summaryrefslogtreecommitdiff
path: root/sys/src
AgeCommit message (Collapse)Author
2018-01-27upas/fs: try to deal with nil mail body (can happen when fetch fails)cinap_lenrek
2018-01-25upas/fs: deal with imap returning more uid's than allocated from previus ↵cinap_lenrek
"messages" command
2018-01-22ip/pptpd: don't mess with ipifc (handled by ppp), slay note gorup on exitcinap_lenrek
2018-01-22ip: make pkt interfaces unbind on close (from inferno)cinap_lenrek
2018-01-21ppp: remove left over debug printcinap_lenrek
2018-01-21ppp: mschapv2 supportcinap_lenrek
2018-01-21libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2cinap_lenrek
2018-01-21factotum: implement mschapv2 role=server authentication (for ppp)cinap_lenrek
this implements the server part of mschapv2 with the new authserver changes. we also provide AuthInfo for the client now with the MPPE secret and the authenticator.
2018-01-21authsrv: implement mschapv2 authentication, include MPPE secret in the ticketcinap_lenrek
this adds new rpc for mschapv2 authentication (21) deliver the MPPE secret not after the ticket/authenticator response as cheartext, but include it in the first 128 bit of the ticket key. and the authenticator in the first 160 bit of the authenticator random field.
2018-01-20gre: don't drop pptp packets when smaller than v4 headercinap_lenrek
2018-01-16ip/ipconfig: use 2000::/3 instead of ::/0 for v6 default routecinap_lenrek
the ::/0 route has the bad side effect of breaking v4 connections when theres no default route due to v6 mapped v4 addresses. this might be temporary measure.
2018-01-16p/ipconfig: don't put automatic link-local address configuration in /net/ndbcinap_lenrek
2018-01-16set router R-flag when sendra is active for neighbor advertisementcinap_lenrek
windows 7 just drops the default router when it tries to probe for router reachability but gets a neighbor avertisement from the router with the router bit clear. so set the R-flag when sendra is active, which implies that we are a router.
2018-01-15authsrv: fix chapcinap_lenrek
use OCHAPREPLYLEN instead of sizeof(reply) (no padding). exit after sending ticket response to force eof as factotum unconditionally reads tailing secret hash (as of mschap).
2018-01-14ip/ipconfig: add v6 deault route from router advertisementscinap_lenrek
2018-01-14listen(8): add -a option to restrict announce address, document tcp17019 and ↵cinap_lenrek
tcp17020
2018-01-13ether79c970: dont disable promisc mode when multicast table is not emptycinap_lenrek
2018-01-13ether82557: don't turn off promisc mode when mcast table is not emptycinap_lenrek
the driver doesnt implement multicast filter, but just turns on promiscuous mode when a multicast address is added. but this breaks when one actually enables and then disables promiscuous mode with say, running snoopy. we have to keep promisc mode active as long as multicast table is not empty.
2018-01-12wifi: learn target ip address from neighbor advertisements in dmat proxycinap_lenrek
2018-01-12wifi: filter out loopback traffic from myselfcinap_lenrek
broadcast traffic was received back on the wire causing duplicate address detection to break with dmat proy as the rewritten broadcasts where observable. the fix is to just ignore packets from ourselfs received from the air. devether already handles loopback.
2018-01-10ip/ipconfig: set on-link flag in router advertisement prefix info (fixes ↵cinap_lenrek
windows7)
2018-01-08ether8169: deal with kernel memory exhautioncinap_lenrek
when kernel memory is exhausted, rtl8169replenish() can fail to plant more receive descriptors and rtl8169receive() would run over the receive tail and crash on the nil ctlr->rb[x]. rtl8169receive() is called on "Receive Descriptor Unavailable" and "Packet Underrun" so we will try to replenish descriptors in the beginning first in case memory was exhausted and memory is available again and make sure not to run over the tail.
2018-01-07forgot to commit asn1dump.c...cinap_lenrek
2018-01-06venti: fix wrong channel element size for amd64 (thanks mycroftiv)cinap_lenrek
2018-01-06tlssrv: remove usage reference to lost auth/secretpemcinap_lenrek
2018-01-06factotum: remove unused sshrsa.ccinap_lenrek
2018-01-06libsec: remove asn1toDSApriv()cinap_lenrek
2018-01-06remove asn12dsa, dsa2pub, dsa2ssh and dsagencinap_lenrek
was mostly usefull for old ssh.
2018-01-06auth/asn1dump: include in mkfilecinap_lenrek
2018-01-06tlsclient: allow dumping the server's certificate with new -d flagcinap_lenrek
usefull for debugging, like: ./8.tlsclient -d /fd/3 tcp!code.9front.org!https |[0=3] auth/asn1dump
2018-01-06tlsclient: remove X509dump() call, writes to fd 1cinap_lenrek
2018-01-05stats: show amount of reclaimable pages (add -r flag)cinap_lenrek
reclaimable pages are user pages that are used for caches like the image cache, mount cache and swap cache.
2018-01-04pc kernel: fix wrong simd exception mask (fixes go bootstrap)cinap_lenrek
2018-01-02ape/libauth: remove auth_wep.$O from mkfilecinap_lenrek
2018-01-02libauth: simplify _attrfmt() using fmtprint() avoiding stack buffercinap_lenrek
2018-01-02libauth: remove auth_wep() function, and non-existing httpauth() declarationcinap_lenrek
2018-01-02factotum: remove legacy wep protocolcinap_lenrek
2018-01-01libauth: fix out of bounds memory access in _parseattr()cinap_lenrek
empty token would read ""[-1] accidentally in the AttrQuery case.
2018-01-01factotum: replace custom hex parsing code with dec16() avoding timing side ↵cinap_lenrek
channels
2017-12-31libmp: use constant time encode(2) routines instead of lookup tablescinap_lenrek
the encode(2) routines are constant time now, so use them instead of using lookup table that can leak information through cache timing side channel.
2017-12-31ape: make encXchr()/decXchr() functions availablecinap_lenrek
2017-12-31libc: constant time implementation for encode(2) routines, fix base32cinap_lenrek
the string encoding functions touch secret key material in a bunch of places (devtls, devcap), so make sure we do not leak information by cache timing side channels, making the encoding and decoding routines constant time. we also expose the alphabets through encXchr()/decXchr() functions so caller can find the end of a encoded string before calling decode function (for libmp). the base32 encoding was broken in several ways. inputs lengths of len%5 == [2,3,4] had output truncated and it was using non-standard alphabet. documenting the alphabet change in the manpage.
2017-12-31wifi: get rid of custom hextob() routine, use dec16(), avoid copies in ↵cinap_lenrek
parsekey()
2017-12-31aux/wpa: get rid of custom Hfmt() routine, just use encodefmt. use %E for ↵cinap_lenrek
mac addresses
2017-12-30libsec: implement SPKI fingerprinting for okCertificate()cinap_lenrek
Instead of only using a hash over the whole certificate for white/black-listing, now we can also use a hash over the Subject Public Key Info (SPKI) field of the certificate which contians the public key algorithm and the public key itself. This allows certificates to be renewed independendtly of the public key. X509dump() now prints the public key thumbprint in addition to the certificate thumbprint. tlsclient will print the certificate when run with -D flag. okCertificate() will print the public key thumbprint in its error string when no match has been found.
2017-12-30libsec: fix mistake: strnchr -> strchrcinap_lenrek
2017-12-30libsec: avoid unneccesary memory copies and redundant code in x509cinap_lenrek
getting rid of some functions that take Byte* and instead pass uchar* and length. keeping the signature and public key fields in CertX509 as Bits* allows ownership transfer by swapping pointers. use common code to copy CN from subject field.
2017-12-29libsec: get rid of dummy data[1] in Bytes and Ints types (thanks pr)cinap_lenrek
2017-12-29usbxhci: add missing pexit() in xhcirecover proc (thanks sam-d)cinap_lenrek
2017-12-29wifi: revert rate adoption divider, breaks arpunks wificinap_lenrek
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 23:47:32 +0000