listensrv() used to override Srv.end() with its own handler
to free the malloc'd Srv structure and close the fd. this
makes it impossible to register your own cleanup handler.
instead, we introduce the private Srv.free() handler that
is used by listensrv to register its cleanup code. Srv.free()
is called once all the srv procs have been exited and all
requests on that srv have been responded to while Srv.end()
is called once all the procs exited the srv loop regardless
of the requests still being in flight.
actually verify the diffie hellman parameter signature, this
comes in two flavours. TLS1.2 uses X509 signature with a
single hash specified by the signature algorithm field in
the signature itself and pre TLS1.2 where md5+sha1 hashes
of the signed blob are pkcs1 padded and encrypted with the
rsa private key.
stop advertizing non-rsa cipher suits (DSS and ECDSA), as
we have not implmenented them.
fix some memory leaks in X509 code while we'r at it.
these functions where undocumented and unused. especially
tprivfree() was buggy missing a unlock() call. theres not
much point in supporting these functions as theres
threaddata() and procdata().
this is in preparation for replacing DES ticket encryption with
something better. but first need to make the code stop making
assumptions.
the wire encoding of the Ticket might be variable length
with TICKETLEN just giving an upper bound. the details will be
handled by libauthsrv _asgetticket() and _asgetresp() funciotns.
the Authenticator and Passwordreq structures are encrypted
with the random ticket key. The encryption schmeme will depend
on the Ticket format used, so we pass the Ticket* structure
instead of the DES key.
introduce Authkey structure that will hold all the required
cryptographic keys instead of passing DES key.
tlsClient() now can optionally send the server_name in the ClientHello
message by setting the TLSconn.serverName. This is required for some
https sites.
chaninit() does not initialize Chan.qentry and Chan.nentry
and there is no way to get rid of such a channel. nobody is
using it, so removing the function to avoid confusion.
when a replicated source image with a clipr with clipr.min > Pt(0, 0),
drawclip() would properly translate the src->clipr on the dstr
but then clamp the source rectangle back on src->r.
while traversing down multiple layers, this would cause the translation to
be applied multiple times to the dst rectangle giving the wrong image result.
this change adds a new drawclipnorepl() function that avoids the clamping
of source and mask rectangles to src->r and mask->r. this is then used in
libmemlayer.
the final memimagedraw() call will call drawclip() which will do the final
claming.
a testcase is provided:
#include <u.h>
#include <libc.h>
#include <draw.h>
Image *blue;
Image *red;
void
main(int, char *argv[])
{
Image *i;
if(initdraw(nil, nil, argv[0]) < 0)
sysfatal("initdraw: %r");
i = allocimage(display, screen->r, screen->chan, 1, DWhite);
red = allocimage(display, Rect(0,0,1,1), screen->chan, 1, DRed);
blue = allocimage(display, Rect(0,0,1,1), screen->chan, 1, DPaleblue);
replclipr(red, 1, Rect(10, 10, 110, 110));
replclipr(blue, 1, Rect(11, 11, 111, 111));
/* draw on non-layer, works correctly */
draw(i, i->r, red, nil, ZP);
draw(i, i->r, blue, nil, ZP);
draw(screen, screen->r, i, nil, i->r.min);
flushimage(display, 1);
/* draw on (screen) layer is too far to the right */
draw(screen, screen->r, red, nil, ZP);
draw(screen, screen->r, blue, nil, ZP);
flushimage(display, 1);
for(;;){
sleep(1000);
}
}
semaphore locks have much higher overhead than initially presented
in the "Semaphores in Plan9" paper. until the reason for it has been
found out i will revert the changes.