summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-04-21rsagen: increase default key size to 2048 bitscinap_lenrek
2016-04-21libsec: remove affine coordinate point operations from ecccinap_lenrek
we now just do point addtion in jacobian coordinate system, and convert the result to affine when s->z == nil.
2016-04-20libsec: implement elliptic curve group operations in jacobian coordinate systemcinap_lenrek
2016-04-20rcpu: make sure not to leak /env/fn#server and /env/fn#aanserver for ↵cinap_lenrek
drawterm (thanks mischief)
2016-04-18libsec: implement server side ECDHE key exchange with secp256r1, move DH ↵cinap_lenrek
state in TlsSec structure, simplify implement ECDHE key exchange with secp256r1 on the server side, providing perfect forward secrecy (tho slowly). it is easier to just keep the ECDH/DH state in the TlsSec structure, which fits better with the grouping of the functions. we do the cleanup in tlsConnectionFree() now, so a lot of error handling logic could go away. reinvestigated some error paths and removed the ones that cannot error. move functions to fit the logical grouping. combine the code for signing handshake hashes (for client certs) and DH parameters. provide digestDHparams() function to be shared between server and client code.
2016-04-18webfs: fix memory leak of serverName in tlswrap()cinap_lenrek
2016-04-17rsa(8): provide example for converting OpenSSL generated PEM file to factotumcinap_lenrek
2016-04-17libsec: massive cleanup of tlshand.ccinap_lenrek
don't pass or generate sessionID's. this was never used nor actually implemented and leaks the process pid. get rid of version and random field duplications, move TlsSec structure into TlsConnection. make msgRecv() clear the message first, get rid of unneccesary msgClear() calls.
2016-04-16libsec: fix memory leak of RSApub, avoid parsing certificate twice to ↵cinap_lenrek
extract rsa public key instead of letting factotum_rsa_open() parse the certificate, we pass in the rsa public key which is then matched against the factotum keyring. this avoids parsing the x509 certificate twice. the sec->rsapub was not freed, so free it in tlsSecClose()
2016-04-16libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsacinap_lenrek
example usage: auth/pemdecode 'PRIVATE KEY' test.pem | auth/asn12rsa
2016-04-15webfs: change %H (hostname) format to %N to not collide with encodefmt's %H ↵cinap_lenrek
(hex)
2016-04-15libsec: x509: convert to UTF8 from BMPString and UNIString, reject \0 bytescinap_lenrek
2016-04-13libc: fix out of bounds access in dirpackage(), simplifycinap_lenrek
- dirpackage() was not checking if the stat entry lies within the buffer. fixed. - simplify dirpackage(), as we process all the bytes from the buffer, we do not need to track "ss" here as its the same as "ts". - zero Dir* array pointer early in dirread() and dirreadall() and avoid calling dirpackage on <= buffer length.
2016-04-13kbdfs: add shift+altgr table 7 for polish keymapscinap_lenrek
2016-04-13Subject: typo: ee corrected (thanks Eric Lindblad)cinap_lenrek
sorry there were entries as 3 27 '§ 3 27 '½ should have been 3 27 '§ 3 43 '½ attached is a corrected version
2016-04-13fix estonian keymap (thanks Eric Lindblad)cinap_lenrek
The /sys/lib/kbmap/ee file seemed to have CRs in it. If a first column in the table (for modifier key) as 4 is for Alt Gr + Shift then the attached (UTF-8 without BOM) should work as a replacement ee file. Best Regards, Eric Lindblad
2016-04-13python: make hashlib.py fallback to openssl in case of old python binarycinap_lenrek
2016-04-13remove unused liboventicinap_lenrek
2016-04-13ktrace: sign extend stack dump pc for amd64cinap_lenrek
2016-04-13libc: remove unneeded #include <auth.h> for crypt() and netcrypt()cinap_lenrek
2016-04-13libdraw: avoid BPSHORT()/BPLONG() expansion, cleanup loadchar(),cachechars()cinap_lenrek
assigning the expression value to a temporary variable in BPSHORT() and BPLONG() saves arround 2K of text in rio on arm and arround 1K on amd64. loadchar(): use the passed in "h" as the char index instead of recomputing it from c-f->cache. dont recompute wid. cachechars(): do cache lookup and find oldest entry in a single loop pass.
2016-04-12add danish keymap (thanks Eric Lindblad)cinap_lenrek
2016-04-11ape: explicitely list the ape libs to build in mkfilecinap_lenrek
2016-04-11ape: removing opensslcinap_lenrek
2016-04-11python: remove openssl support, use ape/libsec for cryptographics hash functionscinap_lenrek
2016-04-11gs: replace openssl aes implementation with ape/libseccinap_lenrek
2016-04-11ape: add libauth, libbio, libmp and libsec as replacements for opensslcinap_lenrek
2016-04-10hg: create system wide /sys/lib/hgrc to enabled hgwebfs extensioncinap_lenrek
the openssl we currently use is outdated and will be removed soon. webfs will handle the https for us with native tls code. keys have to be stored in factotum for everyone who also wants to commit directly.
2016-04-10libauth: remove unneeded includes for authsrv.h, avoid pulling in dependency ↵cinap_lenrek
for rerrstr()
2016-04-10libsec: make #include headers consistentcinap_lenrek
2016-04-10libsec: dont use mips assembly routines for spim, wrong endianesscinap_lenrek
2016-04-10libmp: fix build for spim, reduce by the mips assembly filescinap_lenrek
2016-04-10hg: set mercurial.url.has_https when hgwebfs extension is in usecinap_lenrek
this allows the use of SSL/HTTPS even when python is not build with openssl support.
2016-04-10ape: move compatibility libc.h to lib9 directory and incooperate needed ↵cinap_lenrek
functions for ape/mp (wip)
2016-04-10ape: remove broken 9errstr.ccinap_lenrek
2016-04-10ape: add internal _NSEC() function and make gettimeofday() use itcinap_lenrek
2016-04-10libmp: make includes consistent, make test program compile under ape (work ↵cinap_lenrek
in progress)
2016-04-10libdraw: dont postnote to pid==0 in ekill()cinap_lenrek
2016-04-09mergecinap_lenrek
2016-04-09add missing target for antiword in /sys/src/cmd/aux/mkfile (thanks _sl)cinap_lenrek
2016-04-09aes(2): mention aesCBC bugaiju
2016-04-08listen(8): fix html renderingcinap_lenrek
2016-04-08listen(8): document tcp17019 rcpu servicecinap_lenrek
2016-04-08tls(3): document support for TLSv1.1 and TLSv1.2cinap_lenrek
2016-04-07qball(2): fix bad manpage referencecinap_lenrek
2016-04-07devstream(3): removedcinap_lenrek
2016-04-07ether82563: initial i217 support from ↵cinap_lenrek
http://www.9legacy.org/9legacy/patch/pc-ether82563-i210.diff (thanks k0ga) This patch is only an adaptation for 9front of the patch located in http://www.9legacy.org/9legacy/patch/pc-ether82563-i210.diff. The major difference is that this patch ignores errors in checksum of eeprom, because in my system the checksum was wrong. After 3 months, I didn't have problems, and I think the patch can be used. although it has some things that need to be fixed. If the link is inactive when the system boots then it will remain inactive forever.
2016-04-07tcp567: run authserver with p9sk1 tickets disabled preventing offline ↵cinap_lenrek
password brute-force
2016-04-06jpg: fd == 0 is valid, so don't ignore itBurnZeZ
2016-04-05libdraw: fix out of bounds memory access after subfont array reallocation ↵cinap_lenrek
(thanks ray) /n/bugs/open/libdrawfont.c_buffer_overflow http://bugs.9front.org/open/libdrawfont.c_buffer_overflow/readme ray@raylai.com Hi all, In plan9port this bug keeps crashing mc when I run lc in a directory with Chinese characters. This is a diff from OpenBSD but it should apply cleanly to the various plan9 sources. The code is basically trying to do a realloc (I guess realloc wasn't available back then?) but it copies too much from the original buffer. Since realloc is available, just use it. If realloc isn't available outside plan9port (I haven't checked) the memmove line should be changed from: memmove(f->subf, of, (f->nsubf+DSUBF)*sizeof *subf); to: memmove(f->subf, of, f->nsubf*sizeof *subf); I hope this is helpful. Ray
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-27 05:19:19 +0000