all: merge upstream changes #11
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes golang/go#38340 Change-Id: I77afc901584ac3361eafa13c9ee9f8cf9ec2ee28 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/389256 Trust: Roland Shoemaker <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Damien Neil <[email protected]>
Support External Account Binding (EAB) tokens to the Manager as defined in RFC 8555, Section 7.3.4. If the ExternalAccountBinding field is set on Manager, pass it into the acme Account during registration. Fixes golang/go#48809 Change-Id: I64c38b05ab577acbde9f526638cc8104d15ff055 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/354189 Reviewed-by: Brad Fitzpatrick <[email protected]> Trust: Brad Fitzpatrick <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Gofmt to update doc comments to the new formatting. For golang/go#51082. Change-Id: I076031b6613691eefbb0f21739366e3fd2011ec9 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/399356 Run-TryBot: Russ Cox <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Russ Cox <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]>
Fixes golang/go#38936 Change-Id: I231d30fcc683abd9efb36b6fd9cc05f599078ade Reviewed-on: https://go-review.googlesource.com/c/crypto/+/396174 Run-TryBot: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
On the boringcrypto builder, skip the RSAPSS tests that use the truncated SHA-512 hashes, since boringcrypto does not support them. Fixes #52670 Change-Id: I8caecd0f34eb6d2740372db2b641563e3965ac7c Reviewed-on: https://go-review.googlesource.com/c/crypto/+/404654 Run-TryBot: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
In the test server, rather than spawning a goroutine to validate challenges, block on the validation before responding to the client. This prevents a test race, where testing.T.Logf is called after the test is completed. While this has a slight behavioral difference to some production ACME server implementations (although is behavior allowed in the spec), the change has little material impact on what we are testing, since previously the validation would happen so quickly that it would be indistinguishable from the new blocking behavior (i.e. we would not be sending multiple requests during polling previously.) Fixes golang/go#52170 Change-Id: I75e3b2da69ddc2302be25a99f1b1151ed0f4af9b Reviewed-on: https://go-review.googlesource.com/c/crypto/+/405548 Run-TryBot: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
The type of ssh.PublicKey.Type can be a certificate type, while the algorithm passed to SignWithAlgorithm is going to be an underlying algorithm. Fixes golang/go#52185 Change-Id: I0f7c46defa83d1fd64a3c1e861734650b20cca21 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/404614 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]>
Add support for AccountKeyRollover. API only returns an error since acme.Error will contain appropriate KID lookup information. Due to the requirements of double JWS encoding jwsEncodeJSON is also modified to support a missing Nonce header and raw string embedding in the payload. Fixes golang/go#42516 Change-Id: I959660a1a39b2c469b959accd48fda519daf4eb3 GitHub-Last-Rev: 8e8cc5b GitHub-Pull-Request: golang#215 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/400274 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]>
This version generates //go:build lines. For golang/go#46155 Change-Id: I23e4617aa96bc5c15c10f3cd0882028ca08e09e8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/388874 Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Tobias Klauser <[email protected]> Auto-Submit: Tobias Klauser <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
Currently discover is not called which results in a panic if just a key is added to an ACME client and then deactivation is attempted. This patch adds a discover call as well as missing unit tests for the API. Change-Id: I0719e5376eb2fccf62182e5f91e5b5eaa7bdd518 GitHub-Last-Rev: 501d7c6 GitHub-Pull-Request: golang#217 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/406734 TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Michael Knyszek <[email protected]>
Don't assume the path passed into the DirCache methods is absolute, and clean it before further operating on it. Put and Delete are not attacker controlled, but clean them anyway. Fixes #53082 Fixes CVE-2022-30636 Change-Id: I755f525a737da60ccba07ebce4d41cc8faebfcca Reviewed-on: https://go-review.googlesource.com/c/crypto/+/408694 Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Damien Neil <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
For golang/go#48154 Change-Id: If7e99bd1159edc2e3deeb3a4e3d8fb048bc591ab Reviewed-on: https://go-review.googlesource.com/c/crypto/+/348069 Reviewed-by: Ian Lance Taylor <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Dmitri Shuralyov <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]>
In 2009, Google's open-source lawyers asked us to create the AUTHORS file to define "The Go Authors", and the CONTRIBUTORS file was in keeping with open source best practices of the time. Re-reviewing our repos now in 2022, the open-source lawyers are comfortable with source control history taking the place of the AUTHORS file, and most open source projects no longer maintain CONTRIBUTORS files. To ease maintenance, remove AUTHORS and CONTRIBUTORS from all repos. For golang/go#53961. Change-Id: Ieb32933de4f234c77f0131490d4081b6c336820c Reviewed-on: https://go-review.googlesource.com/c/crypto/+/419094 Run-TryBot: Russ Cox <[email protected]> Reviewed-by: David Chase <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
This avoids an import conflict in code that needs to import crypto/subtle as well. CL 424194 does the same for the main repo. Change-Id: Ic54cb62bbfdcf5c2cb6f15ac47075ee1c41981ad Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424175 Reviewed-by: Cherry Mui <[email protected]> Run-TryBot: Russ Cox <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Russ Cox <[email protected]>
Change-Id: Ib0fd6fcfa358df2bdb820a512b73e7cdb34120f8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424174 Run-TryBot: Russ Cox <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Russ Cox <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
Fixes golang/go#53481. Change-Id: Ic00eef498d1d3b5b0ca5c9c526fac7c26de30cf2 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/421014 TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Run-TryBot: hopehook <[email protected]> Reviewed-by: Damien Neil <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
The OpenSSH wire format just suffixes the raw extension body, without a nested string. Fixes golang/go#51689 Change-Id: Ic224cedb934ba0563abca9a45a6be1c67769ed6d Reviewed-on: https://go-review.googlesource.com/c/crypto/+/412154 Reviewed-by: Roland Shoemaker <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> Run-TryBot: hopehook <[email protected]> Reviewed-by: Daniel Lublin <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: David Chase <[email protected]>
Alongside the existing ECDH tests, add tests that use the new crypto/ecdh package. The test vectors include a number of private that use non-standard sizes, which we reject, but aren't flagged, so we need to skip them. Change-Id: Iaaef225b0149a86833095f51748d230385d43bfe Reviewed-on: https://go-review.googlesource.com/c/crypto/+/424274 Reviewed-by: Russ Cox <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
For golang/go#45557 Change-Id: I447530cc66896aef7a8d528ccb8d095b80e3cf47 GitHub-Last-Rev: 5f385ff GitHub-Pull-Request: golang#230 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/430797 Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Reviewed-by: Meng Zhuo <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Cherry Mui <[email protected]>
Block when creating the renewal timer, rather than doing it in a goroutine. This fixes an issue where startRenew and stopRenew are called very closely together, and due to lock ordering, stopRenew may be called before startRenew, resulting in the appearance that the renewal timer has been stopped before it has actually been created. This is only an issue in tests, as that is the only place stopRenew is actually used. In particular this issue manifests in TestGetCertiifcate sub-tests, where a httptest server reuses a port across two of the sub-tests. In this case, the renewal calls end up creating dirty state for the subsequent test, which can cause confusing behavior (such as attempting to register an account twice.) Another solution to this problem would be introducing a bool, protected by renewalMu, which indicates if renewal has been halted, and to check it in startRenew to check if stopRenew has already been called, which would allow us to continue calling startRenew in a goroutine and relying on renewalMu locking for ordering. That said I don't see a particularly strong reason to call startRenew concurrently, so this seems like the simplest solution for now. Fixes golang/go#52494 Change-Id: I95420d3fd877572a0b9e408d2f8cd353f6a4e80e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433016 TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
Removes the skips from TestRenewFromCache and TestRenewFromCacheAlreadyRenewed, which were added due to flakes which may have been fixed by the renewal timer change. Updates golang/go#51080 Change-Id: Ib953a24e610e89dfbbea450a4c257c105055ce7e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/433815 Run-TryBot: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Bryan Mills <[email protected]>
Change-Id: I911366b91ff2a1d02d7de202a166d876fb873142 GitHub-Last-Rev: f50e003 GitHub-Pull-Request: golang#233 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/438536 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]>
It was possible to accept auth type "none" before, but not dynamically at runtime as a function of the ConnMetadata like the other auth types' callback hooks. Fixes golang/go#51994 Change-Id: I83ea80901d4977d8f78523e3d1e16e0a7df5b172 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/395314 Reviewed-by: Roland Shoemaker <[email protected]> Run-TryBot: Brad Fitzpatrick <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Julie Qiu <[email protected]>
Change-Id: Iac9c8f06b874e62b56f634dede8757b87514f421 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442135 Run-TryBot: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Joedian Reid <[email protected]>
pkgsite automatically links /RFC \d+/ to the mentioned RFC. Insert a bunch of spaces into doc-comments for that to match. Change-Id: I01834d7573428563f21c37e43316442e148dd8c4 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/442055 Reviewed-by: Joedian Reid <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]>
Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: If840eea1cadc749ce55efd88eb7d9fc38472839e Reviewed-on: https://go-review.googlesource.com/c/crypto/+/443996 Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Gopher Robot <[email protected]>
Updates golang/go#31456 Change-Id: Idf043a25632526baa190bf42ed360cb79f85e493 GitHub-Last-Rev: 5946157 GitHub-Pull-Request: golang#195 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/356518 Auto-Submit: Filippo Valsorda <[email protected]> Run-TryBot: Filippo Valsorda <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: David Chase <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
Change-Id: I560d7f5a62161cd88361a9fe9982d36f8e25e5af Reviewed-on: https://go-review.googlesource.com/c/crypto/+/447475 Reviewed-by: Ian Lance Taylor <[email protected]> Auto-Submit: Ian Lance Taylor <[email protected]> Reviewed-by: Than McIntosh <[email protected]> Run-TryBot: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: Ic7c0afcece0f3d2065c7a7e08f092c4344d90655 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448755 Run-TryBot: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Jenny Rakoczy <[email protected]>
Change-Id: Ic6b210c1e5b99eef5c6e38d96feaf40e7e6033bb GitHub-Last-Rev: b8ecf76 GitHub-Pull-Request: golang#229 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/429016 Run-TryBot: Ian Lance Taylor <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Michael Knyszek <[email protected]>
Done with: go get [email protected] go mod tidy go fix ./... Using go1.21.3. Also update avo to v0.5.0 in the curve25519/internal/field/_asm module. It's newer and produces no diff in the generated code. For golang/go#60268. Change-Id: I9bd771ee8561595d7f68aaca76df6e3e33d35013 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/534141 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
The HTTP response status code is expected to be 200 OK, and the certdata.txt file media type is expected to be plain text. Check that it is before proceeding with parsing it. Might help avoid repeats of CL 535735. Change-Id: I1a7896b3e20d33a23fdc53c572ae9700c9eae1ef Reviewed-on: https://go-review.googlesource.com/c/crypto/+/536717 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Commit-Queue: Roland Shoemaker <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
If the parser returns zero roots, don't attempt to completely remove the bundle. This may happen if, i.e., the HTTP response is 200 but has no content. An example of this may be http:https://go.dev/cl/535735. Change-Id: I81fc2b49c8ec813cca17fd1c807296bfb053d992 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/536136 Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
These tests try to ensure better compatibility of our server implementation with the ssh CLI. With these tests in place: 1) before merging CL 447757 we would have noticed that our server implementation was broken with OpenSSH 8.8+ 2) after merging CL 447757 we would have noticed that our server implementation was broken with OpenSSH 7.2-7.7 The ssh CLI from $PATH is used by default, but can be overridden using the SSH_CLI_PATH environment variable. Change-Id: I93d64be41c7613132b0364afac8397f57c2dcbca Reviewed-on: https://go-review.googlesource.com/c/crypto/+/506837 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Benny Siegert <[email protected]> Reviewed-by: Han-Wen Nienhuys <[email protected]> Run-TryBot: Nicola Murino <[email protected]>
HKDF is commonly used to read keys that are the the same length (or smaller) than the size of the hash digest, which means the loop inside Read only runs once. In that case, calling Reset is unnecesssary overhead. name old time/op new time/op delta 16ByteMD5Single-8 1.39µs ± 1% 1.22µs ± 0% -11.95% (p=0.000 n=10+9) 20ByteSHA1Single-8 826ns ± 0% 746ns ± 0% -9.70% (p=0.000 n=9+10) 32ByteSHA256Single-8 838ns ± 1% 744ns ± 0% -11.29% (p=0.000 n=10+10) 64ByteSHA512Single-8 5.12µs ± 0% 4.57µs ± 0% -10.78% (p=0.000 n=8+10) 8ByteMD5Stream-8 137ns ± 0% 138ns ± 0% +0.27% (p=0.009 n=9+6) 16ByteMD5Stream-8 264ns ± 0% 265ns ± 0% +0.29% (p=0.000 n=10+10) 8ByteSHA1Stream-8 64.1ns ± 0% 64.4ns ± 0% +0.60% (p=0.000 n=9+9) 20ByteSHA1Stream-8 145ns ± 0% 146ns ± 1% +0.69% (p=0.000 n=9+10) 8ByteSHA256Stream-8 42.9ns ± 1% 43.1ns ± 0% +0.48% (p=0.005 n=10+10) 32ByteSHA256Stream-8 151ns ± 0% 152ns ± 0% +0.35% (p=0.006 n=10+8) 8ByteSHA512Stream-8 139ns ± 0% 139ns ± 0% +0.08% (p=0.035 n=9+10) 64ByteSHA512Stream-8 1.07µs ± 0% 1.07µs ± 0% +0.33% (p=0.000 n=9+10) name old speed new speed delta 16ByteMD5Single-8 11.6MB/s ± 0% 13.1MB/s ± 0% +13.50% (p=0.000 n=9+9) 20ByteSHA1Single-8 24.2MB/s ± 0% 26.8MB/s ± 0% +10.75% (p=0.000 n=9+10) 32ByteSHA256Single-8 38.2MB/s ± 1% 43.0MB/s ± 0% +12.72% (p=0.000 n=10+10) 64ByteSHA512Single-8 12.5MB/s ± 0% 14.0MB/s ± 0% +12.06% (p=0.000 n=8+10) 8ByteMD5Stream-8 58.2MB/s ± 0% 58.1MB/s ± 0% -0.27% (p=0.004 n=9+9) 16ByteMD5Stream-8 60.6MB/s ± 0% 60.5MB/s ± 0% -0.27% (p=0.000 n=9+10) 8ByteSHA1Stream-8 125MB/s ± 0% 124MB/s ± 0% -0.59% (p=0.000 n=9+9) 20ByteSHA1Stream-8 138MB/s ± 0% 137MB/s ± 1% -0.69% (p=0.000 n=9+10) 8ByteSHA256Stream-8 186MB/s ± 1% 185MB/s ± 0% -0.47% (p=0.005 n=10+10) 32ByteSHA256Stream-8 211MB/s ± 0% 211MB/s ± 0% -0.37% (p=0.003 n=10+8) 8ByteSHA512Stream-8 57.4MB/s ± 1% 57.4MB/s ± 0% ~ (p=0.137 n=10+10) 64ByteSHA512Stream-8 59.9MB/s ± 0% 59.7MB/s ± 0% -0.33% (p=0.000 n=9+10) name old alloc/op new alloc/op delta 16ByteMD5Single-8 1.17kB ± 0% 0.98kB ± 0% -16.42% (p=0.000 n=10+10) 20ByteSHA1Single-8 1.25kB ± 0% 1.06kB ± 0% -15.37% (p=0.000 n=10+10) 32ByteSHA256Single-8 1.36kB ± 0% 1.14kB ± 0% -16.46% (p=0.000 n=10+10) 64ByteSHA512Single-8 2.26kB ± 0% 1.84kB ± 0% -18.43% (p=0.000 n=10+10) 8ByteMD5Stream-8 2.00B ± 0% 2.00B ± 0% ~ (all equal) 16ByteMD5Stream-8 5.00B ± 0% 5.00B ± 0% ~ (all equal) 8ByteSHA1Stream-8 2.00B ± 0% 2.00B ± 0% ~ (all equal) 20ByteSHA1Stream-8 5.00B ± 0% 5.00B ± 0% ~ (all equal) 8ByteSHA256Stream-8 1.00B ± 0% 1.00B ± 0% ~ (all equal) 32ByteSHA256Stream-8 6.00B ± 0% 6.00B ± 0% ~ (all equal) 8ByteSHA512Stream-8 1.00B ± 0% 1.00B ± 0% ~ (all equal) 64ByteSHA512Stream-8 9.00B ± 0% 9.00B ± 0% ~ (all equal) name old allocs/op new allocs/op delta 16ByteMD5Single-8 16.0 ± 0% 14.0 ± 0% -12.50% (p=0.000 n=10+10) 20ByteSHA1Single-8 16.0 ± 0% 14.0 ± 0% -12.50% (p=0.000 n=10+10) 32ByteSHA256Single-8 16.0 ± 0% 14.0 ± 0% -12.50% (p=0.000 n=10+10) 64ByteSHA512Single-8 16.0 ± 0% 14.0 ± 0% -12.50% (p=0.000 n=10+10) 8ByteMD5Stream-8 0.00 0.00 ~ (all equal) 16ByteMD5Stream-8 1.00 ± 0% 1.00 ± 0% ~ (all equal) 8ByteSHA1Stream-8 0.00 0.00 ~ (all equal) 20ByteSHA1Stream-8 1.00 ± 0% 1.00 ± 0% ~ (all equal) 8ByteSHA256Stream-8 0.00 0.00 ~ (all equal) 32ByteSHA256Stream-8 1.00 ± 0% 1.00 ± 0% ~ (all equal) 8ByteSHA512Stream-8 0.00 0.00 ~ (all equal) 64ByteSHA512Stream-8 1.00 ± 0% 1.00 ± 0% ~ (all equal) Change-Id: I08e5deb7045ce9aa63428e0ac7ae6140226414b4 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/423414 Reviewed-by: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]>
The PSHUFB instruction is part of SSE which is only v2+ but it is being used without the GOAMD64_v2 guard. The ROL macros were copied from CL 516859 that adds internal/chacha8rand. Fixes golang/go#63871 Change-Id: I3c8ba75ff284cda4fc788885643246936e617b85 GitHub-Last-Rev: e235e8e GitHub-Pull-Request: golang#275 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/538786 Reviewed-by: Keith Randall <[email protected]> Run-TryBot: Mauri de Souza Meneguzzo <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Keith Randall <[email protected]> Reviewed-by: Russ Cox <[email protected]>
Update golang.org/x dependencies to their latest tagged versions. Change-Id: Ie3a6928d78080ff7d75d6813b1760f1317baa081 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/540537 Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Carlos Amedee <[email protected]>
Because of deficiencies in the format, DecryptPEMBlock does not always detect an incorrect password. In these cases decrypted DER bytes is random noise. If the parsing of the key returns an asn1.StructuralError we return x509.IncorrectPasswordError. Fixes golang/go#62265 Change-Id: Ib8b845f2bd01662c1f1421d35859a32ac5b78da7 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/538835 Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Cherry Mui <[email protected]>
Fixes golang/go#61244 Change-Id: I29b43e379cf0cdb07b0d6935666491b997157e73 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510775 TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Bryan Mills <[email protected]> Commit-Queue: Nicola Murino <[email protected]> Run-TryBot: Nicola Murino <[email protected]> Auto-Submit: Nicola Murino <[email protected]> Reviewed-by: Han-Wen Nienhuys <[email protected]>
This should fix the "Log in goroutine" panic seen in https://build.golang.org/log/e42bf69fc002113dbccfe602a6c67fd52e8f31df, as well as a few other related leaks. It also helps to verify that none of the functions under test deadlock unexpectedly. See https://go.dev/wiki/CodeReviewComments#goroutine-lifetimes. Updates golang/go#58901. Change-Id: Ica943444db381ae1accb80b101ea646e28ebf4f9 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/541095 Auto-Submit: Bryan Mills <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]>
ReadOptionalASN1Boolean was completely broken, it would only work when there were two BOOLEAN fields in a row, with the first being OPTIONAL (which is itself invalid ASN.1 due to the ambiguity). This fixes it to properly expect a BOOLEAN wrapped in a context-specific tag, as is the case for all of the other ReadOptionalASN1* methods, and updates its doc string. This is a breaking change as it requires adding the tag field to properly support context-specific tags. Given the method would previously not work this seems like a reasonable breakage. Fixes golang/go#43019 Change-Id: I42398256216c59988e249c90bc7aa668f64df945 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/274242 Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Roland Shoemaker <[email protected]>
This fixes the case where AcceptSecContext is always called with the first token sent by the client instead of the most recently sent one. Previously, despite being being read from the client and unmarshalled, it was never actually used. Fixes golang/go#43875 Change-Id: I1967d9a107af03d6778a9437b48e785d61710ee5 GitHub-Last-Rev: 0d58e4d GitHub-Pull-Request: golang#176 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/286252 Run-TryBot: Filippo Valsorda <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Matthew Dempsky <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Run-TryBot: Nicola Murino <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Than McIntosh <[email protected]>
Relates to CL 540537, which updated the dependency in the main module. Change-Id: I9a745f4e03b5cf14fa62c4de63363ddf663b19fd GitHub-Last-Rev: 836c393 GitHub-Pull-Request: golang#277 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/541276 Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
OpenSSH 7.2-7.7 advertises support for rsa-sha2-256 and rsa-sha2-512 in the "server-sig-algs" extension but doesn't support these algorithms for certificate authentication, so if the server rejects the key try to use the obtained algorithm as if "server-sig-algs" had not been implemented. Fixes golang/go#58371 Change-Id: Id49960d3dedd32a21e2c6c2689b1696e05398286 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/510155 Reviewed-by: Filippo Valsorda <[email protected]> Run-TryBot: Nicola Murino <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> TryBot-Result: Gopher Robot <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Nicola Murino <[email protected]>
This change adds DialContext to ssh.Client, which opens a TCP-IP connection tunneled over the SSH connection. This is useful for proxying network connections, e.g. setting (net/http.Transport).DialContext. Fixes golang/go#20288. Change-Id: I110494c00962424ea803065535ebe2209364ac27 GitHub-Last-Rev: 3176984 GitHub-Pull-Request: golang#260 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/504735 Run-TryBot: Nicola Murino <[email protected]> Run-TryBot: Han-Wen Nienhuys <[email protected]> Auto-Submit: Nicola Murino <[email protected]> Reviewed-by: Han-Wen Nienhuys <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Commit-Queue: Nicola Murino <[email protected]>
Update golang.org/x dependencies to their latest tagged versions. Change-Id: I7fdfe509173c79a63d006b27d674f869a5baa2af Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545098 Reviewed-by: Heschi Kreinick <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
It's failing with a file permissions error: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:Anr3LjZK8YVpjrxu79myrW9Hrb/wpcMNpVvTq/RcBm8\r\nBad permissions. Try removing permissions for user: UNKNOWN\\\\UNKNOWN (S-1-15-2-2) on file C:/b/s/w/ir/x/t/TestSSHCLIAuth1586735692/001/rsa. For golang/go#64403 Change-Id: Iece8eac4a1ac349f9f7a273ac7389315cb96568e Cq-Include-Trybots: luci.golang.try:x_crypto-gotip-windows-amd64-longtest,x_crypto-go1.21-windows-amd64-longtest,x_crypto-go1.20-windows-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545135 Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Auto-Submit: Heschi Kreinick <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
go vet was reporting blamka_amd64.s:203:1: [amd64] mixBlocksSSE2: invalid offset a+24(FP); expected a+8(FP) blamka_amd64.s:226:1: [amd64] xorBlocksSSE2: invalid offset a+24(FP); expected a+8(FP) blamka_amd64.s:204:1: frame pointer is clobbered before saving blamka_amd64.s:227:1: frame pointer is clobbered before saving Also fix a similar naming issue in sha3: sha3\keccakf_amd64.s:325:1: [amd64] keccakF1600: unknown variable state; offset 0 is a+0(FP) Updates golang/go#47027 Change-Id: Ia74852cdb0721ae0216787054197b0cac9e1c0f8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/332289 Reviewed-by: Michael Knyszek <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]>
When an error is returned by a user defined host key callback, it is now possible to handle it using standard Go mechanisms such as errors.Is or errors.As. Fixes golang/go#61309 Change-Id: I4269c5f8eacd8e7e8d85070ad249f0e27777b15f GitHub-Last-Rev: d2a34d5 GitHub-Pull-Request: golang#266 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508876 Run-TryBot: Nicola Murino <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Muhammad Shulhan <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Nicola Murino <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Other packages already dropped compatibility with go < 1.12, so it should be safe to remove it for this package as well. Change-Id: I7e894fd11d2e7d1fe28c647bd921399a9a6e30d0 GitHub-Last-Rev: 2b4f576 GitHub-Pull-Request: golang#240 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448240 Run-TryBot: Nicola Murino <[email protected]> Reviewed-by: Joedian Reid <[email protected]> Reviewed-by: Nicola Murino <[email protected]> Commit-Queue: Nicola Murino <[email protected]> Auto-Submit: Nicola Murino <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
Sending a window adjustment after every read is unnecessarily chatty, especially with a series of small reads like with TTY interactions. Copy OpenSSH's logic for deferring these, which seemingly hasn't changed since 2007. Note that since channelWindowSize and c.maxIncomingPayload are currently constants here, the two checks could be combined into a single check for c.myWindow < 2 MiB - 96 KiB (with the current values of the constants). Fixes golang/go#57424. Change-Id: Ifcef5be76fcc3f0b1a6dc396096bed9c50d64f21 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/459915 Reviewed-by: Nicola Murino <[email protected]> Reviewed-by: Michael Knyszek <[email protected]> Run-TryBot: Nicola Murino <[email protected]> Auto-Submit: Nicola Murino <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Commit-Queue: Nicola Murino <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
This is an automated CL which updates the NSS root bundle. Change-Id: Ib8c85dc815297de7b59c3e23b0ad029baaf948ec Reviewed-on: https://go-review.googlesource.com/c/crypto/+/543735 Auto-Submit: Gopher Robot <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]>
This PR ensures that the net.Conn passed to ssh.NewServerConn is closed on all error return paths, not just after a failed handshake. This matches the behavior of ssh.NewClientConn. Change-Id: Id8a51d10ae8d575cbbe26f2ef6b37de7cca840ec GitHub-Last-Rev: 81bb2e5 GitHub-Pull-Request: golang#279 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/549095 Run-TryBot: Nicola Murino <[email protected]> Auto-Submit: Nicola Murino <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Nicola Murino <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Michael Pratt <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
Implement the "strict KEX" protocol changes, as described in section
1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1).
Namely this makes the following changes:
* Both the server and the client add an additional algorithm to the
initial KEXINIT message, indicating support for the strict KEX mode.
* When one side of the connection sees the strict KEX extension
algorithm, the strict KEX mode is enabled for messages originating
from the other side of the connection. If the sequence number for
the side which requested the extension is not 1 (indicating that it
has already received non-KEXINIT packets), the connection is
terminated.
* When strict kex mode is enabled, unexpected messages during the
handshake are considered fatal. Additionally when a key change
occurs (on the receipt of the NEWKEYS message) the message sequence
numbers are reset.
Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr
University Bochum for reporting this issue.
Fixes CVE-2023-48795
Fixes golang/go#64784
Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715
Reviewed-by: Nicola Murino <[email protected]>
Reviewed-by: Tatiana Bradley <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Run-TryBot: Roland Shoemaker <[email protected]>
Reviewed-by: Damien Neil <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>
Other packages already dropped compatibility with go1.12, so it should be safe to remove it for this package as well. Change-Id: Ieecc7cd06a0a4e69e8c1c09ef6fefe95d78ceb75 GitHub-Last-Rev: 1971e03 GitHub-Pull-Request: golang#239 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448239 Reviewed-by: Joedian Reid <[email protected]> Auto-Submit: Filippo Valsorda <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Filippo Valsorda <[email protected]> Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-by: Matthew Dempsky <[email protected]>
twitchyliquid64
approved these changes
Jan 8, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull in all the latest changes from upstream. This will make it easier to upstream or replace our changes for SSH.
Original set of commits made on our fork for SSH: 2c7772b...bc99ab8
Later ARI changes in ACME: https://github.com/tailscale/golang-x-crypto/pull/10/files
Diff from upstream to this PR: golang/crypto@master...tailscale:golang-x-crypto:awly/update-latest (mostly the sum of the above two diffs, with some tweaks).
AFAICT, this is functionally the same set of diffs.