Add SSL to redbean

Your redbean can now interoperate with clients that require TLS crypto. This is accomplished using a protocol polyglot that lets us distinguish between HTTP and HTTPS regardless of the port number. Certificates will be generated automatically, if none are supplied by the user. Footprint increases by only a few hundred kb so redbean in MODY=tiny is now 1.0mb - Add lseek() polyfills for ZIP executable - Automatically polyfill /tmp/FOO paths on NT - Fix readdir() / ftw() / nftw() bugs on Windows - Introduce -B flag for slower SSL that's stronger - Remove mbedtls features Cosmopolitan doesn't need - Have base64 decoder support the uri-safe alternative - Remove Truncated HMAC because it's forbidden by the IETF - Add all the mbedtls test suites and make them go 3x faster - Support opendir() / readdir() / closedir() on ZIP executable - Use Everest for ECDHE-ECDSA because it's so good it's so good - Add tinier implementation of sha1 since it's not worth the rom - Add chi-square monte-carlo mean correlation tests for getrandom() - Source entropy on Windows from the proper interface everyone uses We're continuing to outperform NGINX and other servers on raw message throughput. Using SSL means that instead of 1,000,000 qps you can get around 300,000 qps. However redbean isn't as fast as NGINX yet at SSL handshakes, since redbean can do 2,627 per second and NGINX does 4.3k Right now, the SSL UX story works best if you give your redbean a key signing key since that can be easily generated by openssl using a one liner then redbean will do all the things that are impossibly hard to do like signing ecdsa and rsa certificates that'll work in chrome. We should integrate the let's encrypt acme protocol in the future. Live Demo: https://redbean.justine.lol/ Root Cert: https://redbean.justine.lol/redbean1.crt
2025-06-30 00:08:30 +00:00 · 2021-06-24 12:31:26 -07:00 · 2021-06-24 12:31:26 -07:00 · cc1920749e
commit cc1920749e
parent 1beeb7a829
1032 changed files with 152673 additions and 69310 deletions
--- a/libc/nt/struct/ipadapteraddresses.h
+++ b/libc/nt/struct/ipadapteraddresses.h
@ -1,15 +1,13 @@
 #ifndef COSMOPOLITAN_LIBC_NT_STRUCT_IP_ADAPTER_ADDRESSES_H_
 #define COSMOPOLITAN_LIBC_NT_STRUCT_IP_ADAPTER_ADDRESSES_H_
-
 #include "libc/nt/winsock.h"
-
 #if !(__ASSEMBLER__ + __LINKER__ + 0)
 COSMOPOLITAN_C_START_

 /* Constants ----------------------------------------------------------- */
-#define kNtMaxAdapterAddressLength              8
-#define kNtMaxDnsSuffixStringLength             256
-#define kNtMaxDhcpv6DuidLength                  130
+#define kNtMaxAdapterAddressLength  8
+#define kNtMaxDnsSuffixStringLength 256
+#define kNtMaxDhcpv6DuidLength      130

 /* Values for the 'Flags' parameter of GetAdaptersAddresses */
 #define kNtGaaFlagSkipUnicast               0x0001
@ -26,7 +24,8 @@ COSMOPOLITAN_C_START_
 #define kNtGaaFlagSkipDnsInfo               0x0800

 /* Values for the IfType parameter
- * See: https://docs.microsoft.com/en-us/windows/win32/api/iptypes/ns-iptypes-ip_adapter_addresses_lh
+ * See:
+ * https://docs.microsoft.com/en-us/windows/win32/api/iptypes/ns-iptypes-ip_adapter_addresses_lh
 */
 #define kNtIfTypeOther             1
 #define kNtIfTypeEthernetCsmacd    6
@ -38,9 +37,8 @@ COSMOPOLITAN_C_START_
 #define kNtIfTypeTunnel            131
 #define kNtIfTypeIeee1394          144 /* firewire */

-
 /* Enums --------------------------------------------------------------- */
-typedef enum  {
+typedef enum {
  kNtIpPrefixOriginOther,
  kNtIpPrefixOriginManual,
  kNtIpPrefixOriginWellKnown,
@ -49,7 +47,7 @@ typedef enum  {
  kNtIpPrefixOriginUnchanged
 } NtPrefixOrigin;

-typedef enum  {
+typedef enum {
  kNtNlsoOther,
  kNtNlsoManual,
  kNtNlsoWellKnown,
@ -65,7 +63,7 @@ typedef enum  {
  kNtIpSuffixOriginUnchanged
 } NtSuffixOrigin;

-typedef enum  {
+typedef enum {
  kNtNldsInvalid,
  kNtNldsTentative,
  kNtNldsDuplicate,
@ -89,10 +87,10 @@ typedef enum {
 } NtIfOperStatus;

 typedef enum {
- kNtNetIfConnectionDedicated = 1,
- kNtNetIfConnectionPassive = 2,
- kNtNetIfConnectionDemand = 3,
- kNtNetIfConnectionMaximum = 4
+  kNtNetIfConnectionDedicated = 1,
+  kNtNetIfConnectionPassive = 2,
+  kNtNetIfConnectionDemand = 3,
+  kNtNetIfConnectionMaximum = 4
 } NtNetIfConnectionType;

 typedef enum {
@ -105,7 +103,6 @@ typedef enum {
  kNtTunnelTypeIphttps = 15
 } NtTunnelType;

-
 /* Inner Types --------------------------------------------------------- */
 typedef struct _NtIpAdapterUnicastAddress {
  union {
@ -115,15 +112,15 @@ typedef struct _NtIpAdapterUnicastAddress {
      uint32_t Flags;
    };
  };
-  struct _NtIpAdapterUnicastAddress *   Next;
-  struct NtSocketAddress                Address;
-  NtPrefixOrigin                        PrefixOrigin;
-  NtSuffixOrigin                        SuffixOrigin;
-  NtDadState                            DadState;
-  uint32_t                              ValidLifetime;
-  uint32_t                              PreferredLifetime;
-  uint32_t                              LeaseLifetime;
-  uint8_t                               OnLinkPrefixLength;
+  struct _NtIpAdapterUnicastAddress *Next;
+  struct NtSocketAddress Address;
+  NtPrefixOrigin PrefixOrigin;
+  NtSuffixOrigin SuffixOrigin;
+  NtDadState DadState;
+  uint32_t ValidLifetime;
+  uint32_t PreferredLifetime;
+  uint32_t LeaseLifetime;
+  uint8_t OnLinkPrefixLength;
 } NtIpAdapterUnicastAddress;

 typedef struct NtIpAdapterAnycastAddress {
@ -135,7 +132,7 @@ typedef struct NtIpAdapterAnycastAddress {
    };
  };
  struct _NtIpAdapterAnycastAddress *Next;
-  struct NtSocketAddress             Address;
+  struct NtSocketAddress Address;
 } NtIpAdapterAnycastAddress;

 typedef struct NtIpAdapterMulticastAddress {
@ -147,10 +144,9 @@ typedef struct NtIpAdapterMulticastAddress {
    };
  };
  struct _NtIpAdapterMulticastAddress *Next;
-  struct NtSocketAddress               Address;
+  struct NtSocketAddress Address;
 } NtIpAdapterMulticastAddress;

-
 typedef struct _NtIpAdapterDnsServerAddress {
  union {
    uint64_t Alignment;
@ -160,32 +156,32 @@ typedef struct _NtIpAdapterDnsServerAddress {
    };
  };
  struct _NtIpAdapterDnsServerAddress *Next;
-  struct NtSocketAddress               Address;
+  struct NtSocketAddress Address;
 } NtIpAdapterDnsServerAddress;

 typedef struct _NtIpAdapterPrefix {
-    union {
-        uint64_t Alignment;
-        struct {
-            uint32_t Length;
-            uint32_t Flags;
-        };
+  union {
+    uint64_t Alignment;
+    struct {
+      uint32_t Length;
+      uint32_t Flags;
    };
-    struct _NtIpAdapterPrefix  *Next;
-    struct NtSocketAddress      Address;
-    uint32_t                    PrefixLength;
+  };
+  struct _NtIpAdapterPrefix *Next;
+  struct NtSocketAddress Address;
+  uint32_t PrefixLength;
 } NtIpAdapterPrefix;

 typedef struct _NtIpAdapterWinsServerAddress {
-    union {
-        uint64_t Alignment;
-        struct {
-            uint32_t Length;
-            uint32_t Reserved;
-        };
+  union {
+    uint64_t Alignment;
+    struct {
+      uint32_t Length;
+      uint32_t Reserved;
    };
-    struct _NtIpAdapterWinsServerAddress *Next;
-    struct NtSocketAddress       Address;
+  };
+  struct _NtIpAdapterWinsServerAddress *Next;
+  struct NtSocketAddress Address;
 } NtIpAdapterWinsServerAddress;

 typedef struct _NtIpAdapterGatewayAddress {
@ -197,53 +193,50 @@ typedef struct _NtIpAdapterGatewayAddress {
    };
  };
  struct _NtIpAdapterGatewayAddress *Next;
-  struct NtSocketAddress             Address;
+  struct NtSocketAddress Address;
 } NtIpAdapterGatewayAddress;

 typedef struct _NtGUID {
-    uint32_t Data1;
-    uint16_t Data2;
-    uint16_t Data3;
-    uint8_t  Data4[8];
+  uint32_t Data1;
+  uint16_t Data2;
+  uint16_t Data3;
+  uint8_t Data4[8];
 } NtGUID;

-typedef union _NtNetLUID
-{
-    uint64_t     Value;
-    struct
-    {
-        uint64_t    Reserved:24;
-        uint64_t    NetLuidIndex:24;
-        uint64_t    IfType:16;
-    }Info;
+typedef union _NtNetLUID {
+  uint64_t Value;
+  struct {
+    uint64_t Reserved : 24;
+    uint64_t NetLuidIndex : 24;
+    uint64_t IfType : 16;
+  } Info;
 } NtNetLUID;

 typedef struct _NtIpAdapterDnsSuffix {
-    struct _NtIpAdapterDnsSuffix *Next;
-    uint16_t String[kNtMaxDnsSuffixStringLength];
+  struct _NtIpAdapterDnsSuffix *Next;
+  uint16_t String[kNtMaxDnsSuffixStringLength];
 } NtIpAdapterDnsSuffix;

-
 /* Top level ----------------------------------------------------------- */
 typedef struct _NtIpAdapterAddresses {
  union {
    uint64_t Alignment;
    struct {
-      uint32_t  Length;
-      uint32_t  IfIndex;
+      uint32_t Length;
+      uint32_t IfIndex;
    };
  };
-  struct _NtIpAdapterAddresses *     Next;
-  char *                             AdapterName;
-  NtIpAdapterUnicastAddress *        FirstUnicastAddress;
-  NtIpAdapterAnycastAddress *        FirstAnycastAddress;
-  NtIpAdapterMulticastAddress *      FirstMulticastAddress;
-  NtIpAdapterDnsServerAddress *      FirstDnsServerAddress;
-  uint16_t *                         DnsSuffix;
-  uint16_t *                         Description;
-  uint16_t *                         FriendlyName;
-  uint8_t                            PhysicalAddress[kNtMaxAdapterAddressLength];
-  uint32_t                           PhysicalAddressLength;
+  struct _NtIpAdapterAddresses *Next;
+  char *AdapterName;
+  NtIpAdapterUnicastAddress *FirstUnicastAddress;
+  NtIpAdapterAnycastAddress *FirstAnycastAddress;
+  NtIpAdapterMulticastAddress *FirstMulticastAddress;
+  NtIpAdapterDnsServerAddress *FirstDnsServerAddress;
+  uint16_t *DnsSuffix;
+  uint16_t *Description;
+  uint16_t *FriendlyName;
+  uint8_t PhysicalAddress[kNtMaxAdapterAddressLength];
+  uint32_t PhysicalAddressLength;
  union {
    uint32_t Flags;
    struct {
@ -259,33 +252,31 @@ typedef struct _NtIpAdapterAddresses {
      uint32_t Ipv6ManagedAddressConfigurationSupported : 1;
    };
  };
-  uint32_t                           Mtu;
-  uint32_t                           IfType;
-  NtIfOperStatus                     OperStatus;
-  uint32_t                           Ipv6IfIndex;
-  uint32_t                           ZoneIndices[16];
-  NtIpAdapterPrefix *                FirstPrefix;
-  uint64_t                           TransmitLinkSpeed;
-  uint64_t                           ReceiveLinkSpeed;
-  NtIpAdapterWinsServerAddress *     FirstWinsServerAddress;
-  NtIpAdapterGatewayAddress *        FirstGatewayAddress;
-  uint32_t                           Ipv4Metric;
-  uint32_t                           Ipv6Metric;
-  NtNetLUID                          Luid;
-  struct NtSocketAddress             Dhcpv4Server;
-  uint32_t                           CompartmentId;
-  NtGUID                             NetworkGuid;
-  NtNetIfConnectionType              ConnectionType;
-  NtTunnelType                       TunnelType;
-  struct NtSocketAddress             Dhcpv6Server;
-  uint8_t                            Dhcpv6ClientDuid[kNtMaxDhcpv6DuidLength];
-  uint32_t                           Dhcpv6ClientDuidLength;
-  uint32_t                           Dhcpv6Iaid;
-  NtIpAdapterDnsSuffix *             FirstDnsSuffix;
+  uint32_t Mtu;
+  uint32_t IfType;
+  NtIfOperStatus OperStatus;
+  uint32_t Ipv6IfIndex;
+  uint32_t ZoneIndices[16];
+  NtIpAdapterPrefix *FirstPrefix;
+  uint64_t TransmitLinkSpeed;
+  uint64_t ReceiveLinkSpeed;
+  NtIpAdapterWinsServerAddress *FirstWinsServerAddress;
+  NtIpAdapterGatewayAddress *FirstGatewayAddress;
+  uint32_t Ipv4Metric;
+  uint32_t Ipv6Metric;
+  NtNetLUID Luid;
+  struct NtSocketAddress Dhcpv4Server;
+  uint32_t CompartmentId;
+  NtGUID NetworkGuid;
+  NtNetIfConnectionType ConnectionType;
+  NtTunnelType TunnelType;
+  struct NtSocketAddress Dhcpv6Server;
+  uint8_t Dhcpv6ClientDuid[kNtMaxDhcpv6DuidLength];
+  uint32_t Dhcpv6ClientDuidLength;
+  uint32_t Dhcpv6Iaid;
+  NtIpAdapterDnsSuffix *FirstDnsSuffix;
 } NtIpAdapterAddresses;

-
 COSMOPOLITAN_C_END_
 #endif /* !(__ASSEMBLER__ + __LINKER__ + 0) */
 #endif /* COSMOPOLITAN_LIBC_NT_STRUCT_IP_ADAPTER_ADDRESSES_H_ */
-