Age | Commit message (Collapse) | Author |
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This adds decryption only.
There is no MAC verification, code simply throws away MAC.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
>> CLIENT_HELLO
wrote 50 bytes
insize:0 tail:0
got block len:74
got HANDSHAKE
<< SERVER_HELLO
insize:79 tail:0
got block len:2397
got HANDSHAKE
<< CERTIFICATE
key bytes:271, first:0x00
server_rsa_pub_key.size:256
insize:2402 tail:0
got block len:4
got HANDSHAKE
<< SERVER_HELLO_DONE
>> CLIENT_KEY_EXCHANGE
wrote 267 bytes
master secret:c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
client_write_MAC_key:3b0b7e2bab241b629c37eb3a3824f09b39fe71a00876b0c8026dda16ef0d2f82
client_write_key:d36e801470ed2f0a8fc886ac25df57ffbe4265d06e3192122c4ef4df1e32fab2
>> CHANGE_CIPHER_SPEC
from secret: c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
from labelSeed: 636c69656e742066696e6973686564b22e0e6008b8ee218cc02e4a93e4a42b570535f9b57662e262d43b379d125b69
=> digest: a45bfee8ed6507a2a9920d0c
>> FINISHED
before crypt: 5 hdr + 16 data + 32 hash bytes
writing 5 + 16 IV + 64 encrypted bytes, padding_length:0x0f
wrote 85 bytes
insize:9 tail:0
got block len:1
<< CHANGE_CIPHER_SPEC
insize:6 tail:0
got block len:80
< hdr_type:22 ver:3.3 len:80 type:21 len24:9541723 |1591985b...a3da|
The last line is the server's FINISHED response, encrypted.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Successfully finishes handshake with test servers using NULL-SHA256
cipher.
The "only" thing remaining before there is a chance
this can actually work with real servers is AES encrypt/decrypt.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
sha256 hash should be calculated over incoming handshake packets too!
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Now it at least looks correct, but unfortunately "openssl s_server"
says my hash is wrong.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
sha_crypt 1136 1130 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
sha_K 640 256 -384
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
To "actually implement it" will take more work...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4265
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30
entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30
skipped der 0x30, next byte 0x03
entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00
key bytes:399, first:0x00
entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02
binary bytes:385, first:0x00
skipped der 0x02, next byte 0x02
binary bytes:3, first:0x01
server_rsa_pub_key.size:384
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
insize:9 tail:0
^C
Next step: send CHANGE_CIPHER_SPEC... and actually implement it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4406
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8f7e723:0x30 len:1452 inner_byte @0x8f7e727:0x30
entered der @0x8f7e727:0x30 len:1172 inner_byte @0x8f7e72b:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8f7e830:0x30 len:418 inner_byte @0x8f7e834:0x30
skipped der 0x30, next byte 0x03
entered der @0x8f7e843:0x03 len:399 inner_byte @0x8f7e847:0x00
copying key bytes:399, first:0x00
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
Now need to teach it to send ClientKeyExchange...
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
tls_main - 733 +733
dump - 230 +230
xread_tls_block - 180 +180
get_der_len - 76 +76
enter_der_item - 70 +70
skip_der_item - 56 +56
get24be - 24 +24
tls_error_die - 19 +19
packed_usage 31010 31027 +17
applet_names 2549 2553 +4
applet_main 1472 1476 +4
applet_suid 92 93 +1
applet_install_loc 184 185 +1
------------------------------------------------------------------------------
(add/remove: 9/0 grow/shrink: 5/0 up/down: 1415/0) Total: 1415 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
write(3, "GET / HTTP/1.1\r\nUser-Agent: Wget\r\nConnection: close\r\n\r\n", 74) = 74
shutdown(3, SHUT_WR) = 0
alarm(900) = 900
read(3, "", 1024) = 0
write(2, "wget: error getting response\n", 29) = 29
exit(1)
The peer simply does not return anything. It closes its connection.
Probably it detects wget closing its writing end: shutdown(3, SHUT_WR).
The point it, closing write side of the socket is _valid_ for HTTP.
wget sent the full request, it won't be sending anything more:
it will only receive the response, and that's it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
bash has a feature: it restores termios after a successful wait for
a foreground job which had at least one stopped or sigkilled member.
The probable rationale is that SIGSTOP and SIGKILL can preclude task from
properly restoring tty state. Should we do this too?
A reproducer: ^Z an interactive python:
$ python
Python 2.7.12 (...)
>>> ^Z
{ python leaves tty in -icanon -echo state. We do survive that... }
[1]+ Stopped python
{ ...however, next program (python no.2) does not survive it well: }
$ python
Python 2.7.12 (...)
>>> Traceback (most recent call last):
{ above, I typed "qwerty<CR>", but -echo state is still in effect }
File "<stdin>", line 1, in <module>
NameError: name 'qwerty' is not defined
The implementation is modeled on bash code and seems to work.
However, I'm not sure we should do this. For one: what if I'd fg
the stopped python instead? It'll be confused by "restored" tty state.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
getoptscmd 527 540 +13
getjob 280 286 +6
makejob 278 282 +4
forkchild 602 600 -2
waitcmd 208 205 -3
showjob 382 379 -3
getstatus 83 80 -3
dowait 408 405 -3
freejob 93 89 -4
fg_bgcmd 290 286 -4
forkshell 260 255 -5
killcmd 224 218 -6
jobno 17 11 -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/10 up/down: 23/-39) Total: -16 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
No code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
No code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
set_termios_to_raw - 116 +116
count_lines 72 74 +2
powertop_main 1458 1430 -28
top_main 943 914 -29
more_main 759 714 -45
fsck_minix_main 2969 2921 -48
conspy_main 1197 1135 -62
rawmode 99 36 -63
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/6 up/down: 118/-275) Total: -157 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Mike deleted it:
commit 39456a18a104b228de240b265bd943251219849d
Author: Mike Frysinger <vapier@gentoo.org>
Date: Sat Mar 28 12:21:57 2009 +0000
stop lying about [[ test support
probably because it was not properly ifdefed around, and was enabled
even when bash compat is off.
I just tested it - it works:
$ [ *.diff = z.diff ]; echo $?
0
$ [[ *.diff = z.diff ]]; echo $?
1
Of course, not all numerous bash tricks of [[ ]] are implemented...
function old new delta
bltins2 60 72 +12
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Splitting these options makes it self-documenting about what
bash-compatible features we have.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Splitting these options makes it self-documenting about what
bash-compatible features we have.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Many other appletw don't - they unconditionally use get_terminal_wodth(),
and here the amount of code saved by FEATURE_AUTOWIDTH=n is tiny.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
It controls whether we take input.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
get_wh - 27 +27
tcsetattr_tty_TCSANOW - 18 +18
gotsig 35 27 -8
more_main 835 759 -76
------------------------------------------------------------------------------
(add/remove: 2/0 grow/shrink: 0/2 up/down: 45/-84) Total: -39 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
text data bss dec hex filename
891272 485 6856 898613 db635 busybox_old
891232 485 6856 898573 db60d busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
The former name had no INIT anywhere in its name, sounded generic
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Reverts this:
commit 8ad78e1ec7b2e873953f9f476fb63b5893526c39
Author: Denis Vlasenko <vda.linux@googlemail.com>
Date: Sun Feb 15 12:40:30 2009 +0000
ash: make dot command search current directory first, as bash does.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
This makes hash and ash more symmetrical wrt config menu and config
options.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Redundant help texts (one which only repeats the description)
are deleted.
Descriptions and help texts are trimmed.
Some config options are moved, even across menus.
No config option _names_ are changed.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Busybox uses FAST_FUNC macro to tweak with IA-32 calling conventions in
order to make the function call slightly smaller or slightly faster.
However, when I experiment with GCC's LTO (Link Time Optimization), I
discovered that FAST_FUNC could hinder LTO's optimization so that the
resulting executable become a few bytes larger (than what is compiled
without FAST_FUNC).
This change allows to specify e.g.
CONFIG_EXTRA_CFLAGS="-DFAST_FUNC= -flto"
and compile with LTO without a source code hack.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
* Fix a bug with a configuration in which the shell's kill builtin
would be mistreated as a killall command (i.e. '-q' works, and
'kill process_name' succeeds when it shouldn't):
CONFIG_ASH_JOB_CONTROL=y
CONFIG_HUSH_KILL=y
# CONFIG_KILL is not set
CONFIG_KILLALL=y
# CONFIG_KILLALL5 is not set
* Optimize out unneeded code when the relevant applets are not
selected.
* Move kbuild lines about shells' kill builtins from Kbuild.src to
kill.c, to accompany the new HAVE_SH_KILL macro. I hope this would
make maintanence a little bit easier.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
It's a bit overkill (who would want it off?) but ash already has it
configurable. Let's be symmetric.
Also tweak kbuild logic to use ASH_BUILTIN_ECHO to select echo.o,
not ASH.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
ash kill builtin depends on the job control config option.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
While at it, fix one warning in modprobe-small.c
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
These parts of the code essentially check whether
stepping back by rep0 goes negative or not.
LZMA SDK from lzma1604.7z has the following in the corresponding places:
... = dic[dicPos - rep0 + (dicPos < rep0 ? dicBufSize : 0)]
Clearly, not loop here.
Technically, "while" here works: if condition is false (because pos
underflowed), it iterates once, adds header.dict_size (a.k.a. dicBufSize),
this makes pos positive but smaller than header.dict_size, and loop exits.
Now we'll just check for negative result of subtraction, which is less code:
function old new delta
unpack_lzma_stream 2659 2641 -18
(I hope 2 Gbyte+ dictionaries won't be in use soon).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
Large nested indented code blocks made more sane with a few gotos.
function old new delta
unzip_main 2491 2519 +28
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|
|
function old new delta
unzip_main 2476 2491 +15
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
|