Hi all,
After many months of extensive work, version 2.0 of the Tcl client for the NATS message broker is finally out :)
https://github.com/Kazmirchuk/nats-tcl/releases/tag/v2.0
and special thanks to ANT Solutions for their contributions!
What is NATS?
NATS is an open-source lightweight message bus with high performance, clear documentation and very easy to use. The server is written in Go, and client libraries are available in many languages. You can learn more about NATS at https://nats.io
The new nats-tcl release comes with extensive JetStream support that provides at-least-once and exactly-once delivery guarantees.
Also, if you are looking for a replacement for MQTT, NATS supports MQTT out of the box and can be used as a drop-in replacement.
I believe that nats-tcl can be especially useful in integrating legacy Tcl components with newer software written in other languages, e.g. in the industrial monitoring domain.
I am also planning to write a blog post somewhere (probably medium.com, unless anyone has better suggestions?) about my findings and impressions of working with Tcl in 2023. To be honest, I was particularly annoyed by 2 bugs:
- in core Tcl: https://core.tcl-lang.org/tcl/tktview/ea69b0258a9833cb61ada42d1fc742d90aec04d0
- and in TclTLS (9y old!) : https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11
If somebody could take a look at them, it would be great.
Petro
I see...
I find channel transforms a unique concept that is immensely useful for testing of network protocols with its ability to sniff/inject/intercept data going through a socket. Don't know of any other programming language having such feature.
I haven't heard of the "other" TLS package (based on OpenSSL I suppose?) where can I find it?
Hi all,
After many months of extensive work, version 2.0 of the Tcl client for the NATS message broker is finally out :)
https://github.com/Kazmirchuk/nats-tcl/releases/tag/v2.0
and special thanks to ANT Solutions for their contributions!
What is NATS?
NATS is an open-source lightweight message bus with high performance, clear documentation and very easy to use. The server is written in Go, and client libraries are available in many languages. You can learn more about NATS at https://nats.io
The new nats-tcl release comes with extensive JetStream support that provides at-least-once and exactly-once delivery guarantees.
Also, if you are looking for a replacement for MQTT, NATS supports MQTT out of the box and can be used as a drop-in replacement.
I believe that nats-tcl can be especially useful in integrating legacy Tcl components with newer software written in other languages, e.g. in the industrial monitoring domain.
I am also planning to write a blog post somewhere (probably medium.com, unless anyone has better suggestions?) about my findings and impressions of working with Tcl in 2023. To be honest, I was particularly annoyed by 2 bugs:
- in core Tcl: https://core.tcl-lang.org/tcl/tktview/ea69b0258a9833cb61ada42d1fc742d90aec04d0
- and in TclTLS (9y old!) : https://core.tcl-lang.org/tcltls/tktview/3c42b2ba11
If somebody could take a look at them, it would be great.
Petro
Ashok, your book has been my go-to reference all the time :)
Regarding TLS, if you add the -command option, you'll see a more detailed error: "unable to get local issuer certificate". I get the same error also when connecting to valid hosts under badssl.com. So, it doesn't even begin checking SAN.
TBH I'm not sure how to get CA of badssl.com properly. I tried downloading from Firefox and using them with "openssl s_client" with no luck either.
Anyway, what I did use for my experiments was mkcert: https://github.com/FiloSottile/mkcert
Then I pass -cafile to TclTLS and connect to a local "openssl s_server"
I had no doubts that twapi works correctly :) but I guess Tcl user base on Linux is much larger than on Windows? given how many people on Github ignore TIP 477
AFAICS the -servername option is used only for SNI, so that a server knows which certificate to provide.
I suspect, fixing the bug may be a matter of calling
SSL_set1_host(ssl, "expected.host.name")
(which is not done yet in the sources)
If I send a patch, would someone be able to go thru all formalities in Fossil? I'm not keen on setting it up TBH.
The question is, do we want it to be a new default with an option to disable, or vice versa?
I had no doubts that twapi works correctly :) but I guess Tcl user base on Linux is much larger than on Windows? given how many people on Github ignore TIP 477
AFAICS the -servername option is used only for SNI, so that a server knows which certificate to provide.
I suspect, fixing the bug may be a matter of calling
SSL_set1_host(ssl, "expected.host.name")
(which is not done yet in the sources)
If I send a patch, would someone be able to go thru all formalities in Fossil? I'm not keen on setting it up TBH.
The question is, do we want it to be a new default with an option to disable, or vice versa?
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 715 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 40:19:24 |
| Calls: | 12,109 |
| Files: | 15,006 |
| Messages: | 6,518,397 |