Update golang.org/x/crypto (#19097) (#19098)

Backport #19097 * Update golang.org/x/crypto (#19097) - Backport #19097 * Fix deprecation notice * Backport workaround removal
2022-03-19 12:16:15 +00:00 · 2022-03-19 12:16:15 +00:00 · c1e6be47d7
commit c1e6be47d7
parent 79a5e68816
3 changed files with 3 additions and 59 deletions
--- a/go.mod
+++ b/go.mod
@ -121,7 +121,7 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect
 	go.uber.org/zap v1.19.0 // indirect
-	golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871
+	golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
 	golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd
 	golang.org/x/oauth2 v0.0.0-20210628180205-a41e5a781914
 	golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e
--- a/go.sum
+++ b/go.sum
@ -1262,8 +1262,9 @@ golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871 h1:/pEO3GD/ABYAjuakUS6xSEmmlyVS4kxBNkeA9tLJiTI=
 golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd h1:XcWmESyNjXJMLahc3mqVQJcgSTDxFxhETVlfk9uGc38=
 golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
--- a/modules/ssh/ssh.go
+++ b/modules/ssh/ssh.go
@ -317,64 +317,7 @@ func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
 		}
 	}
 	// Workaround slightly broken behaviour in x/crypto/ssh/handshake.go:458-463
 	//
 	// Fundamentally the issue here is that HostKeyAlgos make the incorrect assumption
 	// that the PublicKey().Type() matches the signature algorithm.
 	//
 	// Therefore we need to add duplicates for the RSA with different signing algorithms.
 	signers := make([]ssh.Signer, 0, len(srv.HostSigners))
 	for _, signer := range srv.HostSigners {
 		if signer.PublicKey().Type() == "ssh-rsa" {
 			signers = append(signers,
 				&wrapSigner{
 					Signer:    signer,
 					algorithm: gossh.SigAlgoRSASHA2512,
 				},
 				&wrapSigner{
 					Signer:    signer,
 					algorithm: gossh.SigAlgoRSASHA2256,
 				},
 			)
 		}
 		signers = append(signers, signer)
 	}
 	srv.HostSigners = signers
 	go listen(&srv)
 }
 // wrapSigner wraps a signer and overrides its public key type with the provided algorithm
 type wrapSigner struct {
 	ssh.Signer
 	algorithm string
 }
 // PublicKey returns an associated PublicKey instance.
 func (s *wrapSigner) PublicKey() gossh.PublicKey {
 	return &wrapPublicKey{
 		PublicKey: s.Signer.PublicKey(),
 		algorithm: s.algorithm,
 	}
 }
 // Sign returns raw signature for the given data. This method
 // will apply the hash specified for the keytype to the data using
 // the algorithm assigned for this key
 func (s *wrapSigner) Sign(rand io.Reader, data []byte) (*gossh.Signature, error) {
 	return s.Signer.(gossh.AlgorithmSigner).SignWithAlgorithm(rand, data, s.algorithm)
 }
 // wrapPublicKey wraps a PublicKey and overrides its type
 type wrapPublicKey struct {
 	gossh.PublicKey
 	algorithm string
 }
 // Type returns the algorithm
 func (k *wrapPublicKey) Type() string {
 	return k.algorithm
 }
 // GenKeyPair make a pair of public and private keys for SSH access.