When this feature is enabled, blank passwords are not accepted by su
unless the user is on a secure TTY defined in /etc/securetty. This
resembles the default PAM configuration of some Linux distros which
specify the nullok_secure option for pam_unix.so.
Based on patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The "autolooped" mount (mount [-oloop] IMAGE /DIR/DIR)
always creates AUTOCLEARed loopdevs, so that umounting
drops them (and this does not require any code in the
umount userspace).
This happens since circa linux-2.6.25:
commit 96c5865559cee0f9cbc5173f3c949f6ce3525581
Date: Wed Feb 6 01:36:27 2008 -0800
Subject: Allow auto-destruction of loop devices
IOW: in this case, umount does not have to use -d
to drop the loopdev.
The explicit loop mount (mount /dev/loopN /DIR/DIR)
does not do this. In this case, umount without -d
should not drop loopdev.
Unfortunately, bbox umount currently always implies -d,
this probably needs fixing.
function old new delta
set_loop 537 597 +60
singlemount 1101 1138 +37
losetup_main 419 432 +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 110/0) Total: 110 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)
This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.
This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).
function old new delta
tls_handshake - 1691 +1691
tls_run_copy_loop - 443 +443
ssl_client_main - 128 +128
packed_usage 30978 31007 +29
wget_main 2508 2535 +27
applet_names 2553 2560 +7
...
xwrite_encrypted 360 342 -18
tls_main 2127 - -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195) Total: 156 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Was:
$ cryptpw --help
...
Print crypt(3) hashed PASSWORD
-P,--password-fd=N Read password from fd N
-m,--method=TYPE Encryption method
-S,--salt=SALT
User: "What methods exist? which one os default?"
Now:
Print crypt(3) hashed PASSWORD
-P,--password-fd N Read password from fd N
-m,--method TYPE des,md5,sha256/512 (default des)
-S,--salt SALT
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Busybox uses FAST_FUNC macro to tweak with IA-32 calling conventions in
order to make the function call slightly smaller or slightly faster.
However, when I experiment with GCC's LTO (Link Time Optimization), I
discovered that FAST_FUNC could hinder LTO's optimization so that the
resulting executable become a few bytes larger (than what is compiled
without FAST_FUNC).
This change allows to specify e.g.
CONFIG_EXTRA_CFLAGS="-DFAST_FUNC= -flto"
and compile with LTO without a source code hack.
Signed-off-by: Kang-Che Sung <explorer09@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The selinux guys want you to get class values at runtime by converting
textual names into constants. Drop the deprecated headers and switch
to the new format.
This API has been around for years, so there shouldn't be an issue
with backwards compatibility.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
These key combinations should repeat correctly when the keys are
pressed and held.
Before this change, they do this erratically - many repeats are "eaten"
because they are treated as unrecognized ESC seqs:
ESC 0x7f is treated by Alt+baskspace, but ESC 0x7f ESC 0x7f ESC 0x7f
is unrecognized.
Escape sequences corresponding to these key combinations are moved from
read_line_input to lineedit_read_key.
Also, these key sequences are now enabled regardless of whether
FEATURE_EDITING_VI is set, since Vim does not actually support these key
combinations, but they are present in readline library.
function old new delta
static.esccmds 93 103 +10
read_line_input 3737 3687 -50
Signed-off-by: Rostislav Skudnov <rostislav@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
On user request.
I thought enabling/disabling them all together is more consistent.
Evidently, some people do want them to be separately selectable.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The somewhat new "unpack in memory" code was broken
for xmalloc_open_zipped_read_close() on NOMMU: we seek back
over signature, but then expect it to be already consumed.
Stop seeking back in this case.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Both calls to run_applet_and_exit are followed by the same code
to print an error message and return status 127. Remove this
duplication and make run_applet_and_exit static.
function old new delta
run_applet_and_exit 675 667 -8
main 119 92 -27
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-35) Total: -35 bytes
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The array applet_nameofs consumes two bytes per applet. It encodes
nofork/noexec flags
suid flags
the offset of the applet name in the applet_name string
Change the applet_table build tool to store the flags in two separate
arrays (applet_flags and applet_suid). Replace applet_nameofs[] with a
smaller version that only stores a limited number of offsets.
This requires changes to the macros APPLET_IS_NOFORK, APPLET_IS_NOEXEC
and APPLET_SUID.
According to Valgrind the original find_applet_by_name required
353 cycles per call, averaged over all names. Adjusting the number
of known offsets allows space to be traded off against execution time:
KNOWN_OFFSETS cycles bytes (wrt KNOWN_OFFSETS = 0)
0 9057 -
2 4604 32
4 2407 75
8 1342 98
16 908 130
32 884 194
This patch uses KNOWN_OFFSETS = 8.
v2:
Remove some dead code from the applet_table tool;
Treat the applet in the middle of the table as a special case.
v3:
Use the middle applet to adjust the start of the linear search as
well as the last applet found.
v4:
Use an augmented linear search in find_applet_by_name.
Drop the special treatment of the middle name from get_applet_name:
most of the advantage now derives from the last stored value.
v5:
Don't store index in applet_nameofs, it can be calculated.
v6:
Tweaks by Denys
function old new delta
find_applet_by_name 25 125 +100
applet_suid - 92 +92
run_applet_no_and_exit 452 460 +8
run_applet_and_exit 695 697 +2
applet_name_compare 31 - -31
applet_nameofs 734 14 -720
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 3/1 up/down: 202/-751) Total: -549 bytes
text data bss dec hex filename
925464 906 17160 943530 e65aa busybox_old
924915 906 17160 942981 e6385 busybox_unstripped
Signed-off-by: Ron Yorston <rmy@pobox.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This patch fixes compiling busybox with FEATURE_UTMP and _WTMP enabled.
musl, while not really support utmp/wtmp, provides stub functions, as well
as variables such as _PATH_UTMP, so that programs using utmp or wtmp can
still compile fine.
My reasoning for this patch is that on Exherbo, I'm currently trying to get
us to be able to use the same busybox config file for both glibc and musl
systems, using utmp/wtmp on systems that support it, and using the stubs
on musl without needing two different configs.
As of latest musl git, it provides all utmp functions needed; 1.1.12 doesn't,
but I sent a patch to Rich to add the utmp{,x}name functions expected to
exist, which was merged into musl upstream.
Signed-off-by: Kylie McClain <somasissounds@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
systemd people are not willing to play nice with the rest of the world.
Therefore there is no reason for the rest of the world to cooperate with them.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit adds support for the -R flag of setarch, which disables
randomization of the virtual address space.
function old new delta
setarch_main 115 150 +35
packed_usage 30664 30651 -13
Signed-off-by: Jan Heylen <heyleke@gmail.com>
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
invarg(a,b) - "invalid argument", but how a and b enter the message?
invarg_1_to_2(a,b) is somewhat easier to read: "invalid argument 'a' to 'b'"
Audit of usage revealed a number of bad uses, with too long messages.
text data bss dec hex filename
938848 932 17448 957228 e9b2c busybox_old
938788 932 17448 957168 e9af0 busybox_unstripped
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
In the initial submission struct bbunit_listelem was manipulated by
custom list functions implemented in bbunit.c. Since the tests are now
added to the list by llist_add_to_end(), which allocates the llist_t
objects behind the scenes, there's no need for the *next field.
function old new delta
unit_main 142 141 -1
bbunit_strrstr_elem 24 16 -8
bbunit_obscure_weak_pass_elem 24 16 -8
bbunit_obscure_strong_pass_elem 24 16 -8
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-25) Total: -25 bytes
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Based on the patch by Ari Sundholm <ari@tuxera.com>
function old new delta
sync_main 20 163 +143
packed_usage 30653 30673 +20
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 163/0) Total: 163 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Introduce a library routine to package the idiom:
p = xmalloc(b, n);
memcpy(p, b, n);
and use it where possible. The example in traceroute used xzalloc
but it didn't need to.
function old new delta
xmemdup - 32 +32
last_main 834 826 -8
make_device 2321 2311 -10
common_traceroute_main 3698 3685 -13
readtoken1 3182 3168 -14
procps_scan 1222 1206 -16
forkchild 655 638 -17
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/6 up/down: 32/-78) Total: -46 bytes
Signed-off-by: Ron Yorston <rmy@frippery.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
UTMP is SVID legacy, UTMPX is mandated by POSIX.
Glibc and uClibc have identical layout of UTMP and UTMPX, both of these
libc treat _PATH_UTMPX as _PATH_UTMP so from a user-perspective nothing
changes except the names of the API entrypoints.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
This way it can be used by other applets without duplication.
Signed-off-by: Ari Sundholm <ari@tuxera.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Sometimes ARG_MAX is small (like 32k) yet sysconf(_SC_ARG_MAX)
is big, and people prefer using the bigger value.
OTOH, with sufficiently large ARG_MAX, further wins from
sysconf(_SC_ARG_MAX) being bigger are exponentially smaller:
you can see 4 times fewer fork+execs when you run find, but
when each execed process already takes a thousand parameters
it's likely execution time is dominated by what that process
does with each parameter.
Thus, with this change ARG_MAX is used if it's sufficiently big,
otherwise sysconf(_SC_ARG_MAX) is used.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This makes "G" (goto end of input) command work as well as
/search_for_nonexistent_string: both will read to EOF now
even from somewhat slow input (such as kernel's "git log").
function old new delta
ndelay_on 35 43 +8
ndelay_off 35 43 +8
read_lines 695 691 -4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 16/-4) Total: 12 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
We don't have an INIT_FIRST, so let's rename INIT_LAST to INIT_FUNC
to imply that the function is called at program start-up.
Also: the priority argument for __attribute__((constructor)) isn't
used, so let's remove it.
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This set of patches adds a simple unit-testing framework to Busybox
unit-tests: add some helper macros for unit-test framework implementation
unit-tests: implement the unit-testing framework
unit-tests: add basic documentation on writing the unit test cases
unit-tests: modify the Makefile 'test' target to run unit-tests too
unit-tests: add two example test cases
unit-tests: modify the existing strrstr test code to use the unit-test framework
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The find utility uses a hardcoded value of 32 * 1024 as the limit of
the command-line length when calling 'find -exec ... {} +'. This results
in over 4 times more execve() calls than in coreutils' find.
This patch uses the limit defined in system headers.
Based on the patch by Bartosz Golaszewski <bartekgola@gmail.com>.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
POSIX.1-2008 removed the usleep function, provide a fallback
implementaion using the recommended nanosleep().
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
fstrim applet is a port from util-linux.
"Trimming" your NAND/eMMC storage will restore the write performance
back to normal after having slow down issues on sequential write and
random write due to usage over time.
Good reading on subject:
http://forum.xda-developers.com/showthread.php?t=1971852
(with long options and CLEAN_UP turned on)
function old new delta
.rodata 148494 148791 +297
fstrim_main - 283 +283
fstrim_sfx - 128 +128
packed_usage 28826 28903 +77
applet_main 2760 2768 +8
applet_names 2343 2350 +7
applet_nameofs 690 692 +2
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 5/0 up/down: 802/0) Total: 802 bytes
Signed-off-by: Malek Degachi <malek-degachi@laposte.net>
Cc: Eugene San (eugenesan) <eugenesan@gmail.com>
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
While at it, move applet/config/kbuild bits into wall.c.
(This way, it's more visible that applet is suid'ed).
function old new delta
wall_main 87 138 +51
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Fixes the following TODO:
stty's visible() function and catv's guts are identical. Merge them into
an appropriate libbb function.
Also makes catv behave exactly like coreutils' cat -v e.g. it'll print 'M-^I'
instead of 'M- '.
function old new delta
visible - 70 +70
do_display 431 379 -52
catv_main 306 250 -56
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/2 up/down: 70/-108) Total: -38 bytes
Signed-off-by: Bartosz Golaszewski <bartekgola@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Add a helper script that lists all applets that
- do or may require SUID provileges (busybox.cfg.suid)
- do not require SUID provileges (busybox.cfg.nosuid)
Some setups prefer to build two busybox binaries, one that is suid which
contains all applets that do or may require suid privileges, and a
second one for all the rest (which drops suid). To ease splitting these
two binaries, generate a list of CONFIG_ items for the suid binary.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
"losetup -d" was not complaining that LOOPDEV is missing.
"losetup -a" was listing only up to /dev/loop9.
"losetup -f" looped forever if llop0 was taken, and never tried
anything after /dev/loop9.
"-o" with other options (say, -r) had no effect.
function old new delta
losetup_main 376 419 +43
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This makes reading the logic (as well as adding new code) a lot simpler,
and fixes one or two cases that were broken due to incorrect sub-version
tests.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Users were reporting getting errors like
"ls: error while loading shared libraries: libc.so.6: ELF load command past end of file"
while rpm was unpacking glibc tarball.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
While at it, fix filename order and free the list of names.
function old new delta
llist_rev - 21 +21
get_header_tar 1733 1741 +8
unpack_package 587 585 -2
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 1/1 up/down: 29/-2) Total: 27 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This makes unzip to FAT filesystems not exit with error.
This is similar to how the "normal" unzip works.
Signed-off-by: Natanael Copa <natanael.copa@gmail.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
According to RFC 5321 the argument to HELO "contains the fully-qualified
domain name of the SMTP client" or its IP address if no FQDN is available.
BusyBox sendmail uses the NIS domain name instead which, in many cases,
is likely to be the default "(none)". [vda: yes, I checked my machine
and its uts.domainname was indeed "(none)"]
Using the host name is more likely to satisfy the intent of the RFC while
allowing the otherwise unused safe_getdomainname function to be removed.
Signed-off-by: Ron Yorston <rmy@tigress.co.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
unpack_gz_stream_with_info: fix buggy error check
man: fix possible accesses past the end of a string
move seamless uncompression helpers from read_printf.c to open_transformer.c
function old new delta
show_manpage 153 212 +59
unpack_gz_stream_with_info 520 539 +19
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
The xsocket_type() function had an optional "family" argument
that was enabled only if IPv6 is enabled. In the case of the
function was called with a valid AF_UNIX argument, and IPv6 is
disabled, this argument was silently ignored.
This patch makes the "family" argument mandatory, while keeping
the old behavior i.e., if AF_UNSPEC is passed, we try first IPv6
(if it's enabled) and fallback to IPv4.
Also I changed all callers of xsocket_type() to reflect its new
interface.
Signed-off-by: Jonh Wendell <jonh.wendell@vexcorp.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
function old new delta
udhcp_str2optset 415 532 +117
Signed-off-by: Michael McTernan <Michael.McTernan.2001@cs.bris.ac.uk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Add a DAEMON_DOUBLE_FORK flag to make bb_daemonize double-fork so it isn't a
session leader, and hence doesn't get a controlling tty on Linux if a tty is
ever opened, similar to how libdaemon's daemon_fork or the big
start-stop-daemon does it - And use it in start-stop-daemon.
For details, see http://www.win.tue.nl/~aeb/linux/lk/lk-10.html#ss10.3
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
