| KotCzarny | tricky question, how to discharge li-ion to ~40% | 10:02 |
|---|---|---|
| KotCzarny | can it be done by observing voltage or another algo is a must? | 10:03 |
| Vajb | KotCzarny: I think you need to know capacity and then count how much mAh you draw out | 11:46 |
| KotCzarny | i'm interested if there is a way to do it without charge/discharge cycle which takes many hours | 11:47 |
| Vajb | if you compare against voltage you end up with 40% of max voltage which is different than capacity | 11:47 |
| KotCzarny | and if i have 10+ batteries whole process could take many weeks | 11:48 |
| KotCzarny | best way would be multi-slot programmable charger | 11:48 |
| KotCzarny | but those babies can cost a lot (or take some electronics skills, which i suck at) | 11:49 |
| Vajb | crazy thougth, if you have capacitor which is about 60% of battery capacity. Charge it via resistor and monitor volatage. When they are level you have 40% left in battery | 11:49 |
| Vajb | voltage* | 11:49 |
| KotCzarny | i got me nice charger that can charge/discharge and also monitor voltage/capacity | 11:51 |
| KotCzarny | but requires me observing it (ie. missing 'charge, discharge, then charge to 40%' option) | 11:51 |
| KotCzarny | so far it looks like getting battery down to ~3.6-3.7V is equivalent to ~50% of capacity | 11:52 |
| KotCzarny | i could use second digit after '.', right now i dont know if it rounds or floors the display | 11:54 |
| halftux | sicelo: I could not start cutenews I don't know why no console output no crash but nothing happens :( for qmlbrowser I tried https://fancyssl.hboeck.de which is working with TLSv1.2... | 19:21 |
| halftux | ah ok there were no permission for execution of showwindow from cutenews | 19:27 |
| * Maxdamantus has almost finished writing his TLS proxy, which should allow older browsers to work with new SSL servers. | 19:36 | |
| Maxdamantus | You just give the proxy a certificate and matching private key, and the proxy will use the server name indicator on incoming connections to forge certificates signed by that given certificate on the fly. | 19:39 |
| Maxdamantus | then it can just make a normal outgoing SSL connection itself. | 19:39 |
| halftux | oh sounds nice | 19:39 |
| Maxdamantus | requires that given certificate to be trusted by the browser. | 19:40 |
| Maxdamantus | (private key for the CA is reused as the private key for dynamically generated certificates, so there's no need to maintain some sort of certificate/key cache across the connections) | 19:41 |
| halftux | and you will host that proxy? in which language is that proxy written? | 19:44 |
| Maxdamantus | It will be something that should be run on the device itself. | 19:45 |
| Maxdamantus | There are other programs that seem to do this, but they seem a bit heavy for running on N900. | 19:45 |
| Maxdamantus | This one is just a ~400-line C program that depends on openssl and POSIX. | 19:45 |
| halftux | that is nice | 19:46 |
| halftux | which openssl version do you use at the moment? | 19:46 |
| Maxdamantus | I think it should depend on 1.0.2g, since that's the first one with fairly easy peer certificate validation. | 19:53 |
| Maxdamantus | openssl 1.1.0 builds fine under the old debian chroot I have though, so it could just be distributed as a statically linked program. | 19:55 |
| Maxdamantus | Could also just disable certificate validation, but I don't want to encourage that. | 20:02 |
| halftux | no good idea to disable it :D | 20:04 |
| halftux | is openssl 1.1.0 working with the maemo standard certificates when it is statically linked? will a rehash of cerificates break them for older openssl, if it is needed for newer openssl?? | 20:06 |
| Maxdamantus | I think it should work with that, but it might be preferable to just copy a new ca-certificates file from somewhere and just override the default search path (using some openssl environment variable) | 20:12 |
| Maxdamantus | Since I just see a bunch of certificates in PEM format in /etc/certs/common-ca on maemo ..e dunno exactly what openssl's search behaviour is. | 20:14 |
| Maxdamantus | but again, should at least be able to just point it to a single ca-certificates file that doesn't have to interfere with the rest of the system. | 20:15 |
| halftux | ok I see | 20:20 |
| Maxdamantus | eh, wtf, wonder what this /etc/certs/trusted/root.{ca,key} is .. has amaemo been doing a superfish all this itime? | 20:21 |
| * Maxdamantus will look into it when he's onnot on the bus. | 20:21 | |
| Maxdamantus | Yeah, that's a matching certificate/private key (readable by non-root), hopefully it's not distributed to every maemo .. doesn't show a package with `dpkg -l` | 20:46 |
| Maxdamantus | f44094ac587d71cceb1510ffdae80e335e44d8ff /etc/certs/trusted/root.ca | 20:46 |
| * Maxdamantus wonders if someone else can show a sha1sum for that file. | 20:47 | |
| Vajb | f44094ac587d71cceb1510ffdae80e335e44d8ff | 20:51 |
| Vajb | looks about the same Maxdamantus | 20:51 |
| Maxdamantus | Okay, so someone fucked up. | 20:59 |
| Maxdamantus | So maemo beat superfish to not knowing how to handle certificates. | 21:00 |
| Maxdamantus | orcus:~# mv /etc/certs/trusted ~/untrusted | 21:01 |
| * Maxdamantus will try to look into what that was for later. | 21:01 | |
| Maxdamantus | and someone should probably fix that, depending on how certificate search paths work. | 21:02 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!