this is in preparation for replacing DES ticket encryption with
something better. but first need to make the code stop making
assumptions.
the wire encoding of the Ticket might be variable length
with TICKETLEN just giving an upper bound. the details will be
handled by libauthsrv _asgetticket() and _asgetresp() funciotns.
the Authenticator and Passwordreq structures are encrypted
with the random ticket key. The encryption schmeme will depend
on the Ticket format used, so we pass the Ticket* structure
instead of the DES key.
introduce Authkey structure that will hold all the required
cryptographic keys instead of passing DES key.
theres code that assumes one can dereference a char[] buffer on the stack
as a long (ghostscript gxblend.c), so make sure all automatics on the stack
are word aligned. this is not strictrly neccesary, but avoids some
trouble with unportable code.
buffers which still have requests queued on them are not free!
we cannot chanedev() a buffer while it has still requests queued on it
and we canot just queue our request (having different address) on the
buffer while there are other requests before it, otherwise we would
create artificial block dependency that can cause deadlock.
it is possible for another getbuf() on buffer b to come in
before undelayreq() calls givebuf() on a buffer again. then
givebuf() would find b already busy and abort().
instead, we now handle what getbuf() did in givebuf() and
consider the Buf* argument to givebuf() as a hint only for
the case when we have to actually flush/read a block from
disk.
this allows members of the -1 group to create new directories in /
without having to fiddle with the fileserver console. this also
makes it consistent to hjfs and cwfs.
this allows members of the -1 group to create new directories in /
without having to fiddle with the fileserver console. this also
makes it consistent to hjfs.
parsecookie() used to inplace modify the request path
for implicit path (to get the directory from path) and
also did it wrong. now have a static copy and do not
remove the last slash.
as usual, the dude with the hardware vanished so i cannot
develop this further. setting mode worked the last time
but only when using vesa before, so some bits are still
missing. commiting this as it is so i dont have to start
from scratch once we have hardware again.
when cookie is domain=example.com, then we implicitely add
dot to the domain name, which made us reject the cookie as the
request domain "example.com" != ".example.com". fix by making
isdomainmatch() skip the implicit dot in pattern before string
comparsion.
when there where multiple syscalls returning out of order,
it would print blank lines between the exits. avoid this
by remembering if the last char written was a newline and
conditionally insert newline on out of order return.
sometimes, ratrace would return before all messages have
been printed. make the writer process the parent so ratrace
wont exit until all readers are finished avoiding the
problem.
Tflush handling was wrong, we cannot respond to the old
request if we have not actually removed the req from the
in progress block queue.
when reads are issued concurrently, we have to set b->len
before the block is inserted into the inprogress list.
otherwise findblock() is unable to find it and no requests
can be queued on the block. this caused the same offset
to be downloaded multiple times.
set the errstr in getrange() so in case of an error, we dont
get some random previous error string.
*after* writing, the directory tree gets alphabetically sorted for
path table. this causes data to not be in the same order as it was
written causing seeks when taring up the filesystem.
so instead write the files in alphabetical order as well to better
match the directory sorting.
data on the disk is layed out sequentially and directory information
is at the end of the disk. we want to keep data and metadata separated
so that reading large sequential files will not evict the directory
information from the cache causing long seeks.
for that, we tag the clusters (an 8th for metadata, and the rest
for data) and getbuf() will only evict clusters of the same tag.
doing tests taring up 9front.iso shows the following:
lowering the cluster size back to 128k avoids over half the
reads. 837888 sectors read for 512k vs. 347712 sectors with
128k cluster size.
foo.c includes bar/bar.h, which includes "baz.h"; it wants bar/baz.h
meanwhile, it also includes meh/quux.h, which includes "baz.h"; it wants meh/baz.h
check parent directory permission *after* we determined
that the new name does not exist in the parent, so that
when the new name is the same as old name then no write
permission is required in the parent directory.
instead of copying the whole packet, just save the
udp header and restore it aftwards. dont call redistrib()
when there are no forwards (this should be almost always
the case).
there where two problems with blank (-b flag):
we did not update the backup header when there was already a valid
backup header in place. we always want to initialize a new backup header
in blank mode!
we now also check the backup header matches the primary (or the other
way arround depending on which header could be read), reporting any
mismatches and restoring the backup from the data of the primary.
the protective mbr needs to start at sector 1 not 0 (apparently, this
matters for ovmf).
efi systems may use traditional dos partition table
with an esp (efi system partition). otherwise, honor
the protective mbr partition (0xEE) and exit when we
encounter it.
- make UU() shorter by using long long constant to encode node field
- store Flag as a mask, not as a shift count
- put the attributes before the name in cmdsum() as it is fixed length
often, documents specify charsets but are really utf-8 encoded.
we now try to decode as utf-8 and only if that fails assume
the charset specified in the document.
the compiler used to skip zero initialization when initializer
list was given not covering unspecified elements. now we zero
all non explicitely initialized elements. for example:
typedef struct F F;
struct F
{
int a;
int b;
int c;
};
void
main(void)
{
char a[16] = { 1, 2, 3 }; /* a[3..15] initialized to zero */
F f = { .b = 1 }; /* f.a, f.c initialized to zero */
}
the emited code that initializes local variables did not handle
unaligned data causing stack corruption, affecting code like:
void main(void)
{
char a[9] = {0};
}
this change will emit code that does byte stores for the unaligned
bytes and also handles small objects (<= 16 bytes) without branches.
using /proc/$pid/mem to access vga bios is not portable and crashes
sgi machines when aux/vga is run. instead, try /dev/realmodemem
first (provided by realemu), then #v/vgabios.
this allows extracting tar archives that use longnames extension,
where the real filename is stored in a special entry with
linkflag == 'L' before the file entry. also skip longlink entries
with linkflag == 'K'.
i made a mistake here as this change breaks the arm and mips compilers
which lack an optimiation in xcom() that folds constant pointer arithmetic
into the offset. on arm, the a node is a complex expression with op OADD of
type TIND but the test rejected the (valid) pointer arithmetic.
instead, we now test for the operations which cannot be constant instead
of using the type as a proxy.
mischief spotted that the only way for listeners to go away was
truncating (but not removing) a service script. this is wrong and
not as described in the manpage.
this change makes removing (or truncating) a listen script stop
the listener.
scandir() first marks all current announces, then reads the service
directory adding announces which will clear the marks for the ones
already there or add a new unmarked one. finally, we shoot down and
remove all still marked announces.
6c changed "- cmd_lagest_size + 1" into a *unsigned* 32bit constant. which
got added to 64bit pointer making pcb->limit > pcb->end resulting
in errors for partial commands in the buffer. removing the parentesis
propagates the operation to 64bit.
when we get an i/o error, always call hdrecover() which
will reset the port and reinitialize the interface of
the calling processes endpoint.
handle the case when we have multi-function device with
multiple reader procs in hdrecover(). the sequence is
as follows:
1) any of the reader procs encounters i/o error and calls hdrecover(),
acquires qlock and initiates port reset.
2) any other readerprocs will now encounter i/o error (due to reset) and also call
hdrecover() but will be waiting on the qlock for reset to complete.
3) first process completes reset and reinitializes its interface with setproto()
and then releases the qlock for the other readers todo the same.
fixes bug with libmemdraw where the linker would hoist
the final ADD $const, SP at the end over loads from the
stack causing the front to fall off once a interrupt hits.
from the unicode-db patch readme:
command() receives a char* that is assigned to lp, which is a Rune*,
and lp is incremented later in readchar(), so each read consumed 4 bytes.
The only time command() is called is in runpcs() with bkpt->comm,
which is a char* built in subpcs through a char*, so the string stored in
bkpt->comm was not a Rune string. A way to test the bug is:
db program
main:b argv/X
:r
the special sencodefmt() in ndb/dn.c is only used with %H format for
hexadecimal printing for binary strings. removing the unused
calls to enc32() and enc64() reduces the code size by arround 4K.
(this is usefull for ndb/getip which gets linked into the kernel).
the approximation of n*2 to calculate the number of output bytes
for enc64() fails for inputs of size < 3. this is fixed by using
encodefmt() which gets the calculation right and also simplifies
the code avoiding the allocation and freeing of intermediate string
buffers.
convert:
x = B || W
MOVxLZX a, r; MOVxQZX r, b -> MOVxQZX a, r; MOVQ r, b
MOVxLSX a, r; MOVxQSX r, r -> MOVxQSX a, r; MOVQ r, r
the MOVQ can then be eleminated by copy propagation.
improve subprop() by accepting other mov and lea
instructions as the source op.
tlsServer() closes the passed in fd, in our case fd=1 leaving it
with no std output which got occupied by pipe() filedescriptor
which it then closed after duping... a classic.
delete all this mess. theres no reason to fork() and copy traffic
on a pipe at all as tlsServer() gives us a perfectly valid filedescriptor.
just dup() and exec() and we'r done.
the imported wc from sources is arround 8 times slower
than our old one. it is common to run wc on large log files
to count lines. so i think the implementation complexity
is justified. (just like with grep)
vbs/vbe members in Mode was only used in the vesadb
and cannot be changed from vgadb.
use shs/ehs in drivers when refering to the horizontal
sync pulse. clarify the matter in a comment.
link detailed timing modes at the head of the edid
modelist. these are the modes we'r interested in,
not the ones from vesadb.
igfx and vesa can determine monitor timing information from ddc
and store the edid info for connected monitors in vga->edid[].
when monitor type cannot be found in vgadb, we consult the edid
information and make a mode based on the edid info.
this avoids having to maintain a vgadb entry for each monitor.
monitor can be set to "[width]x[height]@[freq]Hz" for a specific
edid setting. when not found, a mode is searched based on the
size.
so the following should work:
aux/vga -m 1366x768@60Hz -l 1366x768x32
aux/vga -m auto -l 1366x768x32
dbvesamode() modified the passed in size string in the process
of option parsing. this is a no-go because the string might be
constant in the read only section. provide cracksize() function
for the parsing and make a static copy.
do the vendor specific monitor detection in vbesnarf() instead
of vbecheck(). vbecheck()'s purpose is to check if vesa bios
service is avialable, not snarf graphics card state.
nvidiascale() was a no-op because it missed the vbecall() at
the end of the function. this means it was never tested so i
add the missing vbecall(), but disable nvidiascale for now
until someone tests this.
keep fancy stuff out of the Vbe structure. it is just there for
making bios calls, not keep state about the graphics card.
this adds support for eap-peap/mschapv2 and eap-ttls/pap.
code has only been tested with freeradius and a cheap
access point, not tested with actual eduroam network.
this is used for wpa2 enterprise peap/mschapv2. server role
is not implemented as that would require changing the
wire format on the auth server.
the naming is unfortunate as we already have proto=mschap2 which
really refers to ntlmv2.
program secret plane size and position registers described as "reserved"
in g45_vol_3_register_0_0.pdf that was found by inspecting vesa bios
port traces.
also, we have to set 18:19 (Cursor/Dispaly/Overlay Planes Off) in
PIPExCONF while programming the planes on this card. this is what
vesa bios does on modeset.
avoid sync the jar file when fids get clunked.
the only reason to sync the jar on clunk is when it has
been marked dirty (cookies added or deleted) and we
want to flush the changes to disk.
- rewrite when jar->dirty != 0 (caller modified the in memory jar)
- reread when the jar->qid != stat(jar->file)->qid (on disk file changed)
- ignore deleted cookies in cookiesearch()