mirrors/utls
1
0
Fork 0
mirror of https://github.com/refraction-networking/utls.git synced 2025-04-03 20:17:36 +03:00
Code Issues Projects Releases Packages Wiki Activity

improvement: maintenance+cleanup+fix (#252)

Browse source 
* ci: use latest Go 1.21 build

Use `1.21.x` instead of `1.21.0` to automatically select the latest.

* fix: remove unused fipsonly package

Remove an unused package that was unintendedly introduced as a conditional dependency of upstream

* update: use boring package not global var

Align with the upstream to use `boring` as a name for a package. No functional changes.

* new: name aliasing

Create u_alias.go to hold any alias names created by version upgrades or other necessary changes (e.g., upstream breaking change) to prevent further breaking the API.
This commit is contained in:
Gaukas Wang 2023-10-09 21:02:26 -06:00 committed by GitHub
parent 428ca2ca29
commit e89d82cd69
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 30 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/go.yml vendored
View file

@ -15,7 +15,7 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
os: [ "ubuntu-latest", "windows-latest", "macos-latest" ] os: [ "ubuntu-latest", "windows-latest", "macos-latest" ]
go: [ "1.20.x", "1.21.0" ] go: [ "1.20.x", "1.21.x" ]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v3

1
cipher_suites.go
View file

@ -19,6 +19,7 @@ import (
"hash" "hash"
"runtime" "runtime"
"github.com/refraction-networking/utls/internal/boring"
"golang.org/x/sys/cpu" "golang.org/x/sys/cpu"
"golang.org/x/crypto/chacha20poly1305" "golang.org/x/crypto/chacha20poly1305"

29
fipsonly/fipsonly.go
View file

@ -1,29 +0,0 @@
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build boringcrypto
// Package fipsonly restricts all TLS configuration to FIPS-approved settings.
//
// The effect is triggered by importing the package anywhere in a program, as in:
//
// import _ "crypto/tls/fipsonly"
//
// This package only exists when using Go compiled with GOEXPERIMENT=boringcrypto.
package fipsonly
// This functionality is provided as a side effect of an import to make
// it trivial to add to an existing program. It requires only a single line
// added to an existing source file, or it can be done by adding a whole
// new source file and not modifying any existing source files.
import (
"crypto/internal/boring/fipstls"
"crypto/internal/boring/sig"
)
func init() {
fipstls.Force()
sig.FIPSOnly()
}

18
fipsonly/fipsonly_test.go
View file

@ -1,18 +0,0 @@
// Copyright 2017 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//go:build boringcrypto
package fipsonly
import (
"crypto/internal/boring/fipstls"
"testing"
)
func Test(t *testing.T) {
if !fipstls.Required() {
t.Fatal("fipstls.Required() = false, must be true")
}
}

16
internal/boring/notboring.go Normal file
View file

@ -0,0 +1,16 @@
package boring
import (
"crypto/cipher"
"errors"
)
const Enabled bool = false
func NewGCMTLS(_ cipher.Block) (cipher.AEAD, error) {
return nil, errors.New("boring not implemented")
}
func Unreachable() {
// do nothing
}

22
notboring.go
View file

@ -3,11 +3,6 @@
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
package tls package tls
import (
"crypto/cipher"
"errors"
)
func needFIPS() bool { return false } func needFIPS() bool { return false }
func supportedSignatureAlgorithms() []SignatureScheme { func supportedSignatureAlgorithms() []SignatureScheme {
@ -20,20 +15,3 @@ func fipsCurvePreferences(c *Config) []CurveID { panic("fipsCurvePreferences") }
func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") } func fipsCipherSuites(c *Config) []uint16 { panic("fipsCipherSuites") }
var fipsSupportedSignatureAlgorithms []SignatureScheme var fipsSupportedSignatureAlgorithms []SignatureScheme
// [uTLS]
// Boring struct is only to be used to record static env variables
// in boring package. We do not implement BoringSSL compatibliity here.
type Boring struct {
Enabled bool
}
func (*Boring) NewGCMTLS(_ cipher.Block) (cipher.AEAD, error) {
return nil, errors.New("boring not implemented")
}
func (*Boring) Unreachable() {
// do nothing
}
var boring Boring

12
u_alias.go Normal file
View file

@ -0,0 +1,12 @@
package tls
// This file contains all the alias functions, symbols, names, etc. that
// was once used in the old version of the library. This is to ensure
// backwards compatibility with the old version of the library.
// TLS Extensions
// UtlsExtendedMasterSecretExtension is an alias for ExtendedMasterSecretExtension.
//
// Deprecated: Use ExtendedMasterSecretExtension instead.
type UtlsExtendedMasterSecretExtension = ExtendedMasterSecretExtension