I added the clientChan's msg channel to the list of channels that are closed in mainloop when the server sends a channelCloseMsg.
I added an ExitError type that wraps a Waitmsg similar to that of os/exec. I fill ExitStatus with the data returned in the 'exit-status' channel message and Msg with the data returned in the 'exit-signal' channel message.
Instead of having Wait() return on the first 'exit-status'/'exit-signal' I have it return an ExitError containing the status and signal when the clientChan's msg channel is closed.
I added two tests cases to session_test.go that test for exit status 0 (in which case Wait() returns nil) and exit status 1 (in which case Wait() returns an ExitError with ExitStatus 1)
R=dave, agl, rsc, golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5452051
This CL cleans up the client auth tests, making the
individual test body more manageable.
Also, adds tests for rsa and dsa key negotiation.
Finally, remove the package level use of the variable
strings, which avoids conflicting with the strings pkg.
R=gustav.paul, agl, n13m3y3r, rsc
CC=golang-dev
https://golang.org/cl/5447049
This is part one of a small set of CL's that aim to resolve
the outstanding TODOs relating to channel close and blocking
behavior.
Firstly, the hairy handling of assigning the peersId is now
done in one place. The cost of this change is the slightly
paradoxical construction of the partially created clientChan.
Secondly, by creating clientChan.stdin/out/err when the channel
is opened, the creation of consumers like tcpchan and Session
is simplified; they just have to wire themselves up to the
relevant readers/writers.
R=agl, gustav.paul, rsc
CC=golang-dev
https://golang.org/cl/5448073
All but 3 cases (in gcimporter.go and hixie.go)
are automatic conversions using gofix.
No attempt is made to use the new Append functions
even though there are definitely opportunities.
R=golang-dev, gri
CC=golang-dev
https://golang.org/cl/5447069
The SSH spec allows for the server to send a banner message to the client at any point during the authentication process. Currently the ssh client auth types all assume that the first response from the server after issuing a userAuthRequestMsg will be one of a couple of possible authentication success/failure messages. This means that client authentication breaks if the ssh server being connected to has a banner message configured.
This changeset refactors the noneAuth, passwordAuth and publickeyAuth types' auth() function and allows for msgUserAuthBanner during authentication.
R=golang-dev, rsc, dave, agl
CC=golang-dev
https://golang.org/cl/5432065
This is the result of running `gofix -r hashsum` over the tree, changing
the hash function implementations by hand and then fixing a couple of
instances where gofix didn't catch something.
The changed implementations are as simple as possible while still
working: I'm not trying to optimise in this CL.
R=rsc, cw, rogpeppe
CC=golang-dev
https://golang.org/cl/5448065
Exec() has been renamed to Run() in keeping with the os/exec API.
Added func (*Session) Start(cmd string) which starts a remote process but unlike Run() doesn't wait for it to finish before returning.
Run() has been refactored to use Start internally. Its really just a refactoring, no new code but some extra functionality was won.
Also added func (*Session) Signal(sig signal) which sends a UNIX signal to a remote process. This is espcially useful in conjunction with Start() as the two allow you to start a remote process, monitor its stdout/stderr, and send it a TERM/HUP/etc signal when you want it to close.
R=dave, rsc, agl, bradfitz, n13m3y3r, gustavo
CC=golang-dev
https://golang.org/cl/5437058
According to http://www.ietf.org/rfc/rfc4254.txt most channel messages contain the channel id of the recipient channel, not the sender id. This allows the recipient connection multiplexer to route the message to the correct channel.
This changeset fixes several messages that incorrectly send the local channel id instead of the remote channel's id.
While sessions were being created and closed in sequence channels in the channel pool were freed and reused on the server side of the connection at the same rate as was done on the client, so the channel local and remote channel ids always corresponded. As soon as I had concurrent sessions on the same clientConn the server started to complain of 'uknown channel id N' where N is the local channel id, which is actually paired with server channel id K.
R=golang-dev, dave, rsc, agl
CC=golang-dev
https://golang.org/cl/5433063
IIRC, package sql used to be called db. There was one occurrence
of the old name in a comment.
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5431075
This CL inverts the direction of the Stdin/out/err members of the
Session struct so they reflect the API of the exec.Cmd. In doing so
it borrows heavily from the exec package.
Additionally Shell now returns immediately, wait for completion using
Wait. Exec calls Wait internally and so blocks until the remote
command is complete.
Credit to Gustavo Niemeyer for the impetus for this CL.
R=rsc, agl, n13m3y3r, huin, bradfitz
CC=cw, golang-dev
https://golang.org/cl/5322055
deps.bash does not understand current format,
so make.bash fails (with MAKEFLAGS=-j20).
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/5410046
Fixes use of c after Dial failure (causes crash).
May fix Dial failure by listening to 127.0.0.1:0
instead of 0.0.0.0:0 (tests should only listen on
localhost).
R=golang-dev, gri
CC=golang-dev
https://golang.org/cl/5395052
Ensure that empty NameLists always return
a zero length []string, not nil.
In practice NameLists are only used in a few
message types and always consumed by a for
range function so the difference between nil
and []string{} is not significant.
Also, add exp/ssh to pkg/Makefile as suggested
by rsc.
R=rsc, agl
CC=golang-dev
https://golang.org/cl/5400042
- syscall (not os) now defines the Errno type.
- the low-level assembly functions Syscall, Syscall6, and so on
return Errno, not uintptr
- syscall wrappers all return error, not uintptr.
R=golang-dev, mikioh.mikioh, r, alex.brainman
CC=golang-dev
https://golang.org/cl/5372080
This CL adds experimental support for making proxied
net.Conn connections via the remote server.
nb. Functional tests exist for this feature but CL
5320053 or similar needs to be committed to support them.
R=rsc, agl, n13m3y3r
CC=cw, golang-dev, huin
https://golang.org/cl/5371081
client.go/client_auth.go:
* add support for publickey key auth using the interface
outlined by rsc in the previous auth CL
client_auth_test.go:
* password and publickey tests against server.go
common.go/server.go:
* move some helper methods from server.go into common.go
* generalise serializeRSASignature
R=rsc, agl, huin
CC=cw, golang-dev, n13m3y3r
https://golang.org/cl/5373055
Some remote servers send a 0 window size in the channel
open confirm msg, others send a non zero window size. Make
sure this initial advertisement is not lost.
R=agl, rsc, cw
CC=golang-dev
https://golang.org/cl/5372083
It was never really a shell, but the name carried
over from SSH's ServerShell.
Two small functional changes:
Add SetSize, which allows the size of the terminal
to be changed in response, say, to an SSH message.
Don't write the prompt if there's already something
on the current line.
R=rsc
CC=golang-dev
https://golang.org/cl/5376066
(This is part of removing the duplicate code between exp/terminal and
exp/ssh, but hg is having a very hard time keeping up so I'm doing it
in small steps.)
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5373061
This CL adds an API for handling the various SSH
authenticaton methods. None and password continue
to be the only supported methods.
R=bradfitz, agl, n13m3y3r, rsc, cw
CC=golang-dev
https://golang.org/cl/5328045
There are three classes of methods/functions called Error:
a) The Error method in the just introduced error interface
b) Error methods that create or report errors (http.Error, etc)
c) Error methods that return errors previously associated with
the receiver (Tokenizer.Error, rows.Error, etc).
This CL introduces the convention that methods in case (c)
should be named Err.
The reasoning for the change is:
- The change differentiates the two kinds of APIs based on
names rather than just on signature, unloading Error a bit
- Err is closer to the err variable name that is so commonly
used with the intent of verifying an error
- Err is shorter and thus more convenient to be used often
on error verifications, such as in iterators following the
convention of the sql package.
R=bradfitz, rsc
CC=golang-dev
https://golang.org/cl/5327064
This is Go 1 package renaming CL #2.
This one merely moves the source; the import strings will be
changed after the next weekly release.
exp/template/html -> html/template
big -> math/big
cmath -> math/cmplx
rand -> math/rand
syslog -> log/syslog
The only edits are in Makefiles and deps.bash.
Note that this CL moves exp/template/html out of exp. I decided
to do that so all the renamings can be done together, even though
the API (and that of template, for that matter) is still fluid.
R=r, rsc
CC=golang-dev
https://golang.org/cl/5332053
(The definition of ErrorList is in another file, so gofix
has no hope of getting this right.)
R=golang-dev, iant
CC=golang-dev
https://golang.org/cl/5330043
This CL grew the archive file name length from 16 to 64:
changeset: 909:58574851d792
user: Russ Cox <rsc@golang.org>
date: Mon Oct 20 13:53:56 2008 -0700
Back then, every x.go file in a package became an x.6 file
in the archive. It was important to be able to allow the
use of long Go source file names, hence the increase in size.
Today, all Go source files compile into a single _go_.6 file
regardless of their names, so the archive file name length
no longer needs to be long. The longer name causes some
problems on Plan 9, where the native archive format is the
same but with 16-byte names, so revert back to 16.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5333050
Fixed error checking in exec.go to give a sensible error message when
execution is attempted before a successful parse (rather than an
outright panic).
R=r
CC=golang-dev
https://golang.org/cl/5306065
The payload of a data message is defined as an SSH string type,
which uses the first four bytes to encode its length. When channelData
and channelExtendedData were added I defined Payload as []byte to
be able to use it directly without a string to []byte conversion. This
resulted in the length data leaking into the payload data.
This CL fixes the bug, and restores agl's original fast path code.
Additionally, a bug whereby s.lock was not released if a packet arrived
for an invalid channel has been fixed.
Finally, as they were no longer used, I have removed
the channelData and channelExtedendData structs.
R=agl, rsc
CC=golang-dev
https://golang.org/cl/5330053
I found these by adding a check to govet, but the check
produces far too many false positives to be useful.
Even so, these few seem worth cleaning up.
R=golang-dev, bradfitz, iant
CC=golang-dev
https://golang.org/cl/5311067
Nothing terribly interesting here. (!)
Since the public APIs are all in terms of UTF-8,
the changes are all internal only.
R=mpvl, gri, r
CC=golang-dev
https://golang.org/cl/5309042
API question: is a scanner token an int or a rune?
Since the rune is the common case and the token values
are the special (negative) case, I chose rune. But it could
easily go the other way.
R=gri
CC=golang-dev
https://golang.org/cl/5301049
This CL replaces the Cmd type with a Session type representing
interactive channels. This lays the foundation for supporting
other kinds of channels like direct-tcpip or x11.
client.go:
* replace chanlist map with slice.
* generalize stdout and stderr into a single type.
* unexport ClientChan to clientChan.
doc.go:
* update ServerConfig/ServerConn documentation.
* update Client example for Session.
message.go:
* make channelExtendedData more like channelData.
session.go:
* added Session which replaces Cmd.
R=agl, rsc, n13m3y3r, gustavo
CC=golang-dev
https://golang.org/cl/5302054
server.go/channel.go:
* rename Server to ServerConfig to match Client.
* rename ServerConnection to ServeConn to match Client.
* add Listen/Listener.
* ServerConn.Handshake(), general cleanups.
client.go:
* fix bug where fmt.Error was not assigned to err
R=rsc, agl
CC=golang-dev
https://golang.org/cl/5265049
cssEscaper escapes using the CSS convention: `\` + hex + optional-space
It outputs the space when the escape could be followed by
a hex digit to distinguish a "\na" from "\u00aa".
It did not output a space when the escape is followed by a space
character so did not distinguish "\n " from "\n".
Currently when doing lookahead, it does not distinguish spaces that
will be escaped later by the same function from ones that will not.
This is correct but suboptimal.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5306042
This change splits terminal handling from exp/ssh, as suggested
several times in the ssh code review.
shell.go and shell_test.go are copies from exp/ssh with minimal
changes, so don't need another full review. A future CL will remove
that code from exp/ssh.
R=bradfitz, r, dave, rsc
CC=golang-dev
https://golang.org/cl/5278049
(more are possible but omitted for now as they are part of
specific tests where rather than changing what is there we
should probably expand the tests to cover the new case)
R=rsc, dvyukov
CC=golang-dev
https://golang.org/cl/5247058
therefore unlikely that there is a good use for its string version
LastBoundaryInString. Yet, the implemenation of this method would complicate
things a bit as it would require the introduction for another interface and
some duplication of code. Removing it seems a better choice.
R=r
CC=golang-dev
https://golang.org/cl/5182044
This is a possible optimization. I'm not sure the complexity is worth it.
The new benchmark in escape_test is 46us without and 35us with the optimization.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5168041
This removes a few cases from escapeAction and clarifies the
responsibilities of urlFilter which no longer does any
escaping or normalization. It is now solely a filter.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5162043
HTML5 allows embedded SVG and MathML.
Code searches show SVG is used for graphing.
This changes transition to deal with constructs like
<svg xmlns:xlink="http://www.w3.org/1999/xlink">
It changes attr and clients to call a single function that combines
the name lookup and "on" prefix check to determine an attribute
value type given an attribute name.
That function uses heuristics to recognize that
xlink:href and svg:href
have URL content, and that data-url is likely contains URL content,
since "javascript:" injection is such a problem.
I did a code search over a closure templates codebase to determine
patterns of custom attribute usage. I did something like
$ find . -name \*.soy | \
xargs egrep perl -ne 'while (s/\b((data-|\w+:)\w+)\s*=//) { print "$1\n"; }' | \
sort | uniq
to produce the list at the bottom.
Filtering that by egrep -i 'src|url|uri' produces
data-docConsumptionUri
data-docIconUrl
data-launchUrl
data-lazySrc
data-pageUrl
data-shareurl
data-suggestServerUrl
data-tweetUrl
g:secondaryurls
g:url
which seem to match all the ones that are likely URL content.
There are some short words that match that heuristic, but I still think it decent since
any custom attribute that has a numeric or enumerated keyword value will be unaffected by
the URL assumption.
Counterexamples from /usr/share/dict:
during, hourly, maturity, nourish, purloin, security, surly
Custom attributes present in existing closure templates codebase:
buzz:aid
data-a
data-action
data-actor
data-allowEqualityOps
data-analyticsId
data-bid
data-c
data-cartId
data-categoryId
data-cid
data-command
data-count
data-country
data-creativeId
data-cssToken
data-dest
data-docAttribution
data-docConsumptionUri
data-docCurrencyCode
data-docIconUrl
data-docId
data-docPrice
data-docPriceMicros
data-docTitle
data-docType
data-docid
data-email
data-entityid
data-errorindex
data-f
data-feature
data-fgid
data-filter
data-fireEvent
data-followable
data-followed
data-hashChange
data-height
data-hover
data-href
data-id
data-index
data-invitable
data-isFree
data-isPurchased
data-jid
data-jumpid
data-launchUrl
data-lazySrc
data-listType
data-maxVisiblePages
data-name
data-nid
data-nodeid
data-numItems
data-numPerPage
data-offerType
data-oid
data-opUsesEquality
data-overflowclass
data-packageName
data-pageId
data-pageUrl
data-pos
data-priceBrief
data-profileIds
data-query
data-rating
data-ref
data-rentalGrantPeriodDays
data-rentalactivePeriodHours
data-reviewId
data-role
data-score
data-shareurl
data-showGeLe
data-showLineInclude
data-size
data-sortval
data-suggestServerType
data-suggestServerUrl
data-suggestionIndex
data-tabBarId
data-tabBarIndex
data-tags
data-target
data-textColor
data-theme
data-title
data-toggletarget
data-tooltip
data-trailerId
data-transactionId
data-transition
data-ts
data-tweetContent
data-tweetUrl
data-type
data-useAjax
data-value
data-width
data-x
dm:index
dm:type
g:aspects
g:decorateusingsecondary
g:em
g:entity
g:groups
g:id
g:istoplevel
g:li
g:numresults
g:oid
g:parentId
g:pl
g:pt
g:rating_override
g:secondaryurls
g:sortby
g:startindex
g:target
g:type
g:url
g:value
ga:barsize
ga:css
ga:expandAfterCharsExceed
ga:initialNumRows
ga:nocancelicon
ga:numRowsToExpandTo
ga:type
ga:unlockwhenrated
gw:address
gw:businessname
gw:comment
gw:phone
gw:source
ng:controller
xlink:href
xml:lang
xmlns:atom
xmlns:dc
xmlns:jstd
xmlns:ng
xmlns:og
xmlns:webstore
xmlns:xlink
R=nigeltao
CC=golang-dev
https://golang.org/cl/5119041
The normalization that prevents element name and comment injection in
<{{.}}
by converting it to
<{{.}}
breaks
<!DOCTYPE html>
Instead of splitting states to have a start of document state and a text
state, I whitelist <!DOCTYPE.
R=nigeltao
CC=golang-dev
https://golang.org/cl/5131051
