Ouroboros main repository http://www.ouroboros.rocks/cgit/ouroboros/atom?h=master 2026-02-22T17:33:20+00:00 2026-02-22T17:33:20+00:00 Sander Vrijders sander@ouroboros.rocks 2026-02-22T17:29:06+00:00 urn:sha1:68e0407e8f21a5adff66bbb57c09cb12ca9bb0c5 A merge conflict was left unresolved, resulting in compilation errors. Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> 2026-02-22T15:06:49+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-21T11:20:51+00:00 urn:sha1:5d930fed0cff09d7fc22c2b1152506c334a08f7a Call freebuf(pbuf) before returning from each test thread function. Since clrbuf zeroes pbuf.data to NULL on the success path, free(NULL) is safe. On the failure path of reg_respond_*, it now properly frees the still-allocated data. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-22T15:02:16+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-19T21:03:16+00:00 urn:sha1:c3636005831064e71b03a5f8796a21e89b2a714f This allows bypassing the IPCP for local processes that share the same packet pool, lowering latency between processes to comparable levels as Unix sockets (RTT in the order of a microsecond). For local processes, no IPCPs are needed: $ irm b prog oping n oping $ oping -l Ouroboros ping server started. New flow 64. Received 64 bytes on fd 64. The direct IPC can be disabled with the DISABLE_DIRECT_IPC build flag. Note that this is needed for rumba 'local' experiments to emulate network topologies. Without this flag all processes will just communicate directly. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T07:02:16+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-15T16:54:30+00:00 urn:sha1:079035dbf4890e667c5e931295a1c24f28d9c0df Embed git commit hash into version.h and irmd --version output using git describe. Regenerated at build time to stay current across commits. Ouroboros version MAJOR.MINOR.PATCH (TAG-COMMITS-GHASH-dirty) Example for dirty work tree (uncommitted changes): $ irmd --version Ouroboros version 0.22.0 (0.22.0-36-g86dba544-dirty) Example after commit: $ sudo irmd --version Ouroboros version 0.22.0-37-g55fa9445 Officical release (on tag): Ouroboros version 0.22.0 Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:58:21+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-15T11:26:04+00:00 urn:sha1:760e17f142eb5cc0f594f1383ae68bb63bebe9ee The DHT uses a struct {struct list_head, size_t len} pattern, which is also useful in the registry and other places. Having a struct llist (defined in list.h) with consistent macros for addition/deletion etc removes a lot of duplication and boilerplate and reduces the risk of inconsistent updates. The list management is now a macro-only implementation. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:54:56+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-15T09:21:02+00:00 urn:sha1:0d72b59c2964208ea34ce2322978344d7ff1a223 Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:53:35+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-17T21:37:39+00:00 urn:sha1:040bdfb18684d809cb5edacf9867d3378b7e093b This replaces the single HAVE_OPENSSL_PQC/DISABLE_PQC with per-algorithm CMake variables (ML-KEM, ML-DSA, SLH-DSA), gated by the OpenSSL versions: ML-KEM and ML-DSA require >= 3.4, SLH-DSA >= 3.5. SLH-DSA was already working, but now added explicit authentication tests for it with a full certificate chain (root CA, intermediate CA, server) to show full support. Rename PQC test files and cert headers to use algorithm-specific names (ml_kem, ml_dsa, slh_dsa) and move cert headers to include/test/certs/. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:53:29+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-15T21:39:52+00:00 urn:sha1:2c717b2fc9773a74d6c9df01a2f873deea163918 The IRMd will now report a PQC algorithm in the enc.conf file if it is not supported, instead of failing on KEM key generation. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:53:23+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-15T21:31:33+00:00 urn:sha1:46cc58fe1a89903f4ef928caeee1bec96ab5967b When the server had no cipher configured, sk->nid was set to NID_undef before negotiation and never updated, causing the response header to encode NID_undef as the cipher — even though negotiate_kex() correctly populated kcfg.c.nid from the client's request. Adds a test for the KEM case where the client request encryption with nothing specified server-side. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks> 2026-02-18T06:53:16+00:00 Dimitri Staessens dimitri@ouroboros.rocks 2026-02-14T15:26:15+00:00 urn:sha1:85cc8d28d263a8b8ff04d90622311f5d68e26e6f This cleans up a few debug logs related to encryption to not show KEM info for non-KEM algorithms. Also removes refcount logs for the PUP. Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks> Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>