| Age | Commit message (Collapse) | Author |
|---|
|
|
|
I introduced a regression in sed that currently has screwed up
/sys/lib/man/secindex.
The issue is that sed 's/$/ foo/g' will actually replace the newline
character with foo instead of just appending at the end of the line.
This only makes a difference when sed is operating on a multiple line
record. The effect is a record like:
foo
bar
baz
becomes:
foo foobar foo baz foo
instead of
foo foo
bar foo
baz foo
|
|
|
|
problem is NaN() produces a SNaN, not a QNaN... and on the 387,
storing 80 bit SNaN in register to a 64-bit memory destination
traps.
SNaN/QNaN encoding is machine specific. mips has the qiet/signaling
bit inverted.
disabling fp exception in main() now, but that sucks.
i think the best solution would be to not even call strtod() in
is_number() but just write a regex or a little state machine that
will only accept numbers without nan and ±inf.
that might even make it faster and is more robust than relying on
the os's strtod() details.
|
|
/$objtype/lib/libsec.a
|
|
|
|
|
|
upas/bayes/regexp.h
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(thanks mischief)
if the input string contains invalid utf-8, runetochar() produces
unicode replacement characters that can overflow the literal buffer.
as the overflow check is done after runetochar(), add UTFmax bytes
of slack space avoiding the issue.
|
|
|
|
|
|
|
|
|
|
|
|
silly clients (web*) reconnect when the handshake failed with a lower
protocol version, which allows downgrade attacks (POODLE). but instead
of stopping this madness, they invented a new magic TLSID to indicate
to the server that this connection attempt is a retry, and rely on the
server to notice and stop them from sabotaging themselfs.
|
|
client preference
client preference is usualy crazy, so just ignore it.
we always want the diffie hellman suits before static
rsa and prefer chacha over aes-gcm.
|
|
|
|
we now just do point addtion in jacobian coordinate system, and
convert the result to affine when s->z == nil.
|
|
|
|
drawterm (thanks mischief)
|
|
state in TlsSec structure, simplify
implement ECDHE key exchange with secp256r1 on the server side, providing
perfect forward secrecy (tho slowly).
it is easier to just keep the ECDH/DH state in the TlsSec structure,
which fits better with the grouping of the functions. we do the cleanup
in tlsConnectionFree() now, so a lot of error handling logic could go
away.
reinvestigated some error paths and removed the ones that cannot error.
move functions to fit the logical grouping.
combine the code for signing handshake hashes (for client certs) and
DH parameters. provide digestDHparams() function to be shared between
server and client code.
|
|
|
|
|
|
don't pass or generate sessionID's. this was never used nor
actually implemented and leaks the process pid.
get rid of version and random field duplications, move TlsSec
structure into TlsConnection.
make msgRecv() clear the message first, get rid of unneccesary
msgClear() calls.
|
|
extract rsa public key
instead of letting factotum_rsa_open() parse the certificate,
we pass in the rsa public key which is then matched against the
factotum keyring. this avoids parsing the x509 certificate
twice.
the sec->rsapub was not freed, so free it in tlsSecClose()
|
|
example usage:
auth/pemdecode 'PRIVATE KEY' test.pem | auth/asn12rsa
|
|
(hex)
|
|
|
|
- dirpackage() was not checking if the stat entry lies within
the buffer. fixed.
- simplify dirpackage(), as we process all the bytes from
the buffer, we do not need to track "ss" here as its the same
as "ts".
- zero Dir* array pointer early in dirread() and dirreadall()
and avoid calling dirpackage on <= buffer length.
|
|
|
|
sorry there were entries as
3 27 '§
3 27 '½
should have been
3 27 '§
3 43 '½
attached is a corrected version
|
|
The /sys/lib/kbmap/ee file seemed to have CRs in it. If a first column in the table
(for modifier key) as 4 is for Alt Gr + Shift then the attached (UTF-8 without BOM)
should work as a replacement ee file.
Best Regards,
Eric Lindblad
|
|
|
|
|
|
|
|
|
|
assigning the expression value to a temporary variable in
BPSHORT() and BPLONG() saves arround 2K of text in rio on
arm and arround 1K on amd64.
loadchar(): use the passed in "h" as the char index instead
of recomputing it from c-f->cache. dont recompute wid.
cachechars(): do cache lookup and find oldest entry in a
single loop pass.
|
