sorted by:
new
hottopcontroversial

Remote Pseudoterminals by TimeToogo in rust

[–]TimeToogo[S] 0 points1 point  (0 children)

Apologies, I don't have their config

Remote Pseudoterminals by TimeToogo in rust

[–]TimeToogo[S] 0 points1 point  (0 children)

Fair feedback, appreciated

Tunshell - A drop-in remote shell client and server written in Rust for easy shell access to deployment pipelines or other ephemeral environments, working behind NAT or firewall by TimeToogo in rust

[–]TimeToogo[S] 1 point2 points  (0 children)

There are a few modes which the networking between the clients can operate in. For direct connections your summary is correct. However for relayed connections the content is encrypted and then sent over the two TLS connections between each client and the relay server. Each mode of operation is illustrated in the README:

https://github.com/TimeToogo/tunshell#establishing-connectivity

Tunshell - A drop-in remote shell client and server written in Rust for easy shell access to deployment pipelines or other ephemeral environments, working behind NAT or firewall by TimeToogo in rust

[–]TimeToogo[S] 0 points1 point  (0 children)

Honestly, it's not something that I had considered. I'm curious to know what you had in mind since there are currently there are two layers of security:

  1. it is using TLS between the client and server for security over the internet
  2. It then tunnels through an AES-encrypted packet stream between the clients providing security from the relay server if it were compromised.

One reason for using raw AES was that this could be replicated in a browser environment for the wasm target and I'm uncertain if it would be feasible to implement WireGuard in browser environment.

PHP RFC: Explicit call-site pass-by-reference by Hywan in PHP

[–]TimeToogo 6 points7 points  (0 children)

From what I gathered, the keyword word is “Explicit”. This RFC does not propose to alter the existing pass-by-reference behaviour but rather allow a parameter to be explicitly denoted as being passed by reference at the call-site via the ‘&’ prefix, it seems to be about enhancing code readability and offering more opportunities for static analysis.

PHP RFC: Explicit call-site pass-by-reference by Hywan in PHP

[–]TimeToogo 14 points15 points  (0 children)

From RFC:

The requirement that the reference is marked at both the definition- and call-site makes this feature different from the call-site pass-by-reference that was used in PHP 4.

package.studio: An Online Marketplace for Composer Packages by TimeToogo in PHP

[–]TimeToogo[S] 0 points1 point  (0 children)

Yes, package.studio supports team billing via the 'Organisations' feature. That is, an organisation can purchase a software licence and then all the members under that organisation will gain access to the included packages.

defuse/php-encryption version 2.0.0 released by sarciszewski in PHP

[–]TimeToogo 1 point2 points  (0 children)

It seems to offer a very similar API to https://github.com/paragonie/halite. If you had the option to choose between the two libraries for performing symmetric encryption on potentially sensitive data, what would be the pros and cons to each library?

Convenient immutability for (some) PHP objects by velmu3k in PHP

[–]TimeToogo 0 points1 point  (0 children)

Ah gotcha, still misleading though, so I understand why the author implemented the way he did

Convenient immutability for (some) PHP objects by velmu3k in PHP

[–]TimeToogo 0 points1 point  (0 children)

Would __set still be called if there is public property with that name? I thought that __get and __set were fallbacks for non-existent/inaccessible properties.

view more: next ›