From 8ea1d32bea88b6968774b14e5bbe90f2280fe997 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Thu, 22 Apr 2021 22:42:33 +0200 Subject: [PATCH] [Vendor] update certmagic (#15590) * update github.com/caddyserver/certmagic v0.12.0 -> v0.13.0 * migrate --- cmd/web_letsencrypt.go | 2 +- go.mod | 14 +- go.sum | 32 +- .../caddyserver/certmagic/README.md | 6 +- .../caddyserver/certmagic/account.go | 139 +-- .../caddyserver/certmagic/acmeclient.go | 193 ++-- .../caddyserver/certmagic/acmemanager.go | 154 +++- .../caddyserver/certmagic/certificates.go | 76 +- .../caddyserver/certmagic/certmagic.go | 24 +- .../caddyserver/certmagic/config.go | 389 +++++--- .../caddyserver/certmagic/crypto.go | 136 +-- .../caddyserver/certmagic/filestorage.go | 19 +- .../github.com/caddyserver/certmagic/go.mod | 5 +- .../github.com/caddyserver/certmagic/go.sum | 12 +- .../caddyserver/certmagic/handshake.go | 326 ++++--- .../caddyserver/certmagic/httphandler.go | 49 +- .../caddyserver/certmagic/maintain.go | 7 +- .../github.com/caddyserver/certmagic/ocsp.go | 27 +- .../caddyserver/certmagic/solvers.go | 127 ++- .../caddyserver/certmagic/storage.go | 16 +- vendor/github.com/miekg/dns/Makefile.release | 2 +- vendor/github.com/miekg/dns/client.go | 2 +- vendor/github.com/miekg/dns/defaults.go | 5 +- vendor/github.com/miekg/dns/dnssec.go | 5 +- vendor/github.com/miekg/dns/dnssec_keygen.go | 3 +- vendor/github.com/miekg/dns/dnssec_keyscan.go | 3 +- vendor/github.com/miekg/dns/dnssec_privkey.go | 3 +- vendor/github.com/miekg/dns/edns.go | 2 +- vendor/github.com/miekg/dns/go.mod | 10 +- vendor/github.com/miekg/dns/go.sum | 47 +- vendor/github.com/miekg/dns/labels.go | 2 +- vendor/github.com/miekg/dns/msg.go | 2 +- vendor/github.com/miekg/dns/privaterr.go | 2 +- vendor/github.com/miekg/dns/scan.go | 4 +- vendor/github.com/miekg/dns/scan_rr.go | 46 +- vendor/github.com/miekg/dns/sig0.go | 4 +- vendor/github.com/miekg/dns/svcb.go | 4 +- vendor/github.com/miekg/dns/types.go | 31 +- vendor/github.com/miekg/dns/version.go | 2 +- vendor/github.com/miekg/dns/zduplicate.go | 21 + vendor/github.com/miekg/dns/zmsg.go | 52 ++ vendor/github.com/miekg/dns/ztypes.go | 14 + .../x/crypto/poly1305/sum_ppc64le.s | 18 +- vendor/golang.org/x/crypto/scrypt/scrypt.go | 23 +- .../x/net/internal/socket/sys_const_unix.go | 7 +- .../x/net/internal/socket/sys_const_zos.go | 18 - .../x/net/internal/socket/sys_posix.go | 6 +- .../x/net/internal/socket/sys_stub.go | 3 + .../x/net/internal/socket/sys_windows.go | 19 +- .../x/net/internal/socket/zsys_aix_ppc64.go | 20 - .../x/net/internal/socket/zsys_darwin_386.go | 20 - .../net/internal/socket/zsys_darwin_amd64.go | 20 - .../x/net/internal/socket/zsys_darwin_arm.go | 20 - .../net/internal/socket/zsys_darwin_arm64.go | 20 - .../internal/socket/zsys_dragonfly_amd64.go | 20 - .../x/net/internal/socket/zsys_freebsd_386.go | 20 - .../net/internal/socket/zsys_freebsd_amd64.go | 20 - .../x/net/internal/socket/zsys_freebsd_arm.go | 20 - .../net/internal/socket/zsys_freebsd_arm64.go | 20 - .../x/net/internal/socket/zsys_linux_386.go | 18 - .../x/net/internal/socket/zsys_linux_amd64.go | 18 - .../x/net/internal/socket/zsys_linux_arm.go | 18 - .../x/net/internal/socket/zsys_linux_arm64.go | 18 - .../x/net/internal/socket/zsys_linux_mips.go | 18 - .../net/internal/socket/zsys_linux_mips64.go | 18 - .../internal/socket/zsys_linux_mips64le.go | 18 - .../net/internal/socket/zsys_linux_mipsle.go | 18 - .../x/net/internal/socket/zsys_linux_ppc64.go | 18 - .../net/internal/socket/zsys_linux_ppc64le.go | 18 - .../net/internal/socket/zsys_linux_riscv64.go | 18 - .../x/net/internal/socket/zsys_linux_s390x.go | 18 - .../x/net/internal/socket/zsys_netbsd_386.go | 20 - .../net/internal/socket/zsys_netbsd_amd64.go | 20 - .../x/net/internal/socket/zsys_netbsd_arm.go | 20 - .../net/internal/socket/zsys_netbsd_arm64.go | 20 - .../x/net/internal/socket/zsys_openbsd_386.go | 20 - .../net/internal/socket/zsys_openbsd_amd64.go | 20 - .../x/net/internal/socket/zsys_openbsd_arm.go | 20 - .../net/internal/socket/zsys_openbsd_arm64.go | 20 - .../internal/socket/zsys_openbsd_mips64.go | 20 - .../net/internal/socket/zsys_solaris_amd64.go | 19 - .../x/net/internal/socket/zsys_zos_s390x.go | 6 +- vendor/golang.org/x/net/ipv4/control_bsd.go | 6 +- vendor/golang.org/x/net/ipv4/control_unix.go | 4 +- vendor/golang.org/x/net/ipv4/sys_aix.go | 3 + vendor/golang.org/x/net/ipv4/sys_bsd.go | 2 + vendor/golang.org/x/net/ipv4/sys_darwin.go | 2 + vendor/golang.org/x/net/ipv4/sys_dragonfly.go | 2 + vendor/golang.org/x/net/ipv4/sys_freebsd.go | 2 + vendor/golang.org/x/net/ipv4/sys_solaris.go | 2 + .../golang.org/x/net/ipv4/zsys_aix_ppc64.go | 4 - vendor/golang.org/x/net/ipv4/zsys_darwin.go | 4 - .../golang.org/x/net/ipv4/zsys_dragonfly.go | 4 - .../golang.org/x/net/ipv4/zsys_freebsd_386.go | 4 - .../x/net/ipv4/zsys_freebsd_amd64.go | 4 - .../golang.org/x/net/ipv4/zsys_freebsd_arm.go | 4 - .../x/net/ipv4/zsys_freebsd_arm64.go | 4 - .../golang.org/x/net/ipv4/zsys_linux_386.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_amd64.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_arm.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_arm64.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_mips.go | 2 - .../x/net/ipv4/zsys_linux_mips64.go | 2 - .../x/net/ipv4/zsys_linux_mips64le.go | 2 - .../x/net/ipv4/zsys_linux_mipsle.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_ppc.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_ppc64.go | 2 - .../x/net/ipv4/zsys_linux_ppc64le.go | 2 - .../x/net/ipv4/zsys_linux_riscv64.go | 2 - .../golang.org/x/net/ipv4/zsys_linux_s390x.go | 2 - vendor/golang.org/x/net/ipv4/zsys_netbsd.go | 4 - vendor/golang.org/x/net/ipv4/zsys_openbsd.go | 4 - vendor/golang.org/x/net/ipv4/zsys_solaris.go | 4 - .../x/net/ipv6/control_rfc3542_unix.go | 12 +- vendor/golang.org/x/net/ipv6/sys_solaris.go | 48 +- vendor/golang.org/x/net/ipv6/sys_zos.go | 42 +- .../golang.org/x/net/ipv6/zsys_aix_ppc64.go | 6 - vendor/golang.org/x/net/ipv6/zsys_darwin.go | 6 - .../golang.org/x/net/ipv6/zsys_dragonfly.go | 6 - .../golang.org/x/net/ipv6/zsys_freebsd_386.go | 6 - .../x/net/ipv6/zsys_freebsd_amd64.go | 6 - .../golang.org/x/net/ipv6/zsys_freebsd_arm.go | 6 - .../x/net/ipv6/zsys_freebsd_arm64.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_386.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_amd64.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_arm.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_arm64.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_mips.go | 6 - .../x/net/ipv6/zsys_linux_mips64.go | 6 - .../x/net/ipv6/zsys_linux_mips64le.go | 6 - .../x/net/ipv6/zsys_linux_mipsle.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_ppc.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_ppc64.go | 6 - .../x/net/ipv6/zsys_linux_ppc64le.go | 6 - .../x/net/ipv6/zsys_linux_riscv64.go | 6 - .../golang.org/x/net/ipv6/zsys_linux_s390x.go | 6 - vendor/golang.org/x/net/ipv6/zsys_netbsd.go | 6 - vendor/golang.org/x/net/ipv6/zsys_openbsd.go | 6 - vendor/golang.org/x/net/ipv6/zsys_solaris.go | 68 -- .../golang.org/x/net/ipv6/zsys_zos_s390x.go | 44 - .../x/sys/unix/fcntl_linux_32bit.go | 4 +- vendor/golang.org/x/sys/unix/ioctl_linux.go | 196 ++++ vendor/golang.org/x/sys/unix/mkerrors.sh | 7 +- vendor/golang.org/x/sys/unix/syscall_linux.go | 176 +--- .../x/sys/unix/syscall_linux_ppc.go | 272 ++++++ .../x/sys/unix/zerrors_linux_ppc.go | 860 ++++++++++++++++++ .../x/sys/unix/zerrors_solaris_amd64.go | 3 + .../x/sys/unix/zerrors_zos_s390x.go | 6 + .../x/sys/unix/zsyscall_linux_ppc.go | 762 ++++++++++++++++ .../x/sys/unix/zsysnum_linux_ppc.go | 433 +++++++++ vendor/golang.org/x/sys/unix/ztypes_linux.go | 15 + .../golang.org/x/sys/unix/ztypes_linux_ppc.go | 627 +++++++++++++ .../x/sys/windows/security_windows.go | 16 +- .../x/text/internal/language/language.go | 90 +- .../x/text/internal/language/parse.go | 28 +- vendor/golang.org/x/text/language/go1_1.go | 1 + vendor/golang.org/x/text/language/go1_2.go | 1 + vendor/golang.org/x/text/language/language.go | 4 + vendor/golang.org/x/text/language/tables.go | 8 +- .../x/text/secure/bidirule/bidirule10.0.0.go | 1 + .../x/text/secure/bidirule/bidirule9.0.0.go | 1 + .../x/text/unicode/bidi/tables10.0.0.go | 1 + .../x/text/unicode/bidi/tables11.0.0.go | 1 + .../x/text/unicode/bidi/tables12.0.0.go | 1 + .../x/text/unicode/bidi/tables13.0.0.go | 1 + .../x/text/unicode/bidi/tables9.0.0.go | 1 + .../x/text/unicode/norm/tables10.0.0.go | 1 + .../x/text/unicode/norm/tables11.0.0.go | 1 + .../x/text/unicode/norm/tables12.0.0.go | 1 + .../x/text/unicode/norm/tables13.0.0.go | 1 + .../x/text/unicode/norm/tables9.0.0.go | 1 + .../golang.org/x/text/width/tables10.0.0.go | 1 + .../golang.org/x/text/width/tables11.0.0.go | 1 + .../golang.org/x/text/width/tables12.0.0.go | 1 + .../golang.org/x/text/width/tables13.0.0.go | 1 + vendor/golang.org/x/text/width/tables9.0.0.go | 1 + vendor/modules.txt | 14 +- 177 files changed, 4725 insertions(+), 1984 deletions(-) delete mode 100644 vendor/golang.org/x/net/internal/socket/sys_const_zos.go create mode 100644 vendor/golang.org/x/sys/unix/ioctl_linux.go create mode 100644 vendor/golang.org/x/sys/unix/syscall_linux_ppc.go create mode 100644 vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go create mode 100644 vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go create mode 100644 vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go create mode 100644 vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go diff --git a/cmd/web_letsencrypt.go b/cmd/web_letsencrypt.go index 775439372..387aacce2 100644 --- a/cmd/web_letsencrypt.go +++ b/cmd/web_letsencrypt.go @@ -32,7 +32,7 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) DisableTLSALPNChallenge: !enableTLSALPNChallenge, }) - magic.Issuer = myACME + magic.Issuers = []certmagic.Issuer{myACME} // this obtains certificates or renews them if necessary err := magic.ManageSync([]string{domain}) diff --git a/go.mod b/go.mod index f834d36e7..ad748b827 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/blevesearch/bleve/v2 v2.0.2 github.com/boombuler/barcode v1.0.1 // indirect github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b // indirect - github.com/caddyserver/certmagic v0.12.0 + github.com/caddyserver/certmagic v0.13.0 github.com/chi-middleware/proxy v1.1.1 github.com/couchbase/go-couchbase v0.0.0-20210224140812-5740cd35f448 // indirect github.com/couchbase/gomemcached v0.1.2 // indirect @@ -75,7 +75,6 @@ require ( github.com/klauspost/pgzip v1.2.5 // indirect github.com/lafriks/xormstore v1.4.0 github.com/lib/pq v1.9.0 - github.com/libdns/libdns v0.2.0 // indirect github.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96 github.com/mailru/easyjson v0.7.7 // indirect github.com/markbates/goth v1.67.1 @@ -84,10 +83,9 @@ require ( github.com/mattn/go-sqlite3 v1.14.6 github.com/mgechev/dots v0.0.0-20190921121421-c36f7dcfbb81 github.com/mgechev/revive v1.0.3 - github.com/mholt/acmez v0.1.3 // indirect github.com/mholt/archiver/v3 v3.5.0 github.com/microcosm-cc/bluemonday v1.0.7 - github.com/miekg/dns v1.1.40 // indirect + github.com/miekg/dns v1.1.41 // indirect github.com/minio/md5-simd v1.1.2 // indirect github.com/minio/minio-go/v7 v7.0.10 github.com/minio/sha256-simd v1.0.0 // indirect @@ -135,11 +133,11 @@ require ( go.jolheiser.com/pwn v0.0.3 go.uber.org/multierr v1.6.0 // indirect go.uber.org/zap v1.16.0 // indirect - golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 - golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 + golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b + golang.org/x/net v0.0.0-20210421230115-4e50805a0758 golang.org/x/oauth2 v0.0.0-20210220000619-9bb904979d93 - golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 - golang.org/x/text v0.3.5 + golang.org/x/sys v0.0.0-20210421221651-33663a62ff08 + golang.org/x/text v0.3.6 golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba // indirect golang.org/x/tools v0.1.0 gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect diff --git a/go.sum b/go.sum index 9cae17759..8f2755867 100644 --- a/go.sum +++ b/go.sum @@ -185,8 +185,8 @@ github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA= github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b h1:L/QXpzIa3pOvUGt1D1lA5KjYhPBAN/3iWdP7xeFS9F0= github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA= -github.com/caddyserver/certmagic v0.12.0 h1:1f7kxykaJkOVVpXJ8ZrC6RAO5F6+kKm9U7dBFbLNeug= -github.com/caddyserver/certmagic v0.12.0/go.mod h1:tr26xh+9fY5dN0J6IPAlMj07qpog22PJKa7Nw7j835U= +github.com/caddyserver/certmagic v0.13.0 h1:ky0rntZvIFiUKFdIikYxj31WN+Ts0Od6Wjz83iTzxfc= +github.com/caddyserver/certmagic v0.13.0/go.mod h1:dNOzF4iOB7H9E51xTooMB90vs+2XNVtpnx0liQNsQY4= github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ= github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -769,7 +769,6 @@ github.com/lib/pq v1.3.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/lib/pq v1.7.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lib/pq v1.9.0 h1:L8nSXQQzAYByakOFMTwpjRoHsMJklur4Gi59b6VivR8= github.com/lib/pq v1.9.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/libdns/libdns v0.1.0/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40= github.com/libdns/libdns v0.2.0 h1:ewg3ByWrdUrxrje8ChPVMBNcotg7H9LQYg+u5De2RzI= github.com/libdns/libdns v0.2.0/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40= github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= @@ -825,7 +824,6 @@ github.com/mgechev/dots v0.0.0-20190921121421-c36f7dcfbb81 h1:QASJXOGm2RZ5Ardbc8 github.com/mgechev/dots v0.0.0-20190921121421-c36f7dcfbb81/go.mod h1:KQ7+USdGKfpPjXk4Ga+5XxQM4Lm4e3gAogrreFAYpOg= github.com/mgechev/revive v1.0.3 h1:z3FL6IFFN3JKzHYHD8O1ExH9g/4lAGJ5x1+9rPZgsFg= github.com/mgechev/revive v1.0.3/go.mod h1:POGGZagSo/0frdr7VeAifzS5Uka0d0GPiM35MsTO8nE= -github.com/mholt/acmez v0.1.1/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM= github.com/mholt/acmez v0.1.3 h1:J7MmNIk4Qf9b8mAGqAh4XkNeowv3f1zW816yf4zt7Qk= github.com/mholt/acmez v0.1.3/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM= github.com/mholt/archiver/v3 v3.5.0 h1:nE8gZIrw66cu4osS/U7UW7YDuGMHssxKutU8IfWxwWE= @@ -834,8 +832,8 @@ github.com/microcosm-cc/bluemonday v1.0.7 h1:6yAQfk4XT+PI/dk1ZeBp1gr3Q2Hd1DR0O3a github.com/microcosm-cc/bluemonday v1.0.7/go.mod h1:HOT/6NaBlR0f9XlxD3zolN6Z3N8Lp4pvhp+jLS5ihnI= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.30/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= -github.com/miekg/dns v1.1.40 h1:pyyPFfGMnciYUk/mXpKkVmeMQjfXqt3FAJ2hy7tPiLA= -github.com/miekg/dns v1.1.40/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= +github.com/miekg/dns v1.1.41 h1:WMszZWJG0XmzbK9FEmzH2TVcqYzFesusSIB41b8KHxY= +github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw= github.com/minio/md5-simd v1.1.2 h1:Gdi1DZK69+ZVMoNHRXJyNcxrMA4dSxoYHZSQbirFg34= github.com/minio/md5-simd v1.1.2/go.mod h1:MzdKDxYpY2BT9XQFocsiZf/NKVtR7nkE4RoEpN+20RM= @@ -1113,8 +1111,6 @@ github.com/unknwon/i18n v0.0.0-20210321134014-0ebbf2df1c44 h1:7bSo/vjZKVYUoZfxpY github.com/unknwon/i18n v0.0.0-20210321134014-0ebbf2df1c44/go.mod h1:+5rDk6sDGpl3azws3O+f+GpFSyN9GVr0K8cvQLQM2ZQ= github.com/unknwon/paginater v0.0.0-20200328080006-042474bd0eae h1:ihaXiJkaca54IaCSnEXtE/uSZOmPxKZhDfVLrzZLFDs= github.com/unknwon/paginater v0.0.0-20200328080006-042474bd0eae/go.mod h1:1fdkY6xxl6ExVs2QFv7R0F5IRZHKA8RahhB9fMC9RvM= -github.com/unrolled/render v1.0.3 h1:baO+NG1bZSF2WR4zwh+0bMWauWky7DVrTOfvE2w+aFo= -github.com/unrolled/render v1.0.3/go.mod h1:gN9T0NhL4Bfbwu8ann7Ry/TGHYfosul+J0obPf6NBdM= github.com/unrolled/render v1.1.0 h1:gvpR9hHxTt6DcGqRYuVVFcfd8rtK+nyEPUJN06KB57Q= github.com/unrolled/render v1.1.0/go.mod h1:gN9T0NhL4Bfbwu8ann7Ry/TGHYfosul+J0obPf6NBdM= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= @@ -1231,8 +1227,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= -golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 h1:/ZScEX8SfEmUGRHs0gxpqteO5nfNW6axyZbBdw9A12g= -golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg= +golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1321,9 +1317,10 @@ golang.org/x/net v0.0.0-20201202161906-c7110b5ffcbb/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210119194325-5f4716e94777/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0= -golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= +golang.org/x/net v0.0.0-20210421230115-4e50805a0758 h1:aEpZnXcAmXkd6AvLb2OPt+EN1Zu/8Ne3pCqPjja5PXY= +golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1346,8 +1343,9 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20201207232520-09787c993a3a h1:DcqTD9SDLc+1P/r1EmRBwnVsrOwW+kk2vWf9n+1sGhs= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -1419,8 +1417,11 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210220050731-9a76102bfb43/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 h1:Bli41pIlzTzf3KEY06n+xnzK/BESIg2ze4Pgfh/aI8c= +golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210421221651-33663a62ff08 h1:qyN5bV+96OX8pL78eXDuz6YlDPzCYgdW74H5yE9BoSU= +golang.org/x/sys v0.0.0-20210421221651-33663a62ff08/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -1430,8 +1431,9 @@ golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ= golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.6 h1:aRYxNxv6iGQlyVaZmk6ZgYEDa+Jg18DxebPSrd6bg1M= +golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/vendor/github.com/caddyserver/certmagic/README.md b/vendor/github.com/caddyserver/certmagic/README.md index 0bd6c5567..19aa9f891 100644 --- a/vendor/github.com/caddyserver/certmagic/README.md +++ b/vendor/github.com/caddyserver/certmagic/README.md @@ -260,7 +260,7 @@ magic := certmagic.New(cache, certmagic.Config{ // any customizations you need go here }) -myACME := certmagic.NewACMEManager(magic, ACMEManager{ +myACME := certmagic.NewACMEManager(magic, certmagic.ACMEManager{ CA: certmagic.LetsEncryptStagingCA, Email: "you@yours.com", Agreed: true, @@ -285,7 +285,7 @@ tlsConfig := magic.TLSConfig() // we can simply set its GetCertificate field and append the // TLS-ALPN challenge protocol to the NextProtos myTLSConfig.GetCertificate = magic.GetCertificate -myTLSConfig.NextProtos = append(myTLSConfig.NextProtos, tlsalpn01.ACMETLS1Protocol} +myTLSConfig.NextProtos = append(myTLSConfig.NextProtos, tlsalpn01.ACMETLS1Protocol) // the HTTP challenge has to be handled by your HTTP server; // if you don't have one, you should have disabled it earlier @@ -394,7 +394,7 @@ To enable it, just set the `DNS01Solver` field on a `certmagic.ACMEManager` stru import "github.com/libdns/cloudflare" certmagic.DefaultACME.DNS01Solver = &certmagic.DNS01Solver{ - DNSProvider: cloudflare.Provider{ + DNSProvider: &cloudflare.Provider{ APIToken: "topsecret", }, } diff --git a/vendor/github.com/caddyserver/certmagic/account.go b/vendor/github.com/caddyserver/certmagic/account.go index e1ebb32a0..d7c3841a7 100644 --- a/vendor/github.com/caddyserver/certmagic/account.go +++ b/vendor/github.com/caddyserver/certmagic/account.go @@ -16,6 +16,8 @@ package certmagic import ( "bufio" + "bytes" + "context" "crypto/ecdsa" "crypto/elliptic" "crypto/rand" @@ -33,18 +35,24 @@ import ( // getAccount either loads or creates a new account, depending on if // an account can be found in storage for the given CA + email combo. func (am *ACMEManager) getAccount(ca, email string) (acme.Account, error) { - regBytes, err := am.config.Storage.Load(am.storageKeyUserReg(ca, email)) + acct, err := am.loadAccount(ca, email) if err != nil { if _, ok := err.(ErrNotExist); ok { return am.newAccount(email) } + return acct, err + } + return acct, err +} + +// loadAccount loads an account from storage, but does not create a new one. +func (am *ACMEManager) loadAccount(ca, email string) (acme.Account, error) { + regBytes, err := am.config.Storage.Load(am.storageKeyUserReg(ca, email)) + if err != nil { return acme.Account{}, err } keyBytes, err := am.config.Storage.Load(am.storageKeyUserPrivateKey(ca, email)) if err != nil { - if _, ok := err.(ErrNotExist); ok { - return am.newAccount(email) - } return acme.Account{}, err } @@ -58,54 +66,6 @@ func (am *ACMEManager) getAccount(ca, email string) (acme.Account, error) { return acct, fmt.Errorf("could not decode account's private key: %v", err) } - // TODO: July 2020 - transition to new ACME lib and account structure; - // for a while, we will need to convert old accounts to new structure - acct, err = am.transitionAccountToACMEzJuly2020Format(ca, acct, regBytes) - if err != nil { - return acct, fmt.Errorf("one-time account transition: %v", err) - } - - return acct, err -} - -// TODO: this is a temporary transition helper starting July 2020. -// It can go away when we think enough time has passed that most active assets have transitioned. -func (am *ACMEManager) transitionAccountToACMEzJuly2020Format(ca string, acct acme.Account, regBytes []byte) (acme.Account, error) { - if acct.Status != "" && acct.Location != "" { - return acct, nil - } - - var oldAcct struct { - Email string `json:"Email"` - Registration struct { - Body struct { - Status string `json:"status"` - TermsOfServiceAgreed bool `json:"termsOfServiceAgreed"` - Orders string `json:"orders"` - ExternalAccountBinding json.RawMessage `json:"externalAccountBinding"` - } `json:"body"` - URI string `json:"uri"` - } `json:"Registration"` - } - err := json.Unmarshal(regBytes, &oldAcct) - if err != nil { - return acct, fmt.Errorf("decoding into old account type: %v", err) - } - - acct.Status = oldAcct.Registration.Body.Status - acct.TermsOfServiceAgreed = oldAcct.Registration.Body.TermsOfServiceAgreed - acct.Location = oldAcct.Registration.URI - acct.ExternalAccountBinding = oldAcct.Registration.Body.ExternalAccountBinding - acct.Orders = oldAcct.Registration.Body.Orders - if oldAcct.Email != "" { - acct.Contact = []string{"mailto:" + oldAcct.Email} - } - - err = am.saveAccount(ca, acct) - if err != nil { - return acct, fmt.Errorf("saving converted account: %v", err) - } - return acct, nil } @@ -124,6 +84,71 @@ func (*ACMEManager) newAccount(email string) (acme.Account, error) { return acct, nil } +// GetAccount first tries loading the account with the associated private key from storage. +// If it does not exist in storage, it will be retrieved from the ACME server and added to storage. +// The account must already exist; it does not create a new account. +func (am *ACMEManager) GetAccount(ctx context.Context, privateKeyPEM []byte) (acme.Account, error) { + account, err := am.loadAccountByKey(ctx, privateKeyPEM) + if err != nil { + if _, ok := err.(ErrNotExist); ok { + account, err = am.lookUpAccount(ctx, privateKeyPEM) + } else { + return account, err + } + } + return account, err +} + +// loadAccountByKey loads the account with the given private key from storage, if it exists. +// If it does not exist, an error of type ErrNotExist is returned. This is not very efficient +// for lots of accounts. +func (am *ACMEManager) loadAccountByKey(ctx context.Context, privateKeyPEM []byte) (acme.Account, error) { + accountList, err := am.config.Storage.List(am.storageKeyUsersPrefix(am.CA), false) + if err != nil { + return acme.Account{}, err + } + for _, accountFolderKey := range accountList { + email := path.Base(accountFolderKey) + keyBytes, err := am.config.Storage.Load(am.storageKeyUserPrivateKey(am.CA, email)) + if err != nil { + return acme.Account{}, err + } + if bytes.Equal(bytes.TrimSpace(keyBytes), bytes.TrimSpace(privateKeyPEM)) { + return am.loadAccount(am.CA, email) + } + } + return acme.Account{}, ErrNotExist(fmt.Errorf("no account found with that key")) +} + +// lookUpAccount looks up the account associated with privateKeyPEM from the ACME server. +// If the account is found by the server, it will be saved to storage and returned. +func (am *ACMEManager) lookUpAccount(ctx context.Context, privateKeyPEM []byte) (acme.Account, error) { + client, err := am.newACMEClient(false) + if err != nil { + return acme.Account{}, fmt.Errorf("creating ACME client: %v", err) + } + + privateKey, err := decodePrivateKey([]byte(privateKeyPEM)) + if err != nil { + return acme.Account{}, fmt.Errorf("decoding private key: %v", err) + } + + // look up the account + account := acme.Account{PrivateKey: privateKey} + account, err = client.GetAccount(ctx, account) + if err != nil { + return acme.Account{}, fmt.Errorf("looking up account with server: %v", err) + } + + // save the account details to storage + err = am.saveAccount(client.Directory, account) + if err != nil { + return account, fmt.Errorf("could not save account to storage: %v", err) + } + + return account, nil +} + // saveAccount persists an ACME account's info and private key to storage. // It does NOT register the account via ACME or prompt the user. func (am *ACMEManager) saveAccount(ca string, account acme.Account) error { @@ -242,8 +267,12 @@ func (am *ACMEManager) askUserAgreement(agreementURL string) bool { return answer == "y" || answer == "yes" } +func storageKeyACMECAPrefix(issuerKey string) string { + return path.Join(prefixACME, StorageKeys.Safe(issuerKey)) +} + func (am *ACMEManager) storageKeyCAPrefix(caURL string) string { - return path.Join(prefixACME, StorageKeys.Safe(am.issuerKey(caURL))) + return storageKeyACMECAPrefix(am.issuerKey(caURL)) } func (am *ACMEManager) storageKeyUsersPrefix(caURL string) string { @@ -305,7 +334,8 @@ func (am *ACMEManager) mostRecentAccountEmail(caURL string) (string, bool) { // get all the key infos ahead of sorting, because // we might filter some out stats := make(map[string]KeyInfo) - for i, u := range accountList { + for i := 0; i < len(accountList); i++ { + u := accountList[i] keyInfo, err := am.config.Storage.Stat(u) if err != nil { continue @@ -318,6 +348,7 @@ func (am *ACMEManager) mostRecentAccountEmail(caURL string) (string, bool) { // frankly one's OS shouldn't mess with the data folder // in the first place. accountList = append(accountList[:i], accountList[i+1:]...) + i-- continue } stats[u] = keyInfo diff --git a/vendor/github.com/caddyserver/certmagic/acmeclient.go b/vendor/github.com/caddyserver/certmagic/acmeclient.go index 342b222d6..8a61a0825 100644 --- a/vendor/github.com/caddyserver/certmagic/acmeclient.go +++ b/vendor/github.com/caddyserver/certmagic/acmeclient.go @@ -37,19 +37,104 @@ func init() { weakrand.Seed(time.Now().UnixNano()) } -// acmeClient holds state necessary for us to perform -// ACME operations for certificate management. Call -// ACMEManager.newACMEClient() to get a valid one to . +// acmeClient holds state necessary to perform ACME operations +// for certificate management with an ACME account. Call +// ACMEManager.newACMEClientWithAccount() to get a valid one. type acmeClient struct { mgr *ACMEManager acmeClient *acmez.Client account acme.Account } -// newACMEClient creates the underlying ACME library client type. -// If useTestCA is true, am.TestCA will be used if it is set; -// otherwise, the primary CA will still be used. -func (am *ACMEManager) newACMEClient(ctx context.Context, useTestCA, interactive bool) (*acmeClient, error) { +// newACMEClientWithAccount creates an ACME client ready to use with an account, including +// loading one from storage or registering a new account with the CA if necessary. If +// useTestCA is true, am.TestCA will be used if set; otherwise, the primary CA will be used. +func (am *ACMEManager) newACMEClientWithAccount(ctx context.Context, useTestCA, interactive bool) (*acmeClient, error) { + // first, get underlying ACME client + client, err := am.newACMEClient(useTestCA) + if err != nil { + return nil, err + } + + // look up or create the ACME account + var account acme.Account + if am.AccountKeyPEM != "" { + account, err = am.GetAccount(ctx, []byte(am.AccountKeyPEM)) + } else { + account, err = am.getAccount(client.Directory, am.Email) + } + if err != nil { + return nil, fmt.Errorf("getting ACME account: %v", err) + } + + // register account if it is new + if account.Status == "" { + if am.NewAccountFunc != nil { + account, err = am.NewAccountFunc(ctx, am, account) + if err != nil { + return nil, fmt.Errorf("account pre-registration callback: %v", err) + } + } + + // agree to terms + if interactive { + if !am.Agreed { + var termsURL string + dir, err := client.GetDirectory(ctx) + if err != nil { + return nil, fmt.Errorf("getting directory: %w", err) + } + if dir.Meta != nil { + termsURL = dir.Meta.TermsOfService + } + if termsURL != "" { + am.Agreed = am.askUserAgreement(termsURL) + if !am.Agreed { + return nil, fmt.Errorf("user must agree to CA terms") + } + } + } + } else { + // can't prompt a user who isn't there; they should + // have reviewed the terms beforehand + am.Agreed = true + } + account.TermsOfServiceAgreed = am.Agreed + + // associate account with external binding, if configured + if am.ExternalAccount != nil { + err := account.SetExternalAccountBinding(ctx, client.Client, *am.ExternalAccount) + if err != nil { + return nil, err + } + } + + // create account + account, err = client.NewAccount(ctx, account) + if err != nil { + return nil, fmt.Errorf("registering account %v with server: %w", account.Contact, err) + } + + // persist the account to storage + err = am.saveAccount(client.Directory, account) + if err != nil { + return nil, fmt.Errorf("could not save account %v: %v", account.Contact, err) + } + } + + c := &acmeClient{ + mgr: am, + acmeClient: client, + account: account, + } + + return c, nil +} + +// newACMEClient creates a new underlying ACME client using the settings in am, +// independent of any particular ACME account. If useTestCA is true, am.TestCA +// will be used if it is set; otherwise, the primary CA will be used. +func (am *ACMEManager) newACMEClient(useTestCA bool) (*acmez.Client, error) { // ensure defaults are filled in var caURL string if useTestCA { @@ -78,12 +163,6 @@ func (am *ACMEManager) newACMEClient(ctx context.Context, useTestCA, interactive return nil, fmt.Errorf("%s: insecure CA URL (HTTPS required)", caURL) } - // look up or create the ACME account - account, err := am.getAccount(caURL, am.Email) - if err != nil { - return nil, fmt.Errorf("getting ACME account: %v", err) - } - // set up the dialers and resolver for the ACME client's HTTP client dialer := &net.Dialer{ Timeout: 30 * time.Second, @@ -153,12 +232,12 @@ func (am *ACMEManager) newACMEClient(ctx context.Context, useTestCA, interactive useHTTPPort = am.AltHTTPPort } client.ChallengeSolvers[acme.ChallengeTypeHTTP01] = distributedSolver{ - acmeManager: am, + storage: am.config.Storage, + storageKeyIssuerPrefix: am.storageKeyCAPrefix(client.Directory), solver: &httpSolver{ acmeManager: am, address: net.JoinHostPort(am.ListenHost, strconv.Itoa(useHTTPPort)), }, - caURL: client.Directory, } } @@ -172,12 +251,12 @@ func (am *ACMEManager) newACMEClient(ctx context.Context, useTestCA, interactive useTLSALPNPort = am.AltTLSALPNPort } client.ChallengeSolvers[acme.ChallengeTypeTLSALPN01] = distributedSolver{ - acmeManager: am, + storage: am.config.Storage, + storageKeyIssuerPrefix: am.storageKeyCAPrefix(client.Directory), solver: &tlsALPNSolver{ config: am.config, address: net.JoinHostPort(am.ListenHost, strconv.Itoa(useTLSALPNPort)), }, - caURL: client.Directory, } } } else { @@ -185,68 +264,26 @@ func (am *ACMEManager) newACMEClient(ctx context.Context, useTestCA, interactive client.ChallengeSolvers[acme.ChallengeTypeDNS01] = am.DNS01Solver } - // register account if it is new - if account.Status == "" { - if am.NewAccountFunc != nil { - err = am.NewAccountFunc(ctx, am, account) - if err != nil { - return nil, fmt.Errorf("account pre-registration callback: %v", err) - } - } - - // agree to terms - if interactive { - if !am.Agreed { - var termsURL string - dir, err := client.GetDirectory(ctx) - if err != nil { - return nil, fmt.Errorf("getting directory: %w", err) - } - if dir.Meta != nil { - termsURL = dir.Meta.TermsOfService - } - if termsURL != "" { - am.Agreed = am.askUserAgreement(termsURL) - if !am.Agreed { - return nil, fmt.Errorf("user must agree to CA terms") - } - } - } - } else { - // can't prompt a user who isn't there; they should - // have reviewed the terms beforehand - am.Agreed = true - } - account.TermsOfServiceAgreed = am.Agreed - - // associate account with external binding, if configured - if am.ExternalAccount != nil { - err := account.SetExternalAccountBinding(ctx, client.Client, *am.ExternalAccount) - if err != nil { - return nil, err - } - } - - // create account - account, err = client.NewAccount(ctx, account) - if err != nil { - return nil, fmt.Errorf("registering account with server: %w", err) - } - - // persist the account to storage - err = am.saveAccount(caURL, account) - if err != nil { - return nil, fmt.Errorf("could not save account: %v", err) - } + // wrap solvers in our wrapper so that we can keep track of challenge + // info: this is useful for solving challenges globally as a process; + // for example, usually there is only one process that can solve the + // HTTP and TLS-ALPN challenges, and only one server in that process + // that can bind the necessary port(s), so if a server listening on + // a different port needed a certificate, it would have to know about + // the other server listening on that port, and somehow convey its + // challenge info or share its config, but this isn't always feasible; + // what the wrapper does is it accesses a global challenge memory so + // that unrelated servers in this process can all solve each others' + // challenges without having to know about each other - Caddy's admin + // endpoint uses this functionality since it and the HTTP/TLS modules + // do not know about each other + // (doing this here in a separate loop ensures that even if we expose + // solver config to users later, we will even wrap their own solvers) + for name, solver := range client.ChallengeSolvers { + client.ChallengeSolvers[name] = solverWrapper{solver} } - c := &acmeClient{ - mgr: am, - acmeClient: client, - account: account, - } - - return c, nil + return client, nil } func (c *acmeClient) throttle(ctx context.Context, names []string) error { @@ -325,7 +362,7 @@ var ( // RateLimitEvents is how many new events can be allowed // in RateLimitEventsWindow. - RateLimitEvents = 10 + RateLimitEvents = 20 // RateLimitEventsWindow is the size of the sliding // window that throttles events. diff --git a/vendor/github.com/caddyserver/certmagic/acmemanager.go b/vendor/github.com/caddyserver/certmagic/acmemanager.go index 6820b4f91..82b6cc12e 100644 --- a/vendor/github.com/caddyserver/certmagic/acmemanager.go +++ b/vendor/github.com/caddyserver/certmagic/acmemanager.go @@ -7,6 +7,7 @@ import ( "fmt" "net/http" "net/url" + "sort" "strings" "time" @@ -19,7 +20,7 @@ import ( // Issuer, and Revoker interfaces. // // It is NOT VALID to use an ACMEManager without calling NewACMEManager(). -// It fills in default values from DefaultACME as well as setting up +// It fills in any default values from DefaultACME as well as setting up // internal state that is necessary for valid use. Always call // NewACMEManager() to get a valid ACMEManager value. type ACMEManager struct { @@ -37,6 +38,12 @@ type ACMEManager struct { // selecting an existing ACME server account Email string + // The PEM-encoded private key of the ACME + // account to use; only needed if the account + // is already created on the server and + // can be looked up with the ACME protocol + AccountKeyPEM string + // Set to true if agreed to the CA's // subscriber agreement Agreed bool @@ -92,9 +99,13 @@ type ACMEManager struct { // Callback function that is called before a // new ACME account is registered with the CA; // it allows for last-second config changes - // of the ACMEManager (TODO: this feature is - // still EXPERIMENTAL and subject to change) - NewAccountFunc func(context.Context, *ACMEManager, acme.Account) error + // of the ACMEManager and the Account. + // (TODO: this feature is still EXPERIMENTAL and subject to change) + NewAccountFunc func(context.Context, *ACMEManager, acme.Account) (acme.Account, error) + + // Preferences for selecting alternate + // certificate chains + PreferredChains ChainPreference // Set a logger to enable logging Logger *zap.Logger @@ -105,10 +116,12 @@ type ACMEManager struct { // NewACMEManager constructs a valid ACMEManager based on a template // configuration; any empty values will be filled in by defaults in -// DefaultACME. The associated config is also required. +// DefaultACME, and if any required values are still empty, sensible +// defaults will be used. // -// Typically, you'll create the Config first, then call NewACMEManager(), -// then assign the return value to the Issuer/Revoker fields of the Config. +// Typically, you'll create the Config first with New() or NewDefault(), +// then call NewACMEManager(), then assign the return value to the Issuers +// field of the Config. func NewACMEManager(cfg *Config, template ACMEManager) *ACMEManager { if cfg == nil { panic("cannot make valid ACMEManager without an associated CertMagic config") @@ -126,6 +139,9 @@ func NewACMEManager(cfg *Config, template ACMEManager) *ACMEManager { if template.Email == "" { template.Email = DefaultACME.Email } + if template.AccountKeyPEM == "" { + template.AccountKeyPEM = DefaultACME.AccountKeyPEM + } if !template.Agreed { template.Agreed = DefaultACME.Agreed } @@ -175,7 +191,7 @@ func (am *ACMEManager) IssuerKey() string { return am.issuerKey(am.CA) } -func (am *ACMEManager) issuerKey(ca string) string { +func (*ACMEManager) issuerKey(ca string) string { key := ca if caURL, err := url.Parse(key); err == nil { key = caURL.Host @@ -202,11 +218,11 @@ func (am *ACMEManager) issuerKey(ca string) string { // batch is eligible for certificates if using Let's Encrypt. // It also ensures that an email address is available. func (am *ACMEManager) PreCheck(_ context.Context, names []string, interactive bool) error { - letsEncrypt := strings.Contains(am.CA, "api.letsencrypt.org") - if letsEncrypt { + publicCA := strings.Contains(am.CA, "api.letsencrypt.org") || strings.Contains(am.CA, "acme.zerossl.com") + if publicCA { for _, name := range names { if !SubjectQualifiesForPublicCert(name) { - return fmt.Errorf("subject does not qualify for a Let's Encrypt certificate: %s", name) + return fmt.Errorf("subject does not qualify for a public certificate: %s", name) } } } @@ -282,7 +298,7 @@ func (am *ACMEManager) Issue(ctx context.Context, csr *x509.CertificateRequest) } func (am *ACMEManager) doIssue(ctx context.Context, csr *x509.CertificateRequest, useTestCA bool) (*IssuedCertificate, bool, error) { - client, err := am.newACMEClient(ctx, useTestCA, false) + client, err := am.newACMEClientWithAccount(ctx, useTestCA, false) if err != nil { return nil, false, err } @@ -300,20 +316,103 @@ func (am *ACMEManager) doIssue(ctx context.Context, csr *x509.CertificateRequest if err != nil { return nil, usingTestCA, fmt.Errorf("%v %w (ca=%s)", nameSet, err, client.acmeClient.Directory) } + if len(certChains) == 0 { + return nil, usingTestCA, fmt.Errorf("no certificate chains") + } + + preferredChain := am.selectPreferredChain(certChains) - // TODO: ACME server could in theory issue a cert with multiple chains, - // but we don't (yet) have a way to choose one, so just use first one ic := &IssuedCertificate{ - Certificate: certChains[0].ChainPEM, - Metadata: certChains[0], + Certificate: preferredChain.ChainPEM, + Metadata: preferredChain, } return ic, usingTestCA, nil } +// selectPreferredChain sorts and then filters the certificate chains to find the optimal +// chain preferred by the client. If there's only one chain, that is returned without any +// processing. If there are no matches, the first chain is returned. +func (am *ACMEManager) selectPreferredChain(certChains []acme.Certificate) acme.Certificate { + if len(certChains) == 1 { + if am.Logger != nil && (len(am.PreferredChains.AnyCommonName) > 0 || len(am.PreferredChains.RootCommonName) > 0) { + am.Logger.Debug("there is only one chain offered; selecting it regardless of preferences", + zap.String("chain_url", certChains[0].URL)) + } + return certChains[0] + } + + if am.PreferredChains.Smallest != nil { + if *am.PreferredChains.Smallest { + sort.Slice(certChains, func(i, j int) bool { + return len(certChains[i].ChainPEM) < len(certChains[j].ChainPEM) + }) + } else { + sort.Slice(certChains, func(i, j int) bool { + return len(certChains[i].ChainPEM) > len(certChains[j].ChainPEM) + }) + } + } + + if len(am.PreferredChains.AnyCommonName) > 0 || len(am.PreferredChains.RootCommonName) > 0 { + // in order to inspect, we need to decode their PEM contents + decodedChains := make([][]*x509.Certificate, len(certChains)) + for i, chain := range certChains { + certs, err := parseCertsFromPEMBundle(chain.ChainPEM) + if err != nil { + if am.Logger != nil { + am.Logger.Error("unable to parse PEM certificate chain", + zap.Int("chain", i), + zap.Error(err)) + } + continue + } + decodedChains[i] = certs + } + + if len(am.PreferredChains.AnyCommonName) > 0 { + for _, prefAnyCN := range am.PreferredChains.AnyCommonName { + for i, chain := range decodedChains { + for _, cert := range chain { + if cert.Issuer.CommonName == prefAnyCN { + if am.Logger != nil { + am.Logger.Debug("found preferred certificate chain by issuer common name", + zap.String("preference", prefAnyCN), + zap.Int("chain", i)) + } + return certChains[i] + } + } + } + } + } + + if len(am.PreferredChains.RootCommonName) > 0 { + for _, prefRootCN := range am.PreferredChains.RootCommonName { + for i, chain := range decodedChains { + if chain[len(chain)-1].Issuer.CommonName == prefRootCN { + if am.Logger != nil { + am.Logger.Debug("found preferred certificate chain by root common name", + zap.String("preference", prefRootCN), + zap.Int("chain", i)) + } + return certChains[i] + } + } + } + } + + if am.Logger != nil { + am.Logger.Warn("did not find chain matching preferences; using first") + } + } + + return certChains[0] +} + // Revoke implements the Revoker interface. It revokes the given certificate. func (am *ACMEManager) Revoke(ctx context.Context, cert CertificateResource, reason int) error { - client, err := am.newACMEClient(ctx, false, false) + client, err := am.newACMEClientWithAccount(ctx, false, false) if err != nil { return err } @@ -326,8 +425,24 @@ func (am *ACMEManager) Revoke(ctx context.Context, cert CertificateResource, rea return client.revoke(ctx, certs[0], reason) } -// DefaultACME specifies the default settings -// to use for ACMEManagers. +// ChainPreference describes the client's preferred certificate chain, +// useful if the CA offers alternate chains. The first matching chain +// will be selected. +type ChainPreference struct { + // Prefer chains with the fewest number of bytes. + Smallest *bool + + // Select first chain having a root with one of + // these common names. + RootCommonName []string + + // Select first chain that has any issuer with one + // of these common names. + AnyCommonName []string +} + +// DefaultACME specifies default settings to use for ACMEManagers. +// Using this value is optional but can be convenient. var DefaultACME = ACMEManager{ CA: LetsEncryptProductionCA, TestCA: LetsEncryptStagingCA, @@ -337,6 +452,7 @@ var DefaultACME = ACMEManager{ const ( LetsEncryptStagingCA = "https://acme-staging-v02.api.letsencrypt.org/directory" LetsEncryptProductionCA = "https://acme-v02.api.letsencrypt.org/directory" + ZeroSSLProductionCA = "https://acme.zerossl.com/v2/DV90" ) // prefixACME is the storage key prefix used for ACME-specific assets. diff --git a/vendor/github.com/caddyserver/certmagic/certificates.go b/vendor/github.com/caddyserver/certmagic/certificates.go index ebdb61832..09dc340d0 100644 --- a/vendor/github.com/caddyserver/certmagic/certificates.go +++ b/vendor/github.com/caddyserver/certmagic/certificates.go @@ -113,10 +113,11 @@ func (cfg *Config) CacheManagedCertificate(domain string) (Certificate, error) { return cert, nil } -// loadManagedCertificate loads the managed certificate for domain, -// but it does not add it to the cache. It just loads from storage. +// loadManagedCertificate loads the managed certificate for domain from any +// of the configured issuers' storage locations, but it does not add it to +// the cache. It just loads from storage and returns it. func (cfg *Config) loadManagedCertificate(domain string) (Certificate, error) { - certRes, err := cfg.loadCertResource(domain) + certRes, err := cfg.loadCertResourceAnyIssuer(domain) if err != nil { return Certificate{}, err } @@ -154,7 +155,7 @@ func (cfg *Config) CacheUnmanagedTLSCertificate(tlsCert tls.Certificate, tags [] if err != nil { return err } - _, err = stapleOCSP(cfg.Storage, &cert, nil) + _, err = stapleOCSP(cfg.OCSP, cfg.Storage, &cert, nil) if err != nil && cfg.Logger != nil { cfg.Logger.Warn("stapling OCSP", zap.Error(err)) } @@ -202,7 +203,7 @@ func (cfg Config) makeCertificateWithOCSP(certPEMBlock, keyPEMBlock []byte) (Cer if err != nil { return cert, err } - _, err = stapleOCSP(cfg.Storage, &cert, certPEMBlock) + _, err = stapleOCSP(cfg.OCSP, cfg.Storage, &cert, certPEMBlock) if err != nil && cfg.Logger != nil { cfg.Logger.Warn("stapling OCSP", zap.Error(err)) } @@ -295,19 +296,12 @@ func fillCertFromLeaf(cert *Certificate, tlsCert tls.Certificate) error { // meantime, and it would be a good idea to simply load the cert // into our cache rather than repeating the renewal process again. func (cfg *Config) managedCertInStorageExpiresSoon(cert Certificate) (bool, error) { - certRes, err := cfg.loadCertResource(cert.Names[0]) + certRes, err := cfg.loadCertResourceAnyIssuer(cert.Names[0]) if err != nil { return false, err } - tlsCert, err := tls.X509KeyPair(certRes.CertificatePEM, certRes.PrivateKeyPEM) - if err != nil { - return false, err - } - leaf, err := x509.ParseCertificate(tlsCert.Certificate[0]) - if err != nil { - return false, err - } - return currentlyInRenewalWindow(leaf.NotBefore, leaf.NotAfter, cfg.RenewalWindowRatio), nil + _, needsRenew := cfg.managedCertNeedsRenewal(certRes) + return needsRenew, nil } // reloadManagedCertificate reloads the certificate corresponding to the name(s) @@ -341,8 +335,9 @@ func SubjectQualifiesForCert(subj string) bool { !strings.HasPrefix(subj, ".") && !strings.HasSuffix(subj, ".") && - // if it has a wildcard, must be a left-most label - (!strings.Contains(subj, "*") || strings.HasPrefix(subj, "*.")) && + // if it has a wildcard, must be a left-most label (or exactly "*" + // which won't be trusted by browsers but still technically works) + (!strings.Contains(subj, "*") || strings.HasPrefix(subj, "*.") || subj == "*") && // must not contain other common special characters !strings.ContainsAny(subj, "()[]{}<> \t\n\"\\!@#$%^&|;'+=") @@ -356,32 +351,45 @@ func SubjectQualifiesForCert(subj string) bool { // allowed, as long as they conform to CABF requirements (only // one wildcard label, and it must be the left-most label). func SubjectQualifiesForPublicCert(subj string) bool { - // must at least qualify for certificate + // must at least qualify for a certificate return SubjectQualifiesForCert(subj) && - // localhost is ineligible - subj != "localhost" && - - // .localhost TLD is ineligible - !strings.HasSuffix(subj, ".localhost") && - - // .local TLD is ineligible - !strings.HasSuffix(subj, ".local") && - - // only one wildcard label allowed, and it must be left-most - (!strings.Contains(subj, "*") || - (strings.Count(subj, "*") == 1 && - len(subj) > 2 && - strings.HasPrefix(subj, "*."))) && + // localhost, .localhost TLD, and .local TLD are ineligible + !SubjectIsInternal(subj) && // cannot be an IP address (as of yet), see // https://community.letsencrypt.org/t/certificate-for-static-ip/84/2?u=mholt - net.ParseIP(subj) == nil + !SubjectIsIP(subj) && + + // only one wildcard label allowed, and it must be left-most, with 3+ labels + (!strings.Contains(subj, "*") || + (strings.Count(subj, "*") == 1 && + strings.Count(subj, ".") > 1 && + len(subj) > 2 && + strings.HasPrefix(subj, "*."))) +} + +// SubjectIsIP returns true if subj is an IP address. +func SubjectIsIP(subj string) bool { + return net.ParseIP(subj) != nil +} + +// SubjectIsInternal returns true if subj is an internal-facing +// hostname or address. +func SubjectIsInternal(subj string) bool { + return subj == "localhost" || + strings.HasSuffix(subj, ".localhost") || + strings.HasSuffix(subj, ".local") } // MatchWildcard returns true if subject (a candidate DNS name) // matches wildcard (a reference DNS name), mostly according to -// RFC6125-compliant wildcard rules. +// RFC 6125-compliant wildcard rules. See also RFC 2818 which +// states that IP addresses must match exactly, but this function +// does not attempt to distinguish IP addresses from internal or +// external DNS names that happen to look like IP addresses. +// It uses DNS wildcard matching logic. +// https://tools.ietf.org/html/rfc2818#section-3.1 func MatchWildcard(subject, wildcard string) bool { if subject == wildcard { return true diff --git a/vendor/github.com/caddyserver/certmagic/certmagic.go b/vendor/github.com/caddyserver/certmagic/certmagic.go index d2a64151b..03844b4ad 100644 --- a/vendor/github.com/caddyserver/certmagic/certmagic.go +++ b/vendor/github.com/caddyserver/certmagic/certmagic.go @@ -125,8 +125,10 @@ func HTTPS(domainNames []string, mux http.Handler) error { WriteTimeout: 5 * time.Second, IdleTimeout: 5 * time.Second, } - if am, ok := cfg.Issuer.(*ACMEManager); ok { - httpServer.Handler = am.HTTPChallengeHandler(http.HandlerFunc(httpRedirectHandler)) + if len(cfg.Issuers) > 0 { + if am, ok := cfg.Issuers[0].(*ACMEManager); ok { + httpServer.Handler = am.HTTPChallengeHandler(http.HandlerFunc(httpRedirectHandler)) + } } httpsServer := &http.Server{ ReadHeaderTimeout: 10 * time.Second, @@ -425,9 +427,11 @@ func (cr *CertificateResource) NamesKey() string { // Default contains the package defaults for the // various Config fields. This is used as a template -// when creating your own Configs with New(), and it -// is also used as the Config by all the high-level -// functions in this package. +// when creating your own Configs with New() or +// NewDefault(), and it is also used as the Config +// by all the high-level functions in this package +// that abstract away most configuration (HTTPS(), +// TLS(), Listen(), etc). // // The fields of this value will be used for Config // fields which are unset. Feel free to modify these @@ -436,8 +440,10 @@ func (cr *CertificateResource) NamesKey() string { // obtained by calling New() (if you have your own // certificate cache) or NewDefault() (if you only // need a single config and want to use the default -// cache). This is the only Config which can access -// the default certificate cache. +// cache). +// +// Even if the Issuers or Storage fields are not set, +// defaults will be applied in the call to New(). var Default = Config{ RenewalWindowRatio: DefaultRenewalWindowRatio, Storage: defaultFileStorage, @@ -459,12 +465,12 @@ const ( // are set to; otherwise ACME challenges will fail. var ( // HTTPPort is the port on which to serve HTTP - // and, by extension, the HTTP challenge (unless + // and, as such, the HTTP challenge (unless // Default.AltHTTPPort is set). HTTPPort = 80 // HTTPSPort is the port on which to serve HTTPS - // and, by extension, the TLS-ALPN challenge + // and, as such, the TLS-ALPN challenge // (unless Default.AltTLSALPNPort is set). HTTPSPort = 443 ) diff --git a/vendor/github.com/caddyserver/certmagic/config.go b/vendor/github.com/caddyserver/certmagic/config.go index 4cab8121b..1428a14e4 100644 --- a/vendor/github.com/caddyserver/certmagic/config.go +++ b/vendor/github.com/caddyserver/certmagic/config.go @@ -23,6 +23,7 @@ import ( "crypto/x509" "crypto/x509/pkix" "encoding/asn1" + "encoding/json" "fmt" weakrand "math/rand" "net" @@ -31,7 +32,9 @@ import ( "time" "github.com/mholt/acmez" + "github.com/mholt/acmez/acme" "go.uber.org/zap" + "golang.org/x/net/idna" ) // Config configures a certificate manager instance. @@ -54,45 +57,48 @@ type Config struct { // DefaultServerName specifies a server name // to use when choosing a certificate if the - // ClientHello's ServerName field is empty + // ClientHello's ServerName field is empty. DefaultServerName string // The state needed to operate on-demand TLS; // if non-nil, on-demand TLS is enabled and // certificate operations are deferred to - // TLS handshakes (or as-needed) + // TLS handshakes (or as-needed). // TODO: Can we call this feature "Reactive/Lazy/Passive TLS" instead? OnDemand *OnDemandConfig - // Add the must staple TLS extension to the CSR + // Adds the must staple TLS extension to the CSR. MustStaple bool - // The type that issues certificates; the - // default Issuer is ACMEManager - Issuer Issuer - - // The type that revokes certificates; must - // be configured in conjunction with the Issuer - // field such that both the Issuer and Revoker - // are related (because issuance information is - // required for revocation) - Revoker Revoker + // The source for getting new certificates; the + // default Issuer is ACMEManager. If multiple + // issuers are specified, they will be tried in + // turn until one succeeds. + Issuers []Issuer // The source of new private keys for certificates; - // the default KeySource is StandardKeyGenerator + // the default KeySource is StandardKeyGenerator. KeySource KeyGenerator // CertSelection chooses one of the certificates // with which the ClientHello will be completed; // if not set, DefaultCertificateSelector will - // be used + // be used. CertSelection CertificateSelector - // The storage to access when storing or - // loading TLS assets + // OCSP configures how OCSP is handled. By default, + // OCSP responses are fetched for every certificate + // with a responder URL, and cached on disk. Changing + // these defaults is STRONGLY discouraged unless you + // have a compelling reason to put clients at greater + // risk and reduce their privacy. + OCSP OCSPConfig + + // The storage to access when storing or loading + // TLS assets. Default is the local file system. Storage Storage - // Set a logger to enable logging + // Set a logger to enable logging. Logger *zap.Logger // required pointer to the in-memory cert cache @@ -116,6 +122,9 @@ type Config struct { // same, default certificate cache. All configs returned // by NewDefault() are based on the values of the fields of // Default at the time it is called. +// +// This is the only way to get a config that uses the +// default certificate cache. func NewDefault() *Config { defaultCacheMu.Lock() if defaultCache == nil { @@ -153,7 +162,7 @@ func NewDefault() *Config { // the vast majority of cases, there will be only a // single Config, thus the default cache (which always // uses the default Config) and default config will -// suffice, and you should use New() instead. +// suffice, and you should use NewDefault() instead. func New(certCache *Cache, cfg Config) *Config { if certCache == nil { panic("a certificate cache is required") @@ -196,23 +205,11 @@ func newWithCache(certCache *Cache, cfg Config) *Config { if cfg.Storage == nil { cfg.Storage = Default.Storage } - if cfg.Issuer == nil { - cfg.Issuer = Default.Issuer - if cfg.Issuer == nil { - // okay really, we need an issuer, - // that's kind of the point; most - // people would probably want ACME - cfg.Issuer = NewACMEManager(&cfg, DefaultACME) - } - // issuer and revoker go together; if user - // specifies their own issuer, we don't want - // to override their revoker, hence we only - // do this if Issuer was also nil - if cfg.Revoker == nil { - cfg.Revoker = Default.Revoker - if cfg.Revoker == nil { - cfg.Revoker = NewACMEManager(&cfg, DefaultACME) - } + if len(cfg.Issuers) == 0 { + cfg.Issuers = Default.Issuers + if len(cfg.Issuers) == 0 { + // at least one issuer is absolutely required + cfg.Issuers = []Issuer{NewACMEManager(&cfg, DefaultACME)} } } @@ -223,7 +220,6 @@ func newWithCache(certCache *Cache, cfg Config) *Config { cfg.Storage = defaultFileStorage } - // ensure the unexported fields are valid cfg.certCache = certCache return &cfg @@ -254,6 +250,29 @@ func (cfg *Config) ManageSync(domainNames []string) error { return cfg.manageAll(nil, domainNames, false) } +// ClientCredentials returns a list of TLS client certificate chains for the given identifiers. +// The return value can be used in a tls.Config to enable client authentication using managed certificates. +// Any certificates that need to be obtained or renewed for these identifiers will be managed accordingly. +func (cfg *Config) ClientCredentials(ctx context.Context, identifiers []string) ([]tls.Certificate, error) { + err := cfg.manageAll(ctx, identifiers, false) + if err != nil { + return nil, err + } + var chains []tls.Certificate + for _, id := range identifiers { + certRes, err := cfg.loadCertResourceAnyIssuer(id) + if err != nil { + return chains, err + } + chain, err := tls.X509KeyPair(certRes.CertificatePEM, certRes.PrivateKeyPEM) + if err != nil { + return chains, err + } + chains = append(chains, chain) + } + return chains, nil +} + // ManageAsync is the same as ManageSync, except that ACME // operations are performed asynchronously (in the background). // This method returns before certificates are ready. It is @@ -360,6 +379,28 @@ func (cfg *Config) manageOne(ctx context.Context, domainName string, async bool) return nil } +// Unmanage causes the certificates for domainNames to stop being managed. +// If there are certificates for the supplied domain names in the cache, they +// are evicted from the cache. +func (cfg *Config) Unmanage(domainNames []string) { + var deleteQueue []Certificate + for _, domainName := range domainNames { + certs := cfg.certCache.AllMatchingCertificates(domainName) + for _, cert := range certs { + if !cert.managed { + continue + } + deleteQueue = append(deleteQueue, cert) + } + } + + cfg.certCache.mu.Lock() + for _, cert := range deleteQueue { + cfg.certCache.removeCertificate(cert) + } + cfg.certCache.mu.Unlock() +} + // ObtainCert obtains a certificate for name using cfg, as long // as a certificate does not already exist in storage for that // name. The name must qualify and cfg must be flagged as Managed. @@ -372,27 +413,22 @@ func (cfg *Config) manageOne(ctx context.Context, domainName string, async bool) // TODO: consider moving interactive param into the Config struct, // and maybe retry settings into the Config struct as well? (same for RenewCert) func (cfg *Config) ObtainCert(ctx context.Context, name string, interactive bool) error { - if cfg.storageHasCertResources(name) { + if len(cfg.Issuers) == 0 { + return fmt.Errorf("no issuers configured; impossible to obtain or check for existing certificate in storage") + } + if cfg.storageHasCertResourcesAnyIssuer(name) { return nil } - issuer, err := cfg.getPrecheckedIssuer(ctx, []string{name}, interactive) + // ensure storage is writeable and readable + // TODO: this is not necessary every time; should only perform check once every so often for each storage, which may require some global state... + err := cfg.checkStorage() if err != nil { - return err + return fmt.Errorf("failed storage check: %v - storage is probably misconfigured", err) } - if issuer == nil { - return nil - } - return cfg.obtainWithIssuer(ctx, issuer, name, interactive) + return cfg.obtainCert(ctx, name, interactive) } -func loggerNamed(l *zap.Logger, name string) *zap.Logger { - if l == nil { - return nil - } - return l.Named(name) -} - -func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name string, interactive bool) error { +func (cfg *Config) obtainCert(ctx context.Context, name string, interactive bool) error { log := loggerNamed(cfg.Logger, "obtain") if log != nil { @@ -400,10 +436,10 @@ func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name str } // ensure idempotency of the obtain operation for this name - lockKey := cfg.lockKey("cert_acme", name) + lockKey := cfg.lockKey(certIssueLockOp, name) err := acquireLock(ctx, cfg.Storage, lockKey) if err != nil { - return err + return fmt.Errorf("unable to acquire lock '%s': %v", lockKey, err) } defer func() { if log != nil { @@ -424,7 +460,7 @@ func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name str f := func(ctx context.Context) error { // check if obtain is still needed -- might have been obtained during lock - if cfg.storageHasCertResources(name) { + if cfg.storageHasCertResourcesAnyIssuer(name) { if log != nil { log.Info("certificate already exists in storage", zap.String("identifier", name)) } @@ -445,8 +481,24 @@ func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name str return err } - issuedCert, err := issuer.Issue(ctx, csr) + // try to obtain from each issuer until we succeed + var issuedCert *IssuedCertificate + var issuerUsed Issuer + for _, issuer := range cfg.Issuers { + if prechecker, ok := issuer.(PreChecker); ok { + err = prechecker.PreCheck(ctx, []string{name}, interactive) + if err != nil { + continue + } + } + issuedCert, err = issuer.Issue(ctx, csr) + if err == nil { + issuerUsed = issuer + break + } + } if err != nil { + // TODO: only the error from the last issuer will be returned, oh well? return fmt.Errorf("[%s] Obtain: %w", name, err) } @@ -457,7 +509,7 @@ func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name str PrivateKeyPEM: privKeyPEM, IssuerData: issuedCert.Metadata, } - err = cfg.saveCertResource(certRes) + err = cfg.saveCertResource(issuerUsed, certRes) if err != nil { return fmt.Errorf("[%s] Obtain: saving assets: %v", name, err) } @@ -480,21 +532,32 @@ func (cfg *Config) obtainWithIssuer(ctx context.Context, issuer Issuer, name str return err } +func (cfg *Config) storageHasCertResourcesAnyIssuer(name string) bool { + for _, iss := range cfg.Issuers { + if cfg.storageHasCertResources(iss, name) { + return true + } + } + return false +} + // RenewCert renews the certificate for name using cfg. It stows the // renewed certificate and its assets in storage if successful. It // DOES NOT update the in-memory cache with the new certificate. func (cfg *Config) RenewCert(ctx context.Context, name string, interactive bool) error { - issuer, err := cfg.getPrecheckedIssuer(ctx, []string{name}, interactive) + if len(cfg.Issuers) == 0 { + return fmt.Errorf("no issuers configured; impossible to renew or check existing certificate in storage") + } + // ensure storage is writeable and readable + // TODO: this is not necessary every time; should only perform check once every so often for each storage, which may require some global state... + err := cfg.checkStorage() if err != nil { - return err + return fmt.Errorf("failed storage check: %v - storage is probably misconfigured", err) } - if issuer == nil { - return nil - } - return cfg.renewWithIssuer(ctx, issuer, name, interactive) + return cfg.renewCert(ctx, name, interactive) } -func (cfg *Config) renewWithIssuer(ctx context.Context, issuer Issuer, name string, interactive bool) error { +func (cfg *Config) renewCert(ctx context.Context, name string, interactive bool) error { log := loggerNamed(cfg.Logger, "renew") if log != nil { @@ -502,10 +565,10 @@ func (cfg *Config) renewWithIssuer(ctx context.Context, issuer Issuer, name stri } // ensure idempotency of the renew operation for this name - lockKey := cfg.lockKey("cert_acme", name) + lockKey := cfg.lockKey(certIssueLockOp, name) err := acquireLock(ctx, cfg.Storage, lockKey) if err != nil { - return err + return fmt.Errorf("unable to acquire lock '%s': %v", lockKey, err) } defer func() { if log != nil { @@ -526,7 +589,7 @@ func (cfg *Config) renewWithIssuer(ctx context.Context, issuer Issuer, name stri f := func(ctx context.Context) error { // prepare for renewal (load PEM cert, key, and meta) - certRes, err := cfg.loadCertResource(name) + certRes, err := cfg.loadCertResourceAnyIssuer(name) if err != nil { return err } @@ -556,8 +619,24 @@ func (cfg *Config) renewWithIssuer(ctx context.Context, issuer Issuer, name stri return err } - issuedCert, err := issuer.Issue(ctx, csr) + // try to obtain from each issuer until we succeed + var issuedCert *IssuedCertificate + var issuerUsed Issuer + for _, issuer := range cfg.Issuers { + if prechecker, ok := issuer.(PreChecker); ok { + err = prechecker.PreCheck(ctx, []string{name}, interactive) + if err != nil { + continue + } + } + issuedCert, err = issuer.Issue(ctx, csr) + if err == nil { + issuerUsed = issuer + break + } + } if err != nil { + // TODO: only the error from the last issuer will be returned, oh well? return fmt.Errorf("[%s] Renew: %w", name, err) } @@ -568,7 +647,7 @@ func (cfg *Config) renewWithIssuer(ctx context.Context, issuer Issuer, name stri PrivateKeyPEM: certRes.PrivateKeyPEM, IssuerData: issuedCert.Metadata, } - err = cfg.saveCertResource(newCertRes) + err = cfg.saveCertResource(issuerUsed, newCertRes) if err != nil { return fmt.Errorf("[%s] Renew: saving assets: %v", name, err) } @@ -602,7 +681,12 @@ func (cfg *Config) generateCSR(privateKey crypto.PrivateKey, sans []string) (*x5 } else if u, err := url.Parse(name); err == nil && strings.Contains(name, "/") { csrTemplate.URIs = append(csrTemplate.URIs, u) } else { - csrTemplate.DNSNames = append(csrTemplate.DNSNames, name) + // convert IDNs to ASCII according to RFC 5280 section 7 + normalizedName, err := idna.ToASCII(name) + if err != nil { + return nil, fmt.Errorf("converting identifier '%s' to ASCII: %v", name, err) + } + csrTemplate.DNSNames = append(csrTemplate.DNSNames, normalizedName) } } @@ -619,43 +703,45 @@ func (cfg *Config) generateCSR(privateKey crypto.PrivateKey, sans []string) (*x5 } // RevokeCert revokes the certificate for domain via ACME protocol. It requires -// that cfg.Issuer is properly configured with the same issuer that issued the +// that cfg.Issuers is properly configured with the same issuer that issued the // certificate being revoked. See RFC 5280 §5.3.1 for reason codes. func (cfg *Config) RevokeCert(ctx context.Context, domain string, reason int, interactive bool) error { - rev := cfg.Revoker - if rev == nil { - rev = Default.Revoker - } + for i, issuer := range cfg.Issuers { + issuerKey := issuer.IssuerKey() - certRes, err := cfg.loadCertResource(domain) - if err != nil { - return err - } + rev, ok := issuer.(Revoker) + if !ok { + return fmt.Errorf("issuer %d (%s) is not a Revoker", i, issuerKey) + } - issuerKey := cfg.Issuer.IssuerKey() + certRes, err := cfg.loadCertResource(issuer, domain) + if err != nil { + return err + } - if !cfg.Storage.Exists(StorageKeys.SitePrivateKey(issuerKey, domain)) { - return fmt.Errorf("private key not found for %s", certRes.SANs) - } + if !cfg.Storage.Exists(StorageKeys.SitePrivateKey(issuerKey, domain)) { + return fmt.Errorf("private key not found for %s", certRes.SANs) + } - err = rev.Revoke(ctx, certRes, reason) - if err != nil { - return err - } + err = rev.Revoke(ctx, certRes, reason) + if err != nil { + return fmt.Errorf("issuer %d (%s): %v", i, issuerKey, err) + } - cfg.emit("cert_revoked", domain) + cfg.emit("cert_revoked", domain) - err = cfg.Storage.Delete(StorageKeys.SiteCert(issuerKey, domain)) - if err != nil { - return fmt.Errorf("certificate revoked, but unable to delete certificate file: %v", err) - } - err = cfg.Storage.Delete(StorageKeys.SitePrivateKey(issuerKey, domain)) - if err != nil { - return fmt.Errorf("certificate revoked, but unable to delete private key: %v", err) - } - err = cfg.Storage.Delete(StorageKeys.SiteMeta(issuerKey, domain)) - if err != nil { - return fmt.Errorf("certificate revoked, but unable to delete certificate metadata: %v", err) + err = cfg.Storage.Delete(StorageKeys.SiteCert(issuerKey, domain)) + if err != nil { + return fmt.Errorf("certificate revoked, but unable to delete certificate file: %v", err) + } + err = cfg.Storage.Delete(StorageKeys.SitePrivateKey(issuerKey, domain)) + if err != nil { + return fmt.Errorf("certificate revoked, but unable to delete private key: %v", err) + } + err = cfg.Storage.Delete(StorageKeys.SiteMeta(issuerKey, domain)) + if err != nil { + return fmt.Errorf("certificate revoked, but unable to delete certificate metadata: %v", err) + } } return nil @@ -692,27 +778,50 @@ func (cfg *Config) TLSConfig() *tls.Config { } } -// getPrecheckedIssuer returns an Issuer with pre-checks -// completed, if it is also a PreChecker. It also checks -// that storage is functioning. If a nil Issuer is returned -// with a nil error, that means to skip this operation -// (not an error, just a no-op). -func (cfg *Config) getPrecheckedIssuer(ctx context.Context, names []string, interactive bool) (Issuer, error) { - // ensure storage is writeable and readable - // TODO: this is not necessary every time; should only - // perform check once every so often for each storage, - // which may require some global state... - err := cfg.checkStorage() - if err != nil { - return nil, fmt.Errorf("failed storage check: %v - storage is probably misconfigured", err) +// getChallengeInfo loads the challenge info from either the internal challenge memory +// or the external storage (implying distributed solving). The second return value +// indicates whether challenge info was loaded from external storage. If true, the +// challenge is being solved in a distributed fashion; if false, from internal memory. +// If no matching challenge information can be found, an error is returned. +func (cfg *Config) getChallengeInfo(identifier string) (Challenge, bool, error) { + // first, check if our process initiated this challenge; if so, just return it + chalData, ok := GetACMEChallenge(identifier) + if ok { + return chalData, false, nil } - if prechecker, ok := cfg.Issuer.(PreChecker); ok { - err := prechecker.PreCheck(ctx, names, interactive) - if err != nil { - return nil, err + + // otherwise, perhaps another instance in the cluster initiated it; check + // the configured storage to retrieve challenge data + + var chalInfo acme.Challenge + var chalInfoBytes []byte + var tokenKey string + for _, issuer := range cfg.Issuers { + ds := distributedSolver{ + storage: cfg.Storage, + storageKeyIssuerPrefix: storageKeyACMECAPrefix(issuer.IssuerKey()), } + tokenKey = ds.challengeTokensKey(identifier) + var err error + chalInfoBytes, err = cfg.Storage.Load(tokenKey) + if err == nil { + break + } + if _, ok := err.(ErrNotExist); ok { + continue + } + return Challenge{}, false, fmt.Errorf("opening distributed challenge token file %s: %v", tokenKey, err) } - return cfg.Issuer, nil + if len(chalInfoBytes) == 0 { + return Challenge{}, false, fmt.Errorf("no information found to solve challenge for identifier: %s", identifier) + } + + err := json.Unmarshal(chalInfoBytes, &chalInfo) + if err != nil { + return Challenge{}, false, fmt.Errorf("decoding challenge token file %s (corrupted?): %v", tokenKey, err) + } + + return Challenge{Challenge: chalInfo}, true, nil } // checkStorage tests the storage by writing random bytes @@ -758,8 +867,8 @@ func (cfg *Config) checkStorage() error { // associated with cfg's certificate cache has all the // resources related to the certificate for domain: the // certificate, the private key, and the metadata. -func (cfg *Config) storageHasCertResources(domain string) bool { - issuerKey := cfg.Issuer.IssuerKey() +func (cfg *Config) storageHasCertResources(issuer Issuer, domain string) bool { + issuerKey := issuer.IssuerKey() certKey := StorageKeys.SiteCert(issuerKey, domain) keyKey := StorageKeys.SitePrivateKey(issuerKey, domain) metaKey := StorageKeys.SiteMeta(issuerKey, domain) @@ -771,18 +880,19 @@ func (cfg *Config) storageHasCertResources(domain string) bool { // lockKey returns a key for a lock that is specific to the operation // named op being performed related to domainName and this config's CA. func (cfg *Config) lockKey(op, domainName string) string { - return fmt.Sprintf("%s_%s_%s", op, domainName, cfg.Issuer.IssuerKey()) + return fmt.Sprintf("%s_%s", op, domainName) } -// managedCertNeedsRenewal returns true if certRes is -// expiring soon or already expired, or if the process -// of checking the expiration returned an error. +// managedCertNeedsRenewal returns true if certRes is expiring soon or already expired, +// or if the process of decoding the cert and checking its expiration returned an error. func (cfg *Config) managedCertNeedsRenewal(certRes CertificateResource) (time.Duration, bool) { - cert, err := makeCertificate(certRes.CertificatePEM, certRes.PrivateKeyPEM) + certChain, err := parseCertsFromPEMBundle(certRes.CertificatePEM) if err != nil { return 0, true } - return time.Until(cert.Leaf.NotAfter), cert.NeedsRenewal(cfg) + remaining := time.Until(certChain[0].NotAfter) + needsRenew := currentlyInRenewalWindow(certChain[0].NotBefore, certChain[0].NotAfter, cfg.RenewalWindowRatio) + return remaining, needsRenew } func (cfg *Config) emit(eventName string, data interface{}) { @@ -792,11 +902,40 @@ func (cfg *Config) emit(eventName string, data interface{}) { cfg.OnEvent(eventName, data) } +func loggerNamed(l *zap.Logger, name string) *zap.Logger { + if l == nil { + return nil + } + return l.Named(name) +} + // CertificateSelector is a type which can select a certificate to use given multiple choices. type CertificateSelector interface { SelectCertificate(*tls.ClientHelloInfo, []Certificate) (Certificate, error) } +// OCSPConfig configures how OCSP is handled. +type OCSPConfig struct { + // Disable automatic OCSP stapling; strongly + // discouraged unless you have a good reason. + // Disabling this puts clients at greater risk + // and reduces their privacy. + DisableStapling bool + + // A map of OCSP responder domains to replacement + // domains for querying OCSP servers. Used for + // overriding the OCSP responder URL that is + // embedded in certificates. Mapping to an empty + // URL will disable OCSP from that responder. + ResponderOverrides map[string]string +} + +// certIssueLockOp is the name of the operation used +// when naming a lock to make it mutually exclusive +// with other certificate issuance operations for a +// certain name. +const certIssueLockOp = "issue_cert" + // Constants for PKIX MustStaple extension. var ( tlsFeatureExtensionOID = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 24} diff --git a/vendor/github.com/caddyserver/certmagic/crypto.go b/vendor/github.com/caddyserver/certmagic/crypto.go index 2af3e62a0..ef60f27dc 100644 --- a/vendor/github.com/caddyserver/certmagic/crypto.go +++ b/vendor/github.com/caddyserver/certmagic/crypto.go @@ -28,9 +28,12 @@ import ( "encoding/pem" "fmt" "hash/fnv" + "sort" "strings" "github.com/klauspost/cpuid" + "go.uber.org/zap" + "golang.org/x/net/idna" ) // encodePrivateKey marshals a EC or RSA private key into a PEM-encoded array of bytes. @@ -129,13 +132,13 @@ func fastHash(input []byte) string { // saveCertResource saves the certificate resource to disk. This // includes the certificate file itself, the private key, and the // metadata file. -func (cfg *Config) saveCertResource(cert CertificateResource) error { +func (cfg *Config) saveCertResource(issuer Issuer, cert CertificateResource) error { metaBytes, err := json.MarshalIndent(cert, "", "\t") if err != nil { return fmt.Errorf("encoding certificate metadata: %v", err) } - issuerKey := cfg.Issuer.IssuerKey() + issuerKey := issuer.IssuerKey() certKey := cert.NamesKey() all := []keyValue{ @@ -156,20 +159,95 @@ func (cfg *Config) saveCertResource(cert CertificateResource) error { return storeTx(cfg.Storage, all) } -func (cfg *Config) loadCertResource(certNamesKey string) (CertificateResource, error) { +// loadCertResourceAnyIssuer loads and returns the certificate resource from any +// of the configured issuers. If multiple are found (e.g. if there are 3 issuers +// configured, and all 3 have a resource matching certNamesKey), then the newest +// (latest NotBefore date) resource will be chosen. +func (cfg *Config) loadCertResourceAnyIssuer(certNamesKey string) (CertificateResource, error) { + // we can save some extra decoding steps if there's only one issuer, since + // we don't need to compare potentially multiple available resources to + // select the best one, when there's only one choice anyway + if len(cfg.Issuers) == 1 { + return cfg.loadCertResource(cfg.Issuers[0], certNamesKey) + } + + type decodedCertResource struct { + CertificateResource + issuer Issuer + decoded *x509.Certificate + } + var certResources []decodedCertResource + var lastErr error + + // load and decode all certificate resources found with the + // configured issuers so we can sort by newest + for _, issuer := range cfg.Issuers { + certRes, err := cfg.loadCertResource(issuer, certNamesKey) + if err != nil { + if _, ok := err.(ErrNotExist); ok { + // not a problem, but we need to remember the error + // in case we end up not finding any cert resources + // since we'll need an error to return in that case + lastErr = err + continue + } + return CertificateResource{}, err + } + certs, err := parseCertsFromPEMBundle(certRes.CertificatePEM) + if err != nil { + return CertificateResource{}, err + } + certResources = append(certResources, decodedCertResource{ + CertificateResource: certRes, + issuer: issuer, + decoded: certs[0], + }) + } + if len(certResources) == 0 { + if lastErr == nil { + lastErr = fmt.Errorf("no certificate resources found") // just in case; e.g. no Issuers configured + } + return CertificateResource{}, lastErr + } + + // sort by date so the most recently issued comes first + sort.Slice(certResources, func(i, j int) bool { + return certResources[j].decoded.NotBefore.Before(certResources[i].decoded.NotBefore) + }) + + if cfg.Logger != nil { + cfg.Logger.Debug("loading managed certificate", + zap.String("domain", certNamesKey), + zap.Time("expiration", certResources[0].decoded.NotAfter), + zap.String("issuer_key", certResources[0].issuer.IssuerKey()), + zap.Any("storage", cfg.Storage), + ) + } + + return certResources[0].CertificateResource, nil +} + +// loadCertResource loads a certificate resource from the given issuer's storage location. +func (cfg *Config) loadCertResource(issuer Issuer, certNamesKey string) (CertificateResource, error) { var certRes CertificateResource - issuerKey := cfg.Issuer.IssuerKey() - certBytes, err := cfg.Storage.Load(StorageKeys.SiteCert(issuerKey, certNamesKey)) + issuerKey := issuer.IssuerKey() + + normalizedName, err := idna.ToASCII(certNamesKey) + if err != nil { + return certRes, fmt.Errorf("converting '%s' to ASCII: %v", certNamesKey, err) + } + + certBytes, err := cfg.Storage.Load(StorageKeys.SiteCert(issuerKey, normalizedName)) if err != nil { return CertificateResource{}, err } certRes.CertificatePEM = certBytes - keyBytes, err := cfg.Storage.Load(StorageKeys.SitePrivateKey(issuerKey, certNamesKey)) + keyBytes, err := cfg.Storage.Load(StorageKeys.SitePrivateKey(issuerKey, normalizedName)) if err != nil { return CertificateResource{}, err } certRes.PrivateKeyPEM = keyBytes - metaBytes, err := cfg.Storage.Load(StorageKeys.SiteMeta(issuerKey, certNamesKey)) + metaBytes, err := cfg.Storage.Load(StorageKeys.SiteMeta(issuerKey, normalizedName)) if err != nil { return CertificateResource{}, err } @@ -178,50 +256,6 @@ func (cfg *Config) loadCertResource(certNamesKey string) (CertificateResource, e return CertificateResource{}, fmt.Errorf("decoding certificate metadata: %v", err) } - // TODO: July 2020 - transition to new ACME lib and cert resource structure; - // for a while, we will need to convert old cert resources to new structure - certRes, err = cfg.transitionCertMetaToACMEzJuly2020Format(certRes, metaBytes) - if err != nil { - return certRes, fmt.Errorf("one-time certificate resource transition: %v", err) - } - - return certRes, nil -} - -// TODO: this is a temporary transition helper starting July 2020. -// It can go away when we think enough time has passed that most active assets have transitioned. -func (cfg *Config) transitionCertMetaToACMEzJuly2020Format(certRes CertificateResource, metaBytes []byte) (CertificateResource, error) { - data, ok := certRes.IssuerData.(map[string]interface{}) - if !ok { - return certRes, nil - } - if certURL, ok := data["url"].(string); ok && certURL != "" { - return certRes, nil - } - - var oldCertRes struct { - SANs []string `json:"sans"` - IssuerData struct { - Domain string `json:"domain"` - CertURL string `json:"certUrl"` - CertStableURL string `json:"certStableUrl"` - } `json:"issuer_data"` - } - err := json.Unmarshal(metaBytes, &oldCertRes) - if err != nil { - return certRes, fmt.Errorf("decoding into old certificate resource type: %v", err) - } - - data = map[string]interface{}{ - "url": oldCertRes.IssuerData.CertURL, - } - certRes.IssuerData = data - - err = cfg.saveCertResource(certRes) - if err != nil { - return certRes, fmt.Errorf("saving converted certificate resource: %v", err) - } - return certRes, nil } diff --git a/vendor/github.com/caddyserver/certmagic/filestorage.go b/vendor/github.com/caddyserver/certmagic/filestorage.go index f3603d074..8adc2ce75 100644 --- a/vendor/github.com/caddyserver/certmagic/filestorage.go +++ b/vendor/github.com/caddyserver/certmagic/filestorage.go @@ -147,7 +147,7 @@ func (fs *FileStorage) Lock(ctx context.Context, key string) error { err2 := json.NewDecoder(f).Decode(&meta) f.Close() if err2 != nil { - return err2 + return fmt.Errorf("decoding lockfile contents: %w", err2) } } @@ -306,7 +306,15 @@ func updateLockfileFreshness(filename string) (bool, error) { // write updated timestamp meta.Updated = time.Now() - return false, json.NewEncoder(f).Encode(meta) + if err = json.NewEncoder(f).Encode(meta); err != nil { + return false, err + } + + // sync to device; we suspect that sometimes file systems + // (particularly AWS EFS) don't do this on their own, + // leaving the file empty when we close it; see + // https://github.com/caddyserver/caddy/issues/3954 + return false, f.Sync() } // atomicallyCreateFile atomically creates the file @@ -325,8 +333,11 @@ func atomicallyCreateFile(filename string, writeLockInfo bool) error { Created: now, Updated: now, } - err := json.NewEncoder(f).Encode(meta) - if err != nil { + if err := json.NewEncoder(f).Encode(meta); err != nil { + return err + } + // see https://github.com/caddyserver/caddy/issues/3954 + if err := f.Sync(); err != nil { return err } } diff --git a/vendor/github.com/caddyserver/certmagic/go.mod b/vendor/github.com/caddyserver/certmagic/go.mod index be29ac66e..ff8f6b916 100644 --- a/vendor/github.com/caddyserver/certmagic/go.mod +++ b/vendor/github.com/caddyserver/certmagic/go.mod @@ -4,9 +4,10 @@ go 1.14 require ( github.com/klauspost/cpuid v1.2.5 - github.com/libdns/libdns v0.1.0 - github.com/mholt/acmez v0.1.1 + github.com/libdns/libdns v0.2.0 + github.com/mholt/acmez v0.1.3 github.com/miekg/dns v1.1.30 go.uber.org/zap v1.15.0 golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de + golang.org/x/net v0.0.0-20200707034311-ab3426394381 ) diff --git a/vendor/github.com/caddyserver/certmagic/go.sum b/vendor/github.com/caddyserver/certmagic/go.sum index ccae0648f..0d29850a6 100644 --- a/vendor/github.com/caddyserver/certmagic/go.sum +++ b/vendor/github.com/caddyserver/certmagic/go.sum @@ -12,10 +12,10 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/libdns/libdns v0.1.0 h1:0ctCOrVJsVzj53mop1angHp/pE3hmAhP7KiHvR0HD04= -github.com/libdns/libdns v0.1.0/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40= -github.com/mholt/acmez v0.1.1 h1:KQODCqk+hBn3O7qfCRPj6L96uG65T5BSS95FKNEqtdA= -github.com/mholt/acmez v0.1.1/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM= +github.com/libdns/libdns v0.2.0 h1:ewg3ByWrdUrxrje8ChPVMBNcotg7H9LQYg+u5De2RzI= +github.com/libdns/libdns v0.2.0/go.mod h1:yQCXzk1lEZmmCPa857bnk4TsOiqYasqpyOEeSObbb40= +github.com/mholt/acmez v0.1.3 h1:J7MmNIk4Qf9b8mAGqAh4XkNeowv3f1zW816yf4zt7Qk= +github.com/mholt/acmez v0.1.3/go.mod h1:8qnn8QA/Ewx8E3ZSsmscqsIjhhpxuy9vqdgbX2ceceM= github.com/miekg/dns v1.1.30 h1:Qww6FseFn8PRfw07jueqIXqodm0JKiiKuK0DeXSqfyo= github.com/miekg/dns v1.1.30/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= @@ -47,9 +47,7 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859 h1:R/3boaszxrf1GEUWTVDzSKVwLmSJpwZ1yqXm8j0v2QI= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g= golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= @@ -57,7 +55,6 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEha golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M= golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -66,7 +63,6 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5 h1:hKsoRgsbwY1NafxrwTs+k64bikrLBkAgPir1TNCj3Zs= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 h1:VvQyQJN0tSuecqgcIxMWnnfG5kSmgy9KZR9sW3W5QeA= golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= diff --git a/vendor/github.com/caddyserver/certmagic/handshake.go b/vendor/github.com/caddyserver/certmagic/handshake.go index 4c3228a50..beb5cc3e9 100644 --- a/vendor/github.com/caddyserver/certmagic/handshake.go +++ b/vendor/github.com/caddyserver/certmagic/handshake.go @@ -17,7 +17,6 @@ package certmagic import ( "context" "crypto/tls" - "encoding/json" "fmt" "net" "strings" @@ -25,7 +24,6 @@ import ( "time" "github.com/mholt/acmez" - "github.com/mholt/acmez/acme" "go.uber.org/zap" ) @@ -44,41 +42,23 @@ func (cfg *Config) GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certif // (https://tools.ietf.org/html/draft-ietf-acme-tls-alpn-05) for _, proto := range clientHello.SupportedProtos { if proto == acmez.ACMETLS1Protocol { - cfg.certCache.mu.RLock() - challengeCert, ok := cfg.certCache.cache[tlsALPNCertKeyName(clientHello.ServerName)] - cfg.certCache.mu.RUnlock() - if !ok { - // see if this challenge was started in a cluster; try distributed challenge solver - // (note that the tls.Config's ALPN settings must include the ACME TLS-ALPN challenge - // protocol string, otherwise a valid certificate will not solve the challenge; we - // should already have taken care of that when we made the tls.Config) - challengeCert, ok, err := cfg.tryDistributedChallengeSolver(clientHello) - if err != nil { - if cfg.Logger != nil { - cfg.Logger.Error("tls-alpn challenge", - zap.String("server_name", clientHello.ServerName), - zap.Error(err)) - } + challengeCert, distributed, err := cfg.getTLSALPNChallengeCert(clientHello) + if err != nil { + if cfg.Logger != nil { + cfg.Logger.Error("tls-alpn challenge", + zap.String("server_name", clientHello.ServerName), + zap.Error(err)) } - if ok { - if cfg.Logger != nil { - cfg.Logger.Info("served key authentication certificate", - zap.String("server_name", clientHello.ServerName), - zap.String("challenge", "tls-alpn-01"), - zap.String("remote", clientHello.Conn.RemoteAddr().String()), - zap.Bool("distributed", true)) - } - return &challengeCert.Certificate, nil - } - return nil, fmt.Errorf("no certificate to complete TLS-ALPN challenge for SNI name: %s", clientHello.ServerName) + return nil, err } if cfg.Logger != nil { cfg.Logger.Info("served key authentication certificate", zap.String("server_name", clientHello.ServerName), zap.String("challenge", "tls-alpn-01"), - zap.String("remote", clientHello.Conn.RemoteAddr().String())) + zap.String("remote", clientHello.Conn.RemoteAddr().String()), + zap.Bool("distributed", distributed)) } - return &challengeCert.Certificate, nil + return challengeCert, nil } } @@ -107,16 +87,12 @@ func (cfg *Config) GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certif // // This function is safe for concurrent use. func (cfg *Config) getCertificate(hello *tls.ClientHelloInfo) (cert Certificate, matched, defaulted bool) { - name := NormalizedName(hello.ServerName) + name := normalizedName(hello.ServerName) if name == "" { // if SNI is empty, prefer matching IP address if hello.Conn != nil { - addr := hello.Conn.LocalAddr().String() - ip, _, err := net.SplitHostPort(addr) - if err == nil { - addr = ip - } + addr := localIPFromConn(hello.Conn) cert, matched = cfg.selectCert(hello, addr) if matched { return @@ -125,7 +101,7 @@ func (cfg *Config) getCertificate(hello *tls.ClientHelloInfo) (cert Certificate, // fall back to a "default" certificate, if specified if cfg.DefaultServerName != "" { - normDefault := NormalizedName(cfg.DefaultServerName) + normDefault := normalizedName(cfg.DefaultServerName) cert, defaulted = cfg.selectCert(hello, normDefault) if defaulted { return @@ -260,6 +236,12 @@ func (cfg *Config) getCertDuringHandshake(hello *tls.ClientHelloInfo, loadIfNece if cfg.OnDemand != nil && loadIfNecessary { // Then check to see if we have one on disk loadedCert, err := cfg.CacheManagedCertificate(name) + if _, ok := err.(ErrNotExist); ok { + // If no exact match, try a wildcard variant, which is something we can still use + labels := strings.Split(name, ".") + labels[0] = "*" + loadedCert, err = cfg.CacheManagedCertificate(strings.Join(labels, ".")) + } if err == nil { loadedCert, err = cfg.handshakeMaintenance(hello, loadedCert) if err != nil { @@ -273,14 +255,6 @@ func (cfg *Config) getCertDuringHandshake(hello *tls.ClientHelloInfo, loadIfNece } if obtainIfNecessary { // By this point, we need to ask the CA for a certificate - - // Make sure the certificate should be obtained based on config - err := cfg.checkIfCertShouldBeObtained(name) - if err != nil { - return Certificate{}, err - } - - // Obtain certificate from the CA return cfg.obtainOnDemandCertificate(hello) } } @@ -347,6 +321,11 @@ func (cfg *Config) obtainOnDemandCertificate(hello *tls.ClientHelloInfo) (Certif name := cfg.getNameFromClientHello(hello) + getCertWithoutReobtaining := func() (Certificate, error) { + // very important to set the obtainIfNecessary argument to false, so we don't repeat this infinitely + return cfg.getCertDuringHandshake(hello, true, false) + } + // We must protect this process from happening concurrently, so synchronize. obtainCertWaitChansMu.Lock() wait, ok := obtainCertWaitChans[name] @@ -354,8 +333,17 @@ func (cfg *Config) obtainOnDemandCertificate(hello *tls.ClientHelloInfo) (Certif // lucky us -- another goroutine is already obtaining the certificate. // wait for it to finish obtaining the cert and then we'll use it. obtainCertWaitChansMu.Unlock() - <-wait - return cfg.getCertDuringHandshake(hello, true, false) + + // TODO: see if we can get a proper context in here, for true cancellation + timeout := time.NewTimer(2 * time.Minute) + select { + case <-timeout.C: + return Certificate{}, fmt.Errorf("timed out waiting to obtain certificate for %s", name) + case <-wait: + timeout.Stop() + } + + return getCertWithoutReobtaining() } // looks like it's up to us to do all the work and obtain the cert. @@ -364,22 +352,35 @@ func (cfg *Config) obtainOnDemandCertificate(hello *tls.ClientHelloInfo) (Certif obtainCertWaitChans[name] = wait obtainCertWaitChansMu.Unlock() - // obtain the certificate + unblockWaiters := func() { + obtainCertWaitChansMu.Lock() + close(wait) + delete(obtainCertWaitChans, name) + obtainCertWaitChansMu.Unlock() + } + + // Make sure the certificate should be obtained based on config + err := cfg.checkIfCertShouldBeObtained(name) + if err != nil { + unblockWaiters() + return Certificate{}, err + } + if log != nil { log.Info("obtaining new certificate", zap.String("server_name", name)) } + // TODO: use a proper context; we use one with timeout because retries are enabled because interactive is false ctx, cancel := context.WithTimeout(context.TODO(), 90*time.Second) defer cancel() - err := cfg.ObtainCert(ctx, name, false) + + // Obtain the certificate + err = cfg.ObtainCert(ctx, name, false) // immediately unblock anyone waiting for it; doing this in // a defer would risk deadlock because of the recursive call // to getCertDuringHandshake below when we return! - obtainCertWaitChansMu.Lock() - close(wait) - delete(obtainCertWaitChans, name) - obtainCertWaitChansMu.Unlock() + unblockWaiters() if err != nil { // shucks; failed to solve challenge on-demand @@ -388,7 +389,7 @@ func (cfg *Config) obtainOnDemandCertificate(hello *tls.ClientHelloInfo) (Certif // success; certificate was just placed on disk, so // we need only restart serving the certificate - return cfg.getCertDuringHandshake(hello, true, false) + return getCertWithoutReobtaining() } // handshakeMaintenance performs a check on cert for expiration and OCSP validity. @@ -400,13 +401,7 @@ func (cfg *Config) handshakeMaintenance(hello *tls.ClientHelloInfo, cert Certifi log := loggerNamed(cfg.Logger, "on_demand") // Check cert expiration - timeLeft := cert.Leaf.NotAfter.Sub(time.Now().UTC()) if currentlyInRenewalWindow(cert.Leaf.NotBefore, cert.Leaf.NotAfter, cfg.RenewalWindowRatio) { - if log != nil { - log.Info("certificate expires soon; attempting renewal", - zap.Strings("identifiers", cert.Names), - zap.Duration("remaining", timeLeft)) - } return cfg.renewDynamicCertificate(hello, cert) } @@ -414,7 +409,7 @@ func (cfg *Config) handshakeMaintenance(hello *tls.ClientHelloInfo, cert Certifi if cert.ocsp != nil { refreshTime := cert.ocsp.ThisUpdate.Add(cert.ocsp.NextUpdate.Sub(cert.ocsp.ThisUpdate) / 2) if time.Now().After(refreshTime) { - _, err := stapleOCSP(cfg.Storage, &cert, nil) + _, err := stapleOCSP(cfg.OCSP, cfg.Storage, &cert, nil) if err != nil { // An error with OCSP stapling is not the end of the world, and in fact, is // quite common considering not all certs have issuer URLs that support it. @@ -436,22 +431,59 @@ func (cfg *Config) handshakeMaintenance(hello *tls.ClientHelloInfo, cert Certifi // renewDynamicCertificate renews the certificate for name using cfg. It returns the // certificate to use and an error, if any. name should already be lower-cased before // calling this function. name is the name obtained directly from the handshake's -// ClientHello. +// ClientHello. If the certificate hasn't yet expired, currentCert will be returned +// and the renewal will happen in the background; otherwise this blocks until the +// certificate has been renewed, and returns the renewed certificate. // // This function is safe for use by multiple concurrent goroutines. func (cfg *Config) renewDynamicCertificate(hello *tls.ClientHelloInfo, currentCert Certificate) (Certificate, error) { log := loggerNamed(cfg.Logger, "on_demand") name := cfg.getNameFromClientHello(hello) + timeLeft := time.Until(currentCert.Leaf.NotAfter) + getCertWithoutReobtaining := func() (Certificate, error) { + // very important to set the obtainIfNecessary argument to false, so we don't repeat this infinitely + return cfg.getCertDuringHandshake(hello, true, false) + } + + // see if another goroutine is already working on this certificate obtainCertWaitChansMu.Lock() wait, ok := obtainCertWaitChans[name] if ok { - // lucky us -- another goroutine is already renewing the certificate. - // wait for it to finish, then we'll use the new one. + // lucky us -- another goroutine is already renewing the certificate obtainCertWaitChansMu.Unlock() - <-wait - return cfg.getCertDuringHandshake(hello, true, false) + + if timeLeft > 0 { + // the current certificate hasn't expired, and another goroutine is already + // renewing it, so we might as well serve what we have without blocking + if log != nil { + log.Debug("certificate expires soon but is already being renewed; serving current certificate", + zap.Strings("identifiers", currentCert.Names), + zap.Duration("remaining", timeLeft)) + } + return currentCert, nil + } + + // otherwise, we'll have to wait for the renewal to finish so we don't serve + // an expired certificate + + if log != nil { + log.Debug("certificate has expired, but is already being renewed; waiting for renewal to complete", + zap.Strings("identifiers", currentCert.Names), + zap.Time("expired", currentCert.Leaf.NotAfter)) + } + + // TODO: see if we can get a proper context in here, for true cancellation + timeout := time.NewTimer(2 * time.Minute) + select { + case <-timeout.C: + return Certificate{}, fmt.Errorf("timed out waiting for certificate renewal of %s", name) + case <-wait: + timeout.Stop() + } + + return getCertWithoutReobtaining() } // looks like it's up to us to do all the work and renew the cert @@ -459,6 +491,21 @@ func (cfg *Config) renewDynamicCertificate(hello *tls.ClientHelloInfo, currentCe obtainCertWaitChans[name] = wait obtainCertWaitChansMu.Unlock() + unblockWaiters := func() { + obtainCertWaitChansMu.Lock() + close(wait) + delete(obtainCertWaitChans, name) + obtainCertWaitChansMu.Unlock() + } + + if log != nil { + log.Info("attempting certificate renewal", + zap.String("server_name", name), + zap.Strings("identifiers", currentCert.Names), + zap.Time("expiration", currentCert.Leaf.NotAfter), + zap.Duration("remaining", timeLeft)) + } + // Make sure a certificate for this name should be obtained on-demand err := cfg.checkIfCertShouldBeObtained(name) if err != nil { @@ -466,105 +513,118 @@ func (cfg *Config) renewDynamicCertificate(hello *tls.ClientHelloInfo, currentCe cfg.certCache.mu.Lock() cfg.certCache.removeCertificate(currentCert) cfg.certCache.mu.Unlock() + unblockWaiters() return Certificate{}, err } - // renew and reload the certificate - if log != nil { - log.Info("renewing certificate", zap.String("server_name", name)) - } - // TODO: use a proper context; we use one with timeout because retries are enabled because interactive is false - ctx, cancel := context.WithTimeout(context.TODO(), 90*time.Second) - defer cancel() - err = cfg.RenewCert(ctx, name, false) - if err == nil { - // even though the recursive nature of the dynamic cert loading - // would just call this function anyway, we do it here to - // make the replacement as atomic as possible. - newCert, err := cfg.CacheManagedCertificate(name) - if err != nil { - if log != nil { - log.Error("loading renewed certificate", zap.String("server_name", name), zap.Error(err)) + // Renew and reload the certificate + renewAndReload := func(ctx context.Context, cancel context.CancelFunc) (Certificate, error) { + defer cancel() + err = cfg.RenewCert(ctx, name, false) + if err == nil { + // even though the recursive nature of the dynamic cert loading + // would just call this function anyway, we do it here to + // make the replacement as atomic as possible. + newCert, err := cfg.CacheManagedCertificate(name) + if err != nil { + if log != nil { + log.Error("loading renewed certificate", zap.String("server_name", name), zap.Error(err)) + } + } else { + // replace the old certificate with the new one + cfg.certCache.replaceCertificate(currentCert, newCert) } - } else { - // replace the old certificate with the new one - cfg.certCache.replaceCertificate(currentCert, newCert) } + + // immediately unblock anyone waiting for it; doing this in + // a defer would risk deadlock because of the recursive call + // to getCertDuringHandshake below when we return! + unblockWaiters() + + if err != nil { + return Certificate{}, err + } + + return getCertWithoutReobtaining() } - // immediately unblock anyone waiting for it; doing this in - // a defer would risk deadlock because of the recursive call - // to getCertDuringHandshake below when we return! - obtainCertWaitChansMu.Lock() - close(wait) - delete(obtainCertWaitChans, name) - obtainCertWaitChansMu.Unlock() - - if err != nil { - return Certificate{}, err + // if the certificate hasn't expired, we can serve what we have and renew in the background + if timeLeft > 0 { + // TODO: get a proper context; we use one with timeout because retries are enabled because interactive is false + ctx, cancel := context.WithTimeout(context.TODO(), 5*time.Minute) + go renewAndReload(ctx, cancel) + return currentCert, nil } - return cfg.getCertDuringHandshake(hello, true, false) + // otherwise, we have to block while we renew an expired certificate + ctx, cancel := context.WithTimeout(context.TODO(), 90*time.Second) + return renewAndReload(ctx, cancel) } -// tryDistributedChallengeSolver is to be called when the clientHello pertains to -// a TLS-ALPN challenge and a certificate is required to solve it. This method -// checks the distributed store of challenge info files and, if a matching ServerName -// is present, it makes a certificate to solve this challenge and returns it. For -// this to succeed, it requires that cfg.Issuer is of type *ACMEManager. -// A boolean true is returned if a valid certificate is returned. -func (cfg *Config) tryDistributedChallengeSolver(clientHello *tls.ClientHelloInfo) (Certificate, bool, error) { - am, ok := cfg.Issuer.(*ACMEManager) - if !ok { - return Certificate{}, false, nil - } - tokenKey := distributedSolver{acmeManager: am, caURL: am.CA}.challengeTokensKey(clientHello.ServerName) - chalInfoBytes, err := cfg.Storage.Load(tokenKey) +// getTLSALPNChallengeCert is to be called when the clientHello pertains to +// a TLS-ALPN challenge and a certificate is required to solve it. This method gets +// the relevant challenge info and then returns the associated certificate (if any) +// or generates it anew if it's not available (as is the case when distributed +// solving). True is returned if the challenge is being solved distributed (there +// is no semantic difference with distributed solving; it is mainly for logging). +func (cfg *Config) getTLSALPNChallengeCert(clientHello *tls.ClientHelloInfo) (*tls.Certificate, bool, error) { + chalData, distributed, err := cfg.getChallengeInfo(clientHello.ServerName) if err != nil { - if _, ok := err.(ErrNotExist); ok { - return Certificate{}, false, nil - } - return Certificate{}, false, fmt.Errorf("opening distributed challenge token file %s: %v", tokenKey, err) + return nil, distributed, err } - var chalInfo acme.Challenge - err = json.Unmarshal(chalInfoBytes, &chalInfo) - if err != nil { - return Certificate{}, false, fmt.Errorf("decoding challenge token file %s (corrupted?): %v", tokenKey, err) + // fast path: we already created the certificate (this avoids having to re-create + // it at every handshake that tries to verify, e.g. multi-perspective validation) + if chalData.data != nil { + return chalData.data.(*tls.Certificate), distributed, nil } - cert, err := acmez.TLSALPN01ChallengeCert(chalInfo) + // otherwise, we can re-create the solution certificate, but it takes a few cycles + cert, err := acmez.TLSALPN01ChallengeCert(chalData.Challenge) if err != nil { - return Certificate{}, false, fmt.Errorf("making TLS-ALPN challenge certificate: %v", err) + return nil, distributed, fmt.Errorf("making TLS-ALPN challenge certificate: %v", err) } if cert == nil { - return Certificate{}, false, fmt.Errorf("got nil TLS-ALPN challenge certificate but no error") + return nil, distributed, fmt.Errorf("got nil TLS-ALPN challenge certificate but no error") } - return Certificate{Certificate: *cert}, true, nil + return cert, distributed, nil } // getNameFromClientHello returns a normalized form of hello.ServerName. // If hello.ServerName is empty (i.e. client did not use SNI), then the // associated connection's local address is used to extract an IP address. func (*Config) getNameFromClientHello(hello *tls.ClientHelloInfo) string { - name := NormalizedName(hello.ServerName) - if name != "" || hello.Conn == nil { + if name := normalizedName(hello.ServerName); name != "" { return name } - - // if no SNI, try using IP address on the connection - localAddr := hello.Conn.LocalAddr().String() - localAddrHost, _, err := net.SplitHostPort(localAddr) - if err == nil { - return localAddrHost - } - return localAddr + return localIPFromConn(hello.Conn) } -// NormalizedName returns a cleaned form of serverName that is +// localIPFromConn returns the host portion of c's local address +// and strips the scope ID if one exists (see RFC 4007). +func localIPFromConn(c net.Conn) string { + if c == nil { + return "" + } + localAddr := c.LocalAddr().String() + ip, _, err := net.SplitHostPort(localAddr) + if err != nil { + // OK; assume there was no port + ip = localAddr + } + // IPv6 addresses can have scope IDs, e.g. "fe80::4c3:3cff:fe4f:7e0b%eth0", + // but for our purposes, these are useless (unless a valid use case proves + // otherwise; see issue #3911) + if scopeIDStart := strings.Index(ip, "%"); scopeIDStart > -1 { + ip = ip[:scopeIDStart] + } + return ip +} + +// normalizedName returns a cleaned form of serverName that is // used for consistency when referring to a SNI value. -func NormalizedName(serverName string) string { +func normalizedName(serverName string) string { return strings.ToLower(strings.TrimSpace(serverName)) } diff --git a/vendor/github.com/caddyserver/certmagic/httphandler.go b/vendor/github.com/caddyserver/certmagic/httphandler.go index e3897217a..d17cfaab7 100644 --- a/vendor/github.com/caddyserver/certmagic/httphandler.go +++ b/vendor/github.com/caddyserver/certmagic/httphandler.go @@ -15,7 +15,6 @@ package certmagic import ( - "encoding/json" "net/http" "strings" @@ -71,41 +70,24 @@ func (am *ACMEManager) distributedHTTPChallengeSolver(w http.ResponseWriter, r * if am == nil { return false } - host := hostOnly(r.Host) - - tokenKey := distributedSolver{acmeManager: am, caURL: am.CA}.challengeTokensKey(host) - chalInfoBytes, err := am.config.Storage.Load(tokenKey) - if err != nil { - if _, ok := err.(ErrNotExist); !ok { - if am.Logger != nil { - am.Logger.Error("opening distributed HTTP challenge token file", - zap.String("host", host), - zap.Error(err)) - } - } - return false - } - - var challenge acme.Challenge - err = json.Unmarshal(chalInfoBytes, &challenge) + chalInfo, distributed, err := am.config.getChallengeInfo(host) if err != nil { if am.Logger != nil { - am.Logger.Error("decoding HTTP challenge token file (corrupted?)", + am.Logger.Error("looking up info for HTTP challenge", zap.String("host", host), - zap.String("token_key", tokenKey), zap.Error(err)) } return false } - - return am.answerHTTPChallenge(w, r, challenge) + return solveHTTPChallenge(am.Logger, w, r, chalInfo.Challenge, distributed) } -// answerHTTPChallenge solves the challenge with chalInfo. -// Most of this code borrowed from xenolf's built-in HTTP-01 -// challenge solver in March 2018. -func (am *ACMEManager) answerHTTPChallenge(w http.ResponseWriter, r *http.Request, challenge acme.Challenge) bool { +// solveHTTPChallenge solves the HTTP challenge using the given challenge information. +// If the challenge is being solved in a distributed fahsion, set distributed to true for logging purposes. +// It returns true the properties of the request check out in relation to the HTTP challenge. +// Most of this code borrowed from xenolf's built-in HTTP-01 challenge solver in March 2018. +func solveHTTPChallenge(logger *zap.Logger, w http.ResponseWriter, r *http.Request, challenge acme.Challenge, distributed bool) bool { challengeReqPath := challenge.HTTP01ResourcePath() if r.URL.Path == challengeReqPath && strings.EqualFold(hostOnly(r.Host), challenge.Identifier.Value) && // mitigate DNS rebinding attacks @@ -113,17 +95,26 @@ func (am *ACMEManager) answerHTTPChallenge(w http.ResponseWriter, r *http.Reques w.Header().Add("Content-Type", "text/plain") w.Write([]byte(challenge.KeyAuthorization)) r.Close = true - if am.Logger != nil { - am.Logger.Info("served key authentication", + if logger != nil { + logger.Info("served key authentication", zap.String("identifier", challenge.Identifier.Value), zap.String("challenge", "http-01"), - zap.String("remote", r.RemoteAddr)) + zap.String("remote", r.RemoteAddr), + zap.Bool("distributed", distributed)) } return true } return false } +// SolveHTTPChallenge solves the HTTP challenge. It should be used only on HTTP requests that are +// from ACME servers trying to validate an identifier (i.e. LooksLikeHTTPChallenge() == true). It +// returns true if the request criteria check out and it answered with key authentication, in which +// case no further handling of the request is necessary. +func SolveHTTPChallenge(logger *zap.Logger, w http.ResponseWriter, r *http.Request, challenge acme.Challenge) bool { + return solveHTTPChallenge(logger, w, r, challenge, false) +} + // LooksLikeHTTPChallenge returns true if r looks like an ACME // HTTP challenge request from an ACME server. func LooksLikeHTTPChallenge(r *http.Request) bool { diff --git a/vendor/github.com/caddyserver/certmagic/maintain.go b/vendor/github.com/caddyserver/certmagic/maintain.go index 0e7acc3a0..3e5a8736a 100644 --- a/vendor/github.com/caddyserver/certmagic/maintain.go +++ b/vendor/github.com/caddyserver/certmagic/maintain.go @@ -141,6 +141,9 @@ func (certCache *Cache) RenewManagedCertificates(ctx context.Context) error { } continue } + if cfg.OnDemand != nil { + continue + } // if time is up or expires soon, we need to try to renew it if cert.NeedsRenewal(cfg) { @@ -337,8 +340,8 @@ func (certCache *Cache) updateOCSPStaples(ctx context.Context) { continue } - ocspResp, err := stapleOCSP(cfg.Storage, &cert, nil) - if err != nil { + ocspResp, err := stapleOCSP(cfg.OCSP, cfg.Storage, &cert, nil) + if err != nil || ocspResp == nil { if cert.ocsp != nil { // if there was no staple before, that's fine; otherwise we should log the error if log != nil { diff --git a/vendor/github.com/caddyserver/certmagic/ocsp.go b/vendor/github.com/caddyserver/certmagic/ocsp.go index fedc70e26..4a21546d2 100644 --- a/vendor/github.com/caddyserver/certmagic/ocsp.go +++ b/vendor/github.com/caddyserver/certmagic/ocsp.go @@ -34,11 +34,16 @@ import ( // If you don't have the PEM blocks already, just pass in nil. // // Errors here are not necessarily fatal, it could just be that the -// certificate doesn't have an issuer URL. +// certificate doesn't have an issuer URL. This function may return +// both nil values if OCSP stapling is disabled according to ocspConfig. // // If a status was received, it returns that status. Note that the // returned status is not always stapled to the certificate. -func stapleOCSP(storage Storage, cert *Certificate, pemBundle []byte) (*ocsp.Response, error) { +func stapleOCSP(ocspConfig OCSPConfig, storage Storage, cert *Certificate, pemBundle []byte) (*ocsp.Response, error) { + if ocspConfig.DisableStapling { + return nil, nil + } + if pemBundle == nil { // we need a PEM encoding only for some function calls below bundle := new(bytes.Buffer) @@ -82,7 +87,7 @@ func stapleOCSP(storage Storage, cert *Certificate, pemBundle []byte) (*ocsp.Res // If we couldn't get a fresh staple by reading the cache, // then we need to request it from the OCSP responder if ocspResp == nil || len(ocspBytes) == 0 { - ocspBytes, ocspResp, ocspErr = getOCSPForCert(pemBundle) + ocspBytes, ocspResp, ocspErr = getOCSPForCert(ocspConfig, pemBundle) if ocspErr != nil { // An error here is not a problem because a certificate may simply // not contain a link to an OCSP server. But we should log it anyway. @@ -125,7 +130,7 @@ func stapleOCSP(storage Storage, cert *Certificate, pemBundle []byte) (*ocsp.Res // values are nil, the OCSP status may be assumed OCSPUnknown. // // Borrowed from xenolf. -func getOCSPForCert(bundle []byte) ([]byte, *ocsp.Response, error) { +func getOCSPForCert(ocspConfig OCSPConfig, bundle []byte) ([]byte, *ocsp.Response, error) { // TODO: Perhaps this should be synchronized too, with a Locker? certificates, err := parseCertsFromPEMBundle(bundle) @@ -142,6 +147,18 @@ func getOCSPForCert(bundle []byte) ([]byte, *ocsp.Response, error) { if len(issuedCert.OCSPServer) == 0 { return nil, nil, fmt.Errorf("no OCSP server specified in certificate") } + + // apply override for responder URL + respURL := issuedCert.OCSPServer[0] + if len(ocspConfig.ResponderOverrides) > 0 { + if override, ok := ocspConfig.ResponderOverrides[respURL]; ok { + respURL = override + } + } + if respURL == "" { + return nil, nil, fmt.Errorf("override disables querying OCSP responder: %v", issuedCert.OCSPServer[0]) + } + if len(certificates) == 1 { if len(issuedCert.IssuingCertificateURL) == 0 { return nil, nil, fmt.Errorf("no URL to issuing certificate") @@ -176,7 +193,7 @@ func getOCSPForCert(bundle []byte) ([]byte, *ocsp.Response, error) { } reader := bytes.NewReader(ocspReq) - req, err := http.Post(issuedCert.OCSPServer[0], "application/ocsp-request", reader) + req, err := http.Post(respURL, "application/ocsp-request", reader) if err != nil { return nil, nil, fmt.Errorf("making OCSP request: %v", err) } diff --git a/vendor/github.com/caddyserver/certmagic/solvers.go b/vendor/github.com/caddyserver/certmagic/solvers.go index c0957da3e..afd0fd28a 100644 --- a/vendor/github.com/caddyserver/certmagic/solvers.go +++ b/vendor/github.com/caddyserver/certmagic/solvers.go @@ -123,22 +123,19 @@ type tlsALPNSolver struct { // Present adds the certificate to the certificate cache and, if // needed, starts a TLS server for answering TLS-ALPN challenges. func (s *tlsALPNSolver) Present(ctx context.Context, chal acme.Challenge) error { - // load the certificate into the cache; this isn't strictly necessary - // if we're using the distributed solver since our GetCertificate - // function will check storage for the keyAuth anyway, but it seems - // like loading it into the cache is the right thing to do + // we pre-generate the certificate for efficiency with multi-perspective + // validation, so it only has to be done once (at least, by this instance; + // distributed solving does not have that luxury, oh well) - update the + // challenge data in memory to be the generated certificate cert, err := acmez.TLSALPN01ChallengeCert(chal) if err != nil { return err } - certHash := hashCertificateChain(cert.Certificate) - s.config.certCache.mu.Lock() - s.config.certCache.cache[tlsALPNCertKeyName(chal.Identifier.Value)] = Certificate{ - Certificate: *cert, - Names: []string{chal.Identifier.Value}, - hash: certHash, // perhaps not necesssary - } - s.config.certCache.mu.Unlock() + activeChallengesMu.Lock() + chalData := activeChallenges[chal.Identifier.Value] + chalData.data = cert + activeChallenges[chal.Identifier.Value] = chalData + activeChallengesMu.Unlock() // the rest of this function increments the // challenge count for the solver at this @@ -273,13 +270,6 @@ func (s *DNS01Solver) Present(ctx context.Context, challenge acme.Challenge) err dnsName := challenge.DNS01TXTRecordName() keyAuth := challenge.DNS01KeyAuthorization() - rec := libdns.Record{ - Type: "TXT", - Name: dnsName, - Value: keyAuth, - TTL: s.TTL, - } - // multiple identifiers can have the same ACME challenge // domain (e.g. example.com and *.example.com) so we need // to ensure that we don't solve those concurrently and @@ -292,6 +282,13 @@ func (s *DNS01Solver) Present(ctx context.Context, challenge acme.Challenge) err return fmt.Errorf("could not determine zone for domain %q: %v", dnsName, err) } + rec := libdns.Record{ + Type: "TXT", + Name: libdns.RelativeName(dnsName+".", zone), + Value: keyAuth, + TTL: s.TTL, + } + results, err := s.DNSProvider.AppendRecords(ctx, zone, []libdns.Record{rec}) if err != nil { return fmt.Errorf("adding temporary record for zone %s: %w", zone, err) @@ -458,20 +455,19 @@ func (mmu *mapMutex) locked(key interface{}) (ok bool) { // sharing sync and storage, and using the facilities provided by // this package for solving the challenges. type distributedSolver struct { - // The config with a certificate cache - // with a reference to the storage to - // use which is shared among all the - // instances in the cluster - REQUIRED. - acmeManager *ACMEManager + // The storage backing the distributed solver. It must be + // the same storage configuration as what is solving the + // challenge in order to be effective. + storage Storage + + // The storage key prefix, associated with the issuer + // that is solving the challenge. + storageKeyIssuerPrefix string // Since the distributedSolver is only a // wrapper over an actual solver, place // the actual solver here. solver acmez.Solver - - // The CA endpoint URL associated with - // this solver. - caURL string } // Present invokes the underlying solver's Present method @@ -483,7 +479,7 @@ func (dhs distributedSolver) Present(ctx context.Context, chal acme.Challenge) e return err } - err = dhs.acmeManager.config.Storage.Store(dhs.challengeTokensKey(chal.Identifier.Value), infoBytes) + err = dhs.storage.Store(dhs.challengeTokensKey(chal.Identifier.Value), infoBytes) if err != nil { return err } @@ -495,10 +491,18 @@ func (dhs distributedSolver) Present(ctx context.Context, chal acme.Challenge) e return nil } +// Wait wraps the underlying solver's Wait() method, if any. Implements acmez.Waiter. +func (dhs distributedSolver) Wait(ctx context.Context, challenge acme.Challenge) error { + if waiter, ok := dhs.solver.(acmez.Waiter); ok { + return waiter.Wait(ctx, challenge) + } + return nil +} + // CleanUp invokes the underlying solver's CleanUp method // and also cleans up any assets saved to storage. func (dhs distributedSolver) CleanUp(ctx context.Context, chal acme.Challenge) error { - err := dhs.acmeManager.config.Storage.Delete(dhs.challengeTokensKey(chal.Identifier.Value)) + err := dhs.storage.Delete(dhs.challengeTokensKey(chal.Identifier.Value)) if err != nil { return err } @@ -511,7 +515,7 @@ func (dhs distributedSolver) CleanUp(ctx context.Context, chal acme.Challenge) e // challengeTokensPrefix returns the key prefix for challenge info. func (dhs distributedSolver) challengeTokensPrefix() string { - return path.Join(dhs.acmeManager.storageKeyCAPrefix(dhs.caURL), "challenge_tokens") + return path.Join(dhs.storageKeyIssuerPrefix, "challenge_tokens") } // challengeTokensKey returns the key to use to store and access @@ -607,6 +611,15 @@ func dialTCPSocket(addr string) error { return err } +// GetACMEChallenge returns an active ACME challenge for the given identifier, +// or false if no active challenge for that identifier is known. +func GetACMEChallenge(identifier string) (Challenge, bool) { + activeChallengesMu.Lock() + chalData, ok := activeChallenges[identifier] + activeChallengesMu.Unlock() + return chalData, ok +} + // The active challenge solvers, keyed by listener address, // and protected by a mutex. Note that the creation of // solver listeners and the incrementing of their counts @@ -616,8 +629,56 @@ var ( solversMu sync.Mutex ) +// activeChallenges holds information about all known, currently-active +// ACME challenges, keyed by identifier. CertMagic guarantees that +// challenges for the same identifier do not overlap, by its locking +// mechanisms; thus if a challenge comes in for a certain identifier, +// we can be confident that if this process initiated the challenge, +// the correct information to solve it is in this map. (It may have +// alternatively been initiated by another instance in a cluster, in +// which case the distributed solver will take care of that.) +var ( + activeChallenges = make(map[string]Challenge) + activeChallengesMu sync.Mutex +) + +// Challenge is an ACME challenge, but optionally paired with +// data that can make it easier or more efficient to solve. +type Challenge struct { + acme.Challenge + data interface{} +} + +// solverWrapper should be used to wrap all challenge solvers so that +// we can add the challenge info to memory; this makes challenges globally +// solvable by a single HTTP or TLS server even if multiple servers with +// different configurations/scopes need to get certificates. +type solverWrapper struct{ acmez.Solver } + +func (sw solverWrapper) Present(ctx context.Context, chal acme.Challenge) error { + activeChallengesMu.Lock() + activeChallenges[chal.Identifier.Value] = Challenge{Challenge: chal} + activeChallengesMu.Unlock() + return sw.Solver.Present(ctx, chal) +} + +func (sw solverWrapper) Wait(ctx context.Context, chal acme.Challenge) error { + if waiter, ok := sw.Solver.(acmez.Waiter); ok { + return waiter.Wait(ctx, chal) + } + return nil +} + +func (sw solverWrapper) CleanUp(ctx context.Context, chal acme.Challenge) error { + activeChallengesMu.Lock() + delete(activeChallenges, chal.Identifier.Value) + activeChallengesMu.Unlock() + return sw.Solver.CleanUp(ctx, chal) +} + // Interface guards var ( - _ acmez.Solver = (*DNS01Solver)(nil) - _ acmez.Waiter = (*DNS01Solver)(nil) + _ acmez.Solver = (*solverWrapper)(nil) + _ acmez.Waiter = (*solverWrapper)(nil) + _ acmez.Waiter = (*distributedSolver)(nil) ) diff --git a/vendor/github.com/caddyserver/certmagic/storage.go b/vendor/github.com/caddyserver/certmagic/storage.go index f5045a972..804a47408 100644 --- a/vendor/github.com/caddyserver/certmagic/storage.go +++ b/vendor/github.com/caddyserver/certmagic/storage.go @@ -16,12 +16,13 @@ package certmagic import ( "context" - "log" "path" "regexp" "strings" "sync" "time" + + "go.uber.org/zap" ) // Storage is a type that implements a key-value store. @@ -213,16 +214,20 @@ func (keys KeyBuilder) Safe(str string) string { // this does not cancel the operations that // the locks are synchronizing, this should be // called only immediately before process exit. -func CleanUpOwnLocks() { +// Errors are only reported if a logger is given. +func CleanUpOwnLocks(logger *zap.Logger) { locksMu.Lock() defer locksMu.Unlock() for lockKey, storage := range locks { err := storage.Unlock(lockKey) if err == nil { delete(locks, lockKey) - } else { - log.Printf("[ERROR] Unable to clean up lock: %v (lock=%s storage=%s)", - err, lockKey, storage) + } else if logger != nil { + logger.Error("unable to clean up lock in storage backend", + zap.Any("storage", storage), + zap.String("lock_key", lockKey), + zap.Error(err), + ) } } } @@ -272,6 +277,7 @@ var safeKeyRE = regexp.MustCompile(`[^\w@.-]`) // ErrNotExist is returned by Storage implementations when // a resource is not found. It is similar to os.IsNotExist // except this is a type, not a variable. +// TODO: use new Go error wrapping conventions type ErrNotExist interface { error } diff --git a/vendor/github.com/miekg/dns/Makefile.release b/vendor/github.com/miekg/dns/Makefile.release index 8fb748e8a..a0ce9b712 100644 --- a/vendor/github.com/miekg/dns/Makefile.release +++ b/vendor/github.com/miekg/dns/Makefile.release @@ -1,7 +1,7 @@ # Makefile for releasing. # # The release is controlled from version.go. The version found there is -# used to tag the git repo, we're not building any artifects so there is nothing +# used to tag the git repo, we're not building any artifacts so there is nothing # to upload to github. # # * Up the version in version.go diff --git a/vendor/github.com/miekg/dns/client.go b/vendor/github.com/miekg/dns/client.go index 000dc013c..f907698b5 100644 --- a/vendor/github.com/miekg/dns/client.go +++ b/vendor/github.com/miekg/dns/client.go @@ -379,7 +379,7 @@ func Dial(network, address string) (conn *Conn, err error) { func ExchangeContext(ctx context.Context, m *Msg, a string) (r *Msg, err error) { client := Client{Net: "udp"} r, _, err = client.ExchangeContext(ctx, m, a) - // ignorint rtt to leave the original ExchangeContext API unchanged, but + // ignoring rtt to leave the original ExchangeContext API unchanged, but // this function will go away return r, err } diff --git a/vendor/github.com/miekg/dns/defaults.go b/vendor/github.com/miekg/dns/defaults.go index d874e3008..d47b0b1f2 100644 --- a/vendor/github.com/miekg/dns/defaults.go +++ b/vendor/github.com/miekg/dns/defaults.go @@ -349,10 +349,7 @@ func ReverseAddr(addr string) (arpa string, err error) { // Add it, in reverse, to the buffer for i := len(ip) - 1; i >= 0; i-- { v := ip[i] - buf = append(buf, hexDigit[v&0xF]) - buf = append(buf, '.') - buf = append(buf, hexDigit[v>>4]) - buf = append(buf, '.') + buf = append(buf, hexDigit[v&0xF], '.', hexDigit[v>>4], '.') } // Append "ip6.arpa." and return (buf already has the final .) buf = append(buf, "ip6.arpa."...) diff --git a/vendor/github.com/miekg/dns/dnssec.go b/vendor/github.com/miekg/dns/dnssec.go index 900f6e059..80d2be5a8 100644 --- a/vendor/github.com/miekg/dns/dnssec.go +++ b/vendor/github.com/miekg/dns/dnssec.go @@ -4,6 +4,7 @@ import ( "bytes" "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" @@ -17,8 +18,6 @@ import ( "sort" "strings" "time" - - "golang.org/x/crypto/ed25519" ) // DNSSEC encryption algorithm codes. @@ -500,7 +499,7 @@ func (rr *RRSIG) ValidityPeriod(t time.Time) bool { return ti <= utc && utc <= te } -// Return the signatures base64 encodedig sigdata as a byte slice. +// Return the signatures base64 encoding sigdata as a byte slice. func (rr *RRSIG) sigBuf() []byte { sigbuf, err := fromBase64([]byte(rr.Signature)) if err != nil { diff --git a/vendor/github.com/miekg/dns/dnssec_keygen.go b/vendor/github.com/miekg/dns/dnssec_keygen.go index 2ab7b6d73..b8124b561 100644 --- a/vendor/github.com/miekg/dns/dnssec_keygen.go +++ b/vendor/github.com/miekg/dns/dnssec_keygen.go @@ -3,12 +3,11 @@ package dns import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" "math/big" - - "golang.org/x/crypto/ed25519" ) // Generate generates a DNSKEY of the given bit size. diff --git a/vendor/github.com/miekg/dns/dnssec_keyscan.go b/vendor/github.com/miekg/dns/dnssec_keyscan.go index 6cbc28483..f79658169 100644 --- a/vendor/github.com/miekg/dns/dnssec_keyscan.go +++ b/vendor/github.com/miekg/dns/dnssec_keyscan.go @@ -4,13 +4,12 @@ import ( "bufio" "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/rsa" "io" "math/big" "strconv" "strings" - - "golang.org/x/crypto/ed25519" ) // NewPrivateKey returns a PrivateKey by parsing the string s. diff --git a/vendor/github.com/miekg/dns/dnssec_privkey.go b/vendor/github.com/miekg/dns/dnssec_privkey.go index 072e445da..f16077296 100644 --- a/vendor/github.com/miekg/dns/dnssec_privkey.go +++ b/vendor/github.com/miekg/dns/dnssec_privkey.go @@ -3,11 +3,10 @@ package dns import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/rsa" "math/big" "strconv" - - "golang.org/x/crypto/ed25519" ) const format = "Private-key-format: v1.3\n" diff --git a/vendor/github.com/miekg/dns/edns.go b/vendor/github.com/miekg/dns/edns.go index f3fb1c684..1a87f4cb9 100644 --- a/vendor/github.com/miekg/dns/edns.go +++ b/vendor/github.com/miekg/dns/edns.go @@ -525,7 +525,7 @@ func (e *EDNS0_N3U) String() string { } func (e *EDNS0_N3U) copy() EDNS0 { return &EDNS0_N3U{e.Code, e.AlgCode} } -// EDNS0_EXPIRE implementes the EDNS0 option as described in RFC 7314. +// EDNS0_EXPIRE implements the EDNS0 option as described in RFC 7314. type EDNS0_EXPIRE struct { Code uint16 // Always EDNS0EXPIRE Expire uint32 diff --git a/vendor/github.com/miekg/dns/go.mod b/vendor/github.com/miekg/dns/go.mod index 6003d0573..51619b784 100644 --- a/vendor/github.com/miekg/dns/go.mod +++ b/vendor/github.com/miekg/dns/go.mod @@ -1,11 +1,9 @@ module github.com/miekg/dns -go 1.12 +go 1.13 require ( - golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 - golang.org/x/net v0.0.0-20190923162816-aa69164e4478 - golang.org/x/sync v0.0.0-20190423024810-112230192c58 - golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe - golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 // indirect + golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 + golang.org/x/sync v0.0.0-20210220032951-036812b2e83c + golang.org/x/sys v0.0.0-20210303074136-134d130e1a04 ) diff --git a/vendor/github.com/miekg/dns/go.sum b/vendor/github.com/miekg/dns/go.sum index 96bda3a94..3359ebea4 100644 --- a/vendor/github.com/miekg/dns/go.sum +++ b/vendor/github.com/miekg/dns/go.sum @@ -1,39 +1,10 @@ -golang.org/x/crypto v0.0.0-20181001203147-e3636079e1a4 h1:Vk3wNqEZwyGyei9yq5ekj7frek2u7HUfffJ1/opblzc= -golang.org/x/crypto v0.0.0-20181001203147-e3636079e1a4/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472 h1:Gv7RPwsi3eZ2Fgewe3CBsuOebPwO27PoXzRpJPsvSSM= -golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 h1:ACG4HJsFiNMf47Y4PeRoebLNy/2lXT9EtprMuTFWt1M= -golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8= -golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/net v0.0.0-20180926154720-4dfa2610cdf3 h1:dgd4x4kJt7G4k4m93AYLzM8Ni6h2qLTfh9n9vXJT3/0= -golang.org/x/net v0.0.0-20180926154720-4dfa2610cdf3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180928133829-e4b3c5e90611 h1:O33LKL7WyJgjN9CvxfTIomjIClbd/Kq86/iipowHQU0= -golang.org/x/sys v0.0.0-20180928133829-e4b3c5e90611/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd h1:DBH9mDw0zluJT/R+nGuV3jWFWLFaHyYZWD4tOT+cjn0= -golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw= +golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210303074136-134d130e1a04 h1:cEhElsAv9LUt9ZUUocxzWe05oFLVd+AA2nstydTeI8g= +golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 h1:VvQyQJN0tSuecqgcIxMWnnfG5kSmgy9KZR9sW3W5QeA= -golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/vendor/github.com/miekg/dns/labels.go b/vendor/github.com/miekg/dns/labels.go index df1675dfd..f9faacfeb 100644 --- a/vendor/github.com/miekg/dns/labels.go +++ b/vendor/github.com/miekg/dns/labels.go @@ -10,7 +10,7 @@ package dns // escaped dots (\.) for instance. // s must be a syntactically valid domain name, see IsDomainName. func SplitDomainName(s string) (labels []string) { - if len(s) == 0 { + if s == "" { return nil } fqdnEnd := 0 // offset of the final '.' or the length of the name diff --git a/vendor/github.com/miekg/dns/msg.go b/vendor/github.com/miekg/dns/msg.go index 1728a98b7..ead4b6931 100644 --- a/vendor/github.com/miekg/dns/msg.go +++ b/vendor/github.com/miekg/dns/msg.go @@ -742,7 +742,7 @@ func (dns *Msg) packBufferWithCompressionMap(buf []byte, compression compression } // Set extended rcode unconditionally if we have an opt, this will allow - // reseting the extended rcode bits if they need to. + // resetting the extended rcode bits if they need to. if opt := dns.IsEdns0(); opt != nil { opt.SetExtendedRcode(uint16(dns.Rcode)) } else if dns.Rcode > 0xF { diff --git a/vendor/github.com/miekg/dns/privaterr.go b/vendor/github.com/miekg/dns/privaterr.go index cda6cae31..45c7f26d8 100644 --- a/vendor/github.com/miekg/dns/privaterr.go +++ b/vendor/github.com/miekg/dns/privaterr.go @@ -6,7 +6,7 @@ import "strings" // RFC 6895. This allows one to experiment with new RR types, without requesting an // official type code. Also see dns.PrivateHandle and dns.PrivateHandleRemove. type PrivateRdata interface { - // String returns the text presentaton of the Rdata of the Private RR. + // String returns the text presentation of the Rdata of the Private RR. String() string // Parse parses the Rdata of the private RR. Parse([]string) error diff --git a/vendor/github.com/miekg/dns/scan.go b/vendor/github.com/miekg/dns/scan.go index 67161de29..39055bde3 100644 --- a/vendor/github.com/miekg/dns/scan.go +++ b/vendor/github.com/miekg/dns/scan.go @@ -1233,7 +1233,7 @@ func stringToCm(token string) (e, m uint8, ok bool) { // 'nn.1' must be treated as 'nn-meters and 10cm, not 1cm. cmeters *= 10 } - if len(s[0]) == 0 { + if s[0] == "" { // This will allow omitting the 'meter' part, like .01 (meaning 0.01m = 1cm). break } @@ -1352,7 +1352,7 @@ func stringToNodeID(l lex) (uint64, *ParseError) { if len(l.token) < 19 { return 0, &ParseError{l.token, "bad NID/L64 NodeID/Locator64", l} } - // There must be three colons at fixes postitions, if not its a parse error + // There must be three colons at fixes positions, if not its a parse error if l.token[4] != ':' && l.token[9] != ':' && l.token[14] != ':' { return 0, &ParseError{l.token, "bad NID/L64 NodeID/Locator64", l} } diff --git a/vendor/github.com/miekg/dns/scan_rr.go b/vendor/github.com/miekg/dns/scan_rr.go index 23b4043bc..05765aed8 100644 --- a/vendor/github.com/miekg/dns/scan_rr.go +++ b/vendor/github.com/miekg/dns/scan_rr.go @@ -609,7 +609,7 @@ func (rr *LOC) parse(c *zlexer, o string) *ParseError { c.Next() // zBlank l, _ = c.Next() - if i, err := strconv.ParseFloat(l.token, 32); err != nil || l.err || i < 0 || i >= 60 { + if i, err := strconv.ParseFloat(l.token, 64); err != nil || l.err || i < 0 || i >= 60 { return &ParseError{"", "bad LOC Latitude seconds", l} } else { rr.Latitude += uint32(1000 * i) @@ -645,7 +645,7 @@ East: } c.Next() // zBlank l, _ = c.Next() - if i, err := strconv.ParseFloat(l.token, 32); err != nil || l.err || i < 0 || i >= 60 { + if i, err := strconv.ParseFloat(l.token, 64); err != nil || l.err || i < 0 || i >= 60 { return &ParseError{"", "bad LOC Longitude seconds", l} } else { rr.Longitude += uint32(1000 * i) @@ -662,7 +662,7 @@ East: Altitude: c.Next() // zBlank l, _ = c.Next() - if len(l.token) == 0 || l.err { + if l.token == "" || l.err { return &ParseError{"", "bad LOC Altitude", l} } if l.token[len(l.token)-1] == 'M' || l.token[len(l.token)-1] == 'm' { @@ -722,7 +722,7 @@ func (rr *HIP) parse(c *zlexer, o string) *ParseError { c.Next() // zBlank l, _ = c.Next() // zString - if len(l.token) == 0 || l.err { + if l.token == "" || l.err { return &ParseError{"", "bad HIP Hit", l} } rr.Hit = l.token // This can not contain spaces, see RFC 5205 Section 6. @@ -730,7 +730,7 @@ func (rr *HIP) parse(c *zlexer, o string) *ParseError { c.Next() // zBlank l, _ = c.Next() // zString - if len(l.token) == 0 || l.err { + if l.token == "" || l.err { return &ParseError{"", "bad HIP PublicKey", l} } rr.PublicKey = l.token // This cannot contain spaces @@ -846,6 +846,38 @@ func (rr *CSYNC) parse(c *zlexer, o string) *ParseError { return nil } +func (rr *ZONEMD) parse(c *zlexer, o string) *ParseError { + l, _ := c.Next() + i, e := strconv.ParseUint(l.token, 10, 32) + if e != nil || l.err { + return &ParseError{"", "bad ZONEMD Serial", l} + } + rr.Serial = uint32(i) + + c.Next() // zBlank + l, _ = c.Next() + i, e1 := strconv.ParseUint(l.token, 10, 8) + if e1 != nil || l.err { + return &ParseError{"", "bad ZONEMD Scheme", l} + } + rr.Scheme = uint8(i) + + c.Next() // zBlank + l, _ = c.Next() + i, err := strconv.ParseUint(l.token, 10, 8) + if err != nil || l.err { + return &ParseError{"", "bad ZONEMD Hash Algorithm", l} + } + rr.Hash = uint8(i) + + s, e2 := endingToString(c, "bad ZONEMD Digest") + if e2 != nil { + return e2 + } + rr.Digest = s + return nil +} + func (rr *SIG) parse(c *zlexer, o string) *ParseError { return rr.RRSIG.parse(c, o) } func (rr *RRSIG) parse(c *zlexer, o string) *ParseError { @@ -997,7 +1029,7 @@ func (rr *NSEC3) parse(c *zlexer, o string) *ParseError { rr.Iterations = uint16(i) c.Next() l, _ = c.Next() - if len(l.token) == 0 || l.err { + if l.token == "" || l.err { return &ParseError{"", "bad NSEC3 Salt", l} } if l.token != "-" { @@ -1007,7 +1039,7 @@ func (rr *NSEC3) parse(c *zlexer, o string) *ParseError { c.Next() l, _ = c.Next() - if len(l.token) == 0 || l.err { + if l.token == "" || l.err { return &ParseError{"", "bad NSEC3 NextDomain", l} } rr.HashLength = 20 // Fix for NSEC3 (sha1 160 bits) diff --git a/vendor/github.com/miekg/dns/sig0.go b/vendor/github.com/miekg/dns/sig0.go index 9ef13ccf3..e781c9bb6 100644 --- a/vendor/github.com/miekg/dns/sig0.go +++ b/vendor/github.com/miekg/dns/sig0.go @@ -17,7 +17,7 @@ func (rr *SIG) Sign(k crypto.Signer, m *Msg) ([]byte, error) { if k == nil { return nil, ErrPrivKey } - if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 { + if rr.KeyTag == 0 || rr.SignerName == "" || rr.Algorithm == 0 { return nil, ErrKey } @@ -78,7 +78,7 @@ func (rr *SIG) Verify(k *KEY, buf []byte) error { if k == nil { return ErrKey } - if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 { + if rr.KeyTag == 0 || rr.SignerName == "" || rr.Algorithm == 0 { return ErrKey } diff --git a/vendor/github.com/miekg/dns/svcb.go b/vendor/github.com/miekg/dns/svcb.go index 1373fe21b..ec0a76f4c 100644 --- a/vendor/github.com/miekg/dns/svcb.go +++ b/vendor/github.com/miekg/dns/svcb.go @@ -321,7 +321,7 @@ func (s *SVCBAlpn) pack() ([]byte, error) { // Liberally estimate the size of an alpn as 10 octets b := make([]byte, 0, 10*len(s.Alpn)) for _, e := range s.Alpn { - if len(e) == 0 { + if e == "" { return nil, errors.New("dns: svcbalpn: empty alpn-id") } if len(e) > 255 { @@ -390,7 +390,7 @@ func (*SVCBNoDefaultAlpn) unpack(b []byte) error { } func (*SVCBNoDefaultAlpn) parse(b string) error { - if len(b) != 0 { + if b != "" { return errors.New("dns: svcbnodefaultalpn: no_default_alpn must have no value") } return nil diff --git a/vendor/github.com/miekg/dns/types.go b/vendor/github.com/miekg/dns/types.go index 9e379eb35..99dd315bf 100644 --- a/vendor/github.com/miekg/dns/types.go +++ b/vendor/github.com/miekg/dns/types.go @@ -81,6 +81,7 @@ const ( TypeCDNSKEY uint16 = 60 TypeOPENPGPKEY uint16 = 61 TypeCSYNC uint16 = 62 + TypeZONEMD uint16 = 63 TypeSVCB uint16 = 64 TypeHTTPS uint16 = 65 TypeSPF uint16 = 99 @@ -150,6 +151,17 @@ const ( OpcodeUpdate = 5 ) +// Used in ZONEMD https://tools.ietf.org/html/rfc8976 + +const ( + // ZoneMD Accepted Schemes + ZoneMDSchemeSimple = 1 + + // ZoneMD Hash Algorithms + ZoneMDHashAlgSHA384 = 1 + ZoneMDHashAlgSHA512 = 2 +) + // Header is the wire format for the DNS packet header. type Header struct { Id uint16 @@ -1361,6 +1373,23 @@ func (rr *CSYNC) len(off int, compression map[string]struct{}) int { return l } +// ZONEMD RR, from draft-ietf-dnsop-dns-zone-digest +type ZONEMD struct { + Hdr RR_Header + Serial uint32 + Scheme uint8 + Hash uint8 + Digest string `dns:"hex"` +} + +func (rr *ZONEMD) String() string { + return rr.Hdr.String() + + strconv.Itoa(int(rr.Serial)) + + " " + strconv.Itoa(int(rr.Scheme)) + + " " + strconv.Itoa(int(rr.Hash)) + + " " + rr.Digest +} + // APL RR. See RFC 3123. type APL struct { Hdr RR_Header @@ -1472,7 +1501,7 @@ func StringToTime(s string) (uint32, error) { // saltToString converts a NSECX salt to uppercase and returns "-" when it is empty. func saltToString(s string) string { - if len(s) == 0 { + if s == "" { return "-" } return strings.ToUpper(s) diff --git a/vendor/github.com/miekg/dns/version.go b/vendor/github.com/miekg/dns/version.go index 8f7cf7688..5a358acc9 100644 --- a/vendor/github.com/miekg/dns/version.go +++ b/vendor/github.com/miekg/dns/version.go @@ -3,7 +3,7 @@ package dns import "fmt" // Version is current version of this library. -var Version = v{1, 1, 40} +var Version = v{1, 1, 41} // v holds the version of this library. type v struct { diff --git a/vendor/github.com/miekg/dns/zduplicate.go b/vendor/github.com/miekg/dns/zduplicate.go index 0d3b34bd9..9eb1dac29 100644 --- a/vendor/github.com/miekg/dns/zduplicate.go +++ b/vendor/github.com/miekg/dns/zduplicate.go @@ -1317,3 +1317,24 @@ func (r1 *X25) isDuplicate(_r2 RR) bool { } return true } + +func (r1 *ZONEMD) isDuplicate(_r2 RR) bool { + r2, ok := _r2.(*ZONEMD) + if !ok { + return false + } + _ = r2 + if r1.Serial != r2.Serial { + return false + } + if r1.Scheme != r2.Scheme { + return false + } + if r1.Hash != r2.Hash { + return false + } + if r1.Digest != r2.Digest { + return false + } + return true +} diff --git a/vendor/github.com/miekg/dns/zmsg.go b/vendor/github.com/miekg/dns/zmsg.go index d24a10fa2..fc0822f98 100644 --- a/vendor/github.com/miekg/dns/zmsg.go +++ b/vendor/github.com/miekg/dns/zmsg.go @@ -1118,6 +1118,26 @@ func (rr *X25) pack(msg []byte, off int, compression compressionMap, compress bo return off, nil } +func (rr *ZONEMD) pack(msg []byte, off int, compression compressionMap, compress bool) (off1 int, err error) { + off, err = packUint32(rr.Serial, msg, off) + if err != nil { + return off, err + } + off, err = packUint8(rr.Scheme, msg, off) + if err != nil { + return off, err + } + off, err = packUint8(rr.Hash, msg, off) + if err != nil { + return off, err + } + off, err = packStringHex(rr.Digest, msg, off) + if err != nil { + return off, err + } + return off, nil +} + // unpack*() functions func (rr *A) unpack(msg []byte, off int) (off1 int, err error) { @@ -2821,3 +2841,35 @@ func (rr *X25) unpack(msg []byte, off int) (off1 int, err error) { } return off, nil } + +func (rr *ZONEMD) unpack(msg []byte, off int) (off1 int, err error) { + rdStart := off + _ = rdStart + + rr.Serial, off, err = unpackUint32(msg, off) + if err != nil { + return off, err + } + if off == len(msg) { + return off, nil + } + rr.Scheme, off, err = unpackUint8(msg, off) + if err != nil { + return off, err + } + if off == len(msg) { + return off, nil + } + rr.Hash, off, err = unpackUint8(msg, off) + if err != nil { + return off, err + } + if off == len(msg) { + return off, nil + } + rr.Digest, off, err = unpackStringHex(msg, off, rdStart+int(rr.Hdr.Rdlength)) + if err != nil { + return off, err + } + return off, nil +} diff --git a/vendor/github.com/miekg/dns/ztypes.go b/vendor/github.com/miekg/dns/ztypes.go index 11b51bf21..5d060cfee 100644 --- a/vendor/github.com/miekg/dns/ztypes.go +++ b/vendor/github.com/miekg/dns/ztypes.go @@ -82,6 +82,7 @@ var TypeToRR = map[uint16]func() RR{ TypeUINFO: func() RR { return new(UINFO) }, TypeURI: func() RR { return new(URI) }, TypeX25: func() RR { return new(X25) }, + TypeZONEMD: func() RR { return new(ZONEMD) }, } // TypeToString is a map of strings for each RR type. @@ -168,6 +169,7 @@ var TypeToString = map[uint16]string{ TypeUNSPEC: "UNSPEC", TypeURI: "URI", TypeX25: "X25", + TypeZONEMD: "ZONEMD", TypeNSAPPTR: "NSAP-PTR", } @@ -245,6 +247,7 @@ func (rr *UID) Header() *RR_Header { return &rr.Hdr } func (rr *UINFO) Header() *RR_Header { return &rr.Hdr } func (rr *URI) Header() *RR_Header { return &rr.Hdr } func (rr *X25) Header() *RR_Header { return &rr.Hdr } +func (rr *ZONEMD) Header() *RR_Header { return &rr.Hdr } // len() functions func (rr *A) len(off int, compression map[string]struct{}) int { @@ -684,6 +687,14 @@ func (rr *X25) len(off int, compression map[string]struct{}) int { l += len(rr.PSDNAddress) + 1 return l } +func (rr *ZONEMD) len(off int, compression map[string]struct{}) int { + l := rr.Hdr.len(off, compression) + l += 4 // Serial + l++ // Scheme + l++ // Hash + l += len(rr.Digest) / 2 + return l +} // copy() functions func (rr *A) copy() RR { @@ -936,3 +947,6 @@ func (rr *URI) copy() RR { func (rr *X25) copy() RR { return &X25{rr.Hdr, rr.PSDNAddress} } +func (rr *ZONEMD) copy() RR { + return &ZONEMD{rr.Hdr, rr.Serial, rr.Scheme, rr.Hash, rr.Digest} +} diff --git a/vendor/golang.org/x/crypto/poly1305/sum_ppc64le.s b/vendor/golang.org/x/crypto/poly1305/sum_ppc64le.s index 5cd7494b2..3cede539d 100644 --- a/vendor/golang.org/x/crypto/poly1305/sum_ppc64le.s +++ b/vendor/golang.org/x/crypto/poly1305/sum_ppc64le.s @@ -82,7 +82,7 @@ multiply: BGE loop bytes_between_0_and_15: - CMP $0, R5 + CMP R5, $0 BEQ done MOVD $0, R16 // h0 MOVD $0, R17 // h1 @@ -122,7 +122,7 @@ just1: // Exactly 8 MOVD (R4), R16 - CMP $0, R17 + CMP R17, $0 // Check if we've already set R17; if not // set 1 to indicate end of msg. @@ -151,7 +151,7 @@ less4: ADD $2, R4 less2: - CMP $0, R5 + CMP R5, $0 BEQ insert1 MOVBZ (R4), R21 SLD R22, R21, R21 @@ -166,12 +166,12 @@ insert1: carry: // Add new values to h0, h1, h2 - ADDC R16, R8 - ADDE R17, R9 - ADDE $0, R10 - MOVD $16, R5 - ADD R5, R4 - BR multiply + ADDC R16, R8 + ADDE R17, R9 + ADDZE R10, R10 + MOVD $16, R5 + ADD R5, R4 + BR multiply done: // Save h0, h1, h2 in state diff --git a/vendor/golang.org/x/crypto/scrypt/scrypt.go b/vendor/golang.org/x/crypto/scrypt/scrypt.go index 2f81fe414..bbe4494c6 100644 --- a/vendor/golang.org/x/crypto/scrypt/scrypt.go +++ b/vendor/golang.org/x/crypto/scrypt/scrypt.go @@ -9,6 +9,7 @@ package scrypt // import "golang.org/x/crypto/scrypt" import ( "crypto/sha256" + "encoding/binary" "errors" "math/bits" @@ -143,36 +144,34 @@ func integer(b []uint32, r int) uint64 { func smix(b []byte, r, N int, v, xy []uint32) { var tmp [16]uint32 + R := 32 * r x := xy - y := xy[32*r:] + y := xy[R:] j := 0 - for i := 0; i < 32*r; i++ { - x[i] = uint32(b[j]) | uint32(b[j+1])<<8 | uint32(b[j+2])<<16 | uint32(b[j+3])<<24 + for i := 0; i < R; i++ { + x[i] = binary.LittleEndian.Uint32(b[j:]) j += 4 } for i := 0; i < N; i += 2 { - blockCopy(v[i*(32*r):], x, 32*r) + blockCopy(v[i*R:], x, R) blockMix(&tmp, x, y, r) - blockCopy(v[(i+1)*(32*r):], y, 32*r) + blockCopy(v[(i+1)*R:], y, R) blockMix(&tmp, y, x, r) } for i := 0; i < N; i += 2 { j := int(integer(x, r) & uint64(N-1)) - blockXOR(x, v[j*(32*r):], 32*r) + blockXOR(x, v[j*R:], R) blockMix(&tmp, x, y, r) j = int(integer(y, r) & uint64(N-1)) - blockXOR(y, v[j*(32*r):], 32*r) + blockXOR(y, v[j*R:], R) blockMix(&tmp, y, x, r) } j = 0 - for _, v := range x[:32*r] { - b[j+0] = byte(v >> 0) - b[j+1] = byte(v >> 8) - b[j+2] = byte(v >> 16) - b[j+3] = byte(v >> 24) + for _, v := range x[:R] { + binary.LittleEndian.PutUint32(b[j:], v) j += 4 } } diff --git a/vendor/golang.org/x/net/internal/socket/sys_const_unix.go b/vendor/golang.org/x/net/internal/socket/sys_const_unix.go index f077b2f11..5d99f2373 100644 --- a/vendor/golang.org/x/net/internal/socket/sys_const_unix.go +++ b/vendor/golang.org/x/net/internal/socket/sys_const_unix.go @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris -// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris +//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos +// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos package socket @@ -15,4 +15,7 @@ const ( sysAF_INET6 = unix.AF_INET6 sysSOCK_RAW = unix.SOCK_RAW + + sizeofSockaddrInet4 = unix.SizeofSockaddrInet4 + sizeofSockaddrInet6 = unix.SizeofSockaddrInet6 ) diff --git a/vendor/golang.org/x/net/internal/socket/sys_const_zos.go b/vendor/golang.org/x/net/internal/socket/sys_const_zos.go deleted file mode 100644 index 304862954..000000000 --- a/vendor/golang.org/x/net/internal/socket/sys_const_zos.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build zos -// +build zos - -package socket - -import "syscall" - -const ( - sysAF_UNSPEC = syscall.AF_UNSPEC - sysAF_INET = syscall.AF_INET - sysAF_INET6 = syscall.AF_INET6 - - sysSOCK_RAW = syscall.SOCK_RAW -) diff --git a/vendor/golang.org/x/net/internal/socket/sys_posix.go b/vendor/golang.org/x/net/internal/socket/sys_posix.go index 25ded2176..d8dda77b5 100644 --- a/vendor/golang.org/x/net/internal/socket/sys_posix.go +++ b/vendor/golang.org/x/net/internal/socket/sys_posix.go @@ -32,12 +32,12 @@ func marshalInetAddr(a net.Addr) []byte { func marshalSockaddr(ip net.IP, port int, zone string) []byte { if ip4 := ip.To4(); ip4 != nil { - b := make([]byte, sizeofSockaddrInet) + b := make([]byte, sizeofSockaddrInet4) switch runtime.GOOS { case "android", "illumos", "linux", "solaris", "windows": NativeEndian.PutUint16(b[:2], uint16(sysAF_INET)) default: - b[0] = sizeofSockaddrInet + b[0] = sizeofSockaddrInet4 b[1] = sysAF_INET } binary.BigEndian.PutUint16(b[2:4], uint16(port)) @@ -77,7 +77,7 @@ func parseInetAddr(b []byte, network string) (net.Addr, error) { var ip net.IP var zone string if af == sysAF_INET { - if len(b) < sizeofSockaddrInet { + if len(b) < sizeofSockaddrInet4 { return nil, errors.New("short address") } ip = make(net.IP, net.IPv4len) diff --git a/vendor/golang.org/x/net/internal/socket/sys_stub.go b/vendor/golang.org/x/net/internal/socket/sys_stub.go index dc7bb389b..381e45e16 100644 --- a/vendor/golang.org/x/net/internal/socket/sys_stub.go +++ b/vendor/golang.org/x/net/internal/socket/sys_stub.go @@ -15,6 +15,9 @@ const ( sysAF_INET6 = 0xa sysSOCK_RAW = 0x3 + + sizeofSockaddrInet4 = 0x10 + sizeofSockaddrInet6 = 0x1c ) func marshalInetAddr(ip net.IP, port int, zone string) []byte { diff --git a/vendor/golang.org/x/net/internal/socket/sys_windows.go b/vendor/golang.org/x/net/internal/socket/sys_windows.go index d556a4461..2de0d68c6 100644 --- a/vendor/golang.org/x/net/internal/socket/sys_windows.go +++ b/vendor/golang.org/x/net/internal/socket/sys_windows.go @@ -22,25 +22,8 @@ const ( sysAF_INET6 = windows.AF_INET6 sysSOCK_RAW = windows.SOCK_RAW -) -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - -const ( - sizeofSockaddrInet = 0x10 + sizeofSockaddrInet4 = 0x10 sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go b/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go index 79f3bdd5b..00691bd52 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go @@ -34,27 +34,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]uint8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go index 150f980f5..5acf6db6e 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go index a686c9528..98dcfe412 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go index 150f980f5..5acf6db6e 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go index a686c9528..98dcfe412 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go index d45c197e2..636d129ae 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go index ffec860ea..87707fed0 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go index aa701ab67..7db778112 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go index ffec860ea..87707fed0 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go index aa701ab67..7db778112 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go index 0c847bee7..4c19269be 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go @@ -29,25 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go index 0c847bee7..4c19269be 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go @@ -29,25 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go index 0c847bee7..4c19269be 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go @@ -29,25 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go index 0c847bee7..4c19269be 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go @@ -29,25 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go index 12ec2e42b..c066272dd 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go @@ -34,25 +34,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go index 15e2aecaa..3dcd5c8ed 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go @@ -32,25 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - X__pad [8]uint8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x38 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go index 6b72d24dd..f95572dc0 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go @@ -29,27 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go index 9aaa4ab1c..a92fd60e4 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go @@ -32,27 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go index 6b72d24dd..f95572dc0 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go @@ -29,27 +29,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go index 9aaa4ab1c..a92fd60e4 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go @@ -32,27 +32,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go index 3ec8d42fe..e792ec211 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go index ea0ee008d..b68ff2d57 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go index 3ec8d42fe..e792ec211 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x8 sizeofMsghdr = 0x1c - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go index ea0ee008d..b68ff2d57 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go @@ -26,27 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go index 011283240..3c9576e2d 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go @@ -24,27 +24,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Len uint8 - Family uint8 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Len uint8 - Family uint8 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x1c ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go index 48b2b591f..359cfec40 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go @@ -26,26 +26,7 @@ type cmsghdr struct { Type int32 } -type sockaddrInet struct { - Family uint16 - Port uint16 - Addr [4]byte /* in_addr */ - Zero [8]int8 -} - -type sockaddrInet6 struct { - Family uint16 - Port uint16 - Flowinfo uint32 - Addr [16]byte /* in6_addr */ - Scope_id uint32 - X__sin6_src_id uint32 -} - const ( sizeofIovec = 0x10 sizeofMsghdr = 0x30 - - sizeofSockaddrInet = 0x10 - sizeofSockaddrInet6 = 0x20 ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go b/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go index 514ca3754..49b62c856 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go @@ -25,8 +25,4 @@ type cmsghdr struct { Type int32 } -const ( - sizeofCmsghdr = 12 - sizeofSockaddrInet = 16 - sizeofSockaddrInet6 = 28 -) +const sizeofCmsghdr = 12 diff --git a/vendor/golang.org/x/net/ipv4/control_bsd.go b/vendor/golang.org/x/net/ipv4/control_bsd.go index 6fef740f2..b7385dfd9 100644 --- a/vendor/golang.org/x/net/ipv4/control_bsd.go +++ b/vendor/golang.org/x/net/ipv4/control_bsd.go @@ -14,11 +14,13 @@ import ( "golang.org/x/net/internal/iana" "golang.org/x/net/internal/socket" + + "golang.org/x/sys/unix" ) func marshalDst(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIP, sysIP_RECVDSTADDR, net.IPv4len) + m.MarshalHeader(iana.ProtocolIP, unix.IP_RECVDSTADDR, net.IPv4len) return m.Next(net.IPv4len) } @@ -31,7 +33,7 @@ func parseDst(cm *ControlMessage, b []byte) { func marshalInterface(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIP, sysIP_RECVIF, syscall.SizeofSockaddrDatalink) + m.MarshalHeader(iana.ProtocolIP, sockoptReceiveInterface, syscall.SizeofSockaddrDatalink) return m.Next(syscall.SizeofSockaddrDatalink) } diff --git a/vendor/golang.org/x/net/ipv4/control_unix.go b/vendor/golang.org/x/net/ipv4/control_unix.go index edce30f12..2413e02f8 100644 --- a/vendor/golang.org/x/net/ipv4/control_unix.go +++ b/vendor/golang.org/x/net/ipv4/control_unix.go @@ -12,6 +12,8 @@ import ( "golang.org/x/net/internal/iana" "golang.org/x/net/internal/socket" + + "golang.org/x/sys/unix" ) func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error { @@ -65,7 +67,7 @@ func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) er func marshalTTL(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIP, sysIP_RECVTTL, 1) + m.MarshalHeader(iana.ProtocolIP, unix.IP_RECVTTL, 1) return m.Next(1) } diff --git a/vendor/golang.org/x/net/ipv4/sys_aix.go b/vendor/golang.org/x/net/ipv4/sys_aix.go index 7b65dd6ef..02730cdfd 100644 --- a/vendor/golang.org/x/net/ipv4/sys_aix.go +++ b/vendor/golang.org/x/net/ipv4/sys_aix.go @@ -18,6 +18,9 @@ import ( "golang.org/x/sys/unix" ) +// IP_RECVIF is defined on AIX but doesn't work. IP_RECVINTERFACE must be used instead. +const sockoptReceiveInterface = unix.IP_RECVINTERFACE + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/sys_bsd.go b/vendor/golang.org/x/net/ipv4/sys_bsd.go index e8299b414..e191b2f14 100644 --- a/vendor/golang.org/x/net/ipv4/sys_bsd.go +++ b/vendor/golang.org/x/net/ipv4/sys_bsd.go @@ -17,6 +17,8 @@ import ( "golang.org/x/sys/unix" ) +const sockoptReceiveInterface = unix.IP_RECVIF + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/sys_darwin.go b/vendor/golang.org/x/net/ipv4/sys_darwin.go index f6bf8eddb..c5527acf6 100644 --- a/vendor/golang.org/x/net/ipv4/sys_darwin.go +++ b/vendor/golang.org/x/net/ipv4/sys_darwin.go @@ -15,6 +15,8 @@ import ( "golang.org/x/sys/unix" ) +const sockoptReceiveInterface = unix.IP_RECVIF + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/sys_dragonfly.go b/vendor/golang.org/x/net/ipv4/sys_dragonfly.go index f34925c05..0620d0e1e 100644 --- a/vendor/golang.org/x/net/ipv4/sys_dragonfly.go +++ b/vendor/golang.org/x/net/ipv4/sys_dragonfly.go @@ -14,6 +14,8 @@ import ( "golang.org/x/sys/unix" ) +const sockoptReceiveInterface = unix.IP_RECVIF + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/sys_freebsd.go b/vendor/golang.org/x/net/ipv4/sys_freebsd.go index cba906302..7457bfde9 100644 --- a/vendor/golang.org/x/net/ipv4/sys_freebsd.go +++ b/vendor/golang.org/x/net/ipv4/sys_freebsd.go @@ -17,6 +17,8 @@ import ( "golang.org/x/sys/unix" ) +const sockoptReceiveInterface = unix.IP_RECVIF + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/sys_solaris.go b/vendor/golang.org/x/net/ipv4/sys_solaris.go index b79b69583..0bb9f3e36 100644 --- a/vendor/golang.org/x/net/ipv4/sys_solaris.go +++ b/vendor/golang.org/x/net/ipv4/sys_solaris.go @@ -15,6 +15,8 @@ import ( "golang.org/x/sys/unix" ) +const sockoptReceiveInterface = unix.IP_RECVIF + var ( ctlOpts = [ctlMax]ctlOpt{ ctlTTL: {unix.IP_RECVTTL, 4, marshalTTL, parseTTL}, diff --git a/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go b/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go index 42a81863c..b7f2d6e5c 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go @@ -8,10 +8,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x20 - sysIP_RECVTTL = 0x22 - sizeofIPMreq = 0x8 ) diff --git a/vendor/golang.org/x/net/ipv4/zsys_darwin.go b/vendor/golang.org/x/net/ipv4/zsys_darwin.go index d14b87171..9c35f9767 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_darwin.go +++ b/vendor/golang.org/x/net/ipv4/zsys_darwin.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x18 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go index 9631421da..2155df130 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go +++ b/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x41 - sizeofIPMreq = 0x8 ) diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go index 9a0e3283d..b2208a45d 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go +++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x41 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go index 143623bbd..6719f1947 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x41 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go index 143623bbd..6719f1947 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go +++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x41 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go index 1be70237f..07a5f5d7e 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x41 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go b/vendor/golang.org/x/net/ipv4/zsys_linux_386.go index 8c5795ea6..a8e3c2626 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_386.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go index 8c5795ea6..a8e3c2626 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go index 8c5795ea6..a8e3c2626 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go index 8c5795ea6..a8e3c2626 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go index 2c9e7e3cb..b9adb2af2 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go index b31766a02..b24d2649d 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go @@ -7,8 +7,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go b/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go index 7b40aa1b6..7291f96a0 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go +++ b/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go @@ -4,8 +4,6 @@ package ipv4 const ( - sysIP_RECVTTL = 0xc - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go b/vendor/golang.org/x/net/ipv4/zsys_netbsd.go index df99ef693..a2ef2f6d6 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go +++ b/vendor/golang.org/x/net/ipv4/zsys_netbsd.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x14 - sysIP_RECVTTL = 0x17 - sizeofIPMreq = 0x8 ) diff --git a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go b/vendor/golang.org/x/net/ipv4/zsys_openbsd.go index 9052a9bd4..b293a338f 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go +++ b/vendor/golang.org/x/net/ipv4/zsys_openbsd.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x1e - sysIP_RECVTTL = 0x1f - sizeofIPMreq = 0x8 ) diff --git a/vendor/golang.org/x/net/ipv4/zsys_solaris.go b/vendor/golang.org/x/net/ipv4/zsys_solaris.go index 1cdc45c27..e1a961bb6 100644 --- a/vendor/golang.org/x/net/ipv4/zsys_solaris.go +++ b/vendor/golang.org/x/net/ipv4/zsys_solaris.go @@ -4,10 +4,6 @@ package ipv4 const ( - sysIP_RECVDSTADDR = 0x7 - sysIP_RECVIF = 0x9 - sysIP_RECVTTL = 0xb - sizeofSockaddrStorage = 0x100 sizeofSockaddrInet = 0x10 sizeofInetPktinfo = 0xc diff --git a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go b/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go index 242219419..9c90844aa 100644 --- a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go +++ b/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go @@ -13,11 +13,13 @@ import ( "golang.org/x/net/internal/iana" "golang.org/x/net/internal/socket" + + "golang.org/x/sys/unix" ) func marshalTrafficClass(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_TCLASS, 4) + m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_TCLASS, 4) if cm != nil { socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.TrafficClass)) } @@ -30,7 +32,7 @@ func parseTrafficClass(cm *ControlMessage, b []byte) { func marshalHopLimit(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_HOPLIMIT, 4) + m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_HOPLIMIT, 4) if cm != nil { socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.HopLimit)) } @@ -43,7 +45,7 @@ func parseHopLimit(cm *ControlMessage, b []byte) { func marshalPacketInfo(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_PKTINFO, sizeofInet6Pktinfo) + m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_PKTINFO, sizeofInet6Pktinfo) if cm != nil { pi := (*inet6Pktinfo)(unsafe.Pointer(&m.Data(sizeofInet6Pktinfo)[0])) if ip := cm.Src.To16(); ip != nil && ip.To4() == nil { @@ -67,7 +69,7 @@ func parsePacketInfo(cm *ControlMessage, b []byte) { func marshalNextHop(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_NEXTHOP, sizeofSockaddrInet6) + m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_NEXTHOP, sizeofSockaddrInet6) if cm != nil { sa := (*sockaddrInet6)(unsafe.Pointer(&m.Data(sizeofSockaddrInet6)[0])) sa.setSockaddr(cm.NextHop, cm.IfIndex) @@ -80,7 +82,7 @@ func parseNextHop(cm *ControlMessage, b []byte) { func marshalPathMTU(b []byte, cm *ControlMessage) []byte { m := socket.ControlMessage(b) - m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_PATHMTU, sizeofIPv6Mtuinfo) + m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo) return m.Next(sizeofIPv6Mtuinfo) } diff --git a/vendor/golang.org/x/net/ipv6/sys_solaris.go b/vendor/golang.org/x/net/ipv6/sys_solaris.go index d348b5f6e..1fc30add4 100644 --- a/vendor/golang.org/x/net/ipv6/sys_solaris.go +++ b/vendor/golang.org/x/net/ipv6/sys_solaris.go @@ -11,36 +11,38 @@ import ( "golang.org/x/net/internal/iana" "golang.org/x/net/internal/socket" + + "golang.org/x/sys/unix" ) var ( ctlOpts = [ctlMax]ctlOpt{ - ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass}, - ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit}, - ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo}, - ctlNextHop: {sysIPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop}, - ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU}, + ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass}, + ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit}, + ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo}, + ctlNextHop: {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop}, + ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU}, } sockOpts = map[int]*sockOpt{ - ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}}, - ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}}, - ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}}, - ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}}, - ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}}, - ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}}, - ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}}, - ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}}, - ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}}, - ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}}, - ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}}, - ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}}, - ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, - ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, - ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}}, + ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}}, + ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}}, + ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}}, + ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}}, + ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}}, + ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}}, + ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}}, + ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}}, + ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}}, + ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}}, + ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}}, + ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, + ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, + ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, } ) diff --git a/vendor/golang.org/x/net/ipv6/sys_zos.go b/vendor/golang.org/x/net/ipv6/sys_zos.go index d4567f908..31adc8665 100644 --- a/vendor/golang.org/x/net/ipv6/sys_zos.go +++ b/vendor/golang.org/x/net/ipv6/sys_zos.go @@ -11,33 +11,35 @@ import ( "golang.org/x/net/internal/iana" "golang.org/x/net/internal/socket" + + "golang.org/x/sys/unix" ) var ( ctlOpts = [ctlMax]ctlOpt{ - ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit}, - ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo}, - ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU}, + ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit}, + ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo}, + ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU}, } sockOpts = map[int]*sockOpt{ - ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}}, - ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}}, - ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}}, - ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}}, - ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}}, - ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}}, - ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}}, - ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}}, - ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}}, - ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}}, - ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}}, - ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, - ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, - ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, - ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}}, + ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}}, + ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}}, + ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}}, + ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}}, + ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}}, + ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}}, + ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}}, + ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}}, + ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}}, + ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}}, + ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, + ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq}, + ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, + ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq}, } ) diff --git a/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go b/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go index 869f4b2bc..f604b0f3b 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go @@ -8,12 +8,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2e - sysIPV6_PKTINFO = 0x21 - sysIPV6_HOPLIMIT = 0x28 - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x2b - sizeofSockaddrStorage = 0x508 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_darwin.go b/vendor/golang.org/x/net/ipv6/zsys_darwin.go index a1211729e..dd6f7b28e 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_darwin.go +++ b/vendor/golang.org/x/net/ipv6/zsys_darwin.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_TCLASS = 0x24 - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go index 512db656e..6b45a94fe 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go +++ b/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 sizeofIPv6Mtuinfo = 0x20 diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go index 46a62b885..8da55925f 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go +++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go index e475f5111..72a1a65a2 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go index e475f5111..72a1a65a2 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go +++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go index edaf7f15e..5b39eb8df 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go b/vendor/golang.org/x/net/ipv6/zsys_linux_386.go index bb579ea1c..ad71871b7 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_386.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go index bb579ea1c..ad71871b7 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go index bb579ea1c..ad71871b7 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go index bb579ea1c..ad71871b7 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go index 5486c2448..d06c2adec 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go index 283973e6f..d4f78e405 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go @@ -7,12 +7,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go b/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go index 9500f7d5e..2514ab9a4 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go +++ b/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_NEXTHOP = 0x9 - sysIPV6_PKTINFO = 0x32 - sysIPV6_HOPLIMIT = 0x34 - sysIPV6_PATHMTU = 0x3d - sysIPV6_TCLASS = 0x43 - sizeofKernelSockaddrStorage = 0x80 sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go b/vendor/golang.org/x/net/ipv6/zsys_netbsd.go index 524c97fbc..f7335d5ae 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go +++ b/vendor/golang.org/x/net/ipv6/zsys_netbsd.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 sizeofIPv6Mtuinfo = 0x20 diff --git a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go b/vendor/golang.org/x/net/ipv6/zsys_openbsd.go index 5e7bdedc9..6d1592812 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go +++ b/vendor/golang.org/x/net/ipv6/zsys_openbsd.go @@ -4,12 +4,6 @@ package ipv6 const ( - sysIPV6_PATHMTU = 0x2c - sysIPV6_PKTINFO = 0x2e - sysIPV6_HOPLIMIT = 0x2f - sysIPV6_NEXTHOP = 0x30 - sysIPV6_TCLASS = 0x3d - sizeofSockaddrInet6 = 0x1c sizeofInet6Pktinfo = 0x14 sizeofIPv6Mtuinfo = 0x20 diff --git a/vendor/golang.org/x/net/ipv6/zsys_solaris.go b/vendor/golang.org/x/net/ipv6/zsys_solaris.go index 690eef934..171619747 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_solaris.go +++ b/vendor/golang.org/x/net/ipv6/zsys_solaris.go @@ -4,74 +4,6 @@ package ipv6 const ( - sysIPV6_UNICAST_HOPS = 0x5 - sysIPV6_MULTICAST_IF = 0x6 - sysIPV6_MULTICAST_HOPS = 0x7 - sysIPV6_MULTICAST_LOOP = 0x8 - sysIPV6_JOIN_GROUP = 0x9 - sysIPV6_LEAVE_GROUP = 0xa - - sysIPV6_PKTINFO = 0xb - - sysIPV6_HOPLIMIT = 0xc - sysIPV6_NEXTHOP = 0xd - sysIPV6_HOPOPTS = 0xe - sysIPV6_DSTOPTS = 0xf - - sysIPV6_RTHDR = 0x10 - sysIPV6_RTHDRDSTOPTS = 0x11 - - sysIPV6_RECVPKTINFO = 0x12 - sysIPV6_RECVHOPLIMIT = 0x13 - sysIPV6_RECVHOPOPTS = 0x14 - - sysIPV6_RECVRTHDR = 0x16 - - sysIPV6_RECVRTHDRDSTOPTS = 0x17 - - sysIPV6_CHECKSUM = 0x18 - sysIPV6_RECVTCLASS = 0x19 - sysIPV6_USE_MIN_MTU = 0x20 - sysIPV6_DONTFRAG = 0x21 - sysIPV6_SEC_OPT = 0x22 - sysIPV6_SRC_PREFERENCES = 0x23 - sysIPV6_RECVPATHMTU = 0x24 - sysIPV6_PATHMTU = 0x25 - sysIPV6_TCLASS = 0x26 - sysIPV6_V6ONLY = 0x27 - - sysIPV6_RECVDSTOPTS = 0x28 - - sysMCAST_JOIN_GROUP = 0x29 - sysMCAST_LEAVE_GROUP = 0x2a - sysMCAST_BLOCK_SOURCE = 0x2b - sysMCAST_UNBLOCK_SOURCE = 0x2c - sysMCAST_JOIN_SOURCE_GROUP = 0x2d - sysMCAST_LEAVE_SOURCE_GROUP = 0x2e - - sysIPV6_PREFER_SRC_HOME = 0x1 - sysIPV6_PREFER_SRC_COA = 0x2 - sysIPV6_PREFER_SRC_PUBLIC = 0x4 - sysIPV6_PREFER_SRC_TMP = 0x8 - sysIPV6_PREFER_SRC_NONCGA = 0x10 - sysIPV6_PREFER_SRC_CGA = 0x20 - - sysIPV6_PREFER_SRC_MIPMASK = 0x3 - sysIPV6_PREFER_SRC_MIPDEFAULT = 0x1 - sysIPV6_PREFER_SRC_TMPMASK = 0xc - sysIPV6_PREFER_SRC_TMPDEFAULT = 0x4 - sysIPV6_PREFER_SRC_CGAMASK = 0x30 - sysIPV6_PREFER_SRC_CGADEFAULT = 0x10 - - sysIPV6_PREFER_SRC_MASK = 0x3f - - sysIPV6_PREFER_SRC_DEFAULT = 0x15 - - sysIPV6_BOUND_IF = 0x41 - sysIPV6_UNSPEC_SRC = 0x42 - - sysICMP6_FILTER = 0x1 - sizeofSockaddrStorage = 0x100 sizeofSockaddrInet6 = 0x20 sizeofInet6Pktinfo = 0x14 diff --git a/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go b/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go index 3f980691f..7c7564596 100644 --- a/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go +++ b/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go @@ -8,50 +8,6 @@ package ipv6 const ( - sysIPV6_ADDR_PREFERENCES = 32 - sysIPV6_CHECKSUM = 19 - sysIPV6_DONTFRAG = 29 - sysIPV6_DSTOPTS = 23 - sysIPV6_HOPLIMIT = 11 - sysIPV6_HOPOPTS = 22 - sysIPV6_JOIN_GROUP = 5 - sysIPV6_LEAVE_GROUP = 6 - sysIPV6_MULTICAST_HOPS = 9 - sysIPV6_MULTICAST_IF = 7 - sysIPV6_MULTICAST_LOOP = 4 - sysIPV6_NEXTHOP = 20 - sysIPV6_PATHMTU = 12 - sysIPV6_PKTINFO = 13 - sysIPV6_PREFER_SRC_CGA = 0x10 - sysIPV6_PREFER_SRC_COA = 0x02 - sysIPV6_PREFER_SRC_HOME = 0x01 - sysIPV6_PREFER_SRC_NONCGA = 0x20 - sysIPV6_PREFER_SRC_PUBLIC = 0x08 - sysIPV6_PREFER_SRC_TMP = 0x04 - sysIPV6_RECVDSTOPTS = 28 - sysIPV6_RECVHOPLIMIT = 14 - sysIPV6_RECVHOPOPTS = 26 - sysIPV6_RECVPATHMTU = 16 - sysIPV6_RECVPKTINFO = 15 - sysIPV6_RECVRTHDR = 25 - sysIPV6_RECVTCLASS = 31 - sysIPV6_RTHDR = 21 - sysIPV6_RTHDRDSTOPTS = 24 - sysIPV6_RTHDR_TYPE_0 = 0 - sysIPV6_TCLASS = 30 - sysIPV6_UNICAST_HOPS = 3 - sysIPV6_USE_MIN_MTU = 18 - sysIPV6_V6ONLY = 10 - - sysMCAST_JOIN_GROUP = 40 - sysMCAST_LEAVE_GROUP = 41 - sysMCAST_JOIN_SOURCE_GROUP = 42 - sysMCAST_LEAVE_SOURCE_GROUP = 43 - sysMCAST_BLOCK_SOURCE = 44 - sysMCAST_UNBLOCK_SOURCE = 45 - - sysICMP6_FILTER = 0x1 - sizeofSockaddrStorage = 128 sizeofICMPv6Filter = 32 sizeofInet6Pktinfo = 20 diff --git a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go index cb0dfbd09..29d44808b 100644 --- a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go +++ b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) -// +build linux,386 linux,arm linux,mips linux,mipsle +//go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc) +// +build linux,386 linux,arm linux,mips linux,mipsle linux,ppc package unix diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go new file mode 100644 index 000000000..48773f730 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go @@ -0,0 +1,196 @@ +// Copyright 2021 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package unix + +import ( + "runtime" + "unsafe" +) + +// IoctlRetInt performs an ioctl operation specified by req on a device +// associated with opened file descriptor fd, and returns a non-negative +// integer that is returned by the ioctl syscall. +func IoctlRetInt(fd int, req uint) (int, error) { + ret, _, err := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), 0) + if err != 0 { + return 0, err + } + return int(ret), nil +} + +func IoctlGetUint32(fd int, req uint) (uint32, error) { + var value uint32 + err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + return value, err +} + +func IoctlGetRTCTime(fd int) (*RTCTime, error) { + var value RTCTime + err := ioctl(fd, RTC_RD_TIME, uintptr(unsafe.Pointer(&value))) + return &value, err +} + +func IoctlSetRTCTime(fd int, value *RTCTime) error { + err := ioctl(fd, RTC_SET_TIME, uintptr(unsafe.Pointer(value))) + runtime.KeepAlive(value) + return err +} + +func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) { + var value RTCWkAlrm + err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value))) + return &value, err +} + +func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error { + err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value))) + runtime.KeepAlive(value) + return err +} + +type ifreqEthtool struct { + name [IFNAMSIZ]byte + data unsafe.Pointer +} + +// IoctlGetEthtoolDrvinfo fetches ethtool driver information for the network +// device specified by ifname. +func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) { + // Leave room for terminating NULL byte. + if len(ifname) >= IFNAMSIZ { + return nil, EINVAL + } + + value := EthtoolDrvinfo{ + Cmd: ETHTOOL_GDRVINFO, + } + ifreq := ifreqEthtool{ + data: unsafe.Pointer(&value), + } + copy(ifreq.name[:], ifname) + err := ioctl(fd, SIOCETHTOOL, uintptr(unsafe.Pointer(&ifreq))) + runtime.KeepAlive(ifreq) + return &value, err +} + +// IoctlGetWatchdogInfo fetches information about a watchdog device from the +// Linux watchdog API. For more information, see: +// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html. +func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) { + var value WatchdogInfo + err := ioctl(fd, WDIOC_GETSUPPORT, uintptr(unsafe.Pointer(&value))) + return &value, err +} + +// IoctlWatchdogKeepalive issues a keepalive ioctl to a watchdog device. For +// more information, see: +// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html. +func IoctlWatchdogKeepalive(fd int) error { + return ioctl(fd, WDIOC_KEEPALIVE, 0) +} + +// IoctlFileCloneRange performs an FICLONERANGE ioctl operation to clone the +// range of data conveyed in value to the file associated with the file +// descriptor destFd. See the ioctl_ficlonerange(2) man page for details. +func IoctlFileCloneRange(destFd int, value *FileCloneRange) error { + err := ioctl(destFd, FICLONERANGE, uintptr(unsafe.Pointer(value))) + runtime.KeepAlive(value) + return err +} + +// IoctlFileClone performs an FICLONE ioctl operation to clone the entire file +// associated with the file description srcFd to the file associated with the +// file descriptor destFd. See the ioctl_ficlone(2) man page for details. +func IoctlFileClone(destFd, srcFd int) error { + return ioctl(destFd, FICLONE, uintptr(srcFd)) +} + +type FileDedupeRange struct { + Src_offset uint64 + Src_length uint64 + Reserved1 uint16 + Reserved2 uint32 + Info []FileDedupeRangeInfo +} + +type FileDedupeRangeInfo struct { + Dest_fd int64 + Dest_offset uint64 + Bytes_deduped uint64 + Status int32 + Reserved uint32 +} + +// IoctlFileDedupeRange performs an FIDEDUPERANGE ioctl operation to share the +// range of data conveyed in value from the file associated with the file +// descriptor srcFd to the value.Info destinations. See the +// ioctl_fideduperange(2) man page for details. +func IoctlFileDedupeRange(srcFd int, value *FileDedupeRange) error { + buf := make([]byte, SizeofRawFileDedupeRange+ + len(value.Info)*SizeofRawFileDedupeRangeInfo) + rawrange := (*RawFileDedupeRange)(unsafe.Pointer(&buf[0])) + rawrange.Src_offset = value.Src_offset + rawrange.Src_length = value.Src_length + rawrange.Dest_count = uint16(len(value.Info)) + rawrange.Reserved1 = value.Reserved1 + rawrange.Reserved2 = value.Reserved2 + + for i := range value.Info { + rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer( + uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) + + uintptr(i*SizeofRawFileDedupeRangeInfo))) + rawinfo.Dest_fd = value.Info[i].Dest_fd + rawinfo.Dest_offset = value.Info[i].Dest_offset + rawinfo.Bytes_deduped = value.Info[i].Bytes_deduped + rawinfo.Status = value.Info[i].Status + rawinfo.Reserved = value.Info[i].Reserved + } + + err := ioctl(srcFd, FIDEDUPERANGE, uintptr(unsafe.Pointer(&buf[0]))) + + // Output + for i := range value.Info { + rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer( + uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) + + uintptr(i*SizeofRawFileDedupeRangeInfo))) + value.Info[i].Dest_fd = rawinfo.Dest_fd + value.Info[i].Dest_offset = rawinfo.Dest_offset + value.Info[i].Bytes_deduped = rawinfo.Bytes_deduped + value.Info[i].Status = rawinfo.Status + value.Info[i].Reserved = rawinfo.Reserved + } + + return err +} + +func IoctlHIDGetDesc(fd int, value *HIDRawReportDescriptor) error { + err := ioctl(fd, HIDIOCGRDESC, uintptr(unsafe.Pointer(value))) + runtime.KeepAlive(value) + return err +} + +func IoctlHIDGetRawInfo(fd int) (*HIDRawDevInfo, error) { + var value HIDRawDevInfo + err := ioctl(fd, HIDIOCGRAWINFO, uintptr(unsafe.Pointer(&value))) + return &value, err +} + +func IoctlHIDGetRawName(fd int) (string, error) { + var value [_HIDIOCGRAWNAME_LEN]byte + err := ioctl(fd, _HIDIOCGRAWNAME, uintptr(unsafe.Pointer(&value[0]))) + return ByteSliceToString(value[:]), err +} + +func IoctlHIDGetRawPhys(fd int) (string, error) { + var value [_HIDIOCGRAWPHYS_LEN]byte + err := ioctl(fd, _HIDIOCGRAWPHYS, uintptr(unsafe.Pointer(&value[0]))) + return ByteSliceToString(value[:]), err +} + +func IoctlHIDGetRawUniq(fd int) (string, error) { + var value [_HIDIOCGRAWUNIQ_LEN]byte + err := ioctl(fd, _HIDIOCGRAWUNIQ, uintptr(unsafe.Pointer(&value[0]))) + return ByteSliceToString(value[:]), err +} diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh index f2bc86314..007358af8 100644 --- a/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -405,10 +405,11 @@ includes_SunOS=' #include #include #include +#include #include -#include #include #include +#include ' @@ -499,10 +500,10 @@ ccflags="$@" $2 ~ /^LOCK_(SH|EX|NB|UN)$/ || $2 ~ /^LO_(KEY|NAME)_SIZE$/ || $2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ || - $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|ICMP6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL)_/ || + $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL)_/ || $2 ~ /^TP_STATUS_/ || $2 ~ /^FALLOC_/ || - $2 ~ /^ICMP(V6)?_FILTER/ || + $2 ~ /^ICMPV?6?_(FILTER|SEC)/ || $2 == "SOMAXCONN" || $2 == "NAME_MAX" || $2 == "IFNAMSIZ" || diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 44ea96e39..4263953be 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -70,167 +70,7 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) { // ioctl itself should not be exposed directly, but additional get/set // functions for specific types are permissible. - -// IoctlRetInt performs an ioctl operation specified by req on a device -// associated with opened file descriptor fd, and returns a non-negative -// integer that is returned by the ioctl syscall. -func IoctlRetInt(fd int, req uint) (int, error) { - ret, _, err := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), 0) - if err != 0 { - return 0, err - } - return int(ret), nil -} - -func IoctlSetRTCTime(fd int, value *RTCTime) error { - err := ioctl(fd, RTC_SET_TIME, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err -} - -func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error { - err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err -} - -func IoctlGetUint32(fd int, req uint) (uint32, error) { - var value uint32 - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) - return value, err -} - -func IoctlGetRTCTime(fd int) (*RTCTime, error) { - var value RTCTime - err := ioctl(fd, RTC_RD_TIME, uintptr(unsafe.Pointer(&value))) - return &value, err -} - -// IoctlGetWatchdogInfo fetches information about a watchdog device from the -// Linux watchdog API. For more information, see: -// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html. -func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) { - var value WatchdogInfo - err := ioctl(fd, WDIOC_GETSUPPORT, uintptr(unsafe.Pointer(&value))) - return &value, err -} - -func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) { - var value RTCWkAlrm - err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value))) - return &value, err -} - -// IoctlFileCloneRange performs an FICLONERANGE ioctl operation to clone the -// range of data conveyed in value to the file associated with the file -// descriptor destFd. See the ioctl_ficlonerange(2) man page for details. -func IoctlFileCloneRange(destFd int, value *FileCloneRange) error { - err := ioctl(destFd, FICLONERANGE, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err -} - -// IoctlFileClone performs an FICLONE ioctl operation to clone the entire file -// associated with the file description srcFd to the file associated with the -// file descriptor destFd. See the ioctl_ficlone(2) man page for details. -func IoctlFileClone(destFd, srcFd int) error { - return ioctl(destFd, FICLONE, uintptr(srcFd)) -} - -type FileDedupeRange struct { - Src_offset uint64 - Src_length uint64 - Reserved1 uint16 - Reserved2 uint32 - Info []FileDedupeRangeInfo -} - -type FileDedupeRangeInfo struct { - Dest_fd int64 - Dest_offset uint64 - Bytes_deduped uint64 - Status int32 - Reserved uint32 -} - -// IoctlFileDedupeRange performs an FIDEDUPERANGE ioctl operation to share the -// range of data conveyed in value from the file associated with the file -// descriptor srcFd to the value.Info destinations. See the -// ioctl_fideduperange(2) man page for details. -func IoctlFileDedupeRange(srcFd int, value *FileDedupeRange) error { - buf := make([]byte, SizeofRawFileDedupeRange+ - len(value.Info)*SizeofRawFileDedupeRangeInfo) - rawrange := (*RawFileDedupeRange)(unsafe.Pointer(&buf[0])) - rawrange.Src_offset = value.Src_offset - rawrange.Src_length = value.Src_length - rawrange.Dest_count = uint16(len(value.Info)) - rawrange.Reserved1 = value.Reserved1 - rawrange.Reserved2 = value.Reserved2 - - for i := range value.Info { - rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer( - uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) + - uintptr(i*SizeofRawFileDedupeRangeInfo))) - rawinfo.Dest_fd = value.Info[i].Dest_fd - rawinfo.Dest_offset = value.Info[i].Dest_offset - rawinfo.Bytes_deduped = value.Info[i].Bytes_deduped - rawinfo.Status = value.Info[i].Status - rawinfo.Reserved = value.Info[i].Reserved - } - - err := ioctl(srcFd, FIDEDUPERANGE, uintptr(unsafe.Pointer(&buf[0]))) - - // Output - for i := range value.Info { - rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer( - uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) + - uintptr(i*SizeofRawFileDedupeRangeInfo))) - value.Info[i].Dest_fd = rawinfo.Dest_fd - value.Info[i].Dest_offset = rawinfo.Dest_offset - value.Info[i].Bytes_deduped = rawinfo.Bytes_deduped - value.Info[i].Status = rawinfo.Status - value.Info[i].Reserved = rawinfo.Reserved - } - - return err -} - -// IoctlWatchdogKeepalive issues a keepalive ioctl to a watchdog device. For -// more information, see: -// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html. -func IoctlWatchdogKeepalive(fd int) error { - return ioctl(fd, WDIOC_KEEPALIVE, 0) -} - -func IoctlHIDGetDesc(fd int, value *HIDRawReportDescriptor) error { - err := ioctl(fd, HIDIOCGRDESC, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err -} - -func IoctlHIDGetRawInfo(fd int) (*HIDRawDevInfo, error) { - var value HIDRawDevInfo - err := ioctl(fd, HIDIOCGRAWINFO, uintptr(unsafe.Pointer(&value))) - return &value, err -} - -func IoctlHIDGetRawName(fd int) (string, error) { - var value [_HIDIOCGRAWNAME_LEN]byte - err := ioctl(fd, _HIDIOCGRAWNAME, uintptr(unsafe.Pointer(&value[0]))) - return ByteSliceToString(value[:]), err -} - -func IoctlHIDGetRawPhys(fd int) (string, error) { - var value [_HIDIOCGRAWPHYS_LEN]byte - err := ioctl(fd, _HIDIOCGRAWPHYS, uintptr(unsafe.Pointer(&value[0]))) - return ByteSliceToString(value[:]), err -} - -func IoctlHIDGetRawUniq(fd int) (string, error) { - var value [_HIDIOCGRAWUNIQ_LEN]byte - err := ioctl(fd, _HIDIOCGRAWUNIQ, uintptr(unsafe.Pointer(&value[0]))) - return ByteSliceToString(value[:]), err -} +// These are defined in ioctl.go and ioctl_linux.go. //sys Linkat(olddirfd int, oldpath string, newdirfd int, newpath string, flags int) (err error) @@ -857,16 +697,19 @@ type SockaddrVM struct { // CID and Port specify a context ID and port address for a VM socket. // Guests have a unique CID, and hosts may have a well-known CID of: // - VMADDR_CID_HYPERVISOR: refers to the hypervisor process. + // - VMADDR_CID_LOCAL: refers to local communication (loopback). // - VMADDR_CID_HOST: refers to other processes on the host. - CID uint32 - Port uint32 - raw RawSockaddrVM + CID uint32 + Port uint32 + Flags uint8 + raw RawSockaddrVM } func (sa *SockaddrVM) sockaddr() (unsafe.Pointer, _Socklen, error) { sa.raw.Family = AF_VSOCK sa.raw.Port = sa.Port sa.raw.Cid = sa.CID + sa.raw.Flags = sa.Flags return unsafe.Pointer(&sa.raw), SizeofSockaddrVM, nil } @@ -1171,8 +1014,9 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { case AF_VSOCK: pp := (*RawSockaddrVM)(unsafe.Pointer(rsa)) sa := &SockaddrVM{ - CID: pp.Cid, - Port: pp.Port, + CID: pp.Cid, + Port: pp.Port, + Flags: pp.Flags, } return sa, nil case AF_BLUETOOTH: diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go new file mode 100644 index 000000000..7e65e088d --- /dev/null +++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go @@ -0,0 +1,272 @@ +// Copyright 2021 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build linux && ppc +// +build linux +// +build ppc + +package unix + +import ( + "syscall" + "unsafe" +) + +//sys dup2(oldfd int, newfd int) (err error) +//sysnb EpollCreate(size int) (fd int, err error) +//sys EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) +//sys Fchown(fd int, uid int, gid int) (err error) +//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64 +//sys Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64 +//sys Ftruncate(fd int, length int64) (err error) = SYS_FTRUNCATE64 +//sysnb Getegid() (egid int) +//sysnb Geteuid() (euid int) +//sysnb Getgid() (gid int) +//sysnb Getuid() (uid int) +//sysnb InotifyInit() (fd int, err error) +//sys Ioperm(from int, num int, on int) (err error) +//sys Iopl(level int) (err error) +//sys Lchown(path string, uid int, gid int) (err error) +//sys Listen(s int, n int) (err error) +//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 +//sys Pause() (err error) +//sys Pread(fd int, p []byte, offset int64) (n int, err error) = SYS_PREAD64 +//sys Pwrite(fd int, p []byte, offset int64) (n int, err error) = SYS_PWRITE64 +//sys Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) +//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) = SYS__NEWSELECT +//sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) = SYS_SENDFILE64 +//sys setfsgid(gid int) (prev int, err error) +//sys setfsuid(uid int) (prev int, err error) +//sysnb Setregid(rgid int, egid int) (err error) +//sysnb Setresgid(rgid int, egid int, sgid int) (err error) +//sysnb Setresuid(ruid int, euid int, suid int) (err error) +//sysnb Setreuid(ruid int, euid int) (err error) +//sys Shutdown(fd int, how int) (err error) +//sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error) +//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 +//sys Truncate(path string, length int64) (err error) = SYS_TRUNCATE64 +//sys Ustat(dev int, ubuf *Ustat_t) (err error) +//sys accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) +//sys accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) +//sys bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) +//sys connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) +//sysnb getgroups(n int, list *_Gid_t) (nn int, err error) +//sysnb setgroups(n int, list *_Gid_t) (err error) +//sys getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) +//sys setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) +//sysnb socket(domain int, typ int, proto int) (fd int, err error) +//sysnb socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) +//sysnb getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) +//sysnb getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) +//sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) +//sys sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) +//sys recvmsg(s int, msg *Msghdr, flags int) (n int, err error) +//sys sendmsg(s int, msg *Msghdr, flags int) (n int, err error) + +//sys futimesat(dirfd int, path string, times *[2]Timeval) (err error) +//sysnb Gettimeofday(tv *Timeval) (err error) +//sysnb Time(t *Time_t) (tt Time_t, err error) +//sys Utime(path string, buf *Utimbuf) (err error) +//sys utimes(path string, times *[2]Timeval) (err error) + +func Fadvise(fd int, offset int64, length int64, advice int) (err error) { + _, _, e1 := Syscall6(SYS_FADVISE64_64, uintptr(fd), uintptr(advice), uintptr(offset>>32), uintptr(offset), uintptr(length>>32), uintptr(length)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +func seek(fd int, offset int64, whence int) (int64, syscall.Errno) { + var newoffset int64 + offsetLow := uint32(offset & 0xffffffff) + offsetHigh := uint32((offset >> 32) & 0xffffffff) + _, _, err := Syscall6(SYS__LLSEEK, uintptr(fd), uintptr(offsetHigh), uintptr(offsetLow), uintptr(unsafe.Pointer(&newoffset)), uintptr(whence), 0) + return newoffset, err +} + +func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { + newoffset, errno := seek(fd, offset, whence) + if errno != 0 { + return 0, errno + } + return newoffset, nil +} + +func Fstatfs(fd int, buf *Statfs_t) (err error) { + _, _, e := Syscall(SYS_FSTATFS64, uintptr(fd), unsafe.Sizeof(*buf), uintptr(unsafe.Pointer(buf))) + if e != 0 { + err = e + } + return +} + +func Statfs(path string, buf *Statfs_t) (err error) { + pathp, err := BytePtrFromString(path) + if err != nil { + return err + } + _, _, e := Syscall(SYS_STATFS64, uintptr(unsafe.Pointer(pathp)), unsafe.Sizeof(*buf), uintptr(unsafe.Pointer(buf))) + if e != 0 { + err = e + } + return +} + +//sys mmap2(addr uintptr, length uintptr, prot int, flags int, fd int, pageOffset uintptr) (xaddr uintptr, err error) + +func mmap(addr uintptr, length uintptr, prot int, flags int, fd int, offset int64) (xaddr uintptr, err error) { + page := uintptr(offset / 4096) + if offset != int64(page)*4096 { + return 0, EINVAL + } + return mmap2(addr, length, prot, flags, fd, page) +} + +func setTimespec(sec, nsec int64) Timespec { + return Timespec{Sec: int32(sec), Nsec: int32(nsec)} +} + +func setTimeval(sec, usec int64) Timeval { + return Timeval{Sec: int32(sec), Usec: int32(usec)} +} + +type rlimit32 struct { + Cur uint32 + Max uint32 +} + +//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_UGETRLIMIT + +const rlimInf32 = ^uint32(0) +const rlimInf64 = ^uint64(0) + +func Getrlimit(resource int, rlim *Rlimit) (err error) { + err = prlimit(0, resource, nil, rlim) + if err != ENOSYS { + return err + } + + rl := rlimit32{} + err = getrlimit(resource, &rl) + if err != nil { + return + } + + if rl.Cur == rlimInf32 { + rlim.Cur = rlimInf64 + } else { + rlim.Cur = uint64(rl.Cur) + } + + if rl.Max == rlimInf32 { + rlim.Max = rlimInf64 + } else { + rlim.Max = uint64(rl.Max) + } + return +} + +//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT + +func Setrlimit(resource int, rlim *Rlimit) (err error) { + err = prlimit(0, resource, rlim, nil) + if err != ENOSYS { + return err + } + + rl := rlimit32{} + if rlim.Cur == rlimInf64 { + rl.Cur = rlimInf32 + } else if rlim.Cur < uint64(rlimInf32) { + rl.Cur = uint32(rlim.Cur) + } else { + return EINVAL + } + if rlim.Max == rlimInf64 { + rl.Max = rlimInf32 + } else if rlim.Max < uint64(rlimInf32) { + rl.Max = uint32(rlim.Max) + } else { + return EINVAL + } + + return setrlimit(resource, &rl) +} + +func (r *PtraceRegs) PC() uint32 { return r.Nip } + +func (r *PtraceRegs) SetPC(pc uint32) { r.Nip = pc } + +func (iov *Iovec) SetLen(length int) { + iov.Len = uint32(length) +} + +func (msghdr *Msghdr) SetControllen(length int) { + msghdr.Controllen = uint32(length) +} + +func (msghdr *Msghdr) SetIovlen(length int) { + msghdr.Iovlen = uint32(length) +} + +func (cmsg *Cmsghdr) SetLen(length int) { + cmsg.Len = uint32(length) +} + +//sysnb pipe(p *[2]_C_int) (err error) + +func Pipe(p []int) (err error) { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err = pipe(&pp) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return +} + +//sysnb pipe2(p *[2]_C_int, flags int) (err error) + +func Pipe2(p []int, flags int) (err error) { + if len(p) != 2 { + return EINVAL + } + var pp [2]_C_int + err = pipe2(&pp, flags) + p[0] = int(pp[0]) + p[1] = int(pp[1]) + return +} + +//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error) + +func Poll(fds []PollFd, timeout int) (n int, err error) { + if len(fds) == 0 { + return poll(nil, 0, timeout) + } + return poll(&fds[0], len(fds), timeout) +} + +//sys syncFileRange2(fd int, flags int, off int64, n int64) (err error) = SYS_SYNC_FILE_RANGE2 + +func SyncFileRange(fd int, off int64, n int64, flags int) error { + // The sync_file_range and sync_file_range2 syscalls differ only in the + // order of their arguments. + return syncFileRange2(fd, flags, off, n) +} + +//sys kexecFileLoad(kernelFd int, initrdFd int, cmdlineLen int, cmdline string, flags int) (err error) + +func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error { + cmdlineLen := len(cmdline) + if cmdlineLen > 0 { + // Account for the additional NULL byte added by + // BytePtrFromString in kexecFileLoad. The kexec_file_load + // syscall expects a NULL-terminated string. + cmdlineLen++ + } + return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags) +} diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go new file mode 100644 index 000000000..d9530e5fb --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go @@ -0,0 +1,860 @@ +// mkerrors.sh -Wall -Werror -static -I/tmp/include +// Code generated by the command above; see README.md. DO NOT EDIT. + +//go:build ppc && linux +// +build ppc,linux + +// Code generated by cmd/cgo -godefs; DO NOT EDIT. +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go + +package unix + +import "syscall" + +const ( + B1000000 = 0x17 + B115200 = 0x11 + B1152000 = 0x18 + B1500000 = 0x19 + B2000000 = 0x1a + B230400 = 0x12 + B2500000 = 0x1b + B3000000 = 0x1c + B3500000 = 0x1d + B4000000 = 0x1e + B460800 = 0x13 + B500000 = 0x14 + B57600 = 0x10 + B576000 = 0x15 + B921600 = 0x16 + BLKBSZGET = 0x40041270 + BLKBSZSET = 0x80041271 + BLKFLSBUF = 0x20001261 + BLKFRAGET = 0x20001265 + BLKFRASET = 0x20001264 + BLKGETSIZE = 0x20001260 + BLKGETSIZE64 = 0x40041272 + BLKPBSZGET = 0x2000127b + BLKRAGET = 0x20001263 + BLKRASET = 0x20001262 + BLKROGET = 0x2000125e + BLKROSET = 0x2000125d + BLKRRPART = 0x2000125f + BLKSECTGET = 0x20001267 + BLKSECTSET = 0x20001266 + BLKSSZGET = 0x20001268 + BOTHER = 0x1f + BS1 = 0x8000 + BSDLY = 0x8000 + CBAUD = 0xff + CBAUDEX = 0x0 + CIBAUD = 0xff0000 + CLOCAL = 0x8000 + CR1 = 0x1000 + CR2 = 0x2000 + CR3 = 0x3000 + CRDLY = 0x3000 + CREAD = 0x800 + CS6 = 0x100 + CS7 = 0x200 + CS8 = 0x300 + CSIZE = 0x300 + CSTOPB = 0x400 + ECHOCTL = 0x40 + ECHOE = 0x2 + ECHOK = 0x4 + ECHOKE = 0x1 + ECHONL = 0x10 + ECHOPRT = 0x20 + EFD_CLOEXEC = 0x80000 + EFD_NONBLOCK = 0x800 + EPOLL_CLOEXEC = 0x80000 + EXTPROC = 0x10000000 + FF1 = 0x4000 + FFDLY = 0x4000 + FICLONE = 0x80049409 + FICLONERANGE = 0x8020940d + FLUSHO = 0x800000 + FS_IOC_ENABLE_VERITY = 0x80806685 + FS_IOC_GETFLAGS = 0x40046601 + FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b + FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615 + FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614 + FS_IOC_SETFLAGS = 0x80046602 + FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613 + F_GETLK = 0xc + F_GETLK64 = 0xc + F_GETOWN = 0x9 + F_RDLCK = 0x0 + F_SETLK = 0xd + F_SETLK64 = 0xd + F_SETLKW = 0xe + F_SETLKW64 = 0xe + F_SETOWN = 0x8 + F_UNLCK = 0x2 + F_WRLCK = 0x1 + HIDIOCGRAWINFO = 0x40084803 + HIDIOCGRDESC = 0x50044802 + HIDIOCGRDESCSIZE = 0x40044801 + HUPCL = 0x4000 + ICANON = 0x100 + IEXTEN = 0x400 + IN_CLOEXEC = 0x80000 + IN_NONBLOCK = 0x800 + IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + ISIG = 0x80 + IUCLC = 0x1000 + IXOFF = 0x400 + IXON = 0x200 + MAP_ANON = 0x20 + MAP_ANONYMOUS = 0x20 + MAP_DENYWRITE = 0x800 + MAP_EXECUTABLE = 0x1000 + MAP_GROWSDOWN = 0x100 + MAP_HUGETLB = 0x40000 + MAP_LOCKED = 0x80 + MAP_NONBLOCK = 0x10000 + MAP_NORESERVE = 0x40 + MAP_POPULATE = 0x8000 + MAP_STACK = 0x20000 + MAP_SYNC = 0x80000 + MCL_CURRENT = 0x2000 + MCL_FUTURE = 0x4000 + MCL_ONFAULT = 0x8000 + NFDBITS = 0x20 + NL2 = 0x200 + NL3 = 0x300 + NLDLY = 0x300 + NOFLSH = 0x80000000 + NS_GET_NSTYPE = 0x2000b703 + NS_GET_OWNER_UID = 0x2000b704 + NS_GET_PARENT = 0x2000b702 + NS_GET_USERNS = 0x2000b701 + OLCUC = 0x4 + ONLCR = 0x2 + O_APPEND = 0x400 + O_ASYNC = 0x2000 + O_CLOEXEC = 0x80000 + O_CREAT = 0x40 + O_DIRECT = 0x20000 + O_DIRECTORY = 0x4000 + O_DSYNC = 0x1000 + O_EXCL = 0x80 + O_FSYNC = 0x101000 + O_LARGEFILE = 0x10000 + O_NDELAY = 0x800 + O_NOATIME = 0x40000 + O_NOCTTY = 0x100 + O_NOFOLLOW = 0x8000 + O_NONBLOCK = 0x800 + O_PATH = 0x200000 + O_RSYNC = 0x101000 + O_SYNC = 0x101000 + O_TMPFILE = 0x404000 + O_TRUNC = 0x200 + PARENB = 0x1000 + PARODD = 0x2000 + PENDIN = 0x20000000 + PERF_EVENT_IOC_DISABLE = 0x20002401 + PERF_EVENT_IOC_ENABLE = 0x20002400 + PERF_EVENT_IOC_ID = 0x40042407 + PERF_EVENT_IOC_MODIFY_ATTRIBUTES = 0x8004240b + PERF_EVENT_IOC_PAUSE_OUTPUT = 0x80042409 + PERF_EVENT_IOC_PERIOD = 0x80082404 + PERF_EVENT_IOC_QUERY_BPF = 0xc004240a + PERF_EVENT_IOC_REFRESH = 0x20002402 + PERF_EVENT_IOC_RESET = 0x20002403 + PERF_EVENT_IOC_SET_BPF = 0x80042408 + PERF_EVENT_IOC_SET_FILTER = 0x80042406 + PERF_EVENT_IOC_SET_OUTPUT = 0x20002405 + PPPIOCATTACH = 0x8004743d + PPPIOCATTCHAN = 0x80047438 + PPPIOCBRIDGECHAN = 0x80047435 + PPPIOCCONNECT = 0x8004743a + PPPIOCDETACH = 0x8004743c + PPPIOCDISCONN = 0x20007439 + PPPIOCGASYNCMAP = 0x40047458 + PPPIOCGCHAN = 0x40047437 + PPPIOCGDEBUG = 0x40047441 + PPPIOCGFLAGS = 0x4004745a + PPPIOCGIDLE = 0x4008743f + PPPIOCGIDLE32 = 0x4008743f + PPPIOCGIDLE64 = 0x4010743f + PPPIOCGL2TPSTATS = 0x40487436 + PPPIOCGMRU = 0x40047453 + PPPIOCGRASYNCMAP = 0x40047455 + PPPIOCGUNIT = 0x40047456 + PPPIOCGXASYNCMAP = 0x40207450 + PPPIOCSACTIVE = 0x80087446 + PPPIOCSASYNCMAP = 0x80047457 + PPPIOCSCOMPRESS = 0x800c744d + PPPIOCSDEBUG = 0x80047440 + PPPIOCSFLAGS = 0x80047459 + PPPIOCSMAXCID = 0x80047451 + PPPIOCSMRRU = 0x8004743b + PPPIOCSMRU = 0x80047452 + PPPIOCSNPMODE = 0x8008744b + PPPIOCSPASS = 0x80087447 + PPPIOCSRASYNCMAP = 0x80047454 + PPPIOCSXASYNCMAP = 0x8020744f + PPPIOCUNBRIDGECHAN = 0x20007434 + PPPIOCXFERUNIT = 0x2000744e + PROT_SAO = 0x10 + PR_SET_PTRACER_ANY = 0xffffffff + PTRACE_GETEVRREGS = 0x14 + PTRACE_GETFPREGS = 0xe + PTRACE_GETREGS64 = 0x16 + PTRACE_GETVRREGS = 0x12 + PTRACE_GETVSRREGS = 0x1b + PTRACE_GET_DEBUGREG = 0x19 + PTRACE_SETEVRREGS = 0x15 + PTRACE_SETFPREGS = 0xf + PTRACE_SETREGS64 = 0x17 + PTRACE_SETVRREGS = 0x13 + PTRACE_SETVSRREGS = 0x1c + PTRACE_SET_DEBUGREG = 0x1a + PTRACE_SINGLEBLOCK = 0x100 + PTRACE_SYSEMU = 0x1d + PTRACE_SYSEMU_SINGLESTEP = 0x1e + PT_CCR = 0x26 + PT_CTR = 0x23 + PT_DAR = 0x29 + PT_DSCR = 0x2c + PT_DSISR = 0x2a + PT_FPR0 = 0x30 + PT_FPR31 = 0x6e + PT_FPSCR = 0x71 + PT_LNK = 0x24 + PT_MQ = 0x27 + PT_MSR = 0x21 + PT_NIP = 0x20 + PT_ORIG_R3 = 0x22 + PT_R0 = 0x0 + PT_R1 = 0x1 + PT_R10 = 0xa + PT_R11 = 0xb + PT_R12 = 0xc + PT_R13 = 0xd + PT_R14 = 0xe + PT_R15 = 0xf + PT_R16 = 0x10 + PT_R17 = 0x11 + PT_R18 = 0x12 + PT_R19 = 0x13 + PT_R2 = 0x2 + PT_R20 = 0x14 + PT_R21 = 0x15 + PT_R22 = 0x16 + PT_R23 = 0x17 + PT_R24 = 0x18 + PT_R25 = 0x19 + PT_R26 = 0x1a + PT_R27 = 0x1b + PT_R28 = 0x1c + PT_R29 = 0x1d + PT_R3 = 0x3 + PT_R30 = 0x1e + PT_R31 = 0x1f + PT_R4 = 0x4 + PT_R5 = 0x5 + PT_R6 = 0x6 + PT_R7 = 0x7 + PT_R8 = 0x8 + PT_R9 = 0x9 + PT_REGS_COUNT = 0x2c + PT_RESULT = 0x2b + PT_TRAP = 0x28 + PT_XER = 0x25 + RLIMIT_AS = 0x9 + RLIMIT_MEMLOCK = 0x8 + RLIMIT_NOFILE = 0x7 + RLIMIT_NPROC = 0x6 + RLIMIT_RSS = 0x5 + RNDADDENTROPY = 0x80085203 + RNDADDTOENTCNT = 0x80045201 + RNDCLEARPOOL = 0x20005206 + RNDGETENTCNT = 0x40045200 + RNDGETPOOL = 0x40085202 + RNDRESEEDCRNG = 0x20005207 + RNDZAPENTCNT = 0x20005204 + RTC_AIE_OFF = 0x20007002 + RTC_AIE_ON = 0x20007001 + RTC_ALM_READ = 0x40247008 + RTC_ALM_SET = 0x80247007 + RTC_EPOCH_READ = 0x4004700d + RTC_EPOCH_SET = 0x8004700e + RTC_IRQP_READ = 0x4004700b + RTC_IRQP_SET = 0x8004700c + RTC_PIE_OFF = 0x20007006 + RTC_PIE_ON = 0x20007005 + RTC_PLL_GET = 0x401c7011 + RTC_PLL_SET = 0x801c7012 + RTC_RD_TIME = 0x40247009 + RTC_SET_TIME = 0x8024700a + RTC_UIE_OFF = 0x20007004 + RTC_UIE_ON = 0x20007003 + RTC_VL_CLR = 0x20007014 + RTC_VL_READ = 0x40047013 + RTC_WIE_OFF = 0x20007010 + RTC_WIE_ON = 0x2000700f + RTC_WKALM_RD = 0x40287010 + RTC_WKALM_SET = 0x8028700f + SCM_TIMESTAMPING = 0x25 + SCM_TIMESTAMPING_OPT_STATS = 0x36 + SCM_TIMESTAMPING_PKTINFO = 0x3a + SCM_TIMESTAMPNS = 0x23 + SCM_TXTIME = 0x3d + SCM_WIFI_STATUS = 0x29 + SFD_CLOEXEC = 0x80000 + SFD_NONBLOCK = 0x800 + SIOCATMARK = 0x8905 + SIOCGPGRP = 0x8904 + SIOCGSTAMPNS_NEW = 0x40108907 + SIOCGSTAMP_NEW = 0x40108906 + SIOCINQ = 0x4004667f + SIOCOUTQ = 0x40047473 + SIOCSPGRP = 0x8902 + SOCK_CLOEXEC = 0x80000 + SOCK_DGRAM = 0x2 + SOCK_NONBLOCK = 0x800 + SOCK_STREAM = 0x1 + SOL_SOCKET = 0x1 + SO_ACCEPTCONN = 0x1e + SO_ATTACH_BPF = 0x32 + SO_ATTACH_REUSEPORT_CBPF = 0x33 + SO_ATTACH_REUSEPORT_EBPF = 0x34 + SO_BINDTODEVICE = 0x19 + SO_BINDTOIFINDEX = 0x3e + SO_BPF_EXTENSIONS = 0x30 + SO_BROADCAST = 0x6 + SO_BSDCOMPAT = 0xe + SO_BUSY_POLL = 0x2e + SO_BUSY_POLL_BUDGET = 0x46 + SO_CNX_ADVICE = 0x35 + SO_COOKIE = 0x39 + SO_DETACH_REUSEPORT_BPF = 0x44 + SO_DOMAIN = 0x27 + SO_DONTROUTE = 0x5 + SO_ERROR = 0x4 + SO_INCOMING_CPU = 0x31 + SO_INCOMING_NAPI_ID = 0x38 + SO_KEEPALIVE = 0x9 + SO_LINGER = 0xd + SO_LOCK_FILTER = 0x2c + SO_MARK = 0x24 + SO_MAX_PACING_RATE = 0x2f + SO_MEMINFO = 0x37 + SO_NOFCS = 0x2b + SO_OOBINLINE = 0xa + SO_PASSCRED = 0x14 + SO_PASSSEC = 0x22 + SO_PEEK_OFF = 0x2a + SO_PEERCRED = 0x15 + SO_PEERGROUPS = 0x3b + SO_PEERSEC = 0x1f + SO_PREFER_BUSY_POLL = 0x45 + SO_PROTOCOL = 0x26 + SO_RCVBUF = 0x8 + SO_RCVBUFFORCE = 0x21 + SO_RCVLOWAT = 0x10 + SO_RCVTIMEO = 0x12 + SO_RCVTIMEO_NEW = 0x42 + SO_RCVTIMEO_OLD = 0x12 + SO_REUSEADDR = 0x2 + SO_REUSEPORT = 0xf + SO_RXQ_OVFL = 0x28 + SO_SECURITY_AUTHENTICATION = 0x16 + SO_SECURITY_ENCRYPTION_NETWORK = 0x18 + SO_SECURITY_ENCRYPTION_TRANSPORT = 0x17 + SO_SELECT_ERR_QUEUE = 0x2d + SO_SNDBUF = 0x7 + SO_SNDBUFFORCE = 0x20 + SO_SNDLOWAT = 0x11 + SO_SNDTIMEO = 0x13 + SO_SNDTIMEO_NEW = 0x43 + SO_SNDTIMEO_OLD = 0x13 + SO_TIMESTAMPING = 0x25 + SO_TIMESTAMPING_NEW = 0x41 + SO_TIMESTAMPING_OLD = 0x25 + SO_TIMESTAMPNS = 0x23 + SO_TIMESTAMPNS_NEW = 0x40 + SO_TIMESTAMPNS_OLD = 0x23 + SO_TIMESTAMP_NEW = 0x3f + SO_TXTIME = 0x3d + SO_TYPE = 0x3 + SO_WIFI_STATUS = 0x29 + SO_ZEROCOPY = 0x3c + TAB1 = 0x400 + TAB2 = 0x800 + TAB3 = 0xc00 + TABDLY = 0xc00 + TCFLSH = 0x2000741f + TCGETA = 0x40147417 + TCGETS = 0x402c7413 + TCSAFLUSH = 0x2 + TCSBRK = 0x2000741d + TCSBRKP = 0x5425 + TCSETA = 0x80147418 + TCSETAF = 0x8014741c + TCSETAW = 0x80147419 + TCSETS = 0x802c7414 + TCSETSF = 0x802c7416 + TCSETSW = 0x802c7415 + TCXONC = 0x2000741e + TFD_CLOEXEC = 0x80000 + TFD_NONBLOCK = 0x800 + TIOCCBRK = 0x5428 + TIOCCONS = 0x541d + TIOCEXCL = 0x540c + TIOCGDEV = 0x40045432 + TIOCGETC = 0x40067412 + TIOCGETD = 0x5424 + TIOCGETP = 0x40067408 + TIOCGEXCL = 0x40045440 + TIOCGICOUNT = 0x545d + TIOCGISO7816 = 0x40285442 + TIOCGLCKTRMIOS = 0x5456 + TIOCGLTC = 0x40067474 + TIOCGPGRP = 0x40047477 + TIOCGPKT = 0x40045438 + TIOCGPTLCK = 0x40045439 + TIOCGPTN = 0x40045430 + TIOCGPTPEER = 0x20005441 + TIOCGRS485 = 0x542e + TIOCGSERIAL = 0x541e + TIOCGSID = 0x5429 + TIOCGSOFTCAR = 0x5419 + TIOCGWINSZ = 0x40087468 + TIOCINQ = 0x4004667f + TIOCLINUX = 0x541c + TIOCMBIC = 0x5417 + TIOCMBIS = 0x5416 + TIOCMGET = 0x5415 + TIOCMIWAIT = 0x545c + TIOCMSET = 0x5418 + TIOCM_CAR = 0x40 + TIOCM_CD = 0x40 + TIOCM_CTS = 0x20 + TIOCM_DSR = 0x100 + TIOCM_LOOP = 0x8000 + TIOCM_OUT1 = 0x2000 + TIOCM_OUT2 = 0x4000 + TIOCM_RI = 0x80 + TIOCM_RNG = 0x80 + TIOCM_SR = 0x10 + TIOCM_ST = 0x8 + TIOCNOTTY = 0x5422 + TIOCNXCL = 0x540d + TIOCOUTQ = 0x40047473 + TIOCPKT = 0x5420 + TIOCSBRK = 0x5427 + TIOCSCTTY = 0x540e + TIOCSERCONFIG = 0x5453 + TIOCSERGETLSR = 0x5459 + TIOCSERGETMULTI = 0x545a + TIOCSERGSTRUCT = 0x5458 + TIOCSERGWILD = 0x5454 + TIOCSERSETMULTI = 0x545b + TIOCSERSWILD = 0x5455 + TIOCSER_TEMT = 0x1 + TIOCSETC = 0x80067411 + TIOCSETD = 0x5423 + TIOCSETN = 0x8006740a + TIOCSETP = 0x80067409 + TIOCSIG = 0x80045436 + TIOCSISO7816 = 0xc0285443 + TIOCSLCKTRMIOS = 0x5457 + TIOCSLTC = 0x80067475 + TIOCSPGRP = 0x80047476 + TIOCSPTLCK = 0x80045431 + TIOCSRS485 = 0x542f + TIOCSSERIAL = 0x541f + TIOCSSOFTCAR = 0x541a + TIOCSTART = 0x2000746e + TIOCSTI = 0x5412 + TIOCSTOP = 0x2000746f + TIOCSWINSZ = 0x80087467 + TIOCVHANGUP = 0x5437 + TOSTOP = 0x400000 + TUNATTACHFILTER = 0x800854d5 + TUNDETACHFILTER = 0x800854d6 + TUNGETDEVNETNS = 0x200054e3 + TUNGETFEATURES = 0x400454cf + TUNGETFILTER = 0x400854db + TUNGETIFF = 0x400454d2 + TUNGETSNDBUF = 0x400454d3 + TUNGETVNETBE = 0x400454df + TUNGETVNETHDRSZ = 0x400454d7 + TUNGETVNETLE = 0x400454dd + TUNSETCARRIER = 0x800454e2 + TUNSETDEBUG = 0x800454c9 + TUNSETFILTEREBPF = 0x400454e1 + TUNSETGROUP = 0x800454ce + TUNSETIFF = 0x800454ca + TUNSETIFINDEX = 0x800454da + TUNSETLINK = 0x800454cd + TUNSETNOCSUM = 0x800454c8 + TUNSETOFFLOAD = 0x800454d0 + TUNSETOWNER = 0x800454cc + TUNSETPERSIST = 0x800454cb + TUNSETQUEUE = 0x800454d9 + TUNSETSNDBUF = 0x800454d4 + TUNSETSTEERINGEBPF = 0x400454e0 + TUNSETTXFILTER = 0x800454d1 + TUNSETVNETBE = 0x800454de + TUNSETVNETHDRSZ = 0x800454d8 + TUNSETVNETLE = 0x800454dc + UBI_IOCATT = 0x80186f40 + UBI_IOCDET = 0x80046f41 + UBI_IOCEBCH = 0x80044f02 + UBI_IOCEBER = 0x80044f01 + UBI_IOCEBISMAP = 0x40044f05 + UBI_IOCEBMAP = 0x80084f03 + UBI_IOCEBUNMAP = 0x80044f04 + UBI_IOCMKVOL = 0x80986f00 + UBI_IOCRMVOL = 0x80046f01 + UBI_IOCRNVOL = 0x91106f03 + UBI_IOCRPEB = 0x80046f04 + UBI_IOCRSVOL = 0x800c6f02 + UBI_IOCSETVOLPROP = 0x80104f06 + UBI_IOCSPEB = 0x80046f05 + UBI_IOCVOLCRBLK = 0x80804f07 + UBI_IOCVOLRMBLK = 0x20004f08 + UBI_IOCVOLUP = 0x80084f00 + VDISCARD = 0x10 + VEOF = 0x4 + VEOL = 0x6 + VEOL2 = 0x8 + VMIN = 0x5 + VREPRINT = 0xb + VSTART = 0xd + VSTOP = 0xe + VSUSP = 0xc + VSWTC = 0x9 + VT1 = 0x10000 + VTDLY = 0x10000 + VTIME = 0x7 + VWERASE = 0xa + WDIOC_GETBOOTSTATUS = 0x40045702 + WDIOC_GETPRETIMEOUT = 0x40045709 + WDIOC_GETSTATUS = 0x40045701 + WDIOC_GETSUPPORT = 0x40285700 + WDIOC_GETTEMP = 0x40045703 + WDIOC_GETTIMELEFT = 0x4004570a + WDIOC_GETTIMEOUT = 0x40045707 + WDIOC_KEEPALIVE = 0x40045705 + WDIOC_SETOPTIONS = 0x40045704 + WORDSIZE = 0x20 + XCASE = 0x4000 + XTABS = 0xc00 + _HIDIOCGRAWNAME = 0x40804804 + _HIDIOCGRAWPHYS = 0x40404805 + _HIDIOCGRAWUNIQ = 0x40404808 +) + +// Errors +const ( + EADDRINUSE = syscall.Errno(0x62) + EADDRNOTAVAIL = syscall.Errno(0x63) + EADV = syscall.Errno(0x44) + EAFNOSUPPORT = syscall.Errno(0x61) + EALREADY = syscall.Errno(0x72) + EBADE = syscall.Errno(0x34) + EBADFD = syscall.Errno(0x4d) + EBADMSG = syscall.Errno(0x4a) + EBADR = syscall.Errno(0x35) + EBADRQC = syscall.Errno(0x38) + EBADSLT = syscall.Errno(0x39) + EBFONT = syscall.Errno(0x3b) + ECANCELED = syscall.Errno(0x7d) + ECHRNG = syscall.Errno(0x2c) + ECOMM = syscall.Errno(0x46) + ECONNABORTED = syscall.Errno(0x67) + ECONNREFUSED = syscall.Errno(0x6f) + ECONNRESET = syscall.Errno(0x68) + EDEADLK = syscall.Errno(0x23) + EDEADLOCK = syscall.Errno(0x3a) + EDESTADDRREQ = syscall.Errno(0x59) + EDOTDOT = syscall.Errno(0x49) + EDQUOT = syscall.Errno(0x7a) + EHOSTDOWN = syscall.Errno(0x70) + EHOSTUNREACH = syscall.Errno(0x71) + EHWPOISON = syscall.Errno(0x85) + EIDRM = syscall.Errno(0x2b) + EILSEQ = syscall.Errno(0x54) + EINPROGRESS = syscall.Errno(0x73) + EISCONN = syscall.Errno(0x6a) + EISNAM = syscall.Errno(0x78) + EKEYEXPIRED = syscall.Errno(0x7f) + EKEYREJECTED = syscall.Errno(0x81) + EKEYREVOKED = syscall.Errno(0x80) + EL2HLT = syscall.Errno(0x33) + EL2NSYNC = syscall.Errno(0x2d) + EL3HLT = syscall.Errno(0x2e) + EL3RST = syscall.Errno(0x2f) + ELIBACC = syscall.Errno(0x4f) + ELIBBAD = syscall.Errno(0x50) + ELIBEXEC = syscall.Errno(0x53) + ELIBMAX = syscall.Errno(0x52) + ELIBSCN = syscall.Errno(0x51) + ELNRNG = syscall.Errno(0x30) + ELOOP = syscall.Errno(0x28) + EMEDIUMTYPE = syscall.Errno(0x7c) + EMSGSIZE = syscall.Errno(0x5a) + EMULTIHOP = syscall.Errno(0x48) + ENAMETOOLONG = syscall.Errno(0x24) + ENAVAIL = syscall.Errno(0x77) + ENETDOWN = syscall.Errno(0x64) + ENETRESET = syscall.Errno(0x66) + ENETUNREACH = syscall.Errno(0x65) + ENOANO = syscall.Errno(0x37) + ENOBUFS = syscall.Errno(0x69) + ENOCSI = syscall.Errno(0x32) + ENODATA = syscall.Errno(0x3d) + ENOKEY = syscall.Errno(0x7e) + ENOLCK = syscall.Errno(0x25) + ENOLINK = syscall.Errno(0x43) + ENOMEDIUM = syscall.Errno(0x7b) + ENOMSG = syscall.Errno(0x2a) + ENONET = syscall.Errno(0x40) + ENOPKG = syscall.Errno(0x41) + ENOPROTOOPT = syscall.Errno(0x5c) + ENOSR = syscall.Errno(0x3f) + ENOSTR = syscall.Errno(0x3c) + ENOSYS = syscall.Errno(0x26) + ENOTCONN = syscall.Errno(0x6b) + ENOTEMPTY = syscall.Errno(0x27) + ENOTNAM = syscall.Errno(0x76) + ENOTRECOVERABLE = syscall.Errno(0x83) + ENOTSOCK = syscall.Errno(0x58) + ENOTSUP = syscall.Errno(0x5f) + ENOTUNIQ = syscall.Errno(0x4c) + EOPNOTSUPP = syscall.Errno(0x5f) + EOVERFLOW = syscall.Errno(0x4b) + EOWNERDEAD = syscall.Errno(0x82) + EPFNOSUPPORT = syscall.Errno(0x60) + EPROTO = syscall.Errno(0x47) + EPROTONOSUPPORT = syscall.Errno(0x5d) + EPROTOTYPE = syscall.Errno(0x5b) + EREMCHG = syscall.Errno(0x4e) + EREMOTE = syscall.Errno(0x42) + EREMOTEIO = syscall.Errno(0x79) + ERESTART = syscall.Errno(0x55) + ERFKILL = syscall.Errno(0x84) + ESHUTDOWN = syscall.Errno(0x6c) + ESOCKTNOSUPPORT = syscall.Errno(0x5e) + ESRMNT = syscall.Errno(0x45) + ESTALE = syscall.Errno(0x74) + ESTRPIPE = syscall.Errno(0x56) + ETIME = syscall.Errno(0x3e) + ETIMEDOUT = syscall.Errno(0x6e) + ETOOMANYREFS = syscall.Errno(0x6d) + EUCLEAN = syscall.Errno(0x75) + EUNATCH = syscall.Errno(0x31) + EUSERS = syscall.Errno(0x57) + EXFULL = syscall.Errno(0x36) +) + +// Signals +const ( + SIGBUS = syscall.Signal(0x7) + SIGCHLD = syscall.Signal(0x11) + SIGCLD = syscall.Signal(0x11) + SIGCONT = syscall.Signal(0x12) + SIGIO = syscall.Signal(0x1d) + SIGPOLL = syscall.Signal(0x1d) + SIGPROF = syscall.Signal(0x1b) + SIGPWR = syscall.Signal(0x1e) + SIGSTKFLT = syscall.Signal(0x10) + SIGSTOP = syscall.Signal(0x13) + SIGSYS = syscall.Signal(0x1f) + SIGTSTP = syscall.Signal(0x14) + SIGTTIN = syscall.Signal(0x15) + SIGTTOU = syscall.Signal(0x16) + SIGURG = syscall.Signal(0x17) + SIGUSR1 = syscall.Signal(0xa) + SIGUSR2 = syscall.Signal(0xc) + SIGVTALRM = syscall.Signal(0x1a) + SIGWINCH = syscall.Signal(0x1c) + SIGXCPU = syscall.Signal(0x18) + SIGXFSZ = syscall.Signal(0x19) +) + +// Error table +var errorList = [...]struct { + num syscall.Errno + name string + desc string +}{ + {1, "EPERM", "operation not permitted"}, + {2, "ENOENT", "no such file or directory"}, + {3, "ESRCH", "no such process"}, + {4, "EINTR", "interrupted system call"}, + {5, "EIO", "input/output error"}, + {6, "ENXIO", "no such device or address"}, + {7, "E2BIG", "argument list too long"}, + {8, "ENOEXEC", "exec format error"}, + {9, "EBADF", "bad file descriptor"}, + {10, "ECHILD", "no child processes"}, + {11, "EAGAIN", "resource temporarily unavailable"}, + {12, "ENOMEM", "cannot allocate memory"}, + {13, "EACCES", "permission denied"}, + {14, "EFAULT", "bad address"}, + {15, "ENOTBLK", "block device required"}, + {16, "EBUSY", "device or resource busy"}, + {17, "EEXIST", "file exists"}, + {18, "EXDEV", "invalid cross-device link"}, + {19, "ENODEV", "no such device"}, + {20, "ENOTDIR", "not a directory"}, + {21, "EISDIR", "is a directory"}, + {22, "EINVAL", "invalid argument"}, + {23, "ENFILE", "too many open files in system"}, + {24, "EMFILE", "too many open files"}, + {25, "ENOTTY", "inappropriate ioctl for device"}, + {26, "ETXTBSY", "text file busy"}, + {27, "EFBIG", "file too large"}, + {28, "ENOSPC", "no space left on device"}, + {29, "ESPIPE", "illegal seek"}, + {30, "EROFS", "read-only file system"}, + {31, "EMLINK", "too many links"}, + {32, "EPIPE", "broken pipe"}, + {33, "EDOM", "numerical argument out of domain"}, + {34, "ERANGE", "numerical result out of range"}, + {35, "EDEADLK", "resource deadlock avoided"}, + {36, "ENAMETOOLONG", "file name too long"}, + {37, "ENOLCK", "no locks available"}, + {38, "ENOSYS", "function not implemented"}, + {39, "ENOTEMPTY", "directory not empty"}, + {40, "ELOOP", "too many levels of symbolic links"}, + {42, "ENOMSG", "no message of desired type"}, + {43, "EIDRM", "identifier removed"}, + {44, "ECHRNG", "channel number out of range"}, + {45, "EL2NSYNC", "level 2 not synchronized"}, + {46, "EL3HLT", "level 3 halted"}, + {47, "EL3RST", "level 3 reset"}, + {48, "ELNRNG", "link number out of range"}, + {49, "EUNATCH", "protocol driver not attached"}, + {50, "ENOCSI", "no CSI structure available"}, + {51, "EL2HLT", "level 2 halted"}, + {52, "EBADE", "invalid exchange"}, + {53, "EBADR", "invalid request descriptor"}, + {54, "EXFULL", "exchange full"}, + {55, "ENOANO", "no anode"}, + {56, "EBADRQC", "invalid request code"}, + {57, "EBADSLT", "invalid slot"}, + {58, "EDEADLOCK", "file locking deadlock error"}, + {59, "EBFONT", "bad font file format"}, + {60, "ENOSTR", "device not a stream"}, + {61, "ENODATA", "no data available"}, + {62, "ETIME", "timer expired"}, + {63, "ENOSR", "out of streams resources"}, + {64, "ENONET", "machine is not on the network"}, + {65, "ENOPKG", "package not installed"}, + {66, "EREMOTE", "object is remote"}, + {67, "ENOLINK", "link has been severed"}, + {68, "EADV", "advertise error"}, + {69, "ESRMNT", "srmount error"}, + {70, "ECOMM", "communication error on send"}, + {71, "EPROTO", "protocol error"}, + {72, "EMULTIHOP", "multihop attempted"}, + {73, "EDOTDOT", "RFS specific error"}, + {74, "EBADMSG", "bad message"}, + {75, "EOVERFLOW", "value too large for defined data type"}, + {76, "ENOTUNIQ", "name not unique on network"}, + {77, "EBADFD", "file descriptor in bad state"}, + {78, "EREMCHG", "remote address changed"}, + {79, "ELIBACC", "can not access a needed shared library"}, + {80, "ELIBBAD", "accessing a corrupted shared library"}, + {81, "ELIBSCN", ".lib section in a.out corrupted"}, + {82, "ELIBMAX", "attempting to link in too many shared libraries"}, + {83, "ELIBEXEC", "cannot exec a shared library directly"}, + {84, "EILSEQ", "invalid or incomplete multibyte or wide character"}, + {85, "ERESTART", "interrupted system call should be restarted"}, + {86, "ESTRPIPE", "streams pipe error"}, + {87, "EUSERS", "too many users"}, + {88, "ENOTSOCK", "socket operation on non-socket"}, + {89, "EDESTADDRREQ", "destination address required"}, + {90, "EMSGSIZE", "message too long"}, + {91, "EPROTOTYPE", "protocol wrong type for socket"}, + {92, "ENOPROTOOPT", "protocol not available"}, + {93, "EPROTONOSUPPORT", "protocol not supported"}, + {94, "ESOCKTNOSUPPORT", "socket type not supported"}, + {95, "ENOTSUP", "operation not supported"}, + {96, "EPFNOSUPPORT", "protocol family not supported"}, + {97, "EAFNOSUPPORT", "address family not supported by protocol"}, + {98, "EADDRINUSE", "address already in use"}, + {99, "EADDRNOTAVAIL", "cannot assign requested address"}, + {100, "ENETDOWN", "network is down"}, + {101, "ENETUNREACH", "network is unreachable"}, + {102, "ENETRESET", "network dropped connection on reset"}, + {103, "ECONNABORTED", "software caused connection abort"}, + {104, "ECONNRESET", "connection reset by peer"}, + {105, "ENOBUFS", "no buffer space available"}, + {106, "EISCONN", "transport endpoint is already connected"}, + {107, "ENOTCONN", "transport endpoint is not connected"}, + {108, "ESHUTDOWN", "cannot send after transport endpoint shutdown"}, + {109, "ETOOMANYREFS", "too many references: cannot splice"}, + {110, "ETIMEDOUT", "connection timed out"}, + {111, "ECONNREFUSED", "connection refused"}, + {112, "EHOSTDOWN", "host is down"}, + {113, "EHOSTUNREACH", "no route to host"}, + {114, "EALREADY", "operation already in progress"}, + {115, "EINPROGRESS", "operation now in progress"}, + {116, "ESTALE", "stale file handle"}, + {117, "EUCLEAN", "structure needs cleaning"}, + {118, "ENOTNAM", "not a XENIX named type file"}, + {119, "ENAVAIL", "no XENIX semaphores available"}, + {120, "EISNAM", "is a named type file"}, + {121, "EREMOTEIO", "remote I/O error"}, + {122, "EDQUOT", "disk quota exceeded"}, + {123, "ENOMEDIUM", "no medium found"}, + {124, "EMEDIUMTYPE", "wrong medium type"}, + {125, "ECANCELED", "operation canceled"}, + {126, "ENOKEY", "required key not available"}, + {127, "EKEYEXPIRED", "key has expired"}, + {128, "EKEYREVOKED", "key has been revoked"}, + {129, "EKEYREJECTED", "key was rejected by service"}, + {130, "EOWNERDEAD", "owner died"}, + {131, "ENOTRECOVERABLE", "state not recoverable"}, + {132, "ERFKILL", "operation not possible due to RF-kill"}, + {133, "EHWPOISON", "memory page has hardware error"}, +} + +// Signal table +var signalList = [...]struct { + num syscall.Signal + name string + desc string +}{ + {1, "SIGHUP", "hangup"}, + {2, "SIGINT", "interrupt"}, + {3, "SIGQUIT", "quit"}, + {4, "SIGILL", "illegal instruction"}, + {5, "SIGTRAP", "trace/breakpoint trap"}, + {6, "SIGABRT", "aborted"}, + {7, "SIGBUS", "bus error"}, + {8, "SIGFPE", "floating point exception"}, + {9, "SIGKILL", "killed"}, + {10, "SIGUSR1", "user defined signal 1"}, + {11, "SIGSEGV", "segmentation fault"}, + {12, "SIGUSR2", "user defined signal 2"}, + {13, "SIGPIPE", "broken pipe"}, + {14, "SIGALRM", "alarm clock"}, + {15, "SIGTERM", "terminated"}, + {16, "SIGSTKFLT", "stack fault"}, + {17, "SIGCHLD", "child exited"}, + {18, "SIGCONT", "continued"}, + {19, "SIGSTOP", "stopped (signal)"}, + {20, "SIGTSTP", "stopped"}, + {21, "SIGTTIN", "stopped (tty input)"}, + {22, "SIGTTOU", "stopped (tty output)"}, + {23, "SIGURG", "urgent I/O condition"}, + {24, "SIGXCPU", "CPU time limit exceeded"}, + {25, "SIGXFSZ", "file size limit exceeded"}, + {26, "SIGVTALRM", "virtual timer expired"}, + {27, "SIGPROF", "profiling timer expired"}, + {28, "SIGWINCH", "window changed"}, + {29, "SIGIO", "I/O possible"}, + {30, "SIGPWR", "power failure"}, + {31, "SIGSYS", "bad system call"}, +} diff --git a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go index 65fb2c5cd..1afee6a08 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go @@ -366,6 +366,7 @@ const ( HUPCL = 0x400 IBSHIFT = 0x10 ICANON = 0x2 + ICMP6_FILTER = 0x1 ICRNL = 0x100 IEXTEN = 0x8000 IFF_ADDRCONF = 0x80000 @@ -612,6 +613,7 @@ const ( IP_RECVPKTINFO = 0x1a IP_RECVRETOPTS = 0x6 IP_RECVSLLA = 0xa + IP_RECVTOS = 0xc IP_RECVTTL = 0xb IP_RETOPTS = 0x8 IP_REUSEADDR = 0x104 @@ -704,6 +706,7 @@ const ( O_APPEND = 0x8 O_CLOEXEC = 0x800000 O_CREAT = 0x100 + O_DIRECT = 0x2000000 O_DIRECTORY = 0x1000000 O_DSYNC = 0x40 O_EXCL = 0x400 diff --git a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go index c8c790903..4e87b4beb 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go @@ -164,6 +164,12 @@ const ( MAP_PRIVATE = 0x1 // changes are private MAP_SHARED = 0x2 // changes are shared MAP_FIXED = 0x4 // place exactly + MCAST_JOIN_GROUP = 40 + MCAST_LEAVE_GROUP = 41 + MCAST_JOIN_SOURCE_GROUP = 42 + MCAST_LEAVE_SOURCE_GROUP = 43 + MCAST_BLOCK_SOURCE = 44 + MCAST_UNBLOCK_SOURCE = 45 MS_SYNC = 0x1 // msync - synchronous writes MS_ASYNC = 0x2 // asynchronous writes MS_INVALIDATE = 0x4 // invalidate mappings diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go new file mode 100644 index 000000000..927cf1a00 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go @@ -0,0 +1,762 @@ +// go run mksyscall.go -b32 -tags linux,ppc syscall_linux.go syscall_linux_ppc.go +// Code generated by the command above; see README.md. DO NOT EDIT. + +//go:build linux && ppc +// +build linux,ppc + +package unix + +import ( + "syscall" + "unsafe" +) + +var _ syscall.Errno + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func fanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname *byte) (err error) { + _, _, e1 := Syscall6(SYS_FANOTIFY_MARK, uintptr(fd), uintptr(flags), uintptr(mask>>32), uintptr(mask), uintptr(dirFd), uintptr(unsafe.Pointer(pathname))) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Fallocate(fd int, mode uint32, off int64, len int64) (err error) { + _, _, e1 := Syscall6(SYS_FALLOCATE, uintptr(fd), uintptr(mode), uintptr(off>>32), uintptr(off), uintptr(len>>32), uintptr(len)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Tee(rfd int, wfd int, len int, flags int) (n int64, err error) { + r0, r1, e1 := Syscall6(SYS_TEE, uintptr(rfd), uintptr(wfd), uintptr(len), uintptr(flags), 0, 0) + n = int64(int64(r0)<<32 | int64(r1)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func dup2(oldfd int, newfd int) (err error) { + _, _, e1 := Syscall(SYS_DUP2, uintptr(oldfd), uintptr(newfd), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func EpollCreate(size int) (fd int, err error) { + r0, _, e1 := RawSyscall(SYS_EPOLL_CREATE, uintptr(size), 0, 0) + fd = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) { + var _p0 unsafe.Pointer + if len(events) > 0 { + _p0 = unsafe.Pointer(&events[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + r0, _, e1 := Syscall6(SYS_EPOLL_WAIT, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec), 0, 0) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Fchown(fd int, uid int, gid int) (err error) { + _, _, e1 := Syscall(SYS_FCHOWN, uintptr(fd), uintptr(uid), uintptr(gid)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Fstat(fd int, stat *Stat_t) (err error) { + _, _, e1 := Syscall(SYS_FSTAT64, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_FSTATAT64, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Ftruncate(fd int, length int64) (err error) { + _, _, e1 := Syscall(SYS_FTRUNCATE64, uintptr(fd), uintptr(length>>32), uintptr(length)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Getegid() (egid int) { + r0, _ := RawSyscallNoError(SYS_GETEGID, 0, 0, 0) + egid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Geteuid() (euid int) { + r0, _ := RawSyscallNoError(SYS_GETEUID, 0, 0, 0) + euid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Getgid() (gid int) { + r0, _ := RawSyscallNoError(SYS_GETGID, 0, 0, 0) + gid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Getuid() (uid int) { + r0, _ := RawSyscallNoError(SYS_GETUID, 0, 0, 0) + uid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func InotifyInit() (fd int, err error) { + r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0) + fd = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Ioperm(from int, num int, on int) (err error) { + _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Iopl(level int) (err error) { + _, _, e1 := Syscall(SYS_IOPL, uintptr(level), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Lchown(path string, uid int, gid int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_LCHOWN, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Listen(s int, n int) (err error) { + _, _, e1 := Syscall(SYS_LISTEN, uintptr(s), uintptr(n), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Lstat(path string, stat *Stat_t) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_LSTAT64, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Pause() (err error) { + _, _, e1 := Syscall(SYS_PAUSE, 0, 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Pread(fd int, p []byte, offset int64) (n int, err error) { + var _p0 unsafe.Pointer + if len(p) > 0 { + _p0 = unsafe.Pointer(&p[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + r0, _, e1 := Syscall6(SYS_PREAD64, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset>>32), uintptr(offset), 0) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Pwrite(fd int, p []byte, offset int64) (n int, err error) { + var _p0 unsafe.Pointer + if len(p) > 0 { + _p0 = unsafe.Pointer(&p[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + r0, _, e1 := Syscall6(SYS_PWRITE64, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset>>32), uintptr(offset), 0) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(oldpath) + if err != nil { + return + } + var _p1 *byte + _p1, err = BytePtrFromString(newpath) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_RENAMEAT, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) { + r0, _, e1 := Syscall6(SYS__NEWSELECT, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { + r0, _, e1 := Syscall6(SYS_SENDFILE64, uintptr(outfd), uintptr(infd), uintptr(unsafe.Pointer(offset)), uintptr(count), 0, 0) + written = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func setfsgid(gid int) (prev int, err error) { + r0, _, e1 := Syscall(SYS_SETFSGID, uintptr(gid), 0, 0) + prev = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func setfsuid(uid int) (prev int, err error) { + r0, _, e1 := Syscall(SYS_SETFSUID, uintptr(uid), 0, 0) + prev = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Setregid(rgid int, egid int) (err error) { + _, _, e1 := RawSyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Setresgid(rgid int, egid int, sgid int) (err error) { + _, _, e1 := RawSyscall(SYS_SETRESGID, uintptr(rgid), uintptr(egid), uintptr(sgid)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Setresuid(ruid int, euid int, suid int) (err error) { + _, _, e1 := RawSyscall(SYS_SETRESUID, uintptr(ruid), uintptr(euid), uintptr(suid)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Setreuid(ruid int, euid int) (err error) { + _, _, e1 := RawSyscall(SYS_SETREUID, uintptr(ruid), uintptr(euid), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Shutdown(fd int, how int) (err error) { + _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error) { + r0, _, e1 := Syscall6(SYS_SPLICE, uintptr(rfd), uintptr(unsafe.Pointer(roff)), uintptr(wfd), uintptr(unsafe.Pointer(woff)), uintptr(len), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Stat(path string, stat *Stat_t) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_STAT64, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Truncate(path string, length int64) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_TRUNCATE64, uintptr(unsafe.Pointer(_p0)), uintptr(length>>32), uintptr(length)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Ustat(dev int, ubuf *Ustat_t) (err error) { + _, _, e1 := Syscall(SYS_USTAT, uintptr(dev), uintptr(unsafe.Pointer(ubuf)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) { + r0, _, e1 := Syscall(SYS_ACCEPT, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen))) + fd = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) { + r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0) + fd = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { + _, _, e1 := Syscall(SYS_BIND, uintptr(s), uintptr(addr), uintptr(addrlen)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) { + _, _, e1 := Syscall(SYS_CONNECT, uintptr(s), uintptr(addr), uintptr(addrlen)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func getgroups(n int, list *_Gid_t) (nn int, err error) { + r0, _, e1 := RawSyscall(SYS_GETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0) + nn = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func setgroups(n int, list *_Gid_t) (err error) { + _, _, e1 := RawSyscall(SYS_SETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) { + _, _, e1 := Syscall6(SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) { + _, _, e1 := Syscall6(SYS_SETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func socket(domain int, typ int, proto int) (fd int, err error) { + r0, _, e1 := RawSyscall(SYS_SOCKET, uintptr(domain), uintptr(typ), uintptr(proto)) + fd = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) { + _, _, e1 := RawSyscall6(SYS_SOCKETPAIR, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { + _, _, e1 := RawSyscall(SYS_GETPEERNAME, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen))) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) { + _, _, e1 := RawSyscall(SYS_GETSOCKNAME, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen))) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) { + var _p0 unsafe.Pointer + if len(p) > 0 { + _p0 = unsafe.Pointer(&p[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + r0, _, e1 := Syscall6(SYS_RECVFROM, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen))) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) { + var _p0 unsafe.Pointer + if len(buf) > 0 { + _p0 = unsafe.Pointer(&buf[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + _, _, e1 := Syscall6(SYS_SENDTO, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) { + r0, _, e1 := Syscall(SYS_RECVMSG, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) { + r0, _, e1 := Syscall(SYS_SENDMSG, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func futimesat(dirfd int, path string, times *[2]Timeval) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_FUTIMESAT, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times))) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Gettimeofday(tv *Timeval) (err error) { + _, _, e1 := RawSyscall(SYS_GETTIMEOFDAY, uintptr(unsafe.Pointer(tv)), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Time(t *Time_t) (tt Time_t, err error) { + r0, _, e1 := RawSyscall(SYS_TIME, uintptr(unsafe.Pointer(t)), 0, 0) + tt = Time_t(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func Utime(path string, buf *Utimbuf) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_UTIME, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(buf)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func utimes(path string, times *[2]Timeval) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + _, _, e1 := Syscall(SYS_UTIMES, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func mmap2(addr uintptr, length uintptr, prot int, flags int, fd int, pageOffset uintptr) (xaddr uintptr, err error) { + r0, _, e1 := Syscall6(SYS_MMAP2, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flags), uintptr(fd), uintptr(pageOffset)) + xaddr = uintptr(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func getrlimit(resource int, rlim *rlimit32) (err error) { + _, _, e1 := RawSyscall(SYS_UGETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func setrlimit(resource int, rlim *rlimit32) (err error) { + _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func pipe(p *[2]_C_int) (err error) { + _, _, e1 := RawSyscall(SYS_PIPE, uintptr(unsafe.Pointer(p)), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { + r0, _, e1 := Syscall(SYS_POLL, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout)) + n = int(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func syncFileRange2(fd int, flags int, off int64, n int64) (err error) { + _, _, e1 := Syscall6(SYS_SYNC_FILE_RANGE2, uintptr(fd), uintptr(flags), uintptr(off>>32), uintptr(off), uintptr(n>>32), uintptr(n)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func kexecFileLoad(kernelFd int, initrdFd int, cmdlineLen int, cmdline string, flags int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(cmdline) + if err != nil { + return + } + _, _, e1 := Syscall6(SYS_KEXEC_FILE_LOAD, uintptr(kernelFd), uintptr(initrdFd), uintptr(cmdlineLen), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go new file mode 100644 index 000000000..7693656a6 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go @@ -0,0 +1,433 @@ +// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h +// Code generated by the command above; see README.md. DO NOT EDIT. + +//go:build ppc && linux +// +build ppc,linux + +package unix + +const ( + SYS_RESTART_SYSCALL = 0 + SYS_EXIT = 1 + SYS_FORK = 2 + SYS_READ = 3 + SYS_WRITE = 4 + SYS_OPEN = 5 + SYS_CLOSE = 6 + SYS_WAITPID = 7 + SYS_CREAT = 8 + SYS_LINK = 9 + SYS_UNLINK = 10 + SYS_EXECVE = 11 + SYS_CHDIR = 12 + SYS_TIME = 13 + SYS_MKNOD = 14 + SYS_CHMOD = 15 + SYS_LCHOWN = 16 + SYS_BREAK = 17 + SYS_OLDSTAT = 18 + SYS_LSEEK = 19 + SYS_GETPID = 20 + SYS_MOUNT = 21 + SYS_UMOUNT = 22 + SYS_SETUID = 23 + SYS_GETUID = 24 + SYS_STIME = 25 + SYS_PTRACE = 26 + SYS_ALARM = 27 + SYS_OLDFSTAT = 28 + SYS_PAUSE = 29 + SYS_UTIME = 30 + SYS_STTY = 31 + SYS_GTTY = 32 + SYS_ACCESS = 33 + SYS_NICE = 34 + SYS_FTIME = 35 + SYS_SYNC = 36 + SYS_KILL = 37 + SYS_RENAME = 38 + SYS_MKDIR = 39 + SYS_RMDIR = 40 + SYS_DUP = 41 + SYS_PIPE = 42 + SYS_TIMES = 43 + SYS_PROF = 44 + SYS_BRK = 45 + SYS_SETGID = 46 + SYS_GETGID = 47 + SYS_SIGNAL = 48 + SYS_GETEUID = 49 + SYS_GETEGID = 50 + SYS_ACCT = 51 + SYS_UMOUNT2 = 52 + SYS_LOCK = 53 + SYS_IOCTL = 54 + SYS_FCNTL = 55 + SYS_MPX = 56 + SYS_SETPGID = 57 + SYS_ULIMIT = 58 + SYS_OLDOLDUNAME = 59 + SYS_UMASK = 60 + SYS_CHROOT = 61 + SYS_USTAT = 62 + SYS_DUP2 = 63 + SYS_GETPPID = 64 + SYS_GETPGRP = 65 + SYS_SETSID = 66 + SYS_SIGACTION = 67 + SYS_SGETMASK = 68 + SYS_SSETMASK = 69 + SYS_SETREUID = 70 + SYS_SETREGID = 71 + SYS_SIGSUSPEND = 72 + SYS_SIGPENDING = 73 + SYS_SETHOSTNAME = 74 + SYS_SETRLIMIT = 75 + SYS_GETRLIMIT = 76 + SYS_GETRUSAGE = 77 + SYS_GETTIMEOFDAY = 78 + SYS_SETTIMEOFDAY = 79 + SYS_GETGROUPS = 80 + SYS_SETGROUPS = 81 + SYS_SELECT = 82 + SYS_SYMLINK = 83 + SYS_OLDLSTAT = 84 + SYS_READLINK = 85 + SYS_USELIB = 86 + SYS_SWAPON = 87 + SYS_REBOOT = 88 + SYS_READDIR = 89 + SYS_MMAP = 90 + SYS_MUNMAP = 91 + SYS_TRUNCATE = 92 + SYS_FTRUNCATE = 93 + SYS_FCHMOD = 94 + SYS_FCHOWN = 95 + SYS_GETPRIORITY = 96 + SYS_SETPRIORITY = 97 + SYS_PROFIL = 98 + SYS_STATFS = 99 + SYS_FSTATFS = 100 + SYS_IOPERM = 101 + SYS_SOCKETCALL = 102 + SYS_SYSLOG = 103 + SYS_SETITIMER = 104 + SYS_GETITIMER = 105 + SYS_STAT = 106 + SYS_LSTAT = 107 + SYS_FSTAT = 108 + SYS_OLDUNAME = 109 + SYS_IOPL = 110 + SYS_VHANGUP = 111 + SYS_IDLE = 112 + SYS_VM86 = 113 + SYS_WAIT4 = 114 + SYS_SWAPOFF = 115 + SYS_SYSINFO = 116 + SYS_IPC = 117 + SYS_FSYNC = 118 + SYS_SIGRETURN = 119 + SYS_CLONE = 120 + SYS_SETDOMAINNAME = 121 + SYS_UNAME = 122 + SYS_MODIFY_LDT = 123 + SYS_ADJTIMEX = 124 + SYS_MPROTECT = 125 + SYS_SIGPROCMASK = 126 + SYS_CREATE_MODULE = 127 + SYS_INIT_MODULE = 128 + SYS_DELETE_MODULE = 129 + SYS_GET_KERNEL_SYMS = 130 + SYS_QUOTACTL = 131 + SYS_GETPGID = 132 + SYS_FCHDIR = 133 + SYS_BDFLUSH = 134 + SYS_SYSFS = 135 + SYS_PERSONALITY = 136 + SYS_AFS_SYSCALL = 137 + SYS_SETFSUID = 138 + SYS_SETFSGID = 139 + SYS__LLSEEK = 140 + SYS_GETDENTS = 141 + SYS__NEWSELECT = 142 + SYS_FLOCK = 143 + SYS_MSYNC = 144 + SYS_READV = 145 + SYS_WRITEV = 146 + SYS_GETSID = 147 + SYS_FDATASYNC = 148 + SYS__SYSCTL = 149 + SYS_MLOCK = 150 + SYS_MUNLOCK = 151 + SYS_MLOCKALL = 152 + SYS_MUNLOCKALL = 153 + SYS_SCHED_SETPARAM = 154 + SYS_SCHED_GETPARAM = 155 + SYS_SCHED_SETSCHEDULER = 156 + SYS_SCHED_GETSCHEDULER = 157 + SYS_SCHED_YIELD = 158 + SYS_SCHED_GET_PRIORITY_MAX = 159 + SYS_SCHED_GET_PRIORITY_MIN = 160 + SYS_SCHED_RR_GET_INTERVAL = 161 + SYS_NANOSLEEP = 162 + SYS_MREMAP = 163 + SYS_SETRESUID = 164 + SYS_GETRESUID = 165 + SYS_QUERY_MODULE = 166 + SYS_POLL = 167 + SYS_NFSSERVCTL = 168 + SYS_SETRESGID = 169 + SYS_GETRESGID = 170 + SYS_PRCTL = 171 + SYS_RT_SIGRETURN = 172 + SYS_RT_SIGACTION = 173 + SYS_RT_SIGPROCMASK = 174 + SYS_RT_SIGPENDING = 175 + SYS_RT_SIGTIMEDWAIT = 176 + SYS_RT_SIGQUEUEINFO = 177 + SYS_RT_SIGSUSPEND = 178 + SYS_PREAD64 = 179 + SYS_PWRITE64 = 180 + SYS_CHOWN = 181 + SYS_GETCWD = 182 + SYS_CAPGET = 183 + SYS_CAPSET = 184 + SYS_SIGALTSTACK = 185 + SYS_SENDFILE = 186 + SYS_GETPMSG = 187 + SYS_PUTPMSG = 188 + SYS_VFORK = 189 + SYS_UGETRLIMIT = 190 + SYS_READAHEAD = 191 + SYS_MMAP2 = 192 + SYS_TRUNCATE64 = 193 + SYS_FTRUNCATE64 = 194 + SYS_STAT64 = 195 + SYS_LSTAT64 = 196 + SYS_FSTAT64 = 197 + SYS_PCICONFIG_READ = 198 + SYS_PCICONFIG_WRITE = 199 + SYS_PCICONFIG_IOBASE = 200 + SYS_MULTIPLEXER = 201 + SYS_GETDENTS64 = 202 + SYS_PIVOT_ROOT = 203 + SYS_FCNTL64 = 204 + SYS_MADVISE = 205 + SYS_MINCORE = 206 + SYS_GETTID = 207 + SYS_TKILL = 208 + SYS_SETXATTR = 209 + SYS_LSETXATTR = 210 + SYS_FSETXATTR = 211 + SYS_GETXATTR = 212 + SYS_LGETXATTR = 213 + SYS_FGETXATTR = 214 + SYS_LISTXATTR = 215 + SYS_LLISTXATTR = 216 + SYS_FLISTXATTR = 217 + SYS_REMOVEXATTR = 218 + SYS_LREMOVEXATTR = 219 + SYS_FREMOVEXATTR = 220 + SYS_FUTEX = 221 + SYS_SCHED_SETAFFINITY = 222 + SYS_SCHED_GETAFFINITY = 223 + SYS_TUXCALL = 225 + SYS_SENDFILE64 = 226 + SYS_IO_SETUP = 227 + SYS_IO_DESTROY = 228 + SYS_IO_GETEVENTS = 229 + SYS_IO_SUBMIT = 230 + SYS_IO_CANCEL = 231 + SYS_SET_TID_ADDRESS = 232 + SYS_FADVISE64 = 233 + SYS_EXIT_GROUP = 234 + SYS_LOOKUP_DCOOKIE = 235 + SYS_EPOLL_CREATE = 236 + SYS_EPOLL_CTL = 237 + SYS_EPOLL_WAIT = 238 + SYS_REMAP_FILE_PAGES = 239 + SYS_TIMER_CREATE = 240 + SYS_TIMER_SETTIME = 241 + SYS_TIMER_GETTIME = 242 + SYS_TIMER_GETOVERRUN = 243 + SYS_TIMER_DELETE = 244 + SYS_CLOCK_SETTIME = 245 + SYS_CLOCK_GETTIME = 246 + SYS_CLOCK_GETRES = 247 + SYS_CLOCK_NANOSLEEP = 248 + SYS_SWAPCONTEXT = 249 + SYS_TGKILL = 250 + SYS_UTIMES = 251 + SYS_STATFS64 = 252 + SYS_FSTATFS64 = 253 + SYS_FADVISE64_64 = 254 + SYS_RTAS = 255 + SYS_SYS_DEBUG_SETCONTEXT = 256 + SYS_MIGRATE_PAGES = 258 + SYS_MBIND = 259 + SYS_GET_MEMPOLICY = 260 + SYS_SET_MEMPOLICY = 261 + SYS_MQ_OPEN = 262 + SYS_MQ_UNLINK = 263 + SYS_MQ_TIMEDSEND = 264 + SYS_MQ_TIMEDRECEIVE = 265 + SYS_MQ_NOTIFY = 266 + SYS_MQ_GETSETATTR = 267 + SYS_KEXEC_LOAD = 268 + SYS_ADD_KEY = 269 + SYS_REQUEST_KEY = 270 + SYS_KEYCTL = 271 + SYS_WAITID = 272 + SYS_IOPRIO_SET = 273 + SYS_IOPRIO_GET = 274 + SYS_INOTIFY_INIT = 275 + SYS_INOTIFY_ADD_WATCH = 276 + SYS_INOTIFY_RM_WATCH = 277 + SYS_SPU_RUN = 278 + SYS_SPU_CREATE = 279 + SYS_PSELECT6 = 280 + SYS_PPOLL = 281 + SYS_UNSHARE = 282 + SYS_SPLICE = 283 + SYS_TEE = 284 + SYS_VMSPLICE = 285 + SYS_OPENAT = 286 + SYS_MKDIRAT = 287 + SYS_MKNODAT = 288 + SYS_FCHOWNAT = 289 + SYS_FUTIMESAT = 290 + SYS_FSTATAT64 = 291 + SYS_UNLINKAT = 292 + SYS_RENAMEAT = 293 + SYS_LINKAT = 294 + SYS_SYMLINKAT = 295 + SYS_READLINKAT = 296 + SYS_FCHMODAT = 297 + SYS_FACCESSAT = 298 + SYS_GET_ROBUST_LIST = 299 + SYS_SET_ROBUST_LIST = 300 + SYS_MOVE_PAGES = 301 + SYS_GETCPU = 302 + SYS_EPOLL_PWAIT = 303 + SYS_UTIMENSAT = 304 + SYS_SIGNALFD = 305 + SYS_TIMERFD_CREATE = 306 + SYS_EVENTFD = 307 + SYS_SYNC_FILE_RANGE2 = 308 + SYS_FALLOCATE = 309 + SYS_SUBPAGE_PROT = 310 + SYS_TIMERFD_SETTIME = 311 + SYS_TIMERFD_GETTIME = 312 + SYS_SIGNALFD4 = 313 + SYS_EVENTFD2 = 314 + SYS_EPOLL_CREATE1 = 315 + SYS_DUP3 = 316 + SYS_PIPE2 = 317 + SYS_INOTIFY_INIT1 = 318 + SYS_PERF_EVENT_OPEN = 319 + SYS_PREADV = 320 + SYS_PWRITEV = 321 + SYS_RT_TGSIGQUEUEINFO = 322 + SYS_FANOTIFY_INIT = 323 + SYS_FANOTIFY_MARK = 324 + SYS_PRLIMIT64 = 325 + SYS_SOCKET = 326 + SYS_BIND = 327 + SYS_CONNECT = 328 + SYS_LISTEN = 329 + SYS_ACCEPT = 330 + SYS_GETSOCKNAME = 331 + SYS_GETPEERNAME = 332 + SYS_SOCKETPAIR = 333 + SYS_SEND = 334 + SYS_SENDTO = 335 + SYS_RECV = 336 + SYS_RECVFROM = 337 + SYS_SHUTDOWN = 338 + SYS_SETSOCKOPT = 339 + SYS_GETSOCKOPT = 340 + SYS_SENDMSG = 341 + SYS_RECVMSG = 342 + SYS_RECVMMSG = 343 + SYS_ACCEPT4 = 344 + SYS_NAME_TO_HANDLE_AT = 345 + SYS_OPEN_BY_HANDLE_AT = 346 + SYS_CLOCK_ADJTIME = 347 + SYS_SYNCFS = 348 + SYS_SENDMMSG = 349 + SYS_SETNS = 350 + SYS_PROCESS_VM_READV = 351 + SYS_PROCESS_VM_WRITEV = 352 + SYS_FINIT_MODULE = 353 + SYS_KCMP = 354 + SYS_SCHED_SETATTR = 355 + SYS_SCHED_GETATTR = 356 + SYS_RENAMEAT2 = 357 + SYS_SECCOMP = 358 + SYS_GETRANDOM = 359 + SYS_MEMFD_CREATE = 360 + SYS_BPF = 361 + SYS_EXECVEAT = 362 + SYS_SWITCH_ENDIAN = 363 + SYS_USERFAULTFD = 364 + SYS_MEMBARRIER = 365 + SYS_MLOCK2 = 378 + SYS_COPY_FILE_RANGE = 379 + SYS_PREADV2 = 380 + SYS_PWRITEV2 = 381 + SYS_KEXEC_FILE_LOAD = 382 + SYS_STATX = 383 + SYS_PKEY_ALLOC = 384 + SYS_PKEY_FREE = 385 + SYS_PKEY_MPROTECT = 386 + SYS_RSEQ = 387 + SYS_IO_PGETEVENTS = 388 + SYS_SEMGET = 393 + SYS_SEMCTL = 394 + SYS_SHMGET = 395 + SYS_SHMCTL = 396 + SYS_SHMAT = 397 + SYS_SHMDT = 398 + SYS_MSGGET = 399 + SYS_MSGSND = 400 + SYS_MSGRCV = 401 + SYS_MSGCTL = 402 + SYS_CLOCK_GETTIME64 = 403 + SYS_CLOCK_SETTIME64 = 404 + SYS_CLOCK_ADJTIME64 = 405 + SYS_CLOCK_GETRES_TIME64 = 406 + SYS_CLOCK_NANOSLEEP_TIME64 = 407 + SYS_TIMER_GETTIME64 = 408 + SYS_TIMER_SETTIME64 = 409 + SYS_TIMERFD_GETTIME64 = 410 + SYS_TIMERFD_SETTIME64 = 411 + SYS_UTIMENSAT_TIME64 = 412 + SYS_PSELECT6_TIME64 = 413 + SYS_PPOLL_TIME64 = 414 + SYS_IO_PGETEVENTS_TIME64 = 416 + SYS_RECVMMSG_TIME64 = 417 + SYS_MQ_TIMEDSEND_TIME64 = 418 + SYS_MQ_TIMEDRECEIVE_TIME64 = 419 + SYS_SEMTIMEDOP_TIME64 = 420 + SYS_RT_SIGTIMEDWAIT_TIME64 = 421 + SYS_FUTEX_TIME64 = 422 + SYS_SCHED_RR_GET_INTERVAL_TIME64 = 423 + SYS_PIDFD_SEND_SIGNAL = 424 + SYS_IO_URING_SETUP = 425 + SYS_IO_URING_ENTER = 426 + SYS_IO_URING_REGISTER = 427 + SYS_OPEN_TREE = 428 + SYS_MOVE_MOUNT = 429 + SYS_FSOPEN = 430 + SYS_FSCONFIG = 431 + SYS_FSMOUNT = 432 + SYS_FSPICK = 433 + SYS_PIDFD_OPEN = 434 + SYS_CLONE3 = 435 + SYS_CLOSE_RANGE = 436 + SYS_OPENAT2 = 437 + SYS_PIDFD_GETFD = 438 + SYS_FACCESSAT2 = 439 + SYS_PROCESS_MADVISE = 440 + SYS_EPOLL_PWAIT2 = 441 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index c769e73cd..3bfc6f732 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -3698,6 +3698,21 @@ const ( ETHTOOL_A_TUNNEL_INFO_MAX = 0x2 ) +type EthtoolDrvinfo struct { + Cmd uint32 + Driver [32]byte + Version [32]byte + Fw_version [32]byte + Bus_info [32]byte + Erom_version [32]byte + Reserved2 [12]byte + N_priv_flags uint32 + N_stats uint32 + Testinfo_len uint32 + Eedump_len uint32 + Regdump_len uint32 +} + type ( HIDRawReportDescriptor struct { Size uint32 diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go new file mode 100644 index 000000000..af7a72017 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go @@ -0,0 +1,627 @@ +// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go +// Code generated by the command above; see README.md. DO NOT EDIT. + +//go:build ppc && linux +// +build ppc,linux + +package unix + +const ( + SizeofPtr = 0x4 + SizeofLong = 0x4 +) + +type ( + _C_long int32 +) + +type Timespec struct { + Sec int32 + Nsec int32 +} + +type Timeval struct { + Sec int32 + Usec int32 +} + +type Timex struct { + Modes uint32 + Offset int32 + Freq int32 + Maxerror int32 + Esterror int32 + Status int32 + Constant int32 + Precision int32 + Tolerance int32 + Time Timeval + Tick int32 + Ppsfreq int32 + Jitter int32 + Shift int32 + Stabil int32 + Jitcnt int32 + Calcnt int32 + Errcnt int32 + Stbcnt int32 + Tai int32 + _ [44]byte +} + +type Time_t int32 + +type Tms struct { + Utime int32 + Stime int32 + Cutime int32 + Cstime int32 +} + +type Utimbuf struct { + Actime int32 + Modtime int32 +} + +type Rusage struct { + Utime Timeval + Stime Timeval + Maxrss int32 + Ixrss int32 + Idrss int32 + Isrss int32 + Minflt int32 + Majflt int32 + Nswap int32 + Inblock int32 + Oublock int32 + Msgsnd int32 + Msgrcv int32 + Nsignals int32 + Nvcsw int32 + Nivcsw int32 +} + +type Stat_t struct { + Dev uint64 + Ino uint64 + Mode uint32 + Nlink uint32 + Uid uint32 + Gid uint32 + Rdev uint64 + _ uint16 + _ [4]byte + Size int64 + Blksize int32 + _ [4]byte + Blocks int64 + Atim Timespec + Mtim Timespec + Ctim Timespec + _ uint32 + _ uint32 +} + +type Dirent struct { + Ino uint64 + Off int64 + Reclen uint16 + Type uint8 + Name [256]uint8 + _ [5]byte +} + +type Flock_t struct { + Type int16 + Whence int16 + _ [4]byte + Start int64 + Len int64 + Pid int32 + _ [4]byte +} + +type DmNameList struct { + Dev uint64 + Next uint32 + Name [0]byte + _ [4]byte +} + +const ( + FADV_DONTNEED = 0x4 + FADV_NOREUSE = 0x5 +) + +type RawSockaddr struct { + Family uint16 + Data [14]uint8 +} + +type RawSockaddrAny struct { + Addr RawSockaddr + Pad [96]uint8 +} + +type Iovec struct { + Base *byte + Len uint32 +} + +type Msghdr struct { + Name *byte + Namelen uint32 + Iov *Iovec + Iovlen uint32 + Control *byte + Controllen uint32 + Flags int32 +} + +type Cmsghdr struct { + Len uint32 + Level int32 + Type int32 +} + +const ( + SizeofIovec = 0x8 + SizeofMsghdr = 0x1c + SizeofCmsghdr = 0xc +) + +const ( + SizeofSockFprog = 0x8 +) + +type PtraceRegs struct { + Gpr [32]uint32 + Nip uint32 + Msr uint32 + Orig_gpr3 uint32 + Ctr uint32 + Link uint32 + Xer uint32 + Ccr uint32 + Mq uint32 + Trap uint32 + Dar uint32 + Dsisr uint32 + Result uint32 +} + +type FdSet struct { + Bits [32]int32 +} + +type Sysinfo_t struct { + Uptime int32 + Loads [3]uint32 + Totalram uint32 + Freeram uint32 + Sharedram uint32 + Bufferram uint32 + Totalswap uint32 + Freeswap uint32 + Procs uint16 + Pad uint16 + Totalhigh uint32 + Freehigh uint32 + Unit uint32 + _ [8]uint8 +} + +type Ustat_t struct { + Tfree int32 + Tinode uint32 + Fname [6]uint8 + Fpack [6]uint8 +} + +type EpollEvent struct { + Events uint32 + _ int32 + Fd int32 + Pad int32 +} + +const ( + POLLRDHUP = 0x2000 +) + +type Sigset_t struct { + Val [32]uint32 +} + +const _C__NSIG = 0x41 + +type Termios struct { + Iflag uint32 + Oflag uint32 + Cflag uint32 + Lflag uint32 + Cc [19]uint8 + Line uint8 + Ispeed uint32 + Ospeed uint32 +} + +type Taskstats struct { + Version uint16 + Ac_exitcode uint32 + Ac_flag uint8 + Ac_nice uint8 + _ [4]byte + Cpu_count uint64 + Cpu_delay_total uint64 + Blkio_count uint64 + Blkio_delay_total uint64 + Swapin_count uint64 + Swapin_delay_total uint64 + Cpu_run_real_total uint64 + Cpu_run_virtual_total uint64 + Ac_comm [32]uint8 + Ac_sched uint8 + Ac_pad [3]uint8 + _ [4]byte + Ac_uid uint32 + Ac_gid uint32 + Ac_pid uint32 + Ac_ppid uint32 + Ac_btime uint32 + _ [4]byte + Ac_etime uint64 + Ac_utime uint64 + Ac_stime uint64 + Ac_minflt uint64 + Ac_majflt uint64 + Coremem uint64 + Virtmem uint64 + Hiwater_rss uint64 + Hiwater_vm uint64 + Read_char uint64 + Write_char uint64 + Read_syscalls uint64 + Write_syscalls uint64 + Read_bytes uint64 + Write_bytes uint64 + Cancelled_write_bytes uint64 + Nvcsw uint64 + Nivcsw uint64 + Ac_utimescaled uint64 + Ac_stimescaled uint64 + Cpu_scaled_run_real_total uint64 + Freepages_count uint64 + Freepages_delay_total uint64 + Thrashing_count uint64 + Thrashing_delay_total uint64 + Ac_btime64 uint64 +} + +type cpuMask uint32 + +const ( + _NCPUBITS = 0x20 +) + +const ( + CBitFieldMaskBit0 = 0x8000000000000000 + CBitFieldMaskBit1 = 0x4000000000000000 + CBitFieldMaskBit2 = 0x2000000000000000 + CBitFieldMaskBit3 = 0x1000000000000000 + CBitFieldMaskBit4 = 0x800000000000000 + CBitFieldMaskBit5 = 0x400000000000000 + CBitFieldMaskBit6 = 0x200000000000000 + CBitFieldMaskBit7 = 0x100000000000000 + CBitFieldMaskBit8 = 0x80000000000000 + CBitFieldMaskBit9 = 0x40000000000000 + CBitFieldMaskBit10 = 0x20000000000000 + CBitFieldMaskBit11 = 0x10000000000000 + CBitFieldMaskBit12 = 0x8000000000000 + CBitFieldMaskBit13 = 0x4000000000000 + CBitFieldMaskBit14 = 0x2000000000000 + CBitFieldMaskBit15 = 0x1000000000000 + CBitFieldMaskBit16 = 0x800000000000 + CBitFieldMaskBit17 = 0x400000000000 + CBitFieldMaskBit18 = 0x200000000000 + CBitFieldMaskBit19 = 0x100000000000 + CBitFieldMaskBit20 = 0x80000000000 + CBitFieldMaskBit21 = 0x40000000000 + CBitFieldMaskBit22 = 0x20000000000 + CBitFieldMaskBit23 = 0x10000000000 + CBitFieldMaskBit24 = 0x8000000000 + CBitFieldMaskBit25 = 0x4000000000 + CBitFieldMaskBit26 = 0x2000000000 + CBitFieldMaskBit27 = 0x1000000000 + CBitFieldMaskBit28 = 0x800000000 + CBitFieldMaskBit29 = 0x400000000 + CBitFieldMaskBit30 = 0x200000000 + CBitFieldMaskBit31 = 0x100000000 + CBitFieldMaskBit32 = 0x80000000 + CBitFieldMaskBit33 = 0x40000000 + CBitFieldMaskBit34 = 0x20000000 + CBitFieldMaskBit35 = 0x10000000 + CBitFieldMaskBit36 = 0x8000000 + CBitFieldMaskBit37 = 0x4000000 + CBitFieldMaskBit38 = 0x2000000 + CBitFieldMaskBit39 = 0x1000000 + CBitFieldMaskBit40 = 0x800000 + CBitFieldMaskBit41 = 0x400000 + CBitFieldMaskBit42 = 0x200000 + CBitFieldMaskBit43 = 0x100000 + CBitFieldMaskBit44 = 0x80000 + CBitFieldMaskBit45 = 0x40000 + CBitFieldMaskBit46 = 0x20000 + CBitFieldMaskBit47 = 0x10000 + CBitFieldMaskBit48 = 0x8000 + CBitFieldMaskBit49 = 0x4000 + CBitFieldMaskBit50 = 0x2000 + CBitFieldMaskBit51 = 0x1000 + CBitFieldMaskBit52 = 0x800 + CBitFieldMaskBit53 = 0x400 + CBitFieldMaskBit54 = 0x200 + CBitFieldMaskBit55 = 0x100 + CBitFieldMaskBit56 = 0x80 + CBitFieldMaskBit57 = 0x40 + CBitFieldMaskBit58 = 0x20 + CBitFieldMaskBit59 = 0x10 + CBitFieldMaskBit60 = 0x8 + CBitFieldMaskBit61 = 0x4 + CBitFieldMaskBit62 = 0x2 + CBitFieldMaskBit63 = 0x1 +) + +type SockaddrStorage struct { + Family uint16 + _ [122]uint8 + _ uint32 +} + +type HDGeometry struct { + Heads uint8 + Sectors uint8 + Cylinders uint16 + Start uint32 +} + +type Statfs_t struct { + Type int32 + Bsize int32 + Blocks uint64 + Bfree uint64 + Bavail uint64 + Files uint64 + Ffree uint64 + Fsid Fsid + Namelen int32 + Frsize int32 + Flags int32 + Spare [4]int32 + _ [4]byte +} + +type TpacketHdr struct { + Status uint32 + Len uint32 + Snaplen uint32 + Mac uint16 + Net uint16 + Sec uint32 + Usec uint32 +} + +const ( + SizeofTpacketHdr = 0x18 +) + +type RTCPLLInfo struct { + Ctrl int32 + Value int32 + Max int32 + Min int32 + Posmult int32 + Negmult int32 + Clock int32 +} + +type BlkpgPartition struct { + Start int64 + Length int64 + Pno int32 + Devname [64]uint8 + Volname [64]uint8 + _ [4]byte +} + +const ( + BLKPG = 0x20001269 +) + +type XDPUmemReg struct { + Addr uint64 + Len uint64 + Size uint32 + Headroom uint32 + Flags uint32 + _ [4]byte +} + +type CryptoUserAlg struct { + Name [64]uint8 + Driver_name [64]uint8 + Module_name [64]uint8 + Type uint32 + Mask uint32 + Refcnt uint32 + Flags uint32 +} + +type CryptoStatAEAD struct { + Type [64]uint8 + Encrypt_cnt uint64 + Encrypt_tlen uint64 + Decrypt_cnt uint64 + Decrypt_tlen uint64 + Err_cnt uint64 +} + +type CryptoStatAKCipher struct { + Type [64]uint8 + Encrypt_cnt uint64 + Encrypt_tlen uint64 + Decrypt_cnt uint64 + Decrypt_tlen uint64 + Verify_cnt uint64 + Sign_cnt uint64 + Err_cnt uint64 +} + +type CryptoStatCipher struct { + Type [64]uint8 + Encrypt_cnt uint64 + Encrypt_tlen uint64 + Decrypt_cnt uint64 + Decrypt_tlen uint64 + Err_cnt uint64 +} + +type CryptoStatCompress struct { + Type [64]uint8 + Compress_cnt uint64 + Compress_tlen uint64 + Decompress_cnt uint64 + Decompress_tlen uint64 + Err_cnt uint64 +} + +type CryptoStatHash struct { + Type [64]uint8 + Hash_cnt uint64 + Hash_tlen uint64 + Err_cnt uint64 +} + +type CryptoStatKPP struct { + Type [64]uint8 + Setsecret_cnt uint64 + Generate_public_key_cnt uint64 + Compute_shared_secret_cnt uint64 + Err_cnt uint64 +} + +type CryptoStatRNG struct { + Type [64]uint8 + Generate_cnt uint64 + Generate_tlen uint64 + Seed_cnt uint64 + Err_cnt uint64 +} + +type CryptoStatLarval struct { + Type [64]uint8 +} + +type CryptoReportLarval struct { + Type [64]uint8 +} + +type CryptoReportHash struct { + Type [64]uint8 + Blocksize uint32 + Digestsize uint32 +} + +type CryptoReportCipher struct { + Type [64]uint8 + Blocksize uint32 + Min_keysize uint32 + Max_keysize uint32 +} + +type CryptoReportBlkCipher struct { + Type [64]uint8 + Geniv [64]uint8 + Blocksize uint32 + Min_keysize uint32 + Max_keysize uint32 + Ivsize uint32 +} + +type CryptoReportAEAD struct { + Type [64]uint8 + Geniv [64]uint8 + Blocksize uint32 + Maxauthsize uint32 + Ivsize uint32 +} + +type CryptoReportComp struct { + Type [64]uint8 +} + +type CryptoReportRNG struct { + Type [64]uint8 + Seedsize uint32 +} + +type CryptoReportAKCipher struct { + Type [64]uint8 +} + +type CryptoReportKPP struct { + Type [64]uint8 +} + +type CryptoReportAcomp struct { + Type [64]uint8 +} + +type LoopInfo struct { + Number int32 + Device uint32 + Inode uint32 + Rdevice uint32 + Offset int32 + Encrypt_type int32 + Encrypt_key_size int32 + Flags int32 + Name [64]uint8 + Encrypt_key [32]uint8 + Init [2]uint32 + Reserved [4]uint8 +} + +type TIPCSubscr struct { + Seq TIPCServiceRange + Timeout uint32 + Filter uint32 + Handle [8]uint8 +} + +type TIPCSIOCLNReq struct { + Peer uint32 + Id uint32 + Linkname [68]uint8 +} + +type TIPCSIOCNodeIDReq struct { + Peer uint32 + Id [16]uint8 +} + +type PPSKInfo struct { + Assert_sequence uint32 + Clear_sequence uint32 + Assert_tu PPSKTime + Clear_tu PPSKTime + Current_mode int32 + _ [4]byte +} + +const ( + PPS_GETPARAMS = 0x400470a1 + PPS_SETPARAMS = 0x800470a2 + PPS_GETCAP = 0x400470a3 + PPS_FETCH = 0xc00470a4 +) diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go index 0e428ecbb..111c10d3a 100644 --- a/vendor/golang.org/x/sys/windows/security_windows.go +++ b/vendor/golang.org/x/sys/windows/security_windows.go @@ -1334,7 +1334,11 @@ func (absoluteSD *SECURITY_DESCRIPTOR) ToSelfRelative() (selfRelativeSD *SECURIT } func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor() *SECURITY_DESCRIPTOR { - sdLen := (int)(selfRelativeSD.Length()) + sdLen := int(selfRelativeSD.Length()) + const min = int(unsafe.Sizeof(SECURITY_DESCRIPTOR{})) + if sdLen < min { + sdLen = min + } var src []byte h := (*unsafeheader.Slice)(unsafe.Pointer(&src)) @@ -1342,7 +1346,15 @@ func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor() h.Len = sdLen h.Cap = sdLen - dst := make([]byte, sdLen) + const psize = int(unsafe.Sizeof(uintptr(0))) + + var dst []byte + h = (*unsafeheader.Slice)(unsafe.Pointer(&dst)) + alloc := make([]uintptr, (sdLen+psize-1)/psize) + h.Data = (*unsafeheader.Slice)(unsafe.Pointer(&alloc)).Data + h.Len = sdLen + h.Cap = sdLen + copy(dst, src) return (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&dst[0])) } diff --git a/vendor/golang.org/x/text/internal/language/language.go b/vendor/golang.org/x/text/internal/language/language.go index 1e74d1aff..f41aedcfc 100644 --- a/vendor/golang.org/x/text/internal/language/language.go +++ b/vendor/golang.org/x/text/internal/language/language.go @@ -303,9 +303,17 @@ func (t Tag) Extensions() []string { // are of the allowed values defined for the Unicode locale extension ('u') in // https://www.unicode.org/reports/tr35/#Unicode_Language_and_Locale_Identifiers. // TypeForKey will traverse the inheritance chain to get the correct value. +// +// If there are multiple types associated with a key, only the first will be +// returned. If there is no type associated with a key, it returns the empty +// string. func (t Tag) TypeForKey(key string) string { - if start, end, _ := t.findTypeForKey(key); end != start { - return t.str[start:end] + if _, start, end, _ := t.findTypeForKey(key); end != start { + s := t.str[start:end] + if p := strings.IndexByte(s, '-'); p >= 0 { + s = s[:p] + } + return s } return "" } @@ -329,13 +337,13 @@ func (t Tag) SetTypeForKey(key, value string) (Tag, error) { // Remove the setting if value is "". if value == "" { - start, end, _ := t.findTypeForKey(key) - if start != end { - // Remove key tag and leading '-'. - start -= 4 - + start, sep, end, _ := t.findTypeForKey(key) + if start != sep { // Remove a possible empty extension. - if (end == len(t.str) || t.str[end+2] == '-') && t.str[start-2] == '-' { + switch { + case t.str[start-2] != '-': // has previous elements. + case end == len(t.str), // end of string + end+2 < len(t.str) && t.str[end+2] == '-': // end of extension start -= 2 } if start == int(t.pVariant) && end == len(t.str) { @@ -381,14 +389,14 @@ func (t Tag) SetTypeForKey(key, value string) (Tag, error) { t.str = string(buf[:uStart+len(b)]) } else { s := t.str - start, end, hasExt := t.findTypeForKey(key) - if start == end { + start, sep, end, hasExt := t.findTypeForKey(key) + if start == sep { if hasExt { b = b[2:] } - t.str = fmt.Sprintf("%s-%s%s", s[:start], b, s[end:]) + t.str = fmt.Sprintf("%s-%s%s", s[:sep], b, s[end:]) } else { - t.str = fmt.Sprintf("%s%s%s", s[:start], value, s[end:]) + t.str = fmt.Sprintf("%s-%s%s", s[:start+3], value, s[end:]) } } return t, nil @@ -399,10 +407,10 @@ func (t Tag) SetTypeForKey(key, value string) (Tag, error) { // wasn't found. The hasExt return value reports whether an -u extension was present. // Note: the extensions are typically very small and are likely to contain // only one key-type pair. -func (t Tag) findTypeForKey(key string) (start, end int, hasExt bool) { +func (t Tag) findTypeForKey(key string) (start, sep, end int, hasExt bool) { p := int(t.pExt) if len(key) != 2 || p == len(t.str) || p == 0 { - return p, p, false + return p, p, p, false } s := t.str @@ -410,10 +418,10 @@ func (t Tag) findTypeForKey(key string) (start, end int, hasExt bool) { for p++; s[p] != 'u'; p++ { if s[p] > 'u' { p-- - return p, p, false + return p, p, p, false } if p = nextExtension(s, p); p == len(s) { - return len(s), len(s), false + return len(s), len(s), len(s), false } } // Proceed to the hyphen following the extension name. @@ -424,40 +432,28 @@ func (t Tag) findTypeForKey(key string) (start, end int, hasExt bool) { // Iterate over keys until we get the end of a section. for { - // p points to the hyphen preceding the current token. - if p3 := p + 3; s[p3] == '-' { - // Found a key. - // Check whether we just processed the key that was requested. - if curKey == key { - return start, p, true + end = p + for p++; p < len(s) && s[p] != '-'; p++ { + } + n := p - end - 1 + if n <= 2 && curKey == key { + if sep < end { + sep++ } - // Set to the next key and continue scanning type tokens. - curKey = s[p+1 : p3] + return start, sep, end, true + } + switch n { + case 0, // invalid string + 1: // next extension + return end, end, end, true + case 2: + // next key + curKey = s[end+1 : p] if curKey > key { - return p, p, true + return end, end, end, true } - // Start of the type token sequence. - start = p + 4 - // A type is at least 3 characters long. - p += 7 // 4 + 3 - } else { - // Attribute or type, which is at least 3 characters long. - p += 4 - } - // p points past the third character of a type or attribute. - max := p + 5 // maximum length of token plus hyphen. - if len(s) < max { - max = len(s) - } - for ; p < max && s[p] != '-'; p++ { - } - // Bail if we have exhausted all tokens or if the next token starts - // a new extension. - if p == len(s) || s[p+2] == '-' { - if curKey == key { - return start, p, true - } - return p, p, true + start = end + sep = p } } } diff --git a/vendor/golang.org/x/text/internal/language/parse.go b/vendor/golang.org/x/text/internal/language/parse.go index a2fdad89d..c696fd0bd 100644 --- a/vendor/golang.org/x/text/internal/language/parse.go +++ b/vendor/golang.org/x/text/internal/language/parse.go @@ -138,7 +138,7 @@ func (s *scanner) resizeRange(oldStart, oldEnd, newSize int) { b = make([]byte, n) copy(b, s.b[:oldStart]) } else { - b = s.b[:n:n] + b = s.b[:n] } copy(b[end:], s.b[oldEnd:]) s.b = b @@ -483,7 +483,7 @@ func parseExtensions(scan *scanner) int { func parseExtension(scan *scanner) int { start, end := scan.start, scan.end switch scan.token[0] { - case 'u': + case 'u': // https://www.ietf.org/rfc/rfc6067.txt attrStart := end scan.scan() for last := []byte{}; len(scan.token) > 2; scan.scan() { @@ -503,27 +503,29 @@ func parseExtension(scan *scanner) int { last = scan.token end = scan.end } + // Scan key-type sequences. A key is of length 2 and may be followed + // by 0 or more "type" subtags from 3 to the maximum of 8 letters. var last, key []byte for attrEnd := end; len(scan.token) == 2; last = key { key = scan.token - keyEnd := scan.end - end = scan.acceptMinSize(3) + end = scan.end + for scan.scan(); end < scan.end && len(scan.token) > 2; scan.scan() { + end = scan.end + } // TODO: check key value validity - if keyEnd == end || bytes.Compare(key, last) != 1 { + if bytes.Compare(key, last) != 1 || scan.err != nil { // We have an invalid key or the keys are not sorted. // Start scanning keys from scratch and reorder. p := attrEnd + 1 scan.next = p keys := [][]byte{} for scan.scan(); len(scan.token) == 2; { - keyStart, keyEnd := scan.start, scan.end - end = scan.acceptMinSize(3) - if keyEnd != end { - keys = append(keys, scan.b[keyStart:end]) - } else { - scan.setError(ErrSyntax) - end = keyStart + keyStart := scan.start + end = scan.end + for scan.scan(); end < scan.end && len(scan.token) > 2; scan.scan() { + end = scan.end } + keys = append(keys, scan.b[keyStart:end]) } sort.Stable(bytesSort{keys, 2}) if n := len(keys); n > 0 { @@ -547,7 +549,7 @@ func parseExtension(scan *scanner) int { break } } - case 't': + case 't': // https://www.ietf.org/rfc/rfc6497.txt scan.scan() if n := len(scan.token); n >= 2 && n <= 3 && isAlpha(scan.token[1]) { _, end = parseTag(scan) diff --git a/vendor/golang.org/x/text/language/go1_1.go b/vendor/golang.org/x/text/language/go1_1.go index 380f4c09f..c7435583b 100644 --- a/vendor/golang.org/x/text/language/go1_1.go +++ b/vendor/golang.org/x/text/language/go1_1.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !go1.2 // +build !go1.2 package language diff --git a/vendor/golang.org/x/text/language/go1_2.go b/vendor/golang.org/x/text/language/go1_2.go index 38268c57a..77aaaa299 100644 --- a/vendor/golang.org/x/text/language/go1_2.go +++ b/vendor/golang.org/x/text/language/go1_2.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build go1.2 // +build go1.2 package language diff --git a/vendor/golang.org/x/text/language/language.go b/vendor/golang.org/x/text/language/language.go index abfa17f66..289b3a36d 100644 --- a/vendor/golang.org/x/text/language/language.go +++ b/vendor/golang.org/x/text/language/language.go @@ -412,6 +412,10 @@ func (t Tag) Extensions() []Extension { // are of the allowed values defined for the Unicode locale extension ('u') in // https://www.unicode.org/reports/tr35/#Unicode_Language_and_Locale_Identifiers. // TypeForKey will traverse the inheritance chain to get the correct value. +// +// If there are multiple types associated with a key, only the first will be +// returned. If there is no type associated with a key, it returns the empty +// string. func (t Tag) TypeForKey(key string) string { if !compact.Tag(t).MayHaveExtensions() { if key != "rg" && key != "va" { diff --git a/vendor/golang.org/x/text/language/tables.go b/vendor/golang.org/x/text/language/tables.go index 87e58a02a..96b57f610 100644 --- a/vendor/golang.org/x/text/language/tables.go +++ b/vendor/golang.org/x/text/language/tables.go @@ -47,7 +47,7 @@ const ( _Zzzz = 251 ) -var regionToGroups = []uint8{ // 357 elements +var regionToGroups = []uint8{ // 358 elements // Entry 0 - 3F 0x00, 0x00, 0x00, 0x04, 0x04, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x04, 0x04, 0x04, 0x00, @@ -98,8 +98,8 @@ var regionToGroups = []uint8{ // 357 elements 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, -} // Size: 381 bytes + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, +} // Size: 382 bytes var paradigmLocales = [][3]uint16{ // 3 elements 0: [3]uint16{0x139, 0x0, 0x7b}, @@ -295,4 +295,4 @@ var matchRegion = []regionIntelligibility{ // 15 elements 14: {lang: 0x529, script: 0x3c, group: 0x80, distance: 0x5}, } // Size: 114 bytes -// Total table size 1471 bytes (1KiB); checksum: 4CB1CD46 +// Total table size 1472 bytes (1KiB); checksum: F86C669 diff --git a/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go b/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go index e4c62289f..8a7392c4a 100644 --- a/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go +++ b/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build go1.10 // +build go1.10 package bidirule diff --git a/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go b/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go index 02b9e1e9d..bb0a92001 100644 --- a/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go +++ b/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go @@ -2,6 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. +//go:build !go1.10 // +build !go1.10 package bidirule diff --git a/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go index d8c94e1bd..42fa8d72c 100644 --- a/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go +++ b/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.10 && !go1.13 // +build go1.10,!go1.13 package bidi diff --git a/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go index 16b11db53..56a0e1ea2 100644 --- a/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go +++ b/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.13 && !go1.14 // +build go1.13,!go1.14 package bidi diff --git a/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go index 647f2d427..baacf32b4 100644 --- a/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go +++ b/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.14 && !go1.16 // +build go1.14,!go1.16 package bidi diff --git a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go index c937d0976..f248effae 100644 --- a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go +++ b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.16 // +build go1.16 package bidi diff --git a/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go index 0ca0193eb..f517fdb20 100644 --- a/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go +++ b/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build !go1.10 // +build !go1.10 package bidi diff --git a/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go index 26fbd55a1..f5a078827 100644 --- a/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go +++ b/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.10 && !go1.13 // +build go1.10,!go1.13 package norm diff --git a/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go index 2c58f09ba..cb7239c43 100644 --- a/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go +++ b/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.13 && !go1.14 // +build go1.13,!go1.14 package norm diff --git a/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go index 7e1ae096e..11b273300 100644 --- a/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go +++ b/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.14 && !go1.16 // +build go1.14,!go1.16 package norm diff --git a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go index 9ea1b4214..96a130d30 100644 --- a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go +++ b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.16 // +build go1.16 package norm diff --git a/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go index 942906929..0175eae50 100644 --- a/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go +++ b/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build !go1.10 // +build !go1.10 package norm diff --git a/vendor/golang.org/x/text/width/tables10.0.0.go b/vendor/golang.org/x/text/width/tables10.0.0.go index decb8e480..186b1d4ef 100644 --- a/vendor/golang.org/x/text/width/tables10.0.0.go +++ b/vendor/golang.org/x/text/width/tables10.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.10 && !go1.13 // +build go1.10,!go1.13 package width diff --git a/vendor/golang.org/x/text/width/tables11.0.0.go b/vendor/golang.org/x/text/width/tables11.0.0.go index 3c75e428f..990f7622f 100644 --- a/vendor/golang.org/x/text/width/tables11.0.0.go +++ b/vendor/golang.org/x/text/width/tables11.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.13 && !go1.14 // +build go1.13,!go1.14 package width diff --git a/vendor/golang.org/x/text/width/tables12.0.0.go b/vendor/golang.org/x/text/width/tables12.0.0.go index 543942b9e..85296297e 100644 --- a/vendor/golang.org/x/text/width/tables12.0.0.go +++ b/vendor/golang.org/x/text/width/tables12.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.14 && !go1.16 // +build go1.14,!go1.16 package width diff --git a/vendor/golang.org/x/text/width/tables13.0.0.go b/vendor/golang.org/x/text/width/tables13.0.0.go index 804264ca6..bac3f1aee 100644 --- a/vendor/golang.org/x/text/width/tables13.0.0.go +++ b/vendor/golang.org/x/text/width/tables13.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build go1.16 // +build go1.16 package width diff --git a/vendor/golang.org/x/text/width/tables9.0.0.go b/vendor/golang.org/x/text/width/tables9.0.0.go index 7069e2634..b3db84f6f 100644 --- a/vendor/golang.org/x/text/width/tables9.0.0.go +++ b/vendor/golang.org/x/text/width/tables9.0.0.go @@ -1,5 +1,6 @@ // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT. +//go:build !go1.10 // +build !go1.10 package width diff --git a/vendor/modules.txt b/vendor/modules.txt index 38c2bd851..4005b6de6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -171,7 +171,7 @@ github.com/boombuler/barcode/utils # github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b ## explicit github.com/bradfitz/gomemcache/memcache -# github.com/caddyserver/certmagic v0.12.0 +# github.com/caddyserver/certmagic v0.13.0 ## explicit github.com/caddyserver/certmagic # github.com/cespare/xxhash/v2 v2.1.1 @@ -538,7 +538,6 @@ github.com/lib/pq github.com/lib/pq/oid github.com/lib/pq/scram # github.com/libdns/libdns v0.2.0 -## explicit github.com/libdns/libdns # github.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96 ## explicit @@ -590,7 +589,6 @@ github.com/mgechev/revive/formatter github.com/mgechev/revive/lint github.com/mgechev/revive/rule # github.com/mholt/acmez v0.1.3 -## explicit github.com/mholt/acmez github.com/mholt/acmez/acme # github.com/mholt/archiver/v3 v3.5.0 @@ -599,7 +597,7 @@ github.com/mholt/archiver/v3 # github.com/microcosm-cc/bluemonday v1.0.7 ## explicit github.com/microcosm-cc/bluemonday -# github.com/miekg/dns v1.1.40 +# github.com/miekg/dns v1.1.41 ## explicit github.com/miekg/dns # github.com/minio/md5-simd v1.1.2 @@ -860,7 +858,7 @@ go.uber.org/zap/internal/bufferpool go.uber.org/zap/internal/color go.uber.org/zap/internal/exit go.uber.org/zap/zapcore -# golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83 +# golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b ## explicit golang.org/x/crypto/argon2 golang.org/x/crypto/bcrypt @@ -890,7 +888,7 @@ golang.org/x/crypto/ssh/knownhosts # golang.org/x/mod v0.4.1 golang.org/x/mod/module golang.org/x/mod/semver -# golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 +# golang.org/x/net v0.0.0-20210421230115-4e50805a0758 ## explicit golang.org/x/net/bpf golang.org/x/net/context @@ -915,7 +913,7 @@ golang.org/x/oauth2/google/internal/externalaccount golang.org/x/oauth2/internal golang.org/x/oauth2/jws golang.org/x/oauth2/jwt -# golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 +# golang.org/x/sys v0.0.0-20210421221651-33663a62ff08 ## explicit golang.org/x/sys/cpu golang.org/x/sys/execabs @@ -924,7 +922,7 @@ golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/svc golang.org/x/sys/windows/svc/debug -# golang.org/x/text v0.3.5 +# golang.org/x/text v0.3.6 ## explicit golang.org/x/text/encoding golang.org/x/text/encoding/charmap