/tmp ; cat f.c; 8c f.c; 8l f.8; 8.out; webpaste /dev/text
#include <u.h>
#include <libc.h>
typedef struct List List;
struct List {
int n;
List *next;
};
void
main(int argc, char *argv[])
{
List *l;
int wtf[1];
print("%p\n", &l);
print("%p\n", &l->next);
print("%p\n", &l->next->next);
}
dfffef60
4
8.out 1712: suicide: sys: trap: fault read addr=0x4 pc=0x0000105c
Fri Jun 24 07:58:44 EDT 2022
/tmp ; cat f.c && 8c f.c && 8l f.8 && 8.out
#include <u.h>
#include <libc.h>
typedef struct List List;
struct List {
int n;
List *next;
};
void
main(int argc, char *argv[])
{
List *l;
print("%p\n", &l);
print("%p\n", &l->next);
print("%p\n", &l->next->next);
}
dfffef60
4
8.out 1618: suicide: sys: trap: fault read addr=0x4 pc=0x0000105c
/tmp ; cat /dev/text | webpaste
webwaste: './webwaste' file not found
/tmp ; cat /dev/text | webpaste
Thu Jun 23 20:14:25 EDT 2022
Date: Thu, 01 Feb 2018 09:29:21 +0000 From: Daniel Margolis <dmargolis@google.com> To: khm@sciops.net Cc: draft-ietf-uta-mta-sts@ietf.org Subject: Re: draft-ietf-uta-mta-sts [-- OpenSSL output follows (current time: Thu Jun 23 17:14:01 2022) --] [-- End of OpenSSL output --] [-- The following data is signed --] Hey, You're definitely making a sane observation. This came up a bunch of times in the past; in fact, I wrote a short (and really now quite outdated) FAQ on this at one point in the now-distant past: https://github.com/mrisher/smtp-sts/wiki/Why-not-support-DNSSEC. Tldr: We did originally want to use DNS; in fact, when we were originally exploring ideas, I had originally wanted not to use HTTP at all, and just kind of use some plaintext DNS something something (say, stick a signed policy with the signature in a TXT record)--but that's not really feasible, since many DNS servers/hosts/infrastructure caps the size of/number of TXT records, so it's hard to fit the whole cert chain to use CA-signed certs to sign random blobs like that. So then the next idea was to allow people to optionally use DNSSEC to broadcast their signature--but if you can do DNSSEC, why not just do DANE? Ultimately, as problematic as it is in some ways to require web services to use STS, our conclusion (documented quite heavily in the archives of the list, though I can hardly fault you for not wanting to read through it all!) was that HTTPS was fairly accessible, with fairly well-understood semantics of cert validity and so forth. Hope that helps. Dan On Thu, Feb 1, 2018 at 2:51 AM Kurt H Maier <khm@sciops.net> wrote: > Is it the intention of this document to effectively require all > compliant MTAs to also implement web services? Is there a particular > reason that HTTPS is the only supported policy transport? Would the > working group be amenable to exploring DNS-only methods for expressing > MTA-STS policy? > > Thanks, > khm > [-- End of signed data --]
Thu Jun 23 20:12:41 EDT 2022
Date: Fri, 02 Feb 2018 07:12:55 +0000 From: Daniel Margolis <dmargolis@google.com> To: khm@sciops.net Cc: draft-ietf-uta-mta-sts@ietf.org Subject: Re: draft-ietf-uta-mta-sts [-- OpenSSL output follows (current time: Thu Jun 23 17:11:17 2022) --] [-- End of OpenSSL output --] [-- The following data is signed --] On Thu, Feb 1, 2018 at 7:28 PM Kurt H Maier <khm@sciops.net> wrote: > On Thu, Feb 01, 2018 at 06:05:42PM +0000, Daniel Margolis wrote: > > > > I may be misunderstanding you, but absent DNSSEC, it *is* necessary to > > establish that mx.isp.net is the correct MX for example.com. Merely > > authenticating the MX for its hostname is insufficient to prevent a > > man-in-the-middle attack, since injecting fake MX records is a trivial > > workaround, right? > > > > Yes, absent DNSSEC, DNS is not secured. The objection here is that > instead of recommending the security features of the already-involved > DNS services, you're recommending a secondary (tertiary?) protocol that > also does not solve the problem. If you can inject a fake MX record, > you can inject a fake A record, and authenticate on bad well-known data. > To be clear, if you inject a fake A record, the MTA-STS client will reject the policy served because the "policy.example.com" MITM won't have a valid certificate for example.com. (Assuming, of course, that they don't have a valid certificate.) So instead of authenticating the MX records directly, we are in fact authenticating (via the CA signedness) the "acceptable identities" of the MX hosts (which are themselves also required to be CA signed). So STS does not require trusted DNS, which is really a significant motivator here. Any changes that did not have those same security properties in the absence of DNSSEC would be undesirable. > > > But I don't have a great answer for you beyond that, and I agree that > it's > > feasible to do it all with DNS, at least in concept. > > I beg you to consider reintroducing this as an option, even if it's just > to serve the policy tuples. That way we can fix the implicit TLS > situation with SMTP and have a proper, complete solution. > > > Zoomed out a bit, I think the big challenge with all of this is > > retrofitting. HTTP is in some sense easier, because it's (usually) an > > interactive user-agent. So if you fall back to insecure (or encounter > cert > > problems) you can tell the user and ask them what to do. For decades, the > > "proper functioning" of HTTPS has been basically to show the user in the > > event of a downgrade attack (and, like, hope the user notices, which is > > often futile). > > Yes, and machines are much more reliable about rejecting situations > they've been programmed to reject. But in this case they're not really > being given the opportunity here; it's just getting offloaded to a > client protocol in another stack. SMTP already has error reporting > mechanisms and extending with a 'needs tls' error message is trivial and > simple. > > Thanks, > khm > [-- End of signed data --]
Thu Jun 23 18:27:43 EDT 2022
diff 7ca997bf7efdca16416b22488ebc7b70c419fd44 uncommitted
--- a//sys/include/libsec.h
+++ b//sys/include/libsec.h
@@ -374,6 +374,7 @@
int pkcs1unpadbuf(uchar *buf, int len, mpint *modulus, int blocktype);
int asn1encodeRSApub(RSApub *pk, uchar *buf, int len);
int asn1encodeRSApriv(RSApriv *k, uchar *buf, int len);
+int asn1encodeRSApubSPKI(RSApub *pk, uchar *buf, int len);
int asn1encodedigest(DigestState* (*fun)(uchar*, ulong, uchar*, DigestState*),
uchar *digest, uchar *buf, int len);
--- a//sys/src/cmd/auth/rsa2asn1.c
+++ b//sys/src/cmd/auth/rsa2asn1.c
@@ -6,11 +6,12 @@
#include "rsa2any.h"
int privatekey = 0;
+char *format = "pkcs1";
void
usage(void)
{
- fprint(2, "usage: auth/rsa2asn1 [-a] [file]\n");
+ fprint(2, "usage: auth/rsa2asn1 [-a] [-f fmt] [file]\n");
exits("usage");
}
@@ -25,6 +26,9 @@
case 'a':
privatekey = 1;
break;
+ case 'f':
+ format = EARGF(usage());
+ break;
default:
usage();
}ARGEND
@@ -32,14 +36,25 @@
if(argc > 1)
usage();
+ n = -1;
if((k = getrsakey(argc, argv, privatekey, nil)) == nil)
sysfatal("%r");
if(privatekey){
- if((n = asn1encodeRSApriv(k, buf, sizeof(buf))) < 0)
- sysfatal("asn1encodeRSApriv: %r");
+ if(strcmp(format, "pkcs1") == 0)
+ n = asn1encodeRSApriv(k, buf, sizeof(buf));
+ else
+ sysfatal("unknown format %s", format);
+ if(n < 0)
+ sysfatal("encode: %r");
}else{
- if((n = asn1encodeRSApub(&k->pub, buf, sizeof(buf))) < 0)
- sysfatal("asn1encodeRSApub: %r");
+ if(strcmp(format, "pkcs1") == 0)
+ n = asn1encodeRSApub(&k->pub, buf, sizeof(buf));
+ else if(strcmp(format, "spki") == 0)
+ n = asn1encodeRSApubSPKI(&k->pub, buf, sizeof(buf));
+ else
+ sysfatal("unknown format %s", format);
+ if(n < 0)
+ sysfatal("encode: %r");
}
if(write(1, buf, n) != n)
sysfatal("write: %r");
--- a//sys/src/libsec/port/x509.c
+++ b//sys/src/libsec/port/x509.c
@@ -788,6 +788,7 @@
p = &uc;
err = enc(&p, e, 1);
+ *pbytes = nil;
if(err == ASN_OK) {
ans = newbytes(p-&uc);
p = ans->data;
@@ -2900,6 +2901,32 @@
}
memmove(buf, b->data, len = b->len);
freebytes(b);
+ return len;
+}
+
+int
+asn1encodeRSApubSPKI(RSApub *pk, uchar *buf, int len)
+{
+ Bytes *b, *k;
+ Elem e;
+
+ k = encode_rsapubkey(pk);
+ if(k == nil)
+ return -1;
+ e = mkseq(
+ mkel(mkalg(ALG_rsaEncryption),
+ mkel(mkbits(k->data, k->len),
+ nil)));
+ encode(e, &b);
+ freebytes(k);
+ if(b == nil)
+ return -1;
+ if(b->len > len){
+ freebytes(b);
+ werrstr("buffer too small");
+ return -1;
+ }
+ memmove(buf, b->data, len = b->len);
return len;
}
Thu Jun 23 12:18:27 EDT 2022
#!/bin/sh -e
if [ 0 -ne `id -u` ]; then
echo "This script needs root access" >&2
exit 1
fi
if ! [ -d "$1" ] || [ x-h = x"$*" ] || [ x--help = x"$*" ]; then
echo "Usage: ${0##*/} <chroot_directory>" >&2
exit 1
fi
if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chmod` ]; then
echo "Warning: can't suid/sgid inside chroot" >&2
fi
if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mknod` ]; then
echo "Warning: can't mknod inside chroot" >&2
fi
if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mount` ]; then
echo "Warning: can't mount inside chroot" >&2
fi
if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chroot` ]; then
echo "Warning: can't chroot inside chroot" >&2
fi
cd "$1"
if ! [ -d ./etc ]; then
echo "No etc directory inside $1" >&2
exit 1
fi
shift
MOUNTED=
umount_all() {
case $MOUNTED in
shm\ *) if [ -L ./dev/shm ]; then
umount ./`readlink ./dev/shm`
else
umount ./dev/shm
fi
MOUNTED=${MOUNTED#shm };;
esac
case $MOUNTED in
run\ *) umount ./run
MOUNTED=${MOUNTED#run };;
esac
case $MOUNTED in
tmp\ *) umount ./tmp
MOUNTED=${MOUNTED#tmp };;
esac
case $MOUNTED in
proc\ *) umount ./proc
MOUNTED=${MOUNTED#proc };;
esac
case $MOUNTED in
sys\ *) umount ./sys
MOUNTED=${MOUNTED#sys };;
esac
case $MOUNTED in
pts\ *) umount ./dev/pts
MOUNTED=${MOUNTED#pts };;
esac
case $MOUNTED in
dev\ *) umount ./dev
MOUNTED=${MOUNTED#dev };;
esac
}
trap 'umount_all' EXIT
#mkdir -p ./etc ./dev/pts ./sys ./proc ./tmp ./run ./boot ./root
cp -iL /etc/resolv.conf ./etc/ || true # if ^C, will cancel script
mount --bind /dev ./dev
MOUNTED="dev $MOUNTED"
mount -t devpts devpts ./dev/pts -o nosuid,noexec
MOUNTED="pts $MOUNTED"
mount -t sysfs sys ./sys -o nosuid,nodev,noexec,ro
MOUNTED="sys $MOUNTED"
mount -t proc proc ./proc -o nosuid,nodev,noexec
MOUNTED="proc $MOUNTED"
mount -t tmpfs tmp ./tmp -o mode=1777,nosuid,nodev,strictatime
MOUNTED="tmp $MOUNTED"
mount -t tmpfs run ./run -o mode=0755,nosuid,nodev
MOUNTED="run $MOUNTED"
if [ -L ./dev/shm ]; then
mkdir -p ./`readlink ./dev/shm`
mount -t tmpfs shm ./`readlink ./dev/shm` -o mode=1777,nosuid,nodev
else
#mkdir -p ./dev/shm
mount -t tmpfs shm ./dev/shm -o mode=1777,nosuid,nodev
fi
MOUNTED="shm $MOUNTED"
case $1 in
-l) shift;;
-l*) one=${1#-l}; shift; set -- -"$one" "$@";;
esac
chroot . /usr/bin/env -i SHELL=/bin/sh HOME=/root TERM="$TERM" \
PATH=/usr/sbin:/usr/bin:/sbin:/bin PS1='chroot # ' /bin/sh -l "$@"
# FIXME
# are USER and LOGNAME set automatically?
# perhaps: source /etc/profile && export PS1="chroot $PS1"
Wed Jun 22 10:03:28 EDT 2022
whooo
Tue Jun 21 21:33:47 EDT 2022
From: Rob Pike <robpike@gmail.com> Date: Wed, 22 Jun 2022 10:48:24 +1000 To: Larry McVoy <lm@mcvoy.com> Message-ID-Hash: ZXR47ZRDY6USYRJ6DNBIMD2ENJMU2INP CC: The Eunuchs Hysterical Society <tuhs@tuhs.org> Subject: [TUHS] Re: forgotten versions Archived-At: <https://www.tuhs.org/mailman3/hyperkitty/list/tuhs@tuhs.org/message/ZXR47ZRDY6USYRJ6DNBIMD2ENJMU2INP/> Plan 9 used Datakit as its network for quite a while. The Gnot terminals had an INCON interface, a megabit (approximately) twisted pair adjunct to Datakit. I had an INCON link running over a T-1 link to my house - great excitement back in the day. (The kernel downloaded over the line and booted the machine up to the window system - there was no local disk - from power up, in 7 seconds.) NJ Bell needed to install a new nitrogen-pressurized 26-pair cable, supported by a new telephone pole, to set it up, because I had already used up all available pairs on the existing line to my house. All included at no extra cost. (You pay for the service, not its construction.) When the internet became unavoidable, we used Plan 9's import mechanism to import the single external TCP/IP interface from our gateway machine, over Datakit, to the Gnots. We did the same, but importing now over IL (an ethernet protocol built by Phil Winterbottom) when our terminals became PCs. That's how I remember it, at least, but I might have got some details wrong. I think much of this is covered in http://doc.cat-v.org/plan_9/4th_edition/papers/net/ -rob On Wed, Jun 22, 2022 at 10:13 AM Larry McVoy <lm@mcvoy.com> wrote: > On Tue, Jun 21, 2022 at 05:56:02PM -0600, Jacob Moody wrote: > > I recently stumbled across the existence of datakit > > when going through the plan9foundation source archives. > > Would be curious to hear more about its involvement > > with plan9. > > Pretty sure datakit predated Plan 9, didn't Greg Chesson work on that? > He was my mentor at SGI, my memory is datakit was sort of early on in > his career and then he did XTP, which nobody knows about but I believe > is still used by the military. > > Unless the early Bell Labs datakit and the Plan 9 datakit are different > things. >
Tue Jun 21 10:26:16 EDT 2022
#include <libc.h>
#include <draw.h>
#include <geometry.h>
void
main(int argc, char** argv){
Space q = (Space){
(Matrix){{1.1,1.1,1.1,1.1},
{1.1,1.1,1.1,1.1},{1.1,1.1,1.1,1.1},{1.1,1.1,1.1,1.1}},
(Matrix){{1.1,1.1,1.1,1.1},{1.1,1.1,1.1,1.1},{1.1,1.1,1.1,1.1},{1.1,1.1,1.1,1.1}},
nil
};
}
Mon Jun 20 23:31:48 EDT 2022
0:d=0 hl=4 l= 605 cons: SEQUENCE
4:d=1 hl=2 l= 1 prim: INTEGER :00
7:d=1 hl=3 l= 129 prim: INTEGER
:CDFCD15D3BE59A4AC24C856EEF14323A8D5D66E9F75D794DEC5C50CDE8C0FC3B5F00C0C2497D4C7DDF274337CBDF720F928499B22433731C8C720D34C86E97D6ECF701C926D792BB169C607D508D3D780EB4374D83C1EF435FCFE6C85E8BA31520D123456FF885615D481A46713546E38241AC7A8E1D2119A06DF4B9669BF1AF
139:d=1 hl=2 l= 3 prim: INTEGER :010001
144:d=1 hl=3 l= 128 prim: INTEGER
:3CAFBB4EE892A07E5DF80567C57001CC5651AA3C4BF072088F163388368684C9491803B239CC7C78A901FC3FB804C0A9EDD4BB234C9F0BCEE161C89A4062B4C0CA080484CFACC1CC4A81B8D29E91FFA8531A45581755101D66DB821447AD6A0F7FC1C620AA4473B3B28F6718604672D6A634DA5369369C81E6E6556C0A8EF4A1
275:d=1 hl=2 l= 65 prim: INTEGER
:E6A4A3E32596B3A50A35377E3A5CE6E8516C5F5B34DC2BAC769890806FFFF4E0A85EBA49D07773C7BC112BE7689E563D561CD30B0BA78BDDC92B70F622A7040D
342:d=1 hl=2 l= 65 prim: INTEGER
:E4A241B9D2FC6FCE05DA5C6F94FCC231169C3760D2FE0FB710580C167ADA92D3A8521637483F2C53E9683B53F5242F1C1BC34204628EF6C2222462F4A42CF1AB
409:d=1 hl=2 l= 65 prim: INTEGER
:D025DB85DE617004CCFE93F346269B79242A82B0243762EEC525109BE8F7FCFE56D50E98191C04904828D30F877A05E85AF3AE7EB468E3B027A21DD2F418F86D
476:d=1 hl=2 l= 64 prim: INTEGER
:53FEDC60B587B257A144D8C2D19C8E8754442E002F63D1483303F5E4E85B96A795E61A6D52E88A9385639AB03C967F8C3712E41512546D8962DBB5532561B1A3
542:d=1 hl=2 l= 65 prim: INTEGER
:B15023D52DF343D6D85265E83FF70C1B2A527F84312623F77485184C40B87A3576D2689EA9EFD568F3B80EEF96E05347A18A286B5065CC81DC7352574CA43CBD
Mon Jun 20 21:25:04 EDT 2022
SRV(3) SRV(3)
NAME
srv - server registry
SYNOPSIS
bind #s /srv
#s/clone
#s/n
#s/service1
#s/service2
...
DESCRIPTION
The srv device provides a tree of directories holding
already-open channels to services. In effect, srv is a bul-
letin board on which processes may post open file descrip-
tors to make them available to other processes.
To install a channel, create a new file such as /srv/myserv
and then write a text string (suitable for strtoul; see
atof(2)) giving the file descriptor number of an open file.
Any process may then open /srv/myserv to acquire another
reference to the open file that was registered.
An entry in srv holds a reference to the associated file
even if no process has the file open. Removing the file
from /srv releases that reference.
It is an error to write more than one number into a server
file, or to create a file with a name that is already being
used.
Opening the clone file allocates a new service directory.
Reading clone returns the id of the new directory. This new
service directory can then be accessed at /srv/id. Directo-
ries are recursable; each new servive directory contains its
own clone file.
EXAMPLE
To drop one end of a pipe into /srv, that is, to create a
named pipe:
int fd, p[2];
char buf[32];
pipe(p);
fd = create("/srv/namedpipe", OWRITE, 0666);
fprint(fd, "%d", p[0]);
close(fd);
close(p[0]);
fprint(p[1], "hello");
At this point, any process may open and read /srv/namedpipe
to receive the hello string. Data written to /srv/namedpipe
can be received by executing
read(p[1], buf, sizeof buf);
in the above process.
SOURCE
/sys/src/9/port/devsrv.c