Fork of Go programming language with my patches. http://git.kilabit.info/go/atom?h=go1.13.14 2020-07-16T22:23:43Z 2020-07-16T22:23:43Z Andrew Bonventre andybons@golang.org 2020-07-16T21:41:24Z urn:sha1:d3ba94164a1c404a01369fb54ddd4f5b94d91348 Change-Id: Id54fd93e1839c28e40e9fcdaa5e7304dae274565 Reviewed-on: https://go-review.googlesource.com/c/go/+/243139 Run-TryBot: Andrew Bonventre <andybons@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> 2020-07-16T00:34:33Z Emmanuel T Odeke emmanuel@orijtech.com 2020-07-15T01:20:47Z urn:sha1:42e7927c5fe2da4d00786a9025bc7f8f994b0fa4 Manually backported the subject CLs, because of lack of Gerrit "forge-author" permissions, but also because the prior cherry picks didn't apply cleanly, due to a tight relation chain. The backport comprises of: * CL 174122 * CL 216197 * CL 223963 * CL 216240 * CL 216241 Note: Due to the restrictions that we cannot retroactively introduce API changes to Go1.13.13 that weren't in Go1.13, the Conn.Validator interface (from CL 174122, CL 223963) isn't exposed, and drivers will just be inspected, for if they have an IsValid() bool method implemented. For a description of the content of each CL: * CL 174122: database/sql: process all Session Resets synchronously Adds a new interface, driver.ConnectionValidator, to allow drivers to signal they should not be used again, separatly from the session resetter interface. This is done now that the session reset is done after the connection is put into the connection pool. Previous behavior attempted to run Session Resets in a background worker. This implementation had two problems: untested performance gains for additional complexity, and failures when the pool size exceeded the connection reset channel buffer size. * CL 216197: database/sql: check conn expiry when returning to pool, not when handing it out With the original connection reuse strategy, it was possible that when a new connection was requested, the pool would wait for an an existing connection to return for re-use in a full connection pool, and then it would check if the returned connection was expired. If the returned connection expired while awaiting re-use, it would return an error to the location requestiong the new connection. The existing call sites requesting a new connection was often the last attempt at returning a connection for a query. This would then result in a failed query. This change ensures that we perform the expiry check right before a connection is inserted back in to the connection pool for while requesting a new connection. If requesting a new connection it will no longer fail due to the connection expiring. * CL 216240: database/sql: prevent Tx statement from committing after rollback It was possible for a Tx that was aborted for rollback asynchronously to execute a query after the rollback had completed on the database, which often would auto commit the query outside of the transaction. By W-locking the tx.closemu prior to issuing the rollback connection it ensures any Tx query either fails or finishes on the Tx, and never after the Tx has rolled back. * CL 216241: database/sql: on Tx rollback, retain connection if driver can reset session Previously the Tx would drop the connection after rolling back from a context cancel. Now if the driver can reset the session, keep the connection. * CL 223963 database/sql: add test for Conn.Validator interface This addresses comments made by Russ after https://golang.org/cl/174122 was merged. It addes a test for the connection validator and renames the interface to just "Validator". Updates #31480 Updates #32530 Updates #32942 Updates #34775 Fixes #40205 Change-Id: I6d7307180b0db0bf159130d91161764cf0f18b58 Reviewed-on: https://go-review.googlesource.com/c/go/+/242522 Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Daniel Theophanes <kardianos@gmail.com> 2020-07-14T18:39:38Z Katie Hockman katie@golang.org 2020-07-14T18:39:38Z urn:sha1:6e1b89a431337a1e4584bd15f3a1af9c5c7b1bb0 Change-Id: Id0cca0e1006d92960e7f665d41111483c0fcea13 2020-07-14T14:10:10Z Andrew Bonventre andybons@golang.org 2020-07-14T13:15:35Z urn:sha1:1f8859c22ccdeb969b252c8139bf4b1aae5c4909 Change-Id: I65f5d9cc1363d369ced4496c1d6d3d7f9144f1b8 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/794127 Reviewed-by: Katie Hockman <katiehockman@google.com> 2020-07-14T12:23:08Z Filippo Valsorda filippo@golang.org 2020-06-19T02:45:52Z urn:sha1:4a4c8d3d971fa77e4346d2874220ff736047f13c When using the platform verifier on Windows (because Roots is nil) we were always enforcing server auth EKUs if DNSName was set, and none otherwise. If an application was setting KeyUsages, they were not being respected. Started correctly surfacing IncompatibleUsage errors from the system verifier, as those are the ones applications will see if they are affected by this change. Also refactored verify_test.go to make it easier to add tests for this, and replaced the EKULeaf chain with a new one that doesn't have a SHA-1 signature. Thanks to Niall Newman for reporting this. Fixes #39360 Fixes CVE-2020-14039 Change-Id: If5c00d615f2944f7d57007891aae1307f9571c32 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/774414 Reviewed-by: Katie Hockman <katiehockman@google.com> Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/793509 Reviewed-by: Filippo Valsorda <valsorda@google.com> 2020-07-13T20:57:52Z Russ Cox rsc@golang.org 2020-07-13T17:27:22Z urn:sha1:e434185ec16b3783629bcb364b9a350706df7c1e The expectContinueReader writes to the connection on the first Request.Body read. Since a Handler might be doing a read in parallel or before a write, expectContinueReader needs to synchronize with the ResponseWriter, and abort if a response already went out. The tests will land in a separate CL. Fixes #34902 Fixes CVE-2020-15586 Change-Id: Icdd8dd539f45e8863762bd378194bb4741e875fc Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/793350 Reviewed-by: Filippo Valsorda <valsorda@google.com> (cherry picked from commit b5e504f4a07c572744b228fa1b10e3989c4c44f3) Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/793499 2020-07-13T18:33:23Z Marcus Weiner marcus.weiner@gmail.com 2020-06-24T15:24:56Z urn:sha1:e19af0f1447e0f99688949c68cd8c39d188f699c Updates #39817. Fixes #39925. Change-Id: I79f2ad7c836a8a46569f603aca583fdd526d22dc GitHub-Last-Rev: 5b88aada219aaa2af0c7e1969ed6fa646117d9da GitHub-Pull-Request: golang/go#39821 Reviewed-on: https://go-review.googlesource.com/c/go/+/239699 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> (cherry picked from commit ce81a8f5e4f6c33036aa0777fabc47eeeab468dc) Reviewed-on: https://go-review.googlesource.com/c/go/+/242077 Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Marcus Weiner <marcus.weiner@gmail.com> Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2020-07-11T02:49:54Z Keith Randall khr@golang.org 2020-06-18T19:51:35Z urn:sha1:3c1722cf30d1edc6756022c7a12efffabcfb098a reflect.assignTo writes to the target using write barriers. Make sure that the memory it is writing to is zeroed, so the write barrier does not read pointers from uninitialized memory. Fixes #39697 Change-Id: Ia64b2cacc193bffd0c1396bbce1dfb8182d4905b Reviewed-on: https://go-review.googlesource.com/c/go/+/238760 Run-TryBot: Keith Randall <khr@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> (cherry picked from commit 3dec253783e1211989102ac6abd34cddbf8ba0e6) Reviewed-on: https://go-review.googlesource.com/c/go/+/238862 Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com> 2020-07-10T22:19:31Z Keith Randall khr@golang.org 2020-06-25T03:59:18Z urn:sha1:0b75fc7a92b8973601040eed8d13d8775d099f43 It doesn't have to. The type in the aux field is authoritative. There are cases involving casting from interface{} where pointers have a placeholder pointer type (because the type is not known when the IData op is generated). The check was introduced in CL 13447. Fixes #39848 Change-Id: Id77a57577806a271aeebd20bea5d92d08ee7aa6b Reviewed-on: https://go-review.googlesource.com/c/go/+/239817 Run-TryBot: Keith Randall <khr@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> (cherry picked from commit 3b2f67a59702e4881625cb967f853ef56b0c4828) Reviewed-on: https://go-review.googlesource.com/c/go/+/239998 Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org> 2020-06-29T20:51:55Z Michael Matloob matloob@golang.org 2020-01-10T22:53:05Z urn:sha1:82c1a8705bc586d1d417a4b58b6e07aa01e93ba9 Part of converting all tests to script framework to improve test parallelism. Fixes #39823 Updates #36320 Updates #17751 Change-Id: I69c69809fb1698c8198ef3ea00103a9acb7b6ce7 Reviewed-on: https://go-review.googlesource.com/c/go/+/214387 Run-TryBot: Michael Matloob <matloob@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> (cherry picked from CL 214387) Reviewed-on: https://go-review.googlesource.com/c/go/+/239777 Run-TryBot: Bryan C. Mills <bcmills@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Dmitri Shuralyov <dmitshur@golang.org> Reviewed-by: Michael Matloob <matloob@golang.org> Reviewed-by: Carlos Amedee <carlos@golang.org>