Commit graph

8977 commits

Author SHA1 Message Date
cinap_lenrek
3cd87bc3fb ndb/dns: use correct attribute when serializing caa record in ndb format 2021-11-01 15:12:17 +00:00
cinap_lenrek
5e3ded2242 ndb/dnsdebug: dont duplicate rrfmt()
introduce our own RR* format %P for pretty
printing and call %R format internally,
then use it to print the rest of the line
after the tab, prefixed with the padded
output.
2021-11-01 14:39:18 +00:00
cinap_lenrek
28f67bba84 ndb/dns: fix ndb serialization of RR*
have todo multiple fmtprint() calls for idnname()
as the buffer is shared.

do not idnname() rp->os and rp->cpu, these are symbols.

always quote txt= records.
2021-11-01 14:37:19 +00:00
cinap_lenrek
245bf71e61 /sys/doc/troff.ms: give correct path for -m flag (thanks kyle) 2021-11-01 11:28:52 +00:00
qwx
987d15e7b2 tinc: fix typo in unknown host error message 2021-10-31 22:48:20 +00:00
Sigrid Solveig Haflínudóttir
023882f0a4 libtags: no tags is still fine if format is known 2021-10-31 17:38:18 +00:00
cinap_lenrek
1051b023a8 libc: idn2utf()/utf2idn(): check for < 1 buffer, can't insert terminating NUL. 2021-10-31 12:43:47 +00:00
cinap_lenrek
32665f51c7 libsec: no point in checking for "xn--" marker, just call idn2utf(). 2021-10-31 12:40:47 +00:00
cinap_lenrek
9d15403fda libc: fix overflow of domain component rune buffer for idn2utf()
If the source string has a run of more than 256 runes without
a "." dot, we'd overflow the runebuffer in idn2utf().

The utf2idn() routine had a check in the while loop, but that
is actually wrong too, as it would insert a dot and restart
the loop in the middle of a domain component. Just error
out if a domain component is too long.
2021-10-31 12:39:46 +00:00
Ori Bernstein
7b4e3be27e ape: add missing idn2utf, utf2idn to lib9
this fixes the libsec build under ape.
2021-10-31 04:42:34 +00:00
cinap_lenrek
aebf92224f acmed: pass original utf8 subject domain to challengefn, simplify
try to keep everything in utf8 format.
2021-10-31 02:16:17 +00:00
cinap_lenrek
3f2a206151 libsec: decode international domain names in certificat subject, fix overflow botch
this is for consistency, so all certificte subjects
will be returned in utf8.
2021-10-31 01:49:25 +00:00
cinap_lenrek
a9e533ad1e acmed: handle international domain names 2021-10-31 00:12:36 +00:00
cinap_lenrek
bda0561f45 libsec: handle international domain names in certificate request 2021-10-31 00:10:13 +00:00
Ori Bernstein
7879a3a9a6 acmed(8): ip => auth: missed a reference to the old name 2021-10-29 20:13:53 +00:00
Sigrid Solveig Haflínudóttir
35a8152ebc git/pack: check pf->pack for nil before Bterming it 2021-10-28 15:26:57 +00:00
Sigrid Solveig Haflínudóttir
18521fc8c6 mkplist: add -s option to enable "simple" sort (thanks qwx) 2021-10-28 15:20:13 +00:00
Sigrid Solveig Haflínudóttir
a84f3ef581 zuke: simplify volume control logic 2021-10-28 14:59:46 +00:00
Sigrid Solveig Haflínudóttir
4b7e72689d zuke: reset before tokenize, increase player thread stack 2021-10-27 22:02:31 +00:00
Ori Bernstein
c5a0909b67 acmed: remove unused define
we don't use or care about the user agent.
2021-10-27 19:34:29 +00:00
Ori Bernstein
d8a1437cf4 acmed: move from ip/ to auth/
Getting certs is more tied to authentication than it
is to ip.
2021-10-27 19:33:22 +00:00
cinap_lenrek
8eaec71089 acmed(8): typo... 2021-10-27 17:18:24 +00:00
cinap_lenrek
96560abe44 acmed: reject -t flag when -e is given, dup stderr to stdout of -e cmd 2021-10-27 17:08:20 +00:00
cinap_lenrek
ae9918c93e acmed(8): more improvements 2021-10-27 17:06:48 +00:00
cinap_lenrek
854cd42fe1 rootstub: create /sys/lib/tls/acmed directory 2021-10-27 17:05:07 +00:00
cinap_lenrek
463bbddb8d rsa(8): document rsa2jwk 2021-10-27 17:04:13 +00:00
Sigrid Solveig Haflínudóttir
e8083eca17 zuke: do not change volume with delta == 0 2021-10-26 15:37:04 +00:00
Sigrid Solveig Haflínudóttir
8c6daa778a zuke: support other volume handles, update volume when /dev/audio is opened 2021-10-26 15:08:35 +00:00
cinap_lenrek
de62d32422 /lib/ndb/local: add dnschallenge ndb file for acmed(8) by default 2021-10-25 22:40:36 +00:00
cinap_lenrek
c9a20db1f1 acmed(8): fix typo 2021-10-25 21:48:05 +00:00
cinap_lenrek
79c6a0f342 acmed: tokenize domains from subject also with spaces (fixed multidom cert) 2021-10-25 18:15:53 +00:00
cinap_lenrek
87eb9bc2b7 acmed: add external command flag -e, improvements, bugs
- allow for external command to be run to install a challenge using -e flag
- remove the challengedom argument, it is given by the subject in the csr
- fix some filedescriptor leaks in error paths
2021-10-25 16:59:29 +00:00
cinap_lenrek
4efd8575eb ndb(6): add caa 2021-10-25 02:00:22 +00:00
cinap_lenrek
20cff04fd2 ndb/dns: implement caa record type in ndb
this allows the caa records to be specified
in ndb as:

caa=<value> tag=<tag> flags=<flags>

where tag defaults to "issue" and flags to 0
when omited.
2021-10-24 22:15:26 +00:00
Ori Bernstein
c2661f86fc git/serve: one more silencing of non-interactive prints 2021-10-24 14:37:36 +00:00
Ori Bernstein
a7f6b58d0d git/serve: don't show progress when not interactive
this prevents console spam
2021-10-24 01:36:46 +00:00
cinap_lenrek
5b5f69513a kernel: make growfd(), findfreefd() and newfd2() static 2021-10-23 15:54:30 +00:00
cinap_lenrek
1180631421 devswap: improve setswapchan()
- check for unusable file types like directories and append-only files.
- we should eigther error without any side effects or succeed.
2021-10-23 15:12:27 +00:00
cinap_lenrek
db971a6189 kernel: fix stat bugs
In a few places, we where using a fixed buffer of sizeof(Dir)+100
size for stat. This is not correct and fails if the name returned
in stat is long.

This results in being unable to seek to the end of file with a
long filename.

The kernel should do the same thing as dirfstat() from libc;
handling the conversion and buffer allocation and returning a
freeable Dir* pointer.

For this, a new dirchanstat() function was added.

The fstat syscall was not rewriting the name to the last path
element; fix it.

In addition, gracefully handle the mountfix case, reallocating
the buffer to accomidate the required stat length plus
size of the new name so dirsetname() does not fail.
2021-10-23 13:40:06 +00:00
cinap_lenrek
e54b6c6cbd libsec: fix wrong assert condition (introduced in 775a4bea43) 2021-10-22 13:37:27 +00:00
Ori Bernstein
5e2bf722c3 acmed(8): missed a spot 2021-10-21 02:11:03 +00:00
Ori Bernstein
72a0886639 acmed(8): fix typos, formatting, and missed name change. 2021-10-21 02:01:43 +00:00
cinap_lenrek
ee31c78080 libsec: fix operator precedence bugs (thanks kemal) 2021-10-17 23:35:37 +00:00
cinap_lenrek
e0d2453f56 libsec: fix bugs in tls extension handling (thanks kemal)
this patch fixes bugs in tls extension handling:

1. if conn->serverName is an empty string, tlsClientExtensions
will generate a SNI with an empty hostname, which is forbidden
according to RFC 6066:

opaque HostName<1..2^16-1>;

check if conn->serverName has at least one char.

2. checkClientExtensions fail with clients that doesn't have
extensions, because it doesn't check if ext is nil. fix that
up.

3. rewrite checkClientExtensions. some parts of the code does
not check the length properly, and it could be simplified
heavily.
2021-10-17 23:19:33 +00:00
cinap_lenrek
741e943341 acmed(8): add bugs section 2021-10-17 20:19:09 +00:00
cinap_lenrek
2731ae50d3 libaml: resolve refs in ObjectType instruction
The standard states in section 19.5.93:

.... Notice that if this operation is performed
on an obeject reference such as one produced by
the Alias, Index, or RefOf statements, the obect
type of the base object is returned.
2021-10-17 19:52:28 +00:00
cinap_lenrek
31bb950b70 libaml: implement ObjectType instruction (thanks sigrid) 2021-10-17 19:29:09 +00:00
cinap_lenrek
d0909089b2 libaml: implement ToString instruction 2021-10-17 18:45:05 +00:00
cinap_lenrek
72d08816ab devtls: implement "hangup" ctl message
This makes devtls connection directories compatible to
hangup function (see dial(2)).
2021-10-16 15:07:39 +00:00
cinap_lenrek
bb2357de0c fork(2): document new error behaviour when out of resources 2021-10-16 13:14:53 +00:00