initThumbprints() now takes an application tag argument
so x509 and ssh can coexist.
the thumbprint entries can now hold both sha1 and sha256
hashes. okThumbprint() now takes a len argument for the
hash length used.
the new function okCertificate() hashes the certificate
with both and checks for any matches.
on failure, okCertificate() returns 0 and sets error string.
we also check for include loops now in thumbfiles, limiting
the number of includes to 8.
previously nusb/ptp showed only 'generic folder' association type as directories, but all associations work as directories. tested with LG G5/android 7.0
when we initiate re-key exchange we data packets can still
come in. so instead we have everything that can come in all
the time in dispatch() function (including KEXINIT) and have
the receiver process just call that in a loop. exclude dispatch
and the sender proc from corrupting each others sendpkt() calls
with the QLock sl.
the event library doesnt do any flow control. if the host
keeps sending data while the user is mousing arround,
extract() will collect the data until memory fills up.
so instead we abandon the event library and convert
the program to use channels.
this makes implementing ssh-rsa authentication easier, as we
then can convert the public key directly to ssh format and check
if the server will accept that public key.
tlshand just needs the modulus to see if the public key matches
the one it has from the certificate.
we used to check for mb->d->name != nil before stating, to avoid
stating pop3/imap mailboxes who don't really have a local file,
but this breaks when the md->d is reconstructed (faked) from
the index! resulting in the mailbox stop being refreshed.
the solution is to not have mb->d == nil for imap/pop mailoxes.
- ignore directories in dirskip()
- use sortkey of 0 for invalid items, otherwise it could confuse qsort()
- use file size from dirreadall() instead of doing stat
- various cleanups
theres a race condition when mail delivery to mdir is slow,
then upas/fs sees partial mail file and caches the truncated
file size.
to avoid this, delivery will create the new mail file with
the .tmp extension (which is ignored by upas/fs) and after
everything has been written, rename it to the final name.
calculate alloc flag before waserror(), as compilers like
gcc will not notice the value changing later because
setjump() restores the old value due to callee-saves.
change is applies here to make it easier to merge with
drawterm.
thanks to aiju for debugging this; used to cause drawterm
memory leak until compiled with gcc -O0.
when converting mpint to bytes, always pad it to the size of
the modulus (RSA,DHE,ECDHE). mptobytes() now takes a byte len
parameter which the caller usually calculates from the group
modulus using mpsignif(). this bug sometimes caused "bad record mac"
after the handshake.
use a shared buffer, given that msgSend()/msgRecv() don't overlap
we can use the first half for sending, and the top half for
receiving, shifting down as neccesary. the space beween sendp and
recvp is free.
explicitely check for overflow in msgSend().
usbcmd() with Rh2d used to return the command size (8+ndata) wile returning
only ndata for Rd2h. this changes it to always return ndata for Rh2d. it
mostly doesnt matter as Rh2d callers only check r < 0 for error, but this
makes the interface symmetic.
turns out on real hardware, the front falls off if we write
the completion queue doorbell registers without consuming
an entry. so only write the register when we have processed
something.
timerdel() did not make sure that the timer function
is not active (on another cpu). just acquiering the
Timer lock in the timer function only blocks the caller
of timerdel()/timeradd() but not the other way arround
(on a multiprocessor).
this changes the timer code to track activity of
the timer function, having timerdel() wait until
the timer has finished executing.
basic NVMe controller driver, reads and writes work.
"namespaces" show up as logical units.
uses pin/msi interrupts (no msi-x support yet).
one submission queue per cpu, shared completion queue.
no recovery from fatal controller errors.
only tested in qemu (no hardware available).
commiting this so it can be found by someone who has
hardware.
