TUN-7584: Bump go 1.20.6

Pins all docker and cfsetup builds to a specific go patch version.
Also ran go fix on repo.
This commit is contained in:
Devin Carr 2023-07-26 13:52:40 -07:00
parent 5f3cfe044f
commit 65247b6f0f
29 changed files with 57 additions and 321 deletions

View File

@ -4,7 +4,7 @@ jobs:
check: check:
strategy: strategy:
matrix: matrix:
go-version: [1.19.x] go-version: [1.20.x]
os: [ubuntu-latest, macos-latest, windows-latest] os: [ubuntu-latest, macos-latest, windows-latest]
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
steps: steps:

View File

@ -1,7 +1,7 @@
# use a builder image for building cloudflare # use a builder image for building cloudflare
ARG TARGET_GOOS ARG TARGET_GOOS
ARG TARGET_GOARCH ARG TARGET_GOARCH
FROM golang:1.19 as builder FROM golang:1.20.6 as builder
ENV GO111MODULE=on \ ENV GO111MODULE=on \
CGO_ENABLED=0 \ CGO_ENABLED=0 \
TARGET_GOOS=${TARGET_GOOS} \ TARGET_GOOS=${TARGET_GOOS} \

View File

@ -1,5 +1,5 @@
# use a builder image for building cloudflare # use a builder image for building cloudflare
FROM golang:1.19 as builder FROM golang:1.20.6 as builder
ENV GO111MODULE=on \ ENV GO111MODULE=on \
CGO_ENABLED=0 CGO_ENABLED=0

View File

@ -1,5 +1,5 @@
# use a builder image for building cloudflare # use a builder image for building cloudflare
FROM golang:1.19 as builder FROM golang:1.20.6 as builder
ENV GO111MODULE=on \ ENV GO111MODULE=on \
CGO_ENABLED=0 CGO_ENABLED=0

View File

@ -1,5 +1,5 @@
pinned_go: &pinned_go go=1.19.6-1 pinned_go: &pinned_go go=1.20.6-1
pinned_go_fips: &pinned_go_fips go-boring=1.19.6-1 pinned_go_fips: &pinned_go_fips go-boring=1.20.6-1
build_dir: &build_dir /cfsetup_build build_dir: &build_dir /cfsetup_build
default-flavor: bullseye default-flavor: bullseye

View File

@ -1,5 +1,4 @@
//go:build !windows && !darwin && !linux //go:build !windows && !darwin && !linux
// +build !windows,!darwin,!linux
package main package main

View File

@ -1,5 +1,4 @@
//go:build linux //go:build linux
// +build linux
package main package main

View File

@ -1,5 +1,4 @@
//go:build darwin //go:build darwin
// +build darwin
package main package main

View File

@ -1,5 +1,4 @@
//go:build ignore //go:build ignore
// +build ignore
// TODO: Remove the above build tag and include this test when we start compiling with Golang 1.10.0+ // TODO: Remove the above build tag and include this test when we start compiling with Golang 1.10.0+

View File

@ -1,5 +1,4 @@
//go:build !windows //go:build !windows
// +build !windows
package tunnel package tunnel

View File

@ -1,5 +1,4 @@
//go:build !windows //go:build !windows
// +build !windows
package updater package updater

View File

@ -1,5 +1,4 @@
//go:build windows //go:build windows
// +build windows
package main package main

View File

@ -1,4 +1,4 @@
FROM golang:1.19 as builder FROM golang:1.20.6 as builder
ENV GO111MODULE=on \ ENV GO111MODULE=on \
CGO_ENABLED=0 CGO_ENABLED=0
WORKDIR /go/src/github.com/cloudflare/cloudflared/ WORKDIR /go/src/github.com/cloudflare/cloudflared/

9
go.mod
View File

@ -1,6 +1,6 @@
module github.com/cloudflare/cloudflared module github.com/cloudflare/cloudflared
go 1.19 go 1.20
require ( require (
github.com/cloudflare/golibs v0.0.0-20170913112048-333127dbecfc github.com/cloudflare/golibs v0.0.0-20170913112048-333127dbecfc
@ -110,8 +110,5 @@ replace gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1
replace github.com/quic-go/quic-go => github.com/devincarr/quic-go v0.0.0-20230502200822-d1f4edacbee7 replace github.com/quic-go/quic-go => github.com/devincarr/quic-go v0.0.0-20230502200822-d1f4edacbee7
// Post-quantum tunnel RTG-1339 // Post-quantum tunnel RTG-1339
replace ( // Branches go1.20 on github.com/cloudflare/qtls-pq
// Branches go1.19 go1.20 on github.com/cloudflare/qtls-pq replace github.com/quic-go/qtls-go1-20 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633
github.com/quic-go/qtls-go1-19 => github.com/cloudflare/qtls-pq v0.0.0-20230320123031-3faac1a945b2
github.com/quic-go/qtls-go1-20 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633
)

4
go.sum
View File

@ -65,8 +65,6 @@ github.com/cloudflare/golibs v0.0.0-20170913112048-333127dbecfc h1:Dvk3ySBsOm5Ev
github.com/cloudflare/golibs v0.0.0-20170913112048-333127dbecfc/go.mod h1:HlgKKR8V5a1wroIDDIz3/A+T+9Janfq+7n1P5sEFdi0= github.com/cloudflare/golibs v0.0.0-20170913112048-333127dbecfc/go.mod h1:HlgKKR8V5a1wroIDDIz3/A+T+9Janfq+7n1P5sEFdi0=
github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633 h1:ZTub2XMOBpxyBiJf6Q+UKqAi07yt1rZmFitriHvFd8M= github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633 h1:ZTub2XMOBpxyBiJf6Q+UKqAi07yt1rZmFitriHvFd8M=
github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633/go.mod h1:j/igSUc4PgBMayIsBGjAFu2i7g663rm6kZrKy4htb7E= github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633/go.mod h1:j/igSUc4PgBMayIsBGjAFu2i7g663rm6kZrKy4htb7E=
github.com/cloudflare/qtls-pq v0.0.0-20230320123031-3faac1a945b2 h1:0/KuLjh9lBMiXlooAdwoo+FbLVD5DABtquB0ImEFOK0=
github.com/cloudflare/qtls-pq v0.0.0-20230320123031-3faac1a945b2/go.mod h1:XzuZIjv4mF5cM205RHHW1d60PQtWGwMR6jx38YKuYHs=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk= github.com/cncf/udpa/go v0.0.0-20201120205902-5459f2c99403/go.mod h1:WmhPx2Nbnhtbo57+VJT5O0JRkEi1Wbu0z5j0R8u5Hbk=
github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI= github.com/cncf/udpa/go v0.0.0-20210930031921-04548b0d99d4/go.mod h1:6pvJx4me5XPnfI9Z40ddWsdw2W/uZgQLFXToKeRcDiI=
@ -337,6 +335,8 @@ github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1
github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo=
github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4=
github.com/quic-go/qtls-go1-19 v0.3.2 h1:tFxjCFcTQzK+oMxG6Zcvp4Dq8dx4yD3dDiIiyc86Z5U=
github.com/quic-go/qtls-go1-19 v0.3.2/go.mod h1:ySOI96ew8lnoKPtSqx2BlI5wCpUVPT05RMAlajtnyOI=
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ= github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=

View File

@ -1,5 +1,4 @@
//go:build !windows //go:build !windows
// +build !windows
package proxy package proxy

View File

@ -1,5 +1,4 @@
//go:build !windows //go:build !windows
// +build !windows
package sshgen package sshgen

View File

@ -1,5 +1,4 @@
//go:build darwin //go:build darwin
// +build darwin
package token package token

View File

@ -1,5 +1,4 @@
//go:build !windows && !darwin && !linux && !netbsd && !freebsd && !openbsd //go:build !windows && !darwin && !linux && !netbsd && !freebsd && !openbsd
// +build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd
package token package token

View File

@ -1,5 +1,4 @@
//go:build linux || freebsd || openbsd || netbsd //go:build linux || freebsd || openbsd || netbsd
// +build linux freebsd openbsd netbsd
package token package token

View File

@ -1,5 +1,4 @@
//go:build windows //go:build windows
// +build windows
package token package token

View File

@ -1,5 +1,4 @@
//go:build linux //go:build linux
// +build linux
package token package token

View File

@ -1,170 +0,0 @@
// Copyright 2022 Cloudflare, Inc. All rights reserved. Use of this source code
// is governed by a BSD-style license that can be found in the LICENSE file.
//
// Glue to add Circl's (post-quantum) hybrid KEMs.
//
// To enable set CurvePreferences with the desired scheme as the first element:
//
// import (
// "github.com/cloudflare/circl/kem/tls"
// "github.com/cloudflare/circl/kem/hybrid"
//
// [...]
//
// config.CurvePreferences = []tls.CurveID{
// qtls.X25519Kyber512Draft00,
// qtls.X25519,
// qtls.P256,
// }
package qtls
import (
"github.com/cloudflare/circl/kem"
"github.com/cloudflare/circl/kem/hybrid"
"crypto/tls"
"fmt"
"io"
"sync"
"time"
)
// Either ecdheParameters or kem.PrivateKey
type clientKeySharePrivate interface{}
var (
X25519Kyber512Draft00 = CurveID(0xfe30)
X25519Kyber768Draft00 = CurveID(0xfe31)
invalidCurveID = CurveID(0)
)
func kemSchemeKeyToCurveID(s kem.Scheme) CurveID {
switch s.Name() {
case "Kyber512-X25519":
return X25519Kyber512Draft00
case "Kyber768-X25519":
return X25519Kyber768Draft00
default:
return invalidCurveID
}
}
// Extract CurveID from clientKeySharePrivate
func clientKeySharePrivateCurveID(ks clientKeySharePrivate) CurveID {
switch v := ks.(type) {
case kem.PrivateKey:
ret := kemSchemeKeyToCurveID(v.Scheme())
if ret == invalidCurveID {
panic("cfkem: internal error: don't know CurveID for this KEM")
}
return ret
case ecdheParameters:
return v.CurveID()
default:
panic("cfkem: internal error: unknown clientKeySharePrivate")
}
}
// Returns scheme by CurveID if supported by Circl
func curveIdToCirclScheme(id CurveID) kem.Scheme {
switch id {
case X25519Kyber512Draft00:
return hybrid.Kyber512X25519()
case X25519Kyber768Draft00:
return hybrid.Kyber768X25519()
}
return nil
}
// Generate a new shared secret and encapsulates it for the packed
// public key in ppk using randomness from rnd.
func encapsulateForKem(scheme kem.Scheme, rnd io.Reader, ppk []byte) (
ct, ss []byte, alert alert, err error) {
pk, err := scheme.UnmarshalBinaryPublicKey(ppk)
if err != nil {
return nil, nil, alertIllegalParameter, fmt.Errorf("unpack pk: %w", err)
}
seed := make([]byte, scheme.EncapsulationSeedSize())
if _, err := io.ReadFull(rnd, seed); err != nil {
return nil, nil, alertInternalError, fmt.Errorf("random: %w", err)
}
ct, ss, err = scheme.EncapsulateDeterministically(pk, seed)
return ct, ss, alertIllegalParameter, err
}
// Generate a new keypair using randomness from rnd.
func generateKemKeyPair(scheme kem.Scheme, rnd io.Reader) (
kem.PublicKey, kem.PrivateKey, error) {
seed := make([]byte, scheme.SeedSize())
if _, err := io.ReadFull(rnd, seed); err != nil {
return nil, nil, err
}
pk, sk := scheme.DeriveKeyPair(seed)
return pk, sk, nil
}
// Events. We cannot use the same approach as used in our plain Go fork
// as we cannot change tls.Config, tls.ConnectionState, etc. Also we do
// not want to maintain a fork of quic-go itself as well. This seems
// the simplest option.
// CFEvent. There are two events: one emitted on HRR and one emitted
type CFEvent interface {
// Common to all events
ServerSide() bool // true if server-side; false if on client-side
// HRR event. Emitted when an HRR happened.
IsHRR() bool // true if this is an HRR event
// Handshake event.
IsHandshake() bool // true if this is a handshake event.
Duration() time.Duration // how long did the handshake take?
KEX() tls.CurveID // which kex was established?
}
type CFEventHandler func(CFEvent)
// Registers a handler to be called when a CFEvent is emitted; returns
// the previous handler.
func SetCFEventHandler(handler CFEventHandler) CFEventHandler {
cfEventMux.Lock()
ret := cfEventHandler
cfEventHandler = handler
cfEventMux.Unlock()
return ret
}
func raiseCFEvent(ev CFEvent) {
cfEventMux.Lock()
handler := cfEventHandler
cfEventMux.Unlock()
if handler != nil {
handler(ev)
}
}
var (
cfEventMux sync.Mutex
cfEventHandler CFEventHandler
)
type cfEventHRR struct{ serverSide bool }
func (*cfEventHRR) IsHRR() bool { return true }
func (ev *cfEventHRR) ServerSide() bool { return ev.serverSide }
func (*cfEventHRR) IsHandshake() bool { return false }
func (ev *cfEventHRR) Duration() time.Duration { panic("wrong event") }
func (ev *cfEventHRR) KEX() tls.CurveID { panic("wrong event") }
type cfEventHandshake struct {
serverSide bool
duration time.Duration
kex tls.CurveID
}
func (*cfEventHandshake) IsHRR() bool { return false }
func (ev *cfEventHandshake) ServerSide() bool { return ev.serverSide }
func (*cfEventHandshake) IsHandshake() bool { return true }
func (ev *cfEventHandshake) Duration() time.Duration { return ev.duration }
func (ev *cfEventHandshake) KEX() tls.CurveID { return ev.kex }

View File

@ -40,7 +40,7 @@ type clientHandshakeState struct {
var testingOnlyForceClientHelloSignatureAlgorithms []SignatureScheme var testingOnlyForceClientHelloSignatureAlgorithms []SignatureScheme
func (c *Conn) makeClientHello() (*clientHelloMsg, clientKeySharePrivate, error) { func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
config := c.config config := c.config
if len(config.ServerName) == 0 && !config.InsecureSkipVerify { if len(config.ServerName) == 0 && !config.InsecureSkipVerify {
return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config") return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config")
@ -142,8 +142,11 @@ func (c *Conn) makeClientHello() (*clientHelloMsg, clientKeySharePrivate, error)
hello.supportedSignatureAlgorithms = testingOnlyForceClientHelloSignatureAlgorithms hello.supportedSignatureAlgorithms = testingOnlyForceClientHelloSignatureAlgorithms
} }
var secret clientKeySharePrivate var params ecdheParameters
if hello.supportedVersions[0] == VersionTLS13 { if hello.supportedVersions[0] == VersionTLS13 {
if len(hello.supportedVersions) == 1 {
hello.cipherSuites = hello.cipherSuites[:0]
}
if hasAESGCMHardwareSupport { if hasAESGCMHardwareSupport {
hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13...) hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13...)
} else { } else {
@ -151,37 +154,21 @@ func (c *Conn) makeClientHello() (*clientHelloMsg, clientKeySharePrivate, error)
} }
curveID := config.curvePreferences()[0] curveID := config.curvePreferences()[0]
if scheme := curveIdToCirclScheme(curveID); scheme != nil { if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
pk, sk, err := generateKemKeyPair(scheme, config.rand()) return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve")
if err != nil {
return nil, nil, fmt.Errorf("generateKemKeyPair %s: %w",
scheme.Name(), err)
}
packedPk, err := pk.MarshalBinary()
if err != nil {
return nil, nil, fmt.Errorf("pack circl public key %s: %w",
scheme.Name(), err)
}
hello.keyShares = []keyShare{{group: curveID, data: packedPk}}
secret = sk
} else {
if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve")
}
params, err := generateECDHEParameters(config.rand(), curveID)
if err != nil {
return nil, nil, err
}
hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
secret = params
} }
params, err = generateECDHEParameters(config.rand(), curveID)
if err != nil {
return nil, nil, err
}
hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
} }
if hello.supportedVersions[0] == VersionTLS13 && c.extraConfig != nil && c.extraConfig.GetExtensions != nil { if hello.supportedVersions[0] == VersionTLS13 && c.extraConfig != nil && c.extraConfig.GetExtensions != nil {
hello.additionalExtensions = c.extraConfig.GetExtensions(typeClientHello) hello.additionalExtensions = c.extraConfig.GetExtensions(typeClientHello)
} }
return hello, secret, nil return hello, params, nil
} }
func (c *Conn) clientHandshake(ctx context.Context) (err error) { func (c *Conn) clientHandshake(ctx context.Context) (err error) {
@ -274,14 +261,14 @@ func (c *Conn) clientHandshake(ctx context.Context) (err error) {
if c.vers == VersionTLS13 { if c.vers == VersionTLS13 {
hs := &clientHandshakeStateTLS13{ hs := &clientHandshakeStateTLS13{
c: c, c: c,
ctx: ctx, ctx: ctx,
serverHello: serverHello, serverHello: serverHello,
hello: hello, hello: hello,
keySharePrivate: ecdheParams, ecdheParams: ecdheParams,
session: session, session: session,
earlySecret: earlySecret, earlySecret: earlySecret,
binderKey: binderKey, binderKey: binderKey,
} }
// In TLS 1.3, session tickets are delivered after the handshake. // In TLS 1.3, session tickets are delivered after the handshake.

View File

@ -12,12 +12,10 @@ import (
"crypto/rsa" "crypto/rsa"
"encoding/binary" "encoding/binary"
"errors" "errors"
"fmt"
"hash" "hash"
"sync/atomic" "sync/atomic"
"time" "time"
circlKem "github.com/cloudflare/circl/kem"
"golang.org/x/crypto/cryptobyte" "golang.org/x/crypto/cryptobyte"
) )
@ -26,8 +24,7 @@ type clientHandshakeStateTLS13 struct {
ctx context.Context ctx context.Context
serverHello *serverHelloMsg serverHello *serverHelloMsg
hello *clientHelloMsg hello *clientHelloMsg
ecdheParams ecdheParameters
keySharePrivate clientKeySharePrivate
session *clientSessionState session *clientSessionState
earlySecret []byte earlySecret []byte
@ -47,8 +44,6 @@ type clientHandshakeStateTLS13 struct {
func (hs *clientHandshakeStateTLS13) handshake() error { func (hs *clientHandshakeStateTLS13) handshake() error {
c := hs.c c := hs.c
startTime := time.Now()
if needFIPS() { if needFIPS() {
return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode") return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode")
} }
@ -61,7 +56,7 @@ func (hs *clientHandshakeStateTLS13) handshake() error {
} }
// Consistency check on the presence of a keyShare and its parameters. // Consistency check on the presence of a keyShare and its parameters.
if hs.keySharePrivate == nil || len(hs.hello.keyShares) != 1 { if hs.ecdheParams == nil || len(hs.hello.keyShares) != 1 {
return c.sendAlert(alertInternalError) return c.sendAlert(alertInternalError)
} }
@ -119,12 +114,6 @@ func (hs *clientHandshakeStateTLS13) handshake() error {
return err return err
} }
raiseCFEvent(&cfEventHandshake{
serverSide: false,
duration: time.Since(startTime),
kex: hs.serverHello.serverShare.group,
})
atomic.StoreUint32(&c.handshakeStatus, 1) atomic.StoreUint32(&c.handshakeStatus, 1)
c.updateConnectionState() c.updateConnectionState()
return nil return nil
@ -201,8 +190,6 @@ func (hs *clientHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error { func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
c := hs.c c := hs.c
raiseCFEvent(&cfEventHRR{serverSide: false})
// The first ClientHello gets double-hashed into the transcript upon a // The first ClientHello gets double-hashed into the transcript upon a
// HelloRetryRequest. (The idea is that the server might offload transcript // HelloRetryRequest. (The idea is that the server might offload transcript
// storage to the client in the cookie.) See RFC 8446, Section 4.4.1. // storage to the client in the cookie.) See RFC 8446, Section 4.4.1.
@ -246,38 +233,21 @@ func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: server selected unsupported group") return errors.New("tls: server selected unsupported group")
} }
if clientKeySharePrivateCurveID(hs.keySharePrivate) == curveID { if hs.ecdheParams.CurveID() == curveID {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: server sent an unnecessary HelloRetryRequest key_share") return errors.New("tls: server sent an unnecessary HelloRetryRequest key_share")
} }
if scheme := curveIdToCirclScheme(curveID); scheme != nil { if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
pk, sk, err := generateKemKeyPair(scheme, c.config.rand()) c.sendAlert(alertInternalError)
if err != nil { return errors.New("tls: CurvePreferences includes unsupported curve")
c.sendAlert(alertInternalError)
return fmt.Errorf("HRR generateKeyPair %s: %w",
scheme.Name(), err)
}
packedPk, err := pk.MarshalBinary()
if err != nil {
c.sendAlert(alertInternalError)
return fmt.Errorf("HRR pack circl public key %s: %w",
scheme.Name(), err)
}
hs.keySharePrivate = sk
hs.hello.keyShares = []keyShare{{group: curveID, data: packedPk}}
} else {
if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
c.sendAlert(alertInternalError)
return errors.New("tls: CurvePreferences includes unsupported curve")
}
params, err := generateECDHEParameters(c.config.rand(), curveID)
if err != nil {
c.sendAlert(alertInternalError)
return err
}
hs.keySharePrivate = params
hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
} }
params, err := generateECDHEParameters(c.config.rand(), curveID)
if err != nil {
c.sendAlert(alertInternalError)
return err
}
hs.ecdheParams = params
hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
} }
hs.hello.raw = nil hs.hello.raw = nil
@ -363,7 +333,7 @@ func (hs *clientHandshakeStateTLS13) processServerHello() error {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: server did not send a key share") return errors.New("tls: server did not send a key share")
} }
if hs.serverHello.serverShare.group != clientKeySharePrivateCurveID(hs.keySharePrivate) { if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: server selected unsupported group") return errors.New("tls: server selected unsupported group")
} }
@ -401,18 +371,7 @@ func (hs *clientHandshakeStateTLS13) processServerHello() error {
func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error { func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error {
c := hs.c c := hs.c
var sharedKey []byte sharedKey := hs.ecdheParams.SharedKey(hs.serverHello.serverShare.data)
if params, ok := hs.keySharePrivate.(ecdheParameters); ok {
sharedKey = params.SharedKey(hs.serverHello.serverShare.data)
} else if sk, ok := hs.keySharePrivate.(circlKem.PrivateKey); ok {
var err error
sharedKey, err = sk.Scheme().Decapsulate(sk, hs.serverHello.serverShare.data)
if err != nil {
c.sendAlert(alertIllegalParameter)
return fmt.Errorf("%s decaps: %w", sk.Scheme().Name(), err)
}
}
if sharedKey == nil { if sharedKey == nil {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: invalid server key share") return errors.New("tls: invalid server key share")

View File

@ -11,7 +11,6 @@ import (
"crypto/hmac" "crypto/hmac"
"crypto/rsa" "crypto/rsa"
"errors" "errors"
"fmt"
"hash" "hash"
"io" "io"
"sync/atomic" "sync/atomic"
@ -47,8 +46,6 @@ type serverHandshakeStateTLS13 struct {
func (hs *serverHandshakeStateTLS13) handshake() error { func (hs *serverHandshakeStateTLS13) handshake() error {
c := hs.c c := hs.c
startTime := time.Now()
if needFIPS() { if needFIPS() {
return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode") return errors.New("tls: internal error: TLS 1.3 reached in FIPS mode")
} }
@ -88,12 +85,6 @@ func (hs *serverHandshakeStateTLS13) handshake() error {
return err return err
} }
raiseCFEvent(&cfEventHandshake{
serverSide: true,
duration: time.Since(startTime),
kex: hs.hello.serverShare.group,
})
atomic.StoreUint32(&c.handshakeStatus, 1) atomic.StoreUint32(&c.handshakeStatus, 1)
c.updateConnectionState() c.updateConnectionState()
return nil return nil
@ -208,27 +199,17 @@ GroupSelection:
clientKeyShare = &hs.clientHello.keyShares[0] clientKeyShare = &hs.clientHello.keyShares[0]
} }
if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && curveIdToCirclScheme(selectedGroup) == nil && !ok { if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && !ok {
c.sendAlert(alertInternalError) c.sendAlert(alertInternalError)
return errors.New("tls: CurvePreferences includes unsupported curve") return errors.New("tls: CurvePreferences includes unsupported curve")
} }
if kem := curveIdToCirclScheme(selectedGroup); kem != nil { params, err := generateECDHEParameters(c.config.rand(), selectedGroup)
ct, ss, alert, err := encapsulateForKem(kem, c.config.rand(), clientKeyShare.data) if err != nil {
if err != nil { c.sendAlert(alertInternalError)
c.sendAlert(alert) return err
return fmt.Errorf("%s encap: %w", kem.Name(), err)
}
hs.hello.serverShare = keyShare{group: selectedGroup, data: ct}
hs.sharedKey = ss
} else {
params, err := generateECDHEParameters(c.config.rand(), selectedGroup)
if err != nil {
c.sendAlert(alertInternalError)
return err
}
hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()}
hs.sharedKey = params.SharedKey(clientKeyShare.data)
} }
hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()}
hs.sharedKey = params.SharedKey(clientKeyShare.data)
if hs.sharedKey == nil { if hs.sharedKey == nil {
c.sendAlert(alertIllegalParameter) c.sendAlert(alertIllegalParameter)
return errors.New("tls: invalid client key share") return errors.New("tls: invalid client key share")
@ -458,8 +439,6 @@ func (hs *serverHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error { func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error {
c := hs.c c := hs.c
raiseCFEvent(&cfEventHRR{serverSide: true})
// The first ClientHello gets double-hashed into the transcript upon a // The first ClientHello gets double-hashed into the transcript upon a
// HelloRetryRequest. See RFC 8446, Section 4.4.1. // HelloRetryRequest. See RFC 8446, Section 4.4.1.
if err := transcriptMsg(hs.clientHello, hs.transcript); err != nil { if err := transcriptMsg(hs.clientHello, hs.transcript); err != nil {

View File

@ -168,7 +168,7 @@ type ecdheKeyAgreement struct {
func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) { func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
var curveID CurveID var curveID CurveID
for _, c := range clientHello.supportedCurves { for _, c := range clientHello.supportedCurves {
if config.supportsCurve(c) && curveIdToCirclScheme(c) == nil { if config.supportsCurve(c) {
curveID = c curveID = c
break break
} }

3
vendor/modules.txt vendored
View File

@ -258,7 +258,7 @@ github.com/prometheus/common/model
github.com/prometheus/procfs github.com/prometheus/procfs
github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/fs
github.com/prometheus/procfs/internal/util github.com/prometheus/procfs/internal/util
# github.com/quic-go/qtls-go1-19 v0.3.2 => github.com/cloudflare/qtls-pq v0.0.0-20230320123031-3faac1a945b2 # github.com/quic-go/qtls-go1-19 v0.3.2
## explicit; go 1.19 ## explicit; go 1.19
github.com/quic-go/qtls-go1-19 github.com/quic-go/qtls-go1-19
# github.com/quic-go/qtls-go1-20 v0.2.2 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633 # github.com/quic-go/qtls-go1-20 v0.2.2 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633
@ -577,5 +577,4 @@ zombiezen.com/go/capnproto2/std/capnp/rpc
# github.com/prometheus/golang_client => github.com/prometheus/golang_client v1.12.1 # github.com/prometheus/golang_client => github.com/prometheus/golang_client v1.12.1
# gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1 # gopkg.in/yaml.v3 => gopkg.in/yaml.v3 v3.0.1
# github.com/quic-go/quic-go => github.com/devincarr/quic-go v0.0.0-20230502200822-d1f4edacbee7 # github.com/quic-go/quic-go => github.com/devincarr/quic-go v0.0.0-20230502200822-d1f4edacbee7
# github.com/quic-go/qtls-go1-19 => github.com/cloudflare/qtls-pq v0.0.0-20230320123031-3faac1a945b2
# github.com/quic-go/qtls-go1-20 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633 # github.com/quic-go/qtls-go1-20 => github.com/cloudflare/qtls-pq v0.0.0-20230320122459-4ed280d0d633

View File

@ -1,5 +1,4 @@
//go:build !windows //go:build !windows
// +build !windows
package watcher package watcher