- 14 Dec, 2018 6 commits
-
-
Filippo Valsorda authored
That number grows quadratically with the number of intermediate certificates in certain pathological cases (for example if they all have the same Subject) leading to a CPU DoS. Set a fixed budget that should fit all real world chains, given we only look at intermediates provided by the peer. The algorithm can be improved, but that's left for follow-up CLs: * the cache logic should be reviewed for correctness, as it seems to override the entire chain with the cached one * the equality check should compare Subject and public key, not the whole certificate * certificates with the right SKID but the wrong Subject should not be considered, and in particular should not take priority over certificates with the right Subject Fixes #29233 Change-Id: Ib257c12cd5563df7723f9c81231d82b882854213 Reviewed-on: https://team-review.git.corp.google.com/c/370475Reviewed-by: Andrew Bonventre <andybons@google.com> Reviewed-on: https://go-review.googlesource.com/c/154105Reviewed-by: Filippo Valsorda <filippo@golang.org> Run-TryBot: Filippo Valsorda <filippo@golang.org>
-
Bryan C. Mills authored
This fixes a regression of #18660 with the new path checks. Updates #29230 Change-Id: I2dd9adab999e7f810e0e746ad8b75ea9622f56e7 Reviewed-on: https://team-review.git.corp.google.com/c/370578Reviewed-by: Russ Cox <rsc@google.com> Reviewed-on: https://go-review.googlesource.com/c/154104Reviewed-by: Bryan C. Mills <bcmills@google.com>
-
Bryan C. Mills authored
This should be a no-op, but produces deterministic (and more correct) behavior if we have accidentally failed to sanitize one of the inputs. Updates #29231 Change-Id: I1271d0ffd01a691ec8c84906c4e02d9e2be19c72 Reviewed-on: https://team-review.git.corp.google.com/c/370575Reviewed-by: Russ Cox <rsc@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-on: https://go-review.googlesource.com/c/154103Reviewed-by: Bryan C. Mills <bcmills@google.com>
-
Bryan C. Mills authored
Updates #29230 Change-Id: Ia32d8ec1fc0c4e242f50d8871c0ef3ce315f3c65 Reviewed-on: https://team-review.git.corp.google.com/c/370571Reviewed-by: Russ Cox <rsc@google.com> Reviewed-on: https://go-review.googlesource.com/c/154102Reviewed-by: Bryan C. Mills <bcmills@google.com>
-
Bryan C. Mills authored
On some platforms, directories beginning with dot are treated as hidden files, and filenames containing unusual characters can be confusing for users to manipulate (and delete). Fixes #29230 Fixes #29231 Change-Id: Ic6f97f577d8fafa83ef62438095a5c7ae022881a Reviewed-on: https://team-review.git.corp.google.com/c/368507Reviewed-by: Russ Cox <rsc@google.com> Reviewed-on: https://go-review.googlesource.com/c/154101Reviewed-by: Bryan C. Mills <bcmills@google.com>
-
Joe Tsai authored
To fix #5043, we added logic to allow balanced pairs of parenthesis so that we could match URLs like: http://example.com/some_resource(foo) Howewer, such logic breaks when parsing something like the following: art by [https://example.com/person][Person Name]]. such that the following is considered the link: https://example.com/person][Person Since the logic added in #5043 was just a heuristic, we adjust the heuristic that in addition to requiring balanced pairs, the first parenthesis must be an opening one. For further robustness, we apply this heuristic to parenthesis, braces, and brackets. Fixes #22285 Change-Id: I23b728a644e35ce3995b05a79129cad2c1e3b1ce Reviewed-on: https://go-review.googlesource.com/c/94876 Run-TryBot: Robert Griesemer <gri@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Robert Griesemer <gri@golang.org>
-
- 13 Dec, 2018 25 commits
-
-
Ian Lance Taylor authored
Fixes #26532 Change-Id: Ic086c90503c7b24982f947c828c7ccf016ddbf69 Reviewed-on: https://go-review.googlesource.com/c/154120 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Evan Klitzke authored
Fixes #26053 Change-Id: Ic2052b1d0d4e0826a217a520c83d7bb0995ea72a GitHub-Last-Rev: 5a3eea3dd22b0a194591ce2294b88cb340df1e8d GitHub-Pull-Request: golang/go#26054 Reviewed-on: https://go-review.googlesource.com/c/120835Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
-
Ian Lance Taylor authored
Fixes #25707 Change-Id: Idfa379db8cc0e105ea68455ec0b4a0dbc1b3f485 Reviewed-on: https://go-review.googlesource.com/c/153827 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Rob Pike <r@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Robert Griesemer authored
The s390x implementations for Sin/Cos/SinCos/Tan use assembly routines which don't reduce arguments accurately enough for huge inputs. Fixes #29221. Change-Id: I340f576899d67bb52a553c3ab22e6464172c936d Reviewed-on: https://go-review.googlesource.com/c/154119 Run-TryBot: Robert Griesemer <gri@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Bryan C. Mills authored
chown is not implemented on js: see https://build.golang.org/log/43d7b12602660b786a6e080e685165193df0de00. Change-Id: I3f461338825bb670d682c3f47b17ee1638343fc8 Reviewed-on: https://go-review.googlesource.com/c/154097 Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Than McIntosh authored
Avoid running the test for issue 29198 if the available copy of gccgo is too old (needs to support context package). Fixes a failure on the solaris builder. Updates #29198. Change-Id: I2b1b3438f4ac105432f30078fbef78e24f2077cd Reviewed-on: https://go-review.googlesource.com/c/153831 Run-TryBot: Than McIntosh <thanm@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Brian Kessler authored
The previous comment mis-stated the number of bits in mPi4. The correct value is 19*64 + 1 == 1217 bits. Change-Id: Ife971ff6936ce2d5b81ce663ce48044749d592a0 Reviewed-on: https://go-review.googlesource.com/c/154017Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Brad Fitzpatrick authored
To x/sys git rev 4d1cda033e0619309c606fc686de3adcf599539e Fixes #29224 Change-Id: I696c815b4c2d26e8340c77cb77d1a37245c40ed2 Reviewed-on: https://go-review.googlesource.com/c/154117 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Brad Fitzpatrick authored
Updates #28711 Change-Id: I03139a394fdf0540db07d6d1e38b3fa223b06d58 Reviewed-on: https://go-review.googlesource.com/c/154059Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
dupoxy authored
Change-Id: I36cc0b68a5a47ac78982b05118c58723c9c6648c GitHub-Last-Rev: 0704d9569407d8b84d1ddcf845b759f7daa91ec1 GitHub-Pull-Request: golang/go#29203 Reviewed-on: https://go-review.googlesource.com/c/153842 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Katie Hockman authored
Change-Id: I30686cbeda34f42d5b1848b884588a76a9fb28b9 Reviewed-on: https://go-review.googlesource.com/c/152741Reviewed-by: Andrew Bonventre <andybons@golang.org>
-
Bryan C. Mills authored
We expect major version v1 to not have a /v1 suffix. (Such a suffix on the package path is fine, but not on the module path.) Fixes #26375 Change-Id: I4206ded82ede36440cedfaf39875c38b9c95dc27 Reviewed-on: https://go-review.googlesource.com/c/153823 Run-TryBot: Bryan C. Mills <bcmills@google.com> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com>
-
Richard Musiol authored
The name "Callback" does not fit to all use cases of js.Callback. This commit changes its name to Func. Accordingly NewCallback gets renamed to FuncOf, which matches ValueOf and TypedArrayOf. The package syscall/js is currently exempt from Go's compatibility promise and js.Callback is already affected by a breaking change in this release cycle. See #28711 for details. Fixes #28711 Change-Id: I2c380970c3822bed6a3893909672c15d0cbe9da3 Reviewed-on: https://go-review.googlesource.com/c/153559 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Joel Sing authored
Update sigcontext and siginfo structs to match those currently in use by OpenBSD armv7. Also correct the offset of the fault address field in the siginfo struct, which moved due to the switch to EABI. Change-Id: Icdd95222346239fcc04b95ae0fcefae09b7aa044 Reviewed-on: https://go-review.googlesource.com/c/154077Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Andrew Bonventre authored
Change-Id: I5112be3b0f80ef1d9dad234b1f233e598465a409 Reviewed-on: https://go-review.googlesource.com/c/153824Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Elias Naur authored
The getdirentries syscall is considered private API on iOS and is rejected by the App Store submission checks. Replace it with the fdopendir/readdir_r/closedir syscalls. Fixes #28984 Change-Id: I73341b124310e9cb34834a95f946769f337ec5b7 Reviewed-on: https://go-review.googlesource.com/c/153338Reviewed-by: Keith Randall <khr@golang.org>
-
Mark Pulford authored
mkdir(2) inherits the parent directory group on *BSD (including Darwin), and it may inherit on other platforms if the parent directory is SetGID. This can cause TestRespectSetgidDir SetGID to fail when the process does not have have permission for the inherited group on the new temporary directory. Fixes #29160 Change-Id: Iac05511e501dfe307a753f801223b1049cc0947d Reviewed-on: https://go-review.googlesource.com/c/153357Reviewed-by: Bryan C. Mills <bcmills@google.com> Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Lynn Boger authored
This increases the time to wait from 1 to 2 seconds in the TestAtomicStop testcase. When running with gccgo on ppc64 & ppc64le on a loaded systems these testcases can intermittently fail with the current value. Updates #29046 Change-Id: If420274dd65926d933a3024903b5c757c300bd60 Reviewed-on: https://go-review.googlesource.com/c/153826 Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Robert Griesemer authored
This is a minor follow-up on https://golang.org/cl/153059. TBR=iant Updates #6794. Change-Id: I03657dafc572959d46a03f86bbeb280825bc969d Reviewed-on: https://go-review.googlesource.com/c/153845Reviewed-by: Robert Griesemer <gri@golang.org>
-
Brian Kessler authored
This change implements Payne-Hanek range reduction by Pi/4 to properly calculate trigonometric functions of huge arguments. The implementation is based on: "ARGUMENT REDUCTION FOR HUGE ARGUMENTS: Good to the Last Bit" K. C. Ng et al, March 24, 1992 The major difference with the reference is that the simulated multi-precision calculation of x*B is implemented using 64-bit integer arithmetic rather than floating point to ease extraction of the relevant bits of 4/Pi. The assembly implementations for 386 were removed since the trigonometric instructions only use a 66-bit representation of Pi internally for reduction. It is not possible to use these instructions and maintain accuracy without a prior accurate reduction in software as recommended by Intel. Fixes #6794 Change-Id: I31bf1369e0578891d738c5473447fe9b10560196 Reviewed-on: https://go-review.googlesource.com/c/153059Reviewed-by: Robert Griesemer <gri@golang.org> Run-TryBot: Robert Griesemer <gri@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Jordan Rhee authored
Updates #26148 Change-Id: Ide1fe821cc061a08488df9d40878131f37f894c9 Reviewed-on: https://go-review.googlesource.com/c/153844 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Joel Sing authored
Update golang.org/x/sys/unix to revision b05ddf57801d2239d6ab0ee35f9d981e0420f4ac. Changes exist in upstream golang.org/x/sys/unix, which allow for code to work and tests to pass on openbsd/arm. Change-Id: Iecc8598681a23cb0466f94c914f0e605a6fc64d7 Reviewed-on: https://go-review.googlesource.com/c/153838Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
-
Joel Sing authored
The OpenBSD armv7 port requires 64-bit alignment for cmsgs. Rework the cmsg alignment code to facilitate this. Change-Id: I52cf55a8a4cda46c6ef35b0f694862b842028b42 Reviewed-on: https://go-review.googlesource.com/c/153837 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
dupoxy authored
Change-Id: I6b0d470bdedb92844943c8e5823e214d6a7471cf GitHub-Last-Rev: 4a135000ba9c23a588b960e5b2989710cc71e3e2 GitHub-Pull-Request: golang/go#29199 Reviewed-on: https://go-review.googlesource.com/c/153840Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Brad Fitzpatrick authored
Change-Id: I2ff29aa9909be3062fcd5f65af261f5d8c46fbc1 Reviewed-on: https://go-review.googlesource.com/c/153843Reviewed-by: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
- 12 Dec, 2018 9 commits
-
-
Muhammad Falak R Wani authored
Context.BuildTags is not set when you read go/build.Default.BuildTags. It's only used by (*BuildTags).Import, etc. Fixes: #27320 Change-Id: I97e5f1923c410b48f70be8c15938a7e04a178e3f Reviewed-on: https://go-review.googlesource.com/c/131975Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Jordan Rhee authored
TestCPUProfileLabel was failing on windows/arm because the link register was not being passed to sigprof(). The link register is required to generate a correct traceback. With this change, all tests in runtime.pprof are now passing. Updates #26148 Change-Id: Ia693b34278dc08a98023751ff1a922d9eee8fdd6 Reviewed-on: https://go-review.googlesource.com/c/153839 Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Bryan C. Mills authored
Allow GOCACHE=off only for operations that never actually write anything to the cache (in which case the GOCACHE setting should not matter at all). Fixes #29127 Change-Id: I733d02cd2fbcf3671f5adcfb73522865d131e360 Reviewed-on: https://go-review.googlesource.com/c/153462 Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com>
-
Than McIntosh authored
The changes added in https://golang.org/cl/151997 to fix problems when reading older export data introduced the ability to add "fixups" to handle references to a type whose definition has not yet been finalized. It turns out we need to allow for fixups even for more recent export data (V2 and V3); this patch removes a version guard for the fixup generation logic. Fixes #29198. Change-Id: I82136ac45b53e4a59c05ff0879ac6bb545d0ff31 Reviewed-on: https://go-review.googlesource.com/c/153821 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org>
-
Hana Kim authored
It's similar to what cmd/go/internal/web package does when cfg.BuildV is set. The web2 package is what cmd/go/internal/modfetch uses, so this change allows us to trace web requests go get command in module mode sends for modfetch. Change-Id: If387efd8a8698c816bf267d1e6c6766fd357c298 Reviewed-on: https://go-review.googlesource.com/c/153640 Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com> Reviewed-by: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org>
-
Andrew Bonventre authored
golang.org/cl/147117 increased the number of arguments permitted by Proc.Call on Windows, but the doc comment was never updated. Change-Id: Iea5eb9e0aafbc1025d5fcb8665d028b2254c183a Reviewed-on: https://go-review.googlesource.com/c/153825Reviewed-by: Channing Kimble-Brown <ckimblebrown@google.com> Reviewed-by: Andrew Bonventre <andybons@golang.org>
-
Bryan C. Mills authored
Tested manually. Before: $ go mod init golang.org/issue/scratch go: creating new go.mod: module golang.org/issue/scratch $ go1.11.2 mod download github.com/rogpeppe/test2@latest go: finding github.com/rogpeppe/test2 v0.0.11 $ find $GOPATH -name goodbye /tmp/tmp.Y8a8UzX3zD/_gopath/pkg/mod/github.com/rogpeppe/test2@v0.0.11/tests/goodbye $ cat $(find $GOPATH -name goodbye) hello After: $ go mod init golang.org/issue/scratch go: creating new go.mod: module golang.org/issue/scratch $ go mod download github.com/rogpeppe/test2@latest go: finding github.com/rogpeppe/test2 v0.0.11 $ find $GOPATH -name goodbye $ find $GOPATH -name hello /tmp/tmp.Zo0jhfLaRs/_gopath/pkg/mod/github.com/rogpeppe/test2@v0.0.11/tests/hello A proper regression test would require one of: • a new entry in the vcs-test server (feasible but tedious, and not easily updated by open-source contributors), or • a way to set up an HTTPS proxy in a script_test, or • a way to explicitly populate the module cache from the contents of a local repository (#28835). Fixes #27093 Updates #28835 Change-Id: I72702a7e791f8815965f0f87c82a30df4d6f0151 Reviewed-on: https://go-review.googlesource.com/c/153819 Run-TryBot: Bryan C. Mills <bcmills@google.com> Reviewed-by: Jay Conrod <jayconrod@google.com>
-
Bryan C. Mills authored
This change encodes the current behavior in mod_clean_cache.txt. A fix for that behavior will probably have to wait for 1.13. Updates #28680 Change-Id: I216b5a783971309cc75187502bddccc58c3a9c35 Reviewed-on: https://go-review.googlesource.com/c/153818 Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com>
-
Bryan C. Mills authored
Fixes #27868 Change-Id: I6c2d221c4325a2f44625e797a82735d812ee0ec1 Reviewed-on: https://go-review.googlesource.com/c/153817 Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com>
-