aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-11-27build system: prevent duplicate applet namesRon Yorston
The embedded script feature makes it easier to create applets with duplicate names. Currently in such cases the build succeeds but the resulting executable doesn't work as the developer intended. Catch duplicate names when the applet tables are being generated and make the build fail. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-27Tweaks to build process for embedded scriptsRon Yorston
- Force a rebuild if a script in applets_sh is changed. - Move the dummy usage messages for custom applets to usage.h and change the name from 'dummy' to 'scripted'. - Hide an error from gen_build_files.sh if an embed directory exists but is empty. - Tidy up embedded_scripts script. v2: Remove a couple of unnecessary tests in embedded_scripts, as pointed out by Xabier Oneca. Drop the stripping of comments. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-27tls: add ECDHE_PSK and remove ARIA cipher idsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: add _anon_ cipher definitionsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: enable TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipherDenys Vlasenko
function old new delta static.ciphers 30 32 +2 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: cipher 009D is not yet supported, don't test for itDenys Vlasenko
function old new delta tls_handshake 2116 2108 -8 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: speed up prf_hmac_sha256()Denys Vlasenko
function old new delta hmac_sha_precomputed - 58 +58 prf_hmac_sha256 181 222 +41 hmac_sha256 68 - -68 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 1/0 up/down: 99/-68) Total: 31 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26libbb: add comment on sha384Denys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: simplify hmac_begin()Denys Vlasenko
function old new delta hmac_begin 196 158 -38 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-26tls: add support for 8 more cipher ids - all tested to workDenys Vlasenko
function old new delta tls_handshake 2059 2116 +57 static.ciphers - 30 +30 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 1/0 up/down: 87/0) Total: 87 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: fix commentsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: add a comment on expanding list of supported ciphersDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: do not leak RSA keyDenys Vlasenko
function old new delta tls_handshake 1957 2059 +102 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: code shrinkDenys Vlasenko
function old new delta xwrite_and_update_handshake_hash 81 80 -1 tls_handshake 1987 1957 -30 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: code shrinkDenys Vlasenko
function old new delta tls_handshake 1993 1987 -6 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: code shrinkDenys Vlasenko
function old new delta aesgcm_GHASH 223 196 -27 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: on x86, use xorbuf_aligned_AES_BLOCK_SIZE() even with non-aligned sourceDenys Vlasenko
function old new delta aesgcm_GHASH 228 223 -5 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25tls: actually fill in CIPHER_ID3 value in hello messageDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-25ntpd: do not SEGV on "-p keyno:192.168.1.1", show --help insteadDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24wget: code shrinkDenys Vlasenko
function old new delta base64enc 53 46 -7 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24tls: fix is.gd again, fix AES-CBC using decrypt key instead of encryptDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24tls: speed up xor'ing of aligned 16-byte buffersDenys Vlasenko
function old new delta xorbuf_aligned_AES_BLOCK_SIZE - 23 +23 xwrite_encrypted 585 580 -5 aesgcm_GHASH 233 228 -5 GMULT 192 187 -5 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/3 up/down: 23/-15) Total: 8 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24tls: in AES-GCM decoding, avoid memmoveDenys Vlasenko
function old new delta xorbuf3 - 36 +36 xorbuf 24 12 -12 tls_xread_record 656 634 -22 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 0/2 up/down: 36/-34) Total: 2 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-24tls: fix a thinko in GHASH optimizationDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: make tls_get_random() FAST_FUNCDenys Vlasenko
function old new delta tls_handshake 1977 1985 +8 tls_get_random 32 28 -4 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 1/1 up/down: 8/-4) Total: 4 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23wget: print the final newline only for non-tty outputDenys Vlasenko
$ busybox wget URL 2>&1 | cat Connecting to .... install.iso 0% | | 2629k 0:02:05 ETA install.iso 7% |** | 25.7M 0:00:23 ETA install.iso 16% |***** | 54.1M 0:00:14 ETA install.iso 20% |****** | 67.4M 0:00:15 ETA install.iso 25% |******** | 81.0M 0:00:14 ETA install.iso 30% |********* | 97.3M 0:00:13 ETA install.iso 36% |*********** | 117M 0:00:12 ETA install.iso 41% |************* | 134M 0:00:11 ETA install.iso 47% |*************** | 152M 0:00:10 ETA install.iso 54% |***************** | 176M 0:00:08 ETA install.iso 61% |******************* | 200M 0:00:06 ETA install.iso 66% |********************* | 215M 0:00:06 ETA install.iso 71% |********************** | 231M 0:00:05 ETA install.iso 75% |************************ | 244M 0:00:04 ETA install.iso 79% |************************* | 257M 0:00:03 ETA install.iso 84% |*************************** | 275M 0:00:02 ETA install.iso 91% |***************************** | 297M 0:00:01 ETA install.iso 99% |******************************* | 321M 0:00:00 ETA install.iso 100% |********************************| 323M 0:00:00 ETA <-- no empty line here $ function old new delta bb_progress_update 622 632 +10 progress_meter 152 158 +6 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 2/0 up/down: 16/0) Total: 16 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: code shrinkDenys Vlasenko
function old new delta aesgcm_GHASH 262 233 -29 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: typo fix in commentDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: make local buffers in aesgcm_GHASH() explicitly 32-bit alignedDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: code shrinkDenys Vlasenko
function old new delta xwrite_encrypted 599 585 -14 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: simplify aesgcm_GHASH()Denys Vlasenko
function old new delta xwrite_encrypted 604 599 -5 FlattenSzInBits 52 - -52 aesgcm_GHASH 395 262 -133 ------------------------------------------------------------------------------ (add/remove: 0/1 grow/shrink: 0/2 up/down: 0/-190) Total: -190 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: in AES-CBC code, do not set key for every record - do it onceDenys Vlasenko
function old new delta aes_setkey 16 212 +196 tls_handshake 1941 1977 +36 aes_encrypt_1 382 396 +14 xwrite_encrypted 605 604 -1 tls_xread_record 659 656 -3 aes_encrypt_one_block 65 59 -6 aes_cbc_encrypt 172 121 -51 aesgcm_setkey 58 - -58 aes_cbc_decrypt 958 881 -77 KeyExpansion 188 - -188 ------------------------------------------------------------------------------ (add/remove: 0/2 grow/shrink: 3/5 up/down: 246/-384) Total: -138 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-23tls: add support for TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipherDenys Vlasenko
function old new delta xwrite_encrypted 209 605 +396 GHASH - 395 +395 aes_encrypt_1 - 382 +382 GMULT - 192 +192 tls_xread_record 489 659 +170 aes_encrypt_one_block - 65 +65 aesgcm_setkey - 58 +58 FlattenSzInBits - 52 +52 tls_handshake 1890 1941 +51 xwrite_and_update_handshake_hash 46 81 +35 xorbuf - 24 +24 aes_setkey - 16 +16 psRsaEncryptPub 413 421 +8 stty_main 1221 1227 +6 ssl_client_main 138 143 +5 next_token 841 845 +4 spawn_ssl_client 218 219 +1 volume_id_probe_hfs_hfsplus 564 563 -1 read_package_field 232 230 -2 i2cdetect_main 674 672 -2 fail_hunk 139 136 -3 parse_expr 891 883 -8 curve25519 802 793 -9 aes_cbc_decrypt 971 958 -13 xwrite_handshake_record 43 - -43 aes_cbc_encrypt 644 172 -472 ------------------------------------------------------------------------------ (add/remove: 9/1 grow/shrink: 9/8 up/down: 1860/-553) Total: 1307 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-20ash: reset tokpushback before prompting while parsing heredocChristoph Schulz
The parser reads from an already freed memory location, thereby causing unpredictable results, in the following situation: - ENABLE_ASH_EXPAND_PRMT is enabled - heredoc is being parsed - command substitution is used within heredoc Examples where this bug crops up are (PS2 is set to "> "): $ cat <<EOF > `echo abc` > EOF -sh: O: not found $ cat <<EOF > $(echo abc) > EOF -sh: {garbage}: not found The presumable reason is that setprompt_if() causes a nested expansion when ENABLE_ASH_EXPAND_PRMT is enabled, therefore leaving "wordtext" in an unusable state. However, when parseheredoc() is called, "tokpushback" is non-zero, which causes the next call to xxreadtoken() to return TWORD, causing the caller to use the invalid "wordtoken" instead of reading the next valid token. The call chain is: list() -> peektoken() [sets tokpushback to 1] -> parseheredoc() -> setprompt_if() -> pushstackmark() -> expandstr() -> readtoken1() [sets lasttoken to TWORD, wordtoken points to expanded prompt] -> popstackmark() [invalidates wordtoken, leaves lasttoken as is] -> readtoken1() -> ...parsebackq -> list() -> andor() -> pipeline() -> readtoken() -> xxreadtoken() [tokpushback non-zero, reuse lasttoken and wordtext] Note that in almost all other contexts, each call to setprompt_if() is preceded by setting "tokpushback" to zero. One exception is "oldstyle" backquote parsing in readtoken1(), but there "tokpushback" is reset afterwards. The other exception is nlprompt(), but this function is only used within readtoken1() (but in contexts where no nested calls to xxreadtoken() occur) and xxreadtoken() (where "tokpushback" is guaranteed to be zero). function old new delta parseheredoc 124 131 +7 Signed-off-by: Christoph Schulz <develop@kristov.de> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-19scripts/trylink: be more clever when deciding that "lib elimination" has ↵Denys Vlasenko
finished: Before: Trying libraries: crypt m resolv Library crypt is not needed, excluding it Library m is needed, can't exclude it (yet) Library resolv is needed, can't exclude it (yet) Library m is needed, can't exclude it (yet) Library resolv is needed, can't exclude it (yet) Final link with: m resolv After: Trying libraries: crypt m resolv Library crypt is not needed, excluding it Library m is needed, can't exclude it (yet) Library resolv is needed, can't exclude it (yet) Final link with: m resolv Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-18tls: add comment, no code changesDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-18Ensure build works when KBUILD_OUTPUT is set, closes 11511Ron Yorston
The build process for embedded scripts didn't have consistent support for saving output to a different directory. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-18busybox: add '--show SCRIPT' option to display scriptsRon Yorston
Add an option to allow the content of embedded scripts to be displayed. This includes applet scripts, custom scripts and the .profile script. function old new delta busybox_main 624 701 +77 find_script_by_name - 24 +24 scripted_main 41 35 -6 ------------------------------------------------------------------------------ (add/remove: 1/0 grow/shrink: 1/1 up/down: 101/-6) Total: 95 bytes Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-17Treat custom and applet scripts as appletsRon Yorston
BusyBox has support for embedded shell scripts. Two types can be distinguished: custom scripts and scripts implementing applets. Custom scripts should be placed in the 'embed' directory at build time. They are given a default applet configuration and appear as applets to the user but no further configuration is possible. Applet scripts are integrated with the BusyBox build system and are intended to be used to ship standard applets that just happen to be implemented as scripts. They can be configured at build time and appear just like native applets. Such scripts should be placed in the 'applets_sh' directory. A stub C program should be written to provide the usual applet configuration details and placed in a suitable subsystem directory. It may be helpful to have a configuration option to enable any dependencies the script requires: see the 'nologin' applet for an example. function old new delta scripted_main - 41 +41 applet_names 2773 2781 +8 applet_main 1600 1604 +4 i2cdetect_main 672 674 +2 applet_suid 100 101 +1 applet_install_loc 200 201 +1 applet_flags 100 101 +1 packed_usage 33180 33179 -1 tryexec 159 152 -7 evalcommand 1661 1653 -8 script_names 9 - -9 packed_scripts 123 114 -9 complete_cmd_dir_file 826 811 -15 shellexec 271 254 -17 find_command 1007 990 -17 busybox_main 642 624 -18 run_applet_and_exit 100 78 -22 find_script_by_name 51 - -51 ------------------------------------------------------------------------------ (add/remove: 1/2 grow/shrink: 6/9 up/down: 58/-174) Total: -116 bytes text data bss dec hex filename 950034 477 7296 957807 e9d6f busybox_old 949918 477 7296 957691 e9cfb busybox_unstripped Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-16ash: ensure variables are fully initialised when unsetRon Yorston
When a variable is unset by calling setvar(name, NULL, 0) the code to initialise the new, empty variable fails to initialise the last character of the string. Attempts to read the contents of the unset variable will result in the uninitialised character at the end of the string being accessed. For example, running BusyBox under Valgrind and unsetting PATH: $ valgrind ./busybox_unstripped sh ==21249== Memcheck, a memory error detector ==21249== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. ==21249== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info ==21249== Command: ./busybox_unstripped sh ==21249== /data2/git/build_fix_8721 $ unset PATH /data2/git/build_fix_8721 $ 0 ==21249== Conditional jump or move depends on uninitialised value(s) ==21249== at 0x451371: path_advance (ash.c:2555) ==21249== by 0x456E22: find_command (ash.c:13407) ==21249== by 0x458425: evalcommand (ash.c:10139) ==21249== by 0x454CBC: evaltree (ash.c:9131) ==21249== by 0x456C80: cmdloop (ash.c:13164) Closes https://bugs.busybox.net/show_bug.cgi?id=8721 v2: On the dash mailing list Harald van Dijk was kind enough to point out a flaw in my reasoning and provide an alternative patch. Sadly his patch adds 2 bytes of bloat. Using xzalloc to zero the whole string gives a bloat of -3 bytes. function old new delta setvar 172 169 -3 Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-14hush: correct description for HUSH_TICK config optionRon Yorston
The HUSH_TICK configuration option enables command substitution, not process substitution. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-14tls: code shrinkDenys Vlasenko
function old new delta spawn_ssl_client 219 218 -1 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13wget: print "TLS certificate validation not implemented" only once on redirectsDenys Vlasenko
function old new delta spawn_ssl_client 209 219 +10 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13tls: code shrinkDenys Vlasenko
function old new delta tls_get_zeroed_outbuf - 28 +28 static.empty_client_cert 7 - -7 tls_handshake 1930 1890 -40 ------------------------------------------------------------------------------ (add/remove: 1/1 grow/shrink: 0/1 up/down: 28/-47) Total: -19 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13tls: tidy up recently added ECDSA codeDenys Vlasenko
function old new delta tls_handshake 1935 1930 -5 static.OID_ECDSA_KEY_ALG 21 11 -10 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-15) Total: -15 bytes text data bss dec hex filename 950036 477 7296 957809 e9d71 busybox_old 950048 477 7296 957821 e9d7d busybox_unstripped Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13tls: code shrinkDenys Vlasenko
function old new delta static.f25519_one 32 - -32 curve25519 835 802 -33 ------------------------------------------------------------------------------ (add/remove: 0/1 grow/shrink: 0/1 up/down: 0/-65) Total: -65 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-13tls: add support for ECDHE-ECDSA-AES-128-CBC-SHA and x25519 curveDenys Vlasenko
function old new delta curve25519 - 835 +835 tls_handshake 1619 1935 +316 xc_diffadd - 230 +230 fe_mul__distinct - 149 +149 lm_sub - 103 +103 lm_add - 82 +82 fe_mul_c - 74 +74 fe_select - 45 +45 static.f25519_one - 32 +32 static.basepoint9 - 32 +32 static.OID_ECDSA_KEY_ALG - 21 +21 static.OID_RSA_KEY_ALG - 13 +13 static.supported_groups - 8 +8 static.empty_client_cert - 7 +7 der_binary_to_pstm 40 42 +2 static.expected 13 - -13 ------------------------------------------------------------------------------ (add/remove: 14/1 grow/shrink: 2/0 up/down: 1949/-13) Total: 1936 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-06ash: minor fixesRon Yorston
Ensure that login_sh is initialised in procargs even when running an embedded script. The argc argument to ash_main isn't unused when embedded scripts are present. Signed-off-by: Ron Yorston <rmy@pobox.com> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-05tls: code shrinkDenys Vlasenko
function old new delta tls_handshake 1643 1619 -24 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-11-04tls: reorder a few more cipher idsDenys Vlasenko
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>