BenBE

Not implementing the SECTION command breaks (m)any usecases that involve building firmware images for embedded systems. E.g., linking firmware for the STM32 MCU family relies on a custom linker script...

For normal package builds on some host OS you're likely very fine without `SECTION` support. Only when you need to produce image files that can be flashed onto some embedded...

If I read the Haskell code correctly, the offending call is [this one](https://github.com/ghc/ghc/blob/40c0f67fb557b8d0d02eb805eb94db378489d580/compiler/GHC/SysTools/Info.hs#L188-L190): ```hs (exitc, stdo, stde)

Isn't the first one supposed to be `+?`?

I think there are two main aspects with the magic numbers that should be kept in mind when applying the rules for avoiding them: 1. DRY 2. Ensure descriptiveness and...

What about just avoiding the nesting of the main chunk of RIFF. This still limits per-chunk data to ~2/4GiB, but causes any implementation to expect reading to EOF. Thus as...

Totally understandable. To simplify the "verification" you could even make the list of log server keys just that - similar to the list of trusted CAs for the certificate verification....

Minor heads-up on this: * SCT validation and management of CT log servers is available in the OpenSSL v1.1.0 API onwards. Due to the hassle of maintaining two versions of...

First part of the patch done; mostly fighting with keeping changes to a minimum and including OpenSSL API calls to CTLog/SCT API - which as expected is best explained by...

Okay, time for a new status update: Patch itself is written and is available at https://github.com/BenBE/nginx-ct/tree/check_sct for review. Code neither tested if it compiles nor if it fully works. This...