emo/busybox
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
15,264 Commits 1 Branch 0 Tags 33 MiB
f21ebeece5
Commit Graph

2679 Commits

Author SHA1 Message Date
Denys Vlasenko
bfc66d4980 nbd-client: make it NOEXEC, stop using argc 
function                                             old     new   delta
nbdclient_main                                       484     492      +8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 21:53:39 +02:00
Denys Vlasenko
86e07f6893 brctl: make it NOEXEC 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 20:14:02 +02:00
Denys Vlasenko
2262746e2b slattach: code shrink, better --help text 
function                                             old     new   delta
tcsetattr_serial_or_warn                               -      34     +34
static.int_N_SLIP                                      -       4      +4
restore_state_and_exit                               123     117      -6
packed_usage                                       31774   31747     -27
set_termios_state_or_warn                             42       -     -42
slattach_main                                        673     624     -49
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 0/3 up/down: 38/-124)           Total: -86 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 17:14:09 +02:00
Denys Vlasenko
a759b22c29 nameif: make it NOEXEC 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 14:15:24 +02:00
Denys Vlasenko
fbecca1bed Tweak outdated documentation and comments 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 14:03:27 +02:00
Denys Vlasenko
9a58cc0f7f tunctl: make it NOEXEC 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-06 12:28:00 +02:00
Denys Vlasenko
95f7953f2c do not use `a' quoting style in comments 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-02 14:26:33 +02:00
Denys Vlasenko
18e781dc02 config: do not use `a' quoting in help texts 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-08-02 14:12:48 +02:00
Denys Vlasenko
1d8df52d45 inetd: improve --helpt text and config help text. 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-27 13:34:51 +02:00
Denys Vlasenko
68b653b66b config: trim/improve item names and help texts, take 2 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-27 10:53:09 +02:00
Denys Vlasenko
c810978552 udhcpc: downgrade "MAC X:X:X:X:X:X" message to log2 level 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-24 13:37:38 +02:00
Denys Vlasenko
b72f1ef17b udhcpc[6]: downgrade "adapter index N" messages to log2 level 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-24 12:06:53 +02:00
Denys Vlasenko
de6cb41734 udhcpc[6]: fix messages referring to select() while we use poll() 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-24 12:01:28 +02:00
Denys Vlasenko
e4f6bfd6fe zcip: fix slow environment leak 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-22 03:04:20 +02:00
Denys Vlasenko
67d42dfdea ping: fix help text to show what parameter -p takes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-21 16:07:13 +02:00
Denys Vlasenko
168f0ef8dd udhcpc[6]: on log level 1, three messages about raw socket is overkill 
Move first two messages to log2 level:

08:46:32.23824 udhcpc: opening raw socket on ifindex 2
08:46:32.23825 udhcpc: got raw socket fd
08:46:32.26354 udhcpc: created raw socket

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-21 12:04:22 +02:00
Denys Vlasenko
a680f40bfe ping: better config help text for FEATURE_FANCY_PING 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-21 11:58:43 +02:00
Denys Vlasenko
72089cf6b4 config: deindent all help texts 
Those two spaces after tab have no effect, and always a nuisance when editing.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-21 09:50:55 +02:00
Denys Vlasenko
75d151e31d libarchive: FEATURE_LZMA_FAST should be visible if FEATURE_SEAMLESS_LZMA 
While at it, tweak some config help texts.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-20 23:28:00 +02:00
Denys Vlasenko
ae178cee3d Update remaining menuconfig items with approximate applet sizes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-19 14:32:54 +02:00
Denys Vlasenko
4eed2c6c50 Update menuconfig items with approximate applet sizes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-18 22:01:24 +02:00
Denys Vlasenko
2c1258c620 Move get_unaligned_le32() macros to platform.h 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-15 20:22:25 +02:00
Denys Vlasenko
3d7ec48da0 tls: remove last int16 local variables in pstm code 
function                                             old     new   delta
pstm_mul_comba                                       439     447      +8
pstm_sqr_comba                                       475     478      +3
pstm_montgomery_reduce                               399     381     -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 11/-18)             Total: -7 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-15 17:19:38 +02:00
Denys Vlasenko
79376ecdbd tls: fix pstm asm constraint problem 
function                                             old     new   delta
pstm_sqr_comba                                       551     475     -76

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-15 17:13:08 +02:00
Denys Vlasenko
9887f93eef tls: fix build problem on non-static i386 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-15 13:42:19 +02:00
Denys Vlasenko
ce55284ed6 inetd,mount: do not die if uclibc without RPC is detected 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-10 14:43:22 +02:00
Denys Vlasenko
558aae1a33 tls: use capped SNI len everywhere 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-04 16:52:45 +02:00
Denys Vlasenko
d4e4fdb5ce fixes for bugs found by make_single_applets.sh 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-03 21:31:16 +02:00
Denys Vlasenko
4ee824f6ba randomconfig fixes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-07-03 01:22:13 +02:00
Denys Vlasenko
ba4fbca8a8 udhcpc6: make -O OPT work 
Patch is based on work by tiggerswelt.net.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-06-28 19:18:17 +02:00
Denys Vlasenko
470bebe672 udhcpc6: add comments about option 39, no code changes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-06-27 18:31:08 +02:00
Denys Vlasenko
234b82ca19 udhcpc6: add support for timezones 
Basedon patch by Bernd Holzmüller <bernd.holzmueller@tiggerswelt.net>

function                                             old     new   delta
option_to_env                                        504     580     +76

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-06-26 19:42:48 +02:00
André Draszik
2f24d30d01 iproute: support for filtering by and printing of scope 
This patch adds filtering by and printing of 'scope' to the
ip route command, taken from the upstream ip command.

x86_64:
function                                             old     new   delta
iproute_list_or_flush                               1548    1674    +126
print_route                                         2394    2469     +75
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 201/0)             Total: 201 bytes

mipsel:
iproute_list_or_flush                               1952    2096    +144
print_route                                         2580    2696    +116
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 2/0 up/down: 260/0)             Total: 260 bytes

Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-06-13 19:59:59 +02:00
Stefan Tomanek
192dce4b84 ip rule: add suppress_{prefixlength,ifgroup} options 
function                                             old     new   delta
iprule_modify                                        816     887     +71
print_rule                                           610     680     +70
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 141/0)             Total: 141 bytes

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-06-13 19:06:09 +02:00
Denys Vlasenko
ed820ccda1 udhcpc: do not accept --background on NOMMU (same as -b) 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-05-08 15:11:02 +02:00
Denys Vlasenko
741bfa9a72 udhcpc: fix "udhcpc -x hostname:<name> not working on nommu" 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-05-08 15:02:07 +02:00
Denys Vlasenko
10ad622dc2 Spelling fixes in comments, documentation, tests and examples 
By klemens <ka7@github.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-17 16:13:32 +02:00
Denys Vlasenko
7121bb8023 ipaddress: tweak help text more: mention "brd +" syntax 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-07 18:22:41 +02:00
Denys Vlasenko
4eaa0f7729 ipaddress: tweak help text 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-07 18:14:46 +02:00
Denys Vlasenko
eb76abb4f7 iproute: add "a" command as a synonym to "add" 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-07 17:33:26 +02:00
Denys Vlasenko
826bdcd51c libiproute: FACT_FUNCization 
function                                             old     new   delta
get_addr_1                                           258     287     +29
next_arg                                               -      22     +22
print_neigh                                          885     902     +17
do_iplink                                           1269    1276      +7
get_unsigned                                          54      55      +1
get_u32                                               54      55      +1
get_u16                                               62      63      +1
rt_addr_n2a                                           53      52      -1
ipaddr_modify                                       1229    1226      -3
get_addr32                                            58      54      -4
invarg_1_to_2                                         18      12      -6
inet_addr_match                                      109     103      -6
duparg2                                               18      12      -6
duparg                                                18      12      -6
print_addrinfo                                      1231    1223      -8
ipneigh_list_or_flush                                724     714     -10
incomplete_command                                    10       -     -10
iproute_get                                          847     835     -12
ipaddr_list_or_flush                                1265    1253     -12
get_prefix                                           356     344     -12
do_add_or_delete                                    1162    1150     -12
get_addr                                              73      58     -15
iproute_list_or_flush                               1210    1191     -19
parse_args                                          1434    1412     -22
print_rule                                           634     610     -24
iprule_modify                                        864     816     -48
print_route                                         1621    1565     -56
iproute_modify                                      1221    1164     -57
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 6/20 up/down: 78/-349)         Total: -271 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-07 17:15:40 +02:00
Denys Vlasenko
d5342a1ad1 iproute: support advmss option 
function                                             old     new   delta
iproute_modify                                      1164    1221     +57
str_is_lock                                            -      22     +22
packed_usage                                       31372   31382     +10
do_iproute                                           157     132     -25
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/1 up/down: 89/-25)             Total: 64 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-07 17:00:53 +02:00
Denys Vlasenko
1140bf39ab iproute: update help text, add commented-out code for unsupported options 
function                                             old     new   delta
packed_usage                                       31327   31372     +45
do_iproute                                           132     157     +25
iproute_modify                                      1162    1164      +2
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 72/0)               Total: 72 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-06 17:54:38 +02:00
Denys Vlasenko
2d4823b65b iplink: implement "set promisc on|off". Closes 4682 
function                                             old     new   delta
do_iplink                                           1232    1269     +37
packed_usage                                       31337   31327     -10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-06 16:06:04 +02:00
Denys Vlasenko
a7386bb35b ip link: tidying up 
Misplaced comment. --help was wrong: dynamic on|off is not supported.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-06 15:55:29 +02:00
Denys Vlasenko
5d561ef634 tls: do not compile in TLS_RSA_WITH_NULL_SHA256 code if unreachable 
function                                             old     new   delta
tls_handshake                                       1595    1588      -7
xwrite_encrypted                                     244     209     -35

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-04 01:41:15 +02:00
Denys Vlasenko
229d3c467d tls: avoid using int16 in pstm code 
function                                             old     new   delta
pstm_div                                            1472    1522     +50
psRsaEncryptPub                                      403     413     +10
pstm_2expt                                            91      96      +5
pstm_clear                                            68      72      +4
pstm_init                                             39      42      +3
pstm_unsigned_bin_size                                36      37      +1
pstm_montgomery_reduce                               398     399      +1
pstm_init_size                                        45      46      +1
pstm_zero                                             39      38      -1
pstm_set                                              35      34      -1
pstm_read_unsigned_bin                               112     109      -3
pstm_mulmod                                          123     120      -3
pstm_mod                                             116     113      -3
pstm_cmp                                              57      54      -3
pstm_sub                                             107     102      -5
pstm_to_unsigned_bin                                 157     151      -6
pstm_clamp                                            63      57      -6
pstm_add                                             116     108      -8
pstm_grow                                             81      72      -9
pstm_count_bits                                       57      48      -9
pstm_init_copy                                        84      72     -12
pstm_cmp_mag                                          93      78     -15
pstm_sqr_comba                                       567     551     -16
pstm_montgomery_calc_normalization                   158     140     -18
pstm_copy                                            115      92     -23
pstm_lshd                                            133     109     -24
pstm_mul_comba                                       525     500     -25
pstm_mul_d                                           251     224     -27
s_pstm_sub                                           256     228     -28
s_pstm_add                                           370     337     -33
pstm_div_2d                                          444     409     -35
pstm_mul_2                                           195     156     -39
pstm_rshd                                            154     104     -50
pstm_mul_2d                                          247     186     -61
pstm_exptmod                                        1524    1463     -61
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 8/27 up/down: 75/-524)         Total: -449 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-03 21:53:29 +02:00
Denys Vlasenko
636c3b627c tls: merge sha1 and sha256 hmac functions 
function                                             old     new   delta
hmac_begin                                             -     196    +196
hmac_sha256                                           61      68      +7
hmac                                                 250      87    -163
hmac_sha256_begin                                    190       -    -190
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/1 up/down: 203/-353)         Total: -150 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-03 17:43:44 +02:00
Denys Vlasenko
6e99f1cb45 tls: replace aes encryption/decryption by much smaller one 
The replacement code is ~6 times slower,
but drastically decreases size of tls_aes.o:

text	data	bss	dec	hex	filename
8050	0	0	8050	1f72	tls_aes_OLD.o
2461	0	0	2461	99d	tls_aes.o

function                                             old     new   delta
sbox                                                   -     256    +256
rsbox                                                  -     256    +256
KeyExpansion                                           -     197    +197
Subword                                                -      66     +66
AddRoundKey                                            -      61     +61
static.Rcon                                            -      10     +10
rcon                                                  40       -     -40
setup_mix                                             80       -     -80
setup_mix2                                           123       -    -123
aes_cbc_decrypt                                     1377     971    -406
aes_cbc_encrypt                                     1375     644    -731
psAesInit                                            848       -    -848
Te4                                                 1024       -   -1024
TE0                                                 1024       -   -1024
TD0                                                 1024       -   -1024
Td4                                                 1040       -   -1040
------------------------------------------------------------------------------
(add/remove: 6/8 grow/shrink: 0/2 up/down: 846/-6340)       Total: -5494 bytes

This code is based on public domain "tiny-AES128-C" code.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-04-01 20:11:59 +02:00
Denys Vlasenko
ab03061615 udhcp6: move misplaced comment 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-03-27 22:49:12 +02:00
Denys Vlasenko
ed898ed2dd udhcp6: fix releasing 
Patch is based on work by tiggerswelt.net. They say:
"
We wanted udhcpc6 to release its IPv6-Addresses on
quit (-R-commandline-option) which turned out to generate once again
kind of garbage on the network-link.
We tracked this down to two issues:

 - udhcpc6 uses a variable called "srv6_buf" to send packets to
   the dhcp6-server, but this variable is never initialized correctly
   and contained kind of a garbage-address

 - The address of the dhcp6-server is usually a link-local-address,
   that requires an interface-index when using connect() on an AF_INET6-
   socket

We added an
additional parameter for ifindex to d6_send_kernel_packet() and made
d6_recv_raw_packet() to capture the address of the dhcp6-server and
forward it to its callee.
"

Three last patches together:

function                                             old     new   delta
d6_read_interface                                      -     454    +454
d6_recv_raw_packet                                     -     283    +283
option_to_env                                        249     504    +255
.rodata                                           165226  165371    +145
send_d6_discover                                     195     237     +42
send_d6_select                                       118     159     +41
send_d6_renew                                        173     186     +13
send_d6_release                                      162     173     +11
opt_req                                                -      10     +10
d6_send_kernel_packet                                304     312      +8
opt_fqdn_req                                           -       6      +6
d6_mcast_from_client_config_ifindex                   48      51      +3
d6_find_option                                        63      61      -2
udhcpc6_main                                        2416    2411      -5
static.d6_recv_raw_packet                            266       -    -266
------------------------------------------------------------------------------
(add/remove: 5/1 grow/shrink: 8/2 up/down: 1271/-273)         Total: 998 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-03-27 22:44:22 +02:00
Denys Vlasenko
64d58aa806 udhcp6: fix problems found running against dnsmasq 
Patch is based on work by tiggerswelt.net. They say:
"
But when we tried to use dnsmasq on server-side, udhcpc6 was unable to
forward the acquired address to its setup-script although the
IPv6-Address had been assigned by the server as we could see via
tcpdump. We traced this issue down to a problem on how udhcpc6 parses
DHCPv6-Options: When moving to next option, a pointer-address is
increased and a length buffer is decreased by the length of the option.
The problem is that it is done in this order:

  option += 4 + option[3];
  len_m4 -= 4 + option[3];

But this has to be switched as the length is decreased by the length of
the *next* option, not the current one. This affected both - internal
checks if a required option is present and the function to expose
options to the environment of the setup-script.
There was also a bug parsing D6_OPT_STATUS_CODE Options, that made
dnsmasq not work as udhcpc6 thought it is receiving a non-positive
status-code (because it did not parse the status-code as required in RFC
3315).
In addition we introduced basic support for RFC 3646 (OPTION_DNS_SERVERS
and OPTION_DOMAIN_LIST) and RFC 4704 (OPTION_CLIENT_FQDN).
"

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-03-27 22:41:59 +02:00
Denys Vlasenko
e09f5e3045 udhcp6: read_interface should save link-local ipv6 address 
Patch is based on work by tiggerswelt.net. They say:
"Using this patch it was no problem to acquire an IPv6-Address via DHCPv6
using ISC DHCPD6 on server-side."

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-03-27 22:41:59 +02:00
Denys Vlasenko
876c121ccb whitespace fix 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-03-24 15:00:12 +01:00
Denys Vlasenko
7c67f1e9ab udhcpc: make sure we do not overflow poll timeout 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-17 19:20:32 +01:00
Denys Vlasenko
94dcfd8cc0 nc_bloaty: use poll() instead of select() 
function                                             old     new   delta
readwrite                                            829     715    -114

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-17 17:48:59 +01:00
Denys Vlasenko
52a515d187 udhcp: use poll() instead of select() 
function                                             old     new   delta
udhcp_sp_read                                         65      46     -19
udhcp_sp_fd_set                                       79      54     -25
udhcpd_main                                         1530    1482     -48
udhcpc_main                                         2780    2730     -50
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-142)           Total: -142 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-16 23:25:44 +01:00
Denys Vlasenko
dc207f6696 udhcp: do not clobber errno by signal handler 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-16 20:04:19 +01:00
Denys Vlasenko
5b3b468ec0 nc: use poll() instead of select() 
function                                             old     new   delta
nc_main                                              943     866     -77

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-16 17:17:17 +01:00
Denys Vlasenko
0ec4d08ea3 tls: covert i/o loop from using select() to poll() 
function                                             old     new   delta
tls_run_copy_loop                                    377     282     -95

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-16 16:51:18 +01:00
Denys Vlasenko
8cc1ab3c11 httpd: use "Content-Length", not "-length" 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-04 23:19:30 +01:00
Denys Vlasenko
c31b54fd81 tls: fold AES CBC en/decryption into single functions 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-04 16:23:49 +01:00
Denys Vlasenko
5b05d9db29 wget/tls: session_id of zero length is ok (arxiv.org responds with such) 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-02-03 18:23:52 +01:00
Denys Vlasenko
67f6db6b27 wget: add a big explanation what TLS code implements and what does not 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-30 16:27:37 +01:00
Denys Vlasenko
b181ca7552 typo in comment 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-29 18:48:58 +01:00
Denys Vlasenko
205d48e948 *: add comment about APPLET_ODDNAME format 
It confused me more than once

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-29 14:57:33 +01:00
Denys Vlasenko
b4b12bf234 httpd: defend against attempts to OOM us. Closes 9611 
We were strdup'ing "Cookie: foo" every time we saw it.

function                                             old     new   delta
handle_incoming_and_exit                            2733    2821     +88

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-26 19:35:40 +01:00
Denys Vlasenko
b13b618335 ftpd/ls: show directories first 
Old TODO finally done

function                                             old     new   delta
ls_main                                              548     568     +20
packed_usage                                       31116   31097     -19

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-25 04:52:45 +01:00
Andrey Mozzhuhin
2181fb4af8 ftpd: new option -a ANON_USER to allow anonymous logins 
Anonymous ftpd login is useful even when ftpd authentication feature
is enabled. Anonymous logins provide simple password-less connection
for FTP clients.

To allow password-less connection user command line option '-a USER' is
added. This option specifies the system user to use when
'anonymous' username is given in USER command. No password is required
in this case.

function                                             old     new   delta
ftpd_main                                           2164    2232     +68
packed_usage                                       31015   31046     +31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 99/0)               Total: 99 bytes

Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-24 23:04:25 +01:00
Denys Vlasenko
dff9fefd50 wget: add support for -S --server-response 
Based on the patch by stephane.billiart@gmail.com

function                                             old     new   delta
ftpcmd                                                87     129     +42
fgets_and_trim                                        86     119     +33
static.wget_longopts                                 234     252     +18
packed_usage                                       31002   31015     +13
wget_main                                           2535    2540      +5
gethdr                                               158     163      +5
retrieve_file_data                                   424     428      +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 7/0 up/down: 120/0)             Total: 120 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-24 21:41:43 +01:00
Denys Vlasenko
89193f985b tls: can download kernels now :) 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-24 18:08:07 +01:00
Denys Vlasenko
1500b3a50d tls: if got CERTIFICATE_REQUEST, send an empty CERTIFICATE 
wolfssl test server is not satisfied by an empty one,
but some real servers might be.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-24 17:06:10 +01:00
Denys Vlasenko
49ecee098d tls: add 2nd cipher_id, TLS_RSA_WITH_AES_128_CBC_SHA, so far it doesn't work 
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)

This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-24 16:00:54 +01:00
Denys Vlasenko
7a18b9502a tls: reorder tls_handshake_data fields for smaller size, tweak comments 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-23 16:37:04 +01:00
Denys Vlasenko
b5bf1913d3 tls: send EMPTY_RENEGOTIATION_INFO_SCSV in our client hello 
Hoped this can make cdn.kernel.org to like us more. Nope.
While at it, made error reporting more useful.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-23 16:12:17 +01:00
Denys Vlasenko
9492da7e63 tls: set TLS_DEBUG to 0; placate a gcc indentation warning 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-23 01:15:13 +01:00
Denys Vlasenko
9a647c326a separate TLS code into a library, use in in wget 
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.

This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).

function                                             old     new   delta
tls_handshake                                          -    1691   +1691
tls_run_copy_loop                                      -     443    +443
ssl_client_main                                        -     128    +128
packed_usage                                       30978   31007     +29
wget_main                                           2508    2535     +27
applet_names                                        2553    2560      +7
...
xwrite_encrypted                                     360     342     -18
tls_main                                            2127       -   -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195)       Total: 156 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-23 01:08:16 +01:00
Denys Vlasenko
12389889c0 ip: better --help 
Was:
    Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]

    ip [OPTIONS] OBJECT [COMMAND]
    where OBJECT := address|route|link|tunnel|neigh|rule
    OPTIONS := -f[amily] inet|inet6|link | -o[neline]

User: instead of repeating list of OBJECTs twice, you could at least
show available COMMANDs...

Now:
    Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]

    OPTIONS := -f[amily] inet|inet6|link | -o[neline]
    COMMAND :=
    ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
    ip route list|flush|add|del|change|append|replace|test ROUTE
    ip link set IFACE [up|down] [arp on|off] | show [IFACE]
    ip tunnel add|change|del|show [NAME]
        [mode ipip|gre|sit]
        [remote ADDR] [local ADDR] [ttl TTL]
    ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
    ip rule [list] | add|del SELECTOR ACTION

While at it, tweak tc --help too (it stays disabled, thus no effect)

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-21 14:27:07 +01:00
Denys Vlasenko
8908c1d4f5 more ip --help fixes 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-21 03:56:46 +01:00
Denys Vlasenko
f3d705f41b make --help texts smaller 
function                                             old     new   delta
packed_usage                                       31035   30968     -67

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-21 03:46:57 +01:00
Denys Vlasenko
bbc7bee966 make --help texts more uniform 
function                                             old     new   delta
packed_usage                                       31062   31035     -27

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-21 02:49:58 +01:00
Denys Vlasenko
f6e20724d4 tls: reorder tls_state fields for smaller offsets 
function                                             old     new   delta
xwrite_encrypted                                     363     360      -3
xwrite_and_update_handshake_hash                     117     114      -3
tls_xread_handshake_block                             72      69      -3
tls_error_die                                        211     202      -9
tls_get_outbuf                                        64      49     -15
tls_main                                            2163    2127     -36
tls_xread_record                                     702     639     -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/7 up/down: 0/-132)           Total: -132 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-21 02:08:34 +01:00
Denys Vlasenko
dd2577f21a tls: send SNI in the client hello 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 22:48:41 +01:00
Denys Vlasenko
0af5265180 tls: check size on "MAC-only, no crypt" code path too 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 21:23:10 +01:00
Denys Vlasenko
54b927d78b tls: AES decrypt does one unnecessary memmove 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 21:19:38 +01:00
Denys Vlasenko
3916139ac4 tls: make input buffer grow as needed 
As it turns out, it goes only up to "inbuf_size:4608"
for kernel.org - fixed 18kb buffer was x4 larger than necessary.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 20:27:06 +01:00
Denys Vlasenko
38972a8df1 tls: improve i/o loop 
With tls_has_buffered_record(), entire kernel.org response
is printed at once, without 6 second pause to see its delayed EOF.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 19:11:14 +01:00
Denys Vlasenko
e7863f394e tls: was psAesDecrypt'ing one block too many, trashing buffered data 
For the first time

printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | ./busybox tls kernel.org

successfully reads entire server response and TLS shutdown.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 18:04:04 +01:00
Denys Vlasenko
179e88bec9 rdate: make it do something remotely sane, facing 32-bit time overflow 
function                                             old     new   delta
rdate_main                                           251     254      +3
packed_usage                                       31029   31023      -6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 16:03:48 +01:00
Denys Vlasenko
19e695ebad tls: do not use common_bufsiz 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 14:27:58 +01:00
Denys Vlasenko
a0aae9f714 tls: decode alerts and in particular, EOF alert. 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 14:12:10 +01:00
Denys Vlasenko
abbf17abcc tls: add the i/o loop - largish rework of i/o buffering 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-20 03:15:09 +01:00
Denys Vlasenko
f7806f9d8f tls: fix ROL/ROR x86 optimization 
ALWAYS_INLINE:

function                                             old     new   delta
psAesInitKey                                         825     824      -1
ROR                                                    5       -      -5
setup_mix2                                           148     134     -14
psAesDecryptBlock                                   1184    1139     -45
psAesEncryptBlock                                   1193    1102     -91
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-156)           Total: -156 bytes

ALWAYS_INLINE + __builtin_constant_p(shift_cnt):

function                                             old     new   delta
ROR                                                    5       -      -5
psAesInitKey                                         825     818      -7
setup_mix2                                           148     123     -25
psAesDecryptBlock                                   1184    1078    -106
psAesEncryptBlock                                   1193    1017    -176
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-319)           Total: -319 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-19 16:45:41 +01:00
Denys Vlasenko
432f1ae2ff tls: tested PSTM_X86_64, not enabling it - too large 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-19 16:32:38 +01:00
Denys Vlasenko
6b1b004845 tls: commented out psPool_t use 
function                                             old     new   delta
psAesEncrypt                                         159     162      +3
der_binary_to_pstm                                    42      40      -2
xwrite_and_hash                                      437     434      -3
xread_tls_block                                      446     443      -3
pstm_div_2d                                          449     444      -5
psAesDecrypt                                         179     174      -5
pstm_init_size                                        52      45      -7
pstm_init                                             46      39      -7
pstm_to_unsigned_bin                                 165     157      -8
tls_main                                            1265    1256      -9
pstm_mulmod                                          132     123      -9
pstm_mod                                             125     116      -9
pstm_init_copy                                        93      84      -9
psAesInitKey                                         840     825     -15
send_client_key_exchange                             362     342     -20
psAesInit                                            103      80     -23
psRsaEncryptPub                                      429     403     -26
psAesDecryptBlock                                   1211    1184     -27
psAesEncryptBlock                                   1223    1193     -30
pstm_exptmod                                        1582    1524     -58
pstm_div                                            1557    1472     -85
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360)          Total: -357 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-19 15:51:00 +01:00
Denys Vlasenko
1bfc4b85a7 ntpd: print result of hostname resolution 
This is particularly useful if hostname resolution is triggered by
host non-reachability: I saw this in real-life, without the message
it is not at all obvious that IP that we use for a specific host
has changed.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-19 14:42:34 +01:00
Denys Vlasenko
cccf8e735d tls: teach it to decrypt AES256-encrypted data 
This adds decryption only.
There is no MAC verification, code simply throws away MAC.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-19 00:20:45 +01:00
Denys Vlasenko
a9e1866806 tls: trim comments 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-18 21:00:23 +01:00
Denys Vlasenko
b5dfc3dfd6 tls: teach it to send AES256-encrypted data 
>> CLIENT_HELLO
wrote 50 bytes
insize:0 tail:0
got block len:74
got HANDSHAKE
<< SERVER_HELLO
insize:79 tail:0
got block len:2397
got HANDSHAKE
<< CERTIFICATE
key bytes:271, first:0x00
server_rsa_pub_key.size:256
insize:2402 tail:0
got block len:4
got HANDSHAKE
<< SERVER_HELLO_DONE
>> CLIENT_KEY_EXCHANGE
wrote 267 bytes
master secret:c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
client_write_MAC_key:3b0b7e2bab241b629c37eb3a3824f09b39fe71a00876b0c8026dda16ef0d2f82
client_write_key:d36e801470ed2f0a8fc886ac25df57ffbe4265d06e3192122c4ef4df1e32fab2
>> CHANGE_CIPHER_SPEC
from secret: c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
from labelSeed: 636c69656e742066696e6973686564b22e0e6008b8ee218cc02e4a93e4a42b570535f9b57662e262d43b379d125b69
=> digest: a45bfee8ed6507a2a9920d0c
>> FINISHED
before crypt: 5 hdr + 16 data + 32 hash bytes
writing 5 + 16 IV + 64 encrypted bytes, padding_length:0x0f
wrote 85 bytes
insize:9 tail:0
got block len:1
<< CHANGE_CIPHER_SPEC
insize:6 tail:0
got block len:80
< hdr_type:22 ver:3.3 len:80 type:21 len24:9541723 |1591985b...a3da|

The last line is the server's FINISHED response, encrypted.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-18 20:37:24 +01:00
Denys Vlasenko
b7e9ae6e9f tls: added AES code and made it compile. not used yet 
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
 2017-01-18 17:20:27 +01:00