Comparing v0.32.0...v0.33.0 · golang/net (original) (raw)

Commits on Dec 6, 2024

  1. Revert "route: remove unused sizeof* consts on freebsd"
    This reverts CL 633155.
    Reason for revert: This is part of a short chain of CLs that causes
    x/net to depend on x/sys. We have a policy that prevents us from
    vendoring x/sys into std, but x/net needs to be vendored.
    Change-Id: Ib773f21dee59fe6f4afb7ba1d7ae01d8859110c6
    Reviewed-on: https://go-review.googlesource.com/c/net/+/634255
    Auto-Submit: Michael Knyszek mknyszek@google.com
    Reviewed-by: Dmitri Shuralyov dmitshur@google.com
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    @mknyszek @gopherbot
    Configuration menu
    Browse the repository at this point in the history
  2. Revert "route: change from syscall to x/sys/unix"
    This reverts CL 632816.
    Reason for revert: This CL causes x/net to depend on x/sys. We have a
    policy that prevents us from vendoring x/sys into std, but x/net
    needs to be vendored.
    Change-Id: I0fe3bc9861d559d888db6fa7febd48a201f060b8
    Reviewed-on: https://go-review.googlesource.com/c/net/+/634196
    Auto-Submit: Michael Knyszek mknyszek@google.com
    Reviewed-by: Dmitri Shuralyov dmitshur@google.com
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    @mknyszek @gopherbot
    Configuration menu
    Browse the repository at this point in the history

Commits on Dec 10, 2024

  1. quic: handle ACK frame in packet which drops number space
    Avoid incorrectly closing a connection with a protocol violation
    error when we receive a single packet containing a CRYPTO frame
    that causes us to drop a packet number space (forgetting what
    packet numbers we've sent in that space) followed by an ACK frame.
    Fixes golang/go#70703
    Change-Id: I37554cb6a3086736cb9d772f8a3441b544d414dc
    Reviewed-on: https://go-review.googlesource.com/c/net/+/634616
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    Auto-Submit: Damien Neil dneil@google.com
    Reviewed-by: Jonathan Amsterdam jba@google.com
    @neild @gopherbot
    Configuration menu
    Browse the repository at this point in the history
  2. quic: clean up crypto streams when dropping packet protection keys
    When dropping packet protection keys for a number space:
    Check to see if there is unused CRYPTO data received from the peer
    in the space. If so, close the connection with an error. This can
    only happen if the peer has sent us data with a gap in it. We
    can never read the data that fills that gap (because we're dropping
    the key it would be encrypted with), and this situation cannot
    happen without the peer sending invalid TLS handshake data.
    Drop any buffered CRYPTO data being sent to the peer.
    Under normal operations, we may have data that was sent to the peer
    but which we haven't received an ACK for yet. The peer has
    received the data (or we wouldn't be dropping the number space)
    and we will never see the ACK (because we're dropping the key it
    would be encrypted with).
    Fixes golang/go#70704
    Change-Id: I53380169cb59a2a6f87e69b38522ba81ad38c2b0
    Reviewed-on: https://go-review.googlesource.com/c/net/+/634617
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    Reviewed-by: Jonathan Amsterdam jba@google.com
    Auto-Submit: Damien Neil dneil@google.com
    @neild @gopherbot
    Configuration menu
    Browse the repository at this point in the history

Commits on Dec 12, 2024

  1. route: remove unused sizeof* consts
    These were never used since they were added in CL 22446.
    Cq-Include-Trybots: luci.golang.try:x_net-gotip-freebsd-amd64,x_net-gotip-darwin-arm64_13
    Change-Id: I1d5952ec299ea22f2f0c62da552638ba0438a15b
    Reviewed-on: https://go-review.googlesource.com/c/net/+/635135
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    Reviewed-by: Ian Lance Taylor iant@google.com
    Reviewed-by: Carlos Amedee carlos@golang.org
    Auto-Submit: Tobias Klauser tobias.klauser@gmail.com
    @tklauser @gopherbot
    Configuration menu
    Browse the repository at this point in the history

Commits on Dec 18, 2024

  1. Configuration menu
    Browse the repository at this point in the history
  2. html: use strings.EqualFold instead of lowering ourselves
    Instead of using strings.ToLower and == to check case insensitive
    equality, just use strings.EqualFold, even when the strings are only
    ASCII. This prevents us unnecessarily lowering extremely long strings,
    which can be a somewhat expensive operation, even if we're only
    attempting to compare equality with five characters.
    Thanks to Guido Vranken for reporting this issue.
    Fixes golang/go#70906
    Fixes CVE-2024-45338
    Change-Id: I323b919f912d60dab6a87cadfdcac3e6b54cd128
    Reviewed-on: https://go-review.googlesource.com/c/net/+/637536
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    Auto-Submit: Gopher Robot gobot@golang.org
    Reviewed-by: Roland Shoemaker roland@golang.org
    Reviewed-by: Tatiana Bradley tatianabradley@google.com
    @rolandshoemaker @gopherbot
    Configuration menu
    Browse the repository at this point in the history
  3. go.mod: update golang.org/x dependencies
    Update golang.org/x dependencies to their latest tagged versions.
    Change-Id: I471c86e74526efc14e23be5635951a56cf2643ec
    Reviewed-on: https://go-review.googlesource.com/c/net/+/637575
    Auto-Submit: Gopher Robot gobot@golang.org
    Reviewed-by: Roland Shoemaker roland@golang.org
    Reviewed-by: Damien Neil dneil@google.com
    LUCI-TryBot-Result: Go LUCI golang-scoped@luci-project-accounts.iam.gserviceaccount.com
    @gopherbot
    Configuration menu
    Browse the repository at this point in the history