Small and lightweight cloud storage written in C99 and POSIX.1-2008. https://gitea.privatedns.org/xavi/slcl/atom?h=master 2025-10-09T09:30:38+00:00 2025-10-09T09:30:38+00:00 Xavier Del Campo Romero xavi92@disroot.org 2025-10-09T09:30:38+00:00 urn:sha1:b82886a94a5e92b4e78898d327a991cbe5423d43 2025-10-08T20:57:00+00:00 Xavier Del Campo Romero xavi92@disroot.org 2025-10-08T20:54:47+00:00 urn:sha1:8d8179d3b412cdd2c1af60539b9aec89631f3fe6 2025-10-08T20:55:44+00:00 Xavier Del Campo Romero xavi92@disroot.org 2025-10-08T11:50:52+00:00 urn:sha1:10e42591ac72285736d5cc4ee5e7c2f68dbf1e4b The SHA256-based password hashing algorithm used by slcl(1) and usergen(1) is considered insecure against several kinds of attacks, including brute force attacks. [1] Therefore, a stronger password hashing algorithm based on the Argon2id key derivation function is now used by default. While OpenSSL does support Argon2id, it is only supported by very recent versions [2], which are still not packaged by most distributions as of the time of this writing. [3] As an alternative to OpenSSL, libsodium [4] had several benefits: - It provides easy-to-use functions for password hashing, base64 encoding/decoding and other cryptographic primitives used by slcl(1) and usergen(1). - It is packaged by most distributions [5], and most often only the patch version differs, which ensures good compatibility across distributions. Unfortunately, and as opposed to OpenSSL, libsodium does not come with command-line tools. Therefore, usergen(1) had to be rewritten in C. In order to maintain backwards compatiblity with existing databases, slcl(1) and usergen(1) shall support the insecure, SHA256-based password hashing algorithm. However, Argon2id shall now be the default choice for usergen(1). [1]: https://security.stackexchange.com/questions/195563/why-is-sha-256-not-good-for-passwords [2]: https://docs.openssl.org/3.3/man7/EVP_KDF-ARGON2/ [3]: https://repology.org/project/openssl/versions [4]: https://www.libsodium.org/ [5]: https://repology.org/project/libsodium/versions 2025-10-08T00:03:05+00:00 Xavier Del Campo Romero xavi92@disroot.org 2025-10-06T21:02:51+00:00 urn:sha1:00dd37604d50cbf3fb27ec0631b4d4b6d2ee893a Thanks to the fdzipstream library [1] and zlib [2], it is possible to generate ZIP files on-the-fly, therefore requiring no extra disk space usage and only a small amount of memory. Unfortunately, as of the time of this writing fdzipstream is not packaged by any distributions yet [3], so it had to be imported as a git submodule as a workaround. While libarchive [4] could be an interesting alternative, writing ZIP files is only supported by very recent versions (>= 3.8.0), which are still not packaged by many distributions [5], either. Moreover, libarchive is a package with several dependencies other than zlib and is significantly larger compared to fdzipstreams, so fdzipstreams was ultimately considered a better fit for this purpose. [1]: https://github.com/CTrabant/fdzipstream.git [2]: http://zlib.net/ [3]: https://repology.org/projects/?search=fdzipstream [4]: https://www.libarchive.org/ [5]: https://repology.org/project/libarchive/versions 2025-09-24T09:03:39+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2023-07-24T21:17:48+00:00 urn:sha1:a74f4a72504d1c5923bd2b4e85941f34d9fce79f crealpath (for "custom realpath") is a custom implementation of realpath(3) that aims to work similarly to GNU's realpath(1). This implementation is provided due to the following reasons: - Future commits will require extracting an absolute path from a relative path, and/or process relative components from a path, such as ".." or ".". - realpath(3) is defined by POSIX.1-2008 as a XSI extension, and extensions are generally avoided in this repository whenever possible. - Additionally, realpath(3) requires the file or directory pointed to by the path to exist, which might not always be the case for slcl. - auth.c uses its own implementation to extract a dynamically allocated string by repeatedly calling getcwd(3). Future commits will also require this future, so it makes sense to keep it on a separate component. 2025-02-24T22:05:24+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2025-02-24T21:48:02+00:00 urn:sha1:77e413f01a5d73ee1366487c45b499f59f5758bd Even if OpenSSL 1.0 is no longer supported [1], slcl still builds and works fine with it, so there is no reason to require a higher version. [1]: https://openssl-library.org/policies/releasestrat/index.html 2024-02-19T22:35:08+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2024-02-19T22:03:16+00:00 urn:sha1:f6b84b765d6fa4d95aae5501fedca5cd8903e224 The following commits fix a couple of security issues on libweb. Because of afe0681c0b26bb64bad55d7e86770f346cfa043e, slcl had to be updated to set up its struct http_cfg_post. commit afe0681c0b26bb64bad55d7e86770f346cfa043e Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com> Date: Mon Feb 19 23:00:56 2024 +0100 Limit maximum multipart/form-data pairs and files A malicious user could inject an infinite number of empty files or key/value pairs into a request in order to exhaust the device's resources. commit 9d9e0c2979f43297b2ebbf84f14f064f3f9ced0e Author: Xavier Del Campo Romero <xavi.dcr@tutanota.com> Date: Mon Feb 19 22:49:09 2024 +0100 html.c: Avoid half-init objects on html_node_add_attr The previous implementation would leave half-initialised objects if one of the calls to strdup(3) failed. Now, n->attrs is only modified when all previous memory allocations were successful. 2024-02-12T22:15:15+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2024-02-12T20:23:37+00:00 urn:sha1:c198199a8196913b452461bea1a06438d667f1a2 2024-02-12T22:15:14+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2024-02-12T20:23:25+00:00 urn:sha1:69c9f975ba6bd52ec58338dad68d2c7499781761 2023-11-22T23:07:45+00:00 Xavier Del Campo Romero xavi.dcr@tutanota.com 2023-11-22T23:07:45+00:00 urn:sha1:c3223566708f230285bf4ba7758bc2bae7a66018 When VERSION is given, LANGUAGES becomes mandatory.