updated dip vendors
This commit is contained in:
parent
828f3a942f
commit
ad68e8ddb5
6
go.mod
6
go.mod
@ -4,12 +4,8 @@ go 1.13
|
|||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/gobuffalo/packr/v2 v2.7.1
|
github.com/gobuffalo/packr/v2 v2.7.1
|
||||||
github.com/labstack/echo/v4 v4.1.11
|
github.com/labstack/echo/v4 v4.1.14
|
||||||
github.com/likexian/whois-go v1.3.1
|
github.com/likexian/whois-go v1.3.1
|
||||||
github.com/likexian/whois-parser-go v1.10.2
|
github.com/likexian/whois-parser-go v1.10.2
|
||||||
github.com/markbates/pkger v0.14.0
|
github.com/markbates/pkger v0.14.0
|
||||||
golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 // indirect
|
|
||||||
golang.org/x/net v0.0.0-20190923162816-aa69164e4478 // indirect
|
|
||||||
golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe // indirect
|
|
||||||
golang.org/x/text v0.3.2 // indirect
|
|
||||||
)
|
)
|
||||||
|
27
go.sum
27
go.sum
@ -8,6 +8,7 @@ github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8
|
|||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
|
||||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
|
github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
|
||||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||||
github.com/gobuffalo/envy v1.7.0 h1:GlXgaiBkmrYMHco6t4j7SacKO4XUjvh5pwXh0f4uxXU=
|
github.com/gobuffalo/envy v1.7.0 h1:GlXgaiBkmrYMHco6t4j7SacKO4XUjvh5pwXh0f4uxXU=
|
||||||
@ -34,8 +35,8 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
|
|||||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
||||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
github.com/labstack/echo/v4 v4.1.11 h1:z0BZoArY4FqdpUEl+wlHp4hnr/oSR6MTmQmv8OHSoww=
|
github.com/labstack/echo/v4 v4.1.14 h1:h8XP66UfB3tUm+L3QPw7tmwAu3pJaA/nyfHPCcz46ic=
|
||||||
github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g=
|
github.com/labstack/echo/v4 v4.1.14/go.mod h1:Q5KZ1vD3V5FEzjM79hjwVrC3ABr7F5IdM23bXQMRDGg=
|
||||||
github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0=
|
github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0=
|
||||||
github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
|
github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
|
||||||
github.com/likexian/gokit v0.21.11 h1:tBA2U/5e9Pq24dsFuDZ2ykjsaSznjNnovOOK3ljU1ww=
|
github.com/likexian/gokit v0.21.11 h1:tBA2U/5e9Pq24dsFuDZ2ykjsaSznjNnovOOK3ljU1ww=
|
||||||
@ -49,9 +50,13 @@ github.com/markbates/pkger v0.14.0 h1:z6KCEBkr3zJTkAMz5SJzjA9Izo+Ipb6XXvOIjQEW+P
|
|||||||
github.com/markbates/pkger v0.14.0/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQDXbLhiuI=
|
github.com/markbates/pkger v0.14.0/go.mod h1:0JoVlrol20BSywW79rN3kdFFsE5xYM+rSCQDXbLhiuI=
|
||||||
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
|
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
|
||||||
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
|
github.com/mattn/go-colorable v0.1.4 h1:snbPLB8fVfU9iwbbo30TPtbLRzwWu6aJS6Xh4eaaviA=
|
||||||
|
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
|
github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
|
||||||
github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
|
github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
|
||||||
|
github.com/mattn/go-isatty v0.0.11 h1:FxPOTFNqGkuDUGi3H/qkUbQO4ZiBa2brKq5r0l8TGeM=
|
||||||
|
github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
|
||||||
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
||||||
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
|
||||||
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
|
||||||
@ -85,19 +90,19 @@ github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6Kllzaw
|
|||||||
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
||||||
github.com/valyala/fasttemplate v1.0.1 h1:tY9CJiPnMXf1ERmG2EyK7gNUd+c6RKGD0IfU8WdUSz8=
|
github.com/valyala/fasttemplate v1.0.1 h1:tY9CJiPnMXf1ERmG2EyK7gNUd+c6RKGD0IfU8WdUSz8=
|
||||||
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
||||||
|
github.com/valyala/fasttemplate v1.1.0 h1:RZqt0yGBsps8NGvLSGW804QQqCUYYLsaOjTVHy1Ocw4=
|
||||||
|
github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
||||||
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
|
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
|
||||||
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||||
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
|
golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876 h1:sKJQZMuxjOAR/Uo2LBfU90onWEf1dF4C+0hPJCc9Mpc=
|
||||||
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 h1:ACG4HJsFiNMf47Y4PeRoebLNy/2lXT9EtprMuTFWt1M=
|
|
||||||
golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
|
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g=
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 h1:efeOvDhwQ29Dj3SdAV/MJf8oukgn+8D8WgaCaRMchF8=
|
||||||
golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
|
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e h1:vcxGaoTs7kV8m5Np9uUNQin4BrLOthgV7252N8V+FwY=
|
||||||
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||||
@ -109,9 +114,9 @@ golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7w
|
|||||||
golang.org/x/sys v0.0.0-20190515120540-06a5c4944438/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190515120540-06a5c4944438/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
|
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
|
||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M=
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8 h1:JA8d3MPx/IToSyXZG/RhwYEtfrKO1Fxrqe8KrkiLXKM=
|
||||||
golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
|
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
|
||||||
|
4
vendor/github.com/dgrijalva/jwt-go/.gitignore
generated
vendored
Normal file
4
vendor/github.com/dgrijalva/jwt-go/.gitignore
generated
vendored
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
.DS_Store
|
||||||
|
bin
|
||||||
|
|
||||||
|
|
13
vendor/github.com/dgrijalva/jwt-go/.travis.yml
generated
vendored
Normal file
13
vendor/github.com/dgrijalva/jwt-go/.travis.yml
generated
vendored
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
language: go
|
||||||
|
|
||||||
|
script:
|
||||||
|
- go vet ./...
|
||||||
|
- go test -v ./...
|
||||||
|
|
||||||
|
go:
|
||||||
|
- 1.3
|
||||||
|
- 1.4
|
||||||
|
- 1.5
|
||||||
|
- 1.6
|
||||||
|
- 1.7
|
||||||
|
- tip
|
8
vendor/github.com/dgrijalva/jwt-go/LICENSE
generated
vendored
Normal file
8
vendor/github.com/dgrijalva/jwt-go/LICENSE
generated
vendored
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
Copyright (c) 2012 Dave Grijalva
|
||||||
|
|
||||||
|
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
||||||
|
|
||||||
|
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
||||||
|
|
||||||
|
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
||||||
|
|
97
vendor/github.com/dgrijalva/jwt-go/MIGRATION_GUIDE.md
generated
vendored
Normal file
97
vendor/github.com/dgrijalva/jwt-go/MIGRATION_GUIDE.md
generated
vendored
Normal file
@ -0,0 +1,97 @@
|
|||||||
|
## Migration Guide from v2 -> v3
|
||||||
|
|
||||||
|
Version 3 adds several new, frequently requested features. To do so, it introduces a few breaking changes. We've worked to keep these as minimal as possible. This guide explains the breaking changes and how you can quickly update your code.
|
||||||
|
|
||||||
|
### `Token.Claims` is now an interface type
|
||||||
|
|
||||||
|
The most requested feature from the 2.0 verison of this library was the ability to provide a custom type to the JSON parser for claims. This was implemented by introducing a new interface, `Claims`, to replace `map[string]interface{}`. We also included two concrete implementations of `Claims`: `MapClaims` and `StandardClaims`.
|
||||||
|
|
||||||
|
`MapClaims` is an alias for `map[string]interface{}` with built in validation behavior. It is the default claims type when using `Parse`. The usage is unchanged except you must type cast the claims property.
|
||||||
|
|
||||||
|
The old example for parsing a token looked like this..
|
||||||
|
|
||||||
|
```go
|
||||||
|
if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil {
|
||||||
|
fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"])
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
is now directly mapped to...
|
||||||
|
|
||||||
|
```go
|
||||||
|
if token, err := jwt.Parse(tokenString, keyLookupFunc); err == nil {
|
||||||
|
claims := token.Claims.(jwt.MapClaims)
|
||||||
|
fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"])
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
`StandardClaims` is designed to be embedded in your custom type. You can supply a custom claims type with the new `ParseWithClaims` function. Here's an example of using a custom claims type.
|
||||||
|
|
||||||
|
```go
|
||||||
|
type MyCustomClaims struct {
|
||||||
|
User string
|
||||||
|
*StandardClaims
|
||||||
|
}
|
||||||
|
|
||||||
|
if token, err := jwt.ParseWithClaims(tokenString, &MyCustomClaims{}, keyLookupFunc); err == nil {
|
||||||
|
claims := token.Claims.(*MyCustomClaims)
|
||||||
|
fmt.Printf("Token for user %v expires %v", claims.User, claims.StandardClaims.ExpiresAt)
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
### `ParseFromRequest` has been moved
|
||||||
|
|
||||||
|
To keep this library focused on the tokens without becoming overburdened with complex request processing logic, `ParseFromRequest` and its new companion `ParseFromRequestWithClaims` have been moved to a subpackage, `request`. The method signatues have also been augmented to receive a new argument: `Extractor`.
|
||||||
|
|
||||||
|
`Extractors` do the work of picking the token string out of a request. The interface is simple and composable.
|
||||||
|
|
||||||
|
This simple parsing example:
|
||||||
|
|
||||||
|
```go
|
||||||
|
if token, err := jwt.ParseFromRequest(tokenString, req, keyLookupFunc); err == nil {
|
||||||
|
fmt.Printf("Token for user %v expires %v", token.Claims["user"], token.Claims["exp"])
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
is directly mapped to:
|
||||||
|
|
||||||
|
```go
|
||||||
|
if token, err := request.ParseFromRequest(req, request.OAuth2Extractor, keyLookupFunc); err == nil {
|
||||||
|
claims := token.Claims.(jwt.MapClaims)
|
||||||
|
fmt.Printf("Token for user %v expires %v", claims["user"], claims["exp"])
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
There are several concrete `Extractor` types provided for your convenience:
|
||||||
|
|
||||||
|
* `HeaderExtractor` will search a list of headers until one contains content.
|
||||||
|
* `ArgumentExtractor` will search a list of keys in request query and form arguments until one contains content.
|
||||||
|
* `MultiExtractor` will try a list of `Extractors` in order until one returns content.
|
||||||
|
* `AuthorizationHeaderExtractor` will look in the `Authorization` header for a `Bearer` token.
|
||||||
|
* `OAuth2Extractor` searches the places an OAuth2 token would be specified (per the spec): `Authorization` header and `access_token` argument
|
||||||
|
* `PostExtractionFilter` wraps an `Extractor`, allowing you to process the content before it's parsed. A simple example is stripping the `Bearer ` text from a header
|
||||||
|
|
||||||
|
|
||||||
|
### RSA signing methods no longer accept `[]byte` keys
|
||||||
|
|
||||||
|
Due to a [critical vulnerability](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/), we've decided the convenience of accepting `[]byte` instead of `rsa.PublicKey` or `rsa.PrivateKey` isn't worth the risk of misuse.
|
||||||
|
|
||||||
|
To replace this behavior, we've added two helper methods: `ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error)` and `ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error)`. These are just simple helpers for unpacking PEM encoded PKCS1 and PKCS8 keys. If your keys are encoded any other way, all you need to do is convert them to the `crypto/rsa` package's types.
|
||||||
|
|
||||||
|
```go
|
||||||
|
func keyLookupFunc(*Token) (interface{}, error) {
|
||||||
|
// Don't forget to validate the alg is what you expect:
|
||||||
|
if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
|
||||||
|
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
|
||||||
|
}
|
||||||
|
|
||||||
|
// Look up key
|
||||||
|
key, err := lookupPublicKey(token.Header["kid"])
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Unpack key from PEM encoded PKCS8
|
||||||
|
return jwt.ParseRSAPublicKeyFromPEM(key)
|
||||||
|
}
|
||||||
|
```
|
100
vendor/github.com/dgrijalva/jwt-go/README.md
generated
vendored
Normal file
100
vendor/github.com/dgrijalva/jwt-go/README.md
generated
vendored
Normal file
@ -0,0 +1,100 @@
|
|||||||
|
# jwt-go
|
||||||
|
|
||||||
|
[![Build Status](https://travis-ci.org/dgrijalva/jwt-go.svg?branch=master)](https://travis-ci.org/dgrijalva/jwt-go)
|
||||||
|
[![GoDoc](https://godoc.org/github.com/dgrijalva/jwt-go?status.svg)](https://godoc.org/github.com/dgrijalva/jwt-go)
|
||||||
|
|
||||||
|
A [go](http://www.golang.org) (or 'golang' for search engine friendliness) implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html)
|
||||||
|
|
||||||
|
**NEW VERSION COMING:** There have been a lot of improvements suggested since the version 3.0.0 released in 2016. I'm working now on cutting two different releases: 3.2.0 will contain any non-breaking changes or enhancements. 4.0.0 will follow shortly which will include breaking changes. See the 4.0.0 milestone to get an idea of what's coming. If you have other ideas, or would like to participate in 4.0.0, now's the time. If you depend on this library and don't want to be interrupted, I recommend you use your dependency mangement tool to pin to version 3.
|
||||||
|
|
||||||
|
**SECURITY NOTICE:** Some older versions of Go have a security issue in the cryotp/elliptic. Recommendation is to upgrade to at least 1.8.3. See issue #216 for more detail.
|
||||||
|
|
||||||
|
**SECURITY NOTICE:** It's important that you [validate the `alg` presented is what you expect](https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/). This library attempts to make it easy to do the right thing by requiring key types match the expected alg, but you should take the extra step to verify it in your usage. See the examples provided.
|
||||||
|
|
||||||
|
## What the heck is a JWT?
|
||||||
|
|
||||||
|
JWT.io has [a great introduction](https://jwt.io/introduction) to JSON Web Tokens.
|
||||||
|
|
||||||
|
In short, it's a signed JSON object that does something useful (for example, authentication). It's commonly used for `Bearer` tokens in Oauth 2. A token is made of three parts, separated by `.`'s. The first two parts are JSON objects, that have been [base64url](http://tools.ietf.org/html/rfc4648) encoded. The last part is the signature, encoded the same way.
|
||||||
|
|
||||||
|
The first part is called the header. It contains the necessary information for verifying the last part, the signature. For example, which encryption method was used for signing and what key was used.
|
||||||
|
|
||||||
|
The part in the middle is the interesting bit. It's called the Claims and contains the actual stuff you care about. Refer to [the RFC](http://self-issued.info/docs/draft-jones-json-web-token.html) for information about reserved keys and the proper way to add your own.
|
||||||
|
|
||||||
|
## What's in the box?
|
||||||
|
|
||||||
|
This library supports the parsing and verification as well as the generation and signing of JWTs. Current supported signing algorithms are HMAC SHA, RSA, RSA-PSS, and ECDSA, though hooks are present for adding your own.
|
||||||
|
|
||||||
|
## Examples
|
||||||
|
|
||||||
|
See [the project documentation](https://godoc.org/github.com/dgrijalva/jwt-go) for examples of usage:
|
||||||
|
|
||||||
|
* [Simple example of parsing and validating a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-Parse--Hmac)
|
||||||
|
* [Simple example of building and signing a token](https://godoc.org/github.com/dgrijalva/jwt-go#example-New--Hmac)
|
||||||
|
* [Directory of Examples](https://godoc.org/github.com/dgrijalva/jwt-go#pkg-examples)
|
||||||
|
|
||||||
|
## Extensions
|
||||||
|
|
||||||
|
This library publishes all the necessary components for adding your own signing methods. Simply implement the `SigningMethod` interface and register a factory method using `RegisterSigningMethod`.
|
||||||
|
|
||||||
|
Here's an example of an extension that integrates with the Google App Engine signing tools: https://github.com/someone1/gcp-jwt-go
|
||||||
|
|
||||||
|
## Compliance
|
||||||
|
|
||||||
|
This library was last reviewed to comply with [RTF 7519](http://www.rfc-editor.org/info/rfc7519) dated May 2015 with a few notable differences:
|
||||||
|
|
||||||
|
* In order to protect against accidental use of [Unsecured JWTs](http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#UnsecuredJWT), tokens using `alg=none` will only be accepted if the constant `jwt.UnsafeAllowNoneSignatureType` is provided as the key.
|
||||||
|
|
||||||
|
## Project Status & Versioning
|
||||||
|
|
||||||
|
This library is considered production ready. Feedback and feature requests are appreciated. The API should be considered stable. There should be very few backwards-incompatible changes outside of major version updates (and only with good reason).
|
||||||
|
|
||||||
|
This project uses [Semantic Versioning 2.0.0](http://semver.org). Accepted pull requests will land on `master`. Periodically, versions will be tagged from `master`. You can find all the releases on [the project releases page](https://github.com/dgrijalva/jwt-go/releases).
|
||||||
|
|
||||||
|
While we try to make it obvious when we make breaking changes, there isn't a great mechanism for pushing announcements out to users. You may want to use this alternative package include: `gopkg.in/dgrijalva/jwt-go.v3`. It will do the right thing WRT semantic versioning.
|
||||||
|
|
||||||
|
**BREAKING CHANGES:***
|
||||||
|
* Version 3.0.0 includes _a lot_ of changes from the 2.x line, including a few that break the API. We've tried to break as few things as possible, so there should just be a few type signature changes. A full list of breaking changes is available in `VERSION_HISTORY.md`. See `MIGRATION_GUIDE.md` for more information on updating your code.
|
||||||
|
|
||||||
|
## Usage Tips
|
||||||
|
|
||||||
|
### Signing vs Encryption
|
||||||
|
|
||||||
|
A token is simply a JSON object that is signed by its author. this tells you exactly two things about the data:
|
||||||
|
|
||||||
|
* The author of the token was in the possession of the signing secret
|
||||||
|
* The data has not been modified since it was signed
|
||||||
|
|
||||||
|
It's important to know that JWT does not provide encryption, which means anyone who has access to the token can read its contents. If you need to protect (encrypt) the data, there is a companion spec, `JWE`, that provides this functionality. JWE is currently outside the scope of this library.
|
||||||
|
|
||||||
|
### Choosing a Signing Method
|
||||||
|
|
||||||
|
There are several signing methods available, and you should probably take the time to learn about the various options before choosing one. The principal design decision is most likely going to be symmetric vs asymmetric.
|
||||||
|
|
||||||
|
Symmetric signing methods, such as HSA, use only a single secret. This is probably the simplest signing method to use since any `[]byte` can be used as a valid secret. They are also slightly computationally faster to use, though this rarely is enough to matter. Symmetric signing methods work the best when both producers and consumers of tokens are trusted, or even the same system. Since the same secret is used to both sign and validate tokens, you can't easily distribute the key for validation.
|
||||||
|
|
||||||
|
Asymmetric signing methods, such as RSA, use different keys for signing and verifying tokens. This makes it possible to produce tokens with a private key, and allow any consumer to access the public key for verification.
|
||||||
|
|
||||||
|
### Signing Methods and Key Types
|
||||||
|
|
||||||
|
Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones:
|
||||||
|
|
||||||
|
* The [HMAC signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation
|
||||||
|
* The [RSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation
|
||||||
|
* The [ECDSA signing method](https://godoc.org/github.com/dgrijalva/jwt-go#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation
|
||||||
|
|
||||||
|
### JWT and OAuth
|
||||||
|
|
||||||
|
It's worth mentioning that OAuth and JWT are not the same thing. A JWT token is simply a signed JSON object. It can be used anywhere such a thing is useful. There is some confusion, though, as JWT is the most common type of bearer token used in OAuth2 authentication.
|
||||||
|
|
||||||
|
Without going too far down the rabbit hole, here's a description of the interaction of these technologies:
|
||||||
|
|
||||||
|
* OAuth is a protocol for allowing an identity provider to be separate from the service a user is logging in to. For example, whenever you use Facebook to log into a different service (Yelp, Spotify, etc), you are using OAuth.
|
||||||
|
* OAuth defines several options for passing around authentication data. One popular method is called a "bearer token". A bearer token is simply a string that _should_ only be held by an authenticated user. Thus, simply presenting this token proves your identity. You can probably derive from here why a JWT might make a good bearer token.
|
||||||
|
* Because bearer tokens are used for authentication, it's important they're kept secret. This is why transactions that use bearer tokens typically happen over SSL.
|
||||||
|
|
||||||
|
## More
|
||||||
|
|
||||||
|
Documentation can be found [on godoc.org](http://godoc.org/github.com/dgrijalva/jwt-go).
|
||||||
|
|
||||||
|
The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation.
|
118
vendor/github.com/dgrijalva/jwt-go/VERSION_HISTORY.md
generated
vendored
Normal file
118
vendor/github.com/dgrijalva/jwt-go/VERSION_HISTORY.md
generated
vendored
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
## `jwt-go` Version History
|
||||||
|
|
||||||
|
#### 3.2.0
|
||||||
|
|
||||||
|
* Added method `ParseUnverified` to allow users to split up the tasks of parsing and validation
|
||||||
|
* HMAC signing method returns `ErrInvalidKeyType` instead of `ErrInvalidKey` where appropriate
|
||||||
|
* Added options to `request.ParseFromRequest`, which allows for an arbitrary list of modifiers to parsing behavior. Initial set include `WithClaims` and `WithParser`. Existing usage of this function will continue to work as before.
|
||||||
|
* Deprecated `ParseFromRequestWithClaims` to simplify API in the future.
|
||||||
|
|
||||||
|
#### 3.1.0
|
||||||
|
|
||||||
|
* Improvements to `jwt` command line tool
|
||||||
|
* Added `SkipClaimsValidation` option to `Parser`
|
||||||
|
* Documentation updates
|
||||||
|
|
||||||
|
#### 3.0.0
|
||||||
|
|
||||||
|
* **Compatibility Breaking Changes**: See MIGRATION_GUIDE.md for tips on updating your code
|
||||||
|
* Dropped support for `[]byte` keys when using RSA signing methods. This convenience feature could contribute to security vulnerabilities involving mismatched key types with signing methods.
|
||||||
|
* `ParseFromRequest` has been moved to `request` subpackage and usage has changed
|
||||||
|
* The `Claims` property on `Token` is now type `Claims` instead of `map[string]interface{}`. The default value is type `MapClaims`, which is an alias to `map[string]interface{}`. This makes it possible to use a custom type when decoding claims.
|
||||||
|
* Other Additions and Changes
|
||||||
|
* Added `Claims` interface type to allow users to decode the claims into a custom type
|
||||||
|
* Added `ParseWithClaims`, which takes a third argument of type `Claims`. Use this function instead of `Parse` if you have a custom type you'd like to decode into.
|
||||||
|
* Dramatically improved the functionality and flexibility of `ParseFromRequest`, which is now in the `request` subpackage
|
||||||
|
* Added `ParseFromRequestWithClaims` which is the `FromRequest` equivalent of `ParseWithClaims`
|
||||||
|
* Added new interface type `Extractor`, which is used for extracting JWT strings from http requests. Used with `ParseFromRequest` and `ParseFromRequestWithClaims`.
|
||||||
|
* Added several new, more specific, validation errors to error type bitmask
|
||||||
|
* Moved examples from README to executable example files
|
||||||
|
* Signing method registry is now thread safe
|
||||||
|
* Added new property to `ValidationError`, which contains the raw error returned by calls made by parse/verify (such as those returned by keyfunc or json parser)
|
||||||
|
|
||||||
|
#### 2.7.0
|
||||||
|
|
||||||
|
This will likely be the last backwards compatible release before 3.0.0, excluding essential bug fixes.
|
||||||
|
|
||||||
|
* Added new option `-show` to the `jwt` command that will just output the decoded token without verifying
|
||||||
|
* Error text for expired tokens includes how long it's been expired
|
||||||
|
* Fixed incorrect error returned from `ParseRSAPublicKeyFromPEM`
|
||||||
|
* Documentation updates
|
||||||
|
|
||||||
|
#### 2.6.0
|
||||||
|
|
||||||
|
* Exposed inner error within ValidationError
|
||||||
|
* Fixed validation errors when using UseJSONNumber flag
|
||||||
|
* Added several unit tests
|
||||||
|
|
||||||
|
#### 2.5.0
|
||||||
|
|
||||||
|
* Added support for signing method none. You shouldn't use this. The API tries to make this clear.
|
||||||
|
* Updated/fixed some documentation
|
||||||
|
* Added more helpful error message when trying to parse tokens that begin with `BEARER `
|
||||||
|
|
||||||
|
#### 2.4.0
|
||||||
|
|
||||||
|
* Added new type, Parser, to allow for configuration of various parsing parameters
|
||||||
|
* You can now specify a list of valid signing methods. Anything outside this set will be rejected.
|
||||||
|
* You can now opt to use the `json.Number` type instead of `float64` when parsing token JSON
|
||||||
|
* Added support for [Travis CI](https://travis-ci.org/dgrijalva/jwt-go)
|
||||||
|
* Fixed some bugs with ECDSA parsing
|
||||||
|
|
||||||
|
#### 2.3.0
|
||||||
|
|
||||||
|
* Added support for ECDSA signing methods
|
||||||
|
* Added support for RSA PSS signing methods (requires go v1.4)
|
||||||
|
|
||||||
|
#### 2.2.0
|
||||||
|
|
||||||
|
* Gracefully handle a `nil` `Keyfunc` being passed to `Parse`. Result will now be the parsed token and an error, instead of a panic.
|
||||||
|
|
||||||
|
#### 2.1.0
|
||||||
|
|
||||||
|
Backwards compatible API change that was missed in 2.0.0.
|
||||||
|
|
||||||
|
* The `SignedString` method on `Token` now takes `interface{}` instead of `[]byte`
|
||||||
|
|
||||||
|
#### 2.0.0
|
||||||
|
|
||||||
|
There were two major reasons for breaking backwards compatibility with this update. The first was a refactor required to expand the width of the RSA and HMAC-SHA signing implementations. There will likely be no required code changes to support this change.
|
||||||
|
|
||||||
|
The second update, while unfortunately requiring a small change in integration, is required to open up this library to other signing methods. Not all keys used for all signing methods have a single standard on-disk representation. Requiring `[]byte` as the type for all keys proved too limiting. Additionally, this implementation allows for pre-parsed tokens to be reused, which might matter in an application that parses a high volume of tokens with a small set of keys. Backwards compatibilty has been maintained for passing `[]byte` to the RSA signing methods, but they will also accept `*rsa.PublicKey` and `*rsa.PrivateKey`.
|
||||||
|
|
||||||
|
It is likely the only integration change required here will be to change `func(t *jwt.Token) ([]byte, error)` to `func(t *jwt.Token) (interface{}, error)` when calling `Parse`.
|
||||||
|
|
||||||
|
* **Compatibility Breaking Changes**
|
||||||
|
* `SigningMethodHS256` is now `*SigningMethodHMAC` instead of `type struct`
|
||||||
|
* `SigningMethodRS256` is now `*SigningMethodRSA` instead of `type struct`
|
||||||
|
* `KeyFunc` now returns `interface{}` instead of `[]byte`
|
||||||
|
* `SigningMethod.Sign` now takes `interface{}` instead of `[]byte` for the key
|
||||||
|
* `SigningMethod.Verify` now takes `interface{}` instead of `[]byte` for the key
|
||||||
|
* Renamed type `SigningMethodHS256` to `SigningMethodHMAC`. Specific sizes are now just instances of this type.
|
||||||
|
* Added public package global `SigningMethodHS256`
|
||||||
|
* Added public package global `SigningMethodHS384`
|
||||||
|
* Added public package global `SigningMethodHS512`
|
||||||
|
* Renamed type `SigningMethodRS256` to `SigningMethodRSA`. Specific sizes are now just instances of this type.
|
||||||
|
* Added public package global `SigningMethodRS256`
|
||||||
|
* Added public package global `SigningMethodRS384`
|
||||||
|
* Added public package global `SigningMethodRS512`
|
||||||
|
* Moved sample private key for HMAC tests from an inline value to a file on disk. Value is unchanged.
|
||||||
|
* Refactored the RSA implementation to be easier to read
|
||||||
|
* Exposed helper methods `ParseRSAPrivateKeyFromPEM` and `ParseRSAPublicKeyFromPEM`
|
||||||
|
|
||||||
|
#### 1.0.2
|
||||||
|
|
||||||
|
* Fixed bug in parsing public keys from certificates
|
||||||
|
* Added more tests around the parsing of keys for RS256
|
||||||
|
* Code refactoring in RS256 implementation. No functional changes
|
||||||
|
|
||||||
|
#### 1.0.1
|
||||||
|
|
||||||
|
* Fixed panic if RS256 signing method was passed an invalid key
|
||||||
|
|
||||||
|
#### 1.0.0
|
||||||
|
|
||||||
|
* First versioned release
|
||||||
|
* API stabilized
|
||||||
|
* Supports creating, signing, parsing, and validating JWT tokens
|
||||||
|
* Supports RS256 and HS256 signing methods
|
134
vendor/github.com/dgrijalva/jwt-go/claims.go
generated
vendored
Normal file
134
vendor/github.com/dgrijalva/jwt-go/claims.go
generated
vendored
Normal file
@ -0,0 +1,134 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/subtle"
|
||||||
|
"fmt"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// For a type to be a Claims object, it must just have a Valid method that determines
|
||||||
|
// if the token is invalid for any supported reason
|
||||||
|
type Claims interface {
|
||||||
|
Valid() error
|
||||||
|
}
|
||||||
|
|
||||||
|
// Structured version of Claims Section, as referenced at
|
||||||
|
// https://tools.ietf.org/html/rfc7519#section-4.1
|
||||||
|
// See examples for how to use this with your own claim types
|
||||||
|
type StandardClaims struct {
|
||||||
|
Audience string `json:"aud,omitempty"`
|
||||||
|
ExpiresAt int64 `json:"exp,omitempty"`
|
||||||
|
Id string `json:"jti,omitempty"`
|
||||||
|
IssuedAt int64 `json:"iat,omitempty"`
|
||||||
|
Issuer string `json:"iss,omitempty"`
|
||||||
|
NotBefore int64 `json:"nbf,omitempty"`
|
||||||
|
Subject string `json:"sub,omitempty"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validates time based claims "exp, iat, nbf".
|
||||||
|
// There is no accounting for clock skew.
|
||||||
|
// As well, if any of the above claims are not in the token, it will still
|
||||||
|
// be considered a valid claim.
|
||||||
|
func (c StandardClaims) Valid() error {
|
||||||
|
vErr := new(ValidationError)
|
||||||
|
now := TimeFunc().Unix()
|
||||||
|
|
||||||
|
// The claims below are optional, by default, so if they are set to the
|
||||||
|
// default value in Go, let's not fail the verification for them.
|
||||||
|
if c.VerifyExpiresAt(now, false) == false {
|
||||||
|
delta := time.Unix(now, 0).Sub(time.Unix(c.ExpiresAt, 0))
|
||||||
|
vErr.Inner = fmt.Errorf("token is expired by %v", delta)
|
||||||
|
vErr.Errors |= ValidationErrorExpired
|
||||||
|
}
|
||||||
|
|
||||||
|
if c.VerifyIssuedAt(now, false) == false {
|
||||||
|
vErr.Inner = fmt.Errorf("Token used before issued")
|
||||||
|
vErr.Errors |= ValidationErrorIssuedAt
|
||||||
|
}
|
||||||
|
|
||||||
|
if c.VerifyNotBefore(now, false) == false {
|
||||||
|
vErr.Inner = fmt.Errorf("token is not valid yet")
|
||||||
|
vErr.Errors |= ValidationErrorNotValidYet
|
||||||
|
}
|
||||||
|
|
||||||
|
if vErr.valid() {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return vErr
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the aud claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (c *StandardClaims) VerifyAudience(cmp string, req bool) bool {
|
||||||
|
return verifyAud(c.Audience, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the exp claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (c *StandardClaims) VerifyExpiresAt(cmp int64, req bool) bool {
|
||||||
|
return verifyExp(c.ExpiresAt, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the iat claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (c *StandardClaims) VerifyIssuedAt(cmp int64, req bool) bool {
|
||||||
|
return verifyIat(c.IssuedAt, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the iss claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (c *StandardClaims) VerifyIssuer(cmp string, req bool) bool {
|
||||||
|
return verifyIss(c.Issuer, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the nbf claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (c *StandardClaims) VerifyNotBefore(cmp int64, req bool) bool {
|
||||||
|
return verifyNbf(c.NotBefore, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ----- helpers
|
||||||
|
|
||||||
|
func verifyAud(aud string, cmp string, required bool) bool {
|
||||||
|
if aud == "" {
|
||||||
|
return !required
|
||||||
|
}
|
||||||
|
if subtle.ConstantTimeCompare([]byte(aud), []byte(cmp)) != 0 {
|
||||||
|
return true
|
||||||
|
} else {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func verifyExp(exp int64, now int64, required bool) bool {
|
||||||
|
if exp == 0 {
|
||||||
|
return !required
|
||||||
|
}
|
||||||
|
return now <= exp
|
||||||
|
}
|
||||||
|
|
||||||
|
func verifyIat(iat int64, now int64, required bool) bool {
|
||||||
|
if iat == 0 {
|
||||||
|
return !required
|
||||||
|
}
|
||||||
|
return now >= iat
|
||||||
|
}
|
||||||
|
|
||||||
|
func verifyIss(iss string, cmp string, required bool) bool {
|
||||||
|
if iss == "" {
|
||||||
|
return !required
|
||||||
|
}
|
||||||
|
if subtle.ConstantTimeCompare([]byte(iss), []byte(cmp)) != 0 {
|
||||||
|
return true
|
||||||
|
} else {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func verifyNbf(nbf int64, now int64, required bool) bool {
|
||||||
|
if nbf == 0 {
|
||||||
|
return !required
|
||||||
|
}
|
||||||
|
return now >= nbf
|
||||||
|
}
|
4
vendor/github.com/dgrijalva/jwt-go/doc.go
generated
vendored
Normal file
4
vendor/github.com/dgrijalva/jwt-go/doc.go
generated
vendored
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
// Package jwt is a Go implementation of JSON Web Tokens: http://self-issued.info/docs/draft-jones-json-web-token.html
|
||||||
|
//
|
||||||
|
// See README.md for more info.
|
||||||
|
package jwt
|
148
vendor/github.com/dgrijalva/jwt-go/ecdsa.go
generated
vendored
Normal file
148
vendor/github.com/dgrijalva/jwt-go/ecdsa.go
generated
vendored
Normal file
@ -0,0 +1,148 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto"
|
||||||
|
"crypto/ecdsa"
|
||||||
|
"crypto/rand"
|
||||||
|
"errors"
|
||||||
|
"math/big"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// Sadly this is missing from crypto/ecdsa compared to crypto/rsa
|
||||||
|
ErrECDSAVerification = errors.New("crypto/ecdsa: verification error")
|
||||||
|
)
|
||||||
|
|
||||||
|
// Implements the ECDSA family of signing methods signing methods
|
||||||
|
// Expects *ecdsa.PrivateKey for signing and *ecdsa.PublicKey for verification
|
||||||
|
type SigningMethodECDSA struct {
|
||||||
|
Name string
|
||||||
|
Hash crypto.Hash
|
||||||
|
KeySize int
|
||||||
|
CurveBits int
|
||||||
|
}
|
||||||
|
|
||||||
|
// Specific instances for EC256 and company
|
||||||
|
var (
|
||||||
|
SigningMethodES256 *SigningMethodECDSA
|
||||||
|
SigningMethodES384 *SigningMethodECDSA
|
||||||
|
SigningMethodES512 *SigningMethodECDSA
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// ES256
|
||||||
|
SigningMethodES256 = &SigningMethodECDSA{"ES256", crypto.SHA256, 32, 256}
|
||||||
|
RegisterSigningMethod(SigningMethodES256.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodES256
|
||||||
|
})
|
||||||
|
|
||||||
|
// ES384
|
||||||
|
SigningMethodES384 = &SigningMethodECDSA{"ES384", crypto.SHA384, 48, 384}
|
||||||
|
RegisterSigningMethod(SigningMethodES384.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodES384
|
||||||
|
})
|
||||||
|
|
||||||
|
// ES512
|
||||||
|
SigningMethodES512 = &SigningMethodECDSA{"ES512", crypto.SHA512, 66, 521}
|
||||||
|
RegisterSigningMethod(SigningMethodES512.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodES512
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *SigningMethodECDSA) Alg() string {
|
||||||
|
return m.Name
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Verify method from SigningMethod
|
||||||
|
// For this verify method, key must be an ecdsa.PublicKey struct
|
||||||
|
func (m *SigningMethodECDSA) Verify(signingString, signature string, key interface{}) error {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Decode the signature
|
||||||
|
var sig []byte
|
||||||
|
if sig, err = DecodeSegment(signature); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the key
|
||||||
|
var ecdsaKey *ecdsa.PublicKey
|
||||||
|
switch k := key.(type) {
|
||||||
|
case *ecdsa.PublicKey:
|
||||||
|
ecdsaKey = k
|
||||||
|
default:
|
||||||
|
return ErrInvalidKeyType
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(sig) != 2*m.KeySize {
|
||||||
|
return ErrECDSAVerification
|
||||||
|
}
|
||||||
|
|
||||||
|
r := big.NewInt(0).SetBytes(sig[:m.KeySize])
|
||||||
|
s := big.NewInt(0).SetBytes(sig[m.KeySize:])
|
||||||
|
|
||||||
|
// Create hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return ErrHashUnavailable
|
||||||
|
}
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
// Verify the signature
|
||||||
|
if verifystatus := ecdsa.Verify(ecdsaKey, hasher.Sum(nil), r, s); verifystatus == true {
|
||||||
|
return nil
|
||||||
|
} else {
|
||||||
|
return ErrECDSAVerification
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Sign method from SigningMethod
|
||||||
|
// For this signing method, key must be an ecdsa.PrivateKey struct
|
||||||
|
func (m *SigningMethodECDSA) Sign(signingString string, key interface{}) (string, error) {
|
||||||
|
// Get the key
|
||||||
|
var ecdsaKey *ecdsa.PrivateKey
|
||||||
|
switch k := key.(type) {
|
||||||
|
case *ecdsa.PrivateKey:
|
||||||
|
ecdsaKey = k
|
||||||
|
default:
|
||||||
|
return "", ErrInvalidKeyType
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create the hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return "", ErrHashUnavailable
|
||||||
|
}
|
||||||
|
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
// Sign the string and return r, s
|
||||||
|
if r, s, err := ecdsa.Sign(rand.Reader, ecdsaKey, hasher.Sum(nil)); err == nil {
|
||||||
|
curveBits := ecdsaKey.Curve.Params().BitSize
|
||||||
|
|
||||||
|
if m.CurveBits != curveBits {
|
||||||
|
return "", ErrInvalidKey
|
||||||
|
}
|
||||||
|
|
||||||
|
keyBytes := curveBits / 8
|
||||||
|
if curveBits%8 > 0 {
|
||||||
|
keyBytes += 1
|
||||||
|
}
|
||||||
|
|
||||||
|
// We serialize the outpus (r and s) into big-endian byte arrays and pad
|
||||||
|
// them with zeros on the left to make sure the sizes work out. Both arrays
|
||||||
|
// must be keyBytes long, and the output must be 2*keyBytes long.
|
||||||
|
rBytes := r.Bytes()
|
||||||
|
rBytesPadded := make([]byte, keyBytes)
|
||||||
|
copy(rBytesPadded[keyBytes-len(rBytes):], rBytes)
|
||||||
|
|
||||||
|
sBytes := s.Bytes()
|
||||||
|
sBytesPadded := make([]byte, keyBytes)
|
||||||
|
copy(sBytesPadded[keyBytes-len(sBytes):], sBytes)
|
||||||
|
|
||||||
|
out := append(rBytesPadded, sBytesPadded...)
|
||||||
|
|
||||||
|
return EncodeSegment(out), nil
|
||||||
|
} else {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
}
|
67
vendor/github.com/dgrijalva/jwt-go/ecdsa_utils.go
generated
vendored
Normal file
67
vendor/github.com/dgrijalva/jwt-go/ecdsa_utils.go
generated
vendored
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/ecdsa"
|
||||||
|
"crypto/x509"
|
||||||
|
"encoding/pem"
|
||||||
|
"errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ErrNotECPublicKey = errors.New("Key is not a valid ECDSA public key")
|
||||||
|
ErrNotECPrivateKey = errors.New("Key is not a valid ECDSA private key")
|
||||||
|
)
|
||||||
|
|
||||||
|
// Parse PEM encoded Elliptic Curve Private Key Structure
|
||||||
|
func ParseECPrivateKeyFromPEM(key []byte) (*ecdsa.PrivateKey, error) {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Parse PEM block
|
||||||
|
var block *pem.Block
|
||||||
|
if block, _ = pem.Decode(key); block == nil {
|
||||||
|
return nil, ErrKeyMustBePEMEncoded
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse the key
|
||||||
|
var parsedKey interface{}
|
||||||
|
if parsedKey, err = x509.ParseECPrivateKey(block.Bytes); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
var pkey *ecdsa.PrivateKey
|
||||||
|
var ok bool
|
||||||
|
if pkey, ok = parsedKey.(*ecdsa.PrivateKey); !ok {
|
||||||
|
return nil, ErrNotECPrivateKey
|
||||||
|
}
|
||||||
|
|
||||||
|
return pkey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse PEM encoded PKCS1 or PKCS8 public key
|
||||||
|
func ParseECPublicKeyFromPEM(key []byte) (*ecdsa.PublicKey, error) {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Parse PEM block
|
||||||
|
var block *pem.Block
|
||||||
|
if block, _ = pem.Decode(key); block == nil {
|
||||||
|
return nil, ErrKeyMustBePEMEncoded
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse the key
|
||||||
|
var parsedKey interface{}
|
||||||
|
if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil {
|
||||||
|
if cert, err := x509.ParseCertificate(block.Bytes); err == nil {
|
||||||
|
parsedKey = cert.PublicKey
|
||||||
|
} else {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var pkey *ecdsa.PublicKey
|
||||||
|
var ok bool
|
||||||
|
if pkey, ok = parsedKey.(*ecdsa.PublicKey); !ok {
|
||||||
|
return nil, ErrNotECPublicKey
|
||||||
|
}
|
||||||
|
|
||||||
|
return pkey, nil
|
||||||
|
}
|
59
vendor/github.com/dgrijalva/jwt-go/errors.go
generated
vendored
Normal file
59
vendor/github.com/dgrijalva/jwt-go/errors.go
generated
vendored
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Error constants
|
||||||
|
var (
|
||||||
|
ErrInvalidKey = errors.New("key is invalid")
|
||||||
|
ErrInvalidKeyType = errors.New("key is of invalid type")
|
||||||
|
ErrHashUnavailable = errors.New("the requested hash function is unavailable")
|
||||||
|
)
|
||||||
|
|
||||||
|
// The errors that might occur when parsing and validating a token
|
||||||
|
const (
|
||||||
|
ValidationErrorMalformed uint32 = 1 << iota // Token is malformed
|
||||||
|
ValidationErrorUnverifiable // Token could not be verified because of signing problems
|
||||||
|
ValidationErrorSignatureInvalid // Signature validation failed
|
||||||
|
|
||||||
|
// Standard Claim validation errors
|
||||||
|
ValidationErrorAudience // AUD validation failed
|
||||||
|
ValidationErrorExpired // EXP validation failed
|
||||||
|
ValidationErrorIssuedAt // IAT validation failed
|
||||||
|
ValidationErrorIssuer // ISS validation failed
|
||||||
|
ValidationErrorNotValidYet // NBF validation failed
|
||||||
|
ValidationErrorId // JTI validation failed
|
||||||
|
ValidationErrorClaimsInvalid // Generic claims validation error
|
||||||
|
)
|
||||||
|
|
||||||
|
// Helper for constructing a ValidationError with a string error message
|
||||||
|
func NewValidationError(errorText string, errorFlags uint32) *ValidationError {
|
||||||
|
return &ValidationError{
|
||||||
|
text: errorText,
|
||||||
|
Errors: errorFlags,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// The error from Parse if token is not valid
|
||||||
|
type ValidationError struct {
|
||||||
|
Inner error // stores the error returned by external dependencies, i.e.: KeyFunc
|
||||||
|
Errors uint32 // bitfield. see ValidationError... constants
|
||||||
|
text string // errors that do not have a valid error just have text
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validation error is an error type
|
||||||
|
func (e ValidationError) Error() string {
|
||||||
|
if e.Inner != nil {
|
||||||
|
return e.Inner.Error()
|
||||||
|
} else if e.text != "" {
|
||||||
|
return e.text
|
||||||
|
} else {
|
||||||
|
return "token is invalid"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// No errors
|
||||||
|
func (e *ValidationError) valid() bool {
|
||||||
|
return e.Errors == 0
|
||||||
|
}
|
95
vendor/github.com/dgrijalva/jwt-go/hmac.go
generated
vendored
Normal file
95
vendor/github.com/dgrijalva/jwt-go/hmac.go
generated
vendored
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto"
|
||||||
|
"crypto/hmac"
|
||||||
|
"errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Implements the HMAC-SHA family of signing methods signing methods
|
||||||
|
// Expects key type of []byte for both signing and validation
|
||||||
|
type SigningMethodHMAC struct {
|
||||||
|
Name string
|
||||||
|
Hash crypto.Hash
|
||||||
|
}
|
||||||
|
|
||||||
|
// Specific instances for HS256 and company
|
||||||
|
var (
|
||||||
|
SigningMethodHS256 *SigningMethodHMAC
|
||||||
|
SigningMethodHS384 *SigningMethodHMAC
|
||||||
|
SigningMethodHS512 *SigningMethodHMAC
|
||||||
|
ErrSignatureInvalid = errors.New("signature is invalid")
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// HS256
|
||||||
|
SigningMethodHS256 = &SigningMethodHMAC{"HS256", crypto.SHA256}
|
||||||
|
RegisterSigningMethod(SigningMethodHS256.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodHS256
|
||||||
|
})
|
||||||
|
|
||||||
|
// HS384
|
||||||
|
SigningMethodHS384 = &SigningMethodHMAC{"HS384", crypto.SHA384}
|
||||||
|
RegisterSigningMethod(SigningMethodHS384.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodHS384
|
||||||
|
})
|
||||||
|
|
||||||
|
// HS512
|
||||||
|
SigningMethodHS512 = &SigningMethodHMAC{"HS512", crypto.SHA512}
|
||||||
|
RegisterSigningMethod(SigningMethodHS512.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodHS512
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *SigningMethodHMAC) Alg() string {
|
||||||
|
return m.Name
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verify the signature of HSXXX tokens. Returns nil if the signature is valid.
|
||||||
|
func (m *SigningMethodHMAC) Verify(signingString, signature string, key interface{}) error {
|
||||||
|
// Verify the key is the right type
|
||||||
|
keyBytes, ok := key.([]byte)
|
||||||
|
if !ok {
|
||||||
|
return ErrInvalidKeyType
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decode signature, for comparison
|
||||||
|
sig, err := DecodeSegment(signature)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Can we use the specified hashing method?
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return ErrHashUnavailable
|
||||||
|
}
|
||||||
|
|
||||||
|
// This signing method is symmetric, so we validate the signature
|
||||||
|
// by reproducing the signature from the signing string and key, then
|
||||||
|
// comparing that against the provided signature.
|
||||||
|
hasher := hmac.New(m.Hash.New, keyBytes)
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
if !hmac.Equal(sig, hasher.Sum(nil)) {
|
||||||
|
return ErrSignatureInvalid
|
||||||
|
}
|
||||||
|
|
||||||
|
// No validation errors. Signature is good.
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Sign method from SigningMethod for this signing method.
|
||||||
|
// Key must be []byte
|
||||||
|
func (m *SigningMethodHMAC) Sign(signingString string, key interface{}) (string, error) {
|
||||||
|
if keyBytes, ok := key.([]byte); ok {
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return "", ErrHashUnavailable
|
||||||
|
}
|
||||||
|
|
||||||
|
hasher := hmac.New(m.Hash.New, keyBytes)
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
return EncodeSegment(hasher.Sum(nil)), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return "", ErrInvalidKeyType
|
||||||
|
}
|
94
vendor/github.com/dgrijalva/jwt-go/map_claims.go
generated
vendored
Normal file
94
vendor/github.com/dgrijalva/jwt-go/map_claims.go
generated
vendored
Normal file
@ -0,0 +1,94 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
// "fmt"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Claims type that uses the map[string]interface{} for JSON decoding
|
||||||
|
// This is the default claims type if you don't supply one
|
||||||
|
type MapClaims map[string]interface{}
|
||||||
|
|
||||||
|
// Compares the aud claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (m MapClaims) VerifyAudience(cmp string, req bool) bool {
|
||||||
|
aud, _ := m["aud"].(string)
|
||||||
|
return verifyAud(aud, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the exp claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (m MapClaims) VerifyExpiresAt(cmp int64, req bool) bool {
|
||||||
|
switch exp := m["exp"].(type) {
|
||||||
|
case float64:
|
||||||
|
return verifyExp(int64(exp), cmp, req)
|
||||||
|
case json.Number:
|
||||||
|
v, _ := exp.Int64()
|
||||||
|
return verifyExp(v, cmp, req)
|
||||||
|
}
|
||||||
|
return req == false
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the iat claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (m MapClaims) VerifyIssuedAt(cmp int64, req bool) bool {
|
||||||
|
switch iat := m["iat"].(type) {
|
||||||
|
case float64:
|
||||||
|
return verifyIat(int64(iat), cmp, req)
|
||||||
|
case json.Number:
|
||||||
|
v, _ := iat.Int64()
|
||||||
|
return verifyIat(v, cmp, req)
|
||||||
|
}
|
||||||
|
return req == false
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the iss claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (m MapClaims) VerifyIssuer(cmp string, req bool) bool {
|
||||||
|
iss, _ := m["iss"].(string)
|
||||||
|
return verifyIss(iss, cmp, req)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Compares the nbf claim against cmp.
|
||||||
|
// If required is false, this method will return true if the value matches or is unset
|
||||||
|
func (m MapClaims) VerifyNotBefore(cmp int64, req bool) bool {
|
||||||
|
switch nbf := m["nbf"].(type) {
|
||||||
|
case float64:
|
||||||
|
return verifyNbf(int64(nbf), cmp, req)
|
||||||
|
case json.Number:
|
||||||
|
v, _ := nbf.Int64()
|
||||||
|
return verifyNbf(v, cmp, req)
|
||||||
|
}
|
||||||
|
return req == false
|
||||||
|
}
|
||||||
|
|
||||||
|
// Validates time based claims "exp, iat, nbf".
|
||||||
|
// There is no accounting for clock skew.
|
||||||
|
// As well, if any of the above claims are not in the token, it will still
|
||||||
|
// be considered a valid claim.
|
||||||
|
func (m MapClaims) Valid() error {
|
||||||
|
vErr := new(ValidationError)
|
||||||
|
now := TimeFunc().Unix()
|
||||||
|
|
||||||
|
if m.VerifyExpiresAt(now, false) == false {
|
||||||
|
vErr.Inner = errors.New("Token is expired")
|
||||||
|
vErr.Errors |= ValidationErrorExpired
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.VerifyIssuedAt(now, false) == false {
|
||||||
|
vErr.Inner = errors.New("Token used before issued")
|
||||||
|
vErr.Errors |= ValidationErrorIssuedAt
|
||||||
|
}
|
||||||
|
|
||||||
|
if m.VerifyNotBefore(now, false) == false {
|
||||||
|
vErr.Inner = errors.New("Token is not valid yet")
|
||||||
|
vErr.Errors |= ValidationErrorNotValidYet
|
||||||
|
}
|
||||||
|
|
||||||
|
if vErr.valid() {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return vErr
|
||||||
|
}
|
52
vendor/github.com/dgrijalva/jwt-go/none.go
generated
vendored
Normal file
52
vendor/github.com/dgrijalva/jwt-go/none.go
generated
vendored
Normal file
@ -0,0 +1,52 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
// Implements the none signing method. This is required by the spec
|
||||||
|
// but you probably should never use it.
|
||||||
|
var SigningMethodNone *signingMethodNone
|
||||||
|
|
||||||
|
const UnsafeAllowNoneSignatureType unsafeNoneMagicConstant = "none signing method allowed"
|
||||||
|
|
||||||
|
var NoneSignatureTypeDisallowedError error
|
||||||
|
|
||||||
|
type signingMethodNone struct{}
|
||||||
|
type unsafeNoneMagicConstant string
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
SigningMethodNone = &signingMethodNone{}
|
||||||
|
NoneSignatureTypeDisallowedError = NewValidationError("'none' signature type is not allowed", ValidationErrorSignatureInvalid)
|
||||||
|
|
||||||
|
RegisterSigningMethod(SigningMethodNone.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodNone
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *signingMethodNone) Alg() string {
|
||||||
|
return "none"
|
||||||
|
}
|
||||||
|
|
||||||
|
// Only allow 'none' alg type if UnsafeAllowNoneSignatureType is specified as the key
|
||||||
|
func (m *signingMethodNone) Verify(signingString, signature string, key interface{}) (err error) {
|
||||||
|
// Key must be UnsafeAllowNoneSignatureType to prevent accidentally
|
||||||
|
// accepting 'none' signing method
|
||||||
|
if _, ok := key.(unsafeNoneMagicConstant); !ok {
|
||||||
|
return NoneSignatureTypeDisallowedError
|
||||||
|
}
|
||||||
|
// If signing method is none, signature must be an empty string
|
||||||
|
if signature != "" {
|
||||||
|
return NewValidationError(
|
||||||
|
"'none' signing method with non-empty signature",
|
||||||
|
ValidationErrorSignatureInvalid,
|
||||||
|
)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Accept 'none' signing method.
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Only allow 'none' signing if UnsafeAllowNoneSignatureType is specified as the key
|
||||||
|
func (m *signingMethodNone) Sign(signingString string, key interface{}) (string, error) {
|
||||||
|
if _, ok := key.(unsafeNoneMagicConstant); ok {
|
||||||
|
return "", nil
|
||||||
|
}
|
||||||
|
return "", NoneSignatureTypeDisallowedError
|
||||||
|
}
|
148
vendor/github.com/dgrijalva/jwt-go/parser.go
generated
vendored
Normal file
148
vendor/github.com/dgrijalva/jwt-go/parser.go
generated
vendored
Normal file
@ -0,0 +1,148 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
type Parser struct {
|
||||||
|
ValidMethods []string // If populated, only these methods will be considered valid
|
||||||
|
UseJSONNumber bool // Use JSON Number format in JSON decoder
|
||||||
|
SkipClaimsValidation bool // Skip claims validation during token parsing
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse, validate, and return a token.
|
||||||
|
// keyFunc will receive the parsed token and should return the key for validating.
|
||||||
|
// If everything is kosher, err will be nil
|
||||||
|
func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
|
||||||
|
return p.ParseWithClaims(tokenString, MapClaims{}, keyFunc)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) {
|
||||||
|
token, parts, err := p.ParseUnverified(tokenString, claims)
|
||||||
|
if err != nil {
|
||||||
|
return token, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Verify signing method is in the required set
|
||||||
|
if p.ValidMethods != nil {
|
||||||
|
var signingMethodValid = false
|
||||||
|
var alg = token.Method.Alg()
|
||||||
|
for _, m := range p.ValidMethods {
|
||||||
|
if m == alg {
|
||||||
|
signingMethodValid = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if !signingMethodValid {
|
||||||
|
// signing method is not in the listed set
|
||||||
|
return token, NewValidationError(fmt.Sprintf("signing method %v is invalid", alg), ValidationErrorSignatureInvalid)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Lookup key
|
||||||
|
var key interface{}
|
||||||
|
if keyFunc == nil {
|
||||||
|
// keyFunc was not provided. short circuiting validation
|
||||||
|
return token, NewValidationError("no Keyfunc was provided.", ValidationErrorUnverifiable)
|
||||||
|
}
|
||||||
|
if key, err = keyFunc(token); err != nil {
|
||||||
|
// keyFunc returned an error
|
||||||
|
if ve, ok := err.(*ValidationError); ok {
|
||||||
|
return token, ve
|
||||||
|
}
|
||||||
|
return token, &ValidationError{Inner: err, Errors: ValidationErrorUnverifiable}
|
||||||
|
}
|
||||||
|
|
||||||
|
vErr := &ValidationError{}
|
||||||
|
|
||||||
|
// Validate Claims
|
||||||
|
if !p.SkipClaimsValidation {
|
||||||
|
if err := token.Claims.Valid(); err != nil {
|
||||||
|
|
||||||
|
// If the Claims Valid returned an error, check if it is a validation error,
|
||||||
|
// If it was another error type, create a ValidationError with a generic ClaimsInvalid flag set
|
||||||
|
if e, ok := err.(*ValidationError); !ok {
|
||||||
|
vErr = &ValidationError{Inner: err, Errors: ValidationErrorClaimsInvalid}
|
||||||
|
} else {
|
||||||
|
vErr = e
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Perform validation
|
||||||
|
token.Signature = parts[2]
|
||||||
|
if err = token.Method.Verify(strings.Join(parts[0:2], "."), token.Signature, key); err != nil {
|
||||||
|
vErr.Inner = err
|
||||||
|
vErr.Errors |= ValidationErrorSignatureInvalid
|
||||||
|
}
|
||||||
|
|
||||||
|
if vErr.valid() {
|
||||||
|
token.Valid = true
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
return token, vErr
|
||||||
|
}
|
||||||
|
|
||||||
|
// WARNING: Don't use this method unless you know what you're doing
|
||||||
|
//
|
||||||
|
// This method parses the token but doesn't validate the signature. It's only
|
||||||
|
// ever useful in cases where you know the signature is valid (because it has
|
||||||
|
// been checked previously in the stack) and you want to extract values from
|
||||||
|
// it.
|
||||||
|
func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) {
|
||||||
|
parts = strings.Split(tokenString, ".")
|
||||||
|
if len(parts) != 3 {
|
||||||
|
return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed)
|
||||||
|
}
|
||||||
|
|
||||||
|
token = &Token{Raw: tokenString}
|
||||||
|
|
||||||
|
// parse Header
|
||||||
|
var headerBytes []byte
|
||||||
|
if headerBytes, err = DecodeSegment(parts[0]); err != nil {
|
||||||
|
if strings.HasPrefix(strings.ToLower(tokenString), "bearer ") {
|
||||||
|
return token, parts, NewValidationError("tokenstring should not contain 'bearer '", ValidationErrorMalformed)
|
||||||
|
}
|
||||||
|
return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
|
||||||
|
}
|
||||||
|
if err = json.Unmarshal(headerBytes, &token.Header); err != nil {
|
||||||
|
return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
|
||||||
|
}
|
||||||
|
|
||||||
|
// parse Claims
|
||||||
|
var claimBytes []byte
|
||||||
|
token.Claims = claims
|
||||||
|
|
||||||
|
if claimBytes, err = DecodeSegment(parts[1]); err != nil {
|
||||||
|
return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
|
||||||
|
}
|
||||||
|
dec := json.NewDecoder(bytes.NewBuffer(claimBytes))
|
||||||
|
if p.UseJSONNumber {
|
||||||
|
dec.UseNumber()
|
||||||
|
}
|
||||||
|
// JSON Decode. Special case for map type to avoid weird pointer behavior
|
||||||
|
if c, ok := token.Claims.(MapClaims); ok {
|
||||||
|
err = dec.Decode(&c)
|
||||||
|
} else {
|
||||||
|
err = dec.Decode(&claims)
|
||||||
|
}
|
||||||
|
// Handle decode error
|
||||||
|
if err != nil {
|
||||||
|
return token, parts, &ValidationError{Inner: err, Errors: ValidationErrorMalformed}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Lookup signature method
|
||||||
|
if method, ok := token.Header["alg"].(string); ok {
|
||||||
|
if token.Method = GetSigningMethod(method); token.Method == nil {
|
||||||
|
return token, parts, NewValidationError("signing method (alg) is unavailable.", ValidationErrorUnverifiable)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
return token, parts, NewValidationError("signing method (alg) is unspecified.", ValidationErrorUnverifiable)
|
||||||
|
}
|
||||||
|
|
||||||
|
return token, parts, nil
|
||||||
|
}
|
101
vendor/github.com/dgrijalva/jwt-go/rsa.go
generated
vendored
Normal file
101
vendor/github.com/dgrijalva/jwt-go/rsa.go
generated
vendored
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto"
|
||||||
|
"crypto/rand"
|
||||||
|
"crypto/rsa"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Implements the RSA family of signing methods signing methods
|
||||||
|
// Expects *rsa.PrivateKey for signing and *rsa.PublicKey for validation
|
||||||
|
type SigningMethodRSA struct {
|
||||||
|
Name string
|
||||||
|
Hash crypto.Hash
|
||||||
|
}
|
||||||
|
|
||||||
|
// Specific instances for RS256 and company
|
||||||
|
var (
|
||||||
|
SigningMethodRS256 *SigningMethodRSA
|
||||||
|
SigningMethodRS384 *SigningMethodRSA
|
||||||
|
SigningMethodRS512 *SigningMethodRSA
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// RS256
|
||||||
|
SigningMethodRS256 = &SigningMethodRSA{"RS256", crypto.SHA256}
|
||||||
|
RegisterSigningMethod(SigningMethodRS256.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodRS256
|
||||||
|
})
|
||||||
|
|
||||||
|
// RS384
|
||||||
|
SigningMethodRS384 = &SigningMethodRSA{"RS384", crypto.SHA384}
|
||||||
|
RegisterSigningMethod(SigningMethodRS384.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodRS384
|
||||||
|
})
|
||||||
|
|
||||||
|
// RS512
|
||||||
|
SigningMethodRS512 = &SigningMethodRSA{"RS512", crypto.SHA512}
|
||||||
|
RegisterSigningMethod(SigningMethodRS512.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodRS512
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *SigningMethodRSA) Alg() string {
|
||||||
|
return m.Name
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Verify method from SigningMethod
|
||||||
|
// For this signing method, must be an *rsa.PublicKey structure.
|
||||||
|
func (m *SigningMethodRSA) Verify(signingString, signature string, key interface{}) error {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Decode the signature
|
||||||
|
var sig []byte
|
||||||
|
if sig, err = DecodeSegment(signature); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var rsaKey *rsa.PublicKey
|
||||||
|
var ok bool
|
||||||
|
|
||||||
|
if rsaKey, ok = key.(*rsa.PublicKey); !ok {
|
||||||
|
return ErrInvalidKeyType
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return ErrHashUnavailable
|
||||||
|
}
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
// Verify the signature
|
||||||
|
return rsa.VerifyPKCS1v15(rsaKey, m.Hash, hasher.Sum(nil), sig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Sign method from SigningMethod
|
||||||
|
// For this signing method, must be an *rsa.PrivateKey structure.
|
||||||
|
func (m *SigningMethodRSA) Sign(signingString string, key interface{}) (string, error) {
|
||||||
|
var rsaKey *rsa.PrivateKey
|
||||||
|
var ok bool
|
||||||
|
|
||||||
|
// Validate type of key
|
||||||
|
if rsaKey, ok = key.(*rsa.PrivateKey); !ok {
|
||||||
|
return "", ErrInvalidKey
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create the hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return "", ErrHashUnavailable
|
||||||
|
}
|
||||||
|
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
// Sign the string and return the encoded bytes
|
||||||
|
if sigBytes, err := rsa.SignPKCS1v15(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil)); err == nil {
|
||||||
|
return EncodeSegment(sigBytes), nil
|
||||||
|
} else {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
}
|
126
vendor/github.com/dgrijalva/jwt-go/rsa_pss.go
generated
vendored
Normal file
126
vendor/github.com/dgrijalva/jwt-go/rsa_pss.go
generated
vendored
Normal file
@ -0,0 +1,126 @@
|
|||||||
|
// +build go1.4
|
||||||
|
|
||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto"
|
||||||
|
"crypto/rand"
|
||||||
|
"crypto/rsa"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Implements the RSAPSS family of signing methods signing methods
|
||||||
|
type SigningMethodRSAPSS struct {
|
||||||
|
*SigningMethodRSA
|
||||||
|
Options *rsa.PSSOptions
|
||||||
|
}
|
||||||
|
|
||||||
|
// Specific instances for RS/PS and company
|
||||||
|
var (
|
||||||
|
SigningMethodPS256 *SigningMethodRSAPSS
|
||||||
|
SigningMethodPS384 *SigningMethodRSAPSS
|
||||||
|
SigningMethodPS512 *SigningMethodRSAPSS
|
||||||
|
)
|
||||||
|
|
||||||
|
func init() {
|
||||||
|
// PS256
|
||||||
|
SigningMethodPS256 = &SigningMethodRSAPSS{
|
||||||
|
&SigningMethodRSA{
|
||||||
|
Name: "PS256",
|
||||||
|
Hash: crypto.SHA256,
|
||||||
|
},
|
||||||
|
&rsa.PSSOptions{
|
||||||
|
SaltLength: rsa.PSSSaltLengthAuto,
|
||||||
|
Hash: crypto.SHA256,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
RegisterSigningMethod(SigningMethodPS256.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodPS256
|
||||||
|
})
|
||||||
|
|
||||||
|
// PS384
|
||||||
|
SigningMethodPS384 = &SigningMethodRSAPSS{
|
||||||
|
&SigningMethodRSA{
|
||||||
|
Name: "PS384",
|
||||||
|
Hash: crypto.SHA384,
|
||||||
|
},
|
||||||
|
&rsa.PSSOptions{
|
||||||
|
SaltLength: rsa.PSSSaltLengthAuto,
|
||||||
|
Hash: crypto.SHA384,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
RegisterSigningMethod(SigningMethodPS384.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodPS384
|
||||||
|
})
|
||||||
|
|
||||||
|
// PS512
|
||||||
|
SigningMethodPS512 = &SigningMethodRSAPSS{
|
||||||
|
&SigningMethodRSA{
|
||||||
|
Name: "PS512",
|
||||||
|
Hash: crypto.SHA512,
|
||||||
|
},
|
||||||
|
&rsa.PSSOptions{
|
||||||
|
SaltLength: rsa.PSSSaltLengthAuto,
|
||||||
|
Hash: crypto.SHA512,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
RegisterSigningMethod(SigningMethodPS512.Alg(), func() SigningMethod {
|
||||||
|
return SigningMethodPS512
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Verify method from SigningMethod
|
||||||
|
// For this verify method, key must be an rsa.PublicKey struct
|
||||||
|
func (m *SigningMethodRSAPSS) Verify(signingString, signature string, key interface{}) error {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Decode the signature
|
||||||
|
var sig []byte
|
||||||
|
if sig, err = DecodeSegment(signature); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var rsaKey *rsa.PublicKey
|
||||||
|
switch k := key.(type) {
|
||||||
|
case *rsa.PublicKey:
|
||||||
|
rsaKey = k
|
||||||
|
default:
|
||||||
|
return ErrInvalidKey
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return ErrHashUnavailable
|
||||||
|
}
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
return rsa.VerifyPSS(rsaKey, m.Hash, hasher.Sum(nil), sig, m.Options)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Implements the Sign method from SigningMethod
|
||||||
|
// For this signing method, key must be an rsa.PrivateKey struct
|
||||||
|
func (m *SigningMethodRSAPSS) Sign(signingString string, key interface{}) (string, error) {
|
||||||
|
var rsaKey *rsa.PrivateKey
|
||||||
|
|
||||||
|
switch k := key.(type) {
|
||||||
|
case *rsa.PrivateKey:
|
||||||
|
rsaKey = k
|
||||||
|
default:
|
||||||
|
return "", ErrInvalidKeyType
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create the hasher
|
||||||
|
if !m.Hash.Available() {
|
||||||
|
return "", ErrHashUnavailable
|
||||||
|
}
|
||||||
|
|
||||||
|
hasher := m.Hash.New()
|
||||||
|
hasher.Write([]byte(signingString))
|
||||||
|
|
||||||
|
// Sign the string and return the encoded bytes
|
||||||
|
if sigBytes, err := rsa.SignPSS(rand.Reader, rsaKey, m.Hash, hasher.Sum(nil), m.Options); err == nil {
|
||||||
|
return EncodeSegment(sigBytes), nil
|
||||||
|
} else {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
}
|
101
vendor/github.com/dgrijalva/jwt-go/rsa_utils.go
generated
vendored
Normal file
101
vendor/github.com/dgrijalva/jwt-go/rsa_utils.go
generated
vendored
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/rsa"
|
||||||
|
"crypto/x509"
|
||||||
|
"encoding/pem"
|
||||||
|
"errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ErrKeyMustBePEMEncoded = errors.New("Invalid Key: Key must be PEM encoded PKCS1 or PKCS8 private key")
|
||||||
|
ErrNotRSAPrivateKey = errors.New("Key is not a valid RSA private key")
|
||||||
|
ErrNotRSAPublicKey = errors.New("Key is not a valid RSA public key")
|
||||||
|
)
|
||||||
|
|
||||||
|
// Parse PEM encoded PKCS1 or PKCS8 private key
|
||||||
|
func ParseRSAPrivateKeyFromPEM(key []byte) (*rsa.PrivateKey, error) {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Parse PEM block
|
||||||
|
var block *pem.Block
|
||||||
|
if block, _ = pem.Decode(key); block == nil {
|
||||||
|
return nil, ErrKeyMustBePEMEncoded
|
||||||
|
}
|
||||||
|
|
||||||
|
var parsedKey interface{}
|
||||||
|
if parsedKey, err = x509.ParsePKCS1PrivateKey(block.Bytes); err != nil {
|
||||||
|
if parsedKey, err = x509.ParsePKCS8PrivateKey(block.Bytes); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var pkey *rsa.PrivateKey
|
||||||
|
var ok bool
|
||||||
|
if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
|
||||||
|
return nil, ErrNotRSAPrivateKey
|
||||||
|
}
|
||||||
|
|
||||||
|
return pkey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse PEM encoded PKCS1 or PKCS8 private key protected with password
|
||||||
|
func ParseRSAPrivateKeyFromPEMWithPassword(key []byte, password string) (*rsa.PrivateKey, error) {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Parse PEM block
|
||||||
|
var block *pem.Block
|
||||||
|
if block, _ = pem.Decode(key); block == nil {
|
||||||
|
return nil, ErrKeyMustBePEMEncoded
|
||||||
|
}
|
||||||
|
|
||||||
|
var parsedKey interface{}
|
||||||
|
|
||||||
|
var blockDecrypted []byte
|
||||||
|
if blockDecrypted, err = x509.DecryptPEMBlock(block, []byte(password)); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
if parsedKey, err = x509.ParsePKCS1PrivateKey(blockDecrypted); err != nil {
|
||||||
|
if parsedKey, err = x509.ParsePKCS8PrivateKey(blockDecrypted); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var pkey *rsa.PrivateKey
|
||||||
|
var ok bool
|
||||||
|
if pkey, ok = parsedKey.(*rsa.PrivateKey); !ok {
|
||||||
|
return nil, ErrNotRSAPrivateKey
|
||||||
|
}
|
||||||
|
|
||||||
|
return pkey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse PEM encoded PKCS1 or PKCS8 public key
|
||||||
|
func ParseRSAPublicKeyFromPEM(key []byte) (*rsa.PublicKey, error) {
|
||||||
|
var err error
|
||||||
|
|
||||||
|
// Parse PEM block
|
||||||
|
var block *pem.Block
|
||||||
|
if block, _ = pem.Decode(key); block == nil {
|
||||||
|
return nil, ErrKeyMustBePEMEncoded
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse the key
|
||||||
|
var parsedKey interface{}
|
||||||
|
if parsedKey, err = x509.ParsePKIXPublicKey(block.Bytes); err != nil {
|
||||||
|
if cert, err := x509.ParseCertificate(block.Bytes); err == nil {
|
||||||
|
parsedKey = cert.PublicKey
|
||||||
|
} else {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
var pkey *rsa.PublicKey
|
||||||
|
var ok bool
|
||||||
|
if pkey, ok = parsedKey.(*rsa.PublicKey); !ok {
|
||||||
|
return nil, ErrNotRSAPublicKey
|
||||||
|
}
|
||||||
|
|
||||||
|
return pkey, nil
|
||||||
|
}
|
35
vendor/github.com/dgrijalva/jwt-go/signing_method.go
generated
vendored
Normal file
35
vendor/github.com/dgrijalva/jwt-go/signing_method.go
generated
vendored
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"sync"
|
||||||
|
)
|
||||||
|
|
||||||
|
var signingMethods = map[string]func() SigningMethod{}
|
||||||
|
var signingMethodLock = new(sync.RWMutex)
|
||||||
|
|
||||||
|
// Implement SigningMethod to add new methods for signing or verifying tokens.
|
||||||
|
type SigningMethod interface {
|
||||||
|
Verify(signingString, signature string, key interface{}) error // Returns nil if signature is valid
|
||||||
|
Sign(signingString string, key interface{}) (string, error) // Returns encoded signature or error
|
||||||
|
Alg() string // returns the alg identifier for this method (example: 'HS256')
|
||||||
|
}
|
||||||
|
|
||||||
|
// Register the "alg" name and a factory function for signing method.
|
||||||
|
// This is typically done during init() in the method's implementation
|
||||||
|
func RegisterSigningMethod(alg string, f func() SigningMethod) {
|
||||||
|
signingMethodLock.Lock()
|
||||||
|
defer signingMethodLock.Unlock()
|
||||||
|
|
||||||
|
signingMethods[alg] = f
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get a signing method from an "alg" string
|
||||||
|
func GetSigningMethod(alg string) (method SigningMethod) {
|
||||||
|
signingMethodLock.RLock()
|
||||||
|
defer signingMethodLock.RUnlock()
|
||||||
|
|
||||||
|
if methodF, ok := signingMethods[alg]; ok {
|
||||||
|
method = methodF()
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
108
vendor/github.com/dgrijalva/jwt-go/token.go
generated
vendored
Normal file
108
vendor/github.com/dgrijalva/jwt-go/token.go
generated
vendored
Normal file
@ -0,0 +1,108 @@
|
|||||||
|
package jwt
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/base64"
|
||||||
|
"encoding/json"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time).
|
||||||
|
// You can override it to use another time value. This is useful for testing or if your
|
||||||
|
// server uses a different time zone than your tokens.
|
||||||
|
var TimeFunc = time.Now
|
||||||
|
|
||||||
|
// Parse methods use this callback function to supply
|
||||||
|
// the key for verification. The function receives the parsed,
|
||||||
|
// but unverified Token. This allows you to use properties in the
|
||||||
|
// Header of the token (such as `kid`) to identify which key to use.
|
||||||
|
type Keyfunc func(*Token) (interface{}, error)
|
||||||
|
|
||||||
|
// A JWT Token. Different fields will be used depending on whether you're
|
||||||
|
// creating or parsing/verifying a token.
|
||||||
|
type Token struct {
|
||||||
|
Raw string // The raw token. Populated when you Parse a token
|
||||||
|
Method SigningMethod // The signing method used or to be used
|
||||||
|
Header map[string]interface{} // The first segment of the token
|
||||||
|
Claims Claims // The second segment of the token
|
||||||
|
Signature string // The third segment of the token. Populated when you Parse a token
|
||||||
|
Valid bool // Is the token valid? Populated when you Parse/Verify a token
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create a new Token. Takes a signing method
|
||||||
|
func New(method SigningMethod) *Token {
|
||||||
|
return NewWithClaims(method, MapClaims{})
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewWithClaims(method SigningMethod, claims Claims) *Token {
|
||||||
|
return &Token{
|
||||||
|
Header: map[string]interface{}{
|
||||||
|
"typ": "JWT",
|
||||||
|
"alg": method.Alg(),
|
||||||
|
},
|
||||||
|
Claims: claims,
|
||||||
|
Method: method,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the complete, signed token
|
||||||
|
func (t *Token) SignedString(key interface{}) (string, error) {
|
||||||
|
var sig, sstr string
|
||||||
|
var err error
|
||||||
|
if sstr, err = t.SigningString(); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
if sig, err = t.Method.Sign(sstr, key); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
return strings.Join([]string{sstr, sig}, "."), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Generate the signing string. This is the
|
||||||
|
// most expensive part of the whole deal. Unless you
|
||||||
|
// need this for something special, just go straight for
|
||||||
|
// the SignedString.
|
||||||
|
func (t *Token) SigningString() (string, error) {
|
||||||
|
var err error
|
||||||
|
parts := make([]string, 2)
|
||||||
|
for i, _ := range parts {
|
||||||
|
var jsonValue []byte
|
||||||
|
if i == 0 {
|
||||||
|
if jsonValue, err = json.Marshal(t.Header); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
if jsonValue, err = json.Marshal(t.Claims); err != nil {
|
||||||
|
return "", err
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
parts[i] = EncodeSegment(jsonValue)
|
||||||
|
}
|
||||||
|
return strings.Join(parts, "."), nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse, validate, and return a token.
|
||||||
|
// keyFunc will receive the parsed token and should return the key for validating.
|
||||||
|
// If everything is kosher, err will be nil
|
||||||
|
func Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
|
||||||
|
return new(Parser).Parse(tokenString, keyFunc)
|
||||||
|
}
|
||||||
|
|
||||||
|
func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) {
|
||||||
|
return new(Parser).ParseWithClaims(tokenString, claims, keyFunc)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Encode JWT specific base64url encoding with padding stripped
|
||||||
|
func EncodeSegment(seg []byte) string {
|
||||||
|
return strings.TrimRight(base64.URLEncoding.EncodeToString(seg), "=")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decode JWT specific base64url encoding with padding stripped
|
||||||
|
func DecodeSegment(seg string) ([]byte, error) {
|
||||||
|
if l := len(seg) % 4; l > 0 {
|
||||||
|
seg += strings.Repeat("=", 4-l)
|
||||||
|
}
|
||||||
|
|
||||||
|
return base64.URLEncoding.DecodeString(seg)
|
||||||
|
}
|
2
vendor/github.com/labstack/echo/v4/.travis.yml
generated
vendored
2
vendor/github.com/labstack/echo/v4/.travis.yml
generated
vendored
@ -1,7 +1,7 @@
|
|||||||
language: go
|
language: go
|
||||||
go:
|
go:
|
||||||
- 1.11.x
|
|
||||||
- 1.12.x
|
- 1.12.x
|
||||||
|
- 1.13.x
|
||||||
- tip
|
- tip
|
||||||
env:
|
env:
|
||||||
- GO111MODULE=on
|
- GO111MODULE=on
|
||||||
|
48
vendor/github.com/labstack/echo/v4/bind.go
generated
vendored
48
vendor/github.com/labstack/echo/v4/bind.go
generated
vendored
@ -90,13 +90,15 @@ func (b *DefaultBinder) bindData(ptr interface{}, data map[string][]string, tag
|
|||||||
typ := reflect.TypeOf(ptr).Elem()
|
typ := reflect.TypeOf(ptr).Elem()
|
||||||
val := reflect.ValueOf(ptr).Elem()
|
val := reflect.ValueOf(ptr).Elem()
|
||||||
|
|
||||||
if m, ok := ptr.(*map[string]interface{}); ok {
|
// Map
|
||||||
|
if typ.Kind() == reflect.Map {
|
||||||
for k, v := range data {
|
for k, v := range data {
|
||||||
(*m)[k] = v[0]
|
val.SetMapIndex(reflect.ValueOf(k), reflect.ValueOf(v[0]))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// !struct
|
||||||
if typ.Kind() != reflect.Struct {
|
if typ.Kind() != reflect.Struct {
|
||||||
return errors.New("binding element must be a struct")
|
return errors.New("binding element must be a struct")
|
||||||
}
|
}
|
||||||
@ -113,7 +115,7 @@ func (b *DefaultBinder) bindData(ptr interface{}, data map[string][]string, tag
|
|||||||
if inputFieldName == "" {
|
if inputFieldName == "" {
|
||||||
inputFieldName = typeField.Name
|
inputFieldName = typeField.Name
|
||||||
// If tag is nil, we inspect if the field is a struct.
|
// If tag is nil, we inspect if the field is a struct.
|
||||||
if _, ok := bindUnmarshaler(structField); !ok && structFieldKind == reflect.Struct {
|
if _, ok := structField.Addr().Interface().(BindUnmarshaler); !ok && structFieldKind == reflect.Struct {
|
||||||
if err := b.bindData(structField.Addr().Interface(), data, tag); err != nil {
|
if err := b.bindData(structField.Addr().Interface(), data, tag); err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -127,9 +129,8 @@ func (b *DefaultBinder) bindData(ptr interface{}, data map[string][]string, tag
|
|||||||
// url params are bound case sensitive which is inconsistent. To
|
// url params are bound case sensitive which is inconsistent. To
|
||||||
// fix this we must check all of the map values in a
|
// fix this we must check all of the map values in a
|
||||||
// case-insensitive search.
|
// case-insensitive search.
|
||||||
inputFieldName = strings.ToLower(inputFieldName)
|
|
||||||
for k, v := range data {
|
for k, v := range data {
|
||||||
if strings.ToLower(k) == inputFieldName {
|
if strings.EqualFold(k, inputFieldName) {
|
||||||
inputValue = v
|
inputValue = v
|
||||||
exists = true
|
exists = true
|
||||||
break
|
break
|
||||||
@ -219,40 +220,13 @@ func unmarshalField(valueKind reflect.Kind, val string, field reflect.Value) (bo
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// bindUnmarshaler attempts to unmarshal a reflect.Value into a BindUnmarshaler
|
|
||||||
func bindUnmarshaler(field reflect.Value) (BindUnmarshaler, bool) {
|
|
||||||
ptr := reflect.New(field.Type())
|
|
||||||
if ptr.CanInterface() {
|
|
||||||
iface := ptr.Interface()
|
|
||||||
if unmarshaler, ok := iface.(BindUnmarshaler); ok {
|
|
||||||
return unmarshaler, ok
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return nil, false
|
|
||||||
}
|
|
||||||
|
|
||||||
// textUnmarshaler attempts to unmarshal a reflect.Value into a TextUnmarshaler
|
|
||||||
func textUnmarshaler(field reflect.Value) (encoding.TextUnmarshaler, bool) {
|
|
||||||
ptr := reflect.New(field.Type())
|
|
||||||
if ptr.CanInterface() {
|
|
||||||
iface := ptr.Interface()
|
|
||||||
if unmarshaler, ok := iface.(encoding.TextUnmarshaler); ok {
|
|
||||||
return unmarshaler, ok
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return nil, false
|
|
||||||
}
|
|
||||||
|
|
||||||
func unmarshalFieldNonPtr(value string, field reflect.Value) (bool, error) {
|
func unmarshalFieldNonPtr(value string, field reflect.Value) (bool, error) {
|
||||||
if unmarshaler, ok := bindUnmarshaler(field); ok {
|
fieldIValue := field.Addr().Interface()
|
||||||
err := unmarshaler.UnmarshalParam(value)
|
if unmarshaler, ok := fieldIValue.(BindUnmarshaler); ok {
|
||||||
field.Set(reflect.ValueOf(unmarshaler).Elem())
|
return true, unmarshaler.UnmarshalParam(value)
|
||||||
return true, err
|
|
||||||
}
|
}
|
||||||
if unmarshaler, ok := textUnmarshaler(field); ok {
|
if unmarshaler, ok := fieldIValue.(encoding.TextUnmarshaler); ok {
|
||||||
err := unmarshaler.UnmarshalText([]byte(value))
|
return true, unmarshaler.UnmarshalText([]byte(value))
|
||||||
field.Set(reflect.ValueOf(unmarshaler).Elem())
|
|
||||||
return true, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return false, nil
|
return false, nil
|
||||||
|
25
vendor/github.com/labstack/echo/v4/context.go
generated
vendored
25
vendor/github.com/labstack/echo/v4/context.go
generated
vendored
@ -183,6 +183,9 @@ type (
|
|||||||
// Logger returns the `Logger` instance.
|
// Logger returns the `Logger` instance.
|
||||||
Logger() Logger
|
Logger() Logger
|
||||||
|
|
||||||
|
// Set the logger
|
||||||
|
SetLogger(l Logger)
|
||||||
|
|
||||||
// Echo returns the `Echo` instance.
|
// Echo returns the `Echo` instance.
|
||||||
Echo() *Echo
|
Echo() *Echo
|
||||||
|
|
||||||
@ -202,6 +205,7 @@ type (
|
|||||||
handler HandlerFunc
|
handler HandlerFunc
|
||||||
store Map
|
store Map
|
||||||
echo *Echo
|
echo *Echo
|
||||||
|
logger Logger
|
||||||
lock sync.RWMutex
|
lock sync.RWMutex
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
@ -308,7 +312,10 @@ func (c *context) ParamValues() []string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *context) SetParamValues(values ...string) {
|
func (c *context) SetParamValues(values ...string) {
|
||||||
c.pvalues = values
|
// NOTE: Don't just set c.pvalues = values, because it has to have length c.echo.maxParam at all times
|
||||||
|
for i, val := range values {
|
||||||
|
c.pvalues[i] = val
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *context) QueryParam(name string) string {
|
func (c *context) QueryParam(name string) string {
|
||||||
@ -347,7 +354,8 @@ func (c *context) FormParams() (url.Values, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *context) FormFile(name string) (*multipart.FileHeader, error) {
|
func (c *context) FormFile(name string) (*multipart.FileHeader, error) {
|
||||||
_, fh, err := c.request.FormFile(name)
|
f, fh, err := c.request.FormFile(name)
|
||||||
|
defer f.Close()
|
||||||
return fh, err
|
return fh, err
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -597,9 +605,17 @@ func (c *context) SetHandler(h HandlerFunc) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *context) Logger() Logger {
|
func (c *context) Logger() Logger {
|
||||||
|
res := c.logger
|
||||||
|
if res != nil {
|
||||||
|
return res
|
||||||
|
}
|
||||||
return c.echo.Logger
|
return c.echo.Logger
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *context) SetLogger(l Logger) {
|
||||||
|
c.logger = l
|
||||||
|
}
|
||||||
|
|
||||||
func (c *context) Reset(r *http.Request, w http.ResponseWriter) {
|
func (c *context) Reset(r *http.Request, w http.ResponseWriter) {
|
||||||
c.request = r
|
c.request = r
|
||||||
c.response.reset(w)
|
c.response.reset(w)
|
||||||
@ -608,6 +624,9 @@ func (c *context) Reset(r *http.Request, w http.ResponseWriter) {
|
|||||||
c.store = nil
|
c.store = nil
|
||||||
c.path = ""
|
c.path = ""
|
||||||
c.pnames = nil
|
c.pnames = nil
|
||||||
|
c.logger = nil
|
||||||
// NOTE: Don't reset because it has to have length c.echo.maxParam at all times
|
// NOTE: Don't reset because it has to have length c.echo.maxParam at all times
|
||||||
// c.pvalues = nil
|
for i := 0; i < *c.echo.maxParam; i++ {
|
||||||
|
c.pvalues[i] = ""
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
14
vendor/github.com/labstack/echo/v4/echo.go
generated
vendored
14
vendor/github.com/labstack/echo/v4/echo.go
generated
vendored
@ -227,7 +227,7 @@ const (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
// Version of Echo
|
// Version of Echo
|
||||||
Version = "4.1.11"
|
Version = "4.1.14"
|
||||||
website = "https://echo.labstack.com"
|
website = "https://echo.labstack.com"
|
||||||
// http://patorjk.com/software/taag/#p=display&f=Small%20Slant&t=Echo
|
// http://patorjk.com/software/taag/#p=display&f=Small%20Slant&t=Echo
|
||||||
banner = `
|
banner = `
|
||||||
@ -354,10 +354,14 @@ func (e *Echo) DefaultHTTPErrorHandler(err error, c Context) {
|
|||||||
Message: http.StatusText(http.StatusInternalServerError),
|
Message: http.StatusText(http.StatusInternalServerError),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #1426
|
||||||
|
code := he.Code
|
||||||
|
message := he.Message
|
||||||
if e.Debug {
|
if e.Debug {
|
||||||
he.Message = err.Error()
|
message = err.Error()
|
||||||
} else if m, ok := he.Message.(string); ok {
|
} else if m, ok := message.(string); ok {
|
||||||
he.Message = Map{"message": m}
|
message = Map{"message": m}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Send response
|
// Send response
|
||||||
@ -365,7 +369,7 @@ func (e *Echo) DefaultHTTPErrorHandler(err error, c Context) {
|
|||||||
if c.Request().Method == http.MethodHead { // Issue #608
|
if c.Request().Method == http.MethodHead { // Issue #608
|
||||||
err = c.NoContent(he.Code)
|
err = c.NoContent(he.Code)
|
||||||
} else {
|
} else {
|
||||||
err = c.JSON(he.Code, he.Message)
|
err = c.JSON(code, message)
|
||||||
}
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
e.Logger.Error(err)
|
e.Logger.Error(err)
|
||||||
|
9
vendor/github.com/labstack/echo/v4/go.mod
generated
vendored
9
vendor/github.com/labstack/echo/v4/go.mod
generated
vendored
@ -5,7 +5,12 @@ go 1.12
|
|||||||
require (
|
require (
|
||||||
github.com/dgrijalva/jwt-go v3.2.0+incompatible
|
github.com/dgrijalva/jwt-go v3.2.0+incompatible
|
||||||
github.com/labstack/gommon v0.3.0
|
github.com/labstack/gommon v0.3.0
|
||||||
|
github.com/mattn/go-colorable v0.1.4 // indirect
|
||||||
|
github.com/mattn/go-isatty v0.0.11 // indirect
|
||||||
github.com/stretchr/testify v1.4.0
|
github.com/stretchr/testify v1.4.0
|
||||||
github.com/valyala/fasttemplate v1.0.1
|
github.com/valyala/fasttemplate v1.1.0
|
||||||
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4
|
golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876
|
||||||
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 // indirect
|
||||||
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8 // indirect
|
||||||
|
golang.org/x/text v0.3.2 // indirect
|
||||||
)
|
)
|
||||||
|
20
vendor/github.com/labstack/echo/v4/go.sum
generated
vendored
20
vendor/github.com/labstack/echo/v4/go.sum
generated
vendored
@ -6,9 +6,13 @@ github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0
|
|||||||
github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
|
github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
|
||||||
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
|
github.com/mattn/go-colorable v0.1.2 h1:/bC9yWikZXAL9uJdulbSfyVNIR3n3trXl+v8+1sx8mU=
|
||||||
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
|
github.com/mattn/go-colorable v0.1.4 h1:snbPLB8fVfU9iwbbo30TPtbLRzwWu6aJS6Xh4eaaviA=
|
||||||
|
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
|
||||||
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
|
||||||
github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
|
github.com/mattn/go-isatty v0.0.9 h1:d5US/mDsogSGW37IV293h//ZFaeajb69h+EHFsv2xGg=
|
||||||
github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
|
github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
|
||||||
|
github.com/mattn/go-isatty v0.0.11 h1:FxPOTFNqGkuDUGi3H/qkUbQO4ZiBa2brKq5r0l8TGeM=
|
||||||
|
github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
|
||||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
@ -18,17 +22,29 @@ github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6Kllzaw
|
|||||||
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
|
||||||
github.com/valyala/fasttemplate v1.0.1 h1:tY9CJiPnMXf1ERmG2EyK7gNUd+c6RKGD0IfU8WdUSz8=
|
github.com/valyala/fasttemplate v1.0.1 h1:tY9CJiPnMXf1ERmG2EyK7gNUd+c6RKGD0IfU8WdUSz8=
|
||||||
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
||||||
|
github.com/valyala/fasttemplate v1.1.0 h1:RZqt0yGBsps8NGvLSGW804QQqCUYYLsaOjTVHy1Ocw4=
|
||||||
|
github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||||
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc=
|
golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876 h1:sKJQZMuxjOAR/Uo2LBfU90onWEf1dF4C+0hPJCc9Mpc=
|
||||||
golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3 h1:0GoQqolDA55aaLxZyTzK/Y2ePZzZTUrRacwib7cNsYQ=
|
||||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||||
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 h1:efeOvDhwQ29Dj3SdAV/MJf8oukgn+8D8WgaCaRMchF8=
|
||||||
|
golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
|
||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8 h1:JA8d3MPx/IToSyXZG/RhwYEtfrKO1Fxrqe8KrkiLXKM=
|
||||||
|
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
|
||||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||||
|
golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
|
||||||
|
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
|
||||||
|
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
|
||||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
106
vendor/github.com/labstack/echo/v4/middleware/basic_auth.go
generated
vendored
Normal file
106
vendor/github.com/labstack/echo/v4/middleware/basic_auth.go
generated
vendored
Normal file
@ -0,0 +1,106 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/base64"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// BasicAuthConfig defines the config for BasicAuth middleware.
|
||||||
|
BasicAuthConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Validator is a function to validate BasicAuth credentials.
|
||||||
|
// Required.
|
||||||
|
Validator BasicAuthValidator
|
||||||
|
|
||||||
|
// Realm is a string to define realm attribute of BasicAuth.
|
||||||
|
// Default value "Restricted".
|
||||||
|
Realm string
|
||||||
|
}
|
||||||
|
|
||||||
|
// BasicAuthValidator defines a function to validate BasicAuth credentials.
|
||||||
|
BasicAuthValidator func(string, string, echo.Context) (bool, error)
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
basic = "basic"
|
||||||
|
defaultRealm = "Restricted"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultBasicAuthConfig is the default BasicAuth middleware config.
|
||||||
|
DefaultBasicAuthConfig = BasicAuthConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Realm: defaultRealm,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// BasicAuth returns an BasicAuth middleware.
|
||||||
|
//
|
||||||
|
// For valid credentials it calls the next handler.
|
||||||
|
// For missing or invalid credentials, it sends "401 - Unauthorized" response.
|
||||||
|
func BasicAuth(fn BasicAuthValidator) echo.MiddlewareFunc {
|
||||||
|
c := DefaultBasicAuthConfig
|
||||||
|
c.Validator = fn
|
||||||
|
return BasicAuthWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// BasicAuthWithConfig returns an BasicAuth middleware with config.
|
||||||
|
// See `BasicAuth()`.
|
||||||
|
func BasicAuthWithConfig(config BasicAuthConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Validator == nil {
|
||||||
|
panic("echo: basic-auth middleware requires a validator function")
|
||||||
|
}
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultBasicAuthConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Realm == "" {
|
||||||
|
config.Realm = defaultRealm
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
auth := c.Request().Header.Get(echo.HeaderAuthorization)
|
||||||
|
l := len(basic)
|
||||||
|
|
||||||
|
if len(auth) > l+1 && strings.ToLower(auth[:l]) == basic {
|
||||||
|
b, err := base64.StdEncoding.DecodeString(auth[l+1:])
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
cred := string(b)
|
||||||
|
for i := 0; i < len(cred); i++ {
|
||||||
|
if cred[i] == ':' {
|
||||||
|
// Verify credentials
|
||||||
|
valid, err := config.Validator(cred[:i], cred[i+1:], c)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
} else if valid {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
realm := defaultRealm
|
||||||
|
if config.Realm != defaultRealm {
|
||||||
|
realm = strconv.Quote(config.Realm)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Need to return `401` for browsers to pop-up login box.
|
||||||
|
c.Response().Header().Set(echo.HeaderWWWAuthenticate, basic+" realm="+realm)
|
||||||
|
return echo.ErrUnauthorized
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
107
vendor/github.com/labstack/echo/v4/middleware/body_dump.go
generated
vendored
Normal file
107
vendor/github.com/labstack/echo/v4/middleware/body_dump.go
generated
vendored
Normal file
@ -0,0 +1,107 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bufio"
|
||||||
|
"bytes"
|
||||||
|
"io"
|
||||||
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// BodyDumpConfig defines the config for BodyDump middleware.
|
||||||
|
BodyDumpConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Handler receives request and response payload.
|
||||||
|
// Required.
|
||||||
|
Handler BodyDumpHandler
|
||||||
|
}
|
||||||
|
|
||||||
|
// BodyDumpHandler receives the request and response payload.
|
||||||
|
BodyDumpHandler func(echo.Context, []byte, []byte)
|
||||||
|
|
||||||
|
bodyDumpResponseWriter struct {
|
||||||
|
io.Writer
|
||||||
|
http.ResponseWriter
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultBodyDumpConfig is the default BodyDump middleware config.
|
||||||
|
DefaultBodyDumpConfig = BodyDumpConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// BodyDump returns a BodyDump middleware.
|
||||||
|
//
|
||||||
|
// BodyDump middleware captures the request and response payload and calls the
|
||||||
|
// registered handler.
|
||||||
|
func BodyDump(handler BodyDumpHandler) echo.MiddlewareFunc {
|
||||||
|
c := DefaultBodyDumpConfig
|
||||||
|
c.Handler = handler
|
||||||
|
return BodyDumpWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// BodyDumpWithConfig returns a BodyDump middleware with config.
|
||||||
|
// See: `BodyDump()`.
|
||||||
|
func BodyDumpWithConfig(config BodyDumpConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Handler == nil {
|
||||||
|
panic("echo: body-dump middleware requires a handler function")
|
||||||
|
}
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultBodyDumpConfig.Skipper
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) (err error) {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Request
|
||||||
|
reqBody := []byte{}
|
||||||
|
if c.Request().Body != nil { // Read
|
||||||
|
reqBody, _ = ioutil.ReadAll(c.Request().Body)
|
||||||
|
}
|
||||||
|
c.Request().Body = ioutil.NopCloser(bytes.NewBuffer(reqBody)) // Reset
|
||||||
|
|
||||||
|
// Response
|
||||||
|
resBody := new(bytes.Buffer)
|
||||||
|
mw := io.MultiWriter(c.Response().Writer, resBody)
|
||||||
|
writer := &bodyDumpResponseWriter{Writer: mw, ResponseWriter: c.Response().Writer}
|
||||||
|
c.Response().Writer = writer
|
||||||
|
|
||||||
|
if err = next(c); err != nil {
|
||||||
|
c.Error(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Callback
|
||||||
|
config.Handler(c, reqBody, resBody.Bytes())
|
||||||
|
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *bodyDumpResponseWriter) WriteHeader(code int) {
|
||||||
|
w.ResponseWriter.WriteHeader(code)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *bodyDumpResponseWriter) Write(b []byte) (int, error) {
|
||||||
|
return w.Writer.Write(b)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *bodyDumpResponseWriter) Flush() {
|
||||||
|
w.ResponseWriter.(http.Flusher).Flush()
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *bodyDumpResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
|
||||||
|
return w.ResponseWriter.(http.Hijacker).Hijack()
|
||||||
|
}
|
117
vendor/github.com/labstack/echo/v4/middleware/body_limit.go
generated
vendored
Normal file
117
vendor/github.com/labstack/echo/v4/middleware/body_limit.go
generated
vendored
Normal file
@ -0,0 +1,117 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"sync"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
"github.com/labstack/gommon/bytes"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// BodyLimitConfig defines the config for BodyLimit middleware.
|
||||||
|
BodyLimitConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Maximum allowed size for a request body, it can be specified
|
||||||
|
// as `4x` or `4xB`, where x is one of the multiple from K, M, G, T or P.
|
||||||
|
Limit string `yaml:"limit"`
|
||||||
|
limit int64
|
||||||
|
}
|
||||||
|
|
||||||
|
limitedReader struct {
|
||||||
|
BodyLimitConfig
|
||||||
|
reader io.ReadCloser
|
||||||
|
read int64
|
||||||
|
context echo.Context
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultBodyLimitConfig is the default BodyLimit middleware config.
|
||||||
|
DefaultBodyLimitConfig = BodyLimitConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// BodyLimit returns a BodyLimit middleware.
|
||||||
|
//
|
||||||
|
// BodyLimit middleware sets the maximum allowed size for a request body, if the
|
||||||
|
// size exceeds the configured limit, it sends "413 - Request Entity Too Large"
|
||||||
|
// response. The BodyLimit is determined based on both `Content-Length` request
|
||||||
|
// header and actual content read, which makes it super secure.
|
||||||
|
// Limit can be specified as `4x` or `4xB`, where x is one of the multiple from K, M,
|
||||||
|
// G, T or P.
|
||||||
|
func BodyLimit(limit string) echo.MiddlewareFunc {
|
||||||
|
c := DefaultBodyLimitConfig
|
||||||
|
c.Limit = limit
|
||||||
|
return BodyLimitWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// BodyLimitWithConfig returns a BodyLimit middleware with config.
|
||||||
|
// See: `BodyLimit()`.
|
||||||
|
func BodyLimitWithConfig(config BodyLimitConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultBodyLimitConfig.Skipper
|
||||||
|
}
|
||||||
|
|
||||||
|
limit, err := bytes.Parse(config.Limit)
|
||||||
|
if err != nil {
|
||||||
|
panic(fmt.Errorf("echo: invalid body-limit=%s", config.Limit))
|
||||||
|
}
|
||||||
|
config.limit = limit
|
||||||
|
pool := limitedReaderPool(config)
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
|
||||||
|
// Based on content length
|
||||||
|
if req.ContentLength > config.limit {
|
||||||
|
return echo.ErrStatusRequestEntityTooLarge
|
||||||
|
}
|
||||||
|
|
||||||
|
// Based on content read
|
||||||
|
r := pool.Get().(*limitedReader)
|
||||||
|
r.Reset(req.Body, c)
|
||||||
|
defer pool.Put(r)
|
||||||
|
req.Body = r
|
||||||
|
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *limitedReader) Read(b []byte) (n int, err error) {
|
||||||
|
n, err = r.reader.Read(b)
|
||||||
|
r.read += int64(n)
|
||||||
|
if r.read > r.limit {
|
||||||
|
return n, echo.ErrStatusRequestEntityTooLarge
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *limitedReader) Close() error {
|
||||||
|
return r.reader.Close()
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *limitedReader) Reset(reader io.ReadCloser, context echo.Context) {
|
||||||
|
r.reader = reader
|
||||||
|
r.context = context
|
||||||
|
r.read = 0
|
||||||
|
}
|
||||||
|
|
||||||
|
func limitedReaderPool(c BodyLimitConfig) sync.Pool {
|
||||||
|
return sync.Pool{
|
||||||
|
New: func() interface{} {
|
||||||
|
return &limitedReader{BodyLimitConfig: c}
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
121
vendor/github.com/labstack/echo/v4/middleware/compress.go
generated
vendored
Normal file
121
vendor/github.com/labstack/echo/v4/middleware/compress.go
generated
vendored
Normal file
@ -0,0 +1,121 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bufio"
|
||||||
|
"compress/gzip"
|
||||||
|
"io"
|
||||||
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// GzipConfig defines the config for Gzip middleware.
|
||||||
|
GzipConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Gzip compression level.
|
||||||
|
// Optional. Default value -1.
|
||||||
|
Level int `yaml:"level"`
|
||||||
|
}
|
||||||
|
|
||||||
|
gzipResponseWriter struct {
|
||||||
|
io.Writer
|
||||||
|
http.ResponseWriter
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
gzipScheme = "gzip"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultGzipConfig is the default Gzip middleware config.
|
||||||
|
DefaultGzipConfig = GzipConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Level: -1,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Gzip returns a middleware which compresses HTTP response using gzip compression
|
||||||
|
// scheme.
|
||||||
|
func Gzip() echo.MiddlewareFunc {
|
||||||
|
return GzipWithConfig(DefaultGzipConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// GzipWithConfig return Gzip middleware with config.
|
||||||
|
// See: `Gzip()`.
|
||||||
|
func GzipWithConfig(config GzipConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultGzipConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Level == 0 {
|
||||||
|
config.Level = DefaultGzipConfig.Level
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
res := c.Response()
|
||||||
|
res.Header().Add(echo.HeaderVary, echo.HeaderAcceptEncoding)
|
||||||
|
if strings.Contains(c.Request().Header.Get(echo.HeaderAcceptEncoding), gzipScheme) {
|
||||||
|
res.Header().Set(echo.HeaderContentEncoding, gzipScheme) // Issue #806
|
||||||
|
rw := res.Writer
|
||||||
|
w, err := gzip.NewWriterLevel(rw, config.Level)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer func() {
|
||||||
|
if res.Size == 0 {
|
||||||
|
if res.Header().Get(echo.HeaderContentEncoding) == gzipScheme {
|
||||||
|
res.Header().Del(echo.HeaderContentEncoding)
|
||||||
|
}
|
||||||
|
// We have to reset response to it's pristine state when
|
||||||
|
// nothing is written to body or error is returned.
|
||||||
|
// See issue #424, #407.
|
||||||
|
res.Writer = rw
|
||||||
|
w.Reset(ioutil.Discard)
|
||||||
|
}
|
||||||
|
w.Close()
|
||||||
|
}()
|
||||||
|
grw := &gzipResponseWriter{Writer: w, ResponseWriter: rw}
|
||||||
|
res.Writer = grw
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *gzipResponseWriter) WriteHeader(code int) {
|
||||||
|
if code == http.StatusNoContent { // Issue #489
|
||||||
|
w.ResponseWriter.Header().Del(echo.HeaderContentEncoding)
|
||||||
|
}
|
||||||
|
w.Header().Del(echo.HeaderContentLength) // Issue #444
|
||||||
|
w.ResponseWriter.WriteHeader(code)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *gzipResponseWriter) Write(b []byte) (int, error) {
|
||||||
|
if w.Header().Get(echo.HeaderContentType) == "" {
|
||||||
|
w.Header().Set(echo.HeaderContentType, http.DetectContentType(b))
|
||||||
|
}
|
||||||
|
return w.Writer.Write(b)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *gzipResponseWriter) Flush() {
|
||||||
|
w.Writer.(*gzip.Writer).Flush()
|
||||||
|
if flusher, ok := w.ResponseWriter.(http.Flusher); ok {
|
||||||
|
flusher.Flush()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (w *gzipResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) {
|
||||||
|
return w.ResponseWriter.(http.Hijacker).Hijack()
|
||||||
|
}
|
147
vendor/github.com/labstack/echo/v4/middleware/cors.go
generated
vendored
Normal file
147
vendor/github.com/labstack/echo/v4/middleware/cors.go
generated
vendored
Normal file
@ -0,0 +1,147 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// CORSConfig defines the config for CORS middleware.
|
||||||
|
CORSConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// AllowOrigin defines a list of origins that may access the resource.
|
||||||
|
// Optional. Default value []string{"*"}.
|
||||||
|
AllowOrigins []string `yaml:"allow_origins"`
|
||||||
|
|
||||||
|
// AllowMethods defines a list methods allowed when accessing the resource.
|
||||||
|
// This is used in response to a preflight request.
|
||||||
|
// Optional. Default value DefaultCORSConfig.AllowMethods.
|
||||||
|
AllowMethods []string `yaml:"allow_methods"`
|
||||||
|
|
||||||
|
// AllowHeaders defines a list of request headers that can be used when
|
||||||
|
// making the actual request. This is in response to a preflight request.
|
||||||
|
// Optional. Default value []string{}.
|
||||||
|
AllowHeaders []string `yaml:"allow_headers"`
|
||||||
|
|
||||||
|
// AllowCredentials indicates whether or not the response to the request
|
||||||
|
// can be exposed when the credentials flag is true. When used as part of
|
||||||
|
// a response to a preflight request, this indicates whether or not the
|
||||||
|
// actual request can be made using credentials.
|
||||||
|
// Optional. Default value false.
|
||||||
|
AllowCredentials bool `yaml:"allow_credentials"`
|
||||||
|
|
||||||
|
// ExposeHeaders defines a whitelist headers that clients are allowed to
|
||||||
|
// access.
|
||||||
|
// Optional. Default value []string{}.
|
||||||
|
ExposeHeaders []string `yaml:"expose_headers"`
|
||||||
|
|
||||||
|
// MaxAge indicates how long (in seconds) the results of a preflight request
|
||||||
|
// can be cached.
|
||||||
|
// Optional. Default value 0.
|
||||||
|
MaxAge int `yaml:"max_age"`
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultCORSConfig is the default CORS middleware config.
|
||||||
|
DefaultCORSConfig = CORSConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
AllowOrigins: []string{"*"},
|
||||||
|
AllowMethods: []string{http.MethodGet, http.MethodHead, http.MethodPut, http.MethodPatch, http.MethodPost, http.MethodDelete},
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// CORS returns a Cross-Origin Resource Sharing (CORS) middleware.
|
||||||
|
// See: https://developer.mozilla.org/en/docs/Web/HTTP/Access_control_CORS
|
||||||
|
func CORS() echo.MiddlewareFunc {
|
||||||
|
return CORSWithConfig(DefaultCORSConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// CORSWithConfig returns a CORS middleware with config.
|
||||||
|
// See: `CORS()`.
|
||||||
|
func CORSWithConfig(config CORSConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultCORSConfig.Skipper
|
||||||
|
}
|
||||||
|
if len(config.AllowOrigins) == 0 {
|
||||||
|
config.AllowOrigins = DefaultCORSConfig.AllowOrigins
|
||||||
|
}
|
||||||
|
if len(config.AllowMethods) == 0 {
|
||||||
|
config.AllowMethods = DefaultCORSConfig.AllowMethods
|
||||||
|
}
|
||||||
|
|
||||||
|
allowMethods := strings.Join(config.AllowMethods, ",")
|
||||||
|
allowHeaders := strings.Join(config.AllowHeaders, ",")
|
||||||
|
exposeHeaders := strings.Join(config.ExposeHeaders, ",")
|
||||||
|
maxAge := strconv.Itoa(config.MaxAge)
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
res := c.Response()
|
||||||
|
origin := req.Header.Get(echo.HeaderOrigin)
|
||||||
|
allowOrigin := ""
|
||||||
|
|
||||||
|
// Check allowed origins
|
||||||
|
for _, o := range config.AllowOrigins {
|
||||||
|
if o == "*" && config.AllowCredentials {
|
||||||
|
allowOrigin = origin
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if o == "*" || o == origin {
|
||||||
|
allowOrigin = o
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if matchSubdomain(origin, o) {
|
||||||
|
allowOrigin = origin
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Simple request
|
||||||
|
if req.Method != http.MethodOptions {
|
||||||
|
res.Header().Add(echo.HeaderVary, echo.HeaderOrigin)
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowOrigin, allowOrigin)
|
||||||
|
if config.AllowCredentials {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowCredentials, "true")
|
||||||
|
}
|
||||||
|
if exposeHeaders != "" {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlExposeHeaders, exposeHeaders)
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Preflight request
|
||||||
|
res.Header().Add(echo.HeaderVary, echo.HeaderOrigin)
|
||||||
|
res.Header().Add(echo.HeaderVary, echo.HeaderAccessControlRequestMethod)
|
||||||
|
res.Header().Add(echo.HeaderVary, echo.HeaderAccessControlRequestHeaders)
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowOrigin, allowOrigin)
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowMethods, allowMethods)
|
||||||
|
if config.AllowCredentials {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowCredentials, "true")
|
||||||
|
}
|
||||||
|
if allowHeaders != "" {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowHeaders, allowHeaders)
|
||||||
|
} else {
|
||||||
|
h := req.Header.Get(echo.HeaderAccessControlRequestHeaders)
|
||||||
|
if h != "" {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlAllowHeaders, h)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if config.MaxAge > 0 {
|
||||||
|
res.Header().Set(echo.HeaderAccessControlMaxAge, maxAge)
|
||||||
|
}
|
||||||
|
return c.NoContent(http.StatusNoContent)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
210
vendor/github.com/labstack/echo/v4/middleware/csrf.go
generated
vendored
Normal file
210
vendor/github.com/labstack/echo/v4/middleware/csrf.go
generated
vendored
Normal file
@ -0,0 +1,210 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"crypto/subtle"
|
||||||
|
"errors"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
"github.com/labstack/gommon/random"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// CSRFConfig defines the config for CSRF middleware.
|
||||||
|
CSRFConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// TokenLength is the length of the generated token.
|
||||||
|
TokenLength uint8 `yaml:"token_length"`
|
||||||
|
// Optional. Default value 32.
|
||||||
|
|
||||||
|
// TokenLookup is a string in the form of "<source>:<key>" that is used
|
||||||
|
// to extract token from the request.
|
||||||
|
// Optional. Default value "header:X-CSRF-Token".
|
||||||
|
// Possible values:
|
||||||
|
// - "header:<name>"
|
||||||
|
// - "form:<name>"
|
||||||
|
// - "query:<name>"
|
||||||
|
TokenLookup string `yaml:"token_lookup"`
|
||||||
|
|
||||||
|
// Context key to store generated CSRF token into context.
|
||||||
|
// Optional. Default value "csrf".
|
||||||
|
ContextKey string `yaml:"context_key"`
|
||||||
|
|
||||||
|
// Name of the CSRF cookie. This cookie will store CSRF token.
|
||||||
|
// Optional. Default value "csrf".
|
||||||
|
CookieName string `yaml:"cookie_name"`
|
||||||
|
|
||||||
|
// Domain of the CSRF cookie.
|
||||||
|
// Optional. Default value none.
|
||||||
|
CookieDomain string `yaml:"cookie_domain"`
|
||||||
|
|
||||||
|
// Path of the CSRF cookie.
|
||||||
|
// Optional. Default value none.
|
||||||
|
CookiePath string `yaml:"cookie_path"`
|
||||||
|
|
||||||
|
// Max age (in seconds) of the CSRF cookie.
|
||||||
|
// Optional. Default value 86400 (24hr).
|
||||||
|
CookieMaxAge int `yaml:"cookie_max_age"`
|
||||||
|
|
||||||
|
// Indicates if CSRF cookie is secure.
|
||||||
|
// Optional. Default value false.
|
||||||
|
CookieSecure bool `yaml:"cookie_secure"`
|
||||||
|
|
||||||
|
// Indicates if CSRF cookie is HTTP only.
|
||||||
|
// Optional. Default value false.
|
||||||
|
CookieHTTPOnly bool `yaml:"cookie_http_only"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// csrfTokenExtractor defines a function that takes `echo.Context` and returns
|
||||||
|
// either a token or an error.
|
||||||
|
csrfTokenExtractor func(echo.Context) (string, error)
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultCSRFConfig is the default CSRF middleware config.
|
||||||
|
DefaultCSRFConfig = CSRFConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
TokenLength: 32,
|
||||||
|
TokenLookup: "header:" + echo.HeaderXCSRFToken,
|
||||||
|
ContextKey: "csrf",
|
||||||
|
CookieName: "_csrf",
|
||||||
|
CookieMaxAge: 86400,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// CSRF returns a Cross-Site Request Forgery (CSRF) middleware.
|
||||||
|
// See: https://en.wikipedia.org/wiki/Cross-site_request_forgery
|
||||||
|
func CSRF() echo.MiddlewareFunc {
|
||||||
|
c := DefaultCSRFConfig
|
||||||
|
return CSRFWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// CSRFWithConfig returns a CSRF middleware with config.
|
||||||
|
// See `CSRF()`.
|
||||||
|
func CSRFWithConfig(config CSRFConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultCSRFConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.TokenLength == 0 {
|
||||||
|
config.TokenLength = DefaultCSRFConfig.TokenLength
|
||||||
|
}
|
||||||
|
if config.TokenLookup == "" {
|
||||||
|
config.TokenLookup = DefaultCSRFConfig.TokenLookup
|
||||||
|
}
|
||||||
|
if config.ContextKey == "" {
|
||||||
|
config.ContextKey = DefaultCSRFConfig.ContextKey
|
||||||
|
}
|
||||||
|
if config.CookieName == "" {
|
||||||
|
config.CookieName = DefaultCSRFConfig.CookieName
|
||||||
|
}
|
||||||
|
if config.CookieMaxAge == 0 {
|
||||||
|
config.CookieMaxAge = DefaultCSRFConfig.CookieMaxAge
|
||||||
|
}
|
||||||
|
|
||||||
|
// Initialize
|
||||||
|
parts := strings.Split(config.TokenLookup, ":")
|
||||||
|
extractor := csrfTokenFromHeader(parts[1])
|
||||||
|
switch parts[0] {
|
||||||
|
case "form":
|
||||||
|
extractor = csrfTokenFromForm(parts[1])
|
||||||
|
case "query":
|
||||||
|
extractor = csrfTokenFromQuery(parts[1])
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
k, err := c.Cookie(config.CookieName)
|
||||||
|
token := ""
|
||||||
|
|
||||||
|
// Generate token
|
||||||
|
if err != nil {
|
||||||
|
token = random.String(config.TokenLength)
|
||||||
|
} else {
|
||||||
|
// Reuse token
|
||||||
|
token = k.Value
|
||||||
|
}
|
||||||
|
|
||||||
|
switch req.Method {
|
||||||
|
case http.MethodGet, http.MethodHead, http.MethodOptions, http.MethodTrace:
|
||||||
|
default:
|
||||||
|
// Validate token only for requests which are not defined as 'safe' by RFC7231
|
||||||
|
clientToken, err := extractor(c)
|
||||||
|
if err != nil {
|
||||||
|
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
|
||||||
|
}
|
||||||
|
if !validateCSRFToken(token, clientToken) {
|
||||||
|
return echo.NewHTTPError(http.StatusForbidden, "invalid csrf token")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Set CSRF cookie
|
||||||
|
cookie := new(http.Cookie)
|
||||||
|
cookie.Name = config.CookieName
|
||||||
|
cookie.Value = token
|
||||||
|
if config.CookiePath != "" {
|
||||||
|
cookie.Path = config.CookiePath
|
||||||
|
}
|
||||||
|
if config.CookieDomain != "" {
|
||||||
|
cookie.Domain = config.CookieDomain
|
||||||
|
}
|
||||||
|
cookie.Expires = time.Now().Add(time.Duration(config.CookieMaxAge) * time.Second)
|
||||||
|
cookie.Secure = config.CookieSecure
|
||||||
|
cookie.HttpOnly = config.CookieHTTPOnly
|
||||||
|
c.SetCookie(cookie)
|
||||||
|
|
||||||
|
// Store token in the context
|
||||||
|
c.Set(config.ContextKey, token)
|
||||||
|
|
||||||
|
// Protect clients from caching the response
|
||||||
|
c.Response().Header().Add(echo.HeaderVary, echo.HeaderCookie)
|
||||||
|
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// csrfTokenFromForm returns a `csrfTokenExtractor` that extracts token from the
|
||||||
|
// provided request header.
|
||||||
|
func csrfTokenFromHeader(header string) csrfTokenExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
return c.Request().Header.Get(header), nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// csrfTokenFromForm returns a `csrfTokenExtractor` that extracts token from the
|
||||||
|
// provided form parameter.
|
||||||
|
func csrfTokenFromForm(param string) csrfTokenExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
token := c.FormValue(param)
|
||||||
|
if token == "" {
|
||||||
|
return "", errors.New("missing csrf token in the form parameter")
|
||||||
|
}
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// csrfTokenFromQuery returns a `csrfTokenExtractor` that extracts token from the
|
||||||
|
// provided query parameter.
|
||||||
|
func csrfTokenFromQuery(param string) csrfTokenExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
token := c.QueryParam(param)
|
||||||
|
if token == "" {
|
||||||
|
return "", errors.New("missing csrf token in the query string")
|
||||||
|
}
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func validateCSRFToken(token, clientToken string) bool {
|
||||||
|
return subtle.ConstantTimeCompare([]byte(token), []byte(clientToken)) == 1
|
||||||
|
}
|
267
vendor/github.com/labstack/echo/v4/middleware/jwt.go
generated
vendored
Normal file
267
vendor/github.com/labstack/echo/v4/middleware/jwt.go
generated
vendored
Normal file
@ -0,0 +1,267 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"reflect"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/dgrijalva/jwt-go"
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// JWTConfig defines the config for JWT middleware.
|
||||||
|
JWTConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// BeforeFunc defines a function which is executed just before the middleware.
|
||||||
|
BeforeFunc BeforeFunc
|
||||||
|
|
||||||
|
// SuccessHandler defines a function which is executed for a valid token.
|
||||||
|
SuccessHandler JWTSuccessHandler
|
||||||
|
|
||||||
|
// ErrorHandler defines a function which is executed for an invalid token.
|
||||||
|
// It may be used to define a custom JWT error.
|
||||||
|
ErrorHandler JWTErrorHandler
|
||||||
|
|
||||||
|
// ErrorHandlerWithContext is almost identical to ErrorHandler, but it's passed the current context.
|
||||||
|
ErrorHandlerWithContext JWTErrorHandlerWithContext
|
||||||
|
|
||||||
|
// Signing key to validate token. Used as fallback if SigningKeys has length 0.
|
||||||
|
// Required. This or SigningKeys.
|
||||||
|
SigningKey interface{}
|
||||||
|
|
||||||
|
// Map of signing keys to validate token with kid field usage.
|
||||||
|
// Required. This or SigningKey.
|
||||||
|
SigningKeys map[string]interface{}
|
||||||
|
|
||||||
|
// Signing method, used to check token signing method.
|
||||||
|
// Optional. Default value HS256.
|
||||||
|
SigningMethod string
|
||||||
|
|
||||||
|
// Context key to store user information from the token into context.
|
||||||
|
// Optional. Default value "user".
|
||||||
|
ContextKey string
|
||||||
|
|
||||||
|
// Claims are extendable claims data defining token content.
|
||||||
|
// Optional. Default value jwt.MapClaims
|
||||||
|
Claims jwt.Claims
|
||||||
|
|
||||||
|
// TokenLookup is a string in the form of "<source>:<name>" that is used
|
||||||
|
// to extract token from the request.
|
||||||
|
// Optional. Default value "header:Authorization".
|
||||||
|
// Possible values:
|
||||||
|
// - "header:<name>"
|
||||||
|
// - "query:<name>"
|
||||||
|
// - "param:<name>"
|
||||||
|
// - "cookie:<name>"
|
||||||
|
TokenLookup string
|
||||||
|
|
||||||
|
// AuthScheme to be used in the Authorization header.
|
||||||
|
// Optional. Default value "Bearer".
|
||||||
|
AuthScheme string
|
||||||
|
|
||||||
|
keyFunc jwt.Keyfunc
|
||||||
|
}
|
||||||
|
|
||||||
|
// JWTSuccessHandler defines a function which is executed for a valid token.
|
||||||
|
JWTSuccessHandler func(echo.Context)
|
||||||
|
|
||||||
|
// JWTErrorHandler defines a function which is executed for an invalid token.
|
||||||
|
JWTErrorHandler func(error) error
|
||||||
|
|
||||||
|
// JWTErrorHandlerWithContext is almost identical to JWTErrorHandler, but it's passed the current context.
|
||||||
|
JWTErrorHandlerWithContext func(error, echo.Context) error
|
||||||
|
|
||||||
|
jwtExtractor func(echo.Context) (string, error)
|
||||||
|
)
|
||||||
|
|
||||||
|
// Algorithms
|
||||||
|
const (
|
||||||
|
AlgorithmHS256 = "HS256"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Errors
|
||||||
|
var (
|
||||||
|
ErrJWTMissing = echo.NewHTTPError(http.StatusBadRequest, "missing or malformed jwt")
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultJWTConfig is the default JWT auth middleware config.
|
||||||
|
DefaultJWTConfig = JWTConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
SigningMethod: AlgorithmHS256,
|
||||||
|
ContextKey: "user",
|
||||||
|
TokenLookup: "header:" + echo.HeaderAuthorization,
|
||||||
|
AuthScheme: "Bearer",
|
||||||
|
Claims: jwt.MapClaims{},
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// JWT returns a JSON Web Token (JWT) auth middleware.
|
||||||
|
//
|
||||||
|
// For valid token, it sets the user in context and calls next handler.
|
||||||
|
// For invalid token, it returns "401 - Unauthorized" error.
|
||||||
|
// For missing token, it returns "400 - Bad Request" error.
|
||||||
|
//
|
||||||
|
// See: https://jwt.io/introduction
|
||||||
|
// See `JWTConfig.TokenLookup`
|
||||||
|
func JWT(key interface{}) echo.MiddlewareFunc {
|
||||||
|
c := DefaultJWTConfig
|
||||||
|
c.SigningKey = key
|
||||||
|
return JWTWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// JWTWithConfig returns a JWT auth middleware with config.
|
||||||
|
// See: `JWT()`.
|
||||||
|
func JWTWithConfig(config JWTConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultJWTConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.SigningKey == nil && len(config.SigningKeys) == 0 {
|
||||||
|
panic("echo: jwt middleware requires signing key")
|
||||||
|
}
|
||||||
|
if config.SigningMethod == "" {
|
||||||
|
config.SigningMethod = DefaultJWTConfig.SigningMethod
|
||||||
|
}
|
||||||
|
if config.ContextKey == "" {
|
||||||
|
config.ContextKey = DefaultJWTConfig.ContextKey
|
||||||
|
}
|
||||||
|
if config.Claims == nil {
|
||||||
|
config.Claims = DefaultJWTConfig.Claims
|
||||||
|
}
|
||||||
|
if config.TokenLookup == "" {
|
||||||
|
config.TokenLookup = DefaultJWTConfig.TokenLookup
|
||||||
|
}
|
||||||
|
if config.AuthScheme == "" {
|
||||||
|
config.AuthScheme = DefaultJWTConfig.AuthScheme
|
||||||
|
}
|
||||||
|
config.keyFunc = func(t *jwt.Token) (interface{}, error) {
|
||||||
|
// Check the signing method
|
||||||
|
if t.Method.Alg() != config.SigningMethod {
|
||||||
|
return nil, fmt.Errorf("unexpected jwt signing method=%v", t.Header["alg"])
|
||||||
|
}
|
||||||
|
if len(config.SigningKeys) > 0 {
|
||||||
|
if kid, ok := t.Header["kid"].(string); ok {
|
||||||
|
if key, ok := config.SigningKeys[kid]; ok {
|
||||||
|
return key, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil, fmt.Errorf("unexpected jwt key id=%v", t.Header["kid"])
|
||||||
|
}
|
||||||
|
|
||||||
|
return config.SigningKey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Initialize
|
||||||
|
parts := strings.Split(config.TokenLookup, ":")
|
||||||
|
extractor := jwtFromHeader(parts[1], config.AuthScheme)
|
||||||
|
switch parts[0] {
|
||||||
|
case "query":
|
||||||
|
extractor = jwtFromQuery(parts[1])
|
||||||
|
case "param":
|
||||||
|
extractor = jwtFromParam(parts[1])
|
||||||
|
case "cookie":
|
||||||
|
extractor = jwtFromCookie(parts[1])
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.BeforeFunc != nil {
|
||||||
|
config.BeforeFunc(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
auth, err := extractor(c)
|
||||||
|
if err != nil {
|
||||||
|
if config.ErrorHandler != nil {
|
||||||
|
return config.ErrorHandler(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.ErrorHandlerWithContext != nil {
|
||||||
|
return config.ErrorHandlerWithContext(err, c)
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
token := new(jwt.Token)
|
||||||
|
// Issue #647, #656
|
||||||
|
if _, ok := config.Claims.(jwt.MapClaims); ok {
|
||||||
|
token, err = jwt.Parse(auth, config.keyFunc)
|
||||||
|
} else {
|
||||||
|
t := reflect.ValueOf(config.Claims).Type().Elem()
|
||||||
|
claims := reflect.New(t).Interface().(jwt.Claims)
|
||||||
|
token, err = jwt.ParseWithClaims(auth, claims, config.keyFunc)
|
||||||
|
}
|
||||||
|
if err == nil && token.Valid {
|
||||||
|
// Store user information from token into context.
|
||||||
|
c.Set(config.ContextKey, token)
|
||||||
|
if config.SuccessHandler != nil {
|
||||||
|
config.SuccessHandler(c)
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
if config.ErrorHandler != nil {
|
||||||
|
return config.ErrorHandler(err)
|
||||||
|
}
|
||||||
|
if config.ErrorHandlerWithContext != nil {
|
||||||
|
return config.ErrorHandlerWithContext(err, c)
|
||||||
|
}
|
||||||
|
return &echo.HTTPError{
|
||||||
|
Code: http.StatusUnauthorized,
|
||||||
|
Message: "invalid or expired jwt",
|
||||||
|
Internal: err,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// jwtFromHeader returns a `jwtExtractor` that extracts token from the request header.
|
||||||
|
func jwtFromHeader(header string, authScheme string) jwtExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
auth := c.Request().Header.Get(header)
|
||||||
|
l := len(authScheme)
|
||||||
|
if len(auth) > l+1 && auth[:l] == authScheme {
|
||||||
|
return auth[l+1:], nil
|
||||||
|
}
|
||||||
|
return "", ErrJWTMissing
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// jwtFromQuery returns a `jwtExtractor` that extracts token from the query string.
|
||||||
|
func jwtFromQuery(param string) jwtExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
token := c.QueryParam(param)
|
||||||
|
if token == "" {
|
||||||
|
return "", ErrJWTMissing
|
||||||
|
}
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// jwtFromParam returns a `jwtExtractor` that extracts token from the url param string.
|
||||||
|
func jwtFromParam(param string) jwtExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
token := c.Param(param)
|
||||||
|
if token == "" {
|
||||||
|
return "", ErrJWTMissing
|
||||||
|
}
|
||||||
|
return token, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// jwtFromCookie returns a `jwtExtractor` that extracts token from the named cookie.
|
||||||
|
func jwtFromCookie(name string) jwtExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
cookie, err := c.Cookie(name)
|
||||||
|
if err != nil {
|
||||||
|
return "", ErrJWTMissing
|
||||||
|
}
|
||||||
|
return cookie.Value, nil
|
||||||
|
}
|
||||||
|
}
|
153
vendor/github.com/labstack/echo/v4/middleware/key_auth.go
generated
vendored
Normal file
153
vendor/github.com/labstack/echo/v4/middleware/key_auth.go
generated
vendored
Normal file
@ -0,0 +1,153 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"errors"
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// KeyAuthConfig defines the config for KeyAuth middleware.
|
||||||
|
KeyAuthConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// KeyLookup is a string in the form of "<source>:<name>" that is used
|
||||||
|
// to extract key from the request.
|
||||||
|
// Optional. Default value "header:Authorization".
|
||||||
|
// Possible values:
|
||||||
|
// - "header:<name>"
|
||||||
|
// - "query:<name>"
|
||||||
|
// - "form:<name>"
|
||||||
|
KeyLookup string `yaml:"key_lookup"`
|
||||||
|
|
||||||
|
// AuthScheme to be used in the Authorization header.
|
||||||
|
// Optional. Default value "Bearer".
|
||||||
|
AuthScheme string
|
||||||
|
|
||||||
|
// Validator is a function to validate key.
|
||||||
|
// Required.
|
||||||
|
Validator KeyAuthValidator
|
||||||
|
}
|
||||||
|
|
||||||
|
// KeyAuthValidator defines a function to validate KeyAuth credentials.
|
||||||
|
KeyAuthValidator func(string, echo.Context) (bool, error)
|
||||||
|
|
||||||
|
keyExtractor func(echo.Context) (string, error)
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultKeyAuthConfig is the default KeyAuth middleware config.
|
||||||
|
DefaultKeyAuthConfig = KeyAuthConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
KeyLookup: "header:" + echo.HeaderAuthorization,
|
||||||
|
AuthScheme: "Bearer",
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// KeyAuth returns an KeyAuth middleware.
|
||||||
|
//
|
||||||
|
// For valid key it calls the next handler.
|
||||||
|
// For invalid key, it sends "401 - Unauthorized" response.
|
||||||
|
// For missing key, it sends "400 - Bad Request" response.
|
||||||
|
func KeyAuth(fn KeyAuthValidator) echo.MiddlewareFunc {
|
||||||
|
c := DefaultKeyAuthConfig
|
||||||
|
c.Validator = fn
|
||||||
|
return KeyAuthWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// KeyAuthWithConfig returns an KeyAuth middleware with config.
|
||||||
|
// See `KeyAuth()`.
|
||||||
|
func KeyAuthWithConfig(config KeyAuthConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultKeyAuthConfig.Skipper
|
||||||
|
}
|
||||||
|
// Defaults
|
||||||
|
if config.AuthScheme == "" {
|
||||||
|
config.AuthScheme = DefaultKeyAuthConfig.AuthScheme
|
||||||
|
}
|
||||||
|
if config.KeyLookup == "" {
|
||||||
|
config.KeyLookup = DefaultKeyAuthConfig.KeyLookup
|
||||||
|
}
|
||||||
|
if config.Validator == nil {
|
||||||
|
panic("echo: key-auth middleware requires a validator function")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Initialize
|
||||||
|
parts := strings.Split(config.KeyLookup, ":")
|
||||||
|
extractor := keyFromHeader(parts[1], config.AuthScheme)
|
||||||
|
switch parts[0] {
|
||||||
|
case "query":
|
||||||
|
extractor = keyFromQuery(parts[1])
|
||||||
|
case "form":
|
||||||
|
extractor = keyFromForm(parts[1])
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Extract and verify key
|
||||||
|
key, err := extractor(c)
|
||||||
|
if err != nil {
|
||||||
|
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
|
||||||
|
}
|
||||||
|
valid, err := config.Validator(key, c)
|
||||||
|
if err != nil {
|
||||||
|
return &echo.HTTPError{
|
||||||
|
Code: http.StatusUnauthorized,
|
||||||
|
Message: "invalid key",
|
||||||
|
Internal: err,
|
||||||
|
}
|
||||||
|
} else if valid {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
return echo.ErrUnauthorized
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// keyFromHeader returns a `keyExtractor` that extracts key from the request header.
|
||||||
|
func keyFromHeader(header string, authScheme string) keyExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
auth := c.Request().Header.Get(header)
|
||||||
|
if auth == "" {
|
||||||
|
return "", errors.New("missing key in request header")
|
||||||
|
}
|
||||||
|
if header == echo.HeaderAuthorization {
|
||||||
|
l := len(authScheme)
|
||||||
|
if len(auth) > l+1 && auth[:l] == authScheme {
|
||||||
|
return auth[l+1:], nil
|
||||||
|
}
|
||||||
|
return "", errors.New("invalid key in the request header")
|
||||||
|
}
|
||||||
|
return auth, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// keyFromQuery returns a `keyExtractor` that extracts key from the query string.
|
||||||
|
func keyFromQuery(param string) keyExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
key := c.QueryParam(param)
|
||||||
|
if key == "" {
|
||||||
|
return "", errors.New("missing key in the query string")
|
||||||
|
}
|
||||||
|
return key, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// keyFromForm returns a `keyExtractor` that extracts key from the form.
|
||||||
|
func keyFromForm(param string) keyExtractor {
|
||||||
|
return func(c echo.Context) (string, error) {
|
||||||
|
key := c.FormValue(param)
|
||||||
|
if key == "" {
|
||||||
|
return "", errors.New("missing key in the form")
|
||||||
|
}
|
||||||
|
return key, nil
|
||||||
|
}
|
||||||
|
}
|
223
vendor/github.com/labstack/echo/v4/middleware/logger.go
generated
vendored
Normal file
223
vendor/github.com/labstack/echo/v4/middleware/logger.go
generated
vendored
Normal file
@ -0,0 +1,223 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"bytes"
|
||||||
|
"encoding/json"
|
||||||
|
"io"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
"sync"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
"github.com/labstack/gommon/color"
|
||||||
|
"github.com/valyala/fasttemplate"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// LoggerConfig defines the config for Logger middleware.
|
||||||
|
LoggerConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Tags to construct the logger format.
|
||||||
|
//
|
||||||
|
// - time_unix
|
||||||
|
// - time_unix_nano
|
||||||
|
// - time_rfc3339
|
||||||
|
// - time_rfc3339_nano
|
||||||
|
// - time_custom
|
||||||
|
// - id (Request ID)
|
||||||
|
// - remote_ip
|
||||||
|
// - uri
|
||||||
|
// - host
|
||||||
|
// - method
|
||||||
|
// - path
|
||||||
|
// - protocol
|
||||||
|
// - referer
|
||||||
|
// - user_agent
|
||||||
|
// - status
|
||||||
|
// - error
|
||||||
|
// - latency (In nanoseconds)
|
||||||
|
// - latency_human (Human readable)
|
||||||
|
// - bytes_in (Bytes received)
|
||||||
|
// - bytes_out (Bytes sent)
|
||||||
|
// - header:<NAME>
|
||||||
|
// - query:<NAME>
|
||||||
|
// - form:<NAME>
|
||||||
|
//
|
||||||
|
// Example "${remote_ip} ${status}"
|
||||||
|
//
|
||||||
|
// Optional. Default value DefaultLoggerConfig.Format.
|
||||||
|
Format string `yaml:"format"`
|
||||||
|
|
||||||
|
// Optional. Default value DefaultLoggerConfig.CustomTimeFormat.
|
||||||
|
CustomTimeFormat string `yaml:"custom_time_format"`
|
||||||
|
|
||||||
|
// Output is a writer where logs in JSON format are written.
|
||||||
|
// Optional. Default value os.Stdout.
|
||||||
|
Output io.Writer
|
||||||
|
|
||||||
|
template *fasttemplate.Template
|
||||||
|
colorer *color.Color
|
||||||
|
pool *sync.Pool
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultLoggerConfig is the default Logger middleware config.
|
||||||
|
DefaultLoggerConfig = LoggerConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Format: `{"time":"${time_rfc3339_nano}","id":"${id}","remote_ip":"${remote_ip}",` +
|
||||||
|
`"host":"${host}","method":"${method}","uri":"${uri}","user_agent":"${user_agent}",` +
|
||||||
|
`"status":${status},"error":"${error}","latency":${latency},"latency_human":"${latency_human}"` +
|
||||||
|
`,"bytes_in":${bytes_in},"bytes_out":${bytes_out}}` + "\n",
|
||||||
|
CustomTimeFormat: "2006-01-02 15:04:05.00000",
|
||||||
|
colorer: color.New(),
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Logger returns a middleware that logs HTTP requests.
|
||||||
|
func Logger() echo.MiddlewareFunc {
|
||||||
|
return LoggerWithConfig(DefaultLoggerConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// LoggerWithConfig returns a Logger middleware with config.
|
||||||
|
// See: `Logger()`.
|
||||||
|
func LoggerWithConfig(config LoggerConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultLoggerConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Format == "" {
|
||||||
|
config.Format = DefaultLoggerConfig.Format
|
||||||
|
}
|
||||||
|
if config.Output == nil {
|
||||||
|
config.Output = DefaultLoggerConfig.Output
|
||||||
|
}
|
||||||
|
|
||||||
|
config.template = fasttemplate.New(config.Format, "${", "}")
|
||||||
|
config.colorer = color.New()
|
||||||
|
config.colorer.SetOutput(config.Output)
|
||||||
|
config.pool = &sync.Pool{
|
||||||
|
New: func() interface{} {
|
||||||
|
return bytes.NewBuffer(make([]byte, 256))
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) (err error) {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
res := c.Response()
|
||||||
|
start := time.Now()
|
||||||
|
if err = next(c); err != nil {
|
||||||
|
c.Error(err)
|
||||||
|
}
|
||||||
|
stop := time.Now()
|
||||||
|
buf := config.pool.Get().(*bytes.Buffer)
|
||||||
|
buf.Reset()
|
||||||
|
defer config.pool.Put(buf)
|
||||||
|
|
||||||
|
if _, err = config.template.ExecuteFunc(buf, func(w io.Writer, tag string) (int, error) {
|
||||||
|
switch tag {
|
||||||
|
case "time_unix":
|
||||||
|
return buf.WriteString(strconv.FormatInt(time.Now().Unix(), 10))
|
||||||
|
case "time_unix_nano":
|
||||||
|
return buf.WriteString(strconv.FormatInt(time.Now().UnixNano(), 10))
|
||||||
|
case "time_rfc3339":
|
||||||
|
return buf.WriteString(time.Now().Format(time.RFC3339))
|
||||||
|
case "time_rfc3339_nano":
|
||||||
|
return buf.WriteString(time.Now().Format(time.RFC3339Nano))
|
||||||
|
case "time_custom":
|
||||||
|
return buf.WriteString(time.Now().Format(config.CustomTimeFormat))
|
||||||
|
case "id":
|
||||||
|
id := req.Header.Get(echo.HeaderXRequestID)
|
||||||
|
if id == "" {
|
||||||
|
id = res.Header().Get(echo.HeaderXRequestID)
|
||||||
|
}
|
||||||
|
return buf.WriteString(id)
|
||||||
|
case "remote_ip":
|
||||||
|
return buf.WriteString(c.RealIP())
|
||||||
|
case "host":
|
||||||
|
return buf.WriteString(req.Host)
|
||||||
|
case "uri":
|
||||||
|
return buf.WriteString(req.RequestURI)
|
||||||
|
case "method":
|
||||||
|
return buf.WriteString(req.Method)
|
||||||
|
case "path":
|
||||||
|
p := req.URL.Path
|
||||||
|
if p == "" {
|
||||||
|
p = "/"
|
||||||
|
}
|
||||||
|
return buf.WriteString(p)
|
||||||
|
case "protocol":
|
||||||
|
return buf.WriteString(req.Proto)
|
||||||
|
case "referer":
|
||||||
|
return buf.WriteString(req.Referer())
|
||||||
|
case "user_agent":
|
||||||
|
return buf.WriteString(req.UserAgent())
|
||||||
|
case "status":
|
||||||
|
n := res.Status
|
||||||
|
s := config.colorer.Green(n)
|
||||||
|
switch {
|
||||||
|
case n >= 500:
|
||||||
|
s = config.colorer.Red(n)
|
||||||
|
case n >= 400:
|
||||||
|
s = config.colorer.Yellow(n)
|
||||||
|
case n >= 300:
|
||||||
|
s = config.colorer.Cyan(n)
|
||||||
|
}
|
||||||
|
return buf.WriteString(s)
|
||||||
|
case "error":
|
||||||
|
if err != nil {
|
||||||
|
// Error may contain invalid JSON e.g. `"`
|
||||||
|
b, _ := json.Marshal(err.Error())
|
||||||
|
b = b[1 : len(b)-1]
|
||||||
|
return buf.Write(b)
|
||||||
|
}
|
||||||
|
case "latency":
|
||||||
|
l := stop.Sub(start)
|
||||||
|
return buf.WriteString(strconv.FormatInt(int64(l), 10))
|
||||||
|
case "latency_human":
|
||||||
|
return buf.WriteString(stop.Sub(start).String())
|
||||||
|
case "bytes_in":
|
||||||
|
cl := req.Header.Get(echo.HeaderContentLength)
|
||||||
|
if cl == "" {
|
||||||
|
cl = "0"
|
||||||
|
}
|
||||||
|
return buf.WriteString(cl)
|
||||||
|
case "bytes_out":
|
||||||
|
return buf.WriteString(strconv.FormatInt(res.Size, 10))
|
||||||
|
default:
|
||||||
|
switch {
|
||||||
|
case strings.HasPrefix(tag, "header:"):
|
||||||
|
return buf.Write([]byte(c.Request().Header.Get(tag[7:])))
|
||||||
|
case strings.HasPrefix(tag, "query:"):
|
||||||
|
return buf.Write([]byte(c.QueryParam(tag[6:])))
|
||||||
|
case strings.HasPrefix(tag, "form:"):
|
||||||
|
return buf.Write([]byte(c.FormValue(tag[5:])))
|
||||||
|
case strings.HasPrefix(tag, "cookie:"):
|
||||||
|
cookie, err := c.Cookie(tag[7:])
|
||||||
|
if err == nil {
|
||||||
|
return buf.Write([]byte(cookie.Value))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0, nil
|
||||||
|
}); err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if config.Output == nil {
|
||||||
|
_, err = c.Logger().Output().Write(buf.Bytes())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
_, err = config.Output.Write(buf.Bytes())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
92
vendor/github.com/labstack/echo/v4/middleware/method_override.go
generated
vendored
Normal file
92
vendor/github.com/labstack/echo/v4/middleware/method_override.go
generated
vendored
Normal file
@ -0,0 +1,92 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// MethodOverrideConfig defines the config for MethodOverride middleware.
|
||||||
|
MethodOverrideConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Getter is a function that gets overridden method from the request.
|
||||||
|
// Optional. Default values MethodFromHeader(echo.HeaderXHTTPMethodOverride).
|
||||||
|
Getter MethodOverrideGetter
|
||||||
|
}
|
||||||
|
|
||||||
|
// MethodOverrideGetter is a function that gets overridden method from the request
|
||||||
|
MethodOverrideGetter func(echo.Context) string
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultMethodOverrideConfig is the default MethodOverride middleware config.
|
||||||
|
DefaultMethodOverrideConfig = MethodOverrideConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Getter: MethodFromHeader(echo.HeaderXHTTPMethodOverride),
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// MethodOverride returns a MethodOverride middleware.
|
||||||
|
// MethodOverride middleware checks for the overridden method from the request and
|
||||||
|
// uses it instead of the original method.
|
||||||
|
//
|
||||||
|
// For security reasons, only `POST` method can be overridden.
|
||||||
|
func MethodOverride() echo.MiddlewareFunc {
|
||||||
|
return MethodOverrideWithConfig(DefaultMethodOverrideConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// MethodOverrideWithConfig returns a MethodOverride middleware with config.
|
||||||
|
// See: `MethodOverride()`.
|
||||||
|
func MethodOverrideWithConfig(config MethodOverrideConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultMethodOverrideConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Getter == nil {
|
||||||
|
config.Getter = DefaultMethodOverrideConfig.Getter
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
if req.Method == http.MethodPost {
|
||||||
|
m := config.Getter(c)
|
||||||
|
if m != "" {
|
||||||
|
req.Method = m
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// MethodFromHeader is a `MethodOverrideGetter` that gets overridden method from
|
||||||
|
// the request header.
|
||||||
|
func MethodFromHeader(header string) MethodOverrideGetter {
|
||||||
|
return func(c echo.Context) string {
|
||||||
|
return c.Request().Header.Get(header)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// MethodFromForm is a `MethodOverrideGetter` that gets overridden method from the
|
||||||
|
// form parameter.
|
||||||
|
func MethodFromForm(param string) MethodOverrideGetter {
|
||||||
|
return func(c echo.Context) string {
|
||||||
|
return c.FormValue(param)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// MethodFromQuery is a `MethodOverrideGetter` that gets overridden method from
|
||||||
|
// the query parameter.
|
||||||
|
func MethodFromQuery(param string) MethodOverrideGetter {
|
||||||
|
return func(c echo.Context) string {
|
||||||
|
return c.QueryParam(param)
|
||||||
|
}
|
||||||
|
}
|
38
vendor/github.com/labstack/echo/v4/middleware/middleware.go
generated
vendored
Normal file
38
vendor/github.com/labstack/echo/v4/middleware/middleware.go
generated
vendored
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"regexp"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// Skipper defines a function to skip middleware. Returning true skips processing
|
||||||
|
// the middleware.
|
||||||
|
Skipper func(echo.Context) bool
|
||||||
|
|
||||||
|
// BeforeFunc defines a function which is executed just before the middleware.
|
||||||
|
BeforeFunc func(echo.Context)
|
||||||
|
)
|
||||||
|
|
||||||
|
func captureTokens(pattern *regexp.Regexp, input string) *strings.Replacer {
|
||||||
|
groups := pattern.FindAllStringSubmatch(input, -1)
|
||||||
|
if groups == nil {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
values := groups[0][1:]
|
||||||
|
replace := make([]string, 2*len(values))
|
||||||
|
for i, v := range values {
|
||||||
|
j := 2 * i
|
||||||
|
replace[j] = "$" + strconv.Itoa(i+1)
|
||||||
|
replace[j+1] = v
|
||||||
|
}
|
||||||
|
return strings.NewReplacer(replace...)
|
||||||
|
}
|
||||||
|
|
||||||
|
// DefaultSkipper returns false which processes the middleware.
|
||||||
|
func DefaultSkipper(echo.Context) bool {
|
||||||
|
return false
|
||||||
|
}
|
259
vendor/github.com/labstack/echo/v4/middleware/proxy.go
generated
vendored
Normal file
259
vendor/github.com/labstack/echo/v4/middleware/proxy.go
generated
vendored
Normal file
@ -0,0 +1,259 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"math/rand"
|
||||||
|
"net"
|
||||||
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"regexp"
|
||||||
|
"strings"
|
||||||
|
"sync"
|
||||||
|
"sync/atomic"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
// TODO: Handle TLS proxy
|
||||||
|
|
||||||
|
type (
|
||||||
|
// ProxyConfig defines the config for Proxy middleware.
|
||||||
|
ProxyConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Balancer defines a load balancing technique.
|
||||||
|
// Required.
|
||||||
|
Balancer ProxyBalancer
|
||||||
|
|
||||||
|
// Rewrite defines URL path rewrite rules. The values captured in asterisk can be
|
||||||
|
// retrieved by index e.g. $1, $2 and so on.
|
||||||
|
// Examples:
|
||||||
|
// "/old": "/new",
|
||||||
|
// "/api/*": "/$1",
|
||||||
|
// "/js/*": "/public/javascripts/$1",
|
||||||
|
// "/users/*/orders/*": "/user/$1/order/$2",
|
||||||
|
Rewrite map[string]string
|
||||||
|
|
||||||
|
// Context key to store selected ProxyTarget into context.
|
||||||
|
// Optional. Default value "target".
|
||||||
|
ContextKey string
|
||||||
|
|
||||||
|
// To customize the transport to remote.
|
||||||
|
// Examples: If custom TLS certificates are required.
|
||||||
|
Transport http.RoundTripper
|
||||||
|
|
||||||
|
rewriteRegex map[*regexp.Regexp]string
|
||||||
|
}
|
||||||
|
|
||||||
|
// ProxyTarget defines the upstream target.
|
||||||
|
ProxyTarget struct {
|
||||||
|
Name string
|
||||||
|
URL *url.URL
|
||||||
|
Meta echo.Map
|
||||||
|
}
|
||||||
|
|
||||||
|
// ProxyBalancer defines an interface to implement a load balancing technique.
|
||||||
|
ProxyBalancer interface {
|
||||||
|
AddTarget(*ProxyTarget) bool
|
||||||
|
RemoveTarget(string) bool
|
||||||
|
Next(echo.Context) *ProxyTarget
|
||||||
|
}
|
||||||
|
|
||||||
|
commonBalancer struct {
|
||||||
|
targets []*ProxyTarget
|
||||||
|
mutex sync.RWMutex
|
||||||
|
}
|
||||||
|
|
||||||
|
// RandomBalancer implements a random load balancing technique.
|
||||||
|
randomBalancer struct {
|
||||||
|
*commonBalancer
|
||||||
|
random *rand.Rand
|
||||||
|
}
|
||||||
|
|
||||||
|
// RoundRobinBalancer implements a round-robin load balancing technique.
|
||||||
|
roundRobinBalancer struct {
|
||||||
|
*commonBalancer
|
||||||
|
i uint32
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultProxyConfig is the default Proxy middleware config.
|
||||||
|
DefaultProxyConfig = ProxyConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
ContextKey: "target",
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
func proxyRaw(t *ProxyTarget, c echo.Context) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
in, _, err := c.Response().Hijack()
|
||||||
|
if err != nil {
|
||||||
|
c.Set("_error", fmt.Sprintf("proxy raw, hijack error=%v, url=%s", t.URL, err))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer in.Close()
|
||||||
|
|
||||||
|
out, err := net.Dial("tcp", t.URL.Host)
|
||||||
|
if err != nil {
|
||||||
|
c.Set("_error", echo.NewHTTPError(http.StatusBadGateway, fmt.Sprintf("proxy raw, dial error=%v, url=%s", t.URL, err)))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer out.Close()
|
||||||
|
|
||||||
|
// Write header
|
||||||
|
err = r.Write(out)
|
||||||
|
if err != nil {
|
||||||
|
c.Set("_error", echo.NewHTTPError(http.StatusBadGateway, fmt.Sprintf("proxy raw, request header copy error=%v, url=%s", t.URL, err)))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
errCh := make(chan error, 2)
|
||||||
|
cp := func(dst io.Writer, src io.Reader) {
|
||||||
|
_, err = io.Copy(dst, src)
|
||||||
|
errCh <- err
|
||||||
|
}
|
||||||
|
|
||||||
|
go cp(out, in)
|
||||||
|
go cp(in, out)
|
||||||
|
err = <-errCh
|
||||||
|
if err != nil && err != io.EOF {
|
||||||
|
c.Set("_error", fmt.Errorf("proxy raw, copy body error=%v, url=%s", t.URL, err))
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewRandomBalancer returns a random proxy balancer.
|
||||||
|
func NewRandomBalancer(targets []*ProxyTarget) ProxyBalancer {
|
||||||
|
b := &randomBalancer{commonBalancer: new(commonBalancer)}
|
||||||
|
b.targets = targets
|
||||||
|
return b
|
||||||
|
}
|
||||||
|
|
||||||
|
// NewRoundRobinBalancer returns a round-robin proxy balancer.
|
||||||
|
func NewRoundRobinBalancer(targets []*ProxyTarget) ProxyBalancer {
|
||||||
|
b := &roundRobinBalancer{commonBalancer: new(commonBalancer)}
|
||||||
|
b.targets = targets
|
||||||
|
return b
|
||||||
|
}
|
||||||
|
|
||||||
|
// AddTarget adds an upstream target to the list.
|
||||||
|
func (b *commonBalancer) AddTarget(target *ProxyTarget) bool {
|
||||||
|
for _, t := range b.targets {
|
||||||
|
if t.Name == target.Name {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
b.mutex.Lock()
|
||||||
|
defer b.mutex.Unlock()
|
||||||
|
b.targets = append(b.targets, target)
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
// RemoveTarget removes an upstream target from the list.
|
||||||
|
func (b *commonBalancer) RemoveTarget(name string) bool {
|
||||||
|
b.mutex.Lock()
|
||||||
|
defer b.mutex.Unlock()
|
||||||
|
for i, t := range b.targets {
|
||||||
|
if t.Name == name {
|
||||||
|
b.targets = append(b.targets[:i], b.targets[i+1:]...)
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
// Next randomly returns an upstream target.
|
||||||
|
func (b *randomBalancer) Next(c echo.Context) *ProxyTarget {
|
||||||
|
if b.random == nil {
|
||||||
|
b.random = rand.New(rand.NewSource(int64(time.Now().Nanosecond())))
|
||||||
|
}
|
||||||
|
b.mutex.RLock()
|
||||||
|
defer b.mutex.RUnlock()
|
||||||
|
return b.targets[b.random.Intn(len(b.targets))]
|
||||||
|
}
|
||||||
|
|
||||||
|
// Next returns an upstream target using round-robin technique.
|
||||||
|
func (b *roundRobinBalancer) Next(c echo.Context) *ProxyTarget {
|
||||||
|
b.i = b.i % uint32(len(b.targets))
|
||||||
|
t := b.targets[b.i]
|
||||||
|
atomic.AddUint32(&b.i, 1)
|
||||||
|
return t
|
||||||
|
}
|
||||||
|
|
||||||
|
// Proxy returns a Proxy middleware.
|
||||||
|
//
|
||||||
|
// Proxy middleware forwards the request to upstream server using a configured load balancing technique.
|
||||||
|
func Proxy(balancer ProxyBalancer) echo.MiddlewareFunc {
|
||||||
|
c := DefaultProxyConfig
|
||||||
|
c.Balancer = balancer
|
||||||
|
return ProxyWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// ProxyWithConfig returns a Proxy middleware with config.
|
||||||
|
// See: `Proxy()`
|
||||||
|
func ProxyWithConfig(config ProxyConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultProxyConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Balancer == nil {
|
||||||
|
panic("echo: proxy middleware requires balancer")
|
||||||
|
}
|
||||||
|
config.rewriteRegex = map[*regexp.Regexp]string{}
|
||||||
|
|
||||||
|
// Initialize
|
||||||
|
for k, v := range config.Rewrite {
|
||||||
|
k = strings.Replace(k, "*", "(\\S*)", -1)
|
||||||
|
config.rewriteRegex[regexp.MustCompile(k)] = v
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) (err error) {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
res := c.Response()
|
||||||
|
tgt := config.Balancer.Next(c)
|
||||||
|
c.Set(config.ContextKey, tgt)
|
||||||
|
|
||||||
|
// Rewrite
|
||||||
|
for k, v := range config.rewriteRegex {
|
||||||
|
replacer := captureTokens(k, req.URL.Path)
|
||||||
|
if replacer != nil {
|
||||||
|
req.URL.Path = replacer.Replace(v)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Fix header
|
||||||
|
if req.Header.Get(echo.HeaderXRealIP) == "" {
|
||||||
|
req.Header.Set(echo.HeaderXRealIP, c.RealIP())
|
||||||
|
}
|
||||||
|
if req.Header.Get(echo.HeaderXForwardedProto) == "" {
|
||||||
|
req.Header.Set(echo.HeaderXForwardedProto, c.Scheme())
|
||||||
|
}
|
||||||
|
if c.IsWebSocket() && req.Header.Get(echo.HeaderXForwardedFor) == "" { // For HTTP, it is automatically set by Go HTTP reverse proxy.
|
||||||
|
req.Header.Set(echo.HeaderXForwardedFor, c.RealIP())
|
||||||
|
}
|
||||||
|
|
||||||
|
// Proxy
|
||||||
|
switch {
|
||||||
|
case c.IsWebSocket():
|
||||||
|
proxyRaw(tgt, c).ServeHTTP(res, req)
|
||||||
|
case req.Header.Get(echo.HeaderAccept) == "text/event-stream":
|
||||||
|
default:
|
||||||
|
proxyHTTP(tgt, c, config).ServeHTTP(res, req)
|
||||||
|
}
|
||||||
|
if e, ok := c.Get("_error").(error); ok {
|
||||||
|
err = e
|
||||||
|
}
|
||||||
|
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
24
vendor/github.com/labstack/echo/v4/middleware/proxy_1_11.go
generated
vendored
Normal file
24
vendor/github.com/labstack/echo/v4/middleware/proxy_1_11.go
generated
vendored
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
// +build go1.11
|
||||||
|
|
||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"net/http"
|
||||||
|
"net/http/httputil"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
func proxyHTTP(tgt *ProxyTarget, c echo.Context, config ProxyConfig) http.Handler {
|
||||||
|
proxy := httputil.NewSingleHostReverseProxy(tgt.URL)
|
||||||
|
proxy.ErrorHandler = func(resp http.ResponseWriter, req *http.Request, err error) {
|
||||||
|
desc := tgt.URL.String()
|
||||||
|
if tgt.Name != "" {
|
||||||
|
desc = fmt.Sprintf("%s(%s)", tgt.Name, tgt.URL.String())
|
||||||
|
}
|
||||||
|
c.Set("_error", echo.NewHTTPError(http.StatusBadGateway, fmt.Sprintf("remote %s unreachable, could not forward: %v", desc, err)))
|
||||||
|
}
|
||||||
|
proxy.Transport = config.Transport
|
||||||
|
return proxy
|
||||||
|
}
|
14
vendor/github.com/labstack/echo/v4/middleware/proxy_1_11_n.go
generated
vendored
Normal file
14
vendor/github.com/labstack/echo/v4/middleware/proxy_1_11_n.go
generated
vendored
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
// +build !go1.11
|
||||||
|
|
||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"net/http/httputil"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
func proxyHTTP(t *ProxyTarget, c echo.Context, config ProxyConfig) http.Handler {
|
||||||
|
return httputil.NewSingleHostReverseProxy(t.URL)
|
||||||
|
}
|
81
vendor/github.com/labstack/echo/v4/middleware/recover.go
generated
vendored
Normal file
81
vendor/github.com/labstack/echo/v4/middleware/recover.go
generated
vendored
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"runtime"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// RecoverConfig defines the config for Recover middleware.
|
||||||
|
RecoverConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Size of the stack to be printed.
|
||||||
|
// Optional. Default value 4KB.
|
||||||
|
StackSize int `yaml:"stack_size"`
|
||||||
|
|
||||||
|
// DisableStackAll disables formatting stack traces of all other goroutines
|
||||||
|
// into buffer after the trace for the current goroutine.
|
||||||
|
// Optional. Default value false.
|
||||||
|
DisableStackAll bool `yaml:"disable_stack_all"`
|
||||||
|
|
||||||
|
// DisablePrintStack disables printing stack trace.
|
||||||
|
// Optional. Default value as false.
|
||||||
|
DisablePrintStack bool `yaml:"disable_print_stack"`
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultRecoverConfig is the default Recover middleware config.
|
||||||
|
DefaultRecoverConfig = RecoverConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
StackSize: 4 << 10, // 4 KB
|
||||||
|
DisableStackAll: false,
|
||||||
|
DisablePrintStack: false,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Recover returns a middleware which recovers from panics anywhere in the chain
|
||||||
|
// and handles the control to the centralized HTTPErrorHandler.
|
||||||
|
func Recover() echo.MiddlewareFunc {
|
||||||
|
return RecoverWithConfig(DefaultRecoverConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// RecoverWithConfig returns a Recover middleware with config.
|
||||||
|
// See: `Recover()`.
|
||||||
|
func RecoverWithConfig(config RecoverConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultRecoverConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.StackSize == 0 {
|
||||||
|
config.StackSize = DefaultRecoverConfig.StackSize
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
defer func() {
|
||||||
|
if r := recover(); r != nil {
|
||||||
|
err, ok := r.(error)
|
||||||
|
if !ok {
|
||||||
|
err = fmt.Errorf("%v", r)
|
||||||
|
}
|
||||||
|
stack := make([]byte, config.StackSize)
|
||||||
|
length := runtime.Stack(stack, !config.DisableStackAll)
|
||||||
|
if !config.DisablePrintStack {
|
||||||
|
c.Logger().Printf("[PANIC RECOVER] %v %s\n", err, stack[:length])
|
||||||
|
}
|
||||||
|
c.Error(err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
153
vendor/github.com/labstack/echo/v4/middleware/redirect.go
generated
vendored
Normal file
153
vendor/github.com/labstack/echo/v4/middleware/redirect.go
generated
vendored
Normal file
@ -0,0 +1,153 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
// RedirectConfig defines the config for Redirect middleware.
|
||||||
|
type RedirectConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper
|
||||||
|
|
||||||
|
// Status code to be used when redirecting the request.
|
||||||
|
// Optional. Default value http.StatusMovedPermanently.
|
||||||
|
Code int `yaml:"code"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// redirectLogic represents a function that given a scheme, host and uri
|
||||||
|
// can both: 1) determine if redirect is needed (will set ok accordingly) and
|
||||||
|
// 2) return the appropriate redirect url.
|
||||||
|
type redirectLogic func(scheme, host, uri string) (ok bool, url string)
|
||||||
|
|
||||||
|
const www = "www."
|
||||||
|
|
||||||
|
// DefaultRedirectConfig is the default Redirect middleware config.
|
||||||
|
var DefaultRedirectConfig = RedirectConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Code: http.StatusMovedPermanently,
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSRedirect redirects http requests to https.
|
||||||
|
// For example, http://labstack.com will be redirect to https://labstack.com.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(HTTPSRedirect())`
|
||||||
|
func HTTPSRedirect() echo.MiddlewareFunc {
|
||||||
|
return HTTPSRedirectWithConfig(DefaultRedirectConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSRedirectWithConfig returns an HTTPSRedirect middleware with config.
|
||||||
|
// See `HTTPSRedirect()`.
|
||||||
|
func HTTPSRedirectWithConfig(config RedirectConfig) echo.MiddlewareFunc {
|
||||||
|
return redirect(config, func(scheme, host, uri string) (ok bool, url string) {
|
||||||
|
if ok = scheme != "https"; ok {
|
||||||
|
url = "https://" + host + uri
|
||||||
|
}
|
||||||
|
return
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSWWWRedirect redirects http requests to https www.
|
||||||
|
// For example, http://labstack.com will be redirect to https://www.labstack.com.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(HTTPSWWWRedirect())`
|
||||||
|
func HTTPSWWWRedirect() echo.MiddlewareFunc {
|
||||||
|
return HTTPSWWWRedirectWithConfig(DefaultRedirectConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSWWWRedirectWithConfig returns an HTTPSRedirect middleware with config.
|
||||||
|
// See `HTTPSWWWRedirect()`.
|
||||||
|
func HTTPSWWWRedirectWithConfig(config RedirectConfig) echo.MiddlewareFunc {
|
||||||
|
return redirect(config, func(scheme, host, uri string) (ok bool, url string) {
|
||||||
|
if ok = scheme != "https" && host[:4] != www; ok {
|
||||||
|
url = "https://www." + host + uri
|
||||||
|
}
|
||||||
|
return
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSNonWWWRedirect redirects http requests to https non www.
|
||||||
|
// For example, http://www.labstack.com will be redirect to https://labstack.com.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(HTTPSNonWWWRedirect())`
|
||||||
|
func HTTPSNonWWWRedirect() echo.MiddlewareFunc {
|
||||||
|
return HTTPSNonWWWRedirectWithConfig(DefaultRedirectConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// HTTPSNonWWWRedirectWithConfig returns an HTTPSRedirect middleware with config.
|
||||||
|
// See `HTTPSNonWWWRedirect()`.
|
||||||
|
func HTTPSNonWWWRedirectWithConfig(config RedirectConfig) echo.MiddlewareFunc {
|
||||||
|
return redirect(config, func(scheme, host, uri string) (ok bool, url string) {
|
||||||
|
if ok = scheme != "https"; ok {
|
||||||
|
if host[:4] == www {
|
||||||
|
host = host[4:]
|
||||||
|
}
|
||||||
|
url = "https://" + host + uri
|
||||||
|
}
|
||||||
|
return
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// WWWRedirect redirects non www requests to www.
|
||||||
|
// For example, http://labstack.com will be redirect to http://www.labstack.com.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(WWWRedirect())`
|
||||||
|
func WWWRedirect() echo.MiddlewareFunc {
|
||||||
|
return WWWRedirectWithConfig(DefaultRedirectConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// WWWRedirectWithConfig returns an HTTPSRedirect middleware with config.
|
||||||
|
// See `WWWRedirect()`.
|
||||||
|
func WWWRedirectWithConfig(config RedirectConfig) echo.MiddlewareFunc {
|
||||||
|
return redirect(config, func(scheme, host, uri string) (ok bool, url string) {
|
||||||
|
if ok = host[:4] != www; ok {
|
||||||
|
url = scheme + "://www." + host + uri
|
||||||
|
}
|
||||||
|
return
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
// NonWWWRedirect redirects www requests to non www.
|
||||||
|
// For example, http://www.labstack.com will be redirect to http://labstack.com.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(NonWWWRedirect())`
|
||||||
|
func NonWWWRedirect() echo.MiddlewareFunc {
|
||||||
|
return NonWWWRedirectWithConfig(DefaultRedirectConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// NonWWWRedirectWithConfig returns an HTTPSRedirect middleware with config.
|
||||||
|
// See `NonWWWRedirect()`.
|
||||||
|
func NonWWWRedirectWithConfig(config RedirectConfig) echo.MiddlewareFunc {
|
||||||
|
return redirect(config, func(scheme, host, uri string) (ok bool, url string) {
|
||||||
|
if ok = host[:4] == www; ok {
|
||||||
|
url = scheme + "://" + host[4:] + uri
|
||||||
|
}
|
||||||
|
return
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func redirect(config RedirectConfig, cb redirectLogic) echo.MiddlewareFunc {
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultTrailingSlashConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Code == 0 {
|
||||||
|
config.Code = DefaultRedirectConfig.Code
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req, scheme := c.Request(), c.Scheme()
|
||||||
|
host := req.Host
|
||||||
|
if ok, url := cb(scheme, host, req.RequestURI); ok {
|
||||||
|
return c.Redirect(config.Code, url)
|
||||||
|
}
|
||||||
|
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
64
vendor/github.com/labstack/echo/v4/middleware/request_id.go
generated
vendored
Normal file
64
vendor/github.com/labstack/echo/v4/middleware/request_id.go
generated
vendored
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
"github.com/labstack/gommon/random"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// RequestIDConfig defines the config for RequestID middleware.
|
||||||
|
RequestIDConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Generator defines a function to generate an ID.
|
||||||
|
// Optional. Default value random.String(32).
|
||||||
|
Generator func() string
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultRequestIDConfig is the default RequestID middleware config.
|
||||||
|
DefaultRequestIDConfig = RequestIDConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Generator: generator,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// RequestID returns a X-Request-ID middleware.
|
||||||
|
func RequestID() echo.MiddlewareFunc {
|
||||||
|
return RequestIDWithConfig(DefaultRequestIDConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// RequestIDWithConfig returns a X-Request-ID middleware with config.
|
||||||
|
func RequestIDWithConfig(config RequestIDConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultRequestIDConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Generator == nil {
|
||||||
|
config.Generator = generator
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
res := c.Response()
|
||||||
|
rid := req.Header.Get(echo.HeaderXRequestID)
|
||||||
|
if rid == "" {
|
||||||
|
rid = config.Generator()
|
||||||
|
}
|
||||||
|
res.Header().Set(echo.HeaderXRequestID, rid)
|
||||||
|
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func generator() string {
|
||||||
|
return random.String(32)
|
||||||
|
}
|
84
vendor/github.com/labstack/echo/v4/middleware/rewrite.go
generated
vendored
Normal file
84
vendor/github.com/labstack/echo/v4/middleware/rewrite.go
generated
vendored
Normal file
@ -0,0 +1,84 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"regexp"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// RewriteConfig defines the config for Rewrite middleware.
|
||||||
|
RewriteConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Rules defines the URL path rewrite rules. The values captured in asterisk can be
|
||||||
|
// retrieved by index e.g. $1, $2 and so on.
|
||||||
|
// Example:
|
||||||
|
// "/old": "/new",
|
||||||
|
// "/api/*": "/$1",
|
||||||
|
// "/js/*": "/public/javascripts/$1",
|
||||||
|
// "/users/*/orders/*": "/user/$1/order/$2",
|
||||||
|
// Required.
|
||||||
|
Rules map[string]string `yaml:"rules"`
|
||||||
|
|
||||||
|
rulesRegex map[*regexp.Regexp]string
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultRewriteConfig is the default Rewrite middleware config.
|
||||||
|
DefaultRewriteConfig = RewriteConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Rewrite returns a Rewrite middleware.
|
||||||
|
//
|
||||||
|
// Rewrite middleware rewrites the URL path based on the provided rules.
|
||||||
|
func Rewrite(rules map[string]string) echo.MiddlewareFunc {
|
||||||
|
c := DefaultRewriteConfig
|
||||||
|
c.Rules = rules
|
||||||
|
return RewriteWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// RewriteWithConfig returns a Rewrite middleware with config.
|
||||||
|
// See: `Rewrite()`.
|
||||||
|
func RewriteWithConfig(config RewriteConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Rules == nil {
|
||||||
|
panic("echo: rewrite middleware requires url path rewrite rules")
|
||||||
|
}
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultBodyDumpConfig.Skipper
|
||||||
|
}
|
||||||
|
config.rulesRegex = map[*regexp.Regexp]string{}
|
||||||
|
|
||||||
|
// Initialize
|
||||||
|
for k, v := range config.Rules {
|
||||||
|
k = strings.Replace(k, "*", "(.*)", -1)
|
||||||
|
k = k + "$"
|
||||||
|
config.rulesRegex[regexp.MustCompile(k)] = v
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) (err error) {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
|
||||||
|
// Rewrite
|
||||||
|
for k, v := range config.rulesRegex {
|
||||||
|
replacer := captureTokens(k, req.URL.Path)
|
||||||
|
if replacer != nil {
|
||||||
|
req.URL.Path = replacer.Replace(v)
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
145
vendor/github.com/labstack/echo/v4/middleware/secure.go
generated
vendored
Normal file
145
vendor/github.com/labstack/echo/v4/middleware/secure.go
generated
vendored
Normal file
@ -0,0 +1,145 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// SecureConfig defines the config for Secure middleware.
|
||||||
|
SecureConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// XSSProtection provides protection against cross-site scripting attack (XSS)
|
||||||
|
// by setting the `X-XSS-Protection` header.
|
||||||
|
// Optional. Default value "1; mode=block".
|
||||||
|
XSSProtection string `yaml:"xss_protection"`
|
||||||
|
|
||||||
|
// ContentTypeNosniff provides protection against overriding Content-Type
|
||||||
|
// header by setting the `X-Content-Type-Options` header.
|
||||||
|
// Optional. Default value "nosniff".
|
||||||
|
ContentTypeNosniff string `yaml:"content_type_nosniff"`
|
||||||
|
|
||||||
|
// XFrameOptions can be used to indicate whether or not a browser should
|
||||||
|
// be allowed to render a page in a <frame>, <iframe> or <object> .
|
||||||
|
// Sites can use this to avoid clickjacking attacks, by ensuring that their
|
||||||
|
// content is not embedded into other sites.provides protection against
|
||||||
|
// clickjacking.
|
||||||
|
// Optional. Default value "SAMEORIGIN".
|
||||||
|
// Possible values:
|
||||||
|
// - "SAMEORIGIN" - The page can only be displayed in a frame on the same origin as the page itself.
|
||||||
|
// - "DENY" - The page cannot be displayed in a frame, regardless of the site attempting to do so.
|
||||||
|
// - "ALLOW-FROM uri" - The page can only be displayed in a frame on the specified origin.
|
||||||
|
XFrameOptions string `yaml:"x_frame_options"`
|
||||||
|
|
||||||
|
// HSTSMaxAge sets the `Strict-Transport-Security` header to indicate how
|
||||||
|
// long (in seconds) browsers should remember that this site is only to
|
||||||
|
// be accessed using HTTPS. This reduces your exposure to some SSL-stripping
|
||||||
|
// man-in-the-middle (MITM) attacks.
|
||||||
|
// Optional. Default value 0.
|
||||||
|
HSTSMaxAge int `yaml:"hsts_max_age"`
|
||||||
|
|
||||||
|
// HSTSExcludeSubdomains won't include subdomains tag in the `Strict Transport Security`
|
||||||
|
// header, excluding all subdomains from security policy. It has no effect
|
||||||
|
// unless HSTSMaxAge is set to a non-zero value.
|
||||||
|
// Optional. Default value false.
|
||||||
|
HSTSExcludeSubdomains bool `yaml:"hsts_exclude_subdomains"`
|
||||||
|
|
||||||
|
// ContentSecurityPolicy sets the `Content-Security-Policy` header providing
|
||||||
|
// security against cross-site scripting (XSS), clickjacking and other code
|
||||||
|
// injection attacks resulting from execution of malicious content in the
|
||||||
|
// trusted web page context.
|
||||||
|
// Optional. Default value "".
|
||||||
|
ContentSecurityPolicy string `yaml:"content_security_policy"`
|
||||||
|
|
||||||
|
// CSPReportOnly would use the `Content-Security-Policy-Report-Only` header instead
|
||||||
|
// of the `Content-Security-Policy` header. This allows iterative updates of the
|
||||||
|
// content security policy by only reporting the violations that would
|
||||||
|
// have occurred instead of blocking the resource.
|
||||||
|
// Optional. Default value false.
|
||||||
|
CSPReportOnly bool `yaml:"csp_report_only"`
|
||||||
|
|
||||||
|
// HSTSPreloadEnabled will add the preload tag in the `Strict Transport Security`
|
||||||
|
// header, which enables the domain to be included in the HSTS preload list
|
||||||
|
// maintained by Chrome (and used by Firefox and Safari): https://hstspreload.org/
|
||||||
|
// Optional. Default value false.
|
||||||
|
HSTSPreloadEnabled bool `yaml:"hsts_preload_enabled"`
|
||||||
|
|
||||||
|
// ReferrerPolicy sets the `Referrer-Policy` header providing security against
|
||||||
|
// leaking potentially sensitive request paths to third parties.
|
||||||
|
// Optional. Default value "".
|
||||||
|
ReferrerPolicy string `yaml:"referrer_policy"`
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultSecureConfig is the default Secure middleware config.
|
||||||
|
DefaultSecureConfig = SecureConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
XSSProtection: "1; mode=block",
|
||||||
|
ContentTypeNosniff: "nosniff",
|
||||||
|
XFrameOptions: "SAMEORIGIN",
|
||||||
|
HSTSPreloadEnabled: false,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Secure returns a Secure middleware.
|
||||||
|
// Secure middleware provides protection against cross-site scripting (XSS) attack,
|
||||||
|
// content type sniffing, clickjacking, insecure connection and other code injection
|
||||||
|
// attacks.
|
||||||
|
func Secure() echo.MiddlewareFunc {
|
||||||
|
return SecureWithConfig(DefaultSecureConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// SecureWithConfig returns a Secure middleware with config.
|
||||||
|
// See: `Secure()`.
|
||||||
|
func SecureWithConfig(config SecureConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultSecureConfig.Skipper
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
res := c.Response()
|
||||||
|
|
||||||
|
if config.XSSProtection != "" {
|
||||||
|
res.Header().Set(echo.HeaderXXSSProtection, config.XSSProtection)
|
||||||
|
}
|
||||||
|
if config.ContentTypeNosniff != "" {
|
||||||
|
res.Header().Set(echo.HeaderXContentTypeOptions, config.ContentTypeNosniff)
|
||||||
|
}
|
||||||
|
if config.XFrameOptions != "" {
|
||||||
|
res.Header().Set(echo.HeaderXFrameOptions, config.XFrameOptions)
|
||||||
|
}
|
||||||
|
if (c.IsTLS() || (req.Header.Get(echo.HeaderXForwardedProto) == "https")) && config.HSTSMaxAge != 0 {
|
||||||
|
subdomains := ""
|
||||||
|
if !config.HSTSExcludeSubdomains {
|
||||||
|
subdomains = "; includeSubdomains"
|
||||||
|
}
|
||||||
|
if config.HSTSPreloadEnabled {
|
||||||
|
subdomains = fmt.Sprintf("%s; preload", subdomains)
|
||||||
|
}
|
||||||
|
res.Header().Set(echo.HeaderStrictTransportSecurity, fmt.Sprintf("max-age=%d%s", config.HSTSMaxAge, subdomains))
|
||||||
|
}
|
||||||
|
if config.ContentSecurityPolicy != "" {
|
||||||
|
if config.CSPReportOnly {
|
||||||
|
res.Header().Set(echo.HeaderContentSecurityPolicyReportOnly, config.ContentSecurityPolicy)
|
||||||
|
} else {
|
||||||
|
res.Header().Set(echo.HeaderContentSecurityPolicy, config.ContentSecurityPolicy)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if config.ReferrerPolicy != "" {
|
||||||
|
res.Header().Set(echo.HeaderReferrerPolicy, config.ReferrerPolicy)
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
121
vendor/github.com/labstack/echo/v4/middleware/slash.go
generated
vendored
Normal file
121
vendor/github.com/labstack/echo/v4/middleware/slash.go
generated
vendored
Normal file
@ -0,0 +1,121 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// TrailingSlashConfig defines the config for TrailingSlash middleware.
|
||||||
|
TrailingSlashConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Status code to be used when redirecting the request.
|
||||||
|
// Optional, but when provided the request is redirected using this code.
|
||||||
|
RedirectCode int `yaml:"redirect_code"`
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultTrailingSlashConfig is the default TrailingSlash middleware config.
|
||||||
|
DefaultTrailingSlashConfig = TrailingSlashConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// AddTrailingSlash returns a root level (before router) middleware which adds a
|
||||||
|
// trailing slash to the request `URL#Path`.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(AddTrailingSlash())`
|
||||||
|
func AddTrailingSlash() echo.MiddlewareFunc {
|
||||||
|
return AddTrailingSlashWithConfig(DefaultTrailingSlashConfig)
|
||||||
|
}
|
||||||
|
|
||||||
|
// AddTrailingSlashWithConfig returns a AddTrailingSlash middleware with config.
|
||||||
|
// See `AddTrailingSlash()`.
|
||||||
|
func AddTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultTrailingSlashConfig.Skipper
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
url := req.URL
|
||||||
|
path := url.Path
|
||||||
|
qs := c.QueryString()
|
||||||
|
if !strings.HasSuffix(path, "/") {
|
||||||
|
path += "/"
|
||||||
|
uri := path
|
||||||
|
if qs != "" {
|
||||||
|
uri += "?" + qs
|
||||||
|
}
|
||||||
|
|
||||||
|
// Redirect
|
||||||
|
if config.RedirectCode != 0 {
|
||||||
|
return c.Redirect(config.RedirectCode, uri)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Forward
|
||||||
|
req.RequestURI = uri
|
||||||
|
url.Path = path
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// RemoveTrailingSlash returns a root level (before router) middleware which removes
|
||||||
|
// a trailing slash from the request URI.
|
||||||
|
//
|
||||||
|
// Usage `Echo#Pre(RemoveTrailingSlash())`
|
||||||
|
func RemoveTrailingSlash() echo.MiddlewareFunc {
|
||||||
|
return RemoveTrailingSlashWithConfig(TrailingSlashConfig{})
|
||||||
|
}
|
||||||
|
|
||||||
|
// RemoveTrailingSlashWithConfig returns a RemoveTrailingSlash middleware with config.
|
||||||
|
// See `RemoveTrailingSlash()`.
|
||||||
|
func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultTrailingSlashConfig.Skipper
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) error {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
req := c.Request()
|
||||||
|
url := req.URL
|
||||||
|
path := url.Path
|
||||||
|
qs := c.QueryString()
|
||||||
|
l := len(path) - 1
|
||||||
|
if l > 0 && strings.HasSuffix(path, "/") {
|
||||||
|
path = path[:l]
|
||||||
|
uri := path
|
||||||
|
if qs != "" {
|
||||||
|
uri += "?" + qs
|
||||||
|
}
|
||||||
|
|
||||||
|
// Redirect
|
||||||
|
if config.RedirectCode != 0 {
|
||||||
|
return c.Redirect(config.RedirectCode, uri)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Forward
|
||||||
|
req.RequestURI = uri
|
||||||
|
url.Path = path
|
||||||
|
}
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
229
vendor/github.com/labstack/echo/v4/middleware/static.go
generated
vendored
Normal file
229
vendor/github.com/labstack/echo/v4/middleware/static.go
generated
vendored
Normal file
@ -0,0 +1,229 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"html/template"
|
||||||
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
"os"
|
||||||
|
"path"
|
||||||
|
"path/filepath"
|
||||||
|
"strings"
|
||||||
|
|
||||||
|
"github.com/labstack/echo/v4"
|
||||||
|
"github.com/labstack/gommon/bytes"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// StaticConfig defines the config for Static middleware.
|
||||||
|
StaticConfig struct {
|
||||||
|
// Skipper defines a function to skip middleware.
|
||||||
|
Skipper Skipper
|
||||||
|
|
||||||
|
// Root directory from where the static content is served.
|
||||||
|
// Required.
|
||||||
|
Root string `yaml:"root"`
|
||||||
|
|
||||||
|
// Index file for serving a directory.
|
||||||
|
// Optional. Default value "index.html".
|
||||||
|
Index string `yaml:"index"`
|
||||||
|
|
||||||
|
// Enable HTML5 mode by forwarding all not-found requests to root so that
|
||||||
|
// SPA (single-page application) can handle the routing.
|
||||||
|
// Optional. Default value false.
|
||||||
|
HTML5 bool `yaml:"html5"`
|
||||||
|
|
||||||
|
// Enable directory browsing.
|
||||||
|
// Optional. Default value false.
|
||||||
|
Browse bool `yaml:"browse"`
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
const html = `
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en">
|
||||||
|
<head>
|
||||||
|
<meta charset="UTF-8">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="ie=edge">
|
||||||
|
<title>{{ .Name }}</title>
|
||||||
|
<style>
|
||||||
|
body {
|
||||||
|
font-family: Menlo, Consolas, monospace;
|
||||||
|
padding: 48px;
|
||||||
|
}
|
||||||
|
header {
|
||||||
|
padding: 4px 16px;
|
||||||
|
font-size: 24px;
|
||||||
|
}
|
||||||
|
ul {
|
||||||
|
list-style-type: none;
|
||||||
|
margin: 0;
|
||||||
|
padding: 20px 0 0 0;
|
||||||
|
display: flex;
|
||||||
|
flex-wrap: wrap;
|
||||||
|
}
|
||||||
|
li {
|
||||||
|
width: 300px;
|
||||||
|
padding: 16px;
|
||||||
|
}
|
||||||
|
li a {
|
||||||
|
display: block;
|
||||||
|
overflow: hidden;
|
||||||
|
white-space: nowrap;
|
||||||
|
text-overflow: ellipsis;
|
||||||
|
text-decoration: none;
|
||||||
|
transition: opacity 0.25s;
|
||||||
|
}
|
||||||
|
li span {
|
||||||
|
color: #707070;
|
||||||
|
font-size: 12px;
|
||||||
|
}
|
||||||
|
li a:hover {
|
||||||
|
opacity: 0.50;
|
||||||
|
}
|
||||||
|
.dir {
|
||||||
|
color: #E91E63;
|
||||||
|
}
|
||||||
|
.file {
|
||||||
|
color: #673AB7;
|
||||||
|
}
|
||||||
|
</style>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<header>
|
||||||
|
{{ .Name }}
|
||||||
|
</header>
|
||||||
|
<ul>
|
||||||
|
{{ range .Files }}
|
||||||
|
<li>
|
||||||
|
{{ if .Dir }}
|
||||||
|
{{ $name := print .Name "/" }}
|
||||||
|
<a class="dir" href="{{ $name }}">{{ $name }}</a>
|
||||||
|
{{ else }}
|
||||||
|
<a class="file" href="{{ .Name }}">{{ .Name }}</a>
|
||||||
|
<span>{{ .Size }}</span>
|
||||||
|
{{ end }}
|
||||||
|
</li>
|
||||||
|
{{ end }}
|
||||||
|
</ul>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
`
|
||||||
|
|
||||||
|
var (
|
||||||
|
// DefaultStaticConfig is the default Static middleware config.
|
||||||
|
DefaultStaticConfig = StaticConfig{
|
||||||
|
Skipper: DefaultSkipper,
|
||||||
|
Index: "index.html",
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Static returns a Static middleware to serves static content from the provided
|
||||||
|
// root directory.
|
||||||
|
func Static(root string) echo.MiddlewareFunc {
|
||||||
|
c := DefaultStaticConfig
|
||||||
|
c.Root = root
|
||||||
|
return StaticWithConfig(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
// StaticWithConfig returns a Static middleware with config.
|
||||||
|
// See `Static()`.
|
||||||
|
func StaticWithConfig(config StaticConfig) echo.MiddlewareFunc {
|
||||||
|
// Defaults
|
||||||
|
if config.Root == "" {
|
||||||
|
config.Root = "." // For security we want to restrict to CWD.
|
||||||
|
}
|
||||||
|
if config.Skipper == nil {
|
||||||
|
config.Skipper = DefaultStaticConfig.Skipper
|
||||||
|
}
|
||||||
|
if config.Index == "" {
|
||||||
|
config.Index = DefaultStaticConfig.Index
|
||||||
|
}
|
||||||
|
|
||||||
|
// Index template
|
||||||
|
t, err := template.New("index").Parse(html)
|
||||||
|
if err != nil {
|
||||||
|
panic(fmt.Sprintf("echo: %v", err))
|
||||||
|
}
|
||||||
|
|
||||||
|
return func(next echo.HandlerFunc) echo.HandlerFunc {
|
||||||
|
return func(c echo.Context) (err error) {
|
||||||
|
if config.Skipper(c) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
|
||||||
|
p := c.Request().URL.Path
|
||||||
|
if strings.HasSuffix(c.Path(), "*") { // When serving from a group, e.g. `/static*`.
|
||||||
|
p = c.Param("*")
|
||||||
|
}
|
||||||
|
p, err = url.PathUnescape(p)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
name := filepath.Join(config.Root, path.Clean("/"+p)) // "/"+ for security
|
||||||
|
|
||||||
|
fi, err := os.Stat(name)
|
||||||
|
if err != nil {
|
||||||
|
if os.IsNotExist(err) {
|
||||||
|
if err = next(c); err != nil {
|
||||||
|
if he, ok := err.(*echo.HTTPError); ok {
|
||||||
|
if config.HTML5 && he.Code == http.StatusNotFound {
|
||||||
|
return c.File(filepath.Join(config.Root, config.Index))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if fi.IsDir() {
|
||||||
|
index := filepath.Join(name, config.Index)
|
||||||
|
fi, err = os.Stat(index)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
if config.Browse {
|
||||||
|
return listDir(t, name, c.Response())
|
||||||
|
}
|
||||||
|
if os.IsNotExist(err) {
|
||||||
|
return next(c)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.File(index)
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.File(name)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func listDir(t *template.Template, name string, res *echo.Response) (err error) {
|
||||||
|
file, err := os.Open(name)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
files, err := file.Readdir(-1)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// Create directory index
|
||||||
|
res.Header().Set(echo.HeaderContentType, echo.MIMETextHTMLCharsetUTF8)
|
||||||
|
data := struct {
|
||||||
|
Name string
|
||||||
|
Files []interface{}
|
||||||
|
}{
|
||||||
|
Name: name,
|
||||||
|
}
|
||||||
|
for _, f := range files {
|
||||||
|
data.Files = append(data.Files, struct {
|
||||||
|
Name string
|
||||||
|
Dir bool
|
||||||
|
Size string
|
||||||
|
}{f.Name(), f.IsDir(), bytes.Format(f.Size())})
|
||||||
|
}
|
||||||
|
return t.Execute(res, data)
|
||||||
|
}
|
54
vendor/github.com/labstack/echo/v4/middleware/util.go
generated
vendored
Normal file
54
vendor/github.com/labstack/echo/v4/middleware/util.go
generated
vendored
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
package middleware
|
||||||
|
|
||||||
|
import (
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
func matchScheme(domain, pattern string) bool {
|
||||||
|
didx := strings.Index(domain, ":")
|
||||||
|
pidx := strings.Index(pattern, ":")
|
||||||
|
return didx != -1 && pidx != -1 && domain[:didx] == pattern[:pidx]
|
||||||
|
}
|
||||||
|
|
||||||
|
// matchSubdomain compares authority with wildcard
|
||||||
|
func matchSubdomain(domain, pattern string) bool {
|
||||||
|
if !matchScheme(domain, pattern) {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
didx := strings.Index(domain, "://")
|
||||||
|
pidx := strings.Index(pattern, "://")
|
||||||
|
if didx == -1 || pidx == -1 {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
domAuth := domain[didx+3:]
|
||||||
|
// to avoid long loop by invalid long domain
|
||||||
|
if len(domAuth) > 253 {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
patAuth := pattern[pidx+3:]
|
||||||
|
|
||||||
|
domComp := strings.Split(domAuth, ".")
|
||||||
|
patComp := strings.Split(patAuth, ".")
|
||||||
|
for i := len(domComp)/2 - 1; i >= 0; i-- {
|
||||||
|
opp := len(domComp) - 1 - i
|
||||||
|
domComp[i], domComp[opp] = domComp[opp], domComp[i]
|
||||||
|
}
|
||||||
|
for i := len(patComp)/2 - 1; i >= 0; i-- {
|
||||||
|
opp := len(patComp) - 1 - i
|
||||||
|
patComp[i], patComp[opp] = patComp[opp], patComp[i]
|
||||||
|
}
|
||||||
|
|
||||||
|
for i, v := range domComp {
|
||||||
|
if len(patComp) <= i {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
p := patComp[i]
|
||||||
|
if p == "*" {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
if p != v {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
48
vendor/github.com/labstack/echo/v4/router.go
generated
vendored
48
vendor/github.com/labstack/echo/v4/router.go
generated
vendored
@ -1,6 +1,9 @@
|
|||||||
package echo
|
package echo
|
||||||
|
|
||||||
import "net/http"
|
import (
|
||||||
|
"net/http"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
type (
|
type (
|
||||||
// Router is the registry of all registered routes for an `Echo` instance for
|
// Router is the registry of all registered routes for an `Echo` instance for
|
||||||
@ -133,6 +136,11 @@ func (r *Router) insert(method, path string, h HandlerFunc, t kind, ppath string
|
|||||||
// Split node
|
// Split node
|
||||||
n := newNode(cn.kind, cn.prefix[l:], cn, cn.children, cn.methodHandler, cn.ppath, cn.pnames)
|
n := newNode(cn.kind, cn.prefix[l:], cn, cn.children, cn.methodHandler, cn.ppath, cn.pnames)
|
||||||
|
|
||||||
|
// Update parent path for all children to new node
|
||||||
|
for _, child := range cn.children {
|
||||||
|
child.parent = n
|
||||||
|
}
|
||||||
|
|
||||||
// Reset parent node
|
// Reset parent node
|
||||||
cn.kind = skind
|
cn.kind = skind
|
||||||
cn.label = cn.prefix[0]
|
cn.label = cn.prefix[0]
|
||||||
@ -336,7 +344,6 @@ func (r *Router) Find(method, path string, c Context) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if l == pl {
|
if l == pl {
|
||||||
// Continue search
|
// Continue search
|
||||||
search = search[l:]
|
search = search[l:]
|
||||||
@ -398,16 +405,37 @@ func (r *Router) Find(method, path string, c Context) {
|
|||||||
Any:
|
Any:
|
||||||
if cn = cn.findChildByKind(akind); cn == nil {
|
if cn = cn.findChildByKind(akind); cn == nil {
|
||||||
if nn != nil {
|
if nn != nil {
|
||||||
cn = nn
|
// No next node to go down in routing (issue #954)
|
||||||
nn = cn.parent // Next (Issue #954)
|
// Find nearest "any" route going up the routing tree
|
||||||
if nn != nil {
|
|
||||||
nk = nn.kind
|
|
||||||
}
|
|
||||||
search = ns
|
search = ns
|
||||||
if nk == pkind {
|
np := nn.parent
|
||||||
|
// Consider param route one level up only
|
||||||
|
// if no slash is remaining in search string
|
||||||
|
if cn = nn.findChildByKind(pkind); cn != nil && strings.IndexByte(ns, '/') == -1 {
|
||||||
|
pvalues[len(cn.pnames)-1] = search
|
||||||
|
break
|
||||||
|
} else if cn != nil && strings.IndexByte(ns, '/') != 1 {
|
||||||
|
// If slash is present, it means that this is a parameterized route.
|
||||||
|
cn = cn.parent
|
||||||
goto Param
|
goto Param
|
||||||
} else if nk == akind {
|
}
|
||||||
goto Any
|
for {
|
||||||
|
np = nn.parent
|
||||||
|
if cn = nn.findChildByKind(akind); cn != nil {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if np == nil {
|
||||||
|
break // no further parent nodes in tree, abort
|
||||||
|
}
|
||||||
|
var str strings.Builder
|
||||||
|
str.WriteString(nn.prefix)
|
||||||
|
str.WriteString(search)
|
||||||
|
search = str.String()
|
||||||
|
nn = np
|
||||||
|
}
|
||||||
|
if cn != nil { // use the found "any" route and update path
|
||||||
|
pvalues[len(cn.pnames)-1] = search
|
||||||
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return // Not found
|
return // Not found
|
||||||
|
29
vendor/github.com/labstack/gommon/bytes/README.md
generated
vendored
Normal file
29
vendor/github.com/labstack/gommon/bytes/README.md
generated
vendored
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
# Bytes
|
||||||
|
|
||||||
|
- Format bytes integer to human readable bytes string.
|
||||||
|
- Parse human readable bytes string to bytes integer.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
```go
|
||||||
|
go get github.com/labstack/gommon/bytes
|
||||||
|
```
|
||||||
|
|
||||||
|
## [Usage](https://github.com/labstack/gommon/blob/master/bytes/bytes_test.go)
|
||||||
|
|
||||||
|
### Format
|
||||||
|
|
||||||
|
```go
|
||||||
|
println(bytes.Format(13231323))
|
||||||
|
```
|
||||||
|
|
||||||
|
`12.62MB`
|
||||||
|
|
||||||
|
### Parse
|
||||||
|
|
||||||
|
```go
|
||||||
|
b, _ = Parse("2M")
|
||||||
|
println(b)
|
||||||
|
```
|
||||||
|
|
||||||
|
`2097152`
|
109
vendor/github.com/labstack/gommon/bytes/bytes.go
generated
vendored
Normal file
109
vendor/github.com/labstack/gommon/bytes/bytes.go
generated
vendored
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
package bytes
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"regexp"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
// Bytes struct
|
||||||
|
Bytes struct{}
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
_ = 1.0 << (10 * iota) // ignore first value by assigning to blank identifier
|
||||||
|
KB
|
||||||
|
MB
|
||||||
|
GB
|
||||||
|
TB
|
||||||
|
PB
|
||||||
|
EB
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
pattern = regexp.MustCompile(`(?i)^(-?\d+(?:\.\d+)?)\s?([KMGTPE]B?|B?)$`)
|
||||||
|
global = New()
|
||||||
|
)
|
||||||
|
|
||||||
|
// New creates a Bytes instance.
|
||||||
|
func New() *Bytes {
|
||||||
|
return &Bytes{}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Format formats bytes integer to human readable string.
|
||||||
|
// For example, 31323 bytes will return 30.59KB.
|
||||||
|
func (*Bytes) Format(b int64) string {
|
||||||
|
multiple := ""
|
||||||
|
value := float64(b)
|
||||||
|
|
||||||
|
switch {
|
||||||
|
case b >= EB:
|
||||||
|
value /= EB
|
||||||
|
multiple = "EB"
|
||||||
|
case b >= PB:
|
||||||
|
value /= PB
|
||||||
|
multiple = "PB"
|
||||||
|
case b >= TB:
|
||||||
|
value /= TB
|
||||||
|
multiple = "TB"
|
||||||
|
case b >= GB:
|
||||||
|
value /= GB
|
||||||
|
multiple = "GB"
|
||||||
|
case b >= MB:
|
||||||
|
value /= MB
|
||||||
|
multiple = "MB"
|
||||||
|
case b >= KB:
|
||||||
|
value /= KB
|
||||||
|
multiple = "KB"
|
||||||
|
case b == 0:
|
||||||
|
return "0"
|
||||||
|
default:
|
||||||
|
return strconv.FormatInt(b, 10) + "B"
|
||||||
|
}
|
||||||
|
|
||||||
|
return fmt.Sprintf("%.2f%s", value, multiple)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse parses human readable bytes string to bytes integer.
|
||||||
|
// For example, 6GB (6G is also valid) will return 6442450944.
|
||||||
|
func (*Bytes) Parse(value string) (i int64, err error) {
|
||||||
|
parts := pattern.FindStringSubmatch(value)
|
||||||
|
if len(parts) < 3 {
|
||||||
|
return 0, fmt.Errorf("error parsing value=%s", value)
|
||||||
|
}
|
||||||
|
bytesString := parts[1]
|
||||||
|
multiple := strings.ToUpper(parts[2])
|
||||||
|
bytes, err := strconv.ParseFloat(bytesString, 64)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
switch multiple {
|
||||||
|
default:
|
||||||
|
return int64(bytes), nil
|
||||||
|
case "K", "KB":
|
||||||
|
return int64(bytes * KB), nil
|
||||||
|
case "M", "MB":
|
||||||
|
return int64(bytes * MB), nil
|
||||||
|
case "G", "GB":
|
||||||
|
return int64(bytes * GB), nil
|
||||||
|
case "T", "TB":
|
||||||
|
return int64(bytes * TB), nil
|
||||||
|
case "P", "PB":
|
||||||
|
return int64(bytes * PB), nil
|
||||||
|
case "E", "EB":
|
||||||
|
return int64(bytes * EB), nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Format wraps global Bytes's Format function.
|
||||||
|
func Format(b int64) string {
|
||||||
|
return global.Format(b)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Parse wraps global Bytes's Parse function.
|
||||||
|
func Parse(val string) (int64, error) {
|
||||||
|
return global.Parse(val)
|
||||||
|
}
|
48
vendor/github.com/labstack/gommon/random/random.go
generated
vendored
Normal file
48
vendor/github.com/labstack/gommon/random/random.go
generated
vendored
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
package random
|
||||||
|
|
||||||
|
import (
|
||||||
|
"math/rand"
|
||||||
|
"strings"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
type (
|
||||||
|
Random struct {
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
// Charsets
|
||||||
|
const (
|
||||||
|
Uppercase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
|
||||||
|
Lowercase = "abcdefghijklmnopqrstuvwxyz"
|
||||||
|
Alphabetic = Uppercase + Lowercase
|
||||||
|
Numeric = "0123456789"
|
||||||
|
Alphanumeric = Alphabetic + Numeric
|
||||||
|
Symbols = "`" + `~!@#$%^&*()-_+={}[]|\;:"<>,./?`
|
||||||
|
Hex = Numeric + "abcdef"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
global = New()
|
||||||
|
)
|
||||||
|
|
||||||
|
func New() *Random {
|
||||||
|
rand.Seed(time.Now().UnixNano())
|
||||||
|
return new(Random)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *Random) String(length uint8, charsets ...string) string {
|
||||||
|
charset := strings.Join(charsets, "")
|
||||||
|
if charset == "" {
|
||||||
|
charset = Alphanumeric
|
||||||
|
}
|
||||||
|
b := make([]byte, length)
|
||||||
|
for i := range b {
|
||||||
|
b[i] = charset[rand.Int63()%int64(len(charset))]
|
||||||
|
}
|
||||||
|
return string(b)
|
||||||
|
}
|
||||||
|
|
||||||
|
func String(length uint8, charsets ...string) string {
|
||||||
|
return global.String(length, charsets...)
|
||||||
|
}
|
6
vendor/github.com/mattn/go-colorable/colorable_appengine.go
generated
vendored
6
vendor/github.com/mattn/go-colorable/colorable_appengine.go
generated
vendored
@ -9,7 +9,7 @@ import (
|
|||||||
_ "github.com/mattn/go-isatty"
|
_ "github.com/mattn/go-isatty"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewColorable return new instance of Writer which handle escape sequence.
|
// NewColorable returns new instance of Writer which handles escape sequence.
|
||||||
func NewColorable(file *os.File) io.Writer {
|
func NewColorable(file *os.File) io.Writer {
|
||||||
if file == nil {
|
if file == nil {
|
||||||
panic("nil passed instead of *os.File to NewColorable()")
|
panic("nil passed instead of *os.File to NewColorable()")
|
||||||
@ -18,12 +18,12 @@ func NewColorable(file *os.File) io.Writer {
|
|||||||
return file
|
return file
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStdout return new instance of Writer which handle escape sequence for stdout.
|
// NewColorableStdout returns new instance of Writer which handles escape sequence for stdout.
|
||||||
func NewColorableStdout() io.Writer {
|
func NewColorableStdout() io.Writer {
|
||||||
return os.Stdout
|
return os.Stdout
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStderr return new instance of Writer which handle escape sequence for stderr.
|
// NewColorableStderr returns new instance of Writer which handles escape sequence for stderr.
|
||||||
func NewColorableStderr() io.Writer {
|
func NewColorableStderr() io.Writer {
|
||||||
return os.Stderr
|
return os.Stderr
|
||||||
}
|
}
|
||||||
|
6
vendor/github.com/mattn/go-colorable/colorable_others.go
generated
vendored
6
vendor/github.com/mattn/go-colorable/colorable_others.go
generated
vendored
@ -10,7 +10,7 @@ import (
|
|||||||
_ "github.com/mattn/go-isatty"
|
_ "github.com/mattn/go-isatty"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewColorable return new instance of Writer which handle escape sequence.
|
// NewColorable returns new instance of Writer which handles escape sequence.
|
||||||
func NewColorable(file *os.File) io.Writer {
|
func NewColorable(file *os.File) io.Writer {
|
||||||
if file == nil {
|
if file == nil {
|
||||||
panic("nil passed instead of *os.File to NewColorable()")
|
panic("nil passed instead of *os.File to NewColorable()")
|
||||||
@ -19,12 +19,12 @@ func NewColorable(file *os.File) io.Writer {
|
|||||||
return file
|
return file
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStdout return new instance of Writer which handle escape sequence for stdout.
|
// NewColorableStdout returns new instance of Writer which handles escape sequence for stdout.
|
||||||
func NewColorableStdout() io.Writer {
|
func NewColorableStdout() io.Writer {
|
||||||
return os.Stdout
|
return os.Stdout
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStderr return new instance of Writer which handle escape sequence for stderr.
|
// NewColorableStderr returns new instance of Writer which handles escape sequence for stderr.
|
||||||
func NewColorableStderr() io.Writer {
|
func NewColorableStderr() io.Writer {
|
||||||
return os.Stderr
|
return os.Stderr
|
||||||
}
|
}
|
||||||
|
43
vendor/github.com/mattn/go-colorable/colorable_windows.go
generated
vendored
43
vendor/github.com/mattn/go-colorable/colorable_windows.go
generated
vendored
@ -81,7 +81,7 @@ var (
|
|||||||
procCreateConsoleScreenBuffer = kernel32.NewProc("CreateConsoleScreenBuffer")
|
procCreateConsoleScreenBuffer = kernel32.NewProc("CreateConsoleScreenBuffer")
|
||||||
)
|
)
|
||||||
|
|
||||||
// Writer provide colorable Writer to the console
|
// Writer provides colorable Writer to the console
|
||||||
type Writer struct {
|
type Writer struct {
|
||||||
out io.Writer
|
out io.Writer
|
||||||
handle syscall.Handle
|
handle syscall.Handle
|
||||||
@ -91,7 +91,7 @@ type Writer struct {
|
|||||||
rest bytes.Buffer
|
rest bytes.Buffer
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorable return new instance of Writer which handle escape sequence from File.
|
// NewColorable returns new instance of Writer which handles escape sequence from File.
|
||||||
func NewColorable(file *os.File) io.Writer {
|
func NewColorable(file *os.File) io.Writer {
|
||||||
if file == nil {
|
if file == nil {
|
||||||
panic("nil passed instead of *os.File to NewColorable()")
|
panic("nil passed instead of *os.File to NewColorable()")
|
||||||
@ -106,12 +106,12 @@ func NewColorable(file *os.File) io.Writer {
|
|||||||
return file
|
return file
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStdout return new instance of Writer which handle escape sequence for stdout.
|
// NewColorableStdout returns new instance of Writer which handles escape sequence for stdout.
|
||||||
func NewColorableStdout() io.Writer {
|
func NewColorableStdout() io.Writer {
|
||||||
return NewColorable(os.Stdout)
|
return NewColorable(os.Stdout)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewColorableStderr return new instance of Writer which handle escape sequence for stderr.
|
// NewColorableStderr returns new instance of Writer which handles escape sequence for stderr.
|
||||||
func NewColorableStderr() io.Writer {
|
func NewColorableStderr() io.Writer {
|
||||||
return NewColorable(os.Stderr)
|
return NewColorable(os.Stderr)
|
||||||
}
|
}
|
||||||
@ -414,7 +414,15 @@ func doTitleSequence(er *bytes.Reader) error {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Write write data on console
|
// returns Atoi(s) unless s == "" in which case it returns def
|
||||||
|
func atoiWithDefault(s string, def int) (int, error) {
|
||||||
|
if s == "" {
|
||||||
|
return def, nil
|
||||||
|
}
|
||||||
|
return strconv.Atoi(s)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Write writes data on console
|
||||||
func (w *Writer) Write(data []byte) (n int, err error) {
|
func (w *Writer) Write(data []byte) (n int, err error) {
|
||||||
var csbi consoleScreenBufferInfo
|
var csbi consoleScreenBufferInfo
|
||||||
procGetConsoleScreenBufferInfo.Call(uintptr(w.handle), uintptr(unsafe.Pointer(&csbi)))
|
procGetConsoleScreenBufferInfo.Call(uintptr(w.handle), uintptr(unsafe.Pointer(&csbi)))
|
||||||
@ -500,7 +508,7 @@ loop:
|
|||||||
|
|
||||||
switch m {
|
switch m {
|
||||||
case 'A':
|
case 'A':
|
||||||
n, err = strconv.Atoi(buf.String())
|
n, err = atoiWithDefault(buf.String(), 1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -508,7 +516,7 @@ loop:
|
|||||||
csbi.cursorPosition.y -= short(n)
|
csbi.cursorPosition.y -= short(n)
|
||||||
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
||||||
case 'B':
|
case 'B':
|
||||||
n, err = strconv.Atoi(buf.String())
|
n, err = atoiWithDefault(buf.String(), 1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -516,7 +524,7 @@ loop:
|
|||||||
csbi.cursorPosition.y += short(n)
|
csbi.cursorPosition.y += short(n)
|
||||||
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
||||||
case 'C':
|
case 'C':
|
||||||
n, err = strconv.Atoi(buf.String())
|
n, err = atoiWithDefault(buf.String(), 1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -524,7 +532,7 @@ loop:
|
|||||||
csbi.cursorPosition.x += short(n)
|
csbi.cursorPosition.x += short(n)
|
||||||
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
||||||
case 'D':
|
case 'D':
|
||||||
n, err = strconv.Atoi(buf.String())
|
n, err = atoiWithDefault(buf.String(), 1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
@ -557,6 +565,9 @@ loop:
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
if n < 1 {
|
||||||
|
n = 1
|
||||||
|
}
|
||||||
procGetConsoleScreenBufferInfo.Call(uintptr(handle), uintptr(unsafe.Pointer(&csbi)))
|
procGetConsoleScreenBufferInfo.Call(uintptr(handle), uintptr(unsafe.Pointer(&csbi)))
|
||||||
csbi.cursorPosition.x = short(n - 1)
|
csbi.cursorPosition.x = short(n - 1)
|
||||||
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
procSetConsoleCursorPosition.Call(uintptr(handle), *(*uintptr)(unsafe.Pointer(&csbi.cursorPosition)))
|
||||||
@ -635,6 +646,20 @@ loop:
|
|||||||
}
|
}
|
||||||
procFillConsoleOutputCharacter.Call(uintptr(handle), uintptr(' '), uintptr(count), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
procFillConsoleOutputCharacter.Call(uintptr(handle), uintptr(' '), uintptr(count), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
||||||
procFillConsoleOutputAttribute.Call(uintptr(handle), uintptr(csbi.attributes), uintptr(count), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
procFillConsoleOutputAttribute.Call(uintptr(handle), uintptr(csbi.attributes), uintptr(count), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
||||||
|
case 'X':
|
||||||
|
n := 0
|
||||||
|
if buf.Len() > 0 {
|
||||||
|
n, err = strconv.Atoi(buf.String())
|
||||||
|
if err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
}
|
||||||
|
procGetConsoleScreenBufferInfo.Call(uintptr(handle), uintptr(unsafe.Pointer(&csbi)))
|
||||||
|
var cursor coord
|
||||||
|
var written dword
|
||||||
|
cursor = coord{x: csbi.cursorPosition.x, y: csbi.cursorPosition.y}
|
||||||
|
procFillConsoleOutputCharacter.Call(uintptr(handle), uintptr(' '), uintptr(n), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
||||||
|
procFillConsoleOutputAttribute.Call(uintptr(handle), uintptr(csbi.attributes), uintptr(n), *(*uintptr)(unsafe.Pointer(&cursor)), uintptr(unsafe.Pointer(&written)))
|
||||||
case 'm':
|
case 'm':
|
||||||
procGetConsoleScreenBufferInfo.Call(uintptr(handle), uintptr(unsafe.Pointer(&csbi)))
|
procGetConsoleScreenBufferInfo.Call(uintptr(handle), uintptr(unsafe.Pointer(&csbi)))
|
||||||
attr := csbi.attributes
|
attr := csbi.attributes
|
||||||
|
6
vendor/github.com/mattn/go-colorable/noncolorable.go
generated
vendored
6
vendor/github.com/mattn/go-colorable/noncolorable.go
generated
vendored
@ -5,17 +5,17 @@ import (
|
|||||||
"io"
|
"io"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NonColorable hold writer but remove escape sequence.
|
// NonColorable holds writer but removes escape sequence.
|
||||||
type NonColorable struct {
|
type NonColorable struct {
|
||||||
out io.Writer
|
out io.Writer
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewNonColorable return new instance of Writer which remove escape sequence from Writer.
|
// NewNonColorable returns new instance of Writer which removes escape sequence from Writer.
|
||||||
func NewNonColorable(w io.Writer) io.Writer {
|
func NewNonColorable(w io.Writer) io.Writer {
|
||||||
return &NonColorable{out: w}
|
return &NonColorable{out: w}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Write write data on console
|
// Write writes data on console
|
||||||
func (w *NonColorable) Write(data []byte) (n int, err error) {
|
func (w *NonColorable) Write(data []byte) (n int, err error) {
|
||||||
er := bytes.NewReader(data)
|
er := bytes.NewReader(data)
|
||||||
var bw [1]byte
|
var bw [1]byte
|
||||||
|
4
vendor/github.com/mattn/go-isatty/go.mod
generated
vendored
4
vendor/github.com/mattn/go-isatty/go.mod
generated
vendored
@ -1,3 +1,5 @@
|
|||||||
module github.com/mattn/go-isatty
|
module github.com/mattn/go-isatty
|
||||||
|
|
||||||
require golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a
|
go 1.12
|
||||||
|
|
||||||
|
require golang.org/x/sys v0.0.0-20191026070338-33540a1f6037
|
||||||
|
4
vendor/github.com/mattn/go-isatty/go.sum
generated
vendored
4
vendor/github.com/mattn/go-isatty/go.sum
generated
vendored
@ -1,2 +1,2 @@
|
|||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO9UxmJRx8K0gsfABByQ=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4=
|
||||||
golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||||
|
22
vendor/github.com/mattn/go-isatty/isatty_plan9.go
generated
vendored
Normal file
22
vendor/github.com/mattn/go-isatty/isatty_plan9.go
generated
vendored
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
// +build plan9
|
||||||
|
|
||||||
|
package isatty
|
||||||
|
|
||||||
|
import (
|
||||||
|
"syscall"
|
||||||
|
)
|
||||||
|
|
||||||
|
// IsTerminal returns true if the given file descriptor is a terminal.
|
||||||
|
func IsTerminal(fd uintptr) bool {
|
||||||
|
path, err := syscall.Fd2path(int(fd))
|
||||||
|
if err != nil {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
return path == "/dev/cons" || path == "/mnt/term/dev/cons"
|
||||||
|
}
|
||||||
|
|
||||||
|
// IsCygwinTerminal return true if the file descriptor is a cygwin or msys2
|
||||||
|
// terminal. This is also always false on this environment.
|
||||||
|
func IsCygwinTerminal(fd uintptr) bool {
|
||||||
|
return false
|
||||||
|
}
|
35
vendor/github.com/mattn/go-isatty/isatty_windows.go
generated
vendored
35
vendor/github.com/mattn/go-isatty/isatty_windows.go
generated
vendored
@ -4,6 +4,7 @@
|
|||||||
package isatty
|
package isatty
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"strings"
|
"strings"
|
||||||
"syscall"
|
"syscall"
|
||||||
"unicode/utf16"
|
"unicode/utf16"
|
||||||
@ -11,15 +12,18 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
fileNameInfo uintptr = 2
|
objectNameInfo uintptr = 1
|
||||||
|
fileNameInfo = 2
|
||||||
fileTypePipe = 3
|
fileTypePipe = 3
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
kernel32 = syscall.NewLazyDLL("kernel32.dll")
|
kernel32 = syscall.NewLazyDLL("kernel32.dll")
|
||||||
|
ntdll = syscall.NewLazyDLL("ntdll.dll")
|
||||||
procGetConsoleMode = kernel32.NewProc("GetConsoleMode")
|
procGetConsoleMode = kernel32.NewProc("GetConsoleMode")
|
||||||
procGetFileInformationByHandleEx = kernel32.NewProc("GetFileInformationByHandleEx")
|
procGetFileInformationByHandleEx = kernel32.NewProc("GetFileInformationByHandleEx")
|
||||||
procGetFileType = kernel32.NewProc("GetFileType")
|
procGetFileType = kernel32.NewProc("GetFileType")
|
||||||
|
procNtQueryObject = ntdll.NewProc("NtQueryObject")
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
@ -45,7 +49,10 @@ func isCygwinPipeName(name string) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
if token[0] != `\msys` && token[0] != `\cygwin` {
|
if token[0] != `\msys` &&
|
||||||
|
token[0] != `\cygwin` &&
|
||||||
|
token[0] != `\Device\NamedPipe\msys` &&
|
||||||
|
token[0] != `\Device\NamedPipe\cygwin` {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -68,12 +75,36 @@ func isCygwinPipeName(name string) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// getFileNameByHandle use the undocomented ntdll NtQueryObject to get file full name from file handler
|
||||||
|
// since GetFileInformationByHandleEx is not avilable under windows Vista and still some old fashion
|
||||||
|
// guys are using Windows XP, this is a workaround for those guys, it will also work on system from
|
||||||
|
// Windows vista to 10
|
||||||
|
// see https://stackoverflow.com/a/18792477 for details
|
||||||
|
func getFileNameByHandle(fd uintptr) (string, error) {
|
||||||
|
if procNtQueryObject == nil {
|
||||||
|
return "", errors.New("ntdll.dll: NtQueryObject not supported")
|
||||||
|
}
|
||||||
|
|
||||||
|
var buf [4 + syscall.MAX_PATH]uint16
|
||||||
|
var result int
|
||||||
|
r, _, e := syscall.Syscall6(procNtQueryObject.Addr(), 5,
|
||||||
|
fd, objectNameInfo, uintptr(unsafe.Pointer(&buf)), uintptr(2*len(buf)), uintptr(unsafe.Pointer(&result)), 0)
|
||||||
|
if r != 0 {
|
||||||
|
return "", e
|
||||||
|
}
|
||||||
|
return string(utf16.Decode(buf[4 : 4+buf[0]/2])), nil
|
||||||
|
}
|
||||||
|
|
||||||
// IsCygwinTerminal() return true if the file descriptor is a cygwin or msys2
|
// IsCygwinTerminal() return true if the file descriptor is a cygwin or msys2
|
||||||
// terminal.
|
// terminal.
|
||||||
func IsCygwinTerminal(fd uintptr) bool {
|
func IsCygwinTerminal(fd uintptr) bool {
|
||||||
if procGetFileInformationByHandleEx == nil {
|
if procGetFileInformationByHandleEx == nil {
|
||||||
|
name, err := getFileNameByHandle(fd)
|
||||||
|
if err != nil {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
return isCygwinPipeName(name)
|
||||||
|
}
|
||||||
|
|
||||||
// Cygwin/msys's pty is a pipe.
|
// Cygwin/msys's pty is a pipe.
|
||||||
ft, _, e := syscall.Syscall(procGetFileType.Addr(), 1, fd, 0, 0)
|
ft, _, e := syscall.Syscall(procGetFileType.Addr(), 1, fd, 0, 0)
|
||||||
|
2
vendor/github.com/valyala/fasttemplate/README.md
generated
vendored
2
vendor/github.com/valyala/fasttemplate/README.md
generated
vendored
@ -3,7 +3,7 @@ fasttemplate
|
|||||||
|
|
||||||
Simple and fast template engine for Go.
|
Simple and fast template engine for Go.
|
||||||
|
|
||||||
Fasttemplate peforms only a single task - it substitutes template placeholders
|
Fasttemplate performs only a single task - it substitutes template placeholders
|
||||||
with user-defined values. At high speed :)
|
with user-defined values. At high speed :)
|
||||||
|
|
||||||
Take a look at [quicktemplate](https://github.com/valyala/quicktemplate) if you need fast yet powerful html template engine.
|
Take a look at [quicktemplate](https://github.com/valyala/quicktemplate) if you need fast yet powerful html template engine.
|
||||||
|
275
vendor/golang.org/x/crypto/acme/acme.go
generated
vendored
275
vendor/golang.org/x/crypto/acme/acme.go
generated
vendored
@ -4,7 +4,10 @@
|
|||||||
|
|
||||||
// Package acme provides an implementation of the
|
// Package acme provides an implementation of the
|
||||||
// Automatic Certificate Management Environment (ACME) spec.
|
// Automatic Certificate Management Environment (ACME) spec.
|
||||||
// See https://tools.ietf.org/html/draft-ietf-acme-acme-02 for details.
|
// The intial implementation was based on ACME draft-02 and
|
||||||
|
// is now being extended to comply with RFC 8555.
|
||||||
|
// See https://tools.ietf.org/html/draft-ietf-acme-acme-02
|
||||||
|
// and https://tools.ietf.org/html/rfc8555 for details.
|
||||||
//
|
//
|
||||||
// Most common scenarios will want to use autocert subdirectory instead,
|
// Most common scenarios will want to use autocert subdirectory instead,
|
||||||
// which provides automatic access to certificates from Let's Encrypt
|
// which provides automatic access to certificates from Let's Encrypt
|
||||||
@ -41,7 +44,7 @@ import (
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
// LetsEncryptURL is the Directory endpoint of Let's Encrypt CA.
|
// LetsEncryptURL is the Directory endpoint of Let's Encrypt CA.
|
||||||
LetsEncryptURL = "https://acme-v01.api.letsencrypt.org/directory"
|
LetsEncryptURL = "https://acme-v02.api.letsencrypt.org/directory"
|
||||||
|
|
||||||
// ALPNProto is the ALPN protocol name used by a CA server when validating
|
// ALPNProto is the ALPN protocol name used by a CA server when validating
|
||||||
// tls-alpn-01 challenges.
|
// tls-alpn-01 challenges.
|
||||||
@ -57,7 +60,10 @@ var idPeACMEIdentifierV1 = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 1, 30, 1}
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
maxChainLen = 5 // max depth and breadth of a certificate chain
|
maxChainLen = 5 // max depth and breadth of a certificate chain
|
||||||
maxCertSize = 1 << 20 // max size of a certificate, in bytes
|
maxCertSize = 1 << 20 // max size of a certificate, in DER bytes
|
||||||
|
// Used for decoding certs from application/pem-certificate-chain response,
|
||||||
|
// the default when in RFC mode.
|
||||||
|
maxCertChainSize = maxCertSize * maxChainLen
|
||||||
|
|
||||||
// Max number of collected nonces kept in memory.
|
// Max number of collected nonces kept in memory.
|
||||||
// Expect usual peak of 1 or 2.
|
// Expect usual peak of 1 or 2.
|
||||||
@ -116,21 +122,48 @@ type Client struct {
|
|||||||
// identifiable by the server, in case they are causing issues.
|
// identifiable by the server, in case they are causing issues.
|
||||||
UserAgent string
|
UserAgent string
|
||||||
|
|
||||||
dirMu sync.Mutex // guards writes to dir
|
cacheMu sync.Mutex
|
||||||
dir *Directory // cached result of Client's Discover method
|
dir *Directory // cached result of Client's Discover method
|
||||||
|
kid keyID // cached Account.URI obtained from registerRFC or getAccountRFC
|
||||||
|
|
||||||
noncesMu sync.Mutex
|
noncesMu sync.Mutex
|
||||||
nonces map[string]struct{} // nonces collected from previous responses
|
nonces map[string]struct{} // nonces collected from previous responses
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// accountKID returns a key ID associated with c.Key, the account identity
|
||||||
|
// provided by the CA during RFC based registration.
|
||||||
|
// It assumes c.Discover has already been called.
|
||||||
|
//
|
||||||
|
// accountKID requires at most one network roundtrip.
|
||||||
|
// It caches only successful result.
|
||||||
|
//
|
||||||
|
// When in pre-RFC mode or when c.getRegRFC responds with an error, accountKID
|
||||||
|
// returns noKeyID.
|
||||||
|
func (c *Client) accountKID(ctx context.Context) keyID {
|
||||||
|
c.cacheMu.Lock()
|
||||||
|
defer c.cacheMu.Unlock()
|
||||||
|
if !c.dir.rfcCompliant() {
|
||||||
|
return noKeyID
|
||||||
|
}
|
||||||
|
if c.kid != noKeyID {
|
||||||
|
return c.kid
|
||||||
|
}
|
||||||
|
a, err := c.getRegRFC(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return noKeyID
|
||||||
|
}
|
||||||
|
c.kid = keyID(a.URI)
|
||||||
|
return c.kid
|
||||||
|
}
|
||||||
|
|
||||||
// Discover performs ACME server discovery using c.DirectoryURL.
|
// Discover performs ACME server discovery using c.DirectoryURL.
|
||||||
//
|
//
|
||||||
// It caches successful result. So, subsequent calls will not result in
|
// It caches successful result. So, subsequent calls will not result in
|
||||||
// a network round-trip. This also means mutating c.DirectoryURL after successful call
|
// a network round-trip. This also means mutating c.DirectoryURL after successful call
|
||||||
// of this method will have no effect.
|
// of this method will have no effect.
|
||||||
func (c *Client) Discover(ctx context.Context) (Directory, error) {
|
func (c *Client) Discover(ctx context.Context) (Directory, error) {
|
||||||
c.dirMu.Lock()
|
c.cacheMu.Lock()
|
||||||
defer c.dirMu.Unlock()
|
defer c.cacheMu.Unlock()
|
||||||
if c.dir != nil {
|
if c.dir != nil {
|
||||||
return *c.dir, nil
|
return *c.dir, nil
|
||||||
}
|
}
|
||||||
@ -144,29 +177,55 @@ func (c *Client) Discover(ctx context.Context) (Directory, error) {
|
|||||||
|
|
||||||
var v struct {
|
var v struct {
|
||||||
Reg string `json:"new-reg"`
|
Reg string `json:"new-reg"`
|
||||||
|
RegRFC string `json:"newAccount"`
|
||||||
Authz string `json:"new-authz"`
|
Authz string `json:"new-authz"`
|
||||||
|
AuthzRFC string `json:"newAuthz"`
|
||||||
|
OrderRFC string `json:"newOrder"`
|
||||||
Cert string `json:"new-cert"`
|
Cert string `json:"new-cert"`
|
||||||
Revoke string `json:"revoke-cert"`
|
Revoke string `json:"revoke-cert"`
|
||||||
|
RevokeRFC string `json:"revokeCert"`
|
||||||
|
NonceRFC string `json:"newNonce"`
|
||||||
|
KeyChangeRFC string `json:"keyChange"`
|
||||||
Meta struct {
|
Meta struct {
|
||||||
Terms string `json:"terms-of-service"`
|
Terms string `json:"terms-of-service"`
|
||||||
Website string `json:"website"`
|
TermsRFC string `json:"termsOfService"`
|
||||||
|
WebsiteRFC string `json:"website"`
|
||||||
CAA []string `json:"caa-identities"`
|
CAA []string `json:"caa-identities"`
|
||||||
|
CAARFC []string `json:"caaIdentities"`
|
||||||
|
ExternalAcctRFC bool `json:"externalAccountRequired"`
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
||||||
return Directory{}, err
|
return Directory{}, err
|
||||||
}
|
}
|
||||||
|
if v.OrderRFC == "" {
|
||||||
|
// Non-RFC compliant ACME CA.
|
||||||
c.dir = &Directory{
|
c.dir = &Directory{
|
||||||
RegURL: v.Reg,
|
RegURL: v.Reg,
|
||||||
AuthzURL: v.Authz,
|
AuthzURL: v.Authz,
|
||||||
CertURL: v.Cert,
|
CertURL: v.Cert,
|
||||||
RevokeURL: v.Revoke,
|
RevokeURL: v.Revoke,
|
||||||
Terms: v.Meta.Terms,
|
Terms: v.Meta.Terms,
|
||||||
Website: v.Meta.Website,
|
Website: v.Meta.WebsiteRFC,
|
||||||
CAA: v.Meta.CAA,
|
CAA: v.Meta.CAA,
|
||||||
}
|
}
|
||||||
return *c.dir, nil
|
return *c.dir, nil
|
||||||
}
|
}
|
||||||
|
// RFC compliant ACME CA.
|
||||||
|
c.dir = &Directory{
|
||||||
|
RegURL: v.RegRFC,
|
||||||
|
AuthzURL: v.AuthzRFC,
|
||||||
|
OrderURL: v.OrderRFC,
|
||||||
|
RevokeURL: v.RevokeRFC,
|
||||||
|
NonceURL: v.NonceRFC,
|
||||||
|
KeyChangeURL: v.KeyChangeRFC,
|
||||||
|
Terms: v.Meta.TermsRFC,
|
||||||
|
Website: v.Meta.WebsiteRFC,
|
||||||
|
CAA: v.Meta.CAARFC,
|
||||||
|
ExternalAccountRequired: v.Meta.ExternalAcctRFC,
|
||||||
|
}
|
||||||
|
return *c.dir, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (c *Client) directoryURL() string {
|
func (c *Client) directoryURL() string {
|
||||||
if c.DirectoryURL != "" {
|
if c.DirectoryURL != "" {
|
||||||
@ -176,6 +235,9 @@ func (c *Client) directoryURL() string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// CreateCert requests a new certificate using the Certificate Signing Request csr encoded in DER format.
|
// CreateCert requests a new certificate using the Certificate Signing Request csr encoded in DER format.
|
||||||
|
// It is incompatible with RFC 8555. Callers should use CreateOrderCert when interfacing
|
||||||
|
// with an RFC-compliant CA.
|
||||||
|
//
|
||||||
// The exp argument indicates the desired certificate validity duration. CA may issue a certificate
|
// The exp argument indicates the desired certificate validity duration. CA may issue a certificate
|
||||||
// with a different duration.
|
// with a different duration.
|
||||||
// If the bundle argument is true, the returned value will also contain the CA (issuer) certificate chain.
|
// If the bundle argument is true, the returned value will also contain the CA (issuer) certificate chain.
|
||||||
@ -206,7 +268,7 @@ func (c *Client) CreateCert(ctx context.Context, csr []byte, exp time.Duration,
|
|||||||
req.NotAfter = now.Add(exp).Format(time.RFC3339)
|
req.NotAfter = now.Add(exp).Format(time.RFC3339)
|
||||||
}
|
}
|
||||||
|
|
||||||
res, err := c.post(ctx, c.Key, c.dir.CertURL, req, wantStatus(http.StatusCreated))
|
res, err := c.post(ctx, nil, c.dir.CertURL, req, wantStatus(http.StatusCreated))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, "", err
|
return nil, "", err
|
||||||
}
|
}
|
||||||
@ -227,12 +289,22 @@ func (c *Client) CreateCert(ctx context.Context, csr []byte, exp time.Duration,
|
|||||||
// It retries the request until the certificate is successfully retrieved,
|
// It retries the request until the certificate is successfully retrieved,
|
||||||
// context is cancelled by the caller or an error response is received.
|
// context is cancelled by the caller or an error response is received.
|
||||||
//
|
//
|
||||||
// The returned value will also contain the CA (issuer) certificate if the bundle argument is true.
|
// If the bundle argument is true, the returned value also contains the CA (issuer)
|
||||||
|
// certificate chain.
|
||||||
//
|
//
|
||||||
// FetchCert returns an error if the CA's response or chain was unreasonably large.
|
// FetchCert returns an error if the CA's response or chain was unreasonably large.
|
||||||
// Callers are encouraged to parse the returned value to ensure the certificate is valid
|
// Callers are encouraged to parse the returned value to ensure the certificate is valid
|
||||||
// and has expected features.
|
// and has expected features.
|
||||||
func (c *Client) FetchCert(ctx context.Context, url string, bundle bool) ([][]byte, error) {
|
func (c *Client) FetchCert(ctx context.Context, url string, bundle bool) ([][]byte, error) {
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
return c.fetchCertRFC(ctx, url, bundle)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Legacy non-authenticated GET request.
|
||||||
res, err := c.get(ctx, url, wantStatus(http.StatusOK))
|
res, err := c.get(ctx, url, wantStatus(http.StatusOK))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -247,10 +319,15 @@ func (c *Client) FetchCert(ctx context.Context, url string, bundle bool) ([][]by
|
|||||||
// For instance, the key pair of the certificate may be authorized.
|
// For instance, the key pair of the certificate may be authorized.
|
||||||
// If the key is nil, c.Key is used instead.
|
// If the key is nil, c.Key is used instead.
|
||||||
func (c *Client) RevokeCert(ctx context.Context, key crypto.Signer, cert []byte, reason CRLReasonCode) error {
|
func (c *Client) RevokeCert(ctx context.Context, key crypto.Signer, cert []byte, reason CRLReasonCode) error {
|
||||||
if _, err := c.Discover(ctx); err != nil {
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
return c.revokeCertRFC(ctx, key, cert, reason)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Legacy CA.
|
||||||
body := &struct {
|
body := &struct {
|
||||||
Resource string `json:"resource"`
|
Resource string `json:"resource"`
|
||||||
Cert string `json:"certificate"`
|
Cert string `json:"certificate"`
|
||||||
@ -260,10 +337,7 @@ func (c *Client) RevokeCert(ctx context.Context, key crypto.Signer, cert []byte,
|
|||||||
Cert: base64.RawURLEncoding.EncodeToString(cert),
|
Cert: base64.RawURLEncoding.EncodeToString(cert),
|
||||||
Reason: int(reason),
|
Reason: int(reason),
|
||||||
}
|
}
|
||||||
if key == nil {
|
res, err := c.post(ctx, key, dir.RevokeURL, body, wantStatus(http.StatusOK))
|
||||||
key = c.Key
|
|
||||||
}
|
|
||||||
res, err := c.post(ctx, key, c.dir.RevokeURL, body, wantStatus(http.StatusOK))
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -275,20 +349,30 @@ func (c *Client) RevokeCert(ctx context.Context, key crypto.Signer, cert []byte,
|
|||||||
// during account registration. See Register method of Client for more details.
|
// during account registration. See Register method of Client for more details.
|
||||||
func AcceptTOS(tosURL string) bool { return true }
|
func AcceptTOS(tosURL string) bool { return true }
|
||||||
|
|
||||||
// Register creates a new account registration by following the "new-reg" flow.
|
// Register creates a new account with the CA using c.Key.
|
||||||
// It returns the registered account. The account is not modified.
|
// It returns the registered account. The account acct is not modified.
|
||||||
//
|
//
|
||||||
// The registration may require the caller to agree to the CA's Terms of Service (TOS).
|
// The registration may require the caller to agree to the CA's Terms of Service (TOS).
|
||||||
// If so, and the account has not indicated the acceptance of the terms (see Account for details),
|
// If so, and the account has not indicated the acceptance of the terms (see Account for details),
|
||||||
// Register calls prompt with a TOS URL provided by the CA. Prompt should report
|
// Register calls prompt with a TOS URL provided by the CA. Prompt should report
|
||||||
// whether the caller agrees to the terms. To always accept the terms, the caller can use AcceptTOS.
|
// whether the caller agrees to the terms. To always accept the terms, the caller can use AcceptTOS.
|
||||||
func (c *Client) Register(ctx context.Context, a *Account, prompt func(tosURL string) bool) (*Account, error) {
|
//
|
||||||
if _, err := c.Discover(ctx); err != nil {
|
// When interfacing with an RFC-compliant CA, non-RFC 8555 fields of acct are ignored
|
||||||
|
// and prompt is called if Directory's Terms field is non-zero.
|
||||||
|
// Also see Error's Instance field for when a CA requires already registered accounts to agree
|
||||||
|
// to an updated Terms of Service.
|
||||||
|
func (c *Client) Register(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
return c.registerRFC(ctx, acct, prompt)
|
||||||
|
}
|
||||||
|
|
||||||
var err error
|
// Legacy ACME draft registration flow.
|
||||||
if a, err = c.doReg(ctx, c.dir.RegURL, "new-reg", a); err != nil {
|
a, err := c.doReg(ctx, dir.RegURL, "new-reg", acct)
|
||||||
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
var accept bool
|
var accept bool
|
||||||
@ -302,9 +386,20 @@ func (c *Client) Register(ctx context.Context, a *Account, prompt func(tosURL st
|
|||||||
return a, err
|
return a, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetReg retrieves an existing registration.
|
// GetReg retrieves an existing account associated with c.Key.
|
||||||
// The url argument is an Account URI.
|
//
|
||||||
|
// The url argument is an Account URI used with pre-RFC 8555 CAs.
|
||||||
|
// It is ignored when interfacing with an RFC-compliant CA.
|
||||||
func (c *Client) GetReg(ctx context.Context, url string) (*Account, error) {
|
func (c *Client) GetReg(ctx context.Context, url string) (*Account, error) {
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
return c.getRegRFC(ctx)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Legacy CA.
|
||||||
a, err := c.doReg(ctx, url, "reg", nil)
|
a, err := c.doReg(ctx, url, "reg", nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -315,9 +410,21 @@ func (c *Client) GetReg(ctx context.Context, url string) (*Account, error) {
|
|||||||
|
|
||||||
// UpdateReg updates an existing registration.
|
// UpdateReg updates an existing registration.
|
||||||
// It returns an updated account copy. The provided account is not modified.
|
// It returns an updated account copy. The provided account is not modified.
|
||||||
func (c *Client) UpdateReg(ctx context.Context, a *Account) (*Account, error) {
|
//
|
||||||
uri := a.URI
|
// When interfacing with RFC-compliant CAs, a.URI is ignored and the account URL
|
||||||
a, err := c.doReg(ctx, uri, "reg", a)
|
// associated with c.Key is used instead.
|
||||||
|
func (c *Client) UpdateReg(ctx context.Context, acct *Account) (*Account, error) {
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
return c.updateRegRFC(ctx, acct)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Legacy CA.
|
||||||
|
uri := acct.URI
|
||||||
|
a, err := c.doReg(ctx, uri, "reg", acct)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -325,13 +432,21 @@ func (c *Client) UpdateReg(ctx context.Context, a *Account) (*Account, error) {
|
|||||||
return a, nil
|
return a, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Authorize performs the initial step in an authorization flow.
|
// Authorize performs the initial step in the pre-authorization flow,
|
||||||
|
// as opposed to order-based flow.
|
||||||
// The caller will then need to choose from and perform a set of returned
|
// The caller will then need to choose from and perform a set of returned
|
||||||
// challenges using c.Accept in order to successfully complete authorization.
|
// challenges using c.Accept in order to successfully complete authorization.
|
||||||
//
|
//
|
||||||
|
// Once complete, the caller can use AuthorizeOrder which the CA
|
||||||
|
// should provision with the already satisfied authorization.
|
||||||
|
// For pre-RFC CAs, the caller can proceed directly to requesting a certificate
|
||||||
|
// using CreateCert method.
|
||||||
|
//
|
||||||
// If an authorization has been previously granted, the CA may return
|
// If an authorization has been previously granted, the CA may return
|
||||||
// a valid authorization (Authorization.Status is StatusValid). If so, the caller
|
// a valid authorization which has its Status field set to StatusValid.
|
||||||
// need not fulfill any challenge and can proceed to requesting a certificate.
|
//
|
||||||
|
// More about pre-authorization can be found at
|
||||||
|
// https://tools.ietf.org/html/rfc8555#section-7.4.1.
|
||||||
func (c *Client) Authorize(ctx context.Context, domain string) (*Authorization, error) {
|
func (c *Client) Authorize(ctx context.Context, domain string) (*Authorization, error) {
|
||||||
return c.authorize(ctx, "dns", domain)
|
return c.authorize(ctx, "dns", domain)
|
||||||
}
|
}
|
||||||
@ -362,7 +477,7 @@ func (c *Client) authorize(ctx context.Context, typ, val string) (*Authorization
|
|||||||
Resource: "new-authz",
|
Resource: "new-authz",
|
||||||
Identifier: authzID{Type: typ, Value: val},
|
Identifier: authzID{Type: typ, Value: val},
|
||||||
}
|
}
|
||||||
res, err := c.post(ctx, c.Key, c.dir.AuthzURL, req, wantStatus(http.StatusCreated))
|
res, err := c.post(ctx, nil, c.dir.AuthzURL, req, wantStatus(http.StatusCreated))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -383,7 +498,17 @@ func (c *Client) authorize(ctx context.Context, typ, val string) (*Authorization
|
|||||||
// If a caller needs to poll an authorization until its status is final,
|
// If a caller needs to poll an authorization until its status is final,
|
||||||
// see the WaitAuthorization method.
|
// see the WaitAuthorization method.
|
||||||
func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorization, error) {
|
func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorization, error) {
|
||||||
res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
var res *http.Response
|
||||||
|
if dir.rfcCompliant() {
|
||||||
|
res, err = c.postAsGet(ctx, url, wantStatus(http.StatusOK))
|
||||||
|
} else {
|
||||||
|
res, err = c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
||||||
|
}
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -400,11 +525,16 @@ func (c *Client) GetAuthorization(ctx context.Context, url string) (*Authorizati
|
|||||||
// The url argument is an Authorization.URI value.
|
// The url argument is an Authorization.URI value.
|
||||||
//
|
//
|
||||||
// If successful, the caller will be required to obtain a new authorization
|
// If successful, the caller will be required to obtain a new authorization
|
||||||
// using the Authorize method before being able to request a new certificate
|
// using the Authorize or AuthorizeOrder methods before being able to request
|
||||||
// for the domain associated with the authorization.
|
// a new certificate for the domain associated with the authorization.
|
||||||
//
|
//
|
||||||
// It does not revoke existing certificates.
|
// It does not revoke existing certificates.
|
||||||
func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
|
func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
|
||||||
|
// Required for c.accountKID() when in RFC mode.
|
||||||
|
if _, err := c.Discover(ctx); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
req := struct {
|
req := struct {
|
||||||
Resource string `json:"resource"`
|
Resource string `json:"resource"`
|
||||||
Status string `json:"status"`
|
Status string `json:"status"`
|
||||||
@ -414,7 +544,7 @@ func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
|
|||||||
Status: "deactivated",
|
Status: "deactivated",
|
||||||
Delete: true,
|
Delete: true,
|
||||||
}
|
}
|
||||||
res, err := c.post(ctx, c.Key, url, req, wantStatus(http.StatusOK))
|
res, err := c.post(ctx, nil, url, req, wantStatus(http.StatusOK))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -430,8 +560,18 @@ func (c *Client) RevokeAuthorization(ctx context.Context, url string) error {
|
|||||||
// In all other cases WaitAuthorization returns an error.
|
// In all other cases WaitAuthorization returns an error.
|
||||||
// If the Status is StatusInvalid, the returned error is of type *AuthorizationError.
|
// If the Status is StatusInvalid, the returned error is of type *AuthorizationError.
|
||||||
func (c *Client) WaitAuthorization(ctx context.Context, url string) (*Authorization, error) {
|
func (c *Client) WaitAuthorization(ctx context.Context, url string) (*Authorization, error) {
|
||||||
|
// Required for c.accountKID() when in RFC mode.
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
getfn := c.postAsGet
|
||||||
|
if !dir.rfcCompliant() {
|
||||||
|
getfn = c.get
|
||||||
|
}
|
||||||
|
|
||||||
for {
|
for {
|
||||||
res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
res, err := getfn(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
@ -474,10 +614,21 @@ func (c *Client) WaitAuthorization(ctx context.Context, url string) (*Authorizat
|
|||||||
//
|
//
|
||||||
// A client typically polls a challenge status using this method.
|
// A client typically polls a challenge status using this method.
|
||||||
func (c *Client) GetChallenge(ctx context.Context, url string) (*Challenge, error) {
|
func (c *Client) GetChallenge(ctx context.Context, url string) (*Challenge, error) {
|
||||||
res, err := c.get(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
// Required for c.accountKID() when in RFC mode.
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
getfn := c.postAsGet
|
||||||
|
if !dir.rfcCompliant() {
|
||||||
|
getfn = c.get
|
||||||
|
}
|
||||||
|
res, err := getfn(ctx, url, wantStatus(http.StatusOK, http.StatusAccepted))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
defer res.Body.Close()
|
defer res.Body.Close()
|
||||||
v := wireChallenge{URI: url}
|
v := wireChallenge{URI: url}
|
||||||
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
||||||
@ -491,12 +642,19 @@ func (c *Client) GetChallenge(ctx context.Context, url string) (*Challenge, erro
|
|||||||
//
|
//
|
||||||
// The server will then perform the validation asynchronously.
|
// The server will then perform the validation asynchronously.
|
||||||
func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error) {
|
func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error) {
|
||||||
auth, err := keyAuth(c.Key.Public(), chal.Token)
|
// Required for c.accountKID() when in RFC mode.
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
req := struct {
|
var req interface{} = json.RawMessage("{}") // RFC-compliant CA
|
||||||
|
if !dir.rfcCompliant() {
|
||||||
|
auth, err := keyAuth(c.Key.Public(), chal.Token)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
req = struct {
|
||||||
Resource string `json:"resource"`
|
Resource string `json:"resource"`
|
||||||
Type string `json:"type"`
|
Type string `json:"type"`
|
||||||
Auth string `json:"keyAuthorization"`
|
Auth string `json:"keyAuthorization"`
|
||||||
@ -505,7 +663,8 @@ func (c *Client) Accept(ctx context.Context, chal *Challenge) (*Challenge, error
|
|||||||
Type: chal.Type,
|
Type: chal.Type,
|
||||||
Auth: auth,
|
Auth: auth,
|
||||||
}
|
}
|
||||||
res, err := c.post(ctx, c.Key, chal.URI, req, wantStatus(
|
}
|
||||||
|
res, err := c.post(ctx, nil, chal.URI, req, wantStatus(
|
||||||
http.StatusOK, // according to the spec
|
http.StatusOK, // according to the spec
|
||||||
http.StatusAccepted, // Let's Encrypt: see https://goo.gl/WsJ7VT (acme-divergences.md)
|
http.StatusAccepted, // Let's Encrypt: see https://goo.gl/WsJ7VT (acme-divergences.md)
|
||||||
))
|
))
|
||||||
@ -555,21 +714,8 @@ func (c *Client) HTTP01ChallengePath(token string) string {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TLSSNI01ChallengeCert creates a certificate for TLS-SNI-01 challenge response.
|
// TLSSNI01ChallengeCert creates a certificate for TLS-SNI-01 challenge response.
|
||||||
// Servers can present the certificate to validate the challenge and prove control
|
|
||||||
// over a domain name.
|
|
||||||
//
|
//
|
||||||
// The implementation is incomplete in that the returned value is a single certificate,
|
// Deprecated: This challenge type is unused in both draft-02 and RFC versions of ACME spec.
|
||||||
// computed only for Z0 of the key authorization. ACME CAs are expected to update
|
|
||||||
// their implementations to use the newer version, TLS-SNI-02.
|
|
||||||
// For more details on TLS-SNI-01 see https://tools.ietf.org/html/draft-ietf-acme-acme-01#section-7.3.
|
|
||||||
//
|
|
||||||
// The token argument is a Challenge.Token value.
|
|
||||||
// If a WithKey option is provided, its private part signs the returned cert,
|
|
||||||
// and the public part is used to specify the signee.
|
|
||||||
// If no WithKey option is provided, a new ECDSA key is generated using P-256 curve.
|
|
||||||
//
|
|
||||||
// The returned certificate is valid for the next 24 hours and must be presented only when
|
|
||||||
// the server name of the TLS ClientHello matches exactly the returned name value.
|
|
||||||
func (c *Client) TLSSNI01ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
|
func (c *Client) TLSSNI01ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
|
||||||
ka, err := keyAuth(c.Key.Public(), token)
|
ka, err := keyAuth(c.Key.Public(), token)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -586,17 +732,8 @@ func (c *Client) TLSSNI01ChallengeCert(token string, opt ...CertOption) (cert tl
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TLSSNI02ChallengeCert creates a certificate for TLS-SNI-02 challenge response.
|
// TLSSNI02ChallengeCert creates a certificate for TLS-SNI-02 challenge response.
|
||||||
// Servers can present the certificate to validate the challenge and prove control
|
|
||||||
// over a domain name. For more details on TLS-SNI-02 see
|
|
||||||
// https://tools.ietf.org/html/draft-ietf-acme-acme-03#section-7.3.
|
|
||||||
//
|
//
|
||||||
// The token argument is a Challenge.Token value.
|
// Deprecated: This challenge type is unused in both draft-02 and RFC versions of ACME spec.
|
||||||
// If a WithKey option is provided, its private part signs the returned cert,
|
|
||||||
// and the public part is used to specify the signee.
|
|
||||||
// If no WithKey option is provided, a new ECDSA key is generated using P-256 curve.
|
|
||||||
//
|
|
||||||
// The returned certificate is valid for the next 24 hours and must be presented only when
|
|
||||||
// the server name in the TLS ClientHello matches exactly the returned name value.
|
|
||||||
func (c *Client) TLSSNI02ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
|
func (c *Client) TLSSNI02ChallengeCert(token string, opt ...CertOption) (cert tls.Certificate, name string, err error) {
|
||||||
b := sha256.Sum256([]byte(token))
|
b := sha256.Sum256([]byte(token))
|
||||||
h := hex.EncodeToString(b[:])
|
h := hex.EncodeToString(b[:])
|
||||||
@ -663,7 +800,7 @@ func (c *Client) TLSALPN01ChallengeCert(token, domain string, opt ...CertOption)
|
|||||||
return tlsChallengeCert([]string{domain}, newOpt)
|
return tlsChallengeCert([]string{domain}, newOpt)
|
||||||
}
|
}
|
||||||
|
|
||||||
// doReg sends all types of registration requests.
|
// doReg sends all types of registration requests the old way (pre-RFC world).
|
||||||
// The type of request is identified by typ argument, which is a "resource"
|
// The type of request is identified by typ argument, which is a "resource"
|
||||||
// in the ACME spec terms.
|
// in the ACME spec terms.
|
||||||
//
|
//
|
||||||
@ -682,7 +819,7 @@ func (c *Client) doReg(ctx context.Context, url string, typ string, acct *Accoun
|
|||||||
req.Contact = acct.Contact
|
req.Contact = acct.Contact
|
||||||
req.Agreement = acct.AgreedTerms
|
req.Agreement = acct.AgreedTerms
|
||||||
}
|
}
|
||||||
res, err := c.post(ctx, c.Key, url, req, wantStatus(
|
res, err := c.post(ctx, nil, url, req, wantStatus(
|
||||||
http.StatusOK, // updates and deletes
|
http.StatusOK, // updates and deletes
|
||||||
http.StatusCreated, // new account creation
|
http.StatusCreated, // new account creation
|
||||||
http.StatusAccepted, // Let's Encrypt divergent implementation
|
http.StatusAccepted, // Let's Encrypt divergent implementation
|
||||||
@ -721,12 +858,16 @@ func (c *Client) doReg(ctx context.Context, url string, typ string, acct *Accoun
|
|||||||
}
|
}
|
||||||
|
|
||||||
// popNonce returns a nonce value previously stored with c.addNonce
|
// popNonce returns a nonce value previously stored with c.addNonce
|
||||||
// or fetches a fresh one from a URL by issuing a HEAD request.
|
// or fetches a fresh one from c.dir.NonceURL.
|
||||||
// It first tries c.directoryURL() and then the provided url if the former fails.
|
// If NonceURL is empty, it first tries c.directoryURL() and, failing that,
|
||||||
|
// the provided url.
|
||||||
func (c *Client) popNonce(ctx context.Context, url string) (string, error) {
|
func (c *Client) popNonce(ctx context.Context, url string) (string, error) {
|
||||||
c.noncesMu.Lock()
|
c.noncesMu.Lock()
|
||||||
defer c.noncesMu.Unlock()
|
defer c.noncesMu.Unlock()
|
||||||
if len(c.nonces) == 0 {
|
if len(c.nonces) == 0 {
|
||||||
|
if c.dir != nil && c.dir.NonceURL != "" {
|
||||||
|
return c.fetchNonce(ctx, c.dir.NonceURL)
|
||||||
|
}
|
||||||
dirURL := c.directoryURL()
|
dirURL := c.directoryURL()
|
||||||
v, err := c.fetchNonce(ctx, dirURL)
|
v, err := c.fetchNonce(ctx, dirURL)
|
||||||
if err != nil && url != dirURL {
|
if err != nil && url != dirURL {
|
||||||
|
276
vendor/golang.org/x/crypto/acme/autocert/autocert.go
generated
vendored
276
vendor/golang.org/x/crypto/acme/autocert/autocert.go
generated
vendored
@ -35,6 +35,9 @@ import (
|
|||||||
"golang.org/x/net/idna"
|
"golang.org/x/net/idna"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// DefaultACMEDirectory is the default ACME Directory URL used when the Manager's Client is nil.
|
||||||
|
const DefaultACMEDirectory = "https://acme-v02.api.letsencrypt.org/directory"
|
||||||
|
|
||||||
// createCertRetryAfter is how much time to wait before removing a failed state
|
// createCertRetryAfter is how much time to wait before removing a failed state
|
||||||
// entry due to an unsuccessful createCert call.
|
// entry due to an unsuccessful createCert call.
|
||||||
// This is a variable instead of a const for testing.
|
// This is a variable instead of a const for testing.
|
||||||
@ -135,9 +138,10 @@ type Manager struct {
|
|||||||
// Client is used to perform low-level operations, such as account registration
|
// Client is used to perform low-level operations, such as account registration
|
||||||
// and requesting new certificates.
|
// and requesting new certificates.
|
||||||
//
|
//
|
||||||
// If Client is nil, a zero-value acme.Client is used with acme.LetsEncryptURL
|
// If Client is nil, a zero-value acme.Client is used with DefaultACMEDirectory
|
||||||
// as directory endpoint. If the Client.Key is nil, a new ECDSA P-256 key is
|
// as the directory endpoint.
|
||||||
// generated and, if Cache is not nil, stored in cache.
|
// If the Client.Key is nil, a new ECDSA P-256 key is generated and,
|
||||||
|
// if Cache is not nil, stored in cache.
|
||||||
//
|
//
|
||||||
// Mutating the field after the first call of GetCertificate method will have no effect.
|
// Mutating the field after the first call of GetCertificate method will have no effect.
|
||||||
Client *acme.Client
|
Client *acme.Client
|
||||||
@ -174,8 +178,8 @@ type Manager struct {
|
|||||||
renewalMu sync.Mutex
|
renewalMu sync.Mutex
|
||||||
renewal map[certKey]*domainRenewal
|
renewal map[certKey]*domainRenewal
|
||||||
|
|
||||||
// tokensMu guards the rest of the fields: tryHTTP01, certTokens and httpTokens.
|
// challengeMu guards tryHTTP01, certTokens and httpTokens.
|
||||||
tokensMu sync.RWMutex
|
challengeMu sync.RWMutex
|
||||||
// tryHTTP01 indicates whether the Manager should try "http-01" challenge type
|
// tryHTTP01 indicates whether the Manager should try "http-01" challenge type
|
||||||
// during the authorization flow.
|
// during the authorization flow.
|
||||||
tryHTTP01 bool
|
tryHTTP01 bool
|
||||||
@ -188,6 +192,7 @@ type Manager struct {
|
|||||||
// and is keyed by the domain name which matches the ClientHello server name.
|
// and is keyed by the domain name which matches the ClientHello server name.
|
||||||
// The entries are stored for the duration of the authorization flow.
|
// The entries are stored for the duration of the authorization flow.
|
||||||
certTokens map[string]*tls.Certificate
|
certTokens map[string]*tls.Certificate
|
||||||
|
|
||||||
// nowFunc, if not nil, returns the current time. This may be set for
|
// nowFunc, if not nil, returns the current time. This may be set for
|
||||||
// testing purposes.
|
// testing purposes.
|
||||||
nowFunc func() time.Time
|
nowFunc func() time.Time
|
||||||
@ -267,8 +272,8 @@ func (m *Manager) GetCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate,
|
|||||||
|
|
||||||
// Check whether this is a token cert requested for TLS-ALPN challenge.
|
// Check whether this is a token cert requested for TLS-ALPN challenge.
|
||||||
if wantsTokenCert(hello) {
|
if wantsTokenCert(hello) {
|
||||||
m.tokensMu.RLock()
|
m.challengeMu.RLock()
|
||||||
defer m.tokensMu.RUnlock()
|
defer m.challengeMu.RUnlock()
|
||||||
if cert := m.certTokens[name]; cert != nil {
|
if cert := m.certTokens[name]; cert != nil {
|
||||||
return cert, nil
|
return cert, nil
|
||||||
}
|
}
|
||||||
@ -376,8 +381,8 @@ func supportsECDSA(hello *tls.ClientHelloInfo) bool {
|
|||||||
// If HTTPHandler is never called, the Manager will only use the "tls-alpn-01"
|
// If HTTPHandler is never called, the Manager will only use the "tls-alpn-01"
|
||||||
// challenge for domain verification.
|
// challenge for domain verification.
|
||||||
func (m *Manager) HTTPHandler(fallback http.Handler) http.Handler {
|
func (m *Manager) HTTPHandler(fallback http.Handler) http.Handler {
|
||||||
m.tokensMu.Lock()
|
m.challengeMu.Lock()
|
||||||
defer m.tokensMu.Unlock()
|
defer m.challengeMu.Unlock()
|
||||||
m.tryHTTP01 = true
|
m.tryHTTP01 = true
|
||||||
|
|
||||||
if fallback == nil {
|
if fallback == nil {
|
||||||
@ -640,71 +645,64 @@ func (m *Manager) certState(ck certKey) (*certState, error) {
|
|||||||
// authorizedCert starts the domain ownership verification process and requests a new cert upon success.
|
// authorizedCert starts the domain ownership verification process and requests a new cert upon success.
|
||||||
// The key argument is the certificate private key.
|
// The key argument is the certificate private key.
|
||||||
func (m *Manager) authorizedCert(ctx context.Context, key crypto.Signer, ck certKey) (der [][]byte, leaf *x509.Certificate, err error) {
|
func (m *Manager) authorizedCert(ctx context.Context, key crypto.Signer, ck certKey) (der [][]byte, leaf *x509.Certificate, err error) {
|
||||||
client, err := m.acmeClient(ctx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := m.verify(ctx, client, ck.domain); err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
csr, err := certRequest(key, ck.domain, m.ExtraExtensions)
|
csr, err := certRequest(key, ck.domain, m.ExtraExtensions)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
der, _, err = client.CreateCert(ctx, csr, 0, true)
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
leaf, err = validCert(ck, der, key, m.now())
|
|
||||||
if err != nil {
|
|
||||||
return nil, nil, err
|
|
||||||
}
|
|
||||||
return der, leaf, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// revokePendingAuthz revokes all authorizations idenfied by the elements of uri slice.
|
|
||||||
// It ignores revocation errors.
|
|
||||||
func (m *Manager) revokePendingAuthz(ctx context.Context, uri []string) {
|
|
||||||
client, err := m.acmeClient(ctx)
|
client, err := m.acmeClient(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return nil, nil, err
|
||||||
}
|
|
||||||
for _, u := range uri {
|
|
||||||
client.RevokeAuthorization(ctx, u)
|
|
||||||
}
|
}
|
||||||
|
dir, err := client.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// verify runs the identifier (domain) authorization flow
|
var chain [][]byte
|
||||||
|
switch {
|
||||||
|
// Pre-RFC legacy CA.
|
||||||
|
case dir.OrderURL == "":
|
||||||
|
if err := m.verify(ctx, client, ck.domain); err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
der, _, err := client.CreateCert(ctx, csr, 0, true)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
chain = der
|
||||||
|
// RFC 8555 compliant CA.
|
||||||
|
default:
|
||||||
|
o, err := m.verifyRFC(ctx, client, ck.domain)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
der, _, err := client.CreateOrderCert(ctx, o.FinalizeURL, csr, true)
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
chain = der
|
||||||
|
}
|
||||||
|
leaf, err = validCert(ck, chain, key, m.now())
|
||||||
|
if err != nil {
|
||||||
|
return nil, nil, err
|
||||||
|
}
|
||||||
|
return chain, leaf, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// verify runs the identifier (domain) pre-authorization flow for legacy CAs
|
||||||
// using each applicable ACME challenge type.
|
// using each applicable ACME challenge type.
|
||||||
func (m *Manager) verify(ctx context.Context, client *acme.Client, domain string) error {
|
func (m *Manager) verify(ctx context.Context, client *acme.Client, domain string) error {
|
||||||
// The list of challenge types we'll try to fulfill
|
// Remove all hanging authorizations to reduce rate limit quotas
|
||||||
// in this specific order.
|
// after we're done.
|
||||||
challengeTypes := []string{"tls-alpn-01"}
|
var authzURLs []string
|
||||||
m.tokensMu.RLock()
|
|
||||||
if m.tryHTTP01 {
|
|
||||||
challengeTypes = append(challengeTypes, "http-01")
|
|
||||||
}
|
|
||||||
m.tokensMu.RUnlock()
|
|
||||||
|
|
||||||
// Keep track of pending authzs and revoke the ones that did not validate.
|
|
||||||
pendingAuthzs := make(map[string]bool)
|
|
||||||
defer func() {
|
defer func() {
|
||||||
var uri []string
|
go m.deactivatePendingAuthz(authzURLs)
|
||||||
for k, pending := range pendingAuthzs {
|
|
||||||
if pending {
|
|
||||||
uri = append(uri, k)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if len(uri) > 0 {
|
|
||||||
// Use "detached" background context.
|
|
||||||
// The revocations need not happen in the current verification flow.
|
|
||||||
go m.revokePendingAuthz(context.Background(), uri)
|
|
||||||
}
|
|
||||||
}()
|
}()
|
||||||
|
|
||||||
// errs accumulates challenge failure errors, printed if all fail
|
// errs accumulates challenge failure errors, printed if all fail
|
||||||
errs := make(map[*acme.Challenge]error)
|
errs := make(map[*acme.Challenge]error)
|
||||||
|
challengeTypes := m.supportedChallengeTypes()
|
||||||
var nextTyp int // challengeType index of the next challenge type to try
|
var nextTyp int // challengeType index of the next challenge type to try
|
||||||
for {
|
for {
|
||||||
// Start domain authorization and get the challenge.
|
// Start domain authorization and get the challenge.
|
||||||
@ -712,6 +710,7 @@ func (m *Manager) verify(ctx context.Context, client *acme.Client, domain string
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
authzURLs = append(authzURLs, authz.URI)
|
||||||
// No point in accepting challenges if the authorization status
|
// No point in accepting challenges if the authorization status
|
||||||
// is in a final state.
|
// is in a final state.
|
||||||
switch authz.Status {
|
switch authz.Status {
|
||||||
@ -721,8 +720,6 @@ func (m *Manager) verify(ctx context.Context, client *acme.Client, domain string
|
|||||||
return fmt.Errorf("acme/autocert: invalid authorization %q", authz.URI)
|
return fmt.Errorf("acme/autocert: invalid authorization %q", authz.URI)
|
||||||
}
|
}
|
||||||
|
|
||||||
pendingAuthzs[authz.URI] = true
|
|
||||||
|
|
||||||
// Pick the next preferred challenge.
|
// Pick the next preferred challenge.
|
||||||
var chal *acme.Challenge
|
var chal *acme.Challenge
|
||||||
for chal == nil && nextTyp < len(challengeTypes) {
|
for chal == nil && nextTyp < len(challengeTypes) {
|
||||||
@ -752,11 +749,126 @@ func (m *Manager) verify(ctx context.Context, client *acme.Client, domain string
|
|||||||
errs[chal] = err
|
errs[chal] = err
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
delete(pendingAuthzs, authz.URI)
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// verifyRFC runs the identifier (domain) order-based authorization flow for RFC compliant CAs
|
||||||
|
// using each applicable ACME challenge type.
|
||||||
|
func (m *Manager) verifyRFC(ctx context.Context, client *acme.Client, domain string) (*acme.Order, error) {
|
||||||
|
// Try each supported challenge type starting with a new order each time.
|
||||||
|
// The nextTyp index of the next challenge type to try is shared across
|
||||||
|
// all order authorizations: if we've tried a challenge type once and it didn't work,
|
||||||
|
// it will most likely not work on another order's authorization either.
|
||||||
|
challengeTypes := m.supportedChallengeTypes()
|
||||||
|
nextTyp := 0 // challengeTypes index
|
||||||
|
AuthorizeOrderLoop:
|
||||||
|
for {
|
||||||
|
o, err := client.AuthorizeOrder(ctx, acme.DomainIDs(domain))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
// Remove all hanging authorizations to reduce rate limit quotas
|
||||||
|
// after we're done.
|
||||||
|
defer func(urls []string) {
|
||||||
|
go m.deactivatePendingAuthz(urls)
|
||||||
|
}(o.AuthzURLs)
|
||||||
|
|
||||||
|
// Check if there's actually anything we need to do.
|
||||||
|
switch o.Status {
|
||||||
|
case acme.StatusReady:
|
||||||
|
// Already authorized.
|
||||||
|
return o, nil
|
||||||
|
case acme.StatusPending:
|
||||||
|
// Continue normal Order-based flow.
|
||||||
|
default:
|
||||||
|
return nil, fmt.Errorf("acme/autocert: invalid new order status %q; order URL: %q", o.Status, o.URI)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Satisfy all pending authorizations.
|
||||||
|
for _, zurl := range o.AuthzURLs {
|
||||||
|
z, err := client.GetAuthorization(ctx, zurl)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
if z.Status != acme.StatusPending {
|
||||||
|
// We are interested only in pending authorizations.
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
// Pick the next preferred challenge.
|
||||||
|
var chal *acme.Challenge
|
||||||
|
for chal == nil && nextTyp < len(challengeTypes) {
|
||||||
|
chal = pickChallenge(challengeTypes[nextTyp], z.Challenges)
|
||||||
|
nextTyp++
|
||||||
|
}
|
||||||
|
if chal == nil {
|
||||||
|
return nil, fmt.Errorf("acme/autocert: unable to satisfy %q for domain %q: no viable challenge type found", z.URI, domain)
|
||||||
|
}
|
||||||
|
// Respond to the challenge and wait for validation result.
|
||||||
|
cleanup, err := m.fulfill(ctx, client, chal, domain)
|
||||||
|
if err != nil {
|
||||||
|
continue AuthorizeOrderLoop
|
||||||
|
}
|
||||||
|
defer cleanup()
|
||||||
|
if _, err := client.Accept(ctx, chal); err != nil {
|
||||||
|
continue AuthorizeOrderLoop
|
||||||
|
}
|
||||||
|
if _, err := client.WaitAuthorization(ctx, z.URI); err != nil {
|
||||||
|
continue AuthorizeOrderLoop
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// All authorizations are satisfied.
|
||||||
|
// Wait for the CA to update the order status.
|
||||||
|
o, err = client.WaitOrder(ctx, o.URI)
|
||||||
|
if err != nil {
|
||||||
|
continue AuthorizeOrderLoop
|
||||||
|
}
|
||||||
|
return o, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func pickChallenge(typ string, chal []*acme.Challenge) *acme.Challenge {
|
||||||
|
for _, c := range chal {
|
||||||
|
if c.Type == typ {
|
||||||
|
return c
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (m *Manager) supportedChallengeTypes() []string {
|
||||||
|
m.challengeMu.RLock()
|
||||||
|
defer m.challengeMu.RUnlock()
|
||||||
|
typ := []string{"tls-alpn-01"}
|
||||||
|
if m.tryHTTP01 {
|
||||||
|
typ = append(typ, "http-01")
|
||||||
|
}
|
||||||
|
return typ
|
||||||
|
}
|
||||||
|
|
||||||
|
// deactivatePendingAuthz relinquishes all authorizations identified by the elements
|
||||||
|
// of the provided uri slice which are in "pending" state.
|
||||||
|
// It ignores revocation errors.
|
||||||
|
//
|
||||||
|
// deactivatePendingAuthz takes no context argument and instead runs with its own
|
||||||
|
// "detached" context because deactivations are done in a goroutine separate from
|
||||||
|
// that of the main issuance or renewal flow.
|
||||||
|
func (m *Manager) deactivatePendingAuthz(uri []string) {
|
||||||
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
|
defer cancel()
|
||||||
|
client, err := m.acmeClient(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
for _, u := range uri {
|
||||||
|
z, err := client.GetAuthorization(ctx, u)
|
||||||
|
if err == nil && z.Status == acme.StatusPending {
|
||||||
|
client.RevokeAuthorization(ctx, u)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// fulfill provisions a response to the challenge chal.
|
// fulfill provisions a response to the challenge chal.
|
||||||
// The cleanup is non-nil only if provisioning succeeded.
|
// The cleanup is non-nil only if provisioning succeeded.
|
||||||
func (m *Manager) fulfill(ctx context.Context, client *acme.Client, chal *acme.Challenge, domain string) (cleanup func(), err error) {
|
func (m *Manager) fulfill(ctx context.Context, client *acme.Client, chal *acme.Challenge, domain string) (cleanup func(), err error) {
|
||||||
@ -780,20 +892,11 @@ func (m *Manager) fulfill(ctx context.Context, client *acme.Client, chal *acme.C
|
|||||||
return nil, fmt.Errorf("acme/autocert: unknown challenge type %q", chal.Type)
|
return nil, fmt.Errorf("acme/autocert: unknown challenge type %q", chal.Type)
|
||||||
}
|
}
|
||||||
|
|
||||||
func pickChallenge(typ string, chal []*acme.Challenge) *acme.Challenge {
|
|
||||||
for _, c := range chal {
|
|
||||||
if c.Type == typ {
|
|
||||||
return c
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// putCertToken stores the token certificate with the specified name
|
// putCertToken stores the token certificate with the specified name
|
||||||
// in both m.certTokens map and m.Cache.
|
// in both m.certTokens map and m.Cache.
|
||||||
func (m *Manager) putCertToken(ctx context.Context, name string, cert *tls.Certificate) {
|
func (m *Manager) putCertToken(ctx context.Context, name string, cert *tls.Certificate) {
|
||||||
m.tokensMu.Lock()
|
m.challengeMu.Lock()
|
||||||
defer m.tokensMu.Unlock()
|
defer m.challengeMu.Unlock()
|
||||||
if m.certTokens == nil {
|
if m.certTokens == nil {
|
||||||
m.certTokens = make(map[string]*tls.Certificate)
|
m.certTokens = make(map[string]*tls.Certificate)
|
||||||
}
|
}
|
||||||
@ -804,8 +907,8 @@ func (m *Manager) putCertToken(ctx context.Context, name string, cert *tls.Certi
|
|||||||
// deleteCertToken removes the token certificate with the specified name
|
// deleteCertToken removes the token certificate with the specified name
|
||||||
// from both m.certTokens map and m.Cache.
|
// from both m.certTokens map and m.Cache.
|
||||||
func (m *Manager) deleteCertToken(name string) {
|
func (m *Manager) deleteCertToken(name string) {
|
||||||
m.tokensMu.Lock()
|
m.challengeMu.Lock()
|
||||||
defer m.tokensMu.Unlock()
|
defer m.challengeMu.Unlock()
|
||||||
delete(m.certTokens, name)
|
delete(m.certTokens, name)
|
||||||
if m.Cache != nil {
|
if m.Cache != nil {
|
||||||
ck := certKey{domain: name, isToken: true}
|
ck := certKey{domain: name, isToken: true}
|
||||||
@ -816,8 +919,8 @@ func (m *Manager) deleteCertToken(name string) {
|
|||||||
// httpToken retrieves an existing http-01 token value from an in-memory map
|
// httpToken retrieves an existing http-01 token value from an in-memory map
|
||||||
// or the optional cache.
|
// or the optional cache.
|
||||||
func (m *Manager) httpToken(ctx context.Context, tokenPath string) ([]byte, error) {
|
func (m *Manager) httpToken(ctx context.Context, tokenPath string) ([]byte, error) {
|
||||||
m.tokensMu.RLock()
|
m.challengeMu.RLock()
|
||||||
defer m.tokensMu.RUnlock()
|
defer m.challengeMu.RUnlock()
|
||||||
if v, ok := m.httpTokens[tokenPath]; ok {
|
if v, ok := m.httpTokens[tokenPath]; ok {
|
||||||
return v, nil
|
return v, nil
|
||||||
}
|
}
|
||||||
@ -832,8 +935,8 @@ func (m *Manager) httpToken(ctx context.Context, tokenPath string) ([]byte, erro
|
|||||||
//
|
//
|
||||||
// It ignores any error returned from Cache.Put.
|
// It ignores any error returned from Cache.Put.
|
||||||
func (m *Manager) putHTTPToken(ctx context.Context, tokenPath, val string) {
|
func (m *Manager) putHTTPToken(ctx context.Context, tokenPath, val string) {
|
||||||
m.tokensMu.Lock()
|
m.challengeMu.Lock()
|
||||||
defer m.tokensMu.Unlock()
|
defer m.challengeMu.Unlock()
|
||||||
if m.httpTokens == nil {
|
if m.httpTokens == nil {
|
||||||
m.httpTokens = make(map[string][]byte)
|
m.httpTokens = make(map[string][]byte)
|
||||||
}
|
}
|
||||||
@ -849,8 +952,8 @@ func (m *Manager) putHTTPToken(ctx context.Context, tokenPath, val string) {
|
|||||||
//
|
//
|
||||||
// If m.Cache is non-nil, it blocks until Cache.Delete returns without a timeout.
|
// If m.Cache is non-nil, it blocks until Cache.Delete returns without a timeout.
|
||||||
func (m *Manager) deleteHTTPToken(tokenPath string) {
|
func (m *Manager) deleteHTTPToken(tokenPath string) {
|
||||||
m.tokensMu.Lock()
|
m.challengeMu.Lock()
|
||||||
defer m.tokensMu.Unlock()
|
defer m.challengeMu.Unlock()
|
||||||
delete(m.httpTokens, tokenPath)
|
delete(m.httpTokens, tokenPath)
|
||||||
if m.Cache != nil {
|
if m.Cache != nil {
|
||||||
m.Cache.Delete(context.Background(), httpTokenCacheKey(tokenPath))
|
m.Cache.Delete(context.Background(), httpTokenCacheKey(tokenPath))
|
||||||
@ -949,7 +1052,7 @@ func (m *Manager) acmeClient(ctx context.Context) (*acme.Client, error) {
|
|||||||
|
|
||||||
client := m.Client
|
client := m.Client
|
||||||
if client == nil {
|
if client == nil {
|
||||||
client = &acme.Client{DirectoryURL: acme.LetsEncryptURL}
|
client = &acme.Client{DirectoryURL: DefaultACMEDirectory}
|
||||||
}
|
}
|
||||||
if client.Key == nil {
|
if client.Key == nil {
|
||||||
var err error
|
var err error
|
||||||
@ -967,14 +1070,23 @@ func (m *Manager) acmeClient(ctx context.Context) (*acme.Client, error) {
|
|||||||
}
|
}
|
||||||
a := &acme.Account{Contact: contact}
|
a := &acme.Account{Contact: contact}
|
||||||
_, err := client.Register(ctx, a, m.Prompt)
|
_, err := client.Register(ctx, a, m.Prompt)
|
||||||
if ae, ok := err.(*acme.Error); err == nil || ok && ae.StatusCode == http.StatusConflict {
|
if err == nil || isAccountAlreadyExist(err) {
|
||||||
// conflict indicates the key is already registered
|
|
||||||
m.client = client
|
m.client = client
|
||||||
err = nil
|
err = nil
|
||||||
}
|
}
|
||||||
return m.client, err
|
return m.client, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// isAccountAlreadyExist reports whether the err, as returned from acme.Client.Register,
|
||||||
|
// indicates the account has already been registered.
|
||||||
|
func isAccountAlreadyExist(err error) bool {
|
||||||
|
if err == acme.ErrAccountAlreadyExists {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
ae, ok := err.(*acme.Error)
|
||||||
|
return ok && ae.StatusCode == http.StatusConflict
|
||||||
|
}
|
||||||
|
|
||||||
func (m *Manager) hostPolicy() HostPolicy {
|
func (m *Manager) hostPolicy() HostPolicy {
|
||||||
if m.HostPolicy != nil {
|
if m.HostPolicy != nil {
|
||||||
return m.HostPolicy
|
return m.HostPolicy
|
||||||
|
28
vendor/golang.org/x/crypto/acme/http.go
generated
vendored
28
vendor/golang.org/x/crypto/acme/http.go
generated
vendored
@ -155,8 +155,16 @@ func (c *Client) get(ctx context.Context, url string, ok resOkay) (*http.Respons
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// postAsGet is POST-as-GET, a replacement for GET in RFC8555
|
||||||
|
// as described in https://tools.ietf.org/html/rfc8555#section-6.3.
|
||||||
|
// It makes a POST request in KID form with zero JWS payload.
|
||||||
|
// See nopayload doc comments in jws.go.
|
||||||
|
func (c *Client) postAsGet(ctx context.Context, url string, ok resOkay) (*http.Response, error) {
|
||||||
|
return c.post(ctx, nil, url, noPayload, ok)
|
||||||
|
}
|
||||||
|
|
||||||
// post issues a signed POST request in JWS format using the provided key
|
// post issues a signed POST request in JWS format using the provided key
|
||||||
// to the specified URL.
|
// to the specified URL. If key is nil, c.Key is used instead.
|
||||||
// It returns a non-error value only when ok reports true.
|
// It returns a non-error value only when ok reports true.
|
||||||
//
|
//
|
||||||
// post retries unsuccessful attempts according to c.RetryBackoff
|
// post retries unsuccessful attempts according to c.RetryBackoff
|
||||||
@ -193,14 +201,28 @@ func (c *Client) post(ctx context.Context, key crypto.Signer, url string, body i
|
|||||||
}
|
}
|
||||||
|
|
||||||
// postNoRetry signs the body with the given key and POSTs it to the provided url.
|
// postNoRetry signs the body with the given key and POSTs it to the provided url.
|
||||||
// The body argument must be JSON-serializable.
|
|
||||||
// It is used by c.post to retry unsuccessful attempts.
|
// It is used by c.post to retry unsuccessful attempts.
|
||||||
|
// The body argument must be JSON-serializable.
|
||||||
|
//
|
||||||
|
// If key argument is nil, c.Key is used to sign the request.
|
||||||
|
// If key argument is nil and c.accountKID returns a non-zero keyID,
|
||||||
|
// the request is sent in KID form. Otherwise, JWK form is used.
|
||||||
|
//
|
||||||
|
// In practice, when interfacing with RFC-compliant CAs most requests are sent in KID form
|
||||||
|
// and JWK is used only when KID is unavailable: new account endpoint and certificate
|
||||||
|
// revocation requests authenticated by a cert key.
|
||||||
|
// See jwsEncodeJSON for other details.
|
||||||
func (c *Client) postNoRetry(ctx context.Context, key crypto.Signer, url string, body interface{}) (*http.Response, *http.Request, error) {
|
func (c *Client) postNoRetry(ctx context.Context, key crypto.Signer, url string, body interface{}) (*http.Response, *http.Request, error) {
|
||||||
|
kid := noKeyID
|
||||||
|
if key == nil {
|
||||||
|
key = c.Key
|
||||||
|
kid = c.accountKID(ctx)
|
||||||
|
}
|
||||||
nonce, err := c.popNonce(ctx, url)
|
nonce, err := c.popNonce(ctx, url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
b, err := jwsEncodeJSON(body, key, nonce)
|
b, err := jwsEncodeJSON(body, key, kid, nonce, url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
71
vendor/golang.org/x/crypto/acme/jws.go
generated
vendored
71
vendor/golang.org/x/crypto/acme/jws.go
generated
vendored
@ -11,31 +11,60 @@ import (
|
|||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
_ "crypto/sha512" // need for EC keys
|
_ "crypto/sha512" // need for EC keys
|
||||||
|
"encoding/asn1"
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"math/big"
|
"math/big"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// keyID is the account identity provided by a CA during registration.
|
||||||
|
type keyID string
|
||||||
|
|
||||||
|
// noKeyID indicates that jwsEncodeJSON should compute and use JWK instead of a KID.
|
||||||
|
// See jwsEncodeJSON for details.
|
||||||
|
const noKeyID = keyID("")
|
||||||
|
|
||||||
|
// noPayload indicates jwsEncodeJSON will encode zero-length octet string
|
||||||
|
// in a JWS request. This is called POST-as-GET in RFC 8555 and is used to make
|
||||||
|
// authenticated GET requests via POSTing with an empty payload.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-6.3 for more details.
|
||||||
|
const noPayload = ""
|
||||||
|
|
||||||
// jwsEncodeJSON signs claimset using provided key and a nonce.
|
// jwsEncodeJSON signs claimset using provided key and a nonce.
|
||||||
// The result is serialized in JSON format.
|
// The result is serialized in JSON format containing either kid or jwk
|
||||||
|
// fields based on the provided keyID value.
|
||||||
|
//
|
||||||
|
// If kid is non-empty, its quoted value is inserted in the protected head
|
||||||
|
// as "kid" field value. Otherwise, JWK is computed using jwkEncode and inserted
|
||||||
|
// as "jwk" field value. The "jwk" and "kid" fields are mutually exclusive.
|
||||||
|
//
|
||||||
// See https://tools.ietf.org/html/rfc7515#section-7.
|
// See https://tools.ietf.org/html/rfc7515#section-7.
|
||||||
func jwsEncodeJSON(claimset interface{}, key crypto.Signer, nonce string) ([]byte, error) {
|
func jwsEncodeJSON(claimset interface{}, key crypto.Signer, kid keyID, nonce, url string) ([]byte, error) {
|
||||||
jwk, err := jwkEncode(key.Public())
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
alg, sha := jwsHasher(key.Public())
|
alg, sha := jwsHasher(key.Public())
|
||||||
if alg == "" || !sha.Available() {
|
if alg == "" || !sha.Available() {
|
||||||
return nil, ErrUnsupportedKey
|
return nil, ErrUnsupportedKey
|
||||||
}
|
}
|
||||||
phead := fmt.Sprintf(`{"alg":%q,"jwk":%s,"nonce":%q}`, alg, jwk, nonce)
|
var phead string
|
||||||
|
switch kid {
|
||||||
|
case noKeyID:
|
||||||
|
jwk, err := jwkEncode(key.Public())
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
phead = fmt.Sprintf(`{"alg":%q,"jwk":%s,"nonce":%q,"url":%q}`, alg, jwk, nonce, url)
|
||||||
|
default:
|
||||||
|
phead = fmt.Sprintf(`{"alg":%q,"kid":%q,"nonce":%q,"url":%q}`, alg, kid, nonce, url)
|
||||||
|
}
|
||||||
phead = base64.RawURLEncoding.EncodeToString([]byte(phead))
|
phead = base64.RawURLEncoding.EncodeToString([]byte(phead))
|
||||||
|
var payload string
|
||||||
|
if claimset != noPayload {
|
||||||
cs, err := json.Marshal(claimset)
|
cs, err := json.Marshal(claimset)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
payload := base64.RawURLEncoding.EncodeToString(cs)
|
payload = base64.RawURLEncoding.EncodeToString(cs)
|
||||||
|
}
|
||||||
hash := sha.New()
|
hash := sha.New()
|
||||||
hash.Write([]byte(phead + "." + payload))
|
hash.Write([]byte(phead + "." + payload))
|
||||||
sig, err := jwsSign(key, sha, hash.Sum(nil))
|
sig, err := jwsSign(key, sha, hash.Sum(nil))
|
||||||
@ -98,21 +127,23 @@ func jwkEncode(pub crypto.PublicKey) (string, error) {
|
|||||||
|
|
||||||
// jwsSign signs the digest using the given key.
|
// jwsSign signs the digest using the given key.
|
||||||
// The hash is unused for ECDSA keys.
|
// The hash is unused for ECDSA keys.
|
||||||
//
|
|
||||||
// Note: non-stdlib crypto.Signer implementations are expected to return
|
|
||||||
// the signature in the format as specified in RFC7518.
|
|
||||||
// See https://tools.ietf.org/html/rfc7518 for more details.
|
|
||||||
func jwsSign(key crypto.Signer, hash crypto.Hash, digest []byte) ([]byte, error) {
|
func jwsSign(key crypto.Signer, hash crypto.Hash, digest []byte) ([]byte, error) {
|
||||||
if key, ok := key.(*ecdsa.PrivateKey); ok {
|
switch pub := key.Public().(type) {
|
||||||
// The key.Sign method of ecdsa returns ASN1-encoded signature.
|
case *rsa.PublicKey:
|
||||||
// So, we use the package Sign function instead
|
return key.Sign(rand.Reader, digest, hash)
|
||||||
// to get R and S values directly and format the result accordingly.
|
case *ecdsa.PublicKey:
|
||||||
r, s, err := ecdsa.Sign(rand.Reader, key, digest)
|
sigASN1, err := key.Sign(rand.Reader, digest, hash)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
rb, sb := r.Bytes(), s.Bytes()
|
|
||||||
size := key.Params().BitSize / 8
|
var rs struct{ R, S *big.Int }
|
||||||
|
if _, err := asn1.Unmarshal(sigASN1, &rs); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
rb, sb := rs.R.Bytes(), rs.S.Bytes()
|
||||||
|
size := pub.Params().BitSize / 8
|
||||||
if size%8 > 0 {
|
if size%8 > 0 {
|
||||||
size++
|
size++
|
||||||
}
|
}
|
||||||
@ -121,7 +152,7 @@ func jwsSign(key crypto.Signer, hash crypto.Hash, digest []byte) ([]byte, error)
|
|||||||
copy(sig[size*2-len(sb):], sb)
|
copy(sig[size*2-len(sb):], sb)
|
||||||
return sig, nil
|
return sig, nil
|
||||||
}
|
}
|
||||||
return key.Sign(rand.Reader, digest, hash)
|
return nil, ErrUnsupportedKey
|
||||||
}
|
}
|
||||||
|
|
||||||
// jwsHasher indicates suitable JWS algorithm name and a hash function
|
// jwsHasher indicates suitable JWS algorithm name and a hash function
|
||||||
|
392
vendor/golang.org/x/crypto/acme/rfc8555.go
generated
vendored
Normal file
392
vendor/golang.org/x/crypto/acme/rfc8555.go
generated
vendored
Normal file
@ -0,0 +1,392 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package acme
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"crypto"
|
||||||
|
"encoding/base64"
|
||||||
|
"encoding/json"
|
||||||
|
"encoding/pem"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"io/ioutil"
|
||||||
|
"net/http"
|
||||||
|
"time"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DeactivateReg permanently disables an existing account associated with c.Key.
|
||||||
|
// A deactivated account can no longer request certificate issuance or access
|
||||||
|
// resources related to the account, such as orders or authorizations.
|
||||||
|
//
|
||||||
|
// It only works with CAs implementing RFC 8555.
|
||||||
|
func (c *Client) DeactivateReg(ctx context.Context) error {
|
||||||
|
url := string(c.accountKID(ctx))
|
||||||
|
if url == "" {
|
||||||
|
return ErrNoAccount
|
||||||
|
}
|
||||||
|
req := json.RawMessage(`{"status": "deactivated"}`)
|
||||||
|
res, err := c.post(ctx, nil, url, req, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
res.Body.Close()
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// registerRFC is quivalent to c.Register but for CAs implementing RFC 8555.
|
||||||
|
// It expects c.Discover to have already been called.
|
||||||
|
// TODO: Implement externalAccountBinding.
|
||||||
|
func (c *Client) registerRFC(ctx context.Context, acct *Account, prompt func(tosURL string) bool) (*Account, error) {
|
||||||
|
c.cacheMu.Lock() // guard c.kid access
|
||||||
|
defer c.cacheMu.Unlock()
|
||||||
|
|
||||||
|
req := struct {
|
||||||
|
TermsAgreed bool `json:"termsOfServiceAgreed,omitempty"`
|
||||||
|
Contact []string `json:"contact,omitempty"`
|
||||||
|
}{
|
||||||
|
Contact: acct.Contact,
|
||||||
|
}
|
||||||
|
if c.dir.Terms != "" {
|
||||||
|
req.TermsAgreed = prompt(c.dir.Terms)
|
||||||
|
}
|
||||||
|
res, err := c.post(ctx, c.Key, c.dir.RegURL, req, wantStatus(
|
||||||
|
http.StatusOK, // account with this key already registered
|
||||||
|
http.StatusCreated, // new account created
|
||||||
|
))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer res.Body.Close()
|
||||||
|
a, err := responseAccount(res)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
// Cache Account URL even if we return an error to the caller.
|
||||||
|
// It is by all means a valid and usable "kid" value for future requests.
|
||||||
|
c.kid = keyID(a.URI)
|
||||||
|
if res.StatusCode == http.StatusOK {
|
||||||
|
return nil, ErrAccountAlreadyExists
|
||||||
|
}
|
||||||
|
return a, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// updateGegRFC is equivalent to c.UpdateReg but for CAs implementing RFC 8555.
|
||||||
|
// It expects c.Discover to have already been called.
|
||||||
|
func (c *Client) updateRegRFC(ctx context.Context, a *Account) (*Account, error) {
|
||||||
|
url := string(c.accountKID(ctx))
|
||||||
|
if url == "" {
|
||||||
|
return nil, ErrNoAccount
|
||||||
|
}
|
||||||
|
req := struct {
|
||||||
|
Contact []string `json:"contact,omitempty"`
|
||||||
|
}{
|
||||||
|
Contact: a.Contact,
|
||||||
|
}
|
||||||
|
res, err := c.post(ctx, nil, url, req, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
return responseAccount(res)
|
||||||
|
}
|
||||||
|
|
||||||
|
// getGegRFC is equivalent to c.GetReg but for CAs implementing RFC 8555.
|
||||||
|
// It expects c.Discover to have already been called.
|
||||||
|
func (c *Client) getRegRFC(ctx context.Context) (*Account, error) {
|
||||||
|
req := json.RawMessage(`{"onlyReturnExisting": true}`)
|
||||||
|
res, err := c.post(ctx, c.Key, c.dir.RegURL, req, wantStatus(http.StatusOK))
|
||||||
|
if e, ok := err.(*Error); ok && e.ProblemType == "urn:ietf:params:acme:error:accountDoesNotExist" {
|
||||||
|
return nil, ErrNoAccount
|
||||||
|
}
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer res.Body.Close()
|
||||||
|
return responseAccount(res)
|
||||||
|
}
|
||||||
|
|
||||||
|
func responseAccount(res *http.Response) (*Account, error) {
|
||||||
|
var v struct {
|
||||||
|
Status string
|
||||||
|
Contact []string
|
||||||
|
Orders string
|
||||||
|
}
|
||||||
|
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
||||||
|
return nil, fmt.Errorf("acme: invalid account response: %v", err)
|
||||||
|
}
|
||||||
|
return &Account{
|
||||||
|
URI: res.Header.Get("Location"),
|
||||||
|
Status: v.Status,
|
||||||
|
Contact: v.Contact,
|
||||||
|
OrdersURL: v.Orders,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// AuthorizeOrder initiates the order-based application for certificate issuance,
|
||||||
|
// as opposed to pre-authorization in Authorize.
|
||||||
|
// It is only supported by CAs implementing RFC 8555.
|
||||||
|
//
|
||||||
|
// The caller then needs to fetch each authorization with GetAuthorization,
|
||||||
|
// identify those with StatusPending status and fulfill a challenge using Accept.
|
||||||
|
// Once all authorizations are satisfied, the caller will typically want to poll
|
||||||
|
// order status using WaitOrder until it's in StatusReady state.
|
||||||
|
// To finalize the order and obtain a certificate, the caller submits a CSR with CreateOrderCert.
|
||||||
|
func (c *Client) AuthorizeOrder(ctx context.Context, id []AuthzID, opt ...OrderOption) (*Order, error) {
|
||||||
|
dir, err := c.Discover(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
req := struct {
|
||||||
|
Identifiers []wireAuthzID `json:"identifiers"`
|
||||||
|
NotBefore string `json:"notBefore,omitempty"`
|
||||||
|
NotAfter string `json:"notAfter,omitempty"`
|
||||||
|
}{}
|
||||||
|
for _, v := range id {
|
||||||
|
req.Identifiers = append(req.Identifiers, wireAuthzID{
|
||||||
|
Type: v.Type,
|
||||||
|
Value: v.Value,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
for _, o := range opt {
|
||||||
|
switch o := o.(type) {
|
||||||
|
case orderNotBeforeOpt:
|
||||||
|
req.NotBefore = time.Time(o).Format(time.RFC3339)
|
||||||
|
case orderNotAfterOpt:
|
||||||
|
req.NotAfter = time.Time(o).Format(time.RFC3339)
|
||||||
|
default:
|
||||||
|
// Package's fault if we let this happen.
|
||||||
|
panic(fmt.Sprintf("unsupported order option type %T", o))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
res, err := c.post(ctx, nil, dir.OrderURL, req, wantStatus(http.StatusCreated))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
return responseOrder(res)
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetOrder retrives an order identified by the given URL.
|
||||||
|
// For orders created with AuthorizeOrder, the url value is Order.URI.
|
||||||
|
//
|
||||||
|
// If a caller needs to poll an order until its status is final,
|
||||||
|
// see the WaitOrder method.
|
||||||
|
func (c *Client) GetOrder(ctx context.Context, url string) (*Order, error) {
|
||||||
|
if _, err := c.Discover(ctx); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
res, err := c.postAsGet(ctx, url, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
return responseOrder(res)
|
||||||
|
}
|
||||||
|
|
||||||
|
// WaitOrder polls an order from the given URL until it is in one of the final states,
|
||||||
|
// StatusReady, StatusValid or StatusInvalid, the CA responded with a non-retryable error
|
||||||
|
// or the context is done.
|
||||||
|
//
|
||||||
|
// It returns a non-nil Order only if its Status is StatusReady or StatusValid.
|
||||||
|
// In all other cases WaitOrder returns an error.
|
||||||
|
// If the Status is StatusInvalid, the returned error is of type *OrderError.
|
||||||
|
func (c *Client) WaitOrder(ctx context.Context, url string) (*Order, error) {
|
||||||
|
if _, err := c.Discover(ctx); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
for {
|
||||||
|
res, err := c.postAsGet(ctx, url, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
o, err := responseOrder(res)
|
||||||
|
res.Body.Close()
|
||||||
|
switch {
|
||||||
|
case err != nil:
|
||||||
|
// Skip and retry.
|
||||||
|
case o.Status == StatusInvalid:
|
||||||
|
return nil, &OrderError{OrderURL: o.URI, Status: o.Status}
|
||||||
|
case o.Status == StatusReady || o.Status == StatusValid:
|
||||||
|
return o, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
d := retryAfter(res.Header.Get("Retry-After"))
|
||||||
|
if d == 0 {
|
||||||
|
// Default retry-after.
|
||||||
|
// Same reasoning as in WaitAuthorization.
|
||||||
|
d = time.Second
|
||||||
|
}
|
||||||
|
t := time.NewTimer(d)
|
||||||
|
select {
|
||||||
|
case <-ctx.Done():
|
||||||
|
t.Stop()
|
||||||
|
return nil, ctx.Err()
|
||||||
|
case <-t.C:
|
||||||
|
// Retry.
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func responseOrder(res *http.Response) (*Order, error) {
|
||||||
|
var v struct {
|
||||||
|
Status string
|
||||||
|
Expires time.Time
|
||||||
|
Identifiers []wireAuthzID
|
||||||
|
NotBefore time.Time
|
||||||
|
NotAfter time.Time
|
||||||
|
Error *wireError
|
||||||
|
Authorizations []string
|
||||||
|
Finalize string
|
||||||
|
Certificate string
|
||||||
|
}
|
||||||
|
if err := json.NewDecoder(res.Body).Decode(&v); err != nil {
|
||||||
|
return nil, fmt.Errorf("acme: error reading order: %v", err)
|
||||||
|
}
|
||||||
|
o := &Order{
|
||||||
|
URI: res.Header.Get("Location"),
|
||||||
|
Status: v.Status,
|
||||||
|
Expires: v.Expires,
|
||||||
|
NotBefore: v.NotBefore,
|
||||||
|
NotAfter: v.NotAfter,
|
||||||
|
AuthzURLs: v.Authorizations,
|
||||||
|
FinalizeURL: v.Finalize,
|
||||||
|
CertURL: v.Certificate,
|
||||||
|
}
|
||||||
|
for _, id := range v.Identifiers {
|
||||||
|
o.Identifiers = append(o.Identifiers, AuthzID{Type: id.Type, Value: id.Value})
|
||||||
|
}
|
||||||
|
if v.Error != nil {
|
||||||
|
o.Error = v.Error.error(nil /* headers */)
|
||||||
|
}
|
||||||
|
return o, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// CreateOrderCert submits the CSR (Certificate Signing Request) to a CA at the specified URL.
|
||||||
|
// The URL is the FinalizeURL field of an Order created with AuthorizeOrder.
|
||||||
|
//
|
||||||
|
// If the bundle argument is true, the returned value also contain the CA (issuer)
|
||||||
|
// certificate chain. Otherwise, only a leaf certificate is returned.
|
||||||
|
// The returned URL can be used to re-fetch the certificate using FetchCert.
|
||||||
|
//
|
||||||
|
// This method is only supported by CAs implementing RFC 8555. See CreateCert for pre-RFC CAs.
|
||||||
|
//
|
||||||
|
// CreateOrderCert returns an error if the CA's response is unreasonably large.
|
||||||
|
// Callers are encouraged to parse the returned value to ensure the certificate is valid and has the expected features.
|
||||||
|
func (c *Client) CreateOrderCert(ctx context.Context, url string, csr []byte, bundle bool) (der [][]byte, certURL string, err error) {
|
||||||
|
if _, err := c.Discover(ctx); err != nil { // required by c.accountKID
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
// RFC describes this as "finalize order" request.
|
||||||
|
req := struct {
|
||||||
|
CSR string `json:"csr"`
|
||||||
|
}{
|
||||||
|
CSR: base64.RawURLEncoding.EncodeToString(csr),
|
||||||
|
}
|
||||||
|
res, err := c.post(ctx, nil, url, req, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
o, err := responseOrder(res)
|
||||||
|
if err != nil {
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Wait for CA to issue the cert if they haven't.
|
||||||
|
if o.Status != StatusValid {
|
||||||
|
o, err = c.WaitOrder(ctx, o.URI)
|
||||||
|
}
|
||||||
|
if err != nil {
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
// The only acceptable status post finalize and WaitOrder is "valid".
|
||||||
|
if o.Status != StatusValid {
|
||||||
|
return nil, "", &OrderError{OrderURL: o.URI, Status: o.Status}
|
||||||
|
}
|
||||||
|
crt, err := c.fetchCertRFC(ctx, o.CertURL, bundle)
|
||||||
|
return crt, o.CertURL, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// fetchCertRFC downloads issued certificate from the given URL.
|
||||||
|
// It expects the CA to respond with PEM-encoded certificate chain.
|
||||||
|
//
|
||||||
|
// The URL argument is the CertURL field of Order.
|
||||||
|
func (c *Client) fetchCertRFC(ctx context.Context, url string, bundle bool) ([][]byte, error) {
|
||||||
|
res, err := c.postAsGet(ctx, url, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
|
||||||
|
// Get all the bytes up to a sane maximum.
|
||||||
|
// Account very roughly for base64 overhead.
|
||||||
|
const max = maxCertChainSize + maxCertChainSize/33
|
||||||
|
b, err := ioutil.ReadAll(io.LimitReader(res.Body, max+1))
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("acme: fetch cert response stream: %v", err)
|
||||||
|
}
|
||||||
|
if len(b) > max {
|
||||||
|
return nil, errors.New("acme: certificate chain is too big")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Decode PEM chain.
|
||||||
|
var chain [][]byte
|
||||||
|
for {
|
||||||
|
var p *pem.Block
|
||||||
|
p, b = pem.Decode(b)
|
||||||
|
if p == nil {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if p.Type != "CERTIFICATE" {
|
||||||
|
return nil, fmt.Errorf("acme: invalid PEM cert type %q", p.Type)
|
||||||
|
}
|
||||||
|
|
||||||
|
chain = append(chain, p.Bytes)
|
||||||
|
if !bundle {
|
||||||
|
return chain, nil
|
||||||
|
}
|
||||||
|
if len(chain) > maxChainLen {
|
||||||
|
return nil, errors.New("acme: certificate chain is too long")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if len(chain) == 0 {
|
||||||
|
return nil, errors.New("acme: certificate chain is empty")
|
||||||
|
}
|
||||||
|
return chain, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// sends a cert revocation request in either JWK form when key is non-nil or KID form otherwise.
|
||||||
|
func (c *Client) revokeCertRFC(ctx context.Context, key crypto.Signer, cert []byte, reason CRLReasonCode) error {
|
||||||
|
req := &struct {
|
||||||
|
Cert string `json:"certificate"`
|
||||||
|
Reason int `json:"reason"`
|
||||||
|
}{
|
||||||
|
Cert: base64.RawURLEncoding.EncodeToString(cert),
|
||||||
|
Reason: int(reason),
|
||||||
|
}
|
||||||
|
res, err := c.post(ctx, key, c.dir.RevokeURL, req, wantStatus(http.StatusOK))
|
||||||
|
if err != nil {
|
||||||
|
if isAlreadyRevoked(err) {
|
||||||
|
// Assume it is not an error to revoke an already revoked cert.
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
defer res.Body.Close()
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func isAlreadyRevoked(err error) bool {
|
||||||
|
e, ok := err.(*Error)
|
||||||
|
return ok && e.ProblemType == "urn:ietf:params:acme:error:alreadyRevoked"
|
||||||
|
}
|
285
vendor/golang.org/x/crypto/acme/types.go
generated
vendored
285
vendor/golang.org/x/crypto/acme/types.go
generated
vendored
@ -14,14 +14,18 @@ import (
|
|||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
// ACME server response statuses used to describe Authorization and Challenge states.
|
// ACME status values of Account, Order, Authorization and Challenge objects.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-7.1.6 for details.
|
||||||
const (
|
const (
|
||||||
StatusUnknown = "unknown"
|
StatusDeactivated = "deactivated"
|
||||||
|
StatusExpired = "expired"
|
||||||
|
StatusInvalid = "invalid"
|
||||||
StatusPending = "pending"
|
StatusPending = "pending"
|
||||||
StatusProcessing = "processing"
|
StatusProcessing = "processing"
|
||||||
StatusValid = "valid"
|
StatusReady = "ready"
|
||||||
StatusInvalid = "invalid"
|
|
||||||
StatusRevoked = "revoked"
|
StatusRevoked = "revoked"
|
||||||
|
StatusUnknown = "unknown"
|
||||||
|
StatusValid = "valid"
|
||||||
)
|
)
|
||||||
|
|
||||||
// CRLReasonCode identifies the reason for a certificate revocation.
|
// CRLReasonCode identifies the reason for a certificate revocation.
|
||||||
@ -41,8 +45,17 @@ const (
|
|||||||
CRLReasonAACompromise CRLReasonCode = 10
|
CRLReasonAACompromise CRLReasonCode = 10
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
// ErrUnsupportedKey is returned when an unsupported key type is encountered.
|
// ErrUnsupportedKey is returned when an unsupported key type is encountered.
|
||||||
var ErrUnsupportedKey = errors.New("acme: unknown key type; only RSA and ECDSA are supported")
|
ErrUnsupportedKey = errors.New("acme: unknown key type; only RSA and ECDSA are supported")
|
||||||
|
|
||||||
|
// ErrAccountAlreadyExists indicates that the Client's key has already been registered
|
||||||
|
// with the CA. It is returned by Register method.
|
||||||
|
ErrAccountAlreadyExists = errors.New("acme: account already exists")
|
||||||
|
|
||||||
|
// ErrNoAccount indicates that the Client's key has not been registered with the CA.
|
||||||
|
ErrNoAccount = errors.New("acme: account does not exist")
|
||||||
|
)
|
||||||
|
|
||||||
// Error is an ACME error, defined in Problem Details for HTTP APIs doc
|
// Error is an ACME error, defined in Problem Details for HTTP APIs doc
|
||||||
// http://tools.ietf.org/html/draft-ietf-appsawg-http-problem.
|
// http://tools.ietf.org/html/draft-ietf-appsawg-http-problem.
|
||||||
@ -54,6 +67,12 @@ type Error struct {
|
|||||||
ProblemType string
|
ProblemType string
|
||||||
// Detail is a human-readable explanation specific to this occurrence of the problem.
|
// Detail is a human-readable explanation specific to this occurrence of the problem.
|
||||||
Detail string
|
Detail string
|
||||||
|
// Instance indicates a URL that the client should direct a human user to visit
|
||||||
|
// in order for instructions on how to agree to the updated Terms of Service.
|
||||||
|
// In such an event CA sets StatusCode to 403, ProblemType to
|
||||||
|
// "urn:ietf:params:acme:error:userActionRequired" and a Link header with relation
|
||||||
|
// "terms-of-service" containing the latest TOS URL.
|
||||||
|
Instance string
|
||||||
// Header is the original server error response headers.
|
// Header is the original server error response headers.
|
||||||
// It may be nil.
|
// It may be nil.
|
||||||
Header http.Header
|
Header http.Header
|
||||||
@ -86,6 +105,21 @@ func (a *AuthorizationError) Error() string {
|
|||||||
return fmt.Sprintf("acme: authorization error for %s: %s", a.Identifier, strings.Join(e, "; "))
|
return fmt.Sprintf("acme: authorization error for %s: %s", a.Identifier, strings.Join(e, "; "))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OrderError is returned from Client's order related methods.
|
||||||
|
// It indicates the order is unusable and the clients should start over with
|
||||||
|
// AuthorizeOrder.
|
||||||
|
//
|
||||||
|
// The clients can still fetch the order object from CA using GetOrder
|
||||||
|
// to inspect its state.
|
||||||
|
type OrderError struct {
|
||||||
|
OrderURL string
|
||||||
|
Status string
|
||||||
|
}
|
||||||
|
|
||||||
|
func (oe *OrderError) Error() string {
|
||||||
|
return fmt.Sprintf("acme: order %s status: %s", oe.OrderURL, oe.Status)
|
||||||
|
}
|
||||||
|
|
||||||
// RateLimit reports whether err represents a rate limit error and
|
// RateLimit reports whether err represents a rate limit error and
|
||||||
// any Retry-After duration returned by the server.
|
// any Retry-After duration returned by the server.
|
||||||
//
|
//
|
||||||
@ -108,49 +142,88 @@ func RateLimit(err error) (time.Duration, bool) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Account is a user account. It is associated with a private key.
|
// Account is a user account. It is associated with a private key.
|
||||||
|
// Non-RFC 8555 fields are empty when interfacing with a compliant CA.
|
||||||
type Account struct {
|
type Account struct {
|
||||||
// URI is the account unique ID, which is also a URL used to retrieve
|
// URI is the account unique ID, which is also a URL used to retrieve
|
||||||
// account data from the CA.
|
// account data from the CA.
|
||||||
|
// When interfacing with RFC 8555-compliant CAs, URI is the "kid" field
|
||||||
|
// value in JWS signed requests.
|
||||||
URI string
|
URI string
|
||||||
|
|
||||||
// Contact is a slice of contact info used during registration.
|
// Contact is a slice of contact info used during registration.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-7.3 for supported
|
||||||
|
// formats.
|
||||||
Contact []string
|
Contact []string
|
||||||
|
|
||||||
|
// Status indicates current account status as returned by the CA.
|
||||||
|
// Possible values are StatusValid, StatusDeactivated, and StatusRevoked.
|
||||||
|
Status string
|
||||||
|
|
||||||
|
// OrdersURL is a URL from which a list of orders submitted by this account
|
||||||
|
// can be fetched.
|
||||||
|
OrdersURL string
|
||||||
|
|
||||||
// The terms user has agreed to.
|
// The terms user has agreed to.
|
||||||
// A value not matching CurrentTerms indicates that the user hasn't agreed
|
// A value not matching CurrentTerms indicates that the user hasn't agreed
|
||||||
// to the actual Terms of Service of the CA.
|
// to the actual Terms of Service of the CA.
|
||||||
|
//
|
||||||
|
// It is non-RFC 8555 compliant. Package users can store the ToS they agree to
|
||||||
|
// during Client's Register call in the prompt callback function.
|
||||||
AgreedTerms string
|
AgreedTerms string
|
||||||
|
|
||||||
// Actual terms of a CA.
|
// Actual terms of a CA.
|
||||||
|
//
|
||||||
|
// It is non-RFC 8555 compliant. Use Directory's Terms field.
|
||||||
|
// When a CA updates their terms and requires an account agreement,
|
||||||
|
// a URL at which instructions to do so is available in Error's Instance field.
|
||||||
CurrentTerms string
|
CurrentTerms string
|
||||||
|
|
||||||
// Authz is the authorization URL used to initiate a new authz flow.
|
// Authz is the authorization URL used to initiate a new authz flow.
|
||||||
|
//
|
||||||
|
// It is non-RFC 8555 compliant. Use Directory's AuthzURL or OrderURL.
|
||||||
Authz string
|
Authz string
|
||||||
|
|
||||||
// Authorizations is a URI from which a list of authorizations
|
// Authorizations is a URI from which a list of authorizations
|
||||||
// granted to this account can be fetched via a GET request.
|
// granted to this account can be fetched via a GET request.
|
||||||
|
//
|
||||||
|
// It is non-RFC 8555 compliant and is obsoleted by OrdersURL.
|
||||||
Authorizations string
|
Authorizations string
|
||||||
|
|
||||||
// Certificates is a URI from which a list of certificates
|
// Certificates is a URI from which a list of certificates
|
||||||
// issued for this account can be fetched via a GET request.
|
// issued for this account can be fetched via a GET request.
|
||||||
|
//
|
||||||
|
// It is non-RFC 8555 compliant and is obsoleted by OrdersURL.
|
||||||
Certificates string
|
Certificates string
|
||||||
}
|
}
|
||||||
|
|
||||||
// Directory is ACME server discovery data.
|
// Directory is ACME server discovery data.
|
||||||
|
// See https://tools.ietf.org/html/rfc8555#section-7.1.1 for more details.
|
||||||
type Directory struct {
|
type Directory struct {
|
||||||
// RegURL is an account endpoint URL, allowing for creating new
|
// NonceURL indicates an endpoint where to fetch fresh nonce values from.
|
||||||
// and modifying existing accounts.
|
NonceURL string
|
||||||
|
|
||||||
|
// RegURL is an account endpoint URL, allowing for creating new accounts.
|
||||||
|
// Pre-RFC 8555 CAs also allow modifying existing accounts at this URL.
|
||||||
RegURL string
|
RegURL string
|
||||||
|
|
||||||
// AuthzURL is used to initiate Identifier Authorization flow.
|
// OrderURL is used to initiate the certificate issuance flow
|
||||||
|
// as described in RFC 8555.
|
||||||
|
OrderURL string
|
||||||
|
|
||||||
|
// AuthzURL is used to initiate identifier pre-authorization flow.
|
||||||
|
// Empty string indicates the flow is unsupported by the CA.
|
||||||
AuthzURL string
|
AuthzURL string
|
||||||
|
|
||||||
// CertURL is a new certificate issuance endpoint URL.
|
// CertURL is a new certificate issuance endpoint URL.
|
||||||
|
// It is non-RFC 8555 compliant and is obsoleted by OrderURL.
|
||||||
CertURL string
|
CertURL string
|
||||||
|
|
||||||
// RevokeURL is used to initiate a certificate revocation flow.
|
// RevokeURL is used to initiate a certificate revocation flow.
|
||||||
RevokeURL string
|
RevokeURL string
|
||||||
|
|
||||||
|
// KeyChangeURL allows to perform account key rollover flow.
|
||||||
|
KeyChangeURL string
|
||||||
|
|
||||||
// Term is a URI identifying the current terms of service.
|
// Term is a URI identifying the current terms of service.
|
||||||
Terms string
|
Terms string
|
||||||
|
|
||||||
@ -162,44 +235,126 @@ type Directory struct {
|
|||||||
// recognises as referring to itself for the purposes of CAA record validation
|
// recognises as referring to itself for the purposes of CAA record validation
|
||||||
// as defined in RFC6844.
|
// as defined in RFC6844.
|
||||||
CAA []string
|
CAA []string
|
||||||
|
|
||||||
|
// ExternalAccountRequired indicates that the CA requires for all account-related
|
||||||
|
// requests to include external account binding information.
|
||||||
|
ExternalAccountRequired bool
|
||||||
}
|
}
|
||||||
|
|
||||||
// Challenge encodes a returned CA challenge.
|
// rfcCompliant reports whether the ACME server implements RFC 8555.
|
||||||
// Its Error field may be non-nil if the challenge is part of an Authorization
|
// Note that some servers may have incomplete RFC implementation
|
||||||
// with StatusInvalid.
|
// even if the returned value is true.
|
||||||
type Challenge struct {
|
// If rfcCompliant reports false, the server most likely implements draft-02.
|
||||||
// Type is the challenge type, e.g. "http-01", "tls-sni-02", "dns-01".
|
func (d *Directory) rfcCompliant() bool {
|
||||||
Type string
|
return d.OrderURL != ""
|
||||||
|
}
|
||||||
|
|
||||||
// URI is where a challenge response can be posted to.
|
// Order represents a client's request for a certificate.
|
||||||
|
// It tracks the request flow progress through to issuance.
|
||||||
|
type Order struct {
|
||||||
|
// URI uniquely identifies an order.
|
||||||
URI string
|
URI string
|
||||||
|
|
||||||
// Token is a random value that uniquely identifies the challenge.
|
// Status represents the current status of the order.
|
||||||
Token string
|
// It indicates which action the client should take.
|
||||||
|
//
|
||||||
// Status identifies the status of this challenge.
|
// Possible values are StatusPending, StatusReady, StatusProcessing, StatusValid and StatusInvalid.
|
||||||
|
// Pending means the CA does not believe that the client has fulfilled the requirements.
|
||||||
|
// Ready indicates that the client has fulfilled all the requirements and can submit a CSR
|
||||||
|
// to obtain a certificate. This is done with Client's CreateOrderCert.
|
||||||
|
// Processing means the certificate is being issued.
|
||||||
|
// Valid indicates the CA has issued the certificate. It can be downloaded
|
||||||
|
// from the Order's CertURL. This is done with Client's FetchCert.
|
||||||
|
// Invalid means the certificate will not be issued. Users should consider this order
|
||||||
|
// abandoned.
|
||||||
Status string
|
Status string
|
||||||
|
|
||||||
// Error indicates the reason for an authorization failure
|
// Expires is the timestamp after which CA considers this order invalid.
|
||||||
// when this challenge was used.
|
Expires time.Time
|
||||||
// The type of a non-nil value is *Error.
|
|
||||||
Error error
|
// Identifiers contains all identifier objects which the order pertains to.
|
||||||
|
Identifiers []AuthzID
|
||||||
|
|
||||||
|
// NotBefore is the requested value of the notBefore field in the certificate.
|
||||||
|
NotBefore time.Time
|
||||||
|
|
||||||
|
// NotAfter is the requested value of the notAfter field in the certificate.
|
||||||
|
NotAfter time.Time
|
||||||
|
|
||||||
|
// AuthzURLs represents authorizations to complete before a certificate
|
||||||
|
// for identifiers specified in the order can be issued.
|
||||||
|
// It also contains unexpired authorizations that the client has completed
|
||||||
|
// in the past.
|
||||||
|
//
|
||||||
|
// Authorization objects can be fetched using Client's GetAuthorization method.
|
||||||
|
//
|
||||||
|
// The required authorizations are dictated by CA policies.
|
||||||
|
// There may not be a 1:1 relationship between the identifiers and required authorizations.
|
||||||
|
// Required authorizations can be identified by their StatusPending status.
|
||||||
|
//
|
||||||
|
// For orders in the StatusValid or StatusInvalid state these are the authorizations
|
||||||
|
// which were completed.
|
||||||
|
AuthzURLs []string
|
||||||
|
|
||||||
|
// FinalizeURL is the endpoint at which a CSR is submitted to obtain a certificate
|
||||||
|
// once all the authorizations are satisfied.
|
||||||
|
FinalizeURL string
|
||||||
|
|
||||||
|
// CertURL points to the certificate that has been issued in response to this order.
|
||||||
|
CertURL string
|
||||||
|
|
||||||
|
// The error that occurred while processing the order as received from a CA, if any.
|
||||||
|
Error *Error
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// OrderOption allows customizing Client.AuthorizeOrder call.
|
||||||
|
type OrderOption interface {
|
||||||
|
privateOrderOpt()
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithOrderNotBefore sets order's NotBefore field.
|
||||||
|
func WithOrderNotBefore(t time.Time) OrderOption {
|
||||||
|
return orderNotBeforeOpt(t)
|
||||||
|
}
|
||||||
|
|
||||||
|
// WithOrderNotAfter sets order's NotAfter field.
|
||||||
|
func WithOrderNotAfter(t time.Time) OrderOption {
|
||||||
|
return orderNotAfterOpt(t)
|
||||||
|
}
|
||||||
|
|
||||||
|
type orderNotBeforeOpt time.Time
|
||||||
|
|
||||||
|
func (orderNotBeforeOpt) privateOrderOpt() {}
|
||||||
|
|
||||||
|
type orderNotAfterOpt time.Time
|
||||||
|
|
||||||
|
func (orderNotAfterOpt) privateOrderOpt() {}
|
||||||
|
|
||||||
// Authorization encodes an authorization response.
|
// Authorization encodes an authorization response.
|
||||||
type Authorization struct {
|
type Authorization struct {
|
||||||
// URI uniquely identifies a authorization.
|
// URI uniquely identifies a authorization.
|
||||||
URI string
|
URI string
|
||||||
|
|
||||||
// Status identifies the status of an authorization.
|
// Status is the current status of an authorization.
|
||||||
|
// Possible values are StatusPending, StatusValid, StatusInvalid, StatusDeactivated,
|
||||||
|
// StatusExpired and StatusRevoked.
|
||||||
Status string
|
Status string
|
||||||
|
|
||||||
// Identifier is what the account is authorized to represent.
|
// Identifier is what the account is authorized to represent.
|
||||||
Identifier AuthzID
|
Identifier AuthzID
|
||||||
|
|
||||||
|
// The timestamp after which the CA considers the authorization invalid.
|
||||||
|
Expires time.Time
|
||||||
|
|
||||||
|
// Wildcard is true for authorizations of a wildcard domain name.
|
||||||
|
Wildcard bool
|
||||||
|
|
||||||
// Challenges that the client needs to fulfill in order to prove possession
|
// Challenges that the client needs to fulfill in order to prove possession
|
||||||
// of the identifier (for pending authorizations).
|
// of the identifier (for pending authorizations).
|
||||||
// For final authorizations, the challenges that were used.
|
// For valid authorizations, the challenge that was validated.
|
||||||
|
// For invalid authorizations, the challenge that was attempted and failed.
|
||||||
|
//
|
||||||
|
// RFC 8555 compatible CAs require users to fuflfill only one of the challenges.
|
||||||
Challenges []*Challenge
|
Challenges []*Challenge
|
||||||
|
|
||||||
// A collection of sets of challenges, each of which would be sufficient
|
// A collection of sets of challenges, each of which would be sufficient
|
||||||
@ -207,24 +362,51 @@ type Authorization struct {
|
|||||||
// Clients must complete a set of challenges that covers at least one set.
|
// Clients must complete a set of challenges that covers at least one set.
|
||||||
// Challenges are identified by their indices in the challenges array.
|
// Challenges are identified by their indices in the challenges array.
|
||||||
// If this field is empty, the client needs to complete all challenges.
|
// If this field is empty, the client needs to complete all challenges.
|
||||||
|
//
|
||||||
|
// This field is unused in RFC 8555.
|
||||||
Combinations [][]int
|
Combinations [][]int
|
||||||
}
|
}
|
||||||
|
|
||||||
// AuthzID is an identifier that an account is authorized to represent.
|
// AuthzID is an identifier that an account is authorized to represent.
|
||||||
type AuthzID struct {
|
type AuthzID struct {
|
||||||
Type string // The type of identifier, e.g. "dns".
|
Type string // The type of identifier, "dns" or "ip".
|
||||||
Value string // The identifier itself, e.g. "example.org".
|
Value string // The identifier itself, e.g. "example.org".
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DomainIDs creates a slice of AuthzID with "dns" identifier type.
|
||||||
|
func DomainIDs(names ...string) []AuthzID {
|
||||||
|
a := make([]AuthzID, len(names))
|
||||||
|
for i, v := range names {
|
||||||
|
a[i] = AuthzID{Type: "dns", Value: v}
|
||||||
|
}
|
||||||
|
return a
|
||||||
|
}
|
||||||
|
|
||||||
|
// IPIDs creates a slice of AuthzID with "ip" identifier type.
|
||||||
|
// Each element of addr is textual form of an address as defined
|
||||||
|
// in RFC1123 Section 2.1 for IPv4 and in RFC5952 Section 4 for IPv6.
|
||||||
|
func IPIDs(addr ...string) []AuthzID {
|
||||||
|
a := make([]AuthzID, len(addr))
|
||||||
|
for i, v := range addr {
|
||||||
|
a[i] = AuthzID{Type: "ip", Value: v}
|
||||||
|
}
|
||||||
|
return a
|
||||||
|
}
|
||||||
|
|
||||||
|
// wireAuthzID is ACME JSON representation of authorization identifier objects.
|
||||||
|
type wireAuthzID struct {
|
||||||
|
Type string `json:"type"`
|
||||||
|
Value string `json:"value"`
|
||||||
|
}
|
||||||
|
|
||||||
// wireAuthz is ACME JSON representation of Authorization objects.
|
// wireAuthz is ACME JSON representation of Authorization objects.
|
||||||
type wireAuthz struct {
|
type wireAuthz struct {
|
||||||
|
Identifier wireAuthzID
|
||||||
Status string
|
Status string
|
||||||
|
Expires time.Time
|
||||||
|
Wildcard bool
|
||||||
Challenges []wireChallenge
|
Challenges []wireChallenge
|
||||||
Combinations [][]int
|
Combinations [][]int
|
||||||
Identifier struct {
|
|
||||||
Type string
|
|
||||||
Value string
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (z *wireAuthz) authorization(uri string) *Authorization {
|
func (z *wireAuthz) authorization(uri string) *Authorization {
|
||||||
@ -232,8 +414,10 @@ func (z *wireAuthz) authorization(uri string) *Authorization {
|
|||||||
URI: uri,
|
URI: uri,
|
||||||
Status: z.Status,
|
Status: z.Status,
|
||||||
Identifier: AuthzID{Type: z.Identifier.Type, Value: z.Identifier.Value},
|
Identifier: AuthzID{Type: z.Identifier.Type, Value: z.Identifier.Value},
|
||||||
Combinations: z.Combinations, // shallow copy
|
Expires: z.Expires,
|
||||||
|
Wildcard: z.Wildcard,
|
||||||
Challenges: make([]*Challenge, len(z.Challenges)),
|
Challenges: make([]*Challenge, len(z.Challenges)),
|
||||||
|
Combinations: z.Combinations, // shallow copy
|
||||||
}
|
}
|
||||||
for i, v := range z.Challenges {
|
for i, v := range z.Challenges {
|
||||||
a.Challenges[i] = v.challenge()
|
a.Challenges[i] = v.challenge()
|
||||||
@ -254,22 +438,55 @@ func (z *wireAuthz) error(uri string) *AuthorizationError {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Challenge encodes a returned CA challenge.
|
||||||
|
// Its Error field may be non-nil if the challenge is part of an Authorization
|
||||||
|
// with StatusInvalid.
|
||||||
|
type Challenge struct {
|
||||||
|
// Type is the challenge type, e.g. "http-01", "tls-alpn-01", "dns-01".
|
||||||
|
Type string
|
||||||
|
|
||||||
|
// URI is where a challenge response can be posted to.
|
||||||
|
URI string
|
||||||
|
|
||||||
|
// Token is a random value that uniquely identifies the challenge.
|
||||||
|
Token string
|
||||||
|
|
||||||
|
// Status identifies the status of this challenge.
|
||||||
|
// In RFC 8555, possible values are StatusPending, StatusProcessing, StatusValid,
|
||||||
|
// and StatusInvalid.
|
||||||
|
Status string
|
||||||
|
|
||||||
|
// Validated is the time at which the CA validated this challenge.
|
||||||
|
// Always zero value in pre-RFC 8555.
|
||||||
|
Validated time.Time
|
||||||
|
|
||||||
|
// Error indicates the reason for an authorization failure
|
||||||
|
// when this challenge was used.
|
||||||
|
// The type of a non-nil value is *Error.
|
||||||
|
Error error
|
||||||
|
}
|
||||||
|
|
||||||
// wireChallenge is ACME JSON challenge representation.
|
// wireChallenge is ACME JSON challenge representation.
|
||||||
type wireChallenge struct {
|
type wireChallenge struct {
|
||||||
URI string `json:"uri"`
|
URL string `json:"url"` // RFC
|
||||||
|
URI string `json:"uri"` // pre-RFC
|
||||||
Type string
|
Type string
|
||||||
Token string
|
Token string
|
||||||
Status string
|
Status string
|
||||||
|
Validated time.Time
|
||||||
Error *wireError
|
Error *wireError
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *wireChallenge) challenge() *Challenge {
|
func (c *wireChallenge) challenge() *Challenge {
|
||||||
v := &Challenge{
|
v := &Challenge{
|
||||||
URI: c.URI,
|
URI: c.URL,
|
||||||
Type: c.Type,
|
Type: c.Type,
|
||||||
Token: c.Token,
|
Token: c.Token,
|
||||||
Status: c.Status,
|
Status: c.Status,
|
||||||
}
|
}
|
||||||
|
if v.URI == "" {
|
||||||
|
v.URI = c.URI // c.URL was empty; use legacy
|
||||||
|
}
|
||||||
if v.Status == "" {
|
if v.Status == "" {
|
||||||
v.Status = StatusPending
|
v.Status = StatusPending
|
||||||
}
|
}
|
||||||
@ -285,6 +502,7 @@ type wireError struct {
|
|||||||
Status int
|
Status int
|
||||||
Type string
|
Type string
|
||||||
Detail string
|
Detail string
|
||||||
|
Instance string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *wireError) error(h http.Header) *Error {
|
func (e *wireError) error(h http.Header) *Error {
|
||||||
@ -292,6 +510,7 @@ func (e *wireError) error(h http.Header) *Error {
|
|||||||
StatusCode: e.Status,
|
StatusCode: e.Status,
|
||||||
ProblemType: e.Type,
|
ProblemType: e.Type,
|
||||||
Detail: e.Detail,
|
Detail: e.Detail,
|
||||||
|
Instance: e.Instance,
|
||||||
Header: h,
|
Header: h,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
3
vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
generated
vendored
3
vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
generated
vendored
@ -94,7 +94,8 @@ func ReadPassword(fd int) ([]byte, error) {
|
|||||||
defer windows.SetConsoleMode(windows.Handle(fd), old)
|
defer windows.SetConsoleMode(windows.Handle(fd), old)
|
||||||
|
|
||||||
var h windows.Handle
|
var h windows.Handle
|
||||||
if err := windows.DuplicateHandle(windows.GetCurrentProcess(), windows.Handle(fd), windows.GetCurrentProcess(), &h, 0, false, windows.DUPLICATE_SAME_ACCESS); err != nil {
|
p, _ := windows.GetCurrentProcess()
|
||||||
|
if err := windows.DuplicateHandle(p, windows.Handle(fd), p, &h, 0, false, windows.DUPLICATE_SAME_ACCESS); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
2
vendor/golang.org/x/net/idna/tables11.0.0.go
generated
vendored
2
vendor/golang.org/x/net/idna/tables11.0.0.go
generated
vendored
@ -1,6 +1,6 @@
|
|||||||
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
|
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
|
||||||
|
|
||||||
// +build go1.13
|
// +build go1.13,!go1.14
|
||||||
|
|
||||||
package idna
|
package idna
|
||||||
|
|
||||||
|
4733
vendor/golang.org/x/net/idna/tables12.00.go
generated
vendored
Normal file
4733
vendor/golang.org/x/net/idna/tables12.00.go
generated
vendored
Normal file
File diff suppressed because it is too large
Load Diff
1
vendor/golang.org/x/sys/unix/bluetooth_linux.go
generated
vendored
1
vendor/golang.org/x/sys/unix/bluetooth_linux.go
generated
vendored
@ -23,6 +23,7 @@ const (
|
|||||||
HCI_CHANNEL_USER = 1
|
HCI_CHANNEL_USER = 1
|
||||||
HCI_CHANNEL_MONITOR = 2
|
HCI_CHANNEL_MONITOR = 2
|
||||||
HCI_CHANNEL_CONTROL = 3
|
HCI_CHANNEL_CONTROL = 3
|
||||||
|
HCI_CHANNEL_LOGGING = 4
|
||||||
)
|
)
|
||||||
|
|
||||||
// Socketoption Level
|
// Socketoption Level
|
||||||
|
12
vendor/golang.org/x/sys/unix/fcntl.go
generated
vendored
12
vendor/golang.org/x/sys/unix/fcntl.go
generated
vendored
@ -9,12 +9,11 @@ package unix
|
|||||||
import "unsafe"
|
import "unsafe"
|
||||||
|
|
||||||
// fcntl64Syscall is usually SYS_FCNTL, but is overridden on 32-bit Linux
|
// fcntl64Syscall is usually SYS_FCNTL, but is overridden on 32-bit Linux
|
||||||
// systems by flock_linux_32bit.go to be SYS_FCNTL64.
|
// systems by fcntl_linux_32bit.go to be SYS_FCNTL64.
|
||||||
var fcntl64Syscall uintptr = SYS_FCNTL
|
var fcntl64Syscall uintptr = SYS_FCNTL
|
||||||
|
|
||||||
// FcntlInt performs a fcntl syscall on fd with the provided command and argument.
|
func fcntl(fd int, cmd, arg int) (int, error) {
|
||||||
func FcntlInt(fd uintptr, cmd, arg int) (int, error) {
|
valptr, _, errno := Syscall(fcntl64Syscall, uintptr(fd), uintptr(cmd), uintptr(arg))
|
||||||
valptr, _, errno := Syscall(fcntl64Syscall, fd, uintptr(cmd), uintptr(arg))
|
|
||||||
var err error
|
var err error
|
||||||
if errno != 0 {
|
if errno != 0 {
|
||||||
err = errno
|
err = errno
|
||||||
@ -22,6 +21,11 @@ func FcntlInt(fd uintptr, cmd, arg int) (int, error) {
|
|||||||
return int(valptr), err
|
return int(valptr), err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// FcntlInt performs a fcntl syscall on fd with the provided command and argument.
|
||||||
|
func FcntlInt(fd uintptr, cmd, arg int) (int, error) {
|
||||||
|
return fcntl(int(fd), cmd, arg)
|
||||||
|
}
|
||||||
|
|
||||||
// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command.
|
// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command.
|
||||||
func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
|
func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
|
||||||
_, _, errno := Syscall(fcntl64Syscall, fd, uintptr(cmd), uintptr(unsafe.Pointer(lk)))
|
_, _, errno := Syscall(fcntl64Syscall, fd, uintptr(cmd), uintptr(unsafe.Pointer(lk)))
|
||||||
|
29
vendor/golang.org/x/sys/unix/fdset.go
generated
vendored
Normal file
29
vendor/golang.org/x/sys/unix/fdset.go
generated
vendored
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
// Set adds fd to the set fds.
|
||||||
|
func (fds *FdSet) Set(fd int) {
|
||||||
|
fds.Bits[fd/NFDBITS] |= (1 << (uintptr(fd) % NFDBITS))
|
||||||
|
}
|
||||||
|
|
||||||
|
// Clear removes fd from the set fds.
|
||||||
|
func (fds *FdSet) Clear(fd int) {
|
||||||
|
fds.Bits[fd/NFDBITS] &^= (1 << (uintptr(fd) % NFDBITS))
|
||||||
|
}
|
||||||
|
|
||||||
|
// IsSet returns whether fd is in the set fds.
|
||||||
|
func (fds *FdSet) IsSet(fd int) bool {
|
||||||
|
return fds.Bits[fd/NFDBITS]&(1<<(uintptr(fd)%NFDBITS)) != 0
|
||||||
|
}
|
||||||
|
|
||||||
|
// Zero clears the set fds.
|
||||||
|
func (fds *FdSet) Zero() {
|
||||||
|
for i := range fds.Bits {
|
||||||
|
fds.Bits[i] = 0
|
||||||
|
}
|
||||||
|
}
|
6
vendor/golang.org/x/sys/unix/mkall.sh
generated
vendored
6
vendor/golang.org/x/sys/unix/mkall.sh
generated
vendored
@ -50,7 +50,7 @@ if [[ "$GOOS" = "linux" ]]; then
|
|||||||
# Use the Docker-based build system
|
# Use the Docker-based build system
|
||||||
# Files generated through docker (use $cmd so you can Ctl-C the build or run)
|
# Files generated through docker (use $cmd so you can Ctl-C the build or run)
|
||||||
$cmd docker build --tag generate:$GOOS $GOOS
|
$cmd docker build --tag generate:$GOOS $GOOS
|
||||||
$cmd docker run --interactive --tty --volume $(dirname "$(readlink -f "$0")"):/build generate:$GOOS
|
$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")" && /bin/pwd):/build generate:$GOOS
|
||||||
exit
|
exit
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -212,9 +212,11 @@ esac
|
|||||||
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in && gofmt -w zsyscall_$GOOSARCH.go && gofmt -w zsyscall_"$GOOSARCH"_gccgo.go && gofmt -w zsyscall_"$GOOSARCH"_gc.go " ;
|
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in && gofmt -w zsyscall_$GOOSARCH.go && gofmt -w zsyscall_"$GOOSARCH"_gccgo.go && gofmt -w zsyscall_"$GOOSARCH"_gc.go " ;
|
||||||
elif [ "$GOOS" == "darwin" ]; then
|
elif [ "$GOOS" == "darwin" ]; then
|
||||||
# pre-1.12, direct syscalls
|
# pre-1.12, direct syscalls
|
||||||
echo "$mksyscall -tags $GOOS,$GOARCH,!go1.12 $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.1_11.go";
|
echo "$mksyscall -tags $GOOS,$GOARCH,!go1.12 $syscall_goos syscall_darwin_${GOARCH}.1_11.go $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.1_11.go";
|
||||||
# 1.12 and later, syscalls via libSystem
|
# 1.12 and later, syscalls via libSystem
|
||||||
echo "$mksyscall -tags $GOOS,$GOARCH,go1.12 $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
|
echo "$mksyscall -tags $GOOS,$GOARCH,go1.12 $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
|
||||||
|
# 1.13 and later, syscalls via libSystem (including syscallPtr)
|
||||||
|
echo "$mksyscall -tags $GOOS,$GOARCH,go1.13 syscall_darwin.1_13.go |gofmt >zsyscall_$GOOSARCH.1_13.go";
|
||||||
else
|
else
|
||||||
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
|
echo "$mksyscall -tags $GOOS,$GOARCH $syscall_goos $GOOSARCH_in |gofmt >zsyscall_$GOOSARCH.go";
|
||||||
fi
|
fi
|
||||||
|
61
vendor/golang.org/x/sys/unix/mkasm_darwin.go
generated
vendored
61
vendor/golang.org/x/sys/unix/mkasm_darwin.go
generated
vendored
@ -1,61 +0,0 @@
|
|||||||
// Copyright 2018 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
// mkasm_darwin.go generates assembly trampolines to call libSystem routines from Go.
|
|
||||||
//This program must be run after mksyscall.go.
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bytes"
|
|
||||||
"fmt"
|
|
||||||
"io/ioutil"
|
|
||||||
"log"
|
|
||||||
"os"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
in1, err := ioutil.ReadFile("syscall_darwin.go")
|
|
||||||
if err != nil {
|
|
||||||
log.Fatalf("can't open syscall_darwin.go: %s", err)
|
|
||||||
}
|
|
||||||
arch := os.Args[1]
|
|
||||||
in2, err := ioutil.ReadFile(fmt.Sprintf("syscall_darwin_%s.go", arch))
|
|
||||||
if err != nil {
|
|
||||||
log.Fatalf("can't open syscall_darwin_%s.go: %s", arch, err)
|
|
||||||
}
|
|
||||||
in3, err := ioutil.ReadFile(fmt.Sprintf("zsyscall_darwin_%s.go", arch))
|
|
||||||
if err != nil {
|
|
||||||
log.Fatalf("can't open zsyscall_darwin_%s.go: %s", arch, err)
|
|
||||||
}
|
|
||||||
in := string(in1) + string(in2) + string(in3)
|
|
||||||
|
|
||||||
trampolines := map[string]bool{}
|
|
||||||
|
|
||||||
var out bytes.Buffer
|
|
||||||
|
|
||||||
fmt.Fprintf(&out, "// go run mkasm_darwin.go %s\n", strings.Join(os.Args[1:], " "))
|
|
||||||
fmt.Fprintf(&out, "// Code generated by the command above; DO NOT EDIT.\n")
|
|
||||||
fmt.Fprintf(&out, "\n")
|
|
||||||
fmt.Fprintf(&out, "// +build go1.12\n")
|
|
||||||
fmt.Fprintf(&out, "\n")
|
|
||||||
fmt.Fprintf(&out, "#include \"textflag.h\"\n")
|
|
||||||
for _, line := range strings.Split(in, "\n") {
|
|
||||||
if !strings.HasPrefix(line, "func ") || !strings.HasSuffix(line, "_trampoline()") {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
fn := line[5 : len(line)-13]
|
|
||||||
if !trampolines[fn] {
|
|
||||||
trampolines[fn] = true
|
|
||||||
fmt.Fprintf(&out, "TEXT ·%s_trampoline(SB),NOSPLIT,$0-0\n", fn)
|
|
||||||
fmt.Fprintf(&out, "\tJMP\t%s(SB)\n", fn)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
err = ioutil.WriteFile(fmt.Sprintf("zsyscall_darwin_%s.s", arch), out.Bytes(), 0644)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatalf("can't write zsyscall_darwin_%s.s: %s", arch, err)
|
|
||||||
}
|
|
||||||
}
|
|
10
vendor/golang.org/x/sys/unix/mkerrors.sh
generated
vendored
10
vendor/golang.org/x/sys/unix/mkerrors.sh
generated
vendored
@ -44,6 +44,7 @@ includes_AIX='
|
|||||||
#include <sys/stropts.h>
|
#include <sys/stropts.h>
|
||||||
#include <sys/mman.h>
|
#include <sys/mman.h>
|
||||||
#include <sys/poll.h>
|
#include <sys/poll.h>
|
||||||
|
#include <sys/select.h>
|
||||||
#include <sys/termio.h>
|
#include <sys/termio.h>
|
||||||
#include <termios.h>
|
#include <termios.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
@ -185,16 +186,19 @@ struct ltchars {
|
|||||||
#include <sys/select.h>
|
#include <sys/select.h>
|
||||||
#include <sys/signalfd.h>
|
#include <sys/signalfd.h>
|
||||||
#include <sys/socket.h>
|
#include <sys/socket.h>
|
||||||
|
#include <sys/uio.h>
|
||||||
#include <sys/xattr.h>
|
#include <sys/xattr.h>
|
||||||
#include <linux/bpf.h>
|
#include <linux/bpf.h>
|
||||||
#include <linux/can.h>
|
#include <linux/can.h>
|
||||||
#include <linux/capability.h>
|
#include <linux/capability.h>
|
||||||
#include <linux/cryptouser.h>
|
#include <linux/cryptouser.h>
|
||||||
|
#include <linux/devlink.h>
|
||||||
#include <linux/errqueue.h>
|
#include <linux/errqueue.h>
|
||||||
#include <linux/falloc.h>
|
#include <linux/falloc.h>
|
||||||
#include <linux/fanotify.h>
|
#include <linux/fanotify.h>
|
||||||
#include <linux/filter.h>
|
#include <linux/filter.h>
|
||||||
#include <linux/fs.h>
|
#include <linux/fs.h>
|
||||||
|
#include <linux/fscrypt.h>
|
||||||
#include <linux/genetlink.h>
|
#include <linux/genetlink.h>
|
||||||
#include <linux/hdreg.h>
|
#include <linux/hdreg.h>
|
||||||
#include <linux/icmpv6.h>
|
#include <linux/icmpv6.h>
|
||||||
@ -494,7 +498,9 @@ ccflags="$@"
|
|||||||
$2 ~ /^CAN_/ ||
|
$2 ~ /^CAN_/ ||
|
||||||
$2 ~ /^CAP_/ ||
|
$2 ~ /^CAP_/ ||
|
||||||
$2 ~ /^ALG_/ ||
|
$2 ~ /^ALG_/ ||
|
||||||
$2 ~ /^FS_(POLICY_FLAGS|KEY_DESC|ENCRYPTION_MODE|[A-Z0-9_]+_KEY_SIZE|IOC_(GET|SET)_ENCRYPTION)/ ||
|
$2 ~ /^FS_(POLICY_FLAGS|KEY_DESC|ENCRYPTION_MODE|[A-Z0-9_]+_KEY_SIZE)/ ||
|
||||||
|
$2 ~ /^FS_IOC_.*ENCRYPTION/ ||
|
||||||
|
$2 ~ /^FSCRYPT_/ ||
|
||||||
$2 ~ /^GRND_/ ||
|
$2 ~ /^GRND_/ ||
|
||||||
$2 ~ /^RND/ ||
|
$2 ~ /^RND/ ||
|
||||||
$2 ~ /^KEY_(SPEC|REQKEY_DEFL)_/ ||
|
$2 ~ /^KEY_(SPEC|REQKEY_DEFL)_/ ||
|
||||||
@ -521,9 +527,11 @@ ccflags="$@"
|
|||||||
$2 ~ /^WDIOC_/ ||
|
$2 ~ /^WDIOC_/ ||
|
||||||
$2 ~ /^NFN/ ||
|
$2 ~ /^NFN/ ||
|
||||||
$2 ~ /^XDP_/ ||
|
$2 ~ /^XDP_/ ||
|
||||||
|
$2 ~ /^RWF_/ ||
|
||||||
$2 ~ /^(HDIO|WIN|SMART)_/ ||
|
$2 ~ /^(HDIO|WIN|SMART)_/ ||
|
||||||
$2 ~ /^CRYPTO_/ ||
|
$2 ~ /^CRYPTO_/ ||
|
||||||
$2 ~ /^TIPC_/ ||
|
$2 ~ /^TIPC_/ ||
|
||||||
|
$2 ~ /^DEVLINK_/ ||
|
||||||
$2 !~ "WMESGLEN" &&
|
$2 !~ "WMESGLEN" &&
|
||||||
$2 ~ /^W[A-Z0-9]+$/ ||
|
$2 ~ /^W[A-Z0-9]+$/ ||
|
||||||
$2 ~/^PPPIOC/ ||
|
$2 ~/^PPPIOC/ ||
|
||||||
|
122
vendor/golang.org/x/sys/unix/mkpost.go
generated
vendored
122
vendor/golang.org/x/sys/unix/mkpost.go
generated
vendored
@ -1,122 +0,0 @@
|
|||||||
// Copyright 2016 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
// mkpost processes the output of cgo -godefs to
|
|
||||||
// modify the generated types. It is used to clean up
|
|
||||||
// the sys API in an architecture specific manner.
|
|
||||||
//
|
|
||||||
// mkpost is run after cgo -godefs; see README.md.
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bytes"
|
|
||||||
"fmt"
|
|
||||||
"go/format"
|
|
||||||
"io/ioutil"
|
|
||||||
"log"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
)
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
// Get the OS and architecture (using GOARCH_TARGET if it exists)
|
|
||||||
goos := os.Getenv("GOOS")
|
|
||||||
goarch := os.Getenv("GOARCH_TARGET")
|
|
||||||
if goarch == "" {
|
|
||||||
goarch = os.Getenv("GOARCH")
|
|
||||||
}
|
|
||||||
// Check that we are using the Docker-based build system if we should be.
|
|
||||||
if goos == "linux" {
|
|
||||||
if os.Getenv("GOLANG_SYS_BUILD") != "docker" {
|
|
||||||
os.Stderr.WriteString("In the Docker-based build system, mkpost should not be called directly.\n")
|
|
||||||
os.Stderr.WriteString("See README.md\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
b, err := ioutil.ReadAll(os.Stdin)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if goos == "aix" {
|
|
||||||
// Replace type of Atim, Mtim and Ctim by Timespec in Stat_t
|
|
||||||
// to avoid having both StTimespec and Timespec.
|
|
||||||
sttimespec := regexp.MustCompile(`_Ctype_struct_st_timespec`)
|
|
||||||
b = sttimespec.ReplaceAll(b, []byte("Timespec"))
|
|
||||||
}
|
|
||||||
|
|
||||||
// Intentionally export __val fields in Fsid and Sigset_t
|
|
||||||
valRegex := regexp.MustCompile(`type (Fsid|Sigset_t) struct {(\s+)X__(bits|val)(\s+\S+\s+)}`)
|
|
||||||
b = valRegex.ReplaceAll(b, []byte("type $1 struct {${2}Val$4}"))
|
|
||||||
|
|
||||||
// Intentionally export __fds_bits field in FdSet
|
|
||||||
fdSetRegex := regexp.MustCompile(`type (FdSet) struct {(\s+)X__fds_bits(\s+\S+\s+)}`)
|
|
||||||
b = fdSetRegex.ReplaceAll(b, []byte("type $1 struct {${2}Bits$3}"))
|
|
||||||
|
|
||||||
// If we have empty Ptrace structs, we should delete them. Only s390x emits
|
|
||||||
// nonempty Ptrace structs.
|
|
||||||
ptraceRexexp := regexp.MustCompile(`type Ptrace((Psw|Fpregs|Per) struct {\s*})`)
|
|
||||||
b = ptraceRexexp.ReplaceAll(b, nil)
|
|
||||||
|
|
||||||
// Replace the control_regs union with a blank identifier for now.
|
|
||||||
controlRegsRegex := regexp.MustCompile(`(Control_regs)\s+\[0\]uint64`)
|
|
||||||
b = controlRegsRegex.ReplaceAll(b, []byte("_ [0]uint64"))
|
|
||||||
|
|
||||||
// Remove fields that are added by glibc
|
|
||||||
// Note that this is unstable as the identifers are private.
|
|
||||||
removeFieldsRegex := regexp.MustCompile(`X__glibc\S*`)
|
|
||||||
b = removeFieldsRegex.ReplaceAll(b, []byte("_"))
|
|
||||||
|
|
||||||
// Convert [65]int8 to [65]byte in Utsname members to simplify
|
|
||||||
// conversion to string; see golang.org/issue/20753
|
|
||||||
convertUtsnameRegex := regexp.MustCompile(`((Sys|Node|Domain)name|Release|Version|Machine)(\s+)\[(\d+)\]u?int8`)
|
|
||||||
b = convertUtsnameRegex.ReplaceAll(b, []byte("$1$3[$4]byte"))
|
|
||||||
|
|
||||||
// Convert [1024]int8 to [1024]byte in Ptmget members
|
|
||||||
convertPtmget := regexp.MustCompile(`([SC]n)(\s+)\[(\d+)\]u?int8`)
|
|
||||||
b = convertPtmget.ReplaceAll(b, []byte("$1[$3]byte"))
|
|
||||||
|
|
||||||
// Remove spare fields (e.g. in Statx_t)
|
|
||||||
spareFieldsRegex := regexp.MustCompile(`X__spare\S*`)
|
|
||||||
b = spareFieldsRegex.ReplaceAll(b, []byte("_"))
|
|
||||||
|
|
||||||
// Remove cgo padding fields
|
|
||||||
removePaddingFieldsRegex := regexp.MustCompile(`Pad_cgo_\d+`)
|
|
||||||
b = removePaddingFieldsRegex.ReplaceAll(b, []byte("_"))
|
|
||||||
|
|
||||||
// Remove padding, hidden, or unused fields
|
|
||||||
removeFieldsRegex = regexp.MustCompile(`\b(X_\S+|Padding)`)
|
|
||||||
b = removeFieldsRegex.ReplaceAll(b, []byte("_"))
|
|
||||||
|
|
||||||
// Remove the first line of warning from cgo
|
|
||||||
b = b[bytes.IndexByte(b, '\n')+1:]
|
|
||||||
// Modify the command in the header to include:
|
|
||||||
// mkpost, our own warning, and a build tag.
|
|
||||||
replacement := fmt.Sprintf(`$1 | go run mkpost.go
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s,%s`, goarch, goos)
|
|
||||||
cgoCommandRegex := regexp.MustCompile(`(cgo -godefs .*)`)
|
|
||||||
b = cgoCommandRegex.ReplaceAll(b, []byte(replacement))
|
|
||||||
|
|
||||||
// Rename Stat_t time fields
|
|
||||||
if goos == "freebsd" && goarch == "386" {
|
|
||||||
// Hide Stat_t.[AMCB]tim_ext fields
|
|
||||||
renameStatTimeExtFieldsRegex := regexp.MustCompile(`[AMCB]tim_ext`)
|
|
||||||
b = renameStatTimeExtFieldsRegex.ReplaceAll(b, []byte("_"))
|
|
||||||
}
|
|
||||||
renameStatTimeFieldsRegex := regexp.MustCompile(`([AMCB])(?:irth)?time?(?:spec)?\s+(Timespec|StTimespec)`)
|
|
||||||
b = renameStatTimeFieldsRegex.ReplaceAll(b, []byte("${1}tim ${2}"))
|
|
||||||
|
|
||||||
// gofmt
|
|
||||||
b, err = format.Source(b)
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
os.Stdout.Write(b)
|
|
||||||
}
|
|
407
vendor/golang.org/x/sys/unix/mksyscall.go
generated
vendored
407
vendor/golang.org/x/sys/unix/mksyscall.go
generated
vendored
@ -1,407 +0,0 @@
|
|||||||
// Copyright 2018 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
/*
|
|
||||||
This program reads a file containing function prototypes
|
|
||||||
(like syscall_darwin.go) and generates system call bodies.
|
|
||||||
The prototypes are marked by lines beginning with "//sys"
|
|
||||||
and read like func declarations if //sys is replaced by func, but:
|
|
||||||
* The parameter lists must give a name for each argument.
|
|
||||||
This includes return parameters.
|
|
||||||
* The parameter lists must give a type for each argument:
|
|
||||||
the (x, y, z int) shorthand is not allowed.
|
|
||||||
* If the return parameter is an error number, it must be named errno.
|
|
||||||
|
|
||||||
A line beginning with //sysnb is like //sys, except that the
|
|
||||||
goroutine will not be suspended during the execution of the system
|
|
||||||
call. This must only be used for system calls which can never
|
|
||||||
block, as otherwise the system call could cause all goroutines to
|
|
||||||
hang.
|
|
||||||
*/
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"flag"
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
b32 = flag.Bool("b32", false, "32bit big-endian")
|
|
||||||
l32 = flag.Bool("l32", false, "32bit little-endian")
|
|
||||||
plan9 = flag.Bool("plan9", false, "plan9")
|
|
||||||
openbsd = flag.Bool("openbsd", false, "openbsd")
|
|
||||||
netbsd = flag.Bool("netbsd", false, "netbsd")
|
|
||||||
dragonfly = flag.Bool("dragonfly", false, "dragonfly")
|
|
||||||
arm = flag.Bool("arm", false, "arm") // 64-bit value should use (even, odd)-pair
|
|
||||||
tags = flag.String("tags", "", "build tags")
|
|
||||||
filename = flag.String("output", "", "output file name (standard output if omitted)")
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksyscall.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags
|
|
||||||
func buildTags() string {
|
|
||||||
return *tags
|
|
||||||
}
|
|
||||||
|
|
||||||
// Param is function parameter
|
|
||||||
type Param struct {
|
|
||||||
Name string
|
|
||||||
Type string
|
|
||||||
}
|
|
||||||
|
|
||||||
// usage prints the program usage
|
|
||||||
func usage() {
|
|
||||||
fmt.Fprintf(os.Stderr, "usage: go run mksyscall.go [-b32 | -l32] [-tags x,y] [file ...]\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParamList parses parameter list and returns a slice of parameters
|
|
||||||
func parseParamList(list string) []string {
|
|
||||||
list = strings.TrimSpace(list)
|
|
||||||
if list == "" {
|
|
||||||
return []string{}
|
|
||||||
}
|
|
||||||
return regexp.MustCompile(`\s*,\s*`).Split(list, -1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParam splits a parameter into name and type
|
|
||||||
func parseParam(p string) Param {
|
|
||||||
ps := regexp.MustCompile(`^(\S*) (\S*)$`).FindStringSubmatch(p)
|
|
||||||
if ps == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "malformed parameter: %s\n", p)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
return Param{ps[1], ps[2]}
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
// Get the OS and architecture (using GOARCH_TARGET if it exists)
|
|
||||||
goos := os.Getenv("GOOS")
|
|
||||||
if goos == "" {
|
|
||||||
fmt.Fprintln(os.Stderr, "GOOS not defined in environment")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
goarch := os.Getenv("GOARCH_TARGET")
|
|
||||||
if goarch == "" {
|
|
||||||
goarch = os.Getenv("GOARCH")
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check that we are using the Docker-based build system if we should
|
|
||||||
if goos == "linux" {
|
|
||||||
if os.Getenv("GOLANG_SYS_BUILD") != "docker" {
|
|
||||||
fmt.Fprintf(os.Stderr, "In the Docker-based build system, mksyscall should not be called directly.\n")
|
|
||||||
fmt.Fprintf(os.Stderr, "See README.md\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
flag.Usage = usage
|
|
||||||
flag.Parse()
|
|
||||||
if len(flag.Args()) <= 0 {
|
|
||||||
fmt.Fprintf(os.Stderr, "no files to parse provided\n")
|
|
||||||
usage()
|
|
||||||
}
|
|
||||||
|
|
||||||
endianness := ""
|
|
||||||
if *b32 {
|
|
||||||
endianness = "big-endian"
|
|
||||||
} else if *l32 {
|
|
||||||
endianness = "little-endian"
|
|
||||||
}
|
|
||||||
|
|
||||||
libc := false
|
|
||||||
if goos == "darwin" && strings.Contains(buildTags(), ",go1.12") {
|
|
||||||
libc = true
|
|
||||||
}
|
|
||||||
trampolines := map[string]bool{}
|
|
||||||
|
|
||||||
text := ""
|
|
||||||
for _, path := range flag.Args() {
|
|
||||||
file, err := os.Open(path)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
s := bufio.NewScanner(file)
|
|
||||||
for s.Scan() {
|
|
||||||
t := s.Text()
|
|
||||||
t = strings.TrimSpace(t)
|
|
||||||
t = regexp.MustCompile(`\s+`).ReplaceAllString(t, ` `)
|
|
||||||
nonblock := regexp.MustCompile(`^\/\/sysnb `).FindStringSubmatch(t)
|
|
||||||
if regexp.MustCompile(`^\/\/sys `).FindStringSubmatch(t) == nil && nonblock == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Line must be of the form
|
|
||||||
// func Open(path string, mode int, perm int) (fd int, errno error)
|
|
||||||
// Split into name, in params, out params.
|
|
||||||
f := regexp.MustCompile(`^\/\/sys(nb)? (\w+)\(([^()]*)\)\s*(?:\(([^()]+)\))?\s*(?:=\s*((?i)SYS_[A-Z0-9_]+))?$`).FindStringSubmatch(t)
|
|
||||||
if f == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s\nmalformed //sys declaration\n", path, t)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
funct, inps, outps, sysname := f[2], f[3], f[4], f[5]
|
|
||||||
|
|
||||||
// ClockGettime doesn't have a syscall number on Darwin, only generate libc wrappers.
|
|
||||||
if goos == "darwin" && !libc && funct == "ClockGettime" {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Split argument lists on comma.
|
|
||||||
in := parseParamList(inps)
|
|
||||||
out := parseParamList(outps)
|
|
||||||
|
|
||||||
// Try in vain to keep people from editing this file.
|
|
||||||
// The theory is that they jump into the middle of the file
|
|
||||||
// without reading the header.
|
|
||||||
text += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
|
|
||||||
// Go function header.
|
|
||||||
outDecl := ""
|
|
||||||
if len(out) > 0 {
|
|
||||||
outDecl = fmt.Sprintf(" (%s)", strings.Join(out, ", "))
|
|
||||||
}
|
|
||||||
text += fmt.Sprintf("func %s(%s)%s {\n", funct, strings.Join(in, ", "), outDecl)
|
|
||||||
|
|
||||||
// Check if err return available
|
|
||||||
errvar := ""
|
|
||||||
for _, param := range out {
|
|
||||||
p := parseParam(param)
|
|
||||||
if p.Type == "error" {
|
|
||||||
errvar = p.Name
|
|
||||||
break
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Prepare arguments to Syscall.
|
|
||||||
var args []string
|
|
||||||
n := 0
|
|
||||||
for _, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
args = append(args, "uintptr(unsafe.Pointer("+p.Name+"))")
|
|
||||||
} else if p.Type == "string" && errvar != "" {
|
|
||||||
text += fmt.Sprintf("\tvar _p%d *byte\n", n)
|
|
||||||
text += fmt.Sprintf("\t_p%d, %s = BytePtrFromString(%s)\n", n, errvar, p.Name)
|
|
||||||
text += fmt.Sprintf("\tif %s != nil {\n\t\treturn\n\t}\n", errvar)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses string arguments, but has no error return\n")
|
|
||||||
text += fmt.Sprintf("\tvar _p%d *byte\n", n)
|
|
||||||
text += fmt.Sprintf("\t_p%d, _ = BytePtrFromString(%s)\n", n, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
n++
|
|
||||||
} else if regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
// Convert slice into pointer, length.
|
|
||||||
// Have to be careful not to take address of &a[0] if len == 0:
|
|
||||||
// pass dummy pointer in that case.
|
|
||||||
// Used to pass nil, but some OSes or simulators reject write(fd, nil, 0).
|
|
||||||
text += fmt.Sprintf("\tvar _p%d unsafe.Pointer\n", n)
|
|
||||||
text += fmt.Sprintf("\tif len(%s) > 0 {\n\t\t_p%d = unsafe.Pointer(&%s[0])\n\t}", p.Name, n, p.Name)
|
|
||||||
text += fmt.Sprintf(" else {\n\t\t_p%d = unsafe.Pointer(&_zero)\n\t}\n", n)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(_p%d)", n), fmt.Sprintf("uintptr(len(%s))", p.Name))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "int64" && (*openbsd || *netbsd) {
|
|
||||||
args = append(args, "0")
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s>>32)", p.Name), fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
} else if endianness == "little-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name), fmt.Sprintf("uintptr(%s>>32)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
}
|
|
||||||
} else if p.Type == "int64" && *dragonfly {
|
|
||||||
if regexp.MustCompile(`^(?i)extp(read|write)`).FindStringSubmatch(funct) == nil {
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s>>32)", p.Name), fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
} else if endianness == "little-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name), fmt.Sprintf("uintptr(%s>>32)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
}
|
|
||||||
} else if (p.Type == "int64" || p.Type == "uint64") && endianness != "" {
|
|
||||||
if len(args)%2 == 1 && *arm {
|
|
||||||
// arm abi specifies 64-bit argument uses
|
|
||||||
// (even, odd) pair
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s>>32)", p.Name), fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name), fmt.Sprintf("uintptr(%s>>32)", p.Name))
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Determine which form to use; pad args with zeros.
|
|
||||||
asm := "Syscall"
|
|
||||||
if nonblock != nil {
|
|
||||||
if errvar == "" && goos == "linux" {
|
|
||||||
asm = "RawSyscallNoError"
|
|
||||||
} else {
|
|
||||||
asm = "RawSyscall"
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
if errvar == "" && goos == "linux" {
|
|
||||||
asm = "SyscallNoError"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if len(args) <= 3 {
|
|
||||||
for len(args) < 3 {
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
} else if len(args) <= 6 {
|
|
||||||
asm += "6"
|
|
||||||
for len(args) < 6 {
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
} else if len(args) <= 9 {
|
|
||||||
asm += "9"
|
|
||||||
for len(args) < 9 {
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s too many arguments to system call\n", path, funct)
|
|
||||||
}
|
|
||||||
|
|
||||||
// System call number.
|
|
||||||
if sysname == "" {
|
|
||||||
sysname = "SYS_" + funct
|
|
||||||
sysname = regexp.MustCompile(`([a-z])([A-Z])`).ReplaceAllString(sysname, `${1}_$2`)
|
|
||||||
sysname = strings.ToUpper(sysname)
|
|
||||||
}
|
|
||||||
|
|
||||||
var libcFn string
|
|
||||||
if libc {
|
|
||||||
asm = "syscall_" + strings.ToLower(asm[:1]) + asm[1:] // internal syscall call
|
|
||||||
sysname = strings.TrimPrefix(sysname, "SYS_") // remove SYS_
|
|
||||||
sysname = strings.ToLower(sysname) // lowercase
|
|
||||||
if sysname == "getdirentries64" {
|
|
||||||
// Special case - libSystem name and
|
|
||||||
// raw syscall name don't match.
|
|
||||||
sysname = "__getdirentries64"
|
|
||||||
}
|
|
||||||
libcFn = sysname
|
|
||||||
sysname = "funcPC(libc_" + sysname + "_trampoline)"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Actual call.
|
|
||||||
arglist := strings.Join(args, ", ")
|
|
||||||
call := fmt.Sprintf("%s(%s, %s)", asm, sysname, arglist)
|
|
||||||
|
|
||||||
// Assign return values.
|
|
||||||
body := ""
|
|
||||||
ret := []string{"_", "_", "_"}
|
|
||||||
doErrno := false
|
|
||||||
for i := 0; i < len(out); i++ {
|
|
||||||
p := parseParam(out[i])
|
|
||||||
reg := ""
|
|
||||||
if p.Name == "err" && !*plan9 {
|
|
||||||
reg = "e1"
|
|
||||||
ret[2] = reg
|
|
||||||
doErrno = true
|
|
||||||
} else if p.Name == "err" && *plan9 {
|
|
||||||
ret[0] = "r0"
|
|
||||||
ret[2] = "e1"
|
|
||||||
break
|
|
||||||
} else {
|
|
||||||
reg = fmt.Sprintf("r%d", i)
|
|
||||||
ret[i] = reg
|
|
||||||
}
|
|
||||||
if p.Type == "bool" {
|
|
||||||
reg = fmt.Sprintf("%s != 0", reg)
|
|
||||||
}
|
|
||||||
if p.Type == "int64" && endianness != "" {
|
|
||||||
// 64-bit number in r1:r0 or r0:r1.
|
|
||||||
if i+2 > len(out) {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s not enough registers for int64 return\n", path, funct)
|
|
||||||
}
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
reg = fmt.Sprintf("int64(r%d)<<32 | int64(r%d)", i, i+1)
|
|
||||||
} else {
|
|
||||||
reg = fmt.Sprintf("int64(r%d)<<32 | int64(r%d)", i+1, i)
|
|
||||||
}
|
|
||||||
ret[i] = fmt.Sprintf("r%d", i)
|
|
||||||
ret[i+1] = fmt.Sprintf("r%d", i+1)
|
|
||||||
}
|
|
||||||
if reg != "e1" || *plan9 {
|
|
||||||
body += fmt.Sprintf("\t%s = %s(%s)\n", p.Name, p.Type, reg)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ret[0] == "_" && ret[1] == "_" && ret[2] == "_" {
|
|
||||||
text += fmt.Sprintf("\t%s\n", call)
|
|
||||||
} else {
|
|
||||||
if errvar == "" && goos == "linux" {
|
|
||||||
// raw syscall without error on Linux, see golang.org/issue/22924
|
|
||||||
text += fmt.Sprintf("\t%s, %s := %s\n", ret[0], ret[1], call)
|
|
||||||
} else {
|
|
||||||
text += fmt.Sprintf("\t%s, %s, %s := %s\n", ret[0], ret[1], ret[2], call)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
text += body
|
|
||||||
|
|
||||||
if *plan9 && ret[2] == "e1" {
|
|
||||||
text += "\tif int32(r0) == -1 {\n"
|
|
||||||
text += "\t\terr = e1\n"
|
|
||||||
text += "\t}\n"
|
|
||||||
} else if doErrno {
|
|
||||||
text += "\tif e1 != 0 {\n"
|
|
||||||
text += "\t\terr = errnoErr(e1)\n"
|
|
||||||
text += "\t}\n"
|
|
||||||
}
|
|
||||||
text += "\treturn\n"
|
|
||||||
text += "}\n\n"
|
|
||||||
|
|
||||||
if libc && !trampolines[libcFn] {
|
|
||||||
// some system calls share a trampoline, like read and readlen.
|
|
||||||
trampolines[libcFn] = true
|
|
||||||
// Declare assembly trampoline.
|
|
||||||
text += fmt.Sprintf("func libc_%s_trampoline()\n", libcFn)
|
|
||||||
// Assembly trampoline calls the libc_* function, which this magic
|
|
||||||
// redirects to use the function from libSystem.
|
|
||||||
text += fmt.Sprintf("//go:linkname libc_%s libc_%s\n", libcFn, libcFn)
|
|
||||||
text += fmt.Sprintf("//go:cgo_import_dynamic libc_%s %s \"/usr/lib/libSystem.B.dylib\"\n", libcFn, libcFn)
|
|
||||||
text += "\n"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if err := s.Err(); err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
fmt.Printf(srcTemplate, cmdLine(), buildTags(), text)
|
|
||||||
}
|
|
||||||
|
|
||||||
const srcTemplate = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package unix
|
|
||||||
|
|
||||||
import (
|
|
||||||
"syscall"
|
|
||||||
"unsafe"
|
|
||||||
)
|
|
||||||
|
|
||||||
var _ syscall.Errno
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
415
vendor/golang.org/x/sys/unix/mksyscall_aix_ppc.go
generated
vendored
415
vendor/golang.org/x/sys/unix/mksyscall_aix_ppc.go
generated
vendored
@ -1,415 +0,0 @@
|
|||||||
// Copyright 2019 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
/*
|
|
||||||
This program reads a file containing function prototypes
|
|
||||||
(like syscall_aix.go) and generates system call bodies.
|
|
||||||
The prototypes are marked by lines beginning with "//sys"
|
|
||||||
and read like func declarations if //sys is replaced by func, but:
|
|
||||||
* The parameter lists must give a name for each argument.
|
|
||||||
This includes return parameters.
|
|
||||||
* The parameter lists must give a type for each argument:
|
|
||||||
the (x, y, z int) shorthand is not allowed.
|
|
||||||
* If the return parameter is an error number, it must be named err.
|
|
||||||
* If go func name needs to be different than its libc name,
|
|
||||||
* or the function is not in libc, name could be specified
|
|
||||||
* at the end, after "=" sign, like
|
|
||||||
//sys getsockopt(s int, level int, name int, val uintptr, vallen *_Socklen) (err error) = libsocket.getsockopt
|
|
||||||
*/
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"flag"
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
b32 = flag.Bool("b32", false, "32bit big-endian")
|
|
||||||
l32 = flag.Bool("l32", false, "32bit little-endian")
|
|
||||||
aix = flag.Bool("aix", false, "aix")
|
|
||||||
tags = flag.String("tags", "", "build tags")
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksyscall_aix_ppc.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags
|
|
||||||
func buildTags() string {
|
|
||||||
return *tags
|
|
||||||
}
|
|
||||||
|
|
||||||
// Param is function parameter
|
|
||||||
type Param struct {
|
|
||||||
Name string
|
|
||||||
Type string
|
|
||||||
}
|
|
||||||
|
|
||||||
// usage prints the program usage
|
|
||||||
func usage() {
|
|
||||||
fmt.Fprintf(os.Stderr, "usage: go run mksyscall_aix_ppc.go [-b32 | -l32] [-tags x,y] [file ...]\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParamList parses parameter list and returns a slice of parameters
|
|
||||||
func parseParamList(list string) []string {
|
|
||||||
list = strings.TrimSpace(list)
|
|
||||||
if list == "" {
|
|
||||||
return []string{}
|
|
||||||
}
|
|
||||||
return regexp.MustCompile(`\s*,\s*`).Split(list, -1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParam splits a parameter into name and type
|
|
||||||
func parseParam(p string) Param {
|
|
||||||
ps := regexp.MustCompile(`^(\S*) (\S*)$`).FindStringSubmatch(p)
|
|
||||||
if ps == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "malformed parameter: %s\n", p)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
return Param{ps[1], ps[2]}
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
flag.Usage = usage
|
|
||||||
flag.Parse()
|
|
||||||
if len(flag.Args()) <= 0 {
|
|
||||||
fmt.Fprintf(os.Stderr, "no files to parse provided\n")
|
|
||||||
usage()
|
|
||||||
}
|
|
||||||
|
|
||||||
endianness := ""
|
|
||||||
if *b32 {
|
|
||||||
endianness = "big-endian"
|
|
||||||
} else if *l32 {
|
|
||||||
endianness = "little-endian"
|
|
||||||
}
|
|
||||||
|
|
||||||
pack := ""
|
|
||||||
text := ""
|
|
||||||
cExtern := "/*\n#include <stdint.h>\n#include <stddef.h>\n"
|
|
||||||
for _, path := range flag.Args() {
|
|
||||||
file, err := os.Open(path)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
s := bufio.NewScanner(file)
|
|
||||||
for s.Scan() {
|
|
||||||
t := s.Text()
|
|
||||||
t = strings.TrimSpace(t)
|
|
||||||
t = regexp.MustCompile(`\s+`).ReplaceAllString(t, ` `)
|
|
||||||
if p := regexp.MustCompile(`^package (\S+)$`).FindStringSubmatch(t); p != nil && pack == "" {
|
|
||||||
pack = p[1]
|
|
||||||
}
|
|
||||||
nonblock := regexp.MustCompile(`^\/\/sysnb `).FindStringSubmatch(t)
|
|
||||||
if regexp.MustCompile(`^\/\/sys `).FindStringSubmatch(t) == nil && nonblock == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Line must be of the form
|
|
||||||
// func Open(path string, mode int, perm int) (fd int, err error)
|
|
||||||
// Split into name, in params, out params.
|
|
||||||
f := regexp.MustCompile(`^\/\/sys(nb)? (\w+)\(([^()]*)\)\s*(?:\(([^()]+)\))?\s*(?:=\s*(?:(\w*)\.)?(\w*))?$`).FindStringSubmatch(t)
|
|
||||||
if f == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s\nmalformed //sys declaration\n", path, t)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
funct, inps, outps, modname, sysname := f[2], f[3], f[4], f[5], f[6]
|
|
||||||
|
|
||||||
// Split argument lists on comma.
|
|
||||||
in := parseParamList(inps)
|
|
||||||
out := parseParamList(outps)
|
|
||||||
|
|
||||||
inps = strings.Join(in, ", ")
|
|
||||||
outps = strings.Join(out, ", ")
|
|
||||||
|
|
||||||
// Try in vain to keep people from editing this file.
|
|
||||||
// The theory is that they jump into the middle of the file
|
|
||||||
// without reading the header.
|
|
||||||
text += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
|
|
||||||
// Check if value return, err return available
|
|
||||||
errvar := ""
|
|
||||||
retvar := ""
|
|
||||||
rettype := ""
|
|
||||||
for _, param := range out {
|
|
||||||
p := parseParam(param)
|
|
||||||
if p.Type == "error" {
|
|
||||||
errvar = p.Name
|
|
||||||
} else {
|
|
||||||
retvar = p.Name
|
|
||||||
rettype = p.Type
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// System call name.
|
|
||||||
if sysname == "" {
|
|
||||||
sysname = funct
|
|
||||||
}
|
|
||||||
sysname = regexp.MustCompile(`([a-z])([A-Z])`).ReplaceAllString(sysname, `${1}_$2`)
|
|
||||||
sysname = strings.ToLower(sysname) // All libc functions are lowercase.
|
|
||||||
|
|
||||||
cRettype := ""
|
|
||||||
if rettype == "unsafe.Pointer" {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if rettype == "uintptr" {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(rettype) != nil {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if rettype == "int" {
|
|
||||||
cRettype = "int"
|
|
||||||
} else if rettype == "int32" {
|
|
||||||
cRettype = "int"
|
|
||||||
} else if rettype == "int64" {
|
|
||||||
cRettype = "long long"
|
|
||||||
} else if rettype == "uint32" {
|
|
||||||
cRettype = "unsigned int"
|
|
||||||
} else if rettype == "uint64" {
|
|
||||||
cRettype = "unsigned long long"
|
|
||||||
} else {
|
|
||||||
cRettype = "int"
|
|
||||||
}
|
|
||||||
if sysname == "exit" {
|
|
||||||
cRettype = "void"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Change p.Types to c
|
|
||||||
var cIn []string
|
|
||||||
for _, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t", "size_t")
|
|
||||||
} else if p.Type == "unsafe.Pointer" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "uintptr" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "int" {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
} else if p.Type == "int32" {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
} else if p.Type == "int64" {
|
|
||||||
cIn = append(cIn, "long long")
|
|
||||||
} else if p.Type == "uint32" {
|
|
||||||
cIn = append(cIn, "unsigned int")
|
|
||||||
} else if p.Type == "uint64" {
|
|
||||||
cIn = append(cIn, "unsigned long long")
|
|
||||||
} else {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if funct != "fcntl" && funct != "FcntlInt" && funct != "readlen" && funct != "writelen" {
|
|
||||||
if sysname == "select" {
|
|
||||||
// select is a keyword of Go. Its name is
|
|
||||||
// changed to c_select.
|
|
||||||
cExtern += "#define c_select select\n"
|
|
||||||
}
|
|
||||||
// Imports of system calls from libc
|
|
||||||
cExtern += fmt.Sprintf("%s %s", cRettype, sysname)
|
|
||||||
cIn := strings.Join(cIn, ", ")
|
|
||||||
cExtern += fmt.Sprintf("(%s);\n", cIn)
|
|
||||||
}
|
|
||||||
|
|
||||||
// So file name.
|
|
||||||
if *aix {
|
|
||||||
if modname == "" {
|
|
||||||
modname = "libc.a/shr_64.o"
|
|
||||||
} else {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s: only syscall using libc are available\n", funct)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
strconvfunc := "C.CString"
|
|
||||||
|
|
||||||
// Go function header.
|
|
||||||
if outps != "" {
|
|
||||||
outps = fmt.Sprintf(" (%s)", outps)
|
|
||||||
}
|
|
||||||
if text != "" {
|
|
||||||
text += "\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
text += fmt.Sprintf("func %s(%s)%s {\n", funct, strings.Join(in, ", "), outps)
|
|
||||||
|
|
||||||
// Prepare arguments to Syscall.
|
|
||||||
var args []string
|
|
||||||
n := 0
|
|
||||||
argN := 0
|
|
||||||
for _, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
args = append(args, "C.uintptr_t(uintptr(unsafe.Pointer("+p.Name+")))")
|
|
||||||
} else if p.Type == "string" && errvar != "" {
|
|
||||||
text += fmt.Sprintf("\t_p%d := uintptr(unsafe.Pointer(%s(%s)))\n", n, strconvfunc, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses string arguments, but has no error return\n")
|
|
||||||
text += fmt.Sprintf("\t_p%d := uintptr(unsafe.Pointer(%s(%s)))\n", n, strconvfunc, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else if m := regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type); m != nil {
|
|
||||||
// Convert slice into pointer, length.
|
|
||||||
// Have to be careful not to take address of &a[0] if len == 0:
|
|
||||||
// pass nil in that case.
|
|
||||||
text += fmt.Sprintf("\tvar _p%d *%s\n", n, m[1])
|
|
||||||
text += fmt.Sprintf("\tif len(%s) > 0 {\n\t\t_p%d = &%s[0]\n\t}\n", p.Name, n, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(uintptr(unsafe.Pointer(_p%d)))", n))
|
|
||||||
n++
|
|
||||||
text += fmt.Sprintf("\tvar _p%d int\n", n)
|
|
||||||
text += fmt.Sprintf("\t_p%d = len(%s)\n", n, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("C.size_t(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "int64" && endianness != "" {
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s>>32)", p.Name), fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name), fmt.Sprintf("uintptr(%s>>32)", p.Name))
|
|
||||||
}
|
|
||||||
n++
|
|
||||||
} else if p.Type == "bool" {
|
|
||||||
text += fmt.Sprintf("\tvar _p%d uint32\n", n)
|
|
||||||
text += fmt.Sprintf("\tif %s {\n\t\t_p%d = 1\n\t} else {\n\t\t_p%d = 0\n\t}\n", p.Name, n, n)
|
|
||||||
args = append(args, fmt.Sprintf("_p%d", n))
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(uintptr(%s))", p.Name))
|
|
||||||
} else if p.Type == "unsafe.Pointer" {
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(uintptr(%s))", p.Name))
|
|
||||||
} else if p.Type == "int" {
|
|
||||||
if (argN == 2) && ((funct == "readlen") || (funct == "writelen")) {
|
|
||||||
args = append(args, fmt.Sprintf("C.size_t(%s)", p.Name))
|
|
||||||
} else if argN == 0 && funct == "fcntl" {
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else if (argN == 2) && ((funct == "fcntl") || (funct == "FcntlInt")) {
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
}
|
|
||||||
} else if p.Type == "int32" {
|
|
||||||
args = append(args, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
} else if p.Type == "int64" {
|
|
||||||
args = append(args, fmt.Sprintf("C.longlong(%s)", p.Name))
|
|
||||||
} else if p.Type == "uint32" {
|
|
||||||
args = append(args, fmt.Sprintf("C.uint(%s)", p.Name))
|
|
||||||
} else if p.Type == "uint64" {
|
|
||||||
args = append(args, fmt.Sprintf("C.ulonglong(%s)", p.Name))
|
|
||||||
} else if p.Type == "uintptr" {
|
|
||||||
args = append(args, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
}
|
|
||||||
argN++
|
|
||||||
}
|
|
||||||
|
|
||||||
// Actual call.
|
|
||||||
arglist := strings.Join(args, ", ")
|
|
||||||
call := ""
|
|
||||||
if sysname == "exit" {
|
|
||||||
if errvar != "" {
|
|
||||||
call += "er :="
|
|
||||||
} else {
|
|
||||||
call += ""
|
|
||||||
}
|
|
||||||
} else if errvar != "" {
|
|
||||||
call += "r0,er :="
|
|
||||||
} else if retvar != "" {
|
|
||||||
call += "r0,_ :="
|
|
||||||
} else {
|
|
||||||
call += ""
|
|
||||||
}
|
|
||||||
if sysname == "select" {
|
|
||||||
// select is a keyword of Go. Its name is
|
|
||||||
// changed to c_select.
|
|
||||||
call += fmt.Sprintf("C.c_%s(%s)", sysname, arglist)
|
|
||||||
} else {
|
|
||||||
call += fmt.Sprintf("C.%s(%s)", sysname, arglist)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Assign return values.
|
|
||||||
body := ""
|
|
||||||
for i := 0; i < len(out); i++ {
|
|
||||||
p := parseParam(out[i])
|
|
||||||
reg := ""
|
|
||||||
if p.Name == "err" {
|
|
||||||
reg = "e1"
|
|
||||||
} else {
|
|
||||||
reg = "r0"
|
|
||||||
}
|
|
||||||
if reg != "e1" {
|
|
||||||
body += fmt.Sprintf("\t%s = %s(%s)\n", p.Name, p.Type, reg)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// verify return
|
|
||||||
if sysname != "exit" && errvar != "" {
|
|
||||||
if regexp.MustCompile(`^uintptr`).FindStringSubmatch(cRettype) != nil {
|
|
||||||
body += "\tif (uintptr(r0) ==^uintptr(0) && er != nil) {\n"
|
|
||||||
body += fmt.Sprintf("\t\t%s = er\n", errvar)
|
|
||||||
body += "\t}\n"
|
|
||||||
} else {
|
|
||||||
body += "\tif (r0 ==-1 && er != nil) {\n"
|
|
||||||
body += fmt.Sprintf("\t\t%s = er\n", errvar)
|
|
||||||
body += "\t}\n"
|
|
||||||
}
|
|
||||||
} else if errvar != "" {
|
|
||||||
body += "\tif (er != nil) {\n"
|
|
||||||
body += fmt.Sprintf("\t\t%s = er\n", errvar)
|
|
||||||
body += "\t}\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
text += fmt.Sprintf("\t%s\n", call)
|
|
||||||
text += body
|
|
||||||
|
|
||||||
text += "\treturn\n"
|
|
||||||
text += "}\n"
|
|
||||||
}
|
|
||||||
if err := s.Err(); err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
imp := ""
|
|
||||||
if pack != "unix" {
|
|
||||||
imp = "import \"golang.org/x/sys/unix\"\n"
|
|
||||||
|
|
||||||
}
|
|
||||||
fmt.Printf(srcTemplate, cmdLine(), buildTags(), pack, cExtern, imp, text)
|
|
||||||
}
|
|
||||||
|
|
||||||
const srcTemplate = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package %s
|
|
||||||
|
|
||||||
|
|
||||||
%s
|
|
||||||
*/
|
|
||||||
import "C"
|
|
||||||
import (
|
|
||||||
"unsafe"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
%s
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
614
vendor/golang.org/x/sys/unix/mksyscall_aix_ppc64.go
generated
vendored
614
vendor/golang.org/x/sys/unix/mksyscall_aix_ppc64.go
generated
vendored
@ -1,614 +0,0 @@
|
|||||||
// Copyright 2019 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
/*
|
|
||||||
This program reads a file containing function prototypes
|
|
||||||
(like syscall_aix.go) and generates system call bodies.
|
|
||||||
The prototypes are marked by lines beginning with "//sys"
|
|
||||||
and read like func declarations if //sys is replaced by func, but:
|
|
||||||
* The parameter lists must give a name for each argument.
|
|
||||||
This includes return parameters.
|
|
||||||
* The parameter lists must give a type for each argument:
|
|
||||||
the (x, y, z int) shorthand is not allowed.
|
|
||||||
* If the return parameter is an error number, it must be named err.
|
|
||||||
* If go func name needs to be different than its libc name,
|
|
||||||
* or the function is not in libc, name could be specified
|
|
||||||
* at the end, after "=" sign, like
|
|
||||||
//sys getsockopt(s int, level int, name int, val uintptr, vallen *_Socklen) (err error) = libsocket.getsockopt
|
|
||||||
|
|
||||||
|
|
||||||
This program will generate three files and handle both gc and gccgo implementation:
|
|
||||||
- zsyscall_aix_ppc64.go: the common part of each implementation (error handler, pointer creation)
|
|
||||||
- zsyscall_aix_ppc64_gc.go: gc part with //go_cgo_import_dynamic and a call to syscall6
|
|
||||||
- zsyscall_aix_ppc64_gccgo.go: gccgo part with C function and conversion to C type.
|
|
||||||
|
|
||||||
The generated code looks like this
|
|
||||||
|
|
||||||
zsyscall_aix_ppc64.go
|
|
||||||
func asyscall(...) (n int, err error) {
|
|
||||||
// Pointer Creation
|
|
||||||
r1, e1 := callasyscall(...)
|
|
||||||
// Type Conversion
|
|
||||||
// Error Handler
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
zsyscall_aix_ppc64_gc.go
|
|
||||||
//go:cgo_import_dynamic libc_asyscall asyscall "libc.a/shr_64.o"
|
|
||||||
//go:linkname libc_asyscall libc_asyscall
|
|
||||||
var asyscall syscallFunc
|
|
||||||
|
|
||||||
func callasyscall(...) (r1 uintptr, e1 Errno) {
|
|
||||||
r1, _, e1 = syscall6(uintptr(unsafe.Pointer(&libc_asyscall)), "nb_args", ... )
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
zsyscall_aix_ppc64_ggcgo.go
|
|
||||||
|
|
||||||
// int asyscall(...)
|
|
||||||
|
|
||||||
import "C"
|
|
||||||
|
|
||||||
func callasyscall(...) (r1 uintptr, e1 Errno) {
|
|
||||||
r1 = uintptr(C.asyscall(...))
|
|
||||||
e1 = syscall.GetErrno()
|
|
||||||
return
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"flag"
|
|
||||||
"fmt"
|
|
||||||
"io/ioutil"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
b32 = flag.Bool("b32", false, "32bit big-endian")
|
|
||||||
l32 = flag.Bool("l32", false, "32bit little-endian")
|
|
||||||
aix = flag.Bool("aix", false, "aix")
|
|
||||||
tags = flag.String("tags", "", "build tags")
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksyscall_aix_ppc64.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags
|
|
||||||
func buildTags() string {
|
|
||||||
return *tags
|
|
||||||
}
|
|
||||||
|
|
||||||
// Param is function parameter
|
|
||||||
type Param struct {
|
|
||||||
Name string
|
|
||||||
Type string
|
|
||||||
}
|
|
||||||
|
|
||||||
// usage prints the program usage
|
|
||||||
func usage() {
|
|
||||||
fmt.Fprintf(os.Stderr, "usage: go run mksyscall_aix_ppc64.go [-b32 | -l32] [-tags x,y] [file ...]\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParamList parses parameter list and returns a slice of parameters
|
|
||||||
func parseParamList(list string) []string {
|
|
||||||
list = strings.TrimSpace(list)
|
|
||||||
if list == "" {
|
|
||||||
return []string{}
|
|
||||||
}
|
|
||||||
return regexp.MustCompile(`\s*,\s*`).Split(list, -1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParam splits a parameter into name and type
|
|
||||||
func parseParam(p string) Param {
|
|
||||||
ps := regexp.MustCompile(`^(\S*) (\S*)$`).FindStringSubmatch(p)
|
|
||||||
if ps == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "malformed parameter: %s\n", p)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
return Param{ps[1], ps[2]}
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
flag.Usage = usage
|
|
||||||
flag.Parse()
|
|
||||||
if len(flag.Args()) <= 0 {
|
|
||||||
fmt.Fprintf(os.Stderr, "no files to parse provided\n")
|
|
||||||
usage()
|
|
||||||
}
|
|
||||||
|
|
||||||
endianness := ""
|
|
||||||
if *b32 {
|
|
||||||
endianness = "big-endian"
|
|
||||||
} else if *l32 {
|
|
||||||
endianness = "little-endian"
|
|
||||||
}
|
|
||||||
|
|
||||||
pack := ""
|
|
||||||
// GCCGO
|
|
||||||
textgccgo := ""
|
|
||||||
cExtern := "/*\n#include <stdint.h>\n"
|
|
||||||
// GC
|
|
||||||
textgc := ""
|
|
||||||
dynimports := ""
|
|
||||||
linknames := ""
|
|
||||||
var vars []string
|
|
||||||
// COMMON
|
|
||||||
textcommon := ""
|
|
||||||
for _, path := range flag.Args() {
|
|
||||||
file, err := os.Open(path)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
s := bufio.NewScanner(file)
|
|
||||||
for s.Scan() {
|
|
||||||
t := s.Text()
|
|
||||||
t = strings.TrimSpace(t)
|
|
||||||
t = regexp.MustCompile(`\s+`).ReplaceAllString(t, ` `)
|
|
||||||
if p := regexp.MustCompile(`^package (\S+)$`).FindStringSubmatch(t); p != nil && pack == "" {
|
|
||||||
pack = p[1]
|
|
||||||
}
|
|
||||||
nonblock := regexp.MustCompile(`^\/\/sysnb `).FindStringSubmatch(t)
|
|
||||||
if regexp.MustCompile(`^\/\/sys `).FindStringSubmatch(t) == nil && nonblock == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Line must be of the form
|
|
||||||
// func Open(path string, mode int, perm int) (fd int, err error)
|
|
||||||
// Split into name, in params, out params.
|
|
||||||
f := regexp.MustCompile(`^\/\/sys(nb)? (\w+)\(([^()]*)\)\s*(?:\(([^()]+)\))?\s*(?:=\s*(?:(\w*)\.)?(\w*))?$`).FindStringSubmatch(t)
|
|
||||||
if f == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s\nmalformed //sys declaration\n", path, t)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
funct, inps, outps, modname, sysname := f[2], f[3], f[4], f[5], f[6]
|
|
||||||
|
|
||||||
// Split argument lists on comma.
|
|
||||||
in := parseParamList(inps)
|
|
||||||
out := parseParamList(outps)
|
|
||||||
|
|
||||||
inps = strings.Join(in, ", ")
|
|
||||||
outps = strings.Join(out, ", ")
|
|
||||||
|
|
||||||
if sysname == "" {
|
|
||||||
sysname = funct
|
|
||||||
}
|
|
||||||
|
|
||||||
onlyCommon := false
|
|
||||||
if funct == "readlen" || funct == "writelen" || funct == "FcntlInt" || funct == "FcntlFlock" {
|
|
||||||
// This function call another syscall which is already implemented.
|
|
||||||
// Therefore, the gc and gccgo part must not be generated.
|
|
||||||
onlyCommon = true
|
|
||||||
}
|
|
||||||
|
|
||||||
// Try in vain to keep people from editing this file.
|
|
||||||
// The theory is that they jump into the middle of the file
|
|
||||||
// without reading the header.
|
|
||||||
|
|
||||||
textcommon += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
if !onlyCommon {
|
|
||||||
textgccgo += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
textgc += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check if value return, err return available
|
|
||||||
errvar := ""
|
|
||||||
rettype := ""
|
|
||||||
for _, param := range out {
|
|
||||||
p := parseParam(param)
|
|
||||||
if p.Type == "error" {
|
|
||||||
errvar = p.Name
|
|
||||||
} else {
|
|
||||||
rettype = p.Type
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
sysname = regexp.MustCompile(`([a-z])([A-Z])`).ReplaceAllString(sysname, `${1}_$2`)
|
|
||||||
sysname = strings.ToLower(sysname) // All libc functions are lowercase.
|
|
||||||
|
|
||||||
// GCCGO Prototype return type
|
|
||||||
cRettype := ""
|
|
||||||
if rettype == "unsafe.Pointer" {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if rettype == "uintptr" {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(rettype) != nil {
|
|
||||||
cRettype = "uintptr_t"
|
|
||||||
} else if rettype == "int" {
|
|
||||||
cRettype = "int"
|
|
||||||
} else if rettype == "int32" {
|
|
||||||
cRettype = "int"
|
|
||||||
} else if rettype == "int64" {
|
|
||||||
cRettype = "long long"
|
|
||||||
} else if rettype == "uint32" {
|
|
||||||
cRettype = "unsigned int"
|
|
||||||
} else if rettype == "uint64" {
|
|
||||||
cRettype = "unsigned long long"
|
|
||||||
} else {
|
|
||||||
cRettype = "int"
|
|
||||||
}
|
|
||||||
if sysname == "exit" {
|
|
||||||
cRettype = "void"
|
|
||||||
}
|
|
||||||
|
|
||||||
// GCCGO Prototype arguments type
|
|
||||||
var cIn []string
|
|
||||||
for i, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t", "size_t")
|
|
||||||
} else if p.Type == "unsafe.Pointer" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "uintptr" {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else if p.Type == "int" {
|
|
||||||
if (i == 0 || i == 2) && funct == "fcntl" {
|
|
||||||
// These fcntl arguments needs to be uintptr to be able to call FcntlInt and FcntlFlock
|
|
||||||
cIn = append(cIn, "uintptr_t")
|
|
||||||
} else {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
}
|
|
||||||
|
|
||||||
} else if p.Type == "int32" {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
} else if p.Type == "int64" {
|
|
||||||
cIn = append(cIn, "long long")
|
|
||||||
} else if p.Type == "uint32" {
|
|
||||||
cIn = append(cIn, "unsigned int")
|
|
||||||
} else if p.Type == "uint64" {
|
|
||||||
cIn = append(cIn, "unsigned long long")
|
|
||||||
} else {
|
|
||||||
cIn = append(cIn, "int")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if !onlyCommon {
|
|
||||||
// GCCGO Prototype Generation
|
|
||||||
// Imports of system calls from libc
|
|
||||||
if sysname == "select" {
|
|
||||||
// select is a keyword of Go. Its name is
|
|
||||||
// changed to c_select.
|
|
||||||
cExtern += "#define c_select select\n"
|
|
||||||
}
|
|
||||||
cExtern += fmt.Sprintf("%s %s", cRettype, sysname)
|
|
||||||
cIn := strings.Join(cIn, ", ")
|
|
||||||
cExtern += fmt.Sprintf("(%s);\n", cIn)
|
|
||||||
}
|
|
||||||
// GC Library name
|
|
||||||
if modname == "" {
|
|
||||||
modname = "libc.a/shr_64.o"
|
|
||||||
} else {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s: only syscall using libc are available\n", funct)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
sysvarname := fmt.Sprintf("libc_%s", sysname)
|
|
||||||
|
|
||||||
if !onlyCommon {
|
|
||||||
// GC Runtime import of function to allow cross-platform builds.
|
|
||||||
dynimports += fmt.Sprintf("//go:cgo_import_dynamic %s %s \"%s\"\n", sysvarname, sysname, modname)
|
|
||||||
// GC Link symbol to proc address variable.
|
|
||||||
linknames += fmt.Sprintf("//go:linkname %s %s\n", sysvarname, sysvarname)
|
|
||||||
// GC Library proc address variable.
|
|
||||||
vars = append(vars, sysvarname)
|
|
||||||
}
|
|
||||||
|
|
||||||
strconvfunc := "BytePtrFromString"
|
|
||||||
strconvtype := "*byte"
|
|
||||||
|
|
||||||
// Go function header.
|
|
||||||
if outps != "" {
|
|
||||||
outps = fmt.Sprintf(" (%s)", outps)
|
|
||||||
}
|
|
||||||
if textcommon != "" {
|
|
||||||
textcommon += "\n"
|
|
||||||
}
|
|
||||||
|
|
||||||
textcommon += fmt.Sprintf("func %s(%s)%s {\n", funct, strings.Join(in, ", "), outps)
|
|
||||||
|
|
||||||
// Prepare arguments tocall.
|
|
||||||
var argscommon []string // Arguments in the common part
|
|
||||||
var argscall []string // Arguments for call prototype
|
|
||||||
var argsgc []string // Arguments for gc call (with syscall6)
|
|
||||||
var argsgccgo []string // Arguments for gccgo call (with C.name_of_syscall)
|
|
||||||
n := 0
|
|
||||||
argN := 0
|
|
||||||
for _, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(unsafe.Pointer(%s))", p.Name))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uintptr", p.Name))
|
|
||||||
argsgc = append(argsgc, p.Name)
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else if p.Type == "string" && errvar != "" {
|
|
||||||
textcommon += fmt.Sprintf("\tvar _p%d %s\n", n, strconvtype)
|
|
||||||
textcommon += fmt.Sprintf("\t_p%d, %s = %s(%s)\n", n, errvar, strconvfunc, p.Name)
|
|
||||||
textcommon += fmt.Sprintf("\tif %s != nil {\n\t\treturn\n\t}\n", errvar)
|
|
||||||
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("_p%d uintptr ", n))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("_p%d", n))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses string arguments, but has no error return\n")
|
|
||||||
textcommon += fmt.Sprintf("\tvar _p%d %s\n", n, strconvtype)
|
|
||||||
textcommon += fmt.Sprintf("\t_p%d, %s = %s(%s)\n", n, errvar, strconvfunc, p.Name)
|
|
||||||
textcommon += fmt.Sprintf("\tif %s != nil {\n\t\treturn\n\t}\n", errvar)
|
|
||||||
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("_p%d uintptr", n))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("_p%d", n))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else if m := regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type); m != nil {
|
|
||||||
// Convert slice into pointer, length.
|
|
||||||
// Have to be careful not to take address of &a[0] if len == 0:
|
|
||||||
// pass nil in that case.
|
|
||||||
textcommon += fmt.Sprintf("\tvar _p%d *%s\n", n, m[1])
|
|
||||||
textcommon += fmt.Sprintf("\tif len(%s) > 0 {\n\t\t_p%d = &%s[0]\n\t}\n", p.Name, n, p.Name)
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n), fmt.Sprintf("len(%s)", p.Name))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("_p%d uintptr", n), fmt.Sprintf("_lenp%d int", n))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("_p%d", n), fmt.Sprintf("uintptr(_lenp%d)", n))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(_p%d)", n), fmt.Sprintf("C.size_t(_lenp%d)", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "int64" && endianness != "" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses int64 with 32 bits mode. Case not yet implemented\n")
|
|
||||||
} else if p.Type == "bool" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses bool. Case not yet implemented\n")
|
|
||||||
} else if regexp.MustCompile(`^_`).FindStringSubmatch(p.Type) != nil || p.Type == "unsafe.Pointer" {
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uintptr", p.Name))
|
|
||||||
argsgc = append(argsgc, p.Name)
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else if p.Type == "int" {
|
|
||||||
if (argN == 0 || argN == 2) && ((funct == "fcntl") || (funct == "FcntlInt") || (funct == "FcntlFlock")) {
|
|
||||||
// These fcntl arguments need to be uintptr to be able to call FcntlInt and FcntlFlock
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uintptr", p.Name))
|
|
||||||
argsgc = append(argsgc, p.Name)
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
|
|
||||||
} else {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s int", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
}
|
|
||||||
} else if p.Type == "int32" {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s int32", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
} else if p.Type == "int64" {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s int64", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.longlong(%s)", p.Name))
|
|
||||||
} else if p.Type == "uint32" {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uint32", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uint(%s)", p.Name))
|
|
||||||
} else if p.Type == "uint64" {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uint64", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.ulonglong(%s)", p.Name))
|
|
||||||
} else if p.Type == "uintptr" {
|
|
||||||
argscommon = append(argscommon, p.Name)
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s uintptr", p.Name))
|
|
||||||
argsgc = append(argsgc, p.Name)
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.uintptr_t(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
argscommon = append(argscommon, fmt.Sprintf("int(%s)", p.Name))
|
|
||||||
argscall = append(argscall, fmt.Sprintf("%s int", p.Name))
|
|
||||||
argsgc = append(argsgc, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
argsgccgo = append(argsgccgo, fmt.Sprintf("C.int(%s)", p.Name))
|
|
||||||
}
|
|
||||||
argN++
|
|
||||||
}
|
|
||||||
nargs := len(argsgc)
|
|
||||||
|
|
||||||
// COMMON function generation
|
|
||||||
argscommonlist := strings.Join(argscommon, ", ")
|
|
||||||
callcommon := fmt.Sprintf("call%s(%s)", sysname, argscommonlist)
|
|
||||||
ret := []string{"_", "_"}
|
|
||||||
body := ""
|
|
||||||
doErrno := false
|
|
||||||
for i := 0; i < len(out); i++ {
|
|
||||||
p := parseParam(out[i])
|
|
||||||
reg := ""
|
|
||||||
if p.Name == "err" {
|
|
||||||
reg = "e1"
|
|
||||||
ret[1] = reg
|
|
||||||
doErrno = true
|
|
||||||
} else {
|
|
||||||
reg = "r0"
|
|
||||||
ret[0] = reg
|
|
||||||
}
|
|
||||||
if p.Type == "bool" {
|
|
||||||
reg = fmt.Sprintf("%s != 0", reg)
|
|
||||||
}
|
|
||||||
if reg != "e1" {
|
|
||||||
body += fmt.Sprintf("\t%s = %s(%s)\n", p.Name, p.Type, reg)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ret[0] == "_" && ret[1] == "_" {
|
|
||||||
textcommon += fmt.Sprintf("\t%s\n", callcommon)
|
|
||||||
} else {
|
|
||||||
textcommon += fmt.Sprintf("\t%s, %s := %s\n", ret[0], ret[1], callcommon)
|
|
||||||
}
|
|
||||||
textcommon += body
|
|
||||||
|
|
||||||
if doErrno {
|
|
||||||
textcommon += "\tif e1 != 0 {\n"
|
|
||||||
textcommon += "\t\terr = errnoErr(e1)\n"
|
|
||||||
textcommon += "\t}\n"
|
|
||||||
}
|
|
||||||
textcommon += "\treturn\n"
|
|
||||||
textcommon += "}\n"
|
|
||||||
|
|
||||||
if onlyCommon {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// CALL Prototype
|
|
||||||
callProto := fmt.Sprintf("func call%s(%s) (r1 uintptr, e1 Errno) {\n", sysname, strings.Join(argscall, ", "))
|
|
||||||
|
|
||||||
// GC function generation
|
|
||||||
asm := "syscall6"
|
|
||||||
if nonblock != nil {
|
|
||||||
asm = "rawSyscall6"
|
|
||||||
}
|
|
||||||
|
|
||||||
if len(argsgc) <= 6 {
|
|
||||||
for len(argsgc) < 6 {
|
|
||||||
argsgc = append(argsgc, "0")
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s: too many arguments to system call", funct)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
argsgclist := strings.Join(argsgc, ", ")
|
|
||||||
callgc := fmt.Sprintf("%s(uintptr(unsafe.Pointer(&%s)), %d, %s)", asm, sysvarname, nargs, argsgclist)
|
|
||||||
|
|
||||||
textgc += callProto
|
|
||||||
textgc += fmt.Sprintf("\tr1, _, e1 = %s\n", callgc)
|
|
||||||
textgc += "\treturn\n}\n"
|
|
||||||
|
|
||||||
// GCCGO function generation
|
|
||||||
argsgccgolist := strings.Join(argsgccgo, ", ")
|
|
||||||
var callgccgo string
|
|
||||||
if sysname == "select" {
|
|
||||||
// select is a keyword of Go. Its name is
|
|
||||||
// changed to c_select.
|
|
||||||
callgccgo = fmt.Sprintf("C.c_%s(%s)", sysname, argsgccgolist)
|
|
||||||
} else {
|
|
||||||
callgccgo = fmt.Sprintf("C.%s(%s)", sysname, argsgccgolist)
|
|
||||||
}
|
|
||||||
textgccgo += callProto
|
|
||||||
textgccgo += fmt.Sprintf("\tr1 = uintptr(%s)\n", callgccgo)
|
|
||||||
textgccgo += "\te1 = syscall.GetErrno()\n"
|
|
||||||
textgccgo += "\treturn\n}\n"
|
|
||||||
}
|
|
||||||
if err := s.Err(); err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
imp := ""
|
|
||||||
if pack != "unix" {
|
|
||||||
imp = "import \"golang.org/x/sys/unix\"\n"
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
// Print zsyscall_aix_ppc64.go
|
|
||||||
err := ioutil.WriteFile("zsyscall_aix_ppc64.go",
|
|
||||||
[]byte(fmt.Sprintf(srcTemplate1, cmdLine(), buildTags(), pack, imp, textcommon)),
|
|
||||||
0644)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Print zsyscall_aix_ppc64_gc.go
|
|
||||||
vardecls := "\t" + strings.Join(vars, ",\n\t")
|
|
||||||
vardecls += " syscallFunc"
|
|
||||||
err = ioutil.WriteFile("zsyscall_aix_ppc64_gc.go",
|
|
||||||
[]byte(fmt.Sprintf(srcTemplate2, cmdLine(), buildTags(), pack, imp, dynimports, linknames, vardecls, textgc)),
|
|
||||||
0644)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Print zsyscall_aix_ppc64_gccgo.go
|
|
||||||
err = ioutil.WriteFile("zsyscall_aix_ppc64_gccgo.go",
|
|
||||||
[]byte(fmt.Sprintf(srcTemplate3, cmdLine(), buildTags(), pack, cExtern, imp, textgccgo)),
|
|
||||||
0644)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
const srcTemplate1 = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package %s
|
|
||||||
|
|
||||||
import (
|
|
||||||
"unsafe"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
%s
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
||||||
const srcTemplate2 = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
// +build !gccgo
|
|
||||||
|
|
||||||
package %s
|
|
||||||
|
|
||||||
import (
|
|
||||||
"unsafe"
|
|
||||||
)
|
|
||||||
%s
|
|
||||||
%s
|
|
||||||
%s
|
|
||||||
type syscallFunc uintptr
|
|
||||||
|
|
||||||
var (
|
|
||||||
%s
|
|
||||||
)
|
|
||||||
|
|
||||||
// Implemented in runtime/syscall_aix.go.
|
|
||||||
func rawSyscall6(trap, nargs, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
|
|
||||||
func syscall6(trap, nargs, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
||||||
const srcTemplate3 = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
// +build gccgo
|
|
||||||
|
|
||||||
package %s
|
|
||||||
|
|
||||||
%s
|
|
||||||
*/
|
|
||||||
import "C"
|
|
||||||
import (
|
|
||||||
"syscall"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
%s
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
335
vendor/golang.org/x/sys/unix/mksyscall_solaris.go
generated
vendored
335
vendor/golang.org/x/sys/unix/mksyscall_solaris.go
generated
vendored
@ -1,335 +0,0 @@
|
|||||||
// Copyright 2019 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
/*
|
|
||||||
This program reads a file containing function prototypes
|
|
||||||
(like syscall_solaris.go) and generates system call bodies.
|
|
||||||
The prototypes are marked by lines beginning with "//sys"
|
|
||||||
and read like func declarations if //sys is replaced by func, but:
|
|
||||||
* The parameter lists must give a name for each argument.
|
|
||||||
This includes return parameters.
|
|
||||||
* The parameter lists must give a type for each argument:
|
|
||||||
the (x, y, z int) shorthand is not allowed.
|
|
||||||
* If the return parameter is an error number, it must be named err.
|
|
||||||
* If go func name needs to be different than its libc name,
|
|
||||||
* or the function is not in libc, name could be specified
|
|
||||||
* at the end, after "=" sign, like
|
|
||||||
//sys getsockopt(s int, level int, name int, val uintptr, vallen *_Socklen) (err error) = libsocket.getsockopt
|
|
||||||
*/
|
|
||||||
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"flag"
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
b32 = flag.Bool("b32", false, "32bit big-endian")
|
|
||||||
l32 = flag.Bool("l32", false, "32bit little-endian")
|
|
||||||
tags = flag.String("tags", "", "build tags")
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksyscall_solaris.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags
|
|
||||||
func buildTags() string {
|
|
||||||
return *tags
|
|
||||||
}
|
|
||||||
|
|
||||||
// Param is function parameter
|
|
||||||
type Param struct {
|
|
||||||
Name string
|
|
||||||
Type string
|
|
||||||
}
|
|
||||||
|
|
||||||
// usage prints the program usage
|
|
||||||
func usage() {
|
|
||||||
fmt.Fprintf(os.Stderr, "usage: go run mksyscall_solaris.go [-b32 | -l32] [-tags x,y] [file ...]\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParamList parses parameter list and returns a slice of parameters
|
|
||||||
func parseParamList(list string) []string {
|
|
||||||
list = strings.TrimSpace(list)
|
|
||||||
if list == "" {
|
|
||||||
return []string{}
|
|
||||||
}
|
|
||||||
return regexp.MustCompile(`\s*,\s*`).Split(list, -1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// parseParam splits a parameter into name and type
|
|
||||||
func parseParam(p string) Param {
|
|
||||||
ps := regexp.MustCompile(`^(\S*) (\S*)$`).FindStringSubmatch(p)
|
|
||||||
if ps == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "malformed parameter: %s\n", p)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
return Param{ps[1], ps[2]}
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
flag.Usage = usage
|
|
||||||
flag.Parse()
|
|
||||||
if len(flag.Args()) <= 0 {
|
|
||||||
fmt.Fprintf(os.Stderr, "no files to parse provided\n")
|
|
||||||
usage()
|
|
||||||
}
|
|
||||||
|
|
||||||
endianness := ""
|
|
||||||
if *b32 {
|
|
||||||
endianness = "big-endian"
|
|
||||||
} else if *l32 {
|
|
||||||
endianness = "little-endian"
|
|
||||||
}
|
|
||||||
|
|
||||||
pack := ""
|
|
||||||
text := ""
|
|
||||||
dynimports := ""
|
|
||||||
linknames := ""
|
|
||||||
var vars []string
|
|
||||||
for _, path := range flag.Args() {
|
|
||||||
file, err := os.Open(path)
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
s := bufio.NewScanner(file)
|
|
||||||
for s.Scan() {
|
|
||||||
t := s.Text()
|
|
||||||
t = strings.TrimSpace(t)
|
|
||||||
t = regexp.MustCompile(`\s+`).ReplaceAllString(t, ` `)
|
|
||||||
if p := regexp.MustCompile(`^package (\S+)$`).FindStringSubmatch(t); p != nil && pack == "" {
|
|
||||||
pack = p[1]
|
|
||||||
}
|
|
||||||
nonblock := regexp.MustCompile(`^\/\/sysnb `).FindStringSubmatch(t)
|
|
||||||
if regexp.MustCompile(`^\/\/sys `).FindStringSubmatch(t) == nil && nonblock == nil {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Line must be of the form
|
|
||||||
// func Open(path string, mode int, perm int) (fd int, err error)
|
|
||||||
// Split into name, in params, out params.
|
|
||||||
f := regexp.MustCompile(`^\/\/sys(nb)? (\w+)\(([^()]*)\)\s*(?:\(([^()]+)\))?\s*(?:=\s*(?:(\w*)\.)?(\w*))?$`).FindStringSubmatch(t)
|
|
||||||
if f == nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s:%s\nmalformed //sys declaration\n", path, t)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
funct, inps, outps, modname, sysname := f[2], f[3], f[4], f[5], f[6]
|
|
||||||
|
|
||||||
// Split argument lists on comma.
|
|
||||||
in := parseParamList(inps)
|
|
||||||
out := parseParamList(outps)
|
|
||||||
|
|
||||||
inps = strings.Join(in, ", ")
|
|
||||||
outps = strings.Join(out, ", ")
|
|
||||||
|
|
||||||
// Try in vain to keep people from editing this file.
|
|
||||||
// The theory is that they jump into the middle of the file
|
|
||||||
// without reading the header.
|
|
||||||
text += "// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT\n\n"
|
|
||||||
|
|
||||||
// So file name.
|
|
||||||
if modname == "" {
|
|
||||||
modname = "libc"
|
|
||||||
}
|
|
||||||
|
|
||||||
// System call name.
|
|
||||||
if sysname == "" {
|
|
||||||
sysname = funct
|
|
||||||
}
|
|
||||||
|
|
||||||
// System call pointer variable name.
|
|
||||||
sysvarname := fmt.Sprintf("proc%s", sysname)
|
|
||||||
|
|
||||||
strconvfunc := "BytePtrFromString"
|
|
||||||
strconvtype := "*byte"
|
|
||||||
|
|
||||||
sysname = strings.ToLower(sysname) // All libc functions are lowercase.
|
|
||||||
|
|
||||||
// Runtime import of function to allow cross-platform builds.
|
|
||||||
dynimports += fmt.Sprintf("//go:cgo_import_dynamic libc_%s %s \"%s.so\"\n", sysname, sysname, modname)
|
|
||||||
// Link symbol to proc address variable.
|
|
||||||
linknames += fmt.Sprintf("//go:linkname %s libc_%s\n", sysvarname, sysname)
|
|
||||||
// Library proc address variable.
|
|
||||||
vars = append(vars, sysvarname)
|
|
||||||
|
|
||||||
// Go function header.
|
|
||||||
outlist := strings.Join(out, ", ")
|
|
||||||
if outlist != "" {
|
|
||||||
outlist = fmt.Sprintf(" (%s)", outlist)
|
|
||||||
}
|
|
||||||
if text != "" {
|
|
||||||
text += "\n"
|
|
||||||
}
|
|
||||||
text += fmt.Sprintf("func %s(%s)%s {\n", funct, strings.Join(in, ", "), outlist)
|
|
||||||
|
|
||||||
// Check if err return available
|
|
||||||
errvar := ""
|
|
||||||
for _, param := range out {
|
|
||||||
p := parseParam(param)
|
|
||||||
if p.Type == "error" {
|
|
||||||
errvar = p.Name
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Prepare arguments to Syscall.
|
|
||||||
var args []string
|
|
||||||
n := 0
|
|
||||||
for _, param := range in {
|
|
||||||
p := parseParam(param)
|
|
||||||
if regexp.MustCompile(`^\*`).FindStringSubmatch(p.Type) != nil {
|
|
||||||
args = append(args, "uintptr(unsafe.Pointer("+p.Name+"))")
|
|
||||||
} else if p.Type == "string" && errvar != "" {
|
|
||||||
text += fmt.Sprintf("\tvar _p%d %s\n", n, strconvtype)
|
|
||||||
text += fmt.Sprintf("\t_p%d, %s = %s(%s)\n", n, errvar, strconvfunc, p.Name)
|
|
||||||
text += fmt.Sprintf("\tif %s != nil {\n\t\treturn\n\t}\n", errvar)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "string" {
|
|
||||||
fmt.Fprintf(os.Stderr, path+":"+funct+" uses string arguments, but has no error return\n")
|
|
||||||
text += fmt.Sprintf("\tvar _p%d %s\n", n, strconvtype)
|
|
||||||
text += fmt.Sprintf("\t_p%d, _ = %s(%s)\n", n, strconvfunc, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n))
|
|
||||||
n++
|
|
||||||
} else if s := regexp.MustCompile(`^\[\](.*)`).FindStringSubmatch(p.Type); s != nil {
|
|
||||||
// Convert slice into pointer, length.
|
|
||||||
// Have to be careful not to take address of &a[0] if len == 0:
|
|
||||||
// pass nil in that case.
|
|
||||||
text += fmt.Sprintf("\tvar _p%d *%s\n", n, s[1])
|
|
||||||
text += fmt.Sprintf("\tif len(%s) > 0 {\n\t\t_p%d = &%s[0]\n\t}\n", p.Name, n, p.Name)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(unsafe.Pointer(_p%d))", n), fmt.Sprintf("uintptr(len(%s))", p.Name))
|
|
||||||
n++
|
|
||||||
} else if p.Type == "int64" && endianness != "" {
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s>>32)", p.Name), fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name), fmt.Sprintf("uintptr(%s>>32)", p.Name))
|
|
||||||
}
|
|
||||||
} else if p.Type == "bool" {
|
|
||||||
text += fmt.Sprintf("\tvar _p%d uint32\n", n)
|
|
||||||
text += fmt.Sprintf("\tif %s {\n\t\t_p%d = 1\n\t} else {\n\t\t_p%d = 0\n\t}\n", p.Name, n, n)
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(_p%d)", n))
|
|
||||||
n++
|
|
||||||
} else {
|
|
||||||
args = append(args, fmt.Sprintf("uintptr(%s)", p.Name))
|
|
||||||
}
|
|
||||||
}
|
|
||||||
nargs := len(args)
|
|
||||||
|
|
||||||
// Determine which form to use; pad args with zeros.
|
|
||||||
asm := "sysvicall6"
|
|
||||||
if nonblock != nil {
|
|
||||||
asm = "rawSysvicall6"
|
|
||||||
}
|
|
||||||
if len(args) <= 6 {
|
|
||||||
for len(args) < 6 {
|
|
||||||
args = append(args, "0")
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s: too many arguments to system call\n", path)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// Actual call.
|
|
||||||
arglist := strings.Join(args, ", ")
|
|
||||||
call := fmt.Sprintf("%s(uintptr(unsafe.Pointer(&%s)), %d, %s)", asm, sysvarname, nargs, arglist)
|
|
||||||
|
|
||||||
// Assign return values.
|
|
||||||
body := ""
|
|
||||||
ret := []string{"_", "_", "_"}
|
|
||||||
doErrno := false
|
|
||||||
for i := 0; i < len(out); i++ {
|
|
||||||
p := parseParam(out[i])
|
|
||||||
reg := ""
|
|
||||||
if p.Name == "err" {
|
|
||||||
reg = "e1"
|
|
||||||
ret[2] = reg
|
|
||||||
doErrno = true
|
|
||||||
} else {
|
|
||||||
reg = fmt.Sprintf("r%d", i)
|
|
||||||
ret[i] = reg
|
|
||||||
}
|
|
||||||
if p.Type == "bool" {
|
|
||||||
reg = fmt.Sprintf("%d != 0", reg)
|
|
||||||
}
|
|
||||||
if p.Type == "int64" && endianness != "" {
|
|
||||||
// 64-bit number in r1:r0 or r0:r1.
|
|
||||||
if i+2 > len(out) {
|
|
||||||
fmt.Fprintf(os.Stderr, "%s: not enough registers for int64 return\n", path)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
if endianness == "big-endian" {
|
|
||||||
reg = fmt.Sprintf("int64(r%d)<<32 | int64(r%d)", i, i+1)
|
|
||||||
} else {
|
|
||||||
reg = fmt.Sprintf("int64(r%d)<<32 | int64(r%d)", i+1, i)
|
|
||||||
}
|
|
||||||
ret[i] = fmt.Sprintf("r%d", i)
|
|
||||||
ret[i+1] = fmt.Sprintf("r%d", i+1)
|
|
||||||
}
|
|
||||||
if reg != "e1" {
|
|
||||||
body += fmt.Sprintf("\t%s = %s(%s)\n", p.Name, p.Type, reg)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ret[0] == "_" && ret[1] == "_" && ret[2] == "_" {
|
|
||||||
text += fmt.Sprintf("\t%s\n", call)
|
|
||||||
} else {
|
|
||||||
text += fmt.Sprintf("\t%s, %s, %s := %s\n", ret[0], ret[1], ret[2], call)
|
|
||||||
}
|
|
||||||
text += body
|
|
||||||
|
|
||||||
if doErrno {
|
|
||||||
text += "\tif e1 != 0 {\n"
|
|
||||||
text += "\t\terr = e1\n"
|
|
||||||
text += "\t}\n"
|
|
||||||
}
|
|
||||||
text += "\treturn\n"
|
|
||||||
text += "}\n"
|
|
||||||
}
|
|
||||||
if err := s.Err(); err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, err.Error())
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
imp := ""
|
|
||||||
if pack != "unix" {
|
|
||||||
imp = "import \"golang.org/x/sys/unix\"\n"
|
|
||||||
|
|
||||||
}
|
|
||||||
vardecls := "\t" + strings.Join(vars, ",\n\t")
|
|
||||||
vardecls += " syscallFunc"
|
|
||||||
fmt.Printf(srcTemplate, cmdLine(), buildTags(), pack, imp, dynimports, linknames, vardecls, text)
|
|
||||||
}
|
|
||||||
|
|
||||||
const srcTemplate = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package %s
|
|
||||||
|
|
||||||
import (
|
|
||||||
"syscall"
|
|
||||||
"unsafe"
|
|
||||||
)
|
|
||||||
%s
|
|
||||||
%s
|
|
||||||
%s
|
|
||||||
var (
|
|
||||||
%s
|
|
||||||
)
|
|
||||||
|
|
||||||
%s
|
|
||||||
`
|
|
355
vendor/golang.org/x/sys/unix/mksysctl_openbsd.go
generated
vendored
355
vendor/golang.org/x/sys/unix/mksysctl_openbsd.go
generated
vendored
@ -1,355 +0,0 @@
|
|||||||
// Copyright 2019 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
// Parse the header files for OpenBSD and generate a Go usable sysctl MIB.
|
|
||||||
//
|
|
||||||
// Build a MIB with each entry being an array containing the level, type and
|
|
||||||
// a hash that will contain additional entries if the current entry is a node.
|
|
||||||
// We then walk this MIB and create a flattened sysctl name to OID hash.
|
|
||||||
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"fmt"
|
|
||||||
"os"
|
|
||||||
"path/filepath"
|
|
||||||
"regexp"
|
|
||||||
"sort"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
goos, goarch string
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments.
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksysctl_openbsd.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags.
|
|
||||||
func buildTags() string {
|
|
||||||
return fmt.Sprintf("%s,%s", goarch, goos)
|
|
||||||
}
|
|
||||||
|
|
||||||
// reMatch performs regular expression match and stores the substring slice to value pointed by m.
|
|
||||||
func reMatch(re *regexp.Regexp, str string, m *[]string) bool {
|
|
||||||
*m = re.FindStringSubmatch(str)
|
|
||||||
if *m != nil {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
type nodeElement struct {
|
|
||||||
n int
|
|
||||||
t string
|
|
||||||
pE *map[string]nodeElement
|
|
||||||
}
|
|
||||||
|
|
||||||
var (
|
|
||||||
debugEnabled bool
|
|
||||||
mib map[string]nodeElement
|
|
||||||
node *map[string]nodeElement
|
|
||||||
nodeMap map[string]string
|
|
||||||
sysCtl []string
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
ctlNames1RE = regexp.MustCompile(`^#define\s+(CTL_NAMES)\s+{`)
|
|
||||||
ctlNames2RE = regexp.MustCompile(`^#define\s+(CTL_(.*)_NAMES)\s+{`)
|
|
||||||
ctlNames3RE = regexp.MustCompile(`^#define\s+((.*)CTL_NAMES)\s+{`)
|
|
||||||
netInetRE = regexp.MustCompile(`^netinet/`)
|
|
||||||
netInet6RE = regexp.MustCompile(`^netinet6/`)
|
|
||||||
netRE = regexp.MustCompile(`^net/`)
|
|
||||||
bracesRE = regexp.MustCompile(`{.*}`)
|
|
||||||
ctlTypeRE = regexp.MustCompile(`{\s+"(\w+)",\s+(CTLTYPE_[A-Z]+)\s+}`)
|
|
||||||
fsNetKernRE = regexp.MustCompile(`^(fs|net|kern)_`)
|
|
||||||
)
|
|
||||||
|
|
||||||
func debug(s string) {
|
|
||||||
if debugEnabled {
|
|
||||||
fmt.Fprintln(os.Stderr, s)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Walk the MIB and build a sysctl name to OID mapping.
|
|
||||||
func buildSysctl(pNode *map[string]nodeElement, name string, oid []int) {
|
|
||||||
lNode := pNode // local copy of pointer to node
|
|
||||||
var keys []string
|
|
||||||
for k := range *lNode {
|
|
||||||
keys = append(keys, k)
|
|
||||||
}
|
|
||||||
sort.Strings(keys)
|
|
||||||
|
|
||||||
for _, key := range keys {
|
|
||||||
nodename := name
|
|
||||||
if name != "" {
|
|
||||||
nodename += "."
|
|
||||||
}
|
|
||||||
nodename += key
|
|
||||||
|
|
||||||
nodeoid := append(oid, (*pNode)[key].n)
|
|
||||||
|
|
||||||
if (*pNode)[key].t == `CTLTYPE_NODE` {
|
|
||||||
if _, ok := nodeMap[nodename]; ok {
|
|
||||||
lNode = &mib
|
|
||||||
ctlName := nodeMap[nodename]
|
|
||||||
for _, part := range strings.Split(ctlName, ".") {
|
|
||||||
lNode = ((*lNode)[part]).pE
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
lNode = (*pNode)[key].pE
|
|
||||||
}
|
|
||||||
buildSysctl(lNode, nodename, nodeoid)
|
|
||||||
} else if (*pNode)[key].t != "" {
|
|
||||||
oidStr := []string{}
|
|
||||||
for j := range nodeoid {
|
|
||||||
oidStr = append(oidStr, fmt.Sprintf("%d", nodeoid[j]))
|
|
||||||
}
|
|
||||||
text := "\t{ \"" + nodename + "\", []_C_int{ " + strings.Join(oidStr, ", ") + " } }, \n"
|
|
||||||
sysCtl = append(sysCtl, text)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
// Get the OS (using GOOS_TARGET if it exist)
|
|
||||||
goos = os.Getenv("GOOS_TARGET")
|
|
||||||
if goos == "" {
|
|
||||||
goos = os.Getenv("GOOS")
|
|
||||||
}
|
|
||||||
// Get the architecture (using GOARCH_TARGET if it exists)
|
|
||||||
goarch = os.Getenv("GOARCH_TARGET")
|
|
||||||
if goarch == "" {
|
|
||||||
goarch = os.Getenv("GOARCH")
|
|
||||||
}
|
|
||||||
// Check if GOOS and GOARCH environment variables are defined
|
|
||||||
if goarch == "" || goos == "" {
|
|
||||||
fmt.Fprintf(os.Stderr, "GOARCH or GOOS not defined in environment\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
mib = make(map[string]nodeElement)
|
|
||||||
headers := [...]string{
|
|
||||||
`sys/sysctl.h`,
|
|
||||||
`sys/socket.h`,
|
|
||||||
`sys/tty.h`,
|
|
||||||
`sys/malloc.h`,
|
|
||||||
`sys/mount.h`,
|
|
||||||
`sys/namei.h`,
|
|
||||||
`sys/sem.h`,
|
|
||||||
`sys/shm.h`,
|
|
||||||
`sys/vmmeter.h`,
|
|
||||||
`uvm/uvmexp.h`,
|
|
||||||
`uvm/uvm_param.h`,
|
|
||||||
`uvm/uvm_swap_encrypt.h`,
|
|
||||||
`ddb/db_var.h`,
|
|
||||||
`net/if.h`,
|
|
||||||
`net/if_pfsync.h`,
|
|
||||||
`net/pipex.h`,
|
|
||||||
`netinet/in.h`,
|
|
||||||
`netinet/icmp_var.h`,
|
|
||||||
`netinet/igmp_var.h`,
|
|
||||||
`netinet/ip_ah.h`,
|
|
||||||
`netinet/ip_carp.h`,
|
|
||||||
`netinet/ip_divert.h`,
|
|
||||||
`netinet/ip_esp.h`,
|
|
||||||
`netinet/ip_ether.h`,
|
|
||||||
`netinet/ip_gre.h`,
|
|
||||||
`netinet/ip_ipcomp.h`,
|
|
||||||
`netinet/ip_ipip.h`,
|
|
||||||
`netinet/pim_var.h`,
|
|
||||||
`netinet/tcp_var.h`,
|
|
||||||
`netinet/udp_var.h`,
|
|
||||||
`netinet6/in6.h`,
|
|
||||||
`netinet6/ip6_divert.h`,
|
|
||||||
`netinet6/pim6_var.h`,
|
|
||||||
`netinet/icmp6.h`,
|
|
||||||
`netmpls/mpls.h`,
|
|
||||||
}
|
|
||||||
|
|
||||||
ctls := [...]string{
|
|
||||||
`kern`,
|
|
||||||
`vm`,
|
|
||||||
`fs`,
|
|
||||||
`net`,
|
|
||||||
//debug /* Special handling required */
|
|
||||||
`hw`,
|
|
||||||
//machdep /* Arch specific */
|
|
||||||
`user`,
|
|
||||||
`ddb`,
|
|
||||||
//vfs /* Special handling required */
|
|
||||||
`fs.posix`,
|
|
||||||
`kern.forkstat`,
|
|
||||||
`kern.intrcnt`,
|
|
||||||
`kern.malloc`,
|
|
||||||
`kern.nchstats`,
|
|
||||||
`kern.seminfo`,
|
|
||||||
`kern.shminfo`,
|
|
||||||
`kern.timecounter`,
|
|
||||||
`kern.tty`,
|
|
||||||
`kern.watchdog`,
|
|
||||||
`net.bpf`,
|
|
||||||
`net.ifq`,
|
|
||||||
`net.inet`,
|
|
||||||
`net.inet.ah`,
|
|
||||||
`net.inet.carp`,
|
|
||||||
`net.inet.divert`,
|
|
||||||
`net.inet.esp`,
|
|
||||||
`net.inet.etherip`,
|
|
||||||
`net.inet.gre`,
|
|
||||||
`net.inet.icmp`,
|
|
||||||
`net.inet.igmp`,
|
|
||||||
`net.inet.ip`,
|
|
||||||
`net.inet.ip.ifq`,
|
|
||||||
`net.inet.ipcomp`,
|
|
||||||
`net.inet.ipip`,
|
|
||||||
`net.inet.mobileip`,
|
|
||||||
`net.inet.pfsync`,
|
|
||||||
`net.inet.pim`,
|
|
||||||
`net.inet.tcp`,
|
|
||||||
`net.inet.udp`,
|
|
||||||
`net.inet6`,
|
|
||||||
`net.inet6.divert`,
|
|
||||||
`net.inet6.ip6`,
|
|
||||||
`net.inet6.icmp6`,
|
|
||||||
`net.inet6.pim6`,
|
|
||||||
`net.inet6.tcp6`,
|
|
||||||
`net.inet6.udp6`,
|
|
||||||
`net.mpls`,
|
|
||||||
`net.mpls.ifq`,
|
|
||||||
`net.key`,
|
|
||||||
`net.pflow`,
|
|
||||||
`net.pfsync`,
|
|
||||||
`net.pipex`,
|
|
||||||
`net.rt`,
|
|
||||||
`vm.swapencrypt`,
|
|
||||||
//vfsgenctl /* Special handling required */
|
|
||||||
}
|
|
||||||
|
|
||||||
// Node name "fixups"
|
|
||||||
ctlMap := map[string]string{
|
|
||||||
"ipproto": "net.inet",
|
|
||||||
"net.inet.ipproto": "net.inet",
|
|
||||||
"net.inet6.ipv6proto": "net.inet6",
|
|
||||||
"net.inet6.ipv6": "net.inet6.ip6",
|
|
||||||
"net.inet.icmpv6": "net.inet6.icmp6",
|
|
||||||
"net.inet6.divert6": "net.inet6.divert",
|
|
||||||
"net.inet6.tcp6": "net.inet.tcp",
|
|
||||||
"net.inet6.udp6": "net.inet.udp",
|
|
||||||
"mpls": "net.mpls",
|
|
||||||
"swpenc": "vm.swapencrypt",
|
|
||||||
}
|
|
||||||
|
|
||||||
// Node mappings
|
|
||||||
nodeMap = map[string]string{
|
|
||||||
"net.inet.ip.ifq": "net.ifq",
|
|
||||||
"net.inet.pfsync": "net.pfsync",
|
|
||||||
"net.mpls.ifq": "net.ifq",
|
|
||||||
}
|
|
||||||
|
|
||||||
mCtls := make(map[string]bool)
|
|
||||||
for _, ctl := range ctls {
|
|
||||||
mCtls[ctl] = true
|
|
||||||
}
|
|
||||||
|
|
||||||
for _, header := range headers {
|
|
||||||
debug("Processing " + header)
|
|
||||||
file, err := os.Open(filepath.Join("/usr/include", header))
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%v\n", err)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
s := bufio.NewScanner(file)
|
|
||||||
for s.Scan() {
|
|
||||||
var sub []string
|
|
||||||
if reMatch(ctlNames1RE, s.Text(), &sub) ||
|
|
||||||
reMatch(ctlNames2RE, s.Text(), &sub) ||
|
|
||||||
reMatch(ctlNames3RE, s.Text(), &sub) {
|
|
||||||
if sub[1] == `CTL_NAMES` {
|
|
||||||
// Top level.
|
|
||||||
node = &mib
|
|
||||||
} else {
|
|
||||||
// Node.
|
|
||||||
nodename := strings.ToLower(sub[2])
|
|
||||||
ctlName := ""
|
|
||||||
if reMatch(netInetRE, header, &sub) {
|
|
||||||
ctlName = "net.inet." + nodename
|
|
||||||
} else if reMatch(netInet6RE, header, &sub) {
|
|
||||||
ctlName = "net.inet6." + nodename
|
|
||||||
} else if reMatch(netRE, header, &sub) {
|
|
||||||
ctlName = "net." + nodename
|
|
||||||
} else {
|
|
||||||
ctlName = nodename
|
|
||||||
ctlName = fsNetKernRE.ReplaceAllString(ctlName, `$1.`)
|
|
||||||
}
|
|
||||||
|
|
||||||
if val, ok := ctlMap[ctlName]; ok {
|
|
||||||
ctlName = val
|
|
||||||
}
|
|
||||||
if _, ok := mCtls[ctlName]; !ok {
|
|
||||||
debug("Ignoring " + ctlName + "...")
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
|
|
||||||
// Walk down from the top of the MIB.
|
|
||||||
node = &mib
|
|
||||||
for _, part := range strings.Split(ctlName, ".") {
|
|
||||||
if _, ok := (*node)[part]; !ok {
|
|
||||||
debug("Missing node " + part)
|
|
||||||
(*node)[part] = nodeElement{n: 0, t: "", pE: &map[string]nodeElement{}}
|
|
||||||
}
|
|
||||||
node = (*node)[part].pE
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Populate current node with entries.
|
|
||||||
i := -1
|
|
||||||
for !strings.HasPrefix(s.Text(), "}") {
|
|
||||||
s.Scan()
|
|
||||||
if reMatch(bracesRE, s.Text(), &sub) {
|
|
||||||
i++
|
|
||||||
}
|
|
||||||
if !reMatch(ctlTypeRE, s.Text(), &sub) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
(*node)[sub[1]] = nodeElement{n: i, t: sub[2], pE: &map[string]nodeElement{}}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
err = s.Err()
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%v\n", err)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
file.Close()
|
|
||||||
}
|
|
||||||
buildSysctl(&mib, "", []int{})
|
|
||||||
|
|
||||||
sort.Strings(sysCtl)
|
|
||||||
text := strings.Join(sysCtl, "")
|
|
||||||
|
|
||||||
fmt.Printf(srcTemplate, cmdLine(), buildTags(), text)
|
|
||||||
}
|
|
||||||
|
|
||||||
const srcTemplate = `// %s
|
|
||||||
// Code generated by the command above; DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package unix
|
|
||||||
|
|
||||||
type mibentry struct {
|
|
||||||
ctlname string
|
|
||||||
ctloid []_C_int
|
|
||||||
}
|
|
||||||
|
|
||||||
var sysctlMib = []mibentry {
|
|
||||||
%s
|
|
||||||
}
|
|
||||||
`
|
|
190
vendor/golang.org/x/sys/unix/mksysnum.go
generated
vendored
190
vendor/golang.org/x/sys/unix/mksysnum.go
generated
vendored
@ -1,190 +0,0 @@
|
|||||||
// Copyright 2018 The Go Authors. All rights reserved.
|
|
||||||
// Use of this source code is governed by a BSD-style
|
|
||||||
// license that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
// +build ignore
|
|
||||||
|
|
||||||
// Generate system call table for DragonFly, NetBSD,
|
|
||||||
// FreeBSD, OpenBSD or Darwin from master list
|
|
||||||
// (for example, /usr/src/sys/kern/syscalls.master or
|
|
||||||
// sys/syscall.h).
|
|
||||||
package main
|
|
||||||
|
|
||||||
import (
|
|
||||||
"bufio"
|
|
||||||
"fmt"
|
|
||||||
"io"
|
|
||||||
"io/ioutil"
|
|
||||||
"net/http"
|
|
||||||
"os"
|
|
||||||
"regexp"
|
|
||||||
"strings"
|
|
||||||
)
|
|
||||||
|
|
||||||
var (
|
|
||||||
goos, goarch string
|
|
||||||
)
|
|
||||||
|
|
||||||
// cmdLine returns this programs's commandline arguments
|
|
||||||
func cmdLine() string {
|
|
||||||
return "go run mksysnum.go " + strings.Join(os.Args[1:], " ")
|
|
||||||
}
|
|
||||||
|
|
||||||
// buildTags returns build tags
|
|
||||||
func buildTags() string {
|
|
||||||
return fmt.Sprintf("%s,%s", goarch, goos)
|
|
||||||
}
|
|
||||||
|
|
||||||
func checkErr(err error) {
|
|
||||||
if err != nil {
|
|
||||||
fmt.Fprintf(os.Stderr, "%v\n", err)
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// source string and substring slice for regexp
|
|
||||||
type re struct {
|
|
||||||
str string // source string
|
|
||||||
sub []string // matched sub-string
|
|
||||||
}
|
|
||||||
|
|
||||||
// Match performs regular expression match
|
|
||||||
func (r *re) Match(exp string) bool {
|
|
||||||
r.sub = regexp.MustCompile(exp).FindStringSubmatch(r.str)
|
|
||||||
if r.sub != nil {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
// fetchFile fetches a text file from URL
|
|
||||||
func fetchFile(URL string) io.Reader {
|
|
||||||
resp, err := http.Get(URL)
|
|
||||||
checkErr(err)
|
|
||||||
defer resp.Body.Close()
|
|
||||||
body, err := ioutil.ReadAll(resp.Body)
|
|
||||||
checkErr(err)
|
|
||||||
return strings.NewReader(string(body))
|
|
||||||
}
|
|
||||||
|
|
||||||
// readFile reads a text file from path
|
|
||||||
func readFile(path string) io.Reader {
|
|
||||||
file, err := os.Open(os.Args[1])
|
|
||||||
checkErr(err)
|
|
||||||
return file
|
|
||||||
}
|
|
||||||
|
|
||||||
func format(name, num, proto string) string {
|
|
||||||
name = strings.ToUpper(name)
|
|
||||||
// There are multiple entries for enosys and nosys, so comment them out.
|
|
||||||
nm := re{str: name}
|
|
||||||
if nm.Match(`^SYS_E?NOSYS$`) {
|
|
||||||
name = fmt.Sprintf("// %s", name)
|
|
||||||
}
|
|
||||||
if name == `SYS_SYS_EXIT` {
|
|
||||||
name = `SYS_EXIT`
|
|
||||||
}
|
|
||||||
return fmt.Sprintf(" %s = %s; // %s\n", name, num, proto)
|
|
||||||
}
|
|
||||||
|
|
||||||
func main() {
|
|
||||||
// Get the OS (using GOOS_TARGET if it exist)
|
|
||||||
goos = os.Getenv("GOOS_TARGET")
|
|
||||||
if goos == "" {
|
|
||||||
goos = os.Getenv("GOOS")
|
|
||||||
}
|
|
||||||
// Get the architecture (using GOARCH_TARGET if it exists)
|
|
||||||
goarch = os.Getenv("GOARCH_TARGET")
|
|
||||||
if goarch == "" {
|
|
||||||
goarch = os.Getenv("GOARCH")
|
|
||||||
}
|
|
||||||
// Check if GOOS and GOARCH environment variables are defined
|
|
||||||
if goarch == "" || goos == "" {
|
|
||||||
fmt.Fprintf(os.Stderr, "GOARCH or GOOS not defined in environment\n")
|
|
||||||
os.Exit(1)
|
|
||||||
}
|
|
||||||
|
|
||||||
file := strings.TrimSpace(os.Args[1])
|
|
||||||
var syscalls io.Reader
|
|
||||||
if strings.HasPrefix(file, "https://") || strings.HasPrefix(file, "http://") {
|
|
||||||
// Download syscalls.master file
|
|
||||||
syscalls = fetchFile(file)
|
|
||||||
} else {
|
|
||||||
syscalls = readFile(file)
|
|
||||||
}
|
|
||||||
|
|
||||||
var text, line string
|
|
||||||
s := bufio.NewScanner(syscalls)
|
|
||||||
for s.Scan() {
|
|
||||||
t := re{str: line}
|
|
||||||
if t.Match(`^(.*)\\$`) {
|
|
||||||
// Handle continuation
|
|
||||||
line = t.sub[1]
|
|
||||||
line += strings.TrimLeft(s.Text(), " \t")
|
|
||||||
} else {
|
|
||||||
// New line
|
|
||||||
line = s.Text()
|
|
||||||
}
|
|
||||||
t = re{str: line}
|
|
||||||
if t.Match(`\\$`) {
|
|
||||||
continue
|
|
||||||
}
|
|
||||||
t = re{str: line}
|
|
||||||
|
|
||||||
switch goos {
|
|
||||||
case "dragonfly":
|
|
||||||
if t.Match(`^([0-9]+)\s+STD\s+({ \S+\s+(\w+).*)$`) {
|
|
||||||
num, proto := t.sub[1], t.sub[2]
|
|
||||||
name := fmt.Sprintf("SYS_%s", t.sub[3])
|
|
||||||
text += format(name, num, proto)
|
|
||||||
}
|
|
||||||
case "freebsd":
|
|
||||||
if t.Match(`^([0-9]+)\s+\S+\s+(?:(?:NO)?STD|COMPAT10)\s+({ \S+\s+(\w+).*)$`) {
|
|
||||||
num, proto := t.sub[1], t.sub[2]
|
|
||||||
name := fmt.Sprintf("SYS_%s", t.sub[3])
|
|
||||||
text += format(name, num, proto)
|
|
||||||
}
|
|
||||||
case "openbsd":
|
|
||||||
if t.Match(`^([0-9]+)\s+STD\s+(NOLOCK\s+)?({ \S+\s+\*?(\w+).*)$`) {
|
|
||||||
num, proto, name := t.sub[1], t.sub[3], t.sub[4]
|
|
||||||
text += format(name, num, proto)
|
|
||||||
}
|
|
||||||
case "netbsd":
|
|
||||||
if t.Match(`^([0-9]+)\s+((STD)|(NOERR))\s+(RUMP\s+)?({\s+\S+\s*\*?\s*\|(\S+)\|(\S*)\|(\w+).*\s+})(\s+(\S+))?$`) {
|
|
||||||
num, proto, compat := t.sub[1], t.sub[6], t.sub[8]
|
|
||||||
name := t.sub[7] + "_" + t.sub[9]
|
|
||||||
if t.sub[11] != "" {
|
|
||||||
name = t.sub[7] + "_" + t.sub[11]
|
|
||||||
}
|
|
||||||
name = strings.ToUpper(name)
|
|
||||||
if compat == "" || compat == "13" || compat == "30" || compat == "50" {
|
|
||||||
text += fmt.Sprintf(" %s = %s; // %s\n", name, num, proto)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
case "darwin":
|
|
||||||
if t.Match(`^#define\s+SYS_(\w+)\s+([0-9]+)`) {
|
|
||||||
name, num := t.sub[1], t.sub[2]
|
|
||||||
name = strings.ToUpper(name)
|
|
||||||
text += fmt.Sprintf(" SYS_%s = %s;\n", name, num)
|
|
||||||
}
|
|
||||||
default:
|
|
||||||
fmt.Fprintf(os.Stderr, "unrecognized GOOS=%s\n", goos)
|
|
||||||
os.Exit(1)
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
err := s.Err()
|
|
||||||
checkErr(err)
|
|
||||||
|
|
||||||
fmt.Printf(template, cmdLine(), buildTags(), text)
|
|
||||||
}
|
|
||||||
|
|
||||||
const template = `// %s
|
|
||||||
// Code generated by the command above; see README.md. DO NOT EDIT.
|
|
||||||
|
|
||||||
// +build %s
|
|
||||||
|
|
||||||
package unix
|
|
||||||
|
|
||||||
const(
|
|
||||||
%s)`
|
|
16
vendor/golang.org/x/sys/unix/sockcmsg_dragonfly.go
generated
vendored
Normal file
16
vendor/golang.org/x/sys/unix/sockcmsg_dragonfly.go
generated
vendored
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
// Round the length of a raw sockaddr up to align it properly.
|
||||||
|
func cmsgAlignOf(salen int) int {
|
||||||
|
salign := SizeofPtr
|
||||||
|
if SizeofPtr == 8 && !supportsABI(_dragonflyABIChangeVersion) {
|
||||||
|
// 64-bit Dragonfly before the September 2019 ABI changes still requires
|
||||||
|
// 32-bit aligned access to network subsystem.
|
||||||
|
salign = 4
|
||||||
|
}
|
||||||
|
return (salen + salign - 1) & ^(salign - 1)
|
||||||
|
}
|
2
vendor/golang.org/x/sys/unix/sockcmsg_linux.go
generated
vendored
2
vendor/golang.org/x/sys/unix/sockcmsg_linux.go
generated
vendored
@ -17,7 +17,7 @@ func UnixCredentials(ucred *Ucred) []byte {
|
|||||||
h.Level = SOL_SOCKET
|
h.Level = SOL_SOCKET
|
||||||
h.Type = SCM_CREDENTIALS
|
h.Type = SCM_CREDENTIALS
|
||||||
h.SetLen(CmsgLen(SizeofUcred))
|
h.SetLen(CmsgLen(SizeofUcred))
|
||||||
*((*Ucred)(cmsgData(h))) = *ucred
|
*(*Ucred)(h.data(0)) = *ucred
|
||||||
return b
|
return b
|
||||||
}
|
}
|
||||||
|
|
||||||
|
36
vendor/golang.org/x/sys/unix/sockcmsg_unix.go
generated
vendored
36
vendor/golang.org/x/sys/unix/sockcmsg_unix.go
generated
vendored
@ -9,35 +9,9 @@
|
|||||||
package unix
|
package unix
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"runtime"
|
|
||||||
"unsafe"
|
"unsafe"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Round the length of a raw sockaddr up to align it properly.
|
|
||||||
func cmsgAlignOf(salen int) int {
|
|
||||||
salign := SizeofPtr
|
|
||||||
|
|
||||||
switch runtime.GOOS {
|
|
||||||
case "aix":
|
|
||||||
// There is no alignment on AIX.
|
|
||||||
salign = 1
|
|
||||||
case "darwin", "dragonfly", "solaris", "illumos":
|
|
||||||
// NOTE: It seems like 64-bit Darwin, DragonFly BSD,
|
|
||||||
// illumos, and Solaris kernels still require 32-bit
|
|
||||||
// aligned access to network subsystem.
|
|
||||||
if SizeofPtr == 8 {
|
|
||||||
salign = 4
|
|
||||||
}
|
|
||||||
case "netbsd", "openbsd":
|
|
||||||
// NetBSD and OpenBSD armv7 require 64-bit alignment.
|
|
||||||
if runtime.GOARCH == "arm" {
|
|
||||||
salign = 8
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return (salen + salign - 1) & ^(salign - 1)
|
|
||||||
}
|
|
||||||
|
|
||||||
// CmsgLen returns the value to store in the Len field of the Cmsghdr
|
// CmsgLen returns the value to store in the Len field of the Cmsghdr
|
||||||
// structure, taking into account any necessary alignment.
|
// structure, taking into account any necessary alignment.
|
||||||
func CmsgLen(datalen int) int {
|
func CmsgLen(datalen int) int {
|
||||||
@ -50,8 +24,8 @@ func CmsgSpace(datalen int) int {
|
|||||||
return cmsgAlignOf(SizeofCmsghdr) + cmsgAlignOf(datalen)
|
return cmsgAlignOf(SizeofCmsghdr) + cmsgAlignOf(datalen)
|
||||||
}
|
}
|
||||||
|
|
||||||
func cmsgData(h *Cmsghdr) unsafe.Pointer {
|
func (h *Cmsghdr) data(offset uintptr) unsafe.Pointer {
|
||||||
return unsafe.Pointer(uintptr(unsafe.Pointer(h)) + uintptr(cmsgAlignOf(SizeofCmsghdr)))
|
return unsafe.Pointer(uintptr(unsafe.Pointer(h)) + uintptr(cmsgAlignOf(SizeofCmsghdr)) + offset)
|
||||||
}
|
}
|
||||||
|
|
||||||
// SocketControlMessage represents a socket control message.
|
// SocketControlMessage represents a socket control message.
|
||||||
@ -94,10 +68,8 @@ func UnixRights(fds ...int) []byte {
|
|||||||
h.Level = SOL_SOCKET
|
h.Level = SOL_SOCKET
|
||||||
h.Type = SCM_RIGHTS
|
h.Type = SCM_RIGHTS
|
||||||
h.SetLen(CmsgLen(datalen))
|
h.SetLen(CmsgLen(datalen))
|
||||||
data := cmsgData(h)
|
for i, fd := range fds {
|
||||||
for _, fd := range fds {
|
*(*int32)(h.data(4 * uintptr(i))) = int32(fd)
|
||||||
*(*int32)(data) = int32(fd)
|
|
||||||
data = unsafe.Pointer(uintptr(data) + 4)
|
|
||||||
}
|
}
|
||||||
return b
|
return b
|
||||||
}
|
}
|
||||||
|
38
vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
generated
vendored
Normal file
38
vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
generated
vendored
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build aix darwin freebsd linux netbsd openbsd solaris
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
import (
|
||||||
|
"runtime"
|
||||||
|
)
|
||||||
|
|
||||||
|
// Round the length of a raw sockaddr up to align it properly.
|
||||||
|
func cmsgAlignOf(salen int) int {
|
||||||
|
salign := SizeofPtr
|
||||||
|
|
||||||
|
// dragonfly needs to check ABI version at runtime, see cmsgAlignOf in
|
||||||
|
// sockcmsg_dragonfly.go
|
||||||
|
switch runtime.GOOS {
|
||||||
|
case "aix":
|
||||||
|
// There is no alignment on AIX.
|
||||||
|
salign = 1
|
||||||
|
case "darwin", "illumos", "solaris":
|
||||||
|
// NOTE: It seems like 64-bit Darwin, Illumos and Solaris
|
||||||
|
// kernels still require 32-bit aligned access to network
|
||||||
|
// subsystem.
|
||||||
|
if SizeofPtr == 8 {
|
||||||
|
salign = 4
|
||||||
|
}
|
||||||
|
case "netbsd", "openbsd":
|
||||||
|
// NetBSD and OpenBSD armv7 require 64-bit alignment.
|
||||||
|
if runtime.GOARCH == "arm" {
|
||||||
|
salign = 8
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return (salen + salign - 1) & ^(salign - 1)
|
||||||
|
}
|
4
vendor/golang.org/x/sys/unix/syscall_bsd.go
generated
vendored
4
vendor/golang.org/x/sys/unix/syscall_bsd.go
generated
vendored
@ -237,7 +237,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
|
|||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
bytes := (*[10000]byte)(unsafe.Pointer(&pp.Path[0]))[0:n]
|
bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n]
|
||||||
sa.Name = string(bytes)
|
sa.Name = string(bytes)
|
||||||
return sa, nil
|
return sa, nil
|
||||||
|
|
||||||
@ -577,8 +577,6 @@ func Futimes(fd int, tv []Timeval) error {
|
|||||||
return futimes(fd, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
|
return futimes(fd, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
|
||||||
}
|
}
|
||||||
|
|
||||||
//sys fcntl(fd int, cmd int, arg int) (val int, err error)
|
|
||||||
|
|
||||||
//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
|
//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
|
||||||
|
|
||||||
func Poll(fds []PollFd, timeout int) (n int, err error) {
|
func Poll(fds []PollFd, timeout int) (n int, err error) {
|
||||||
|
29
vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
generated
vendored
Normal file
29
vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
generated
vendored
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,go1.12,!go1.13
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
import (
|
||||||
|
"unsafe"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
|
||||||
|
// To implement this using libSystem we'd need syscall_syscallPtr for
|
||||||
|
// fdopendir. However, syscallPtr was only added in Go 1.13, so we fall
|
||||||
|
// back to raw syscalls for this func on Go 1.12.
|
||||||
|
var p unsafe.Pointer
|
||||||
|
if len(buf) > 0 {
|
||||||
|
p = unsafe.Pointer(&buf[0])
|
||||||
|
} else {
|
||||||
|
p = unsafe.Pointer(&_zero)
|
||||||
|
}
|
||||||
|
r0, _, e1 := Syscall6(SYS_GETDIRENTRIES64, uintptr(fd), uintptr(p), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
|
||||||
|
n = int(r0)
|
||||||
|
if e1 != 0 {
|
||||||
|
return n, errnoErr(e1)
|
||||||
|
}
|
||||||
|
return n, nil
|
||||||
|
}
|
101
vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
generated
vendored
Normal file
101
vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
generated
vendored
Normal file
@ -0,0 +1,101 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,go1.13
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
import "unsafe"
|
||||||
|
|
||||||
|
//sys closedir(dir uintptr) (err error)
|
||||||
|
//sys readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno)
|
||||||
|
|
||||||
|
func fdopendir(fd int) (dir uintptr, err error) {
|
||||||
|
r0, _, e1 := syscall_syscallPtr(funcPC(libc_fdopendir_trampoline), uintptr(fd), 0, 0)
|
||||||
|
dir = uintptr(r0)
|
||||||
|
if e1 != 0 {
|
||||||
|
err = errnoErr(e1)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
func libc_fdopendir_trampoline()
|
||||||
|
|
||||||
|
//go:linkname libc_fdopendir libc_fdopendir
|
||||||
|
//go:cgo_import_dynamic libc_fdopendir fdopendir "/usr/lib/libSystem.B.dylib"
|
||||||
|
|
||||||
|
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
|
||||||
|
// Simulate Getdirentries using fdopendir/readdir_r/closedir.
|
||||||
|
// We store the number of entries to skip in the seek
|
||||||
|
// offset of fd. See issue #31368.
|
||||||
|
// It's not the full required semantics, but should handle the case
|
||||||
|
// of calling Getdirentries or ReadDirent repeatedly.
|
||||||
|
// It won't handle assigning the results of lseek to *basep, or handle
|
||||||
|
// the directory being edited underfoot.
|
||||||
|
skip, err := Seek(fd, 0, 1 /* SEEK_CUR */)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// We need to duplicate the incoming file descriptor
|
||||||
|
// because the caller expects to retain control of it, but
|
||||||
|
// fdopendir expects to take control of its argument.
|
||||||
|
// Just Dup'ing the file descriptor is not enough, as the
|
||||||
|
// result shares underlying state. Use Openat to make a really
|
||||||
|
// new file descriptor referring to the same directory.
|
||||||
|
fd2, err := Openat(fd, ".", O_RDONLY, 0)
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
d, err := fdopendir(fd2)
|
||||||
|
if err != nil {
|
||||||
|
Close(fd2)
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
defer closedir(d)
|
||||||
|
|
||||||
|
var cnt int64
|
||||||
|
for {
|
||||||
|
var entry Dirent
|
||||||
|
var entryp *Dirent
|
||||||
|
e := readdir_r(d, &entry, &entryp)
|
||||||
|
if e != 0 {
|
||||||
|
return n, errnoErr(e)
|
||||||
|
}
|
||||||
|
if entryp == nil {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if skip > 0 {
|
||||||
|
skip--
|
||||||
|
cnt++
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
reclen := int(entry.Reclen)
|
||||||
|
if reclen > len(buf) {
|
||||||
|
// Not enough room. Return for now.
|
||||||
|
// The counter will let us know where we should start up again.
|
||||||
|
// Note: this strategy for suspending in the middle and
|
||||||
|
// restarting is O(n^2) in the length of the directory. Oh well.
|
||||||
|
break
|
||||||
|
}
|
||||||
|
// Copy entry into return buffer.
|
||||||
|
s := struct {
|
||||||
|
ptr unsafe.Pointer
|
||||||
|
siz int
|
||||||
|
cap int
|
||||||
|
}{ptr: unsafe.Pointer(&entry), siz: reclen, cap: reclen}
|
||||||
|
copy(buf, *(*[]byte)(unsafe.Pointer(&s)))
|
||||||
|
buf = buf[reclen:]
|
||||||
|
n += reclen
|
||||||
|
cnt++
|
||||||
|
}
|
||||||
|
// Set the seek offset of the input fd to record
|
||||||
|
// how many files we've already returned.
|
||||||
|
_, err = Seek(fd, cnt, 0 /* SEEK_SET */)
|
||||||
|
if err != nil {
|
||||||
|
return n, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return n, nil
|
||||||
|
}
|
4
vendor/golang.org/x/sys/unix/syscall_darwin.go
generated
vendored
4
vendor/golang.org/x/sys/unix/syscall_darwin.go
generated
vendored
@ -333,12 +333,16 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) error {
|
|||||||
* Wrapped
|
* Wrapped
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
//sys fcntl(fd int, cmd int, arg int) (val int, err error)
|
||||||
|
|
||||||
//sys kill(pid int, signum int, posix int) (err error)
|
//sys kill(pid int, signum int, posix int) (err error)
|
||||||
|
|
||||||
func Kill(pid int, signum syscall.Signal) (err error) { return kill(pid, int(signum), 1) }
|
func Kill(pid int, signum syscall.Signal) (err error) { return kill(pid, int(signum), 1) }
|
||||||
|
|
||||||
//sys ioctl(fd int, req uint, arg uintptr) (err error)
|
//sys ioctl(fd int, req uint, arg uintptr) (err error)
|
||||||
|
|
||||||
|
//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL
|
||||||
|
|
||||||
func Uname(uname *Utsname) error {
|
func Uname(uname *Utsname) error {
|
||||||
mib := []_C_int{CTL_KERN, KERN_OSTYPE}
|
mib := []_C_int{CTL_KERN, KERN_OSTYPE}
|
||||||
n := unsafe.Sizeof(uname.Sysname)
|
n := unsafe.Sizeof(uname.Sysname)
|
||||||
|
9
vendor/golang.org/x/sys/unix/syscall_darwin_386.1_11.go
generated
vendored
Normal file
9
vendor/golang.org/x/sys/unix/syscall_darwin_386.1_11.go
generated
vendored
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,386,!go1.12
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
|
2
vendor/golang.org/x/sys/unix/syscall_darwin_386.go
generated
vendored
2
vendor/golang.org/x/sys/unix/syscall_darwin_386.go
generated
vendored
@ -10,7 +10,6 @@ import (
|
|||||||
"syscall"
|
"syscall"
|
||||||
)
|
)
|
||||||
|
|
||||||
//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
|
|
||||||
//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error)
|
//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error)
|
||||||
|
|
||||||
func setTimespec(sec, nsec int64) Timespec {
|
func setTimespec(sec, nsec int64) Timespec {
|
||||||
@ -63,7 +62,6 @@ const SYS___SYSCTL = SYS_SYSCTL
|
|||||||
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
|
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
|
||||||
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
|
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
|
||||||
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
|
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
|
||||||
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
|
|
||||||
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
|
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
|
||||||
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
|
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
|
||||||
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
|
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
|
||||||
|
9
vendor/golang.org/x/sys/unix/syscall_darwin_amd64.1_11.go
generated
vendored
Normal file
9
vendor/golang.org/x/sys/unix/syscall_darwin_amd64.1_11.go
generated
vendored
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,amd64,!go1.12
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
|
2
vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
generated
vendored
2
vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
generated
vendored
@ -10,7 +10,6 @@ import (
|
|||||||
"syscall"
|
"syscall"
|
||||||
)
|
)
|
||||||
|
|
||||||
//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
|
|
||||||
//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error)
|
//sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error)
|
||||||
|
|
||||||
func setTimespec(sec, nsec int64) Timespec {
|
func setTimespec(sec, nsec int64) Timespec {
|
||||||
@ -63,7 +62,6 @@ const SYS___SYSCTL = SYS_SYSCTL
|
|||||||
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
|
//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
|
||||||
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
|
//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
|
||||||
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
|
//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
|
||||||
//sys Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) = SYS_GETDIRENTRIES64
|
|
||||||
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
|
//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
|
||||||
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
|
//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
|
||||||
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
|
//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
|
||||||
|
11
vendor/golang.org/x/sys/unix/syscall_darwin_arm.1_11.go
generated
vendored
Normal file
11
vendor/golang.org/x/sys/unix/syscall_darwin_arm.1_11.go
generated
vendored
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,arm,!go1.12
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
|
||||||
|
return 0, ENOSYS
|
||||||
|
}
|
8
vendor/golang.org/x/sys/unix/syscall_darwin_arm.go
generated
vendored
8
vendor/golang.org/x/sys/unix/syscall_darwin_arm.go
generated
vendored
@ -12,10 +12,6 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) error {
|
|||||||
return ENOTSUP
|
return ENOTSUP
|
||||||
}
|
}
|
||||||
|
|
||||||
func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
|
|
||||||
return ENOTSUP
|
|
||||||
}
|
|
||||||
|
|
||||||
func setTimespec(sec, nsec int64) Timespec {
|
func setTimespec(sec, nsec int64) Timespec {
|
||||||
return Timespec{Sec: int32(sec), Nsec: int32(nsec)}
|
return Timespec{Sec: int32(sec), Nsec: int32(nsec)}
|
||||||
}
|
}
|
||||||
@ -70,7 +66,3 @@ const SYS___SYSCTL = SYS_SYSCTL
|
|||||||
//sys Lstat(path string, stat *Stat_t) (err error)
|
//sys Lstat(path string, stat *Stat_t) (err error)
|
||||||
//sys Stat(path string, stat *Stat_t) (err error)
|
//sys Stat(path string, stat *Stat_t) (err error)
|
||||||
//sys Statfs(path string, stat *Statfs_t) (err error)
|
//sys Statfs(path string, stat *Statfs_t) (err error)
|
||||||
|
|
||||||
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
|
|
||||||
return 0, ENOSYS
|
|
||||||
}
|
|
||||||
|
11
vendor/golang.org/x/sys/unix/syscall_darwin_arm64.1_11.go
generated
vendored
Normal file
11
vendor/golang.org/x/sys/unix/syscall_darwin_arm64.1_11.go
generated
vendored
Normal file
@ -0,0 +1,11 @@
|
|||||||
|
// Copyright 2019 The Go Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a BSD-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// +build darwin,arm64,!go1.12
|
||||||
|
|
||||||
|
package unix
|
||||||
|
|
||||||
|
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
|
||||||
|
return 0, ENOSYS
|
||||||
|
}
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user