Denys Vlasenko [Thu, 16 Feb 2017 22:25:44 +0000 (23:25 +0100)]
udhcp: use poll() instead of select()
function old new delta
udhcp_sp_read 65 46 -19
udhcp_sp_fd_set 79 54 -25
udhcpd_main 1530 1482 -48
udhcpc_main 2780 2730 -50
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-142) Total: -142 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 16 Feb 2017 19:04:19 +0000 (20:04 +0100)]
udhcp: do not clobber errno by signal handler
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 16 Feb 2017 16:17:17 +0000 (17:17 +0100)]
nc: use poll() instead of select()
function old new delta
nc_main 943 866 -77
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 16 Feb 2017 15:27:39 +0000 (16:27 +0100)]
tls: covert i/o loop from using select() to poll()
function old new delta
tls_run_copy_loop 377 282 -95
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 12 Feb 2017 20:57:22 +0000 (21:57 +0100)]
sendmail: allow "+" symbol in recipient. Closes 9646
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Thu, 9 Feb 2017 14:48:52 +0000 (22:48 +0800)]
modprobe-small: define and use DEPMOD_OPT_n (option mask)
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Thu, 9 Feb 2017 14:48:50 +0000 (22:48 +0800)]
modprobe-small: document '-n' in depmod usage
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 7 Feb 2017 15:41:25 +0000 (16:41 +0100)]
modprobe_small: if only MODPROBE and DEPMOD are selected, no need to test for them
function old new delta
modprobe_main 321 306 -15
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Wed, 1 Feb 2017 11:43:54 +0000 (19:43 +0800)]
Reorder modutils config options & fix yet more dependency
- modprobe can indirectly benefit from FEATURE_2_4_MODULES and
FEATURE_INSMOD_TRY_MAP options.
- The position of config FEATURE_INSMOD_TRY_MMAP prevented some other
config options from indenting under FEATURE_2_4_MODULES. Reorder to
fix this.
- FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is now moved to
Config.src under "Common options" section. (I wished to edit this
config so that it also work with "big" modutils, but it's not done at
the moment. Sorry.)
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Sun, 5 Feb 2017 18:02:34 +0000 (19:02 +0100)]
modutils: fix config options dependency (2)
- The modprobe-small implementation of rmmod no longer chdir's to
"/lib/modules/`uname -r`" as it was not necessary for rmmod's
operation. (And it no longer need to die if such modules directory
doesn't exist.)
- Configs DEFAULT_MODULES_DIR and DEFAULT_DEPMOD_FILE no longer depend
on MODPROBE_SMALL as the latter may not enable depmod or modprobe
that requires these configs.
- Clarify DEFAULT_DEPMOD_FILE's description regarding the ".bb" name
suffix.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 4 Feb 2017 22:19:30 +0000 (23:19 +0100)]
httpd: use "Content-Length", not "-length"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Rostislav Skudnov [Wed, 1 Feb 2017 18:35:13 +0000 (18:35 +0000)]
Replace int -> uint to avoid signed integer overflow
An example of such an error (should be compiled with DEBUG_SANITIZE):
runtime error: left shift of 1 by 31 places cannot be represented in
type 'int'
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 4 Feb 2017 15:23:49 +0000 (16:23 +0100)]
tls: fold AES CBC en/decryption into single functions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 3 Feb 2017 17:19:59 +0000 (18:19 +0100)]
wget/tls: session_id of zero length is ok (arxiv.org responds with such)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 3 Feb 2017 12:00:06 +0000 (13:00 +0100)]
ash: add INT_OFF/ON around allocations
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 2 Feb 2017 12:04:30 +0000 (13:04 +0100)]
ps: avoid -o stat to contain spaces. Closes 9631
function old new delta
procps_scan 1227 1236 +9
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Tue, 31 Jan 2017 13:09:17 +0000 (21:09 +0800)]
cmdline module options can be disabled on "big" modutils
Allow module options on command line to be disabled on "big" modutils.
Config FEATURE_MODPROBE_SMALL_OPTIONS_ON_CMDLINE is renamed to
FEATURE_CMDLINE_MODULE_OPTIONS and no longer depends on !MODPROBE_SMALL
(I'm not sure if disabling this is useful on "big" modutils, but at
least the macro can serve as a marker and ensure both implementations
of same feature have consistent behavior.)
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Wed, 1 Feb 2017 00:43:32 +0000 (01:43 +0100)]
modutils: remove redundant "select PLATFORM_LINUX" configs
It is enough to have only applets' configs select PLATFORM_LINUX.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Tue, 31 Jan 2017 09:06:43 +0000 (17:06 +0800)]
modprobe-small: move lsmod code out of modprobe_main()
Having lsmod code inside modprobe_main() makes some of the applet name
checking code awkward. Besides, this make busybox x86_64 binary a few
bytes smaller. :)
function old new delta
lsmod_main - 23 +23
modprobe_main 599 564 -35
-------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 23/-35) Total: -12 bytes
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 1 Feb 2017 00:22:37 +0000 (01:22 +0100)]
modprobe-small: improve config help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Felix Fietkau [Tue, 31 Jan 2017 20:58:55 +0000 (21:58 +0100)]
ash: improve / fix glob expansion
When using musl libc glob() a very long string can cause glob() to fail,
which leads to an out of memory error being raised by ash.
This can happen easily if a very long quoted string contains *, even
though no glob expansion should ever be performed on it (since it's
quoted).
Fix this by properly parsing control characters and escaping and only
accept unquoted metacharacters. While we're at it, unify this check for
libc and built-in glob expansion
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 30 Jan 2017 21:20:06 +0000 (22:20 +0100)]
taskset: simplify code a bit; tweak --help
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 30 Jan 2017 18:21:12 +0000 (19:21 +0100)]
modprobe-small: fix --help texts, they are from "big" modutils
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Kang-Che Sung [Mon, 30 Jan 2017 18:14:50 +0000 (19:14 +0100)]
modutils: fix config options dependency
module.aliases and module.symbols files have no use in modprobe-small
implementation. So FEATURE_MODUTILS_ALIAS and FEATURE_MODUTILS_SYMBOLS
will depend on !MODPROBE_SMALL.
The try_to_mmap_module() function is not called in modprobe-small.c,
so I will let FEATURE_INSMOD_TRY_MMAP depend on !MODPROBE_SMALL for
now.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Likewise, FEATURE_2_4_MODULES is not used by modprobe-small.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 30 Jan 2017 15:27:37 +0000 (16:27 +0100)]
wget: add a big explanation what TLS code implements and what does not
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 23:45:05 +0000 (00:45 +0100)]
libbb: match_fstype() is unreadable in the extreme, fixing it
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 18:14:26 +0000 (19:14 +0100)]
vi,fsck: do not use build timestamp unconditionally. Closes 9626
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 17:59:38 +0000 (18:59 +0100)]
taskset: separate "current" and "new" strings
Better for constant sharing:
text data bss dec hex filename
912997 485 6856 920338 e0b12 busybox_old
912988 485 6856 920329 e0b09 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 17:48:58 +0000 (18:48 +0100)]
typo in comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 17:19:29 +0000 (18:19 +0100)]
taskset: rewrite to be task size-agnostic
function old new delta
packed_usage 31130 31190 +60
taskset_main 623 525 -98
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/1 up/down: 60/-98) Total: -38 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 29 Jan 2017 13:57:33 +0000 (14:57 +0100)]
*: add comment about APPLET_ODDNAME format
It confused me more than once
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 26 Jan 2017 18:35:40 +0000 (19:35 +0100)]
httpd: defend against attempts to OOM us. Closes 9611
We were strdup'ing "Cookie: foo" every time we saw it.
function old new delta
handle_incoming_and_exit 2733 2821 +88
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 26 Jan 2017 17:54:12 +0000 (18:54 +0100)]
adduser: help for -G GRP is misleading, fix it
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 26 Jan 2017 17:31:51 +0000 (18:31 +0100)]
sh: fix FEATURE_SH_STANDALONE help text: it does not enable NOFORK
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 26 Jan 2017 00:13:58 +0000 (01:13 +0100)]
libbb: spawn_and_wait() fflushes before forking NOEXEC; child reinits logmode
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 23:27:53 +0000 (00:27 +0100)]
link: new applet
coreutils grew itself a tiny simplistic alternative to ln:
Usage: link FILE LINK
Create hard LINK to FILE
function old new delta
link_main - 75 +75
packed_usage 31114 31131 +17
applet_names 2564 2569 +5
applet_main 1480 1484 +4
applet_install_loc 185 186 +1
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 4/0 up/down: 102/0) Total: 102 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 16:00:38 +0000 (17:00 +0100)]
xxd: make -p output lines actually end with a newline
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 15:50:30 +0000 (16:50 +0100)]
xxd: implement -p
While at it, tweaked hexdump --help
function old new delta
xxd_main 364 414 +50
packed_usage 31097 31114 +17
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 15:21:00 +0000 (16:21 +0100)]
libbb: shrink sump.c
function old new delta
dot_flags_width_chars - 16 +16
int_convs - 7 +7
lcc 7 - -7
index_str 16 - -16
rewrite 1013 937 -76
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 0/1 up/down: 23/-99) Total: -76 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 03:52:45 +0000 (04:52 +0100)]
ftpd/ls: show directories first
Old TODO finally done
function old new delta
ls_main 548 568 +20
packed_usage 31116 31097 -19
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 02:07:39 +0000 (03:07 +0100)]
hexdump/xxd: a bit more condensed formats
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 25 Jan 2017 00:58:00 +0000 (01:58 +0100)]
xxd: new applet
Yet Another Hexdumper
function old new delta
xxd_main - 364 +364
packed_usage 31046 31116 +70
applet_names 2560 2564 +4
applet_main 1476 1480 +4
rewrite 1022 1013 -9
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 3/1 up/down: 442/-9) Total: 433 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Andrey Mozzhuhin [Tue, 24 Jan 2017 22:02:04 +0000 (23:02 +0100)]
ftpd: new option -a ANON_USER to allow anonymous logins
Anonymous ftpd login is useful even when ftpd authentication feature
is enabled. Anonymous logins provide simple password-less connection
for FTP clients.
To allow password-less connection user command line option '-a USER' is
added. This option specifies the system user to use when
'anonymous' username is given in USER command. No password is required
in this case.
function old new delta
ftpd_main 2164 2232 +68
packed_usage 31015 31046 +31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 99/0) Total: 99 bytes
Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 20:41:43 +0000 (21:41 +0100)]
wget: add support for -S --server-response
Based on the patch by stephane.billiart@gmail.com
function old new delta
ftpcmd 87 129 +42
fgets_and_trim 86 119 +33
static.wget_longopts 234 252 +18
packed_usage 31002 31015 +13
wget_main 2535 2540 +5
gethdr 158 163 +5
retrieve_file_data 424 428 +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 7/0 up/down: 120/0) Total: 120 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 19:52:42 +0000 (20:52 +0100)]
remove "local" bashism from a few scripts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 17:08:07 +0000 (18:08 +0100)]
tls: can download kernels now :)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 16:06:10 +0000 (17:06 +0100)]
tls: if got CERTIFICATE_REQUEST, send an empty CERTIFICATE
wolfssl test server is not satisfied by an empty one,
but some real servers might be.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 24 Jan 2017 15:00:54 +0000 (16:00 +0100)]
tls: add 2nd cipher_id, TLS_RSA_WITH_AES_128_CBC_SHA, so far it doesn't work
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)
This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:46:12 +0000 (20:46 +0100)]
ls: convert DISP_DIRNAME to a bool variable
function old new delta
ls_main 553 548 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:43:06 +0000 (20:43 +0100)]
ls: get rid of opt_flags[], handle -l1c through option_mask32
function old new delta
display_single 885 888 +3
scan_and_display_dirs_recur 496 486 -10
opt_flags 11 - -11
ls_main 618 553 -65
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 1/2 up/down: 3/-86) Total: -83 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:21:14 +0000 (20:21 +0100)]
ls: handle -x through option_mask32, remove default -C from --help
function old new delta
packed_usage 31024 31002 -22
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 19:08:22 +0000 (20:08 +0100)]
ls: handle -d and -R through option_mask32
function old new delta
scan_and_display_dirs_recur 545 550 +5
display_single 1039 1044 +5
append_char 67 68 +1
display_files 399 396 -3
ls_main 736 717 -19
opt_flags 68 11 -57
.rodata 168864 168784 -80
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/4 up/down: 11/-159) Total: -148 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:56:13 +0000 (19:56 +0100)]
ls: handle -p and -F through option_mask32
function old new delta
display_single 1039 1044 +5
append_char 67 68 +1
display_files 399 396 -3
scan_and_display_dirs_recur 545 541 -4
ls_main 736 722 -14
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/3 up/down: 6/-21) Total: -15 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:42:12 +0000 (19:42 +0100)]
ls: LIST_ID_NAME/ID_NUMERIC/LOPT/LONG are the same, merge as LONG
Also, handle -n and --full-time using option_mask32
function old new delta
scan_and_display_dirs_recur 548 545 -3
display_single 1053 1039 -14
ls_main 777 736 -41
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-58) Total: -58 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:30:14 +0000 (19:30 +0100)]
ls: make -Z output compatible with GNU coreutils 8.25
This also makes it clear that LIST_MODEBITS == LIST_LOPT
function old new delta
ls_main 752 777 +25
display_files 400 399 -1
display_single 1055 1053 -2
my_stat 320 317 -3
packed_usage 32311 32280 -31
.rodata 168895 168864 -31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/5 up/down: 25/-68) Total: -43 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 18:05:11 +0000 (19:05 +0100)]
ls: LIST_NLINKS/SIZE/DATE_TIME/SYMLINK are always the same, merge as LIST_LOPT
They are always set and cleared together
function old new delta
append_char 69 68 -1
display_single 910 908 -2
ls_main 677 664 -13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/3 up/down: 0/-16) Total: -16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:43:43 +0000 (18:43 +0100)]
ls: handle -s through option_mask32
function old new delta
scan_and_display_dirs_recur 493 494 +1
sort_and_display_files 424 423 -1
ls_main 682 677 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:34:11 +0000 (18:34 +0100)]
ls: handle -i through option_mask32
function old new delta
sort_and_display_files 420 424 +4
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:23:19 +0000 (18:23 +0100)]
ls: handle -a and -A through option_mask32
function old new delta
ls_main 685 682 -3
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 17:01:48 +0000 (18:01 +0100)]
ls: handle all sort options through option_mask32
function old new delta
packed_usage 31007 31024 +17
my_stat 318 324 +6
sort_and_display_files 419 420 +1
print_name 216 217 +1
sortcmp 228 216 -12
opt_flags 96 64 -32
ls_main 732 685 -47
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/3 up/down: 25/-91) Total: -66 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 15:37:04 +0000 (16:37 +0100)]
tls: reorder tls_handshake_data fields for smaller size, tweak comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 15:12:17 +0000 (16:12 +0100)]
tls: send EMPTY_RENEGOTIATION_INFO_SCSV in our client hello
Hoped this can make cdn.kernel.org to like us more. Nope.
While at it, made error reporting more useful.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 00:15:13 +0000 (01:15 +0100)]
tls: set TLS_DEBUG to 0; placate a gcc indentation warning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 23 Jan 2017 00:08:16 +0000 (01:08 +0100)]
separate TLS code into a library, use in in wget
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.
This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).
function old new delta
tls_handshake - 1691 +1691
tls_run_copy_loop - 443 +443
ssl_client_main - 128 +128
packed_usage 30978 31007 +29
wget_main 2508 2535 +27
applet_names 2553 2560 +7
...
xwrite_encrypted 360 342 -18
tls_main 2127 - -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195) Total: 156 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 21:02:19 +0000 (22:02 +0100)]
ls: -1 should be ignored by -l (and options which imply -l)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 18:02:57 +0000 (19:02 +0100)]
ls: more correct handling of -c, -u
function old new delta
my_stat 302 318 +16
packed_usage 30977 30969 -8
display_single 928 910 -18
sortcmp 258 228 -30
ls_main 776 732 -44
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/4 up/down: 16/-100) Total: -84 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sun, 22 Jan 2017 16:32:20 +0000 (17:32 +0100)]
ls: replace -e with --full-time, add --group-directories-first, delete -K
-K and -e were non-standard
function old new delta
static.ls_longopts 9 47 +38
ls_main 748 776 +28
display_single 901 928 +27
sortcmp 254 258 +4
ls_options 32 31 -1
opt_flags 100 96 -4
packed_usage 31032 30977 -55
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/3 up/down: 97/-60) Total: 37 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 13:27:07 +0000 (14:27 +0100)]
ip: better --help
Was:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
ip [OPTIONS] OBJECT [COMMAND]
where OBJECT := address|route|link|tunnel|neigh|rule
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
User: instead of repeating list of OBJECTs twice, you could at least
show available COMMANDs...
Now:
Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]
OPTIONS := -f[amily] inet|inet6|link | -o[neline]
COMMAND :=
ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
ip route list|flush|add|del|change|append|replace|test ROUTE
ip link set IFACE [up|down] [arp on|off] | show [IFACE]
ip tunnel add|change|del|show [NAME]
[mode ipip|gre|sit]
[remote ADDR] [local ADDR] [ttl TTL]
ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
ip rule [list] | add|del SELECTOR ACTION
While at it, tweak tc --help too (it stays disabled, thus no effect)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 02:56:46 +0000 (03:56 +0100)]
more ip --help fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 02:46:35 +0000 (03:46 +0100)]
make --help texts smaller
function old new delta
packed_usage 31035 30968 -67
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 01:49:58 +0000 (02:49 +0100)]
make --help texts more uniform
function old new delta
packed_usage 31062 31035 -27
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Sat, 21 Jan 2017 01:07:59 +0000 (02:07 +0100)]
tls: reorder tls_state fields for smaller offsets
function old new delta
xwrite_encrypted 363 360 -3
xwrite_and_update_handshake_hash 117 114 -3
tls_xread_handshake_block 72 69 -3
tls_error_die 211 202 -9
tls_get_outbuf 64 49 -15
tls_main 2163 2127 -36
tls_xread_record 702 639 -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/7 up/down: 0/-132) Total: -132 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 21:48:41 +0000 (22:48 +0100)]
tls: send SNI in the client hello
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 20:23:10 +0000 (21:23 +0100)]
tls: check size on "MAC-only, no crypt" code path too
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 20:19:38 +0000 (21:19 +0100)]
tls: AES decrypt does one unnecessary memmove
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 19:27:06 +0000 (20:27 +0100)]
tls: make input buffer grow as needed
As it turns out, it goes only up to "inbuf_size:4608"
for kernel.org - fixed 18kb buffer was x4 larger than necessary.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 18:47:49 +0000 (19:47 +0100)]
password utils: improve --help, make DEFAULT_PASSWD_ALGO visible if CHPASSWD
Was:
$ cryptpw --help
...
Print crypt(3) hashed PASSWORD
-P,--password-fd=N Read password from fd N
-m,--method=TYPE Encryption method
-S,--salt=SALT
User: "What methods exist? which one os default?"
Now:
Print crypt(3) hashed PASSWORD
-P,--password-fd N Read password from fd N
-m,--method TYPE des,md5,sha256/512 (default des)
-S,--salt SALT
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 18:11:14 +0000 (19:11 +0100)]
tls: improve i/o loop
With tls_has_buffered_record(), entire kernel.org response
is printed at once, without 6 second pause to see its delayed EOF.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 16:59:25 +0000 (17:59 +0100)]
tls: was psAesDecrypt'ing one block too many, trashing buffered data
For the first time
printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | ./busybox tls kernel.org
successfully reads entire server response and TLS shutdown.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 15:07:14 +0000 (16:07 +0100)]
rdate: time(NULL) is shorter than time(&var)
function old new delta
rdate_main 251 246 -5
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 15:03:48 +0000 (16:03 +0100)]
rdate: make it do something remotely sane, facing 32-bit time overflow
function old new delta
rdate_main 251 254 +3
packed_usage 31029 31023 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 13:27:58 +0000 (14:27 +0100)]
tls: do not use common_bufsiz
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 13:12:10 +0000 (14:12 +0100)]
tls: decode alerts and in particular, EOF alert.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Fri, 20 Jan 2017 02:15:09 +0000 (03:15 +0100)]
tls: add the i/o loop - largish rework of i/o buffering
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 15:45:41 +0000 (16:45 +0100)]
tls: fix ROL/ROR x86 optimization
ALWAYS_INLINE:
function old new delta
psAesInitKey 825 824 -1
ROR 5 - -5
setup_mix2 148 134 -14
psAesDecryptBlock 1184 1139 -45
psAesEncryptBlock 1193 1102 -91
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-156) Total: -156 bytes
ALWAYS_INLINE + __builtin_constant_p(shift_cnt):
function old new delta
ROR 5 - -5
psAesInitKey 825 818 -7
setup_mix2 148 123 -25
psAesDecryptBlock 1184 1078 -106
psAesEncryptBlock 1193 1017 -176
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-319) Total: -319 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 15:32:38 +0000 (16:32 +0100)]
tls: tested PSTM_X86_64, not enabling it - too large
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 14:51:00 +0000 (15:51 +0100)]
tls: commented out psPool_t use
function old new delta
psAesEncrypt 159 162 +3
der_binary_to_pstm 42 40 -2
xwrite_and_hash 437 434 -3
xread_tls_block 446 443 -3
pstm_div_2d 449 444 -5
psAesDecrypt 179 174 -5
pstm_init_size 52 45 -7
pstm_init 46 39 -7
pstm_to_unsigned_bin 165 157 -8
tls_main 1265 1256 -9
pstm_mulmod 132 123 -9
pstm_mod 125 116 -9
pstm_init_copy 93 84 -9
psAesInitKey 840 825 -15
send_client_key_exchange 362 342 -20
psAesInit 103 80 -23
psRsaEncryptPub 429 403 -26
psAesDecryptBlock 1211 1184 -27
psAesEncryptBlock 1223 1193 -30
pstm_exptmod 1582 1524 -58
pstm_div 1557 1472 -85
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360) Total: -357 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 13:42:34 +0000 (14:42 +0100)]
ntpd: print result of hostname resolution
This is particularly useful if hostname resolution is triggered by
host non-reachability: I saw this in real-life, without the message
it is not at all obvious that IP that we use for a specific host
has changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Thu, 19 Jan 2017 13:29:42 +0000 (14:29 +0100)]
fdisk: add typical values of -H and -S to --help
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 23:20:45 +0000 (00:20 +0100)]
tls: teach it to decrypt AES256-encrypted data
This adds decryption only.
There is no MAC verification, code simply throws away MAC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 20:00:23 +0000 (21:00 +0100)]
tls: trim comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 19:37:24 +0000 (20:37 +0100)]
tls: teach it to send AES256-encrypted data
>> CLIENT_HELLO
wrote 50 bytes
insize:0 tail:0
got block len:74
got HANDSHAKE
<< SERVER_HELLO
insize:79 tail:0
got block len:2397
got HANDSHAKE
<< CERTIFICATE
key bytes:271, first:0x00
server_rsa_pub_key.size:256
insize:2402 tail:0
got block len:4
got HANDSHAKE
<< SERVER_HELLO_DONE
>> CLIENT_KEY_EXCHANGE
wrote 267 bytes
master secret:c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
client_write_MAC_key:
3b0b7e2bab241b629c37eb3a3824f09b39fe71a00876b0c8026dda16ef0d2f82
client_write_key:
d36e801470ed2f0a8fc886ac25df57ffbe4265d06e3192122c4ef4df1e32fab2
>> CHANGE_CIPHER_SPEC
from secret: c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
from labelSeed: 636c69656e742066696e6973686564b22e0e6008b8ee218cc02e4a93e4a42b570535f9b57662e262d43b379d125b69
=> digest:
a45bfee8ed6507a2a9920d0c
>> FINISHED
before crypt: 5 hdr + 16 data + 32 hash bytes
writing 5 + 16 IV + 64 encrypted bytes, padding_length:0x0f
wrote 85 bytes
insize:9 tail:0
got block len:1
<< CHANGE_CIPHER_SPEC
insize:6 tail:0
got block len:80
< hdr_type:22 ver:3.3 len:80 type:21 len24:
9541723 |
1591985b...a3da|
The last line is the server's FINISHED response, encrypted.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 16:20:27 +0000 (17:20 +0100)]
tls: added AES code and made it compile. not used yet
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Wed, 18 Jan 2017 05:45:50 +0000 (06:45 +0100)]
tls: massage writing for encryption support; finer-grained debug
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 17:17:27 +0000 (18:17 +0100)]
tls: address one easy FIXME, tidy up comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 16:24:11 +0000 (17:24 +0100)]
tls: process CHANGE_CIPHER_SPEC and FINISHED from server
Successfully finishes handshake with test servers using NULL-SHA256
cipher.
The "only" thing remaining before there is a chance
this can actually work with real servers is AES encrypt/decrypt.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 16:04:24 +0000 (17:04 +0100)]
tls: rearrange function order, improve comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Tue, 17 Jan 2017 15:53:36 +0000 (16:53 +0100)]
tls: make our send_client_finished() pass server check
sha256 hash should be calculated over incoming handshake packets too!
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 16 Jan 2017 22:26:33 +0000 (23:26 +0100)]
tls: format FINISHED message properly for unencrypted, but sha256 signed mode
Now it at least looks correct, but unfortunately "openssl s_server"
says my hash is wrong.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Denys Vlasenko [Mon, 16 Jan 2017 16:31:05 +0000 (17:31 +0100)]
Assorted warning fixes and added a comment, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>