dep: update crypto. info: https://golangtutorial.dev/news/fix-in-crypto-package/ (#14067)
Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
parent
f3c4baa84b
commit
e0a84d7880
2
go.mod
2
go.mod
|
@ -107,7 +107,7 @@ require (
|
||||||
github.com/yuin/goldmark-meta v1.0.0
|
github.com/yuin/goldmark-meta v1.0.0
|
||||||
go.jolheiser.com/hcaptcha v0.0.4
|
go.jolheiser.com/hcaptcha v0.0.4
|
||||||
go.jolheiser.com/pwn v0.0.3
|
go.jolheiser.com/pwn v0.0.3
|
||||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897
|
golang.org/x/crypto v0.0.0-20201217014255-9d1352758620
|
||||||
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102
|
golang.org/x/net v0.0.0-20201031054903-ff519b6c9102
|
||||||
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43
|
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43
|
||||||
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f
|
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -1178,6 +1178,8 @@ golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a h1:vclmkQCjlDX5OydZ9wv8rB
|
||||||
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
|
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E=
|
||||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
|
golang.org/x/crypto v0.0.0-20201217014255-9d1352758620 h1:3wPMTskHO3+O6jqTEXyFcsnuxMQOqYSaHsDxcbUXpqA=
|
||||||
|
golang.org/x/crypto v0.0.0-20201217014255-9d1352758620/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
|
||||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||||
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
|
||||||
|
@ -1348,6 +1350,8 @@ golang.org/x/sys v0.0.0-20201015000850-e3ed0017c211 h1:9UQO31fZ+0aKQOFldThf7BKPM
|
||||||
golang.org/x/sys v0.0.0-20201015000850-e3ed0017c211/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201015000850-e3ed0017c211/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f h1:QdHQnPce6K4XQewki9WNbG5KOROuDzqO3NaYjI1cXJ0=
|
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f h1:QdHQnPce6K4XQewki9WNbG5KOROuDzqO3NaYjI1cXJ0=
|
||||||
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20201211090839-8ad439b19e0f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221 h1:/ZHdbVpdR/jk3g30/d4yUL0JU9kksj8+F/bnQUVLGDM=
|
||||||
|
golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
|
||||||
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
|
|
@ -363,6 +363,10 @@ func AcceptTOS(tosURL string) bool { return true }
|
||||||
// Also see Error's Instance field for when a CA requires already registered accounts to agree
|
// Also see Error's Instance field for when a CA requires already registered accounts to agree
|
||||||
// to an updated Terms of Service.
|
// to an updated Terms of Service.
|
||||||
func (c *Client) Register(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
func (c *Client) Register(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
||||||
|
if c.Key == nil {
|
||||||
|
return nil, errors.New("acme: client.Key must be set to Register")
|
||||||
|
}
|
||||||
|
|
||||||
dir, err := c.Discover(ctx)
|
dir, err := c.Discover(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
@ -7,17 +7,31 @@ package acme
|
||||||
import (
|
import (
|
||||||
"crypto"
|
"crypto"
|
||||||
"crypto/ecdsa"
|
"crypto/ecdsa"
|
||||||
|
"crypto/hmac"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
|
"crypto/sha512"
|
||||||
_ "crypto/sha512" // need for EC keys
|
_ "crypto/sha512" // need for EC keys
|
||||||
"encoding/asn1"
|
"encoding/asn1"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"hash"
|
||||||
"math/big"
|
"math/big"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// MACAlgorithm represents a JWS MAC signature algorithm.
|
||||||
|
// See https://tools.ietf.org/html/rfc7518#section-3.1 for more details.
|
||||||
|
type MACAlgorithm string
|
||||||
|
|
||||||
|
const (
|
||||||
|
MACAlgorithmHS256 = MACAlgorithm("HS256")
|
||||||
|
MACAlgorithmHS384 = MACAlgorithm("HS384")
|
||||||
|
MACAlgorithmHS512 = MACAlgorithm("HS512")
|
||||||
|
)
|
||||||
|
|
||||||
// keyID is the account identity provided by a CA during registration.
|
// keyID is the account identity provided by a CA during registration.
|
||||||
type keyID string
|
type keyID string
|
||||||
|
|
||||||
|
@ -31,6 +45,14 @@ const noKeyID = keyID("")
|
||||||
// See https://tools.ietf.org/html/rfc8555#section-6.3 for more details.
|
// See https://tools.ietf.org/html/rfc8555#section-6.3 for more details.
|
||||||
const noPayload = ""
|
const noPayload = ""
|
||||||
|
|
||||||
|
// jsonWebSignature can be easily serialized into a JWS following
|
||||||
|
// https://tools.ietf.org/html/rfc7515#section-3.2.
|
||||||
|
type jsonWebSignature struct {
|
||||||
|
Protected string `json:"protected"`
|
||||||
|
Payload string `json:"payload"`
|
||||||
|
Sig string `json:"signature"`
|
||||||
|
}
|
||||||
|
|
||||||
// jwsEncodeJSON signs claimset using provided key and a nonce.
|
// jwsEncodeJSON signs claimset using provided key and a nonce.
|
||||||
// The result is serialized in JSON format containing either kid or jwk
|
// The result is serialized in JSON format containing either kid or jwk
|
||||||
// fields based on the provided keyID value.
|
// fields based on the provided keyID value.
|
||||||
|
@ -71,12 +93,7 @@ func jwsEncodeJSON(claimset interface{}, key crypto.Signer, kid keyID, nonce, ur
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
enc := jsonWebSignature{
|
||||||
enc := struct {
|
|
||||||
Protected string `json:"protected"`
|
|
||||||
Payload string `json:"payload"`
|
|
||||||
Sig string `json:"signature"`
|
|
||||||
}{
|
|
||||||
Protected: phead,
|
Protected: phead,
|
||||||
Payload: payload,
|
Payload: payload,
|
||||||
Sig: base64.RawURLEncoding.EncodeToString(sig),
|
Sig: base64.RawURLEncoding.EncodeToString(sig),
|
||||||
|
@ -84,6 +101,32 @@ func jwsEncodeJSON(claimset interface{}, key crypto.Signer, kid keyID, nonce, ur
|
||||||
return json.Marshal(&enc)
|
return json.Marshal(&enc)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// jwsWithMAC creates and signs a JWS using the given key and algorithm.
|
||||||
|
// "rawProtected" and "rawPayload" should not be base64-URL-encoded.
|
||||||
|
func jwsWithMAC(key []byte, alg MACAlgorithm, rawProtected, rawPayload []byte) (*jsonWebSignature, error) {
|
||||||
|
if len(key) == 0 {
|
||||||
|
return nil, errors.New("acme: cannot sign JWS with an empty MAC key")
|
||||||
|
}
|
||||||
|
protected := base64.RawURLEncoding.EncodeToString(rawProtected)
|
||||||
|
payload := base64.RawURLEncoding.EncodeToString(rawPayload)
|
||||||
|
|
||||||
|
// Only HMACs are currently supported.
|
||||||
|
hmac, err := newHMAC(key, alg)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if _, err := hmac.Write([]byte(protected + "." + payload)); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
mac := hmac.Sum(nil)
|
||||||
|
|
||||||
|
return &jsonWebSignature{
|
||||||
|
Protected: protected,
|
||||||
|
Payload: payload,
|
||||||
|
Sig: base64.RawURLEncoding.EncodeToString(mac),
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
// jwkEncode encodes public part of an RSA or ECDSA key into a JWK.
|
// jwkEncode encodes public part of an RSA or ECDSA key into a JWK.
|
||||||
// The result is also suitable for creating a JWK thumbprint.
|
// The result is also suitable for creating a JWK thumbprint.
|
||||||
// https://tools.ietf.org/html/rfc7517
|
// https://tools.ietf.org/html/rfc7517
|
||||||
|
@ -175,6 +218,20 @@ func jwsHasher(pub crypto.PublicKey) (string, crypto.Hash) {
|
||||||
return "", 0
|
return "", 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// newHMAC returns an appropriate HMAC for the given MACAlgorithm.
|
||||||
|
func newHMAC(key []byte, alg MACAlgorithm) (hash.Hash, error) {
|
||||||
|
switch alg {
|
||||||
|
case MACAlgorithmHS256:
|
||||||
|
return hmac.New(sha256.New, key), nil
|
||||||
|
case MACAlgorithmHS384:
|
||||||
|
return hmac.New(sha512.New384, key), nil
|
||||||
|
case MACAlgorithmHS512:
|
||||||
|
return hmac.New(sha512.New, key), nil
|
||||||
|
default:
|
||||||
|
return nil, fmt.Errorf("acme: unsupported MAC algorithm: %v", alg)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// JWKThumbprint creates a JWK thumbprint out of pub
|
// JWKThumbprint creates a JWK thumbprint out of pub
|
||||||
// as specified in https://tools.ietf.org/html/rfc7638.
|
// as specified in https://tools.ietf.org/html/rfc7638.
|
||||||
func JWKThumbprint(pub crypto.PublicKey) (string, error) {
|
func JWKThumbprint(pub crypto.PublicKey) (string, error) {
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
package acme
|
package acme
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"context"
|
"context"
|
||||||
"crypto"
|
"crypto"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
|
@ -37,9 +38,8 @@ func (c *Client) DeactivateReg(ctx context.Context) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// registerRFC is quivalent to c.Register but for CAs implementing RFC 8555.
|
// registerRFC is equivalent to c.Register but for CAs implementing RFC 8555.
|
||||||
// It expects c.Discover to have already been called.
|
// It expects c.Discover to have already been called.
|
||||||
// TODO: Implement externalAccountBinding.
|
|
||||||
func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
||||||
c.cacheMu.Lock() // guard c.kid access
|
c.cacheMu.Lock() // guard c.kid access
|
||||||
defer c.cacheMu.Unlock()
|
defer c.cacheMu.Unlock()
|
||||||
|
@ -47,12 +47,23 @@ func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tos
|
||||||
req := struct {
|
req := struct {
|
||||||
TermsAgreed bool `json:"termsOfServiceAgreed,omitempty"`
|
TermsAgreed bool `json:"termsOfServiceAgreed,omitempty"`
|
||||||
Contact []string `json:"contact,omitempty"`
|
Contact []string `json:"contact,omitempty"`
|
||||||
|
ExternalAccountBinding *jsonWebSignature `json:"externalAccountBinding,omitempty"`
|
||||||
}{
|
}{
|
||||||
Contact: acct.Contact,
|
Contact: acct.Contact,
|
||||||
}
|
}
|
||||||
if c.dir.Terms != "" {
|
if c.dir.Terms != "" {
|
||||||
req.TermsAgreed = prompt(c.dir.Terms)
|
req.TermsAgreed = prompt(c.dir.Terms)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// set 'externalAccountBinding' field if requested
|
||||||
|
if acct.ExternalAccountBinding != nil {
|
||||||
|
eabJWS, err := c.encodeExternalAccountBinding(acct.ExternalAccountBinding)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("acme: failed to encode external account binding: %v", err)
|
||||||
|
}
|
||||||
|
req.ExternalAccountBinding = eabJWS
|
||||||
|
}
|
||||||
|
|
||||||
res, err := c.post(ctx, c.Key, c.dir.RegURL, req, wantStatus(
|
res, err := c.post(ctx, c.Key, c.dir.RegURL, req, wantStatus(
|
||||||
http.StatusOK, // account with this key already registered
|
http.StatusOK, // account with this key already registered
|
||||||
http.StatusCreated, // new account created
|
http.StatusCreated, // new account created
|
||||||
|
@ -75,7 +86,19 @@ func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tos
|
||||||
return a, nil
|
return a, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// updateGegRFC is equivalent to c.UpdateReg but for CAs implementing RFC 8555.
|
// encodeExternalAccountBinding will encode an external account binding stanza
|
||||||
|
// as described in https://tools.ietf.org/html/rfc8555#section-7.3.4.
|
||||||
|
func (c *Client) encodeExternalAccountBinding(eab *ExternalAccountBinding) (*jsonWebSignature, error) {
|
||||||
|
jwk, err := jwkEncode(c.Key.Public())
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
var rProtected bytes.Buffer
|
||||||
|
fmt.Fprintf(&rProtected, `{"alg":%q,"kid":%q,"url":%q}`, eab.Algorithm, eab.KID, c.dir.RegURL)
|
||||||
|
return jwsWithMAC(eab.Key, eab.Algorithm, rProtected.Bytes(), []byte(jwk))
|
||||||
|
}
|
||||||
|
|
||||||
|
// updateRegRFC is equivalent to c.UpdateReg but for CAs implementing RFC 8555.
|
||||||
// It expects c.Discover to have already been called.
|
// It expects c.Discover to have already been called.
|
||||||
func (c *Client) updateRegRFC(ctx context.Context, a *Account) (*Account, error) {
|
func (c *Client) updateRegRFC(ctx context.Context, a *Account) (*Account, error) {
|
||||||
url := string(c.accountKID(ctx))
|
url := string(c.accountKID(ctx))
|
||||||
|
|
|
@ -199,6 +199,31 @@ type Account struct {
|
||||||
//
|
//
|
||||||
// It is non-RFC 8555 compliant and is obsoleted by OrdersURL.
|
// It is non-RFC 8555 compliant and is obsoleted by OrdersURL.
|
||||||
Certificates string
|
Certificates string
|
||||||
|
|
||||||
|
// ExternalAccountBinding represents an arbitrary binding to an account of
|
||||||
|
// the CA which the ACME server is tied to.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-7.3.4 for more details.
|
||||||
|
ExternalAccountBinding *ExternalAccountBinding
|
||||||
|
}
|
||||||
|
|
||||||
|
// ExternalAccountBinding contains the data needed to form a request with
|
||||||
|
// an external account binding.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-7.3.4 for more details.
|
||||||
|
type ExternalAccountBinding struct {
|
||||||
|
// KID is the Key ID of the symmetric MAC key that the CA provides to
|
||||||
|
// identify an external account from ACME.
|
||||||
|
KID string
|
||||||
|
|
||||||
|
// Key is the bytes of the symmetric key that the CA provides to identify
|
||||||
|
// the account. Key must correspond to the KID.
|
||||||
|
Key []byte
|
||||||
|
|
||||||
|
// Algorithm used to sign the JWS.
|
||||||
|
Algorithm MACAlgorithm
|
||||||
|
}
|
||||||
|
|
||||||
|
func (e *ExternalAccountBinding) String() string {
|
||||||
|
return fmt.Sprintf("&{KID: %q, Key: redacted, Algorithm: %v}", e.KID, e.Algorithm)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Directory is ACME server discovery data.
|
// Directory is ACME server discovery data.
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build amd64,!gccgo,!appengine
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
package argon2
|
package argon2
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build amd64,!gccgo,!appengine
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !amd64 appengine gccgo
|
// +build !amd64 purego !gc
|
||||||
|
|
||||||
package argon2
|
package argon2
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build go1.7,amd64,!gccgo,!appengine
|
// +build go1.7,amd64,gc,!purego
|
||||||
|
|
||||||
package blake2b
|
package blake2b
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build go1.7,amd64,!gccgo,!appengine
|
// +build go1.7,amd64,gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !go1.7,amd64,!gccgo,!appengine
|
// +build !go1.7,amd64,gc,!purego
|
||||||
|
|
||||||
package blake2b
|
package blake2b
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build amd64,!gccgo,!appengine
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !amd64 appengine gccgo
|
// +build !amd64 purego !gc
|
||||||
|
|
||||||
package blake2b
|
package blake2b
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build go1.11,!gccgo,!purego
|
// +build go1.11,gc,!purego
|
||||||
|
|
||||||
package chacha20
|
package chacha20
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build go1.11,!gccgo,!purego
|
// +build go1.11,gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !arm64,!s390x,!ppc64le arm64,!go1.11 gccgo purego
|
// +build !arm64,!s390x,!ppc64le arm64,!go1.11 !gc purego
|
||||||
|
|
||||||
package chacha20
|
package chacha20
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
package chacha20
|
package chacha20
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
// The differences in this and the original implementation are
|
// The differences in this and the original implementation are
|
||||||
// due to the calling conventions and initialization of constants.
|
// due to the calling conventions and initialization of constants.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
package chacha20
|
package chacha20
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
#include "go_asm.h"
|
#include "go_asm.h"
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build amd64,!gccgo,!appengine,!purego
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
package curve25519
|
package curve25519
|
||||||
|
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
// This code was translated into a form compatible with 6a from the public
|
// This code was translated into a form compatible with 6a from the public
|
||||||
// domain sources in SUPERCOP: https://bench.cr.yp.to/supercop.html
|
// domain sources in SUPERCOP: https://bench.cr.yp.to/supercop.html
|
||||||
|
|
||||||
// +build amd64,!gccgo,!appengine,!purego
|
// +build amd64,gc,!purego
|
||||||
|
|
||||||
#define REDMASK51 0x0007FFFFFFFFFFFF
|
#define REDMASK51 0x0007FFFFFFFFFFFF
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !amd64 gccgo appengine purego
|
// +build !amd64 !gc purego
|
||||||
|
|
||||||
package curve25519
|
package curve25519
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !appengine
|
// +build !purego
|
||||||
|
|
||||||
// Package subtle implements functions that are often useful in cryptographic
|
// Package subtle implements functions that are often useful in cryptographic
|
||||||
// code but require careful thought to use correctly.
|
// code but require careful thought to use correctly.
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build appengine
|
// +build purego
|
||||||
|
|
||||||
// Package subtle implements functions that are often useful in cryptographic
|
// Package subtle implements functions that are often useful in cryptographic
|
||||||
// code but require careful thought to use correctly.
|
// code but require careful thought to use correctly.
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !amd64,!ppc64le,!s390x gccgo purego
|
// +build !amd64,!ppc64le,!s390x !gc purego
|
||||||
|
|
||||||
package poly1305
|
package poly1305
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
package poly1305
|
package poly1305
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
package poly1305
|
package poly1305
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
package poly1305
|
package poly1305
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
// Use of this source code is governed by a BSD-style
|
// Use of this source code is governed by a BSD-style
|
||||||
// license that can be found in the LICENSE file.
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
// +build !gccgo,!purego
|
// +build gc,!purego
|
||||||
|
|
||||||
#include "textflag.h"
|
#include "textflag.h"
|
||||||
|
|
||||||
|
|
|
@ -572,6 +572,10 @@ userAuthLoop:
|
||||||
perms = candidate.perms
|
perms = candidate.perms
|
||||||
}
|
}
|
||||||
case "gssapi-with-mic":
|
case "gssapi-with-mic":
|
||||||
|
if config.GSSAPIWithMICConfig == nil {
|
||||||
|
authErr = errors.New("ssh: gssapi-with-mic auth not configured")
|
||||||
|
break
|
||||||
|
}
|
||||||
gssapiConfig := config.GSSAPIWithMICConfig
|
gssapiConfig := config.GSSAPIWithMICConfig
|
||||||
userAuthRequestGSSAPI, err := parseGSSAPIPayload(userAuthReq.Payload)
|
userAuthRequestGSSAPI, err := parseGSSAPIPayload(userAuthReq.Payload)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
@ -799,7 +799,7 @@ go.mongodb.org/mongo-driver/bson/bsonrw
|
||||||
go.mongodb.org/mongo-driver/bson/bsontype
|
go.mongodb.org/mongo-driver/bson/bsontype
|
||||||
go.mongodb.org/mongo-driver/bson/primitive
|
go.mongodb.org/mongo-driver/bson/primitive
|
||||||
go.mongodb.org/mongo-driver/x/bsonx/bsoncore
|
go.mongodb.org/mongo-driver/x/bsonx/bsoncore
|
||||||
# golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897
|
# golang.org/x/crypto v0.0.0-20201217014255-9d1352758620
|
||||||
## explicit
|
## explicit
|
||||||
golang.org/x/crypto/acme
|
golang.org/x/crypto/acme
|
||||||
golang.org/x/crypto/acme/autocert
|
golang.org/x/crypto/acme/autocert
|
||||||
|
|
Loading…
Reference in New Issue