| Age | Commit message (Collapse) | Author |
|---|
|
This only works when we'r not already having a interface
bound to that ethernet. Otherwise ipconfig can get
confused and adds the addresses to the wrong interface.
|
|
Change ip/ppp to call ip/ipconfig to add and remove
addresses to avoid duplicating code for removing
ndb entries and handling default routes as well as
allow ipv6 address auto-configuration.
|
|
This adds a very basic (probably wrong) DHCPv6 client,
to handle the "managed"-flag in IPv6 router solicitations.
We add -U option to pass the DHCPv6 client id as well as
an -s flag to manually add a dns server (because ppp
is going to call ipconfig to handle all the configuration
and write-back to /net/ndb in the future).
Have the remove command also remove default routes and
/net/ndb entries. (needed by ppp).
|
|
establish ipv6 link-local addresses if supported.
to get a full prefix, one would need to do dhcpv6
or using slaac configuration. this will come later.
remove ipv4 default route on exit.
maintain the entries in /net/ndb on ip change and
also remove them on exit.
dont filter source address, this should be done
differently.
fix various bugs in the option iteration loops.
honour primary flag (it used to just ignore that
and set it unasked in the code... what the hell...)
|
|
This implements a retry strategy (similar to ip/ipconfig -r),
continuing to attempt to connect forever.
Also handle termination request from the server.
|
|
|
|
|
|
plan9.ini(8) was lacking documentation for the tiltscreen option, so i
wrote some. i based it off of how the others were written.
|
|
Allow specifying the local IP addresses that
the UDP dns server will listen on when the
-s flag is given.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
When using a packet interface, such as /net/ipifc/x as the
packet-soucre, there is no media header and the ip protocol
version has to be determined from the first byte.
The ippkt protocol solves this, allowing one to decode
both ipv4 and ipv6, such as:
snoopy -h ippkt /net/ipifc/2
|
|
|
|
|
|
|
|
|
|
|
|
Aux/imx8pm and aux/wm8960 had pretty cryptic names and it made
more sense to use a reform/pm and reform/audio naming, accordingly.
Instead of having special mount points /mnt/pm and /mnt/wm8960,
/dev is used directly, removing the need to do any manual work -
stats(1) will continue showing the CPU temperature, and zuke(1)
will still be able to control the volume, etc.
Brightness controls were changed to a better interface -
/dev/light, where each line contains a "a_thing its_light_value".
This way more parts can be controlled. Right now it's only "lcd",
but later it might be "kbd" and "trackball" as well.
Example of lib/profile:
reform/audio
echo master 80 > /dev/volume
reform/pm
echo lcd 100 > /dev/light
|
|
|
|
|
|
|
|
|
|
This change adds support for dkim signing to upas.
It has2 pieces:
1. Adding support for different asn1 formats to auth/rsa2asn1;
we can now generate SubjectPublicKeyInfo RSA keys, which
wrap the keys up with an algorithm identifier.
2. Adding a upas/dkim command which filters a message and signs
it using dkim.
To configure dkim, you need to generate a (small-ish) rsa key;
large keys do not fit into DNS text records:
# generate the private key and add it to factotum
ramfs -p
cd /tmp
auth/rsagen -b 2048 -t 'service=dkim role=sign hash=sha256 domain=orib.dev owner=*' > dkim.key
cat dkim.key > factotum.ctl
# extract the public key, encode it, and strip out the junk
pubkey=`{
<dkim.key auth/rsa2asn1 -f spki | \
auth/pemencode WHATEVER | \
grep -v 'WHATEVER' | \
ssam 'x/\n/d'
}
domain=example.org
# then add it to /lib/ndb.local
echo 'dom=dkim._domainkey.'$domain' soa=
ip=144.202.1.203
refresh=600 ttl=600
ns=ns.orib.dev
txt="k=rsa; v='$pubkey \
>> /lib/ndb/local
Then, finally, insert it into your outgoing mail pipeline. One
thing to be careful of is that upas will do some outgoing 'From:'
rewriting, so you may need to make sure that either '$upasname'
is set, or 'upas/dkim' is inserted after the rewrite stage.
A good place is in /mail/lib/qmail, in place of upas/vf:
% cat /mail/lib/qmail
rfork s
upas/dkim -d example.com | upas/qer /mail/queue mail $* || exit 'qer failed'
upas/runq -n 10 /mail/queue /mail/lib/remotemail </dev/null >/dev/null >[2=1] &
|
|
|
|
|
|
|
|
Understanding the environment is important for security critical
applications.
|
|
Auth/box previously switched to /, rather than
preserving the cwd. This would break relative
paths to items that would get pulled into the
namespace.
This change removes the '-.' flag, and causes
auth/box to keep the current working directory,
making it more usable for scripting.
|
|
-. decides where we chdir to before execing, we can't
sit where we are because our directory may not exist.
If not specified we go to '/'.
-s is used to source a rc script instead of execing cmd.
This is primarily to enable:
'#!/bin/auth/box -s'
Shebang line size is a bit tight(32), so we have this shorthand
to use rc along with setting up the required namespace components.
|
|
|
|
Changing the user to none doesn't do much for us
here. For kernel drivers that check the user of the
current proc we'll be none, but anything from devmnt
will still be accessed using creds from the original
attachment. Instead, running with none can be done
by chaining with auth/none:
auth/none auth/box ...
|
|
|
|
|
|
|
|
|
|
(when unsupported)
|
|
httpdigest authentication allows one to share the key
in factotum with the amt webserver on https://target:16993
|
|
|
|
|
|
This allows mapping incoming filenames to a different name
using regular expressions, followed by subtitutions
of the %[ICE] format strings.
I needed this to have individual cmdline.txt files for
netbooted raspberry pi's. In this example, i map cmdline.txt
to %C, which gets substituted for /cfg/pxe/$ether of the client.
|
|
aan(8): cpu -> rcpu
|
|
|
|
|
|
|
|
|
|
|
