mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-22 21:32:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Make numerous improvements

Browse source 
- Python static hello world now 1.8mb
- Python static fully loaded now 10mb
- Python HTTPS client now uses MbedTLS
- Python REPL now completes import stmts
- Increase stack size for Python for now
- Begin synthesizing posixpath and ntpath
- Restore Python \N{UNICODE NAME} support
- Restore Python NFKD symbol normalization
- Add optimized code path for Intel SHA-NI
- Get more Python unit tests passing faster
- Get Python help() pagination working on NT
- Python hashlib now supports MbedTLS PBKDF2
- Make memcpy/memmove/memcmp/bcmp/etc. faster
- Add Mersenne Twister and Vigna to LIBC_RAND
- Provide privileged __printf() for error code
- Fix zipos opendir() so that it reports ENOTDIR
- Add basic chmod() implementation for Windows NT
- Add Cosmo's best functions to Python cosmo module
- Pin function trace indent depth to that of caller
- Show memory diagram on invalid access in MODE=dbg
- Differentiate stack overflow on crash in MODE=dbg
- Add stb_truetype and tools for analyzing font files
- Upgrade to UNICODE 13 and reduce its binary footprint
- COMPILE.COM now logs resource usage of build commands
- Start implementing basic poll() support on bare metal
- Set getauxval(AT_EXECFN) to GetModuleFileName() on NT
- Add descriptions to strerror() in non-TINY build modes
- Add COUNTBRANCH() macro to help with micro-optimizations
- Make error / backtrace / asan / memory code more unbreakable
- Add fast perfect C implementation of μ-Law and a-Law audio codecs
- Make strtol() functions consistent with other libc implementations
- Improve Linenoise implementation (see also github.com/jart/bestline)
- COMPILE.COM now suppresses stdout/stderr of successful build commands
This commit is contained in:
Justine Tunney 2021-09-27 22:58:51 -07:00
parent fa7b4f5bd1
commit 39bf41f4eb
806 changed files with 77494 additions and 63859 deletions
Download patch file Download diff file Expand all files Collapse all files

1
net/https/describesslverifyfailure.c
View file

@ -20,6 +20,7 @@
#include "libc/mem/mem.h"
#include "libc/str/str.h"
#include "net/https/https.h"
#include "third_party/mbedtls/x509.h"
static const struct thatispacked SslVerifyString {
int code;

4
net/https/finishcertificate.c
View file

@ -22,19 +22,17 @@
#include "net/https/https.h"
struct Cert FinishCertificate(struct Cert *ca, mbedtls_x509write_cert *wcert,
mbedtls_ctr_drbg_context *kr,
mbedtls_pk_context *key) {
int i, n, rc;
unsigned char *p;
mbedtls_x509_crt *cert;
p = malloc((n = FRAMESIZE));
i = mbedtls_x509write_crt_der(wcert, p, n, mbedtls_ctr_drbg_random, kr);
i = mbedtls_x509write_crt_der(wcert, p, n, GenerateHardRandom, 0);
if (i < 0) FATALF("write key (grep -0x%04x)", -i);
cert = calloc(1, sizeof(mbedtls_x509_crt));
mbedtls_x509_crt_parse(cert, p + n - i, i);
if (ca) cert->next = ca->cert;
mbedtls_x509write_crt_free(wcert);
mbedtls_ctr_drbg_free(kr);
free(p);
if ((rc = mbedtls_pk_check_pair(&cert->pk, key))) {
FATALF("generate key (grep -0x%04x)", -rc);

12
net/https/generatecertificateserial.c
View file

@ -16,15 +16,11 @@
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/rand/rand.h"
#include "net/https/https.h"
#include "third_party/mbedtls/bignum.h"
#include "third_party/mbedtls/ctr_drbg.h"
void GenerateCertificateSerial(mbedtls_x509write_cert *wcert,
mbedtls_ctr_drbg_context *kr) {
mbedtls_mpi x;
mbedtls_mpi_init(&x);
mbedtls_mpi_fill_random(&x, 128 / 8, mbedtls_ctr_drbg_random, kr);
mbedtls_x509write_crt_set_serial(wcert, &x);
mbedtls_mpi_free(&x);
void GenerateCertificateSerial(mbedtls_x509write_cert *wcert) {
mbedtls_x509write_crt_set_serial(
wcert, &(mbedtls_mpi){1, 2, (uint64_t[]){rdrand(), rdrand()}});
}

25
net/https/generatehardrandom.c Normal file
View file

@ -0,0 +1,25 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/rand/rand.h"
#include "net/https/https.h"
int GenerateHardRandom(void *ctx, unsigned char *p, size_t n) {
rngset(p, n, rdseed, 0);
return 0;
}

2
net/https/getentropy.c
View file

@ -21,6 +21,6 @@
#include "net/https/https.h"
int GetEntropy(void *c, unsigned char *p, size_t n) {
CHECK_EQ(n, getrandom(p, n, 0));
rngset(p, n, rdrand, 0);
return 0;
}

8
net/https/https.h
View file

@ -15,7 +15,7 @@ struct Cert {
mbedtls_pk_context *key;
};
char *TlsError(int);
char *GetTlsError(int);
char *DescribeSslVerifyFailure(int);
mbedtls_x509_crt *GetSslRoots(void);
void InitializeRng(mbedtls_ctr_drbg_context *);
@ -33,12 +33,12 @@ bool CertHasCommonName(const mbedtls_x509_crt *, const void *, size_t);
bool IsServerCert(const struct Cert *, mbedtls_pk_type_t);
void TlsDebug(void *, int, const char *, int, const char *);
void GenerateCertificateSerial(mbedtls_x509write_cert *,
mbedtls_ctr_drbg_context *);
int GenerateHardRandom(void *, unsigned char *, size_t);
void GenerateCertificateSerial(mbedtls_x509write_cert *);
mbedtls_pk_context *InitializeKey(struct Cert *, mbedtls_x509write_cert *,
mbedtls_md_type_t, int);
struct Cert FinishCertificate(struct Cert *, mbedtls_x509write_cert *,
mbedtls_ctr_drbg_context *, mbedtls_pk_context *);
mbedtls_pk_context *);
COSMOPOLITAN_C_END_
#endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */

1
net/https/https.mk
View file

@ -12,6 +12,7 @@ NET_HTTPS_A_HDRS = $(filter %.h,$(NET_HTTPS_A_FILES))
NET_HTTPS_A_SRCS = $(filter %.c,$(NET_HTTPS_A_FILES))
NET_HTTPS_A_OBJS = \
o/$(MODE)/usr/share/ssl/root/.zip.o \
$(NET_HTTPS_A_SRCS:%.c=o/$(MODE)/%.o) \
$(NET_HTTPS_A_CERTS:%=o/$(MODE)/%.zip.o)

2
net/https/sslroots.c
View file

@ -19,11 +19,11 @@
#include "net/https/https.h"
STATIC_YOINK("zip_uri_support");
STATIC_YOINK("usr/share/ssl/root/");
STATIC_YOINK("usr/share/ssl/root/amazon.pem");
STATIC_YOINK("usr/share/ssl/root/certum.pem");
STATIC_YOINK("usr/share/ssl/root/comodo.pem");
STATIC_YOINK("usr/share/ssl/root/digicert.pem");
STATIC_YOINK("usr/share/ssl/root/dst.pem");
STATIC_YOINK("usr/share/ssl/root/geotrust.pem");
STATIC_YOINK("usr/share/ssl/root/globalsign.pem");
STATIC_YOINK("usr/share/ssl/root/godaddy.pem");

2
net/https/tlsdie.c
View file

@ -20,7 +20,7 @@
void TlsDie(const char *s, int r) {
if (IsTiny()) {
(fprintf)(stderr, "error: %s (-0x%04x %s)\n", s, -r, TlsError(r));
(fprintf)(stderr, "error: %s (-0x%04x %s)\n", s, -r, GetTlsError(r));
} else {
(fprintf)(stderr, "error: %s (grep -0x%04x)\n", s, -r);
}

2
net/https/tlserror.c
View file

@ -19,7 +19,7 @@
#include "net/https/https.h"
#include "third_party/mbedtls/error.h"
char *TlsError(int r) {
char *GetTlsError(int r) {
static char b[128];
mbedtls_strerror(r, b, sizeof(b));
return b;