When x509ignoreCN=1 is present in GODEBUG, ignore the deprecated Common
Name field. This will let people test a behavior we might make the
default in the future, and lets a final class of certificates avoid the
NameConstraintsWithoutSANs error.
Updates #24151
Change-Id: I1c397aa1fa23777b9251c311d02558f9a5bdefc0
Reviewed-on: https://go-review.googlesource.com/123695
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Adam Langley <agl@golang.org>
The Common Name is used as a hostname when there are no Subject
Alternative Names, but it is not restricted by name constraints. To
protect against a name constraints bypass, we used to require SANs for
constrained chains. See the NameConstraintsWithoutSANs error.
This change ignores the CN when it does not look like a hostname, so we
can avoid returning NameConstraintsWithoutSANs.
This makes it possible to validate certificates with non-hostname CN
against chains that use name constraints to disallow all names, like the
Estonian IDs.
Updates #24151
Change-Id: I798d797990720a01ad9b5a13336756cc472ebf44
Reviewed-on: https://go-review.googlesource.com/123355
Reviewed-by: Adam Langley <agl@golang.org>
TARGET_OS_OSX is the right macro, but it also was only introduced
in 1.12. For 1.11 and earlier a reasonable substitution is
TARGET_OS_IPHONE == 0.
Update #24161
Update #26355
Change-Id: I5f43c463d14fada9ed1d83cc684c7ea05d94c5f3
Reviewed-on: https://go-review.googlesource.com/124075
Run-TryBot: Keith Randall <khr@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Describe the problem as a bug, since it is not implied by the rest of
the pointer passing rules, and it may be possible to fix it.
Updates #19928
Change-Id: I2d336e7336b2a215c0b8cf909a203201ef1b054e
Reviewed-on: https://go-review.googlesource.com/123658
Reviewed-by: Austin Clements <austin@google.com>
The test TestNewReleaseRebuildsStalePackagesInGOPATH is not run in
short mode, so people tend to not notice when it fails. It was failing
due to the build cache. Make it pass again by 1) changing it to modify
the package in a way visible to the compiler, so that the change is
not hidden by caching; 2) accepting "not installed but available in
build cache" as always being a valid reason for a stale package, as go
list does not try to figure out an underlying reason for why a package
is stale when it finds it in the build cache but not installed.
Updates #24436
Change-Id: Iaeaa298f153451ec913a653dd4e6da79a33055bb
Reviewed-on: https://go-review.googlesource.com/123815
Reviewed-by: Daniel Martí <mvdan@mvdan.cc>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Profile's Mapping field is currently populated by reading /proc/self/maps.
On systems where /proc/self/maps is not available, the profile generated
by Go's runtime will not have any Mapping entry. Pprof command then adds
a fake entry and links all Location entries in the profile with the fake
entry to be used during symbolization.
a8644067d5/internal/driver/fetch.go (L437)
The fake entry is not enough to suppress the error or warning messages
pprof command produces. We need to tell pprof that Location entries are
symbolized already by Go runtime and pprof does not have to attempt to
perform further symbolization.
In #25743, we made Go runtime mark Mapping entries with HasFunctions=true
when all Location entries from the Mapping entries are successfully
symbolized. This change makes the Go runtime add a fake mapping entry,
otherwise the pprof command tool would add, and set the HasFunctions=true
following the same logic taken when the real mapping information is
available.
Updates #19790.
Fixes#26255. Tested pprof doesn't report the error message any more
for pure Go program.
Change-Id: Ib12b62e15073f5d6c80967e44b3e8709277c11bd
Reviewed-on: https://go-review.googlesource.com/123779
Run-TryBot: Hyang-Ah Hana Kim <hyangah@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Significant surgery done to the Versioning section, bringing it closer to
modern thinking.
Also add a question about constants.
Update #26107.
Change-Id: Icf70b7228503c6baaeab0b95ee3e6bee921575aa
Reviewed-on: https://go-review.googlesource.com/123918
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Changes are mostly about making more about now than about the past,
changing some verb tenses, and mentioning gollvm (which should
be pronounced "gollum" if you ask me).
Update #26107
Change-Id: I6c14f42b9fc2684259d4ba8bc149d7ec9bb83d15
Reviewed-on: https://go-review.googlesource.com/123917
Reviewed-by: Ian Lance Taylor <iant@golang.org>
The old text was written when it was only 1 by default, which
changed a long time ago.
Also add a note that GOMAXPROCS does not limit the total
number of threads.
Change-Id: I104ccd7266d11335320a4d7f5671fb09ed641f88
Reviewed-on: https://go-review.googlesource.com/123916
Reviewed-by: Ian Lance Taylor <iant@golang.org>
The test in CL 123715 doesn't work on iOS, it needs to use a different
version scheme to determine whether SecKeyAlgorithm and friends exist.
Restrict the old version test to OSX only.
The same problem occurs on iOS: the functions tested don't exist before
iOS 10. But we don't have builders below iOS 10, so it isn't a big issue.
If we ever get older builders, or someone wants to run all.bash on an
old iOS, they'll need to figure out the right incantation.
Update #24161
Update #26355
Change-Id: Ia3ace86b00486dc172ed00c0c6d668a95565bff7
Reviewed-on: https://go-review.googlesource.com/123959
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
See big comment in code.
Fixes#23921
Change-Id: I2dbd1acc2e9da07a71f9e0640aafe0c59a335627
Reviewed-on: https://go-review.googlesource.com/123875
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
In CL 122404, we change -replace syntax from => to =.
And we also need to change this and the tests.
Fixesgolang/go#26373.
Change-Id: I2d4e85e10c1578540cc7673b93d849270940d776
Reviewed-on: https://go-review.googlesource.com/123778
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
Was supposed to be removed from CL 123757
Change-Id: I74405adab58be103f8e4a0c2405567f480a0e622
Reviewed-on: https://go-review.googlesource.com/123895
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
The os.RemoveAll(tg.tempdir) was not a good idea.
Change-Id: I6f78cff887044186649cbf3ee04a58abdbcb71e2
Reviewed-on: https://go-review.googlesource.com/123757
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Russ Cox <rsc@golang.org>
Before:
// Find returns a slice holding the text of the leftmost match in b of the regular expression.
// Match checks whether a textual regular expression matches a byte slice.
After:
// Match reports whether the byte slice b contains any match of the regular expression re.
The use of different wording for Find and Match always makes me think
that Match required the entire string to match while Find clearly allows
a substring to match.
This CL makes the Match wording correspond more closely to Find,
to try to avoid that confusion.
Change-Id: I97fb82d5080d3246ee5cf52abf28d2a2296a5039
Reviewed-on: https://go-review.googlesource.com/123736
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
The linker's DWARF generation occasionally computes and attaches an
attribute X to a type even though the type's abbrev doesn't have the
specified attr. For example, the DW_TAG_subroutine_type abbrev entry
has no type attribute, but a type attr is given to it (wasting
memory). Similarly there are some places where a byte size attr is
added to a DIE whose abbrev lacks that attr. This patch trims away a
few of these not-needed attrs, saving some very tiny amount of memory.
Updates #26186
Change-Id: I69e853df468ac54b07772a614b4106d7c4dae01d
Reviewed-on: https://go-review.googlesource.com/123296
Reviewed-by: Heschi Kreinick <heschi@google.com>
Run-TryBot: Heschi Kreinick <heschi@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
This permits specifying an ErrorHandler to customize the RoundTrip
error handling if the backend fails to return a response.
Fixes#22700Fixes#21255
Change-Id: I8879f0956e2472a07f584660afa10105ef23bf11
Reviewed-on: https://go-review.googlesource.com/77410
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Executing tests in src/cmd/go/internal/modfetch/codehost/git_test.go in enviroment
witout outside connectivity in to the internet results in tests failure:
2018/07/13 14:31:14 git clone --mirror https://vcs-test.golang.org/git/gitrepo1 /tmp/gitrepo-test-996701800/gitrepo2 in : exit status 128:
Cloning into bare repository '/tmp/gitrepo-test-996701800/gitrepo2'...
fatal: unable to access 'https://vcs-test.golang.org/git/gitrepo1/': Could not resolve host: vcs-test.golang.org
FAIL cmd/go/internal/modfetch/codehost 0.307s
Fixes#26007
Change-Id: Ia39d8b3215c920dad6c0c58ffabb0b2ab39bb55c
Reviewed-on: https://go-review.googlesource.com/123735
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
syscall/js does not allow []byte to be used in direct inputs to
its JavaScript manipulation methods since
bafe466a95.
Unfortunately, this use of a byte slice was missed, so any
uses of the WASM Roundtripper with a body will panic.
This ensures the byte slice is appropriately converted
before being passed to syscall.
Fixes#26349
Change-Id: I83847645d71ce310c1eee3decddbac990fae166b
GitHub-Last-Rev: 3914bda2ff
GitHub-Pull-Request: golang/go#26350
Reviewed-on: https://go-review.googlesource.com/123537
Run-TryBot: Emmanuel Odeke <emm.odeke@gmail.com>
Reviewed-by: Richard Musiol <neelance@gmail.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
According to RFC-3986, the sub-delims chars should not be escaped in
fragment.
So this change fixes current behavior a bit.
Fixes#19917
Change-Id: I1a8deb93255d979532f75bae183c3fb53a05d395
Reviewed-on: https://go-review.googlesource.com/61650
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The test uses functions from C that were introduced in OSX 1.12.
Include stubs for those functions when compiling for 1.11 and earlier.
This test really a compile-time test, it doesn't matter much what the
executed code actually does.
Use a nasty #define hack to work around the fact that cgo doesn't
support static global variables.
Update #24161Fixes#26355
Change-Id: Icf6f7bc9b6b36cacc81d5d0e033a2ebaff7e0298
Reviewed-on: https://go-review.googlesource.com/123715
Run-TryBot: Keith Randall <khr@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Many parts of the FAQ are dusty and need cleaning up.
This is the first of a series of changes to bring it up to date.
Since it was first written at the time of release, some of the
ideas and background have changed, and some historical
remarks are largely irrelevant now.
Update #26107.
Change-Id: I1f36df7d8ecc8a1a033d5ac4fa1edeece25ed6b4
Reviewed-on: https://go-review.googlesource.com/123496
Reviewed-by: Ian Lance Taylor <iant@golang.org>
The existing implementation stops recording type information once it
encounters an error. This results in missing type information that is
needed by various tools. This change handles a few commonly encountered
cases by continuing to check subtrees after errors. Also, add tests for
cases where the package fails to type-check.
Updates #22467
Change-Id: I1bb48d4cb8ae5548dca63bdd785ea2f69329e92b
Reviewed-on: https://go-review.googlesource.com/123578
Run-TryBot: Rebecca Stambler <rstambler@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Alan Donovan <adonovan@google.com>
Updates bundled x/net/http2 to git rev d0887baf81f4 for:
http2: ignore unknown 1xx responses like HTTP/1
https://golang.org/cl/123615
http2: fix bug in earlier CL 123615
https://golang.org/cl/123675
Also along for the ride, but without any effect:
http2: export a field of an internal type for use by net/http
https://golang.org/cl/123656Fixes#26189
Updates #17739
Change-Id: I1955d844d74113efbcbbdaa7d7a7faebb2225b45
Reviewed-on: https://go-review.googlesource.com/123676
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
This CL fixes up tests from the x/vgo repo that are failing
on some of the builders.
It will be submitted together with CL 123576.
Change-Id: I6bec81a93ad4f7116e8edc8c15beafa25747530c
Reviewed-on: https://go-review.googlesource.com/123580
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This CL corresponds to CL 123361, the final manual CL in that repo,
making this the final manual sync.
All future commits will happen in this repo (the main Go repo),
and we'll update x/vgo automatically with a fixed patch+script.
Change-Id: I572243309c1809727604fd704705a23c30e85d1a
Reviewed-on: https://go-review.googlesource.com/123576
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Previously Transport.CloseIdleConnections only closed the HTTP/2
Transport's idle connections if the HTTP/2 transport was configured
automatically via the bundled copy (in h2_bundle.go).
This makes it also work if the user called http2.ConfigureTransport
themselves using golang.org/x/net/http2 instead of the bundled copy.
No tests because we have no current way to run such cross-repo tests,
at least in any efficient or non-flaky way.
Tested by hand that:
package main
import (
"net/http"
"golang.org/x/net/http2"
)
func main() {
tr := &http.Transport{}
http2.ConfigureTransport(tr)
tr.CloseIdleConnections()
}
... now works and calls the x/net/http2.Transport.CloseIdleConnections
code. (I threw in a print statement locally)
Fixes#22891 once CL 123656 is also in.
Change-Id: Id697fd3e7877c3a988bc3c3368b88940ba56cfd0
Reviewed-on: https://go-review.googlesource.com/123657
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Two fixes:
1) Typedefs of the bad typedefs should also not be rewritten to the
underlying type. They shouldn't just be uintptr, though, they should
retain the C naming structure. For example, in C:
typedef const __CFString * CFStringRef;
typedef CFStringRef SecKeyAlgorithm;
we want the Go:
type _Ctype_CFStringRef uintptr
type _Ctype_SecKeyAlgorithm = _Ctype_CFStringRef
2) We need more types than just function arguments/return values.
At least we need types of global variables, so when we see a reference to:
extern const SecKeyAlgorithm kSecKeyAlgorithmECDSASignatureDigestX962SHA1;
we know that we need to investigate the type SecKeyAlgorithm.
Might as well just find every typedef and check the badness of all of them.
This requires looping until a fixed point of known types is reached.
Usually it takes just 2 iterations, sometimes 3.
Fixes#24161
Change-Id: I32ca7e48eb4d4133c6242e91d1879636f5224ea9
Reviewed-on: https://go-review.googlesource.com/123177
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
If both branches of a write barrier test go to the same block,
then there's no unsafe points.
This can only happen if the resulting memory state is somehow dead,
which can only occur in degenerate cases, like infinite loops. No
point in cleaning up the useless branch in these situations.
Fixes#26024.
Change-Id: I93a7df9fdf2fc94c6c4b1fe61180dc4fd4a0871f
Reviewed-on: https://go-review.googlesource.com/123655
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Lack of a well-defined order between VarDef and related
address operations sometimes causes problems with store order
and write barrier transformations; glitches in the order are
made irreparable (by later optimizations) if the two parts of
the glitch straddle a split in the original block caused by
insertion of a write barrier diamond.
Fix this by creating a LocalAddr for addresses of locals
(what VarDef matters for) that takes a memory input to
help make the order explicit. Addr is modified to only
be legal for SB operand, so there is no overlap between
Addr and LocalAddr uses (there may be some downstream
cleanup from this).
Changes to generic.rules and rewrite.go ensure that codegen
tests continue to pass; CSE of LocalAddr is impaired, not
quite sure of the cost.
Fixes#26105.
Change-Id: Id4192b4440aa4e9d7ba54a465c456df9b530b515
Reviewed-on: https://go-review.googlesource.com/122483
Run-TryBot: David Chase <drchase@google.com>
Reviewed-by: Keith Randall <khr@golang.org>
The behavior of -a no longer changes depending on which kind
of branch of Go you are using (the new build cache fixed all that).
These tests are not doing anything useful (and failing).
Change-Id: I1c65120a3e05286e888951d61bca4a903e2c1158
Reviewed-on: https://go-review.googlesource.com/123575
Run-TryBot: Russ Cox <rsc@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
API compatibility violation, but it wasn't safe before and people
should be using golang.org/x/sys/windows instead.
Fixes#24820
Change-Id: I3b43493f56b3116924b9d848a294899279f314fd
Reviewed-on: https://go-review.googlesource.com/123455
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Austin Clements <austin@google.com>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The existing example code uses variable name d, but
prints t in its output. It's needlessly confusing.
Change-Id: I67bef3c732e84d2d89819f96b4b62663630fd69e
Reviewed-on: https://go-review.googlesource.com/123516
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Updates bundled x/net/http2 to git rev cffdcf67 for:
http2: use GetBody unconditionally on Transport retry, when available
https://golang.org/cl/123476
http2: a closed stream cannot receive data
https://golang.org/cl/111676
Updates #25009
Updates #25023
Change-Id: I84f50cc50c0fa5a3c34f0037a9cb1ef468e5f0d9
Reviewed-on: https://go-review.googlesource.com/123515
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@golang.org>
Change "have to" to "need to" for clarity and to avoid a
peculiar English idiom.
Change-Id: Iec2b1f841d0353dd7925f8f934fe82d4ed059d7d
Reviewed-on: https://go-review.googlesource.com/123495
Reviewed-by: Ian Lance Taylor <iant@golang.org>