yawkat - Network

Today in Micronaut optimization: The left code is almost twice as fast as the right code… Until it's compiled by C2, then it's...

Today in Micronaut optimization: The left code is almost twice as fast as the right code… Until it's compiled by C2, then it's slower. It's amusing to watch the benchmark *slow down* during the warmup phase.

I don't do this level of optimization very often, but my guess is that the CPU really does not like a data dependency between loop iterations.

If I say that it's secure in the javadoc, it can't be broken, right?...

If I say that it's secure in the javadoc, it can't be broken, right? https://github.com/micronaut-projects/micronaut-core/blob/3df8c497843cf1235cbf6165898c22c4aad072bd/http-server-netty/src/main/java/io/micronaut/http/server/netty/QuicTokenHandlerImpl.java

Does anyone have a secure implementation of the QUIC address validation token [1]? The example in quiche [2] is explicitly insecure. It...

Does anyone have a secure implementation of the QUIC address validation token [1]? The example in quiche [2] is explicitly insecure. It *looks* to be as easy as MAC(address || connection id). Spec also mentions a timestamp, I guess to make the token expire. But I don't want this code to end up in a CVE in two years because I missed something :)

[1] https://datatracker.ietf.org/doc/html/draft-ietf-quic-transport-23#section-8.1.3
[2] https://docs.quic.tech/quiche_server/fn.mint_token.html