mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-03 20:17:36 +03:00
41 commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Gaukas Wang
|
bd8fe35ca1
|
🔀 update: Merge 'upstream:release-branch.go1.22'
Merge upstream using a real merge commit. Signed-off-by: Gaukas Wang <i@gaukas.wang> |
||
cui fliter
|
59d4a9c7c4 |
crypto: add available godoc link
Change-Id: Ifc669399dde7d6229c6ccdbe29611ed1f8698fb1 Reviewed-on: https://go-review.googlesource.com/c/go/+/534778 Reviewed-by: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Ian Lance Taylor <iant@google.com> Run-TryBot: shuang cui <imcusg@gmail.com> TryBot-Result: Gopher Robot <gobot@golang.org> Auto-Submit: Ian Lance Taylor <iant@google.com> |
||
Gaukas Wang
|
6c1a910019 |
uTLS: X25519Kyber768Draft00 hybrid post-quantum key agreement by cloudflare/go (#222)
* crypto/tls: Add hybrid post-quantum key agreement (#13) * import: client-side KEM from cloudflare/go * import: server-side KEM from cloudflare/go * fix: modify test to get rid of CFEvents. Note: uTLS does not promise any server-side functionality, and this change is made to be able to conduct unit tests which requires both side to be able to handle KEM Curves. Co-authored-by: Christopher Wood <caw@heapingbits.net> Co-Authored-By: Bas Westerbaan <bas@westerbaan.name> ---- Based on: * crypto/tls: Add hybrid post-quantum key agreement Adds X25519Kyber512Draft00, X25519Kyber768Draft00, and P256Kyber768Draft00 hybrid post-quantum key agreements with temporary group identifiers. The hybrid post-quantum key exchanges uses plain X{25519,448} instead of HPKE, which we assume will be more likely to be adopted. The order is chosen to match CECPQ2. Not enabled by default. Adds CFEvents to detect `HelloRetryRequest`s and to signal which key agreement was used. Co-authored-by: Christopher Wood <caw@heapingbits.net> [bas, 1.20.1: also adds P256Kyber768Draft00] [pwu, 1.20.4: updated circl to v1.3.3, moved code to cfevent.go] * crypto: add support for CIRCL signature schemes * only partially port the commit from cloudflare/go. We would stick to the official x509 at the cost of incompatibility. Co-Authored-By: Bas Westerbaan <bas@westerbaan.name> Co-Authored-By: Christopher Patton <3453007+cjpatton@users.noreply.github.com> Co-Authored-By: Peter Wu <peter@lekensteyn.nl> * crypto/tls: add new X25519Kyber768Draft00 code point Ported from cloudflare/go to support the upcoming new post-quantum keyshare. ---- * Point tls.X25519Kyber768Draft00 to the new 0x6399 identifier while the old 0xfe31 identifier is available as tls.X25519Kyber768Draft00Old. * Make sure that the kem.PrivateKey can always be mapped to the CurveID that was linked to it. This is needed since we now have two ID aliasing to the same scheme, and clients need to be able to detect whether the key share presented by the server actually matches the key share that the client originally sent. * Update tests, add the new identifier and remove unnecessary code. Link: https://mailarchive.ietf.org/arch/msg/tls/HAWpNpgptl--UZNSYuvsjB-Pc2k/ Link: https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00/02/ Co-Authored-By: Peter Wu <peter@lekensteyn.nl> Co-Authored-By: Bas Westerbaan <bas@westerbaan.name> --------- Co-authored-by: Bas Westerbaan <bas@westerbaan.name> Co-authored-by: Christopher Patton <3453007+cjpatton@users.noreply.github.com> Co-authored-by: Peter Wu <peter@lekensteyn.nl> |
||
|
Gaukas Wang
|
54f1f4e2f9
|
Sync upstream crypto/tls (#120)
* Merge Upstream (#4) * crypto/rand, internal/syscall/unix: add support for getrandom syscall on solaris The getrandom syscall is available on Solaris and Illumos, see https://docs.oracle.com/cd/E88353_01/html/E37841/getrandom-2.html and https://illumos.org/man/2/getrandom Change-Id: Id1c65d6a5b2fbc80d20b43d8b32dab137ca950ca Reviewed-on: https://go-review.googlesource.com/c/go/+/299134 Trust: Tobias Klauser <tobias.klauser@gmail.com> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> * docs: clarify when APIs use context.Background. The Go standard library retrofitted context support onto existing APIs using context.Background and later offered variants that directly supported user-defined context value specification. This commit makes that behavior clear in documentation and suggests context-aware alternatives if the user is looking for one. An example motivation is supporting code for use in systems that expect APIs to be cancelable for lifecycle correctness or load shedding/management reasons, as alluded to in https://blog.golang.org/context-and-structs. Updates #44143 Change-Id: I2d7f954ddf9b48264d5ebc8d0007058ff9bddf14 Reviewed-on: https://go-review.googlesource.com/c/go/+/296152 Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Jean de Klerk <deklerk@google.com> Trust: Jean de Klerk <deklerk@google.com> Run-TryBot: Jean de Klerk <deklerk@google.com> TryBot-Result: Go Bot <gobot@golang.org> * cmd: move GOEXPERIMENT knob from make.bash to cmd/go This CL changes GOEXPERIMENT to act like other GO[CONFIG] environment variables. Namely, that it can be set at make.bash time to provide a default value used by the toolchain, but then can be manually set when running either cmd/go or the individual tools (compiler, assembler, linker). For example, it's now possible to test rsc.io/tmp/fieldtrack by simply running: GOEXPERIMENT=fieldtrack go test -gcflags=-l rsc.io/tmp/fieldtrack \ -ldflags=-k=rsc.io/tmp/fieldtrack.tracked without needing to re-run make.bash. (-gcflags=-l is needed because the compiler's inlining abilities have improved, so calling a function with a for loop is no longer sufficient to suppress inlining.) Fixes #42681. Change-Id: I2cf8995d5d0d05f6785a2ee1d3b54b2cfb3331ca Reviewed-on: https://go-review.googlesource.com/c/go/+/300991 Trust: Matthew Dempsky <mdempsky@google.com> Run-TryBot: Matthew Dempsky <mdempsky@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Bryan C. Mills <bcmills@google.com> * internal/poll: fix some grammar errors Change-Id: I25a6424bce9d372fa46e8bdd856095845d3397bf Reviewed-on: https://go-review.googlesource.com/c/go/+/300889 Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> * all: remove duplicate words Change-Id: Ib0469232a2b69a869e58d5d24990ad74ac96ea56 GitHub-Last-Rev: eb38e049ee1e773392ff3747e1eb2af20dd50dcd GitHub-Pull-Request: golang/go#44805 Reviewed-on: https://go-review.googlesource.com/c/go/+/299109 Trust: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Bryan C. Mills <bcmills@google.com> * all: add internal/itoa package This replaces five implementations scattered across low level packages. (And I plan to use it in a sixth soon.) Three of the five were byte-for-byte identical. Change-Id: I3bbbeeac63723a487986c912b604e10ad1e042f4 Reviewed-on: https://go-review.googlesource.com/c/go/+/301549 Trust: Josh Bleecher Snyder <josharian@gmail.com> Run-TryBot: Josh Bleecher Snyder <josharian@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> * internal/poll: eliminate the redundant type conversions of FD.Sysfd Change-Id: Ib75662f717320510319c696520e645f54eec97f7 Reviewed-on: https://go-review.googlesource.com/c/go/+/301569 Reviewed-by: Emmanuel Odeke <emmanuel@orijtech.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> * crypto/tls: add HandshakeContext method to Conn Adds the (*tls.Conn).HandshakeContext method. This allows us to pass the context provided down the call stack to eventually reach the tls.ClientHelloInfo and tls.CertificateRequestInfo structs. These contexts are exposed to the user as read-only via Context() methods. This allows users of (*tls.Config).GetCertificate and (*tls.Config).GetClientCertificate to use the context for request scoped parameters and cancellation. Replace uses of (*tls.Conn).Handshake with (*tls.Conn).HandshakeContext where appropriate, to propagate existing contexts. Fixes #32406 Change-Id: I259939c744bdc9b805bf51a845a8bc462c042483 Reviewed-on: https://go-review.googlesource.com/c/go/+/295370 Run-TryBot: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> * crypto/tls: remove flaky cancellation test This will be reintroduced again once the source of the flakiness has been determined and fixed. Fixes #45084 Change-Id: I6677b27fcd71e8c9bb8edbe8e3be70e5a271ebd3 Reviewed-on: https://go-review.googlesource.com/c/go/+/302569 Trust: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Run-TryBot: Katie Hockman <katie@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> * crypto/rand, internal/syscall/unix: add support for getentropy syscall on darwin The getentropy syscall is available on macOS since version 10.12, which is the minimum required version since Go 1.15. Change-Id: I294259af0b11df9669e4dc5fa891d2f2f039d91a Reviewed-on: https://go-review.googlesource.com/c/go/+/302489 Trust: Tobias Klauser <tobias.klauser@gmail.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> * [dev.fuzz] internal/fuzz: add minimization of []byte This works by minimizing for a maximum of one minute. We may consider making this customizable in the future. This only minimizes []byte inputs which caused a recoverable error. In the future, it should support minimizing other appopriate types, and minimizing types which caused non-recoverable errors (though this is much more expensive). The code in internal/fuzz/worker.go is copied from, or heavily inspired by, code originally authored by Dmitry Vyukov and Josh Bleecher Snyder as part of the go-fuzz project. Thanks to them for their contributions. See https://github.com/dvyukov/go-fuzz. Change-Id: I93dbac7ff874d6d0c1b9b9dda23930ae9921480c Reviewed-on: https://go-review.googlesource.com/c/go/+/298909 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * all: explode GOEXPERIMENT=regabi into 5 sub-experiments This separates GOEXPERIMENT=regabi into five sub-experiments: regabiwrappers, regabig, regabireflect, regabidefer, and regabiargs. Setting GOEXPERIMENT=regabi now implies the working subset of these (currently, regabiwrappers, regabig, and regabireflect). This simplifies testing, helps derisk the register ABI project, and will also help with performance comparisons. This replaces the -abiwrap flag to the compiler and linker with the regabiwrappers experiment. As part of this, regabiargs now enables registers for all calls in the compiler. Previously, this was statically disabled in regabiEnabledForAllCompilation, but now that we can control it independently, this isn't necessary. For #40724. Change-Id: I5171e60cda6789031f2ef034cc2e7c5d62459122 Reviewed-on: https://go-review.googlesource.com/c/go/+/302070 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> Reviewed-by: David Chase <drchase@google.com> * [dev.fuzz] testing: print logs and error messages when fuzzing Also improve the error messages for the use of testing.F functions inside the Fuzz function. Change-Id: I5fa48f8c7e0460a1da89a49a73e5af83c544e549 Reviewed-on: https://go-review.googlesource.com/c/go/+/298849 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz: reduce allocation in the mutator When mutating a byte slice, mutate in place, and only allocate once if the slice's capacity is less than the maximum size. mutateBytes already should not allocate; we check a post-condition that the slice's data pointer does not change. This speeds up the mutator from 4 ms per value to 200-600 ns. For example: goos: darwin goarch: amd64 pkg: internal/fuzz cpu: Intel(R) Core(TM) i7-8559U CPU @ 2.70GHz BenchmarkMutatorBytes/1-8 5908735 275.3 ns/op BenchmarkMutatorBytes/10-8 5198473 282.0 ns/op BenchmarkMutatorBytes/100-8 4304750 233.9 ns/op BenchmarkMutatorBytes/1000-8 4623988 295.2 ns/op BenchmarkMutatorBytes/10000-8 4252104 458.5 ns/op BenchmarkMutatorBytes/100000-8 1236751 950.8 ns/op PASS ok internal/fuzz 12.993s Change-Id: I4bf2a04be6c648ef440af2c62bf0ffa3d310172c Reviewed-on: https://go-review.googlesource.com/c/go/+/306675 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org> * all: update references to symbols moved from io/ioutil to io Update references missed in CL 263142. For #41190 Change-Id: I778760a6a69bd0440fec0848bdef539c9ccb4ee1 GitHub-Last-Rev: dda42b09fff36dc08ec1cdec50cc19e3da5058e5 GitHub-Pull-Request: golang/go#42874 Reviewed-on: https://go-review.googlesource.com/c/go/+/273946 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Trust: Cherry Zhang <cherryyz@google.com> * net: make ErrClosed and ParseError implement net.Error Fixes #45357 Change-Id: Iafd41fff232a89be4c88d4b1d66bc3c04d888bcc Reviewed-on: https://go-review.googlesource.com/c/go/+/307030 Trust: Ian Lance Taylor <iant@golang.org> Trust: Josh Bleecher Snyder <josharian@gmail.com> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Josh Bleecher Snyder <josharian@gmail.com> * [dev.fuzz] internal/fuzz: small bug fixes and refactors to minimization This fixes a few issues that were being masked since log statements weren't being printed to stdout. Now that they are, fix the bugs, and update the tests. Also includes a few small refactors which will make minimizing non-recoverable errors easier. Change-Id: Ie2fd2e5534b3980317e1e1f3fd8e04750988c17f Reviewed-on: https://go-review.googlesource.com/c/go/+/307810 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * internal/goexperiment,cmd: consolidate GOEXPERIMENTs into a new package Currently there's knowledge about the list of GOEXPERIMENTs in a few different places. This CL introduces a new package and consolidates the list into one place: the internal/goexperiment.Flags struct type. This package gives us a central place to document the experiments as well as the GOEXPERIMENT environment variable itself. It will also give us a place to put built-time constants derived from the enabled experiments. Now the objabi package constructs experiment names by reflecting over this struct type rather than having a separate list of these names (this is similar to how the compiler handles command-line flags and debug options). We also expose a better-typed API to the toolchain for propagating enabled experiments. Change-Id: I06e026712b59fe2bd7cd11a869aedb48ffe5a4b7 Reviewed-on: https://go-review.googlesource.com/c/go/+/307817 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com> * internal/goexperiment: consolidate experiment-enabled constants Currently, we have boolean and integral constants for GOEXPERIMENTs in various places. Consolidate these into automatically generated constants in the internal/goexperiment package. Change-Id: I42a49aba2a3b4c722fedea23a613162cd8a67bee Reviewed-on: https://go-review.googlesource.com/c/go/+/307818 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> Reviewed-by: Matthew Dempsky <mdempsky@google.com> * cmd/internal/objabi: make GOEXPERIMENT be a diff from default experiments Right now the rules around handling default-on experiments are complicated and a bit inconsistent. Notably, objabi.GOEXPERIMENT is set to a comma-separated list of enabled experiments, but this may not be the string a user should set the GOEXPERIMENT environment variable to get that list of experiments: if an experiment is enabled by default but gets turned off by GOEXPERIMENT, then the string we report needs to include "no"+experiment to capture that default override. This complication also seeps into the version string we print for "go tool compile -V", etc. This logic is further complicated by the fact that it only wants to include an experiment string if the set of experiments varies from the default. This CL rethinks how we handle default-on experiments. Now that experiment state is all captured in a struct, we can simplify a lot of this logic. objabi.GOEXPERIMENT will be set based on the delta from the default set of experiments, which reflects what a user would actually need to pass on the command line. Likewise, we include this delta in the "-V" output, which simplifies this logic because if there's nothing to show in the version string, the delta will be empty. Change-Id: I7ed307329541fc2c9f90edd463fbaf8e0cc9e8ee Reviewed-on: https://go-review.googlesource.com/c/go/+/307819 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com> * runtime,cmd/link: include GOEXPERIMENTs in runtime.Version(), "go version X" This adds the set of GOEXPERIMENTs to the build version if it differs from the default set of experiments. This exposes the experiment settings via runtime.Version() and "go version <binary>". Change-Id: I143dbbc50f66a4cf175469199974e18848075af6 Reviewed-on: https://go-review.googlesource.com/c/go/+/307820 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com> * [dev.fuzz] internal/fuzz: add stub for coverage This change only includes a stub for the function which will hook into the runtime to expose coverage instrumentation while we're fuzzing. Previously, we discussed an exported API named FuzzCoverage, but since this is within the internal/fuzz package, simply naming it coverage seems appropriate. Change-Id: Iba3240e53e0c4c434e937aa9bb1711a44fec9975 Reviewed-on: https://go-review.googlesource.com/c/go/+/308191 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> Reviewed-by: Matthew Dempsky <mdempsky@google.com> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz: add mutator for int types Assuming this works, will follow up with another CL that mutates other types. Change-Id: Id61acaacd56ca41e3be52e400f8f768672313bbb Reviewed-on: https://go-review.googlesource.com/c/go/+/308169 Trust: Katie Hockman <katie@golang.org> Trust: Jay Conrod <jayconrod@google.com> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz: implement coverage and trace instrumentation This CL makes two main changes to allow internal/fuzz to support -d=libfuzzer instrumentation: 1. It extends cmd/link to define _counters and _ecounters symbols so internal/fuzz can find the coverage counters. 2. It adds "trace" stub functions that implement the ABI expected by cmd/compile for comparison instrumentation. N.B., that -tags=libfuzzer should *not* be set, so that internal/fuzz's trace routines will be used instead of runtime's libfuzzer trampolines. Also, the current implementation doesn't support multi-module builds (i.e., compiling a Go program that spans multiple .so/.dll files). Presumably this isn't an issue, since "go test -fuzz" will need to recompile the binary with instrumentation anyway so it can make sure to always use a single-module build. But we can revisit this if necessary. Change-Id: I9b1619119ab7477bebcfd5988b4b60499a7ab0d7 Reviewed-on: https://go-review.googlesource.com/c/go/+/308289 Trust: Matthew Dempsky <mdempsky@google.com> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> Reviewed-by: Cherry Zhang <cherryyz@google.com> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> * [dev.fuzz] internal/fuzz: don't count time spent loading corpus The -fuzztime flag tells us how much time to spend fuzzing, not counting time spent running the seed corpus. We shouldn't count time spent loading the cache either. If the cache is large, the time limit may be exceeded before the coordinator starts the workers. Change-Id: If00435faa5d24aabdb9003ebb9337fa2e47f22b6 Reviewed-on: https://go-review.googlesource.com/c/go/+/307310 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: improve cancellation in worker event loops worker.runFuzzing now accepts a Context, used for cancellation instead of doneC (which is removed). This is passed down through workerClient RPC methods (ping, fuzz). workerClient RPC methods now wrap the call method, which handles marshaling and cancellation. Both workerClient.call and workerServer.serve should return quickly when their contexts are cancelled. Turns out, closing the pipe won't actually unblock a read on all platforms. Instead, we were falling back to SIGKILL in worker.stop, which works but takes longer than necessary. Also fixed missing newline in log message. Change-Id: I7b5ae54d6eb9afd6361a07759f049f048952e0cc Reviewed-on: https://go-review.googlesource.com/c/go/+/303429 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] testing: let -fuzztime specify a number of executions -fuzztime now works similarly to -benchtime: if it's given a string with an "x" suffix (as opposed to "s" or some other unit of duration), the fuzzing system will generate and run a maximum number of values. This CL also implements tracking and printing counts, since most of the work was already done. Change-Id: I013007984b5adfc1a751c379dc98c8d46b4a97e9 Reviewed-on: https://go-review.googlesource.com/c/go/+/306909 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] testing: support T.Parallel in fuzz functions While running the seed corpus, T.Parallel acts like it does in subtests started with T.Run: it blocks until all other non-parallel subtests have finished, then unblocks when the barrier chan is closed. A semaphore (t.context.waitParallel) limits the number of tests that run concurrently (determined by -test.parallel). While fuzzing, T.Parallel has no effect, other than asserting that it can't be called multiple times. We already run different inputs in concurrent processes, but we can't run inputs concurrently in the same process if we want to attribute crashes to specific inputs. Change-Id: I2bac08e647e1d92ea410c83c3f3558a033fe3dd1 Reviewed-on: https://go-review.googlesource.com/c/go/+/300449 Trust: Jay Conrod <jayconrod@google.com> Run-TryBot: Jay Conrod <jayconrod@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: move CoordinateFuzzing args into struct type This improves readability a bit, and it should help with compatibility for future clients when arguments are added or reordered. Unfortunately, testing still can't import internal/fuzz, so the interface there can't use this type. Change-Id: I4cda2347884defcbbfc2bd01ab5b4a901d91549c Reviewed-on: https://go-review.googlesource.com/c/go/+/308192 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org> * all: fix spellings This follows the spelling choices that the Go project has made for English words. https://github.com/golang/go/wiki/Spelling Change-Id: Ie7c586d2cf23020cb492cfff58c0831d2d8d3a78 GitHub-Last-Rev: e16a32cd225a275f73d236bcb33703986d110ded GitHub-Pull-Request: golang/go#45442 Reviewed-on: https://go-review.googlesource.com/c/go/+/308291 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Trust: Emmanuel Odeke <emmanuel@orijtech.com> * internal/poll: fix the intermittent build failures with pipe pool Correlative CL 308089 Fixes #45059 Change-Id: I1ff9fbf64e6620d651f287ba2a28d40f964d78a3 Reviewed-on: https://go-review.googlesource.com/c/go/+/308329 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Trust: Emmanuel Odeke <emmanuel@orijtech.com> * internal/poll: ensure that newPoolPipe doesn't return a nil pointer The function could occasionally return a nil pointer as a non-nil interface, confusing the calling code. Fixes #45520 Change-Id: Ifd35613728efa2cee9903177e85d369155074804 Reviewed-on: https://go-review.googlesource.com/c/go/+/309429 Trust: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> Reviewed-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> Reviewed-by: Andy Pan <panjf2000@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> * [dev.fuzz] internal/fuzz: allow float types to be integer literals Previously, something like `float64(0)` would fail to decode since the 0 value is considered an integer literal, and the float64 parsing code required a float literal. Be more flexible here since an integer can always be converted to a float. Change-Id: Id1c53ef2e8a9748a4f71176b00b453a329af4ade Reviewed-on: https://go-review.googlesource.com/c/go/+/309032 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz: mutate other types Change-Id: I8042c17268aca0a9bb2f692317207bb864b18680 Reviewed-on: https://go-review.googlesource.com/c/go/+/309033 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * internal/execabs: replace ioutil.WriteFile with os.WriteFile Fixes #45532. Change-Id: I844acd50d6fa1ce918969bbb52f79dd7412d289f Reviewed-on: https://go-review.googlesource.com/c/go/+/309350 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Trust: Tobias Klauser <tobias.klauser@gmail.com> * runtime: move next_gc and last_next_gc into gcControllerState This change moves next_gc and last_next_gc into gcControllerState under the names heapGoal and lastHeapGoal respectively. These are fundamentally GC pacer related values, and so it makes sense for them to live here. Partially generated by rf ' ex . { memstats.next_gc -> gcController.heapGoal memstats.last_next_gc -> gcController.lastHeapGoal } ' except for updates to comments and gcControllerState methods, where they're accessed through the receiver, and trace-related renames of NextGC -> HeapGoal, while we're here. For #44167. Change-Id: I1e871ad78a57b01be8d9f71bd662530c84853bed Reviewed-on: https://go-review.googlesource.com/c/go/+/306603 Trust: Michael Knyszek <mknyszek@google.com> Run-TryBot: Michael Knyszek <mknyszek@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Pratt <mpratt@google.com> * internal/bytealg: port more performance-critical functions to ABIInternal CL 308931 ported several runtime assembly functions to ABIInternal so that compiler-generated ABIInternal calls don't go through ABI wrappers, but it missed the runtime assembly functions that are actually defined in internal/bytealg. This eliminates the cost of wrappers for the BleveQuery and GopherLuaKNucleotide benchmarks, but there's still more to do for Tile38. 0-base 1-wrappers sec/op sec/op vs base BleveQuery 6.507 ± 0% 6.477 ± 0% -0.46% (p=0.004 n=20) GopherLuaKNucleotide 30.39 ± 1% 30.34 ± 0% ~ (p=0.301 n=20) Tile38IntersectsCircle100kmRequest 1.038m ± 1% 1.080m ± 2% +4.03% (p=0.000 n=20) For #40724. Change-Id: I0b722443f684fcb997b1d70802c5ed4b8d8f9829 Reviewed-on: https://go-review.googlesource.com/c/go/+/310184 Trust: Austin Clements <austin@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Cherry Zhang <cherryyz@google.com> * bytes: add asm implementation for index on ppc64x This adds an asm implementation of index on ppc64le and ppc64. It results in a significant improvement in some of the benchmarks that use bytes.Index. The implementation is based on a port of the s390x asm implementation. Comments on the design are found with the code. The following improvements occurred on power8: Index/10 70.7ns ± 0% 18.8ns ± 0% -73.4 Index/32 165ns ± 0% 95ns ± 0% -42.6 Index/4K 9.23µs ± 0% 4.91µs ± 0% -46 Index/4M 9.52ms ± 0% 5.10ms ± 0% -46.4 Index/64M 155ms ± 0% 85ms ± 0% -45.1 Count/10 83.0ns ± 0% 32.1ns ± 0% -61.3 Count/32 178ns ± 0% 109ns ± 0% -38.8 Count/4K 9.24µs ± 0% 4.93µs ± 0% -46 Count/4M 9.52ms ± 0% 5.10ms ± 0% -46.4 Count/64M 155ms ± 0% 85ms ± 0% -45.1 IndexHard1 2.36ms ± 0% 0.13ms ± 0% -94.4 IndexHard2 2.36ms ± 0% 1.28ms ± 0% -45.8 IndexHard3 2.36ms ± 0% 1.19ms ± 0% -49.4 IndexHard4 2.36ms ± 0% 2.35ms ± 0% -0.1 CountHard1 2.36ms ± 0% 0.13ms ± 0% -94.4 CountHard2 2.36ms ± 0% 1.28ms ± 0% -45.8 CountHard3 2.36ms ± 0% 1.19ms ± 0% -49.4 IndexPeriodic/IndexPeriodic2 146µs ± 0% 8µs ± 0% -94 IndexPeriodic/IndexPeriodic4 146µs ± 0% 8µs ± 0% -94 Change-Id: I7dd2bb7e278726e27f51825ca8b2f8317d460e60 Reviewed-on: https://go-review.googlesource.com/c/go/+/309730 Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com> Reviewed-by: Paul Murphy <murp@ibm.com> Reviewed-by: Carlos Eduardo Seo <carlos.seo@linaro.org> Trust: Carlos Eduardo Seo <carlos.seo@linaro.org> Trust: Lynn Boger <laboger@linux.vnet.ibm.com> * internal/goexperiment: move baseline configuration to objabi We need to adjust baseline experiment configuration based on the configured GOOS and GOARCH, so it can't live in goexperiment. Move it to objabi. Change-Id: I65f4ce56902c6c1a82735050773c58f2d1320cc6 Reviewed-on: https://go-review.googlesource.com/c/go/+/310169 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> * internal/buildcfg: move build configuration out of cmd/internal/objabi The go/build package needs access to this configuration, so move it into a new package available to the standard library. Change-Id: I868a94148b52350c76116451f4ad9191246adcff Reviewed-on: https://go-review.googlesource.com/c/go/+/310731 Trust: Russ Cox <rsc@golang.org> Run-TryBot: Russ Cox <rsc@golang.org> Reviewed-by: Austin Clements <austin@google.com> Reviewed-by: Jay Conrod <jayconrod@google.com> * crypto/tls: fix flaky handshake cancellation tests Simplified both tests significantly by removing logic for writing the client/server side messages. The flake was likely because of a race between the closing of the local pipe from inside the test and closing of the pipe from within the handshakeContext goroutine. Wait to close the local pipe in the test until after the test has finished running. Fixes #45106 Fixes #45299 Change-Id: If7ca75aeff7df70cda03c934fa9d8513276d465d Reviewed-on: https://go-review.googlesource.com/c/go/+/305250 Trust: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> * [dev.fuzz] internal/fuzz: minimize non-recoverable errors Assuming that this works for non-recoverable errors, there will likely be a follow-up CL which refactors the minimization for recoverable errors to use the same RPC flow (since that more easily allows the worker to tell the coordinator that it's minimizing and shouldn't send more inputs to other workers to fuzz). Change-Id: I32ac7cec4abe2d4c345c0ee77315233047efb1fb Reviewed-on: https://go-review.googlesource.com/c/go/+/309509 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * internal/buildcfg: make regabi an alias for regabi sub-experiments Currently, specifying GOEXPERIMENT=regabi will turn on all regabi sub-experiments, but GOEXPERIMENT=noregabi won't turn anything off. Regabi also isn't a "real" experiment in the sense that nothing in the code base should depend on it as an experiment flag (it should depend on the appropriate sub-experiments). Hence, drop Regabi from goexperiment.Flags and make "regabi" in GOEXPERIMENT be a real alias for all of the sub-flags, so regabi will turn on all of the sub-flags and noregabi will turn off all of the sub-flags. This way, once we enable the sub-experiments in the baseline configuration, it will be easy to turn off with "noregabi". For #40724. Change-Id: I0fb95be42f756d412e729a396be607d629ae2bab Reviewed-on: https://go-review.googlesource.com/c/go/+/310609 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/buildcfg: make regabi enable regabiargs For #40724. Change-Id: I6e9d7eb91883857479699972a974a39ce3d9d2cc Reviewed-on: https://go-review.googlesource.com/c/go/+/310849 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/buildcfg: enable regabiwrappers by default For #40724. Change-Id: I75d6ba2d3e4e2d858eea8053efd0f3fd4439dab7 Reviewed-on: https://go-review.googlesource.com/c/go/+/310172 Trust: Austin Clements <austin@google.com> Trust: Russ Cox <rsc@golang.org> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/buildcfg: enable regabig by default For #40724. Change-Id: Ibf4ff8b24b501813839657ac195b909682ac7d0b Reviewed-on: https://go-review.googlesource.com/c/go/+/310173 Trust: Austin Clements <austin@google.com> Trust: Russ Cox <rsc@golang.org> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * net: pass MSG_CMSG_CLOEXEC flag in ReadMsgUnix As mentioned in #42765, calling "recvmsg" syscall on Linux should come with "MSG_CMSG_CLOEXEC" flag. For other systems which not supports "MSG_CMSG_CLOEXEC". ReadMsgUnix() would check the header. If the header type is "syscall.SCM_RIGHTS", then ReadMsgUnix() would parse the SocketControlMessage and call each fd with "syscall.CloseOnExec" Fixes #42765 Change-Id: I74347db72b465685d7684bf0f32415d285845ebb GitHub-Last-Rev: ca59e2c9e0e8de1ae590e9b6dc165cb768a574f5 GitHub-Pull-Request: golang/go#42768 Reviewed-on: https://go-review.googlesource.com/c/go/+/272226 Trust: Emmanuel Odeke <emmanuel@orijtech.com> Run-TryBot: Emmanuel Odeke <emmanuel@orijtech.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com> * internal/buildcfg: enable regabireflect by default For #40724. Change-Id: Ib3e4a67c3826176f0d51619754270022344ee194 Reviewed-on: https://go-review.googlesource.com/c/go/+/310174 Trust: Austin Clements <austin@google.com> Trust: Russ Cox <rsc@golang.org> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/buildcfg: enable regabidefer by default For #40724. Change-Id: If3a66c0e29cb20dd29ac13c8d00aa46ee279ab97 Reviewed-on: https://go-review.googlesource.com/c/go/+/310175 Trust: Austin Clements <austin@google.com> Trust: Russ Cox <rsc@golang.org> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/buildcfg: enable regabiargs by default For #40724. Change-Id: I7509668478d20dd625f210e5a33f5d896a76d6b5 Reviewed-on: https://go-review.googlesource.com/c/go/+/310176 Trust: Austin Clements <austin@google.com> Trust: Russ Cox <rsc@golang.org> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/poll, net: fix comments regarding accept and sysSocket The implementation of accept was moved from package net to internal/poll in CL 36799. Change-Id: I6e5964e0ee22e9c84bc444860cdd497817451fec Reviewed-on: https://go-review.googlesource.com/c/go/+/311571 Trust: Tobias Klauser <tobias.klauser@gmail.com> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> * internal/bytealg: add power9 version of bytes index This adds a power9 version of the bytes.Index function for little endian. Here is the improvement on power9 for some of the Index benchmarks: Index/10 -0.14% Index/32 -3.19% Index/4K -12.66% Index/4M -13.34% Index/64M -13.17% Count/10 -0.59% Count/32 -2.88% Count/4K -12.63% Count/4M -13.35% Count/64M -13.17% IndexHard1 -23.03% IndexHard2 -13.01% IndexHard3 -22.12% IndexHard4 +0.16% CountHard1 -23.02% CountHard2 -13.01% CountHard3 -22.12% IndexPeriodic/IndexPeriodic2 -22.85% IndexPeriodic/IndexPeriodic4 -23.15% Change-Id: Id72353e2771eba2efbb1544d5f0be65f8a9f0433 Reviewed-on: https://go-review.googlesource.com/c/go/+/311380 Run-TryBot: Carlos Eduardo Seo <carlos.seo@linaro.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Carlos Eduardo Seo <carlos.seo@linaro.org> Trust: Lynn Boger <laboger@linux.vnet.ibm.com> * cmd/compile, internal/abi: add FuncPCABIxxx intrinsics When ABI wrappers are used, there are cases where in Go code we need the PC of the defined function instead of the ABI wrapper. Currently we work around this by define such functions as ABIInternal, even if they do not actually follow the internal ABI. This CL introduces internal/abi.FuncPCABIxxx functions as compiler intrinsics, which return the underlying defined function's entry PC if the argument is a direct reference of a function of the expected ABI, and reject it if it is of a different ABI. As a proof of concept, change runtime.goexit back to ABI0 and use internal/abi.FuncPCABI0 to retrieve its PC. Updates #44065. Change-Id: I02286f0f9d99e6a3090f9e8169dbafc6804a2da6 Reviewed-on: https://go-review.googlesource.com/c/go/+/304232 Trust: Cherry Zhang <cherryyz@google.com> Run-TryBot: Cherry Zhang <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Than McIntosh <thanm@google.com> * [dev.fuzz] internal/fuzz: allow setting pcg seed via GODEBUG Format is "fuzzseed=123". Change-Id: Idb314270c8fd4307149c8503e13424b653ec4b0a Reviewed-on: https://go-review.googlesource.com/c/go/+/313651 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: add extra []byte mutators Adds four []byte mutators which: * insert a chunk of constant bytes * overwirtes a chunk with constant bytes * shuffle a range of bytes * swaps two chunks Also updates the 'set byte to random value' mutator to use XOR in order to avoid a no-op. Additionally updates the rng call which chooses the []byte mutators so all the available mutators are used. Change-Id: I0703518922952f4b1c81b19b196ee91c73b0d5f8 Reviewed-on: https://go-review.googlesource.com/c/go/+/313270 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * internal/buildcfg: enable regabi for Android This will permit us to write ABIInternal assembler code for linux-amd64. For #40724 Change-Id: I681866651554eda4229d6faa7f0c1ba42d07e57d Reviewed-on: https://go-review.googlesource.com/c/go/+/315390 Trust: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Cherry Zhang <cherryyz@google.com> * internal/syscall/unix: use internal/abi.FuncPC for syscall wrapper Following CL 313230, this is for internal/syscall/unix package. Updates #45702. Change-Id: Ie6d8c1923dfeae56896212393c5c2a6e257648d2 Reviewed-on: https://go-review.googlesource.com/c/go/+/316649 Trust: Cherry Zhang <cherryyz@google.com> Run-TryBot: Cherry Zhang <cherryyz@google.com> Reviewed-by: Than McIntosh <thanm@google.com> TryBot-Result: Go Bot <gobot@golang.org> * internal/buildcfg: set Error instead of panicking All build environment validation sets Error except for the GOEXPERIMENT parser, which panics. Change it to also set Error so that a bad GOEXPERIMENT doesn't cause everything that imports internal/buildcfg to panic on init. Change-Id: Ie9a506ef0978ecb410f2dcd784638f2167354175 Reviewed-on: https://go-review.googlesource.com/c/go/+/310970 Trust: Austin Clements <austin@google.com> Run-TryBot: Austin Clements <austin@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz: don't panic if types change There was a bug where if the types to fuzz were different from the types in a file in the on-disk corpus, then the code would panic. We thought this case was handled, but the final `continue` in the nested loop still allowed the invalid entry to be added to the corpus. Pulling the validation into a helper function makes this less brittle. Change-Id: I401346f890ea30ab7cff9640cb555da2e3ff8cc6 Reviewed-on: https://go-review.googlesource.com/c/go/+/313810 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * crypto/tls: enforce ALPN overlap when negotiated on both sides During the TLS handshake if the server doesn't support any of the application protocols requested by the client, send the no_application_protocol alert and abort the handshake on the server side. This enforces the requirements of RFC 7301. Change-Id: Iced2bb5c6efc607497de1c40ee3de9c2b393fa5d Reviewed-on: https://go-review.googlesource.com/c/go/+/289209 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> * internal/poll: cast off the last reference of SplicePipe in test Updates #45059 Change-Id: I9f377abcc7b77136ae6cf4896b968f73c758b559 Reviewed-on: https://go-review.googlesource.com/c/go/+/317510 Reviewed-by: Bryan C. Mills <bcmills@google.com> Reviewed-by: Ian Lance Taylor <iant@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Go Bot <gobot@golang.org> * [dev.fuzz] testing,internal/fuzz: prevent unbounded memory growth Usage of f.testContext.match.fullName to generate the test name causes unbounded memory growth, eventually causing the fuzzer to slow down as memory pressure increases. Each time fuzzFn is invoked it generates a unique string and stores it in a map. With the fuzzer running at around 100k executions per second this consumed around ~30GB of memory in a handful of minutes. Instead just use the base name of the test for mutated inputs, a special name for seeded inputs, and the filename for inputs from the input corpus. Change-Id: I083f47df7e82f0c6b0bda244f158233784a13029 Reviewed-on: https://go-review.googlesource.com/c/go/+/316030 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * crypto/tls: make cipher suite preference ordering automatic We now have a (well, two, depending on AES hardware support) universal cipher suite preference order, based on their security and performance. Peer and application lists are now treated as filters (and AES hardware support hints) that are applied to this universal order. This removes a complex and nuanced decision from the application's responsibilities, one which we are better equipped to make and which applications usually don't need to have an opinion about. It also lets us worry less about what suites we support or enable, because we can be confident that bad ones won't be selected over good ones. This also moves 3DES suites to InsecureCipherSuites(), even if they are not disabled by default. Just because we can keep them as a last resort it doesn't mean they are secure. Thankfully we had not promised that Insecure means disabled by default. Notable test changes: - TestCipherSuiteCertPreferenceECDSA was testing that we'd pick the right certificate regardless of CipherSuite ordering, which is now completely ignored, as tested by TestCipherSuitePreference. Removed. - The openssl command of TestHandshakeServerExportKeyingMaterial was broken for TLS 1.0 in CL 262857, but its golden file was not regenerated, so the test kept passing. It now broke because the selected suite from the ones in the golden file changed. - In TestAESCipherReordering, "server strongly prefers AES-GCM" is removed because there is no way for a server to express a strong preference anymore; "client prefers AES-GCM and AES-CBC over ChaCha" switched to ChaCha20 when the server lacks AES hardware; and finally "client supports multiple AES-GCM" changed to always prefer AES-128 per the universal preference list. * this is going back on an explicit decision from CL 262857, and while that client order is weird and does suggest a strong dislike for ChaCha20, we have a strong dislike for software AES, so it didn't feel worth making the logic more complex - All Client-* golden files had to be regenerated because the ClientHello cipher suites have changed. (Even when Config.CipherSuites was limited to one suite, the TLS 1.3 default order changed.) Fixes #45430 Fixes #41476 (as 3DES is now always the last resort) Change-Id: If5f5d356c0f8d1f1c7542fb06644a478d6bad1e5 Reviewed-on: https://go-review.googlesource.com/c/go/+/314609 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Trust: Filippo Valsorda <filippo@golang.org> * cmd/compile,reflect: allow longer type names Encode the length of type names and tags in a varint encoding instead of a fixed 2-byte encoding. This allows lengths longer than 65535 (which can happen for large unnamed structs). Removed the alignment check for #14962, it isn't relevant any more since we're no longer reading pointers directly out of this data (it is encoded as an offset which is copied out bytewise). Fixes #44155 Update #14962 Change-Id: I6084f6027e5955dc16777c87b0dd5ea2baa49629 Reviewed-on: https://go-review.googlesource.com/c/go/+/318249 Trust: Keith Randall <khr@golang.org> Run-TryBot: Keith Randall <khr@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> * [dev.fuzz] internal/fuzz: use coverage instrumentation while fuzzing This change updates the go command behavior when fuzzing to instrument the binary for code coverage, and uses this coverage in the fuzzing engine to determine if an input is interesting. Unfortunately, we can't store and use the coverage data for a given run of `go test` and re-use it the next time we fuzz, since the edges could have changed between builds. Instead, every entry in the seed corpus and the on-disk corpus is run by the workers before fuzzing begins, so that the coordinator can get the baseline coverage for what the fuzzing engine has already found (or what the developers have already provided). Users should run `go clean -fuzzcache` before using this change, to clear out any existing "interesting" values that were in the cache. Previously, every single non-crashing input was written to the on-disk corpus. Now, only inputs that actually expand coverage are written. This change includes a small hack in cmd/go/internal/load/pkg.go which ensures that the Gcflags that were explicitly set in cmd/go/internal/test/test.go don't get cleared out. Tests will be added in a follow-up change, since they will be a bit more involved. Change-Id: Ie659222d44475c6d68fa4a35d37c37cab3619d71 Reviewed-on: https://go-review.googlesource.com/c/go/+/312009 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * all: add //go:build lines to assembly files Don't add them to files in vendor and cmd/vendor though. These will be pulled in by updating the respective dependencies. For #41184 Change-Id: Icc57458c9b3033c347124323f33084c85b224c70 Reviewed-on: https://go-review.googlesource.com/c/go/+/319389 Trust: Tobias Klauser <tobias.klauser@gmail.com> Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Russ Cox <rsc@golang.org> * [dev.fuzz] internal/fuzz: include coverage in logged stats Change-Id: I51ec70b69e802fd0d962ba9544e96e29b1627fef Reviewed-on: https://go-review.googlesource.com/c/go/+/319590 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: move coverage capture closer to function When instrumented packages intersect with the packages used by the testing or internal/fuzz packages the coverage counters become noisier, as counters will be triggered by non-fuzzed harness code. Ideally counters would be deterministic, as there are many advanced fuzzing strategies that require mutating the input while maintaining static coverage. The simplest way to mitigate this noise is to capture the coverage counters as closely as possible to the invocation of the fuzz target in the testing package. In order to do this add a new function which captures the current values of the counters, SnapshotCoverage. This function copies the current counters into a static buffer, coverageSnapshot, which workerServer.fuzz can then inspect when it comes time to check if new coverage has been found. This method is not foolproof. As the fuzz target is called in a goroutine, harness code can still cause counters to be incremented while the target is being executed. Despite this we do see significant reduction in churn via this approach. For example, running a basic target that causes strconv to be instrumented for 500,000 iterations causes ~800 unique sets of coverage counters, whereas by capturing the counters closer to the target we get ~40 unique sets. It may be possible to make counters completely deterministic, but likely this would require rewriting testing/F.Fuzz to not use tRunner in a goroutine, and instead use it in a blocking manner (which I couldn't figure out an obvious way to do), or by doing something even more complex. Change-Id: I95c2f3b1d7089c3e6885fc7628a0d3a8ac1a99cf Reviewed-on: https://go-review.googlesource.com/c/go/+/320329 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: make minimization tests more reliable * Introduced -fuzzminimizetime flag to control the number of time or the number of calls to spend minimizing. Defaults to 60s. Only works for unrecoverable crashes for now. * Moved the count (used by -fuzztime=1000x) into shared memory. Calling workerClient.fuzz resets it, but it will remain after the worker processes crashes. workerClient.minimize resets it once before restarting the worker the first time, but the total number of runs should still be limited during minimization, even after multiple terminations and restarts. * Renamed fuzzArgs.Count to Limit to avoid confusion. * Several other small fixes and refactorings. Change-Id: I03faa4c94405041f6dfe48568e5ead502f8dbbd2 Reviewed-on: https://go-review.googlesource.com/c/go/+/320171 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Jay Conrod <jayconrod@google.com> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.typeparams] internal/buildcfg: turn on register ABI on all AMD64 platforms Register ABI is already enabled by default on AMD64 on Linux (including Android), macOS, and Windows. This CL enables it on the rest, specifically, on FreeBSD, OpenBSD, NetBSD, DragonflyBSD, Solaris (including Illumos), iOS (simulator), and Plan 9. Change-Id: I80fa20c8bbc8d67b16a19f71b65422e890210ab5 Reviewed-on: https://go-review.googlesource.com/c/go/+/321332 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: David Chase <drchase@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> * [dev.fuzz] internal/fuzz: remove old TODO Change-Id: I997934ebcde0dee9017c85a0572597855d73cf64 Reviewed-on: https://go-review.googlesource.com/c/go/+/321569 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Roland Shoemaker <roland@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.typeparams] internal/buildcfg: enable defer/go wrapping everywhere For register ABI, we wrap deferred/go'd function with arguments or results in an argumentless closure, so the runtime can call the function without knowing how to marshal the arguments, or reserving frame for arguments and results. The wrapping mechanism works everywhere, regardless of whether the register ABI is used. And wrapping will simplify the compiler and runtime's implementation for defer and go calls. For example, the compiler will not need to marshal arguments for defer/go calls, the opendefer metadata will not need to contain argument information, and _defer record will be fixed-sized. Enable wrapping everywhere. Change-Id: I2032ba87249ceb686310dc640fb00696669ae912 Reviewed-on: https://go-review.googlesource.com/c/go/+/321958 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> TryBot-Result: Go Bot <gobot@golang.org> * Revert "[dev.fuzz] internal/fuzz: include coverage in logged stats" This reverts commit 54f067812dd870c305daabd22ca190b0f48e672e. Reason for revert: While this is helpful for the engineering team when we're debugging, it might lead to users feeling like the fuzzer is stuck and that there are a lot of edges that are still yet to be reached. In reality, it's very likely that the compiler will instrument more lines of code than are actually reachable by the fuzz target, so showing the ratio between number of edges hit vs. all edges can be misleading. In the future, we may want to consider making this information viewable by a debug flag or something similar. Change-Id: Ied696f8bf644445bad22c872b64daa7add605ac6 Reviewed-on: https://go-review.googlesource.com/c/go/+/322632 Trust: Katie Hockman <katie@golang.org> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.fuzz] internal/fuzz,testing: treat panics as recoverable And only log the last panic, not all of them, during minimization. This change makes the worker processes quiet, so now the only process that logs anything is the coordinator. This hides all of the panics caused during minimization of an input which causes a panic. This change also alters the usage of tRunner such that we now recover from recoverable panics instead of terminating the process. This results in larger stack traces, since we include a bit more of the trace within testing. There is a TODO to see if it's possible to slice the stack up so that it is somewhat more informative. Change-Id: Ic85eabd2e70b078412fbb88adf424a8da25af876 Reviewed-on: https://go-review.googlesource.com/c/go/+/321230 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.fuzz] internal/fuzz: support minimization of strings, integers, and floats Adds support for minimizing strings using the same logic as byte slices as well as minimizing both signed and unsigned integers and floats using extremely basic logic. A more complex approach is probably warranted in the future, but for now this should be _good enough_. Change-Id: Ibc6c3d6ae82685998f571aa2c1ecea2f85c2708b Reviewed-on: https://go-review.googlesource.com/c/go/+/320669 Trust: Roland Shoemaker <roland@golang.org> Trust: Katie Hockman <katie@golang.org> Run-TryBot: Roland Shoemaker <roland@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Reviewed-by: Jay Conrod <jayconrod@google.com> * [dev.typeparams] internal/abi: define ARM64 register ABI constants Change-Id: I9cdf0f2b6c1739f13a859a8e37351f8ecd77804a Reviewed-on: https://go-review.googlesource.com/c/go/+/323932 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> * [dev.typeparams] internal/buildcfg: allow regabi GOEXPERIMENTs on ARM64 It is not working yet, but allow enabling the experiments so we can develop. Change-Id: I957eb05acb4d80b2858ff1f8c16bbfb24e0f6e56 Reviewed-on: https://go-review.googlesource.com/c/go/+/323933 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: David Chase <drchase@google.com> * [dev.fuzz] internal/fuzz: notify coordinator for minimization When a worker process finds a crasher, it now sends that result directly to the coordinator without attempting to minimize it first. The coordinator stops sending new inputs and sends the unminimized crasher back to a worker (any worker) for minimization. This prevents wasted work during minimization and will help us implement -keepfuzzing later on. We may also be able to minimize interesting inputs with this approach later. Since panics are recoverable errors (they don't terminate worker processes), we no longer attempt to minimize non-recoverable errors. This didn't work too well before: we lost too much state. Change-Id: Id142c7e91a33f64584170b0d42d22cb1f22a92d7 Reviewed-on: https://go-review.googlesource.com/c/go/+/321835 Trust: Jay Conrod <jayconrod@google.com> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> * [dev.typeparams] internal/bytealg: call memeqbody directly in memequal_varlen on ARM64 Currently, memequal_varlen opens up a frame and call memequal, which then tail-calls memeqbody. This CL changes memequal_varlen tail-calls memeqbody directly. This makes it simpler to switch to the register ABI in the next CL. Change-Id: Ia1367c0abb7f4755fe736c404411793fb9e5c04f Reviewed-on: https://go-review.googlesource.com/c/go/+/324399 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> * [dev.typeparams] runtime, internal/bytealg: port performance-critical functions to register ABI on ARM64 This CL ports a few performance-critical assembly functions to use register arguments directly. This is similar to CL 308931 and CL 310184. Change-Id: I6e30dfff17f76b8578ce8cfd51de21b66610fdb0 Reviewed-on: https://go-review.googlesource.com/c/go/+/324400 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> Reviewed-by: Than McIntosh <thanm@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> TryBot-Result: Go Bot <gobot@golang.org> * [dev.typeparams] internal/buildcfg: turn on regabiwrappers by default on ARM64 Change-Id: I8db0a797a745630ec35af3e56406fcb250ea59fe Reviewed-on: https://go-review.googlesource.com/c/go/+/324768 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Than McIntosh <thanm@google.com> * [dev.typeparams] internal/buildcfg: turn on regabireflect by default on ARM64 Change-Id: I4a0a093b07a287cc3a3e0ee939e7ee82d8e9b1aa Reviewed-on: https://go-review.googlesource.com/c/go/+/324889 Trust: Cherry Mui <cherryyz@google.com> Run-TryBot: Cherry Mui <cherryyz@google.com> Reviewed-by: Michael Knyszek <mknyszek@google.com> Reviewed-by: Than McIntosh <thanm@google.com> TryBot-Result: Go Bot <gobot@golang.org> * [dev.typeparams] internal/buildcfg: turn on register ABI by default on ARM64 This CL enables all regabi experiments on ARM64 by default. regabiwrappers and regabireflect are enabled in the previous CLs. regabidefer is already enabled everywhere. regabig is no-op on ARM64 as it already has a G register. regabiargs is enabled in this CL. Go1 benchmarks results (GOEXPERIMENT=regabi vs. none, on macOS/ARM64): name old time/op new time/op delta BinaryTree17-8 1.20s ± 1% 1.02s ± 0% -15.08% (p=0.000 n=9+9) Fannkuch11-8 1.55s ± 0% 1.57s ± 0% +1.53% (p=0.000 n=9+8) FmtFprintfEmpty-8 22.5ns ± 3% 14.7ns ± 1% -34.47% (p=0.000 n=10+8) FmtFprintfString-8 38.4ns ± 0% 28.8ns ± 0% -24.99% (p=0.000 n=9+9) FmtFprintfInt-8 38.7ns ± 2% 34.5ns ± 0% -10.79% (p=0.000 n=10+7) FmtFprintfIntInt-8 61.1ns ± 1% 57.9ns ± 0% -5.23% (p=0.000 n=10+8) FmtFprintfPrefixedInt-8 69.9ns ± 0% 64.4ns ± 0% -7.78% (p=0.000 n=8+8) FmtFprintfFloat-8 106ns ± 0% 76ns ± 0% -28.12% (p=0.000 n=7+10) FmtManyArgs-8 273ns ± 0% 236ns ± 1% -13.57% (p=0.000 n=9+10) GobDecode-8 3.09ms ± 1% 2.02ms ± 0% -34.70% (p=0.000 n=9+10) GobEncode-8 2.45ms ± 1% 1.44ms ± 1% -41.26% (p=0.000 n=10+10) Gzip-8 128ms ± 0% 124ms ± 0% -2.89% (p=0.000 n=7+8) Gunzip-8 23.6ms ± 1% 19.8ms ± 0% -16.15% (p=0.000 n=10+9) HTTPClientServer-8 27.4µs ± 1% 26.3µs ± 0% -4.05% (p=0.000 n=10+10) JSONEncode-8 4.47ms ± 1% 3.45ms ± 1% -22.73% (p=0.000 n=10+9) JSONDecode-8 21.5ms ± 0% 17.2ms ± 0% -19.78% (p=0.000 n=9+9) Mandelbrot200-8 2.33ms ± 1% 2.33ms ± 1% ~ (p=0.842 n=9+10) GoParse-8 1.62ms ± 1% 1.32ms ± 1% -18.67% (p=0.000 n=10+10) RegexpMatchEasy0_32-8 33.1ns ± 0% 26.3ns ± 0% -20.50% (p=0.000 n=8+10) RegexpMatchEasy0_1K-8 121ns ± 6% 121ns ± 8% ~ (p=0.926 n=10+10) RegexpMatchEasy1_32-8 31.4ns ± 0% 24.7ns ± 0% -21.50% (p=0.000 n=9+10) RegexpMatchEasy1_1K-8 177ns ± 0% 140ns ± 0% -20.70% (p=0.000 n=10+9) RegexpMatchMedium_32-8 3.02ns ± 3% 2.12ns ± 0% -29.73% (p=0.000 n=10+10) RegexpMatchMedium_1K-8 19.8µs ± 2% 17.1µs ± 0% -13.50% (p=0.000 n=9+9) RegexpMatchHard_32-8 940ns ± 0% 872ns ± 0% -7.20% (p=0.000 n=9+8) RegexpMatchHard_1K-8 28.5µs ± 1% 26.5µs ± 0% -7.06% (p=0.000 n=10+10) Revcomp-8 186ms ± 1% 179ms ± 1% -3.66% (p=0.000 n=10+10) Template-8 30.3ms ± 0% 22.3ms ± 0% -26.58% (p=0.000 n=8+9) TimeParse-8 133ns ± 0% 117ns ± 0% -12.40% (p=0.000 n=10+10) TimeFormat-8 176ns ± 0% 141ns ± 0% -19.92% (p=0.000 n=8+9) [Geo mean] 21.4µs 17.8µs -16.81% name old speed new speed delta GobDecode-8 249MB/s ± 1% 381MB/s ± 0% +53.13% (p=0.000 n=9+10) GobEncode-8 314MB/s ± 1% 534MB/s ± 1% +70.25% (p=0.000 n=10+10) Gzip-8 152MB/s ± 0% 156MB/s ± 0% +2.97% (p=0.000 n=7+8) Gunzip-8 822MB/s ± 1% 981MB/s ± 0% +19.26% (p=0.000 n=10+9) JSONEncode-8 434MB/s ± 1% 562MB/s ± 1% +29.41% (p=0.000 n=10+9) JSONDecode-8 90.3MB/s ± 0% 112.5MB/s ± 0% +24.66% (p=0.000 n=9+9) GoParse-8 35.7MB/s ± 1% 43.9MB/s ± 1% +22.96% (p=0.000 n=10+10) RegexpMatchEasy0_32-8 967MB/s ± 0% 1216MB/s ± 0% +25.78% (p=0.000 n=8+10) RegexpMatchEasy0_1K-8 8.46GB/s ± 6% 8.45GB/s ± 7% ~ (p=0.912 n=10+10) RegexpMatchEasy1_32-8 1.02GB/s ± 0% 1.30GB/s ± 0% +27.40% (p=0.000 n=9+10) RegexpMatchEasy1_1K-8 5.78GB/s ± 0% 7.29GB/s ± 0% +26.10% (p=0.000 n=10+9) RegexpMatchMedium_32-8 331MB/s ± 2% 471MB/s ± 0% +42.29% (p=0.000 n=10+10) RegexpMatchMedium_1K-8 51.7MB/s ± 2% 59.8MB/s ± 0%… * Fix conflicts - Resolve compilation errors caused by undefined type or conflicting type - Remove unsupported keyword used - Replace internal package with local package - Support Go 1.16 with fixed build flags on cpu and testenv - Disable broken tests - Remove unsupported suites * uncomment broken tests - uncomment broken tests - skipped for now, a patch may require extensive work to come Co-authored-by: Tobias Klauser <tklauser@distanz.ch> Co-authored-by: Matt T. Proud <matt.proud@gmail.com> Co-authored-by: Matthew Dempsky <mdempsky@google.com> Co-authored-by: Andy Pan <panjf2000@gmail.com> Co-authored-by: John Bampton <jbampton@gmail.com> Co-authored-by: Josh Bleecher Snyder <josharian@gmail.com> Co-authored-by: Johan Brandhorst <johan.brandhorst@gmail.com> Co-authored-by: Katie Hockman <katie@golang.org> Co-authored-by: Austin Clements <austin@google.com> Co-authored-by: Jay Conrod <jayconrod@google.com> Co-authored-by: KimMachineGun <geon0250@gmail.com> Co-authored-by: Ian Lance Taylor <iant@golang.org> Co-authored-by: Naman Gera <namangera15@gmail.com> Co-authored-by: Manlio Perillo <manlio.perillo@gmail.com> Co-authored-by: Michael Anthony Knyszek <mknyszek@google.com> Co-authored-by: Lynn Boger <laboger@linux.vnet.ibm.com> Co-authored-by: Russ Cox <rsc@golang.org> Co-authored-by: HowJMay <vulxj0j8j8@gmail.com> Co-authored-by: Cherry Zhang <cherryyz@google.com> Co-authored-by: Roland Shoemaker <roland@golang.org> Co-authored-by: Filippo Valsorda <filippo@golang.org> Co-authored-by: Keith Randall <khr@golang.org> Co-authored-by: cuishuang <imcusg@gmail.com> Co-authored-by: Cuong Manh Le <cuong.manhle.vn@gmail.com> Co-authored-by: makdon <makdon@makdon.me> Co-authored-by: Carlos Amedee <carlos@golang.org> Co-authored-by: Dmitri Shuralyov <dmitshur@golang.org> Co-authored-by: Matt Layher <mdlayher@gmail.com> Co-authored-by: Martin Möhrmann <martin@golang.org> Co-authored-by: vinckr <vincent@ory.sh> Co-authored-by: Brad Fitzpatrick <bradfitz@golang.org> Co-authored-by: nimelehin <nimelehin@gmail.com> Co-authored-by: Amelia Downs <adowns@vmware.com> Co-authored-by: nicksherron <nsherron90@gmail.com> Co-authored-by: Koichi Shiraishi <zchee.io@gmail.com> Co-authored-by: Archana R <aravind5@in.ibm.com> Co-authored-by: Agniva De Sarker <agnivade@yahoo.co.in> Co-authored-by: Bryan C. Mills <bcmills@google.com> Co-authored-by: David Crawshaw <crawshaw@golang.org> Co-authored-by: Dan Kortschak <dan@kortschak.io> Co-authored-by: Ayan George <ayan@ayan.net> Co-authored-by: Kevin Burke <kevin@burke.dev> Co-authored-by: Michael Matloob <matloob@golang.org> Co-authored-by: Steven Johnstone <steven.james.johnstone@gmail.com> Co-authored-by: Tatiana Bradley <tatiana@golang.org> Co-authored-by: David Taylor <tinystatemachine@gmail.com> |
||
Johan Brandhorst
|
93cad92f83 |
crypto/tls: add HandshakeContext method to Conn
Adds the (*tls.Conn).HandshakeContext method. This allows us to pass the context provided down the call stack to eventually reach the tls.ClientHelloInfo and tls.CertificateRequestInfo structs. These contexts are exposed to the user as read-only via Context() methods. This allows users of (*tls.Config).GetCertificate and (*tls.Config).GetClientCertificate to use the context for request scoped parameters and cancellation. Replace uses of (*tls.Conn).Handshake with (*tls.Conn).HandshakeContext where appropriate, to propagate existing contexts. Fixes #32406 Change-Id: I259939c744bdc9b805bf51a845a8bc462c042483 Reviewed-on: https://go-review.googlesource.com/c/go/+/295370 Run-TryBot: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> TryBot-Result: Go Bot <gobot@golang.org> Trust: Katie Hockman <katie@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> |
||
Matt T. Proud
|
6965ec314f |
docs: clarify when APIs use context.Background.
The Go standard library retrofitted context support onto existing APIs using context.Background and later offered variants that directly supported user-defined context value specification. This commit makes that behavior clear in documentation and suggests context-aware alternatives if the user is looking for one. An example motivation is supporting code for use in systems that expect APIs to be cancelable for lifecycle correctness or load shedding/management reasons, as alluded to in https://blog.golang.org/context-and-structs. Updates #44143 Change-Id: I2d7f954ddf9b48264d5ebc8d0007058ff9bddf14 Reviewed-on: https://go-review.googlesource.com/c/go/+/296152 Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Jean de Klerk <deklerk@google.com> Trust: Jean de Klerk <deklerk@google.com> Run-TryBot: Jean de Klerk <deklerk@google.com> TryBot-Result: Go Bot <gobot@golang.org> |
||
|
Johan Brandhorst
|
8649b4ade4 |
crypto/tls: revert "add HandshakeContext method to Conn"
This reverts CL 246338. Reason for revert: waiting for 1.17 release cycle Updates #32406 Change-Id: I074379039041e086c62271d689b4b7f442281663 Reviewed-on: https://go-review.googlesource.com/c/go/+/269697 Run-TryBot: Johan Brandhorst-Satzkorn <johan.brandhorst@gmail.com> Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> Trust: Katie Hockman <katie@golang.org> Trust: Roland Shoemaker <roland@golang.org> |
||
Russ Cox
|
a2ca1d5330 |
all: update to use os.ReadFile, os.WriteFile, os.CreateTemp, os.MkdirTemp
As part of #42026, these helpers from io/ioutil were moved to os. (ioutil.TempFile and TempDir became os.CreateTemp and MkdirTemp.) Update the Go tree to use the preferred names. As usual, code compiled with the Go 1.4 bootstrap toolchain and code vendored from other sources is excluded. ReadDir changes are in a separate CL, because they are not a simple search and replace. For #42026. Change-Id: If318df0216d57e95ea0c4093b89f65e5b0ababb3 Reviewed-on: https://go-review.googlesource.com/c/go/+/266365 Trust: Russ Cox <rsc@golang.org> Run-TryBot: Russ Cox <rsc@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
|
Johan Brandhorst
|
3b66a0b37e |
crypto/tls: add HandshakeContext method to Conn
Adds the (*tls.Conn).HandshakeContext method. This allows us to pass the context provided down the call stack to eventually reach the tls.ClientHelloInfo and tls.CertificateRequestInfo structs. These contexts are exposed to the user as read-only via Context() methods. This allows users of (*tls.Config).GetCertificate and (*tls.Config).GetClientCertificate to use the context for request scoped parameters and cancellation. Replace uses of (*tls.Conn).Handshake with (*tls.Conn).HandshakeContext where appropriate, to propagate existing contexts. Fixes #32406 Change-Id: I33c228904fe82dcf57683b63627497d3eb841ff2 Reviewed-on: https://go-review.googlesource.com/c/go/+/246338 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Go Bot <gobot@golang.org> Trust: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> |
||
Katie Hockman
|
3017dd3e97 |
crypto: fix PKCS space in docs
Change-Id: Iee53acb963a889410f8c6daaa9a7841f1b12c6fb Reviewed-on: https://go-review.googlesource.com/c/go/+/241497 Run-TryBot: Katie Hockman <katie@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> |
||
Filippo Valsorda
|
5e8c38f2c9 |
crypto/tls: fix DialContext docs
Change-Id: I58e3febbf63049bebb4f8ed8893288183c8aaccd Reviewed-on: https://go-review.googlesource.com/c/go/+/239745 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> |
||
Brad Fitzpatrick
|
2f2a543ff4 |
crypto/tls: add Dialer
Fixes #18482 Change-Id: I99d65dc5d824c00093ea61e7445fc121314af87f Reviewed-on: https://go-review.googlesource.com/c/go/+/214977 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
Brad Fitzpatrick
|
2fcb91d134 |
crypto/tls: help linker remove code when only Client or Server is used
This saves 166 KiB for a tls.Dial hello world program (5382441 to 5212356 to bytes), by permitting the linker to remove TLS server code. Change-Id: I16610b836bb0802b7d84995ff881d79ec03b6a84 Reviewed-on: https://go-review.googlesource.com/c/go/+/228111 Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
|
Brad Fitzpatrick
|
2d37eca87a |
crypto/tls: stop a timeout timer
I noticed this leak while writing CL 214977. Change-Id: I7566952b8e4bc58939d23435aea86576fc58ddca Reviewed-on: https://go-review.googlesource.com/c/go/+/214978 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
|
Filippo Valsorda
|
0e7f9b3702 |
crypto/tls: select only compatible chains from Certificates
Now that we have a full implementation of the logic to check certificate compatibility, we can let applications just list multiple chains in Certificates (for example, an RSA and an ECDSA one) and choose the most appropriate automatically. NameToCertificate only maps each name to one chain, so simply deprecate it, and while at it simplify its implementation by not stripping trailing dots from the SNI (which is specified not to have any, see RFC 6066, Section 3) and by not supporting multi-level wildcards, which are not a thing in the WebPKI (and in crypto/x509). The performance of SupportsCertificate without Leaf is poor, but doesn't affect current users. For now document that, and address it properly in the next cycle. See #35504. While cleaning up the Certificates/GetCertificate/GetConfigForClient behavior, also support leaving Certificates/GetCertificate nil if GetConfigForClient is set, and send unrecognized_name when there are no available certificates. Fixes #29139 Fixes #18377 Change-Id: I26604db48806fe4d608388e55da52f34b7ca4566 Reviewed-on: https://go-review.googlesource.com/c/go/+/205059 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Katie Hockman <katie@golang.org> |
||
|
Filippo Valsorda
|
51f400b8b8 |
crypto/tls: remove TLS 1.3 opt-out
Fixes #30055 Change-Id: If757c43b52fc7bf62b0afb1c720615329fb5569d Reviewed-on: https://go-review.googlesource.com/c/go/+/191999 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> |
||
|
Filippo Valsorda
|
28958b0da6 |
crypto/tls: add support for Ed25519 certificates in TLS 1.2 and 1.3
Support for Ed25519 certificates was added in CL 175478, this wires them up into the TLS stack according to RFC 8422 (TLS 1.2) and RFC 8446 (TLS 1.3). RFC 8422 also specifies support for TLS 1.0 and 1.1, and I initially implemented that, but even OpenSSL doesn't take the complexity, so I just dropped it. It would have required keeping a buffer of the handshake transcript in order to do the direct Ed25519 signatures. We effectively need to support TLS 1.2 because it shares ClientHello signature algorithms with TLS 1.3. While at it, reordered the advertised signature algorithms in the rough order we would want to use them, also based on what curves have fast constant-time implementations. Client and client auth tests changed because of the change in advertised signature algorithms in ClientHello and CertificateRequest. Fixes #25355 Change-Id: I9fdd839afde4fd6b13fcbc5cc7017fd8c35085ee Reviewed-on: https://go-review.googlesource.com/c/go/+/177698 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Filippo Valsorda
|
5d20f2d294 |
crypto/tls: enable TLS 1.3 by default
Updates #30055 Change-Id: I3e79dd7592673c5d76568b0bcded6c391c3be6b3 Reviewed-on: https://go-review.googlesource.com/c/163081 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Brad Fitzpatrick
|
b38bccb4d6 |
crypto/tls, runtime: document GODEBUG TLS 1.3 option
Change-Id: I6801676335924414ce50249df2b7bea08886b203 Reviewed-on: https://go-review.googlesource.com/c/162360 Reviewed-by: Filippo Valsorda <filippo@golang.org> |
||
|
Filippo Valsorda
|
5db23cd389 |
crypto/tls: enable TLS 1.3 and update tests
To disable TLS 1.3, simply remove VersionTLS13 from supportedVersions, as tested by TestEscapeRoute, and amend documentation. To make it opt-in, revert the change to (*Config).supportedVersions from this CL. I did not have the heart to implement the early data skipping feature when I realized that it did not offer a choice between two abstraction-breaking options, but demanded them both (look for handshake type in case of HelloRetryRequest, trial decryption otherwise). It's a lot of complexity for an apparently small gain, but if anyone has strong opinions about it let me know. Note that in TLS 1.3 alerts are encrypted, so the close_notify peeking to return (n > 0, io.EOF) from Read doesn't work. If we are lucky, those servers that unexpectedly close connections after serving a single request will have stopped (maybe thanks to H/2) before they got updated to TLS 1.3. Relatedly, session tickets are now provisioned on the client first Read instead of at Handshake time, because they are, well, post-handshake messages. If this proves to be a problem we might try to peek at them. Doubled the tests that cover logic that's different in TLS 1.3. The benchmarks for TLS 1.2 compared to be0f3c286b5 (before TLS 1.3 and its refactors, after CL 142817 changed them to use real connections) show little movement. name old time/op new time/op delta HandshakeServer/RSA-8 795µs ± 1% 798µs ± 1% ~ (p=0.057 n=10+18) HandshakeServer/ECDHE-P256-RSA-8 903µs ± 0% 909µs ± 1% +0.68% (p=0.000 n=8+17) HandshakeServer/ECDHE-P256-ECDSA-P256-8 198µs ± 0% 204µs ± 1% +3.24% (p=0.000 n=9+18) HandshakeServer/ECDHE-X25519-ECDSA-P256-8 202µs ± 3% 208µs ± 1% +2.98% (p=0.000 n=9+20) HandshakeServer/ECDHE-P521-ECDSA-P521-8 15.5ms ± 1% 15.9ms ± 2% +2.49% (p=0.000 n=10+20) Throughput/MaxPacket/1MB-8 5.81ms ±23% 6.14ms ±44% ~ (p=0.605 n=8+18) Throughput/MaxPacket/2MB-8 8.91ms ±22% 8.74ms ±33% ~ (p=0.498 n=9+19) Throughput/MaxPacket/4MB-8 12.8ms ± 3% 14.0ms ±10% +9.74% (p=0.000 n=10+17) Throughput/MaxPacket/8MB-8 25.1ms ± 7% 24.6ms ±16% ~ (p=0.129 n=9+19) Throughput/MaxPacket/16MB-8 46.3ms ± 4% 45.9ms ±12% ~ (p=0.340 n=9+20) Throughput/MaxPacket/32MB-8 88.5ms ± 4% 86.0ms ± 4% -2.82% (p=0.004 n=10+20) Throughput/MaxPacket/64MB-8 173ms ± 2% 167ms ± 7% -3.42% (p=0.001 n=10+19) Throughput/DynamicPacket/1MB-8 5.88ms ± 4% 6.59ms ±64% ~ (p=0.232 n=9+18) Throughput/DynamicPacket/2MB-8 9.08ms ±12% 8.73ms ±21% ~ (p=0.408 n=10+18) Throughput/DynamicPacket/4MB-8 14.2ms ± 5% 14.0ms ±11% ~ (p=0.188 n=9+19) Throughput/DynamicPacket/8MB-8 25.1ms ± 6% 24.0ms ± 7% -4.39% (p=0.000 n=10+18) Throughput/DynamicPacket/16MB-8 45.6ms ± 3% 43.3ms ± 1% -5.22% (p=0.000 n=10+8) Throughput/DynamicPacket/32MB-8 88.4ms ± 3% 84.8ms ± 2% -4.06% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 175ms ± 3% 167ms ± 2% -4.63% (p=0.000 n=10+10) Latency/MaxPacket/200kbps-8 694ms ± 0% 694ms ± 0% -0.02% (p=0.000 n=9+9) Latency/MaxPacket/500kbps-8 279ms ± 0% 279ms ± 0% -0.09% (p=0.000 n=10+10) Latency/MaxPacket/1000kbps-8 140ms ± 0% 140ms ± 0% -0.15% (p=0.000 n=10+9) Latency/MaxPacket/2000kbps-8 71.1ms ± 0% 71.0ms ± 0% -0.09% (p=0.001 n=8+9) Latency/MaxPacket/5000kbps-8 30.5ms ± 6% 30.1ms ± 6% ~ (p=0.905 n=10+9) Latency/DynamicPacket/200kbps-8 134ms ± 0% 134ms ± 0% ~ (p=0.796 n=9+9) Latency/DynamicPacket/500kbps-8 54.8ms ± 0% 54.7ms ± 0% -0.18% (p=0.000 n=8+10) Latency/DynamicPacket/1000kbps-8 28.5ms ± 0% 29.1ms ± 8% ~ (p=0.173 n=8+10) Latency/DynamicPacket/2000kbps-8 15.3ms ± 6% 15.9ms ±10% ~ (p=0.905 n=9+10) Latency/DynamicPacket/5000kbps-8 9.14ms ±21% 9.65ms ±82% ~ (p=0.529 n=10+10) name old speed new speed delta Throughput/MaxPacket/1MB-8 175MB/s ±13% 167MB/s ±64% ~ (p=0.646 n=7+20) Throughput/MaxPacket/2MB-8 241MB/s ±25% 241MB/s ±40% ~ (p=0.660 n=9+20) Throughput/MaxPacket/4MB-8 328MB/s ± 3% 300MB/s ± 9% -8.70% (p=0.000 n=10+17) Throughput/MaxPacket/8MB-8 335MB/s ± 7% 340MB/s ±17% ~ (p=0.212 n=9+20) Throughput/MaxPacket/16MB-8 363MB/s ± 4% 367MB/s ±11% ~ (p=0.340 n=9+20) Throughput/MaxPacket/32MB-8 379MB/s ± 4% 390MB/s ± 4% +2.93% (p=0.004 n=10+20) Throughput/MaxPacket/64MB-8 388MB/s ± 2% 401MB/s ± 7% +3.25% (p=0.004 n=10+20) Throughput/DynamicPacket/1MB-8 178MB/s ± 4% 157MB/s ±73% ~ (p=0.127 n=9+20) Throughput/DynamicPacket/2MB-8 232MB/s ±11% 243MB/s ±18% ~ (p=0.415 n=10+18) Throughput/DynamicPacket/4MB-8 296MB/s ± 5% 299MB/s ±15% ~ (p=0.295 n=9+20) Throughput/DynamicPacket/8MB-8 334MB/s ± 6% 350MB/s ± 7% +4.58% (p=0.000 n=10+18) Throughput/DynamicPacket/16MB-8 368MB/s ± 3% 388MB/s ± 1% +5.48% (p=0.000 n=10+8) Throughput/DynamicPacket/32MB-8 380MB/s ± 3% 396MB/s ± 2% +4.20% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 384MB/s ± 3% 403MB/s ± 2% +4.83% (p=0.000 n=10+10) Comparing TLS 1.2 and TLS 1.3 at tip shows a slight (~5-10%) slowdown of handshakes, which might be worth looking at next cycle, but the latency improvements are expected to overshadow that. name old time/op new time/op delta HandshakeServer/ECDHE-P256-RSA-8 909µs ± 1% 963µs ± 0% +5.87% (p=0.000 n=17+18) HandshakeServer/ECDHE-P256-ECDSA-P256-8 204µs ± 1% 225µs ± 2% +10.20% (p=0.000 n=18+20) HandshakeServer/ECDHE-X25519-ECDSA-P256-8 208µs ± 1% 230µs ± 2% +10.35% (p=0.000 n=20+18) HandshakeServer/ECDHE-P521-ECDSA-P521-8 15.9ms ± 2% 15.9ms ± 1% ~ (p=0.444 n=20+19) Throughput/MaxPacket/1MB-8 6.14ms ±44% 7.07ms ±46% ~ (p=0.057 n=18+19) Throughput/MaxPacket/2MB-8 8.74ms ±33% 8.61ms ± 9% ~ (p=0.552 n=19+17) Throughput/MaxPacket/4MB-8 14.0ms ±10% 14.1ms ±12% ~ (p=0.707 n=17+20) Throughput/MaxPacket/8MB-8 24.6ms ±16% 25.6ms ±14% ~ (p=0.107 n=19+20) Throughput/MaxPacket/16MB-8 45.9ms ±12% 44.7ms ± 6% ~ (p=0.607 n=20+19) Throughput/MaxPacket/32MB-8 86.0ms ± 4% 87.9ms ± 8% ~ (p=0.113 n=20+19) Throughput/MaxPacket/64MB-8 167ms ± 7% 169ms ± 2% +1.26% (p=0.011 n=19+19) Throughput/DynamicPacket/1MB-8 6.59ms ±64% 6.79ms ±43% ~ (p=0.480 n=18+19) Throughput/DynamicPacket/2MB-8 8.73ms ±21% 9.58ms ±13% +9.71% (p=0.006 n=18+20) Throughput/DynamicPacket/4MB-8 14.0ms ±11% 13.9ms ±10% ~ (p=0.687 n=19+20) Throughput/DynamicPacket/8MB-8 24.0ms ± 7% 24.6ms ± 8% +2.36% (p=0.045 n=18+17) Throughput/DynamicPacket/16MB-8 43.3ms ± 1% 44.3ms ± 2% +2.48% (p=0.001 n=8+9) Throughput/DynamicPacket/32MB-8 84.8ms ± 2% 86.7ms ± 2% +2.27% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 167ms ± 2% 170ms ± 3% +1.89% (p=0.005 n=10+10) Latency/MaxPacket/200kbps-8 694ms ± 0% 699ms ± 0% +0.65% (p=0.000 n=9+10) Latency/MaxPacket/500kbps-8 279ms ± 0% 280ms ± 0% +0.68% (p=0.000 n=10+10) Latency/MaxPacket/1000kbps-8 140ms ± 0% 141ms ± 0% +0.59% (p=0.000 n=9+9) Latency/MaxPacket/2000kbps-8 71.0ms ± 0% 71.3ms ± 0% +0.42% (p=0.000 n=9+9) Latency/MaxPacket/5000kbps-8 30.1ms ± 6% 30.7ms ±10% +1.93% (p=0.019 n=9+9) Latency/DynamicPacket/200kbps-8 134ms ± 0% 138ms ± 0% +3.22% (p=0.000 n=9+10) Latency/DynamicPacket/500kbps-8 54.7ms ± 0% 56.3ms ± 0% +3.03% (p=0.000 n=10+8) Latency/DynamicPacket/1000kbps-8 29.1ms ± 8% 29.1ms ± 0% ~ (p=0.173 n=10+8) Latency/DynamicPacket/2000kbps-8 15.9ms ±10% 16.4ms ±36% ~ (p=0.633 n=10+8) Latency/DynamicPacket/5000kbps-8 9.65ms ±82% 8.32ms ± 8% ~ (p=0.573 n=10+8) name old speed new speed delta Throughput/MaxPacket/1MB-8 167MB/s ±64% 155MB/s ±55% ~ (p=0.224 n=20+19) Throughput/MaxPacket/2MB-8 241MB/s ±40% 244MB/s ± 9% ~ (p=0.407 n=20+17) Throughput/MaxPacket/4MB-8 300MB/s ± 9% 298MB/s ±11% ~ (p=0.707 n=17+20) Throughput/MaxPacket/8MB-8 340MB/s ±17% 330MB/s ±13% ~ (p=0.201 n=20+20) Throughput/MaxPacket/16MB-8 367MB/s ±11% 375MB/s ± 5% ~ (p=0.607 n=20+19) Throughput/MaxPacket/32MB-8 390MB/s ± 4% 382MB/s ± 8% ~ (p=0.113 n=20+19) Throughput/MaxPacket/64MB-8 401MB/s ± 7% 397MB/s ± 2% -0.96% (p=0.030 n=20+19) Throughput/DynamicPacket/1MB-8 157MB/s ±73% 156MB/s ±39% ~ (p=0.738 n=20+20) Throughput/DynamicPacket/2MB-8 243MB/s ±18% 220MB/s ±14% -9.65% (p=0.006 n=18+20) Throughput/DynamicPacket/4MB-8 299MB/s ±15% 303MB/s ± 9% ~ (p=0.512 n=20+20) Throughput/DynamicPacket/8MB-8 350MB/s ± 7% 342MB/s ± 8% -2.27% (p=0.045 n=18+17) Throughput/DynamicPacket/16MB-8 388MB/s ± 1% 378MB/s ± 2% -2.41% (p=0.001 n=8+9) Throughput/DynamicPacket/32MB-8 396MB/s ± 2% 387MB/s ± 2% -2.21% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 403MB/s ± 2% 396MB/s ± 3% -1.84% (p=0.005 n=10+10) Fixes #9671 Change-Id: Ieb57c5140eb2c083b8be0d42b240cd2eeec0dcf6 Reviewed-on: https://go-review.googlesource.com/c/147638 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> |
||
Tim Cooper
|
c9ff1b96f3 |
crypto/tls: remove unneeded calls to bytes.NewReader
Updates #28269 Change-Id: Iae765f85e6ae49f4b581161ed489b2f5ee27cdba Reviewed-on: https://go-review.googlesource.com/c/145737 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> |
||
|
Filippo Valsorda
|
5d617aac88 |
crypto/tls: replace custom *block with standard buffers
The crypto/tls record layer used a custom buffer implementation with its own semantics, freelist, and offset management. Replace it all with per-task bytes.Buffer, bytes.Reader and byte slices, along with a refactor of all the encrypt and decrypt code. The main quirk of *block was to do a best-effort read past the record boundary, so that if a closeNotify was waiting it would be peeked and surfaced along with the last Read. Address that with atLeastReader and ReadFrom to avoid a useless copy (instead of a LimitReader or CopyN). There was also an optimization to split blocks along record boundary lines without having to copy in and out the data. Replicate that by aliasing c.input into consumed c.rawInput (after an in-place decrypt operation). This is safe because c.rawInput is not used until c.input is drained. The benchmarks are noisy but look like an improvement across the board, which is a nice side effect :) name old time/op new time/op delta HandshakeServer/RSA-8 817µs ± 2% 797µs ± 2% -2.52% (p=0.000 n=10+9) HandshakeServer/ECDHE-P256-RSA-8 984µs ±11% 897µs ± 0% -8.89% (p=0.000 n=10+9) HandshakeServer/ECDHE-P256-ECDSA-P256-8 206µs ±10% 199µs ± 3% ~ (p=0.113 n=10+9) HandshakeServer/ECDHE-X25519-ECDSA-P256-8 204µs ± 3% 202µs ± 1% -1.06% (p=0.013 n=10+9) HandshakeServer/ECDHE-P521-ECDSA-P521-8 15.5ms ± 0% 15.6ms ± 1% ~ (p=0.095 n=9+10) Throughput/MaxPacket/1MB-8 5.35ms ±19% 5.39ms ±36% ~ (p=1.000 n=9+10) Throughput/MaxPacket/2MB-8 9.20ms ±15% 8.30ms ± 8% -9.79% (p=0.035 n=10+9) Throughput/MaxPacket/4MB-8 13.8ms ± 7% 13.6ms ± 8% ~ (p=0.315 n=10+10) Throughput/MaxPacket/8MB-8 25.1ms ± 3% 23.2ms ± 2% -7.66% (p=0.000 n=10+9) Throughput/MaxPacket/16MB-8 46.9ms ± 1% 43.0ms ± 3% -8.29% (p=0.000 n=9+10) Throughput/MaxPacket/32MB-8 88.9ms ± 2% 82.3ms ± 2% -7.40% (p=0.000 n=9+9) Throughput/MaxPacket/64MB-8 175ms ± 2% 164ms ± 4% -6.18% (p=0.000 n=10+10) Throughput/DynamicPacket/1MB-8 5.79ms ±26% 5.82ms ±22% ~ (p=0.912 n=10+10) Throughput/DynamicPacket/2MB-8 9.23ms ±14% 9.50ms ±23% ~ (p=0.971 n=10+10) Throughput/DynamicPacket/4MB-8 14.5ms ±11% 13.8ms ± 6% -4.66% (p=0.019 n=10+10) Throughput/DynamicPacket/8MB-8 25.6ms ± 4% 23.5ms ± 3% -8.33% (p=0.000 n=10+10) Throughput/DynamicPacket/16MB-8 47.3ms ± 3% 44.6ms ± 7% -5.65% (p=0.000 n=10+10) Throughput/DynamicPacket/32MB-8 91.9ms ±14% 85.0ms ± 4% -7.55% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 177ms ± 2% 168ms ± 4% -4.97% (p=0.000 n=8+10) Latency/MaxPacket/200kbps-8 694ms ± 0% 694ms ± 0% ~ (p=0.315 n=10+9) Latency/MaxPacket/500kbps-8 279ms ± 0% 279ms ± 0% ~ (p=0.447 n=9+10) Latency/MaxPacket/1000kbps-8 140ms ± 0% 140ms ± 0% ~ (p=0.661 n=9+10) Latency/MaxPacket/2000kbps-8 71.1ms ± 0% 71.1ms ± 0% +0.05% (p=0.019 n=9+9) Latency/MaxPacket/5000kbps-8 30.4ms ± 7% 30.5ms ± 4% ~ (p=0.720 n=9+10) Latency/DynamicPacket/200kbps-8 134ms ± 0% 134ms ± 0% ~ (p=0.075 n=10+10) Latency/DynamicPacket/500kbps-8 54.8ms ± 0% 54.8ms ± 0% ~ (p=0.631 n=10+10) Latency/DynamicPacket/1000kbps-8 28.5ms ± 0% 28.5ms ± 0% ~ (p=1.000 n=8+8) Latency/DynamicPacket/2000kbps-8 15.7ms ±12% 16.1ms ± 0% ~ (p=0.109 n=10+7) Latency/DynamicPacket/5000kbps-8 8.20ms ±26% 8.17ms ±13% ~ (p=1.000 n=9+9) name old speed new speed delta Throughput/MaxPacket/1MB-8 193MB/s ±14% 202MB/s ±30% ~ (p=0.897 n=8+10) Throughput/MaxPacket/2MB-8 230MB/s ±14% 249MB/s ±17% ~ (p=0.089 n=10+10) Throughput/MaxPacket/4MB-8 304MB/s ± 6% 309MB/s ± 7% ~ (p=0.315 n=10+10) Throughput/MaxPacket/8MB-8 334MB/s ± 3% 362MB/s ± 2% +8.29% (p=0.000 n=10+9) Throughput/MaxPacket/16MB-8 358MB/s ± 1% 390MB/s ± 3% +9.08% (p=0.000 n=9+10) Throughput/MaxPacket/32MB-8 378MB/s ± 2% 408MB/s ± 2% +8.00% (p=0.000 n=9+9) Throughput/MaxPacket/64MB-8 384MB/s ± 2% 410MB/s ± 4% +6.61% (p=0.000 n=10+10) Throughput/DynamicPacket/1MB-8 178MB/s ±24% 182MB/s ±24% ~ (p=0.604 n=9+10) Throughput/DynamicPacket/2MB-8 228MB/s ±13% 225MB/s ±20% ~ (p=0.971 n=10+10) Throughput/DynamicPacket/4MB-8 291MB/s ±10% 305MB/s ± 6% +4.83% (p=0.019 n=10+10) Throughput/DynamicPacket/8MB-8 327MB/s ± 4% 357MB/s ± 3% +9.08% (p=0.000 n=10+10) Throughput/DynamicPacket/16MB-8 355MB/s ± 3% 376MB/s ± 6% +6.07% (p=0.000 n=10+10) Throughput/DynamicPacket/32MB-8 366MB/s ±12% 395MB/s ± 4% +7.91% (p=0.000 n=10+10) Throughput/DynamicPacket/64MB-8 380MB/s ± 2% 400MB/s ± 4% +5.26% (p=0.000 n=8+10) Note that this reduced the buffer for the first read from 1024 to 5+512, so it triggered the issue described at #24198 when using a synchronous net.Pipe: the first server flight was not being consumed entirely by the first read anymore, causing a deadlock as both the client and the server were trying to send (the client a reply to the ServerHello, the server the rest of the buffer). Fixed by rebasing on top of CL 142817. Change-Id: Ie31b0a572b2ad37878469877798d5c6a5276f931 Reviewed-on: https://go-review.googlesource.com/c/142818 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> |
||
Filippo Valsorda
|
3ec0b31ffa |
crypto/tls: parse certificate first in X509KeyPair to get better errors
parsePrivateKey can't return useful error messages because it does trial decoding of multiple formats. Try ParseCertificate first in case it offers a useful error message. Fixes #23591 Change-Id: I380490a5850bee593a7d2f584a27b2a14153d768 Reviewed-on: https://go-review.googlesource.com/90435 Run-TryBot: Filippo Valsorda <filippo@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Adam Langley <agl@golang.org> |
||
Marvin Stenger
|
53c5404836 |
all: revert "all: prefer strings.LastIndexByte over strings.LastIndex"
This reverts https://golang.org/cl/66372. Updates #22148 Change-Id: I3e94af3dfc11a2883bf28e1d5e1f32f98760b3ee Reviewed-on: https://go-review.googlesource.com/68431 Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
|
Marvin Stenger
|
6e1bd19dc7 |
all: prefer strings.LastIndexByte over strings.LastIndex
strings.LastIndexByte was introduced in go1.5 and it can be used effectively wherever the second argument to strings.LastIndex is exactly one byte long. This avoids generating unnecessary string symbols and saves a few calls to strings.LastIndex. Change-Id: I7b5679d616197b055cffe6882a8675d24a98b574 Reviewed-on: https://go-review.googlesource.com/66372 Run-TryBot: Ian Lance Taylor <iant@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> |
||
|
Filippo Valsorda
|
0fcebb3f32 |
crypto/tls: disable CBC cipher suites with SHA-256 by default
As is, they were fully vulnerable to the Lucky13 attack. The SHA1 variants implement limited countermeasures (see f28cf8346c4) but the SHA256 ones are apparently used rarely enough (see 8741504888b) that it's not worth the extra code. Instead, disable them by default and update the warning. Updates #13385 Updates #15487 Change-Id: I45b8b716001e2fa0811b17e25be76e2512e5abb2 Reviewed-on: https://go-review.googlesource.com/35290 Reviewed-by: Adam Langley <alangley@gmail.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Matt Layher <mdlayher@gmail.com> TryBot-Result: Gobot Gobot <gobot@golang.org> |
||
|
Brad Fitzpatrick
|
50eb6d71fb |
crypto/tls: update CBC Lucky13 warning a bit
Some countermeasures were implemented in https://golang.org/cl/18130 Updates #13385 Change-Id: I723e1e3be0fa6d13767b65b145d90c89e92b2774 Reviewed-on: https://go-review.googlesource.com/33665 Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Brad Fitzpatrick
|
a03d18b97a |
crypto/tls: add Config.Clone
In Go 1.0, the Config struct consisted only of exported fields. In Go 1.1, it started to grow private, uncopyable fields (sync.Once, sync.Mutex, etc). Ever since, people have been writing their own private Config.Clone methods, or risking it and doing a language-level shallow copy and copying the unexported sync variables. Clean this up and export the Config.clone method as Config.Clone. This matches the convention of Template.Clone from text/template and html/template at least. Fixes #15771 Updates #16228 (needs update in x/net/http2 before fixed) Updates #16492 (not sure whether @agl wants to do more) Change-Id: I48c2825d4fef55a75d2f99640a7079c56fce39ca Reviewed-on: https://go-review.googlesource.com/28075 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> |
||
|
Brad Fitzpatrick
|
701039d78e |
all: use time.Until where applicable
Updates #14595 Change-Id: Idf60b3004c7a0ebb59dd48389ab62c854069e09f Reviewed-on: https://go-review.googlesource.com/28073 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> Reviewed-by: Ian Lance Taylor <iant@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> |
||
Ian Lance Taylor
|
a842784db5 |
crypto/tls: don't copy Mutex or Once values
This fixes some 40 warnings from go vet. Fixes #16134. Change-Id: Ib9fcba275fe692f027a2a07b581c8cf503b11087 Reviewed-on: https://go-review.googlesource.com/24287 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Ian Lance Taylor <iant@golang.org> |
||
Scott Bell
|
ac2bc073eb |
crypto/tls: document certificate chains in LoadX509KeyPair
Fixes #15348 Change-Id: I9e0e1e3a26fa4cd697d2c613e6b4952188b7c7e1 Reviewed-on: https://go-review.googlesource.com/23150 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> |
||
Adam Langley
|
a9f79c9828 |
crypto/tls: make error prefix uniform.
Error strings in this package were all over the place: some were prefixed with “tls:”, some with “crypto/tls:” and some didn't have a prefix. This change makes everything use the prefix “tls:”. Change-Id: Ie8b073c897764b691140412ecd6613da8c4e33a2 Reviewed-on: https://go-review.googlesource.com/21893 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> |
||
Emmanuel Odeke
|
15b10f5314 |
crypto/tls: minor refactors for readability
Change-Id: I93e73f16474b4b31f7097af2f9479822dfc34c5c Reviewed-on: https://go-review.googlesource.com/20678 Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Brad Fitzpatrick
|
7cd572f22a |
all: remove public named return values when useless
Named returned values should only be used on public funcs and methods when it contributes to the documentation. Named return values should not be used if they're only saving the programmer a few lines of code inside the body of the function, especially if that means there's stutter in the documentation or it was only there so the programmer could use a naked return statement. (Naked returns should not be used except in very small functions) This change is a manual audit & cleanup of public func signatures. Signatures were not changed if: * the func was private (wouldn't be in public godoc) * the documentation referenced it * the named return value was an interesting name. (i.e. it wasn't simply stutter, repeating the name of the type) There should be no changes in behavior. (At least: none intended) Change-Id: I3472ef49619678fe786e5e0994bdf2d9de76d109 Reviewed-on: https://go-review.googlesource.com/20024 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Andrew Gerrand <adg@golang.org> |
||
|
Adam Langley
|
e0d17e8f1a |
crypto/tls: note in comment that Certificate.Leaf is nil after parsing.
LoadX509KeyPair and X509KeyPair don't retain the parsed form of certificates in their return value because it's generally not needed. This change makes that clear in the comment. See https://groups.google.com/d/msg/golang-dev/VResvFj2vF8/Wt6WkVT2AwAJ Change-Id: Ibb759cd6e84c00f4450a012992088422c0546638 Reviewed-on: https://go-review.googlesource.com/18734 Reviewed-by: Russ Cox <rsc@golang.org> |
||
|
Brad Fitzpatrick
|
e2901e8e2a |
crypto/tls: document lack of Lucky13 hardening
Updates #13385 Change-Id: I9c2edf8c02adc388c48760b29e63dfa2966262d6 Reviewed-on: https://go-review.googlesource.com/17532 Reviewed-by: Tim Cooijmans <timcooijmans@gmail.com> Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Adam Langley
|
324b8cea11 |
crypto/tls: better error messages when PEM inputs are switched.
This change causes the types of skipped PEM blocks to be recorded when no certificate or private-key data is found in a PEM input. This allows for better error messages to be return in the case of common errors like switching the certifiate and key inputs to X509KeyPair. Fixes #11092 Change-Id: Ifc155a811cdcddd93b5787fe16a84c972011f2f7 Reviewed-on: https://go-review.googlesource.com/14054 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> |
||
aubble
|
b95ee774ce |
crypto/tls: note in comments that setting GetCertificate is now sufficient.
In Go 1.5, Config.Certificates is no longer required if Config.GetCertificate has been set. This change updated four comments to reflect that. Change-Id: Id72cc22fc79e931b2d645a7c3960c3241042762c Reviewed-on: https://go-review.googlesource.com/13800 Reviewed-by: Adam Langley <agl@golang.org> |
||
|
aubble
|
edcafa963c |
crypto/tls: allow tls.Listen when only GetCertificate is provided.
Go 1.5 allowed TLS connections where Config.Certificates was nil as long as the GetCertificate callback was given. However, tls.Listen wasn't updated accordingly until this change. Change-Id: I5f67f323f63c988ff79642f3daf8a6b2a153e6b2 Reviewed-on: https://go-review.googlesource.com/13801 Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Brad Fitzpatrick
|
b180ba8f9b |
crypto/tls: remove return parameter stutter
Per https://golang.org/s/style#named-result-parameters Change-Id: If69d3e6d3dbef385a0f41e743fa49c25475ca40c Reviewed-on: https://go-review.googlesource.com/2761 Reviewed-by: Adam Langley <agl@golang.org> |
||
|
Russ Cox
|
bb890c0d27 |
build: move package sources from src/pkg to src
Preparation was in CL 134570043. This CL contains only the effect of 'hg mv src/pkg/* src'. For more about the move, see golang.org/s/go14nopkg. |