Commit graph

9108 commits

Author SHA1 Message Date
Sigrid Solveig Haflínudóttir
023882f0a4 libtags: no tags is still fine if format is known 2021-10-31 17:38:18 +00:00
cinap_lenrek
1051b023a8 libc: idn2utf()/utf2idn(): check for < 1 buffer, can't insert terminating NUL. 2021-10-31 12:43:47 +00:00
cinap_lenrek
32665f51c7 libsec: no point in checking for "xn--" marker, just call idn2utf(). 2021-10-31 12:40:47 +00:00
cinap_lenrek
9d15403fda libc: fix overflow of domain component rune buffer for idn2utf()
If the source string has a run of more than 256 runes without
a "." dot, we'd overflow the runebuffer in idn2utf().

The utf2idn() routine had a check in the while loop, but that
is actually wrong too, as it would insert a dot and restart
the loop in the middle of a domain component. Just error
out if a domain component is too long.
2021-10-31 12:39:46 +00:00
Ori Bernstein
7b4e3be27e ape: add missing idn2utf, utf2idn to lib9
this fixes the libsec build under ape.
2021-10-31 04:42:34 +00:00
cinap_lenrek
aebf92224f acmed: pass original utf8 subject domain to challengefn, simplify
try to keep everything in utf8 format.
2021-10-31 02:16:17 +00:00
cinap_lenrek
3f2a206151 libsec: decode international domain names in certificat subject, fix overflow botch
this is for consistency, so all certificte subjects
will be returned in utf8.
2021-10-31 01:49:25 +00:00
cinap_lenrek
a9e533ad1e acmed: handle international domain names 2021-10-31 00:12:36 +00:00
cinap_lenrek
bda0561f45 libsec: handle international domain names in certificate request 2021-10-31 00:10:13 +00:00
Ori Bernstein
7879a3a9a6 acmed(8): ip => auth: missed a reference to the old name 2021-10-29 20:13:53 +00:00
Sigrid Solveig Haflínudóttir
35a8152ebc git/pack: check pf->pack for nil before Bterming it 2021-10-28 15:26:57 +00:00
Sigrid Solveig Haflínudóttir
18521fc8c6 mkplist: add -s option to enable "simple" sort (thanks qwx) 2021-10-28 15:20:13 +00:00
Sigrid Solveig Haflínudóttir
a84f3ef581 zuke: simplify volume control logic 2021-10-28 14:59:46 +00:00
Sigrid Solveig Haflínudóttir
4b7e72689d zuke: reset before tokenize, increase player thread stack 2021-10-27 22:02:31 +00:00
Ori Bernstein
c5a0909b67 acmed: remove unused define
we don't use or care about the user agent.
2021-10-27 19:34:29 +00:00
Ori Bernstein
d8a1437cf4 acmed: move from ip/ to auth/
Getting certs is more tied to authentication than it
is to ip.
2021-10-27 19:33:22 +00:00
cinap_lenrek
8eaec71089 acmed(8): typo... 2021-10-27 17:18:24 +00:00
cinap_lenrek
96560abe44 acmed: reject -t flag when -e is given, dup stderr to stdout of -e cmd 2021-10-27 17:08:20 +00:00
cinap_lenrek
ae9918c93e acmed(8): more improvements 2021-10-27 17:06:48 +00:00
cinap_lenrek
854cd42fe1 rootstub: create /sys/lib/tls/acmed directory 2021-10-27 17:05:07 +00:00
cinap_lenrek
463bbddb8d rsa(8): document rsa2jwk 2021-10-27 17:04:13 +00:00
Sigrid Solveig Haflínudóttir
e8083eca17 zuke: do not change volume with delta == 0 2021-10-26 15:37:04 +00:00
Sigrid Solveig Haflínudóttir
8c6daa778a zuke: support other volume handles, update volume when /dev/audio is opened 2021-10-26 15:08:35 +00:00
cinap_lenrek
de62d32422 /lib/ndb/local: add dnschallenge ndb file for acmed(8) by default 2021-10-25 22:40:36 +00:00
cinap_lenrek
c9a20db1f1 acmed(8): fix typo 2021-10-25 21:48:05 +00:00
cinap_lenrek
79c6a0f342 acmed: tokenize domains from subject also with spaces (fixed multidom cert) 2021-10-25 18:15:53 +00:00
cinap_lenrek
87eb9bc2b7 acmed: add external command flag -e, improvements, bugs
- allow for external command to be run to install a challenge using -e flag
- remove the challengedom argument, it is given by the subject in the csr
- fix some filedescriptor leaks in error paths
2021-10-25 16:59:29 +00:00
cinap_lenrek
4efd8575eb ndb(6): add caa 2021-10-25 02:00:22 +00:00
cinap_lenrek
20cff04fd2 ndb/dns: implement caa record type in ndb
this allows the caa records to be specified
in ndb as:

caa=<value> tag=<tag> flags=<flags>

where tag defaults to "issue" and flags to 0
when omited.
2021-10-24 22:15:26 +00:00
Ori Bernstein
c2661f86fc git/serve: one more silencing of non-interactive prints 2021-10-24 14:37:36 +00:00
Ori Bernstein
a7f6b58d0d git/serve: don't show progress when not interactive
this prevents console spam
2021-10-24 01:36:46 +00:00
cinap_lenrek
5b5f69513a kernel: make growfd(), findfreefd() and newfd2() static 2021-10-23 15:54:30 +00:00
cinap_lenrek
1180631421 devswap: improve setswapchan()
- check for unusable file types like directories and append-only files.
- we should eigther error without any side effects or succeed.
2021-10-23 15:12:27 +00:00
cinap_lenrek
db971a6189 kernel: fix stat bugs
In a few places, we where using a fixed buffer of sizeof(Dir)+100
size for stat. This is not correct and fails if the name returned
in stat is long.

This results in being unable to seek to the end of file with a
long filename.

The kernel should do the same thing as dirfstat() from libc;
handling the conversion and buffer allocation and returning a
freeable Dir* pointer.

For this, a new dirchanstat() function was added.

The fstat syscall was not rewriting the name to the last path
element; fix it.

In addition, gracefully handle the mountfix case, reallocating
the buffer to accomidate the required stat length plus
size of the new name so dirsetname() does not fail.
2021-10-23 13:40:06 +00:00
cinap_lenrek
e54b6c6cbd libsec: fix wrong assert condition (introduced in 775a4bea43) 2021-10-22 13:37:27 +00:00
Ori Bernstein
5e2bf722c3 acmed(8): missed a spot 2021-10-21 02:11:03 +00:00
Ori Bernstein
72a0886639 acmed(8): fix typos, formatting, and missed name change. 2021-10-21 02:01:43 +00:00
cinap_lenrek
ee31c78080 libsec: fix operator precedence bugs (thanks kemal) 2021-10-17 23:35:37 +00:00
cinap_lenrek
e0d2453f56 libsec: fix bugs in tls extension handling (thanks kemal)
this patch fixes bugs in tls extension handling:

1. if conn->serverName is an empty string, tlsClientExtensions
will generate a SNI with an empty hostname, which is forbidden
according to RFC 6066:

opaque HostName<1..2^16-1>;

check if conn->serverName has at least one char.

2. checkClientExtensions fail with clients that doesn't have
extensions, because it doesn't check if ext is nil. fix that
up.

3. rewrite checkClientExtensions. some parts of the code does
not check the length properly, and it could be simplified
heavily.
2021-10-17 23:19:33 +00:00
cinap_lenrek
741e943341 acmed(8): add bugs section 2021-10-17 20:19:09 +00:00
cinap_lenrek
2731ae50d3 libaml: resolve refs in ObjectType instruction
The standard states in section 19.5.93:

.... Notice that if this operation is performed
on an obeject reference such as one produced by
the Alias, Index, or RefOf statements, the obect
type of the base object is returned.
2021-10-17 19:52:28 +00:00
cinap_lenrek
31bb950b70 libaml: implement ObjectType instruction (thanks sigrid) 2021-10-17 19:29:09 +00:00
cinap_lenrek
d0909089b2 libaml: implement ToString instruction 2021-10-17 18:45:05 +00:00
cinap_lenrek
72d08816ab devtls: implement "hangup" ctl message
This makes devtls connection directories compatible to
hangup function (see dial(2)).
2021-10-16 15:07:39 +00:00
cinap_lenrek
bb2357de0c fork(2): document new error behaviour when out of resources 2021-10-16 13:14:53 +00:00
cinap_lenrek
20429fb04f kernel: call freebroken() for kproc() when out of processes 2021-10-16 13:14:14 +00:00
cinap_lenrek
a557c515c8 kernel: dont block allocating kstack for new processes
Have newproc() fail returning nil if we can't allocate
the kernel stack instead of locking up in smalloc().
2021-10-16 13:12:59 +00:00
Ori Bernstein
4c7745b202 acmed: import acme (RFC8555) client 2021-10-15 00:32:32 +00:00
cinap_lenrek
5a807265a8 libthread: fix debug prints, simplify
Do the debuglevel check before calling the print
function for _threaddebug, by making it a macro.
Do not waste cycles passing arguments.

Generalize the _threaddebug function into _threadprint()
and add a varargcheck pragma. This function can
also be used from _threadassert().

Fix missing arguments in one case, fix trailing
newlines in _threaddebug().

Make _threadgetproc()/_threadsetproc() a macro,
just dereferencing Proc**_threadprocp.

Simplify the mainjump, just call _threadsetproc()
directly without that mainp dance. Remove the
_schedinit() argument, it uses _threadgetproc() now.
Get rid of Mainarg struct, just have a global variable
for argc.
2021-10-13 17:08:26 +00:00
cinap_lenrek
3fe3e370e3 usbxhci: xhcirecover proc does not need to check status every 10ms
The timing loop is here for the case if the
controller doesnt produce an interrupt when
becoming broken. In normal case, we should
just get worken up from the interrupt.

In any case, 100 times a second polling is
not neccessary here, increase to 1 second.
2021-10-13 16:57:38 +00:00