Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 most recent check-ins
|
2025-07-06
| ||
| 15:44 | (net) session: introduce key-management This is a consolidated version of the pattern in net.c merging the directory- spawned, local hosted and directory-joined forms. Leaf check-in: ba8fc41a67 user: letoram tags: master, trunk | |
| 06:43 | (net) send reset/register on resumption This works with the caveat that if the sink side WM deletes the window, causing the connection to terminate, this will not cause the termination to hit and the old session will still recover. Similarly, if say, afsrv_terminal: #exit kills the window the server will still try to resumption it. Both suggest that there is an issue with lifecycle tracking at these transitions. check-in: 78c8cffa11 user: letoram tags: master, trunk | |
|
2025-07-05
| ||
| 21:40 | (net) [regression warning] refactor -l -- /shmif/client hosting This will break pull use of arcan-net -- /some/bin. To get away from the fork() + continued exec use in arcan-net which stops thread sanitizer from working, and make net.c less messy -- we split into a new binary, arcan-net-session. This binary will take care of spinning up the shmif client and mapping to an a12 sink, but also prepare for two major features and a tui UI for runtime parameter controls. The first feature is to be able to resume an interrupted connection by leveraging the crash recovery _RESET mechanism. This is done by tracking the public-key used to authenticate, and the status of the shmif client primary when the a12 connection has terminated. If the client is still alive, bind it to the public-key and look for that on new connections. The second feature is a bit more complex, but it is to have a broadcast option where encoded video frames are kept from the session that the first source gets. Any new connections are then fed these frames within a GOP-sequence friendly window as passthrough. This lets one a12 connection 'drive' the shmif client, and the others view it. It will be single window only (and uncomposited, if composition is wanted, host through lwa+wm). check-in: 7e0e57c14b user: letoram tags: master, trunk | |
| 21:32 | (arcterm) handle SIGUSR1 in cli=lua mode and dump trace This is an intermediate convenience (before adding full debugif) to capture livelocks in lash scripts. check-in: 71e8543711 user: letoram tags: master, trunk | |
|
2025-07-04
| ||
| 08:45 | (shmif) poll in blocking recvfds() to avoid 100% spin on nonblock socket check-in: 6150579486 user: letoram tags: master, trunk | |
|
2025-06-29
| ||
| 19:01 | (build) adds few more dependencies to flake.nix check-in: e65ca0e5d4 user: cipharius tags: master, trunk | |
| 18:44 | (build) adds flake.nix with all of the build dependencies check-in: a28bab3e82 user: cipharius tags: master, trunk | |
|
2025-06-26
| ||
| 16:29 | (net) obsd warnings check-in: 11cc3d5829 user: letoram tags: master, trunk | |
| 04:41 | (build) move arc4random() to arcan_random() for musl- compat check-in: 555656c25a user: letoram tags: master, trunk | |
|
2025-06-25
| ||
| 06:06 | (net) expose debug report generation as .report resource This solves for half of the triaging point. It makes it so a developer permission key can generate and download the report for the appl it specifies, a config option to flush after this has occured (the flush happens instantly, meaning that if the connection is severed while the report is downloaded, it is lost). It can be parried for by tracking the transfer and waiting for STREAMSTATUS to latch the unlink, if needed. It's just fringe enough to not warrant the effort right now. It also adds config.lua scope controls to block the flush, and admin functions to enumerate installed appls and explicitly flush. What's missing is the .ctrl layer, both for merging into the report itself, and more importantly - an external ticket service config and functions to issue a ticket into it. check-in: 66835228e0 user: letoram tags: master, trunk | |
| 06:02 | (shmif) don't warn if migrate called without connp set check-in: b85540ac80 user: letoram tags: master, trunk | |
|
2025-06-24
| ||
| 15:51 | (net) add build_debug_pkg(applname) for collecting .debug This enumerates all accepted public keys with a local state store, extracts .debug snapshots and packages them into one descriptor. The purpose for this is to then let the developer access that as a .file for local triaging, or for the .ctrl- VM runner to further analyze it to generate tickets. check-in: 235473f9fb user: letoram tags: master, trunk | |
| 03:48 | (build) off-by-one in awk extraction of buildtag check-in: 807f065909 user: letoram tags: master, trunk | |
| 03:19 | (build) fossil tip tagging fix for out-of-tree build dir check-in: e1e9d2c13e user: letoram tags: master, trunk | |
| 03:18 | (net) h264 raw bitstream debug dump accidentally enabled check-in: 0db5c7ce2a user: letoram tags: master, trunk | |
| 01:57 | (net) make outbound buffer-ringbuffer size configurable check-in: 64252e0016 user: letoram tags: master, trunk | |
| 00:58 | (net) missing critical-region safeguard around post-auth flush check-in: e151a800b5 user: letoram tags: master, trunk | |
| 00:57 | (net) add (incomplete) pre-encrypt buffer validation function check-in: 5bb7302356 user: letoram tags: master, trunk | |
|
2025-06-23
| ||
| 17:27 | (lwa) queue EXIT_FAILURE if parent connection dies without recovery check-in: d73c64121b user: letoram tags: master, trunk | |
|
2025-06-22
| ||
| 08:48 | (net) move a12int_insecure_ helpers to context option and update test check-in: df3887ea43 user: letoram tags: master, trunk | |
|
2025-06-21
| ||
| 23:58 | (lua) extend open_nonblock with table form This is in preparation for handling parallel transfers through afsrv_net/arcan-net. The problem this is meant to solve is that if an appl does something like: stdin = net_open("@stdin", ...) decode = launch_decode(...) open_nonblock(stdin, false, "appl:/something", decode) Any subsequent transfers will be queued and not dispatched until decode finishes streaming. This breaks simple cases like an a12-ctrl+appl that may stream video from a static source while also presenting static imagery that comes server-side. There's no reasonable heuristic for this since afsrv_decode etc. can be used for static imagery as well, the option is either to instruct _decode to locally cache before decoding (which can be gigabytes of data and still block) or, as the approach is here, to add hinting: open_nonblock(stdin, {parallel = true}, "appl:/something", decode) Then (next patch) let arcan-net see that this should be parallelised and request it on a different channel. This gives the appl the option of ~255 (assuming no other dynamic sourcing or tunneling) ongoing transfers. check-in: 75fde94de0 user: letoram tags: master, trunk | |
| 11:15 | (net) wire in request_nonblock, accept_nonblock for ctrl This is a prerequisite for dynamic/filtered .index as well as ctrl- dictated streaming transfers. check-in: 5fe4c48b76 user: letoram tags: master, trunk | |
| 04:55 | (net) ensure \0 terminating in pkg unpack Off-by-one causing some packaging to fail validation. check-in: 6221073f42 user: letoram tags: master, trunk | |
| 04:54 | (tui) split out nbio processing for re-use elsewhere open_nonblock is needed in dir-ctrl lua VM now, rather than re-implement the same processing loop again, prepare for re-using the tui one as that has seen the heaviest testing. check-in: 63c9ea2ed4 user: letoram tags: master, trunk | |
|
2025-06-19
| ||
| 11:19 | (doc/net) extend A12 directory-extension This adds more detail on FAP signing, directory linking and extends appl directory announcements to cover tui-only appls as well as a 'default' flag for key-defined 'default' appl. check-in: 0e987189a3 user: letoram tags: master, trunk | |
|
2025-06-13
| ||
| 18:06 | (net) change keystore_accept tags to handle a,b,c accept:b,d Previously the accept/somekey tag was always a single entity, but for more complete policies we want both to be sets and then check that they intersect. check-in: 077fff8bfe user: letoram tags: master, trunk | |
| 15:30 | (net) scaffolding for reference_directory() check-in: 3b21ad30ea user: letoram tags: master, trunk | |
| 07:57 | (net) OpenBSD size_t vs. ull build warning + more logging for DIRLIST check-in: e9edc6608e user: letoram tags: master, trunk | |
|
2025-06-12
| ||
| 11:24 | (net) block client from pushing unsigned unto signed Change initial .fap loading to put sign-key into appl_meta, then when the upload is completed, check the sign-key against the client verified one. If they do not match, prevent the update. In the case of signature flipping, there is a point to exposing the conflict to the config.lua script in order to provide additional alerts or latch into an external verification service (a link for certificates / revocation) but that is a lesser priority now. check-in: ac6d45644f user: letoram tags: master, trunk | |
| 08:15 | (net) fix --push-appl becoming id=0 on update This was simply a mid = appl->identifier gotten lost while adding support for installing / registering a new ID. Also noted that the completion id being set in the returning STREAMSTATUS check-in: 1cc8b35f9d user: letoram tags: master, trunk | |
|
2025-06-11
| ||
| 10:35 | (net) appl_cleanup: try to increase success rate We only aggressively clean up in the extraction dir applname subfolder as whatever else other dependencies might conjure up is problematic in the way it is done now (all of this need to become config.lua like options). In the process, if openal- pulls in dep on pulseaudio during probing (which shouldn't happen in the lwa- build but still does, new rebase on more current master is needed) it will leave a dangling empty pulse folder (because it doesn't actually do a pulse audio connection ...) and that breaks tracking of what was extracted or not. Just unlinkat("pulse") for the time being. check-in: 1e395360f5 user: letoram tags: master, trunk | |
| 04:12 | (net) dir-cl exec handling cleanup, 100% in dir_srv worker fix The worker one might need some further consideration, the ioloop only handled userfd2 if there was input - not if there was an error. Digging in the logs didn't show a reason for that explicit check. The only target relying on userfd2 is the dir_srv_worker that rotates with a12_btransfer_outfd (as unpack can rotate which file is next in queue). A possible reason would be reading from a file that both triggers something like EPIPE/HUP while at the same time having more data to read. For the dir_cl part it was a previous SIG_CHLD ignore that would cause the waitpid to never get the status. Now we set it each time we exec but there are more signal fsckery when it comes to debugging (monitor being a likely cause of the regression) and hot-reload. The later will get more testing as we progress with the consort project. check-in: affacd8d73 user: letoram tags: master, trunk | |
| 00:38 | (net) verify_appl_pkg on download as well This has the problem that we don't retain .fap form client side, and thus we have no way of detecting if the signing key has been swapped out and just trust the server. That is less than ideal, and we should either LRU it or, at the least, store the outsig[] somewhere associated with the petname. check-in: db23235af0 user: letoram tags: master, trunk | |
|
2025-06-10
| ||
| 21:54 | (net) save .fap and prioritize on directory scan check-in: 59da4cf2f6 user: letoram tags: master, trunk | |
| 16:07 | (net) push-update for appl signature check + rekey working check-in: 9e5aff82bc user: letoram tags: master, trunk | |
| 04:29 | (net) command_rekey for signature working The issue was merely that the control-command header generator generated a new nonce that wasn't used for calculating the message to sign. check-in: 69d0694d71 user: letoram tags: master, trunk | |
| 03:46 | (net) implement signature and datablock in verify_appl_pkg This concludes the client side portion, left is only to tie that in with the server end. The only complication there is making sure the signing key from command_rekey is applied and compared, and that .fap files are retained. check-in: dcf993128e user: letoram tags: master, trunk | |
|
2025-06-09
| ||
| 05:41 | (net) fix regression in HELLO_AUTH key generation check-in: c6654ff701 user: letoram tags: master, trunk | |
| 05:23 | (net) only strip sign/kpub/hash from .manifest (dir_srv still build_appl) check-in: f2abb18c3b user: letoram tags: master, trunk | |
|
2025-06-08
| ||
| 23:59 | (net) set signing pair REKEY before initiating upload check-in: fdfe3a0800 user: letoram tags: master, trunk | |
| 23:30 | (build) signed package upload tested client side, now to add verification. check-in: c0c2539ef0 user: letoram tags: master, trunk | |
| 23:11 | (net) [untested] add signature generation to build_appl_pkg check-in: 65124d508c user: letoram tags: master, trunk | |
| 22:22 | (build) suppress some warnings check-in: 77aecddca6 user: letoram tags: master, trunk | |
| 16:44 | (shmif) extend arg_ functions with add/remove/serialize This is to help build_appl_pkg to swap out checksums and signature. check-in: 1fecf5e5bc user: letoram tags: master, trunk | |
|
2025-06-07
| ||
| 23:34 | (net) refactor to defer build_appl_pkg Next up is actually generating manifest checksum, sign it and add pubk+sign to manifest. check-in: 37fbacf7cc user: letoram tags: master, trunk | |
| 20:58 | (build) Adds monocypher dependency to a12 zig build step check-in: 1bb7e51def user: cipharius tags: master, trunk | |
| 16:31 | (net) add keystore-naive management for signing key check-in: 0f9652b756 user: letoram tags: master, trunk | |
| 15:07 | (net) Add signature REKEY and verification, drop unused bstream field The keystore still needs to keygen and sign, and directory server still needs to actually use and enforce signatures. check-in: 8f1aa3205f user: letoram tags: master, trunk | |
| 02:50 | (net) pull in full monocypher for the time being The way the codebase is structured makes it a bit annoying to just get the ed25519 parts, something to reconsider later as we just want 'pure' primitives and not helpers. With the way we intend to use ed signatures the SHA512 part for key 'extension' isn't particularly helpful or useful, and primitive accumulation bloat (initially only X25519+BLAKE3, with Ed suddenly BLAKE2 and SHA512 joins in even though BLAKE3 alone works just fine for the purpose). check-in: ec4d82196f user: letoram tags: master, trunk | |
| 02:40 | (platform) frameserver structure reconstruction from memfd+socket fix The memfd branch condition was inverted check-in: c2394d5a25 user: letoram tags: master, trunk | |