
Network programming with Go (2012) - amzans
https://jannewmarch.gitbooks.io/network-programming-with-go-golang-/content/
======
artursapek
Go was the language where I went from being scared of writing things that use
network to understanding & enjoying it.

~~~
w8rbt
That and other things too. It's definitely the new C IMO. I like how the
author contrasts it with Java, ___" There were many things that did not copy
across due to the comparative richness of the Java libraries..."_ __. Of
course, I like Java about the same as I like Go (both great languages). But if
you are used to the wealth of pre-made data structures in Java you 'll find
arrays, slices and maps in Go to be somewhat limiting at first. You'll soon
get it though and start doing really cool things with Go.

~~~
bitwize
Rust is the new C. Go is the new Oberon.

~~~
mseepgood
Go was inspired by both C and Oberon:

[https://talks.golang.org/2015/gophercon-
goevolution.slide#17](https://talks.golang.org/2015/gophercon-
goevolution.slide#17)

[https://talks.golang.org/2015/gophercon-
goevolution.slide#29](https://talks.golang.org/2015/gophercon-
goevolution.slide#29)

Video:
[https://www.youtube.com/watch?v=0ReKdcpNyQg](https://www.youtube.com/watch?v=0ReKdcpNyQg)

Rust is too complex to be compared to C. It's more like C++ plus ML.

~~~
dkarl
* Rust is too complex to be compared to C. It's more like C++ plus ML. *

Rust is far, far less complex than C++. ML must be a large negative term in
that formula.

~~~
ssalazar
I think of it as a multidimensional space where Rust is a linear combination
of the C++ and ML vectors.

------
hacknat
If anybody wants a go library for hacking around with network programming I
wrote a golang only wrapper around the linux zero-copy socket syscall. It also
has some network utilities along with it:

[https://github.com/nathanjsweet/zsocket](https://github.com/nathanjsweet/zsocket)

------
Philipp__
How viable is this, since author said he wrote it in 2012? To me it looks
okay, but I am willing to take opinion from someone more experienced with Go.

Edit: typo

~~~
thewhitetulip
It serves as a great reference, the code in there runs with small changes, I
know this because I ran the code myself when I was contemplating adding
content from this book to my own FOSS ebook
([https://github.com/thewhitetulip/web-dev-golang-anti-
textboo...](https://github.com/thewhitetulip/web-dev-golang-anti-textbook/)),
I emailed the Professor and he gave his permission, but I skipped on adding
chapters because this book itself was available via the author's home page and
there was no point in me adding it to my tutorial, I am glad this is now
available via gitbooks!

Since Go is backward compatible, it is in the contract somewhere, you can
refer this book even though it was written a long long time ago!

~~~
steveklabnik
> it is in the contract somewhere

[https://golang.org/doc/go1compat](https://golang.org/doc/go1compat)

------
FiloSottile
I was immediately concerned seeing a "Security" section that includes a
"Public key encryption" chapter. And indeed, I was (not) disappointed.

The symmetric encryption section mentions only Blowfish (!? - not even in the
stdlib) and DES (!! - not even 3DES), not AES. There is of course no mention
of authentication, or AEADs. But it gets worse. The API presented is
Cipher.Encrypt which is CATASTROPHIC. Cipher.Encrypt is a _low-low-level_ API
that only encrypts the first block worth of data, AND LEAVES THE REST
UNENCRYPTED. It's meant to be used by CBC/CTR/GCM block mode implementations,
of which there is no mention at all.

This is all it says about, you know, encrypting real data:

> The algorithms are block algorithms. That is they work on blocks of data. If
> your data is not aligned to the block size, then you will have to pad it
> with extra blanks at the end.

This is the kind of advice which guarantees me a job forever. It's way worse
than ECB.

The "Data integrity" section mentions MD4 (for which I can and did create a
collision on my laptop in a few hundred lines of code) and recommends the
broken MD5, converting the result into 4 uint32 for... some reason? It then
calls HMAC a "variation" of a hash, while it's a completely different (and
more useful) tool.

The public key chapter only mentions RSA, which is completely
useless/dangerous on its own, and probably not what you should use in 2017,
and offers a code snippet to generate a 512 bit key. 512. The stuff that
academics break for fun.

The X.509 chapter makes a CA cert instead of a leaf.

The TLS section needlessly sets config.Rand and sets config.Time TO A FIXED
VALUE, which off the top of my head _might_ only break connections after a few
minutes and not their security. Maybe. (And uses a funny "[0:]" with a
needless 0, which I guess is a C-ism.)

> Security is a huge area in itself, and in this chapter we have barely
> touched on it. However, the major concepts have been covered.

The whole section should just have been a link to
[https://github.com/gtank/cryptopasta](https://github.com/gtank/cryptopasta)
not to be harmful, but as it is, it is actively toxic.

I'm not saying anything about the quality of the rest of the book, but if you
write a book on X where X != cryptography, please don't try to teach the user
how to use cryptography. Or how to secure a gun.

~~~
zzzcpan
Well, I got the impression that the book is an introduction, targeting
newbies. Some things look out of place there, like cryptography and
distributed systems. Maybe he needed to fill the pages, I don't know. But
don't take it seriously, nobody is really going to look at those things and
understand what they are about or make any use of them. People are going to
have to learn a lot more to even get to a reliable networking service in Go,
this book is not going to cut it.

~~~
hueving
>they are about or make any use of them

I can't stress enough how wrong this is. The majority of mediocre programmers
will take anything written in a book as gospel. When their boss tells them to
encrypt the customer data, there is a non negligible chance they will go
straight to a cryptography section in a book they read and copy it.

~~~
ivanhoe
That's true, but no book can cover everything about every topic. Even if they
put the disclaimer that examples are not to be just copy&pasted, superficial
people will still do exactly that. Because that's what superficial people do.
And IMHO it's not up to book authors to fix the flows in human nature...

~~~
FiloSottile
So if you lack the space, time or expertise to cover cryptography, you don't.

There is no positive value in that section. Readers will only be hurt by it.

------
brink
I can't close the side menu to read the article on Android Chrome
[http://i.imgur.com/mHGr2jb.png](http://i.imgur.com/mHGr2jb.png)

~~~
thijsvandien
Click the hamburger icon in the upper right corner.

~~~
neutralid
There are horizontal lines on Safari in the upper left corner that closes the
sidebar.

If I don't close the sidebar, for whatever reason, Safari blanks the page on
mouseover.

------
looserof7
I'm waiting for one.

