1. 12 Nov, 2019 6 commits
    • Filippo Valsorda's avatar
      crypto/tls: implement Certificate.SupportedSignatureAlgorithms · 5b17b657
      Filippo Valsorda authored
      This will let applications stop crypto/tls from using a certificate key
      with an algorithm that is not supported by its crypto.Signer, like
      hardware backed keys that can't do RSA-PSS.
      
      Fixes #28660
      
      Change-Id: I294cc06bddf813fff35c5107540c4a1788e1dace
      Reviewed-on: https://go-review.googlesource.com/c/go/+/205062
      Run-TryBot: Filippo Valsorda <filippo@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarAdam Langley <agl@golang.org>
      5b17b657
    • Filippo Valsorda's avatar
      crypto/tls: select only compatible chains from Certificates · eb93c684
      Filippo Valsorda authored
      Now that we have a full implementation of the logic to check certificate
      compatibility, we can let applications just list multiple chains in
      Certificates (for example, an RSA and an ECDSA one) and choose the most
      appropriate automatically.
      
      NameToCertificate only maps each name to one chain, so simply deprecate
      it, and while at it simplify its implementation by not stripping
      trailing dots from the SNI (which is specified not to have any, see RFC
      6066, Section 3) and by not supporting multi-level wildcards, which are
      not a thing in the WebPKI (and in crypto/x509).
      
      The performance of SupportsCertificate without Leaf is poor, but doesn't
      affect current users. For now document that, and address it properly in
      the next cycle. See #35504.
      
      While cleaning up the Certificates/GetCertificate/GetConfigForClient
      behavior, also support leaving Certificates/GetCertificate nil if
      GetConfigForClient is set, and send unrecognized_name when there are no
      available certificates.
      
      Fixes #29139
      Fixes #18377
      
      Change-Id: I26604db48806fe4d608388e55da52f34b7ca4566
      Reviewed-on: https://go-review.googlesource.com/c/go/+/205059
      Run-TryBot: Filippo Valsorda <filippo@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarKatie Hockman <katie@golang.org>
      eb93c684
    • Filippo Valsorda's avatar
      crypto/tls: implement (*CertificateRequestInfo).SupportsCertificate · 4b216421
      Filippo Valsorda authored
      Also, add Version to CertificateRequestInfo, as the semantics of
      SignatureSchemes change based on version: the ECDSA SignatureSchemes are
      only constrained to a specific curve in TLS 1.3.
      
      Fixes #32426
      
      Change-Id: I7a551bea864799e98118349ac2476162893d1ffd
      Reviewed-on: https://go-review.googlesource.com/c/go/+/205058
      Run-TryBot: Filippo Valsorda <filippo@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarAdam Langley <agl@golang.org>
      4b216421
    • Filippo Valsorda's avatar
      crypto/tls: implement (*ClientHelloInfo).SupportsCertificate · dd017384
      Filippo Valsorda authored
      We'll also use this function for a better selection logic from
      Config.Certificates in a later CL.
      
      Updates #32426
      
      Change-Id: Ie239574d02eb7fd2cf025ec36721c8c7e082d0bc
      Reviewed-on: https://go-review.googlesource.com/c/go/+/205057Reviewed-by: default avatarKatie Hockman <katie@golang.org>
      dd017384
    • Filippo Valsorda's avatar
      crypto/tls: refactor certificate and signature algorithm logic · ec732632
      Filippo Valsorda authored
      This refactors a lot of the certificate support logic to make it cleaner
      and reusable where possible. These changes will make the following CLs
      much simpler.
      
      In particular, the heavily overloaded pickSignatureAlgorithm is gone.
      That function used to cover both signing and verifying side, would work
      both for pre-signature_algorithms TLS 1.0/1.1 and TLS 1.2, and returned
      sigalg, type and hash.
      
      Now, TLS 1.0/1.1 and 1.2 are differentiated at the caller, as they have
      effectively completely different logic. TLS 1.0/1.1 simply use
      legacyTypeAndHashFromPublicKey as they employ a fixed hash function and
      signature algorithm for each public key type. TLS 1.2 is instead routed
      through selectSignatureScheme (on the signing side) or
      isSupportedSignatureAlgorithm (on the verifying side) and
      typeAndHashFromSignatureScheme, like TLS 1.3.
      
      On the signing side, signatureSchemesForCertificate was already version
      aware (for PKCS#1 v1.5 vs PSS support), so selectSignatureScheme just
      had to learn the Section 7.4.1.4.1 defaults for a missing
      signature_algorithms to replace pickSignatureAlgorithm.
      
      On the verifying side, pickSignatureAlgorithm was also checking the
      public key type, while isSupportedSignatureAlgorithm +
      typeAndHashFromSignatureScheme are not, but that check was redundant
      with the one in verifyHandshakeSignature.
      
      There should be no major change in behavior so far. A few minor changes
      came from the refactor: we now correctly require signature_algorithms in
      TLS 1.3 when using a certificate; we won't use Ed25519 in TLS 1.2 if the
      client didn't send signature_algorithms; and we don't send
      ec_points_format in the ServerHello (a compatibility measure) if we are
      not doing ECDHE anyway because there are no mutually supported curves.
      
      The tests also got simpler because they test simpler functions. The
      caller logic switching between TLS 1.0/1.1 and 1.2 is tested by the
      transcript tests.
      
      Updates #32426
      
      Change-Id: Ice9dcaea78d204718f661f8d60efdb408ba41577
      Reviewed-on: https://go-review.googlesource.com/c/go/+/205061Reviewed-by: default avatarKatie Hockman <katie@golang.org>
      ec732632
    • Dmitri Shuralyov's avatar
      go/doc: add NewFromFiles with support for classifying examples · 4faada90
      Dmitri Shuralyov authored
      This CL is based on work started by Joe Tsai in CL 94855.
      It's rebased on top of the latest master branch, and
      addresses various code review comments and findings
      from attempting to use the original CL in practice.
      
      The testing package documents a naming convention for examples
      so that documentation tools can associate them with:
      
      • a package (Example or Example_suffix)
      • a function F (ExampleF or ExampleF_suffix)
      • a type T (ExampleT or ExampleT_suffix)
      • a method T.M (ExampleT_M or ExampleT_M_suffix)
      
      This naming convention is in widespread use and enforced
      via existing go vet checks.
      
      This change adds first-class support for classifying examples
      to go/doc, the package responsible for computing package
      documentation from Go AST.
      
      There isn't a way to supply test files to New that works well.
      External test files may have a package name with "_test" suffix,
      so ast.NewPackage may end up using the wrong package name if given
      test files. A workaround is to add test files to *ast.Package.Files
      after it is returned from ast.NewPackage:
      
      	pkg, _ := ast.NewPackage(fset, goFiles, ...)
      	for name, f := range testGoFiles {
      		pkg.Files[name] = f
      	}
      	p := doc.New(pkg, ...)
      
      But that is not a good API.
      
      After nearly 8 years, a new entry-point is added to the go/doc
      package, the function NewFromFiles. It accepts a Go package in
      the form of a list of parsed Go files (including _test.go files)
      and an import path. The caller is responsible with filtering out
      files based on build constraints, as was the case before with New.
      NewFromFiles computes package documentation from .go files,
      extracts examples from _test.go files and classifies them.
      
      Examples fields are added to Package, Type, and Func. They are
      documented to only be populated with examples found in _test.go
      files provided to NewFromFiles.
      
      The new behavior is:
      
      1. NewFromFiles computes package documentation from provided
         parsed .go files. It extracts examples from _test.go files.
      2. It assigns each Example to corresponding Package, Type,
         or Func.
      3. It sets the Suffix field in each example to the suffix.
      4. Malformed examples are skipped.
      
      This change implements behavior that matches the current behavior
      of existing godoc-like tools, and will enable them to rely on the
      logic in go/doc instead of reimplementing it themselves.
      
      Fixes #23864
      
      Change-Id: Iae834f2ff92fbd1c93a9bb7c2bf47d619bee05cf
      Reviewed-on: https://go-review.googlesource.com/c/go/+/204830
      Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarRobert Griesemer <gri@golang.org>
      4faada90
  2. 11 Nov, 2019 23 commits
  3. 10 Nov, 2019 8 commits
  4. 09 Nov, 2019 3 commits
    • Fazlul Shahriar's avatar
      cmd/go/internal/lockedfile, os: fix O_CREATE flag on Plan 9 · 78d45607
      Fazlul Shahriar authored
      os.OpenFile was assuming that a failed syscall.Open means the file does
      not exist and it tries to create it. However, syscall.Open may have
      failed for some other reason, such as failing to lock a os.ModeExclusive
      file. We change os.OpenFile to only create the file if the error
      indicates that the file doesn't exist.
      
      Remove skip of TestTransform test, which was failing because sometimes
      syscall.Open would fail due to the file being locked, but the
      syscall.Create would succeed because the file is no longer locked. The
      create was truncating the file.
      
      Fixes #35471
      
      Change-Id: I06583b5f8ac33dc90a51cc4fb64f2d8d9c0c2113
      Reviewed-on: https://go-review.googlesource.com/c/go/+/206299Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      78d45607
    • Filippo Valsorda's avatar
      crypto/tls: add ExampleConfig_VerifyPeerCertificate · 29cfb4d3
      Filippo Valsorda authored
      Setting InsecureSkipVerify and VerifyPeerCertificate is the recommended
      way to customize and override certificate validation.
      
      However, there is boilerplate involved and it usually requires first
      reimplementing the default validation strategy to then customize it.
      Provide an example that does the same thing as the default as a starting
      point.
      
      Examples of where we directed users to do something similar are in
      issues #35467, #31791, #28754, #21971, and #24151.
      
      Fixes #31792
      
      Change-Id: Id033e9fa3cac9dff1f7be05c72dfb34b4f973fd4
      Reviewed-on: https://go-review.googlesource.com/c/go/+/193620Reviewed-by: default avatarAdam Langley <agl@golang.org>
      29cfb4d3
    • Rhys Hiltner's avatar
      sync: yield to the waiter when unlocking a starving mutex · 7148478f
      Rhys Hiltner authored
      When we have already assigned the semaphore ticket to a specific
      waiter, we want to get the waiter running as fast as possible since
      no other G waiting on the semaphore can acquire it optimistically.
      
      The net effect is that, when a sync.Mutex is contended, the code in
      the critical section guarded by the Mutex gets a priority boost.
      
      Fixes #33747
      
      The original work was done in CL 200577 by Carlo Alberto Ferraris. The
      change was reverted in CL 205817 because it broke the linux-arm64-packet
      and solaris-amd64-oraclerel builders.
      
      Change-Id: I76d79b1d63fd206ed1c57fe6900cb7ae9e4d46cb
      Reviewed-on: https://go-review.googlesource.com/c/go/+/206180
      Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      7148478f