From 10f4b86039628091637dd4b5c6ac3e7e98016851 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Mar 2023 05:33:51 +0000 Subject: [PATCH 1/2] Bump mellium.im/sasl from 0.2.1 to 0.3.1 Bumps mellium.im/sasl from 0.2.1 to 0.3.1. --- updated-dependencies: - dependency-name: mellium.im/sasl dependency-type: indirect ... Signed-off-by: dependabot[bot] --- go.mod | 4 +- go.sum | 23 +--- vendor/mellium.im/sasl/CHANGELOG.md | 28 +++++ vendor/mellium.im/sasl/DCO | 37 ++++++ .../mellium.im/sasl/{LICENSE.md => LICENSE} | 2 - vendor/mellium.im/sasl/Makefile | 20 ---- vendor/mellium.im/sasl/README.md | 13 +-- .../mellium.im/sasl/bitbucket-pipelines.yml | 10 -- vendor/mellium.im/sasl/doc.go | 4 +- vendor/mellium.im/sasl/mechanism.go | 23 ++-- vendor/mellium.im/sasl/negotiator.go | 16 ++- vendor/mellium.im/sasl/nonce.go | 4 +- vendor/mellium.im/sasl/options.go | 12 +- vendor/mellium.im/sasl/plain.go | 4 +- vendor/mellium.im/sasl/scram.go | 107 ++++++++++++++---- vendor/mellium.im/sasl/xor.go | 26 +++++ vendor/mellium.im/sasl/xor_amd64.go | 10 ++ vendor/mellium.im/sasl/xor_amd64.s | 56 +++++++++ vendor/mellium.im/sasl/xor_arm64.go | 10 ++ vendor/mellium.im/sasl/xor_arm64.s | 69 +++++++++++ vendor/mellium.im/sasl/xor_generic.go | 60 +++++++--- vendor/mellium.im/sasl/xor_go.go | 15 +++ vendor/mellium.im/sasl/xor_ppc64x.go | 10 ++ vendor/mellium.im/sasl/xor_ppc64x.s | 87 ++++++++++++++ vendor/mellium.im/sasl/xor_unaligned.go | 52 --------- vendor/modules.txt | 4 +- 26 files changed, 530 insertions(+), 176 deletions(-) create mode 100644 vendor/mellium.im/sasl/CHANGELOG.md create mode 100644 vendor/mellium.im/sasl/DCO rename vendor/mellium.im/sasl/{LICENSE.md => LICENSE} (97%) delete mode 100644 vendor/mellium.im/sasl/Makefile delete mode 100644 vendor/mellium.im/sasl/bitbucket-pipelines.yml create mode 100644 vendor/mellium.im/sasl/xor.go create mode 100644 vendor/mellium.im/sasl/xor_amd64.go create mode 100644 vendor/mellium.im/sasl/xor_amd64.s create mode 100644 vendor/mellium.im/sasl/xor_arm64.go create mode 100644 vendor/mellium.im/sasl/xor_arm64.s create mode 100644 vendor/mellium.im/sasl/xor_go.go create mode 100644 vendor/mellium.im/sasl/xor_ppc64x.go create mode 100644 vendor/mellium.im/sasl/xor_ppc64x.s delete mode 100644 vendor/mellium.im/sasl/xor_unaligned.go diff --git a/go.mod b/go.mod index f719615..177c153 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,6 @@ require ( github.com/go-pg/pg/v10 v10.10.6 github.com/google/wire v0.5.0 github.com/gorilla/mux v1.8.0 - github.com/nats-io/nats.go v1.19.0 go.uber.org/zap v1.21.0 gopkg.in/src-d/go-git.v4 v4.13.1 ) @@ -20,6 +19,7 @@ require ( github.com/klauspost/compress v1.14.4 // indirect github.com/minio/highwayhash v1.0.2 // indirect github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a // indirect + github.com/nats-io/nats.go v1.19.0 // indirect github.com/nats-io/nkeys v0.3.0 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/pkg/errors v0.9.1 // indirect @@ -38,7 +38,7 @@ require ( golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - mellium.im/sasl v0.2.1 // indirect + mellium.im/sasl v0.3.1 // indirect ) require ( diff --git a/go.sum b/go.sum index 9ecd2eb..57e2c08 100644 --- a/go.sum +++ b/go.sum @@ -100,24 +100,6 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/devtron-labs/common-lib v0.0.0-20221028123910-ac349a64526a h1:g2S75h+OAXXN5SGsdxxCfmKZXJFGUKTNtPaUW5Gp9ck= -github.com/devtron-labs/common-lib v0.0.0-20221028123910-ac349a64526a/go.mod h1:wDldcLG0CzfnxCBEXeitEkYF9bk62yG+HLGqQg6VZ4o= -github.com/devtron-labs/common-lib v0.0.0-20221111092855-6dae5a34a041 h1:4yQ7v/fC39TzKzcn24CHzB8XL2wl3JFhsJ1VsXiTjXQ= -github.com/devtron-labs/common-lib v0.0.0-20221111092855-6dae5a34a041/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221111102018-8cffc22d80e3 h1:wswsi1r6tDtmycUaUGGUtoUNbKvQyJByKyxiDm+o9Lw= -github.com/devtron-labs/common-lib v0.0.0-20221111102018-8cffc22d80e3/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221117072858-bd2f19e16dd2 h1:dEtjnQqSWGCl4sIWYvsBsJuBLfmVV2kw1OyuBpkAp64= -github.com/devtron-labs/common-lib v0.0.0-20221117072858-bd2f19e16dd2/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221126093411-794588b004ea h1:cJWdGd6bXNGqt7yWjsIhV3mHcnhe2T3s3e7hKOgK2iU= -github.com/devtron-labs/common-lib v0.0.0-20221126093411-794588b004ea/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221130083108-d35a1c63675b h1:Z9tehff98lhxdX9Z7ggdBuFzrCNacr4hIjdNCRubVt8= -github.com/devtron-labs/common-lib v0.0.0-20221130083108-d35a1c63675b/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221130123535-dff66e51a956 h1:Zu01gsCYzkiYqGWz4QX0SmtXuhzXouPvXmspGi7GsJA= -github.com/devtron-labs/common-lib v0.0.0-20221130123535-dff66e51a956/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221208044859-269008fed09b h1:yGXerrqwyjPIr62q1RadJh6MYH3vG6T9nChH+yOJnnA= -github.com/devtron-labs/common-lib v0.0.0-20221208044859-269008fed09b/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221226122002-9dbeb177a7ef h1:Ni2j6uiaSUbwEwYQgHl7EOfT03ez/xWuSpkSQgB4K/Y= -github.com/devtron-labs/common-lib v0.0.0-20221226122002-9dbeb177a7ef/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= github.com/devtron-labs/common-lib v0.0.0-20230109070754-ff4dca200a2c h1:jz7yPUlIJXFg9AvJh2fb0QW7JT6+RKj8LOl1mWM/HQA= github.com/devtron-labs/common-lib v0.0.0-20230109070754-ff4dca200a2c/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= @@ -270,7 +252,6 @@ github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a h1:lem6QCvxR0Y28g github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k= github.com/nats-io/nats-server/v2 v2.8.4 h1:0jQzze1T9mECg8YZEl8+WYUXb9JKluJfCBriPUtluB4= github.com/nats-io/nats-server/v2 v2.8.4/go.mod h1:8zZa+Al3WsESfmgSs98Fi06dRWLH5Bnq90m5bKD/eT4= -github.com/nats-io/nats.go v1.15.0 h1:3IXNBolWrwIUf2soxh6Rla8gPzYWEZQBUBK6RV21s+o= github.com/nats-io/nats.go v1.15.0/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w= github.com/nats-io/nats.go v1.19.0 h1:H6j8aBnTQFoVrTGB6Xjd903UMdE7jz6DS4YkmAqgZ9Q= github.com/nats-io/nats.go v1.19.0/go.mod h1:tLqubohF7t4z3du1QDPYJIQQyhb4wl6DhjxEajSI7UA= @@ -354,6 +335,7 @@ go.uber.org/zap v1.21.0/go.mod h1:wjWOCqI0f2ZZrJF/UufIOkiC8ii6tm1iqIsLo76RfJw= golang.org/x/crypto v0.0.0-20180910181607-0e37d006457b/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= @@ -841,8 +823,9 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -mellium.im/sasl v0.2.1 h1:nspKSRg7/SyO0cRGY71OkfHab8tf9kCts6a6oTDut0w= mellium.im/sasl v0.2.1/go.mod h1:ROaEDLQNuf9vjKqE1SrAfnsobm2YKXT1gnN1uDp1PjQ= +mellium.im/sasl v0.3.1 h1:wE0LW6g7U83vhvxjC1IY8DnXM+EU095yeo8XClvCdfo= +mellium.im/sasl v0.3.1/go.mod h1:xm59PUYpZHhgQ9ZqoJ5QaCqzWMi8IeS49dhp6plPCzw= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/mellium.im/sasl/CHANGELOG.md b/vendor/mellium.im/sasl/CHANGELOG.md new file mode 100644 index 0000000..f5eab4d --- /dev/null +++ b/vendor/mellium.im/sasl/CHANGELOG.md @@ -0,0 +1,28 @@ +# Changelog + +All notable changes to this project will be documented in this file. + + +## v0.3.1 — 2022-12-28 + +### Fixed + +- Sometimes the nonce was not set on the SASL state machine, resulting in + authentication failing + + +## v0.3.0 — 2022-08-15 + +### Added + +- Support for tls-exporter channel binding method as defined in [RFC 9266] +- Support for fast XOR using SIMD/VSX on more architectures + + +### Fixed + +- Return an error if no tls-unique channel binding (CB) data is present in the + TLS connection state (or no connection state exists) and we use SCRAM with CB + + +[RFC 9266]: https://datatracker.ietf.org/doc/html/rfc9266 diff --git a/vendor/mellium.im/sasl/DCO b/vendor/mellium.im/sasl/DCO new file mode 100644 index 0000000..8201f99 --- /dev/null +++ b/vendor/mellium.im/sasl/DCO @@ -0,0 +1,37 @@ +Developer Certificate of Origin +Version 1.1 + +Copyright (C) 2004, 2006 The Linux Foundation and its contributors. +1 Letterman Drive +Suite D4700 +San Francisco, CA, 94129 + +Everyone is permitted to copy and distribute verbatim copies of this +license document, but changing it is not allowed. + + +Developer's Certificate of Origin 1.1 + +By making a contribution to this project, I certify that: + +(a) The contribution was created in whole or in part by me and I + have the right to submit it under the open source license + indicated in the file; or + +(b) The contribution is based upon previous work that, to the best + of my knowledge, is covered under an appropriate open source + license and I have the right under that license to submit that + work with modifications, whether created in whole or in part + by me, under the same open source license (unless I am + permitted to submit under a different license), as indicated + in the file; or + +(c) The contribution was provided directly to me by some other + person who certified (a), (b) or (c) and I have not modified + it. + +(d) I understand and agree that this project and the contribution + are public and that a record of the contribution (including all + personal information I submit with it, including my sign-off) is + maintained indefinitely and may be redistributed consistent with + this project or the open source license(s) involved. diff --git a/vendor/mellium.im/sasl/LICENSE.md b/vendor/mellium.im/sasl/LICENSE similarity index 97% rename from vendor/mellium.im/sasl/LICENSE.md rename to vendor/mellium.im/sasl/LICENSE index a4d3c2a..08ed8f4 100644 --- a/vendor/mellium.im/sasl/LICENSE.md +++ b/vendor/mellium.im/sasl/LICENSE @@ -1,5 +1,3 @@ -## The BSD 2-Clause License - Copyright © 2014 The Mellium Contributors. All rights reserved. diff --git a/vendor/mellium.im/sasl/Makefile b/vendor/mellium.im/sasl/Makefile deleted file mode 100644 index 01de94b..0000000 --- a/vendor/mellium.im/sasl/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -PACKAGES=$$(go list ./... | grep -v '/vendor/') - -.PHONEY: test -test: - go test -cover $(PACKAGES) - -.PHONEY: bench -bench: - go test -cover -bench . -benchmem -run 'Benchmark.*' $(PACKAGES) - -.PHONEY: vet -vet: - go vet $(PACKAGES) - -deps.svg: *.go - ( echo "digraph G {"; \ - go list -f '{{range .Imports}}{{printf "\t%q -> %q;\n" $$.ImportPath .}}{{end}}' \ - $$(go list -f '{{join .Deps " "}}' .) .; \ - echo "}"; \ - ) | dot -Tsvg -o $@ diff --git a/vendor/mellium.im/sasl/README.md b/vendor/mellium.im/sasl/README.md index 2c5845a..af6983c 100644 --- a/vendor/mellium.im/sasl/README.md +++ b/vendor/mellium.im/sasl/README.md @@ -1,22 +1,21 @@ # SASL -[![GoDoc](https://godoc.org/mellium.im/sasl?status.svg)](https://godoc.org/mellium.im/sasl) +[![Issue Tracker][badge]](https://mellium.im/issue) +[![Docs](https://pkg.go.dev/badge/mellium.im/sasl)](https://pkg.go.dev/mellium.im/sasl) +[![Chat](https://img.shields.io/badge/XMPP-users@mellium.chat-orange.svg)](https://mellium.chat) [![License](https://img.shields.io/badge/license-FreeBSD-blue.svg)](https://opensource.org/licenses/BSD-2-Clause) -[![Buy Me A Coffee](https://www.buymeacoffee.com/assets/img/custom_images/purple_img.png)](https://www.buymeacoffee.com/samwhited) + A Go library implementing the Simple Authentication and Security Layer (SASL) as defined by [RFC 4422][rfc4422]. -## Issues and feature requests - -To file a bug report, please use the [issue tracker][issues]. ## License The package may be used under the terms of the BSD 2-Clause License a copy of which may be found in the file [LICENSE.md][LICENSE]. +[badge]: https://img.shields.io/badge/style-mellium%2fxmpp-green.svg?longCache=true&style=popout-square&label=issues [rfc4422]: https://tools.ietf.org/html/rfc4422 -[issues]: https://bitbucket.org/mellium/sasl/issues?status=new&status=open -[LICENSE]: ./LICENSE.md +[LICENSE]: https://codeberg.org/mellium/xmpp/src/branch/main/LICENSE diff --git a/vendor/mellium.im/sasl/bitbucket-pipelines.yml b/vendor/mellium.im/sasl/bitbucket-pipelines.yml deleted file mode 100644 index cd90ef0..0000000 --- a/vendor/mellium.im/sasl/bitbucket-pipelines.yml +++ /dev/null @@ -1,10 +0,0 @@ -image: golang:latest -pipelines: - default: - - step: - script: - - go version - - go vet ./... - - go test -race ./... - - go test -cover ./... - - go test -bench . -benchmem ./... diff --git a/vendor/mellium.im/sasl/doc.go b/vendor/mellium.im/sasl/doc.go index 9e7b722..a725cb5 100644 --- a/vendor/mellium.im/sasl/doc.go +++ b/vendor/mellium.im/sasl/doc.go @@ -1,6 +1,6 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. // Package sasl implements the Simple Authentication and Security Layer (SASL) // as defined by RFC 4422. diff --git a/vendor/mellium.im/sasl/mechanism.go b/vendor/mellium.im/sasl/mechanism.go index 7cf166d..d8bbc5a 100644 --- a/vendor/mellium.im/sasl/mechanism.go +++ b/vendor/mellium.im/sasl/mechanism.go @@ -1,10 +1,11 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl import ( + /* #nosec */ "crypto/sha1" "crypto/sha256" "errors" @@ -12,10 +13,10 @@ import ( // Define common errors used by SASL mechanisms and negotiators. var ( - ErrInvalidState = errors.New("Invalid state") - ErrInvalidChallenge = errors.New("Invalid or missing challenge") - ErrAuthn = errors.New("Authentication error") - ErrTooManySteps = errors.New("Step called too many times") + ErrInvalidState = errors.New("invalid state") + ErrInvalidChallenge = errors.New("invalid or missing challenge") + ErrAuthn = errors.New("authentication error") + ErrTooManySteps = errors.New("step called too many times") ) var ( @@ -24,8 +25,9 @@ var ( Plain Mechanism = plain // ScramSha256Plus is a Mechanism that implements the SCRAM-SHA-256-PLUS - // authentication mechanism defined in RFC 7677. The only supported channel - // binding type is tls-unique as defined in RFC 5929. + // authentication mechanism defined in RFC 7677. + // The only supported channel binding types are tls-unique as defined in RFC + // 5929 and tls-exporter defined in RFC 9266. ScramSha256Plus Mechanism = scram("SCRAM-SHA-256-PLUS", sha256.New) // ScramSha256 is a Mechanism that implements the SCRAM-SHA-256 @@ -33,8 +35,9 @@ var ( ScramSha256 Mechanism = scram("SCRAM-SHA-256", sha256.New) // ScramSha1Plus is a Mechanism that implements the SCRAM-SHA-1-PLUS - // authentication mechanism defined in RFC 5802. The only supported channel - // binding type is tls-unique as defined in RFC 5929. + // authentication mechanism defined in RFC 5802. + // The only supported channel binding types are tls-unique as defined in RFC + // 5929 and tls-exporter defined in RFC 9266. ScramSha1Plus Mechanism = scram("SCRAM-SHA-1-PLUS", sha1.New) // ScramSha1 is a Mechanism that implements the SCRAM-SHA-1 authentication diff --git a/vendor/mellium.im/sasl/negotiator.go b/vendor/mellium.im/sasl/negotiator.go index 217ff2a..8b4c3de 100644 --- a/vendor/mellium.im/sasl/negotiator.go +++ b/vendor/mellium.im/sasl/negotiator.go @@ -1,6 +1,6 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl @@ -44,16 +44,18 @@ const ( func NewClient(m Mechanism, opts ...Option) *Negotiator { machine := &Negotiator{ mechanism: m, - nonce: nonce(noncerandlen, rand.Reader), } getOpts(machine, opts...) for _, rname := range machine.remoteMechanisms { lname := m.Name if lname == rname && strings.HasSuffix(lname, "-PLUS") { machine.state |= RemoteCB - return machine + break } } + if len(machine.nonce) == 0 { + machine.nonce = nonce(noncerandlen, rand.Reader) + } return machine } @@ -64,7 +66,6 @@ func NewClient(m Mechanism, opts ...Option) *Negotiator { func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) *Negotiator { machine := &Negotiator{ mechanism: m, - nonce: nonce(noncerandlen, rand.Reader), state: AuthTextSent | Receiving, } getOpts(machine, opts...) @@ -75,9 +76,12 @@ func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) lname := m.Name if lname == rname && strings.HasSuffix(lname, "-PLUS") { machine.state |= RemoteCB - return machine + break } } + if len(machine.nonce) == 0 { + machine.nonce = nonce(noncerandlen, rand.Reader) + } return machine } diff --git a/vendor/mellium.im/sasl/nonce.go b/vendor/mellium.im/sasl/nonce.go index 8e8666f..e944977 100644 --- a/vendor/mellium.im/sasl/nonce.go +++ b/vendor/mellium.im/sasl/nonce.go @@ -1,6 +1,6 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl diff --git a/vendor/mellium.im/sasl/options.go b/vendor/mellium.im/sasl/options.go index 427a2be..86c295d 100644 --- a/vendor/mellium.im/sasl/options.go +++ b/vendor/mellium.im/sasl/options.go @@ -1,6 +1,6 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl @@ -31,6 +31,14 @@ func TLSState(cs tls.ConnectionState) Option { } } +// nonce overrides the nonce used for authentication attempts. +// This defaults to a random value and should not be changed. +func setNonce(v []byte) Option { + return func(n *Negotiator) { + n.nonce = v + } +} + // RemoteMechanisms sets a list of mechanisms supported by the remote client or // server with which the state machine will be negotiating. // It is used to determine if the server supports channel binding. diff --git a/vendor/mellium.im/sasl/plain.go b/vendor/mellium.im/sasl/plain.go index e48643f..7d3d1a8 100644 --- a/vendor/mellium.im/sasl/plain.go +++ b/vendor/mellium.im/sasl/plain.go @@ -1,6 +1,6 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl diff --git a/vendor/mellium.im/sasl/scram.go b/vendor/mellium.im/sasl/scram.go index 6e6bdc3..1747397 100644 --- a/vendor/mellium.im/sasl/scram.go +++ b/vendor/mellium.im/sasl/scram.go @@ -1,12 +1,13 @@ // Copyright 2016 The Mellium Contributors. -// Use of this source code is governed by the BSD 2-clause license that can be -// found in the LICENSE file. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. package sasl import ( "bytes" "crypto/hmac" + "crypto/tls" "encoding/base64" "errors" "hash" @@ -17,7 +18,10 @@ import ( ) const ( - gs2HeaderCBSupport = "p=tls-unique," + exporterLen = 32 + exporterLabel = "EXPORTER-Channel-Binding" + gs2HeaderCBSupportUnique = "p=tls-unique," + gs2HeaderCBSupportExporter = "p=tls-exporter," gs2HeaderNoServerCBSupport = "y," gs2HeaderNoCBSupport = "n," ) @@ -32,13 +36,18 @@ const noncerandlen = 16 func getGS2Header(name string, n *Negotiator) (gs2Header []byte) { _, _, identity := n.Credentials() + tlsState := n.TLSState() switch { - case n.TLSState() == nil || !strings.HasSuffix(name, "-PLUS"): + case tlsState == nil || !strings.HasSuffix(name, "-PLUS"): // We do not support channel binding gs2Header = []byte(gs2HeaderNoCBSupport) case n.State()&RemoteCB == RemoteCB: // We support channel binding and the server does too - gs2Header = []byte(gs2HeaderCBSupport) + if tlsState.Version >= tls.VersionTLS13 { + gs2Header = []byte(gs2HeaderCBSupportExporter) + } else { + gs2Header = []byte(gs2HeaderCBSupportUnique) + } case n.State()&RemoteCB != RemoteCB: // We support channel binding but the server does not gs2Header = []byte(gs2HeaderNoServerCBSupport) @@ -88,7 +97,7 @@ func scram(name string, fn func() hash.Hash) Mechanism { return true, append(getGS2Header(name, m), clientFirstMessage...), clientFirstMessage, nil }, Next: func(m *Negotiator, challenge []byte, data interface{}) (more bool, resp []byte, cache interface{}, err error) { - if challenge == nil || len(challenge) == 0 { + if len(challenge) == 0 { return more, resp, cache, ErrInvalidChallenge } @@ -108,7 +117,10 @@ func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge case AuthTextSent: iter := -1 var salt, nonce []byte - for _, field := range bytes.Split(challenge, []byte{','}) { + remain := challenge + for { + var field []byte + field, remain = nextParam(remain) if len(field) < 3 || (len(field) >= 2 && field[1] != '=') { continue } @@ -135,45 +147,69 @@ func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge // version of SCRAM, its presence in a client or a server message // MUST cause authentication failure when the attribute is parsed by // the other end. - err = errors.New("Server sent reserved attribute `m'") + err = errors.New("server sent reserved attribute `m'") return } + if remain == nil { + break + } } switch { case iter < 0: - err = errors.New("Iteration count is missing") - return - case iter < 0: - err = errors.New("Iteration count is invalid") + err = errors.New("iteration count is invalid") return case nonce == nil || !bytes.HasPrefix(nonce, m.Nonce()): - err = errors.New("Server nonce does not match client nonce") + err = errors.New("server nonce does not match client nonce") return case salt == nil: - err = errors.New("Server sent empty salt") + err = errors.New("server sent empty salt") return } gs2Header := getGS2Header(name, m) tlsState := m.TLSState() var channelBinding []byte - if tlsState != nil && strings.HasSuffix(name, "-PLUS") { + switch plus := strings.HasSuffix(name, "-PLUS"); { + case plus && tlsState == nil: + err = errors.New("sasl: SCRAM with channel binding requires a TLS connection") + return + case bytes.Contains(gs2Header, []byte(gs2HeaderCBSupportExporter)): + keying, err := tlsState.ExportKeyingMaterial(exporterLabel, nil, exporterLen) + if err != nil { + return false, nil, nil, err + } + if len(keying) == 0 { + err = errors.New("sasl: SCRAM with channel binding requires valid TLS keying material") + return false, nil, nil, err + } + channelBinding = make([]byte, 2+base64.StdEncoding.EncodedLen(len(gs2Header)+len(keying))) + channelBinding[0] = 'c' + channelBinding[1] = '=' + base64.StdEncoding.Encode(channelBinding[2:], append(gs2Header, keying...)) + case bytes.Contains(gs2Header, []byte(gs2HeaderCBSupportUnique)): + //lint:ignore SA1019 TLS unique must be supported by SCRAM + if len(tlsState.TLSUnique) == 0 { + err = errors.New("sasl: SCRAM with channel binding requires valid tls-unique data") + return false, nil, nil, err + } channelBinding = make( []byte, + //lint:ignore SA1019 TLS unique must be supported by SCRAM 2+base64.StdEncoding.EncodedLen(len(gs2Header)+len(tlsState.TLSUnique)), ) - base64.StdEncoding.Encode(channelBinding[2:], append(gs2Header, tlsState.TLSUnique...)) channelBinding[0] = 'c' channelBinding[1] = '=' - } else { + //lint:ignore SA1019 TLS unique must be supported by SCRAM + base64.StdEncoding.Encode(channelBinding[2:], append(gs2Header, tlsState.TLSUnique...)) + default: channelBinding = make( []byte, 2+base64.StdEncoding.EncodedLen(len(gs2Header)), ) - base64.StdEncoding.Encode(channelBinding[2:], gs2Header) channelBinding[0] = 'c' channelBinding[1] = '=' + base64.StdEncoding.Encode(channelBinding[2:], gs2Header) } clientFinalMessageWithoutProof := append(channelBinding, []byte(",r=")...) clientFinalMessageWithoutProof = append(clientFinalMessageWithoutProof, nonce...) @@ -187,25 +223,40 @@ func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge saltedPassword := pbkdf2.Key(password, salt, iter, fn().Size(), fn) h := hmac.New(fn, saltedPassword) - h.Write(serverKeyInput) + _, err = h.Write(serverKeyInput) + if err != nil { + return + } serverKey := h.Sum(nil) h.Reset() - h.Write(clientKeyInput) + _, err = h.Write(clientKeyInput) + if err != nil { + return + } clientKey := h.Sum(nil) h = hmac.New(fn, serverKey) - h.Write(authMessage) + _, err = h.Write(authMessage) + if err != nil { + return + } serverSignature := h.Sum(nil) h = fn() - h.Write(clientKey) + _, err = h.Write(clientKey) + if err != nil { + return + } storedKey := h.Sum(nil) h = hmac.New(fn, storedKey) - h.Write(authMessage) + _, err = h.Write(authMessage) + if err != nil { + return + } clientSignature := h.Sum(nil) clientProof := make([]byte, len(clientKey)) - xorBytes(clientProof, clientKey, clientSignature) + goXORBytes(clientProof, clientKey, clientSignature) encodedClientProof := make([]byte, base64.StdEncoding.EncodedLen(len(clientProof))) base64.StdEncoding.Encode(encodedClientProof, clientProof) @@ -225,3 +276,11 @@ func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge err = ErrInvalidState return } + +func nextParam(params []byte) ([]byte, []byte) { + idx := bytes.IndexByte(params, ',') + if idx == -1 { + return params, nil + } + return params[:idx], params[idx+1:] +} diff --git a/vendor/mellium.im/sasl/xor.go b/vendor/mellium.im/sasl/xor.go new file mode 100644 index 0000000..90d21a8 --- /dev/null +++ b/vendor/mellium.im/sasl/xor.go @@ -0,0 +1,26 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !go1.20 + +package sasl + +// TODO: remove all the specialized XOR code and use "crypto/subtle".XORBytes +// when Go v1.21 comes out. For more information see: +// https://mellium.im/issue/338 + +func goXORBytes(dst, x, y []byte) int { + n := len(x) + if len(y) < n { + n = len(y) + } + if n == 0 { + return 0 + } + if n > len(dst) { + panic("subtle.XORBytes: dst too short") + } + xorBytes(&dst[0], &x[0], &y[0], n) // arch-specific + return n +} diff --git a/vendor/mellium.im/sasl/xor_amd64.go b/vendor/mellium.im/sasl/xor_amd64.go new file mode 100644 index 0000000..d424bf4 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_amd64.go @@ -0,0 +1,10 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !purego + +package sasl + +//go:noescape +func xorBytes(dst, a, b *byte, n int) diff --git a/vendor/mellium.im/sasl/xor_amd64.s b/vendor/mellium.im/sasl/xor_amd64.s new file mode 100644 index 0000000..8b04b58 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_amd64.s @@ -0,0 +1,56 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !purego + +#include "textflag.h" + +// func xorBytes(dst, a, b *byte, n int) +TEXT ·xorBytes(SB), NOSPLIT, $0 + MOVQ dst+0(FP), BX + MOVQ a+8(FP), SI + MOVQ b+16(FP), CX + MOVQ n+24(FP), DX + TESTQ $15, DX // AND 15 & len, if not zero jump to not_aligned. + JNZ not_aligned + +aligned: + MOVQ $0, AX // position in slices + +loop16b: + MOVOU (SI)(AX*1), X0 // XOR 16byte forwards. + MOVOU (CX)(AX*1), X1 + PXOR X1, X0 + MOVOU X0, (BX)(AX*1) + ADDQ $16, AX + CMPQ DX, AX + JNE loop16b + RET + +loop_1b: + SUBQ $1, DX // XOR 1byte backwards. + MOVB (SI)(DX*1), DI + MOVB (CX)(DX*1), AX + XORB AX, DI + MOVB DI, (BX)(DX*1) + TESTQ $7, DX // AND 7 & len, if not zero jump to loop_1b. + JNZ loop_1b + CMPQ DX, $0 // if len is 0, ret. + JE ret + TESTQ $15, DX // AND 15 & len, if zero jump to aligned. + JZ aligned + +not_aligned: + TESTQ $7, DX // AND $7 & len, if not zero jump to loop_1b. + JNE loop_1b + SUBQ $8, DX // XOR 8bytes backwards. + MOVQ (SI)(DX*1), DI + MOVQ (CX)(DX*1), AX + XORQ AX, DI + MOVQ DI, (BX)(DX*1) + CMPQ DX, $16 // if len is greater or equal 16 here, it must be aligned. + JGE aligned + +ret: + RET diff --git a/vendor/mellium.im/sasl/xor_arm64.go b/vendor/mellium.im/sasl/xor_arm64.go new file mode 100644 index 0000000..08525c6 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_arm64.go @@ -0,0 +1,10 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !purego + +package sasl + +//go:noescape +func xorBytes(dst, a, b *byte, n int) diff --git a/vendor/mellium.im/sasl/xor_arm64.s b/vendor/mellium.im/sasl/xor_arm64.s new file mode 100644 index 0000000..7632164 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_arm64.s @@ -0,0 +1,69 @@ +// Copyright 2020 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !purego + +#include "textflag.h" + +// func xorBytes(dst, a, b *byte, n int) +TEXT ·xorBytes(SB), NOSPLIT|NOFRAME, $0 + MOVD dst+0(FP), R0 + MOVD a+8(FP), R1 + MOVD b+16(FP), R2 + MOVD n+24(FP), R3 + CMP $64, R3 + BLT tail +loop_64: + VLD1.P 64(R1), [V0.B16, V1.B16, V2.B16, V3.B16] + VLD1.P 64(R2), [V4.B16, V5.B16, V6.B16, V7.B16] + VEOR V0.B16, V4.B16, V4.B16 + VEOR V1.B16, V5.B16, V5.B16 + VEOR V2.B16, V6.B16, V6.B16 + VEOR V3.B16, V7.B16, V7.B16 + VST1.P [V4.B16, V5.B16, V6.B16, V7.B16], 64(R0) + SUBS $64, R3 + CMP $64, R3 + BGE loop_64 +tail: + // quick end + CBZ R3, end + TBZ $5, R3, less_than32 + VLD1.P 32(R1), [V0.B16, V1.B16] + VLD1.P 32(R2), [V2.B16, V3.B16] + VEOR V0.B16, V2.B16, V2.B16 + VEOR V1.B16, V3.B16, V3.B16 + VST1.P [V2.B16, V3.B16], 32(R0) +less_than32: + TBZ $4, R3, less_than16 + LDP.P 16(R1), (R11, R12) + LDP.P 16(R2), (R13, R14) + EOR R11, R13, R13 + EOR R12, R14, R14 + STP.P (R13, R14), 16(R0) +less_than16: + TBZ $3, R3, less_than8 + MOVD.P 8(R1), R11 + MOVD.P 8(R2), R12 + EOR R11, R12, R12 + MOVD.P R12, 8(R0) +less_than8: + TBZ $2, R3, less_than4 + MOVWU.P 4(R1), R13 + MOVWU.P 4(R2), R14 + EORW R13, R14, R14 + MOVWU.P R14, 4(R0) +less_than4: + TBZ $1, R3, less_than2 + MOVHU.P 2(R1), R15 + MOVHU.P 2(R2), R16 + EORW R15, R16, R16 + MOVHU.P R16, 2(R0) +less_than2: + TBZ $0, R3, end + MOVBU (R1), R17 + MOVBU (R2), R19 + EORW R17, R19, R19 + MOVBU R19, (R0) +end: + RET diff --git a/vendor/mellium.im/sasl/xor_generic.go b/vendor/mellium.im/sasl/xor_generic.go index 4576e63..1b49158 100644 --- a/vendor/mellium.im/sasl/xor_generic.go +++ b/vendor/mellium.im/sasl/xor_generic.go @@ -2,23 +2,57 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -// This file was split out from Go's crypto/cipher/xor.go - -// +build !386,!amd64,!ppc64,!ppc64le,!s390x,!appengine +//go:build (!amd64 && !arm64 && !ppc64 && !ppc64le) || purego package sasl -func xorBytes(dst, a, b []byte) int { - n := len(a) - if len(b) < n { - n = len(b) - } - for i := 0; i < n; i++ { - dst[i] = a[i] ^ b[i] +import ( + "runtime" + "unsafe" +) + +const wordSize = unsafe.Sizeof(uintptr(0)) + +const supportsUnaligned = runtime.GOARCH == "386" || + runtime.GOARCH == "amd64" || + runtime.GOARCH == "ppc64" || + runtime.GOARCH == "ppc64le" || + runtime.GOARCH == "s390x" + +func xorBytes(dstb, xb, yb *byte, n int) { + // xorBytes assembly is written using pointers and n. Back to slices. + dst := unsafe.Slice(dstb, n) + x := unsafe.Slice(xb, n) + y := unsafe.Slice(yb, n) + + if supportsUnaligned || aligned(dstb, xb, yb) { + xorLoop(words(dst), words(x), words(y)) + if uintptr(n)%wordSize == 0 { + return + } + done := n &^ int(wordSize-1) + dst = dst[done:] + x = x[done:] + y = y[done:] } - return n + xorLoop(dst, x, y) } -func xorWords(dst, a, b []byte) { - xorBytes(dst, a, b) +// aligned reports whether dst, x, and y are all word-aligned pointers. +func aligned(dst, x, y *byte) bool { + return (uintptr(unsafe.Pointer(dst))|uintptr(unsafe.Pointer(x))|uintptr(unsafe.Pointer(y)))&(wordSize-1) == 0 +} + +// words returns a []uintptr pointing at the same data as x, +// with any trailing partial word removed. +func words(x []byte) []uintptr { + return unsafe.Slice((*uintptr)(unsafe.Pointer(&x[0])), uintptr(len(x))/wordSize) +} + +func xorLoop[T byte | uintptr](dst, x, y []T) { + x = x[:len(dst)] // remove bounds check in loop + y = y[:len(dst)] // remove bounds check in loop + for i := range dst { + dst[i] = x[i] ^ y[i] + } } diff --git a/vendor/mellium.im/sasl/xor_go.go b/vendor/mellium.im/sasl/xor_go.go new file mode 100644 index 0000000..3d742f5 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_go.go @@ -0,0 +1,15 @@ +// Copyright 2022 The Mellium Contributors. +// Use of this source code is governed by the BSD 2-clause +// license that can be found in the LICENSE file. + +//go:build go1.20 + +package sasl + +import ( + "crypto/subtle" +) + +func goXORBytes(dst, x, y []byte) int { + return subtle.XORBytes(dst, x, y) +} diff --git a/vendor/mellium.im/sasl/xor_ppc64x.go b/vendor/mellium.im/sasl/xor_ppc64x.go new file mode 100644 index 0000000..0148b30 --- /dev/null +++ b/vendor/mellium.im/sasl/xor_ppc64x.go @@ -0,0 +1,10 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build (ppc64 || ppc64le) && !purego + +package sasl + +//go:noescape +func xorBytes(dst, a, b *byte, n int) diff --git a/vendor/mellium.im/sasl/xor_ppc64x.s b/vendor/mellium.im/sasl/xor_ppc64x.s new file mode 100644 index 0000000..72bb80d --- /dev/null +++ b/vendor/mellium.im/sasl/xor_ppc64x.s @@ -0,0 +1,87 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build (ppc64 || ppc64le) && !purego + +#include "textflag.h" + +// func xorBytes(dst, a, b *byte, n int) +TEXT ·xorBytes(SB), NOSPLIT, $0 + MOVD dst+0(FP), R3 // R3 = dst + MOVD a+8(FP), R4 // R4 = a + MOVD b+16(FP), R5 // R5 = b + MOVD n+24(FP), R6 // R6 = n + + CMPU R6, $32, CR7 // Check if n ≥ 32 bytes + MOVD R0, R8 // R8 = index + CMPU R6, $8, CR6 // Check if 8 ≤ n < 32 bytes + BLT CR6, small // Smaller than 8 + BLT CR7, xor16 // Case for 16 ≤ n < 32 bytes + + // Case for n ≥ 32 bytes +preloop32: + SRD $5, R6, R7 // Setup loop counter + MOVD R7, CTR + MOVD $16, R10 + ANDCC $31, R6, R9 // Check for tailing bytes for later +loop32: + LXVD2X (R4)(R8), VS32 // VS32 = a[i,...,i+15] + LXVD2X (R4)(R10), VS34 + LXVD2X (R5)(R8), VS33 // VS33 = b[i,...,i+15] + LXVD2X (R5)(R10), VS35 + XXLXOR VS32, VS33, VS32 // VS34 = a[] ^ b[] + XXLXOR VS34, VS35, VS34 + STXVD2X VS32, (R3)(R8) // Store to dst + STXVD2X VS34, (R3)(R10) + ADD $32, R8 // Update index + ADD $32, R10 + BC 16, 0, loop32 // bdnz loop16 + + BEQ CR0, done + + MOVD R9, R6 + CMP R6, $8 + BLT small +xor16: + CMP R6, $16 + BLT xor8 + LXVD2X (R4)(R8), VS32 + LXVD2X (R5)(R8), VS33 + XXLXOR VS32, VS33, VS32 + STXVD2X VS32, (R3)(R8) + ADD $16, R8 + ADD $-16, R6 + CMP R6, $8 + BLT small +xor8: + // Case for 8 ≤ n < 16 bytes + MOVD (R4)(R8), R14 // R14 = a[i,...,i+7] + MOVD (R5)(R8), R15 // R15 = b[i,...,i+7] + XOR R14, R15, R16 // R16 = a[] ^ b[] + SUB $8, R6 // n = n - 8 + MOVD R16, (R3)(R8) // Store to dst + ADD $8, R8 + + // Check if we're finished + CMP R6, R0 + BGT small + RET + + // Case for n < 8 bytes and tailing bytes from the + // previous cases. +small: + CMP R6, R0 + BEQ done + MOVD R6, CTR // Setup loop counter + +loop: + MOVBZ (R4)(R8), R14 // R14 = a[i] + MOVBZ (R5)(R8), R15 // R15 = b[i] + XOR R14, R15, R16 // R16 = a[i] ^ b[i] + MOVB R16, (R3)(R8) // Store to dst + ADD $1, R8 + BC 16, 0, loop // bdnz loop + +done: + RET diff --git a/vendor/mellium.im/sasl/xor_unaligned.go b/vendor/mellium.im/sasl/xor_unaligned.go deleted file mode 100644 index a6b6beb..0000000 --- a/vendor/mellium.im/sasl/xor_unaligned.go +++ /dev/null @@ -1,52 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// This file was split out from Go's crypto/cipher/xor.go - -// +build 386 amd64 ppc64 ppc64le s390x appengine - -package sasl - -import ( - "unsafe" -) - -const wordSize = int(unsafe.Sizeof(uintptr(0))) - -// xorBytes xors in bulk. It only works on architectures that support unaligned -// read/writes. -func xorBytes(dst, a, b []byte) int { - n := len(a) - if len(b) < n { - n = len(b) - } - - w := n / wordSize - if w > 0 { - dw := *(*[]uintptr)(unsafe.Pointer(&dst)) - aw := *(*[]uintptr)(unsafe.Pointer(&a)) - bw := *(*[]uintptr)(unsafe.Pointer(&b)) - for i := 0; i < w; i++ { - dw[i] = aw[i] ^ bw[i] - } - } - - for i := (n - n%wordSize); i < n; i++ { - dst[i] = a[i] ^ b[i] - } - - return n -} - -// xorWords XORs multiples of 4 or 8 bytes (depending on architecture.) The -// arguments are assumed to be of equal length. -func xorWords(dst, a, b []byte) { - dw := *(*[]uintptr)(unsafe.Pointer(&dst)) - aw := *(*[]uintptr)(unsafe.Pointer(&a)) - bw := *(*[]uintptr)(unsafe.Pointer(&b)) - n := len(b) / wordSize - for i := 0; i < n; i++ { - dw[i] = aw[i] ^ bw[i] - } -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 0e76fee..6977e62 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -145,6 +145,6 @@ gopkg.in/src-d/go-git.v4/utils/merkletrie/noder gopkg.in/warnings.v0 # gopkg.in/yaml.v2 v2.4.0 ## explicit; go 1.15 -# mellium.im/sasl v0.2.1 -## explicit +# mellium.im/sasl v0.3.1 +## explicit; go 1.18 mellium.im/sasl From 404d0934002f865807045e3d84f608311384de00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 21 Mar 2023 05:36:33 +0000 Subject: [PATCH 2/2] Bump golang.org/x/net from 0.0.0-20220624214902-1bab6f366d9e to 0.7.0 Bumps [golang.org/x/net](https://github.com/golang/net) from 0.0.0-20220624214902-1bab6f366d9e to 0.7.0. - [Release notes](https://github.com/golang/net/releases) - [Commits](https://github.com/golang/net/commits/v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] --- go.mod | 6 +- go.sum | 35 ++++------ vendor/golang.org/x/net/AUTHORS | 3 - vendor/golang.org/x/net/CONTRIBUTORS | 3 - vendor/golang.org/x/net/context/go17.go | 4 +- vendor/golang.org/x/sys/AUTHORS | 3 - vendor/golang.org/x/sys/CONTRIBUTORS | 3 - vendor/golang.org/x/sys/cpu/cpu_arm64.go | 12 ++-- vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c | 1 + .../golang.org/x/sys/cpu/cpu_linux_arm64.go | 44 ++++++++++++- .../golang.org/x/sys/cpu/cpu_openbsd_arm64.go | 65 +++++++++++++++++++ .../golang.org/x/sys/cpu/cpu_openbsd_arm64.s | 11 ++++ .../golang.org/x/sys/cpu/cpu_other_arm64.go | 4 +- .../golang.org/x/sys/cpu/cpu_other_ppc64x.go | 15 +++++ .../golang.org/x/sys/cpu/cpu_other_riscv64.go | 12 ++++ vendor/golang.org/x/sys/cpu/endian_big.go | 11 ++++ vendor/golang.org/x/sys/cpu/endian_little.go | 11 ++++ vendor/golang.org/x/sys/cpu/parse.go | 43 ++++++++++++ .../x/sys/cpu/proc_cpuinfo_linux.go | 54 +++++++++++++++ vendor/modules.txt | 4 +- 20 files changed, 293 insertions(+), 51 deletions(-) delete mode 100644 vendor/golang.org/x/net/AUTHORS delete mode 100644 vendor/golang.org/x/net/CONTRIBUTORS delete mode 100644 vendor/golang.org/x/sys/AUTHORS delete mode 100644 vendor/golang.org/x/sys/CONTRIBUTORS create mode 100644 vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.s create mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go create mode 100644 vendor/golang.org/x/sys/cpu/endian_big.go create mode 100644 vendor/golang.org/x/sys/cpu/endian_little.go create mode 100644 vendor/golang.org/x/sys/cpu/parse.go create mode 100644 vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go diff --git a/go.mod b/go.mod index f719615..52ed335 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,6 @@ require ( github.com/go-pg/pg/v10 v10.10.6 github.com/google/wire v0.5.0 github.com/gorilla/mux v1.8.0 - github.com/nats-io/nats.go v1.19.0 go.uber.org/zap v1.21.0 gopkg.in/src-d/go-git.v4 v4.13.1 ) @@ -20,6 +19,7 @@ require ( github.com/klauspost/compress v1.14.4 // indirect github.com/minio/highwayhash v1.0.2 // indirect github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a // indirect + github.com/nats-io/nats.go v1.19.0 // indirect github.com/nats-io/nkeys v0.3.0 // indirect github.com/nats-io/nuid v1.0.1 // indirect github.com/pkg/errors v0.9.1 // indirect @@ -33,8 +33,8 @@ require ( go.uber.org/atomic v1.7.0 // indirect go.uber.org/multierr v1.6.0 // indirect golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect - golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e // indirect - golang.org/x/sys v0.0.0-20220624220833-87e55d714810 // indirect + golang.org/x/net v0.7.0 // indirect + golang.org/x/sys v0.5.0 // indirect golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 9ecd2eb..59c5263 100644 --- a/go.sum +++ b/go.sum @@ -100,24 +100,6 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/devtron-labs/common-lib v0.0.0-20221028123910-ac349a64526a h1:g2S75h+OAXXN5SGsdxxCfmKZXJFGUKTNtPaUW5Gp9ck= -github.com/devtron-labs/common-lib v0.0.0-20221028123910-ac349a64526a/go.mod h1:wDldcLG0CzfnxCBEXeitEkYF9bk62yG+HLGqQg6VZ4o= -github.com/devtron-labs/common-lib v0.0.0-20221111092855-6dae5a34a041 h1:4yQ7v/fC39TzKzcn24CHzB8XL2wl3JFhsJ1VsXiTjXQ= -github.com/devtron-labs/common-lib v0.0.0-20221111092855-6dae5a34a041/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221111102018-8cffc22d80e3 h1:wswsi1r6tDtmycUaUGGUtoUNbKvQyJByKyxiDm+o9Lw= -github.com/devtron-labs/common-lib v0.0.0-20221111102018-8cffc22d80e3/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221117072858-bd2f19e16dd2 h1:dEtjnQqSWGCl4sIWYvsBsJuBLfmVV2kw1OyuBpkAp64= -github.com/devtron-labs/common-lib v0.0.0-20221117072858-bd2f19e16dd2/go.mod h1:PWHsHmhRVy50rvYlTv2bfoW/4oX8lPTcITiF8l9+ULg= -github.com/devtron-labs/common-lib v0.0.0-20221126093411-794588b004ea h1:cJWdGd6bXNGqt7yWjsIhV3mHcnhe2T3s3e7hKOgK2iU= -github.com/devtron-labs/common-lib v0.0.0-20221126093411-794588b004ea/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221130083108-d35a1c63675b h1:Z9tehff98lhxdX9Z7ggdBuFzrCNacr4hIjdNCRubVt8= -github.com/devtron-labs/common-lib v0.0.0-20221130083108-d35a1c63675b/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221130123535-dff66e51a956 h1:Zu01gsCYzkiYqGWz4QX0SmtXuhzXouPvXmspGi7GsJA= -github.com/devtron-labs/common-lib v0.0.0-20221130123535-dff66e51a956/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221208044859-269008fed09b h1:yGXerrqwyjPIr62q1RadJh6MYH3vG6T9nChH+yOJnnA= -github.com/devtron-labs/common-lib v0.0.0-20221208044859-269008fed09b/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= -github.com/devtron-labs/common-lib v0.0.0-20221226122002-9dbeb177a7ef h1:Ni2j6uiaSUbwEwYQgHl7EOfT03ez/xWuSpkSQgB4K/Y= -github.com/devtron-labs/common-lib v0.0.0-20221226122002-9dbeb177a7ef/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= github.com/devtron-labs/common-lib v0.0.0-20230109070754-ff4dca200a2c h1:jz7yPUlIJXFg9AvJh2fb0QW7JT6+RKj8LOl1mWM/HQA= github.com/devtron-labs/common-lib v0.0.0-20230109070754-ff4dca200a2c/go.mod h1:R24nOqgk4buk9zv+BXzORfObZsOe3NE9P55KrZXGX9k= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= @@ -270,7 +252,6 @@ github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a h1:lem6QCvxR0Y28g github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k= github.com/nats-io/nats-server/v2 v2.8.4 h1:0jQzze1T9mECg8YZEl8+WYUXb9JKluJfCBriPUtluB4= github.com/nats-io/nats-server/v2 v2.8.4/go.mod h1:8zZa+Al3WsESfmgSs98Fi06dRWLH5Bnq90m5bKD/eT4= -github.com/nats-io/nats.go v1.15.0 h1:3IXNBolWrwIUf2soxh6Rla8gPzYWEZQBUBK6RV21s+o= github.com/nats-io/nats.go v1.15.0/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w= github.com/nats-io/nats.go v1.19.0 h1:H6j8aBnTQFoVrTGB6Xjd903UMdE7jz6DS4YkmAqgZ9Q= github.com/nats-io/nats.go v1.19.0/go.mod h1:tLqubohF7t4z3du1QDPYJIQQyhb4wl6DhjxEajSI7UA= @@ -335,6 +316,7 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -399,6 +381,7 @@ golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.1/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -446,8 +429,10 @@ golang.org/x/net v0.0.0-20220325170049-de3da57026de/go.mod h1:CfG3xpIq0wQ8r1q4Su golang.org/x/net v0.0.0-20220412020605-290c469a71a5/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220425223048-2871e0cb64e4/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.0.0-20220607020251-c690dde0001d/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e h1:TsQ7F31D3bUCLeqPT0u+yjp1guoArKaNKmCr22PYgTQ= golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -481,6 +466,7 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190130150945-aca44879d564/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -551,10 +537,13 @@ golang.org/x/sys v0.0.0-20220502124256-b6088ccd6cba/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220610221304-9f5ed59c137d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220624220833-87e55d714810 h1:rHZQSjJdAI4Xf5Qzeh2bBc5YJIkPFVM6oDtMFYmgws0= golang.org/x/sys v0.0.0-20220624220833-87e55d714810/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -563,8 +552,9 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -624,6 +614,7 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.3/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.4/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/vendor/golang.org/x/net/AUTHORS b/vendor/golang.org/x/net/AUTHORS deleted file mode 100644 index 15167cd..0000000 --- a/vendor/golang.org/x/net/AUTHORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code refers to The Go Authors for copyright purposes. -# The master list of authors is in the main Go distribution, -# visible at http://tip.golang.org/AUTHORS. diff --git a/vendor/golang.org/x/net/CONTRIBUTORS b/vendor/golang.org/x/net/CONTRIBUTORS deleted file mode 100644 index 1c4577e..0000000 --- a/vendor/golang.org/x/net/CONTRIBUTORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code was written by the Go contributors. -# The master list of contributors is in the main Go distribution, -# visible at http://tip.golang.org/CONTRIBUTORS. diff --git a/vendor/golang.org/x/net/context/go17.go b/vendor/golang.org/x/net/context/go17.go index 0a54bdb..2cb9c40 100644 --- a/vendor/golang.org/x/net/context/go17.go +++ b/vendor/golang.org/x/net/context/go17.go @@ -32,7 +32,7 @@ var DeadlineExceeded = context.DeadlineExceeded // call cancel as soon as the operations running in this Context complete. func WithCancel(parent Context) (ctx Context, cancel CancelFunc) { ctx, f := context.WithCancel(parent) - return ctx, CancelFunc(f) + return ctx, f } // WithDeadline returns a copy of the parent context with the deadline adjusted @@ -46,7 +46,7 @@ func WithCancel(parent Context) (ctx Context, cancel CancelFunc) { // call cancel as soon as the operations running in this Context complete. func WithDeadline(parent Context, deadline time.Time) (Context, CancelFunc) { ctx, f := context.WithDeadline(parent, deadline) - return ctx, CancelFunc(f) + return ctx, f } // WithTimeout returns WithDeadline(parent, time.Now().Add(timeout)). diff --git a/vendor/golang.org/x/sys/AUTHORS b/vendor/golang.org/x/sys/AUTHORS deleted file mode 100644 index 15167cd..0000000 --- a/vendor/golang.org/x/sys/AUTHORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code refers to The Go Authors for copyright purposes. -# The master list of authors is in the main Go distribution, -# visible at http://tip.golang.org/AUTHORS. diff --git a/vendor/golang.org/x/sys/CONTRIBUTORS b/vendor/golang.org/x/sys/CONTRIBUTORS deleted file mode 100644 index 1c4577e..0000000 --- a/vendor/golang.org/x/sys/CONTRIBUTORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code was written by the Go contributors. -# The master list of contributors is in the main Go distribution, -# visible at http://tip.golang.org/CONTRIBUTORS. diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go index 87dd5e3..f3eb993 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go @@ -6,7 +6,10 @@ package cpu import "runtime" -const cacheLineSize = 64 +// cacheLineSize is used to prevent false sharing of cache lines. +// We choose 128 because Apple Silicon, a.k.a. M1, has 128-byte cache line size. +// It doesn't cost much and is much more future-proof. +const cacheLineSize = 128 func initOptions() { options = []option{ @@ -41,13 +44,10 @@ func archInit() { switch runtime.GOOS { case "freebsd": readARM64Registers() - case "linux", "netbsd": + case "linux", "netbsd", "openbsd": doinit() default: - // Most platforms don't seem to allow reading these registers. - // - // OpenBSD: - // See https://golang.org/issue/31746 + // Many platforms don't seem to allow reading these registers. setMinimalFeatures() } } diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c index a4605e6..6cc7310 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c +++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c @@ -2,6 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build (386 || amd64 || amd64p32) && gccgo // +build 386 amd64 amd64p32 // +build gccgo diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go index 79a38a0..a968b80 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go @@ -4,6 +4,11 @@ package cpu +import ( + "strings" + "syscall" +) + // HWCAP/HWCAP2 bits. These are exposed by Linux. const ( hwcap_FP = 1 << 0 @@ -32,10 +37,45 @@ const ( hwcap_ASIMDFHM = 1 << 23 ) +// linuxKernelCanEmulateCPUID reports whether we're running +// on Linux 4.11+. Ideally we'd like to ask the question about +// whether the current kernel contains +// https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77c97b4ee21290f5f083173d957843b615abbff2 +// but the version number will have to do. +func linuxKernelCanEmulateCPUID() bool { + var un syscall.Utsname + syscall.Uname(&un) + var sb strings.Builder + for _, b := range un.Release[:] { + if b == 0 { + break + } + sb.WriteByte(byte(b)) + } + major, minor, _, ok := parseRelease(sb.String()) + return ok && (major > 4 || major == 4 && minor >= 11) +} + func doinit() { if err := readHWCAP(); err != nil { - // failed to read /proc/self/auxv, try reading registers directly - readARM64Registers() + // We failed to read /proc/self/auxv. This can happen if the binary has + // been given extra capabilities(7) with /bin/setcap. + // + // When this happens, we have two options. If the Linux kernel is new + // enough (4.11+), we can read the arm64 registers directly which'll + // trap into the kernel and then return back to userspace. + // + // But on older kernels, such as Linux 4.4.180 as used on many Synology + // devices, calling readARM64Registers (specifically getisar0) will + // cause a SIGILL and we'll die. So for older kernels, parse /proc/cpuinfo + // instead. + // + // See golang/go#57336. + if linuxKernelCanEmulateCPUID() { + readARM64Registers() + } else { + readLinuxProcCPUInfo() + } return } diff --git a/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go new file mode 100644 index 0000000..85b64d5 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.go @@ -0,0 +1,65 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +import ( + "syscall" + "unsafe" +) + +// Minimal copy of functionality from x/sys/unix so the cpu package can call +// sysctl without depending on x/sys/unix. + +const ( + // From OpenBSD's sys/sysctl.h. + _CTL_MACHDEP = 7 + + // From OpenBSD's machine/cpu.h. + _CPU_ID_AA64ISAR0 = 2 + _CPU_ID_AA64ISAR1 = 3 +) + +// Implemented in the runtime package (runtime/sys_openbsd3.go) +func syscall_syscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err syscall.Errno) + +//go:linkname syscall_syscall6 syscall.syscall6 + +func sysctl(mib []uint32, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { + _, _, errno := syscall_syscall6(libc_sysctl_trampoline_addr, uintptr(unsafe.Pointer(&mib[0])), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen)) + if errno != 0 { + return errno + } + return nil +} + +var libc_sysctl_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_sysctl sysctl "libc.so" + +func sysctlUint64(mib []uint32) (uint64, bool) { + var out uint64 + nout := unsafe.Sizeof(out) + if err := sysctl(mib, (*byte)(unsafe.Pointer(&out)), &nout, nil, 0); err != nil { + return 0, false + } + return out, true +} + +func doinit() { + setMinimalFeatures() + + // Get ID_AA64ISAR0 and ID_AA64ISAR1 from sysctl. + isar0, ok := sysctlUint64([]uint32{_CTL_MACHDEP, _CPU_ID_AA64ISAR0}) + if !ok { + return + } + isar1, ok := sysctlUint64([]uint32{_CTL_MACHDEP, _CPU_ID_AA64ISAR1}) + if !ok { + return + } + parseARM64SystemRegisters(isar0, isar1, 0) + + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.s new file mode 100644 index 0000000..054ba05 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_openbsd_arm64.s @@ -0,0 +1,11 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +#include "textflag.h" + +TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_sysctl(SB) + +GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8 +DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB) diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go index f8c484f..f3cde12 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build !linux && !netbsd && arm64 -// +build !linux,!netbsd,arm64 +//go:build !linux && !netbsd && !openbsd && arm64 +// +build !linux,!netbsd,!openbsd,arm64 package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go new file mode 100644 index 0000000..060d46b --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go @@ -0,0 +1,15 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !aix && !linux && (ppc64 || ppc64le) +// +build !aix +// +build !linux +// +build ppc64 ppc64le + +package cpu + +func archInit() { + PPC64.IsPOWER8 = true + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go new file mode 100644 index 0000000..dd10eb7 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go @@ -0,0 +1,12 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !linux && riscv64 +// +build !linux,riscv64 + +package cpu + +func archInit() { + Initialized = true +} diff --git a/vendor/golang.org/x/sys/cpu/endian_big.go b/vendor/golang.org/x/sys/cpu/endian_big.go new file mode 100644 index 0000000..93ce03a --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/endian_big.go @@ -0,0 +1,11 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64 +// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64 + +package cpu + +// IsBigEndian records whether the GOARCH's byte order is big endian. +const IsBigEndian = true diff --git a/vendor/golang.org/x/sys/cpu/endian_little.go b/vendor/golang.org/x/sys/cpu/endian_little.go new file mode 100644 index 0000000..fe54596 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/endian_little.go @@ -0,0 +1,11 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh +// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh + +package cpu + +// IsBigEndian records whether the GOARCH's byte order is big endian. +const IsBigEndian = false diff --git a/vendor/golang.org/x/sys/cpu/parse.go b/vendor/golang.org/x/sys/cpu/parse.go new file mode 100644 index 0000000..762b63d --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/parse.go @@ -0,0 +1,43 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +import "strconv" + +// parseRelease parses a dot-separated version number. It follows the semver +// syntax, but allows the minor and patch versions to be elided. +// +// This is a copy of the Go runtime's parseRelease from +// https://golang.org/cl/209597. +func parseRelease(rel string) (major, minor, patch int, ok bool) { + // Strip anything after a dash or plus. + for i := 0; i < len(rel); i++ { + if rel[i] == '-' || rel[i] == '+' { + rel = rel[:i] + break + } + } + + next := func() (int, bool) { + for i := 0; i < len(rel); i++ { + if rel[i] == '.' { + ver, err := strconv.Atoi(rel[:i]) + rel = rel[i+1:] + return ver, err == nil + } + } + ver, err := strconv.Atoi(rel) + rel = "" + return ver, err == nil + } + if major, ok = next(); !ok || rel == "" { + return + } + if minor, ok = next(); !ok || rel == "" { + return + } + patch, ok = next() + return +} diff --git a/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go b/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go new file mode 100644 index 0000000..d87bd6b --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go @@ -0,0 +1,54 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build linux && arm64 +// +build linux,arm64 + +package cpu + +import ( + "errors" + "io" + "os" + "strings" +) + +func readLinuxProcCPUInfo() error { + f, err := os.Open("/proc/cpuinfo") + if err != nil { + return err + } + defer f.Close() + + var buf [1 << 10]byte // enough for first CPU + n, err := io.ReadFull(f, buf[:]) + if err != nil && err != io.ErrUnexpectedEOF { + return err + } + in := string(buf[:n]) + const features = "\nFeatures : " + i := strings.Index(in, features) + if i == -1 { + return errors.New("no CPU features found") + } + in = in[i+len(features):] + if i := strings.Index(in, "\n"); i != -1 { + in = in[:i] + } + m := map[string]*bool{} + + initOptions() // need it early here; it's harmless to call twice + for _, o := range options { + m[o.Name] = o.Feature + } + // The EVTSTRM field has alias "evstrm" in Go, but Linux calls it "evtstrm". + m["evtstrm"] = &ARM64.HasEVTSTRM + + for _, f := range strings.Fields(in) { + if p, ok := m[f]; ok { + *p = true + } + } + return nil +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 0e76fee..7e6d906 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -114,10 +114,10 @@ golang.org/x/crypto/openpgp/errors golang.org/x/crypto/openpgp/packet golang.org/x/crypto/openpgp/s2k golang.org/x/crypto/pbkdf2 -# golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e +# golang.org/x/net v0.7.0 ## explicit; go 1.17 golang.org/x/net/context -# golang.org/x/sys v0.0.0-20220624220833-87e55d714810 +# golang.org/x/sys v0.5.0 ## explicit; go 1.17 golang.org/x/sys/cpu # golang.org/x/time v0.0.0-20211116232009-f0f3c7e86c11