Package init

2019-12-14 14:32:37 +08:00 · 2019-12-14 14:32:37 +08:00 · 467816af2c
commit 467816af2c
parent f6abdd32e1
5 changed files with 0 additions and 346 deletions
--- a/0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch
+++ b/0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch
@ -1,88 +0,0 @@
 From edce31a2904846ae74e3c011f2cf5fddc963459e Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Jakub=20=C4=8Cajka?= <jcajka@redhat.com>
 Date: Thu, 22 Mar 2018 12:07:32 +0100
 Subject: [PATCH 1/3] Don't use the bundled tzdata at runtime, except for the
 internal test suite
 ---
 src/time/internal_test.go | 7 +++++--
 src/time/zoneinfo_test.go | 3 ++-
 src/time/zoneinfo_unix.go | 2 --
 3 files changed, 7 insertions(+), 5 deletions(-)
 diff --git a/src/time/internal_test.go b/src/time/internal_test.go
 index 76d5524124..e81ace5f64 100644
 --- a/src/time/internal_test.go
 +++ b/src/time/internal_test.go
@@ -4,13 +4,15 @@
 package time
 +import "runtime"
 +
 func init() {
 	// force US/Pacific for time zone tests
 	ForceUSPacificForTesting()
 }
 func initTestingZone() {
 -	z, err := loadLocation("America/Los_Angeles", zoneSources[len(zoneSources)-1:])
 +	z, err := loadLocation("America/Los_Angeles", zoneSources)
 	if err != nil {
 		panic("cannot load America/Los_Angeles for testing: " + err.Error())
 	}
@@ -21,8 +23,9 @@ func initTestingZone() {
 var OrigZoneSources = zoneSources
 func forceZipFileForTesting(zipOnly bool) {
 -	zoneSources = make([]string, len(OrigZoneSources))
 +	zoneSources = make([]string, len(OrigZoneSources)+1)
 	copy(zoneSources, OrigZoneSources)
 +	zoneSources = append(zoneSources, runtime.GOROOT()+"/lib/time/zoneinfo.zip")
 	if zipOnly {
 		zoneSources = zoneSources[len(zoneSources)-1:]
 	}
 diff --git a/src/time/zoneinfo_test.go b/src/time/zoneinfo_test.go
 index 7a55d4f618..6063ca1195 100644
 --- a/src/time/zoneinfo_test.go
 +++ b/src/time/zoneinfo_test.go
@@ -8,6 +8,7 @@ import (
 	"fmt"
 	"os"
 	"reflect"
 +	"runtime"
 	"testing"
 	"time"
 )
@@ -128,7 +129,7 @@ func TestLoadLocationFromTZData(t *testing.T) {
 		t.Fatal(err)
 	}
 -	tzinfo, err := time.LoadTzinfo(locationName, time.OrigZoneSources[len(time.OrigZoneSources)-1])
 +	tzinfo, err := time.LoadTzinfo(locationName, runtime.GOROOT()+"/lib/time/zoneinfo.zip")
 	if err != nil {
 		t.Fatal(err)
 	}
 diff --git a/src/time/zoneinfo_unix.go b/src/time/zoneinfo_unix.go
 index 88313aa0ed..d9596115ef 100644
 --- a/src/time/zoneinfo_unix.go
 +++ b/src/time/zoneinfo_unix.go
@@ -12,7 +12,6 @@
 package time
 import (
 -	"runtime"
 	"syscall"
 )
@@ -22,7 +21,6 @@ var zoneSources = []string{
 	"/usr/share/zoneinfo/",
 	"/usr/share/lib/zoneinfo/",
 	"/usr/lib/locale/TZ/",
 -	runtime.GOROOT() + "/lib/time/zoneinfo.zip",
 }
 func initLocal() {
 -- 
 2.14.3
--- a/0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch
+++ b/0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch
@ -1,41 +0,0 @@
 From 817407fc2d6a861e65086388766f58082d38bc0b Mon Sep 17 00:00:00 2001
 From: Michael Munday <munday@ca.ibm.com>
 Date: Tue, 17 Jan 2017 11:33:38 -0500
 Subject: [PATCH 2/3] syscall: expose IfInfomsg.X__ifi_pad on s390x
 Exposing this field on s390x improves compatibility with the other
 linux architectures, all of which already expose it.
 Fixes #18628 and updates #18632.
 Change-Id: I08e8e1eb705f898cd8822f8bee0d61ce11d514b5
 ---
 src/syscall/ztypes_linux_s390x.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)
 diff --git a/src/syscall/ztypes_linux_s390x.go b/src/syscall/ztypes_linux_s390x.go
 index 63c4a83b19..b5894255df 100644
 --- a/src/syscall/ztypes_linux_s390x.go
 +++ b/src/syscall/ztypes_linux_s390x.go
@@ -449,12 +449,12 @@ type RtAttr struct {
 }
 type IfInfomsg struct {
 -	Family uint8
 -	_      uint8
 -	Type   uint16
 -	Index  int32
 -	Flags  uint32
 -	Change uint32
 +	Family     uint8
 +	X__ifi_pad uint8
 +	Type       uint16
 +	Index      int32
 +	Flags      uint32
 +	Change     uint32
 }
 type IfAddrmsg struct {
 -- 
 2.14.3
--- a/0003-release-branch.go1.11-security-crypto-elliptic-reduc.patch
+++ b/0003-release-branch.go1.11-security-crypto-elliptic-reduc.patch
@ -1,44 +0,0 @@
 From 867a07a179ebcb40143c76403f7f232b90812059 Mon Sep 17 00:00:00 2001
 From: Filippo Valsorda <filippo@golang.org>
 Date: Tue, 22 Jan 2019 16:02:41 -0500
 Subject: [PATCH] [release-branch.go1.11-security] crypto/elliptic: reduce
 subtraction term to prevent long busy loop
 If beta8 is unusually large, the addition loop might take a very long
 time to bring x3-beta8 back positive.
 This would lead to a DoS vulnerability in the implementation of the
 P-521 and P-384 elliptic curves that may let an attacker craft inputs
 to ScalarMult that consume excessive amounts of CPU.
 This fixes CVE-2019-6486.
 Change-Id: Ia969e8b5bf5ac4071a00722de9d5e4d856d8071a
 Reviewed-on: https://team-review.git.corp.google.com/c/399777
 Reviewed-by: Adam Langley <agl@google.com>
 Reviewed-by: Julie Qiu <julieqiu@google.com>
 (cherry picked from commit 746d6abe2dfb9ce7609f8e1e1a8dcb7e221f423e)
 Reviewed-on: https://team-review.git.corp.google.com/c/401142
 Reviewed-by: Filippo Valsorda <valsorda@google.com>
 ---
 src/crypto/elliptic/elliptic.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go
 index 4fc2b5e521..c84657c5e3 100644
 --- a/src/crypto/elliptic/elliptic.go
 +++ b/src/crypto/elliptic/elliptic.go
@@ -210,8 +210,9 @@ func (curve *CurveParams) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int,
 	x3 := new(big.Int).Mul(alpha, alpha)
 	beta8 := new(big.Int).Lsh(beta, 3)
 +	beta8.Mod(beta8, curve.P)
 	x3.Sub(x3, beta8)
 -	for x3.Sign() == -1 {
 +	if x3.Sign() == -1 {
 		x3.Add(x3, curve.P)
 	}
 	x3.Mod(x3, curve.P)
 -- 
 2.17.1
--- a/0004-fix-CVE-2019-9512-9514.patch
+++ b/0004-fix-CVE-2019-9512-9514.patch
@ -1,173 +0,0 @@
 From e152b01a468a1c18a290bf9aec52ccea7693c7f2 Mon Sep 17 00:00:00 2001
 From: Filippo Valsorda <filippo@golang.org>
 Date: Mon, 12 Aug 2019 16:59:30 -0400
 Subject: [PATCH] [release-branch.go1.11-security] net/http: update bundled
 http2 to import security fix
 Apply the following unpublished golang.org/x/net commit.
    commit b1cc14aba47abf96f96818003fa4caad3a4b4e86
    Author: Filippo Valsorda <filippo@golang.org>
    Date:   Sun Aug 11 02:12:18 2019 -0400
    [release-branch.go1.11] http2: limit number of control frames in server send queue
    An attacker could cause servers to queue an unlimited number of PING
    ACKs or RST_STREAM frames by soliciting them and not reading them, until
    the program runs out of memory.
    Limit control frames in the queue to a few thousands (matching the limit
    imposed by other vendors) by counting as they enter and exit the scheduler,
    so the protection will work with any WriteScheduler.
    Once the limit is exceeded, close the connection, as we have no way to
    communicate with the peer.
    Change-Id: I842968fc6ed3eac654b497ade8cea86f7267886b
    Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/525552
    Reviewed-by: Brad Fitzpatrick <bradfitz@google.com>
    (cherry picked from commit 589ad6cc5321fb68a90370348a241a5da0a2cc80)
    Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/526070
    Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
 Fixes CVE-2019-9512 and CVE-2019-9514
 Updates #33606
 Change-Id: Iecedf1cc63ec7a1cd75661ec591d91ebc911cc64
 Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/526072
 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
 ---
 src/net/http/h2_bundle.go | 54 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 45 insertions(+), 9 deletions(-)
 diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
 index 2cd2b86..6182495 100644
 --- a/src/net/http/h2_bundle.go
 +++ b/src/net/http/h2_bundle.go
@@ -3835,10 +3835,11 @@ func (p *http2pipe) Done() <-chan struct{} {
 }
 const (
 -	http2prefaceTimeout        = 10 * time.Second
 -	http2firstSettingsTimeout  = 2 * time.Second // should be in-flight with preface anyway
 -	http2handlerChunkWriteSize = 4 << 10
 -	http2defaultMaxStreams     = 250 // TODO: make this 100 as the GFE seems to?
 +	http2prefaceTimeout         = 10 * time.Second
 +	http2firstSettingsTimeout   = 2 * time.Second // should be in-flight with preface anyway
 +	http2handlerChunkWriteSize  = 4 << 10
 +	http2defaultMaxStreams      = 250 // TODO: make this 100 as the GFE seems to?
 +	http2maxQueuedControlFrames = 10000
 )
 var (
@@ -3946,6 +3947,15 @@ func (s *http2Server) maxConcurrentStreams() uint32 {
 	return http2defaultMaxStreams
 }
 +// maxQueuedControlFrames is the maximum number of control frames like
 +// SETTINGS, PING and RST_STREAM that will be queued for writing before
 +// the connection is closed to prevent memory exhaustion attacks.
 +func (s *http2Server) maxQueuedControlFrames() int {
 +	// TODO: if anybody asks, add a Server field, and remember to define the
 +	// behavior of negative values.
 +	return http2maxQueuedControlFrames
 +}
 +
 type http2serverInternalState struct {
 	mu          sync.Mutex
 	activeConns map[*http2serverConn]struct{}
@@ -4254,6 +4264,7 @@ type http2serverConn struct {
 	sawFirstSettings            bool // got the initial SETTINGS frame after the preface
 	needToSendSettingsAck       bool
 	unackedSettings             int    // how many SETTINGS have we sent without ACKs?
 +	queuedControlFrames         int    // control frames in the writeSched queue
 	clientMaxStreams            uint32 // SETTINGS_MAX_CONCURRENT_STREAMS from client (our PUSH_PROMISE limit)
 	advMaxStreams               uint32 // our SETTINGS_MAX_CONCURRENT_STREAMS advertised the client
 	curClientStreams            uint32 // number of open streams initiated by the client
@@ -4644,6 +4655,14 @@ func (sc *http2serverConn) serve() {
 			}
 		}
 +		// If the peer is causing us to generate a lot of control frames,
 +		// but not reading them from us, assume they are trying to make us
 +		// run out of memory.
 +		if sc.queuedControlFrames > sc.srv.maxQueuedControlFrames() {
 +			sc.vlogf("http2: too many control frames in send queue, closing connection")
 +			return
 +		}
 +
 		// Start the shutdown timer after sending a GOAWAY. When sending GOAWAY
 		// with no error code (graceful shutdown), don't start the timer until
 		// all open streams have been completed.
@@ -4845,6 +4864,14 @@ func (sc *http2serverConn) writeFrame(wr http2FrameWriteRequest) {
 	}
 	if !ignoreWrite {
 +		if wr.isControl() {
 +			sc.queuedControlFrames++
 +			// For extra safety, detect wraparounds, which should not happen,
 +			// and pull the plug.
 +			if sc.queuedControlFrames < 0 {
 +				sc.conn.Close()
 +			}
 +		}
 		sc.writeSched.Push(wr)
 	}
 	sc.scheduleFrameWrite()
@@ -4962,10 +4989,8 @@ func (sc *http2serverConn) wroteFrame(res http2frameWriteResult) {
 // If a frame is already being written, nothing happens. This will be called again
 // when the frame is done being written.
 //
 -// If a frame isn't being written we need to send one, the best frame
 -// to send is selected, preferring first things that aren't
 -// stream-specific (e.g. ACKing settings), and then finding the
 -// highest priority stream.
 +// If a frame isn't being written and we need to send one, the best frame
 +// to send is selected by writeSched.
 //
 // If a frame isn't being written and there's nothing else to send, we
 // flush the write buffer.
@@ -4993,6 +5018,9 @@ func (sc *http2serverConn) scheduleFrameWrite() {
 		}
 		if !sc.inGoAway || sc.goAwayCode == http2ErrCodeNo {
 			if wr, ok := sc.writeSched.Pop(); ok {
 +				if wr.isControl() {
 +					sc.queuedControlFrames--
 +				}
 				sc.startFrameWrite(wr)
 				continue
 			}
@@ -5285,6 +5313,8 @@ func (sc *http2serverConn) processSettings(f *http2SettingsFrame) error {
 	if err := f.ForeachSetting(sc.processSetting); err != nil {
 		return err
 	}
 +	// TODO: judging by RFC 7540, Section 6.5.3 each SETTINGS frame should be
 +	// acknowledged individually, even if multiple are received before the ACK.
 	sc.needToSendSettingsAck = true
 	sc.scheduleFrameWrite()
 	return nil
@@ -9476,7 +9506,7 @@ type http2WriteScheduler interface {
 	// Pop dequeues the next frame to write. Returns false if no frames can
 	// be written. Frames with a given wr.StreamID() are Pop'd in the same
 -	// order they are Push'd.
 +	// order they are Push'd. No frames should be discarded except by CloseStream.
 	Pop() (wr http2FrameWriteRequest, ok bool)
 }
@@ -9520,6 +9550,12 @@ func (wr http2FrameWriteRequest) StreamID() uint32 {
 	return wr.stream.id
 }
 +// isControl reports whether wr is a control frame for MaxQueuedControlFrames
 +// purposes. That includes non-stream frames and RST_STREAM frames.
 +func (wr http2FrameWriteRequest) isControl() bool {
 +	return wr.stream == nil
 +}
 +
 // DataSize returns the number of flow control bytes that must be consumed
 // to write this entire frame. This is 0 for non-DATA frames.
 func (wr http2FrameWriteRequest) DataSize() int {
 -- 
 1.9.4
--- a/go1.11.src.tar.gz
+++ b/go1.11.src.tar.gz