go-x-crypto, branch v0.36.0 Fork of golang.org/x/crypto with my patches. http://git.kilabit.info/go-x-crypto/atom?h=v0.36.0 2025-03-05T17:04:21Z go.mod: update golang.org/x dependencies 2025-03-05T17:04:21Z Gopher Robot gobot@golang.org 2025-03-05T16:14:04Z urn:sha1:49bf5b80c8108983f588ecabd7bf996e6e63a515 Update golang.org/x dependencies to their latest tagged versions. Change-Id: Ieae7a2d210a65d5cd2cb7e2670d283176922c767 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/655018 Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> ssh: add decode support for banners 2025-03-03T19:16:37Z Ilia Mirkin imirkin@alum.mit.edu 2025-02-19T15:18:24Z urn:sha1:24852b6b3fe89f0f239f5e7181473a28e39ae814 These banners can be printed when enabling debugHandshake, add decode support so that they're not printed as unknown messages. Change-Id: Ic8d56079d8225c35aac843accdbc80a642dd6249 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/650635 Reviewed-by: Junyang Shao <shaojunyang@google.com> Reviewed-by: Nicola Murino <nicola.murino@gmail.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> ssh: use a more straightforward return value 2025-02-28T20:03:19Z cuishuang imcusg@gmail.com 2025-02-27T04:58:15Z urn:sha1:bbc689cf5cfb1b9f9ea88939690590d3521c2487 Change-Id: Ie5ee95efe4924f75719087c6fe8d4867607934bf Reviewed-on: https://go-review.googlesource.com/c/crypto/+/653198 Reviewed-by: Ian Lance Taylor <iant@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Michael Pratt <mpratt@google.com> Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Auto-Submit: Ian Lance Taylor <iant@google.com> ssh: limit the size of the internal packet queue while waiting for KEX 2025-02-24T17:39:25Z Nicola Murino nicola.murino@gmail.com 2024-12-15T17:08:57Z urn:sha1:7292932d45d55c7199324ab0027cc86e8198aa22 In the SSH protocol, clients and servers execute the key exchange to generate one-time session keys used for encryption and authentication. The key exchange is performed initially after the connection is established and then periodically after a configurable amount of data. While a key exchange is in progress, we add the received packets to an internal queue until we receive SSH_MSG_KEXINIT from the other side. This can result in high memory usage if the other party is slow to respond to the SSH_MSG_KEXINIT packet, or memory exhaustion if a malicious client never responds to an SSH_MSG_KEXINIT packet during a large file transfer. We now limit the internal queue to 64 packets: this means 2MB with the typical 32KB packet size. When the internal queue is full we block further writes until the pending key exchange is completed or there is a read or write error. Thanks to Yuichi Watanabe for reporting this issue. Change-Id: I1ce2214cc16e08b838d4bc346c74c72addafaeec Reviewed-on: https://go-review.googlesource.com/c/crypto/+/652135 Reviewed-by: Neal Patel <nealpatel@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> acme/autocert: check host policy before probing the cache 2025-02-22T00:31:38Z Roland Shoemaker roland@golang.org 2025-02-21T17:59:08Z urn:sha1:f66f74b0a406b5f6909183531ace593857f1646c Avoid unnessecary cache probes for names that don't match the host policy. Fixes golang/go#71199 Change-Id: I11e8465b0416e960a549b0c0d74a622026c39931 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/651296 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> x509roots/fallback: drop obsolete build constraint 2025-02-21T17:26:01Z Dmitri Shuralyov dmitshur@golang.org 2025-02-14T19:31:37Z urn:sha1:b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85 Back when Go 1.20 and 1.19 were supported, the go1.20 build constraint was there to establish 1.20 as the minimum for the package, because it requires an API that was added only in Go 1.20 and there was no way to make it work with 1.19's APIs. By now only Go 1.24 and 1.23 are supported, and the minimum is set via the go directive in go.mod. For golang/go#57792. Change-Id: Ie4d37d34993374cdd380667930ee667af97eeccb Reviewed-on: https://go-review.googlesource.com/c/crypto/+/649716 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Cherry Mui <cherryyz@google.com> Auto-Submit: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> all: bump golang.org/x/crypto dependencies of asm generators 2025-02-14T23:32:41Z Roland Shoemaker roland@golang.org 2025-02-14T23:10:34Z urn:sha1:911360c8a4f464342b9fe7c23632be57fca87b20 Change-Id: Ieb2f0d45f82647978f0bd1eb47bb347f0bfb7d13 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/649499 Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> all: upgrade go directive to at least 1.23.0 [generated] 2025-02-14T20:15:19Z Gopher Robot gobot@golang.org 2025-02-14T19:21:44Z urn:sha1:89ff08d67c4d79f9ac619aaf1f7388888798651f By now Go 1.24.0 has been released, and Go 1.22 is no longer supported per the Go Release Policy (https://go.dev/doc/devel/release#policy). For golang/go#69095. [git-generate] (cd . && go get go@1.23.0 && go mod tidy && go fix ./... && go mod edit -toolchain=none) (cd x509roots/fallback && go get go@1.23.0 && go mod tidy && go fix ./... && go mod edit -toolchain=none) Change-Id: I879bced994b310927c41f820ec272a518aa0c8a5 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/649715 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Cherry Mui <cherryyz@google.com> all: update certs for go1.24 2025-02-10T16:33:42Z Sean Liao sean@liao.dev 2025-02-09T13:04:25Z urn:sha1:e47973b1c1089f6c67ab89261f7aa067b3d611d2 Fixes golang/go#71612 Change-Id: I5cb0596b33cb18016eb1883d1518319588ae1454 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/647975 Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Nicola Murino <nicola.murino@gmail.com> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Nicola Murino <nicola.murino@gmail.com> go.mod: update golang.org/x dependencies 2025-02-04T19:03:03Z Gopher Robot gobot@golang.org 2025-02-04T16:10:14Z urn:sha1:9290511cd23ab9813a307b7f2615325e3ca98902 Update golang.org/x dependencies to their latest tagged versions. Change-Id: Ib9440df43bc2fde0268cbe327c1df839e793f675 Reviewed-on: https://go-review.googlesource.com/c/crypto/+/646220 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: David Chase <drchase@google.com> Auto-Submit: Gopher Robot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>