txt and caa rr strings might contain binary control characters
such as newlines and double quotes which mess up the output
in ndb(6) format.
so handle them as binary blobs internally and escape special
characters as \DDD where D is a octal digit when printing.
txtrr() will unescape them when reading into internal
binary representation.
remove the undocumented nullrr ndb attribute parsing code.
introduce our own RR* format %P for pretty
printing and call %R format internally,
then use it to print the rest of the line
after the tab, prefixed with the padded
output.
have todo multiple fmtprint() calls for idnname()
as the buffer is shared.
do not idnname() rp->os and rp->cpu, these are symbols.
always quote txt= records.
- allow for external command to be run to install a challenge using -e flag
- remove the challengedom argument, it is given by the subject in the csr
- fix some filedescriptor leaks in error paths
It is a bit of a annoyance that kenc will try to expand
function like macros on any symbol with the same name
and then complain when it doesnt see the '(' in the
invocation.
test case below:
void
foo(int)
{
}
struct Bar
{
int baz; /* <- should not conflict */
};
void
main(void)
{
baz(123);
}
in OpenBSD 6.9 and up, the kernel (bsd, bsd.mp) still has
the ostype symbols, but bsd.rd appears to have lost them,
even when decompressed.
so, as a result, we should use what we have, which isn't
much.
Due to the way LCA is defined, a using a strict LCA
on a graph like this:
<--a--b--c--d--e--f--g
\ /
+-----h-------
can lead to spurious requests to merge. This happens
because 'lca(b, g)' would return 'a', since it can be
reached in one step from 'b', and 2 steps from 'g', while
reaching 'b' from 'a' would be a longer path.
As a result, we need to implement an lca variant that
returns the starting node if one is reachable from the
other, even if it's already found the technically correct
least common ancestor.
This replaces our LCA algorithm with one based on the
painting we do while finding a twixt, making it give
the resutls we want.
git/query: fix spurious merge requests
Due to the way LCA is defined, a using a strict LCA
on a graph like this:
<--a--b--c--d--e--f--g
\ /
+-----h-------
can lead to spurious requests to merge. This happens
because 'lca(b, g)' would return 'a', since it can be
reached in one step from 'b', and 2 steps from 'g', while
reaching 'b' from 'a' would be a longer path.
As a result, we need to implement an lca variant that
returns the starting node if one is reachable from the
other, even if it's already found the technically correct
least common ancestor.
This replaces our LCA algorithm with one based on the
painting we do while finding a twixt.
Plumber both posts a service to /srv and sets a $plumbsrv environment
variable. Our libplumb no longer uses $plumbsrv and nothing else
does. It's a silly hack; rc doesn't update /env immediately, and
scripts, which for instance set up subrios, cannot rely on it to
clean up the plumber at the end.
Instead, add the option to specify a srvname, actually check for some
common errors and print a usage string.
Thanks to Ori for input and a preliminary patch.
- enforce same behaviour as cachedb server in dblookup():
- force Taaaa record type on ipv6= attributes, regardless of value
- return Taaaa records for ip= attributes containing ipv6 values
- return Ta records only for ip= attributes containing ipv4 values
- for compatibility, bring back support for txtrr= type, but handle consistently
Git has the ability to track the person who
creates a commit separately from the person
who wrote the commit. For git9, we ignored
this feature.
However, as we start using git/import more,
it will be useful to figure out who imported
a commit, as well as who wrote it.
This change adds support for seeing this
information in git, as well as setting the
author and committer separately in git/import.
Target generation is revised, split into $YTARG and $TARG.
$PROGS is inlined to the cmd target.
%.cpus is added to allow chaining: mk all.cpus
$POWERLESS is added, since dtracy doesn't build yet on ppc.
$DIRS regexp is simplified, simplifing $NOMK.
$cpuobjtype is replaced with cp's recipe for copying itself on $cputype.
$APEDIRS is removed.
The none target is renamed to usage, since it prints out usage.
The ape target is removed.
The dirs target is replaced by all.dirs
%.directories is replaced by %.dirs
The all target serializes directories after cmds to match the install target recipe.
All regexp rules are replaced with nonregexp versions for clarity.
The &:n: rule is removed. Just build the $O.$cmd file.
.y files now build .c files, not .tab.c files, and remove (bc|units|mpc|pc).c:R:
All safeinstall rules are removed.
The cleanfiles rule is renamed to cleancmds and simplified.
%.clean is removed. Just use mk cleancmds.
The install rule serializes cp and yacc before building anything else, avoiding races.
The installall recipe is simplified with the install.cpus prereq.
%.installall is removed. Just use mk $cmd.install.cpus
The $O.cj, %.update, and compilers rules are removed.
openssh now disables RSA/SHA-1 by default, so using RSA/SHA-1 will
eventually cause us problems:
https://undeadly.org/cgi?action=article;sid=20210830113413
in addition, github will disable RSA/SHA-1 for recently added RSA keys:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
this patch modifies ssh.c to use RSA/SHA-256 (aka rsa-sha2-256)
instead of RSA/SHA-1 (aka ssh-rsa) as the public key algorithm.
NOTE: public rsa keys and thumbprints are ***NOT AFFECTED***
by this patch.
while we're here, remove the workaround for github.com. it seems
that github has fixed their implementation, and does not look into
macalgs when we're using an aead cipher.
---
> This patch enables use of the igfx controller rather than vesa on the
> eeepc1005ha netbook. This means using the full screen resolution of
> 1024x600.
> *Andrew Eggenberger*
Per the docs:
the sender SHOULD include a LF, but the
receiver MUST NOT complain if it is not
present.
I typoed away the SHOULD, and got missed the
MUST NOT.
thanks qbit.
the subst utility no longer supports a '-g'
flag, but this was left behind in commit;
this means that the lines listing modified
files were not correctly commented in the
commit header.
This is mostly harmless, but when using an
editor like sam to edit the commit message,
the modified lines would have to be removed
manually.
Often, people (including myself) will write emails that
can almost be applied with git/import. This changes
git/diff and git/import so that things will generally
work even when assembling diffs by hand:
1. git/import becomes slightly more lax:
^diff ...
^--- ...
will both be detected as the start of a patch.
2. git/diff produces the same format of diff
as git/export, starting with paths:
--- a/path/to/file
+++ b/path/to/file
which means that the 'ape/patch -p1' used
within git/import will just work.
So with this, if you send an email to the mailing list,
write up a committable description, and append the
output of git/diff to the end of the email, git/import
should just work.
[this patch was send through the mailing list using the
above procedure, and will be committed with git/import
to verify that it works as advertised]
Before applying this patch the following will fail to open ed
in the '/tmp/s p a c e' folder:
<snip>
% mkdir '/tmp/s p a c e'
% window -cd '/tmp/s p a c e' ed
!pwd
/tmp/s p a c e
!
q
<snap>
After applying the patch the above sequence works as expected,
opening ed in the '/tmp/s p a c e' folder, printing the present
working directory, and quitting ed.
The root cause was a faulty computation of the pointer `s`,
being off by one, leading to any arguments after the
directory path to be skipped.
This regression was introduced in revision:
• 614f1d6268
Thanks umbraticus for finding and reporting the issue.
The device address is highly variable and depends on
all prior enumerated devices.
This can happen with some devices that do not have
a serial number and all devices of the same type
having the same hname.
Using a counter of collisions per hname makes more sense
and is more stable (given that the order devices are
enumerated is deterministic).
This allows mapping incoming filenames to a different name
using regular expressions, followed by subtitutions
of the %[ICE] format strings.
I needed this to have individual cmdline.txt files for
netbooted raspberry pi's. In this example, i map cmdline.txt
to %C, which gets substituted for /cfg/pxe/$ether of the client.
The transitional PCI device ID for block devices is 0x1001, and the
virtio spec says that devices must have the transitional device ID or
0x1040 + the virtio device ID (2).
Mothra does not currently render text inside <samp> tags inline
similar to <code>, but instead treats them like <pre> which is actually
incorrect behavior. The following small patch should fixes issue.
This does not have any adverse effect, since yylex never calls mpatov
with a string with leading 0 (and not 0x) that contains non-octal
digits, but the condition was wrong regardless.
Strings for existing codes in the most used server (OpenSSH) just
repeat the error code name. OTOH we like to have wording of the
strings under our control as much as possible, so we can easier find
and process them. Error strings are still usefull as fallback for
compatibility with future versions of the server.
- fix showpage1 only decrementing proc counter once limit is reached;
this blocked having more than one loadpages process after NPROC calls,
since the next one has to wait until the last has exited
- allow procs to skip pages currently being loaded by others; this
forced processes to wait for each other at the same page
- bump NPROC from 4 to 8
- (hack) immediately fork a few times after adding all pages at
startup to force loading a batch of pages in parallel
programs that try to use /srv would choke when running
under iostats, because we intercepted operations on the
special, magic fd passing; we should instead give them
access to the real /srv.
when running outside of a repository, we would try to
remove '$msgfile.tmp', but we had never actually set
'$msgfile'.
the error is harmless, but annoying.
The following patch fixes acme display glitches at the bottom fringe
of columns when adding/moving/resizing windows.
Here an example of an easy to reproduce case:
• https://invidio.xamh.de/watch?v=iLekQrxycaM
…opening acme and resizing a column to the right is all that is needed.
The functions winresize(…) and textresize(…) are extended with an
additional parameter `fillfringe` to indicate if a window/tag shall
fill a potential fringe area that would otherwise remain white.
The changes have been inspired by the approach taken in plan9port
acme.
Eckard's test case:
cat <<! | cat
asdf
!
The issue is that we have to continue parsing until we see
the '\n' before consuming the here document.
So we revert to the old approach of having two functions:
heredoc() which remembers if we'v seen a heredoc redirection
and a second readhere() function that reads the doc from
the lexers input and sets Tree.str on thee REDIR node.
due to the way the size of buf was calculated, the parent
file had one trailing null byte for each parent. also, while
we're here, replace the sprint with seprint, and compute the
size from how much we printed in.
Fixup remaining Plan9 dependencies (chartorune()).
Add Makefile for UNIX-like systems (tested with Linux and APE).
Make error printing consistent, use Errstr() explicitely.
Get rid of NSTATUS buffer limit, just malloc it.
git used to track cache size in object
count, rather than bytes. This had the
unfortunate effect of making memory use
depend on the size of objects -- repos
with lots of large objects could cause
out of memory deaths.
now, we track sizes in bytes, which should
keep our memory usage flatter.
Untangle the lexer and interpreter thread state.
Fix the file and line number error reporting, getting rid of
Xsrcfile instruction, as the whole code block can only come
from a single file, stuff the source file in slot[1] of the
code block instead.
Remove limitations for globber (path element limits)
and be more intelligent about handling globbing by
inserting Xglob instruction only when needed and not
run it over every Xsimple argument list.
Remove fragile ndot magic and make it explicit by adding
the -q flag to . builtin command.
Add -b flag for full compilation.
Make exitnext() smart, so we can speculate thru rcmain and
avoid the fork().
Get rid of all print(2) format functions and use io
instead.
Improve the io library, adding rstr() to handle tokenization,
which allows us to look ahead in the already read buffer
for the terminators, avoiding alot of string copies.
Auto indent pcmd(), to make line number reporting more usefull.
Implement here documents properly, so they can work everywhere.
We seem to have a botch in the protocol negotiation, where
we leak some protocol packets into the packfile; this will
need to be fixed before we put this change in.
The initial working directory of a new window may be set by a
`-cd directory` option. However, the `-cd directory` option is
not capable of handling paths with spaces when used via wctl.
To enable paths with spaces the function
/sys/src/cmd/rio/wctl.c:/^parsewctl is extended to handle quoted
directory paths.
Before applying the patch the following will fail to open a new
window by writing to /dev/wctl:
<snip>
% rio -i window
% mkdir '/tmp/path with space'
% echo new -cd '''/tmp/path with space''' window -x rc >> /dev/wctl
% pwd
/tmp/path with space
<snap>
The following invocation fails as well:
<snip>
% window -cd '/tmp/path with space'
% pwd
/tmp/path with space
<snap>
After applying the patch the above sequences work as expected,
opening a window running rc with the working directory set to
'/tmp/path with space'.
exportfs -d logs 9p traffic to /tmp/exportdb.
-f allows writing to a different file.
exportfs silently continues if it doesn't have
permissions to create or write to /tmp/exportdb.
These are poor behaviors.
A better default is to write to stderr, since it
is 9P debug info that is better immediately printed,
and not user info that is better handled by syslog().
As a result, -f is obsolete and thus removed.
Redirect responsibility is now on rc.
As a side effect, rc will fail if it doesn't
have permissions to write.
exportfs(4) is updated to reflect all changes
and with a better Synopsis.
oexportfs is changed to match exportfs.
oexportfs(4) is updated to reflect all changes.
The Synopsis is not changed due to the number of flags.
Removed -f from iostats.
iostats(4) is updated to reflect all changes.
---
snoopy shares ndb/dns's dns parser code, but has its own
copy of rralloc() function, which is responsible to allocating
auxiolary data structures on an RR depending on the type.
ndb/dns gained some support for some new types, but snoopy's
copy of rralloc() was not updated, resulting the auxiolary
structures to be nil, and the shared parsing routines crashes
when trying to dereference them.
this just syncs the copies, we might consider moving rralloc()
into its own file so it can be completely shared.
Git currently gets a bit confused if you try to
manipulate files by absolute path. There were also a
number of places where user-controlled file paths ended
up getting passed to regex interpretation, which could
confuse things.
This change mainly does 2 things:
- Adds a 'drop' function which drops
a non-regex prefix from a string, and uses
that to manipulate paths, simplifies 'subst',
and removes 'subst -g', which was only used
with fixed regexes; sed does this job fine.
- When getting a path from a user, we
make it absolute and then strip out the head
Along the way it cleans up a couple of stupids:
- 'for(f in $list) if(! ~ $#f 0) use $f:
$f can't be a nil list because of
list flattening.
- removes a useless substitution here:
all=`$nl{{git/query -c $1 $2; git/query -c $2 $3} | sed 's/^..//' | \
gsubst '^('$ourbr'|'$basebr'|'$theirbr')/*' | sort | uniq}
where git/query -c doesn't produce
paths prefixed with the query.
exportfs -d logs 9p traffic to /tmp/exportdb.
-f allows writing to a different file.
exportfs silently continues if it doesn't have
permissions to create or write to /tmp/exportdb.
These are poor behaviors.
A better default is to write to stderr, since it
is 9P debug info that is better immediately printed,
and not user info that is better handled by syslog().
As a result, -f is obsolete and thus removed.
Redirect responsibility is now on rc.
As a side effect, rc will fail if it doesn't
have permissions to write.
exportfs(4) is updated to reflect all changes
and with a better Synopsis.
Update tinc(8) man page to:
1. state the implementation aligns with 1.0.36 of tinc.org;
2. use same hostname as mentioned in usage line.
Fix typos in tinc.c.
The '-m' flag was added to date largely
to support git scripts. It predates the
tmdate code, which is why it exists, but
it's a recent enough addition that nothing
I'm aware of uses it, other than git.
As a result, it would be good to remove
it, so let's do that.
when running 'mk clean', we get a stray
libpanel.$O.a, because our 'mk clean'
rule expects libpanel.a$O.
This causes build failures after mk clean
on a symbol change.
> After some tinkering I managed to get igfx working on this device.
> hw cursor works.
> The only caveat is that I can only get video over hdmi...
> will revisit displayport later
currently, git/fetch prints the refs
to update before it fully fetches the
pack files; this can lead to updates
to the refs before we're 100% certain
that the objects are present.
This change prints the updates after
the packfile has been successfully
indexed.
> String becomes stringbg so we have guaranteed max contrast in case the
> user changes the picture. (If you don't change the picture, it's
> white-on-black-on-black (sic) and you would never notice the change.)
When pulling into a git repository that is group
writable as a non-owner, the pack file is left
in place because we do not have permission to
remove it.
We also leave it behind if we bail out early due
to an error, or due to only listing the changes.
This pushes down the creation of the file, and
cleans it up on error.
thanks to Anthony Martin for spotting the bug.
git/fetch: ensure we clean packfiles on failure
When pulling into a git repository that is group
writable as a non-owner, the pack file is left
in place because we do not have permission to
remove it.
We also leave it behind if we bail out early due
to an error, or due to only listing the changes.
This pushes down the creation of the file, and
cleans it up on error.
Also, while we're here, clean up index caching,
and ensure we close the fd in all cases.
thanks to Anthony Martin for spotting the bug.
when a virtio device gets reset, we have to also reset the device
shadow indices: availableidx and usedidx. for extra safetly,
we also reset the buffer descriptor table addresses.
this is accomplished by adding a vioqreset(VIOQueue*) function
that brings the queue to its initial reset state.
this fixes non functional ethernet after reboot(8).
fn foo @{bar} is now equivalent to
fn foo {@{bar}}. As a side effect,
this disallows creating functions
named after keywords without first
quoting them.
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
git/export *almost* produces output that can be
emailed with upas using
git/export $commit | mail maintainer@site.com
but, the
From: commit-id date
line that git generates trips it up. Luckily,
'git am' doesn't seem to care much if that line
is missing, so we can simply omit it with no issue.
When resizing windows, vt would signal ssh by updating
the window size and sending an interrupt. Ssh reacted
by forwarding both the winch and an interrupt.
This change adds a WINCH generation counter so that
ssh can differentiate between resizes and interrupts.
If an interrupt comes in, and the WINCH generation
changes, then the interrupt is taken as signalling a
WINCH.
The change to "assignment not used" breaks symmetry with
"used and not set" and removes the reference to the
specific warning mentioned in /sys/doc/comp.ms.
Also, the patch was half-assed as that it left some typos
in like "used an not set", which this change also fixed.
We weren't correctly skipping the location operators
in codefree. This would mostly be work, but sometimes
you'd get unlucky and have one of the argmuents mismatch,
and that would lead to an invalid free.
This correctly skips the args in codefree.
Since we now store /dist/plan9front in git, the
initial assumption that the owner of the repo
is the person touching it is not always true.
This change gives us a better heuristic for the
file permissions we should have in the files we
copy around, basing it off of the permissions of
the .git directory.
When loading a file using ".", we could
end up with our line numbers thrown off
due to the mutation of lexline. Putting
lexline into the runq beside the file
that we're reading from causes it to get
pushed and popped correctly, so that we
no longer lose track of our location.
As checking for all zero has to be done in a timing-safe
way to avoid a side channel, it is best todo this here
instead of letting the caller deal with it.
This adds a return type of int to curve25519_dh_finish()
where returning 0 means we got a all zero shared key.
RFC7748 states:
The check for the all-zero value results from the fact
that the X25519 function produces that value if it
operates on an input corresponding to a point with small
order, where the order divides the cofactor of the curve.
term% cal -s1 2021
2021
Jan Feb Mar
M Tu W Th F Sa Su M Tu W Th F Sa Su M Tu W Th F Sa Su
1 2 3 1 2 3 4 5 6 7 1 2 3 4 5 6 7
4 5 6 7 8 9 10 8 9 10 11 12 13 14 8 9 10 11 12 13 14
11 12 13 14 15 16 17 15 16 17 18 19 20 21 15 16 17 18 19 20 21
18 19 20 21 22 23 24 22 23 24 25 26 27 28 22 23 24 25 26 27 28
25 26 27 28 29 30 31 29 30 31
…
Note how the days (i.e. ' M Tu W Th F Sa Su') for Feb and Mar
do not align with the day numbers.
This is because an extra space is left *before* adding the terminating
'\0' via the pointer `dayw`.
With the patch applied the calendar aligns nicely for the year view:
term% cal -s1 2021
2021
Jan Feb Mar
M Tu W Th F Sa Su M Tu W Th F Sa Su M Tu W Th F Sa Su
1 2 3 1 2 3 4 5 6 7 1 2 3 4 5 6 7
4 5 6 7 8 9 10 8 9 10 11 12 13 14 8 9 10 11 12 13 14
11 12 13 14 15 16 17 15 16 17 18 19 20 21 15 16 17 18 19 20 21
18 19 20 21 22 23 24 22 23 24 25 26 27 28 22 23 24 25 26 27 28
25 26 27 28 29 30 31 29 30 31
…
When switching a branch implicitly -- ie, creating a local
branch off of a remote branch -- we would get the list of
changed files before we would resolve the implicit branch
switch, leading to an empty list of changes.
All of these files appear to have been imported from sources in a
case-insensitive manner and consequently lost their original content.
- Hx, Hb, and Hi fonts should be narrow versions of Helvetica
- c[1-3] fonts should be condensed versions of Century Old Style
- the lH character should be a filled left hand symbol
- the rh character should be a stroked right hand symbol
- the rc character should be the right ceiling symbol
I've verified that these are the only files that collide with others
when ignoring case (aside from rc/bin/[Kk]ill but those are correct).
git/import expected a patch, however upas/fs serves
either a raw file without any of the mime decoding
and line joining, or a directory, with the headers
and body split out.
This makes it a pain to apply some mails.
So, here we teach git to import upas dirs natively,
making it easy to handle all patches that come in
as emails.
git/push died within a subshell, which prevented the
whole program from exiting, and lead to an incorrect
ref update line that confused people.
git/send would eventually error out, but would push
all the data before that happened; this was annoying.
It's not fatal for someone else to push a branch
with objects that we don't have. We should deal
with it gracefully, and act as though it doesn't
exist.
In showlist, call bwindata instead of bwinopen in order to use a
pre-existing fd to write to the data file. This existing fd will
properly honour any address set by a previous write to the addr file.
Specifically, the redraw function sets addr to "," before calling
showlist in order to overwrite the entire contents of the window.
This is implemented by checking first if the uri is
a directory containing the .git/ subdirectory.
If this is the case, we fork git/serve serving the
repository on a pipe.
We weren't giving all objects to the twixt() function, and
it was making bad life choices -- gambling, smoking, drinking,
and packing in too much data.
With more information, it doesn't do the last.
The 9p debug server was broken as it assumed the first
tree file added would have a qid of 0 (it has a qid
of 1 as the root directory is using 0 already).
Instead, just compare File* pointers and get rid of
the table (less code).
When passing 64-bit unsigned addresses as 64-bit signed
file offsets, we have to make sure to not pass negative
offsets (filtered out by kernel and lib9p)!
This is solved by clearing and sign bit in encoding and
63-bit sign extension on decoding.
Make the mem file writable (needed for acid).
The 9p debug server provided a single directory containing
mem and regs files. This patch renames the regs file
(which is in vmx specific text format) to "xregs" and
adds "regs" and "kregs" file which use the same format
as exported by the kernels /proc filesystem.
This allows one to bind the vmx directory over a proc
directory and attach acid to a running system like:
mount -b /srv/vmx /proc/1
acid -k -lkernel 1 /sys/src/9/pc64/9pc64
If we tokenize the register file contents in a static buffer,
we can avoid having to duplicate the register names.
All callers to rpoke() provide constant register arguments
so they also do not need to be duplicated.
Now that we have these new functions,
we can also make them return an error
instead of calling sysfatal() like
postmountsrv().
Remove the confusing Srv.srvfd, as it
is only temporarily used and return
it from postsrv() instead.