Denys Vlasenko [Tue, 24 Jan 2017 16:06:10 +0000 (17:06 +0100)]
tls: if got CERTIFICATE_REQUEST, send an empty CERTIFICATE
wolfssl test server is not satisfied by an empty one,
but some real servers might be.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 15:00:54 +0000 (16:00 +0100)]
tls: add 2nd cipher_id, TLS_RSA_WITH_AES_128_CBC_SHA, so far it doesn't work
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)
This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:46:12 +0000 (20:46 +0100)]
ls: convert DISP_DIRNAME to a bool variable
function old new delta
ls_main 553 548 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:43:06 +0000 (20:43 +0100)]
ls: get rid of opt_flags[], handle -l1c through option_mask32
function old new delta
display_single 885 888 +3
scan_and_display_dirs_recur 496 486 -10
opt_flags 11 - -11
ls_main 618 553 -65
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/2 up/down: 3/-86) Total: -83 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:21:14 +0000 (20:21 +0100)]
ls: handle -x through option_mask32, remove default -C from --help
function old new delta
packed_usage 31024 31002 -22
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:08:22 +0000 (20:08 +0100)]
ls: handle -d and -R through option_mask32
function old new delta
scan_and_display_dirs_recur 545 550 +5
display_single 1039 1044 +5
append_char 67 68 +1
display_files 399 396 -3
ls_main 736 717 -19
opt_flags 68 11 -57
.rodata 168864 168784 -80
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/4 up/down: 11/-159) Total: -148 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:56:13 +0000 (19:56 +0100)]
ls: handle -p and -F through option_mask32
function old new delta
display_single 1039 1044 +5
append_char 67 68 +1
display_files 399 396 -3
scan_and_display_dirs_recur 545 541 -4
ls_main 736 722 -14
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/3 up/down: 6/-21) Total: -15 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:42:12 +0000 (19:42 +0100)]
ls: LIST_ID_NAME/ID_NUMERIC/LOPT/LONG are the same, merge as LONG
Also, handle -n and --full-time using option_mask32
function old new delta
scan_and_display_dirs_recur 548 545 -3
display_single 1053 1039 -14
ls_main 777 736 -41
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-58) Total: -58 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:30:14 +0000 (19:30 +0100)]
ls: make -Z output compatible with GNU coreutils 8.25
This also makes it clear that LIST_MODEBITS == LIST_LOPT
function old new delta
ls_main 752 777 +25
display_files 400 399 -1
display_single 1055 1053 -2
my_stat 320 317 -3
packed_usage 32311 32280 -31
.rodata 168895 168864 -31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/5 up/down: 25/-68) Total: -43 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:05:11 +0000 (19:05 +0100)]
ls: LIST_NLINKS/SIZE/DATE_TIME/SYMLINK are always the same, merge as LIST_LOPT
They are always set and cleared together
function old new delta
append_char 69 68 -1
display_single 910 908 -2
ls_main 677 664 -13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-16) Total: -16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:43:43 +0000 (18:43 +0100)]
ls: handle -s through option_mask32
function old new delta
scan_and_display_dirs_recur 493 494 +1
sort_and_display_files 424 423 -1
ls_main 682 677 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:34:11 +0000 (18:34 +0100)]
ls: handle -i through option_mask32
function old new delta
sort_and_display_files 420 424 +4
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:23:19 +0000 (18:23 +0100)]
ls: handle -a and -A through option_mask32
function old new delta
ls_main 685 682 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:01:48 +0000 (18:01 +0100)]
ls: handle all sort options through option_mask32
function old new delta
packed_usage 31007 31024 +17
my_stat 318 324 +6
sort_and_display_files 419 420 +1
print_name 216 217 +1
sortcmp 228 216 -12
opt_flags 96 64 -32
ls_main 732 685 -47
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/3 up/down: 25/-91) Total: -66 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 15:37:04 +0000 (16:37 +0100)]
tls: reorder tls_handshake_data fields for smaller size, tweak comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 15:12:17 +0000 (16:12 +0100)]
tls: send EMPTY_RENEGOTIATION_INFO_SCSV in our client hello
Hoped this can make cdn.kernel.org to like us more. Nope.
While at it, made error reporting more useful.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 00:15:13 +0000 (01:15 +0100)]
tls: set TLS_DEBUG to 0; placate a gcc indentation warning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 00:08:16 +0000 (01:08 +0100)]
separate TLS code into a library, use in in wget
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.
This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).
function old new delta
tls_handshake - 1691 +1691
tls_run_copy_loop - 443 +443
ssl_client_main - 128 +128
packed_usage 30978 31007 +29
wget_main 2508 2535 +27
applet_names 2553 2560 +7
...
xwrite_encrypted 360 342 -18
tls_main 2127 - -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195) Total: 156 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 21:02:19 +0000 (22:02 +0100)]
ls: -1 should be ignored by -l (and options which imply -l)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 18:02:57 +0000 (19:02 +0100)]
ls: more correct handling of -c, -u
function old new delta
my_stat 302 318 +16
packed_usage 30977 30969 -8
display_single 928 910 -18
sortcmp 258 228 -30
ls_main 776 732 -44
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/4 up/down: 16/-100) Total: -84 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 16:32:20 +0000 (17:32 +0100)]
ls: replace -e with --full-time, add --group-directories-first, delete -K
-K and -e were non-standard
function old new delta
static.ls_longopts 9 47 +38
ls_main 748 776 +28
display_single 901 928 +27
sortcmp 254 258 +4
ls_options 32 31 -1
opt_flags 100 96 -4
packed_usage 31032 30977 -55
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/3 up/down: 97/-60) Total: 37 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 13:27:07 +0000 (14:27 +0100)]
ip: better --help
Was:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
ip [OPTIONS] OBJECT [COMMAND]
where OBJECT := address|route|link|tunnel|neigh|rule
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
User: instead of repeating list of OBJECTs twice, you could at least
show available COMMANDs...
Now:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
COMMAND :=
ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
ip route list|flush|add|del|change|append|replace|test ROUTE
ip link set IFACE [up|down] [arp on|off] | show [IFACE]
ip tunnel add|change|del|show [NAME]
[mode ipip|gre|sit]
[remote ADDR] [local ADDR] [ttl TTL]
ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
ip rule [list] | add|del SELECTOR ACTION
While at it, tweak tc --help too (it stays disabled, thus no effect)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 02:56:46 +0000 (03:56 +0100)]
more ip --help fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 02:46:35 +0000 (03:46 +0100)]
make --help texts smaller
function old new delta
packed_usage 31035 30968 -67
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 01:49:58 +0000 (02:49 +0100)]
make --help texts more uniform
function old new delta
packed_usage 31062 31035 -27
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 01:07:59 +0000 (02:07 +0100)]
tls: reorder tls_state fields for smaller offsets
function old new delta
xwrite_encrypted 363 360 -3
xwrite_and_update_handshake_hash 117 114 -3
tls_xread_handshake_block 72 69 -3
tls_error_die 211 202 -9
tls_get_outbuf 64 49 -15
tls_main 2163 2127 -36
tls_xread_record 702 639 -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/7 up/down: 0/-132) Total: -132 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 21:48:41 +0000 (22:48 +0100)]
tls: send SNI in the client hello
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 20:23:10 +0000 (21:23 +0100)]
tls: check size on "MAC-only, no crypt" code path too
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 20:19:38 +0000 (21:19 +0100)]
tls: AES decrypt does one unnecessary memmove
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 19:27:06 +0000 (20:27 +0100)]
tls: make input buffer grow as needed
As it turns out, it goes only up to "inbuf_size:4608"
for kernel.org - fixed 18kb buffer was x4 larger than necessary.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 18:47:49 +0000 (19:47 +0100)]
password utils: improve --help, make DEFAULT_PASSWD_ALGO visible if CHPASSWD
Was:
$ cryptpw --help
...
Print crypt(3) hashed PASSWORD
-P,--password-fd=N Read password from fd N
-m,--method=TYPE Encryption method
-S,--salt=SALT
User: "What methods exist? which one os default?"
Now:
Print crypt(3) hashed PASSWORD
-P,--password-fd N Read password from fd N
-m,--method TYPE des,md5,sha256/512 (default des)
-S,--salt SALT
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 18:11:14 +0000 (19:11 +0100)]
tls: improve i/o loop
With tls_has_buffered_record(), entire kernel.org response
is printed at once, without 6 second pause to see its delayed EOF.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 16:59:25 +0000 (17:59 +0100)]
tls: was psAesDecrypt'ing one block too many, trashing buffered data
For the first time
printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | ./busybox tls kernel.org
successfully reads entire server response and TLS shutdown.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 15:07:14 +0000 (16:07 +0100)]
rdate: time(NULL) is shorter than time(&var)
function old new delta
rdate_main 251 246 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 15:03:48 +0000 (16:03 +0100)]
rdate: make it do something remotely sane, facing 32-bit time overflow
function old new delta
rdate_main 251 254 +3
packed_usage 31029 31023 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 13:27:58 +0000 (14:27 +0100)]
tls: do not use common_bufsiz
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 13:12:10 +0000 (14:12 +0100)]
tls: decode alerts and in particular, EOF alert.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 02:15:09 +0000 (03:15 +0100)]
tls: add the i/o loop - largish rework of i/o buffering
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 15:45:41 +0000 (16:45 +0100)]
tls: fix ROL/ROR x86 optimization
ALWAYS_INLINE:
function old new delta
psAesInitKey 825 824 -1
ROR 5 - -5
setup_mix2 148 134 -14
psAesDecryptBlock 1184 1139 -45
psAesEncryptBlock 1193 1102 -91
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-156) Total: -156 bytes
ALWAYS_INLINE + __builtin_constant_p(shift_cnt):
function old new delta
ROR 5 - -5
psAesInitKey 825 818 -7
setup_mix2 148 123 -25
psAesDecryptBlock 1184 1078 -106
psAesEncryptBlock 1193 1017 -176
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-319) Total: -319 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 15:32:38 +0000 (16:32 +0100)]
tls: tested PSTM_X86_64, not enabling it - too large
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 14:51:00 +0000 (15:51 +0100)]
tls: commented out psPool_t use
function old new delta
psAesEncrypt 159 162 +3
der_binary_to_pstm 42 40 -2
xwrite_and_hash 437 434 -3
xread_tls_block 446 443 -3
pstm_div_2d 449 444 -5
psAesDecrypt 179 174 -5
pstm_init_size 52 45 -7
pstm_init 46 39 -7
pstm_to_unsigned_bin 165 157 -8
tls_main 1265 1256 -9
pstm_mulmod 132 123 -9
pstm_mod 125 116 -9
pstm_init_copy 93 84 -9
psAesInitKey 840 825 -15
send_client_key_exchange 362 342 -20
psAesInit 103 80 -23
psRsaEncryptPub 429 403 -26
psAesDecryptBlock 1211 1184 -27
psAesEncryptBlock 1223 1193 -30
pstm_exptmod 1582 1524 -58
pstm_div 1557 1472 -85
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360) Total: -357 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 13:42:34 +0000 (14:42 +0100)]
ntpd: print result of hostname resolution
This is particularly useful if hostname resolution is triggered by
host non-reachability: I saw this in real-life, without the message
it is not at all obvious that IP that we use for a specific host
has changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 13:29:42 +0000 (14:29 +0100)]
fdisk: add typical values of -H and -S to --help
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 23:20:45 +0000 (00:20 +0100)]
tls: teach it to decrypt AES256-encrypted data
This adds decryption only.
There is no MAC verification, code simply throws away MAC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 20:00:23 +0000 (21:00 +0100)]
tls: trim comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 19:37:24 +0000 (20:37 +0100)]
tls: teach it to send AES256-encrypted data
>> CLIENT_HELLO
wrote 50 bytes
insize:0 tail:0
got block len:74
got HANDSHAKE
<< SERVER_HELLO
insize:79 tail:0
got block len:2397
got HANDSHAKE
<< CERTIFICATE
key bytes:271, first:0x00
server_rsa_pub_key.size:256
insize:2402 tail:0
got block len:4
got HANDSHAKE
<< SERVER_HELLO_DONE
>> CLIENT_KEY_EXCHANGE
wrote 267 bytes
master secret:c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
client_write_MAC_key:
3b0b7e2bab241b629c37eb3a3824f09b39fe71a00876b0c8026dda16ef0d2f82
client_write_key:
d36e801470ed2f0a8fc886ac25df57ffbe4265d06e3192122c4ef4df1e32fab2
>> CHANGE_CIPHER_SPEC
from secret: c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
from labelSeed: 636c69656e742066696e6973686564b22e0e6008b8ee218cc02e4a93e4a42b570535f9b57662e262d43b379d125b69
=> digest:
a45bfee8ed6507a2a9920d0c
>> FINISHED
before crypt: 5 hdr + 16 data + 32 hash bytes
writing 5 + 16 IV + 64 encrypted bytes, padding_length:0x0f
wrote 85 bytes
insize:9 tail:0
got block len:1
<< CHANGE_CIPHER_SPEC
insize:6 tail:0
got block len:80
< hdr_type:22 ver:3.3 len:80 type:21 len24:
9541723 |
1591985b...a3da|
The last line is the server's FINISHED response, encrypted.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 16:20:27 +0000 (17:20 +0100)]
tls: added AES code and made it compile. not used yet
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 05:45:50 +0000 (06:45 +0100)]
tls: massage writing for encryption support; finer-grained debug
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 17:17:27 +0000 (18:17 +0100)]
tls: address one easy FIXME, tidy up comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 16:24:11 +0000 (17:24 +0100)]
tls: process CHANGE_CIPHER_SPEC and FINISHED from server
Successfully finishes handshake with test servers using NULL-SHA256
cipher.
The "only" thing remaining before there is a chance
this can actually work with real servers is AES encrypt/decrypt.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 16:04:24 +0000 (17:04 +0100)]
tls: rearrange function order, improve comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 15:53:36 +0000 (16:53 +0100)]
tls: make our send_client_finished() pass server check
sha256 hash should be calculated over incoming handshake packets too!
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 16 Jan 2017 22:26:33 +0000 (23:26 +0100)]
tls: format FINISHED message properly for unencrypted, but sha256 signed mode
Now it at least looks correct, but unfortunately "openssl s_server"
says my hash is wrong.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 16 Jan 2017 16:31:05 +0000 (17:31 +0100)]
Assorted warning fixes and added a comment, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 16 Jan 2017 03:25:01 +0000 (04:25 +0100)]
tls: add sha256 hmac and prf code
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 15 Jan 2017 20:48:31 +0000 (21:48 +0100)]
cryptpw: support "rounds=NNNNNNN$" thing in salts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 15 Jan 2017 19:59:32 +0000 (20:59 +0100)]
libbb: eliminate redundant variable in sha_crypt
function old new delta
sha_crypt 1136 1130 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 15 Jan 2017 19:16:27 +0000 (20:16 +0100)]
sha512: use larger constant table only if sha512 is in fact selected
function old new delta
sha_K 640 256 -384
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 15 Jan 2017 13:16:51 +0000 (14:16 +0100)]
tls: rearrange code, add/improve comments, fix whitespace, no real changes here
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 15 Jan 2017 01:17:03 +0000 (02:17 +0100)]
tls: send CHANGE_CIPHER_SPEC
To "actually implement it" will take more work...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 14 Jan 2017 23:18:22 +0000 (00:18 +0100)]
whitespace fix
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 14 Jan 2017 23:12:42 +0000 (00:12 +0100)]
tls: format and send CLIENT_KEY_EXCHANGE
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4265
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30
entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30
skipped der 0x30, next byte 0x03
entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00
key bytes:399, first:0x00
entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02
binary bytes:385, first:0x00
skipped der 0x02, next byte 0x02
binary bytes:3, first:0x01
server_rsa_pub_key.size:384
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
insize:9 tail:0
^C
Next step: send CHANGE_CIPHER_SPEC... and actually implement it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 14 Jan 2017 21:38:25 +0000 (22:38 +0100)]
tls: DER length byte 0x81 is actually valid
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 14 Jan 2017 12:57:16 +0000 (13:57 +0100)]
tls: a bit more work
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4406
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8f7e723:0x30 len:1452 inner_byte @0x8f7e727:0x30
entered der @0x8f7e727:0x30 len:1172 inner_byte @0x8f7e72b:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8f7e830:0x30 len:418 inner_byte @0x8f7e834:0x30
skipped der 0x30, next byte 0x03
entered der @0x8f7e843:0x03 len:399 inner_byte @0x8f7e847:0x00
copying key bytes:399, first:0x00
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
Now need to teach it to send ClientKeyExchange...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 14 Jan 2017 11:49:32 +0000 (12:49 +0100)]
tls: work-in-progress TLS1.2 test applet
function old new delta
tls_main - 733 +733
dump - 230 +230
xread_tls_block - 180 +180
get_der_len - 76 +76
enter_der_item - 70 +70
skip_der_item - 56 +56
get24be - 24 +24
tls_error_die - 19 +19
packed_usage 31010 31027 +17
applet_names 2549 2553 +4
applet_main 1472 1476 +4
applet_suid 92 93 +1
applet_install_loc 184 185 +1
------------------------------------------------------------------------------
(add/remove: 9/0 grow/shrink: 5/0 up/down: 1415/0) Total: 1415 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 19:16:45 +0000 (20:16 +0100)]
wget: fix for brain-damaged HTTP servers. Closes 9471
write(3, "GET / HTTP/1.1\r\nUser-Agent: Wget\r\nConnection: close\r\n\r\n", 74) = 74
shutdown(3, SHUT_WR) = 0
alarm(900) = 900
read(3, "", 1024) = 0
write(2, "wget: error getting response\n", 29) = 29
exit(1)
The peer simply does not return anything. It closes its connection.
Probably it detects wget closing its writing end: shutdown(3, SHUT_WR).
The point it, closing write side of the socket is _valid_ for HTTP.
wget sent the full request, it won't be sending anything more:
it will only receive the response, and that's it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 18:59:03 +0000 (19:59 +0100)]
ash: commented-out possible fix for 7694
bash has a feature: it restores termios after a successful wait for
a foreground job which had at least one stopped or sigkilled member.
The probable rationale is that SIGSTOP and SIGKILL can preclude task from
properly restoring tty state. Should we do this too?
A reproducer: ^Z an interactive python:
$ python
Python 2.7.12 (...)
>>> ^Z
{ python leaves tty in -icanon -echo state. We do survive that... }
[1]+ Stopped python
{ ...however, next program (python no.2) does not survive it well: }
$ python
Python 2.7.12 (...)
>>> Traceback (most recent call last):
{ above, I typed "qwerty<CR>", but -echo state is still in effect }
File "<stdin>", line 1, in <module>
NameError: name 'qwerty' is not defined
The implementation is modeled on bash code and seems to work.
However, I'm not sure we should do this. For one: what if I'd fg
the stopped python instead? It'll be confused by "restored" tty state.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 17:44:15 +0000 (18:44 +0100)]
ash: 16-bit ->nprocs field is a pain for many CPUs
function old new delta
getoptscmd 527 540 +13
getjob 280 286 +6
makejob 278 282 +4
forkchild 602 600 -2
waitcmd 208 205 -3
showjob 382 379 -3
getstatus 83 80 -3
dowait 408 405 -3
freejob 93 89 -4
fg_bgcmd 290 286 -4
forkshell 260 255 -5
killcmd 224 218 -6
jobno 17 11 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/10 up/down: 23/-39) Total: -16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 15:35:52 +0000 (16:35 +0100)]
Move FEATURE_AUTOWIDTH config option to two applets which use it
No code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 15:27:12 +0000 (16:27 +0100)]
Move FEATURE_USE_TERMIOS config option to two applets which use it
No code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 15:17:59 +0000 (16:17 +0100)]
libbb: consolidate the code to set termios unbuffered mode
function old new delta
set_termios_to_raw - 116 +116
count_lines 72 74 +2
powertop_main 1458 1430 -28
top_main 943 914 -29
more_main 759 714 -45
fsck_minix_main 2969 2921 -48
conspy_main 1197 1135 -62
rawmode 99 36 -63
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/6 up/down: 118/-275) Total: -157 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 13:22:00 +0000 (14:22 +0100)]
hush: reinstate [[ builtin
Mike deleted it:
commit
39456a18a104b228de240b265bd943251219849d
Author: Mike Frysinger <vapier@gentoo.org>
Date: Sat Mar 28 12:21:57 2009 +0000
stop lying about [[ test support
probably because it was not properly ifdefed around, and was enabled
even when bash compat is off.
I just tested it - it works:
$ [ *.diff = z.diff ]; echo $?
0
$ [[ *.diff = z.diff ]]; echo $?
1
Of course, not all numerous bash tricks of [[ ]] are implemented...
function old new delta
bltins2 60 72 +12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Wed, 11 Jan 2017 13:18:15 +0000 (14:18 +0100)]
hush: split bash compatible extensions into separate defines. No code changes
Splitting these options makes it self-documenting about what
bash-compatible features we have.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 13:00:38 +0000 (14:00 +0100)]
ash: split bash compatible extensions into separate defines. No code changes
Splitting these options makes it self-documenting about what
bash-compatible features we have.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 09:52:24 +0000 (10:52 +0100)]
busybox: stop depending on FEATURE_AUTOWIDTH for applet list
Many other appletw don't - they unconditionally use get_terminal_wodth(),
and here the amount of code saved by FEATURE_AUTOWIDTH=n is tiny.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 09:50:08 +0000 (10:50 +0100)]
top: FEATURE_USE_TERMIOS shouldn't control reading of screen size
It controls whether we take input.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 11 Jan 2017 09:38:52 +0000 (10:38 +0100)]
more: hardcode FEATURE_USE_TERMIOS=y in this applet; code shrink
function old new delta
get_wh - 27 +27
tcsetattr_tty_TCSANOW - 18 +18
gotsig 35 27 -8
more_main 835 759 -76
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/2 up/down: 45/-84) Total: -39 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 15:51:10 +0000 (16:51 +0100)]
hush: shorten output of "help" builtin
text data bss dec hex filename
891272 485 6856 898613 db635 busybox_old
891232 485 6856 898573 db60d busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 14:58:02 +0000 (15:58 +0100)]
hush: reorder builtins (cd and pwd ought to be close, etc), no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 14:24:13 +0000 (15:24 +0100)]
init: rename FEATURE_EXTRA_QUIET -> FEATURE_INIT_QUIET
The former name had no INIT anywhere in its name, sounded generic
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 14:18:38 +0000 (15:18 +0100)]
ash: revert "make dot command search current directory first"
Reverts this:
commit
8ad78e1ec7b2e873953f9f476fb63b5893526c39
Author: Denis Vlasenko <vda.linux@googlemail.com>
Date: Sun Feb 15 12:40:30 2009 +0000
ash: make dot command search current directory first, as bash does.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 14:13:30 +0000 (15:13 +0100)]
shells: make hush test optional, rename ASH_BUILTIN_foo -> ASH_foo
This makes hash and ash more symmetrical wrt config menu and config
options.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 10 Jan 2017 13:58:54 +0000 (14:58 +0100)]
Big cleanup in config help and description
Redundant help texts (one which only repeats the description)
are deleted.
Descriptions and help texts are trimmed.
Some config options are moved, even across menus.
No config option _names_ are changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Thu, 5 Jan 2017 01:25:03 +0000 (09:25 +0800)]
Allow FAST_FUNC to be overridden at build time
Busybox uses FAST_FUNC macro to tweak with IA-32 calling conventions in
order to make the function call slightly smaller or slightly faster.
However, when I experiment with GCC's LTO (Link Time Optimization), I
discovered that FAST_FUNC could hinder LTO's optimization so that the
resulting executable become a few bytes larger (than what is compiled
without FAST_FUNC).
This change allows to specify e.g.
CONFIG_EXTRA_CFLAGS="-DFAST_FUNC= -flto"
and compile with LTO without a source code hack.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Mon, 9 Jan 2017 17:46:58 +0000 (18:46 +0100)]
kill: optimizations for single-applet build
* Fix a bug with a configuration in which the shell's kill builtin
would be mistreated as a killall command (i.e. '-q' works, and
'kill process_name' succeeds when it shouldn't):
CONFIG_ASH_JOB_CONTROL=y
CONFIG_HUSH_KILL=y
# CONFIG_KILL is not set
CONFIG_KILLALL=y
# CONFIG_KILLALL5 is not set
* Optimize out unneeded code when the relevant applets are not
selected.
* Move kbuild lines about shells' kill builtins from Kbuild.src to
kill.c, to accompany the new HAVE_SH_KILL macro. I hope this would
make maintanence a little bit easier.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 16:10:04 +0000 (17:10 +0100)]
hush: make echo builtin optional
It's a bit overkill (who would want it off?) but ash already has it
configurable. Let's be symmetric.
Also tweak kbuild logic to use ASH_BUILTIN_ECHO to select echo.o,
not ASH.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Mon, 9 Jan 2017 16:02:51 +0000 (17:02 +0100)]
kill: need not build kill.c when ash's job control is off
ash kill builtin depends on the job control config option.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 15:31:21 +0000 (16:31 +0100)]
make_single_applets.sh: show errors and warnings
While at it, fix one warning in modprobe-small.c
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 13:28:25 +0000 (14:28 +0100)]
unlzma: expand comments, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 12:55:11 +0000 (13:55 +0100)]
unlzma: fix erroneous "while" instead of "if". Closes 4682
These parts of the code essentially check whether
stepping back by rep0 goes negative or not.
LZMA SDK from lzma1604.7z has the following in the corresponding places:
... = dic[dicPos - rep0 + (dicPos < rep0 ? dicBufSize : 0)]
Clearly, not loop here.
Technically, "while" here works: if condition is false (because pos
underflowed), it iterates once, adds header.dict_size (a.k.a. dicBufSize),
this makes pos positive but smaller than header.dict_size, and loop exits.
Now we'll just check for negative result of subtraction, which is less code:
function old new delta
unpack_lzma_stream 2659 2641 -18
(I hope 2 Gbyte+ dictionaries won't be in use soon).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 12:10:10 +0000 (13:10 +0100)]
unzip: match "Defl:?" display with info-zip; cosmetic code shuffling
Large nested indented code blocks made more sane with a few gotos.
function old new delta
unzip_main 2491 2519 +28
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 10:12:01 +0000 (11:12 +0100)]
unzip: optional support for xz
function old new delta
unzip_main 2476 2491 +15
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 09:58:37 +0000 (10:58 +0100)]
unzip: optional support for bzip2 and lzma
function old new delta
unzip_main 2376 2476 +100
bbunpack 750 745 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 08:48:58 +0000 (09:48 +0100)]
modprobe-small: build fixes
Was throwing some build errors:
CONFIG_MODPROBE_SMALL=y
CONFIG_DEPMOD=y
CONFIG_LSMOD=y
CONFIG_MODINFO=y
CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED=y
error: unused variable 'exitcode'
modutils/modprobe-small.c: In function 'modprobe_main':
modutils/modprobe-small.c:1060: error: control reaches end of non-void function
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Explorer09 [Mon, 9 Jan 2017 07:04:43 +0000 (15:04 +0800)]
modprobe-small: optimizations for single applet build
(I'm requesting for a review first because I fear such an aggressive
change could lead to bugs. While I observe the sizes have reduced, I
haven't test the functionality of each applet after that. So please
test before merging.)
Aggressively cut off unneeded code when the relevant applets are not
built.
Correct dependencies of FEATURE_MODPROBE_SMALL_OPTIONS_ON_CMDLINE and
FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED.
Don't bother with the '-r' option check if only rmmod is built (assume
true then), or when neither rmmod or mobprobe is built (assume false
then).
Size comparison before and after the change (single applet
configuration):
text data bss dec hex filename
34778 946 112 35836 8bfc old/busybox_DEPMOD
34151 946 112 35209 8989 new/busybox_DEPMOD
34903 946 112 35961 8c79 old/busybox_INSMOD
28316 778 112 29206 7216 new/busybox_INSMOD
35228 962 112 36302 8dce old/busybox_LSMOD
5011 706 40 5757 167d new/busybox_LSMOD
34830 946 112 35888 8c30 old/busybox_MODPROBE
34795 946 112 35853 8c0d new/busybox_MODPROBE
34718 946 112 35776 8bc0 old/busybox_RMMOD
7502 714 104 8320 2080 new/busybox_RMMOD
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Sun, 8 Jan 2017 06:28:34 +0000 (14:28 +0800)]
Allow 'gzip -d' and 'bzip2 -d' without gunzip or bunzip2
Idea copied from the "ip" applet.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 07:22:06 +0000 (08:22 +0100)]
ash: fix a bug in argv restoration after sourcing a file
if sourced file "shift"ed argvs so that $1 is NULL, restore wasn't done.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 07:13:21 +0000 (08:13 +0100)]
hush: fix a bug in argv restoration after sourcing a file
if sourced file "shift"ed argvs so that $1 is NULL, restore wasn't done.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 06:57:38 +0000 (07:57 +0100)]
hush: global_args_malloced is used only if set builtin is enabled
function old new delta
run_pipe 1623 1635 +12
builtin_source 210 222 +12
save_and_replace_G_args 70 60 -10
builtin_shift 132 94 -38
restore_G_args 98 - -98
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 2/2 up/down: 24/-146) Total: -122 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 9 Jan 2017 05:19:55 +0000 (06:19 +0100)]
hush: fix 'defined but not used' warning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
projects / oweals / busybox.git / log