libsec: add X509reqtoRSApub() function and return subject alt names in X509to*pub() name buffer
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
Anthony Martin [Sun, 27 Jun 2021 00:13:58 +0000 (00:13 +0000)]
manual: don't match nonexistent file while preprocessing
Authsrv(6) used to be called auth(6) before
the fourth edition and was preprocessed by
eqn(6) before the third edition. The mkfile
was never updated to reflect the changes.
Ori Bernstein [Sat, 26 Jun 2021 17:29:27 +0000 (17:29 +0000)]
vt, ssh: don't send interrupts on window resize
When resizing windows, vt would signal ssh by updating
the window size and sending an interrupt. Ssh reacted
by forwarding both the winch and an interrupt.
This change adds a WINCH generation counter so that
ssh can differentiate between resizes and interrupts.
If an interrupt comes in, and the WINCH generation
changes, then the interrupt is taken as signalling a
WINCH.
cinap_lenrek [Sat, 26 Jun 2021 13:16:36 +0000 (13:16 +0000)]
kencc: revert back to "set but not used"
The change to "assignment not used" breaks symmetry with
"used and not set" and removes the reference to the
specific warning mentioned in /sys/doc/comp.ms.
Also, the patch was half-assed as that it left some typos
in like "used an not set", which this change also fixed.
Ori Bernstein [Fri, 25 Jun 2021 23:10:07 +0000 (23:10 +0000)]
rc: skip arguments to Xsrcline, Xsrcfile in codefree
We weren't correctly skipping the location operators
in codefree. This would mostly be work, but sometimes
you'd get unlucky and have one of the argmuents mismatch,
and that would lead to an invalid free.
Ori Bernstein [Tue, 22 Jun 2021 23:55:54 +0000 (23:55 +0000)]
git/fs: use a better heuristic for permissions.
Since we now store /dist/plan9front in git, the
initial assumption that the owner of the repo
is the person touching it is not always true.
This change gives us a better heuristic for the
file permissions we should have in the files we
copy around, basing it off of the permissions of
the .git directory.
Ori Bernstein [Tue, 22 Jun 2021 23:40:11 +0000 (23:40 +0000)]
rc: correct line numbers
When loading a file using ".", we could
end up with our line numbers thrown off
due to the mutation of lexline. Putting
lexline into the runq beside the file
that we're reading from causes it to get
pushed and popped correctly, so that we
no longer lose track of our location.
cinap_lenrek [Sun, 20 Jun 2021 23:33:13 +0000 (23:33 +0000)]
libsec: emulate openssl asn1 when generating x509 csr
when trying to request certificates from letsencrypt,
their test api would reject our csr because of
"tuncated sequence" unless we force subectAltName
by passing multiple domains (as comma separated list).
apparently, we need to provide the context specific tag
"cont [ 0 ]" for the extensions even when we do have
any extensions for the csr (triggered when we need to
have subjectAltNames).
for this, we change mkcont() to take a Elist* instead,
which then can be nil when not used. also put the tag
number argument first, which makes it easier to read.
cinap_lenrek [Sun, 20 Jun 2021 14:41:26 +0000 (14:41 +0000)]
libsec: move zero check to curve25519_dh_finish()
As checking for all zero has to be done in a timing-safe
way to avoid a side channel, it is best todo this here
instead of letting the caller deal with it.
This adds a return type of int to curve25519_dh_finish()
where returning 0 means we got a all zero shared key.
RFC7748 states:
The check for the all-zero value results from the fact
that the X25519 function produces that value if it
operates on an input corresponding to a point with small
order, where the order divides the cofactor of the curve.
kemal [Fri, 18 Jun 2021 19:12:44 +0000 (19:12 +0000)]
libsec: various changes to tls
1. add the curve x25519 to tls, both client and server.
it's more faster, immune to timing attacks by design,
does not require verifying if the public key is valid,
etc etc. server-side has to check if the client supports
the curve, so a new function has been introduced to parse
the client's extensions.
2. reject weak dhe primes that can be easily cracked with
the number field sieve algorithm. this avoids attacks like
logjam.
3. stop putting unix time to the first 4 bytes of client/
server random. it can allow fingerprinting, tls 1.3 doesn't
recommend it any more and there was a draft to deprecate
this behaviour earlier.[1]
Ori Bernstein [Wed, 16 Jun 2021 15:25:02 +0000 (15:25 +0000)]
git/branch: resolve implicit branch switch before using it
When switching a branch implicitly -- ie, creating a local
branch off of a remote branch -- we would get the list of
changed files before we would resolve the implicit branch
switch, leading to an empty list of changes.
Anthony Martin [Tue, 15 Jun 2021 16:13:59 +0000 (16:13 +0000)]
troff: fix mangled fonts and character files
All of these files appear to have been imported from sources in a
case-insensitive manner and consequently lost their original content.
- Hx, Hb, and Hi fonts should be narrow versions of Helvetica
- c[1-3] fonts should be condensed versions of Century Old Style
- the lH character should be a filled left hand symbol
- the rh character should be a stroked right hand symbol
- the rc character should be the right ceiling symbol
I've verified that these are the only files that collide with others
when ignoring case (aside from rc/bin/[Kk]ill but those are correct).
Ori Bernstein [Tue, 15 Jun 2021 21:29:22 +0000 (21:29 +0000)]
git/import: handle mails with line wrapping and mime
git/import expected a patch, however upas/fs serves
either a raw file without any of the mime decoding
and line joining, or a directory, with the headers
and body split out.
This makes it a pain to apply some mails.
So, here we teach git to import upas dirs natively,
making it easy to handle all patches that come in
as emails.
Ori Bernstein [Sat, 12 Jun 2021 18:03:26 +0000 (18:03 +0000)]
B: expand path when plumbing files
When we plumb a file, we open it in the current working
directory if it exists. However, if it doesn't exist,
we end up opening it relative to the editor's working
directory.
Ori Bernstein [Sun, 6 Jun 2021 03:29:57 +0000 (23:29 -0400)]
git/send: allow the remote to have refs that we don't
It's not fatal for someone else to push a branch
with objects that we don't have. We should deal
with it gracefully, and act as though it doesn't
exist.
Alex Musolino [Fri, 4 Jun 2021 15:51:55 +0000 (01:21 +0930)]
upas/Mail: fix bug where Redraw must be executed twice to have an effect
In showlist, call bwindata instead of bwinopen in order to use a
pre-existing fd to write to the data file. This existing fd will
properly honour any address set by a previous write to the addr file.
Specifically, the redraw function sets addr to "," before calling
showlist in order to overwrite the entire contents of the window.
cinap_lenrek [Fri, 4 Jun 2021 15:47:26 +0000 (17:47 +0200)]
git: allow local repository directories as remote uri's
This is implemented by checking first if the uri is
a directory containing the .git/ subdirectory.
If this is the case, we fork git/serve serving the
repository on a pipe.
Ori Bernstein [Tue, 1 Jun 2021 01:02:23 +0000 (18:02 -0700)]
git/send: pick minimal delta set correctly (thanks igor)
We weren't giving all objects to the twixt() function, and
it was making bad life choices -- gambling, smoking, drinking,
and packing in too much data.