Upgrade dependencies
This commit is contained in:
parent
e3eafcd35b
commit
df5c351b7f
15
go.mod
15
go.mod
|
@ -12,12 +12,10 @@ require (
|
||||||
github.com/PuerkitoBio/goquery v1.7.0
|
github.com/PuerkitoBio/goquery v1.7.0
|
||||||
github.com/antchfx/xmlquery v1.3.6 // indirect
|
github.com/antchfx/xmlquery v1.3.6 // indirect
|
||||||
github.com/authzed/authzed-go v0.3.0
|
github.com/authzed/authzed-go v0.3.0
|
||||||
github.com/authzed/grpcutil v0.0.0-20211115181027-063820eb2511 // indirect
|
github.com/authzed/grpcutil v0.0.0-20211115181027-063820eb2511
|
||||||
github.com/aws/aws-sdk-go v1.36.12
|
github.com/aws/aws-sdk-go v1.36.12
|
||||||
github.com/cavaliergopher/rpm v1.2.0
|
github.com/cavaliergopher/rpm v1.2.0
|
||||||
github.com/coreos/go-oidc/v3 v3.0.0
|
github.com/coreos/go-oidc/v3 v3.0.0
|
||||||
github.com/creack/pty v1.1.18 // indirect
|
|
||||||
github.com/docker/docker v20.10.14+incompatible // indirect
|
|
||||||
github.com/fatih/color v1.12.0
|
github.com/fatih/color v1.12.0
|
||||||
github.com/go-chi/chi v4.1.2+incompatible
|
github.com/go-chi/chi v4.1.2+incompatible
|
||||||
github.com/go-git/go-billy/v5 v5.3.1
|
github.com/go-git/go-billy/v5 v5.3.1
|
||||||
|
@ -28,13 +26,10 @@ require (
|
||||||
github.com/gocolly/colly/v2 v2.1.0
|
github.com/gocolly/colly/v2 v2.1.0
|
||||||
github.com/gogo/status v1.1.0
|
github.com/gogo/status v1.1.0
|
||||||
github.com/google/uuid v1.3.0
|
github.com/google/uuid v1.3.0
|
||||||
github.com/gosimple/slug v1.12.0 // indirect
|
|
||||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.6.0
|
github.com/grpc-ecosystem/grpc-gateway/v2 v2.6.0
|
||||||
github.com/imdario/mergo v0.3.11 // indirect
|
github.com/imdario/mergo v0.3.11 // indirect
|
||||||
github.com/jedib0t/go-pretty/v6 v6.2.7 // indirect
|
|
||||||
github.com/jmoiron/sqlx v1.3.4
|
github.com/jmoiron/sqlx v1.3.4
|
||||||
github.com/lib/pq v1.10.2
|
github.com/lib/pq v1.10.2
|
||||||
github.com/mattn/go-tty v0.0.4 // indirect
|
|
||||||
github.com/ory/hydra-client-go v1.10.6
|
github.com/ory/hydra-client-go v1.10.6
|
||||||
github.com/pelletier/go-toml v1.8.1 // indirect
|
github.com/pelletier/go-toml v1.8.1 // indirect
|
||||||
github.com/rocky-linux/srpmproc v0.3.16
|
github.com/rocky-linux/srpmproc v0.3.16
|
||||||
|
@ -44,14 +39,14 @@ require (
|
||||||
github.com/spf13/viper v1.7.1
|
github.com/spf13/viper v1.7.1
|
||||||
github.com/stretchr/testify v1.7.0
|
github.com/stretchr/testify v1.7.0
|
||||||
github.com/temoto/robotstxt v1.1.2 // indirect
|
github.com/temoto/robotstxt v1.1.2 // indirect
|
||||||
github.com/uber/jaeger-client-go v2.29.1+incompatible // indirect
|
|
||||||
github.com/vbauerster/mpb/v7 v7.0.2
|
github.com/vbauerster/mpb/v7 v7.0.2
|
||||||
github.com/vishvananda/netlink v1.1.0 // indirect
|
|
||||||
github.com/xanzy/go-gitlab v0.50.4
|
github.com/xanzy/go-gitlab v0.50.4
|
||||||
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2
|
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2
|
||||||
go.temporal.io/sdk v1.13.1
|
go.temporal.io/sdk v1.13.1
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d // indirect
|
||||||
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
|
golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f
|
||||||
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08
|
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08
|
||||||
|
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 // indirect
|
||||||
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247
|
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247
|
||||||
google.golang.org/grpc v1.44.0
|
google.golang.org/grpc v1.44.0
|
||||||
google.golang.org/protobuf v1.27.1
|
google.golang.org/protobuf v1.27.1
|
||||||
|
@ -60,7 +55,6 @@ require (
|
||||||
k8s.io/api v0.22.1
|
k8s.io/api v0.22.1
|
||||||
k8s.io/apimachinery v0.22.1
|
k8s.io/apimachinery v0.22.1
|
||||||
k8s.io/client-go v0.22.1
|
k8s.io/client-go v0.22.1
|
||||||
kernel.org/pub/linux/libs/security/libcap/cap v1.2.64 // indirect
|
|
||||||
peridot.resf.org/common v0.0.0-00010101000000-000000000000
|
peridot.resf.org/common v0.0.0-00010101000000-000000000000
|
||||||
peridot.resf.org/obsidian/pb v0.0.0-00010101000000-000000000000
|
peridot.resf.org/obsidian/pb v0.0.0-00010101000000-000000000000
|
||||||
peridot.resf.org/peridot/keykeeper/pb v0.0.0-00010101000000-000000000000
|
peridot.resf.org/peridot/keykeeper/pb v0.0.0-00010101000000-000000000000
|
||||||
|
@ -70,6 +64,9 @@ require (
|
||||||
peridot.resf.org/secparse/proto v0.0.0-00010101000000-000000000000
|
peridot.resf.org/secparse/proto v0.0.0-00010101000000-000000000000
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// Manual replace
|
||||||
|
replace github.com/dgrijalva/jwt-go v3.2.0+incompatible => github.com/golang-jwt/jwt/v4 v4.4.2
|
||||||
|
|
||||||
// sync-replace-start
|
// sync-replace-start
|
||||||
replace (
|
replace (
|
||||||
bazel.build/protobuf => ./bazel-bin/build/bazel/protobuf/bazelbuild_go_proto_/bazel.build/protobuf
|
bazel.build/protobuf => ./bazel-bin/build/bazel/protobuf/bazelbuild_go_proto_/bazel.build/protobuf
|
||||||
|
|
155
go.sum
155
go.sum
|
@ -2,8 +2,6 @@ alexejk.io/go-xmlrpc v0.2.0 h1:3EdJ+qtYQjyXiE4E0V/GFAnUvvOjqh1+OGIgy5OSdZk=
|
||||||
alexejk.io/go-xmlrpc v0.2.0/go.mod h1:bGBNmSKFuy/YTDexcocpWfanQnCXlcsUsMUiZ2T5F2Y=
|
alexejk.io/go-xmlrpc v0.2.0/go.mod h1:bGBNmSKFuy/YTDexcocpWfanQnCXlcsUsMUiZ2T5F2Y=
|
||||||
cirello.io/dynamolock v1.4.0 h1:dBOcspk0HEJpy4bvHUPrk134PkiWCzllzchOU38i+r4=
|
cirello.io/dynamolock v1.4.0 h1:dBOcspk0HEJpy4bvHUPrk134PkiWCzllzchOU38i+r4=
|
||||||
cirello.io/dynamolock v1.4.0/go.mod h1:kh+hBBWaonCYjIpPWbXDmjFbFHdmTsCl0hIXR0sPCUM=
|
cirello.io/dynamolock v1.4.0/go.mod h1:kh+hBBWaonCYjIpPWbXDmjFbFHdmTsCl0hIXR0sPCUM=
|
||||||
cirello.io/dynamolock/v2 v2.0.0-20220408195142-776a5d960f9f h1:Vhvs0QTgzgkXYBPAcHEvc86Bl12EacChTsmo21XmZwU=
|
|
||||||
cirello.io/dynamolock/v2 v2.0.0-20220408195142-776a5d960f9f/go.mod h1:+CPdRQn1F/qkw1WRbUZ9qN3ZHwB5oZvsy9hDXGhxe74=
|
|
||||||
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
|
||||||
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
|
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
|
||||||
|
@ -53,16 +51,10 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
|
||||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||||
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
|
github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
|
||||||
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
|
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20211112122917-428f8eabeeb3 h1:XcF0cTDJeiuZ5NU8w7WUDge0HRwwNRmxj/GGk6KSA6g=
|
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20211112122917-428f8eabeeb3/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
|
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f h1:J2FzIrXN82q5uyUraeJpLIm7U6PffRwje2ORho5yIik=
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f h1:J2FzIrXN82q5uyUraeJpLIm7U6PffRwje2ORho5yIik=
|
||||||
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
|
github.com/ProtonMail/go-crypto v0.0.0-20220113124808-70ae35bab23f/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
|
||||||
github.com/ProtonMail/go-mime v0.0.0-20190923161245-9b5a4261663a h1:W6RrgN/sTxg1msqzFFb+G80MFmpjMw61IU+slm+wln4=
|
|
||||||
github.com/ProtonMail/go-mime v0.0.0-20190923161245-9b5a4261663a/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4=
|
|
||||||
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f h1:CGq7OieOz3wyQJ1fO8S0eO9TCW1JyvLrf8fhzz1i8ko=
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f h1:CGq7OieOz3wyQJ1fO8S0eO9TCW1JyvLrf8fhzz1i8ko=
|
||||||
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4=
|
github.com/ProtonMail/go-mime v0.0.0-20220302105931-303f85f7fe0f/go.mod h1:NYt+V3/4rEeDuaev/zw1zCq8uqVEuPHzDPo3OZrlGJ4=
|
||||||
github.com/ProtonMail/gopenpgp/v2 v2.3.0 h1:eniutitHk02Yn3GtaDfJTVm/Ca1e8s6zkS0SpeaocXI=
|
|
||||||
github.com/ProtonMail/gopenpgp/v2 v2.3.0/go.mod h1:F62x0m3akQuisX36pOgAtKOHZ1E7/MpnX8bZWCK+5dA=
|
|
||||||
github.com/ProtonMail/gopenpgp/v2 v2.4.7 h1:V3xeelvXgJiZXZuPtSSE+uYbtPw4RmbmyPqXDAESPhg=
|
github.com/ProtonMail/gopenpgp/v2 v2.4.7 h1:V3xeelvXgJiZXZuPtSSE+uYbtPw4RmbmyPqXDAESPhg=
|
||||||
github.com/ProtonMail/gopenpgp/v2 v2.4.7/go.mod h1:ZW1KxHNG6q5LMgFKf9Ap/d2eVYeyGf5+fAUEAjJWtmo=
|
github.com/ProtonMail/gopenpgp/v2 v2.4.7/go.mod h1:ZW1KxHNG6q5LMgFKf9Ap/d2eVYeyGf5+fAUEAjJWtmo=
|
||||||
github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc=
|
github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc=
|
||||||
|
@ -118,41 +110,12 @@ github.com/aws/aws-sdk-go v1.34.13/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZve
|
||||||
github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48=
|
github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48=
|
||||||
github.com/aws/aws-sdk-go v1.36.12 h1:YJpKFEMbqEoo+incs5qMe61n1JH3o4O1IMkMexLzJG8=
|
github.com/aws/aws-sdk-go v1.36.12 h1:YJpKFEMbqEoo+incs5qMe61n1JH3o4O1IMkMexLzJG8=
|
||||||
github.com/aws/aws-sdk-go v1.36.12/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
github.com/aws/aws-sdk-go v1.36.12/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro=
|
||||||
github.com/aws/aws-sdk-go-v2 v1.8.0/go.mod h1:xEFuWz+3TYdlPRuo+CqATbeDWIWyaT5uAPwPaWtgse0=
|
|
||||||
github.com/aws/aws-sdk-go-v2 v1.16.2 h1:fqlCk6Iy3bnCumtrLz9r3mJ/2gUT0pJ0wLFVIdWh+JA=
|
|
||||||
github.com/aws/aws-sdk-go-v2 v1.16.2/go.mod h1:ytwTPBG6fXTZLxxeeCCWj2/EMYp/xDUgX+OET6TLNNU=
|
|
||||||
github.com/aws/aws-sdk-go-v2/credentials v1.3.2/go.mod h1:PACKuTJdt6AlXvEq8rFI4eDmoqDFC5DpVKQbWysaDgM=
|
|
||||||
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.8.4 h1:RFvKYpSTejcSLgtPmfy6jY2vxcAC6y2f+gHD2HH99fg=
|
|
||||||
github.com/aws/aws-sdk-go-v2/feature/dynamodb/attributevalue v1.8.4/go.mod h1:N7M3jvFFVC8zayueLESAjrsSiak2yYt/b8p4EPsNbaY=
|
|
||||||
github.com/aws/aws-sdk-go-v2/feature/dynamodb/expression v1.4.5 h1:UHAzjxRwGBdiufi7NBaBHQw6XMnhVZB2P0JeAbbd+wE=
|
|
||||||
github.com/aws/aws-sdk-go-v2/feature/dynamodb/expression v1.4.5/go.mod h1:iqXqwMagYdnvFATn4aGrtYAaTjAYQZSrNrxgEJ+dxZY=
|
|
||||||
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.4.0/go.mod h1:Mj/U8OpDbcVcoctrYwA2bak8k/HFPdcLzI/vaiXMwuM=
|
|
||||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9 h1:onz/VaaxZ7Z4V+WIN9Txly9XLTmoOh1oJ8XcAC3pako=
|
|
||||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9/go.mod h1:AnVH5pvai0pAF4lXRq0bmhbes1u9R8wTE+g+183bZNM=
|
|
||||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3 h1:9stUQR/u2KXU6HkFJYlqnZEjBnbgrVbG6I5HN09xZh0=
|
|
||||||
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.3/go.mod h1:ssOhaLpRlh88H3UmEcsBoVKq309quMvm3Ds8e9d4eJM=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.15.3 h1:b5+OInu1LyoF4uhFT453MOhbXXaM0YmQsqkxMjFl1dc=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/dynamodb v1.15.3/go.mod h1:SvbsOiwp0L3NvC+XjgS1CU6NQ3TmArV1bNBlugz2hVc=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.13.3 h1:nPT5ysut/wvhIYyTZ5m6phHS50awx3MVwiB5igAWUH8=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/dynamodbstreams v1.13.3/go.mod h1:y0rhvvclfOoHPdnMyADj6KKydr0+YgaWmDZFqBi9uFc=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.1 h1:T4pFel53bkHjL2mMo+4DKE6r6AuoZnM0fg7k1/ratr4=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.1/go.mod h1:GeUru+8VzrTXV/83XyMJ80KpH8xO89VPoUileyNQ+tc=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.3 h1:JUbFrnq5mEeM2anIJ2PUkaHpKPW/D+RYAQVv5HXYQg4=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery v1.7.3/go.mod h1:lgGDXBzoot238KmAAn6zf9lkoxcYtJECnYURSbvNlfc=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.2.2/go.mod h1:NXmNI41bdEsJMrD0v9rUvbGCB5GwdBEpKvUvIY3vTFg=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/sso v1.3.2/go.mod h1:J21I6kF+d/6XHVk7kp/cx9YVD2TMD2TbLwtRGVcinXo=
|
|
||||||
github.com/aws/aws-sdk-go-v2/service/sts v1.6.1/go.mod h1:hLZ/AnkIKHLuPGjEiyghNEdvJ2PP0MgOxcmv9EBJ4xs=
|
|
||||||
github.com/aws/smithy-go v1.7.0/go.mod h1:SObp3lf9smib00L/v3U2eAKG8FyQ7iLrJnQiAmR5n+E=
|
|
||||||
github.com/aws/smithy-go v1.11.2 h1:eG/N+CcUMAvsdffgMvjMKwfyDzIkjM6pfxMJ8Mzc6mE=
|
|
||||||
github.com/aws/smithy-go v1.11.2/go.mod h1:3xHYmszWVx2c0kIwQeEVf9uSm4fYZt67FBJnwub1bgM=
|
|
||||||
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
|
||||||
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
|
||||||
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
|
||||||
github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
|
github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
|
||||||
github.com/bluekeyes/go-gitdiff v0.5.0 h1:AXrIoy/VEA9Baz2lhwMlpdzDJ/sKof6C9yTt1oqw4hQ=
|
github.com/bluekeyes/go-gitdiff v0.5.0 h1:AXrIoy/VEA9Baz2lhwMlpdzDJ/sKof6C9yTt1oqw4hQ=
|
||||||
github.com/bluekeyes/go-gitdiff v0.5.0/go.mod h1:QpfYYO1E0fTVHVZAZKiRjtSGY9823iCdvGXBcEzHGbM=
|
github.com/bluekeyes/go-gitdiff v0.5.0/go.mod h1:QpfYYO1E0fTVHVZAZKiRjtSGY9823iCdvGXBcEzHGbM=
|
||||||
github.com/cavaliercoder/go-cpio v0.0.0-20180626203310-925f9528c45e/go.mod h1:oDpT4efm8tSYHXV5tHSdRvBet/b/QzxZ+XyyPehvm3A=
|
|
||||||
github.com/cavaliercoder/go-rpm v0.0.0-20200122174316-8cb9fd9c31a8/go.mod h1:AZIh1CCnMrcVm6afFf96PBvE2MRpWFco91z8ObJtgDY=
|
|
||||||
github.com/cavaliergopher/rpm v1.2.0 h1:s0h+QeVK252QFTolkhGiMeQ1f+tMeIMhGl8B1HUmGUc=
|
github.com/cavaliergopher/rpm v1.2.0 h1:s0h+QeVK252QFTolkhGiMeQ1f+tMeIMhGl8B1HUmGUc=
|
||||||
github.com/cavaliergopher/rpm v1.2.0/go.mod h1:R0q3vTqa7RUvPofAZYrnjJ63hh2vngjFfphuXiExVos=
|
github.com/cavaliergopher/rpm v1.2.0/go.mod h1:R0q3vTqa7RUvPofAZYrnjJ63hh2vngjFfphuXiExVos=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
|
@ -171,8 +134,6 @@ github.com/cncf/xds/go v0.0.0-20210312221358-fbca930ec8ed/go.mod h1:eXthEFrGJvWH
|
||||||
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
github.com/cncf/xds/go v0.0.0-20210805033703-aa0b78936158/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||||
github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
github.com/cncf/xds/go v0.0.0-20210922020428-25de7278fc84/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||||
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
github.com/cncf/xds/go v0.0.0-20211011173535-cb28da3451f1/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs=
|
||||||
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd h1:qMd81Ts1T2OTKmB4acZcyKaMtRnY5Y44NuXGX2GFJ1w=
|
|
||||||
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
|
|
||||||
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
|
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
|
||||||
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
|
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
|
||||||
github.com/coreos/go-oidc/v3 v3.0.0 h1:/mAA0XMgYJw2Uqm7WKGCsKnjitE/+A0FFbOmiRJm7LQ=
|
github.com/coreos/go-oidc/v3 v3.0.0 h1:/mAA0XMgYJw2Uqm7WKGCsKnjitE/+A0FFbOmiRJm7LQ=
|
||||||
|
@ -182,15 +143,10 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7
|
||||||
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
|
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
|
||||||
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
|
||||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||||
github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
|
|
||||||
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
|
||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
|
|
||||||
github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
|
github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no=
|
||||||
github.com/docker/docker v20.10.14+incompatible h1:+T9/PRYWNDo5SZl5qS1r9Mo/0Q8AwxKKPtu9S1yxM0w=
|
|
||||||
github.com/docker/docker v20.10.14+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
|
|
||||||
github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
|
github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
|
||||||
github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
|
github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
|
||||||
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
|
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
|
||||||
|
@ -202,7 +158,6 @@ github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymF
|
||||||
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
|
github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.9-0.20210217033140-668b12f5399d/go.mod h1:cXg6YxExXjJnVBQHBLXeUAgxn2UodCpnH306RInaBQk=
|
|
||||||
github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
|
github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ=
|
||||||
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
|
github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
|
||||||
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
|
||||||
|
@ -384,6 +339,7 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
|
||||||
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
|
||||||
github.com/gogo/status v1.1.0 h1:+eIkrewn5q6b30y+g/BJINVVdi2xH7je5MPJ3ZPK3JA=
|
github.com/gogo/status v1.1.0 h1:+eIkrewn5q6b30y+g/BJINVVdi2xH7je5MPJ3ZPK3JA=
|
||||||
github.com/gogo/status v1.1.0/go.mod h1:BFv9nrluPLmrS0EmGVvLaPNmRosr9KapBYd5/hpY1WM=
|
github.com/gogo/status v1.1.0/go.mod h1:BFv9nrluPLmrS0EmGVvLaPNmRosr9KapBYd5/hpY1WM=
|
||||||
|
github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||||
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
|
||||||
github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ=
|
github.com/golang/glog v1.0.0 h1:nfP3RFugxnNRyKgeWd4oI1nYvXpxrx8ck8ZrcizshdQ=
|
||||||
github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
|
github.com/golang/glog v1.0.0/go.mod h1:EWib/APOK0SL3dFbYqvxE3UYd8E6s1ouQ7iEp/0LWV4=
|
||||||
|
@ -400,8 +356,6 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
|
||||||
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||||
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
|
||||||
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
|
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
|
||||||
github.com/golang/mock v1.5.0 h1:jlYHihg//f7RRwuPfptm04yp4s7O6Kw8EZiVYIGcH0g=
|
|
||||||
github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8=
|
|
||||||
github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
|
github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
|
||||||
github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
|
github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
|
||||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||||
|
@ -433,12 +387,9 @@ github.com/google/go-cmp v0.4.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
|
||||||
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
|
||||||
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
|
github.com/google/go-cmp v0.5.6 h1:BKbKCqvP6I+rmFHt06ZmyQtvB8xAkWdhFyr0ZUNZcxQ=
|
||||||
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||||
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
|
|
||||||
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
|
|
||||||
github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=
|
github.com/google/go-querystring v1.0.0 h1:Xkwi/a1rcvNg1PPYe5vI8GbeBY/jrVuDX5ASuANWTrk=
|
||||||
github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
|
github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
|
||||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||||
|
@ -460,8 +411,6 @@ github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm4
|
||||||
github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
|
|
||||||
github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
|
||||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||||
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
|
||||||
|
@ -473,10 +422,6 @@ github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97Dwqy
|
||||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8=
|
||||||
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
|
||||||
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
||||||
github.com/gosimple/slug v1.12.0 h1:xzuhj7G7cGtd34NXnW/yF0l+AGNfWqwgh/IXgFy7dnc=
|
|
||||||
github.com/gosimple/slug v1.12.0/go.mod h1:UiRaFH+GEilHstLUmcBgWcI42viBN7mAb818JrYOeFQ=
|
|
||||||
github.com/gosimple/unidecode v1.0.1 h1:hZzFTMMqSswvf0LBJZCZgThIZrpDHFXux9KeGmn6T/o=
|
|
||||||
github.com/gosimple/unidecode v1.0.1/go.mod h1:CP0Cr1Y1kogOtx0bJblKzsVWrqYaqfNOnHzpgWw4Awc=
|
|
||||||
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
|
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
|
github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw=
|
github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 h1:+9834+KizmvFV7pXQGSXQTsaWhq2GjuNUt0aUU0YBYw=
|
||||||
|
@ -525,10 +470,6 @@ github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANyt
|
||||||
github.com/jawher/mow.cli v1.1.0/go.mod h1:aNaQlc7ozF3vw6IJ2dHjp2ZFiA4ozMIYY6PyuRJwlUg=
|
github.com/jawher/mow.cli v1.1.0/go.mod h1:aNaQlc7ozF3vw6IJ2dHjp2ZFiA4ozMIYY6PyuRJwlUg=
|
||||||
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
|
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
|
||||||
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
|
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
|
||||||
github.com/jedib0t/go-pretty v4.3.0+incompatible h1:CGs8AVhEKg/n9YbUenWmNStRW2PHJzaeDodcfvRAbIo=
|
|
||||||
github.com/jedib0t/go-pretty v4.3.0+incompatible/go.mod h1:XemHduiw8R651AF9Pt4FwCTKeG3oo7hrHJAoznj9nag=
|
|
||||||
github.com/jedib0t/go-pretty/v6 v6.2.7 h1:4823Lult/tJ0VI1PgW3aSKw59pMWQ6Kzv9b3Bj6MwY0=
|
|
||||||
github.com/jedib0t/go-pretty/v6 v6.2.7/go.mod h1:FMkOpgGD3EZ91cW8g/96RfxoV7bdeJyzXPYgz1L1ln0=
|
|
||||||
github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
|
github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
|
||||||
github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
|
github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
|
||||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||||
|
@ -590,21 +531,15 @@ github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
|
||||||
github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE=
|
github.com/markbates/oncer v0.0.0-20181203154359-bf2de49a0be2/go.mod h1:Ld9puTsIW75CHf65OeIOkyKbteujpZVXDpWK6YGZbxE=
|
||||||
github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
|
github.com/markbates/safe v1.0.1/go.mod h1:nAqgmRi7cY2nqMc92/bSEeQA+R4OheNU2T1kNSCBdG0=
|
||||||
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
|
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
|
||||||
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
|
||||||
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
|
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
|
||||||
github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
|
github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
|
||||||
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
|
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
|
||||||
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
|
||||||
github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84=
|
|
||||||
github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
|
github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
|
||||||
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
|
||||||
github.com/mattn/go-runewidth v0.0.7/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
|
|
||||||
github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
|
github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU=
|
||||||
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||||
github.com/mattn/go-sqlite3 v1.14.6 h1:dNPt6NO46WmLVt2DLNpwczCmdV5boIZ6g/tlDrlRUbg=
|
github.com/mattn/go-sqlite3 v1.14.6 h1:dNPt6NO46WmLVt2DLNpwczCmdV5boIZ6g/tlDrlRUbg=
|
||||||
github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
|
github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
|
||||||
github.com/mattn/go-tty v0.0.4 h1:NVikla9X8MN0SQAqCYzpGyXv0jY7MNl3HOWD2dkle7E=
|
|
||||||
github.com/mattn/go-tty v0.0.4/go.mod h1:u5GGXBtZU6RQoKV8gY5W6UhMudbR5vXnUe7j3pxse28=
|
|
||||||
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
|
||||||
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
|
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
|
||||||
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
|
github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
|
||||||
|
@ -663,7 +598,6 @@ github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE
|
||||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||||
github.com/pkg/profile v1.6.0/go.mod h1:qBsxPvzyUincmltOk6iyRVxHYg4adc0OFOv72ZdLa18=
|
|
||||||
github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
|
github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
|
||||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
|
@ -682,38 +616,6 @@ github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
|
||||||
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
|
||||||
github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ=
|
github.com/robfig/cron v1.2.0 h1:ZjScXvvxeQ63Dbyxy76Fj3AT3Ut0aKsyd2/tl3DTMuQ=
|
||||||
github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k=
|
github.com/robfig/cron v1.2.0/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k=
|
||||||
github.com/rocky-linux/srpmproc v0.2.12 h1:eQtzsu2qvMvtUsgyzHiES1yJiL4UBMB4kSECTOTEw/E=
|
|
||||||
github.com/rocky-linux/srpmproc v0.2.12/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.0 h1:A46RnKfdVc7q7IrSbdg00NQjYjfyu+2IHp+65Fg2oWk=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.0/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.1 h1:8T94c5ONx345RvFVFnDCTKNKvchBlG52HaKF7AnmHMI=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.1/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.2 h1:dI9FiftIYszuDy7onhS0a19SISDNG/KKTlDBvWTJK4c=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.2/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.3 h1:yQ3ckWZrvy/Lgl/YA2XUbKmexjl7hjxXOBYMOY3zkm0=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.3/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.5 h1:MX37AtoXG2bC2cnrJixY2uuAdHTDP46kgTc4fshW++A=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.5/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.6 h1:k1ZMYvGI7n0aJMqZm5Q3mUAK4ylmj6gbi/vLovPooic=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.6/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.7 h1:wmzAIKpBrOXUOI76S/V7KfXnjNOui+SHam8YEVMCJVw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.7/go.mod h1:3huDy3ZL+q/KHNQF3+EM7Z3S9B95ZDsN0fmP+YAsu+8=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.8 h1:Hpvx6mWfNdElTLOFLc9ysfJuKEQf6viXAwtqgh0827E=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.8/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.9 h1:masmDQml26xo4MQASuU6lzBSe5ueucJ04AX0LunJM6k=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.9/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.10 h1:1aHlmktyAFhxMgH36lZFmK0ycCwpEaAKDOrdosP6iKA=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.10/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.11 h1:noI21VA1tkWCEEyClWJq1unix8nlf5xA0GvU68omS2c=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.11/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.12 h1:ubjtWwrszxJvMUh7dHuaQwuWPpAxWvriDR6r32Mbkhg=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.12/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.13 h1:7Ivdk0kg5xxt4KcUVilEIkgXg/fVuLehO9IkkJXfbLs=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.13/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.14 h1:9yZXDtnwDpv8f8Ai0a5d+7iveda4lBLIDAIndrlIZ6o=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.14/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.15 h1:nlgc+NC1kU+ZDj63BAPf3JTqFRWUK51o1l1WqOG1ffk=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.15/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
|
||||||
github.com/rocky-linux/srpmproc v0.3.16 h1:kxJEiQsZ0DcMhX0vY482n82XvjPiP2WifxI3NYuyLLM=
|
github.com/rocky-linux/srpmproc v0.3.16 h1:kxJEiQsZ0DcMhX0vY482n82XvjPiP2WifxI3NYuyLLM=
|
||||||
github.com/rocky-linux/srpmproc v0.3.16/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
github.com/rocky-linux/srpmproc v0.3.16/go.mod h1:vWZzxPTfxh4pmfr5Mw20FyrqyKsbGHzDwOlN+W5EMpw=
|
||||||
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
|
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
|
||||||
|
@ -783,20 +685,9 @@ github.com/temoto/robotstxt v1.1.2/go.mod h1:+1AmkuG3IYkh1kv0d2qEB9Le88ehNO0zwOr
|
||||||
github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
|
github.com/tidwall/pretty v1.0.0 h1:HsD+QiTn7sK6flMKIvNmpqz1qrpP3Ps6jOKIKMooyg4=
|
||||||
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
|
||||||
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
|
||||||
github.com/uber-go/tally v3.3.17+incompatible h1:nFHIuW3VQ22wItiE9kPXic8dEgExWOsVOHwpmoIvsMw=
|
|
||||||
github.com/uber-go/tally v3.3.17+incompatible/go.mod h1:YDTIBxdXyOU/sCWilKB4bgyufu1cEi0jdVnRdxvjnmU=
|
|
||||||
github.com/uber/jaeger-client-go v2.23.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
|
|
||||||
github.com/uber/jaeger-client-go v2.29.1+incompatible h1:R9ec3zO3sGpzs0abd43Y+fBZRJ9uiH6lXyR/+u6brW4=
|
|
||||||
github.com/uber/jaeger-client-go v2.29.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
|
|
||||||
github.com/uber/jaeger-lib v2.2.0+incompatible h1:MxZXOiR2JuoANZ3J6DE/U0kSFv/eJ/GfSYVCjK7dyaw=
|
|
||||||
github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
|
|
||||||
github.com/vbauerster/mpb/v7 v7.0.2 h1:eN6AD/ytv1nqCO7Dm8MO0/pGMKmMyH/WMnTJhAUuc/w=
|
github.com/vbauerster/mpb/v7 v7.0.2 h1:eN6AD/ytv1nqCO7Dm8MO0/pGMKmMyH/WMnTJhAUuc/w=
|
||||||
github.com/vbauerster/mpb/v7 v7.0.2/go.mod h1:Mnq3gESXJ9eQhccbGZDggJ1faTCrmaA4iN57fUloRGE=
|
github.com/vbauerster/mpb/v7 v7.0.2/go.mod h1:Mnq3gESXJ9eQhccbGZDggJ1faTCrmaA4iN57fUloRGE=
|
||||||
github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw=
|
github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw=
|
||||||
github.com/vishvananda/netlink v1.1.0 h1:1iyaYNBLmP6L0220aDnYQpo1QEV4t4hJ+xEEhhJH8j0=
|
|
||||||
github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
|
|
||||||
github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df h1:OviZH7qLw/7ZovXvuNyL3XQl8UFofeikI1NW1Gypu7k=
|
|
||||||
github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17pCcGlemwknint6hfoeCVQrEMVwxRLRjXpq+BU=
|
|
||||||
github.com/xanzy/go-gitlab v0.50.4 h1:DA0+D9eTBnZvrGBOQ66XV4ZV9gOFXKbbgm9L99EKCUs=
|
github.com/xanzy/go-gitlab v0.50.4 h1:DA0+D9eTBnZvrGBOQ66XV4ZV9gOFXKbbgm9L99EKCUs=
|
||||||
github.com/xanzy/go-gitlab v0.50.4/go.mod h1:Q+hQhV508bDPoBijv7YjK/Lvlb4PhVhJdKqXVQrUoAE=
|
github.com/xanzy/go-gitlab v0.50.4/go.mod h1:Q+hQhV508bDPoBijv7YjK/Lvlb4PhVhJdKqXVQrUoAE=
|
||||||
github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70=
|
github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70=
|
||||||
|
@ -830,20 +721,13 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
go.opencensus.io v0.22.4 h1:LYy1Hy3MJdrCdMwwzxA/dRok4ejH+RwNGbuoD9fCjto=
|
go.opencensus.io v0.22.4 h1:LYy1Hy3MJdrCdMwwzxA/dRok4ejH+RwNGbuoD9fCjto=
|
||||||
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
|
||||||
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
|
go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI=
|
||||||
go.temporal.io/api v1.4.1-0.20210420220407-6f00f7f98373 h1:BKYGL/ieaZ9mjh2pqeWXAg6zUb3bQMg43RbbtDhiwVU=
|
|
||||||
go.temporal.io/api v1.4.1-0.20210420220407-6f00f7f98373/go.mod h1:Xtk6uRDheAVQr4fgcfo5ZDEkIGMLGJrNkswxZNpqpG0=
|
|
||||||
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2 h1:TN/PQNywCnOG/hXLHKkKKOQQtpi7JHBDD8fpv8H8JiA=
|
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2 h1:TN/PQNywCnOG/hXLHKkKKOQQtpi7JHBDD8fpv8H8JiA=
|
||||||
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2/go.mod h1:IlUgOTGfmJuOkGrCZdptNxyXKE9CQz6oOx7/aH9bFY4=
|
go.temporal.io/api v1.6.1-0.20211110205628-60c98e9cbfe2/go.mod h1:IlUgOTGfmJuOkGrCZdptNxyXKE9CQz6oOx7/aH9bFY4=
|
||||||
go.temporal.io/sdk v1.9.0 h1:CtU9q9q3FAJtIB6XOAL7+YTSxDAoIhdAJdhzmBNHJYw=
|
|
||||||
go.temporal.io/sdk v1.9.0/go.mod h1:RRzjuVqqcD53uPxLZWYNWHDz+Jr/dqY/DHJf8tirJhg=
|
|
||||||
go.temporal.io/sdk v1.13.1 h1:4LRIe1WLM+m2pN6sNod4sMV+0bV8WTscVfRsipOP8N8=
|
go.temporal.io/sdk v1.13.1 h1:4LRIe1WLM+m2pN6sNod4sMV+0bV8WTscVfRsipOP8N8=
|
||||||
go.temporal.io/sdk v1.13.1/go.mod h1:TCof7U/xas2FyDnx/UUEv4c/O/S41Lnhva+6JVer+Jo=
|
go.temporal.io/sdk v1.13.1/go.mod h1:TCof7U/xas2FyDnx/UUEv4c/O/S41Lnhva+6JVer+Jo=
|
||||||
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
|
||||||
go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
|
|
||||||
go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
|
||||||
go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
|
go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
|
||||||
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
|
||||||
go.uber.org/goleak v1.0.0/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A=
|
|
||||||
go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
|
go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
|
||||||
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
|
||||||
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||||
|
@ -863,10 +747,10 @@ golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPh
|
||||||
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
|
golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
|
||||||
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w=
|
|
||||||
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
|
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=
|
|
||||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d h1:sK3txAijHtOK88l68nt020reeT1ZdKLIYetKl95FzVY=
|
||||||
|
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||||
|
@ -890,7 +774,6 @@ golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHl
|
||||||
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
|
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
|
||||||
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
golang.org/x/lint v0.0.0-20200130185559-910be7a94367/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||||
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||||
golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
|
||||||
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug=
|
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug=
|
||||||
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||||
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
|
golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU15maQ/Ox0txvL9dWGYEHz965HBQE=
|
||||||
|
@ -953,14 +836,12 @@ golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwY
|
||||||
golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||||
golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
|
|
||||||
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
|
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
|
||||||
golang.org/x/net v0.0.0-20210420210106-798c2154c571/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
|
|
||||||
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
golang.org/x/net v0.0.0-20210913180222-943fd674d43e h1:+b/22bPvDYt4NPDcy4xAGCmON713ONAWFeY3Z7I3tR8=
|
|
||||||
golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/net v0.0.0-20210913180222-943fd674d43e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
golang.org/x/net v0.0.0-20211109214657-ef0fda0de508 h1:v3NKo+t/Kc3EASxaKZ82lwK6mCf4ZeObQBduYFZHo7c=
|
|
||||||
golang.org/x/net v0.0.0-20211109214657-ef0fda0de508/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
golang.org/x/net v0.0.0-20211109214657-ef0fda0de508/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
|
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2 h1:CIJ76btIcR3eFI5EgSo6k1qKw9KJexJuRLI9G7Hp5wE=
|
||||||
|
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||||
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
|
||||||
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
|
||||||
|
@ -981,7 +862,6 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
|
||||||
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sys v0.0.0-20180816055513-1c9583448a9c/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
|
||||||
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
|
@ -991,7 +871,6 @@ golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5h
|
||||||
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
|
||||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
@ -1002,14 +881,12 @@ golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190531175056-4c3a928424d2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
@ -1033,19 +910,12 @@ golang.org/x/sys v0.0.0-20200828194041-157a740278f4/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||||
golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200905004654-be1d3432aa8f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210420205809-ac73e9fd8988/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
|
||||||
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210603125802-9665404d3644/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0 h1:xrCZDmdtoloIiooiA9q0OQb9r8HejIHYoHGhGCe1pGg=
|
|
||||||
golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20210910150752-751e447fb3d0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 h1:WecRHqgE09JBkh/584XIE6PMz5KKE/vER4izNUi30AQ=
|
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08 h1:WecRHqgE09JBkh/584XIE6PMz5KKE/vER4izNUi30AQ=
|
||||||
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
golang.org/x/sys v0.0.0-20211110154304-99a53858aa08/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
@ -1066,7 +936,6 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||||
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
|
||||||
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs=
|
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac h1:7zkz7BUtwNFFqcowJ+RIgu2MaV/MapERkDIy+mwPyjs=
|
||||||
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
|
||||||
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
@ -1094,7 +963,6 @@ golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgw
|
||||||
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
|
||||||
golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20191112195655-aa38f8e97acc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||||
|
@ -1129,10 +997,10 @@ golang.org/x/tools v0.0.0-20200904185747-39188db58858/go.mod h1:Cj7w3i3Rnn0Xh82u
|
||||||
golang.org/x/tools v0.0.0-20200915173823-2db8f0ff891c/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
|
golang.org/x/tools v0.0.0-20200915173823-2db8f0ff891c/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
|
||||||
golang.org/x/tools v0.0.0-20200918232735-d647fc253266/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
|
golang.org/x/tools v0.0.0-20200918232735-d647fc253266/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
|
||||||
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
|
||||||
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
|
|
||||||
golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||||
golang.org/x/tools v0.1.5 h1:ouewzE6p+/VEB31YYnTbEJdi8pFqKp4P4n85vwo3DHA=
|
|
||||||
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||||
|
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2 h1:BonxutuHCTL0rBDnZlKjpGIQFTjyUVTexFOdWkB6Fg0=
|
||||||
|
golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
|
||||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||||
|
@ -1202,9 +1070,7 @@ google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6D
|
||||||
google.golang.org/genproto v0.0.0-20200914193844-75d14daec038/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
google.golang.org/genproto v0.0.0-20200914193844-75d14daec038/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
google.golang.org/genproto v0.0.0-20200921151605-7abf4a1a14d5/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
google.golang.org/genproto v0.0.0-20200921151605-7abf4a1a14d5/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
|
||||||
google.golang.org/genproto v0.0.0-20210420162539-3c870d7478d2/go.mod h1:P3QM42oQyzQSnHPnZ/vqoCdDmzH28fzWByN9asMeM8A=
|
|
||||||
google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
|
google.golang.org/genproto v0.0.0-20210903162649-d08c68adba83/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
|
||||||
google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af h1:aLMMXFYqw01RA6XJim5uaN+afqNNjc9P8HPAbnpnc5s=
|
|
||||||
google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
|
google.golang.org/genproto v0.0.0-20210909211513-a8c4777a87af/go.mod h1:eFjDcFEctNawg4eG61bRv87N7iHBWyVhJu7u1kqDUXY=
|
||||||
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247 h1:ZONpjmFT5e+I/0/xE3XXbG5OIvX2hRYzol04MhKBl2E=
|
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247 h1:ZONpjmFT5e+I/0/xE3XXbG5OIvX2hRYzol04MhKBl2E=
|
||||||
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
|
google.golang.org/genproto v0.0.0-20211104193956-4c6863e31247/go.mod h1:5CzLGKJ67TSI2B9POpiiyGha0AjJvZIUgRMt1dSmuhc=
|
||||||
|
@ -1225,9 +1091,6 @@ google.golang.org/grpc v1.31.1/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM
|
||||||
google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
google.golang.org/grpc v1.32.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak=
|
||||||
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
|
google.golang.org/grpc v1.33.1/go.mod h1:fr5YgcSWrqhRRxogOsw7RzIpsmvOZ6IcH4kBYTpR3n0=
|
||||||
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
|
google.golang.org/grpc v1.36.0/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
|
||||||
google.golang.org/grpc v1.36.1/go.mod h1:qjiiYl8FncCW8feJPdyg3v6XW24KsRHe+dy9BAGRRjU=
|
|
||||||
google.golang.org/grpc v1.37.0/go.mod h1:NREThFqKR1f3iQ6oBuvc5LadQuXVGo9rkm5ZGrQdJfM=
|
|
||||||
google.golang.org/grpc v1.40.0 h1:AGJ0Ih4mHjSeibYkFGh1dD9KJ/eOtZ93I6hoHhukQ5Q=
|
|
||||||
google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
|
google.golang.org/grpc v1.40.0/go.mod h1:ogyxbiOoUXAkP+4+xa6PZSE9DZgIHtSpzjDTB9KAK34=
|
||||||
google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
|
google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ590SU=
|
||||||
google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg=
|
google.golang.org/grpc v1.44.0 h1:weqSxi/TMs1SqFRMHCtBgXRs8k3X39QIDEZ0pRcttUg=
|
||||||
|
@ -1299,10 +1162,6 @@ k8s.io/klog/v2 v2.9.0/go.mod h1:hy9LJ/NvuK+iVyP4Ehqva4HxZG/oXyIS3n3Jmire4Ec=
|
||||||
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
|
k8s.io/kube-openapi v0.0.0-20210421082810-95288971da7e/go.mod h1:vHXdDvt9+2spS2Rx9ql3I8tycm3H9FDfdUoIuKCefvw=
|
||||||
k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9 h1:imL9YgXQ9p7xmPzHFm/vVd/cF78jad+n4wK1ABwYtMM=
|
k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9 h1:imL9YgXQ9p7xmPzHFm/vVd/cF78jad+n4wK1ABwYtMM=
|
||||||
k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
|
k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA=
|
||||||
kernel.org/pub/linux/libs/security/libcap/cap v1.2.64 h1:E1U4GNGSXEdzQUT+mop0iYawCNXDUU46Y8nfodb+ZY0=
|
|
||||||
kernel.org/pub/linux/libs/security/libcap/cap v1.2.64/go.mod h1:gtBlgvjXflnxHng9/3bXyXG3XmBYKDt35zu+lNmB+IA=
|
|
||||||
kernel.org/pub/linux/libs/security/libcap/psx v1.2.64 h1:zlw/KoDjEObyddpFcvLiuu8frEvyEwVNc62WZQBp68w=
|
|
||||||
kernel.org/pub/linux/libs/security/libcap/psx v1.2.64/go.mod h1:+l6Ee2F59XiJ2I6WR5ObpC1utCQJZ/VLsEbQCD8RG24=
|
|
||||||
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
|
||||||
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
|
||||||
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
|
||||||
|
|
|
@ -14,9 +14,9 @@
|
||||||
"@babel/preset-env": "^7.11.5",
|
"@babel/preset-env": "^7.11.5",
|
||||||
"@babel/preset-react": "^7.10.4",
|
"@babel/preset-react": "^7.10.4",
|
||||||
"@babel/preset-typescript": "^7.10.4",
|
"@babel/preset-typescript": "^7.10.4",
|
||||||
"@bazel/buildifier": "^4.0.0",
|
"@bazel/buildifier": "^5.1.0",
|
||||||
"@bazel/hide-bazel-files": "^1.7.0",
|
"@bazel/hide-bazel-files": "^1.7.0",
|
||||||
"@bazel/typescript": "^3.1.0",
|
"@bazel/typescript": "^5.5.2",
|
||||||
"@emotion/react": "^11.8.1",
|
"@emotion/react": "^11.8.1",
|
||||||
"@emotion/styled": "^11.8.1",
|
"@emotion/styled": "^11.8.1",
|
||||||
"@heroicons/react": "^1.0.1",
|
"@heroicons/react": "^1.0.1",
|
||||||
|
@ -55,12 +55,12 @@
|
||||||
"evil-dns": "^0.2.0",
|
"evil-dns": "^0.2.0",
|
||||||
"express-openid-connect": "^2.7.2",
|
"express-openid-connect": "^2.7.2",
|
||||||
"file-loader": "^6.2.0",
|
"file-loader": "^6.2.0",
|
||||||
|
"fs-extra": "^10.1.0",
|
||||||
"glob": "^7.1.7",
|
"glob": "^7.1.7",
|
||||||
"hbs": "^4.1.1",
|
"hbs": "^4.1.1",
|
||||||
"html-webpack-plugin": "^5.3.1",
|
"html-webpack-plugin": "^5.3.1",
|
||||||
"immutable": "^4.0.0",
|
"immutable": "^4.0.0",
|
||||||
"loadable-components": "^2.2.3",
|
"loadable-components": "^2.2.3",
|
||||||
"merge-dirs": "^0.2.1",
|
|
||||||
"mini-css-extract-plugin": "^1.3.5",
|
"mini-css-extract-plugin": "^1.3.5",
|
||||||
"native-url": "^0.3.4",
|
"native-url": "^0.3.4",
|
||||||
"optimize-css-assets-webpack-plugin": "^6.0.1",
|
"optimize-css-assets-webpack-plugin": "^6.0.1",
|
||||||
|
|
|
@ -263,7 +263,7 @@ def packserver(ctx, webpack_config, webpack_inputs):
|
||||||
runfiles = runfiles.merge(ctx.attr._node[DefaultInfo].default_runfiles)
|
runfiles = runfiles.merge(ctx.attr._node[DefaultInfo].default_runfiles)
|
||||||
runfiles = runfiles.merge(ctx.runfiles(
|
runfiles = runfiles.merge(ctx.runfiles(
|
||||||
transitive_files = ctx.attr._node.files,
|
transitive_files = ctx.attr._node.files,
|
||||||
files = direct_inputs + direct_inputs_srcs + ctx.files.srcs + webpack_inputs + ctx.files._webpack_data + ctx.files.server_srcs + collect_ts_sources(ctx).to_list() + [webpack_config, ctx.file._run_child_script] + ctx.files._node + ctx.files._node_files
|
files = direct_inputs + direct_inputs_srcs + ctx.files.srcs + webpack_inputs + ctx.files._webpack_data + ctx.files.server_srcs + collect_ts_sources(ctx).to_list() + [webpack_config, ctx.file._run_child_script] + ctx.files._node + ctx.files._node_files,
|
||||||
))
|
))
|
||||||
|
|
||||||
return [DefaultInfo(
|
return [DefaultInfo(
|
||||||
|
@ -316,7 +316,7 @@ WEBPACK_DATA = [
|
||||||
"@npm//file-loader",
|
"@npm//file-loader",
|
||||||
"@npm//glob",
|
"@npm//glob",
|
||||||
"@npm//html-webpack-plugin",
|
"@npm//html-webpack-plugin",
|
||||||
"@npm//merge-dirs",
|
"@npm//fs-extra",
|
||||||
"@npm//mini-css-extract-plugin",
|
"@npm//mini-css-extract-plugin",
|
||||||
"@npm//native-url",
|
"@npm//native-url",
|
||||||
"@npm//optimize-css-assets-webpack-plugin",
|
"@npm//optimize-css-assets-webpack-plugin",
|
||||||
|
@ -384,7 +384,7 @@ BYC_BUNDLE_ATTRS = {
|
||||||
),
|
),
|
||||||
"server_srcs": attr.label_list(
|
"server_srcs": attr.label_list(
|
||||||
allow_files = True,
|
allow_files = True,
|
||||||
mandatory = True
|
mandatory = True,
|
||||||
),
|
),
|
||||||
"server_deps": attr.label_list(
|
"server_deps": attr.label_list(
|
||||||
aspects = [module_mappings_aspect, node_modules_aspect],
|
aspects = [module_mappings_aspect, node_modules_aspect],
|
||||||
|
@ -407,7 +407,7 @@ BYC_BUNDLE_ATTRS = {
|
||||||
default = Label("@nodejs//:node_bin"),
|
default = Label("@nodejs//:node_bin"),
|
||||||
allow_single_file = True,
|
allow_single_file = True,
|
||||||
executable = True,
|
executable = True,
|
||||||
cfg = "host"
|
cfg = "host",
|
||||||
),
|
),
|
||||||
"_node_files": attr.label_list(
|
"_node_files": attr.label_list(
|
||||||
default = [Label("@nodejs//:node_files")],
|
default = [Label("@nodejs//:node_files")],
|
||||||
|
@ -421,11 +421,11 @@ BYC_BUNDLE_ATTRS = {
|
||||||
),
|
),
|
||||||
"_run_child_script": attr.label(
|
"_run_child_script": attr.label(
|
||||||
default = Label("//rules_byc/internal/byc_bundle:run_child.mjs"),
|
default = Label("//rules_byc/internal/byc_bundle:run_child.mjs"),
|
||||||
allow_single_file = True
|
allow_single_file = True,
|
||||||
),
|
),
|
||||||
"_packserver": attr.label(
|
"_packserver": attr.label(
|
||||||
default = Label("//rules_byc/internal/byc_bundle:packserver.bash"),
|
default = Label("//rules_byc/internal/byc_bundle:packserver.bash"),
|
||||||
allow_single_file = True
|
allow_single_file = True,
|
||||||
),
|
),
|
||||||
"_tsconfig": attr.label(
|
"_tsconfig": attr.label(
|
||||||
default = Label("//rules_byc/internal/byc_bundle:tsconfig.json"),
|
default = Label("//rules_byc/internal/byc_bundle:tsconfig.json"),
|
||||||
|
@ -454,7 +454,7 @@ BYC_BUNDLE_ATTRS = {
|
||||||
),
|
),
|
||||||
"_node_bash_runfiles": attr.label(
|
"_node_bash_runfiles": attr.label(
|
||||||
default = Label("@build_bazel_rules_nodejs//third_party/github.com/bazelbuild/bazel/tools/bash/runfiles"),
|
default = Label("@build_bazel_rules_nodejs//third_party/github.com/bazelbuild/bazel/tools/bash/runfiles"),
|
||||||
)
|
),
|
||||||
}
|
}
|
||||||
|
|
||||||
byc_bundle = rule(
|
byc_bundle = rule(
|
||||||
|
@ -465,6 +465,5 @@ byc_bundle = rule(
|
||||||
byc_bundle_run = rule(
|
byc_bundle_run = rule(
|
||||||
implementation = _byc_bundle,
|
implementation = _byc_bundle,
|
||||||
attrs = BYC_BUNDLE_ATTRS,
|
attrs = BYC_BUNDLE_ATTRS,
|
||||||
executable = True
|
executable = True,
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -32,10 +32,9 @@
|
||||||
|
|
||||||
// Global imports
|
// Global imports
|
||||||
const path = require('path');
|
const path = require('path');
|
||||||
const fs = require('fs');
|
const fs = require('fs-extra');
|
||||||
const webpack = require('webpack');
|
const webpack = require('webpack');
|
||||||
const glob = require('glob');
|
const glob = require('glob');
|
||||||
const mergeDirs = require('merge-dirs');
|
|
||||||
|
|
||||||
const TerserJSPlugin = require('terser-webpack-plugin');
|
const TerserJSPlugin = require('terser-webpack-plugin');
|
||||||
const MiniCssExtractPlugin = require('mini-css-extract-plugin');
|
const MiniCssExtractPlugin = require('mini-css-extract-plugin');
|
||||||
|
@ -133,7 +132,7 @@ const prodPlugins = !dev
|
||||||
if (!dev) {
|
if (!dev) {
|
||||||
const files = glob.sync('bazel-out/*-fastbuild/bin', {});
|
const files = glob.sync('bazel-out/*-fastbuild/bin', {});
|
||||||
if (files.length === 1) {
|
if (files.length === 1) {
|
||||||
mergeDirs.default(files[0], process.cwd(), 'skip');
|
fs.copySync(files[0], process.cwd(), { overwrite: false });
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -15,6 +15,7 @@ const bufSize = 256
|
||||||
|
|
||||||
// xorKeyStreamVX is an assembly implementation of XORKeyStream. It must only
|
// xorKeyStreamVX is an assembly implementation of XORKeyStream. It must only
|
||||||
// be called when the vector facility is available. Implementation in asm_s390x.s.
|
// be called when the vector facility is available. Implementation in asm_s390x.s.
|
||||||
|
//
|
||||||
//go:noescape
|
//go:noescape
|
||||||
func xorKeyStreamVX(dst, src []byte, key *[8]uint32, nonce *[3]uint32, counter *uint32)
|
func xorKeyStreamVX(dst, src []byte, key *[8]uint32, nonce *[3]uint32, counter *uint32)
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,8 @@ package curve25519 // import "golang.org/x/crypto/curve25519"
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/subtle"
|
"crypto/subtle"
|
||||||
"fmt"
|
"errors"
|
||||||
|
"strconv"
|
||||||
|
|
||||||
"golang.org/x/crypto/curve25519/internal/field"
|
"golang.org/x/crypto/curve25519/internal/field"
|
||||||
)
|
)
|
||||||
|
@ -124,10 +125,10 @@ func X25519(scalar, point []byte) ([]byte, error) {
|
||||||
func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
|
func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
|
||||||
var in [32]byte
|
var in [32]byte
|
||||||
if l := len(scalar); l != 32 {
|
if l := len(scalar); l != 32 {
|
||||||
return nil, fmt.Errorf("bad scalar length: %d, expected %d", l, 32)
|
return nil, errors.New("bad scalar length: " + strconv.Itoa(l) + ", expected 32")
|
||||||
}
|
}
|
||||||
if l := len(point); l != 32 {
|
if l := len(point); l != 32 {
|
||||||
return nil, fmt.Errorf("bad point length: %d, expected %d", l, 32)
|
return nil, errors.New("bad point length: " + strconv.Itoa(l) + ", expected 32")
|
||||||
}
|
}
|
||||||
copy(in[:], scalar)
|
copy(in[:], scalar)
|
||||||
if &point[0] == &Basepoint[0] {
|
if &point[0] == &Basepoint[0] {
|
||||||
|
@ -138,7 +139,7 @@ func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
|
||||||
copy(base[:], point)
|
copy(base[:], point)
|
||||||
ScalarMult(dst, &in, &base)
|
ScalarMult(dst, &in, &base)
|
||||||
if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 {
|
if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 {
|
||||||
return nil, fmt.Errorf("bad input point: low order point")
|
return nil, errors.New("bad input point: low order point")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return dst[:], nil
|
return dst[:], nil
|
||||||
|
|
|
@ -1,13 +1,16 @@
|
||||||
// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
|
// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
|
||||||
|
|
||||||
|
//go:build amd64 && gc && !purego
|
||||||
// +build amd64,gc,!purego
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
package field
|
package field
|
||||||
|
|
||||||
// feMul sets out = a * b. It works like feMulGeneric.
|
// feMul sets out = a * b. It works like feMulGeneric.
|
||||||
|
//
|
||||||
//go:noescape
|
//go:noescape
|
||||||
func feMul(out *Element, a *Element, b *Element)
|
func feMul(out *Element, a *Element, b *Element)
|
||||||
|
|
||||||
// feSquare sets out = a * a. It works like feSquareGeneric.
|
// feSquare sets out = a * a. It works like feSquareGeneric.
|
||||||
|
//
|
||||||
//go:noescape
|
//go:noescape
|
||||||
func feSquare(out *Element, a *Element)
|
func feSquare(out *Element, a *Element)
|
||||||
|
|
|
@ -2,12 +2,8 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
||||||
|
|
||||||
go_library(
|
go_library(
|
||||||
name = "ed25519",
|
name = "ed25519",
|
||||||
srcs = [
|
srcs = ["ed25519.go"],
|
||||||
"ed25519.go",
|
|
||||||
"ed25519_go113.go",
|
|
||||||
],
|
|
||||||
importmap = "peridot.resf.org/vendor/golang.org/x/crypto/ed25519",
|
importmap = "peridot.resf.org/vendor/golang.org/x/crypto/ed25519",
|
||||||
importpath = "golang.org/x/crypto/ed25519",
|
importpath = "golang.org/x/crypto/ed25519",
|
||||||
visibility = ["//visibility:public"],
|
visibility = ["//visibility:public"],
|
||||||
deps = ["//vendor/golang.org/x/crypto/ed25519/internal/edwards25519"],
|
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,13 +1,7 @@
|
||||||
// Copyright 2016 The Go Authors. All rights reserved.
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// In Go 1.13, the ed25519 package was promoted to the standard library as
|
|
||||||
// crypto/ed25519, and this package became a wrapper for the standard library one.
|
|
||||||
//
|
|
||||||
//go:build !go1.13
|
|
||||||
// +build !go1.13
|
|
||||||
|
|
||||||
// Package ed25519 implements the Ed25519 signature algorithm. See
|
// Package ed25519 implements the Ed25519 signature algorithm. See
|
||||||
// https://ed25519.cr.yp.to/.
|
// https://ed25519.cr.yp.to/.
|
||||||
//
|
//
|
||||||
|
@ -16,21 +10,15 @@
|
||||||
// representation includes a public key suffix to make multiple signing
|
// representation includes a public key suffix to make multiple signing
|
||||||
// operations with the same key more efficient. This package refers to the RFC
|
// operations with the same key more efficient. This package refers to the RFC
|
||||||
// 8032 private key as the “seed”.
|
// 8032 private key as the “seed”.
|
||||||
|
//
|
||||||
|
// Beginning with Go 1.13, the functionality of this package was moved to the
|
||||||
|
// standard library as crypto/ed25519. This package only acts as a compatibility
|
||||||
|
// wrapper.
|
||||||
package ed25519
|
package ed25519
|
||||||
|
|
||||||
// This code is a port of the public domain, “ref10” implementation of ed25519
|
|
||||||
// from SUPERCOP.
|
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"crypto/ed25519"
|
||||||
"crypto"
|
|
||||||
cryptorand "crypto/rand"
|
|
||||||
"crypto/sha512"
|
|
||||||
"errors"
|
|
||||||
"io"
|
"io"
|
||||||
"strconv"
|
|
||||||
|
|
||||||
"golang.org/x/crypto/ed25519/internal/edwards25519"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -45,57 +33,21 @@ const (
|
||||||
)
|
)
|
||||||
|
|
||||||
// PublicKey is the type of Ed25519 public keys.
|
// PublicKey is the type of Ed25519 public keys.
|
||||||
type PublicKey []byte
|
//
|
||||||
|
// This type is an alias for crypto/ed25519's PublicKey type.
|
||||||
|
// See the crypto/ed25519 package for the methods on this type.
|
||||||
|
type PublicKey = ed25519.PublicKey
|
||||||
|
|
||||||
// PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
|
// PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
|
||||||
type PrivateKey []byte
|
//
|
||||||
|
// This type is an alias for crypto/ed25519's PrivateKey type.
|
||||||
// Public returns the PublicKey corresponding to priv.
|
// See the crypto/ed25519 package for the methods on this type.
|
||||||
func (priv PrivateKey) Public() crypto.PublicKey {
|
type PrivateKey = ed25519.PrivateKey
|
||||||
publicKey := make([]byte, PublicKeySize)
|
|
||||||
copy(publicKey, priv[32:])
|
|
||||||
return PublicKey(publicKey)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Seed returns the private key seed corresponding to priv. It is provided for
|
|
||||||
// interoperability with RFC 8032. RFC 8032's private keys correspond to seeds
|
|
||||||
// in this package.
|
|
||||||
func (priv PrivateKey) Seed() []byte {
|
|
||||||
seed := make([]byte, SeedSize)
|
|
||||||
copy(seed, priv[:32])
|
|
||||||
return seed
|
|
||||||
}
|
|
||||||
|
|
||||||
// Sign signs the given message with priv.
|
|
||||||
// Ed25519 performs two passes over messages to be signed and therefore cannot
|
|
||||||
// handle pre-hashed messages. Thus opts.HashFunc() must return zero to
|
|
||||||
// indicate the message hasn't been hashed. This can be achieved by passing
|
|
||||||
// crypto.Hash(0) as the value for opts.
|
|
||||||
func (priv PrivateKey) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) (signature []byte, err error) {
|
|
||||||
if opts.HashFunc() != crypto.Hash(0) {
|
|
||||||
return nil, errors.New("ed25519: cannot sign hashed message")
|
|
||||||
}
|
|
||||||
|
|
||||||
return Sign(priv, message), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// GenerateKey generates a public/private key pair using entropy from rand.
|
// GenerateKey generates a public/private key pair using entropy from rand.
|
||||||
// If rand is nil, crypto/rand.Reader will be used.
|
// If rand is nil, crypto/rand.Reader will be used.
|
||||||
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
|
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
|
||||||
if rand == nil {
|
return ed25519.GenerateKey(rand)
|
||||||
rand = cryptorand.Reader
|
|
||||||
}
|
|
||||||
|
|
||||||
seed := make([]byte, SeedSize)
|
|
||||||
if _, err := io.ReadFull(rand, seed); err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
privateKey := NewKeyFromSeed(seed)
|
|
||||||
publicKey := make([]byte, PublicKeySize)
|
|
||||||
copy(publicKey, privateKey[32:])
|
|
||||||
|
|
||||||
return publicKey, privateKey, nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewKeyFromSeed calculates a private key from a seed. It will panic if
|
// NewKeyFromSeed calculates a private key from a seed. It will panic if
|
||||||
|
@ -103,121 +55,17 @@ func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
|
||||||
// with RFC 8032. RFC 8032's private keys correspond to seeds in this
|
// with RFC 8032. RFC 8032's private keys correspond to seeds in this
|
||||||
// package.
|
// package.
|
||||||
func NewKeyFromSeed(seed []byte) PrivateKey {
|
func NewKeyFromSeed(seed []byte) PrivateKey {
|
||||||
if l := len(seed); l != SeedSize {
|
return ed25519.NewKeyFromSeed(seed)
|
||||||
panic("ed25519: bad seed length: " + strconv.Itoa(l))
|
|
||||||
}
|
|
||||||
|
|
||||||
digest := sha512.Sum512(seed)
|
|
||||||
digest[0] &= 248
|
|
||||||
digest[31] &= 127
|
|
||||||
digest[31] |= 64
|
|
||||||
|
|
||||||
var A edwards25519.ExtendedGroupElement
|
|
||||||
var hBytes [32]byte
|
|
||||||
copy(hBytes[:], digest[:])
|
|
||||||
edwards25519.GeScalarMultBase(&A, &hBytes)
|
|
||||||
var publicKeyBytes [32]byte
|
|
||||||
A.ToBytes(&publicKeyBytes)
|
|
||||||
|
|
||||||
privateKey := make([]byte, PrivateKeySize)
|
|
||||||
copy(privateKey, seed)
|
|
||||||
copy(privateKey[32:], publicKeyBytes[:])
|
|
||||||
|
|
||||||
return privateKey
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sign signs the message with privateKey and returns a signature. It will
|
// Sign signs the message with privateKey and returns a signature. It will
|
||||||
// panic if len(privateKey) is not PrivateKeySize.
|
// panic if len(privateKey) is not PrivateKeySize.
|
||||||
func Sign(privateKey PrivateKey, message []byte) []byte {
|
func Sign(privateKey PrivateKey, message []byte) []byte {
|
||||||
if l := len(privateKey); l != PrivateKeySize {
|
return ed25519.Sign(privateKey, message)
|
||||||
panic("ed25519: bad private key length: " + strconv.Itoa(l))
|
|
||||||
}
|
|
||||||
|
|
||||||
h := sha512.New()
|
|
||||||
h.Write(privateKey[:32])
|
|
||||||
|
|
||||||
var digest1, messageDigest, hramDigest [64]byte
|
|
||||||
var expandedSecretKey [32]byte
|
|
||||||
h.Sum(digest1[:0])
|
|
||||||
copy(expandedSecretKey[:], digest1[:])
|
|
||||||
expandedSecretKey[0] &= 248
|
|
||||||
expandedSecretKey[31] &= 63
|
|
||||||
expandedSecretKey[31] |= 64
|
|
||||||
|
|
||||||
h.Reset()
|
|
||||||
h.Write(digest1[32:])
|
|
||||||
h.Write(message)
|
|
||||||
h.Sum(messageDigest[:0])
|
|
||||||
|
|
||||||
var messageDigestReduced [32]byte
|
|
||||||
edwards25519.ScReduce(&messageDigestReduced, &messageDigest)
|
|
||||||
var R edwards25519.ExtendedGroupElement
|
|
||||||
edwards25519.GeScalarMultBase(&R, &messageDigestReduced)
|
|
||||||
|
|
||||||
var encodedR [32]byte
|
|
||||||
R.ToBytes(&encodedR)
|
|
||||||
|
|
||||||
h.Reset()
|
|
||||||
h.Write(encodedR[:])
|
|
||||||
h.Write(privateKey[32:])
|
|
||||||
h.Write(message)
|
|
||||||
h.Sum(hramDigest[:0])
|
|
||||||
var hramDigestReduced [32]byte
|
|
||||||
edwards25519.ScReduce(&hramDigestReduced, &hramDigest)
|
|
||||||
|
|
||||||
var s [32]byte
|
|
||||||
edwards25519.ScMulAdd(&s, &hramDigestReduced, &expandedSecretKey, &messageDigestReduced)
|
|
||||||
|
|
||||||
signature := make([]byte, SignatureSize)
|
|
||||||
copy(signature[:], encodedR[:])
|
|
||||||
copy(signature[32:], s[:])
|
|
||||||
|
|
||||||
return signature
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Verify reports whether sig is a valid signature of message by publicKey. It
|
// Verify reports whether sig is a valid signature of message by publicKey. It
|
||||||
// will panic if len(publicKey) is not PublicKeySize.
|
// will panic if len(publicKey) is not PublicKeySize.
|
||||||
func Verify(publicKey PublicKey, message, sig []byte) bool {
|
func Verify(publicKey PublicKey, message, sig []byte) bool {
|
||||||
if l := len(publicKey); l != PublicKeySize {
|
return ed25519.Verify(publicKey, message, sig)
|
||||||
panic("ed25519: bad public key length: " + strconv.Itoa(l))
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(sig) != SignatureSize || sig[63]&224 != 0 {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
var A edwards25519.ExtendedGroupElement
|
|
||||||
var publicKeyBytes [32]byte
|
|
||||||
copy(publicKeyBytes[:], publicKey)
|
|
||||||
if !A.FromBytes(&publicKeyBytes) {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
edwards25519.FeNeg(&A.X, &A.X)
|
|
||||||
edwards25519.FeNeg(&A.T, &A.T)
|
|
||||||
|
|
||||||
h := sha512.New()
|
|
||||||
h.Write(sig[:32])
|
|
||||||
h.Write(publicKey[:])
|
|
||||||
h.Write(message)
|
|
||||||
var digest [64]byte
|
|
||||||
h.Sum(digest[:0])
|
|
||||||
|
|
||||||
var hReduced [32]byte
|
|
||||||
edwards25519.ScReduce(&hReduced, &digest)
|
|
||||||
|
|
||||||
var R edwards25519.ProjectiveGroupElement
|
|
||||||
var s [32]byte
|
|
||||||
copy(s[:], sig[32:])
|
|
||||||
|
|
||||||
// https://tools.ietf.org/html/rfc8032#section-5.1.7 requires that s be in
|
|
||||||
// the range [0, order) in order to prevent signature malleability.
|
|
||||||
if !edwards25519.ScMinimal(&s) {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
edwards25519.GeDoubleScalarMultVartime(&R, &hReduced, &A, &s)
|
|
||||||
|
|
||||||
var checkR [32]byte
|
|
||||||
R.ToBytes(&checkR)
|
|
||||||
return bytes.Equal(sig[:32], checkR[:])
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,74 +0,0 @@
|
||||||
// Copyright 2019 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
//go:build go1.13
|
|
||||||
// +build go1.13
|
|
||||||
|
|
||||||
// Package ed25519 implements the Ed25519 signature algorithm. See
|
|
||||||
// https://ed25519.cr.yp.to/.
|
|
||||||
//
|
|
||||||
// These functions are also compatible with the “Ed25519” function defined in
|
|
||||||
// RFC 8032. However, unlike RFC 8032's formulation, this package's private key
|
|
||||||
// representation includes a public key suffix to make multiple signing
|
|
||||||
// operations with the same key more efficient. This package refers to the RFC
|
|
||||||
// 8032 private key as the “seed”.
|
|
||||||
//
|
|
||||||
// Beginning with Go 1.13, the functionality of this package was moved to the
|
|
||||||
// standard library as crypto/ed25519. This package only acts as a compatibility
|
|
||||||
// wrapper.
|
|
||||||
package ed25519
|
|
||||||
|
|
||||||
import (
|
|
||||||
"crypto/ed25519"
|
|
||||||
"io"
|
|
||||||
)
|
|
||||||
|
|
||||||
const (
|
|
||||||
// PublicKeySize is the size, in bytes, of public keys as used in this package.
|
|
||||||
PublicKeySize = 32
|
|
||||||
// PrivateKeySize is the size, in bytes, of private keys as used in this package.
|
|
||||||
PrivateKeySize = 64
|
|
||||||
// SignatureSize is the size, in bytes, of signatures generated and verified by this package.
|
|
||||||
SignatureSize = 64
|
|
||||||
// SeedSize is the size, in bytes, of private key seeds. These are the private key representations used by RFC 8032.
|
|
||||||
SeedSize = 32
|
|
||||||
)
|
|
||||||
|
|
||||||
// PublicKey is the type of Ed25519 public keys.
|
|
||||||
//
|
|
||||||
// This type is an alias for crypto/ed25519's PublicKey type.
|
|
||||||
// See the crypto/ed25519 package for the methods on this type.
|
|
||||||
type PublicKey = ed25519.PublicKey
|
|
||||||
|
|
||||||
// PrivateKey is the type of Ed25519 private keys. It implements crypto.Signer.
|
|
||||||
//
|
|
||||||
// This type is an alias for crypto/ed25519's PrivateKey type.
|
|
||||||
// See the crypto/ed25519 package for the methods on this type.
|
|
||||||
type PrivateKey = ed25519.PrivateKey
|
|
||||||
|
|
||||||
// GenerateKey generates a public/private key pair using entropy from rand.
|
|
||||||
// If rand is nil, crypto/rand.Reader will be used.
|
|
||||||
func GenerateKey(rand io.Reader) (PublicKey, PrivateKey, error) {
|
|
||||||
return ed25519.GenerateKey(rand)
|
|
||||||
}
|
|
||||||
|
|
||||||
// NewKeyFromSeed calculates a private key from a seed. It will panic if
|
|
||||||
// len(seed) is not SeedSize. This function is provided for interoperability
|
|
||||||
// with RFC 8032. RFC 8032's private keys correspond to seeds in this
|
|
||||||
// package.
|
|
||||||
func NewKeyFromSeed(seed []byte) PrivateKey {
|
|
||||||
return ed25519.NewKeyFromSeed(seed)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Sign signs the message with privateKey and returns a signature. It will
|
|
||||||
// panic if len(privateKey) is not PrivateKeySize.
|
|
||||||
func Sign(privateKey PrivateKey, message []byte) []byte {
|
|
||||||
return ed25519.Sign(privateKey, message)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Verify reports whether sig is a valid signature of message by publicKey. It
|
|
||||||
// will panic if len(publicKey) is not PublicKeySize.
|
|
||||||
func Verify(publicKey PublicKey, message, sig []byte) bool {
|
|
||||||
return ed25519.Verify(publicKey, message, sig)
|
|
||||||
}
|
|
|
@ -1,12 +0,0 @@
|
||||||
load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
|
||||||
|
|
||||||
go_library(
|
|
||||||
name = "edwards25519",
|
|
||||||
srcs = [
|
|
||||||
"const.go",
|
|
||||||
"edwards25519.go",
|
|
||||||
],
|
|
||||||
importmap = "peridot.resf.org/vendor/golang.org/x/crypto/ed25519/internal/edwards25519",
|
|
||||||
importpath = "golang.org/x/crypto/ed25519/internal/edwards25519",
|
|
||||||
visibility = ["//vendor/golang.org/x/crypto/ed25519:__subpackages__"],
|
|
||||||
)
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -136,7 +136,7 @@ func shiftRightBy2(a uint128) uint128 {
|
||||||
// updateGeneric absorbs msg into the state.h accumulator. For each chunk m of
|
// updateGeneric absorbs msg into the state.h accumulator. For each chunk m of
|
||||||
// 128 bits of message, it computes
|
// 128 bits of message, it computes
|
||||||
//
|
//
|
||||||
// h₊ = (h + m) * r mod 2¹³⁰ - 5
|
// h₊ = (h + m) * r mod 2¹³⁰ - 5
|
||||||
//
|
//
|
||||||
// If the msg length is not a multiple of TagSize, it assumes the last
|
// If the msg length is not a multiple of TagSize, it assumes the last
|
||||||
// incomplete chunk is the final one.
|
// incomplete chunk is the final one.
|
||||||
|
@ -278,8 +278,7 @@ const (
|
||||||
|
|
||||||
// finalize completes the modular reduction of h and computes
|
// finalize completes the modular reduction of h and computes
|
||||||
//
|
//
|
||||||
// out = h + s mod 2¹²⁸
|
// out = h + s mod 2¹²⁸
|
||||||
//
|
|
||||||
func finalize(out *[TagSize]byte, h *[3]uint64, s *[2]uint64) {
|
func finalize(out *[TagSize]byte, h *[3]uint64, s *[2]uint64) {
|
||||||
h0, h1, h2 := h[0], h[1], h[2]
|
h0, h1, h2 := h[0], h[1], h[2]
|
||||||
|
|
||||||
|
|
|
@ -14,6 +14,7 @@ import (
|
||||||
// updateVX is an assembly implementation of Poly1305 that uses vector
|
// updateVX is an assembly implementation of Poly1305 that uses vector
|
||||||
// instructions. It must only be called if the vector facility (vx) is
|
// instructions. It must only be called if the vector facility (vx) is
|
||||||
// available.
|
// available.
|
||||||
|
//
|
||||||
//go:noescape
|
//go:noescape
|
||||||
func updateVX(state *macState, msg []byte)
|
func updateVX(state *macState, msg []byte)
|
||||||
|
|
||||||
|
|
|
@ -23,12 +23,14 @@ import (
|
||||||
// A Block represents an OpenPGP armored structure.
|
// A Block represents an OpenPGP armored structure.
|
||||||
//
|
//
|
||||||
// The encoded form is:
|
// The encoded form is:
|
||||||
// -----BEGIN Type-----
|
|
||||||
// Headers
|
|
||||||
//
|
//
|
||||||
// base64-encoded Bytes
|
// -----BEGIN Type-----
|
||||||
// '=' base64 encoded checksum
|
// Headers
|
||||||
// -----END Type-----
|
//
|
||||||
|
// base64-encoded Bytes
|
||||||
|
// '=' base64 encoded checksum
|
||||||
|
// -----END Type-----
|
||||||
|
//
|
||||||
// where Headers is a possibly empty sequence of Key: Value lines.
|
// where Headers is a possibly empty sequence of Key: Value lines.
|
||||||
//
|
//
|
||||||
// Since the armored data can be very large, this package presents a streaming
|
// Since the armored data can be very large, this package presents a streaming
|
||||||
|
|
|
@ -96,7 +96,8 @@ func (l *lineBreaker) Close() (err error) {
|
||||||
// trailer.
|
// trailer.
|
||||||
//
|
//
|
||||||
// It's built into a stack of io.Writers:
|
// It's built into a stack of io.Writers:
|
||||||
// encoding -> base64 encoder -> lineBreaker -> out
|
//
|
||||||
|
// encoding -> base64 encoder -> lineBreaker -> out
|
||||||
type encoding struct {
|
type encoding struct {
|
||||||
out io.Writer
|
out io.Writer
|
||||||
breaker *lineBreaker
|
breaker *lineBreaker
|
||||||
|
|
|
@ -77,8 +77,8 @@ func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err
|
||||||
// returns the plaintext of the message. An error can result only if the
|
// returns the plaintext of the message. An error can result only if the
|
||||||
// ciphertext is invalid. Users should keep in mind that this is a padding
|
// ciphertext is invalid. Users should keep in mind that this is a padding
|
||||||
// oracle and thus, if exposed to an adaptive chosen ciphertext attack, can
|
// oracle and thus, if exposed to an adaptive chosen ciphertext attack, can
|
||||||
// be used to break the cryptosystem. See ``Chosen Ciphertext Attacks
|
// be used to break the cryptosystem. See “Chosen Ciphertext Attacks
|
||||||
// Against Protocols Based on the RSA Encryption Standard PKCS #1'', Daniel
|
// Against Protocols Based on the RSA Encryption Standard PKCS #1”, Daniel
|
||||||
// Bleichenbacher, Advances in Cryptology (Crypto '98),
|
// Bleichenbacher, Advances in Cryptology (Crypto '98),
|
||||||
func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
|
func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
|
||||||
s := new(big.Int).Exp(c1, priv.X, priv.P)
|
s := new(big.Int).Exp(c1, priv.X, priv.P)
|
||||||
|
|
|
@ -32,7 +32,7 @@ import (
|
||||||
// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
|
// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
|
||||||
// doing:
|
// doing:
|
||||||
//
|
//
|
||||||
// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
|
// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
|
||||||
//
|
//
|
||||||
// Remember to get a good random salt. At least 8 bytes is recommended by the
|
// Remember to get a good random salt. At least 8 bytes is recommended by the
|
||||||
// RFC.
|
// RFC.
|
||||||
|
|
|
@ -8,7 +8,8 @@
|
||||||
// ssh-agent process using the sample server.
|
// ssh-agent process using the sample server.
|
||||||
//
|
//
|
||||||
// References:
|
// References:
|
||||||
// [PROTOCOL.agent]: https://tools.ietf.org/html/draft-miller-ssh-agent-00
|
//
|
||||||
|
// [PROTOCOL.agent]: https://tools.ietf.org/html/draft-miller-ssh-agent-00
|
||||||
package agent // import "golang.org/x/crypto/ssh/agent"
|
package agent // import "golang.org/x/crypto/ssh/agent"
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -25,7 +26,6 @@ import (
|
||||||
"math/big"
|
"math/big"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"crypto"
|
|
||||||
"golang.org/x/crypto/ed25519"
|
"golang.org/x/crypto/ed25519"
|
||||||
"golang.org/x/crypto/ssh"
|
"golang.org/x/crypto/ssh"
|
||||||
)
|
)
|
||||||
|
@ -771,19 +771,53 @@ func (s *agentKeyringSigner) Sign(rand io.Reader, data []byte) (*ssh.Signature,
|
||||||
return s.agent.Sign(s.pub, data)
|
return s.agent.Sign(s.pub, data)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *agentKeyringSigner) SignWithOpts(rand io.Reader, data []byte, opts crypto.SignerOpts) (*ssh.Signature, error) {
|
func (s *agentKeyringSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*ssh.Signature, error) {
|
||||||
var flags SignatureFlags
|
if algorithm == "" || algorithm == underlyingAlgo(s.pub.Type()) {
|
||||||
if opts != nil {
|
return s.Sign(rand, data)
|
||||||
switch opts.HashFunc() {
|
|
||||||
case crypto.SHA256:
|
|
||||||
flags = SignatureFlagRsaSha256
|
|
||||||
case crypto.SHA512:
|
|
||||||
flags = SignatureFlagRsaSha512
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var flags SignatureFlags
|
||||||
|
switch algorithm {
|
||||||
|
case ssh.KeyAlgoRSASHA256:
|
||||||
|
flags = SignatureFlagRsaSha256
|
||||||
|
case ssh.KeyAlgoRSASHA512:
|
||||||
|
flags = SignatureFlagRsaSha512
|
||||||
|
default:
|
||||||
|
return nil, fmt.Errorf("agent: unsupported algorithm %q", algorithm)
|
||||||
|
}
|
||||||
|
|
||||||
return s.agent.SignWithFlags(s.pub, data, flags)
|
return s.agent.SignWithFlags(s.pub, data, flags)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var _ ssh.AlgorithmSigner = &agentKeyringSigner{}
|
||||||
|
|
||||||
|
// certKeyAlgoNames is a mapping from known certificate algorithm names to the
|
||||||
|
// corresponding public key signature algorithm.
|
||||||
|
//
|
||||||
|
// This map must be kept in sync with the one in certs.go.
|
||||||
|
var certKeyAlgoNames = map[string]string{
|
||||||
|
ssh.CertAlgoRSAv01: ssh.KeyAlgoRSA,
|
||||||
|
ssh.CertAlgoRSASHA256v01: ssh.KeyAlgoRSASHA256,
|
||||||
|
ssh.CertAlgoRSASHA512v01: ssh.KeyAlgoRSASHA512,
|
||||||
|
ssh.CertAlgoDSAv01: ssh.KeyAlgoDSA,
|
||||||
|
ssh.CertAlgoECDSA256v01: ssh.KeyAlgoECDSA256,
|
||||||
|
ssh.CertAlgoECDSA384v01: ssh.KeyAlgoECDSA384,
|
||||||
|
ssh.CertAlgoECDSA521v01: ssh.KeyAlgoECDSA521,
|
||||||
|
ssh.CertAlgoSKECDSA256v01: ssh.KeyAlgoSKECDSA256,
|
||||||
|
ssh.CertAlgoED25519v01: ssh.KeyAlgoED25519,
|
||||||
|
ssh.CertAlgoSKED25519v01: ssh.KeyAlgoSKED25519,
|
||||||
|
}
|
||||||
|
|
||||||
|
// underlyingAlgo returns the signature algorithm associated with algo (which is
|
||||||
|
// an advertised or negotiated public key or host key algorithm). These are
|
||||||
|
// usually the same, except for certificate algorithms.
|
||||||
|
func underlyingAlgo(algo string) string {
|
||||||
|
if a, ok := certKeyAlgoNames[algo]; ok {
|
||||||
|
return a
|
||||||
|
}
|
||||||
|
return algo
|
||||||
|
}
|
||||||
|
|
||||||
// Calls an extension method. It is up to the agent implementation as to whether or not
|
// Calls an extension method. It is up to the agent implementation as to whether or not
|
||||||
// any particular extension is supported and may always return an error. Because the
|
// any particular extension is supported and may always return an error. Because the
|
||||||
// type of the response is up to the implementation, this returns the bytes of the
|
// type of the response is up to the implementation, this returns the bytes of the
|
||||||
|
|
|
@ -113,7 +113,7 @@ func (r *keyring) Unlock(passphrase []byte) error {
|
||||||
|
|
||||||
// expireKeysLocked removes expired keys from the keyring. If a key was added
|
// expireKeysLocked removes expired keys from the keyring. If a key was added
|
||||||
// with a lifetimesecs contraint and seconds >= lifetimesecs seconds have
|
// with a lifetimesecs contraint and seconds >= lifetimesecs seconds have
|
||||||
// ellapsed, it is removed. The caller *must* be holding the keyring mutex.
|
// elapsed, it is removed. The caller *must* be holding the keyring mutex.
|
||||||
func (r *keyring) expireKeysLocked() {
|
func (r *keyring) expireKeysLocked() {
|
||||||
for _, k := range r.keys {
|
for _, k := range r.keys {
|
||||||
if k.expire != nil && time.Now().After(*k.expire) {
|
if k.expire != nil && time.Now().After(*k.expire) {
|
||||||
|
@ -205,9 +205,9 @@ func (r *keyring) SignWithFlags(key ssh.PublicKey, data []byte, flags SignatureF
|
||||||
var algorithm string
|
var algorithm string
|
||||||
switch flags {
|
switch flags {
|
||||||
case SignatureFlagRsaSha256:
|
case SignatureFlagRsaSha256:
|
||||||
algorithm = ssh.SigAlgoRSASHA2256
|
algorithm = ssh.KeyAlgoRSASHA256
|
||||||
case SignatureFlagRsaSha512:
|
case SignatureFlagRsaSha512:
|
||||||
algorithm = ssh.SigAlgoRSASHA2512
|
algorithm = ssh.KeyAlgoRSASHA512
|
||||||
default:
|
default:
|
||||||
return nil, fmt.Errorf("agent: unsupported signature flags: %d", flags)
|
return nil, fmt.Errorf("agent: unsupported signature flags: %d", flags)
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,8 +14,10 @@ import (
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
// These constants from [PROTOCOL.certkeys] represent the algorithm names
|
// Certificate algorithm names from [PROTOCOL.certkeys]. These values can appear
|
||||||
// for certificate types supported by this package.
|
// in Certificate.Type, PublicKey.Type, and ClientConfig.HostKeyAlgorithms.
|
||||||
|
// Unlike key algorithm names, these are not passed to AlgorithmSigner and don't
|
||||||
|
// appear in the Signature.Format field.
|
||||||
const (
|
const (
|
||||||
CertAlgoRSAv01 = "ssh-rsa-cert-v01@openssh.com"
|
CertAlgoRSAv01 = "ssh-rsa-cert-v01@openssh.com"
|
||||||
CertAlgoDSAv01 = "ssh-dss-cert-v01@openssh.com"
|
CertAlgoDSAv01 = "ssh-dss-cert-v01@openssh.com"
|
||||||
|
@ -25,6 +27,21 @@ const (
|
||||||
CertAlgoSKECDSA256v01 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
|
CertAlgoSKECDSA256v01 = "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com"
|
||||||
CertAlgoED25519v01 = "ssh-ed25519-cert-v01@openssh.com"
|
CertAlgoED25519v01 = "ssh-ed25519-cert-v01@openssh.com"
|
||||||
CertAlgoSKED25519v01 = "sk-ssh-ed25519-cert-v01@openssh.com"
|
CertAlgoSKED25519v01 = "sk-ssh-ed25519-cert-v01@openssh.com"
|
||||||
|
|
||||||
|
// CertAlgoRSASHA256v01 and CertAlgoRSASHA512v01 can't appear as a
|
||||||
|
// Certificate.Type (or PublicKey.Type), but only in
|
||||||
|
// ClientConfig.HostKeyAlgorithms.
|
||||||
|
CertAlgoRSASHA256v01 = "rsa-sha2-256-cert-v01@openssh.com"
|
||||||
|
CertAlgoRSASHA512v01 = "rsa-sha2-512-cert-v01@openssh.com"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
// Deprecated: use CertAlgoRSAv01.
|
||||||
|
CertSigAlgoRSAv01 = CertAlgoRSAv01
|
||||||
|
// Deprecated: use CertAlgoRSASHA256v01.
|
||||||
|
CertSigAlgoRSASHA2256v01 = CertAlgoRSASHA256v01
|
||||||
|
// Deprecated: use CertAlgoRSASHA512v01.
|
||||||
|
CertSigAlgoRSASHA2512v01 = CertAlgoRSASHA512v01
|
||||||
)
|
)
|
||||||
|
|
||||||
// Certificate types distinguish between host and user
|
// Certificate types distinguish between host and user
|
||||||
|
@ -423,6 +440,16 @@ func (c *Certificate) SignCert(rand io.Reader, authority Signer) error {
|
||||||
}
|
}
|
||||||
c.SignatureKey = authority.PublicKey()
|
c.SignatureKey = authority.PublicKey()
|
||||||
|
|
||||||
|
// Default to KeyAlgoRSASHA512 for ssh-rsa signers.
|
||||||
|
if v, ok := authority.(AlgorithmSigner); ok && v.PublicKey().Type() == KeyAlgoRSA {
|
||||||
|
sig, err := v.SignWithAlgorithm(rand, c.bytesForSigning(), KeyAlgoRSASHA512)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
c.Signature = sig
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
sig, err := authority.Sign(rand, c.bytesForSigning())
|
sig, err := authority.Sign(rand, c.bytesForSigning())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -431,26 +458,42 @@ func (c *Certificate) SignCert(rand io.Reader, authority Signer) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
var certAlgoNames = map[string]string{
|
// certKeyAlgoNames is a mapping from known certificate algorithm names to the
|
||||||
KeyAlgoRSA: CertAlgoRSAv01,
|
// corresponding public key signature algorithm.
|
||||||
KeyAlgoDSA: CertAlgoDSAv01,
|
//
|
||||||
KeyAlgoECDSA256: CertAlgoECDSA256v01,
|
// This map must be kept in sync with the one in agent/client.go.
|
||||||
KeyAlgoECDSA384: CertAlgoECDSA384v01,
|
var certKeyAlgoNames = map[string]string{
|
||||||
KeyAlgoECDSA521: CertAlgoECDSA521v01,
|
CertAlgoRSAv01: KeyAlgoRSA,
|
||||||
KeyAlgoSKECDSA256: CertAlgoSKECDSA256v01,
|
CertAlgoRSASHA256v01: KeyAlgoRSASHA256,
|
||||||
KeyAlgoED25519: CertAlgoED25519v01,
|
CertAlgoRSASHA512v01: KeyAlgoRSASHA512,
|
||||||
KeyAlgoSKED25519: CertAlgoSKED25519v01,
|
CertAlgoDSAv01: KeyAlgoDSA,
|
||||||
|
CertAlgoECDSA256v01: KeyAlgoECDSA256,
|
||||||
|
CertAlgoECDSA384v01: KeyAlgoECDSA384,
|
||||||
|
CertAlgoECDSA521v01: KeyAlgoECDSA521,
|
||||||
|
CertAlgoSKECDSA256v01: KeyAlgoSKECDSA256,
|
||||||
|
CertAlgoED25519v01: KeyAlgoED25519,
|
||||||
|
CertAlgoSKED25519v01: KeyAlgoSKED25519,
|
||||||
}
|
}
|
||||||
|
|
||||||
// certToPrivAlgo returns the underlying algorithm for a certificate algorithm.
|
// underlyingAlgo returns the signature algorithm associated with algo (which is
|
||||||
// Panics if a non-certificate algorithm is passed.
|
// an advertised or negotiated public key or host key algorithm). These are
|
||||||
func certToPrivAlgo(algo string) string {
|
// usually the same, except for certificate algorithms.
|
||||||
for privAlgo, pubAlgo := range certAlgoNames {
|
func underlyingAlgo(algo string) string {
|
||||||
if pubAlgo == algo {
|
if a, ok := certKeyAlgoNames[algo]; ok {
|
||||||
return privAlgo
|
return a
|
||||||
|
}
|
||||||
|
return algo
|
||||||
|
}
|
||||||
|
|
||||||
|
// certificateAlgo returns the certificate algorithms that uses the provided
|
||||||
|
// underlying signature algorithm.
|
||||||
|
func certificateAlgo(algo string) (certAlgo string, ok bool) {
|
||||||
|
for certName, algoName := range certKeyAlgoNames {
|
||||||
|
if algoName == algo {
|
||||||
|
return certName, true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
panic("unknown cert algorithm")
|
return "", false
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cert *Certificate) bytesForSigning() []byte {
|
func (cert *Certificate) bytesForSigning() []byte {
|
||||||
|
@ -494,13 +537,13 @@ func (c *Certificate) Marshal() []byte {
|
||||||
return result
|
return result
|
||||||
}
|
}
|
||||||
|
|
||||||
// Type returns the key name. It is part of the PublicKey interface.
|
// Type returns the certificate algorithm name. It is part of the PublicKey interface.
|
||||||
func (c *Certificate) Type() string {
|
func (c *Certificate) Type() string {
|
||||||
algo, ok := certAlgoNames[c.Key.Type()]
|
certName, ok := certificateAlgo(c.Key.Type())
|
||||||
if !ok {
|
if !ok {
|
||||||
panic("unknown cert key type " + c.Key.Type())
|
panic("unknown certificate type for key type " + c.Key.Type())
|
||||||
}
|
}
|
||||||
return algo
|
return certName
|
||||||
}
|
}
|
||||||
|
|
||||||
// Verify verifies a signature against the certificate's public
|
// Verify verifies a signature against the certificate's public
|
||||||
|
|
|
@ -394,6 +394,10 @@ func (c *gcmCipher) readCipherPacket(seqNum uint32, r io.Reader) ([]byte, error)
|
||||||
}
|
}
|
||||||
c.incIV()
|
c.incIV()
|
||||||
|
|
||||||
|
if len(plain) == 0 {
|
||||||
|
return nil, errors.New("ssh: empty packet")
|
||||||
|
}
|
||||||
|
|
||||||
padding := plain[0]
|
padding := plain[0]
|
||||||
if padding < 4 {
|
if padding < 4 {
|
||||||
// padding is a byte, so it automatically satisfies
|
// padding is a byte, so it automatically satisfies
|
||||||
|
@ -636,7 +640,7 @@ const chacha20Poly1305ID = "chacha20-poly1305@openssh.com"
|
||||||
// chacha20Poly1305Cipher implements the chacha20-poly1305@openssh.com
|
// chacha20Poly1305Cipher implements the chacha20-poly1305@openssh.com
|
||||||
// AEAD, which is described here:
|
// AEAD, which is described here:
|
||||||
//
|
//
|
||||||
// https://tools.ietf.org/html/draft-josefsson-ssh-chacha20-poly1305-openssh-00
|
// https://tools.ietf.org/html/draft-josefsson-ssh-chacha20-poly1305-openssh-00
|
||||||
//
|
//
|
||||||
// the methods here also implement padding, which RFC4253 Section 6
|
// the methods here also implement padding, which RFC4253 Section 6
|
||||||
// also requires of stream ciphers.
|
// also requires of stream ciphers.
|
||||||
|
@ -710,6 +714,10 @@ func (c *chacha20Poly1305Cipher) readCipherPacket(seqNum uint32, r io.Reader) ([
|
||||||
plain := c.buf[4:contentEnd]
|
plain := c.buf[4:contentEnd]
|
||||||
s.XORKeyStream(plain, plain)
|
s.XORKeyStream(plain, plain)
|
||||||
|
|
||||||
|
if len(plain) == 0 {
|
||||||
|
return nil, errors.New("ssh: empty packet")
|
||||||
|
}
|
||||||
|
|
||||||
padding := plain[0]
|
padding := plain[0]
|
||||||
if padding < 4 {
|
if padding < 4 {
|
||||||
// padding is a byte, so it automatically satisfies
|
// padding is a byte, so it automatically satisfies
|
||||||
|
|
|
@ -113,14 +113,18 @@ func (c *connection) clientHandshake(dialAddress string, config *ClientConfig) e
|
||||||
return c.clientAuthenticate(config)
|
return c.clientAuthenticate(config)
|
||||||
}
|
}
|
||||||
|
|
||||||
// verifyHostKeySignature verifies the host key obtained in the key
|
// verifyHostKeySignature verifies the host key obtained in the key exchange.
|
||||||
// exchange.
|
// algo is the negotiated algorithm, and may be a certificate type.
|
||||||
func verifyHostKeySignature(hostKey PublicKey, result *kexResult) error {
|
func verifyHostKeySignature(hostKey PublicKey, algo string, result *kexResult) error {
|
||||||
sig, rest, ok := parseSignatureBody(result.Signature)
|
sig, rest, ok := parseSignatureBody(result.Signature)
|
||||||
if len(rest) > 0 || !ok {
|
if len(rest) > 0 || !ok {
|
||||||
return errors.New("ssh: signature parse error")
|
return errors.New("ssh: signature parse error")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if a := underlyingAlgo(algo); sig.Format != a {
|
||||||
|
return fmt.Errorf("ssh: invalid signature algorithm %q, expected %q", sig.Format, a)
|
||||||
|
}
|
||||||
|
|
||||||
return hostKey.Verify(result.H, sig)
|
return hostKey.Verify(result.H, sig)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -224,11 +228,11 @@ type ClientConfig struct {
|
||||||
// be used for the connection. If empty, a reasonable default is used.
|
// be used for the connection. If empty, a reasonable default is used.
|
||||||
ClientVersion string
|
ClientVersion string
|
||||||
|
|
||||||
// HostKeyAlgorithms lists the key types that the client will
|
// HostKeyAlgorithms lists the public key algorithms that the client will
|
||||||
// accept from the server as host key, in order of
|
// accept from the server for host key authentication, in order of
|
||||||
// preference. If empty, a reasonable default is used. Any
|
// preference. If empty, a reasonable default is used. Any
|
||||||
// string returned from PublicKey.Type method may be used, or
|
// string returned from a PublicKey.Type method may be used, or
|
||||||
// any of the CertAlgoXxxx and KeyAlgoXxxx constants.
|
// any of the CertAlgo and KeyAlgo constants.
|
||||||
HostKeyAlgorithms []string
|
HostKeyAlgorithms []string
|
||||||
|
|
||||||
// Timeout is the maximum amount of time for the TCP connection to establish.
|
// Timeout is the maximum amount of time for the TCP connection to establish.
|
||||||
|
|
|
@ -9,6 +9,7 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
type authResult int
|
type authResult int
|
||||||
|
@ -29,6 +30,33 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
// The server may choose to send a SSH_MSG_EXT_INFO at this point (if we
|
||||||
|
// advertised willingness to receive one, which we always do) or not. See
|
||||||
|
// RFC 8308, Section 2.4.
|
||||||
|
extensions := make(map[string][]byte)
|
||||||
|
if len(packet) > 0 && packet[0] == msgExtInfo {
|
||||||
|
var extInfo extInfoMsg
|
||||||
|
if err := Unmarshal(packet, &extInfo); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
payload := extInfo.Payload
|
||||||
|
for i := uint32(0); i < extInfo.NumExtensions; i++ {
|
||||||
|
name, rest, ok := parseString(payload)
|
||||||
|
if !ok {
|
||||||
|
return parseError(msgExtInfo)
|
||||||
|
}
|
||||||
|
value, rest, ok := parseString(rest)
|
||||||
|
if !ok {
|
||||||
|
return parseError(msgExtInfo)
|
||||||
|
}
|
||||||
|
extensions[string(name)] = value
|
||||||
|
payload = rest
|
||||||
|
}
|
||||||
|
packet, err = c.transport.readPacket()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
}
|
||||||
var serviceAccept serviceAcceptMsg
|
var serviceAccept serviceAcceptMsg
|
||||||
if err := Unmarshal(packet, &serviceAccept); err != nil {
|
if err := Unmarshal(packet, &serviceAccept); err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -41,7 +69,7 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
|
||||||
|
|
||||||
sessionID := c.transport.getSessionID()
|
sessionID := c.transport.getSessionID()
|
||||||
for auth := AuthMethod(new(noneAuth)); auth != nil; {
|
for auth := AuthMethod(new(noneAuth)); auth != nil; {
|
||||||
ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand)
|
ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand, extensions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
@ -93,7 +121,7 @@ type AuthMethod interface {
|
||||||
// If authentication is not successful, a []string of alternative
|
// If authentication is not successful, a []string of alternative
|
||||||
// method names is returned. If the slice is nil, it will be ignored
|
// method names is returned. If the slice is nil, it will be ignored
|
||||||
// and the previous set of possible methods will be reused.
|
// and the previous set of possible methods will be reused.
|
||||||
auth(session []byte, user string, p packetConn, rand io.Reader) (authResult, []string, error)
|
auth(session []byte, user string, p packetConn, rand io.Reader, extensions map[string][]byte) (authResult, []string, error)
|
||||||
|
|
||||||
// method returns the RFC 4252 method name.
|
// method returns the RFC 4252 method name.
|
||||||
method() string
|
method() string
|
||||||
|
@ -102,7 +130,7 @@ type AuthMethod interface {
|
||||||
// "none" authentication, RFC 4252 section 5.2.
|
// "none" authentication, RFC 4252 section 5.2.
|
||||||
type noneAuth int
|
type noneAuth int
|
||||||
|
|
||||||
func (n *noneAuth) auth(session []byte, user string, c packetConn, rand io.Reader) (authResult, []string, error) {
|
func (n *noneAuth) auth(session []byte, user string, c packetConn, rand io.Reader, _ map[string][]byte) (authResult, []string, error) {
|
||||||
if err := c.writePacket(Marshal(&userAuthRequestMsg{
|
if err := c.writePacket(Marshal(&userAuthRequestMsg{
|
||||||
User: user,
|
User: user,
|
||||||
Service: serviceSSH,
|
Service: serviceSSH,
|
||||||
|
@ -122,7 +150,7 @@ func (n *noneAuth) method() string {
|
||||||
// a function call, e.g. by prompting the user.
|
// a function call, e.g. by prompting the user.
|
||||||
type passwordCallback func() (password string, err error)
|
type passwordCallback func() (password string, err error)
|
||||||
|
|
||||||
func (cb passwordCallback) auth(session []byte, user string, c packetConn, rand io.Reader) (authResult, []string, error) {
|
func (cb passwordCallback) auth(session []byte, user string, c packetConn, rand io.Reader, _ map[string][]byte) (authResult, []string, error) {
|
||||||
type passwordAuthMsg struct {
|
type passwordAuthMsg struct {
|
||||||
User string `sshtype:"50"`
|
User string `sshtype:"50"`
|
||||||
Service string
|
Service string
|
||||||
|
@ -189,7 +217,46 @@ func (cb publicKeyCallback) method() string {
|
||||||
return "publickey"
|
return "publickey"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand io.Reader) (authResult, []string, error) {
|
func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (as AlgorithmSigner, algo string) {
|
||||||
|
keyFormat := signer.PublicKey().Type()
|
||||||
|
|
||||||
|
// Like in sendKexInit, if the public key implements AlgorithmSigner we
|
||||||
|
// assume it supports all algorithms, otherwise only the key format one.
|
||||||
|
as, ok := signer.(AlgorithmSigner)
|
||||||
|
if !ok {
|
||||||
|
return algorithmSignerWrapper{signer}, keyFormat
|
||||||
|
}
|
||||||
|
|
||||||
|
extPayload, ok := extensions["server-sig-algs"]
|
||||||
|
if !ok {
|
||||||
|
// If there is no "server-sig-algs" extension, fall back to the key
|
||||||
|
// format algorithm.
|
||||||
|
return as, keyFormat
|
||||||
|
}
|
||||||
|
|
||||||
|
// The server-sig-algs extension only carries underlying signature
|
||||||
|
// algorithm, but we are trying to select a protocol-level public key
|
||||||
|
// algorithm, which might be a certificate type. Extend the list of server
|
||||||
|
// supported algorithms to include the corresponding certificate algorithms.
|
||||||
|
serverAlgos := strings.Split(string(extPayload), ",")
|
||||||
|
for _, algo := range serverAlgos {
|
||||||
|
if certAlgo, ok := certificateAlgo(algo); ok {
|
||||||
|
serverAlgos = append(serverAlgos, certAlgo)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
keyAlgos := algorithmsForKeyFormat(keyFormat)
|
||||||
|
algo, err := findCommon("public key signature algorithm", keyAlgos, serverAlgos)
|
||||||
|
if err != nil {
|
||||||
|
// If there is no overlap, try the key anyway with the key format
|
||||||
|
// algorithm, to support servers that fail to list all supported
|
||||||
|
// algorithms.
|
||||||
|
return as, keyFormat
|
||||||
|
}
|
||||||
|
return as, algo
|
||||||
|
}
|
||||||
|
|
||||||
|
func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand io.Reader, extensions map[string][]byte) (authResult, []string, error) {
|
||||||
// Authentication is performed by sending an enquiry to test if a key is
|
// Authentication is performed by sending an enquiry to test if a key is
|
||||||
// acceptable to the remote. If the key is acceptable, the client will
|
// acceptable to the remote. If the key is acceptable, the client will
|
||||||
// attempt to authenticate with the valid key. If not the client will repeat
|
// attempt to authenticate with the valid key. If not the client will repeat
|
||||||
|
@ -201,7 +268,10 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
|
||||||
}
|
}
|
||||||
var methods []string
|
var methods []string
|
||||||
for _, signer := range signers {
|
for _, signer := range signers {
|
||||||
ok, err := validateKey(signer.PublicKey(), user, c)
|
pub := signer.PublicKey()
|
||||||
|
as, algo := pickSignatureAlgorithm(signer, extensions)
|
||||||
|
|
||||||
|
ok, err := validateKey(pub, algo, user, c)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
|
@ -209,13 +279,13 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
pub := signer.PublicKey()
|
|
||||||
pubKey := pub.Marshal()
|
pubKey := pub.Marshal()
|
||||||
sign, err := signer.Sign(rand, buildDataSignedForAuth(session, userAuthRequestMsg{
|
data := buildDataSignedForAuth(session, userAuthRequestMsg{
|
||||||
User: user,
|
User: user,
|
||||||
Service: serviceSSH,
|
Service: serviceSSH,
|
||||||
Method: cb.method(),
|
Method: cb.method(),
|
||||||
}, []byte(pub.Type()), pubKey))
|
}, algo, pubKey)
|
||||||
|
sign, err := as.SignWithAlgorithm(rand, data, underlyingAlgo(algo))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
|
@ -229,7 +299,7 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
|
||||||
Service: serviceSSH,
|
Service: serviceSSH,
|
||||||
Method: cb.method(),
|
Method: cb.method(),
|
||||||
HasSig: true,
|
HasSig: true,
|
||||||
Algoname: pub.Type(),
|
Algoname: algo,
|
||||||
PubKey: pubKey,
|
PubKey: pubKey,
|
||||||
Sig: sig,
|
Sig: sig,
|
||||||
}
|
}
|
||||||
|
@ -266,26 +336,25 @@ func containsMethod(methods []string, method string) bool {
|
||||||
}
|
}
|
||||||
|
|
||||||
// validateKey validates the key provided is acceptable to the server.
|
// validateKey validates the key provided is acceptable to the server.
|
||||||
func validateKey(key PublicKey, user string, c packetConn) (bool, error) {
|
func validateKey(key PublicKey, algo string, user string, c packetConn) (bool, error) {
|
||||||
pubKey := key.Marshal()
|
pubKey := key.Marshal()
|
||||||
msg := publickeyAuthMsg{
|
msg := publickeyAuthMsg{
|
||||||
User: user,
|
User: user,
|
||||||
Service: serviceSSH,
|
Service: serviceSSH,
|
||||||
Method: "publickey",
|
Method: "publickey",
|
||||||
HasSig: false,
|
HasSig: false,
|
||||||
Algoname: key.Type(),
|
Algoname: algo,
|
||||||
PubKey: pubKey,
|
PubKey: pubKey,
|
||||||
}
|
}
|
||||||
if err := c.writePacket(Marshal(&msg)); err != nil {
|
if err := c.writePacket(Marshal(&msg)); err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return confirmKeyAck(key, c)
|
return confirmKeyAck(key, algo, c)
|
||||||
}
|
}
|
||||||
|
|
||||||
func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
|
func confirmKeyAck(key PublicKey, algo string, c packetConn) (bool, error) {
|
||||||
pubKey := key.Marshal()
|
pubKey := key.Marshal()
|
||||||
algoname := key.Type()
|
|
||||||
|
|
||||||
for {
|
for {
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
|
@ -302,14 +371,14 @@ func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
|
||||||
if err := Unmarshal(packet, &msg); err != nil {
|
if err := Unmarshal(packet, &msg); err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
if msg.Algo != algoname || !bytes.Equal(msg.PubKey, pubKey) {
|
if msg.Algo != algo || !bytes.Equal(msg.PubKey, pubKey) {
|
||||||
return false, nil
|
return false, nil
|
||||||
}
|
}
|
||||||
return true, nil
|
return true, nil
|
||||||
case msgUserAuthFailure:
|
case msgUserAuthFailure:
|
||||||
return false, nil
|
return false, nil
|
||||||
default:
|
default:
|
||||||
return false, unexpectedMessageError(msgUserAuthSuccess, packet[0])
|
return false, unexpectedMessageError(msgUserAuthPubKeyOk, packet[0])
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -330,6 +399,7 @@ func PublicKeysCallback(getSigners func() (signers []Signer, err error)) AuthMet
|
||||||
// along with a list of remaining authentication methods to try next and
|
// along with a list of remaining authentication methods to try next and
|
||||||
// an error if an unexpected response was received.
|
// an error if an unexpected response was received.
|
||||||
func handleAuthResponse(c packetConn) (authResult, []string, error) {
|
func handleAuthResponse(c packetConn) (authResult, []string, error) {
|
||||||
|
gotMsgExtInfo := false
|
||||||
for {
|
for {
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -341,6 +411,12 @@ func handleAuthResponse(c packetConn) (authResult, []string, error) {
|
||||||
if err := handleBannerResponse(c, packet); err != nil {
|
if err := handleBannerResponse(c, packet); err != nil {
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
|
case msgExtInfo:
|
||||||
|
// Ignore post-authentication RFC 8308 extensions, once.
|
||||||
|
if gotMsgExtInfo {
|
||||||
|
return authFailure, nil, unexpectedMessageError(msgUserAuthSuccess, packet[0])
|
||||||
|
}
|
||||||
|
gotMsgExtInfo = true
|
||||||
case msgUserAuthFailure:
|
case msgUserAuthFailure:
|
||||||
var msg userAuthFailureMsg
|
var msg userAuthFailureMsg
|
||||||
if err := Unmarshal(packet, &msg); err != nil {
|
if err := Unmarshal(packet, &msg); err != nil {
|
||||||
|
@ -380,10 +456,10 @@ func handleBannerResponse(c packetConn, packet []byte) error {
|
||||||
// disabling echoing (e.g. for passwords), and return all the answers.
|
// disabling echoing (e.g. for passwords), and return all the answers.
|
||||||
// Challenge may be called multiple times in a single session. After
|
// Challenge may be called multiple times in a single session. After
|
||||||
// successful authentication, the server may send a challenge with no
|
// successful authentication, the server may send a challenge with no
|
||||||
// questions, for which the user and instruction messages should be
|
// questions, for which the name and instruction messages should be
|
||||||
// printed. RFC 4256 section 3.3 details how the UI should behave for
|
// printed. RFC 4256 section 3.3 details how the UI should behave for
|
||||||
// both CLI and GUI environments.
|
// both CLI and GUI environments.
|
||||||
type KeyboardInteractiveChallenge func(user, instruction string, questions []string, echos []bool) (answers []string, err error)
|
type KeyboardInteractiveChallenge func(name, instruction string, questions []string, echos []bool) (answers []string, err error)
|
||||||
|
|
||||||
// KeyboardInteractive returns an AuthMethod using a prompt/response
|
// KeyboardInteractive returns an AuthMethod using a prompt/response
|
||||||
// sequence controlled by the server.
|
// sequence controlled by the server.
|
||||||
|
@ -395,7 +471,7 @@ func (cb KeyboardInteractiveChallenge) method() string {
|
||||||
return "keyboard-interactive"
|
return "keyboard-interactive"
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packetConn, rand io.Reader) (authResult, []string, error) {
|
func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packetConn, rand io.Reader, _ map[string][]byte) (authResult, []string, error) {
|
||||||
type initiateMsg struct {
|
type initiateMsg struct {
|
||||||
User string `sshtype:"50"`
|
User string `sshtype:"50"`
|
||||||
Service string
|
Service string
|
||||||
|
@ -412,6 +488,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
gotMsgExtInfo := false
|
||||||
for {
|
for {
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -425,6 +502,13 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
continue
|
continue
|
||||||
|
case msgExtInfo:
|
||||||
|
// Ignore post-authentication RFC 8308 extensions, once.
|
||||||
|
if gotMsgExtInfo {
|
||||||
|
return authFailure, nil, unexpectedMessageError(msgUserAuthInfoRequest, packet[0])
|
||||||
|
}
|
||||||
|
gotMsgExtInfo = true
|
||||||
|
continue
|
||||||
case msgUserAuthInfoRequest:
|
case msgUserAuthInfoRequest:
|
||||||
// OK
|
// OK
|
||||||
case msgUserAuthFailure:
|
case msgUserAuthFailure:
|
||||||
|
@ -465,7 +549,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
|
||||||
return authFailure, nil, errors.New("ssh: extra data following keyboard-interactive pairs")
|
return authFailure, nil, errors.New("ssh: extra data following keyboard-interactive pairs")
|
||||||
}
|
}
|
||||||
|
|
||||||
answers, err := cb(msg.User, msg.Instruction, prompts, echos)
|
answers, err := cb(msg.Name, msg.Instruction, prompts, echos)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return authFailure, nil, err
|
return authFailure, nil, err
|
||||||
}
|
}
|
||||||
|
@ -497,9 +581,9 @@ type retryableAuthMethod struct {
|
||||||
maxTries int
|
maxTries int
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *retryableAuthMethod) auth(session []byte, user string, c packetConn, rand io.Reader) (ok authResult, methods []string, err error) {
|
func (r *retryableAuthMethod) auth(session []byte, user string, c packetConn, rand io.Reader, extensions map[string][]byte) (ok authResult, methods []string, err error) {
|
||||||
for i := 0; r.maxTries <= 0 || i < r.maxTries; i++ {
|
for i := 0; r.maxTries <= 0 || i < r.maxTries; i++ {
|
||||||
ok, methods, err = r.authMethod.auth(session, user, c, rand)
|
ok, methods, err = r.authMethod.auth(session, user, c, rand, extensions)
|
||||||
if ok != authFailure || err != nil { // either success, partial success or error terminate
|
if ok != authFailure || err != nil { // either success, partial success or error terminate
|
||||||
return ok, methods, err
|
return ok, methods, err
|
||||||
}
|
}
|
||||||
|
@ -542,7 +626,7 @@ type gssAPIWithMICCallback struct {
|
||||||
target string
|
target string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (g *gssAPIWithMICCallback) auth(session []byte, user string, c packetConn, rand io.Reader) (authResult, []string, error) {
|
func (g *gssAPIWithMICCallback) auth(session []byte, user string, c packetConn, rand io.Reader, _ map[string][]byte) (authResult, []string, error) {
|
||||||
m := &userAuthRequestMsg{
|
m := &userAuthRequestMsg{
|
||||||
User: user,
|
User: user,
|
||||||
Service: serviceSSH,
|
Service: serviceSSH,
|
||||||
|
|
|
@ -44,11 +44,11 @@ var preferredCiphers = []string{
|
||||||
// supportedKexAlgos specifies the supported key-exchange algorithms in
|
// supportedKexAlgos specifies the supported key-exchange algorithms in
|
||||||
// preference order.
|
// preference order.
|
||||||
var supportedKexAlgos = []string{
|
var supportedKexAlgos = []string{
|
||||||
kexAlgoCurve25519SHA256,
|
kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
|
||||||
// P384 and P521 are not constant-time yet, but since we don't
|
// P384 and P521 are not constant-time yet, but since we don't
|
||||||
// reuse ephemeral keys, using them for ECDH should be OK.
|
// reuse ephemeral keys, using them for ECDH should be OK.
|
||||||
kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
|
kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
|
||||||
kexAlgoDH14SHA1, kexAlgoDH1SHA1,
|
kexAlgoDH14SHA256, kexAlgoDH14SHA1, kexAlgoDH1SHA1,
|
||||||
}
|
}
|
||||||
|
|
||||||
// serverForbiddenKexAlgos contains key exchange algorithms, that are forbidden
|
// serverForbiddenKexAlgos contains key exchange algorithms, that are forbidden
|
||||||
|
@ -61,18 +61,20 @@ var serverForbiddenKexAlgos = map[string]struct{}{
|
||||||
// preferredKexAlgos specifies the default preference for key-exchange algorithms
|
// preferredKexAlgos specifies the default preference for key-exchange algorithms
|
||||||
// in preference order.
|
// in preference order.
|
||||||
var preferredKexAlgos = []string{
|
var preferredKexAlgos = []string{
|
||||||
kexAlgoCurve25519SHA256,
|
kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
|
||||||
kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
|
kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
|
||||||
kexAlgoDH14SHA1,
|
kexAlgoDH14SHA256, kexAlgoDH14SHA1,
|
||||||
}
|
}
|
||||||
|
|
||||||
// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
|
// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
|
||||||
// of authenticating servers) in preference order.
|
// of authenticating servers) in preference order.
|
||||||
var supportedHostKeyAlgos = []string{
|
var supportedHostKeyAlgos = []string{
|
||||||
|
CertAlgoRSASHA512v01, CertAlgoRSASHA256v01,
|
||||||
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
|
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
|
||||||
CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,
|
CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,
|
||||||
|
|
||||||
KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
|
KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
|
||||||
|
KeyAlgoRSASHA512, KeyAlgoRSASHA256,
|
||||||
KeyAlgoRSA, KeyAlgoDSA,
|
KeyAlgoRSA, KeyAlgoDSA,
|
||||||
|
|
||||||
KeyAlgoED25519,
|
KeyAlgoED25519,
|
||||||
|
@ -87,19 +89,33 @@ var supportedMACs = []string{
|
||||||
|
|
||||||
var supportedCompressions = []string{compressionNone}
|
var supportedCompressions = []string{compressionNone}
|
||||||
|
|
||||||
// hashFuncs keeps the mapping of supported algorithms to their respective
|
// hashFuncs keeps the mapping of supported signature algorithms to their
|
||||||
// hashes needed for signature verification.
|
// respective hashes needed for signing and verification.
|
||||||
var hashFuncs = map[string]crypto.Hash{
|
var hashFuncs = map[string]crypto.Hash{
|
||||||
KeyAlgoRSA: crypto.SHA1,
|
KeyAlgoRSA: crypto.SHA1,
|
||||||
KeyAlgoDSA: crypto.SHA1,
|
KeyAlgoRSASHA256: crypto.SHA256,
|
||||||
KeyAlgoECDSA256: crypto.SHA256,
|
KeyAlgoRSASHA512: crypto.SHA512,
|
||||||
KeyAlgoECDSA384: crypto.SHA384,
|
KeyAlgoDSA: crypto.SHA1,
|
||||||
KeyAlgoECDSA521: crypto.SHA512,
|
KeyAlgoECDSA256: crypto.SHA256,
|
||||||
CertAlgoRSAv01: crypto.SHA1,
|
KeyAlgoECDSA384: crypto.SHA384,
|
||||||
CertAlgoDSAv01: crypto.SHA1,
|
KeyAlgoECDSA521: crypto.SHA512,
|
||||||
CertAlgoECDSA256v01: crypto.SHA256,
|
// KeyAlgoED25519 doesn't pre-hash.
|
||||||
CertAlgoECDSA384v01: crypto.SHA384,
|
KeyAlgoSKECDSA256: crypto.SHA256,
|
||||||
CertAlgoECDSA521v01: crypto.SHA512,
|
KeyAlgoSKED25519: crypto.SHA256,
|
||||||
|
}
|
||||||
|
|
||||||
|
// algorithmsForKeyFormat returns the supported signature algorithms for a given
|
||||||
|
// public key format (PublicKey.Type), in order of preference. See RFC 8332,
|
||||||
|
// Section 2. See also the note in sendKexInit on backwards compatibility.
|
||||||
|
func algorithmsForKeyFormat(keyFormat string) []string {
|
||||||
|
switch keyFormat {
|
||||||
|
case KeyAlgoRSA:
|
||||||
|
return []string{KeyAlgoRSASHA256, KeyAlgoRSASHA512, KeyAlgoRSA}
|
||||||
|
case CertAlgoRSAv01:
|
||||||
|
return []string{CertAlgoRSASHA256v01, CertAlgoRSASHA512v01, CertAlgoRSAv01}
|
||||||
|
default:
|
||||||
|
return []string{keyFormat}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// unexpectedMessageError results when the SSH message that we received didn't
|
// unexpectedMessageError results when the SSH message that we received didn't
|
||||||
|
@ -146,6 +162,11 @@ func (a *directionAlgorithms) rekeyBytes() int64 {
|
||||||
return 1 << 30
|
return 1 << 30
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var aeadCiphers = map[string]bool{
|
||||||
|
gcmCipherID: true,
|
||||||
|
chacha20Poly1305ID: true,
|
||||||
|
}
|
||||||
|
|
||||||
type algorithms struct {
|
type algorithms struct {
|
||||||
kex string
|
kex string
|
||||||
hostKey string
|
hostKey string
|
||||||
|
@ -181,14 +202,18 @@ func findAgreedAlgorithms(isClient bool, clientKexInit, serverKexInit *kexInitMs
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctos.MAC, err = findCommon("client to server MAC", clientKexInit.MACsClientServer, serverKexInit.MACsClientServer)
|
if !aeadCiphers[ctos.Cipher] {
|
||||||
if err != nil {
|
ctos.MAC, err = findCommon("client to server MAC", clientKexInit.MACsClientServer, serverKexInit.MACsClientServer)
|
||||||
return
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
stoc.MAC, err = findCommon("server to client MAC", clientKexInit.MACsServerClient, serverKexInit.MACsServerClient)
|
if !aeadCiphers[stoc.Cipher] {
|
||||||
if err != nil {
|
stoc.MAC, err = findCommon("server to client MAC", clientKexInit.MACsServerClient, serverKexInit.MACsServerClient)
|
||||||
return
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ctos.Compression, err = findCommon("client to server compression", clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
|
ctos.Compression, err = findCommon("client to server compression", clientKexInit.CompressionClientServer, serverKexInit.CompressionClientServer)
|
||||||
|
@ -272,8 +297,9 @@ func (c *Config) SetDefaults() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// buildDataSignedForAuth returns the data that is signed in order to prove
|
// buildDataSignedForAuth returns the data that is signed in order to prove
|
||||||
// possession of a private key. See RFC 4252, section 7.
|
// possession of a private key. See RFC 4252, section 7. algo is the advertised
|
||||||
func buildDataSignedForAuth(sessionID []byte, req userAuthRequestMsg, algo, pubKey []byte) []byte {
|
// algorithm, and may be a certificate type.
|
||||||
|
func buildDataSignedForAuth(sessionID []byte, req userAuthRequestMsg, algo string, pubKey []byte) []byte {
|
||||||
data := struct {
|
data := struct {
|
||||||
Session []byte
|
Session []byte
|
||||||
Type byte
|
Type byte
|
||||||
|
@ -281,7 +307,7 @@ func buildDataSignedForAuth(sessionID []byte, req userAuthRequestMsg, algo, pubK
|
||||||
Service string
|
Service string
|
||||||
Method string
|
Method string
|
||||||
Sign bool
|
Sign bool
|
||||||
Algo []byte
|
Algo string
|
||||||
PubKey []byte
|
PubKey []byte
|
||||||
}{
|
}{
|
||||||
sessionID,
|
sessionID,
|
||||||
|
|
|
@ -12,8 +12,9 @@ the multiplexed nature of SSH is exposed to users that wish to support
|
||||||
others.
|
others.
|
||||||
|
|
||||||
References:
|
References:
|
||||||
[PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
|
|
||||||
[SSH-PARAMETERS]: http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
|
[PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
|
||||||
|
[SSH-PARAMETERS]: http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
|
||||||
|
|
||||||
This package does not fall under the stability promise of the Go language itself,
|
This package does not fall under the stability promise of the Go language itself,
|
||||||
so its API may be changed when pressing needs arise.
|
so its API may be changed when pressing needs arise.
|
||||||
|
|
|
@ -455,14 +455,38 @@ func (t *handshakeTransport) sendKexInit() error {
|
||||||
}
|
}
|
||||||
io.ReadFull(rand.Reader, msg.Cookie[:])
|
io.ReadFull(rand.Reader, msg.Cookie[:])
|
||||||
|
|
||||||
if len(t.hostKeys) > 0 {
|
isServer := len(t.hostKeys) > 0
|
||||||
|
if isServer {
|
||||||
for _, k := range t.hostKeys {
|
for _, k := range t.hostKeys {
|
||||||
msg.ServerHostKeyAlgos = append(
|
// If k is an AlgorithmSigner, presume it supports all signature algorithms
|
||||||
msg.ServerHostKeyAlgos, k.PublicKey().Type())
|
// associated with the key format. (Ideally AlgorithmSigner would have a
|
||||||
|
// method to advertise supported algorithms, but it doesn't. This means that
|
||||||
|
// adding support for a new algorithm is a breaking change, as we will
|
||||||
|
// immediately negotiate it even if existing implementations don't support
|
||||||
|
// it. If that ever happens, we'll have to figure something out.)
|
||||||
|
// If k is not an AlgorithmSigner, we can only assume it only supports the
|
||||||
|
// algorithms that matches the key format. (This means that Sign can't pick
|
||||||
|
// a different default.)
|
||||||
|
keyFormat := k.PublicKey().Type()
|
||||||
|
if _, ok := k.(AlgorithmSigner); ok {
|
||||||
|
msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, algorithmsForKeyFormat(keyFormat)...)
|
||||||
|
} else {
|
||||||
|
msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, keyFormat)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
msg.ServerHostKeyAlgos = t.hostKeyAlgorithms
|
msg.ServerHostKeyAlgos = t.hostKeyAlgorithms
|
||||||
|
|
||||||
|
// As a client we opt in to receiving SSH_MSG_EXT_INFO so we know what
|
||||||
|
// algorithms the server supports for public key authentication. See RFC
|
||||||
|
// 8308, Section 2.1.
|
||||||
|
if firstKeyExchange := t.sessionID == nil; firstKeyExchange {
|
||||||
|
msg.KexAlgos = make([]string, 0, len(t.config.KeyExchanges)+1)
|
||||||
|
msg.KexAlgos = append(msg.KexAlgos, t.config.KeyExchanges...)
|
||||||
|
msg.KexAlgos = append(msg.KexAlgos, "ext-info-c")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
packet := Marshal(msg)
|
packet := Marshal(msg)
|
||||||
|
|
||||||
// writePacket destroys the contents, so save a copy.
|
// writePacket destroys the contents, so save a copy.
|
||||||
|
@ -582,9 +606,9 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
|
||||||
|
|
||||||
var result *kexResult
|
var result *kexResult
|
||||||
if len(t.hostKeys) > 0 {
|
if len(t.hostKeys) > 0 {
|
||||||
result, err = t.server(kex, t.algorithms, &magics)
|
result, err = t.server(kex, &magics)
|
||||||
} else {
|
} else {
|
||||||
result, err = t.client(kex, t.algorithms, &magics)
|
result, err = t.client(kex, &magics)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -611,19 +635,52 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *handshakeTransport) server(kex kexAlgorithm, algs *algorithms, magics *handshakeMagics) (*kexResult, error) {
|
// algorithmSignerWrapper is an AlgorithmSigner that only supports the default
|
||||||
var hostKey Signer
|
// key format algorithm.
|
||||||
for _, k := range t.hostKeys {
|
//
|
||||||
if algs.hostKey == k.PublicKey().Type() {
|
// This is technically a violation of the AlgorithmSigner interface, but it
|
||||||
hostKey = k
|
// should be unreachable given where we use this. Anyway, at least it returns an
|
||||||
|
// error instead of panicing or producing an incorrect signature.
|
||||||
|
type algorithmSignerWrapper struct {
|
||||||
|
Signer
|
||||||
|
}
|
||||||
|
|
||||||
|
func (a algorithmSignerWrapper) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
|
||||||
|
if algorithm != underlyingAlgo(a.PublicKey().Type()) {
|
||||||
|
return nil, errors.New("ssh: internal error: algorithmSignerWrapper invoked with non-default algorithm")
|
||||||
|
}
|
||||||
|
return a.Sign(rand, data)
|
||||||
|
}
|
||||||
|
|
||||||
|
func pickHostKey(hostKeys []Signer, algo string) AlgorithmSigner {
|
||||||
|
for _, k := range hostKeys {
|
||||||
|
if algo == k.PublicKey().Type() {
|
||||||
|
return algorithmSignerWrapper{k}
|
||||||
|
}
|
||||||
|
k, ok := k.(AlgorithmSigner)
|
||||||
|
if !ok {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
for _, a := range algorithmsForKeyFormat(k.PublicKey().Type()) {
|
||||||
|
if algo == a {
|
||||||
|
return k
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
r, err := kex.Server(t.conn, t.config.Rand, magics, hostKey)
|
func (t *handshakeTransport) server(kex kexAlgorithm, magics *handshakeMagics) (*kexResult, error) {
|
||||||
|
hostKey := pickHostKey(t.hostKeys, t.algorithms.hostKey)
|
||||||
|
if hostKey == nil {
|
||||||
|
return nil, errors.New("ssh: internal error: negotiated unsupported signature type")
|
||||||
|
}
|
||||||
|
|
||||||
|
r, err := kex.Server(t.conn, t.config.Rand, magics, hostKey, t.algorithms.hostKey)
|
||||||
return r, err
|
return r, err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (t *handshakeTransport) client(kex kexAlgorithm, algs *algorithms, magics *handshakeMagics) (*kexResult, error) {
|
func (t *handshakeTransport) client(kex kexAlgorithm, magics *handshakeMagics) (*kexResult, error) {
|
||||||
result, err := kex.Client(t.conn, t.config.Rand, magics)
|
result, err := kex.Client(t.conn, t.config.Rand, magics)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -634,7 +691,7 @@ func (t *handshakeTransport) client(kex kexAlgorithm, algs *algorithms, magics *
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := verifyHostKeySignature(hostKey, result); err != nil {
|
if err := verifyHostKeySignature(hostKey, t.algorithms.hostKey, result); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -20,12 +20,14 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
kexAlgoDH1SHA1 = "diffie-hellman-group1-sha1"
|
kexAlgoDH1SHA1 = "diffie-hellman-group1-sha1"
|
||||||
kexAlgoDH14SHA1 = "diffie-hellman-group14-sha1"
|
kexAlgoDH14SHA1 = "diffie-hellman-group14-sha1"
|
||||||
kexAlgoECDH256 = "ecdh-sha2-nistp256"
|
kexAlgoDH14SHA256 = "diffie-hellman-group14-sha256"
|
||||||
kexAlgoECDH384 = "ecdh-sha2-nistp384"
|
kexAlgoECDH256 = "ecdh-sha2-nistp256"
|
||||||
kexAlgoECDH521 = "ecdh-sha2-nistp521"
|
kexAlgoECDH384 = "ecdh-sha2-nistp384"
|
||||||
kexAlgoCurve25519SHA256 = "curve25519-sha256@libssh.org"
|
kexAlgoECDH521 = "ecdh-sha2-nistp521"
|
||||||
|
kexAlgoCurve25519SHA256LibSSH = "curve25519-sha256@libssh.org"
|
||||||
|
kexAlgoCurve25519SHA256 = "curve25519-sha256"
|
||||||
|
|
||||||
// For the following kex only the client half contains a production
|
// For the following kex only the client half contains a production
|
||||||
// ready implementation. The server half only consists of a minimal
|
// ready implementation. The server half only consists of a minimal
|
||||||
|
@ -75,8 +77,9 @@ func (m *handshakeMagics) write(w io.Writer) {
|
||||||
// kexAlgorithm abstracts different key exchange algorithms.
|
// kexAlgorithm abstracts different key exchange algorithms.
|
||||||
type kexAlgorithm interface {
|
type kexAlgorithm interface {
|
||||||
// Server runs server-side key agreement, signing the result
|
// Server runs server-side key agreement, signing the result
|
||||||
// with a hostkey.
|
// with a hostkey. algo is the negotiated algorithm, and may
|
||||||
Server(p packetConn, rand io.Reader, magics *handshakeMagics, s Signer) (*kexResult, error)
|
// be a certificate type.
|
||||||
|
Server(p packetConn, rand io.Reader, magics *handshakeMagics, s AlgorithmSigner, algo string) (*kexResult, error)
|
||||||
|
|
||||||
// Client runs the client-side key agreement. Caller is
|
// Client runs the client-side key agreement. Caller is
|
||||||
// responsible for verifying the host key signature.
|
// responsible for verifying the host key signature.
|
||||||
|
@ -86,6 +89,7 @@ type kexAlgorithm interface {
|
||||||
// dhGroup is a multiplicative group suitable for implementing Diffie-Hellman key agreement.
|
// dhGroup is a multiplicative group suitable for implementing Diffie-Hellman key agreement.
|
||||||
type dhGroup struct {
|
type dhGroup struct {
|
||||||
g, p, pMinus1 *big.Int
|
g, p, pMinus1 *big.Int
|
||||||
|
hashFunc crypto.Hash
|
||||||
}
|
}
|
||||||
|
|
||||||
func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int, error) {
|
func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int, error) {
|
||||||
|
@ -96,8 +100,6 @@ func (group *dhGroup) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int,
|
||||||
}
|
}
|
||||||
|
|
||||||
func (group *dhGroup) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
|
func (group *dhGroup) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
|
||||||
hashFunc := crypto.SHA1
|
|
||||||
|
|
||||||
var x *big.Int
|
var x *big.Int
|
||||||
for {
|
for {
|
||||||
var err error
|
var err error
|
||||||
|
@ -132,7 +134,7 @@ func (group *dhGroup) Client(c packetConn, randSource io.Reader, magics *handsha
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
h := hashFunc.New()
|
h := group.hashFunc.New()
|
||||||
magics.write(h)
|
magics.write(h)
|
||||||
writeString(h, kexDHReply.HostKey)
|
writeString(h, kexDHReply.HostKey)
|
||||||
writeInt(h, X)
|
writeInt(h, X)
|
||||||
|
@ -146,12 +148,11 @@ func (group *dhGroup) Client(c packetConn, randSource io.Reader, magics *handsha
|
||||||
K: K,
|
K: K,
|
||||||
HostKey: kexDHReply.HostKey,
|
HostKey: kexDHReply.HostKey,
|
||||||
Signature: kexDHReply.Signature,
|
Signature: kexDHReply.Signature,
|
||||||
Hash: crypto.SHA1,
|
Hash: group.hashFunc,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv Signer) (result *kexResult, err error) {
|
func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
|
||||||
hashFunc := crypto.SHA1
|
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
@ -179,7 +180,7 @@ func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handsha
|
||||||
|
|
||||||
hostKeyBytes := priv.PublicKey().Marshal()
|
hostKeyBytes := priv.PublicKey().Marshal()
|
||||||
|
|
||||||
h := hashFunc.New()
|
h := group.hashFunc.New()
|
||||||
magics.write(h)
|
magics.write(h)
|
||||||
writeString(h, hostKeyBytes)
|
writeString(h, hostKeyBytes)
|
||||||
writeInt(h, kexDHInit.X)
|
writeInt(h, kexDHInit.X)
|
||||||
|
@ -193,7 +194,7 @@ func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handsha
|
||||||
|
|
||||||
// H is already a hash, but the hostkey signing will apply its
|
// H is already a hash, but the hostkey signing will apply its
|
||||||
// own key-specific hash algorithm.
|
// own key-specific hash algorithm.
|
||||||
sig, err := signAndMarshal(priv, randSource, H)
|
sig, err := signAndMarshal(priv, randSource, H, algo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -211,7 +212,7 @@ func (group *dhGroup) Server(c packetConn, randSource io.Reader, magics *handsha
|
||||||
K: K,
|
K: K,
|
||||||
HostKey: hostKeyBytes,
|
HostKey: hostKeyBytes,
|
||||||
Signature: sig,
|
Signature: sig,
|
||||||
Hash: crypto.SHA1,
|
Hash: group.hashFunc,
|
||||||
}, err
|
}, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -314,7 +315,7 @@ func validateECPublicKey(curve elliptic.Curve, x, y *big.Int) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
func (kex *ecdh) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv Signer) (result *kexResult, err error) {
|
func (kex *ecdh) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -359,7 +360,7 @@ func (kex *ecdh) Server(c packetConn, rand io.Reader, magics *handshakeMagics, p
|
||||||
|
|
||||||
// H is already a hash, but the hostkey signing will apply its
|
// H is already a hash, but the hostkey signing will apply its
|
||||||
// own key-specific hash algorithm.
|
// own key-specific hash algorithm.
|
||||||
sig, err := signAndMarshal(priv, rand, H)
|
sig, err := signAndMarshal(priv, rand, H, algo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -384,39 +385,62 @@ func (kex *ecdh) Server(c packetConn, rand io.Reader, magics *handshakeMagics, p
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ecHash returns the hash to match the given elliptic curve, see RFC
|
||||||
|
// 5656, section 6.2.1
|
||||||
|
func ecHash(curve elliptic.Curve) crypto.Hash {
|
||||||
|
bitSize := curve.Params().BitSize
|
||||||
|
switch {
|
||||||
|
case bitSize <= 256:
|
||||||
|
return crypto.SHA256
|
||||||
|
case bitSize <= 384:
|
||||||
|
return crypto.SHA384
|
||||||
|
}
|
||||||
|
return crypto.SHA512
|
||||||
|
}
|
||||||
|
|
||||||
var kexAlgoMap = map[string]kexAlgorithm{}
|
var kexAlgoMap = map[string]kexAlgorithm{}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
// This is the group called diffie-hellman-group1-sha1 in RFC
|
// This is the group called diffie-hellman-group1-sha1 in
|
||||||
// 4253 and Oakley Group 2 in RFC 2409.
|
// RFC 4253 and Oakley Group 2 in RFC 2409.
|
||||||
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
|
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF", 16)
|
||||||
kexAlgoMap[kexAlgoDH1SHA1] = &dhGroup{
|
kexAlgoMap[kexAlgoDH1SHA1] = &dhGroup{
|
||||||
|
g: new(big.Int).SetInt64(2),
|
||||||
|
p: p,
|
||||||
|
pMinus1: new(big.Int).Sub(p, bigOne),
|
||||||
|
hashFunc: crypto.SHA1,
|
||||||
|
}
|
||||||
|
|
||||||
|
// This are the groups called diffie-hellman-group14-sha1 and
|
||||||
|
// diffie-hellman-group14-sha256 in RFC 4253 and RFC 8268,
|
||||||
|
// and Oakley Group 14 in RFC 3526.
|
||||||
|
p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
|
||||||
|
group14 := &dhGroup{
|
||||||
g: new(big.Int).SetInt64(2),
|
g: new(big.Int).SetInt64(2),
|
||||||
p: p,
|
p: p,
|
||||||
pMinus1: new(big.Int).Sub(p, bigOne),
|
pMinus1: new(big.Int).Sub(p, bigOne),
|
||||||
}
|
}
|
||||||
|
|
||||||
// This is the group called diffie-hellman-group14-sha1 in RFC
|
|
||||||
// 4253 and Oakley Group 14 in RFC 3526.
|
|
||||||
p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
|
|
||||||
|
|
||||||
kexAlgoMap[kexAlgoDH14SHA1] = &dhGroup{
|
kexAlgoMap[kexAlgoDH14SHA1] = &dhGroup{
|
||||||
g: new(big.Int).SetInt64(2),
|
g: group14.g, p: group14.p, pMinus1: group14.pMinus1,
|
||||||
p: p,
|
hashFunc: crypto.SHA1,
|
||||||
pMinus1: new(big.Int).Sub(p, bigOne),
|
}
|
||||||
|
kexAlgoMap[kexAlgoDH14SHA256] = &dhGroup{
|
||||||
|
g: group14.g, p: group14.p, pMinus1: group14.pMinus1,
|
||||||
|
hashFunc: crypto.SHA256,
|
||||||
}
|
}
|
||||||
|
|
||||||
kexAlgoMap[kexAlgoECDH521] = &ecdh{elliptic.P521()}
|
kexAlgoMap[kexAlgoECDH521] = &ecdh{elliptic.P521()}
|
||||||
kexAlgoMap[kexAlgoECDH384] = &ecdh{elliptic.P384()}
|
kexAlgoMap[kexAlgoECDH384] = &ecdh{elliptic.P384()}
|
||||||
kexAlgoMap[kexAlgoECDH256] = &ecdh{elliptic.P256()}
|
kexAlgoMap[kexAlgoECDH256] = &ecdh{elliptic.P256()}
|
||||||
kexAlgoMap[kexAlgoCurve25519SHA256] = &curve25519sha256{}
|
kexAlgoMap[kexAlgoCurve25519SHA256] = &curve25519sha256{}
|
||||||
|
kexAlgoMap[kexAlgoCurve25519SHA256LibSSH] = &curve25519sha256{}
|
||||||
kexAlgoMap[kexAlgoDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
|
kexAlgoMap[kexAlgoDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
|
||||||
kexAlgoMap[kexAlgoDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
|
kexAlgoMap[kexAlgoDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
|
||||||
}
|
}
|
||||||
|
|
||||||
// curve25519sha256 implements the curve25519-sha256@libssh.org key
|
// curve25519sha256 implements the curve25519-sha256 (formerly known as
|
||||||
// agreement protocol, as described in
|
// curve25519-sha256@libssh.org) key exchange method, as described in RFC 8731.
|
||||||
// https://git.libssh.org/projects/libssh.git/tree/doc/curve25519-sha256@libssh.org.txt
|
|
||||||
type curve25519sha256 struct{}
|
type curve25519sha256 struct{}
|
||||||
|
|
||||||
type curve25519KeyPair struct {
|
type curve25519KeyPair struct {
|
||||||
|
@ -486,7 +510,7 @@ func (kex *curve25519sha256) Client(c packetConn, rand io.Reader, magics *handsh
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (kex *curve25519sha256) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv Signer) (result *kexResult, err error) {
|
func (kex *curve25519sha256) Server(c packetConn, rand io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
@ -527,7 +551,7 @@ func (kex *curve25519sha256) Server(c packetConn, rand io.Reader, magics *handsh
|
||||||
|
|
||||||
H := h.Sum(nil)
|
H := h.Sum(nil)
|
||||||
|
|
||||||
sig, err := signAndMarshal(priv, rand, H)
|
sig, err := signAndMarshal(priv, rand, H, algo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -553,7 +577,6 @@ func (kex *curve25519sha256) Server(c packetConn, rand io.Reader, magics *handsh
|
||||||
// diffie-hellman-group-exchange-sha256 key agreement protocols,
|
// diffie-hellman-group-exchange-sha256 key agreement protocols,
|
||||||
// as described in RFC 4419
|
// as described in RFC 4419
|
||||||
type dhGEXSHA struct {
|
type dhGEXSHA struct {
|
||||||
g, p *big.Int
|
|
||||||
hashFunc crypto.Hash
|
hashFunc crypto.Hash
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -563,14 +586,7 @@ const (
|
||||||
dhGroupExchangeMaximumBits = 8192
|
dhGroupExchangeMaximumBits = 8192
|
||||||
)
|
)
|
||||||
|
|
||||||
func (gex *dhGEXSHA) diffieHellman(theirPublic, myPrivate *big.Int) (*big.Int, error) {
|
func (gex *dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
|
||||||
if theirPublic.Sign() <= 0 || theirPublic.Cmp(gex.p) >= 0 {
|
|
||||||
return nil, fmt.Errorf("ssh: DH parameter out of bounds")
|
|
||||||
}
|
|
||||||
return new(big.Int).Exp(theirPublic, myPrivate, gex.p), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshakeMagics) (*kexResult, error) {
|
|
||||||
// Send GexRequest
|
// Send GexRequest
|
||||||
kexDHGexRequest := kexDHGexRequestMsg{
|
kexDHGexRequest := kexDHGexRequestMsg{
|
||||||
MinBits: dhGroupExchangeMinimumBits,
|
MinBits: dhGroupExchangeMinimumBits,
|
||||||
|
@ -587,35 +603,29 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
var kexDHGexGroup kexDHGexGroupMsg
|
var msg kexDHGexGroupMsg
|
||||||
if err = Unmarshal(packet, &kexDHGexGroup); err != nil {
|
if err = Unmarshal(packet, &msg); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// reject if p's bit length < dhGroupExchangeMinimumBits or > dhGroupExchangeMaximumBits
|
// reject if p's bit length < dhGroupExchangeMinimumBits or > dhGroupExchangeMaximumBits
|
||||||
if kexDHGexGroup.P.BitLen() < dhGroupExchangeMinimumBits || kexDHGexGroup.P.BitLen() > dhGroupExchangeMaximumBits {
|
if msg.P.BitLen() < dhGroupExchangeMinimumBits || msg.P.BitLen() > dhGroupExchangeMaximumBits {
|
||||||
return nil, fmt.Errorf("ssh: server-generated gex p is out of range (%d bits)", kexDHGexGroup.P.BitLen())
|
return nil, fmt.Errorf("ssh: server-generated gex p is out of range (%d bits)", msg.P.BitLen())
|
||||||
}
|
}
|
||||||
|
|
||||||
gex.p = kexDHGexGroup.P
|
// Check if g is safe by verifying that 1 < g < p-1
|
||||||
gex.g = kexDHGexGroup.G
|
pMinusOne := new(big.Int).Sub(msg.P, bigOne)
|
||||||
|
if msg.G.Cmp(bigOne) <= 0 || msg.G.Cmp(pMinusOne) >= 0 {
|
||||||
// Check if g is safe by verifing that g > 1 and g < p - 1
|
|
||||||
one := big.NewInt(1)
|
|
||||||
var pMinusOne = &big.Int{}
|
|
||||||
pMinusOne.Sub(gex.p, one)
|
|
||||||
if gex.g.Cmp(one) != 1 && gex.g.Cmp(pMinusOne) != -1 {
|
|
||||||
return nil, fmt.Errorf("ssh: server provided gex g is not safe")
|
return nil, fmt.Errorf("ssh: server provided gex g is not safe")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Send GexInit
|
// Send GexInit
|
||||||
var pHalf = &big.Int{}
|
pHalf := new(big.Int).Rsh(msg.P, 1)
|
||||||
pHalf.Rsh(gex.p, 1)
|
|
||||||
x, err := rand.Int(randSource, pHalf)
|
x, err := rand.Int(randSource, pHalf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
X := new(big.Int).Exp(gex.g, x, gex.p)
|
X := new(big.Int).Exp(msg.G, x, msg.P)
|
||||||
kexDHGexInit := kexDHGexInitMsg{
|
kexDHGexInit := kexDHGexInitMsg{
|
||||||
X: X,
|
X: X,
|
||||||
}
|
}
|
||||||
|
@ -634,13 +644,13 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
kInt, err := gex.diffieHellman(kexDHGexReply.Y, x)
|
if kexDHGexReply.Y.Cmp(bigOne) <= 0 || kexDHGexReply.Y.Cmp(pMinusOne) >= 0 {
|
||||||
if err != nil {
|
return nil, errors.New("ssh: DH parameter out of bounds")
|
||||||
return nil, err
|
|
||||||
}
|
}
|
||||||
|
kInt := new(big.Int).Exp(kexDHGexReply.Y, x, msg.P)
|
||||||
|
|
||||||
// Check if k is safe by verifing that k > 1 and k < p - 1
|
// Check if k is safe by verifying that k > 1 and k < p - 1
|
||||||
if kInt.Cmp(one) != 1 && kInt.Cmp(pMinusOne) != -1 {
|
if kInt.Cmp(bigOne) <= 0 || kInt.Cmp(pMinusOne) >= 0 {
|
||||||
return nil, fmt.Errorf("ssh: derived k is not safe")
|
return nil, fmt.Errorf("ssh: derived k is not safe")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -650,8 +660,8 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMinimumBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMinimumBits))
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangePreferredBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangePreferredBits))
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMaximumBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMaximumBits))
|
||||||
writeInt(h, gex.p)
|
writeInt(h, msg.P)
|
||||||
writeInt(h, gex.g)
|
writeInt(h, msg.G)
|
||||||
writeInt(h, X)
|
writeInt(h, X)
|
||||||
writeInt(h, kexDHGexReply.Y)
|
writeInt(h, kexDHGexReply.Y)
|
||||||
K := make([]byte, intLength(kInt))
|
K := make([]byte, intLength(kInt))
|
||||||
|
@ -670,7 +680,7 @@ func (gex dhGEXSHA) Client(c packetConn, randSource io.Reader, magics *handshake
|
||||||
// Server half implementation of the Diffie Hellman Key Exchange with SHA1 and SHA256.
|
// Server half implementation of the Diffie Hellman Key Exchange with SHA1 and SHA256.
|
||||||
//
|
//
|
||||||
// This is a minimal implementation to satisfy the automated tests.
|
// This is a minimal implementation to satisfy the automated tests.
|
||||||
func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv Signer) (result *kexResult, err error) {
|
func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshakeMagics, priv AlgorithmSigner, algo string) (result *kexResult, err error) {
|
||||||
// Receive GexRequest
|
// Receive GexRequest
|
||||||
packet, err := c.readPacket()
|
packet, err := c.readPacket()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -681,35 +691,17 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// smoosh the user's preferred size into our own limits
|
|
||||||
if kexDHGexRequest.PreferedBits > dhGroupExchangeMaximumBits {
|
|
||||||
kexDHGexRequest.PreferedBits = dhGroupExchangeMaximumBits
|
|
||||||
}
|
|
||||||
if kexDHGexRequest.PreferedBits < dhGroupExchangeMinimumBits {
|
|
||||||
kexDHGexRequest.PreferedBits = dhGroupExchangeMinimumBits
|
|
||||||
}
|
|
||||||
// fix min/max if they're inconsistent. technically, we could just pout
|
|
||||||
// and hang up, but there's no harm in giving them the benefit of the
|
|
||||||
// doubt and just picking a bitsize for them.
|
|
||||||
if kexDHGexRequest.MinBits > kexDHGexRequest.PreferedBits {
|
|
||||||
kexDHGexRequest.MinBits = kexDHGexRequest.PreferedBits
|
|
||||||
}
|
|
||||||
if kexDHGexRequest.MaxBits < kexDHGexRequest.PreferedBits {
|
|
||||||
kexDHGexRequest.MaxBits = kexDHGexRequest.PreferedBits
|
|
||||||
}
|
|
||||||
|
|
||||||
// Send GexGroup
|
// Send GexGroup
|
||||||
// This is the group called diffie-hellman-group14-sha1 in RFC
|
// This is the group called diffie-hellman-group14-sha1 in RFC
|
||||||
// 4253 and Oakley Group 14 in RFC 3526.
|
// 4253 and Oakley Group 14 in RFC 3526.
|
||||||
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
|
p, _ := new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF", 16)
|
||||||
gex.p = p
|
g := big.NewInt(2)
|
||||||
gex.g = big.NewInt(2)
|
|
||||||
|
|
||||||
kexDHGexGroup := kexDHGexGroupMsg{
|
msg := &kexDHGexGroupMsg{
|
||||||
P: gex.p,
|
P: p,
|
||||||
G: gex.g,
|
G: g,
|
||||||
}
|
}
|
||||||
if err := c.writePacket(Marshal(&kexDHGexGroup)); err != nil {
|
if err := c.writePacket(Marshal(msg)); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -723,19 +715,19 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
var pHalf = &big.Int{}
|
pHalf := new(big.Int).Rsh(p, 1)
|
||||||
pHalf.Rsh(gex.p, 1)
|
|
||||||
|
|
||||||
y, err := rand.Int(randSource, pHalf)
|
y, err := rand.Int(randSource, pHalf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
Y := new(big.Int).Exp(g, y, p)
|
||||||
|
|
||||||
Y := new(big.Int).Exp(gex.g, y, gex.p)
|
pMinusOne := new(big.Int).Sub(p, bigOne)
|
||||||
kInt, err := gex.diffieHellman(kexDHGexInit.X, y)
|
if kexDHGexInit.X.Cmp(bigOne) <= 0 || kexDHGexInit.X.Cmp(pMinusOne) >= 0 {
|
||||||
if err != nil {
|
return nil, errors.New("ssh: DH parameter out of bounds")
|
||||||
return nil, err
|
|
||||||
}
|
}
|
||||||
|
kInt := new(big.Int).Exp(kexDHGexInit.X, y, p)
|
||||||
|
|
||||||
hostKeyBytes := priv.PublicKey().Marshal()
|
hostKeyBytes := priv.PublicKey().Marshal()
|
||||||
|
|
||||||
|
@ -745,8 +737,8 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMinimumBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMinimumBits))
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangePreferredBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangePreferredBits))
|
||||||
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMaximumBits))
|
binary.Write(h, binary.BigEndian, uint32(dhGroupExchangeMaximumBits))
|
||||||
writeInt(h, gex.p)
|
writeInt(h, p)
|
||||||
writeInt(h, gex.g)
|
writeInt(h, g)
|
||||||
writeInt(h, kexDHGexInit.X)
|
writeInt(h, kexDHGexInit.X)
|
||||||
writeInt(h, Y)
|
writeInt(h, Y)
|
||||||
|
|
||||||
|
@ -758,7 +750,7 @@ func (gex dhGEXSHA) Server(c packetConn, randSource io.Reader, magics *handshake
|
||||||
|
|
||||||
// H is already a hash, but the hostkey signing will apply its
|
// H is already a hash, but the hostkey signing will apply its
|
||||||
// own key-specific hash algorithm.
|
// own key-specific hash algorithm.
|
||||||
sig, err := signAndMarshal(priv, randSource, H)
|
sig, err := signAndMarshal(priv, randSource, H, algo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,8 +30,9 @@ import (
|
||||||
"golang.org/x/crypto/ssh/internal/bcrypt_pbkdf"
|
"golang.org/x/crypto/ssh/internal/bcrypt_pbkdf"
|
||||||
)
|
)
|
||||||
|
|
||||||
// These constants represent the algorithm names for key types supported by this
|
// Public key algorithms names. These values can appear in PublicKey.Type,
|
||||||
// package.
|
// ClientConfig.HostKeyAlgorithms, Signature.Format, or as AlgorithmSigner
|
||||||
|
// arguments.
|
||||||
const (
|
const (
|
||||||
KeyAlgoRSA = "ssh-rsa"
|
KeyAlgoRSA = "ssh-rsa"
|
||||||
KeyAlgoDSA = "ssh-dss"
|
KeyAlgoDSA = "ssh-dss"
|
||||||
|
@ -41,16 +42,21 @@ const (
|
||||||
KeyAlgoECDSA521 = "ecdsa-sha2-nistp521"
|
KeyAlgoECDSA521 = "ecdsa-sha2-nistp521"
|
||||||
KeyAlgoED25519 = "ssh-ed25519"
|
KeyAlgoED25519 = "ssh-ed25519"
|
||||||
KeyAlgoSKED25519 = "sk-ssh-ed25519@openssh.com"
|
KeyAlgoSKED25519 = "sk-ssh-ed25519@openssh.com"
|
||||||
|
|
||||||
|
// KeyAlgoRSASHA256 and KeyAlgoRSASHA512 are only public key algorithms, not
|
||||||
|
// public key formats, so they can't appear as a PublicKey.Type. The
|
||||||
|
// corresponding PublicKey.Type is KeyAlgoRSA. See RFC 8332, Section 2.
|
||||||
|
KeyAlgoRSASHA256 = "rsa-sha2-256"
|
||||||
|
KeyAlgoRSASHA512 = "rsa-sha2-512"
|
||||||
)
|
)
|
||||||
|
|
||||||
// These constants represent non-default signature algorithms that are supported
|
|
||||||
// as algorithm parameters to AlgorithmSigner.SignWithAlgorithm methods. See
|
|
||||||
// [PROTOCOL.agent] section 4.5.1 and
|
|
||||||
// https://tools.ietf.org/html/draft-ietf-curdle-rsa-sha2-10
|
|
||||||
const (
|
const (
|
||||||
SigAlgoRSA = "ssh-rsa"
|
// Deprecated: use KeyAlgoRSA.
|
||||||
SigAlgoRSASHA2256 = "rsa-sha2-256"
|
SigAlgoRSA = KeyAlgoRSA
|
||||||
SigAlgoRSASHA2512 = "rsa-sha2-512"
|
// Deprecated: use KeyAlgoRSASHA256.
|
||||||
|
SigAlgoRSASHA2256 = KeyAlgoRSASHA256
|
||||||
|
// Deprecated: use KeyAlgoRSASHA512.
|
||||||
|
SigAlgoRSASHA2512 = KeyAlgoRSASHA512
|
||||||
)
|
)
|
||||||
|
|
||||||
// parsePubKey parses a public key of the given algorithm.
|
// parsePubKey parses a public key of the given algorithm.
|
||||||
|
@ -70,7 +76,7 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
|
||||||
case KeyAlgoSKED25519:
|
case KeyAlgoSKED25519:
|
||||||
return parseSKEd25519(in)
|
return parseSKEd25519(in)
|
||||||
case CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
|
case CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
|
||||||
cert, err := parseCert(in, certToPrivAlgo(algo))
|
cert, err := parseCert(in, certKeyAlgoNames[algo])
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
@ -289,18 +295,21 @@ func MarshalAuthorizedKey(key PublicKey) []byte {
|
||||||
return b.Bytes()
|
return b.Bytes()
|
||||||
}
|
}
|
||||||
|
|
||||||
// PublicKey is an abstraction of different types of public keys.
|
// PublicKey represents a public key using an unspecified algorithm.
|
||||||
|
//
|
||||||
|
// Some PublicKeys provided by this package also implement CryptoPublicKey.
|
||||||
type PublicKey interface {
|
type PublicKey interface {
|
||||||
// Type returns the key's type, e.g. "ssh-rsa".
|
// Type returns the key format name, e.g. "ssh-rsa".
|
||||||
Type() string
|
Type() string
|
||||||
|
|
||||||
// Marshal returns the serialized key data in SSH wire format,
|
// Marshal returns the serialized key data in SSH wire format, with the name
|
||||||
// with the name prefix. To unmarshal the returned data, use
|
// prefix. To unmarshal the returned data, use the ParsePublicKey function.
|
||||||
// the ParsePublicKey function.
|
|
||||||
Marshal() []byte
|
Marshal() []byte
|
||||||
|
|
||||||
// Verify that sig is a signature on the given data using this
|
// Verify that sig is a signature on the given data using this key. This
|
||||||
// key. This function will hash the data appropriately first.
|
// method will hash the data appropriately first. sig.Format is allowed to
|
||||||
|
// be any signature algorithm compatible with the key type, the caller
|
||||||
|
// should check if it has more stringent requirements.
|
||||||
Verify(data []byte, sig *Signature) error
|
Verify(data []byte, sig *Signature) error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -311,25 +320,32 @@ type CryptoPublicKey interface {
|
||||||
}
|
}
|
||||||
|
|
||||||
// A Signer can create signatures that verify against a public key.
|
// A Signer can create signatures that verify against a public key.
|
||||||
|
//
|
||||||
|
// Some Signers provided by this package also implement AlgorithmSigner.
|
||||||
type Signer interface {
|
type Signer interface {
|
||||||
// PublicKey returns an associated PublicKey instance.
|
// PublicKey returns the associated PublicKey.
|
||||||
PublicKey() PublicKey
|
PublicKey() PublicKey
|
||||||
|
|
||||||
// Sign returns raw signature for the given data. This method
|
// Sign returns a signature for the given data. This method will hash the
|
||||||
// will apply the hash specified for the keytype to the data.
|
// data appropriately first. The signature algorithm is expected to match
|
||||||
|
// the key format returned by the PublicKey.Type method (and not to be any
|
||||||
|
// alternative algorithm supported by the key format).
|
||||||
Sign(rand io.Reader, data []byte) (*Signature, error)
|
Sign(rand io.Reader, data []byte) (*Signature, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
// A AlgorithmSigner is a Signer that also supports specifying a specific
|
// An AlgorithmSigner is a Signer that also supports specifying an algorithm to
|
||||||
// algorithm to use for signing.
|
// use for signing.
|
||||||
|
//
|
||||||
|
// An AlgorithmSigner can't advertise the algorithms it supports, so it should
|
||||||
|
// be prepared to be invoked with every algorithm supported by the public key
|
||||||
|
// format.
|
||||||
type AlgorithmSigner interface {
|
type AlgorithmSigner interface {
|
||||||
Signer
|
Signer
|
||||||
|
|
||||||
// SignWithAlgorithm is like Signer.Sign, but allows specification of a
|
// SignWithAlgorithm is like Signer.Sign, but allows specifying a desired
|
||||||
// non-default signing algorithm. See the SigAlgo* constants in this
|
// signing algorithm. Callers may pass an empty string for the algorithm in
|
||||||
// package for signature algorithms supported by this package. Callers may
|
// which case the AlgorithmSigner will use a default algorithm. This default
|
||||||
// pass an empty string for the algorithm in which case the AlgorithmSigner
|
// doesn't currently control any behavior in this package.
|
||||||
// will use its default algorithm.
|
|
||||||
SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error)
|
SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -381,17 +397,11 @@ func (r *rsaPublicKey) Marshal() []byte {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
|
func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
|
||||||
var hash crypto.Hash
|
supportedAlgos := algorithmsForKeyFormat(r.Type())
|
||||||
switch sig.Format {
|
if !contains(supportedAlgos, sig.Format) {
|
||||||
case SigAlgoRSA:
|
|
||||||
hash = crypto.SHA1
|
|
||||||
case SigAlgoRSASHA2256:
|
|
||||||
hash = crypto.SHA256
|
|
||||||
case SigAlgoRSASHA2512:
|
|
||||||
hash = crypto.SHA512
|
|
||||||
default:
|
|
||||||
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, r.Type())
|
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, r.Type())
|
||||||
}
|
}
|
||||||
|
hash := hashFuncs[sig.Format]
|
||||||
h := hash.New()
|
h := hash.New()
|
||||||
h.Write(data)
|
h.Write(data)
|
||||||
digest := h.Sum(nil)
|
digest := h.Sum(nil)
|
||||||
|
@ -466,7 +476,7 @@ func (k *dsaPublicKey) Verify(data []byte, sig *Signature) error {
|
||||||
if sig.Format != k.Type() {
|
if sig.Format != k.Type() {
|
||||||
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
||||||
}
|
}
|
||||||
h := crypto.SHA1.New()
|
h := hashFuncs[sig.Format].New()
|
||||||
h.Write(data)
|
h.Write(data)
|
||||||
digest := h.Sum(nil)
|
digest := h.Sum(nil)
|
||||||
|
|
||||||
|
@ -499,7 +509,7 @@ func (k *dsaPrivateKey) PublicKey() PublicKey {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (k *dsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
|
func (k *dsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
|
||||||
return k.SignWithAlgorithm(rand, data, "")
|
return k.SignWithAlgorithm(rand, data, k.PublicKey().Type())
|
||||||
}
|
}
|
||||||
|
|
||||||
func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
|
func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
|
||||||
|
@ -507,7 +517,7 @@ func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm
|
||||||
return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
|
return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
|
||||||
}
|
}
|
||||||
|
|
||||||
h := crypto.SHA1.New()
|
h := hashFuncs[k.PublicKey().Type()].New()
|
||||||
h.Write(data)
|
h.Write(data)
|
||||||
digest := h.Sum(nil)
|
digest := h.Sum(nil)
|
||||||
r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
|
r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
|
||||||
|
@ -603,19 +613,6 @@ func supportedEllipticCurve(curve elliptic.Curve) bool {
|
||||||
return curve == elliptic.P256() || curve == elliptic.P384() || curve == elliptic.P521()
|
return curve == elliptic.P256() || curve == elliptic.P384() || curve == elliptic.P521()
|
||||||
}
|
}
|
||||||
|
|
||||||
// ecHash returns the hash to match the given elliptic curve, see RFC
|
|
||||||
// 5656, section 6.2.1
|
|
||||||
func ecHash(curve elliptic.Curve) crypto.Hash {
|
|
||||||
bitSize := curve.Params().BitSize
|
|
||||||
switch {
|
|
||||||
case bitSize <= 256:
|
|
||||||
return crypto.SHA256
|
|
||||||
case bitSize <= 384:
|
|
||||||
return crypto.SHA384
|
|
||||||
}
|
|
||||||
return crypto.SHA512
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseECDSA parses an ECDSA key according to RFC 5656, section 3.1.
|
// parseECDSA parses an ECDSA key according to RFC 5656, section 3.1.
|
||||||
func parseECDSA(in []byte) (out PublicKey, rest []byte, err error) {
|
func parseECDSA(in []byte) (out PublicKey, rest []byte, err error) {
|
||||||
var w struct {
|
var w struct {
|
||||||
|
@ -671,7 +668,7 @@ func (k *ecdsaPublicKey) Verify(data []byte, sig *Signature) error {
|
||||||
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
||||||
}
|
}
|
||||||
|
|
||||||
h := ecHash(k.Curve).New()
|
h := hashFuncs[sig.Format].New()
|
||||||
h.Write(data)
|
h.Write(data)
|
||||||
digest := h.Sum(nil)
|
digest := h.Sum(nil)
|
||||||
|
|
||||||
|
@ -775,7 +772,7 @@ func (k *skECDSAPublicKey) Verify(data []byte, sig *Signature) error {
|
||||||
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
|
||||||
}
|
}
|
||||||
|
|
||||||
h := ecHash(k.Curve).New()
|
h := hashFuncs[sig.Format].New()
|
||||||
h.Write([]byte(k.application))
|
h.Write([]byte(k.application))
|
||||||
appDigest := h.Sum(nil)
|
appDigest := h.Sum(nil)
|
||||||
|
|
||||||
|
@ -874,7 +871,7 @@ func (k *skEd25519PublicKey) Verify(data []byte, sig *Signature) error {
|
||||||
return fmt.Errorf("invalid size %d for Ed25519 public key", l)
|
return fmt.Errorf("invalid size %d for Ed25519 public key", l)
|
||||||
}
|
}
|
||||||
|
|
||||||
h := sha256.New()
|
h := hashFuncs[sig.Format].New()
|
||||||
h.Write([]byte(k.application))
|
h.Write([]byte(k.application))
|
||||||
appDigest := h.Sum(nil)
|
appDigest := h.Sum(nil)
|
||||||
|
|
||||||
|
@ -961,44 +958,20 @@ func (s *wrappedSigner) PublicKey() PublicKey {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *wrappedSigner) Sign(rand io.Reader, data []byte) (*Signature, error) {
|
func (s *wrappedSigner) Sign(rand io.Reader, data []byte) (*Signature, error) {
|
||||||
return s.SignWithAlgorithm(rand, data, "")
|
return s.SignWithAlgorithm(rand, data, s.pubKey.Type())
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *wrappedSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
|
func (s *wrappedSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
|
||||||
var hashFunc crypto.Hash
|
if algorithm == "" {
|
||||||
|
algorithm = s.pubKey.Type()
|
||||||
if _, ok := s.pubKey.(*rsaPublicKey); ok {
|
|
||||||
// RSA keys support a few hash functions determined by the requested signature algorithm
|
|
||||||
switch algorithm {
|
|
||||||
case "", SigAlgoRSA:
|
|
||||||
algorithm = SigAlgoRSA
|
|
||||||
hashFunc = crypto.SHA1
|
|
||||||
case SigAlgoRSASHA2256:
|
|
||||||
hashFunc = crypto.SHA256
|
|
||||||
case SigAlgoRSASHA2512:
|
|
||||||
hashFunc = crypto.SHA512
|
|
||||||
default:
|
|
||||||
return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
// The only supported algorithm for all other key types is the same as the type of the key
|
|
||||||
if algorithm == "" {
|
|
||||||
algorithm = s.pubKey.Type()
|
|
||||||
} else if algorithm != s.pubKey.Type() {
|
|
||||||
return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
|
|
||||||
}
|
|
||||||
|
|
||||||
switch key := s.pubKey.(type) {
|
|
||||||
case *dsaPublicKey:
|
|
||||||
hashFunc = crypto.SHA1
|
|
||||||
case *ecdsaPublicKey:
|
|
||||||
hashFunc = ecHash(key.Curve)
|
|
||||||
case ed25519PublicKey:
|
|
||||||
default:
|
|
||||||
return nil, fmt.Errorf("ssh: unsupported key type %T", key)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
supportedAlgos := algorithmsForKeyFormat(s.pubKey.Type())
|
||||||
|
if !contains(supportedAlgos, algorithm) {
|
||||||
|
return nil, fmt.Errorf("ssh: unsupported signature algorithm %q for key format %q", algorithm, s.pubKey.Type())
|
||||||
|
}
|
||||||
|
|
||||||
|
hashFunc := hashFuncs[algorithm]
|
||||||
var digest []byte
|
var digest []byte
|
||||||
if hashFunc != 0 {
|
if hashFunc != 0 {
|
||||||
h := hashFunc.New()
|
h := hashFunc.New()
|
||||||
|
|
|
@ -141,6 +141,14 @@ type serviceAcceptMsg struct {
|
||||||
Service string `sshtype:"6"`
|
Service string `sshtype:"6"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// See RFC 8308, section 2.3
|
||||||
|
const msgExtInfo = 7
|
||||||
|
|
||||||
|
type extInfoMsg struct {
|
||||||
|
NumExtensions uint32 `sshtype:"7"`
|
||||||
|
Payload []byte `ssh:"rest"`
|
||||||
|
}
|
||||||
|
|
||||||
// See RFC 4252, section 5.
|
// See RFC 4252, section 5.
|
||||||
const msgUserAuthRequest = 50
|
const msgUserAuthRequest = 50
|
||||||
|
|
||||||
|
@ -180,11 +188,11 @@ const msgUserAuthInfoRequest = 60
|
||||||
const msgUserAuthInfoResponse = 61
|
const msgUserAuthInfoResponse = 61
|
||||||
|
|
||||||
type userAuthInfoRequestMsg struct {
|
type userAuthInfoRequestMsg struct {
|
||||||
User string `sshtype:"60"`
|
Name string `sshtype:"60"`
|
||||||
Instruction string
|
Instruction string
|
||||||
DeprecatedLanguage string
|
Language string
|
||||||
NumPrompts uint32
|
NumPrompts uint32
|
||||||
Prompts []byte `ssh:"rest"`
|
Prompts []byte `ssh:"rest"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// See RFC 4254, section 5.1.
|
// See RFC 4254, section 5.1.
|
||||||
|
@ -782,6 +790,8 @@ func decode(packet []byte) (interface{}, error) {
|
||||||
msg = new(serviceRequestMsg)
|
msg = new(serviceRequestMsg)
|
||||||
case msgServiceAccept:
|
case msgServiceAccept:
|
||||||
msg = new(serviceAcceptMsg)
|
msg = new(serviceAcceptMsg)
|
||||||
|
case msgExtInfo:
|
||||||
|
msg = new(extInfoMsg)
|
||||||
case msgKexInit:
|
case msgKexInit:
|
||||||
msg = new(kexInitMsg)
|
msg = new(kexInitMsg)
|
||||||
case msgKexDHInit:
|
case msgKexDHInit:
|
||||||
|
@ -843,6 +853,7 @@ var packetTypeNames = map[byte]string{
|
||||||
msgDisconnect: "disconnectMsg",
|
msgDisconnect: "disconnectMsg",
|
||||||
msgServiceRequest: "serviceRequestMsg",
|
msgServiceRequest: "serviceRequestMsg",
|
||||||
msgServiceAccept: "serviceAcceptMsg",
|
msgServiceAccept: "serviceAcceptMsg",
|
||||||
|
msgExtInfo: "extInfoMsg",
|
||||||
msgKexInit: "kexInitMsg",
|
msgKexInit: "kexInitMsg",
|
||||||
msgKexDHInit: "kexDHInitMsg",
|
msgKexDHInit: "kexDHInitMsg",
|
||||||
msgKexDHReply: "kexDHReplyMsg",
|
msgKexDHReply: "kexDHReplyMsg",
|
||||||
|
|
|
@ -120,7 +120,7 @@ type ServerConfig struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
// AddHostKey adds a private key as a host key. If an existing host
|
// AddHostKey adds a private key as a host key. If an existing host
|
||||||
// key exists with the same algorithm, it is overwritten. Each server
|
// key exists with the same public key format, it is replaced. Each server
|
||||||
// config must have at least one host key.
|
// config must have at least one host key.
|
||||||
func (s *ServerConfig) AddHostKey(key Signer) {
|
func (s *ServerConfig) AddHostKey(key Signer) {
|
||||||
for i, k := range s.hostKeys {
|
for i, k := range s.hostKeys {
|
||||||
|
@ -212,9 +212,10 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
|
||||||
}
|
}
|
||||||
|
|
||||||
// signAndMarshal signs the data with the appropriate algorithm,
|
// signAndMarshal signs the data with the appropriate algorithm,
|
||||||
// and serializes the result in SSH wire format.
|
// and serializes the result in SSH wire format. algo is the negotiate
|
||||||
func signAndMarshal(k Signer, rand io.Reader, data []byte) ([]byte, error) {
|
// algorithm and may be a certificate type.
|
||||||
sig, err := k.Sign(rand, data)
|
func signAndMarshal(k AlgorithmSigner, rand io.Reader, data []byte, algo string) ([]byte, error) {
|
||||||
|
sig, err := k.SignWithAlgorithm(rand, data, underlyingAlgo(algo))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -284,7 +285,7 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
|
||||||
|
|
||||||
func isAcceptableAlgo(algo string) bool {
|
func isAcceptableAlgo(algo string) bool {
|
||||||
switch algo {
|
switch algo {
|
||||||
case KeyAlgoRSA, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoSKECDSA256, KeyAlgoED25519, KeyAlgoSKED25519,
|
case KeyAlgoRSA, KeyAlgoRSASHA256, KeyAlgoRSASHA512, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoSKECDSA256, KeyAlgoED25519, KeyAlgoSKED25519,
|
||||||
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
|
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoSKECDSA256v01, CertAlgoED25519v01, CertAlgoSKED25519v01:
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
@ -553,6 +554,7 @@ userAuthLoop:
|
||||||
if !ok || len(payload) > 0 {
|
if !ok || len(payload) > 0 {
|
||||||
return nil, parseError(msgUserAuthRequest)
|
return nil, parseError(msgUserAuthRequest)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Ensure the public key algo and signature algo
|
// Ensure the public key algo and signature algo
|
||||||
// are supported. Compare the private key
|
// are supported. Compare the private key
|
||||||
// algorithm name that corresponds to algo with
|
// algorithm name that corresponds to algo with
|
||||||
|
@ -562,7 +564,12 @@ userAuthLoop:
|
||||||
authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
|
authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
signedData := buildDataSignedForAuth(sessionID, userAuthReq, algoBytes, pubKeyData)
|
if underlyingAlgo(algo) != sig.Format {
|
||||||
|
authErr = fmt.Errorf("ssh: signature %q not compatible with selected algorithm %q", sig.Format, algo)
|
||||||
|
break
|
||||||
|
}
|
||||||
|
|
||||||
|
signedData := buildDataSignedForAuth(sessionID, userAuthReq, algo, pubKeyData)
|
||||||
|
|
||||||
if err := pubKey.Verify(signedData, sig); err != nil {
|
if err := pubKey.Verify(signedData, sig); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
@ -633,6 +640,30 @@ userAuthLoop:
|
||||||
}
|
}
|
||||||
|
|
||||||
authFailures++
|
authFailures++
|
||||||
|
if config.MaxAuthTries > 0 && authFailures >= config.MaxAuthTries {
|
||||||
|
// If we have hit the max attempts, don't bother sending the
|
||||||
|
// final SSH_MSG_USERAUTH_FAILURE message, since there are
|
||||||
|
// no more authentication methods which can be attempted,
|
||||||
|
// and this message may cause the client to re-attempt
|
||||||
|
// authentication while we send the disconnect message.
|
||||||
|
// Continue, and trigger the disconnect at the start of
|
||||||
|
// the loop.
|
||||||
|
//
|
||||||
|
// The SSH specification is somewhat confusing about this,
|
||||||
|
// RFC 4252 Section 5.1 requires each authentication failure
|
||||||
|
// be responded to with a respective SSH_MSG_USERAUTH_FAILURE
|
||||||
|
// message, but Section 4 says the server should disconnect
|
||||||
|
// after some number of attempts, but it isn't explicit which
|
||||||
|
// message should take precedence (i.e. should there be a failure
|
||||||
|
// message than a disconnect message, or if we are going to
|
||||||
|
// disconnect, should we only send that message.)
|
||||||
|
//
|
||||||
|
// Either way, OpenSSH disconnects immediately after the last
|
||||||
|
// failed authnetication attempt, and given they are typically
|
||||||
|
// considered the golden implementation it seems reasonable
|
||||||
|
// to match that behavior.
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
var failureMsg userAuthFailureMsg
|
var failureMsg userAuthFailureMsg
|
||||||
if config.PasswordCallback != nil {
|
if config.PasswordCallback != nil {
|
||||||
|
@ -670,7 +701,7 @@ type sshClientKeyboardInteractive struct {
|
||||||
*connection
|
*connection
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *sshClientKeyboardInteractive) Challenge(user, instruction string, questions []string, echos []bool) (answers []string, err error) {
|
func (c *sshClientKeyboardInteractive) Challenge(name, instruction string, questions []string, echos []bool) (answers []string, err error) {
|
||||||
if len(questions) != len(echos) {
|
if len(questions) != len(echos) {
|
||||||
return nil, errors.New("ssh: echos and questions must have equal length")
|
return nil, errors.New("ssh: echos and questions must have equal length")
|
||||||
}
|
}
|
||||||
|
@ -682,6 +713,7 @@ func (c *sshClientKeyboardInteractive) Challenge(user, instruction string, quest
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := c.transport.writePacket(Marshal(&userAuthInfoRequestMsg{
|
if err := c.transport.writePacket(Marshal(&userAuthInfoRequestMsg{
|
||||||
|
Name: name,
|
||||||
Instruction: instruction,
|
Instruction: instruction,
|
||||||
NumPrompts: uint32(len(questions)),
|
NumPrompts: uint32(len(questions)),
|
||||||
Prompts: prompts,
|
Prompts: prompts,
|
||||||
|
|
|
@ -85,6 +85,7 @@ const (
|
||||||
IXANY = 39
|
IXANY = 39
|
||||||
IXOFF = 40
|
IXOFF = 40
|
||||||
IMAXBEL = 41
|
IMAXBEL = 41
|
||||||
|
IUTF8 = 42 // RFC 8160
|
||||||
ISIG = 50
|
ISIG = 50
|
||||||
ICANON = 51
|
ICANON = 51
|
||||||
XCASE = 52
|
XCASE = 52
|
||||||
|
|
|
@ -238,15 +238,19 @@ var (
|
||||||
// (to setup server->client keys) or clientKeys (for client->server keys).
|
// (to setup server->client keys) or clientKeys (for client->server keys).
|
||||||
func newPacketCipher(d direction, algs directionAlgorithms, kex *kexResult) (packetCipher, error) {
|
func newPacketCipher(d direction, algs directionAlgorithms, kex *kexResult) (packetCipher, error) {
|
||||||
cipherMode := cipherModes[algs.Cipher]
|
cipherMode := cipherModes[algs.Cipher]
|
||||||
macMode := macModes[algs.MAC]
|
|
||||||
|
|
||||||
iv := make([]byte, cipherMode.ivSize)
|
iv := make([]byte, cipherMode.ivSize)
|
||||||
key := make([]byte, cipherMode.keySize)
|
key := make([]byte, cipherMode.keySize)
|
||||||
macKey := make([]byte, macMode.keySize)
|
|
||||||
|
|
||||||
generateKeyMaterial(iv, d.ivTag, kex)
|
generateKeyMaterial(iv, d.ivTag, kex)
|
||||||
generateKeyMaterial(key, d.keyTag, kex)
|
generateKeyMaterial(key, d.keyTag, kex)
|
||||||
generateKeyMaterial(macKey, d.macKeyTag, kex)
|
|
||||||
|
var macKey []byte
|
||||||
|
if !aeadCiphers[algs.Cipher] {
|
||||||
|
macMode := macModes[algs.MAC]
|
||||||
|
macKey = make([]byte, macMode.keySize)
|
||||||
|
generateKeyMaterial(macKey, d.macKeyTag, kex)
|
||||||
|
}
|
||||||
|
|
||||||
return cipherModes[algs.Cipher].create(key, iv, macKey, algs)
|
return cipherModes[algs.Cipher].create(key, iv, macKey, algs)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1213,6 +1213,9 @@ func (cs *clientStream) writeRequest(req *http.Request) (err error) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
cc.addStreamLocked(cs) // assigns stream ID
|
cc.addStreamLocked(cs) // assigns stream ID
|
||||||
|
if isConnectionCloseRequest(req) {
|
||||||
|
cc.doNotReuse = true
|
||||||
|
}
|
||||||
cc.mu.Unlock()
|
cc.mu.Unlock()
|
||||||
|
|
||||||
// TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere?
|
// TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere?
|
||||||
|
@ -2313,7 +2316,7 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra
|
||||||
cs.bytesRemain = res.ContentLength
|
cs.bytesRemain = res.ContentLength
|
||||||
res.Body = transportResponseBody{cs}
|
res.Body = transportResponseBody{cs}
|
||||||
|
|
||||||
if cs.requestedGzip && res.Header.Get("Content-Encoding") == "gzip" {
|
if cs.requestedGzip && asciiEqualFold(res.Header.Get("Content-Encoding"), "gzip") {
|
||||||
res.Header.Del("Content-Encoding")
|
res.Header.Del("Content-Encoding")
|
||||||
res.Header.Del("Content-Length")
|
res.Header.Del("Content-Length")
|
||||||
res.ContentLength = -1
|
res.ContentLength = -1
|
||||||
|
@ -2452,7 +2455,10 @@ func (b transportResponseBody) Close() error {
|
||||||
select {
|
select {
|
||||||
case <-cs.donec:
|
case <-cs.donec:
|
||||||
case <-cs.ctx.Done():
|
case <-cs.ctx.Done():
|
||||||
return cs.ctx.Err()
|
// See golang/go#49366: The net/http package can cancel the
|
||||||
|
// request context after the response body is fully read.
|
||||||
|
// Don't treat this as an error.
|
||||||
|
return nil
|
||||||
case <-cs.reqCancel:
|
case <-cs.reqCancel:
|
||||||
return errRequestCanceled
|
return errRequestCanceled
|
||||||
}
|
}
|
||||||
|
|
|
@ -139,12 +139,8 @@ github.com/certifi/gocertifi
|
||||||
# github.com/coreos/go-oidc/v3 v3.0.0
|
# github.com/coreos/go-oidc/v3 v3.0.0
|
||||||
## explicit
|
## explicit
|
||||||
github.com/coreos/go-oidc/v3/oidc
|
github.com/coreos/go-oidc/v3/oidc
|
||||||
# github.com/creack/pty v1.1.18
|
|
||||||
## explicit
|
|
||||||
# github.com/davecgh/go-spew v1.1.1
|
# github.com/davecgh/go-spew v1.1.1
|
||||||
github.com/davecgh/go-spew/spew
|
github.com/davecgh/go-spew/spew
|
||||||
# github.com/docker/docker v20.10.14+incompatible
|
|
||||||
## explicit
|
|
||||||
# github.com/emirpasic/gods v1.12.0
|
# github.com/emirpasic/gods v1.12.0
|
||||||
github.com/emirpasic/gods/containers
|
github.com/emirpasic/gods/containers
|
||||||
github.com/emirpasic/gods/lists
|
github.com/emirpasic/gods/lists
|
||||||
|
@ -317,8 +313,6 @@ github.com/googleapis/gnostic/compiler
|
||||||
github.com/googleapis/gnostic/extensions
|
github.com/googleapis/gnostic/extensions
|
||||||
github.com/googleapis/gnostic/jsonschema
|
github.com/googleapis/gnostic/jsonschema
|
||||||
github.com/googleapis/gnostic/openapiv2
|
github.com/googleapis/gnostic/openapiv2
|
||||||
# github.com/gosimple/slug v1.12.0
|
|
||||||
## explicit
|
|
||||||
# github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
|
# github.com/grpc-ecosystem/go-grpc-middleware v1.3.0
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware
|
github.com/grpc-ecosystem/go-grpc-middleware
|
||||||
github.com/grpc-ecosystem/go-grpc-middleware/auth
|
github.com/grpc-ecosystem/go-grpc-middleware/auth
|
||||||
|
@ -354,8 +348,6 @@ github.com/imdario/mergo
|
||||||
github.com/inconshreveable/mousetrap
|
github.com/inconshreveable/mousetrap
|
||||||
# github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99
|
# github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99
|
||||||
github.com/jbenet/go-context/io
|
github.com/jbenet/go-context/io
|
||||||
# github.com/jedib0t/go-pretty/v6 v6.2.7
|
|
||||||
## explicit
|
|
||||||
# github.com/jmespath/go-jmespath v0.4.0
|
# github.com/jmespath/go-jmespath v0.4.0
|
||||||
github.com/jmespath/go-jmespath
|
github.com/jmespath/go-jmespath
|
||||||
# github.com/jmoiron/sqlx v1.3.4
|
# github.com/jmoiron/sqlx v1.3.4
|
||||||
|
@ -394,8 +386,6 @@ github.com/mattn/go-colorable
|
||||||
github.com/mattn/go-isatty
|
github.com/mattn/go-isatty
|
||||||
# github.com/mattn/go-runewidth v0.0.13
|
# github.com/mattn/go-runewidth v0.0.13
|
||||||
github.com/mattn/go-runewidth
|
github.com/mattn/go-runewidth
|
||||||
# github.com/mattn/go-tty v0.0.4
|
|
||||||
## explicit
|
|
||||||
# github.com/mitchellh/go-homedir v1.1.0
|
# github.com/mitchellh/go-homedir v1.1.0
|
||||||
github.com/mitchellh/go-homedir
|
github.com/mitchellh/go-homedir
|
||||||
# github.com/mitchellh/mapstructure v1.4.1
|
# github.com/mitchellh/mapstructure v1.4.1
|
||||||
|
@ -479,16 +469,12 @@ github.com/subosito/gotenv
|
||||||
# github.com/temoto/robotstxt v1.1.2
|
# github.com/temoto/robotstxt v1.1.2
|
||||||
## explicit
|
## explicit
|
||||||
github.com/temoto/robotstxt
|
github.com/temoto/robotstxt
|
||||||
# github.com/uber/jaeger-client-go v2.29.1+incompatible
|
|
||||||
## explicit
|
|
||||||
# github.com/vbauerster/mpb/v7 v7.0.2
|
# github.com/vbauerster/mpb/v7 v7.0.2
|
||||||
## explicit
|
## explicit
|
||||||
github.com/vbauerster/mpb/v7
|
github.com/vbauerster/mpb/v7
|
||||||
github.com/vbauerster/mpb/v7/cwriter
|
github.com/vbauerster/mpb/v7/cwriter
|
||||||
github.com/vbauerster/mpb/v7/decor
|
github.com/vbauerster/mpb/v7/decor
|
||||||
github.com/vbauerster/mpb/v7/internal
|
github.com/vbauerster/mpb/v7/internal
|
||||||
# github.com/vishvananda/netlink v1.1.0
|
|
||||||
## explicit
|
|
||||||
# github.com/xanzy/go-gitlab v0.50.4
|
# github.com/xanzy/go-gitlab v0.50.4
|
||||||
## explicit
|
## explicit
|
||||||
github.com/xanzy/go-gitlab
|
github.com/xanzy/go-gitlab
|
||||||
|
@ -557,14 +543,14 @@ go.temporal.io/sdk/worker
|
||||||
go.temporal.io/sdk/workflow
|
go.temporal.io/sdk/workflow
|
||||||
# go.uber.org/atomic v1.9.0
|
# go.uber.org/atomic v1.9.0
|
||||||
go.uber.org/atomic
|
go.uber.org/atomic
|
||||||
# golang.org/x/crypto v0.0.0-20210921155107-089bfa567519
|
# golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d
|
||||||
|
## explicit
|
||||||
golang.org/x/crypto/blowfish
|
golang.org/x/crypto/blowfish
|
||||||
golang.org/x/crypto/cast5
|
golang.org/x/crypto/cast5
|
||||||
golang.org/x/crypto/chacha20
|
golang.org/x/crypto/chacha20
|
||||||
golang.org/x/crypto/curve25519
|
golang.org/x/crypto/curve25519
|
||||||
golang.org/x/crypto/curve25519/internal/field
|
golang.org/x/crypto/curve25519/internal/field
|
||||||
golang.org/x/crypto/ed25519
|
golang.org/x/crypto/ed25519
|
||||||
golang.org/x/crypto/ed25519/internal/edwards25519
|
|
||||||
golang.org/x/crypto/internal/poly1305
|
golang.org/x/crypto/internal/poly1305
|
||||||
golang.org/x/crypto/internal/subtle
|
golang.org/x/crypto/internal/subtle
|
||||||
golang.org/x/crypto/openpgp
|
golang.org/x/crypto/openpgp
|
||||||
|
@ -584,7 +570,7 @@ golang.org/x/lint/golint
|
||||||
# golang.org/x/mod v0.4.2
|
# golang.org/x/mod v0.4.2
|
||||||
golang.org/x/mod/module
|
golang.org/x/mod/module
|
||||||
golang.org/x/mod/semver
|
golang.org/x/mod/semver
|
||||||
# golang.org/x/net v0.0.0-20211109214657-ef0fda0de508
|
# golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2
|
||||||
golang.org/x/net/context
|
golang.org/x/net/context
|
||||||
golang.org/x/net/context/ctxhttp
|
golang.org/x/net/context/ctxhttp
|
||||||
golang.org/x/net/html
|
golang.org/x/net/html
|
||||||
|
@ -641,7 +627,8 @@ golang.org/x/text/unicode/norm
|
||||||
golang.org/x/text/width
|
golang.org/x/text/width
|
||||||
# golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
|
# golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
|
||||||
golang.org/x/time/rate
|
golang.org/x/time/rate
|
||||||
# golang.org/x/tools v0.1.5
|
# golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2
|
||||||
|
## explicit
|
||||||
golang.org/x/tools/cmd/goimports
|
golang.org/x/tools/cmd/goimports
|
||||||
golang.org/x/tools/go/ast/astutil
|
golang.org/x/tools/go/ast/astutil
|
||||||
golang.org/x/tools/go/gcexportdata
|
golang.org/x/tools/go/gcexportdata
|
||||||
|
@ -994,8 +981,6 @@ k8s.io/client-go/util/workqueue
|
||||||
k8s.io/klog/v2
|
k8s.io/klog/v2
|
||||||
# k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9
|
# k8s.io/utils v0.0.0-20210707171843-4b05e18ac7d9
|
||||||
k8s.io/utils/integer
|
k8s.io/utils/integer
|
||||||
# kernel.org/pub/linux/libs/security/libcap/cap v1.2.64
|
|
||||||
## explicit
|
|
||||||
# peridot.resf.org/common v0.0.0-00010101000000-000000000000 => ./bazel-bin/proto/commonpb_go_proto_/peridot.resf.org/common
|
# peridot.resf.org/common v0.0.0-00010101000000-000000000000 => ./bazel-bin/proto/commonpb_go_proto_/peridot.resf.org/common
|
||||||
## explicit
|
## explicit
|
||||||
peridot.resf.org/common
|
peridot.resf.org/common
|
||||||
|
@ -1024,6 +1009,7 @@ sigs.k8s.io/structured-merge-diff/v4/typed
|
||||||
sigs.k8s.io/structured-merge-diff/v4/value
|
sigs.k8s.io/structured-merge-diff/v4/value
|
||||||
# sigs.k8s.io/yaml v1.2.0
|
# sigs.k8s.io/yaml v1.2.0
|
||||||
sigs.k8s.io/yaml
|
sigs.k8s.io/yaml
|
||||||
|
# github.com/dgrijalva/jwt-go v3.2.0+incompatible => github.com/golang-jwt/jwt/v4 v4.4.2
|
||||||
# bazel.build/protobuf => ./bazel-bin/build/bazel/protobuf/bazelbuild_go_proto_/bazel.build/protobuf
|
# bazel.build/protobuf => ./bazel-bin/build/bazel/protobuf/bazelbuild_go_proto_/bazel.build/protobuf
|
||||||
# bazel.build/remote/execution/v2 => ./bazel-bin/build/bazel/remote/execution/v2/remoteexecution_go_proto_/bazel.build/remote/execution/v2
|
# bazel.build/remote/execution/v2 => ./bazel-bin/build/bazel/remote/execution/v2/remoteexecution_go_proto_/bazel.build/remote/execution/v2
|
||||||
# bazel.build/semver => ./bazel-bin/build/bazel/semver/semver_go_proto_/bazel.build/semver
|
# bazel.build/semver => ./bazel-bin/build/bazel/semver/semver_go_proto_/bazel.build/semver
|
||||||
|
|
Loading…
Reference in New Issue