Pushed by YOCaml 2

This commit is contained in:
The Robur Team 2024-10-29 11:03:10 +00:00
parent e2d2d45224
commit d3edee6020
19 changed files with 415 additions and 169 deletions

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Python&apos;s `str.__repr__()` Robur's blogPython&apos;s `str.__repr__()`
</title> </title>
<meta name="description" content="Reimplementing Python string escaping in OCaml"> <meta name="description" content="Reimplementing Python string escaping in OCaml">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Python&apos;s `str.__repr__()`</h1> <h1>Python&apos;s `str.__repr__()`</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Python">Python</a></li><li><a href="/tags.html#tag-unicode">unicode</a></li></ul><p>Sometimes software is written using whatever built-ins you find in your programming language of choice. <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Python">Python</a></li><li><a href="https://blog.robur.coop/tags.html#tag-unicode">unicode</a></li></ul><p>Sometimes software is written using whatever built-ins you find in your programming language of choice.
This is usually great! This is usually great!
However, it can happen that you depend on the precise semantics of those built-ins. However, it can happen that you depend on the precise semantics of those built-ins.
This can be a problem if those semantics become important to your software and you need to port it to another programming language. This can be a problem if those semantics become important to your software and you need to port it to another programming language.

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - MirageVPN and OpenVPN Robur's blogMirageVPN and OpenVPN
</title> </title>
<meta name="description" content="Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library"> <meta name="description" content="Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,12 +20,12 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>MirageVPN and OpenVPN</h1> <h1>MirageVPN and OpenVPN</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-MirageVPN">MirageVPN</a></li><li><a href="/tags.html#tag-OpenVPN">OpenVPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul><p>At <a href="https://robur.coop/">Robur</a> we have been busy at work implementing our OpenVPN™-compatible MirageVPN software. <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-MirageVPN">MirageVPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-OpenVPN">OpenVPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul><p>At <a href="https://robur.coop/">Robur</a> we have been busy at work implementing our OpenVPN™-compatible MirageVPN software.
Recently we have implemented the <a href="miragevpn-server.html">server side</a>. Recently we have implemented the <a href="https://blog.robur.coop/articles/miragevpn-server.html">server side</a>.
In order to implement this side of the protocol I studied parts of the OpenVPN™ source code and performed experiments to understand what the implementation does at the protocol level. In order to implement this side of the protocol I studied parts of the OpenVPN™ source code and performed experiments to understand what the implementation does at the protocol level.
Studying the OpenVPN™ implementation has lead me to discover two security issues: CVE-2024-28882 and CVE-2024-5594. Studying the OpenVPN™ implementation has lead me to discover two security issues: CVE-2024-28882 and CVE-2024-5594.
In this article I will talk about the relevant parts of the protocol, and describe the security issues in detail.</p> In this article I will talk about the relevant parts of the protocol, and describe the security issues in detail.</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Runtime arguments in MirageOS Robur's blogRuntime arguments in MirageOS
</title> </title>
<meta name="description" content="The history of runtime arguments to a MirageOS unikernel"> <meta name="description" content="The history of runtime arguments to a MirageOS unikernel">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Runtime arguments in MirageOS</h1> <h1>Runtime arguments in MirageOS</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li></ul><p>TL;DR: Passing runtime arguments around is tricky, and prone to change every other month.</p> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li></ul><p>TL;DR: Passing runtime arguments around is tricky, and prone to change every other month.</p>
<h2 id="motivation"><a class="anchor" aria-hidden="true" href="#motivation"></a>Motivation</h2> <h2 id="motivation"><a class="anchor" aria-hidden="true" href="#motivation"></a>Motivation</h2>
<p>Sometimes, as an unikernel developer and also as operator, it's nice to have <p>Sometimes, as an unikernel developer and also as operator, it's nice to have
some runtime arguments passed to an unikernel. Now, if you're into OCaml, some runtime arguments passed to an unikernel. Now, if you're into OCaml,

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel Robur's blogMeet DNSvizor: run your own DHCP and DNS MirageOS unikernel
</title> </title>
<meta name="description" content="The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP."> <meta name="description" content="The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</h1> <h1>Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-DNSvizor">DNSvizor</a></li></ul><p>TL;DR: We got <a href="https://nlnet.nl/entrust/">NGI0 Entrust (via NLnet)</a> funding for developing <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-DNSvizor">DNSvizor</a></li></ul><p>TL;DR: We got <a href="https://nlnet.nl/entrust/">NGI0 Entrust (via NLnet)</a> funding for developing
<a href="https://nlnet.nl/project/DNSvizor/">DNSvizor</a> - a DNS resolver and <a href="https://nlnet.nl/project/DNSvizor/">DNSvizor</a> - a DNS resolver and
DHCP server. Please help us by <a href="https://github.com/robur-coop/dnsvizor/issues/new">sharing with us your dnsmasq DHCP server. Please help us by <a href="https://github.com/robur-coop/dnsvizor/issues/new">sharing with us your dnsmasq
configuration</a>, so we can configuration</a>, so we can

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - How has robur financially been doing since 2018? Robur's blogHow has robur financially been doing since 2018?
</title> </title>
<meta name="description" content="How we organise as a collective, and why we&apos;re doing that."> <meta name="description" content="How we organise as a collective, and why we&apos;re doing that.">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>How has robur financially been doing since 2018?</h1> <h1>How has robur financially been doing since 2018?</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-finances">finances</a></li><li><a href="/tags.html#tag-cooperative">cooperative</a></li></ul><p>Since the beginning, robur has been working on MirageOS unikernels and getting <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-finances">finances</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cooperative">cooperative</a></li></ul><p>Since the beginning, robur has been working on MirageOS unikernels and getting
them deployed. Due to our experience in hierarchical companies, we wanted to them deployed. Due to our experience in hierarchical companies, we wanted to
create something different - a workplace without bosses and management. Instead, create something different - a workplace without bosses and management. Instead,
we are a collective where everybody has a say on what we do, and who gets how we are a collective where everybody has a say on what we do, and who gets how

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - GPTar Robur's blogGPTar
</title> </title>
<meta name="description" content="Hybrid GUID partition table and tar archive"> <meta name="description" content="Hybrid GUID partition table and tar archive">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>GPTar</h1> <h1>GPTar</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-gpt">gpt</a></li><li><a href="/tags.html#tag-tar">tar</a></li><li><a href="/tags.html#tag-mbr">mbr</a></li><li><a href="/tags.html#tag-persistent storage">persistent storage</a></li></ul><p>At <a href="https://robur.coop/">Robur</a> we developed a piece of software for mirroring or exposing an <a href="https://opam.ocaml.org/">opam</a> repository. <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-gpt">gpt</a></li><li><a href="https://blog.robur.coop/tags.html#tag-tar">tar</a></li><li><a href="https://blog.robur.coop/tags.html#tag-mbr">mbr</a></li><li><a href="https://blog.robur.coop/tags.html#tag-persistent storage">persistent storage</a></li></ul><p>At <a href="https://robur.coop/">Robur</a> we developed a piece of software for mirroring or exposing an <a href="https://opam.ocaml.org/">opam</a> repository.
We have it deployed at <a href="https://opam.robur.coop/">opam.robur.coop</a>, and you can use it as an alternative to opam.ocaml.org. We have it deployed at <a href="https://opam.robur.coop/">opam.robur.coop</a>, and you can use it as an alternative to opam.ocaml.org.
It is usually more up-to-date with the git <a href="https://github.com/ocaml/opam-repository">opam-repository</a> than opam.ocaml.org although in the past it suffered from <a href="https://blog.osau.re/articles/lwt_pause.html">occasional availability issues</a>. It is usually more up-to-date with the git <a href="https://github.com/ocaml/opam-repository">opam-repository</a> than opam.ocaml.org although in the past it suffered from <a href="https://blog.osau.re/articles/lwt_pause.html">occasional availability issues</a>.
I can recommend reading Hannes' post about <a href="https://hannes.robur.coop/Posts/OpamMirror">opam-mirror</a>. I can recommend reading Hannes' post about <a href="https://hannes.robur.coop/Posts/OpamMirror">opam-mirror</a>.

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Cooperation and Lwt.pause Robur's blogCooperation and Lwt.pause
</title> </title>
<meta name="description" content="A disgression about Lwt and Miou"> <meta name="description" content="A disgression about Lwt and Miou">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Cooperation and Lwt.pause</h1> <h1>Cooperation and Lwt.pause</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Scheduler">Scheduler</a></li><li><a href="/tags.html#tag-Community">Community</a></li><li><a href="/tags.html#tag-Unikernel">Unikernel</a></li><li><a href="/tags.html#tag-Git">Git</a></li></ul><p>Here's a concrete example of the notion of availability and the scheduler used <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Scheduler">Scheduler</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Community">Community</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Unikernel">Unikernel</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Git">Git</a></li></ul><p>Here's a concrete example of the notion of availability and the scheduler used
(in this case Lwt). As you may know, at Robur we have developed a unikernel: (in this case Lwt). As you may know, at Robur we have developed a unikernel:
<a href="https://git.robur.coop/robur/opam-mirror">opam-mirror</a>. It launches an HTTP service that can be used as an <a href="https://git.robur.coop/robur/opam-mirror">opam-mirror</a>. It launches an HTTP service that can be used as an
OPAM overlay available from a Git repository (with <code>opam repository add &lt;name&gt; &lt;url&gt;</code>).</p> OPAM overlay available from a Git repository (with <code>opam repository add &lt;name&gt; &lt;url&gt;</code>).</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - MirageVPN updated (AEAD, NCP) Robur's blogMirageVPN updated (AEAD, NCP)
</title> </title>
<meta name="description" content="How we resurrected MirageVPN from its bitrot state"> <meta name="description" content="How we resurrected MirageVPN from its bitrot state">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,12 +20,12 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>MirageVPN updated (AEAD, NCP)</h1> <h1>MirageVPN updated (AEAD, NCP)</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul><h2 id="updating-miragevpn"><a class="anchor" aria-hidden="true" href="#updating-miragevpn"></a>Updating MirageVPN</h2> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul><h2 id="updating-miragevpn"><a class="anchor" aria-hidden="true" href="#updating-miragevpn"></a>Updating MirageVPN</h2>
<p>As announced <a href="miragevpn.html">earlier this month</a>, we've been working hard over the last months on MirageVPN (initially developed in 2019, targeting OpenVPN™ 2.4.7, now 2.6.6). We managed to receive funding from <a href="https://www.assure.ngi.eu/">NGI Assure</a> call (via <a href="https://nlnet.nl">NLnet</a>). We've made over 250 commits with more than 10k lines added, and 18k lines removed. We closed nearly all old issues, and opened 100 fresh ones, of which we already closed more than half of them. :D</p> <p>As announced <a href="https://blog.robur.coop/articles/miragevpn.html">earlier this month</a>, we've been working hard over the last months on MirageVPN (initially developed in 2019, targeting OpenVPN™ 2.4.7, now 2.6.6). We managed to receive funding from <a href="https://www.assure.ngi.eu/">NGI Assure</a> call (via <a href="https://nlnet.nl">NLnet</a>). We've made over 250 commits with more than 10k lines added, and 18k lines removed. We closed nearly all old issues, and opened 100 fresh ones, of which we already closed more than half of them. :D</p>
<h3 id="actual-bugs-fixed-that-were-leading-to-non-working-miragevpn-applications"><a class="anchor" aria-hidden="true" href="#actual-bugs-fixed-that-were-leading-to-non-working-miragevpn-applications"></a>Actual bugs fixed (that were leading to non-working MirageVPN applications)</h3> <h3 id="actual-bugs-fixed-that-were-leading-to-non-working-miragevpn-applications"><a class="anchor" aria-hidden="true" href="#actual-bugs-fixed-that-were-leading-to-non-working-miragevpn-applications"></a>Actual bugs fixed (that were leading to non-working MirageVPN applications)</h3>
<p>In more detail, we had a specific configuration running over all the years, namely UDP mode with static keys (no TLS handshake, etc.). There were several issues (bitrot) that we encountered and solved along the path, amongst others:</p> <p>In more detail, we had a specific configuration running over all the years, namely UDP mode with static keys (no TLS handshake, etc.). There were several issues (bitrot) that we encountered and solved along the path, amongst others:</p>
<ul> <ul>
@ -35,7 +35,7 @@
</ul> </ul>
<p>To avoid any future breakage while revising the code (cleaning it up, extending it), we are now building several unikernels as part of our CI system. We also have setup OpenVPN™ servers with various configurations that we periodically test with our new code (we'll also work on further automation thereof).</p> <p>To avoid any future breakage while revising the code (cleaning it up, extending it), we are now building several unikernels as part of our CI system. We also have setup OpenVPN™ servers with various configurations that we periodically test with our new code (we'll also work on further automation thereof).</p>
<h3 id="new-features-aead-ciphers-supporting-more-configuration-primitives"><a class="anchor" aria-hidden="true" href="#new-features-aead-ciphers-supporting-more-configuration-primitives"></a>New features: AEAD ciphers, supporting more configuration primitives</h3> <h3 id="new-features-aead-ciphers-supporting-more-configuration-primitives"><a class="anchor" aria-hidden="true" href="#new-features-aead-ciphers-supporting-more-configuration-primitives"></a>New features: AEAD ciphers, supporting more configuration primitives</h3>
<p>We added various configuration primitives, amongst them configuratble tls ciphersuites, minimal and maximal tls version to use, <a href="miragevpn.html">tls-crypt-v2</a>, verify-x509-name, cipher, remote-random, ...</p> <p>We added various configuration primitives, amongst them configuratble tls ciphersuites, minimal and maximal tls version to use, <a href="https://blog.robur.coop/articles/miragevpn.html">tls-crypt-v2</a>, verify-x509-name, cipher, remote-random, ...</p>
<p>From a cryptographic point of view, we are now supporting more <a href="https://github.com/robur-coop/miragevpn/pull/108">authentication hashes</a> via the configuration directive <code>auth</code>, namely the SHA2 family - previously, only SHA1 was supported, <a href="https://github.com/robur-coop/miragevpn/pull/125">AEAD ciphers</a> (AES-128-GCM, AES-256-GCM, CHACHA20-POLY1305) - previously only AES-256-CBC was supported.</p> <p>From a cryptographic point of view, we are now supporting more <a href="https://github.com/robur-coop/miragevpn/pull/108">authentication hashes</a> via the configuration directive <code>auth</code>, namely the SHA2 family - previously, only SHA1 was supported, <a href="https://github.com/robur-coop/miragevpn/pull/125">AEAD ciphers</a> (AES-128-GCM, AES-256-GCM, CHACHA20-POLY1305) - previously only AES-256-CBC was supported.</p>
<h3 id="ncp---negotiation-of-cryptographic-parameters"><a class="anchor" aria-hidden="true" href="#ncp---negotiation-of-cryptographic-parameters"></a>NCP - Negotiation of cryptographic parameters</h3> <h3 id="ncp---negotiation-of-cryptographic-parameters"><a class="anchor" aria-hidden="true" href="#ncp---negotiation-of-cryptographic-parameters"></a>NCP - Negotiation of cryptographic parameters</h3>
<p>OpenVPN™ has a way to negotiate cryptographic parameters, instead of hardcoding them in the configuration. The client can propose its supported ciphers, and other features (MTU, directly request a push message for IP configuration, use TLS exporter secret instead of the hand-crafted (TLS 1.0 based PRF), ...) once the TLS handshake has been completed.</p> <p>OpenVPN™ has a way to negotiate cryptographic parameters, instead of hardcoding them in the configuration. The client can propose its supported ciphers, and other features (MTU, directly request a push message for IP configuration, use TLS exporter secret instead of the hand-crafted (TLS 1.0 based PRF), ...) once the TLS handshake has been completed.</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Speeding up MirageVPN and use it in the wild Robur's blogSpeeding up MirageVPN and use it in the wild
</title> </title>
<meta name="description" content="Performance engineering of MirageVPN, speeding it up by a factor of 25."> <meta name="description" content="Performance engineering of MirageVPN, speeding it up by a factor of 25.">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Speeding up MirageVPN and use it in the wild</h1> <h1>Speeding up MirageVPN and use it in the wild</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-performance">performance</a></li></ul><p>As we were busy continuing to work on <a href="https://github.com/robur-coop/miragevpn">MirageVPN</a>, we got in touch with <a href="https://eduvpn.org">eduVPN</a>, who are interested about deploying MirageVPN. We got example configuration from their side, and <a href="https://github.com/robur-coop/miragevpn/pull/201">fixed</a> <a href="https://github.com/robur-coop/miragevpn/pull/168">some</a> <a href="https://github.com/robur-coop/miragevpn/pull/202">issues</a>, and also implemented <a href="https://github.com/robur-coop/miragevpn/pull/169">tls-crypt</a> - which was straightforward since we earlier spend time to implement <a href="miragevpn.html">tls-crypt-v2</a>.</p> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-performance">performance</a></li></ul><p>As we were busy continuing to work on <a href="https://github.com/robur-coop/miragevpn">MirageVPN</a>, we got in touch with <a href="https://eduvpn.org">eduVPN</a>, who are interested about deploying MirageVPN. We got example configuration from their side, and <a href="https://github.com/robur-coop/miragevpn/pull/201">fixed</a> <a href="https://github.com/robur-coop/miragevpn/pull/168">some</a> <a href="https://github.com/robur-coop/miragevpn/pull/202">issues</a>, and also implemented <a href="https://github.com/robur-coop/miragevpn/pull/169">tls-crypt</a> - which was straightforward since we earlier spend time to implement <a href="https://blog.robur.coop/articles/miragevpn.html">tls-crypt-v2</a>.</p>
<p>In January, they gave MirageVPN another try, and <a href="https://github.com/robur-coop/miragevpn/issues/206">measured the performance</a> -- which was very poor -- MirageVPN (run as a Unix binary) provided a bandwith of 9.3Mb/s, while OpenVPN provided a bandwidth of 360Mb/s (using a VPN tunnel over TCP).</p> <p>In January, they gave MirageVPN another try, and <a href="https://github.com/robur-coop/miragevpn/issues/206">measured the performance</a> -- which was very poor -- MirageVPN (run as a Unix binary) provided a bandwith of 9.3Mb/s, while OpenVPN provided a bandwidth of 360Mb/s (using a VPN tunnel over TCP).</p>
<p>We aim at spending less resources for computing, thus the result was not satisfying for us. We re-read a lot of code, refactored a lot, and are now at ~250Mb/s.</p> <p>We aim at spending less resources for computing, thus the result was not satisfying for us. We re-read a lot of code, refactored a lot, and are now at ~250Mb/s.</p>
<h2 id="tooling-for-performance-engineering-of-ocaml"><a class="anchor" aria-hidden="true" href="#tooling-for-performance-engineering-of-ocaml"></a>Tooling for performance engineering of OCaml</h2> <h2 id="tooling-for-performance-engineering-of-ocaml"><a class="anchor" aria-hidden="true" href="#tooling-for-performance-engineering-of-ocaml"></a>Tooling for performance engineering of OCaml</h2>
@ -40,7 +40,7 @@ To better guide the performance engineering, we also developed <a href="https://
<li>Still an open topic is: we are in the memory-safe language OCaml, and we sometimes extract data out of a buffer (or set data in a buffer). Now, each operation lead to bounds checks (that we do not touch memory that is not allocated or not ours). However, if we just checked for the buffer being long enough (either by checking the length, or by allocating a specific amount of data), these bounds checks are superfluous. So far, we don't have an automated solution for this issue, but we are <a href="https://discuss.ocaml.org/t/bounds-checks-for-string-and-bytes-when-retrieving-or-setting-subparts-thereof/">discussing it in the OCaml community</a>, and are eager to find a solution to avoid unneeded computations.</li> <li>Still an open topic is: we are in the memory-safe language OCaml, and we sometimes extract data out of a buffer (or set data in a buffer). Now, each operation lead to bounds checks (that we do not touch memory that is not allocated or not ours). However, if we just checked for the buffer being long enough (either by checking the length, or by allocating a specific amount of data), these bounds checks are superfluous. So far, we don't have an automated solution for this issue, but we are <a href="https://discuss.ocaml.org/t/bounds-checks-for-string-and-bytes-when-retrieving-or-setting-subparts-thereof/">discussing it in the OCaml community</a>, and are eager to find a solution to avoid unneeded computations.</li>
</ul> </ul>
<h2 id="conclusion"><a class="anchor" aria-hidden="true" href="#conclusion"></a>Conclusion</h2> <h2 id="conclusion"><a class="anchor" aria-hidden="true" href="#conclusion"></a>Conclusion</h2>
<p>To conclude: we already achieved a factor of 25 in performance by adapting the code in various ways. We have ideas to improve the performance even more in the future - we also work on using OCaml string and bytes, instead of off-the-OCaml-heap-allocated bigarrays (see <a href="speeding-ec-string.html">our previous article</a>, which provided some speedups).</p> <p>To conclude: we already achieved a factor of 25 in performance by adapting the code in various ways. We have ideas to improve the performance even more in the future - we also work on using OCaml string and bytes, instead of off-the-OCaml-heap-allocated bigarrays (see <a href="https://blog.robur.coop/articles/speeding-ec-string.html">our previous article</a>, which provided some speedups).</p>
<p>Don't hesitate to reach out to us on <a href="https://github.com/robur-coop/miragevpn/issues">GitHub</a>, or <a href="https://robur.coop/Contact">by mail</a> if you're stuck.</p> <p>Don't hesitate to reach out to us on <a href="https://github.com/robur-coop/miragevpn/issues">GitHub</a>, or <a href="https://robur.coop/Contact">by mail</a> if you're stuck.</p>
<p>We want to thank <a href="https://nlnet.nl">NLnet</a> for their funding (via <a href="https://www.assure.ngi.eu/">NGI assure</a>), and <a href="https://eduvpn.org">eduVPN</a> for their interest.</p> <p>We want to thank <a href="https://nlnet.nl">NLnet</a> for their funding (via <a href="https://www.assure.ngi.eu/">NGI assure</a>), and <a href="https://eduvpn.org">eduVPN</a> for their interest.</p>
<section role="doc-endnotes"><ol> <section role="doc-endnotes"><ol>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - MirageVPN server Robur's blogMirageVPN server
</title> </title>
<meta name="description" content="Announcement of our MirageVPN server."> <meta name="description" content="Announcement of our MirageVPN server.">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,12 +20,12 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>MirageVPN server</h1> <h1>MirageVPN server</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li></ul><p>It is a great pleasure to finally announce that we have finished a server implementation for MirageVPN (OpenVPN™-compatible). This allows to setup a very robust VPN network on both the client and the server side.</p> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li></ul><p>It is a great pleasure to finally announce that we have finished a server implementation for MirageVPN (OpenVPN™-compatible). This allows to setup a very robust VPN network on both the client and the server side.</p>
<p>As announced last year, <a href="miragevpn.html">MirageVPN</a> is a reimplemtation of OpenVPN™ in OCaml, with <a href="https://mirage.io">MirageOS</a> unikernels.</p> <p>As announced last year, <a href="https://blog.robur.coop/articles/miragevpn.html">MirageVPN</a> is a reimplemtation of OpenVPN™ in OCaml, with <a href="https://mirage.io">MirageOS</a> unikernels.</p>
<h2 id="why-a-miragevpn-server"><a class="anchor" aria-hidden="true" href="#why-a-miragevpn-server"></a>Why a MirageVPN server?</h2> <h2 id="why-a-miragevpn-server"><a class="anchor" aria-hidden="true" href="#why-a-miragevpn-server"></a>Why a MirageVPN server?</h2>
<p>Providing Internet services with programming languages that have not much safety requires a lot of discipline by the developers to avoid issues which may lead to exploitable services that are attacked (and thus will circumvent any security goals). Especially services that are critical for security and privacy, it is crucial to avoid common memory safety pitfalls.</p> <p>Providing Internet services with programming languages that have not much safety requires a lot of discipline by the developers to avoid issues which may lead to exploitable services that are attacked (and thus will circumvent any security goals). Especially services that are critical for security and privacy, it is crucial to avoid common memory safety pitfalls.</p>
<p>Some years back, when we worked on the client implementation, we also drafted a server implementation. The reasoning was that a lot of the code was already there, and just a few things needed to be developed to allow clients to connect there.</p> <p>Some years back, when we worked on the client implementation, we also drafted a server implementation. The reasoning was that a lot of the code was already there, and just a few things needed to be developed to allow clients to connect there.</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - MirageVPN &amp; tls-crypt-v2 Robur's blogMirageVPN &amp; tls-crypt-v2
</title> </title>
<meta name="description" content="How we implementated tls-crypt-v2 for miragevpn"> <meta name="description" content="How we implementated tls-crypt-v2 for miragevpn">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>MirageVPN &amp; tls-crypt-v2</h1> <h1>MirageVPN &amp; tls-crypt-v2</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul><p>In 2019 <a href="https://robur.coop/">Robur</a> started working on a <a href="https://github.com/robur-coop/miragevpn/">OpenVPN™-compatible implementation in OCaml</a>. <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul><p>In 2019 <a href="https://robur.coop/">Robur</a> started working on a <a href="https://github.com/robur-coop/miragevpn/">OpenVPN™-compatible implementation in OCaml</a>.
The project was funded for 6 months in 2019 by <a href="https://prototypefund.de">prototypefund</a>. The project was funded for 6 months in 2019 by <a href="https://prototypefund.de">prototypefund</a>.
In late 2022 we applied again for funding this time to the <a href="https://www.assure.ngi.eu/">NGI Assure</a> open call, and our application was eventually accepted. In late 2022 we applied again for funding this time to the <a href="https://www.assure.ngi.eu/">NGI Assure</a> open call, and our application was eventually accepted.
In this blog post I will explain why reimplementing the OpenVPN™ protocol in OCaml is a worthwhile effort, and describe the Miragevpn implementation and in particular the <code>tls-crypt-v2</code> mechanism.</p> In this blog post I will explain why reimplementing the OpenVPN™ protocol in OCaml is a worthwhile effort, and describe the Miragevpn implementation and in particular the <code>tls-crypt-v2</code> mechanism.</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - qubes-miragevpn, a MirageVPN client for QubesOS Robur's blogqubes-miragevpn, a MirageVPN client for QubesOS
</title> </title>
<meta name="description" content="A new OpenVPN client for QubesOS"> <meta name="description" content="A new OpenVPN client for QubesOS">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>qubes-miragevpn, a MirageVPN client for QubesOS</h1> <h1>qubes-miragevpn, a MirageVPN client for QubesOS</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-vpn">vpn</a></li><li><a href="/tags.html#tag-unikernel">unikernel</a></li><li><a href="/tags.html#tag-QubesOS">QubesOS</a></li></ul><p>We are pleased to announce the arrival of a new unikernel: <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-vpn">vpn</a></li><li><a href="https://blog.robur.coop/tags.html#tag-unikernel">unikernel</a></li><li><a href="https://blog.robur.coop/tags.html#tag-QubesOS">QubesOS</a></li></ul><p>We are pleased to announce the arrival of a new unikernel:
<a href="https://github.com/robur-coop/qubes-miragevpn">qubes-miragevpn</a>. The latter is the result of work begun <a href="https://github.com/robur-coop/qubes-miragevpn">qubes-miragevpn</a>. The latter is the result of work begun
several months ago on <a href="https://github.com/robur-coop/miragevpn">miragevpn</a>.</p> several months ago on <a href="https://github.com/robur-coop/miragevpn">miragevpn</a>.</p>
<p>Indeed, with the ambition of completing our unikernel suite and the success of <p>Indeed, with the ambition of completing our unikernel suite and the success of

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Speeding elliptic curve cryptography Robur's blogSpeeding elliptic curve cryptography
</title> </title>
<meta name="description" content="How we improved the performance of elliptic curves by only modifying the underlying byte array"> <meta name="description" content="How we improved the performance of elliptic curves by only modifying the underlying byte array">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>Speeding elliptic curve cryptography</h1> <h1>Speeding elliptic curve cryptography</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li></ul><p>TL;DR: replacing cstruct with string, we gain a factor of 2.5 in performance.</p> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul><p>TL;DR: replacing cstruct with string, we gain a factor of 2.5 in performance.</p>
<h2 id="mirage-crypto-ec"><a class="anchor" aria-hidden="true" href="#mirage-crypto-ec"></a>Mirage-crypto-ec</h2> <h2 id="mirage-crypto-ec"><a class="anchor" aria-hidden="true" href="#mirage-crypto-ec"></a>Mirage-crypto-ec</h2>
<p>In April 2021 We published our implementation of <a href="https://hannes.robur.coop/Posts/EC">elliptic curve cryptography</a> (as <code>mirage-crypto-ec</code> opam package) - this is DSA and DH for NIST curves P224, P256, P384, and P521, and also Ed25519 (EdDSA) and X25519 (ECDH). We use <a href="https://github.com/mit-plv/fiat-crypto/">fiat-crypto</a> for the cryptographic primitives, which emits C code that by construction is correct (note: earlier we stated &quot;free of timing side-channels&quot;, but this is a huge challenge, and as <a href="https://discuss.systems/@edwintorok/111925959867297453">reported by Edwin Török</a> likely impossible on current x86 hardware). More C code (such as <code>point_add</code>, <code>point_double</code>, and further 25519 computations including tables) have been taken from the BoringSSL code base. A lot of OCaml code originates from our TLS 1.3 work in 2018, where Etienne Millon, Nathan Rebours, and Clément Pascutto interfaced <a href="https://github.com/mirage/fiat/">elliptic curves for OCaml</a> (with the goal of being usable with MirageOS).</p> <p>In April 2021 We published our implementation of <a href="https://hannes.robur.coop/Posts/EC">elliptic curve cryptography</a> (as <code>mirage-crypto-ec</code> opam package) - this is DSA and DH for NIST curves P224, P256, P384, and P521, and also Ed25519 (EdDSA) and X25519 (ECDH). We use <a href="https://github.com/mit-plv/fiat-crypto/">fiat-crypto</a> for the cryptographic primitives, which emits C code that by construction is correct (note: earlier we stated &quot;free of timing side-channels&quot;, but this is a huge challenge, and as <a href="https://discuss.systems/@edwintorok/111925959867297453">reported by Edwin Török</a> likely impossible on current x86 hardware). More C code (such as <code>point_add</code>, <code>point_double</code>, and further 25519 computations including tables) have been taken from the BoringSSL code base. A lot of OCaml code originates from our TLS 1.3 work in 2018, where Etienne Millon, Nathan Rebours, and Clément Pascutto interfaced <a href="https://github.com/mirage/fiat/">elliptic curves for OCaml</a> (with the goal of being usable with MirageOS).</p>
<p>The goal of mirage-crypto-ec was: develop elliptic curve support for OCaml &amp; MirageOS quickly - which didn't leave much time to focus on performance. As time goes by, our mileage varies, and we're keen to use fewer resources - and thus fewer CPU time and a smaller memory footprint is preferable.</p> <p>The goal of mirage-crypto-ec was: develop elliptic curve support for OCaml &amp; MirageOS quickly - which didn't leave much time to focus on performance. As time goes by, our mileage varies, and we're keen to use fewer resources - and thus fewer CPU time and a smaller memory footprint is preferable.</p>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - The new Tar release, a retrospective Robur's blogThe new Tar release, a retrospective
</title> </title>
<meta name="description" content="A little retrospective to the new Tar release and changes"> <meta name="description" content="A little retrospective to the new Tar release and changes">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,11 +20,11 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="https://blog.robur.coop/index.html">Back to index</a>
<article> <article>
<h1>The new Tar release, a retrospective</h1> <h1>The new Tar release, a retrospective</h1>
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Cstruct">Cstruct</a></li><li><a href="/tags.html#tag-functors">functors</a></li></ul><p>We are delighted to announce the new release of <code>ocaml-tar</code>. A small library for <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Cstruct">Cstruct</a></li><li><a href="https://blog.robur.coop/tags.html#tag-functors">functors</a></li></ul><p>We are delighted to announce the new release of <code>ocaml-tar</code>. A small library for
reading and writing tar archives in OCaml. Since this is a major release, we'll reading and writing tar archives in OCaml. Since this is a major release, we'll
take the time in this article to explain the work that's been done by the take the time in this article to explain the work that's been done by the
cooperative on this project.</p> cooperative on this project.</p>

167
atom.xml Normal file
View file

@ -0,0 +1,167 @@
<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<id>https://blog.robur.coop/atom.xml</id>
<title type="text">The Robur&apos;s blog</title>
<generator uri="https://github.com/xhtmlboi/yocaml" version="2">YOCaml</generator>
<updated>2024-10-25T00:00:00Z</updated>
<author>
<name>The Robur Team</name>
</author>
<link href="https://blog.robur.coop"/>
<link href="https://blog.robur.coop/atom.xml" rel="self"/>
<entry>
<id>https://blog.robur.coop/articles/dnsvizor01.html</id>
<title type="text">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</title>
<updated>2024-10-25T00:00:00Z</updated>
<summary type="text">
The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.
</summary>
<link href="https://blog.robur.coop/articles/dnsvizor01.html" rel="alternate" title="Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="DNSvizor"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/arguments.html</id>
<title type="text">Runtime arguments in MirageOS</title>
<updated>2024-10-22T00:00:00Z</updated>
<summary type="text">The history of runtime arguments to a MirageOS unikernel</summary>
<link href="https://blog.robur.coop/articles/arguments.html" rel="alternate" title="Runtime arguments in MirageOS"/>
<category term="OCaml"/>
<category term="MirageOS"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/finances.html</id>
<title type="text">How has robur financially been doing since 2018?</title>
<updated>2024-10-21T00:00:00Z</updated>
<summary type="text">How we organise as a collective, and why we&apos;re doing that.</summary>
<link href="https://blog.robur.coop/articles/finances.html" rel="alternate" title="How has robur financially been doing since 2018?"/>
<category term="finances"/>
<category term="cooperative"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html</id>
<title type="text">MirageVPN and OpenVPN</title>
<updated>2024-08-21T00:00:00Z</updated>
<summary type="text">Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library</summary>
<link href="https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html" rel="alternate" title="MirageVPN and OpenVPN"/>
<category term="MirageVPN"/>
<category term="OpenVPN"/>
<category term="security"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/tar-release.html</id>
<title type="text">The new Tar release, a retrospective</title>
<updated>2024-08-15T00:00:00Z</updated>
<summary type="text">A little retrospective to the new Tar release and changes</summary>
<link href="https://blog.robur.coop/articles/tar-release.html" rel="alternate" title="The new Tar release, a retrospective"/>
<category term="OCaml"/>
<category term="Cstruct"/>
<category term="functors"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/qubes-miragevpn.html</id>
<title type="text">qubes-miragevpn, a MirageVPN client for QubesOS</title>
<updated>2024-06-24T00:00:00Z</updated>
<summary type="text">A new OpenVPN client for QubesOS</summary>
<link href="https://blog.robur.coop/articles/qubes-miragevpn.html" rel="alternate" title="qubes-miragevpn, a MirageVPN client for QubesOS"/>
<category term="OCaml"/>
<category term="vpn"/>
<category term="unikernel"/>
<category term="QubesOS"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/miragevpn-server.html</id>
<title type="text">MirageVPN server</title>
<updated>2024-06-17T00:00:00Z</updated>
<summary type="text">Announcement of our MirageVPN server.</summary>
<link href="https://blog.robur.coop/articles/miragevpn-server.html" rel="alternate" title="MirageVPN server"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="cryptography"/>
<category term="security"/>
<category term="VPN"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/miragevpn-performance.html</id>
<title type="text">Speeding up MirageVPN and use it in the wild</title>
<updated>2024-04-16T00:00:00Z</updated>
<summary type="text">Performance engineering of MirageVPN, speeding it up by a factor of 25.</summary>
<link href="https://blog.robur.coop/articles/miragevpn-performance.html" rel="alternate" title="Speeding up MirageVPN and use it in the wild"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="cryptography"/>
<category term="security"/>
<category term="VPN"/>
<category term="performance"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/gptar.html</id>
<title type="text">GPTar</title>
<updated>2024-02-21T00:00:00Z</updated>
<summary type="text">Hybrid GUID partition table and tar archive</summary>
<link href="https://blog.robur.coop/articles/gptar.html" rel="alternate" title="GPTar"/>
<category term="OCaml"/>
<category term="gpt"/>
<category term="tar"/>
<category term="mbr"/>
<category term="persistent storage"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/speeding-ec-string.html</id>
<title type="text">Speeding elliptic curve cryptography</title>
<updated>2024-02-13T00:00:00Z</updated>
<summary type="text">
How we improved the performance of elliptic curves by only modifying the underlying byte array
</summary>
<link href="https://blog.robur.coop/articles/speeding-ec-string.html" rel="alternate" title="Speeding elliptic curve cryptography"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="cryptography"/>
<category term="security"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/lwt_pause.html</id>
<title type="text">Cooperation and Lwt.pause</title>
<updated>2024-02-11T00:00:00Z</updated>
<summary type="text">A disgression about Lwt and Miou</summary>
<link href="https://blog.robur.coop/articles/lwt_pause.html" rel="alternate" title="Cooperation and Lwt.pause"/>
<category term="OCaml"/>
<category term="Scheduler"/>
<category term="Community"/>
<category term="Unikernel"/>
<category term="Git"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/2024-02-03-python-str-repr.html</id>
<title type="text">Python&apos;s `str.__repr__()`</title>
<updated>2024-02-03T00:00:00Z</updated>
<summary type="text">Reimplementing Python string escaping in OCaml</summary>
<link href="https://blog.robur.coop/articles/2024-02-03-python-str-repr.html" rel="alternate" title="Python&apos;s `str.__repr__()`"/>
<category term="OCaml"/>
<category term="Python"/>
<category term="unicode"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/miragevpn-ncp.html</id>
<title type="text">MirageVPN updated (AEAD, NCP)</title>
<updated>2023-11-20T00:00:00Z</updated>
<summary type="text">How we resurrected MirageVPN from its bitrot state</summary>
<link href="https://blog.robur.coop/articles/miragevpn-ncp.html" rel="alternate" title="MirageVPN updated (AEAD, NCP)"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="VPN"/>
<category term="security"/>
</entry>
<entry>
<id>https://blog.robur.coop/articles/miragevpn.html</id>
<title type="text">MirageVPN &amp; tls-crypt-v2</title>
<updated>2023-11-14T00:00:00Z</updated>
<summary type="text">How we implementated tls-crypt-v2 for miragevpn</summary>
<link href="https://blog.robur.coop/articles/miragevpn.html" rel="alternate" title="MirageVPN &amp; tls-crypt-v2"/>
<category term="OCaml"/>
<category term="MirageOS"/>
<category term="VPN"/>
<category term="security"/>
</entry>
</feed>

View file

@ -47,13 +47,6 @@
<guid isPermaLink="true">https://blog.robur.coop/articles/tar-release.html</guid> <guid isPermaLink="true">https://blog.robur.coop/articles/tar-release.html</guid>
<pubDate>Thu, 15 Aug 2024 00:00:00 GMT</pubDate> <pubDate>Thu, 15 Aug 2024 00:00:00 GMT</pubDate>
</item> </item>
<item>
<title>Testing MirageVPN against OpenVPN™</title>
<link>https://blog.robur.coop/articles/miragevpn-testing.html</link>
<description><![CDATA[Some notes about how we test MirageVPN against OpenVPN™]]></description>
<guid isPermaLink="true">https://blog.robur.coop/articles/miragevpn-testing.html</guid>
<pubDate>Wed, 26 Jun 2024 00:00:00 GMT</pubDate>
</item>
<item> <item>
<title>qubes-miragevpn, a MirageVPN client for QubesOS</title> <title>qubes-miragevpn, a MirageVPN client for QubesOS</title>
<link>https://blog.robur.coop/articles/qubes-miragevpn.html</link> <link>https://blog.robur.coop/articles/qubes-miragevpn.html</link>

View file

@ -5,13 +5,13 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Index Robur's blogIndex
</title> </title>
<meta name="description" content="The famous root of the website"> <meta name="description" content="The famous root of the website">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/hl.css">
<link type="text/css" rel="stylesheet" href="/css/style.css"> <link type="text/css" rel="stylesheet" href="https://blog.robur.coop/css/style.css">
<script src="/js/hl.js"></script> <script src="https://blog.robur.coop/js/hl.js"></script>
<link rel="alternate" type="application/rss+xml" href="/feed.xml" title="blog.robur.coop"> <link rel="alternate" type="application/rss+xml" href="https://blog.robur.coop/feed.xml" title="blog.robur.coop">
</head> </head>
<body> <body>
<header> <header>
@ -20,7 +20,7 @@
The <strong>Robur</strong> cooperative blog. The <strong>Robur</strong> cooperative blog.
</blockquote> </blockquote>
</header> </header>
<main><a class="small-button rss" href="/feed.xml">RSS</a><p>The Robur blog.</p> <main><a class="small-button rss" href="https://blog.robur.coop/feed.xml">RSS</a><p>The Robur blog.</p>
<h3>Essays and ramblings</h3> <h3>Essays and ramblings</h3>
@ -31,10 +31,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-10-25</span> <span class="date">2024-10-25</span>
<a href="/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a><br /> <a href="https://blog.robur.coop/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a><br />
<p>The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.</p> <p>The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-DNSvizor">DNSvizor</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-DNSvizor">DNSvizor</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -44,10 +44,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-10-22</span> <span class="date">2024-10-22</span>
<a href="/articles/arguments.html">Runtime arguments in MirageOS</a><br /> <a href="https://blog.robur.coop/articles/arguments.html">Runtime arguments in MirageOS</a><br />
<p>The history of runtime arguments to a MirageOS unikernel</p> <p>The history of runtime arguments to a MirageOS unikernel</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -57,10 +57,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-10-21</span> <span class="date">2024-10-21</span>
<a href="/articles/finances.html">How has robur financially been doing since 2018?</a><br /> <a href="https://blog.robur.coop/articles/finances.html">How has robur financially been doing since 2018?</a><br />
<p>How we organise as a collective, and why we&apos;re doing that.</p> <p>How we organise as a collective, and why we&apos;re doing that.</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-finances">finances</a></li><li><a href="/tags.html#tag-cooperative">cooperative</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-finances">finances</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cooperative">cooperative</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -70,10 +70,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-08-21</span> <span class="date">2024-08-21</span>
<a href="/articles/2024-08-21-OpenVPN-and-MirageVPN.html">MirageVPN and OpenVPN</a><br /> <a href="https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html">MirageVPN and OpenVPN</a><br />
<p>Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library</p> <p>Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-MirageVPN">MirageVPN</a></li><li><a href="/tags.html#tag-OpenVPN">OpenVPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-MirageVPN">MirageVPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-OpenVPN">OpenVPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -83,23 +83,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-08-15</span> <span class="date">2024-08-15</span>
<a href="/articles/tar-release.html">The new Tar release, a retrospective</a><br /> <a href="https://blog.robur.coop/articles/tar-release.html">The new Tar release, a retrospective</a><br />
<p>A little retrospective to the new Tar release and changes</p> <p>A little retrospective to the new Tar release and changes</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Cstruct">Cstruct</a></li><li><a href="/tags.html#tag-functors">functors</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Cstruct">Cstruct</a></li><li><a href="https://blog.robur.coop/tags.html#tag-functors">functors</a></li></ul>
</div>
</div>
</li><li>
<div class="side">
<a href="https://reyn.ir/">
<img src="https://www.gravatar.com/avatar/54a15736b37879bc9708c1618a7cc130">
</a></div>
<div class="content">
<span class="date">2024-06-26</span>
<a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a><br />
<p>Some notes about how we test MirageVPN against OpenVPN™</p>
<div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li><li><a href="/tags.html#tag-testing">testing</a></li><li><a href="/tags.html#tag-vpn">vpn</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -109,10 +96,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-06-24</span> <span class="date">2024-06-24</span>
<a href="/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a><br /> <a href="https://blog.robur.coop/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a><br />
<p>A new OpenVPN client for QubesOS</p> <p>A new OpenVPN client for QubesOS</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-vpn">vpn</a></li><li><a href="/tags.html#tag-unikernel">unikernel</a></li><li><a href="/tags.html#tag-QubesOS">QubesOS</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-vpn">vpn</a></li><li><a href="https://blog.robur.coop/tags.html#tag-unikernel">unikernel</a></li><li><a href="https://blog.robur.coop/tags.html#tag-QubesOS">QubesOS</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -122,10 +109,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-06-17</span> <span class="date">2024-06-17</span>
<a href="/articles/miragevpn-server.html">MirageVPN server</a><br /> <a href="https://blog.robur.coop/articles/miragevpn-server.html">MirageVPN server</a><br />
<p>Announcement of our MirageVPN server.</p> <p>Announcement of our MirageVPN server.</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -135,10 +122,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-04-16</span> <span class="date">2024-04-16</span>
<a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a><br /> <a href="https://blog.robur.coop/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a><br />
<p>Performance engineering of MirageVPN, speeding it up by a factor of 25.</p> <p>Performance engineering of MirageVPN, speeding it up by a factor of 25.</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-performance">performance</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-performance">performance</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -148,10 +135,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-02-21</span> <span class="date">2024-02-21</span>
<a href="/articles/gptar.html">GPTar</a><br /> <a href="https://blog.robur.coop/articles/gptar.html">GPTar</a><br />
<p>Hybrid GUID partition table and tar archive</p> <p>Hybrid GUID partition table and tar archive</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-gpt">gpt</a></li><li><a href="/tags.html#tag-tar">tar</a></li><li><a href="/tags.html#tag-mbr">mbr</a></li><li><a href="/tags.html#tag-persistent storage">persistent storage</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-gpt">gpt</a></li><li><a href="https://blog.robur.coop/tags.html#tag-tar">tar</a></li><li><a href="https://blog.robur.coop/tags.html#tag-mbr">mbr</a></li><li><a href="https://blog.robur.coop/tags.html#tag-persistent storage">persistent storage</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -161,10 +148,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-02-13</span> <span class="date">2024-02-13</span>
<a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a><br /> <a href="https://blog.robur.coop/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a><br />
<p>How we improved the performance of elliptic curves by only modifying the underlying byte array</p> <p>How we improved the performance of elliptic curves by only modifying the underlying byte array</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-cryptography">cryptography</a></li><li><a href="/tags.html#tag-security">security</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-cryptography">cryptography</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -174,10 +161,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-02-11</span> <span class="date">2024-02-11</span>
<a href="/articles/lwt_pause.html">Cooperation and Lwt.pause</a><br /> <a href="https://blog.robur.coop/articles/lwt_pause.html">Cooperation and Lwt.pause</a><br />
<p>A disgression about Lwt and Miou</p> <p>A disgression about Lwt and Miou</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Scheduler">Scheduler</a></li><li><a href="/tags.html#tag-Community">Community</a></li><li><a href="/tags.html#tag-Unikernel">Unikernel</a></li><li><a href="/tags.html#tag-Git">Git</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Scheduler">Scheduler</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Community">Community</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Unikernel">Unikernel</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Git">Git</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -187,10 +174,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2024-02-03</span> <span class="date">2024-02-03</span>
<a href="/articles/2024-02-03-python-str-repr.html">Python&apos;s `str.__repr__()`</a><br /> <a href="https://blog.robur.coop/articles/2024-02-03-python-str-repr.html">Python&apos;s `str.__repr__()`</a><br />
<p>Reimplementing Python string escaping in OCaml</p> <p>Reimplementing Python string escaping in OCaml</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-Python">Python</a></li><li><a href="/tags.html#tag-unicode">unicode</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-Python">Python</a></li><li><a href="https://blog.robur.coop/tags.html#tag-unicode">unicode</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -200,10 +187,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2023-11-20</span> <span class="date">2023-11-20</span>
<a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a><br /> <a href="https://blog.robur.coop/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a><br />
<p>How we resurrected MirageVPN from its bitrot state</p> <p>How we resurrected MirageVPN from its bitrot state</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul>
</div> </div>
</div> </div>
</li><li> </li><li>
@ -213,10 +200,10 @@
</a></div> </a></div>
<div class="content"> <div class="content">
<span class="date">2023-11-14</span> <span class="date">2023-11-14</span>
<a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a><br /> <a href="https://blog.robur.coop/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a><br />
<p>How we implementated tls-crypt-v2 for miragevpn</p> <p>How we implementated tls-crypt-v2 for miragevpn</p>
<div class="bottom"> <div class="bottom">
<ul class="tags-list"><li><a href="/tags.html#tag-OCaml">OCaml</a></li><li><a href="/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="/tags.html#tag-VPN">VPN</a></li><li><a href="/tags.html#tag-security">security</a></li></ul> <ul class="tags-list"><li><a href="https://blog.robur.coop/tags.html#tag-OCaml">OCaml</a></li><li><a href="https://blog.robur.coop/tags.html#tag-MirageOS">MirageOS</a></li><li><a href="https://blog.robur.coop/tags.html#tag-VPN">VPN</a></li><li><a href="https://blog.robur.coop/tags.html#tag-security">security</a></li></ul>
</div> </div>
</div> </div>
</li></ol> </li></ol>

104
rss1.xml Normal file
View file

@ -0,0 +1,104 @@
<?xml version="1.0" encoding="utf-8"?>
<rdf:RDF xmlns="http://purl.org/rss/1.0/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
<channel rdf:about="https://blog.robur.coop/rss1.xml">
<title>The Robur&apos;s blog</title>
<link>https://blog.robur.coop</link>
<description><![CDATA[The Robur cooperative blog]]></description>
<items>
<rdf:Seq>
<rdf:li resource="https://blog.robur.coop/articles/dnsvizor01.html"/>
<rdf:li resource="https://blog.robur.coop/articles/arguments.html"/>
<rdf:li resource="https://blog.robur.coop/articles/finances.html"/>
<rdf:li resource="https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html"/>
<rdf:li resource="https://blog.robur.coop/articles/tar-release.html"/>
<rdf:li resource="https://blog.robur.coop/articles/qubes-miragevpn.html"/>
<rdf:li resource="https://blog.robur.coop/articles/miragevpn-server.html"/>
<rdf:li resource="https://blog.robur.coop/articles/miragevpn-performance.html"/>
<rdf:li resource="https://blog.robur.coop/articles/gptar.html"/>
<rdf:li resource="https://blog.robur.coop/articles/speeding-ec-string.html"/>
<rdf:li resource="https://blog.robur.coop/articles/lwt_pause.html"/>
<rdf:li resource="https://blog.robur.coop/articles/2024-02-03-python-str-repr.html"/>
<rdf:li resource="https://blog.robur.coop/articles/miragevpn-ncp.html"/>
<rdf:li resource="https://blog.robur.coop/articles/miragevpn.html"/>
</rdf:Seq>
</items>
</channel>
<item rdf:about="https://blog.robur.coop/articles/dnsvizor01.html">
<title>Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</title>
<link>https://blog.robur.coop/articles/dnsvizor01.html</link>
<description>
<![CDATA[The NGI-funded DNSvizor provides core network services on your network; DNS resolution and DHCP.]]>
</description>
</item>
<item rdf:about="https://blog.robur.coop/articles/arguments.html">
<title>Runtime arguments in MirageOS</title>
<link>https://blog.robur.coop/articles/arguments.html</link>
<description><![CDATA[The history of runtime arguments to a MirageOS unikernel]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/finances.html">
<title>How has robur financially been doing since 2018?</title>
<link>https://blog.robur.coop/articles/finances.html</link>
<description><![CDATA[How we organise as a collective, and why we're doing that.]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html">
<title>MirageVPN and OpenVPN</title>
<link>https://blog.robur.coop/articles/2024-08-21-OpenVPN-and-MirageVPN.html</link>
<description>
<![CDATA[Discoveries made implementing MirageVPN, a OpenVPN-compatible VPN library]]>
</description>
</item>
<item rdf:about="https://blog.robur.coop/articles/tar-release.html">
<title>The new Tar release, a retrospective</title>
<link>https://blog.robur.coop/articles/tar-release.html</link>
<description><![CDATA[A little retrospective to the new Tar release and changes]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/qubes-miragevpn.html">
<title>qubes-miragevpn, a MirageVPN client for QubesOS</title>
<link>https://blog.robur.coop/articles/qubes-miragevpn.html</link>
<description><![CDATA[A new OpenVPN client for QubesOS]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/miragevpn-server.html">
<title>MirageVPN server</title>
<link>https://blog.robur.coop/articles/miragevpn-server.html</link>
<description><![CDATA[Announcement of our MirageVPN server.]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/miragevpn-performance.html">
<title>Speeding up MirageVPN and use it in the wild</title>
<link>https://blog.robur.coop/articles/miragevpn-performance.html</link>
<description>
<![CDATA[Performance engineering of MirageVPN, speeding it up by a factor of 25.]]>
</description>
</item>
<item rdf:about="https://blog.robur.coop/articles/gptar.html">
<title>GPTar</title>
<link>https://blog.robur.coop/articles/gptar.html</link>
<description><![CDATA[Hybrid GUID partition table and tar archive]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/speeding-ec-string.html">
<title>Speeding elliptic curve cryptography</title>
<link>https://blog.robur.coop/articles/speeding-ec-string.html</link>
<description>
<![CDATA[How we improved the performance of elliptic curves by only modifying the underlying byte array]]>
</description>
</item>
<item rdf:about="https://blog.robur.coop/articles/lwt_pause.html">
<title>Cooperation and Lwt.pause</title>
<link>https://blog.robur.coop/articles/lwt_pause.html</link>
<description><![CDATA[A disgression about Lwt and Miou]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/2024-02-03-python-str-repr.html">
<title>Python&apos;s `str.__repr__()`</title>
<link>https://blog.robur.coop/articles/2024-02-03-python-str-repr.html</link>
<description><![CDATA[Reimplementing Python string escaping in OCaml]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/miragevpn-ncp.html">
<title>MirageVPN updated (AEAD, NCP)</title>
<link>https://blog.robur.coop/articles/miragevpn-ncp.html</link>
<description><![CDATA[How we resurrected MirageVPN from its bitrot state]]></description>
</item>
<item rdf:about="https://blog.robur.coop/articles/miragevpn.html">
<title>MirageVPN &amp; tls-crypt-v2</title>
<link>https://blog.robur.coop/articles/miragevpn.html</link>
<description><![CDATA[How we implementated tls-crypt-v2 for miragevpn]]></description>
</item>
</rdf:RDF>

View file

@ -5,7 +5,7 @@
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta http-equiv="x-ua-compatible" content="ie=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title> <title>
Robur's blog - Tags Robur's blog
</title> </title>
<meta name="description" content=""> <meta name="description" content="">
<link type="text/css" rel="stylesheet" href="/css/hl.css"> <link type="text/css" rel="stylesheet" href="/css/hl.css">
@ -22,7 +22,7 @@
</header> </header>
<main><a href="/index.html">Back to index</a> <main><a href="/index.html">Back to index</a>
<ul class="tags-list aeration"><li><a href="#tag-Community">Community</a></li><li><a href="#tag-Cstruct">Cstruct</a></li><li><a href="#tag-DNSvizor">DNSvizor</a></li><li><a href="#tag-Git">Git</a></li><li><a href="#tag-MirageOS">MirageOS</a></li><li><a href="#tag-MirageVPN">MirageVPN</a></li><li><a href="#tag-OCaml">OCaml</a></li><li><a href="#tag-OpenVPN">OpenVPN</a></li><li><a href="#tag-Python">Python</a></li><li><a href="#tag-QubesOS">QubesOS</a></li><li><a href="#tag-Scheduler">Scheduler</a></li><li><a href="#tag-Unikernel">Unikernel</a></li><li><a href="#tag-VPN">VPN</a></li><li><a href="#tag-cooperative">cooperative</a></li><li><a href="#tag-cryptography">cryptography</a></li><li><a href="#tag-finances">finances</a></li><li><a href="#tag-functors">functors</a></li><li><a href="#tag-gpt">gpt</a></li><li><a href="#tag-mbr">mbr</a></li><li><a href="#tag-performance">performance</a></li><li><a href="#tag-persistent storage">persistent storage</a></li><li><a href="#tag-security">security</a></li><li><a href="#tag-tar">tar</a></li><li><a href="#tag-testing">testing</a></li><li><a href="#tag-unicode">unicode</a></li><li><a href="#tag-unikernel">unikernel</a></li><li><a href="#tag-vpn">vpn</a></li></ul><div class="tag-box" id="tag-Community"> <ul class="tags-list aeration"><li><a href="#tag-Community">Community</a></li><li><a href="#tag-Cstruct">Cstruct</a></li><li><a href="#tag-DNSvizor">DNSvizor</a></li><li><a href="#tag-Git">Git</a></li><li><a href="#tag-MirageOS">MirageOS</a></li><li><a href="#tag-MirageVPN">MirageVPN</a></li><li><a href="#tag-OCaml">OCaml</a></li><li><a href="#tag-OpenVPN">OpenVPN</a></li><li><a href="#tag-Python">Python</a></li><li><a href="#tag-QubesOS">QubesOS</a></li><li><a href="#tag-Scheduler">Scheduler</a></li><li><a href="#tag-Unikernel">Unikernel</a></li><li><a href="#tag-VPN">VPN</a></li><li><a href="#tag-cooperative">cooperative</a></li><li><a href="#tag-cryptography">cryptography</a></li><li><a href="#tag-finances">finances</a></li><li><a href="#tag-functors">functors</a></li><li><a href="#tag-gpt">gpt</a></li><li><a href="#tag-mbr">mbr</a></li><li><a href="#tag-performance">performance</a></li><li><a href="#tag-persistent storage">persistent storage</a></li><li><a href="#tag-security">security</a></li><li><a href="#tag-tar">tar</a></li><li><a href="#tag-unicode">unicode</a></li><li><a href="#tag-unikernel">unikernel</a></li><li><a href="#tag-vpn">vpn</a></li></ul><div class="tag-box" id="tag-Community">
<h3> <h3>
<span>Community</span> <span>Community</span>
</h3> </h3>
@ -46,7 +46,7 @@
<h3> <h3>
<span>MirageOS</span> <span>MirageOS</span>
</h3> </h3>
<ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li><li><a href="/articles/arguments.html">Runtime arguments in MirageOS</a></li><li><a href="/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a></li></ul> <ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/arguments.html">Runtime arguments in MirageOS</a></li><li><a href="/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a></li></ul>
</div><div class="tag-box" id="tag-MirageVPN"> </div><div class="tag-box" id="tag-MirageVPN">
<h3> <h3>
<span>MirageVPN</span> <span>MirageVPN</span>
@ -56,7 +56,7 @@
<h3> <h3>
<span>OCaml</span> <span>OCaml</span>
</h3> </h3>
<ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/2024-02-03-python-str-repr.html">Python&apos;s `str.__repr__()`</a></li><li><a href="/articles/lwt_pause.html">Cooperation and Lwt.pause</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/gptar.html">GPTar</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a></li><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li><li><a href="/articles/tar-release.html">The new Tar release, a retrospective</a></li><li><a href="/articles/arguments.html">Runtime arguments in MirageOS</a></li><li><a href="/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a></li></ul> <ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/2024-02-03-python-str-repr.html">Python&apos;s `str.__repr__()`</a></li><li><a href="/articles/lwt_pause.html">Cooperation and Lwt.pause</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/gptar.html">GPTar</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a></li><li><a href="/articles/tar-release.html">The new Tar release, a retrospective</a></li><li><a href="/articles/arguments.html">Runtime arguments in MirageOS</a></li><li><a href="/articles/dnsvizor01.html">Meet DNSvizor: run your own DHCP and DNS MirageOS unikernel</a></li></ul>
</div><div class="tag-box" id="tag-OpenVPN"> </div><div class="tag-box" id="tag-OpenVPN">
<h3> <h3>
<span>OpenVPN</span> <span>OpenVPN</span>
@ -96,7 +96,7 @@
<h3> <h3>
<span>cryptography</span> <span>cryptography</span>
</h3> </h3>
<ul><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li></ul> <ul><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li></ul>
</div><div class="tag-box" id="tag-finances"> </div><div class="tag-box" id="tag-finances">
<h3> <h3>
<span>finances</span> <span>finances</span>
@ -131,17 +131,12 @@
<h3> <h3>
<span>security</span> <span>security</span>
</h3> </h3>
<ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li><li><a href="/articles/2024-08-21-OpenVPN-and-MirageVPN.html">MirageVPN and OpenVPN</a></li></ul> <ul><li><a href="/articles/miragevpn.html">MirageVPN &amp; tls-crypt-v2</a></li><li><a href="/articles/miragevpn-ncp.html">MirageVPN updated (AEAD, NCP)</a></li><li><a href="/articles/speeding-ec-string.html">Speeding elliptic curve cryptography</a></li><li><a href="/articles/miragevpn-performance.html">Speeding up MirageVPN and use it in the wild</a></li><li><a href="/articles/miragevpn-server.html">MirageVPN server</a></li><li><a href="/articles/2024-08-21-OpenVPN-and-MirageVPN.html">MirageVPN and OpenVPN</a></li></ul>
</div><div class="tag-box" id="tag-tar"> </div><div class="tag-box" id="tag-tar">
<h3> <h3>
<span>tar</span> <span>tar</span>
</h3> </h3>
<ul><li><a href="/articles/gptar.html">GPTar</a></li></ul> <ul><li><a href="/articles/gptar.html">GPTar</a></li></ul>
</div><div class="tag-box" id="tag-testing">
<h3>
<span>testing</span>
</h3>
<ul><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li></ul>
</div><div class="tag-box" id="tag-unicode"> </div><div class="tag-box" id="tag-unicode">
<h3> <h3>
<span>unicode</span> <span>unicode</span>
@ -156,7 +151,7 @@
<h3> <h3>
<span>vpn</span> <span>vpn</span>
</h3> </h3>
<ul><li><a href="/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a></li><li><a href="/articles/miragevpn-testing.html">Testing MirageVPN against OpenVPN™</a></li></ul> <ul><li><a href="/articles/qubes-miragevpn.html">qubes-miragevpn, a MirageVPN client for QubesOS</a></li></ul>
</div> </div>
</main> </main>
<footer> <footer>