Browse source

Changelog

Query
From:
To:
Branch:
Path:
Message:
BugID:
User: +
Format:
: 13 checkins (+395/-343) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+484/-12) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 9 checkins (+165/-93) by 2 people : 32 checkins (+139/-102) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 16 checkins (+3098/-31) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 20 checkins (+146/-225) by 2 people : 22 checkins (+410/-525) by 2 people : 18 checkins (+397/-525) by 2 people : 4 checkins (+72/-14) by 2 people : 6 checkins (+97/-72) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 18 checkins (+140/-100) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 10 checkins (+56/-36) by 4 people : 10 checkins (+1659/-98) by 4 people : 10 checkins (+23/-12) by 2 people : 2 checkins (+22/-14) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 8 checkins (+132/-16) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+17/-0) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+11/-1) by 2 people : 17 checkins (+121/-129) by 2 people : 8 checkins (+70/-77) by 2 people : 3 checkins (+8/-3) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 1 checkin (+3/-4) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 3 checkins (+34/-0) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 5 checkins (+62/-8) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+26/-0) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 1 checkin (+15/-0) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 3 checkins (+39/-10) by 2 people : 2 checkins (+69/-64) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+67/-28) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 2 checkins (+18/-1) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 13 checkins (+601/-637) by 3 people : 21 checkins (+408/-304) by 3 people : 13 checkins (+135/-139) by 2 people : 1 checkin (+76/-29) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 1 checkin (+75/-70) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 1 checkin (+21/-6) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 3 checkins (+48/-12) by Henrik Grubbström (Grubba) <grubba@grubba.org> : 11 checkins (+279/-84) by 4 people : 8 checkins (+78/-47) by 2 people : 4 checkins (+25/-191) by 2 people : 4 checkins (+105/-142) by 2 people Lines added/removed recently

Today; Thursday 24 July 2014

2014-07-24 17:19:54 (2 hours ago) by Per Hedbor <ph@opera.com>

Now compiles again.

Use TYPEOF to get type

(cherry picked from commit 9aac72417207bd7fce31a99530e18843150a7565)

2014-07-24 13:26:10 (6 hours ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

String: Added filter_non_unicode().

Make string_filter_non_unicode() available as String.filter_non_unicode().

Also fixes related typo in CHANGES.

2014-07-24 13:18:46 (6 hours ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Revamped handling of errno.

Splits cb_errno into {read,write,close}_errno, which in turn are used to
update local_errno depending on which of {read,write,close,renegotiate}()
et al was called.

Removes the now obsolete FIX_ERRNOS() macro.

Also removes a direct call of close_callback() from ssl_close_callback().

Yesterday; Wednesday 23 July 2014

2014-07-23 23:27:51 (20 hours ago) by Martin Nilsson <nilsson@opera.com>

On systems with RDRND random will not be deterministic or depend on random_seed().

2014-07-23 14:58:28 (1 day ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: The got_extra_read_call_out state is no more.

The extra read call_out has been fully replaced by the
internal_poll() call_out, so remove the last remnants of it.

2014-07-23 12:13:55 (1 day ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: update_internal_state() is no more.

As update_internal_state() has become a noop, there's no need
to keep it around anymore.

2014-07-23 12:00:22 (1 day ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Improved handling of user callbacks in set_backend().

Any pending callbacks now migrate to the new backend.

Also clears pending callbacks on shutdown().

Tuesday 22 July 2014

2014-07-22 15:07:57 (2 days ago) by Per Hedbor <ph@opera.com>

Fixed changelog URL in CHANGES
Removed very redundant size_shift debug test
Strengtened the return type of glob()
Moved pike_get_interpreter_pointer to threads.c

2014-07-22 14:52:18 (2 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Move read_callback setting to read().

The stream read_callback is now set (to ssl_read_callback) whenever
the read buffer isn't full, and cleared when it is.

This reduces the complexity and cleans up the semantics of where
and when the stream read_callback is changed.

Also makes similar changes to the handling of the stream close_callback.

This means that the function update_internal_state() is now a noop.

2014-07-22 13:49:41 (2 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle.BufferedCipher: Fixed bug in unpad().

The new unpad() padding checker didn't survive the case where
the padding consisted of a single byte.

Monday 21 July 2014

2014-07-21 16:51:47 (3 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle.BufferedCipher: Support larger padding in unpad().

Support padding larger than the cipher block size.

Support padding larger than 127 bytes on architectures with signed char.

The above are needed to interoperate with GnuTLS (which often uses quite
long padding).

Also attempts to make the padding checking code more time-invariant.

2014-07-21 16:50:40 (3 days ago) by Per Hedbor <ph@opera.com>

Moved random() note

2014-07-21 16:44:42 (3 days ago) by Per Hedbor <ph@opera.com>

Added notes about some more changes

2014-07-21 15:34:00 (3 days ago) by Tobias S. Josefowitz <tobij@tobij.de>

[Fuse] remove redundant code around call_with_interpreter()

Fixes compilation, and removes unneccessary code.

2014-07-21 15:01:44 (3 days ago) by Per Hedbor <ph@opera.com>

Merged the const-marked pike_interpreter_pointer branch.

We now lie to the compiler about the const:ness of the
Pike_interpreter_pointer variable.

Most code now pretends that that variable is constant (it's not,
really, it's constant /per thread/, but not globally, however, the
only code that writes to it and expects anything but the same value
each time it is read is in thread.c)

This saves a lot of code when using the stack multiple times in a
function, and should be safe enough, albeit somewhat unconventional.

If nothing else the binary size shrunk by about 5%.

This _will_ cause issues if pike is compiled with link-time
optimization. A better solution would be an actual thread local
pointer, which is const marked. Or, perhaps the best solution, having
the whole pike_interpreter_struct structure be thread local. At least
on x86_64 accessing thread-local data is just about as fast as
accessing global data.

2014-07-21 14:15:41 (3 days ago) by Per Hedbor <ph@opera.com>

Added change entry for the new syntax.

Sorry for the messed up commit message previously, it happened since
the character # starts a comment in commit messages.

2014-07-21 13:54:49 (3 days ago) by Per Hedbor <ph@opera.com>

Added a new string syntax

They will all start and end a literal string.

A literal string can contain any characters except the end sequence.

The main usecase is writing code in a string.

As an example:

string test = #{
This is a literal string.
They can contain any characters, no de-quoting is done at all.

So, as an example, foo "bar" 'gazonk' \

Valid quote sequences are #{, #( and #[.
They are ended by # followed by }, ) and ], respectively.

So, you can use the two other quotes inside the string, if you want to, like:

Also, no preprocessing is done inside the string.

The main usecase for these strings is to write code in code.

2014-07-21 11:48:04 (3 days ago) by Martin Karlgren <marty@roxen.com>

Support REQUEST_GETNEXT by allowing callback to return a different OID.

Previously, the API only supported returning the requested OID, which made
it impossible for the callback to return the "next" OID (the one actually
used in REQUEST_GETNEXT requests).

Sunday 20 July 2014

2014-07-20 13:10:31 (4 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Move write_callback setting to queue_write().

The stream write_callback is now set (to ssl_write_callback) whenever
the write_buffer isn't empty, and cleared when it is.

This reduces the complexity and cleans up the semantics of where
and when the stream write_callback is changed.
Testsuite: Make sure that there are valid certs for old TLS.

Old versions of TLS (before TLS 1.2) can't use SHA256 certs
for most suites as the suites use SHA1 (or even MD5) which
is too weak for SHA256 certs.

This problem was introduced by the GnuTLS interop fix.

2014-07-20 12:28:37 (4 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Session: Fixed some warnings.

Saturday 19 July 2014

2014-07-19 11:31:55 (5 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Session: Improve interoperation with GnuTLS.

GnuTLS doesn't like certificates for SHA256 signing being used with
suites (in TLS 1.1 and earlier) using SHA1. We now filter such certs.

Friday 18 July 2014

2014-07-18 17:27:07 (6 days ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Detach chaining of callbacks for read.

The user {accept,read,close}_callback():s are now no longer called
directly from the internal ssl_read_callback(), but instead via
internal_poll() (analogous to ssl_write_callback()).

This attempts at further reducing the code complexity of SSL.File.

Thursday 17 July 2014

2014-07-17 17:27:01 (1 week ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Detach chaining of callbacks for write.

Adds schedule_poll() and internal_poll().

The user {write,close}_callback():s are now no longer called directly
from the internal ssl_write_callback(), but instead via a call_out of
internal_poll() (scheduled by schedule_poll()).

This is a start at attempting to reduce the code complexity of SSL.File.

Wednesday 16 July 2014

2014-07-16 17:37:47 (1 week ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Backend: Fixed EXIT in CallOut.

EXIT in CallOut sometimes attempts to get the parent object (ie the backend)
by calling parent_storage(), but that requires destruct() to have registered
the program with a destroy_called_mark, which it only does for programs
lacking lfun::destroy() if they are

* C-programs (no problem here).

and

* Have the PROGRAM_NEEDS_PARENT flag set (this was missing).

This caused the error "Cannot access parent of destructed object.".

This bug could sometimes be triggered by the async_tls_close_test.

2014-07-16 17:15:25 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Allow time to be set through ASN.1 UTC constructor

2014-07-16 15:46:26 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Create a new struct object before cutting substrings, to prevent reading outside of the limit.
Comments and fixmes.

2014-07-16 15:24:10 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Whitespace and debug fixes.

2014-07-16 14:57:30 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Alerts messages are printed out when SSL3_DEBUG is enabled. Cut down the redundancy.

2014-07-16 14:41:43 (1 week ago) by Martin Nilsson <nilsson@opera.com>

certificate_request probably works. Did some work on sending client certificates.

2014-07-16 13:16:14 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Since Session doesn't know about Context, do the CertificatePairs lookup in the caller to avoid ugly type casts.

2014-07-16 13:04:00 (1 week ago) by Martin Nilsson <nilsson@opera.com>

No SNI in Pike 7.8.

Tuesday 15 July 2014

2014-07-15 23:36:36 (1 week ago) by Martin Nilsson <nilsson@opera.com>

These didn't exists in 7.8, so no compat.

2014-07-15 23:33:56 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Refactored certificate lookup.
Whitespace fix.

2014-07-15 17:53:23 (1 week ago) by Martin Nilsson <nilsson@opera.com>

OO harder. Let CertificatePair sort themselves according to perceived certificate strength.

2014-07-15 16:56:19 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Moved and trimmed code to generate CipherPair glob array to separate function.
Moved and trimmed code to generate CipherPair glob array to separate function.

2014-07-15 16:52:20 (1 week ago) by Per Hedbor <ph@opera.com>

add_mem8_imm is used when not compiling with valgrind.

Re-introduced the function

2014-07-15 16:19:21 (1 week ago) by Martin Nilsson <nilsson@opera.com>

More certificate testing.

2014-07-15 15:09:00 (1 week ago) by Per Hedbor <ph@opera.com>

Added F_CALL_BUILTIN_N and F_APPLY_N.

This calls the constant in arg1 with arg2 arguments from the stack.

These opcodes are used if the number of arguments is known and bigger
than 1.

It is not really all that big an optimization, it only removes the
mark stack handling. And, in fact, due to the fact that it removes
some peep optimizations it might be somewhat slower when not using the
amd64 machine code (since, as an example, APPLY/ASSIGN_LOCAL/POP is no
longer an opcode that is used in this case).

However, when using the amd64 code the assign local + pop opcode is
higly optimized, so it's not an issue that it is not merged into the
apply opcode. It is in fact more of a feature.

For that reason the code in docode.c is currently conditional.
The only code generator using it is the amd64 one.

2014-07-15 14:36:51 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Don't use debug_string anymore.
Added _sprintf to Real.

2014-07-15 12:58:48 (1 week ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Optimizer: Fixed bug in foreach with ranges.

The foreach range optimizer didn't handle negative start ranges,
which would cause foreach to index the array out of bounds.

Fixes [bug 7216].

2014-07-15 12:56:33 (1 week ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Optimizer: Fixed bug in foreach with ranges.

The foreach range optimizer didn't handle negative start ranges,
which would cause foreach to index the array out of bounds.

Fixes [bug 7216].

Monday 14 July 2014

2014-07-14 19:25:47 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Added _encode/_decode

2014-07-14 19:04:00 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Sort Context items into Global, Cryptography, Certificates/authentication and Sessions

2014-07-14 18:25:55 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Merge labels with identical code.

2014-07-14 17:55:35 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Remove duplicate rules.

2014-07-14 17:13:35 (1 week ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: More clean-ups in write().

Reduces the code complexity in write() a bit further.

2014-07-14 16:29:37 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Some certficate conformance fixes. RFC 5280 4.1.2.2

2014-07-14 16:13:29 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Small update on Camellia

2014-07-14 15:45:45 (1 week ago) by Per Hedbor <ph@opera.com>

Allow the user to specify the starting indentation level to JSON.encode

2014-07-14 15:24:18 (1 week ago) by Martin Nilsson <nilsson@opera.com>

merge_array_without_order(2) isn't actually used.

2014-07-14 14:03:19 (1 week ago) by Martin Nilsson <nilsson@opera.com>

Kill NPN fully.

Sunday 13 July 2014

2014-07-13 22:39:54 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.ServerConnection: Fixed nextprotoneg handshake.

The padding wasn't validated, and the wrong value was returned from
handle_handshake().

NB: As this stuff belongs to an obsolete draft, which has been
superceeded by RFC 7301, we probably ought to remove it.

2014-07-13 12:26:02 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Connection: Added query_write_queue_size().

This provides an easy API to see whether it is meaningful to
call to_write().

Saturday 12 July 2014

2014-07-12 11:36:04 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Updated the list of RFCs and drafts.

ALPN is now RFC 7301.

2014-07-12 11:11:55 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Stdio.File: Improved documentation of write().

Restructured and more details about behaviour in nonblocking mode.

Friday 11 July 2014

2014-07-11 17:33:55 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Runtime: Increased strictness of variant dispatcher.

The variant dispatcher regarded all objects (even those without `()())
as callable. This was not a good idea.

Fixes some of the issues with the Crypto.RSA testsuite.

2014-07-11 14:58:24 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.File: Unify code paths in write().

Reduce the amount of duplicated code in write() by unifying the code
for the array and string cases.

This has the added benefit of having the array case actually being tested.

Thursday 10 July 2014

2014-07-10 21:53:28 (2 weeks ago) by Martin Nilsson <nilsson@opera.com>

There MUST NOT be more than one extension of the same type. RFC 5246 section 7.4.1.4.

2014-07-10 15:27:01 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Process: Fixed documentation for kill().

predef::kill() returns int(0..1) (not void).

Thanks to Per Cederqvist <cederp@opera.com> for the report.

Fixes [LysLysKOM 20889011].

Also strengthens the return type from int to int(0..1).

Wednesday 09 July 2014

2014-07-09 15:22:53 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Testsuite: Improve diagnostics for conditionals.

Tuesday 08 July 2014

2014-07-08 16:49:28 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Standards.PKCS.Identifiers: Added ec_{dh,mqw}_id.

This adds some remaining identifiers from RFC 5480.

2014-07-08 16:47:08 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Standards.PKCS.Identifiers: Added brainpool.

This adds the brainpool curve identifiers from RFC 5639.

Monday 07 July 2014

2014-07-07 17:21:05 (2 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed Autodoc markup typo.
SSL.Context: Added get_signature_algorithms().

Also extends the documentation for the signature_algorithms
variable a bit.

Sunday 06 July 2014

2014-07-06 13:40:36 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Implemented support for the fallback SCSV.

This adds support for the protocol extension SCSV specified in
draft-ietf-tls-downgrade-scsv as of 2014-07-04.

This protects clients renegotiating failed connections with lower
protocol versions from MITM downgrade attacks, by informing the
server that the client actually supports a higher protocol version
than the one it is currently using.

Saturday 05 July 2014

2014-07-05 12:05:29 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Crypto.RSA: Reenable the generate_key() compat function.

Also fixes some related warnings.

Friday 04 July 2014

2014-07-04 17:07:24 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Image: Added test of Image.load_layers().

2014-07-04 16:50:23 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Image.PSD: Removed erroneous range check.

This check was the wrong way around for the common case where
the bit packer actually has packed some bits, but it can also
not be left in place as an inverted test, as the packed bits
may contain noop instructions, or more likely unpacked bits
(which will expand by a factor 129/128).

Note also that packbitsdecode() does contain range checks.

Fixes Image.decode_layers() on psd-files.

Thursday 03 July 2014

2014-07-03 18:07:03 (3 weeks ago) by Arne Goedeke <el@laramies.com>

Interpreter: cast to unsigned before shifting to avoid signed overflow

2014-07-03 16:58:52 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Stdio.Stat: Survive casts to subtyped arrays (and mappings).

When casting an object to eg array(int), lfun::cast() gets the string
"array(int)". This used to cause Stdio.Stat::cast() to fail.

2014-07-03 15:04:35 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Pike.identify_cycle: Improved documentation somewhat.

2014-07-03 09:07:51 (3 weeks ago) by Arne Goedeke <el@laramies.com>

signal handling: UNUSED parameter is used in some cases

2014-07-03 08:46:53 (3 weeks ago) by Arne Goedeke <el@laramies.com>

Java: marked unused parameters to silence warnings
Removed one more non 7 bit string literal

2014-07-03 08:29:06 (3 weeks ago) by Arne Goedeke <el@laramies.com>

block_alloc: removed just_find_*

This part of the old block allocator hash table api is not used anymore.
GTK2: make sure string literals are 7 bit ASCII

clang has default encoding utf8 and will complain about non 7 bit chars
in string literals

Wednesday 02 July 2014

2014-07-02 19:14:28 (3 weeks ago) by Arne Goedeke <el@laramies.com>

ADT.CritBit: avoid overflow
threads: removed some unused functions
Image: removed some unused functions
Compiler: silence parentheses warnings in clang

2014-07-02 19:09:53 (3 weeks ago) by Arne Goedeke <el@laramies.com>

Interpreter: renamed some variables

When compiling without bytecode and with compilers without computed
goto, the variable p is always struct program *. Use addr for OPCODE_T *,
instead, to silence warnings.
block_allocator: removed some INLINE and warnings for unused parameters
Fuse: removed some unused code

2014-07-02 19:06:29 (3 weeks ago) by Arne Goedeke <el@laramies.com>

testsuite: test string range optimizations
TYPE_SUBTYPE: avoid undefined behavior

(X) << 16 cannot always be represented by an int
Strings: correctly store character ranges

Character ranges of strings are stored in two unsigned chars. For wide
strings, the values between 0 and 255 represent blocks of 255 and
(1<<24) characters, respectively.

The previous code had several issues:

1) After calculating the actual min/max values of the character range,
these value were rounded up, which could lead to an overflow. The
result was that both min and max could end up being 0. An example is
the string (string)({ (1<<16)-1 }).
2) The 32 bit case used blocks of 16 bit instead of 24 bit.
type system: do not over allocate pike_type_mark_stack

2014-07-02 18:56:20 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Image.PNG: encode() now survives options being UNDEFINED.

2014-07-02 14:38:29 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Runtime: Type-stack mmap fixes.

Mmapping stdin is not a good idea...

mmap() doesn't return NULL on failure, but MAP_FAILED. This caused some
invalid pointers to be used on mmap failure.

Fixes fatal "Type mark stack overflow." on init on Solaris.

2014-07-02 13:40:10 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Tools.AutoDoc: Support the string(zero) syntax.

This is the type for the empty string.

2014-07-02 12:19:50 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Doc: Moved identify_cycle() documentation to proper place.

Tuesday 01 July 2014

2014-07-01 20:04:05 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Added some constants from RFC 7250.

2014-07-01 13:55:17 (3 weeks ago) by Per Hedbor <ph@opera.com>

Removed stray ",".

This fixes a bug from 2001-05-05 where a lot of countries
are mapped to the continent ",Europe", not "Europe".

Not all, but most.

Monday 30 June 2014

2014-06-30 18:51:46 (3 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added cipher suites from RFC 7251.

This adds ECDHE/ECDSA variants of the AES-CCM suites from RFC 6655.

NB: Note that there still doesn't seem to be any corresponding
suites with ECDHE/RSA.

Sunday 29 June 2014

2014-06-29 23:32:17 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Removed some debug.
SSL: Fixed some typos in the previous commit.

2014-06-29 16:58:49 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Support EXTENSION_encrypt_then_mac.

This draft extension improves security for old CBC suites by
hashing the encrypted data including the padding. This works
around the various TLS padding attacks.

2014-06-29 16:20:58 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Extended hash_packet() with length adjustment.

This is needed to support the current draft of encrypt-then-mac.

Saturday 28 June 2014

2014-06-28 09:54:02 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Added macro SET_SVAL_TYPE_DC().

This is to be used to set the svalue type when we don't care about
the subtype. It may clear the subtype depending on the C-compiler.

Friday 27 June 2014

2014-06-27 18:47:37 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

Renamed the misnamed asn1_id to pkcs_hash_id

2014-06-27 18:36:52 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Added EXTENSION_encrypt_then_mac.

This value was recently allocated to draft-ietf-tls-encrypt-then-mac.

Thursday 26 June 2014

2014-06-26 20:14:58 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Support compilers with union aliasing problems.

There are apparently compilers that don't understand that the
fields in unions overlap, and overcache overwritten fieldvalues.

Also restores support for compilers without support for static union init.

2014-06-26 18:54:41 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

No need for COMPATIBILITY now that we have __deprecated__.
No need for COMPATIBILITY now that we have __deprecated__. Removed the old class aliases and made more internal things protected.

2014-06-26 18:50:24 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

ASN1 compatibility

2014-06-26 15:45:45 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

Documentation update.

2014-06-26 14:00:19 (4 weeks ago) by Martin Karlgren <marty@roxen.com>

GC: Bugfix in visit_short_svalue to avoid fatal.

Fixes a fatal that was triggered if Pike.count_memory or Pike.identify_cycle
was performed on a backend object having either pending call_outs or any
active or inactive fd:s (it seems that's the only call site of
gc_recurse_short_svalue, which in turn is the only call site of
visit_short_svalue).

2014-06-26 08:13:21 (4 weeks ago) by Martin Karlgren <marty@roxen.com>

GC: Bugfix in visit_short_svalue to avoid fatal.

Fixes a fatal that was triggered if Pike.count_memory or Pike.identify_cycle
was performed on a backend object having either pending call_outs or any
active or inactive fd:s (it seems that's the only call site of
gc_recurse_short_svalue, which in turn is the only call site of
visit_short_svalue).

2014-06-26 07:40:35 (4 weeks ago) by Bill Welliver <bill@welliver.org>

packaging: rpms actually build now

Wednesday 25 June 2014

2014-06-25 19:45:27 (4 weeks ago) by Bill Welliver <bill@welliver.org>

packaging: correct source location.

2014-06-25 19:37:04 (4 weeks ago) by Bill Welliver <bill@welliver.org>

packaging: updates for 7.8.866.

2014-06-25 18:29:07 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

Use the ASN1 factory in LDAP
Good enough...

2014-06-25 17:05:20 (4 weeks ago) by Martin Nilsson <nilsson@opera.com>

Fixed warnings.

2014-06-25 16:51:31 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

ci_tests: Use variables instead of array indices.

Fixes the support for LONGUPPERDELTA (which caused the broken
lower_case tests).

Cleans up the code somewhat.

2014-06-25 16:29:14 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Testsuite: Fixed broken lower_case tests.

It seems the Unicode tables were misread when they were updated,
causing eights in the table where there was supposed to be zeroes.

2014-06-25 10:47:08 (4 weeks ago) by Martin Karlgren <marty@roxen.com>

Pike.identify_cycle: reset mc_ref_from to match asserts in f_count_memory.

Tuesday 24 June 2014

2014-06-24 23:28:28 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Fixed support for combined type_subtype on 64-bit big-endian.

2014-06-24 16:31:50 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Runtime: Unified struct svalue and struct fast_svalue.

Modern gcc (4.7.3) had aliasing problems with the two structs, which
caused changes performed with SET_SVAL() (which used struct fast_svalue)
to not be reflected in TYPEOF() (which used struct svalue). This in turn
caused eg casts of integers to floats to fail with "Cast failed, wanted
float, got int".

The above problem is now solved by having an actual union for the type
fields in struct svalue. This has the additional benefit of forcing
all code to use the svalue macros.

NB: This code change will cause problems with compilers that don't
support union initializers.

2014-06-24 16:29:21 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Missed a few places in the previous commit.

2014-06-24 16:20:58 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Added lots of missing TYPEOF()s.

2014-06-24 11:41:12 (4 weeks ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Pike.identify_cycle: Fixed support for mappings and multisets.

References from mapping_data and multiset_data were not registered
on their corresponding mapping or multiset, but on the initial
argument to Pike.identify_cycle().

Monday 23 June 2014

2014-06-23 16:28:44 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Compiler: Improved cycle detection in implements() and is_compatible().

Under some circumstances the new cache entries could be overwritten
before the functions had completed, leading to infinite recursion.

Fixes [InfoKOM 775534].

2014-06-23 11:31:42 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Runtime: Fixed buffer overrun in set_default_master().

The string "master.pike" is longer than the string "pike"...

Also fixes C99-ism.

2014-06-23 11:09:38 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Improved compatibility with older Nettles.

In older versions of Nettle, the nettle_*_func typedefs were
function pointers, while in more recent versions they are functions.

Also unifies the naming conventions for Pike-specific typedefs by
renaming the crypt_func typedef to pike_nettle_crypt_func.

Sunday 22 June 2014

2014-06-22 19:25:47 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Added some AES-OFB tests from NIST.

2014-06-22 17:56:26 (1 month ago) by Per Hedbor <ph@opera.com>

Significantly faster stack handling in many cases

This is done by declaring pike_interpreter to be a const variable.
This is, obviously, not quite true. Different threads have different
values for the variable in question, but it is always the same for the
lifetime of the thread.

These changes make it be const everywhere except in interpret.c and
threads.c. If the variable was moved to threads.c it could probably
be const in interpret.c as well.

This generates fully working code on at least one architecture with
one compiler. ;)

The gain is fairly substantial in code size (it saves about 10% of the
binary size) and speed is faster, since it no longer has to read the
value of **Pike_interpreter every time the stack is used (one step is
skipped, but the stack pointer is still re-read if a function has been
called)

push_int(0), push_int(1), push_int(2) before:

| movq Pike_interpreter_pointer(%rip), %rax
| movq (%rax), %rcx
| leaq 16(%rcx), %rdx
| movq %rdx, (%rax)
| movq $0, 8(%rcx)
| movq $0, (%rcx)
| movq Pike_interpreter_pointer(%rip), %rax
| movq (%rax), %rcx
| leaq 16(%rcx), %rdx
| movq %rdx, (%rax)
| movq $0, (%rcx)
| movq $1, 8(%rcx)
| movq Pike_interpreter_pointer(%rip), %rax
| movq (%rax), %rcx
| leaq 16(%rcx), %rdx
| movq %rdx, (%rax)
| movq $0, (%rcx)
| movq $2, 8(%rcx)

And after:

| movq Pike_interpreter_pointer(%rip), %rax
| movq (%rax), %rcx
| movq $0, (%rcx)
| movq $0, 8(%rcx)
| movq $0, 16(%rcx)
| movq $1, 24(%rcx)
| leaq 48(%rcx), (%rax)
| movq $0, 32(%rcx)
| movq $2, 40(%rcx)

Saturday 21 June 2014

2014-06-21 16:57:50 (1 month ago) by Martin Nilsson <nilsson@opera.com>

More tests based on RSA documents.
Support constructed strings.

2014-06-21 16:02:26 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Handle uninitizalied objects.

2014-06-21 09:46:59 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Fixed some inherits.

2014-06-21 05:48:14 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Support decoding of Real values.

2014-06-21 03:24:10 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Clean up debug print outs.
Remove some outdated comments.

2014-06-21 03:01:25 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Remove all the private classes and use the factory and the ASN1 module support for dynamic tags and classes.
asn1_sequence is just a context sequence with tag 0.

2014-06-21 02:35:42 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Merge snmp_type_proc with common primitives.

2014-06-21 02:30:57 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Changed to combined tag format of primitives mapping. This was actually always incompatible with existing ASN.1 types, but since propagated types mappings were not used internally anywhere it didn't breake in practice.

2014-06-21 02:15:21 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Import Standards.ASN1.Types

2014-06-21 01:58:09 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Removed private implementation of Boolean and Enumerated.
Added Enumerated.

Friday 20 June 2014

2014-06-20 23:30:26 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Use the default ASN.1 decoder, now that it creates objects with tag IDs from the byte stream.

2014-06-20 23:25:13 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Use standard ASN.1 types.

2014-06-20 23:15:48 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Import Standards.ASN1.Types

2014-06-20 22:50:48 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Removed unused defines.
Another ASN.1 compilation fix.
Added compatibility for constructed and primitive.

2014-06-20 22:32:26 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Updated case data tables. Better, but still failing. There is either a bug in Unicode or in how we create case data.
Add support for LONGUPPERDETLA and LONGLOWERDELTA.

2014-06-20 20:41:42 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Another compile fix.

2014-06-20 16:33:02 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Fixed compilation issue. tag/cls not constants anymore.

2014-06-20 16:29:08 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Updated some tests. The actual seed value is not important. Also random data is not extracted in the background to update the seed value anymore.

2014-06-20 10:23:53 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Build: Fixed C99-ism in my_log2().

Fixes compilation issue with old non-gcc on non-Intel architectures.

Thursday 19 June 2014

2014-06-19 17:55:43 (1 month ago) by Per Hedbor <ph@opera.com>

Faster svalue type/subtype setting

The code generated for setting two shorts (on x86/x86_64 and arm at least) is
very sub-optimal, especially with gcc, for some reason:

Old push_int(0):
movq Pike_interpreter_pointer(%rip), %rdx
movq (%rdx), %rax
leaq 16(%rax), %rcx
movq %rcx, (%rdx)
xorl %edx, %edx
xorl %ecx, %ecx
movw %dx, (%rax)
movw %cx, 2(%rax)
movq $0, 8(%rax)

New push_int(0):
movq Pike_interpreter_pointer(%rip), %rdx
movq (%rdx), %rax
leaq 16(%rax), %rcx
movq %rcx, (%rdx)
movq $0, (%rax)
movq $0, 8(%rax)

Except for the lower number of instructions there is an additional
benefit: The old code triggered a read-modify-write operation on most
modern x86 CPU:s, all to preserve the undefined data between subtype
and the value of the svalue. This could be fixed by changing the type
and subtype to be 32-bit instead of 16-bit, but that is a bigger
change.

2014-06-19 17:18:59 (1 month ago) by Per Hedbor <ph@opera.com>

Made short string size dependent on size of struct pike_string, aim for 25% wasted space on average

2014-06-19 16:31:27 (1 month ago) by Per Hedbor <ph@opera.com>

Removed ATOMIC_SVALUE, it does not compile and does not work.
Micro-optimization
Made _master_location read-only.

2014-06-19 10:42:46 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Use PROGRAM_CLEAR_STORAGE.

Wednesday 18 June 2014

2014-06-18 15:36:58 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Pike: Added Pike.identify_cycle().

This is useful to identify reference cycles in Pike data structures,
so that the need for garbage collection can be reduced.

2014-06-18 15:31:26 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

GC: Added visit_{enter,leave}() API.

Make it easier to keep track of state in the visit_*() API
by tracking when we start and stop visiting things.

2014-06-18 11:14:40 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Unicode 7.0.0.

Tuesday 17 June 2014

2014-06-17 17:08:19 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

GC: Propagate the extra parameter everywhere.

All the visit_*() functions and macros should now propagate the
argument extra.

2014-06-17 16:14:09 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

GC: Clean up some of the visit_* API.

All the visit_*() functions now have all arguments.

Monday 16 June 2014

2014-06-16 19:45:55 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Runtime: Added PROGRAM_CLEAR_STORAGE.

Adds a flag indicating that the storage held by objects of the class
should be cleared prior to being freed. This is mainly to avoid having
secrets around longer than necessary.

FIXME: Consider adding a corresponding flag for objects to mark eg
some bignums for clearing.

2014-06-16 16:35:50 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Documentation update.

2014-06-16 16:16:59 (1 month ago) by Martin Nilsson <nilsson@opera.com>

More Yarrow simplifications.

2014-06-16 15:48:43 (1 month ago) by Martin Nilsson <nilsson@opera.com>

Removed optimization of Yarrow seed files for Nettle < 2.0

2014-06-16 15:32:36 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Added __builtin.Nettle.BlockCipher.

Sunday 15 June 2014

2014-06-15 13:02:32 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Test partial last blocks with supporting modes.

Some modes support the last block being partial, so add some testing
that it works.

Also adds generic testing of the CTR and OCB modes.

2014-06-15 13:00:25 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle.BlockCipher: Added new mode: OFB.

Saturday 14 June 2014

2014-06-14 13:36:14 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Updated to tzdata2014e.
Updated to tzdata2014e.

2014-06-14 12:44:16 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

__builtin.Nettle.Cipher: Stonger type for name().

The function name() is now required to return a 7-bit string.

2014-06-14 12:36:11 (1 month ago) by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle.BlockCipher: Inherit __builtin.Nettle.BlockCipher.

It is now possible to add generic stuff to all block ciphers by
adding it to __builtin.Nettle.BlockCipher.

NB: Requires cipher.cmod to be processed by a recent precompiler.

[permalink]

Bugs mentioned

  2001RESOLVEDBacktrace when changing prototcol from http to https
  2014RESOLVEDThe memory-use change column total is the same as the normal column total.
  7216RESOLVEDOptimizer broken for some cases of foreach.
  866RESOLVEDVersion mismatch
Bugs? Suggestions?