destroyable

best interface ever made

it is

I saw people using it earlier

sadly no arm version for switch

😭

holy shit that sounds so good

I am downloading now ragh

decompressing its zip crashed pea7z

```./cmdjewel: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.39' not found (required by ./cmdjewel)

I am not finding some obscure version of libc to play a game only my mother is skilled at

glibc 2.39 isnt obscure its just annoying

It still doesnt come built in so its now osbucre

anyways I finally have a higher half map kernel 😭

kernels were never supposed to be at the edge of virtual memory

return to using physical memory addressing

but thats annoying

I tried to do that but I would either haved to implement that table thing that I cant find anything on

or find a C compiler that supports using lea

as in the LEA instruction?

im not a c programmer

yea

Im using it in the bootstrap for the kernel

they should all support that

they dont apparently

LEA is an essential instruction

wtf

well they use lea

but they wont use it for addressing

when I compile as a relocatable object it instead makes a symbol table instead and I really dont care to load that too

plus that table also breaks having bootstrap assembly code infront of the kernel

so I'd haved to implement everything in every bootloader instead of simply having the kernel be loaded to a random place in memory then given a memory map like it can be now

its dissapointing right :sob;

im shorts binging unfortunatel

lmao

I completely blocked that stuff so I dont even start shorts binging

and it's really easy to break off the trend now that its giving me shit shorts too lol

mbmbm

wanna write another RFC for the JDK too now

realizing it doesn't have (standardized) ASN.1 parsing

unfortunately i cannot write in the formality rfcs want

reading in the formality that rfc's want kills my brain

woohoo

an issued P12

gonna try this on the production server and see if it really authenticates

now, need to make it support multiple site verification..

you should try to go sleeb

no

i need to complete this CSR

OH

i fixed the CSR

and it works on the linux server!!

even the permission fix

FOUND ISSUING ON STAGING ENDPOINT CAUSING SSL FAILURE

but i fixed that :3

(always check the -acme_directory parameter before running)

now i just need to add http-01 and dns-01

What 2 even code

acme client!!!!!!

(but actually try and make a comfortable to use x.509 parser/writer)

welp time to go shower

athst enough ACMEing for today

https://youtube.com/shorts/CcclLP6UDaM?si=juayYZ3fN-IMSqsG

OK, goodnight

jkcant sleep

must issue

521 bit certificate.

@timid quartz sooo

i was trying to reconfigure the flags on dns to ensure its memory was constant to prevent any instabilities and

i dunno how

but it's somehow at an even lower use on btop with 128 huge pages

ALPN/SNI deployed

SNI works

come sooner.....

added ACME profile support

with the save_certificate_sign_requests and tls_alpn_01_save_temporary_certificate flags

https://docs.rs/x509-parser/latest/x509_parser/ :3

but you didnt write it yourself

lame

anyways i automated our client

https://maven.javart.zip/org/bread_experts_group/acme_microserver-code/1.0.0/
https://github.com/Bread-Experts-Group/acme_microserver

now open source

Okay on bed now.

That’s the glory of having an ecosystem

And

What does it matter

Don’t have to reinvent the wheel

the JDK has an X.509 parser built in too, yes

The issue arises when constructing an X.509 certificate / CSR with the exact parameters I need

The only way to do that is

• import bouncy castle, eugh
• rely on sun.* libraries, not allowed

Or the third option

• use BSL Parser and write the ASN.1 data classes

Which is arguably the easiest out of all three

I mean sure

Within the constraints you have placed on yourself

That’s the easiest

Well it is

Objectively

But if you removed the constraints then an easier overall solution would arise

Reliance on bouncy castle is massive

And using sun.* classes is not allowed

As agreed by every JDK developer along with Oracle

There isn’t a “constraint” on myself here

just avoidance of worse options

uh what about this thing https://docs.oracle.com/javase/8/docs/api/javax/security/cert/X509Certificate.html

You cannot construct certificates with that

It is strictly for parsing X.509 data

But, if it’s worth anything, I do use it

https://github.com/hongkongkiwi/certificateutils or maybe this :3 it says it can generate CSRs

Hong Kong reference??

1 contributor… 7 months ago..

I don’t care?

Nah he the goat probably

0 bugs

😭

Additionally this has emphasis on android

And the structure is all crap

Can it even construct ASN.1 data?

Sigh

It uses bouncy castle

Why not use bouncy castle

Because it is massive and largely unimportant

I do not need dedicated CSR and X.509 classes for every possible scenario

I need these exact OIDs in a specific format

Sounds good to me

ok but if you don't include them (and the code you include doesn't either) then you won't compile it :3

?

What does this have to do with anything

makes bouncy castle a less massive requirement

because you don't use it all

No

The entire JAR of bouncy castle must be loaded for it to be used in a real application

oh ok

womp womp use bouncy castle

Compilation is barely an issue WRT JVM anyways

It’s incredibly quick

Especially since javac/kotlinc can do minimal optimizations

Shut it rustlet

Eat ramen

I will

Ramen is delicious

It is not.

so is rust once you do the first build

Who said anything about rust

Stop being queer.

it is

it's so good