SSL.Port: Add set_accept_callback(). Also alters the accept callback API slightly to be more in line with that of Stdio.Port: * The accept callback now gets a single argument; the id as set by set_id(). * Installation of the internal accept callback (ie ssl_callback()) is now delayed until the first call of accept() if no external accept callback has been installed (ie with any of bind(), listen_fd() or set_accept_callback()). This allows for altering the context between binding and starting to accept connections.
Testsuite [7.8::Crypto]: Fix some tests.
Debug: added functions to generate perf map files
Documentation [Protocols.HTTP]: Prefix StatusCode descriptions with code. This makes it easier to find out that eg Protocols.HTTP.HTTP_NOT_FOUND should be used to generate error code 404.
Protocols.HTTP: Updated the set of known status codes. The set of status codes should now be up to date with http://www.iana.org/assignments/http-status-codes/http-status-codes.txt . Also adds the enum StatusCode for grouping the status codes and autodoc markup with rfc references for all the symbols.
EFUNs: Improved integer types for several math functions. Improves the return types for predef::sqrt(), predef::min(), predef::max(), predef::limit(), predef::abs() and predef::sgn() when called with integer types.
Misc: Fix incorrect syntax in autodoc
Remote: Stricter handling of zero.
Compiler: Update code generator to support F_SSCANF_80.
Compiler [Typechecker]: Changed API for apply_type_attribute() et al. They now get a mapping that they may use to keep state between arguments.
Crypto: Fix multiple warnings about passing of zero values.
Updated types where documentation said 'or zero'.
Web.Api.Instagram: Allow post data to be zero. Fixes several compilation errors.
Web.Api: Authenticate with the Authorization header by default. Sending OAuth authorization information via query variables has been deprecated by RFC6750 (and others), and some endpoints (eg GitHub) do no longer support the old method. Switch to using Authorization: Bearer <access_token> by default. Also updates Web.Api.Github accordingly.
Protocols.HTTP: Allow async callbacks to be zero
Protocols.HTTP: Allow callbacks to be zero
Stdio.File: Allow callbacks to be zero
Merge branch 'patches/support-mixed-in-count_memory' * patches/support-mixed-in-count_memory: GC: Support remaining types in Pike.count_memory().
Documentation [SSL]: Fix typo in previous commit.
doc: fixing some autodoc markup
__builtin.Sql.Connection: Added query_db() and reset() to the API.
SSL: Improved support for Edwards curves. Default to using Edwards curves for ECDH(E) if possible. Also adds experimental support for x448-curves analogous to the support for x25519-curves.
Doc [Protocols.LysKOM]: Some minor changes.
Doc [Traditional]: More sections and move around stuff.
Doc [SSL.Packet]: Use Autodoc markup.
SSL.File: Add {query,set}_timeout(). This adds an API to set an optional timeout to be used for blocking operations. When the timeout expires it is handled as if the peer sent a fatal internal error alert.
SSL.Connection: Change API of handle_alert() and make it visible. handle_alert() is useful to eg simulate external alerts, so make it easier to use.
Protocols.TCP: Add autodoc everywhere
Protocols.TCP: Begin implementation of Happy Eyeballs (RFC 8305). Code formatting not sorted out, lots of bugs, this is not ready to use yet.
WebSocket: Provide a query_id() function to parallel Stdio.File
decode_value(): Allow to restrict decoding to simple types The encoded value has quite a bit of control over our process. Allow to restrict decoding to primitive types by passing coding as -1.
SSL.Constants: Remove obsolete (draft-only) constant.
Doc [SSL]: Adjusted some documentation.
Merge branch 'rosuav/http-multi-connect'
Protocols.DNS: Return host_to_ip to its former state of IPv4-only
Protocols.DNS: Add host_to_ips (plural) to parallel host_to_ip
Protocols.DNS: Cleanup interface, allow arbitrary numbers of restargs.
Protocol.DNS: Windows has a hosts file too.
Protocols.DNS: Add a resolver compatible generic_query().
Protocols.DNS: Extend rcode constant list.
DNS.client: Expose match_etc_hosts.
Implemented Promise variants of async lookup.
Doc: Fix some documentation typos.
SSL.ServerConnection: Added API clarification.
HTTP.Server: Expose filename_to_extension().
SSL.Context: Context commits to tickets via offers_tickets() In certain situations, i.e. after receiving an empty Session Ticket extension (client supports, but does not yet have a ticket), by including the Session Ticket extension in the server hello commits us to providing a ticket later. As SSL.Context would simply return 0 in encode_ticket() when use_cache was zero (not the default), we used to break the protocol on such occasions. Instead, we now use SSL.Context()->offers_tickets() to signal whether Session Tickets should be supported on the connection (and whether the Context commits to encoding a session as ticket later on).
HTTP.Server.Request: Add response member for log_cb.
MIME: Move decode_/encode_headerfield_params functions here.
HTTP: Add params_encode() and params_decode().
Stdio: Added query_mtu() to Stdio.File and Stdio.UDP.
SSL.Connection: Filter duplicate DTLS packets.
SSL.DTLSState: Implemented sliding window for sequence numbers. Needed for DTLS (#10032).
SSL.Packet: Added seq_num to Packet. This is in preparation for implementing DTLS (#10032).
SSL: Do not accept MD2, MD5 and SHA1 signatures any longer Web browsers and others have distrusted SHA1 a long while ago, MD2 and MD5 are at this point simply dangerous to support. However, we now support configuration of supported signature algorithms via @[SSL.Context] in case any use case simply needs to support older signature algorithms.
SSL.Context: Fix autodoc typo
SSL.ServerConnection: Session tickets (RFC 4507 and RFC 5077). Server side support for session tickets. Note that the default ticket encoding is to use the session_id, it thus uses server side state. The ticket encoding can be changed by overriding {en,de}code_ticket() in SSL.Context. Implementation verified against OpenSSL's s_client. Backported from 372b2a05d05fa0d0e052e6634d2acf8d03629ed4 by Tobias Josefowitz.
Documentation tweaks.
Added support for SHA-512-256, userhash and utf-8.
Added support for SHA-256 HTTP Digest
Reworkd HTTP Authentication quite a bit. Supports client and server.
Documentation [SSL]: Fixed typo.
SSL.File: Add support for set_nodelay().
SSL.Constants: Renamed some EdDSA-related constants for consistency.
Doc fix.
HTTP.Server.Request: Restore backward compatibility and fixes to Shuffler. Changes to HTTP.Server.Request: - Support set_mode() in HTTP.Server.Request to optionally enable Shuffler to output the data on the wire. Without setting it, it will revert to the old buffered-output method. - Reinstate write-timeout on HTTP.Server.Request, make sure it works in both classic and Shuffler modes. Changes to Shuffler: - Add automatic TCP_CORK support. - Clean up code duplication between shuffler and sendfile. - Move wrap_callback from a separate member to an optional argument to add_source(). - Add support for Stdio.Buffer. - Adding empty sources works consistently now. - Fix broken cornercases when adding strings or memory regions. - Fix dataloss when using non-blocking io on input files. - Support starting in a file at the spot where the filepointer is. - Add start/length arguments to the main Shuffle object, to skip and limit in the entire concatenated output (needed for HTTP-range support).
HTTP.Server.Request: Use Shuffler to send and support sending chunked data.
SSL.Constants: Added some constants for RSA PSS signatures.
Documentation [SSL.Constants]: Updated AutoDoc.
SSL: Use SignatureScheme instead of array({Hash,Signature}Algorithm).
SSL: Renumbered HASH_* in preparation for using SignatureScheme.
SSL.Constants: Fixed typo.
SSL.constants: Added some entries from RFC 8422.
Implemented MD5-sess algorithm.
Support verifying that the nonce used actually came from the server.
Added support for Digest MD5
Toole.Standalone.test_pike: Complain about calls of handle_error().
Merge commit '722771973bd' into patches/lyslyskom22891031 * commit '722771973bd': (6177 commits) Verify that callablep responses are aligned with reality. ...
Merge commit '2470270f500c728d10b8895314d8d8b07016e37b' into grubba/typechecker-automap * commit '2470270f500c728d10b8895314d8d8b07016e37b': (18681 commits) Removed the old typechecker. ...
Somewhat more flexible opportunistic TLS implementation.
Merge commit '75c9d1806f1a69ca21c27a2c2fe1b4a6ea38e77e' into patches/pike63 * commit '75c9d1806f1a69ca21c27a2c2fe1b4a6ea38e77e': (19587 commits) ...
Always name the 4th argument of bind reuse_port instead of share
Sparse list of version support added.
Added some new 1.3 constants.
Promise: Replace Promise with Promise2, slightly updated interface. Most notable differences between HTTP.Promise2 and HTTP.Promise: - Less filling (20% smaller compiled object file). - Instead of two result objects, we simply have a single HTTP.Promise.Result object which is passed both on_success() and on_failure(). Why does the original separate this in a Promise.Success and Promise.Failure type? - Various code optimisations, that do not change the interface. - The Result object lacks the ok() method. What use was/is it? You should normally already know if you are a success or a failure callback. - The Result object returns the raw body through "data", and the decoded body through get() (to conform more to standard Future objects).
HTTP.Promise2: Offer get() instead of data in the Result object.
HTTP.Promise2: Proposed changes/optimisation/simplification of HTTP.Promise.
Fix docs.
SSL.File: Added support for set_buffer_mode(). Adds support for user provided buffers in both directions. Updates the {read,write,close}_callbacks to the current conventions of Stdio.File (this includes defaulting the callback_id to this_object()). Also adds some corresponding tests to the testsuite.
SSL.File: Fix docs.
SSL.File: Implement query_fd().
Merge branch 'grubba/rename_lfun_destroy' into 8.1 * grubba/rename_lfun_destroy: Modules: Fixed logts of warnings. Testsuite: Updated for LFUN::_destruct(). Compiler: Don't complain about LFUN::destroy() in compat mode. Fix multiple warnings. Runtime: LFUN::destroy() has been renamed to _destruct(). Compiler: Rename LFUN::destroy() to LFUN::_destruct().
Modules: Fixed logts of warnings. More fall out from the LFUN::destroy ==> LFUN::_destruct rename.
Protocols.DNS: Add support for CAA records. Certificate Authorities are actually required to check for them since this month as mandated by the CA/Browser Forum.
Add extensible error handling in Protocols.DNS.server Some servers might want to report errors during other mechanisms than werror. By moving the error reporting to the new report_decode_error() method, it is easy to override that method and do something else. Likewise, some servers might want to not reply to malformed requests. Move that code to the new handle_decode_error() method.
Pikedoc fixes.
There was an XML syntax error in this file.
Manual: Extended the data types chapter with void & mixed. Added some elaboration on the difference between compile-time and run-time types, as well as some about the types void & mixed and how they are used. Fixes [bug 1656 (#1656)].
Essentially white space changes.
Add a little docs to Protocols.WebSocket
Add minimal autodoc as the create() signature changed in the inherit
Protocols.HTTP.Server.Request: Added some AutoDoc markup.
Added the content_type getter to Protocols.HTTP.Promise.Success and added automatic decoding of gzipped data. This means the explicit decoding in Web.SOAP isn't neccessary anymore.
Renamed `content_encoding() to `charset() since that is what's returned. Also fixed a bug where `content_type() wouldn't return anything if no charset is defined in the content-type header.
Protocols.DNS: fix decoding and add encoding of LOC RRs.
Documented finish.
Fix refdoc typo.
SocketIO/EngineIO: Packetised queues, increment protocol versions for both. SocketIO/EngineIO: Drop id parameter, it's better solved using inheritance. EngineIO: Prioritise PING/PONG messages.
WebSocket: finish the extension support revert Some changes had not been reverted
Revert EngineIO and SocketIO from 8.0 for now.
WebSocket: Revert out deflate code, leave options, upward compatible with 8.1.
Crypto [Nettle]: Inlined __builtin.Nettle.DH_Params into Crypto.DH. This is needed to break a circular Nettle-load time dependency. The problem was that __builtin.Nettle.DH_Params had a preprocessor dependency on Nettle.DH_Params, and __builtin.Nettle.DH_Params could sometimes get loaded while Nettle was still initializing.
Protocols.WebSocket: refactored WebSocket extension support Added a new API which allows implementing Extensions as Protocols.WebSocket.Extension subclasses. This is used both for real WebSocket extensions, as well as defragmentation and conformance checks. Updated the documentation accordingly.
Query: timed_async_fetch() didn't support chunked transfer encoding. Promise: Some pikedoc fixes.
Some Pike-doc fixes.
WebSocket/EngineIO/SocketIO: Simplify specifying options per packet.
clone() is not referenced, so define it away for now.
SocketIO: Streamline Universe API, events run in their own threads. Add onclose(), various cleanups.
EngineIO: Drop named inherits. binary frames, make compression overridable.
SocketIO: Streamline Universe API, events run in their own threads.
SocketIO: Support creation of multiple Universes (Yes, we think BIG :-).
EngineIO: Rename options to lower visibility outside the class.
WebSocket: Support for permessage-deflate compression.
EngineIO: Tune deflate compressionparameters.
EngineIO/SocketIO: Improve documentation.
SocketIO/EngineIO: Define PDT() debugging macro. Define DUSERERROR() macro. Throw proper errors with backtraces. Link statically as far as possible. Provide sid and lastrequest members on SocketIO.Server. Pass up ERROR messages from the protocol.
SocketIO: Make it thread safe, and simplify the API.
Clean-room basic Socket.IO implementation. Namespaces are supported. Events belong in the next layer. Rooms belong even one layer further up.
EngineIO: _sprintf() includes protocol revision. Add lastrequest member. Consolidate setting callbacks to a single function. Binary frames have their type in binary sometimes too. Run the close_cb just prior to shutting down the write channel. Use the faster sprintf in favour of Buffers for %c%s type situations. Add accessible close() method. Avoid circular references in id. Close Transport without destructing. Tie up dangling refences when closing is forced.
Protocols.WebSocket: added defragment() defragment() can be used to automatically recombine fragmented frames.
Protocols.WebSocket: handle more protocol errors The following protocol errors are now handled: * invalid close status codes * invalid utf8 in TEXT frames * long control frames * fragmented control frames * check that the reserved bits are zero Some of these checks are only active if WEBSOCKET_DEBUG is turned on, especially those which might break future use of WebSocket extensions.
Protocols.WebSocket: added API for continuation frames
Clean-room Engine.IO implementation.
SSL.Constants [Documentation]: Some notes about ALPN.
SSL.Cipher.CipherSpec: Added max_bytes. This value is intended to be used as a threshold for automatic key renegotiation (and make us proof against eg Sweet32). cf https://sweet32.info/
SSL.Constants: Added enum Extension. Fixes some documentation references.
Documentation [SSL]: Improved AutoDoc mk II markup somewhat.
Documentation [SSL]: Document the fmt_*() functions.
Documentation [Protocols.HTTP]: Fixed typo.
Fixed autodoc
Protocols.LDAP: Support passing an SSL.Context to get_connection(). Sometimes the default SSL.Context isn't appropriate, so support passing a custom one along to Protocols.LDAP.client().
SSL.ServerConnection: Session tickets (RFC 4507 and RFC 5077). Server side support for session tickets. Note that the default ticket encoding is to use the session_id, it thus uses server side state. The ticket encoding can be changed by overriding {en,de}code_ticket() in SSL.Context. Implementation verified against OpenSSL's s_client.
Protocols.HTTP.Server: fixed handling of range requests - The content-length header must contain the length of the entity body, not the full length of the resource - The instance-length part of the content-range header should be the full length of the resource, if known, or '*'
Allow preservation of case in headers in HeaderParser. This is needed when acting as a proxy sine some servers treat headers as case-sensitive.
Just some Pike doc fixes.
SSL.File: Handle non-empty buffers in set_buffer_mode().
Documentation [SSL.File]: Document get_server_name(). Also fixes a documentation typo.
Let's use variants for the callbacks to avoid having different names for them.
Added client mode to Websockets.
Removed unused class.
Make full use of buffers when parsing incoming frames.
Protocols.HTTP.Promise: The arguments are now passes as an object of class Arguments for better type cheking and more coherent method signatures for the request methods. Also some refactoring. Web.Api.Api: Using Protocols.HTTP.Promise for the requests if available and applicable.
Added client mode for WebSocket module.
Protocols.HTTP.Query: Fixed an old bug (https://bugzilla.roxen.com/bugzilla/show_bug.cgi?id=7676) where basically the timeout in timed_async_fetch wasn't reset each new data read. This timeout had it's own property (data_timeout) which now is "deprecated" since the property "timeout" pretty much serves the same purpose, but on connection. So now timeout is the default value to use unless data_timeout is explicitly set, in which case that value will be used. Since there was no proper way to set a max time for the entire operation (well, that was by accident and not intention how the data_timeout in timed_async_fetch worked) the new property "maxtime" has been added. If this is set (default is 0=indefinetly) the request will be aborted after maxtime second even if data is still being read. So in short: data_timeout = 0 // unless explicitly set timeout = 120 // connection timeout, and then data read timeout maxtime = 0 // 0 = off, otherwise the entire operation must be done within maxtime seconds or else the request is aborted Protocols.HTTP.Session: Added some documentation Protocols.HTTP.Promise: New module which utilise the new Concurrent.Promise/Future stuff for HTTP requests. Internally uses Protcols.HTTP.Session for the actual HTTP stuff. Web.Api.Api: Now fetches data asynchronously when async calls are made. Concurrent: on_success and on_fail now returns the object being called so that they can be chained. Parser.Markdown: Fixed the #require macro directive.
Tag IMAP docs for autodoc detection, and fix trivial typos
Add an example to the IRC docs
Use random_string instead of Crypto.Random.random_string
Revert "Added the Markdown module and the standalone pike_to_html.pike from 8.1." This reverts commit 2706a62c3c72b296a0c77b418f1e186c682c7ac5.
IRC: More properly implement the Channel class and add docs
a few autodoc fixes
Added creation method raw to put binary data directly in an image object without adaptation.
Rename preferred_auth_methods to client_auth_methods, and fill it with actual certificate type information.
Updated comments and types.
Readded type information as comments.
Protocols.HTTP now takes 0.08 instead of 0.23s to load. Made Protocol.DNS, SSL and the Calendar module on-demand-loaded.
SSL.Context: Deprecated variable require_trust. Setting of this variable is now equivalent to setting the auth_level to AUTHLEVEL_require.
Added AUTHLEVEL_verify to documentation and compat.
Added AUTHLEVEL_verify that will not require any optional certificates, but will verify any it gets.
Stop supporting compression by default.
SSL.Context: Added some references to RFCs.
SSL.Context: Added some documentation for trusted_issuers_cache.
Crypto.RSA: Cleaned up RSASSA-PSS API. It is now possible to get a PSS signature object from an RSA state by indexing it with "PSS". Eg Crypto.RSA.State rsa = ...; string(8bit) sign = rsa->PSS->pkcs_sign(message, hash); int(0..1) ok = rsa->PSS->pkcs_verify(message, hash, sign); Also adds a corresponding symbol "PKCS1_5" for the traditional (and default) PKCS#1 1.5 style signatures.
Added access methord since my_node_id is protected.
Added support for Bittorrent DHT (BEP005).
Fix documentation issue.
SSL: Encrypt then MAC mode is an RFC now...
Rename HASH_sha to HASH_sha1.
SSL: Added some constants from RFC 4681.
SSL: Protocol version handling cleanup. The protocol version is now represented the same way everywhere; a 16-bit integer with the major (ie 3) in the high 8 bits, and the minor in the low 8 bits. Previously there was a mix between having a two element array, and just keeping track of the minor. Also strengthens the types of version variables in a few places.
SSL.Constants: Renumber the CipherModes. Attempt to have a the cipher modes in approximate order of strength, so that cipher_suite_sort_key() doesn't need to get more complicated.
SSL.context: Added sort_suites().
Documentation fix.
Use Stdio.Buffer for Bencoding.decode. Slightly laxer at handling truncated data.
We can't store UNDEFINED in arrays. Clear up some confusion.
SSL.connection: Implement 1/(n-1) measure against BEAST. Improve resilience against the BEAST client-side attack, by splitting the first data packet into two, where the first only contains a single byte of payload.
SSL: Fix priorities for anonymous cipher suites. Anonymous key exchange suffers from man in the middle attackability, so make sure that they are only chosen when there are no supported authenticated suites.
SSL.Cipher: Support KeyExchange using ECDHE.
SSL.handshake: Added the ECC extensions from RFC 4492. These extensions are required to be able to support ECDH and ECDSA.
SSL: Added some constants from RFC 4492. Also adds some related low-level support for ECC key exchanges.
SSL.Cipher: Improved TLS 1.2 compatibility. The TLS 1.2 prf is now derived from the hash function used for the MAC for the suite, as this seems to be the convention for all the suites that have been defined after TLS 1.2. This simplifies implementation of the prf selection behaviour specified eg for the suites defined in RFC 6367 3.3: When used with TLS versions prior to 1.2 (TLS 1.0 and TLS 1.1), the PRF is calculated as specified in the appropriate version of the TLS specification.
A very, very small fix.
SSL: Add support for AEAD ciphers. Implements the TLS 1.2 protocol-level support for AEAD cipher suites. No AEAD cipher suites have been added yet.
SSL.context: Added get_suites(). Generate the cipher suite selection from CIPHER_SUITES, so that it always is up to date, and has the correct order. This gets rid of the hard-coded tables preferred_rsa_suites and preferred_dhe_dss_suites. Pike 7.8 only: preferred_rsa_suites and preferred_dhe_dss_suites have been replaced with getters generating the same content.
SSL.Constants: Added KE_fortezza for completeness.
SSL.https: Added client mode.
SSL.handshake: Support EXTENSION_signature_algorithms.
SSL.Cipher: Enable support for TLS 1.2. This mainly adds some minimal support for TLS 1.2 signatures, with which all the requirements for TLS are fulfilled. Seems to interoperate with gnutls: - Description: (TLS1.2-PKIX)-(DHE-RSA-1024)-(CAMELLIA-256-CBC)-(SHA1) - Session ID: 52:93:96:96:50:69:6B:65:53:53:4C:33:00:00:00:1F - Ephemeral Diffie-Hellman parameters - Using prime: 1024 bits - Secret key: 1020 bits - Peer's public key: 1024 bits - Version: TLS1.2 - Key Exchange: DHE-RSA - Server Signature: RSA-SHA1 - Cipher: CAMELLIA-256-CBC - MAC: SHA1 - Compression: NULL - Handshake was completed
SSL.Cipher.KeyExchange: Added some Autodoc markup.
SSL.Cipher: Added KeyExchangeNULL. The SSL_null_with_null_null cipher suite now works (when enabled). Removes KeyExchangeGeneric, since it is no longer in use.
SSL.Cipher: Added KeyExchangeDH and KeyExchangeDHE. The only thing KeyExchangeGeneric is used for now is KE_none (when enabled)...
SSL.Cipher: Added KeyExchangeRSA and KeyExchangeGeneric. KeyExchangeRSA is a key exchanger that only handles KE_rsa. Also changed server_derive_master_secret() to use derive_master_secret() to avoid code duplication.
SSL.Cipher.KeyExchange: Split out from SSL.handshake. First step in cleaning up the key exchange code. This mainly moves code (essentially unmodified) from SSL.handshake to the new SSL.Cipher.KeyExchange.
SSL: Made the packet size configurable. Setting the size to 1400 improves conditions when there are packet loss, as it avoids block-of-line for the integrity check of the TLS record. The tradeoff is more overhead.
Fixed switch-on-object warning.
SSL/Protocols.HTTP: Add client support for SNI (server name indication)
SSL: Add support for Server Name Indication (SNI) based selection of keys and certs.
Set a sensible default random function in the context.
SSL: The debug code now knows about SSL 2.0. SSL 2.0 constants may show up in HANDSHAKE_hello_v2 messages, so make sure the debug code can display them properly.
SSL.handshake: Fixed documentation typo.
SSL.session: Added fields for the active RSA and DSA keys.
SSL: Add support for some CAMELLIA cipher suites.
SSL: Added HashAlgorithm enum.
Simplified some debug.
SSL: Added context()->filter_weak_suites(). Both context()->{rsa,dhe_dss}_mode() now take an optional argument and call filter_weak_suites(). Also moved the default sets of preferred cipher suites to Constants.preferred_*_suites. SSL.Constants.CIPHER_algorithms is now a mapping (was a multiset).
SSL: Added support for specifying the minimum and maximum versions of SSL. The minimum and maximum accepted SSL/TLS versions are configured by setting the corresponding variables in the context object. This is in line with how other SSL parameters are configured.
SSL: Added symbolic constants for the SSL versions.
SSL: Added some more SSL3_DEBUG and SSL3_DEBUG_CRYPT.
SSL: Support TLS 1.1 IVs.
SSL: Parameterized the SSL protocol version. Backported from Pike 8.0.
Nettle: Let the IV be set through Nettle.Proxy (aka Crypto.Buffer).
Merge branch '8.1' into grubba/typechecker-mk3 * 8.1: (51 commits) Compiler [Types]: Got rid of my_describe_type(). Compiler [Types]: Fixed wide strings in nested types. Compiler [Types]: low_describe_type() now uses string_builder. string_builder_sprintf: Fixed '+' for floats. string_builder_sprintf: Added support for %T. Calendar.mkrules: Improved backward compat. Auth.OAuth.Client: Fixed AutoDoc markup issue. New modules for communicating with different (RESTful) web apis (including OAuth and OAuth2 client modules) . Documentation [%]: Added some clarifications and improved markup. Inotify: Minor code cleanup. Potential fix for [CID 1325796]. Inotify: Removed some debug output. Filesystem.Monitor [Inotify]: Improved support for blocking mode. Inotify: Don't reference count immediate circular references. Inotify: Removed some dead code. System.Inotify, Filesystem.Monitor: Updates to use new Inotify API. Inotify: Use fd_callback_boxes, internal event parsing. Search.Database.MySQL: Censor the SQL-url. Sql: Added censor_sql_url(). Search.Database.MySQL: Avoid long lived database connections. Inotify: Don't throw errors in rm_watch() on invalid watch descriptor. ...
Documentation [Protocols.LDAP]: Added some RFC markup.
Missed a sentence.
Allow fine grained control over what extensions to use.
Documentation [Protocols.LDP]: Added some RFC markup.
Filesystem.Monitor: Added check_all().
Protocols.HTTP2: Added Frame class.
SSL.Context: Added option to disable renegotiation. This is a feature required by HTTP/2 (RFC 7540 9.2.1).
Disable extended master secret extension by default. It isn't standardized yet, and currently doesn't interopt with Chrome.
Truncated HMAC may be a security issues, and isn't really supported by anyone else. Disable it by default.
Documentation updates.
Merge remote-tracking branch 'origin/8.1' into per/substrings
Documentation [Protocols.LMTP]: Moved some documentation.
Support linking direct to RFC anchor.
Use @rfc{@} autodoc syntax.
SSL.Context: Default to the FFDHE2048 group. Changes the default DHE group from MODP group 24 to FFDHE2048. This makes SMACKTest (http://smacktest.com/) happy, and reduces the risk of precalculated attacks against the MODP group.
Protocols.HTTP2: Added the constants from RFC 7540.
SSL.Connection: Added shutdown().
Mark read and write as deprecated. Added documentation.
SSL.File: Added query_application_protocol(). This is needed for protocols using ALPN.
SSL.Cipher: Minor documentation changes.
SSL.ClientConnection: Support ALPN being accepted. Fixes [LysLysKOM 21365565].
SSL.Buffer: Added read_string_array().
Removed trailing spaces.
Protocols.DNS: Added some constants from the DNSSEC RFCs.
Add a non-ASCII character to the example to demo automatic UTF-8 encoding
Keep track of Session activity, so they can be removed when inactive, not just old.
Sql: Added support for multiple results. Adds Sql.sql_result()->next_result().
First go at MPI bindings
SSL.Port: Support on-demand creation of the Context. Adds context_factory() and a few related getters and setters.
Fix a comment.
Added the final defined PSK suites, ECDHE. The suite lookup table test broke as always, but all the defined ciphers appears to work.
SSL.Session: Updated some documentation.
Changed packet parsing to use Stdio.Buffer objects. The Packet factory is still weird and needs some more thought.
Serialize packets directly into the output buffer.
Change to_write API to return 0 on no data instead of empty string.
Optimize export crypto a bit for the testsuite.
Made internal methods protected.
No one is seriously using export ciphers, so stop optimizing them and throw out some code. (My desktop is doing 710 keys per second)
Protocols.WebSocket: Use Stdio.File buffer mode
Small cleanup.
Don't use RC4 by default.
SSL.Context: Added support for private FFDHE-groups.
Remove redundant PROTOCOL_SSL constants.
Doc fixes.
SSL.Cipher: Added KeyExchangeExportRSA. This breaks out the handling of export-RSA from KeyExchangeRSA in order to reduce the attack surface for attacks like FREAK.
SSL.Constants: Added KE_rsa_export. This is in preparation for breaking out the export-RSA handshaking from KeyExchangeRSA.
TURBO2-942: Add Stdio.Buffer support to Gz.inflate
Crypto.DH: Restored definitions of FFDHE2432 and FFDHE6144. The latest TLS-FFDHE draft (06) reinstates FFDHE6144 and mentions FFDHE2432. I also don't see any reason to remove these symbols to begin with, since even if they might not be used as named curves, they are still possible to use in eg TLS 1.2 and earlier.
SSL: Implemented EXTENSION_extended_master_secret.
Implemented RSA PSK key exchange. select_cipher_suite() in Session however requires a rewrite to work with these suites.
Documentation of CIPHER_SUITES
Added support for DHE PSK.
Return appropriate alert if key id or hint was not recognized.
Some documentation. Perhaps we want to move all this to an abstract class PSKContext?
Fixed so that anonymous mode actually works.
Compiler: Documented a few more #pragmas.
SSL.Cipher: KeyExchangeECDH now uses init_{server,client}(). Reverses the inheritance order for KeyExchangeECDH and KeyExchangeECDHE to reduce the code complexity a bit.
SSL.Context: get_suites() now also filters on the version range.
Crypto.ECC.Curve: Added LFUN::`==().
SSL.Cipher.KeyExchange: Changed API for client_key_exchange_packet(). It now returns the premaster secret, and fills in the packet data in the provided buffer. This change allows the corresponding function in SSL.ClientConnection to use SSL.Connection.derive_master_secret().
Synchronize with latest FF-DHE draft.
SSL.Cipher.KeyExchange: Introduced got_client_key_exchange(). Renames ke->server_derive_master_secret() to ke->got_client_key_exchange(), and changes it to return the premaster secret. This will reduce the amount of code duplication soon.
Deprecated verify_certificates, as auth_level does the same thing. This breaks some tests that appears to be incomplete, so disable them.
Document AUTHLEVEL a bit.
SSL.ClientConnection: Support TLS 1.3 ClientKeyShare. client_hello() now sends a pure TLS 1.3 hello if Context.min_version is TLS 1.3 or later, a compat TLS 1.3 hello if Context.max_version is TLS 1.3 or later, and a legacy TLS 1.2 or earlier handshake otherwise. Note that SSL.ServerConnection does not yet suport pure TLS 1.3 hellos, and that the SSL.ClientConnection won't be happy with the result from a server that does support TLS 1.3.
SSL.Connection: Added derive_master_secret(). More unification of code in client and server.
SSL.Cipher: Some more KeyShare-related API changes. The API now seems to be usable for TLS 1.3.
SSL: More KeyShare{EC,}DHE fixes for TLS 1.3.
SSL: Added KeyShare{EC,}DHE in preparation for TLS 0.3.
SSL.Constants: Added some more notes about DTLS.
SSL.Constants: Added some DTLS constants.
SSL: Support the Negotiated FF-DHE Parameters draft. NB: This draft has been incorporated into the TLS 1.3 draft.
SSL [DHE]: Validate the Ys received from the peer. This is required by the current FFDHE draft, and is needed to protect the connection from MITM attacks. Also changes some alerts from unexpected_message to handshake_failure as required by the same draft.
SSL.Cipher: Minor code cleanup.
SSL.File: Improved API for resuming sessions somewhat.
SSL.Context: purge_session() now works client-side too.
SSL.File: Added API for resuming sessions.
Protocols.LDAP: Corrected doc for client().
Renamed methods for consistency with Stdio.Buffer
Removed bignum functions. Using them wouldn't do much.
Better use of Stdio.Buffer APIs.
put_fix_string() and add_data() converted to add().
Rewrote get_uint, put_uint, get_var_string and get_fix_string.
Replaced pop_data() with read() or direct buffer usage.
put_var_string -> add_hstring
Use SSL.Buffer instead of ADT.struct
Work around a compat resolver bug.
ADT.struct -> Stdio.Buffer
SSL.Cipher: Added KeyExchangeKRB (experimental). This is a tentative implementation of the RFC 2712 Kerberos-based key exchange. No interoperation tests have been performed, and the corresponding suites are not enabled.
Move deprecated code to compat. The compat resolver is broken, so this doesn't actually work.
Moved deprecated methods to compat.
SSL.File: Added query_version(). Added function to query the protocol version in use.
SSL.Constants: Minor documentation change.
SSL: Added some more Autodoc.
SSL.handshake: Support setting the minimum required version. The SSL 3.0 protocol can now be disabled by setting min_version in the context to SSL.Constants.PROTOCOL_TLS_1_0. Backported API from Pike 8.0. Note that the constants differ from Pike 8.0 and later, so use the provided symbolic values.
Make TLS 1.0 loweset default TLS in Pike 8.0 too.
Some trivial TLS 1.3 changes.
TLS 1.3 renames NamedCurve into NamedGroup
Put the default lower version at TLS 1.0. IE users on pre XP need to upgrade.
Stdio.IOBuffer -> Stdio.Buffer (part 1)
this_program:: -> this::
Removed one level of indirection and inherit SSL.Port directly into SSLPort.
Stdio.File: Some minor documentation updates.
Added get_certificates().
Merge remote-tracking branch 'origin/8.0' into string_alloc Conflicts: src/stralloc.c
Removed stdin/stderr/stdout variables in the 7.8 compat stdio. Keeping them generates about 100 lines of warnings when the file is compiled due to incompatible types for everything different between Fd_ref and Fd, more or less
Fixed autodoc syntax error
Added buffered asynchronous I/O mode to Stdio.File In this mode the input and output is kept in buffers in the file object. Adding data to the output buffer will write it to the filedescriptor, and the read callback will receive the input buffer as its argument. The write callback will have the output buffer as a second argument, but most of the time this can be ignored since you keep the buffer object around. The write callback will only be called if the buffer needs more data, so if you implement a range_error function in the buffer that refills the buffer it will only be called once that callback returns 0.
Added share option to SSLPort as well
Select DH group based on symmetric key strength.
GTK2: Update Scale docs based on source file
Some minor documentation tweaks. It has been a while since the classes were called Gz_deflate and Gz_inflate.
Fixed a few autodoc syntax errors.
SSL: Improved support for renegotiation.
Wrap some comments.
Merge remote-tracking branch 'origin/8.0' into string_alloc