mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-01-31 03:27:39 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Make redbean SSL more tunable

Browse source 
This change enables SSL compression. It significantly reduces the
network load of the testing infrastructure, for free, since this
revision didn't need to change any runit protocol code. However we
turn it off by default in redbean since no browsers support it.

It turns out that some TLSv1.0 clients (e.g. curl command on RHEL5) will
send an SSLv2-style ClientHello. These types of clients are usually ten+
years old and were designed to interop with servers ten years older than
them. Your redbean is now able to interop with these clients even though
redbean doesn't actually support SSLv2 or SSLv3. Please note that the -B
flag may be passed to disable this along with TLSv1.0, TLSv1.1, 3DES, &c

The following Lua APIs have been added to redbean:

  - ProgramSslCompression(bool)
  - ProgramSslCiphersuite(name:str)
  - ProgramSslPresharedKey(key:str,identity:str)

Lastly the DHE ciphersuites have been enabled. IANA recommends DHE and
with old clients like RHEL5 it's the only perfect forward secrecy they
implement.
This commit is contained in:
Justine Tunney 2021-08-09 07:00:23 -07:00
parent d86027fe90
commit 53b9f83e1c
15 changed files with 567 additions and 227 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

326
libc/nexgen32e/mul6x6adx.S
View file

@ -20,12 +20,12 @@
// Computes 768-bit product of 384-bit and 384-bit numbers.
//
// Instructions: 153
// Total Cycles: 73
// Total uOps: 261
// uOps Per Cycle: 3.58
// IPC: 2.10
// Block RThroughput: 43.5
// Instructions: 152
// Total Cycles: 65
// Total uOps: 260
// uOps Per Cycle: 4.00
// IPC: 2.34
// Block RThroughput: 43.3
//
// @param rdi receives 8 quadword result
// @param rsi is left hand side which must have 4 quadwords
@ -171,18 +171,18 @@ Mul6x6Adx:
adox %r12,%rdx
mov -48(%rbp),%rsi
mov -56(%rbp),%rbx
mov %r15,24(%rdi)
mov -64(%rbp),%r14
mov %r13,80(%rdi)
mov %rsi,(%rdi)
mov %rbx,8(%rdi)
mov %r14,16(%rdi)
mov %rsi,(%rdi)
mov %r15,24(%rdi)
mov %r10,32(%rdi)
mov %r9,40(%rdi)
mov %rcx,48(%rdi)
mov %rax,56(%rdi)
mov %r8,64(%rdi)
mov %r11,72(%rdi)
mov %r13,80(%rdi)
mov %rdx,88(%rdi)
mov -8(%rbp),%r15
mov -16(%rbp),%r14
@ -194,157 +194,157 @@ Mul6x6Adx:
.endfn Mul6x6Adx,globl
.end
SIMULATION 0123456789 0123456789 0123456789 012
Index 0123456789 0123456789 0123456789 0123456789
[0,0] DeER . . . . . . . . . . . . . . . movq %r15, -8(%rbp)
[0,1] D=eER. . . . . . . . . . . . . . . movq %r14, -16(%rbp)
[0,2] D==eER . . . . . . . . . . . . . . movq %r13, -24(%rbp)
[0,3] D===eER . . . . . . . . . . . . . . movq %r12, -32(%rbp)
[0,4] D====eER . . . . . . . . . . . . . . movq %rbx, -40(%rbp)
[0,5] DeE----R . . . . . . . . . . . . . . movq %rdx, %rbx
[0,6] .DeeeeeER . . . . . . . . . . . . . . movq (%rdx), %rdx
[0,7] .D=====eeeeeeeeeER . . . . . . . . . . . . mulxq (%rsi), %rcx, %rax
[0,8] . D=====eeeeeeeeeER . . . . . . . . . . . . mulxq 8(%rsi), %rdx, %r12
[0,9] . D=======eE------R . . . . . . . . . . . . movq %rcx, -48(%rbp)
[0,10] . D=============eER . . . . . . . . . . . . addq %rdx, %rax
[0,11] . DeeeeeE--------R . . . . . . . . . . . . movq (%rbx), %rdx
[0,12] . D=====eeeeeeeeeER. . . . . . . . . . . . mulxq 16(%rsi), %rdx, %r15
[0,13] . D=============eER. . . . . . . . . . . . adcq %rdx, %r12
[0,14] . DeeeeeE--------R. . . . . . . . . . . . movq (%rbx), %rdx
[0,15] . D=====eeeeeeeeeER . . . . . . . . . . . mulxq 24(%rsi), %rdx, %r10
[0,16] . D=============eER . . . . . . . . . . . adcq %rdx, %r15
[0,17] . DeeeeeE--------R . . . . . . . . . . . movq (%rbx), %rdx
[0,18] . D=====eeeeeeeeeER . . . . . . . . . . . mulxq 32(%rsi), %rdx, %r9
[0,19] . D=============eER . . . . . . . . . . . adcq %rdx, %r10
[0,20] . .DeeeeeE--------R . . . . . . . . . . . movq (%rbx), %rdx
[0,21] . .D=====eeeeeeeeeER . . . . . . . . . . . mulxq 40(%rsi), %rdx, %rcx
[0,22] . .D=============eER . . . . . . . . . . . adcq %rdx, %r9
[0,23] . . DeeeeeE--------R . . . . . . . . . . . movq 8(%rbx), %rdx
[0,24] . . D=============eER . . . . . . . . . . . adcq $0, %rcx
[0,25] . . D=====eeeeeeeeeER . . . . . . . . . . . mulxq (%rsi), %r13, %r11
[0,26] . . D--------------R . . . . . . . . . . . xorl %r8d, %r8d
[0,27] . . D========eE----R . . . . . . . . . . . adoxq %r13, %rax
[0,28] . . D=============eER. . . . . . . . . . . adcxq %r11, %r12
[0,29] . . D=========eE----R. . . . . . . . . . . movq %rax, -56(%rbp)
[0,30] . . D====eeeeeeeeeER. . . . . . . . . . . mulxq 8(%rsi), %r11, %rax
[0,31] . . D=============eER . . . . . . . . . . adoxq %r11, %r12
[0,32] . . D==============eER . . . . . . . . . . adcxq %rax, %r15
[0,33] . . D=============eER . . . . . . . . . . movq %r12, %r14
[0,34] . . D====eeeeeeeeeE-R . . . . . . . . . . mulxq 16(%rsi), %r11, %rax
[0,35] . . D==============eER . . . . . . . . . . adoxq %r11, %r15
[0,36] . . .D==============eER . . . . . . . . . . adcxq %rax, %r10
[0,37] . . .D====eeeeeeeeeE--R . . . . . . . . . . mulxq 24(%rsi), %r11, %rax
[0,38] . . .D===============eER. . . . . . . . . . adoxq %r11, %r10
[0,39] . . . D===============eER . . . . . . . . . adcxq %rax, %r9
[0,40] . . . D====eeeeeeeeeE---R . . . . . . . . . mulxq 32(%rsi), %r11, %rax
[0,41] . . . D================eER . . . . . . . . . adoxq %r11, %r9
[0,42] . . . D================eER . . . . . . . . . adcxq %rax, %rcx
[0,43] . . . D====eeeeeeeeeE----R . . . . . . . . . mulxq 40(%rsi), %rdx, %rax
[0,44] . . . D=================eER . . . . . . . . . adoxq %rdx, %rcx
[0,45] . . . D=================eER. . . . . . . . . adcxq %r8, %rax
[0,46] . . . DeeeeeE-------------R. . . . . . . . . movq 16(%rbx), %rdx
[0,47] . . . D==================eER . . . . . . . . adoxq %r8, %rax
[0,48] . . . D====eeeeeeeeeE-----R . . . . . . . . mulxq (%rsi), %r13, %r8
[0,49] . . . D====E--------------R . . . . . . . . xorl %r11d, %r11d
[0,50] . . . D=========eE--------R . . . . . . . . adoxq %r13, %r14
[0,51] . . . .D=========eE-------R . . . . . . . . movq %r14, -64(%rbp)
[0,52] . . . .D============eE----R . . . . . . . . adcxq %r8, %r15
[0,53] . . . .D====eeeeeeeeeE----R . . . . . . . . mulxq 8(%rsi), %r12, %r8
[0,54] . . . . D============eE---R . . . . . . . . adoxq %r12, %r15
[0,55] . . . . D=============eE--R . . . . . . . . adcxq %r8, %r10
[0,56] . . . . D====eeeeeeeeeE---R . . . . . . . . mulxq 16(%rsi), %r12, %r8
[0,57] . . . . D=============eE-R . . . . . . . . adoxq %r12, %r10
[0,58] . . . . D==============eER . . . . . . . . adcxq %r8, %r9
[0,59] . . . . D====eeeeeeeeeE--R . . . . . . . . mulxq 24(%rsi), %r12, %r8
[0,60] . . . . D==============eER . . . . . . . . adoxq %r12, %r9
[0,61] . . . . D===============eER . . . . . . . . adcxq %r8, %rcx
[0,62] . . . . D====eeeeeeeeeE---R . . . . . . . . mulxq 32(%rsi), %r12, %r8
[0,63] . . . . D===============eER . . . . . . . . adoxq %r12, %rcx
[0,64] . . . . D================eER. . . . . . . . adcxq %r8, %rax
[0,65] . . . . D====eeeeeeeeeE----R. . . . . . . . mulxq 40(%rsi), %rdx, %r8
[0,66] . . . . .D================eER . . . . . . . adoxq %rdx, %rax
[0,67] . . . . .D=================eER . . . . . . . adcxq %r11, %r8
[0,68] . . . . .DeeeeeE-------------R . . . . . . . movq 24(%rbx), %rdx
[0,69] . . . . .D==================eER . . . . . . . adoxq %r11, %r8
[0,70] . . . . . D====eeeeeeeeeE-----R . . . . . . . mulxq (%rsi), %r13, %r11
[0,71] . . . . . D====E--------------R . . . . . . . xorl %r12d, %r12d
[0,72] . . . . . D===========eE------R . . . . . . . adoxq %r13, %r15
[0,73] . . . . . D============eE----R . . . . . . . adcxq %r11, %r10
[0,74] . . . . . D====eeeeeeeeeE----R . . . . . . . mulxq 8(%rsi), %r13, %r11
[0,75] . . . . . D=============eE---R . . . . . . . adoxq %r13, %r10
[0,76] . . . . . D=============eE--R . . . . . . . adcxq %r11, %r9
[0,77] . . . . . D====eeeeeeeeeE---R . . . . . . . mulxq 16(%rsi), %r13, %r11
[0,78] . . . . . D==============eE-R . . . . . . . adoxq %r13, %r9
[0,79] . . . . . D==============eER . . . . . . . adcxq %r11, %rcx
[0,80] . . . . . D====eeeeeeeeeE--R . . . . . . . mulxq 24(%rsi), %r13, %r11
[0,81] . . . . . D===============eER . . . . . . . adoxq %r13, %rcx
[0,82] . . . . . .D===============eER. . . . . . . adcxq %r11, %rax
[0,83] . . . . . .D====eeeeeeeeeE---R. . . . . . . mulxq 32(%rsi), %r13, %r11
[0,84] . . . . . .D================eER . . . . . . adoxq %r13, %rax
[0,85] . . . . . . D================eER . . . . . . adcxq %r11, %r8
[0,86] . . . . . . D====eeeeeeeeeE----R . . . . . . mulxq 40(%rsi), %rdx, %r11
[0,87] . . . . . . D=================eER . . . . . . adoxq %rdx, %r8
[0,88] . . . . . . DeeeeeE------------R . . . . . . movq 32(%rbx), %rdx
[0,89] . . . . . . D=================eER . . . . . . adcxq %r12, %r11
[0,90] . . . . . . D=====eeeeeeeeeE----R . . . . . . mulxq (%rsi), %r14, %r13
[0,91] . . . . . . D=================eER. . . . . . adoxq %r12, %r11
[0,92] . . . . . . D-------------------R. . . . . . xorl %r12d, %r12d
[0,93] . . . . . . D===========eE------R. . . . . . adoxq %r14, %r10
[0,94] . . . . . . D=============eE----R. . . . . . adcxq %r13, %r9
[0,95] . . . . . . D====eeeeeeeeeE----R. . . . . . mulxq 8(%rsi), %r14, %r13
[0,96] . . . . . . D=============eE---R. . . . . . adoxq %r14, %r9
[0,97] . . . . . . D==============eE--R. . . . . . adcxq %r13, %rcx
[0,98] . . . . . . .D====eeeeeeeeeE---R. . . . . . mulxq 16(%rsi), %r14, %r13
[0,99] . . . . . . .D==============eE-R. . . . . . adoxq %r14, %rcx
[0,100] . . . . . . .D===============eER. . . . . . adcxq %r13, %rax
[0,101] . . . . . . . D====eeeeeeeeeE--R. . . . . . mulxq 24(%rsi), %r14, %r13
[0,102] . . . . . . . D===============eER . . . . . adoxq %r14, %rax
[0,103] . . . . . . . D================eER . . . . . adcxq %r13, %r8
[0,104] . . . . . . . D====eeeeeeeeeE---R . . . . . mulxq 32(%rsi), %r14, %r13
[0,105] . . . . . . . D================eER . . . . . adoxq %r14, %r8
[0,106] . . . . . . . D=================eER . . . . . adcxq %r13, %r11
[0,107] . . . . . . . D====eeeeeeeeeE----R . . . . . mulxq 40(%rsi), %rdx, %r13
[0,108] . . . . . . . D=================eER. . . . . adoxq %rdx, %r11
[0,109] . . . . . . . D==================eER . . . . adcxq %r12, %r13
[0,110] . . . . . . . DeeeeeE-------------R . . . . movq 40(%rbx), %rdx
[0,111] . . . . . . . D==================eER . . . . adoxq %r12, %r13
[0,112] . . . . . . . D=====eeeeeeeeeE-----R . . . . mulxq (%rsi), %r14, %rbx
[0,113] . . . . . . . .D-------------------R . . . . xorl %r12d, %r12d
[0,114] . . . . . . . .D===========eE------R . . . . adoxq %r14, %r9
[0,115] . . . . . . . .D=============eE----R . . . . adcxq %rbx, %rcx
[0,116] . . . . . . . . D====eeeeeeeeeE----R . . . . mulxq 8(%rsi), %r14, %rbx
[0,117] . . . . . . . . D=============eE---R . . . . adoxq %r14, %rcx
[0,118] . . . . . . . . D==============eE--R . . . . adcxq %rbx, %rax
[0,119] . . . . . . . . D====eeeeeeeeeE---R . . . . mulxq 16(%rsi), %r14, %rbx
[0,120] . . . . . . . . D==============eE-R . . . . adoxq %r14, %rax
[0,121] . . . . . . . . D===============eER . . . . adcxq %rbx, %r8
[0,122] . . . . . . . . D====eeeeeeeeeE--R . . . . mulxq 24(%rsi), %r14, %rbx
[0,123] . . . . . . . . D===============eER . . . . adoxq %r14, %r8
[0,124] . . . . . . . . D================eER . . . . adcxq %rbx, %r11
[0,125] . . . . . . . . D====eeeeeeeeeE---R . . . . mulxq 32(%rsi), %r14, %rbx
[0,126] . . . . . . . . .D====eeeeeeeeeE--R . . . . mulxq 40(%rsi), %rsi, %rdx
[0,127] . . . . . . . . .D===============eER. . . . adoxq %r14, %r11
[0,128] . . . . . . . . .D================eER . . . adcxq %rbx, %r13
[0,129] . . . . . . . . . D================eER . . . adoxq %rsi, %r13
[0,130] . . . . . . . . . D=================eER . . . adcxq %r12, %rdx
[0,131] . . . . . . . . . D==================eER . . . adoxq %r12, %rdx
[0,132] . . . . . . . . . DeeeeeE--------------R . . . movq -48(%rbp), %rsi
[0,133] . . . . . . . . . D=eeeeeE-------------R . . . movq -56(%rbp), %rbx
[0,134] . . . . . . . . . D===eE---------------R . . . movq %r15, 24(%rdi)
[0,135] . . . . . . . . . D=eeeeeE------------R . . . movq -64(%rbp), %r14
[0,136] . . . . . . . . . D================eE-R . . . movq %r13, 80(%rdi)
[0,137] . . . . . . . . . D=================eER . . . movq %rbx, 8(%rdi)
[0,138] . . . . . . . . . D==================eER. . . movq %r14, 16(%rdi)
[0,139] . . . . . . . . . D===================eER . . movq %rsi, (%rdi)
[0,140] . . . . . . . . . D====================eER . . movq %r10, 32(%rdi)
[0,141] . . . . . . . . . D====================eER . . movq %r9, 40(%rdi)
[0,142] . . . . . . . . . D=====================eER . . movq %rcx, 48(%rdi)
[0,143] . . . . . . . . . D======================eER. . movq %rax, 56(%rdi)
[0,144] . . . . . . . . . D=======================eER . movq %r8, 64(%rdi)
[0,145] . . . . . . . . . D========================eER. movq %r11, 72(%rdi)
[0,146] . . . . . . . . . D=========================eER movq %rdx, 88(%rdi)
[0,147] . . . . . . . . . DeeeeeE--------------------R movq -8(%rbp), %r15
[0,148] . . . . . . . . . D=eeeeeE-------------------R movq -16(%rbp), %r14
[0,149] . . . . . . . . . D=eeeeeE-------------------R movq -24(%rbp), %r13
[0,150] . . . . . . . . . D==eeeeeE------------------R movq -32(%rbp), %r12
[0,151] . . . . . . . . . D==eeeeeE------------------R movq -40(%rbp), %rbx
SIMULATION 0123456789 0123456789 0123456789
Index 0123456789 0123456789 0123456789 01234
[0,0] DeER . . . . . . . . . . . . . movq %r15, -8(%rbp)
[0,1] D=eER. . . . . . . . . . . . . movq %r14, -16(%rbp)
[0,2] D==eER . . . . . . . . . . . . movq %r13, -24(%rbp)
[0,3] D===eER . . . . . . . . . . . . movq %r12, -32(%rbp)
[0,4] D====eER . . . . . . . . . . . . movq %rbx, -40(%rbp)
[0,5] DeE----R . . . . . . . . . . . . movq %rdx, %rbx
[0,6] .DeeeeeER . . . . . . . . . . . . movq (%rdx), %rdx
[0,7] .D=====eeeeeeeeeER . . . . . . . . . . mulxq (%rsi), %rcx, %rax
[0,8] . D=====eeeeeeeeeER . . . . . . . . . . mulxq 8(%rsi), %rdx, %r12
[0,9] . D=======eE------R . . . . . . . . . . movq %rcx, -48(%rbp)
[0,10] . D=============eER . . . . . . . . . . addq %rdx, %rax
[0,11] . DeeeeeE--------R . . . . . . . . . . movq (%rbx), %rdx
[0,12] . D=====eeeeeeeeeER. . . . . . . . . . mulxq 16(%rsi), %rdx, %r15
[0,13] . D=============eER. . . . . . . . . . adcq %rdx, %r12
[0,14] . DeeeeeE--------R. . . . . . . . . . movq (%rbx), %rdx
[0,15] . D=====eeeeeeeeeER . . . . . . . . . mulxq 24(%rsi), %rdx, %r10
[0,16] . D=============eER . . . . . . . . . adcq %rdx, %r15
[0,17] . DeeeeeE--------R . . . . . . . . . movq (%rbx), %rdx
[0,18] . D=====eeeeeeeeeER . . . . . . . . . mulxq 32(%rsi), %rdx, %r9
[0,19] . D=============eER . . . . . . . . . adcq %rdx, %r10
[0,20] . .DeeeeeE--------R . . . . . . . . . movq (%rbx), %rdx
[0,21] . .D=====eeeeeeeeeER . . . . . . . . . mulxq 40(%rsi), %rdx, %rcx
[0,22] . .D=============eER . . . . . . . . . adcq %rdx, %r9
[0,23] . . DeeeeeE--------R . . . . . . . . . movq 8(%rbx), %rdx
[0,24] . . D=============eER . . . . . . . . . adcq $0, %rcx
[0,25] . . D=====eeeeeeeeeER . . . . . . . . . mulxq (%rsi), %r13, %r11
[0,26] . . D--------------R . . . . . . . . . xorl %r8d, %r8d
[0,27] . . D========eE----R . . . . . . . . . adoxq %r13, %rax
[0,28] . . D=============eER. . . . . . . . . adcxq %r11, %r12
[0,29] . . D=========eE----R. . . . . . . . . movq %rax, -56(%rbp)
[0,30] . . D====eeeeeeeeeER. . . . . . . . . mulxq 8(%rsi), %r11, %rax
[0,31] . . D=============eER . . . . . . . . adoxq %r11, %r12
[0,32] . . D==============eER . . . . . . . . adcxq %rax, %r15
[0,33] . . D=============eER . . . . . . . . movq %r12, %r14
[0,34] . . D====eeeeeeeeeE-R . . . . . . . . mulxq 16(%rsi), %r11, %rax
[0,35] . . D==============eER . . . . . . . . adoxq %r11, %r15
[0,36] . . .D==============eER . . . . . . . . adcxq %rax, %r10
[0,37] . . .D====eeeeeeeeeE--R . . . . . . . . mulxq 24(%rsi), %r11, %rax
[0,38] . . .D===============eER. . . . . . . . adoxq %r11, %r10
[0,39] . . . D===============eER . . . . . . . adcxq %rax, %r9
[0,40] . . . D====eeeeeeeeeE---R . . . . . . . mulxq 32(%rsi), %r11, %rax
[0,41] . . . D================eER . . . . . . . adoxq %r11, %r9
[0,42] . . . D================eER . . . . . . . adcxq %rax, %rcx
[0,43] . . . D====eeeeeeeeeE----R . . . . . . . mulxq 40(%rsi), %rdx, %rax
[0,44] . . . D=================eER . . . . . . . adoxq %rdx, %rcx
[0,45] . . . D=================eER. . . . . . . adcxq %r8, %rax
[0,46] . . . DeeeeeE-------------R. . . . . . . movq 16(%rbx), %rdx
[0,47] . . . D==================eER . . . . . . adoxq %r8, %rax
[0,48] . . . D====eeeeeeeeeE-----R . . . . . . mulxq (%rsi), %r13, %r8
[0,49] . . . D====E--------------R . . . . . . xorl %r11d, %r11d
[0,50] . . . D=========eE--------R . . . . . . adoxq %r13, %r14
[0,51] . . . .D=========eE-------R . . . . . . movq %r14, -64(%rbp)
[0,52] . . . .D============eE----R . . . . . . adcxq %r8, %r15
[0,53] . . . .D====eeeeeeeeeE----R . . . . . . mulxq 8(%rsi), %r12, %r8
[0,54] . . . . D============eE---R . . . . . . adoxq %r12, %r15
[0,55] . . . . D=============eE--R . . . . . . adcxq %r8, %r10
[0,56] . . . . D====eeeeeeeeeE---R . . . . . . mulxq 16(%rsi), %r12, %r8
[0,57] . . . . D=============eE-R . . . . . . adoxq %r12, %r10
[0,58] . . . . D==============eER . . . . . . adcxq %r8, %r9
[0,59] . . . . D====eeeeeeeeeE--R . . . . . . mulxq 24(%rsi), %r12, %r8
[0,60] . . . . D==============eER . . . . . . adoxq %r12, %r9
[0,61] . . . . D===============eER . . . . . . adcxq %r8, %rcx
[0,62] . . . . D====eeeeeeeeeE---R . . . . . . mulxq 32(%rsi), %r12, %r8
[0,63] . . . . D===============eER . . . . . . adoxq %r12, %rcx
[0,64] . . . . D================eER. . . . . . adcxq %r8, %rax
[0,65] . . . . D====eeeeeeeeeE----R. . . . . . mulxq 40(%rsi), %rdx, %r8
[0,66] . . . . .D================eER . . . . . adoxq %rdx, %rax
[0,67] . . . . .D=================eER . . . . . adcxq %r11, %r8
[0,68] . . . . .DeeeeeE-------------R . . . . . movq 24(%rbx), %rdx
[0,69] . . . . .D==================eER . . . . . adoxq %r11, %r8
[0,70] . . . . . D====eeeeeeeeeE-----R . . . . . mulxq (%rsi), %r13, %r11
[0,71] . . . . . D====E--------------R . . . . . xorl %r12d, %r12d
[0,72] . . . . . D===========eE------R . . . . . adoxq %r13, %r15
[0,73] . . . . . D============eE----R . . . . . adcxq %r11, %r10
[0,74] . . . . . D====eeeeeeeeeE----R . . . . . mulxq 8(%rsi), %r13, %r11
[0,75] . . . . . D=============eE---R . . . . . adoxq %r13, %r10
[0,76] . . . . . D=============eE--R . . . . . adcxq %r11, %r9
[0,77] . . . . . D====eeeeeeeeeE---R . . . . . mulxq 16(%rsi), %r13, %r11
[0,78] . . . . . D==============eE-R . . . . . adoxq %r13, %r9
[0,79] . . . . . D==============eER . . . . . adcxq %r11, %rcx
[0,80] . . . . . D====eeeeeeeeeE--R . . . . . mulxq 24(%rsi), %r13, %r11
[0,81] . . . . . D===============eER . . . . . adoxq %r13, %rcx
[0,82] . . . . . .D===============eER. . . . . adcxq %r11, %rax
[0,83] . . . . . .D====eeeeeeeeeE---R. . . . . mulxq 32(%rsi), %r13, %r11
[0,84] . . . . . .D================eER . . . . adoxq %r13, %rax
[0,85] . . . . . . D================eER . . . . adcxq %r11, %r8
[0,86] . . . . . . D====eeeeeeeeeE----R . . . . mulxq 40(%rsi), %rdx, %r11
[0,87] . . . . . . D=================eER . . . . adoxq %rdx, %r8
[0,88] . . . . . . DeeeeeE------------R . . . . movq 32(%rbx), %rdx
[0,89] . . . . . . D=================eER . . . . adcxq %r12, %r11
[0,90] . . . . . . D=====eeeeeeeeeE----R . . . . mulxq (%rsi), %r14, %r13
[0,91] . . . . . . D=================eER. . . . adoxq %r12, %r11
[0,92] . . . . . . D-------------------R. . . . xorl %r12d, %r12d
[0,93] . . . . . . D===========eE------R. . . . adoxq %r14, %r10
[0,94] . . . . . . D=============eE----R. . . . adcxq %r13, %r9
[0,95] . . . . . . D====eeeeeeeeeE----R. . . . mulxq 8(%rsi), %r14, %r13
[0,96] . . . . . . D=============eE---R. . . . adoxq %r14, %r9
[0,97] . . . . . . D==============eE--R. . . . adcxq %r13, %rcx
[0,98] . . . . . . .D====eeeeeeeeeE---R. . . . mulxq 16(%rsi), %r14, %r13
[0,99] . . . . . . .D==============eE-R. . . . adoxq %r14, %rcx
[0,100] . . . . . . .D===============eER. . . . adcxq %r13, %rax
[0,101] . . . . . . . D====eeeeeeeeeE--R. . . . mulxq 24(%rsi), %r14, %r13
[0,102] . . . . . . . D===============eER . . . adoxq %r14, %rax
[0,103] . . . . . . . D================eER . . . adcxq %r13, %r8
[0,104] . . . . . . . D====eeeeeeeeeE---R . . . mulxq 32(%rsi), %r14, %r13
[0,105] . . . . . . . D================eER . . . adoxq %r14, %r8
[0,106] . . . . . . . D=================eER . . . adcxq %r13, %r11
[0,107] . . . . . . . D====eeeeeeeeeE----R . . . mulxq 40(%rsi), %rdx, %r13
[0,108] . . . . . . . D=================eER. . . adoxq %rdx, %r11
[0,109] . . . . . . . D==================eER . . adcxq %r12, %r13
[0,110] . . . . . . . DeeeeeE-------------R . . movq 40(%rbx), %rdx
[0,111] . . . . . . . D==================eER . . adoxq %r12, %r13
[0,112] . . . . . . . D=====eeeeeeeeeE-----R . . mulxq (%rsi), %r14, %rbx
[0,113] . . . . . . . .D-------------------R . . xorl %r12d, %r12d
[0,114] . . . . . . . .D===========eE------R . . adoxq %r14, %r9
[0,115] . . . . . . . .D=============eE----R . . adcxq %rbx, %rcx
[0,116] . . . . . . . . D====eeeeeeeeeE----R . . mulxq 8(%rsi), %r14, %rbx
[0,117] . . . . . . . . D=============eE---R . . adoxq %r14, %rcx
[0,118] . . . . . . . . D==============eE--R . . adcxq %rbx, %rax
[0,119] . . . . . . . . D====eeeeeeeeeE---R . . mulxq 16(%rsi), %r14, %rbx
[0,120] . . . . . . . . D==============eE-R . . adoxq %r14, %rax
[0,121] . . . . . . . . D===============eER . . adcxq %rbx, %r8
[0,122] . . . . . . . . D====eeeeeeeeeE--R . . mulxq 24(%rsi), %r14, %rbx
[0,123] . . . . . . . . D===============eER . . adoxq %r14, %r8
[0,124] . . . . . . . . D================eER . . adcxq %rbx, %r11
[0,125] . . . . . . . . D====eeeeeeeeeE---R . . mulxq 32(%rsi), %r14, %rbx
[0,126] . . . . . . . . .D====eeeeeeeeeE--R . . mulxq 40(%rsi), %rsi, %rdx
[0,127] . . . . . . . . .D===============eER. . adoxq %r14, %r11
[0,128] . . . . . . . . .D================eER . adcxq %rbx, %r13
[0,129] . . . . . . . . . D================eER . adoxq %rsi, %r13
[0,130] . . . . . . . . . D=================eER . adcxq %r12, %rdx
[0,131] . . . . . . . . . D==================eER. adoxq %r12, %rdx
[0,132] . . . . . . . . . DeeeeeE--------------R. movq -48(%rbp), %rsi
[0,133] . . . . . . . . . D=eeeeeE-------------R. movq -56(%rbp), %rbx
[0,134] . . . . . . . . . D==eeeeeE------------R. movq -64(%rbp), %r14
[0,135] . . . . . . . . . D====eE-------------R. movq %rsi, (%rdi)
[0,136] . . . . . . . . . D=====eE------------R. movq %rbx, 8(%rdi)
[0,137] . . . . . . . . . D======eE-----------R. movq %r14, 16(%rdi)
[0,138] . . . . . . . . . D=======eE----------R. movq %r15, 24(%rdi)
[0,139] . . . . . . . . . D========eE---------R. movq %r10, 32(%rdi)
[0,140] . . . . . . . . . D=========eE--------R. movq %r9, 40(%rdi)
[0,141] . . . . . . . . . D=========eE-------R. movq %rcx, 48(%rdi)
[0,142] . . . . . . . . . D==========eE------R. movq %rax, 56(%rdi)
[0,143] . . . . . . . . . D===========eE-----R. movq %r8, 64(%rdi)
[0,144] . . . . . . . . . D=============eE---R. movq %r11, 72(%rdi)
[0,145] . . . . . . . . . D===============eE-R. movq %r13, 80(%rdi)
[0,146] . . . . . . . . . D=================eER movq %rdx, 88(%rdi)
[0,147] . . . . . . . . . DeeeeeE------------R movq -8(%rbp), %r15
[0,148] . . . . . . . . . D=eeeeeE-----------R movq -16(%rbp), %r14
[0,149] . . . . . . . . . D=eeeeeE-----------R movq -24(%rbp), %r13
[0,150] . . . . . . . . . D==eeeeeE----------R movq -32(%rbp), %r12
[0,151] . . . . . . . . . D==eeeeeE----------R movq -40(%rbp), %rbx

4
libc/str/timingsafe_memcmp.c
View file

@ -28,8 +28,8 @@ asm(".include \"libc/disclaimer.inc\"");
*
* Running time is independent of the byte sequences compared, making
* this safe to use for comparing secret values such as cryptographic
* MACs. In contrast, memcmp() may short-circuit afterw finding the
* first differing byte.
* MACs. In contrast, memcmp() may short-circuit after finding the first
* differing byte.
*
* @note each byte is interpreted as unsigned char
*/

16
third_party/mbedtls/check.h vendored
View file

@ -538,22 +538,6 @@
#endif
#endif /* MBEDTLS_SSL_PROTO_SSL3 */
#if defined(MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO)
#if defined(MBEDTLS_DEPRECATED_REMOVED)
#error "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is deprecated and will be removed in a future version of Mbed TLS"
#elif defined(MBEDTLS_DEPRECATED_WARNING)
#warning "MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is deprecated and will be removed in a future version of Mbed TLS"
#endif
#endif /* MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO */
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
#if defined(MBEDTLS_DEPRECATED_REMOVED)
#error "MBEDTLS_SSL_HW_RECORD_ACCEL is deprecated and will be removed in a future version of Mbed TLS"
#elif defined(MBEDTLS_DEPRECATED_WARNING)
#warning "MBEDTLS_SSL_HW_RECORD_ACCEL is deprecated and will be removed in a future version of Mbed TLS"
#endif /* MBEDTLS_DEPRECATED_REMOVED */
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
#if defined(MBEDTLS_SSL_DTLS_SRTP) && ( !defined(MBEDTLS_SSL_PROTO_DTLS) )
#error "MBEDTLS_SSL_DTLS_SRTP defined, but not all prerequisites"
#endif

41
third_party/mbedtls/config.h vendored
View file

@ -16,7 +16,6 @@
/*#define MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL*/
/*#define MBEDTLS_SSL_PROTO_DTLS*/
/*#define MBEDTLS_SSL_PROTO_SSL3*/
/*#define MBEDTLS_ZLIB_SUPPORT*/
#endif
/* hash functions */
@ -74,8 +73,8 @@
#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
/*#define MBEDTLS_DHM_C*/
/*#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED*/
#define MBEDTLS_DHM_C
#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
/*#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED*/
/*#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED*/
/*#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED*/
@ -110,14 +109,44 @@
#define MBEDTLS_ENTROPY_MAX_SOURCES 4
#define MBEDTLS_X509_MAX_INTERMEDIATE_CA 8
/* boosts performance from 230k qps to 330k */
#ifndef TINY
#ifndef __FSANITIZE_ADDRESS__
/*
* Boosts performance from 230k qps to 330k
* Hardens against against sbox side channels
*/
#define MBEDTLS_AESNI_C
#define MBEDTLS_HAVE_ASM
#define MBEDTLS_HAVE_X86_64
#define MBEDTLS_HAVE_SSE2
#define MBEDTLS_AESNI_C
#endif
#ifndef TINY
/*
* TODO(jart): RHEL5 sends SSLv2 hello even though it supports TLS. Is
* DROWN really a problem if we turn this on? Since Google
* supports it on their website. SSLLabs says we're OK.
*/
#define MBEDTLS_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO
#endif
#ifndef TINY
/*
* The CIA says "messages should be compressed prior to encryption"
* because "compression reduces the amount of information to be
* encrypted, thereby decreasing the amount of material available for
* cryptanalysis. Additionally, compression is designed to eliminate
* redundancies in the message, further complicating cryptanalysis."
*
* Google says that if you (1) have the ability to record encrypted
* communications made by a machine and (2) have the ability to run code
* on that machine which injects plaintext repeatedly into the encrypted
* messages, then you can extract other small parts of the mesasge which
* the code execution sandbox doesn't allow you to see, and that the
* only solution to stop using compression.
*
* Since we pay $0.12/gb for GCP bandwidth we choose to believe the CIA.
*/
#define MBEDTLS_ZLIB_SUPPORT
#endif
#if IsModeDbg()

3
third_party/mbedtls/mbedtls.mk vendored
View file

@ -34,7 +34,8 @@ THIRD_PARTY_MBEDTLS_A_DIRECTDEPS = \
LIBC_UNICODE \
NET_HTTP \
THIRD_PARTY_COMPILER_RT \
THIRD_PARTY_GDTOA
THIRD_PARTY_GDTOA \
THIRD_PARTY_ZLIB
THIRD_PARTY_MBEDTLS_A_DEPS := \
$(call uniq,$(foreach x,$(THIRD_PARTY_MBEDTLS_A_DIRECTDEPS),$($(x))))

6
third_party/mbedtls/ssl.h vendored
View file

@ -1075,6 +1075,7 @@ struct mbedtls_ssl_config
unsigned int dtls_srtp_mki_support : 1; /* support having mki_value
in the use_srtp extension */
#endif
bool disable_compression;
};
struct mbedtls_ssl_context
@ -1113,7 +1114,8 @@ struct mbedtls_ssl_context
mbedtls_ssl_session *session; /*!< negotiated session data */
mbedtls_ssl_session *session_negotiate; /*!< session data in negotiation */
mbedtls_ssl_handshake_params *handshake; /*!< params required only during
the handshake process */
the handshake process */
const mbedtls_ecp_curve_info *curve;
/*
* Record layer transformations
*/
@ -1442,7 +1444,7 @@ int mbedtls_ssl_set_client_transport_id( mbedtls_ssl_context *, const unsigned c
int mbedtls_ssl_set_hostname( mbedtls_ssl_context *, const char * );
int mbedtls_ssl_set_hs_ecjpake_password( mbedtls_ssl_context *, const unsigned char *, size_t );
int mbedtls_ssl_set_hs_own_cert( mbedtls_ssl_context *, mbedtls_x509_crt *, mbedtls_pk_context * );
int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *, const unsigned char *, size_t );
int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *, const void *, size_t );
int mbedtls_ssl_set_session( mbedtls_ssl_context *, const mbedtls_ssl_session * );
int mbedtls_ssl_setup( mbedtls_ssl_context *, const mbedtls_ssl_config * );
int mbedtls_ssl_tls_prf( const mbedtls_tls_prf_types , const unsigned char *, size_t, const char *, const unsigned char *, size_t, unsigned char *, size_t );

38
third_party/mbedtls/ssl_ciphersuites.c vendored
View file

@ -42,17 +42,26 @@ asm(".include \"libc/disclaimer.inc\"");
*/
#if defined(MBEDTLS_SSL_TLS_C)
static const uint16_t ciphersuite_preference[] =
const uint16_t ciphersuite_preference[] =
{
#if defined(MBEDTLS_SSL_CIPHERSUITES)
MBEDTLS_SSL_CIPHERSUITES,
#else
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
/* strong perfect forward secrecy */
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256,
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
@ -61,21 +70,14 @@ static const uint16_t ciphersuite_preference[] =
MBEDTLS_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CCM,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CCM,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CCM_SHA256,
MBEDTLS_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256,
@ -83,6 +85,18 @@ static const uint16_t ciphersuite_preference[] =
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PFS_ENABLED
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
#endif
#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_DHE_PSK_WITH_AES_256_CBC_SHA,
@ -111,8 +125,8 @@ static const uint16_t ciphersuite_preference[] =
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_GCM_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA256,
MBEDTLS_TLS_RSA_PSK_WITH_AES_256_CBC_SHA,
MBEDTLS_TLS_RSA_PSK_WITH_AES_128_CBC_SHA,
MBEDTLS_TLS_PSK_WITH_AES_256_GCM_SHA384,
MBEDTLS_TLS_PSK_WITH_AES_128_GCM_SHA256,
@ -128,7 +142,7 @@ static const uint16_t ciphersuite_preference[] =
MBEDTLS_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_RSA_WITH_3DES_EDE_CBC_SHA, // e.g. IE 8 XP
MBEDTLS_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA,
MBEDTLS_TLS_PSK_WITH_3DES_EDE_CBC_SHA,

4
third_party/mbedtls/ssl_cli.c vendored
View file

@ -1170,7 +1170,7 @@ static int ssl_write_client_hello( mbedtls_ssl_context *ssl )
*q++ = (unsigned char)( n << 1 );
#if defined(MBEDTLS_ZLIB_SUPPORT)
offer_compress = 1;
offer_compress = !ssl->conf->disable_compression;
#else
offer_compress = 0;
#endif
@ -2134,7 +2134,7 @@ static int ssl_parse_server_hello( mbedtls_ssl_context *ssl )
accept_comp = 0;
else
#endif
accept_comp = 1;
accept_comp = !ssl->conf->disable_compression;
if( comp != MBEDTLS_SSL_COMPRESS_NULL &&
( comp != MBEDTLS_SSL_COMPRESS_DEFLATE || accept_comp == 0 ) )

12
third_party/mbedtls/ssl_srv.c vendored
View file

@ -1861,12 +1861,15 @@ read_record_header:
ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_NULL;
#if defined(MBEDTLS_ZLIB_SUPPORT)
for( i = 0; i < comp_len; ++i )
if( !ssl->conf->disable_compression )
{
if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE )
for( i = 0; i < comp_len; ++i )
{
ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE;
break;
if( buf[comp_offset + 1 + i] == MBEDTLS_SSL_COMPRESS_DEFLATE )
{
ssl->session_negotiate->compression = MBEDTLS_SSL_COMPRESS_DEFLATE;
break;
}
}
}
#endif
@ -3364,6 +3367,7 @@ curve_matching_done:
return( MBEDTLS_ERR_SSL_NO_CIPHER_CHOSEN );
}
MBEDTLS_SSL_DEBUG_MSG( 2, ( "ECDHE curve: %s", (*curve)->name ) );
ssl->curve = *curve;
if( ( ret = mbedtls_ecdh_setup( &ssl->handshake->ecdh_ctx,
(*curve)->grp_id ) ) != 0 )
{

3
third_party/mbedtls/ssl_tls.c vendored
View file

@ -3166,6 +3166,7 @@ void mbedtls_ssl_session_init( mbedtls_ssl_session *session )
static int ssl_handshake_init( mbedtls_ssl_context *ssl )
{
/* Clear old handshake information if present */
ssl->curve = 0;
if( ssl->transform_negotiate )
mbedtls_ssl_transform_free( ssl->transform_negotiate );
if( ssl->session_negotiate )
@ -4468,7 +4469,7 @@ static void ssl_remove_psk( mbedtls_ssl_context *ssl )
* \return An \c MBEDTLS_ERR_SSL_XXX error code on failure.
*/
int mbedtls_ssl_set_hs_psk( mbedtls_ssl_context *ssl,
const unsigned char *psk, size_t psk_len )
const void *psk, size_t psk_len )
{
if( psk == NULL || ssl->handshake == NULL )
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );

8
third_party/quickjs/call.c vendored
View file

@ -41,10 +41,10 @@ static const uint16_t func_kind_to_class_id[] = {
[JS_FUNC_ASYNC_GENERATOR] = JS_CLASS_ASYNC_GENERATOR_FUNCTION,
};
static JSValue JS_CallConstructorInternal(JSContext *ctx,
JSValueConst func_obj,
JSValueConst new_target,
int argc, JSValue *argv, int flags);
static JSValue JS_CallConstructorInternal(JSContext *,
JSValueConst,
JSValueConst,
int, JSValue *, int);
JSValue js_closure2(JSContext *ctx, JSValue func_obj,
JSFunctionBytecode *b,

99
tool/decode/base64.c Normal file
View file

@ -0,0 +1,99 @@
/*-*- mode:c;indent-tabs-mode:nil;c-basic-offset:2;tab-width:8;coding:utf-8 -*-│
vi: set net ft=c ts=2 sts=2 sw=2 fenc=utf-8 :vi
Copyright 2021 Justine Alexandra Roberts Tunney
Permission to use, copy, modify, and/or distribute this software for
any purpose with or without fee is hereby granted, provided that the
above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL
WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE
AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.
*/
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
/**
* @fileoverview base64 stream coder
*
* Does `openssl base64 [-d]` as a 20kb αcτµαlly pδrταblε εxεcµταblε.
*/
#define CHARS "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"
const signed char kBase64[256] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0x00
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0x10
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, 62, -1, 63, // 0x20
52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, // 0x30
-1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, // 0x40
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, 63, // 0x50
-1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, // 0x60
41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1, // 0x70
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0x80
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0x90
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xa0
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xb0
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xc0
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xd0
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xe0
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, // 0xf0
};
void Encode(void) {
int a, b, c, w;
while ((a = getchar()) != -1) {
b = getchar();
c = getchar();
w = a << 020;
if (b != -1) w |= b << 010;
if (c != -1) w |= c;
putchar(CHARS[(w >> 18) & 077]);
putchar(CHARS[(w >> 12) & 077]);
putchar(b != -1 ? CHARS[(w >> 6) & 077] : '=');
putchar(c != -1 ? CHARS[w & 077] : '=');
}
putchar('\n');
}
int Get(void) {
int c;
while ((c = getchar()) != -1) {
if ((c = kBase64[c]) != -1) break;
}
return c;
}
void Decode(void) {
int a, b, c, d, w;
while ((a = Get()) != -1 && (b = Get()) != -1) {
c = Get();
d = Get();
w = a << 18 | b << 12;
if (c != -1) w |= c << 6;
if (d != -1) w |= d;
putchar((w & 0xFF0000) >> 020);
if (c != -1) putchar((w & 0x00FF00) >> 010);
if (d != -1) putchar((w & 0x0000FF) >> 000);
}
}
int main(int argc, char *argv[]) {
if (argc == 1) {
Encode();
} else if (argc == 2 && !strcmp(argv[1], "-d")) {
Decode();
} else {
fputs("usage: ", stderr);
fputs(argv[0], stderr);
fputs(" [-d]\n", stderr);
return 1;
}
return ferror(stdin) || ferror(stdout) ? 1 : 0;
}

82
tool/net/help.txt
View file

@ -471,7 +471,7 @@ FUNCTIONS
DecodeBase64(ascii:str) → binary:str
Turns ASCII into binary, in a permissive way that ignores
characters outside the base64 alphabet, such as whitespace. See
decodebase64.c.
decodebase64.c.
DecodeLatin1(iso-8859-1:str) → utf-8:str
Turns ISO-8859-1 string into UTF-8.
@ -850,6 +850,86 @@ FUNCTIONS
If this option is programmed then redbean will not transmit a
Server Name Indicator (SNI) when performing Fetch() requests.
ProgramSslCompression(bool)
This option may be used to enable SSL DEFLATE support. This
can harden against cryptanalysis but we leave it off by
default since (1) we already have compression at the HTTP
layer and (2) there doesn't appear to be any browsers or
open source software that support it.
ProgramSslPresharedKey(key:str, identity:str)
This function can be used to enable the PSK ciphersuites
which simplify SSL and enhance its performance in controlled
environments. `key` may contain 1..32 bytes of random binary
data and identity is usually a short plaintext string. The
first time this function is called, the preshared key will
be added to both the client and the server SSL configs. If
it's called multiple times, then the remaining keys will be
added to the server, which is useful if you want to assign
separate keys to each client, each of which needs a separate
identity too. If this function is called multiple times with
the same identity string, then the latter call will overwrite
the prior. If a preshared key is supplied and no certificates
or key-signing-keys are programmed, then redbean won't bother
auto-generating any serving certificates and will instead use
only PSK ciphersuites.
ProgramSslCiphersuite(name:str)
This function may be called multiple times to specify which
ciphersuites should be used in the server and client. The
default list, ordered by preference, is as follows:
ECDHE-ECDSA-AES256-GCM-SHA384
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-ECDSA-CHACHA20-POLY1305-SHA256
ECDHE-PSK-AES256-GCM-SHA384
ECDHE-PSK-AES128-GCM-SHA256
ECDHE-PSK-CHACHA20-POLY1305-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-CHACHA20-POLY1305-SHA256
DHE-RSA-AES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
DHE-RSA-CHACHA20-POLY1305-SHA256
ECDHE-ECDSA-AES128-CBC-SHA256
ECDHE-RSA-AES256-CBC-SHA384
ECDHE-RSA-AES128-CBC-SHA256
DHE-RSA-AES256-CBC-SHA256
DHE-RSA-AES128-CBC-SHA256
ECDHE-PSK-AES256-CBC-SHA384
ECDHE-PSK-AES128-CBC-SHA256
ECDHE-ECDSA-AES256-CBC-SHA
ECDHE-ECDSA-AES128-CBC-SHA
ECDHE-RSA-AES256-CBC-SHA
ECDHE-RSA-AES128-CBC-SHA
DHE-RSA-AES256-CBC-SHA
DHE-RSA-AES128-CBC-SHA
ECDHE-PSK-AES256-CBC-SHA
ECDHE-PSK-AES128-CBC-SHA
RSA-AES256-GCM-SHA384
RSA-AES128-GCM-SHA256
RSA-AES256-CBC-SHA256
RSA-AES128-CBC-SHA256
RSA-AES256-CBC-SHA
RSA-AES128-CBC-SHA
PSK-AES256-GCM-SHA384
PSK-AES128-GCM-SHA256
PSK-CHACHA20-POLY1305-SHA256
PSK-AES256-CBC-SHA384
PSK-AES128-CBC-SHA256
PSK-AES256-CBC-SHA
PSK-AES128-CBC-SHA
ECDHE-RSA-3DES-EDE-CBC-SHA
DHE-RSA-3DES-EDE-CBC-SHA
ECDHE-PSK-3DES-EDE-CBC-SHA
RSA-3DES-EDE-CBC-SHA
PSK-3DES-EDE-CBC-SHA
The names above are canonical to redbean and were simplified
programmatically from the official IANA names. This function
will accept the IANA names too. In most cases it will accept
the OpenSSL and GnuTLS naming convention as well.
IsDaemon() → bool
Returns true if -d flag was passed to redbean.

1
tool/net/net.mk
View file

@ -52,6 +52,7 @@ TOOL_NET_DIRECTDEPS = \
LIBC_ZIPOS \
NET_HTTP \
NET_HTTPS \
TOOL_BUILD_LIB \
THIRD_PARTY_GDTOA \
THIRD_PARTY_GETOPT \
THIRD_PARTY_LUA \

151
tool/net/redbean.c
View file

@ -52,6 +52,7 @@
#include "libc/runtime/runtime.h"
#include "libc/sock/sock.h"
#include "libc/stdio/append.internal.h"
#include "libc/stdio/hex.internal.h"
#include "libc/stdio/stdio.h"
#include "libc/str/str.h"
#include "libc/str/undeflate.h"
@ -119,6 +120,7 @@
#include "third_party/regex/regex.h"
#include "third_party/zlib/zlib.h"
#include "tool/build/lib/case.h"
#include "tool/build/lib/psk.h"
/**
* @fileoverview redbean - single-file distributable web server
@ -248,6 +250,22 @@ static struct Unmaplist {
} * p;
} unmaplist;
static struct Psks {
size_t n;
struct Psk {
char *key;
size_t key_len;
char *identity;
size_t identity_len;
char *s;
} * p;
} psks;
static struct Suites {
size_t n;
uint16_t *p;
} suites;
static struct Certs {
size_t n;
struct Cert {
@ -1467,10 +1485,14 @@ static void WipeKeySigningKeys(void) {
}
static void WipeServingKeys(void) {
size_t i;
if (uniprocess) return;
/* TODO(jart): We need to figure out MbedTLS ownership semantics here. */
/* mbedtls_ssl_ticket_free(&ssltick); */
/* mbedtls_ssl_key_cert_free(conf.key_cert); */
for (i = 0; i < psks.n; ++i) {
mbedtls_platform_zeroize(psks.p[i].key, psks.p[i].key_len);
}
}
static bool CertHasCommonName(const mbedtls_x509_crt *cert,
@ -1570,6 +1592,21 @@ static int TlsRoute(void *ctx, mbedtls_ssl_context *ssl,
return ok1 || ok2 ? 0 : -1;
}
static int TlsRoutePsk(void *ctx, mbedtls_ssl_context *ssl,
const unsigned char *identity, size_t identity_len) {
size_t i;
for (i = 0; i < psks.n; ++i) {
if (SlicesEqual((void *)identity, identity_len, psks.p[i].identity,
psks.p[i].identity_len)) {
DEBUGF("TlsRoutePsk(%`'.*s)", identity_len, identity);
mbedtls_ssl_set_hs_psk(ssl, psks.p[i].key, psks.p[i].key_len);
return 0;
}
}
VERBOSEF("TlsRoutePsk(%`'.*s) not found", identity_len, identity);
return -1;
}
static bool TlsSetup(void) {
int r;
oldin.p = inbuf.p;
@ -1590,9 +1627,10 @@ static bool TlsSetup(void) {
reader = SslRead;
writer = SslWrite;
WipeServingKeys();
VERBOSEF("SHAKEN %s %s %s", DescribeClient(),
mbedtls_ssl_get_ciphersuite(&ssl),
mbedtls_ssl_get_version(&ssl));
VERBOSEF("SHAKEN %s %s %s%s %s", DescribeClient(),
mbedtls_ssl_get_ciphersuite(&ssl), mbedtls_ssl_get_version(&ssl),
ssl.session->compression ? " COMPRESSED" : "",
ssl.curve ? ssl.curve->name : "");
return true;
} else if (r == MBEDTLS_ERR_SSL_WANT_READ) {
LockInc(&shared->c.handshakeinterrupts);
@ -1878,7 +1916,7 @@ static void LoadCertificates(void) {
}
}
}
if (!havecert) {
if (!havecert && (!psks.n || ksk.key)) {
if ((ksk = GetKeySigningKey()).key) {
DEBUGF("generating ssl certificates using %`'s",
gc(FormatX509Name(&ksk.cert->subject)));
@ -2431,14 +2469,20 @@ static ssize_t Send(struct iovec *iov, int iovlen) {
return rc;
}
static bool IsSslCompressed(void) {
return usessl && ssl.session->compression;
}
static char *CommitOutput(char *p) {
uint32_t crc;
size_t outbuflen;
if (!contentlength) {
outbuflen = appendz(outbuf).i;
if (istext && outbuflen >= 100) {
p = stpcpy(p, "Vary: Accept-Encoding\r\n");
if (!IsTiny() && ClientAcceptsGzip()) {
if (!IsTiny() && !IsSslCompressed()) {
p = stpcpy(p, "Vary: Accept-Encoding\r\n");
}
if (!IsTiny() && !IsSslCompressed() && ClientAcceptsGzip()) {
gzipped = true;
crc = crc32_z(0, outbuf, outbuflen);
WRITE32LE(gzip_footer + 0, crc);
@ -4824,6 +4868,49 @@ static int LuaProgramPidPath(lua_State *L) {
return LuaProgramString(L, ProgramPidPath);
}
static int LuaProgramSslPresharedKey(lua_State *L) {
#ifndef UNSECURE
struct Psk psk;
size_t n1, n2, i;
const char *p1, *p2;
p1 = luaL_checklstring(L, 1, &n1);
p2 = luaL_checklstring(L, 2, &n2);
if (!n1 || n1 > MBEDTLS_PSK_MAX_LEN || !n2) {
luaL_argerror(L, 1, "bad preshared key length");
unreachable;
}
psk.key = memcpy(malloc(n1), p1, n1);
psk.key_len = n1;
psk.identity = memcpy(malloc(n2), p2, n2);
psk.identity_len = n2;
for (i = 0; i < psks.n; ++i) {
if (SlicesEqual(psk.identity, psk.identity_len, psks.p[i].identity,
psks.p[i].identity_len)) {
mbedtls_platform_zeroize(psks.p[i].key, psks.p[i].key_len);
free(psks.p[i].key);
free(psks.p[i].identity);
psks.p[i] = psk;
return 0;
}
}
psks.p = realloc(psks.p, ++psks.n * sizeof(*psks.p));
psks.p[psks.n - 1] = psk;
#endif
return 0;
}
static int LuaProgramSslCiphersuite(lua_State *L) {
mbedtls_ssl_ciphersuite_t *suite;
if (!(suite = GetCipherSuite(luaL_checkstring(L, 1)))) {
luaL_argerror(L, 1, "unsupported or unknown ciphersuite");
unreachable;
}
suites.p = realloc(suites.p, (++suites.n + 1) * sizeof(*suites.p));
suites.p[suites.n - 1] = suite->id;
suites.p[suites.n - 0] = 0;
return 0;
}
static int LuaProgramPrivateKey(lua_State *L) {
#ifndef UNSECURE
size_t n;
@ -4885,6 +4972,13 @@ static int LuaEvadeDragnetSurveillance(lua_State *L) {
return LuaProgramBool(L, &evadedragnetsurveillance);
}
static int LuaProgramSslCompression(lua_State *L) {
#ifndef UNSECURE
conf.disable_compression = confcli.disable_compression = !lua_toboolean(L, 1);
#endif
return 0;
}
static int LuaGetLogLevel(lua_State *L) {
lua_pushinteger(L, __log_level);
return 1;
@ -5321,8 +5415,11 @@ static const luaL_Reg kLuaFuncs[] = {
{"ProgramPort", LuaProgramPort}, //
{"ProgramPrivateKey", LuaProgramPrivateKey}, //
{"ProgramRedirect", LuaProgramRedirect}, //
{"ProgramSslCiphersuite", LuaProgramSslCiphersuite}, //
{"ProgramSslClientVerify", LuaProgramSslClientVerify}, //
{"ProgramSslCompression", LuaProgramSslCompression}, //
{"ProgramSslFetchVerify", LuaProgramSslFetchVerify}, //
{"ProgramSslPresharedKey", LuaProgramSslPresharedKey}, //
{"ProgramSslTicketLifetime", LuaProgramSslTicketLifetime}, //
{"ProgramTimeout", LuaProgramTimeout}, //
{"ProgramUid", LuaProgramUid}, //
@ -6015,7 +6112,8 @@ static char *ServeAsset(struct Asset *a, const char *path, size_t pathlen) {
} else {
return ServeError(500, "Internal Server Error");
}
} else if (!IsTiny() && msg.method != kHttpHead && ClientAcceptsGzip() &&
} else if (!IsTiny() && msg.method != kHttpHead && !IsSslCompressed() &&
ClientAcceptsGzip() &&
((contentlength >= 100 && StartsWithIgnoreCase(ct, "text/")) ||
(contentlength >= 1000 && MeasureEntropy(content, 1000) < 6))) {
p = ServeAssetCompressed(a);
@ -6165,8 +6263,9 @@ static bool HandleMessage(void) {
} else {
LockInc(&shared->c.badmessages);
connectionclose = true;
LOGF("%s sent garbage %`'s", DescribeClient(),
VisualizeControlCodes(inbuf.p, MIN(128, amtread), 0));
if ((p = DumpHexc(inbuf.p, MIN(amtread, 256), 0))) {
LOGF("%s sent garbage %s", DescribeClient(), p);
}
return true;
}
if (!msgsize) {
@ -6219,6 +6318,14 @@ static void InitRequest(void) {
InitHttpMessage(&msg, kHttpRequest);
}
static bool IsSsl(unsigned char c) {
if (c == 22) return true;
if (!(c & 128)) return false;
/* RHEL5 sends SSLv2 hello but supports TLS */
DEBUGF("%s SSLv2 hello D:", DescribeClient());
return true;
}
static void HandleMessages(void) {
bool once;
ssize_t rc;
@ -6239,7 +6346,7 @@ static void HandleMessages(void) {
#ifndef UNSECURE
if (!once) {
once = true;
if (inbuf.p[0] == 22) {
if (IsSsl(inbuf.p[0])) {
if (TlsSetup()) {
continue;
} else {
@ -6605,6 +6712,16 @@ static void TlsInit(void) {
MBEDTLS_SSL_TRANSPORT_STREAM, suite);
mbedtls_ssl_config_defaults(&confcli, MBEDTLS_SSL_IS_CLIENT,
MBEDTLS_SSL_TRANSPORT_STREAM, suite);
if (suites.n) {
mbedtls_ssl_conf_ciphersuites(&conf, suites.p);
mbedtls_ssl_conf_ciphersuites(&confcli, suites.p);
}
if (psks.n) {
mbedtls_ssl_conf_psk_cb(&conf, TlsRoutePsk, 0);
DCHECK_EQ(0,
mbedtls_ssl_conf_psk(&confcli, psks.p[0].key, psks.p[0].key_len,
psks.p[0].identity, psks.p[0].identity_len));
}
if (sslticketlifetime > 0) {
mbedtls_ssl_ticket_setup(&ssltick, mbedtls_ctr_drbg_random, &rng,
MBEDTLS_CIPHER_AES_256_GCM, sslticketlifetime);
@ -6628,6 +6745,7 @@ static void TlsInit(void) {
mbedtls_ssl_conf_authmode(&confcli, MBEDTLS_SSL_VERIFY_NONE);
}
mbedtls_ssl_set_bio(&ssl, &g_bio, TlsSend, 0, TlsRecv);
conf.disable_compression = confcli.disable_compression = true;
DCHECK_EQ(0, mbedtls_ssl_conf_alpn_protocols(&conf, kAlpn));
DCHECK_EQ(0, mbedtls_ssl_conf_alpn_protocols(&confcli, kAlpn));
DCHECK_EQ(0, mbedtls_ssl_setup(&ssl, &conf));
@ -6638,6 +6756,11 @@ static void TlsInit(void) {
static void TlsDestroy(void) {
#ifndef UNSECURE
size_t i;
for (i = 0; i < psks.n; ++i) {
mbedtls_platform_zeroize(psks.p[i].key, psks.p[i].key_len);
free(psks.p[i].key);
free(psks.p[i].identity);
}
mbedtls_ssl_free(&ssl);
mbedtls_ssl_free(&sslcli);
mbedtls_ctr_drbg_free(&rng);
@ -6651,9 +6774,11 @@ static void TlsDestroy(void) {
/* mbedtls_x509_crt_free(certs.p[i].cert); */
/* mbedtls_pk_free(certs.p[i].key); */
/* } */
free(certs.p), certs.p = 0, certs.n = 0;
free(ports.p), ports.p = 0, ports.n = 0;
free(ips.p), ips.p = 0, ips.n = 0;
Free(&suites.p), suites.n = 0;
Free(&certs.p), certs.n = 0;
Free(&ports.p), ports.n = 0;
Free(&psks.p), psks.n = 0;
Free(&ips.p), ips.n = 0;
#endif
}