go-x-crypto, branch ssh-run-with-context.mailed

ssh: implement Session Run with context

2023-12-22T09:23:26Z

The RunWithContext similar to Run but terminate the remote command with SIGKILL when its receive context cancellation. Change-Id: Ib82e23b77450bef222bba8576eca11b9d356688b

ssh: implement strict KEX protocol changes

2023-12-18T16:33:08Z

Implement the "strict KEX" protocol changes, as described in section 1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1). Namely this makes the following changes: * Both the server and the client add an additional algorithm to the initial KEXINIT message, indicating support for the strict KEX mode. * When one side of the connection sees the strict KEX extension algorithm, the strict KEX mode is enabled for messages originating from the other side of the connection. If the sequence number for the side which requested the extension is not 1 (indicating that it has already received non-KEXINIT packets), the connection is terminated. * When strict kex mode is enabled, unexpected messages during the handshake are considered fatal. Additionally when a key change occurs (on the receipt of the NEWKEYS message) the message sequence numbers are reset. Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr University Bochum for reporting this issue. Fixes CVE-2023-48795 Fixes golang/go#64784 Change-Id: I96b53afd2bd2fb94d2b6f2a46a5dacf325357604 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/550715 Reviewed-by: Nicola Murino Reviewed-by: Tatiana Bradley TryBot-Result: Gopher Robot Run-TryBot: Roland Shoemaker Reviewed-by: Damien Neil LUCI-TryBot-Result: Go LUCI

ssh: close net.Conn on all NewServerConn errors

2023-12-14T18:23:28Z

This PR ensures that the net.Conn passed to ssh.NewServerConn is closed on all error return paths, not just after a failed handshake. This matches the behavior of ssh.NewClientConn. Change-Id: Id8a51d10ae8d575cbbe26f2ef6b37de7cca840ec GitHub-Last-Rev: 81bb2e58a881a9a85935740bda06b034b32a8ce3 GitHub-Pull-Request: golang/crypto#279 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/549095 Run-TryBot: Nicola Murino Auto-Submit: Nicola Murino Reviewed-by: Roland Shoemaker Reviewed-by: Nicola Murino LUCI-TryBot-Result: Go LUCI Reviewed-by: Michael Pratt TryBot-Result: Gopher Robot

x509roots/fallback: update bundle

2023-11-29T16:35:42Z

This is an automated CL which updates the NSS root bundle. Change-Id: Ib8c85dc815297de7b59c3e23b0ad029baaf948ec Reviewed-on: https://go-review.googlesource.com/c/crypto/+/543735 Auto-Submit: Gopher Robot LUCI-TryBot-Result: Go LUCI Reviewed-by: Dmitri Shuralyov Reviewed-by: Roland Shoemaker

ssh: defer channel window adjustment

2023-11-27T17:27:49Z

Sending a window adjustment after every read is unnecessarily chatty, especially with a series of small reads like with TTY interactions. Copy OpenSSH's logic for deferring these, which seemingly hasn't changed since 2007. Note that since channelWindowSize and c.maxIncomingPayload are currently constants here, the two checks could be combined into a single check for c.myWindow < 2 MiB - 96 KiB (with the current values of the constants). Fixes golang/go#57424. Change-Id: Ifcef5be76fcc3f0b1a6dc396096bed9c50d64f21 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/459915 Reviewed-by: Nicola Murino Reviewed-by: Michael Knyszek Run-TryBot: Nicola Murino Auto-Submit: Nicola Murino Reviewed-by: Dmitri Shuralyov Commit-Queue: Nicola Murino TryBot-Result: Gopher Robot

blake2b: drop Go 1.6, Go 1.8 compatibility

2023-11-27T17:26:05Z

Other packages already dropped compatibility with go < 1.12, so it should be safe to remove it for this package as well. Change-Id: I7e894fd11d2e7d1fe28c647bd921399a9a6e30d0 GitHub-Last-Rev: 2b4f576a19338f185e79f39cbfd476573b986369 GitHub-Pull-Request: golang/crypto#240 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/448240 Run-TryBot: Nicola Murino Reviewed-by: Joedian Reid Reviewed-by: Nicola Murino Commit-Queue: Nicola Murino Auto-Submit: Nicola Murino TryBot-Result: Gopher Robot Reviewed-by: Michael Knyszek Reviewed-by: Roland Shoemaker Reviewed-by: Dmitri Shuralyov

ssh: wrap errors from client handshake

2023-11-27T17:24:46Z

When an error is returned by a user defined host key callback, it is now possible to handle it using standard Go mechanisms such as errors.Is or errors.As. Fixes golang/go#61309 Change-Id: I4269c5f8eacd8e7e8d85070ad249f0e27777b15f GitHub-Last-Rev: d2a34d5c8225d6aaaee287ce3ea8b218fbe210d4 GitHub-Pull-Request: golang/crypto#266 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/508876 Run-TryBot: Nicola Murino Auto-Submit: Dmitri Shuralyov Reviewed-by: Muhammad Shulhan Reviewed-by: Michael Knyszek Reviewed-by: Dmitri Shuralyov Reviewed-by: Nicola Murino TryBot-Result: Gopher Robot

argon2: avoid clobbering BP

2023-11-27T17:24:02Z

go vet was reporting blamka_amd64.s:203:1: [amd64] mixBlocksSSE2: invalid offset a+24(FP); expected a+8(FP) blamka_amd64.s:226:1: [amd64] xorBlocksSSE2: invalid offset a+24(FP); expected a+8(FP) blamka_amd64.s:204:1: frame pointer is clobbered before saving blamka_amd64.s:227:1: frame pointer is clobbered before saving Also fix a similar naming issue in sha3: sha3\keccakf_amd64.s:325:1: [amd64] keccakF1600: unknown variable state; offset 0 is a+0(FP) Updates golang/go#47027 Change-Id: Ia74852cdb0721ae0216787054197b0cac9e1c0f8 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/332289 Reviewed-by: Michael Knyszek Reviewed-by: Nicola Murino Reviewed-by: Dmitri Shuralyov LUCI-TryBot-Result: Go LUCI Auto-Submit: Dmitri Shuralyov Reviewed-by: Filippo Valsorda

ssh/test: skip TestSSHCLIAuth on Windows

2023-11-27T16:29:38Z

It's failing with a file permissions error: sign_and_send_pubkey: signing using rsa-sha2-512 SHA256:Anr3LjZK8YVpjrxu79myrW9Hrb/wpcMNpVvTq/RcBm8\r\nBad permissions. Try removing permissions for user: UNKNOWN\\\\UNKNOWN (S-1-15-2-2) on file C:/b/s/w/ir/x/t/TestSSHCLIAuth1586735692/001/rsa. For golang/go#64403 Change-Id: Iece8eac4a1ac349f9f7a273ac7389315cb96568e Cq-Include-Trybots: luci.golang.try:x_crypto-gotip-windows-amd64-longtest,x_crypto-go1.21-windows-amd64-longtest,x_crypto-go1.20-windows-amd64-longtest Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545135 Reviewed-by: Dmitri Shuralyov Reviewed-by: Nicola Murino Auto-Submit: Heschi Kreinick LUCI-TryBot-Result: Go LUCI

go.mod: update golang.org/x dependencies

2023-11-27T16:00:28Z

Update golang.org/x dependencies to their latest tagged versions. Change-Id: I7fdfe509173c79a63d006b27d674f869a5baa2af Reviewed-on: https://go-review.googlesource.com/c/crypto/+/545098 Reviewed-by: Heschi Kreinick LUCI-TryBot-Result: Go LUCI Auto-Submit: Gopher Robot Reviewed-by: Dmitri Shuralyov