Arcan

Timeline
Login

Timeline

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

50 most recent check-ins

2025-06-29
19:01
(build) adds few more dependencies to flake.nix Leaf check-in: e65ca0e5d4 user: cipharius tags: master, trunk
18:44
(build) adds flake.nix with all of the build dependencies check-in: a28bab3e82 user: cipharius tags: master, trunk
2025-06-26
16:29
(net) obsd warnings check-in: 11cc3d5829 user: letoram tags: master, trunk
04:41
(build) move arc4random() to arcan_random() for musl- compat check-in: 555656c25a user: letoram tags: master, trunk
2025-06-25
06:06
(net) expose debug report generation as .report resource This solves for half of the triaging point. It makes it so a developer permission key can generate and download the report for the appl it specifies, a config option to flush after this has occured (the flush happens instantly, meaning that if the connection is severed while the report is downloaded, it is lost). It can be parried for by tracking the transfer and waiting for STREAMSTATUS to latch the unlink, if needed. It's just fringe enough to not warrant the effort right now. It also adds config.lua scope controls to block the flush, and admin functions to enumerate installed appls and explicitly flush. What's missing is the .ctrl layer, both for merging into the report itself, and more importantly - an external ticket service config and functions to issue a ticket into it. check-in: 66835228e0 user: letoram tags: master, trunk
06:02
(shmif) don't warn if migrate called without connp set check-in: b85540ac80 user: letoram tags: master, trunk
2025-06-24
15:51
(net) add build_debug_pkg(applname) for collecting .debug This enumerates all accepted public keys with a local state store, extracts .debug snapshots and packages them into one descriptor. The purpose for this is to then let the developer access that as a .file for local triaging, or for the .ctrl- VM runner to further analyze it to generate tickets. check-in: 235473f9fb user: letoram tags: master, trunk
03:48
(build) off-by-one in awk extraction of buildtag check-in: 807f065909 user: letoram tags: master, trunk
03:19
(build) fossil tip tagging fix for out-of-tree build dir check-in: e1e9d2c13e user: letoram tags: master, trunk
03:18
(net) h264 raw bitstream debug dump accidentally enabled check-in: 0db5c7ce2a user: letoram tags: master, trunk
01:57
(net) make outbound buffer-ringbuffer size configurable check-in: 64252e0016 user: letoram tags: master, trunk
00:58
(net) missing critical-region safeguard around post-auth flush check-in: e151a800b5 user: letoram tags: master, trunk
00:57
(net) add (incomplete) pre-encrypt buffer validation function check-in: 5bb7302356 user: letoram tags: master, trunk
2025-06-23
17:27
(lwa) queue EXIT_FAILURE if parent connection dies without recovery check-in: d73c64121b user: letoram tags: master, trunk
2025-06-22
08:48
(net) move a12int_insecure_ helpers to context option and update test check-in: df3887ea43 user: letoram tags: master, trunk
2025-06-21
23:58
(lua) extend open_nonblock with table form This is in preparation for handling parallel transfers through afsrv_net/arcan-net. The problem this is meant to solve is that if an appl does something like: stdin = net_open("@stdin", ...) decode = launch_decode(...) open_nonblock(stdin, false, "appl:/something", decode) Any subsequent transfers will be queued and not dispatched until decode finishes streaming. This breaks simple cases like an a12-ctrl+appl that may stream video from a static source while also presenting static imagery that comes server-side. There's no reasonable heuristic for this since afsrv_decode etc. can be used for static imagery as well, the option is either to instruct _decode to locally cache before decoding (which can be gigabytes of data and still block) or, as the approach is here, to add hinting: open_nonblock(stdin, {parallel = true}, "appl:/something", decode) Then (next patch) let arcan-net see that this should be parallelised and request it on a different channel. This gives the appl the option of ~255 (assuming no other dynamic sourcing or tunneling) ongoing transfers. check-in: 75fde94de0 user: letoram tags: master, trunk
11:15
(net) wire in request_nonblock, accept_nonblock for ctrl This is a prerequisite for dynamic/filtered .index as well as ctrl- dictated streaming transfers. check-in: 5fe4c48b76 user: letoram tags: master, trunk
04:55
(net) ensure \0 terminating in pkg unpack Off-by-one causing some packaging to fail validation. check-in: 6221073f42 user: letoram tags: master, trunk
04:54
(tui) split out nbio processing for re-use elsewhere open_nonblock is needed in dir-ctrl lua VM now, rather than re-implement the same processing loop again, prepare for re-using the tui one as that has seen the heaviest testing. check-in: 63c9ea2ed4 user: letoram tags: master, trunk
2025-06-19
11:19
(doc/net) extend A12 directory-extension This adds more detail on FAP signing, directory linking and extends appl directory announcements to cover tui-only appls as well as a 'default' flag for key-defined 'default' appl. check-in: 0e987189a3 user: letoram tags: master, trunk
2025-06-13
18:06
(net) change keystore_accept tags to handle a,b,c accept:b,d Previously the accept/somekey tag was always a single entity, but for more complete policies we want both to be sets and then check that they intersect. check-in: 077fff8bfe user: letoram tags: master, trunk
15:30
(net) scaffolding for reference_directory() check-in: 3b21ad30ea user: letoram tags: master, trunk
07:57
(net) OpenBSD size_t vs. ull build warning + more logging for DIRLIST check-in: e9edc6608e user: letoram tags: master, trunk
2025-06-12
11:24
(net) block client from pushing unsigned unto signed Change initial .fap loading to put sign-key into appl_meta, then when the upload is completed, check the sign-key against the client verified one. If they do not match, prevent the update. In the case of signature flipping, there is a point to exposing the conflict to the config.lua script in order to provide additional alerts or latch into an external verification service (a link for certificates / revocation) but that is a lesser priority now. check-in: ac6d45644f user: letoram tags: master, trunk
08:15
(net) fix --push-appl becoming id=0 on update This was simply a mid = appl->identifier gotten lost while adding support for installing / registering a new ID. Also noted that the completion id being set in the returning STREAMSTATUS check-in: 1cc8b35f9d user: letoram tags: master, trunk
2025-06-11
10:35
(net) appl_cleanup: try to increase success rate We only aggressively clean up in the extraction dir applname subfolder as whatever else other dependencies might conjure up is problematic in the way it is done now (all of this need to become config.lua like options). In the process, if openal- pulls in dep on pulseaudio during probing (which shouldn't happen in the lwa- build but still does, new rebase on more current master is needed) it will leave a dangling empty pulse folder (because it doesn't actually do a pulse audio connection ...) and that breaks tracking of what was extracted or not. Just unlinkat("pulse") for the time being. check-in: 1e395360f5 user: letoram tags: master, trunk
04:12
(net) dir-cl exec handling cleanup, 100% in dir_srv worker fix The worker one might need some further consideration, the ioloop only handled userfd2 if there was input - not if there was an error. Digging in the logs didn't show a reason for that explicit check. The only target relying on userfd2 is the dir_srv_worker that rotates with a12_btransfer_outfd (as unpack can rotate which file is next in queue). A possible reason would be reading from a file that both triggers something like EPIPE/HUP while at the same time having more data to read. For the dir_cl part it was a previous SIG_CHLD ignore that would cause the waitpid to never get the status. Now we set it each time we exec but there are more signal fsckery when it comes to debugging (monitor being a likely cause of the regression) and hot-reload. The later will get more testing as we progress with the consort project. check-in: affacd8d73 user: letoram tags: master, trunk
00:38
(net) verify_appl_pkg on download as well This has the problem that we don't retain .fap form client side, and thus we have no way of detecting if the signing key has been swapped out and just trust the server. That is less than ideal, and we should either LRU it or, at the least, store the outsig[] somewhere associated with the petname. check-in: db23235af0 user: letoram tags: master, trunk
2025-06-10
21:54
(net) save .fap and prioritize on directory scan check-in: 59da4cf2f6 user: letoram tags: master, trunk
16:07
(net) push-update for appl signature check + rekey working check-in: 9e5aff82bc user: letoram tags: master, trunk
04:29
(net) command_rekey for signature working The issue was merely that the control-command header generator generated a new nonce that wasn't used for calculating the message to sign. check-in: 69d0694d71 user: letoram tags: master, trunk
03:46
(net) implement signature and datablock in verify_appl_pkg This concludes the client side portion, left is only to tie that in with the server end. The only complication there is making sure the signing key from command_rekey is applied and compared, and that .fap files are retained. check-in: dcf993128e user: letoram tags: master, trunk
2025-06-09
05:41
(net) fix regression in HELLO_AUTH key generation check-in: c6654ff701 user: letoram tags: master, trunk
05:23
(net) only strip sign/kpub/hash from .manifest (dir_srv still build_appl) check-in: f2abb18c3b user: letoram tags: master, trunk
2025-06-08
23:59
(net) set signing pair REKEY before initiating upload check-in: fdfe3a0800 user: letoram tags: master, trunk
23:30
(build) signed package upload tested client side, now to add verification. check-in: c0c2539ef0 user: letoram tags: master, trunk
23:11
(net) [untested] add signature generation to build_appl_pkg check-in: 65124d508c user: letoram tags: master, trunk
22:22
(build) suppress some warnings check-in: 77aecddca6 user: letoram tags: master, trunk
16:44
(shmif) extend arg_ functions with add/remove/serialize This is to help build_appl_pkg to swap out checksums and signature. check-in: 1fecf5e5bc user: letoram tags: master, trunk
2025-06-07
23:34
(net) refactor to defer build_appl_pkg Next up is actually generating manifest checksum, sign it and add pubk+sign to manifest. check-in: 37fbacf7cc user: letoram tags: master, trunk
20:58
(build) Adds monocypher dependency to a12 zig build step check-in: 1bb7e51def user: cipharius tags: master, trunk
16:31
(net) add keystore-naive management for signing key check-in: 0f9652b756 user: letoram tags: master, trunk
15:07
(net) Add signature REKEY and verification, drop unused bstream field The keystore still needs to keygen and sign, and directory server still needs to actually use and enforce signatures. check-in: 8f1aa3205f user: letoram tags: master, trunk
02:50
(net) pull in full monocypher for the time being The way the codebase is structured makes it a bit annoying to just get the ed25519 parts, something to reconsider later as we just want 'pure' primitives and not helpers. With the way we intend to use ed signatures the SHA512 part for key 'extension' isn't particularly helpful or useful, and primitive accumulation bloat (initially only X25519+BLAKE3, with Ed suddenly BLAKE2 and SHA512 joins in even though BLAKE3 alone works just fine for the purpose). check-in: ec4d82196f user: letoram tags: master, trunk
02:40
(platform) frameserver structure reconstruction from memfd+socket fix The memfd branch condition was inverted check-in: c2394d5a25 user: letoram tags: master, trunk
2025-06-06
03:20
(shmif) change server_inherit_connection to handle memfd Now that the semaphores are out of the system, it's possible to create server- end shmifsrv_client struct from descriptor primitives (socket+memory) and pass a preconfigured client around between processes. This lets us remove the POSIX UB with continued execution after fork in arcan-net. check-in: 872772cc60 user: letoram tags: master, trunk
2025-06-04
00:43
(net) early-out tick if the client hasn't passed check-in: d2f16a9cbd user: letoram tags: master, trunk
00:40
(net) tunnel-shutdown wakeup should go to the right fd state check-in: d894391fd1 user: letoram tags: master, trunk
00:36
(shmif) _server should use correct clockreq id check-in: 35d34c12f4 user: letoram tags: master, trunk
2025-06-03
21:52
(console) updates builtin/keyboard.lua use to the new API check-in: 9e4af8a937 user: cipharius tags: master, trunk