Commit Graph

2797 Commits

Author SHA1 Message Date
Denys Vlasenko
a6390ed77e httpd: fix handling of range requests
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-18 13:09:11 +02:00
Denys Vlasenko
3c34f681b3 netcat: net applet (alias to nc)
function                                             old     new   delta
packed_usage                                       31807   31856     +49
applet_names                                        2701    2708      +7
applet_main                                         1560    1564      +4
applet_install_loc                                   195     196      +1
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 61/0)               Total: 61 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-15 18:55:53 +02:00
Denys Vlasenko
b5a0396716 networking/interface.c: remove superfluous "& 0377"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-12 17:54:28 +02:00
Denys Vlasenko
94aaf4b5d3 httpd: skip "Status: " from CGI, including space. Closes 10291
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-09-01 17:06:12 +02:00
Denys Vlasenko
3256111efb udhcpc: show only short opts in --help text
function                                             old     new   delta
packed_usage                                       31615   31501    -114

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-29 16:51:17 +02:00
Denys Vlasenko
8b77a9ea81 *: fix fallout from opt_complementary conversion
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-23 15:08:25 +02:00
Denys Vlasenko
fb8348b364 telnet: "-a" + "-l USER" should respect USER
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-17 13:37:51 +02:00
Denys Vlasenko
647d8afe86 build system: remove unused CONFIG_FEATURE_HAVE_RPC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-14 12:25:55 +02:00
Denys Vlasenko
a4d4ab04c3 vconfig: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-09 18:52:19 +02:00
Denys Vlasenko
89d8753c55 ftpgetput: show only short options in --help text
function                                             old     new   delta
packed_usage                                       31687   31675     -12

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 22:33:02 +02:00
Denys Vlasenko
22542eca18 getopt32: remove opt_complementary
function                                             old     new   delta
vgetopt32                                           1318    1392     +74
runsvdir_main                                        703     713     +10
bb_make_directory                                    423     425      +2
collect_cpu                                          546     545      -1
opt_chars                                              3       -      -3
opt_complementary                                      4       -      -4
tftpd_main                                           567     562      -5
ntp_init                                             476     471      -5
zcip_main                                           1266    1256     -10
xxd_main                                             428     418     -10
whois_main                                           140     130     -10
who_main                                             463     453     -10
which_main                                           212     202     -10
wget_main                                           2535    2525     -10
watchdog_main                                        291     281     -10
watch_main                                           222     212     -10
vlock_main                                           399     389     -10
uuencode_main                                        332     322     -10
uudecode_main                                        316     306     -10
unlink_main                                           45      35     -10
udhcpd_main                                         1482    1472     -10
udhcpc_main                                         2762    2752     -10
tune2fs_main                                         290     280     -10
tunctl_main                                          366     356     -10
truncate_main                                        218     208     -10
tr_main                                              518     508     -10
time_main                                           1134    1124     -10
tftp_main                                            286     276     -10
telnetd_main                                        1873    1863     -10
tcpudpsvd_main                                      1785    1775     -10
taskset_main                                         521     511     -10
tar_main                                            1009     999     -10
tail_main                                           1644    1634     -10
syslogd_main                                        1967    1957     -10
switch_root_main                                     368     358     -10
svlogd_main                                         1454    1444     -10
sv                                                  1296    1286     -10
stat_main                                            104      94     -10
start_stop_daemon_main                              1028    1018     -10
split_main                                           542     532     -10
sort_main                                            796     786     -10
slattach_main                                        624     614     -10
shuf_main                                            504     494     -10
setsid_main                                           96      86     -10
setserial_main                                      1132    1122     -10
setfont_main                                         388     378     -10
setconsole_main                                       78      68     -10
sendmail_main                                       1209    1199     -10
sed_main                                             677     667     -10
script_main                                         1077    1067     -10
run_parts_main                                       325     315     -10
rtcwake_main                                         454     444     -10
rm_main                                              175     165     -10
reformime_main                                       119     109     -10
readlink_main                                        123     113     -10
rdate_main                                           246     236     -10
pwdx_main                                            189     179     -10
pstree_main                                          317     307     -10
pscan_main                                           663     653     -10
popmaildir_main                                      818     808     -10
pmap_main                                             80      70     -10
nc_main                                             1042    1032     -10
mv_main                                              558     548     -10
mountpoint_main                                      477     467     -10
mount_main                                          1264    1254     -10
modprobe_main                                        768     758     -10
modinfo_main                                         333     323     -10
mktemp_main                                          200     190     -10
mkswap_main                                          324     314     -10
mkfs_vfat_main                                      1489    1479     -10
microcom_main                                        715     705     -10
md5_sha1_sum_main                                    521     511     -10
man_main                                             867     857     -10
makedevs_main                                       1052    1042     -10
ls_main                                              563     553     -10
losetup_main                                         432     422     -10
loadfont_main                                         89      79     -10
ln_main                                              524     514     -10
link_main                                             75      65     -10
ipcalc_main                                          544     534     -10
iostat_main                                         2397    2387     -10
install_main                                         768     758     -10
id_main                                              480     470     -10
i2cset_main                                         1239    1229     -10
i2cget_main                                          380     370     -10
i2cdump_main                                        1482    1472     -10
i2cdetect_main                                       682     672     -10
hwclock_main                                         406     396     -10
httpd_main                                           741     731     -10
grep_main                                            837     827     -10
getty_main                                          1559    1549     -10
fuser_main                                           297     287     -10
ftpgetput_main                                       345     335     -10
ftpd_main                                           2232    2222     -10
fstrim_main                                          251     241     -10
fsfreeze_main                                         77      67     -10
fsck_minix_main                                     2921    2911     -10
flock_main                                           314     304     -10
flashcp_main                                         740     730     -10
flash_eraseall_main                                  833     823     -10
fdformat_main                                        532     522     -10
expand_main                                          680     670     -10
eject_main                                           335     325     -10
dumpleases_main                                      630     620     -10
du_main                                              314     304     -10
dos2unix_main                                        441     431     -10
diff_main                                           1350    1340     -10
df_main                                             1064    1054     -10
date_main                                           1095    1085     -10
cut_main                                             961     951     -10
cryptpw_main                                         228     218     -10
crontab_main                                         575     565     -10
crond_main                                          1149    1139     -10
cp_main                                              370     360     -10
common_traceroute_main                              3834    3824     -10
common_ping_main                                    1767    1757     -10
comm_main                                            239     229     -10
cmp_main                                             655     645     -10
chrt_main                                            379     369     -10
chpst_main                                           704     694     -10
chpasswd_main                                        308     298     -10
chown_main                                           171     161     -10
chmod_main                                           158     148     -10
cat_main                                             428     418     -10
bzip2_main                                           120     110     -10
blkdiscard_main                                      264     254     -10
base64_main                                          221     211     -10
arping_main                                         1665    1655     -10
ar_main                                              556     546     -10
adjtimex_main                                        406     396     -10
adduser_main                                         882     872     -10
addgroup_main                                        411     401     -10
acpid_main                                          1198    1188     -10
optstring                                             11       -     -11
opt_string                                            18       -     -18
OPT_STR                                               25       -     -25
ubi_tools_main                                      1288    1258     -30
ls_options                                            31       -     -31
------------------------------------------------------------------------------
(add/remove: 0/6 grow/shrink: 3/129 up/down: 86/-1383)      Total: -1297 bytes
   text	   data	    bss	    dec	    hex	filename
 915428	    485	   6876	 922789	  e14a5	busybox_old
 914629	    485	   6872	 921986	  e1182	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 21:55:02 +02:00
Denys Vlasenko
036585a911 getopt32: remove applet_long_options
FEATURE_GETOPT_LONG made dependent on LONG_OPTS.

The folloving options are removed, now LONG_OPTS enables long options
for affected applets:
FEATURE_ENV_LONG_OPTIONS	FEATURE_EXPAND_LONG_OPTIONS
FEATURE_UNEXPAND_LONG_OPTIONS	FEATURE_MKDIR_LONG_OPTIONS
FEATURE_MV_LONG_OPTIONS		FEATURE_RMDIR_LONG_OPTIONS
FEATURE_ADDGROUP_LONG_OPTIONS	FEATURE_ADDUSER_LONG_OPTIONS
FEATURE_HWCLOCK_LONG_OPTIONS	FEATURE_NSENTER_LONG_OPTS
FEATURE_CHCON_LONG_OPTIONS	FEATURE_RUNCON_LONG_OPTIONS

They either had a small number of long options, or their long options are
essential.

Example: upstream addgroup and adduser have ONLY longopts,
we should probably go further and get rid
of non-standard short options.

To this end, make addgroup and adduser "select LONG_OPTS".
We had this breakage caused by us even in our own package!
	#if ENABLE_LONG_OPTS || !ENABLE_ADDGROUP
                /* We try to use --gid, not -g, because "standard" addgroup
                 * has no short option -g, it has only long --gid.
                 */
                argv[1] = (char*)"--gid";
	#else
                /* Breaks if system in fact does NOT use busybox addgroup */
                argv[1] = (char*)"-g";
	#endif

xargs: its lone longopt no longer depends on DESKTOP, only on LONG_OPTS.

hwclock TODO: get rid of incompatible -t, -l aliases to --systz, --localtime

Shorten help texts by omitting long option when short opt alternative exists.

Reduction of size comes from the fact that store of an immediate
(an address of longopts) to a fixed address (global variable)
is a longer insn than pushing that immediate or passing it in a register.
This effect is CPU-agnostic.

function                                             old     new   delta
getopt32                                            1350      22   -1328
vgetopt32                                              -    1318   +1318
getopt32long                                           -      24     +24
tftpd_main                                           562     567      +5
scan_recursive                                       376     380      +4
collect_cpu                                          545     546      +1
date_main                                           1096    1095      -1
hostname_main                                        262     259      -3
uname_main                                           259     255      -4
setpriv_main                                         362     358      -4
rmdir_main                                           191     187      -4
mv_main                                              562     558      -4
ipcalc_main                                          548     544      -4
ifenslave_main                                       641     637      -4
gzip_main                                            192     188      -4
gunzip_main                                           77      73      -4
fsfreeze_main                                         81      77      -4
flock_main                                           318     314      -4
deluser_main                                         337     333      -4
cp_main                                              374     370      -4
chown_main                                           175     171      -4
applet_long_options                                    4       -      -4
xargs_main                                           894     889      -5
wget_main                                           2540    2535      -5
udhcpc_main                                         2767    2762      -5
touch_main                                           436     431      -5
tar_main                                            1014    1009      -5
start_stop_daemon_main                              1033    1028      -5
sed_main                                             682     677      -5
script_main                                         1082    1077      -5
run_parts_main                                       330     325      -5
rtcwake_main                                         459     454      -5
od_main                                             2169    2164      -5
nl_main                                              201     196      -5
modprobe_main                                        773     768      -5
mkdir_main                                           160     155      -5
ls_main                                              568     563      -5
install_main                                         773     768      -5
hwclock_main                                         411     406      -5
getopt_main                                          622     617      -5
fstrim_main                                          256     251      -5
env_main                                             198     193      -5
dumpleases_main                                      635     630      -5
dpkg_main                                           3991    3986      -5
diff_main                                           1355    1350      -5
cryptpw_main                                         233     228      -5
cpio_main                                            593     588      -5
conspy_main                                         1135    1130      -5
chpasswd_main                                        313     308      -5
adduser_main                                         887     882      -5
addgroup_main                                        416     411      -5
ftpgetput_main                                       351     345      -6
get_terminal_width_height                            242     234      -8
expand_main                                          690     680     -10
static.expand_longopts                                18       -     -18
static.unexpand_longopts                              27       -     -27
mkdir_longopts                                        28       -     -28
env_longopts                                          30       -     -30
static.ifenslave_longopts                             34       -     -34
mv_longopts                                           46       -     -46
static.rmdir_longopts                                 48       -     -48
packed_usage                                       31739   31687     -52
------------------------------------------------------------------------------
(add/remove: 2/8 grow/shrink: 3/49 up/down: 1352/-1840)      Total: -488 bytes
   text	   data	    bss	    dec	    hex	filename
 915681	    485	   6880	 923046	  e15a6	busybox_old
 915428	    485	   6876	 922789	  e14a5	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 17:09:40 +02:00
Denys Vlasenko
73adef14b2 ipcalc: trim help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 00:49:48 +02:00
Denys Vlasenko
90ad4ba9db ipcalc,rdev: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-08 00:42:15 +02:00
Denys Vlasenko
dbbc3f2e64 dumpleases: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 23:30:22 +02:00
Denys Vlasenko
a907b828d6 ifenslave: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 22:31:51 +02:00
Denys Vlasenko
93c1a25c59 ifenslave: remove longopts from --help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 22:30:59 +02:00
Denys Vlasenko
ed4393bdc7 dnsdomainname,hostname: make NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-07 20:34:26 +02:00
Denys Vlasenko
bfc66d4980 nbd-client: make it NOEXEC, stop using argc
function                                             old     new   delta
nbdclient_main                                       484     492      +8

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 21:53:39 +02:00
Denys Vlasenko
86e07f6893 brctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 20:14:02 +02:00
Denys Vlasenko
2262746e2b slattach: code shrink, better --help text
function                                             old     new   delta
tcsetattr_serial_or_warn                               -      34     +34
static.int_N_SLIP                                      -       4      +4
restore_state_and_exit                               123     117      -6
packed_usage                                       31774   31747     -27
set_termios_state_or_warn                             42       -     -42
slattach_main                                        673     624     -49
------------------------------------------------------------------------------
(add/remove: 2/1 grow/shrink: 0/3 up/down: 38/-124)           Total: -86 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 17:14:09 +02:00
Denys Vlasenko
a759b22c29 nameif: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 14:15:24 +02:00
Denys Vlasenko
fbecca1bed Tweak outdated documentation and comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 14:03:27 +02:00
Denys Vlasenko
9a58cc0f7f tunctl: make it NOEXEC
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-06 12:28:00 +02:00
Denys Vlasenko
95f7953f2c do not use `a' quoting style in comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 14:26:33 +02:00
Denys Vlasenko
18e781dc02 config: do not use `a' quoting in help texts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-08-02 14:12:48 +02:00
Denys Vlasenko
1d8df52d45 inetd: improve --helpt text and config help text.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-27 13:34:51 +02:00
Denys Vlasenko
68b653b66b config: trim/improve item names and help texts, take 2
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-27 10:53:09 +02:00
Denys Vlasenko
c810978552 udhcpc: downgrade "MAC X:X:X:X:X:X" message to log2 level
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-24 13:37:38 +02:00
Denys Vlasenko
b72f1ef17b udhcpc[6]: downgrade "adapter index N" messages to log2 level
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-24 12:06:53 +02:00
Denys Vlasenko
de6cb41734 udhcpc[6]: fix messages referring to select() while we use poll()
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-24 12:01:28 +02:00
Denys Vlasenko
e4f6bfd6fe zcip: fix slow environment leak
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-22 03:04:20 +02:00
Denys Vlasenko
67d42dfdea ping: fix help text to show what parameter -p takes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-21 16:07:13 +02:00
Denys Vlasenko
168f0ef8dd udhcpc[6]: on log level 1, three messages about raw socket is overkill
Move first two messages to log2 level:

08:46:32.23824 udhcpc: opening raw socket on ifindex 2
08:46:32.23825 udhcpc: got raw socket fd
08:46:32.26354 udhcpc: created raw socket

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-21 12:04:22 +02:00
Denys Vlasenko
a680f40bfe ping: better config help text for FEATURE_FANCY_PING
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-21 11:58:43 +02:00
Denys Vlasenko
72089cf6b4 config: deindent all help texts
Those two spaces after tab have no effect, and always a nuisance when editing.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-21 09:50:55 +02:00
Denys Vlasenko
75d151e31d libarchive: FEATURE_LZMA_FAST should be visible if FEATURE_SEAMLESS_LZMA
While at it, tweak some config help texts.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-20 23:28:00 +02:00
Denys Vlasenko
ae178cee3d Update remaining menuconfig items with approximate applet sizes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-19 14:32:54 +02:00
Denys Vlasenko
4eed2c6c50 Update menuconfig items with approximate applet sizes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-18 22:01:24 +02:00
Denys Vlasenko
2c1258c620 Move get_unaligned_le32() macros to platform.h
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 20:22:25 +02:00
Denys Vlasenko
3d7ec48da0 tls: remove last int16 local variables in pstm code
function                                             old     new   delta
pstm_mul_comba                                       439     447      +8
pstm_sqr_comba                                       475     478      +3
pstm_montgomery_reduce                               399     381     -18
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 11/-18)             Total: -7 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 17:19:38 +02:00
Denys Vlasenko
79376ecdbd tls: fix pstm asm constraint problem
function                                             old     new   delta
pstm_sqr_comba                                       551     475     -76

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 17:13:08 +02:00
Denys Vlasenko
9887f93eef tls: fix build problem on non-static i386
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-15 13:42:19 +02:00
Denys Vlasenko
ce55284ed6 inetd,mount: do not die if uclibc without RPC is detected
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-10 14:43:22 +02:00
Denys Vlasenko
558aae1a33 tls: use capped SNI len everywhere
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-04 16:52:45 +02:00
Denys Vlasenko
d4e4fdb5ce fixes for bugs found by make_single_applets.sh
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-03 21:31:16 +02:00
Denys Vlasenko
4ee824f6ba randomconfig fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-07-03 01:22:13 +02:00
Denys Vlasenko
ba4fbca8a8 udhcpc6: make -O OPT work
Patch is based on work by tiggerswelt.net.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-06-28 19:18:17 +02:00
Denys Vlasenko
470bebe672 udhcpc6: add comments about option 39, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-06-27 18:31:08 +02:00
Denys Vlasenko
234b82ca19 udhcpc6: add support for timezones
Basedon patch by Bernd Holzmüller <bernd.holzmueller@tiggerswelt.net>

function                                             old     new   delta
option_to_env                                        504     580     +76

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-06-26 19:42:48 +02:00
André Draszik
2f24d30d01 iproute: support for filtering by and printing of scope
This patch adds filtering by and printing of 'scope' to the
ip route command, taken from the upstream ip command.

x86_64:
function                                             old     new   delta
iproute_list_or_flush                               1548    1674    +126
print_route                                         2394    2469     +75
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 201/0)             Total: 201 bytes

mipsel:
iproute_list_or_flush                               1952    2096    +144
print_route                                         2580    2696    +116
------------------------------------------------------------------------------
(add/remove: 3/0 grow/shrink: 2/0 up/down: 260/0)             Total: 260 bytes

Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-06-13 19:59:59 +02:00
Stefan Tomanek
192dce4b84 ip rule: add suppress_{prefixlength,ifgroup} options
function                                             old     new   delta
iprule_modify                                        816     887     +71
print_rule                                           610     680     +70
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 141/0)             Total: 141 bytes

Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-06-13 19:06:09 +02:00
Denys Vlasenko
ed820ccda1 udhcpc: do not accept --background on NOMMU (same as -b)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-05-08 15:11:02 +02:00
Denys Vlasenko
741bfa9a72 udhcpc: fix "udhcpc -x hostname:<name> not working on nommu"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-05-08 15:02:07 +02:00
Denys Vlasenko
10ad622dc2 Spelling fixes in comments, documentation, tests and examples
By klemens <ka7@github.com>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-17 16:13:32 +02:00
Denys Vlasenko
7121bb8023 ipaddress: tweak help text more: mention "brd +" syntax
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-07 18:22:41 +02:00
Denys Vlasenko
4eaa0f7729 ipaddress: tweak help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-07 18:14:46 +02:00
Denys Vlasenko
eb76abb4f7 iproute: add "a" command as a synonym to "add"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-07 17:33:26 +02:00
Denys Vlasenko
826bdcd51c libiproute: FACT_FUNCization
function                                             old     new   delta
get_addr_1                                           258     287     +29
next_arg                                               -      22     +22
print_neigh                                          885     902     +17
do_iplink                                           1269    1276      +7
get_unsigned                                          54      55      +1
get_u32                                               54      55      +1
get_u16                                               62      63      +1
rt_addr_n2a                                           53      52      -1
ipaddr_modify                                       1229    1226      -3
get_addr32                                            58      54      -4
invarg_1_to_2                                         18      12      -6
inet_addr_match                                      109     103      -6
duparg2                                               18      12      -6
duparg                                                18      12      -6
print_addrinfo                                      1231    1223      -8
ipneigh_list_or_flush                                724     714     -10
incomplete_command                                    10       -     -10
iproute_get                                          847     835     -12
ipaddr_list_or_flush                                1265    1253     -12
get_prefix                                           356     344     -12
do_add_or_delete                                    1162    1150     -12
get_addr                                              73      58     -15
iproute_list_or_flush                               1210    1191     -19
parse_args                                          1434    1412     -22
print_rule                                           634     610     -24
iprule_modify                                        864     816     -48
print_route                                         1621    1565     -56
iproute_modify                                      1221    1164     -57
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 6/20 up/down: 78/-349)         Total: -271 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-07 17:15:40 +02:00
Denys Vlasenko
d5342a1ad1 iproute: support advmss option
function                                             old     new   delta
iproute_modify                                      1164    1221     +57
str_is_lock                                            -      22     +22
packed_usage                                       31372   31382     +10
do_iproute                                           157     132     -25
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 2/1 up/down: 89/-25)             Total: 64 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-07 17:00:53 +02:00
Denys Vlasenko
1140bf39ab iproute: update help text, add commented-out code for unsupported options
function                                             old     new   delta
packed_usage                                       31327   31372     +45
do_iproute                                           132     157     +25
iproute_modify                                      1162    1164      +2
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/0 up/down: 72/0)               Total: 72 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-06 17:54:38 +02:00
Denys Vlasenko
2d4823b65b iplink: implement "set promisc on|off". Closes 4682
function                                             old     new   delta
do_iplink                                           1232    1269     +37
packed_usage                                       31337   31327     -10

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-06 16:06:04 +02:00
Denys Vlasenko
a7386bb35b ip link: tidying up
Misplaced comment. --help was wrong: dynamic on|off is not supported.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-06 15:55:29 +02:00
Denys Vlasenko
5d561ef634 tls: do not compile in TLS_RSA_WITH_NULL_SHA256 code if unreachable
function                                             old     new   delta
tls_handshake                                       1595    1588      -7
xwrite_encrypted                                     244     209     -35

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-04 01:41:15 +02:00
Denys Vlasenko
229d3c467d tls: avoid using int16 in pstm code
function                                             old     new   delta
pstm_div                                            1472    1522     +50
psRsaEncryptPub                                      403     413     +10
pstm_2expt                                            91      96      +5
pstm_clear                                            68      72      +4
pstm_init                                             39      42      +3
pstm_unsigned_bin_size                                36      37      +1
pstm_montgomery_reduce                               398     399      +1
pstm_init_size                                        45      46      +1
pstm_zero                                             39      38      -1
pstm_set                                              35      34      -1
pstm_read_unsigned_bin                               112     109      -3
pstm_mulmod                                          123     120      -3
pstm_mod                                             116     113      -3
pstm_cmp                                              57      54      -3
pstm_sub                                             107     102      -5
pstm_to_unsigned_bin                                 157     151      -6
pstm_clamp                                            63      57      -6
pstm_add                                             116     108      -8
pstm_grow                                             81      72      -9
pstm_count_bits                                       57      48      -9
pstm_init_copy                                        84      72     -12
pstm_cmp_mag                                          93      78     -15
pstm_sqr_comba                                       567     551     -16
pstm_montgomery_calc_normalization                   158     140     -18
pstm_copy                                            115      92     -23
pstm_lshd                                            133     109     -24
pstm_mul_comba                                       525     500     -25
pstm_mul_d                                           251     224     -27
s_pstm_sub                                           256     228     -28
s_pstm_add                                           370     337     -33
pstm_div_2d                                          444     409     -35
pstm_mul_2                                           195     156     -39
pstm_rshd                                            154     104     -50
pstm_mul_2d                                          247     186     -61
pstm_exptmod                                        1524    1463     -61
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 8/27 up/down: 75/-524)         Total: -449 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-03 21:53:29 +02:00
Denys Vlasenko
636c3b627c tls: merge sha1 and sha256 hmac functions
function                                             old     new   delta
hmac_begin                                             -     196    +196
hmac_sha256                                           61      68      +7
hmac                                                 250      87    -163
hmac_sha256_begin                                    190       -    -190
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 1/1 up/down: 203/-353)         Total: -150 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-03 17:43:44 +02:00
Denys Vlasenko
6e99f1cb45 tls: replace aes encryption/decryption by much smaller one
The replacement code is ~6 times slower,
but drastically decreases size of tls_aes.o:

text	data	bss	dec	hex	filename
8050	0	0	8050	1f72	tls_aes_OLD.o
2461	0	0	2461	99d	tls_aes.o

function                                             old     new   delta
sbox                                                   -     256    +256
rsbox                                                  -     256    +256
KeyExpansion                                           -     197    +197
Subword                                                -      66     +66
AddRoundKey                                            -      61     +61
static.Rcon                                            -      10     +10
rcon                                                  40       -     -40
setup_mix                                             80       -     -80
setup_mix2                                           123       -    -123
aes_cbc_decrypt                                     1377     971    -406
aes_cbc_encrypt                                     1375     644    -731
psAesInit                                            848       -    -848
Te4                                                 1024       -   -1024
TE0                                                 1024       -   -1024
TD0                                                 1024       -   -1024
Td4                                                 1040       -   -1040
------------------------------------------------------------------------------
(add/remove: 6/8 grow/shrink: 0/2 up/down: 846/-6340)       Total: -5494 bytes

This code is based on public domain "tiny-AES128-C" code.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-04-01 20:11:59 +02:00
Denys Vlasenko
ab03061615 udhcp6: move misplaced comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-27 22:49:12 +02:00
Denys Vlasenko
ed898ed2dd udhcp6: fix releasing
Patch is based on work by tiggerswelt.net. They say:
"
We wanted udhcpc6 to release its IPv6-Addresses on
quit (-R-commandline-option) which turned out to generate once again
kind of garbage on the network-link.
We tracked this down to two issues:

 - udhcpc6 uses a variable called "srv6_buf" to send packets to
   the dhcp6-server, but this variable is never initialized correctly
   and contained kind of a garbage-address

 - The address of the dhcp6-server is usually a link-local-address,
   that requires an interface-index when using connect() on an AF_INET6-
   socket

We added an
additional parameter for ifindex to d6_send_kernel_packet() and made
d6_recv_raw_packet() to capture the address of the dhcp6-server and
forward it to its callee.
"

Three last patches together:

function                                             old     new   delta
d6_read_interface                                      -     454    +454
d6_recv_raw_packet                                     -     283    +283
option_to_env                                        249     504    +255
.rodata                                           165226  165371    +145
send_d6_discover                                     195     237     +42
send_d6_select                                       118     159     +41
send_d6_renew                                        173     186     +13
send_d6_release                                      162     173     +11
opt_req                                                -      10     +10
d6_send_kernel_packet                                304     312      +8
opt_fqdn_req                                           -       6      +6
d6_mcast_from_client_config_ifindex                   48      51      +3
d6_find_option                                        63      61      -2
udhcpc6_main                                        2416    2411      -5
static.d6_recv_raw_packet                            266       -    -266
------------------------------------------------------------------------------
(add/remove: 5/1 grow/shrink: 8/2 up/down: 1271/-273)         Total: 998 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-27 22:44:22 +02:00
Denys Vlasenko
64d58aa806 udhcp6: fix problems found running against dnsmasq
Patch is based on work by tiggerswelt.net. They say:
"
But when we tried to use dnsmasq on server-side, udhcpc6 was unable to
forward the acquired address to its setup-script although the
IPv6-Address had been assigned by the server as we could see via
tcpdump. We traced this issue down to a problem on how udhcpc6 parses
DHCPv6-Options: When moving to next option, a pointer-address is
increased and a length buffer is decreased by the length of the option.
The problem is that it is done in this order:

  option += 4 + option[3];
  len_m4 -= 4 + option[3];

But this has to be switched as the length is decreased by the length of
the *next* option, not the current one. This affected both - internal
checks if a required option is present and the function to expose
options to the environment of the setup-script.
There was also a bug parsing D6_OPT_STATUS_CODE Options, that made
dnsmasq not work as udhcpc6 thought it is receiving a non-positive
status-code (because it did not parse the status-code as required in RFC
3315).
In addition we introduced basic support for RFC 3646 (OPTION_DNS_SERVERS
and OPTION_DOMAIN_LIST) and RFC 4704 (OPTION_CLIENT_FQDN).
"

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-27 22:41:59 +02:00
Denys Vlasenko
e09f5e3045 udhcp6: read_interface should save link-local ipv6 address
Patch is based on work by tiggerswelt.net. They say:
"Using this patch it was no problem to acquire an IPv6-Address via DHCPv6
using ISC DHCPD6 on server-side."

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-27 22:41:59 +02:00
Denys Vlasenko
876c121ccb whitespace fix
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-03-24 15:00:12 +01:00
Denys Vlasenko
7c67f1e9ab udhcpc: make sure we do not overflow poll timeout
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-17 19:20:32 +01:00
Denys Vlasenko
94dcfd8cc0 nc_bloaty: use poll() instead of select()
function                                             old     new   delta
readwrite                                            829     715    -114

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-17 17:48:59 +01:00
Denys Vlasenko
52a515d187 udhcp: use poll() instead of select()
function                                             old     new   delta
udhcp_sp_read                                         65      46     -19
udhcp_sp_fd_set                                       79      54     -25
udhcpd_main                                         1530    1482     -48
udhcpc_main                                         2780    2730     -50
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/4 up/down: 0/-142)           Total: -142 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-16 23:25:44 +01:00
Denys Vlasenko
dc207f6696 udhcp: do not clobber errno by signal handler
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-16 20:04:19 +01:00
Denys Vlasenko
5b3b468ec0 nc: use poll() instead of select()
function                                             old     new   delta
nc_main                                              943     866     -77

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-16 17:17:17 +01:00
Denys Vlasenko
0ec4d08ea3 tls: covert i/o loop from using select() to poll()
function                                             old     new   delta
tls_run_copy_loop                                    377     282     -95

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-16 16:51:18 +01:00
Denys Vlasenko
8cc1ab3c11 httpd: use "Content-Length", not "-length"
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-04 23:19:30 +01:00
Denys Vlasenko
c31b54fd81 tls: fold AES CBC en/decryption into single functions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-04 16:23:49 +01:00
Denys Vlasenko
5b05d9db29 wget/tls: session_id of zero length is ok (arxiv.org responds with such)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-02-03 18:23:52 +01:00
Denys Vlasenko
67f6db6b27 wget: add a big explanation what TLS code implements and what does not
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-30 16:27:37 +01:00
Denys Vlasenko
b181ca7552 typo in comment
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-29 18:48:58 +01:00
Denys Vlasenko
205d48e948 *: add comment about APPLET_ODDNAME format
It confused me more than once

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-29 14:57:33 +01:00
Denys Vlasenko
b4b12bf234 httpd: defend against attempts to OOM us. Closes 9611
We were strdup'ing "Cookie: foo" every time we saw it.

function                                             old     new   delta
handle_incoming_and_exit                            2733    2821     +88

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-26 19:35:40 +01:00
Denys Vlasenko
b13b618335 ftpd/ls: show directories first
Old TODO finally done

function                                             old     new   delta
ls_main                                              548     568     +20
packed_usage                                       31116   31097     -19

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-25 04:52:45 +01:00
Andrey Mozzhuhin
2181fb4af8 ftpd: new option -a ANON_USER to allow anonymous logins
Anonymous ftpd login is useful even when ftpd authentication feature
is enabled. Anonymous logins provide simple password-less connection
for FTP clients.

To allow password-less connection user command line option '-a USER' is
added. This option specifies the system user to use when
'anonymous' username is given in USER command. No password is required
in this case.

function                                             old     new   delta
ftpd_main                                           2164    2232     +68
packed_usage                                       31015   31046     +31
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 99/0)               Total: 99 bytes

Signed-off-by: Andrey Mozzhuhin <amozzhuhin@yandex.ru>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 23:04:25 +01:00
Denys Vlasenko
dff9fefd50 wget: add support for -S --server-response
Based on the patch by stephane.billiart@gmail.com

function                                             old     new   delta
ftpcmd                                                87     129     +42
fgets_and_trim                                        86     119     +33
static.wget_longopts                                 234     252     +18
packed_usage                                       31002   31015     +13
wget_main                                           2535    2540      +5
gethdr                                               158     163      +5
retrieve_file_data                                   424     428      +4
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 7/0 up/down: 120/0)             Total: 120 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 21:41:43 +01:00
Denys Vlasenko
89193f985b tls: can download kernels now :)
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 18:08:07 +01:00
Denys Vlasenko
1500b3a50d tls: if got CERTIFICATE_REQUEST, send an empty CERTIFICATE
wolfssl test server is not satisfied by an empty one,
but some real servers might be.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 17:06:10 +01:00
Denys Vlasenko
49ecee098d tls: add 2nd cipher_id, TLS_RSA_WITH_AES_128_CBC_SHA, so far it doesn't work
Good news that TLS_RSA_WITH_AES_256_CBC_SHA256 still works with new code ;)

This change adds inevitable extension to have different sized hashes and AES key sizes.
In libbb, md5_end() and shaX_end() are extended to return result size instead of void -
this helps *a lot* in tls (the cost is ~5 bytes per _end() function).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-24 16:00:54 +01:00
Denys Vlasenko
7a18b9502a tls: reorder tls_handshake_data fields for smaller size, tweak comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-23 16:37:04 +01:00
Denys Vlasenko
b5bf1913d3 tls: send EMPTY_RENEGOTIATION_INFO_SCSV in our client hello
Hoped this can make cdn.kernel.org to like us more. Nope.
While at it, made error reporting more useful.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-23 16:12:17 +01:00
Denys Vlasenko
9492da7e63 tls: set TLS_DEBUG to 0; placate a gcc indentation warning
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-23 01:15:13 +01:00
Denys Vlasenko
9a647c326a separate TLS code into a library, use in in wget
A new applet, ssl_client, is the TLS debug thing now.
It doubles as wget's NOMMU helper.
In MMU mode, wget still forks, but then directly calls TLS code,
without execing.

This can also be applied to sendmail/popmail (SMTPS / SMTP+starttls support)
and nc --ssl (ncat, nmap's nc clone, has such option).

function                                             old     new   delta
tls_handshake                                          -    1691   +1691
tls_run_copy_loop                                      -     443    +443
ssl_client_main                                        -     128    +128
packed_usage                                       30978   31007     +29
wget_main                                           2508    2535     +27
applet_names                                        2553    2560      +7
...
xwrite_encrypted                                     360     342     -18
tls_main                                            2127       -   -2127
------------------------------------------------------------------------------
(add/remove: 4/1 grow/shrink: 13/8 up/down: 2351/-2195)       Total: 156 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-23 01:08:16 +01:00
Denys Vlasenko
12389889c0 ip: better --help
Was:
    Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]

    ip [OPTIONS] OBJECT [COMMAND]
    where OBJECT := address|route|link|tunnel|neigh|rule
    OPTIONS := -f[amily] inet|inet6|link | -o[neline]

User: instead of repeating list of OBJECTs twice, you could at least
show available COMMANDs...

Now:
    Usage: ip [OPTIONS] address|route|link|tunnel|neigh|rule [COMMAND]

    OPTIONS := -f[amily] inet|inet6|link | -o[neline]
    COMMAND :=
    ip addr add|del IFADDR dev IFACE | show|flush [dev IFACE] [to PREFIX]
    ip route list|flush|add|del|change|append|replace|test ROUTE
    ip link set IFACE [up|down] [arp on|off] | show [IFACE]
    ip tunnel add|change|del|show [NAME]
        [mode ipip|gre|sit]
        [remote ADDR] [local ADDR] [ttl TTL]
    ip neigh show|flush [to PREFIX] [dev DEV] [nud STATE]
    ip rule [list] | add|del SELECTOR ACTION

While at it, tweak tc --help too (it stays disabled, thus no effect)

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-21 14:27:07 +01:00
Denys Vlasenko
8908c1d4f5 more ip --help fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-21 03:56:46 +01:00
Denys Vlasenko
f3d705f41b make --help texts smaller
function                                             old     new   delta
packed_usage                                       31035   30968     -67

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-21 03:46:57 +01:00
Denys Vlasenko
bbc7bee966 make --help texts more uniform
function                                             old     new   delta
packed_usage                                       31062   31035     -27

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-21 02:49:58 +01:00
Denys Vlasenko
f6e20724d4 tls: reorder tls_state fields for smaller offsets
function                                             old     new   delta
xwrite_encrypted                                     363     360      -3
xwrite_and_update_handshake_hash                     117     114      -3
tls_xread_handshake_block                             72      69      -3
tls_error_die                                        211     202      -9
tls_get_outbuf                                        64      49     -15
tls_main                                            2163    2127     -36
tls_xread_record                                     702     639     -63
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/7 up/down: 0/-132)           Total: -132 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-21 02:08:34 +01:00
Denys Vlasenko
dd2577f21a tls: send SNI in the client hello
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 22:48:41 +01:00
Denys Vlasenko
0af5265180 tls: check size on "MAC-only, no crypt" code path too
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 21:23:10 +01:00
Denys Vlasenko
54b927d78b tls: AES decrypt does one unnecessary memmove
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 21:19:38 +01:00
Denys Vlasenko
3916139ac4 tls: make input buffer grow as needed
As it turns out, it goes only up to "inbuf_size:4608"
for kernel.org - fixed 18kb buffer was x4 larger than necessary.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 20:27:06 +01:00
Denys Vlasenko
38972a8df1 tls: improve i/o loop
With tls_has_buffered_record(), entire kernel.org response
is printed at once, without 6 second pause to see its delayed EOF.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 19:11:14 +01:00
Denys Vlasenko
e7863f394e tls: was psAesDecrypt'ing one block too many, trashing buffered data
For the first time

printf "GET / HTTP/1.1\r\nHost: kernel.org\r\n\r\n" | ./busybox tls kernel.org

successfully reads entire server response and TLS shutdown.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 18:04:04 +01:00
Denys Vlasenko
179e88bec9 rdate: make it do something remotely sane, facing 32-bit time overflow
function                                             old     new   delta
rdate_main                                           251     254      +3
packed_usage                                       31029   31023      -6

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 16:03:48 +01:00
Denys Vlasenko
19e695ebad tls: do not use common_bufsiz
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 14:27:58 +01:00
Denys Vlasenko
a0aae9f714 tls: decode alerts and in particular, EOF alert.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 14:12:10 +01:00
Denys Vlasenko
abbf17abcc tls: add the i/o loop - largish rework of i/o buffering
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-20 03:15:09 +01:00
Denys Vlasenko
f7806f9d8f tls: fix ROL/ROR x86 optimization
ALWAYS_INLINE:

function                                             old     new   delta
psAesInitKey                                         825     824      -1
ROR                                                    5       -      -5
setup_mix2                                           148     134     -14
psAesDecryptBlock                                   1184    1139     -45
psAesEncryptBlock                                   1193    1102     -91
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-156)           Total: -156 bytes

ALWAYS_INLINE + __builtin_constant_p(shift_cnt):

function                                             old     new   delta
ROR                                                    5       -      -5
psAesInitKey                                         825     818      -7
setup_mix2                                           148     123     -25
psAesDecryptBlock                                   1184    1078    -106
psAesEncryptBlock                                   1193    1017    -176
------------------------------------------------------------------------------
(add/remove: 0/1 grow/shrink: 0/4 up/down: 0/-319)           Total: -319 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 16:45:41 +01:00
Denys Vlasenko
432f1ae2ff tls: tested PSTM_X86_64, not enabling it - too large
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 16:32:38 +01:00
Denys Vlasenko
6b1b004845 tls: commented out psPool_t use
function                                             old     new   delta
psAesEncrypt                                         159     162      +3
der_binary_to_pstm                                    42      40      -2
xwrite_and_hash                                      437     434      -3
xread_tls_block                                      446     443      -3
pstm_div_2d                                          449     444      -5
psAesDecrypt                                         179     174      -5
pstm_init_size                                        52      45      -7
pstm_init                                             46      39      -7
pstm_to_unsigned_bin                                 165     157      -8
tls_main                                            1265    1256      -9
pstm_mulmod                                          132     123      -9
pstm_mod                                             125     116      -9
pstm_init_copy                                        93      84      -9
psAesInitKey                                         840     825     -15
send_client_key_exchange                             362     342     -20
psAesInit                                            103      80     -23
psRsaEncryptPub                                      429     403     -26
psAesDecryptBlock                                   1211    1184     -27
psAesEncryptBlock                                   1223    1193     -30
pstm_exptmod                                        1582    1524     -58
pstm_div                                            1557    1472     -85
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/20 up/down: 3/-360)          Total: -357 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 15:51:00 +01:00
Denys Vlasenko
1bfc4b85a7 ntpd: print result of hostname resolution
This is particularly useful if hostname resolution is triggered by
host non-reachability: I saw this in real-life, without the message
it is not at all obvious that IP that we use for a specific host
has changed.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 14:42:34 +01:00
Denys Vlasenko
cccf8e735d tls: teach it to decrypt AES256-encrypted data
This adds decryption only.
There is no MAC verification, code simply throws away MAC.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-19 00:20:45 +01:00
Denys Vlasenko
a9e1866806 tls: trim comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-18 21:00:23 +01:00
Denys Vlasenko
b5dfc3dfd6 tls: teach it to send AES256-encrypted data
>> CLIENT_HELLO
wrote 50 bytes
insize:0 tail:0
got block len:74
got HANDSHAKE
<< SERVER_HELLO
insize:79 tail:0
got block len:2397
got HANDSHAKE
<< CERTIFICATE
key bytes:271, first:0x00
server_rsa_pub_key.size:256
insize:2402 tail:0
got block len:4
got HANDSHAKE
<< SERVER_HELLO_DONE
>> CLIENT_KEY_EXCHANGE
wrote 267 bytes
master secret:c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
client_write_MAC_key:3b0b7e2bab241b629c37eb3a3824f09b39fe71a00876b0c8026dda16ef0d2f82
client_write_key:d36e801470ed2f0a8fc886ac25df57ffbe4265d06e3192122c4ef4df1e32fab2
>> CHANGE_CIPHER_SPEC
from secret: c51df5b1e3b3f57373cdd8ea28e8ce562059636cf9f585d0b89c7f4bacec97e674d7b91f93e7b500cb64637f240c3b78
from labelSeed: 636c69656e742066696e6973686564b22e0e6008b8ee218cc02e4a93e4a42b570535f9b57662e262d43b379d125b69
=> digest: a45bfee8ed6507a2a9920d0c
>> FINISHED
before crypt: 5 hdr + 16 data + 32 hash bytes
writing 5 + 16 IV + 64 encrypted bytes, padding_length:0x0f
wrote 85 bytes
insize:9 tail:0
got block len:1
<< CHANGE_CIPHER_SPEC
insize:6 tail:0
got block len:80
< hdr_type:22 ver:3.3 len:80 type:21 len24:9541723 |1591985b...a3da|

The last line is the server's FINISHED response, encrypted.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-18 20:37:24 +01:00
Denys Vlasenko
b7e9ae6e9f tls: added AES code and made it compile. not used yet
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-18 17:20:27 +01:00
Denys Vlasenko
c8ba23bcec tls: massage writing for encryption support; finer-grained debug
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-18 06:45:50 +01:00
Denys Vlasenko
5d1662ea1c tls: address one easy FIXME, tidy up comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-17 18:17:27 +01:00
Denys Vlasenko
e69d78c038 tls: process CHANGE_CIPHER_SPEC and FINISHED from server
Successfully finishes handshake with test servers using NULL-SHA256
cipher.

The "only" thing remaining before there is a chance
this can actually work with real servers is AES encrypt/decrypt.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-17 17:24:11 +01:00
Denys Vlasenko
fe0588df3b tls: rearrange function order, improve comments
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-17 17:04:24 +01:00
Denys Vlasenko
e2cb3b990f tls: make our send_client_finished() pass server check
sha256 hash should be calculated over incoming handshake packets too!

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-17 16:53:36 +01:00
Denys Vlasenko
9a6897a48a tls: format FINISHED message properly for unencrypted, but sha256 signed mode
Now it at least looks correct, but unfortunately "openssl s_server"
says my hash is wrong.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-16 23:26:33 +01:00
Denys Vlasenko
4e08a123b0 Assorted warning fixes and added a comment, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-16 17:31:05 +01:00
Denys Vlasenko
936e83e694 tls: add sha256 hmac and prf code
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-16 04:25:01 +01:00
Denys Vlasenko
3f8ecd933a tls: rearrange code, add/improve comments, fix whitespace, no real changes here
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 14:16:51 +01:00
Denys Vlasenko
c5540d61f6 tls: send CHANGE_CIPHER_SPEC
To "actually implement it" will take more work...

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 02:17:03 +01:00
Denys Vlasenko
f78ad0938b whitespace fix
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 00:18:22 +01:00
Denys Vlasenko
11d0096516 tls: format and send CLIENT_KEY_EXCHANGE
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4265
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8b217a7:0x30 len:1452 inner_byte @0x8b217ab:0x30
entered der @0x8b217ab:0x30 len:1172 inner_byte @0x8b217af:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8b218b4:0x30 len:418 inner_byte @0x8b218b8:0x30
skipped der 0x30, next byte 0x03
entered der @0x8b218c7:0x03 len:399 inner_byte @0x8b218cb:0x00
key bytes:399, first:0x00
entered der @0x8b218cc:0x30 len:394 inner_byte @0x8b218d0:0x02
binary bytes:385, first:0x00
skipped der 0x02, next byte 0x02
binary bytes:3, first:0x01
server_rsa_pub_key.size:384
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE
insize:9 tail:0
^C

Next step: send CHANGE_CIPHER_SPEC... and actually implement it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-15 00:12:42 +01:00
Denys Vlasenko
2a17d1fc9b tls: DER length byte 0x81 is actually valid
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 22:38:25 +01:00
Denys Vlasenko
b1003f7019 tls: a bit more work
$ ./busybox tls kernel.org
insize:0 tail:0
got block len:74
got HANDSHAKE
got SERVER_HELLO
insize:79 tail:4406
got block len:4392
got HANDSHAKE
got CERTIFICATE
entered der @0x8f7e723:0x30 len:1452 inner_byte @0x8f7e727:0x30
entered der @0x8f7e727:0x30 len:1172 inner_byte @0x8f7e72b:0xa0
skipped der 0xa0, next byte 0x02
skipped der 0x02, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
skipped der 0x30, next byte 0x30
entered der @0x8f7e830:0x30 len:418 inner_byte @0x8f7e834:0x30
skipped der 0x30, next byte 0x03
entered der @0x8f7e843:0x03 len:399 inner_byte @0x8f7e847:0x00
copying key bytes:399, first:0x00
insize:4397 tail:9
got block len:4
got SERVER_HELLO_DONE

Now need to teach it to send ClientKeyExchange...

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 13:57:16 +01:00
Denys Vlasenko
ceff6b0ea9 tls: work-in-progress TLS1.2 test applet
function                                             old     new   delta
tls_main                                               -     733    +733
dump                                                   -     230    +230
xread_tls_block                                        -     180    +180
get_der_len                                            -      76     +76
enter_der_item                                         -      70     +70
skip_der_item                                          -      56     +56
get24be                                                -      24     +24
tls_error_die                                          -      19     +19
packed_usage                                       31010   31027     +17
applet_names                                        2549    2553      +4
applet_main                                         1472    1476      +4
applet_suid                                           92      93      +1
applet_install_loc                                   184     185      +1
------------------------------------------------------------------------------
(add/remove: 9/0 grow/shrink: 5/0 up/down: 1415/0)           Total: 1415 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-14 12:49:32 +01:00
Denys Vlasenko
a6f8651911 wget: fix for brain-damaged HTTP servers. Closes 9471
write(3, "GET / HTTP/1.1\r\nUser-Agent: Wget\r\nConnection: close\r\n\r\n", 74) = 74
shutdown(3, SHUT_WR)    = 0
alarm(900)              = 900
read(3, "", 1024)       = 0
write(2, "wget: error getting response\n", 29) = 29
exit(1)

The peer simply does not return anything. It closes its connection.

Probably it detects wget closing its writing end: shutdown(3, SHUT_WR).

The point it, closing write side of the socket is _valid_ for HTTP.
wget sent the full request, it won't be sending anything more:
it will only receive the response, and that's it.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 20:16:45 +01:00
Denys Vlasenko
ed15dde60a Move FEATURE_AUTOWIDTH config option to two applets which use it
No code changes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-11 16:35:52 +01:00
Denys Vlasenko
f560422fa0 Big cleanup in config help and description
Redundant help texts (one which only repeats the description)
are deleted.

Descriptions and help texts are trimmed.

Some config options are moved, even across menus.

No config option _names_ are changed.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-10 14:58:54 +01:00
Laurent Bercot
0ef478f01b httpd: fix address family for reverse proxy client socket
When httpd proxies a request to another server, it first creates
an AF_INET socket, then resolves the server name to a sockaddr,
then connects to it. This fails if the server name resolves to
an IPv6 address.

This patch ensures that the socket is created with the correct
address family (AF_INET6 if the server resolves to an IPv6 address
and AF_INET otherwise).

Signed-off-by: Laurent Bercot <ska-dietlibc@skarnet.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-08 15:14:38 +01:00
Natanael Copa
b62ea34afe ntpd: improve postponed hostname resolution
Run the namelookup from the main loop so a misspelled first ntp server
name does not block everything forever.

This fixes the following situation which would block forever:
  $ sudo ./busybox ntpd -dn -p foobar  -p pool.ntp.org
  ntpd: bad address 'foobar'
  ntpd: bad address 'foobar'
  ntpd: bad address 'foobar'
  ...

New behavior:
  ntpd: bad address 'foobar'
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.009775 delay:0.175550 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x01
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.009605 delay:0.175461 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x03
  ntpd: sending query to 137.190.2.4
  ntpd: reply from 137.190.2.4: offset:-1.005327 delay:0.167027 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x07
  ntpd: sending query to 137.190.2.4
  ntpd: bad address 'foobar'
  ntpd: reply from 137.190.2.4: offset:-1.046349 delay:0.248705 status:0x24 strat:1 refid:0x00535047 rootdelay:0.000000 reach:0x0f

This patch is based on Kaarle Ritvanens work.
http://lists.busybox.net/pipermail/busybox/2016-May/084197.html

function                                             old     new   delta
ntpd_main                                           1061    1079     +18
ntp_init                                             556     560      +4
resolve_peer_hostname                                 81      75      -6
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/1 up/down: 22/-6)              Total: 16 bytes

Signed-off-by: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-06 16:21:09 +01:00
Denys Vlasenko
c6137ba510 udhcp: tweak config order and menu item names
All other applets are listed simply by their name, no reason why
dumpleases doesn't do that.

Group all udhcpd feature options directly after it.

Put "NOT READY" into udhcpc6 item (some users actually tried to use it,
and complained).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-04 12:13:38 +01:00
Jörg Krause
c6725b0af6 Fix dependency for IFUPDOWN_UDHCPC_CMD_OPTIONS
Commit a8c696bf09 makes ifup and ifdown
individually selectable, but forgets to update the dependency to
IFUPDOWN_UDHCPC_CMD_OPTIONS, so it is not selectable anymore.

This patch fixes the dependency by checking for IFUP or IFDOWN, instead
of the obsolete IFUPDOWN.

Also, it drops dependency on UDHCPC: udhcpc on the target system
does not have to come from the _same_ binary.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-03 12:29:52 +01:00
Denys Vlasenko
7890035452 tcpudp: define SO_ORIGINAL_DST directly, not via include
musl does not like including linux/netfilter_ipv4.h
(enum / #define collision in two headers, resulting in "3 = 3"
type situation in enum definition).

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2017-01-02 10:46:08 +01:00
Denys Vlasenko
100aea8486 Remove FEATURE_IFUPDOWN_IP_BUILTIN and FEATURE_IFUPDOWN_IFCONFIG_BUILTIN
They merely enable ip or ifconfig/route. There is already a way to do this
on the same menuconfig page.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 15:20:16 +01:00
Denys Vlasenko
9cc3d3ab21 fix breakage found by mass one-applet builds
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-23 02:42:26 +01:00
Denys Vlasenko
7c5dea399b ip: make ip aliases individually selectable
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 22:30:13 +01:00
Denys Vlasenko
5d27cb3640 Make POST upload example script easier to use
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 15:33:11 +01:00
Denys Vlasenko
4acd393eba Update information on building httpd and wget helpers
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-22 15:13:37 +01:00
Lukasz Nowak
b42107f215 libiproute: handle table ids larger than 255
Linux kernel, starting from 2.6.19 allows ip table ids to have 32-bit values.
In order to preserve compatibility, the old 8-bit field: rtm_table is still
in use when table id is lower than 256.

Add support for the 32-bit table id (RTA_TABLE attribute) in:
- ip route print
- ip route modify
- ip rule print
- ip rule modify

Add printing of table ids to ip route.

Changes are compatible with the mainline iproute2 utilities.

These changes are required for compatibility with ConnMan, which by default
uses table ids greater than 255.

function                                             old     new   delta
print_route                                         1588    1637     +49
do_iproute                                          2187    2222     +35
do_iprule                                            955     987     +32
print_rule                                           617     630     +13
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 4/0 up/down: 129/0)             Total: 129 bytes

Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-12-18 18:56:49 +01:00
Denys Vlasenko
1d3a04a3a4 Code style fixes, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-28 01:22:57 +01:00
Denys Vlasenko
f7683cdf83 Convert all udhcp applets to "new style" applet definitions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 18:54:59 +01:00
Denys Vlasenko
29e2c45a5b tc: consolidate its disabled bits
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:51:33 +01:00
Denys Vlasenko
8342397801 Make ping6 and traceroute6 selectable independently from ping/traceroute
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:25:57 +01:00
Denys Vlasenko
6bfab0c49f ipneigh: add this shortcur similar to other "ip <CMD>" shortcuts
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:18:05 +01:00
Denys Vlasenko
3148e0c05b Rename FEATURE_FTP_WRITE and FEATURE_FTP_AUTHENTICATION to *_FTPD_*
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:07:44 +01:00
Denys Vlasenko
47367e1d50 Convert all networking/* applets to "new style" applet definitions
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-23 09:05:14 +01:00
Denys Vlasenko
9f8eb1ee76 httpd: explain why we use sprintf and why it should be fine
While at it, fix a pathological case where it is not fine:
-r REALM with some 8-kbyte long REALM would overflow the buffer.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-22 02:23:35 +01:00
Denys Vlasenko
a8c696bf09 Make ifup and ifdown individually selectable.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-14 18:31:07 +01:00
Denys Vlasenko
67fd2f2858 dnsdomainname: split it from "hostname", make it independently selectable
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-11-13 22:35:10 +01:00
Denys Vlasenko
f11c6989ba udhcpc: check read of overload option data byte to be within packet
function                                             old     new   delta
udhcp_get_option                                     220     225      +5

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25 14:26:36 +02:00
Brian Foley
f9beeb22e2 udhcpc: check read of option length byte to be within packet
function                                             old     new   delta
udhcp_get_option                                     215     220      +5
udhcp_run_script                                     802     803      +1

Signed-off-by: Brian Foley <bpfoley@google.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-25 14:20:55 +02:00
Denys Vlasenko
662634b829 telnetd: ifdef out a buggy error handling code path
Here, not handling the error is would just eat one input 0xff char.
Correct handling would need even more corner case handling,
as-is buggy handling corrupts the buffer.
Since we just been told by kernel that pty is ready,
EAGAIN should not be happening here anyway.

function                                             old     new   delta
telnetd_main                                        1798    1785     -13

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-13 16:17:06 +02:00
Denys Vlasenko
57727d478d telnet: code shrink
put_iac2(w,c) is mostly used with constants, fold them into one arg

function                                             old     new   delta
put_iac2_merged                                        -      46     +46
telnet_main                                         1603    1583     -20
con_escape                                           285     257     -28
put_iac2                                              50       -     -50
------------------------------------------------------------------------------
(add/remove: 1/1 grow/shrink: 0/2 up/down: 46/-98)            Total: -52 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 20:42:58 +02:00
Denys Vlasenko
26d88d6bbd telnetd: add another handshake example in comments, no code changes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 20:09:22 +02:00
Denys Vlasenko
b6d421b635 telnetd: treat all 2-byte IACs in 240..249 range as NOPs.
A bit of future-proofing. Some of them can stand just being ignored.

function                                             old     new   delta
telnetd_main                                        1791    1798      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 19:41:33 +02:00
Denys Vlasenko
122c47ac02 telnetd: fix corner case of input processing of 0xff bytes
I managed to reproduce the bug, with some difficulty.

function                                             old     new   delta
telnetd_main                                        1780    1791     +11

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 19:13:46 +02:00
Denys Vlasenko
0190c41bb2 telnetd: fix a corner case where CRLF->CR translation can misbehave
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 17:36:57 +02:00
Denys Vlasenko
2a54b3e86e telnetd: fix handling of short writes to pty
If a write to pty is short, remove_iacs() can be run on a buffer repeatedly.
This, for example, can eat 0xff chars (IACs, in telnet terms).

Rework the logic to handle IACs in a special "write to pty" function.

function                                             old     new   delta
telnetd_main                                        1662    1750     +88

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-12 14:54:10 +02:00
Denys Vlasenko
3720a61daf ifupdown: rewrite state file atomically
By user's request.
Decided to not use fcntl(F_SETLKW) in lieu of problems with locking
on networked filesystems. The existence of /var/run/ifstate.new
is treated as a write lock. rename() provides atomicity.

function                                             old     new   delta
ifupdown_main                                       1019    1122    +103

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-09 23:04:16 +02:00
Denys Vlasenko
ec1ea16337 tcpsvd: don't keep shared fd open if fd limit is reached. closes 9331
Also, much improved help text.

function                                             old     new   delta
packed_usage                                       30652   30851    +199
tcpudpsvd_main                                      1782    1784      +2

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-07 15:56:47 +02:00
Denys Vlasenko
2972e2c4ac wget: there is no -s option in GNU Wget 1.18, we should be compatible
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 04:23:09 +02:00
Denys Vlasenko
a85740c8af dhcp: merge leases.c and static_leases.c into dhcpd.c
function                                             old     new   delta
send_offer                                           292     461    +169
udhcpd_main                                         1531    1588     +57
read_leases                                          330     332      +2
add_lease                                            314     312      -2
find_lease_by_mac                                     68       -     -68
find_free_or_expired_nip                             174       -    -174
------------------------------------------------------------------------------
(add/remove: 0/4 grow/shrink: 3/1 up/down: 228/-244)          Total: -16 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
d2ae66cb3e dhcp: merge most of static_leases.c into dhcpd.c
function                                             old     new   delta
read_staticlease                                     121     222    +101
add_static_lease                                      48       -     -48
log_static_leases                                     68       -     -68
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 1/0 up/down: 101/-116)          Total: -15 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
2bf2931d52 dhcp: merge files.c into dhcpd.c
Added NOINLINE to two function, since my version of gcc would actualy increase
code size otherwise.

I see no size changes.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-10-04 00:56:58 +02:00
Denys Vlasenko
1c32e49bdf traceroute: cleanup and fixes for packet size calculations
Remove FEATURE_TRACEROUTE_SOURCE_ROUTE: it's off by default, and
source routing is not used in real world.

Tested that "traceroute -n ::1 100" and "traceroute -n 127.0.0.1 100"
both send 100 byte IP packets (this matches what traceroute on Fedora
Rawhide is doing).

function                                             old     new   delta
common_traceroute_main                              3731    3738      +7

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-28 18:44:48 +02:00
Denys Vlasenko
bcf47eaa1f ifupdown: improve help text, add comment about run-parts error msg
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-25 02:05:24 +02:00
Denys Vlasenko
92d98f0612 ifupdown: when flushing addresses with "ip", add label %label%
User report:

or our board we setup eth0:0 on a 10.10.10.x/29 netwrok.

The problem is ip addr flush dev eth0:0 removes all ip addresses from
eth0.  You can see this if you run
ip -stat -stat addr flush dev eth0:0

2: eth0    inet 172.27.105.10/22 brd 172.27.107.255 scope global eth0
       valid_lft forever preferred_lft forever
2: eth0    inet 10.10.10.9/29 scope global eth0:0
       valid_lft forever preferred_lft forever
2: eth0    inet6 fe80::a2f6:fdff:fe18:2b13/64 scope link
       valid_lft forever preferred_lft forever

*** Round 1, deleting 3 addresses ***
*** Flush is complete after 1 round ***

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-20 17:31:11 +02:00
Hauke Mehrtens
4ff86df861 libnetlink: fix alignment of netlink messages
A padding to align a message should not only be added between
different attributes of a netlink message, but also at the end of the
message to pad it to the correct size.

Without this patch the following command does not work and returns an
error code:
ip link add type nlmon

Without this ip from busybox sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=45, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon"}, iov_len=45}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 45
return value: 2

The normal ip utile from iproute2 sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0

With this patch ip from busybox sends this:

sendmsg(3, {msg_name={sa_family=AF_NETLINK, nl_pid=0, nl_groups=00000000},
	msg_namelen=12, msg_iov=[{iov_base={{len=48, ...},
		"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\20\0\22\0\t\0\1nlmon\0\0\0"}, iov_len=48}],
	msg_iovlen=1, msg_controllen=0, msg_flags=0}, 0) = 48
return value: 0

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-18 22:55:47 +02:00
Denys Vlasenko
ef15970d7e *: placate some compile warnings on OSX
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-09-01 11:16:22 +02:00
Denys Vlasenko
9ff910de6b wget: treat 201,202,203 as success codes too. Closes 9211
This matches "standard" wget.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-31 13:28:53 +02:00
Peter Korsgaard
b6355e2bb5 udhcpc: Unconditionally call deconfig script, not only if lease is active
The udhcpc script may be used to setup fallback configuration (E.G. IPv4LL,
fixed IP address, ..) that also needs to be cleaned up on release (E.G.
when SIGUSR2 is called or on shutdown with -R), so unconditionally call
deconfig.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-26 18:46:34 +02:00
Denys Vlasenko
de3da6bf87 wget/ssl_helper: update to wolfssl-3.9.8
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-21 03:39:39 +02:00
Denys Vlasenko
b11be131b7 ifplugd: if SIOCSIFFLAGS fails with ENODEV, don't die
Some user managed to hit a race where iface is gone between SIOCGIFFLAGS
and SIOCSIFFLAGS (!). If SIOCSIFFLAGS fails, treat it the same as failed
SIOCGIFFLAGS

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-16 20:39:52 +02:00
Denys Vlasenko
4548293799 libiproute: eliminate some redundant zero stores
function                                             old     new   delta
do_iprule                                            974     955     -19
rtnl_dump_request                                    173     146     -27
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 0/2 up/down: 0/-46)             Total: -46 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14 02:08:56 +02:00
Denys Vlasenko
34ecc3b7ae ip: fix an improper optimization: req.r.rtm_scope may be nonzero here
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-14 01:30:34 +02:00
Miroslav Lichvar
150dc7a2b4 ntpd: respond only to client and symmetric active packets
The busybox NTP implementation doesn't check the NTP mode of packets
received on the server port and responds to any packet with the right
size. This includes responses from another NTP server. An attacker can
send a packet with a spoofed source address in order to create an
infinite loop of responses between two busybox NTP servers. Adding
more packets to the loop increases the traffic between the servers
until one of them has a fully loaded CPU and/or network.

Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-01 20:25:06 +02:00
Denys Vlasenko
ed72761843 wget: run s_client helper with -servername HOST
This is necessary for multi-hosted TLSed web sites.

function                                             old     new   delta
spawn_https_helper_openssl                           334     441    +107

Based on a patch by Jeremy Chadwick <jdc@koitsu.org>

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25 21:34:57 +02:00
Denys Vlasenko
9d20297ba8 ssl_helper.sh: strip was invoked incorrectly
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-25 17:12:46 +02:00
Denys Vlasenko
e695ac97fd typo fixes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-19 17:48:55 +02:00
Denys Vlasenko
237bedd499 getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST
In many cases, this aqllows to drop use of opt_complementary.
Approximately -400 bytes:

function                                             old     new   delta
getopt32                                            1423    1502     +79
opt_string                                            17      18      +1
OPT_STR                                               24      25      +1
uniq_main                                            416     406     -10
timeout_main                                         279     269     -10
sulogin_main                                         270     260     -10
readprofile_main                                    1825    1815     -10
ps_main                                              543     533     -10
pidof_main                                           245     235     -10
pgrep_main                                           611     601     -10
od_main                                             2600    2590     -10
mkfs_minix_main                                     2684    2674     -10
mkfs_ext2_main                                      2603    2593     -10
microcom_main                                        712     702     -10
makemime_main                                        315     305     -10
ionice_main                                          282     272     -10
inetd_main                                          2074    2064     -10
ifplugd_main                                        1144    1134     -10
halt_main                                            353     343     -10
getopt_main                                          636     626     -10
fdisk_main                                          2854    2844     -10
env_main                                             206     196     -10
dmesg_main                                           319     309     -10
conspy_main                                         1214    1204     -10
awk_main                                             981     971     -10
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 3/22 up/down: 81/-220)         Total: -139 bytes
   text	   data	    bss	    dec	    hex	filename
 919373	    906	  14060	 934339	  e41c3	busybox_old
 918969	    906	  14060	 933935	  e402f	busybox_unstripped

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 21:58:02 +02:00
Denys Vlasenko
0844b5afe2 whois: implement -i
function                                             old     new   delta
whois_main                                           654     675     +21
packed_usage                                       30355   30356      +1

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 17:16:27 +02:00
Denys Vlasenko
1035c92e2d whois: make it actually work
It was doing way too simplistic work of just querying the server,
no redirects, no query massaging. This required user to know a lot about whois,
and enter at least three queries for each host to get meaningful information.

function                                             old     new   delta
whois_main                                           209     646    +437

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-06 15:45:41 +02:00
Denys Vlasenko
ee772a0d90 arp: fix buffer overflow. Closes 9071
function                                             old     new   delta
arp_main                                            1910    1898     -12

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-04 17:38:01 +02:00
Denys Vlasenko
44399e00ff udhcpc: run "deconfig" script in manual renew state too. closes 9061
The bug was seen when the following is done:

    # killall 1 udhpc; killall 2 udhpc

Performing a DHCP renew
state: 2 -> 5
Sending renew...
Entering released state
state: 5 -> 6  <<<<<<<<<<<<<< not calling script!!!!

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03 20:26:44 +02:00
Denys Vlasenko
aabb0a93e9 ntpd: daemonize before DNS resolution
This resolves the following use case problem:

"I start ntpd by default from /etc/init.d

There might be no working network connection (not configured properly for
whatever reason, hardware problems, whatelse).

With busybox 1.25 ntpd seems to loop forever if now NTP servers are found,
blocking the boot process  and I never get a login to solve a possible pb or
to do a first time configuration."

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-07-03 17:58:54 +02:00
Jonas Danielsson
4d5acd2d42 ping: populate icmp_id field for "simple" ping too
The ICMP RFC says that identifier and sequence number may be zero.
Having them zero for a Echo message, along with a data of zero's
as well will result in a Echo reply message with only zero's.

Some NAT implementations seem to get the checksum wrong on these
packages. Setting a checksum of 0x0 instead of 0xffff.

Through NAT:
  Internet Control Message Protocol
      Type: 0 (Echo (ping) reply)
      Code: 0
      Checksum: 0x0000 [incorrect, should be 0xffff]
      Identifier (BE): 0 (0x0000)
      Identifier (LE): 0 (0x0000)
      Sequence number (BE): 0 (0x0000)
      Sequence number (LE): 0 (0x0000)
      Data (56 bytes)
          Data: 000000000000000000000000000000000000000000000000...
          [Length: 56]

Without NAT:
  Internet Control Message Protocol
      Type: 0 (Echo (ping) reply)
      Code: 0
      Checksum: 0xffff [correct]
      Identifier (BE): 0 (0x0000)
      Identifier (LE): 0 (0x0000)
      Sequence number (BE): 0 (0x0000)
      Sequence number (LE): 0 (0x0000)
      [Request frame: 189]
      [Response time: 0.024 ms]
      Data (56 bytes)
          Data: 000000000000000000000000000000000000000000000000...
          [Length: 56]

And this in turn will make some hardware MAC checksum offloading
engines drop the packet.

(This was seen with a Synopsis MAC, the same one used in for instance the
stmmac Ethernet driver in the linux kernel.)

This change can be seen as a workaround for bugs in other layers.
But just setting an identifier for the Echo message packet will
avoid prodding the hornets nest.

function                                             old     new   delta
common_ping_main                                     424     500     +76

Signed-off-by: Jonas Danielsson <jonasdn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-23 18:26:32 +02:00
Denys Vlasenko
e4caf1dd9c ntpd: retry initial DNS resolution (forever, no timeout for now).
Some users start ntpd on boot, and don't babysit it. If it dies because
DNS is not yet up and therefore NTP servers can't be found, users are
not happy.

Example behavior with a peer name which can't be resolved:

ntpd: bad address 'qwe.rty.ghj.kl'
...5 sec...
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
ntpd: bad address 'qwe.rty.ghj.kl'
...

Based on the patch by Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>

function                                             old     new   delta
resolve_peer_hostname                                  -      81     +81
ntpd_main                                           1130    1061     -69
------------------------------------------------------------------------------
(add/remove: 1/0 grow/shrink: 0/1 up/down: 81/-69)             Total: 12 bytes

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-06-06 02:26:49 +02:00
Denys Vlasenko
852e8dd734 arping: avoid use of ether_ntoa(). Closes 8926
This is the only non-debug use of ether_ntoa(). By not using it,
we reduce bss:

function                                             old     new   delta
arping_main                                         1568    1665     +97
static.asc                                            18       -     -18
ether_ntoa                                            57       -     -57
------------------------------------------------------------------------------
(add/remove: 0/2 grow/shrink: 1/0 up/down: 97/-75)             Total: 22 bytes
   text    data     bss     dec     hex filename
 911020     493    7352  918865   e0551 busybox_old
 911069     493    7336  918898   e0572 busybox_unstripped

Also, "standard" arping zero-pads MAC. ether_ntoa() does not.

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-05-26 21:35:46 +02:00
Szabolcs Nagy
4ab372d49a ip: fix problem on mips64 n64 big endian musl systems
Use designated initializers for struct msghdr.
The struct layout is non-portable and musl libc does not match what busybox expects.

Signed-off-by: Szabolcs Nagy <nsz@port70.net>
Tested-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-24 17:39:02 +02:00
Denys Vlasenko
3e134ebf6a *: slap on a few ALIGN1/2s where appropriate
The result of looking at "grep -F -B2 '*fill*' busybox_unstripped.map"

   text	   data	    bss	    dec	    hex	filename
 829901	   4086	   1904	 835891	  cc133	busybox_before
 829665	   4086	   1904	 835655	  cc047	busybox

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-22 18:09:21 +02:00
Denys Vlasenko
df70a43af2 udhcp: add setup_common_bufsiz() as needed
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 18:54:36 +02:00
Denys Vlasenko
9de2e5a222 *: hopefully all setup_common_bufsiz() are in place
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-04-21 18:38:51 +02:00