Alexander Sosedkin

Oh, nice! The workaround is enough for my purposes. Re. invalidating the entire cache vs just `current_job` --- I don't have an opinion.

> Is it only with ZLIB? What about Brotli and Zstd? Yes, the other two decompressed fine in my testing. >> Note that without a `-comp_cert` on the server, compression...

@tmshort, thumbs up. Tried that one, zlib-compressed data is now decompressable.

On April 22, 2022 11:17:43 PM GMT+02:00, smuellerDD ***@***.***> wrote: >Am Montag, 28. März 2022, 12:55:58 CEST schrieb Alexander Sosedkin: > > > >Hi Alexander, > > > >sorry for...

Yes, this has been found with a test I'm planning to add to tlsfuzzer.

Still relevant. Please supply this nmd thing as a flake so that I can build my configuration on Hydra: `error: access to URI 'https://gitlab.com/api/v4/projects/rycee%2Fnmd/repository/archive.tar.gz?sha=91dee681dd1c478d6040a00835d73c0f4a4c5c29' is forbidden in restricted mode`

I've found out that another workaround besides `allowed-uris`, one that doesn't require modifying nix configuration of your users would be to use `derivation = { builder = "builtin:fetchurl"; ...}`.

Example (AES, others have similar variety): * A check on a plaintext length in decode: https://github.com/tomato42/tlslite-ng/blob/cef7d75f79fd746c001b339399257098a00b46be/tlslite/utils/aes.py#L30 * Invocation of this check from openssl implementation: https://github.com/tomato42/tlslite-ng/blob/cef7d75f79fd746c001b339399257098a00b46be/tlslite/utils/openssl_aes.py#L41 * A different style of...

By mistake.

See https://github.com/nix-community/nix-on-droid/pull/203