cinap_lenrek [Tue, 2 Jun 2015 21:15:02 +0000 (23:15 +0200)]
rc-httpd: various fixes
care has to be taken when splitting the host into SERVER_NAME and SERVER_PORT,
as ipv6 uses : in the host part. also do it consistently, the host can be set
thru the request uri and the host header.
set REMOTE_USER to empty string to prevent accidents.
we do not handle chunked transfer encoding, just assuming the client doesnt
do keep alive is wrong. we have to reject the post when the client tries
chunked post with 411 "Length required" error.
cinap_lenrek [Sun, 31 May 2015 17:30:38 +0000 (19:30 +0200)]
disk/fdisk: learn about EFI system partition (type 0xEF), honor protective mbr (type 0xEE)
efi systems may use traditional dos partition table
with an esp (efi system partition). otherwise, honor
the protective mbr partition (0xEE) and exit when we
encounter it.
cinap_lenrek [Sun, 31 May 2015 10:58:13 +0000 (12:58 +0200)]
libdisk: error handling, sanity checks
- make sure disk file is an actual file and not a directory, log or empty file
- sanity check: file has to be at least one sector to be a disk
- simplify error handling using freedisk()
cinap_lenrek [Sun, 31 May 2015 09:19:22 +0000 (11:19 +0200)]
disk/edisk: little improvements
- make UU() shorter by using long long constant to encode node field
- store Flag as a mask, not as a shift count
- put the attributes before the name in cmdsum() as it is fixed length
cinap_lenrek [Thu, 28 May 2015 14:37:55 +0000 (16:37 +0200)]
uhtml: check if document is valid utf8 even with charset specified
often, documents specify charsets but are really utf-8 encoded.
we now try to decode as utf-8 and only if that fails assume
the charset specified in the document.
cinap_lenrek [Wed, 27 May 2015 16:35:37 +0000 (18:35 +0200)]
libsec/x509: use SHA2-256 digest algorithm instead of MD5
this implements SHA2 (224, 256, 384, 512) signature algorithms and
uses sha256WithRSAEncryption for X509req() and X509gen() instead
of oid_md5WithRSAEncryption.
cinap_lenrek [Tue, 26 May 2015 17:25:06 +0000 (19:25 +0200)]
cc: set unspecified elements to zero in local variable initializers
the compiler used to skip zero initialization when initializer
list was given not covering unspecified elements. now we zero
all non explicitely initialized elements. for example:
typedef struct F F;
struct F
{
int a;
int b;
int c;
};
void
main(void)
{
char a[16] = { 1, 2, 3 }; /* a[3..15] initialized to zero */
F f = { .b = 1 }; /* f.a, f.c initialized to zero */
}
cinap_lenrek [Thu, 21 May 2015 00:26:57 +0000 (02:26 +0200)]
libsec: implement tlsClient support for RFC6066 server name identification (SNI)
tlsClient() now can optionally send the server_name in the ClientHello
message by setting the TLSconn.serverName. This is required for some
https sites.
cinap_lenrek [Tue, 19 May 2015 12:02:02 +0000 (14:02 +0200)]
aux/vga: dont use /proc/$pid/mem to access vga bios
using /proc/$pid/mem to access vga bios is not portable and crashes
sgi machines when aux/vga is run. instead, try /dev/realmodemem
first (provided by realemu), then #v/vgabios.
cinap_lenrek [Tue, 19 May 2015 10:39:45 +0000 (12:39 +0200)]
tar, tarfs: implement longname support
this allows extracting tar archives that use longnames extension,
where the real filename is stored in a special entry with
linkflag == 'L' before the file entry. also skip longlink entries
with linkflag == 'K'.
cinap_lenrek [Thu, 14 May 2015 19:09:12 +0000 (21:09 +0200)]
tcp: fix loopback slowness issue / set tcb->mss for incoming connections (thanks David du Colombier)
David du Colombier wrote:
> The slowness issue only appears on the loopback, because
> it provides a 16384 MTU.
>
> There is an old bug in the Plan 9 TCP stack, were the TCP
> MSS doesn't take account the MTU for incoming connections.
>
> I originally fixed this issue in January 2015 for the Plan 9
> port on Google Compute Engine. On GCE, there is an unusual
> 1460 MTU.
>
> The Plan 9 TCP stack defines a default 1460 MSS corresponding
> to a 1500 MTU. Then, the MSS is fixed according to the MTU
> for outgoing connections, but not incoming connections.
>
> On GCE, this issue leads to IP fragmentation, but GCE didn't
> handle IP fragmentation properly, so the connections
> were dropped.
>
> On the loopback medium, I suppose this is the opposite issue.
> Since the TCP stack didn't fix the MSS in the incoming
> connection, the programs sent multiple small 1500 bytes
> IP packets instead of large 16384 IP packets, but I don't
> know why it leads to such a slowdown.
cinap_lenrek [Thu, 14 May 2015 12:12:28 +0000 (14:12 +0200)]
hget: work arround apache Content-Encoding: gzip for Content-Type: application/x-gzip bug
apache sends Content-Encoding: gzip header for Content-Type: application/x-gzip
causing hget to decompress tgz files.
from the w3c:
The Content-Encoding entity-header field is used as a modifier to the media-type.
When presented, its value indicates what additional content codings have been applied
to the entity-body, and thus what decoding mechanisms must be applied in order to
obtail the media-type referenced by the Conent-Type header field. Content-Encoding
is primarily used to allow a document to be compressed without losing the
identity of its underlying media type.
this is clearly silly, as the file is already compressed, and decompressing it
will not yield the indicated Content-type: application/x-gzip, but a tarball.
cc: fix non constant pointer initializer for other compilers than 8c/6c
i made a mistake here as this change breaks the arm and mips compilers
which lack an optimiation in xcom() that folds constant pointer arithmetic
into the offset. on arm, the a node is a complex expression with op OADD of
type TIND but the test rejected the (valid) pointer arithmetic.
instead, we now test for the operations which cannot be constant instead
of using the type as a proxy.
aux/listen: removing service script sholud kill listener (thanks mischief)
mischief spotted that the only way for listeners to go away was
truncating (but not removing) a service script. this is wrong and
not as described in the manpage.
this change makes removing (or truncating) a listen script stop
the listener.
scandir() first marks all current announces, then reads the service
directory adding announces which will clear the marks for the ones
already there or add a new unmarked one. finally, we shoot down and
remove all still marked announces.
gs: avoid 6c type propagation / constant folding issue for set_cb_end()
6c changed "- cmd_lagest_size + 1" into a *unsigned* 32bit constant. which
got added to 64bit pointer making pcb->limit > pcb->end resulting
in errors for partial commands in the buffer. removing the parentesis
propagates the operation to 64bit.
kernel: avoid posting note to kernel process in faulterror()
the intend of posting a note to the faulting process is to
interrupt the syscall to give the note handler a chance
to handle it. kernel processes however, have no note handlers
and all the postnote() does is set up->notepending which will
make the next attempt to sleep raise an Eintr[] error. this
is harmless, but usually not what we want.
there's no need to waste space for a error buffer in the Segio
structure, as the segmentio kproc will be waiting for the next
command after an error and will not overwite it until we issue
another command.
kernel: add segio() function for reading/writing segments
devproc's procctlmemio() did not handle physical segment
types correctly, as it assumed it can just kmap() the page
in question and write to it. physical segments however
need to be mapped uncached but kmap() will always map
cached as it assumes normal memory. on some machines with
aliasing memory with different cache attributes
leads to undefined behaviour!
we borrow the code from devsegment and provide a generic
segio() function to read and write user segments which
handles all the cases without using kmap by just spawning
a kproc that attaches the segment that needs to be read
from or written to. fault() will setup the right mmu
attributes for us. it will also properly flush pages for
segments that maintain instruction cache when written.
however, tlb's have to be flushed separately.
segio() is used for devsegment and devproc now, which
also allows for simplification of fixfault() as there is no
special error handling case anymore as fixfault() is now
called from faulting process *only*.
reads from /proc/$pid/mem can now span multiple pages.
code like "return g->dlen;" is wrong as we do not hold the
qlock of the global segment. another process could come in
and override g->dlen making us return the wrong byte count.
avoid copying when we already got a kernel address (kernel memory
is the same on processes) which is the case with bread()/bwrite().
this is the same optimization that devsd does.
also avoid allocating/freeing and copying while holding the qlock.
when we copy to/from user memory, we might fault preventing
others from accessing the segment while fault handling is in
progress.