plan9front.git - my patches for 9front; forked from http://git.9front.org/plan9front/plan9front/HEAD/info.html

Age	Commit message (Collapse)	Author
2016-04-28	merge default	ben

2016-04-28	get rid of size printing	ben

2016-04-27	check program size	ben

2016-04-28	rune(2): add Runeerror reencoding considerations in BUGS section (thanks aiju)	cinap_lenrek

2016-04-27	better memory management of threads (thanks knuth)	ben

2016-04-27	merge in master	ben

2016-04-27	use Beof for awk port	ben

2016-04-27	remove ape regexp library, add utility for awk native port	ben

2016-04-27	libjson: add slack space to literal string buffer to handle bad runes ↵	cinap_lenrek
	(thanks mischief) if the input string contains invalid utf-8, runetochar() produces unicode replacement characters that can overflow the literal buffer. as the overflow check is done after runetochar(), add UTFmax bytes of slack space avoiding the issue.
2016-04-26	remove old libregexp files; add headers for upas/bayes	ben

2016-04-26	New libregexp and APE ported to native	ben

2016-04-26	abaco(1): remove readweb	cinap_lenrek

2016-04-25	made abaco's gui respect $font and made readweb respect most installations	Matthew Veety

2016-04-22	rsa: rename getkey() to getrsakey(), document rsa2csr in rsa(8)	cinap_lenrek

2016-04-22	libsec: implement server side SCSV preventing silly client fallbacks	cinap_lenrek
	silly clients (web*) reconnect when the handshake failed with a lower protocol version, which allows downgrade attacks (POODLE). but instead of stopping this madness, they invented a new magic TLSID to indicate to the server that this connection attempt is a retry, and rely on the server to notice and stop them from sabotaging themselfs.
2016-04-21	libsec: order tlshand cipher suits by: keyexchange>=cipher>=hash, ignore ↵	cinap_lenrek
	client preference client preference is usualy crazy, so just ignore it. we always want the diffie hellman suits before static rsa and prefer chacha over aes-gcm.
2016-04-21	rsagen: increase default key size to 2048 bits	cinap_lenrek

2016-04-21	libsec: remove affine coordinate point operations from ecc	cinap_lenrek
	we now just do point addtion in jacobian coordinate system, and convert the result to affine when s->z == nil.
2016-04-20	libsec: implement elliptic curve group operations in jacobian coordinate system	cinap_lenrek

2016-04-20	rcpu: make sure not to leak /env/fn#server and /env/fn#aanserver for ↵	cinap_lenrek
	drawterm (thanks mischief)
2016-04-18	libsec: implement server side ECDHE key exchange with secp256r1, move DH ↵	cinap_lenrek
	state in TlsSec structure, simplify implement ECDHE key exchange with secp256r1 on the server side, providing perfect forward secrecy (tho slowly). it is easier to just keep the ECDH/DH state in the TlsSec structure, which fits better with the grouping of the functions. we do the cleanup in tlsConnectionFree() now, so a lot of error handling logic could go away. reinvestigated some error paths and removed the ones that cannot error. move functions to fit the logical grouping. combine the code for signing handshake hashes (for client certs) and DH parameters. provide digestDHparams() function to be shared between server and client code.
2016-04-18	webfs: fix memory leak of serverName in tlswrap()	cinap_lenrek

2016-04-17	rsa(8): provide example for converting OpenSSL generated PEM file to factotum	cinap_lenrek

2016-04-17	libsec: massive cleanup of tlshand.c	cinap_lenrek
	don't pass or generate sessionID's. this was never used nor actually implemented and leaks the process pid. get rid of version and random field duplications, move TlsSec structure into TlsConnection. make msgRecv() clear the message first, get rid of unneccesary msgClear() calls.
2016-04-16	libsec: fix memory leak of RSApub, avoid parsing certificate twice to ↵	cinap_lenrek
	extract rsa public key instead of letting factotum_rsa_open() parse the certificate, we pass in the rsa public key which is then matched against the factotum keyring. this avoids parsing the x509 certificate twice. the sec->rsapub was not freed, so free it in tlsSecClose()
2016-04-16	libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsa	cinap_lenrek
	example usage: auth/pemdecode 'PRIVATE KEY' test.pem \| auth/asn12rsa
2016-04-15	webfs: change %H (hostname) format to %N to not collide with encodefmt's %H ↵	cinap_lenrek
	(hex)
2016-04-15	libsec: x509: convert to UTF8 from BMPString and UNIString, reject \0 bytes	cinap_lenrek

2016-04-13	libc: fix out of bounds access in dirpackage(), simplify	cinap_lenrek
	- dirpackage() was not checking if the stat entry lies within the buffer. fixed. - simplify dirpackage(), as we process all the bytes from the buffer, we do not need to track "ss" here as its the same as "ts". - zero Dir* array pointer early in dirread() and dirreadall() and avoid calling dirpackage on <= buffer length.
2016-04-13	kbdfs: add shift+altgr table 7 for polish keymaps	cinap_lenrek

2016-04-13	Subject: typo: ee corrected (thanks Eric Lindblad)	cinap_lenrek
	sorry there were entries as 3 27 '§ 3 27 '½ should have been 3 27 '§ 3 43 '½ attached is a corrected version
2016-04-13	fix estonian keymap (thanks Eric Lindblad)	cinap_lenrek
	The /sys/lib/kbmap/ee file seemed to have CRs in it. If a first column in the table (for modifier key) as 4 is for Alt Gr + Shift then the attached (UTF-8 without BOM) should work as a replacement ee file. Best Regards, Eric Lindblad
2016-04-13	python: make hashlib.py fallback to openssl in case of old python binary	cinap_lenrek

2016-04-13	remove unused liboventi	cinap_lenrek

2016-04-13	ktrace: sign extend stack dump pc for amd64	cinap_lenrek

2016-04-13	libc: remove unneeded #include <auth.h> for crypt() and netcrypt()	cinap_lenrek

2016-04-13	libdraw: avoid BPSHORT()/BPLONG() expansion, cleanup loadchar(),cachechars()	cinap_lenrek
	assigning the expression value to a temporary variable in BPSHORT() and BPLONG() saves arround 2K of text in rio on arm and arround 1K on amd64. loadchar(): use the passed in "h" as the char index instead of recomputing it from c-f->cache. dont recompute wid. cachechars(): do cache lookup and find oldest entry in a single loop pass.
2016-04-12	add danish keymap (thanks Eric Lindblad)	cinap_lenrek

2016-04-11	ape: explicitely list the ape libs to build in mkfile	cinap_lenrek

2016-04-11	ape: removing openssl	cinap_lenrek

2016-04-11	python: remove openssl support, use ape/libsec for cryptographics hash functions	cinap_lenrek

2016-04-11	gs: replace openssl aes implementation with ape/libsec	cinap_lenrek

2016-04-11	ape: add libauth, libbio, libmp and libsec as replacements for openssl	cinap_lenrek

2016-04-10	hg: create system wide /sys/lib/hgrc to enabled hgwebfs extension	cinap_lenrek
	the openssl we currently use is outdated and will be removed soon. webfs will handle the https for us with native tls code. keys have to be stored in factotum for everyone who also wants to commit directly.
2016-04-10	libauth: remove unneeded includes for authsrv.h, avoid pulling in dependency ↵	cinap_lenrek
	for rerrstr()
2016-04-10	libsec: make #include headers consistent	cinap_lenrek

2016-04-10	libsec: dont use mips assembly routines for spim, wrong endianess	cinap_lenrek

2016-04-10	libmp: fix build for spim, reduce by the mips assembly files	cinap_lenrek

2016-04-10	hg: set mercurial.url.has_https when hgwebfs extension is in use	cinap_lenrek
	this allows the use of SSL/HTTPS even when python is not build with openssl support.
2016-04-10	ape: move compatibility libc.h to lib9 directory and incooperate needed ↵	cinap_lenrek
	functions for ape/mp (wip)