tl;dr: Check that your RSS reader is using an HTTPS URL, because the HTTP
one will start redirecting soon, and you probably want to find out if it breaks.
Edit from four days later: I’ve flipped the switch on this and, from the
logs, it doesn’t seem to be messing anybody up.
It’s been just about four years since I finally got HTTPS and HTTP/2 working for
this site. During that time, I’ve seen most incoming traffic from humans
transition over to encrypted connections. (HTTP/2 connections are also
significantly faster for both my server, and your user experience, than earlier
editions.)
You might wondering what I mean by “traffic from humans.” Well, it turns out the
vast majority of my remaining unencrypted HTTP traffic (ye olde port 80) is from
a combination of:
RSS readers (80%)
Shady crawler bots that don’t check robots.txt (15%)
Google, for some reason – I’ve poked them about it (~4%)
Requests that may be from actual humans (1%ish)
Since I deployed httpd2 back in 2020, I’ve been waiting for an opportunity to
turn off publicfile, the HTTP server I’ve used since time immemorial.
publicfile has served well, but the code is as archaic as its protocol
support, its license makes it difficult to maintain, and (frankly) I’m less
excited about appearing to support DJB and his software ecosystem these days.
So, I figure I will do the following:
Respond to all HTTP requests with a 301 redirect to HTTPS (…something
publicfile can’t actually do out of the box), and
Turn on the Strict Transport Security header.
For best results, check your RSS reader today and verify that it’s using an
HTTPS URL. It should follow the redirect when I enable it, but, you never
know.
I really like the STM32 series of microcontrollers in general. They’re generally
quite reliable, the peripherals are well tested, and more often than not I can
just grab one off the shelf and not think about it too much.
However, like every microcontroller, they do contain implementation bugs, so
it’s always important to read the “Errata Sheet” (or in ST’s language, “Device
Limitations”) when you’re using a part.
I appear to have hit an implementation bug in certain STM32 lines that is not
listed in the errata sheet. I can’t find any specific description of this bug on
the internet, so I’ve attempted to nail one down. Hopefully this will come up in
the search results for someone who hits this in the future and save them some
time.
I’m trying to do something kind of unusual with lilos: in addition to almost
all the APIs being safe-in-the-Rust sense, I’m also attempting to create an
entire system API that is cancel-safe. I’ve written a lot about Rust’s async
feature and its notion of cancellation recently, such as my suggestion for
reframing how we think about async/await.
My thoughts on this actually stem from my early work on lilos, where I started
beating the drum of cancel-safety back in 2020. My notion
of what it means to be cancel-safe has gotten more nuanced since then, and I’ve
recently made the latest batch of changes to try to help applications built on
lilos be more robust by default.
So, wanna nerd out about async API design and robustness? I know you do.
I recently posted about my debugger for async Rust, which can
generate what I call “await-traces” for async code that’s suspended and not
currently running. I mentioned at the time that it appeared possible to get the
source code file name and line number corresponding to the await points, but
left that for future work.
In this post I’ll work through an example of why I’m so excited about this
technique, by building a real driver for a notoriously tricky bus one piece at a
time, using lilos.