gostls13.git log

commit 4068be56ce7721a3d75606ea986d11e9ca27077a [browse]
Author: Dmitri Shuralyov
Date: 2022-06-01 11:08:43 -04:00

[release-branch.go1.18] go1.18.3

Change-Id: I89e0df420c0626add131103015cadd7b3f3dfd98
Reviewed-on: https://go-review.googlesource.com/c/go/+/409735
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
Reviewed-by: Alex Rakoczy <alex@golang.org>

commit 5a89bb334d1280b0219108a8ee63c14dd04aa8fd [browse]
Author: Yasuhiro Matsumoto
Date: 2022-04-22 10:07:51 +09:00

[release-branch.go1.18] path/filepath: do not remove prefix "." when following path contains ":".

For #52476
Fixes #52479
Fixes CVE-2022-29804

Change-Id: I9eb72ac7dbccd6322d060291f31831dc389eb9bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/401595
Auto-Submit: Ian Lance Taylor <iant@google.com>
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-on: https://go-review.googlesource.com/c/go/+/405234
Reviewed-by: Yasuhiro Matsumoto <mattn.jp@gmail.com>

commit da608a20ed87b7c6c860eaaf4f2dec39492f9da4 [browse]
Author: Bryan C. Mills
Date: 2022-05-27 11:42:59 -04:00

[release-branch.go1.18] misc/cgo/testsanitizers: buffer the signal channel in TestTSAN/tsan11

This fix is analogous to the one in CL 407888.

'go vet' catches the error, but it is not run on this file because the
file is (only) compiled when running testsanitizers/TestTSAN.

Fixes #53115.
Updates #53113.

Change-Id: I74f7b7390a9775ff00a06214c1019ba28846dd11
Reviewed-on: https://go-review.googlesource.com/c/go/+/409094
Auto-Submit: Bryan Mills <bcmills@google.com>
Reviewed-by: Cherry Mui <cherryyz@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Bryan Mills <bcmills@google.com>
(cherry picked from commit 0f57c88bce9899a91686646a1e9cd7aae55911ef)
Reviewed-on: https://go-review.googlesource.com/c/go/+/408823
Reviewed-by: Ian Lance Taylor <iant@google.com>

commit a34f42077461688bb5e1318e4e04d20c91f1ab8a [browse]
Author: David Taylor
Date: 2022-01-17 21:54:17 Z

[release-branch.go1.18] crypto/tls: avoid extra allocations in steady-state Handshake calls

The Read and Write methods of *tls.Conn call Handshake
unconditionally, every time they are called, expecting it to only
perform a new handshake if required.

However in go 1.17 handshakeContext was extended to set up a
cancelable Context, and importantly did so prior to checking if a
handshake is required. This thus causes it to allocate on every call,
even in those that are no-ops when called in a Read or Write on an
established connection, sometimes leading to very large numbers of
allocations during reads.

This change adds an early return, prior to setting up the context or
proceeding into the handshakeMutex and checking the handshake error, if
the handshake status atomic indicates handshake is already complete.

name                                     old allocs/op  new allocs/op  delta
Throughput/MaxPacket/1MB/TLSv12-10          1.07k ± 0%     0.62k ± 0%  -42.16%  (p=0.000 n=4+5)
Throughput/MaxPacket/1MB/TLSv13-10          1.70k ± 0%     1.25k ± 0%     ~     (p=0.079 n=4+5)
Throughput/MaxPacket/2MB/TLSv12-10          1.62k ± 0%     0.73k ± 0%  -55.18%  (p=0.008 n=5+5)
Throughput/MaxPacket/2MB/TLSv13-10          2.26k ± 0%     1.36k ± 0%  -39.64%  (p=0.008 n=5+5)
Throughput/MaxPacket/4MB/TLSv12-10          2.74k ± 0%     0.95k ± 0%  -65.35%  (p=0.008 n=5+5)
Throughput/MaxPacket/4MB/TLSv13-10          3.37k ± 0%     1.58k ± 0%  -53.15%  (p=0.008 n=5+5)
Throughput/MaxPacket/8MB/TLSv12-10          4.96k ± 0%     1.39k ± 0%  -72.06%  (p=0.016 n=4+5)
Throughput/MaxPacket/8MB/TLSv13-10          5.60k ± 0%     2.01k ± 0%  -64.05%  (p=0.008 n=5+5)
Throughput/MaxPacket/16MB/TLSv12-10         9.42k ± 0%     2.27k ± 1%  -75.92%  (p=0.016 n=4+5)
Throughput/MaxPacket/16MB/TLSv13-10         10.0k ± 0%      2.9k ± 0%  -71.39%  (p=0.008 n=5+5)
Throughput/MaxPacket/32MB/TLSv12-10         18.3k ± 0%      4.0k ± 0%  -77.97%  (p=0.008 n=5+5)
Throughput/MaxPacket/32MB/TLSv13-10         18.9k ± 0%      4.6k ± 0%  -75.62%  (p=0.008 n=5+5)
Throughput/MaxPacket/64MB/TLSv12-10         36.2k ± 0%      7.5k ± 0%  -79.15%  (p=0.008 n=5+5)
Throughput/MaxPacket/64MB/TLSv13-10         36.7k ± 0%      8.1k ± 0%  -78.06%  (p=0.008 n=5+5)
Throughput/DynamicPacket/1MB/TLSv12-10      1.12k ± 0%     0.63k ± 0%  -44.20%  (p=0.008 n=5+5)
Throughput/DynamicPacket/1MB/TLSv13-10      1.76k ± 0%     1.26k ± 0%  -28.22%  (p=0.016 n=5+4)
Throughput/DynamicPacket/2MB/TLSv12-10      1.68k ± 0%     0.74k ± 0%  -56.11%  (p=0.008 n=5+5)
Throughput/DynamicPacket/2MB/TLSv13-10      2.32k ± 0%     1.37k ± 0%  -40.80%  (p=0.008 n=5+5)
Throughput/DynamicPacket/4MB/TLSv12-10      2.80k ± 0%     0.96k ± 0%  -65.81%  (p=0.008 n=5+5)
Throughput/DynamicPacket/4MB/TLSv13-10      3.43k ± 0%     1.59k ± 0%  -53.57%  (p=0.008 n=5+5)
Throughput/DynamicPacket/8MB/TLSv12-10      5.03k ± 0%     1.39k ± 0%  -72.27%  (p=0.008 n=5+5)
Throughput/DynamicPacket/8MB/TLSv13-10      5.66k ± 0%     2.02k ± 0%  -64.27%  (p=0.008 n=5+5)
Throughput/DynamicPacket/16MB/TLSv12-10     9.48k ± 0%     2.28k ± 1%  -75.98%  (p=0.008 n=5+5)
Throughput/DynamicPacket/16MB/TLSv13-10     10.1k ± 0%      2.9k ± 0%  -71.34%  (p=0.008 n=5+5)
Throughput/DynamicPacket/32MB/TLSv12-10     18.4k ± 0%      4.0k ± 0%  -78.13%  (p=0.008 n=5+5)
Throughput/DynamicPacket/32MB/TLSv13-10     19.0k ± 0%      4.6k ± 0%  -75.54%  (p=0.008 n=5+5)
Throughput/DynamicPacket/64MB/TLSv12-10     36.2k ± 0%      7.6k ± 1%  -79.02%  (p=0.008 n=5+5)
Throughput/DynamicPacket/64MB/TLSv13-10     36.8k ± 0%      8.2k ± 1%  -77.76%  (p=0.008 n=5+5)

Fixes #52791

Change-Id: Iacb1f9bf7802022960d9dbce141b8c0587a614d4
Reviewed-on: https://go-review.googlesource.com/c/go/+/379034
Reviewed-by: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
(cherry picked from commit a4af35607536b2b0d73be94df188b9f5a157480c)
Reviewed-on: https://go-review.googlesource.com/c/go/+/405545
Reviewed-by: Roland Shoemaker <roland@golang.org>
Reviewed-by: Alex Rakoczy <alex@golang.org>

commit c838098c327a1b6d63446f4722e943b02d235d78 [browse]
Author: Tatiana Bradley
Date: 2022-05-12 14:58:29 -04:00

[release-branch.go1.18 crypto/tls: randomly generate ticket_age_add

As required by RFC 8446, section 4.6.1, ticket_age_add now holds a
random 32-bit value. Before this change, this value was always set
to 0.

This change also documents the reasoning for always setting
ticket_nonce to 0. The value ticket_nonce must be unique per
connection, but we only ever send one ticket per connection.

Updates #52814
Fixes #52833
Fixes CVE-2022-30629

Change-Id: I6c2fc6ca0376b7b968abd59d6d3d3854c1ab68bb
Reviewed-on: https://go-review.googlesource.com/c/go/+/405994
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
Run-TryBot: Tatiana Bradley <tatiana@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
(cherry picked from commit fe4de36198794c447fbd9d7cc2d7199a506c76a5)
Reviewed-on: https://go-review.googlesource.com/c/go/+/408575
Run-TryBot: Roland Shoemaker <roland@golang.org>

clone the repository to get more history