Change-Id: I2230a97c681406f248b7f2fff45dd80a4b54a4b3
Reviewed-on: https://go-review.googlesource.com/c/go/+/183357Reviewed-by: Ian Lance Taylor <iant@golang.org>

If reading 0 bytes, don't return the error from the underlying
io.Reader if there is still data buffered.

Fixes #32693

Change-Id: I12a97bd6003c638c15d41028942f27edf88340e2
Reviewed-on: https://go-review.googlesource.com/c/go/+/182997
Run-TryBot: Robert Griesemer <gri@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Robert Griesemer <gri@golang.org>

Change-Id: I8f0e109053bbbd8bde4fa64059fd070d8f4acef2
Reviewed-on: https://go-review.googlesource.com/c/go/+/183117Reviewed-by: Adam Langley <agl@golang.org>

The RFC recommends checking the X25519 output to ensure it's not the
zero value, to guard against peers trying to remove contributory
behavior.

In TLS there should be enough transcript involvement to mitigate any
attack, and the RSA key exchange would suffer from the same issues by
design, so not proposing a backport.

See #31846

Change-Id: I8e657f8ee8aa72c3f8ca3b124555202638c53f5e
Reviewed-on: https://go-review.googlesource.com/c/go/+/183039
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

Removed cross-dependencies between handshake_server_test.go and
handshake_client_test.go; moved all initialization to TestMain; replaced
SSLKEYLOGFILE environment variable with -keylog flag.

Change-Id: Ida6712daa44e01a2c00658e8a1896087ee88bcb0
Reviewed-on: https://go-review.googlesource.com/c/go/+/183057
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>

Fixes #32661.

Change-Id: I32dc4e7b276b95ac2e87a384caa6c48702368d05
Reviewed-on: https://go-review.googlesource.com/c/go/+/183077Reviewed-by: Andrew Bonventre <andybons@golang.org>

Like the android/linux pair, match files with GOOS=solaris if
GOOS=illumos

Follow-up for CL 174457

Fixes #32370
Updates #20603

Change-Id: Id01de8bb3990d7bbb22f735a4abed2b3cf8b4062
Reviewed-on: https://go-review.googlesource.com/c/go/+/179997
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Benny Siegert <bsiegert@gmail.com>
Reviewed-by: Bryan C. Mills <bcmills@google.com>

A missing operand to mergePoint caused lower to place values
in the wrong blocks.

Includes test, belt+suspenders to do both ssa check and verify
the output (was is how the bug was originally observed).

The fixed bug here is very likely present in Go versions
1.9-1.12 on amd64 and s390x

Fixes #32680.

Change-Id: I63e702c4c40602cb795ef71b1691eb704d38ccc7
Reviewed-on: https://go-review.googlesource.com/c/go/+/183059
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Cherry Zhang <cherryyz@google.com>

This was caused by CL 167748, which removed a special case for command
line arguments starting with "cmd/". This CL restores the behavior
from go1.12.

Fixes #32674

Change-Id: I72180d11fb0261ef0af9632e512bd9c03481b6c0
Reviewed-on: https://go-review.googlesource.com/c/go/+/183058
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>

Change-Id: I4ddbe22061579383ca47e14d0b64a74365fb3d19
Reviewed-on: https://go-review.googlesource.com/c/go/+/182797Reviewed-by: Katie Hockman <katie@golang.org>

Signing with RSA-PSS can uncover faulty crypto.Signer implementations,
and it can fail for (broken) small keys. We'll have to take that
breakage eventually, but it would be nice for it to be opt-out at first.

TLS 1.3 requires RSA-PSS and is opt-out in Go 1.13. Instead of making a
TLS 1.3 opt-out influence a TLS 1.2 behavior, let's wait to add RSA-PSS
to TLS 1.2 until TLS 1.3 is on without opt-out.

Note that since the Client Hello is sent before a protocol version is
selected, we have to advertise RSA-PSS there to support TLS 1.3.
That means that we still support RSA-PSS on the client in TLS 1.2 for
verifying server certificates, which is fine, as all issues arise on the
signing side. We have to be careful not to pick (or consider available)
RSA-PSS on the client for client certificates, though.

We'd expect tests to change only in TLS 1.2:

    * the server won't pick PSS to sign the key exchange
      (Server-TLSv12-* w/ RSA, TestHandshakeServerRSAPSS);
    * the server won't advertise PSS in CertificateRequest
      (Server-TLSv12-ClientAuthRequested*, TestClientAuth);
    * and the client won't pick PSS for its CertificateVerify
      (Client-TLSv12-ClientCert-RSA-*, TestHandshakeClientCertRSAPSS,
      Client-TLSv12-Renegotiate* because "R" requests a client cert).

Client-TLSv13-ClientCert-RSA-RSAPSS was updated because of a fix in the test.

This effectively reverts 88343530.

Testing was made more complex by the undocumented semantics of OpenSSL's
-[client_]sigalgs (see openssl/openssl#9172).

Updates #32425

Change-Id: Iaddeb2df1f5c75cd090cc8321df2ac8e8e7db349
Reviewed-on: https://go-review.googlesource.com/c/go/+/182339Reviewed-by: Adam Langley <agl@golang.org>

Change-Id: I6338bba2a86fb27421f91203a04b39830bae1e52
Reviewed-on: https://go-review.googlesource.com/c/go/+/182800Reviewed-by: Cherry Zhang <cherryyz@google.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>

For later versions of MacOS, the dynamic loader is more picky about
enforcing restrictions on __DWARF MachO load commands/segments,
triggering aborts of the form

  dyld: malformed mach-o image: segment __DWARF has vmsize < filesize

for Go programs that use cgo on Darwin. The error is being triggered
because the Go linker is setting "vmsize" in the DWARF segment entry
to zero as a way to signal that the DWARF doesn't need to be mapped
into memory at runtime (which we need to continue to do).

This patch changes the initial protection on the __DWARF segment to
zero, which dyld seems to be happy with (this is used for other similar
non-loadable sections such as __LLVM).

Fixes #32673

Change-Id: I9a73449c6d26c172f3d70361719943af381f37e6
Reviewed-on: https://go-review.googlesource.com/c/go/+/182958
Run-TryBot: Than McIntosh <thanm@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Cherry Zhang <cherryyz@google.com>

Refer to Val.Ctype method instead of non-existed n.ValCtype one.

Change-Id: Ie0fbcae87d9f4f97632865676309d98e0b5138c4
Reviewed-on: https://go-review.googlesource.com/c/go/+/182561
Run-TryBot: Cuong Manh Le <cuong.manhle.vn@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Matthew Dempsky <mdempsky@google.com>

Change-Id: I17b156e77f279e1387ad27ab0e41ae8f50c9a325
Reviewed-on: https://go-review.googlesource.com/c/go/+/182857Reviewed-by: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Austin Clements <austin@google.com>

Fix a stale reference to Apple's Mach-O file format reference in the
header comment.

Change-Id: I5f120fd5bf31ee0b8b29a33879305abb31a7913d
Reviewed-on: https://go-review.googlesource.com/c/go/+/182957Reviewed-by: Ian Lance Taylor <iant@golang.org>

Previously, when we resolved a commit hash (not a complete version),
we always checked the contents of the module cache for any
pseudo-version matching that commit.

However, there are many possible names for a given commit. Generally
the semantically-highest valid name is the best, and that may change
over time as new tags are added, so if we are able to fetch a better
name from upstream we should do so. Otherwise, we should fall back to
the highest appropriate name found in the cache.

Fixes #27171
Updates #27173

Change-Id: Ib5c7d99eb463af84674e969813039cbbee7e395b
Reviewed-on: https://go-review.googlesource.com/c/go/+/182178
Run-TryBot: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Jay Conrod <jayconrod@google.com>
Reviewed-by: roger peppe <rogpeppe@gmail.com>

Change-Id: I5f57acd5e970b3fec5f33cfceee179235cbf739f
Reviewed-on: https://go-review.googlesource.com/c/go/+/182877Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>

CL 46434 changed the doc for Server.IdleTimeout to include
falling back to Server.ReadHeaderTimeout if both
Server.IdleTimeout and Server.ReadTimeout are zero.
However, we explicitly set the ReadDeadlines firstly based
off Server.IdleTimeout or Server.ReadTimeout before attempting
to read the next request, thus the current doc is incorrect.

This CL reverts CL 46434 and also updates the doc for
Server.ReadHeaderTimeout to documenting falling back
to Server.ReadTimeout, if the former is zero, otherwise
there is no timeout.

Fixes #32053

Change-Id: I43dd0252d1bcee6c29a8529abd84c84a49b2fba9
GitHub-Last-Rev: e1cdb599772476e0b52d9d2374c3ea3893844eb4
GitHub-Pull-Request: golang/go#32164
Reviewed-on: https://go-review.googlesource.com/c/go/+/178337Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>

Change-Id: I05d4ff3d3a31f56c9ceebdaceb39535a1351b26a
Reviewed-on: https://go-review.googlesource.com/c/go/+/182701Reviewed-by: Andrew Bonventre <andybons@golang.org>

Broadened the regular expression used to test error messages for
failing to connect to "localhost.localdev/sumdb". Some DNS servers
resolve unknown domains like "localhost.localdev" to real IP addresses
to serve ads. We may get a variety of error messages.

Fixes #31779

Change-Id: Ib389c633c9a9f70f8e89bbcba5282a375da4e708
Reviewed-on: https://go-review.googlesource.com/c/go/+/182799
Run-TryBot: Jay Conrod <jayconrod@google.com>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>

Change-Id: I54dc8afc33d6f8946d2c79b0339118fa3710a688
Reviewed-on: https://go-review.googlesource.com/c/go/+/182618Reviewed-by: Bryan C. Mills <bcmills@google.com>

Change-Id: Icc5083a3de0c6b737bfc20b573ed785651910148
Reviewed-on: https://go-review.googlesource.com/c/go/+/182461Reviewed-by: Andrew Bonventre <andybons@golang.org>

There is a subtle distinction between a value
*being* the zero value vs being *equal to* the zero value.
This was discussed at length in #31450.

Using "a zero value" in the docs suggests that there may
be more than zero value. That is possible on the "equal to
zero value" reading, but not the "is zero" reading that we
selected for the semantics of IsZero.

This change attempts to prevent any confusion on this front by
switching to "the zero value" in the documentation.

And while we're here, eliminate a double-space.
(Darn macbook keyboards.)

Change-Id: Iaa02ba297438793f5a90be9919a4d53baef92f8e
Reviewed-on: https://go-review.googlesource.com/c/go/+/182617
Run-TryBot: Josh Bleecher Snyder <josharian@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

Change-Id: I692229a5597a6114a7f4261f7b59c58bf20f3e2b
GitHub-Last-Rev: ab173354caa63345d38a625705aea0c660cfdb9b
GitHub-Pull-Request: golang/go#32660
Reviewed-on: https://go-review.googlesource.com/c/go/+/182677Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

This fixes a regression introduced in CL 180337. When we query a
module at "latest" that has no tagged versions, we tried to use ""
as the version because we used info.Name instead of info.Version. This
only happened when using a proxy: in direct mode, info.Name is set to
the underlying VCS revision, which is fine.

Also: serve "/mod/path/@latest" through our test proxy.
Previously, we served a 404, which made this bug hard to detect.

Fixes #32636

Change-Id: I5c60975656297f862cad66675170e819685ebd39
Reviewed-on: https://go-review.googlesource.com/c/go/+/182697
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>

This change updates the doc comments of the various ParseGlob functions
and methods to state that they use the semantics of filepath.Match when
matching the file name pattern.

Fixes #30608

Change-Id: Iee4bdc0a2a2f8647d1f9a910e4d72a5de9204d11
Reviewed-on: https://go-review.googlesource.com/c/go/+/179739Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>

Write release notes for a few reflect, runtime, and syscall changes.

The init randomization has been reverted.

Change-Id: Idae481ca015e325eb7302abaa15b2792312f4c32
Reviewed-on: https://go-review.googlesource.com/c/go/+/181577Reviewed-by: Austin Clements <austin@google.com>

Add a special case to print a generic nil error when context.err is
nil.

Previously, this case was unchecked, leading to a call to (*Error).Error
with a nil receiver, which was triggering a nil pointer access. However,
this bug was masked by the panic-recovery code in package fmt.

I tested this change by running `dlv test` in src/html/template, running
the `continue` command, and verifying that no "bad access" errors are
returned.

Fixes #28854

Change-Id: I0b637b943de003d9efc294f6f1e49b793668d037
Reviewed-on: https://go-review.googlesource.com/c/go/+/181579Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org>

* In doc/install-source.html, clarify the meaning of $GOBIN and
  describe where executables from the Go distribution are
  installed. Also describe $GOPATH, since it provides a default value
  for $GOBIN and may conflict with $GOROOT.
* Add more detail to 'go help install' as well.

Fixes #31576

Change-Id: Ib8a8c21677c3aa0ebef97a3b587b6f8fe338b80e
Reviewed-on: https://go-review.googlesource.com/c/go/+/182341
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>

Fixes the test on the linux-arm64-packet builder.

Change-Id: Icaf9edf9542f4f6e3791ca43298a1e7051eaa576
Reviewed-on: https://go-review.googlesource.com/c/go/+/182378
Run-TryBot: Elias Naur <mail@eliasnaur.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

It is forbidden by App Store.

Fixes #31628

Change-Id: Ie6d14a524ee55b57af8db685f3a79f474733add5
Reviewed-on: https://go-review.googlesource.com/c/go/+/182297
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Keith Randall <khr@golang.org>

Change-Id: Icfd5b9d1ca757081af7885189ae7094fa1b3d8f1
Reviewed-on: https://go-review.googlesource.com/c/go/+/182377
Run-TryBot: Elias Naur <mail@eliasnaur.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>

Changes Darwin semaphore support from using pthread mutexes and
condition variables to using dispatch semaphores. Signaling a dispatch
semaphore is async-signal-safe.

Fixes #31264

Change-Id: If0ce47623501db13e3804b14ace5f4d8eaef461e
Reviewed-on: https://go-review.googlesource.com/c/go/+/182258Reviewed-by: Elias Naur <mail@eliasnaur.com>
Reviewed-by: Keith Randall <khr@golang.org>

Change-Id: I0ee4b4f0211cd12803ab33976669350d9dd615f3
Reviewed-on: https://go-review.googlesource.com/c/go/+/181944Reviewed-by: Andrew Bonventre <andybons@golang.org>

Change-Id: Ifd330053094c172b7dcd9086da173289efc7f9b8
Reviewed-on: https://go-review.googlesource.com/c/go/+/181942Reviewed-by: Katie Hockman <katie@golang.org>
Reviewed-by: Andrew Bonventre <andybons@golang.org>

Currently, 'go get -u' and 'go get -u=patch' avoid accidentally
downgrading modules by preventing upgrades in two cases:

1) If the current version is a prerelease that is semantically later
   than the "latest" or "patch" version.
2) If the current version is a pseudoversion that is chronologically
   newer than the "latest" or "patch" version.

With this change, 'go get m@latest' and 'go get m@patch' prevent
downgrades using the same checks.

Also: 'go get m@patch' now works if m is a module path but not a
package path (i.e., there is no package in the module root directory).

Fixes #30634
Fixes #32537

Change-Id: I916630c385b5f3ba7c13e0d65ba08f73a1a67829
Reviewed-on: https://go-review.googlesource.com/c/go/+/180337
Run-TryBot: Jay Conrod <jayconrod@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>

Change-Id: I4c52d9bcf941810dbdfdd39e7f339c8283d6bcc7
Reviewed-on: https://go-review.googlesource.com/c/go/+/181937Reviewed-by: Katie Hockman <katie@golang.org>

Pick up asm ppc64le implementations for internal/chacha20 and
poly1305.

Change-Id: Ide6fc91da3b10d1c3d9e8e00957c52be06a3cf93
Reviewed-on: https://go-review.googlesource.com/c/go/+/181877
Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Carlos Eduardo Seo <cseo@linux.vnet.ibm.com>

Change-Id: I2a0bd295ad9737581d149a7165191b878ae2acda
Reviewed-on: https://go-review.googlesource.com/c/go/+/181880Reviewed-by: Ian Lance Taylor <iant@golang.org>