grafana/SOURCES/1001-vendor-patch-removed-backend-crypto.patch

1157 lines
32 KiB
Diff
Raw Normal View History

2023-05-09 05:17:53 +00:00
patch removed backend crypto
the `Makefile` removed a few files containing (unused) crypto
algorithms from the vendor tarball, which are not used in Grafana.
This patch removes all references to the deleted files.
diff --git a/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go
new file mode 100644
index 0000000000..871e612a61
--- /dev/null
+++ b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go
@@ -0,0 +1,25 @@
+package elgamal
+
+import (
+ "io"
+ "math/big"
+)
+
+// PublicKey represents an ElGamal public key.
+type PublicKey struct {
+ G, P, Y *big.Int
+}
+
+// PrivateKey represents an ElGamal private key.
+type PrivateKey struct {
+ PublicKey
+ X *big.Int
+}
+
+func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) {
+ panic("ElGamal encryption not available")
+}
+
+func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
+ panic("ElGamal encryption not available")
+}
diff --git a/vendor/golang.org/x/crypto/openpgp/packet/packet.go b/vendor/golang.org/x/crypto/openpgp/packet/packet.go
index 0a19794a8e..25a5ee9158 100644
--- a/vendor/golang.org/x/crypto/openpgp/packet/packet.go
+++ b/vendor/golang.org/x/crypto/openpgp/packet/packet.go
@@ -22,7 +22,6 @@ import (
"math/big"
"math/bits"
- "golang.org/x/crypto/cast5"
"golang.org/x/crypto/openpgp/errors"
)
@@ -493,7 +492,7 @@ func (cipher CipherFunction) KeySize() int {
case Cipher3DES:
return 24
case CipherCAST5:
- return cast5.KeySize
+ panic("cast5 cipher not available")
case CipherAES128:
return 16
case CipherAES192:
@@ -523,7 +522,7 @@ func (cipher CipherFunction) new(key []byte) (block cipher.Block) {
case Cipher3DES:
block, _ = des.NewTripleDESCipher(key)
case CipherCAST5:
- block, _ = cast5.NewCipher(key)
+ panic("cast5 cipher not available")
case CipherAES128, CipherAES192, CipherAES256:
block, _ = aes.NewCipher(key)
}
diff --git a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go
index 6126030eb9..3a54c5f2b1 100644
--- a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go
+++ b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go
@@ -5,13 +5,12 @@
package packet
import (
- "crypto/cipher"
"crypto/sha1"
"crypto/subtle"
- "golang.org/x/crypto/openpgp/errors"
"hash"
"io"
- "strconv"
+
+ "golang.org/x/crypto/openpgp/errors"
)
// SymmetricallyEncrypted represents a symmetrically encrypted byte string. The
@@ -45,46 +44,7 @@ func (se *SymmetricallyEncrypted) parse(r io.Reader) error {
// packet can be read. An incorrect key can, with high probability, be detected
// immediately and this will result in a KeyIncorrect error being returned.
func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) {
- keySize := c.KeySize()
- if keySize == 0 {
- return nil, errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c)))
- }
- if len(key) != keySize {
- return nil, errors.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length")
- }
-
- if se.prefix == nil {
- se.prefix = make([]byte, c.blockSize()+2)
- _, err := readFull(se.contents, se.prefix)
- if err != nil {
- return nil, err
- }
- } else if len(se.prefix) != c.blockSize()+2 {
- return nil, errors.InvalidArgumentError("can't try ciphers with different block lengths")
- }
-
- ocfbResync := OCFBResync
- if se.MDC {
- // MDC packets use a different form of OCFB mode.
- ocfbResync = OCFBNoResync
- }
-
- s := NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync)
- if s == nil {
- return nil, errors.ErrKeyIncorrect
- }
-
- plaintext := cipher.StreamReader{S: s, R: se.contents}
-
- if se.MDC {
- // MDC packets have an embedded hash that we need to check.
- h := sha1.New()
- h.Write(se.prefix)
- return &seMDCReader{in: plaintext, h: h}, nil
- }
-
- // Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser.
- return seReader{plaintext}, nil
+ panic("OCFB cipher not available")
}
// seReader wraps an io.Reader with a no-op Close method.
@@ -254,37 +214,5 @@ func (c noOpCloser) Close() error {
// written.
// If config is nil, sensible defaults will be used.
func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte, config *Config) (contents io.WriteCloser, err error) {
- if c.KeySize() != len(key) {
- return nil, errors.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length")
- }
- writeCloser := noOpCloser{w}
- ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC)
- if err != nil {
- return
- }
-
- _, err = ciphertext.Write([]byte{symmetricallyEncryptedVersion})
- if err != nil {
- return
- }
-
- block := c.new(key)
- blockSize := block.BlockSize()
- iv := make([]byte, blockSize)
- _, err = config.Random().Read(iv)
- if err != nil {
- return
- }
- s, prefix := NewOCFBEncrypter(block, iv, OCFBNoResync)
- _, err = ciphertext.Write(prefix)
- if err != nil {
- return
- }
- plaintext := cipher.StreamWriter{S: s, W: ciphertext}
-
- h := sha1.New()
- h.Write(iv)
- h.Write(iv[blockSize-2:])
- contents = &seMDCWriter{w: plaintext, h: h}
- return
+ panic("OCFB cipher not available")
}
diff --git a/vendor/golang.org/x/crypto/pkcs12/crypto.go b/vendor/golang.org/x/crypto/pkcs12/crypto.go
index 484ca51b71..5f502b8df1 100644
--- a/vendor/golang.org/x/crypto/pkcs12/crypto.go
+++ b/vendor/golang.org/x/crypto/pkcs12/crypto.go
@@ -11,8 +11,6 @@ import (
"crypto/x509/pkix"
"encoding/asn1"
"errors"
-
- "golang.org/x/crypto/pkcs12/internal/rc2"
)
var (
@@ -46,10 +44,6 @@ func (shaWithTripleDESCBC) deriveIV(salt, password []byte, iterations int) []byt
type shaWith40BitRC2CBC struct{}
-func (shaWith40BitRC2CBC) create(key []byte) (cipher.Block, error) {
- return rc2.New(key, len(key)*8)
-}
-
func (shaWith40BitRC2CBC) deriveKey(salt, password []byte, iterations int) []byte {
return pbkdf(sha1Sum, 20, 64, salt, password, iterations, 1, 5)
}
@@ -70,7 +64,7 @@ func pbDecrypterFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher
case algorithm.Algorithm.Equal(oidPBEWithSHAAnd3KeyTripleDESCBC):
cipherType = shaWithTripleDESCBC{}
case algorithm.Algorithm.Equal(oidPBEWithSHAAnd40BitRC2CBC):
- cipherType = shaWith40BitRC2CBC{}
+ panic("RC2 encryption not available")
default:
return nil, 0, NotImplementedError("algorithm " + algorithm.Algorithm.String() + " is not supported")
}
diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go
index ae3ebc03b9..11dbc3c56e 100644
--- a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go
+++ b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go
2023-11-07 09:07:04 +00:00
@@ -16,14 +16,11 @@
2023-05-09 05:17:53 +00:00
package web
import (
- "encoding/hex"
"fmt"
"net/http"
2023-11-07 09:07:04 +00:00
- "strings"
2023-05-09 05:17:53 +00:00
"sync"
"github.com/go-kit/log"
- "golang.org/x/crypto/bcrypt"
)
// extraHTTPHeaders is a map of HTTP headers that can be added to HTTP
@@ -36,22 +34,6 @@ var extraHTTPHeaders = map[string][]string{
"Content-Security-Policy": nil,
}
-func validateUsers(configPath string) error {
- c, err := getConfig(configPath)
- if err != nil {
- return err
- }
-
- for _, p := range c.Users {
- _, err = bcrypt.Cost([]byte(p))
- if err != nil {
- return err
- }
- }
-
- return nil
-}
-
// validateHeaderConfig checks that the provided header configuration is correct.
// It does not check the validity of all the values, only the ones which are
// well-defined enumerations.
2023-11-07 09:07:04 +00:00
@@ -67,60 +49,3 @@ type webHandler struct {
2023-05-09 05:17:53 +00:00
// only once in parallel as this is CPU intensive.
bcryptMtx sync.Mutex
}
-
-func (u *webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
- c, err := getConfig(u.tlsConfigPath)
- if err != nil {
- u.logger.Log("msg", "Unable to parse configuration", "err", err)
- http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
- return
- }
-
- // Configure http headers.
- for k, v := range c.HTTPConfig.Header {
- w.Header().Set(k, v)
- }
-
- if len(c.Users) == 0 {
- u.handler.ServeHTTP(w, r)
- return
- }
-
- user, pass, auth := r.BasicAuth()
- if auth {
- hashedPassword, validUser := c.Users[user]
-
- if !validUser {
- // The user is not found. Use a fixed password hash to
- // prevent user enumeration by timing requests.
- // This is a bcrypt-hashed version of "fakepassword".
- hashedPassword = "$2y$10$QOauhQNbBCuQDKes6eFzPeMqBSjb7Mr5DUmpZ/VcEd00UAV/LDeSi"
- }
-
2023-11-07 09:07:04 +00:00
- cacheKey := strings.Join(
- []string{
- hex.EncodeToString([]byte(user)),
- hex.EncodeToString([]byte(hashedPassword)),
- hex.EncodeToString([]byte(pass)),
- }, ":")
2023-05-09 05:17:53 +00:00
- authOk, ok := u.cache.get(cacheKey)
-
- if !ok {
- // This user, hashedPassword, password is not cached.
- u.bcryptMtx.Lock()
- err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(pass))
- u.bcryptMtx.Unlock()
-
2023-11-07 09:07:04 +00:00
- authOk = validUser && err == nil
2023-05-09 05:17:53 +00:00
- u.cache.set(cacheKey, authOk)
- }
-
- if authOk && validUser {
- u.handler.ServeHTTP(w, r)
- return
- }
- }
-
- w.Header().Set("WWW-Authenticate", "Basic")
- http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
-}
diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go b/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go
2023-11-07 09:07:04 +00:00
--- grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-13 20:00:00.000000000 -0400
+++ /tmp/rpkg/grafana-1-v6p2z4of/grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-16 13:43:13.300238021 -0400
@@ -18,12 +18,8 @@
2023-05-09 05:17:53 +00:00
"crypto/x509"
"fmt"
"io/ioutil"
- "net"
- "net/http"
"path/filepath"
- "github.com/go-kit/log"
- "github.com/go-kit/log/level"
"github.com/pkg/errors"
config_util "github.com/prometheus/common/config"
"gopkg.in/yaml.v2"
2023-11-07 09:07:04 +00:00
@@ -177,98 +173,6 @@
2023-05-09 05:17:53 +00:00
return cfg, nil
}
-// ListenAndServe starts the server on the given address. Based on the file
-// tlsConfigPath, TLS or basic auth could be enabled.
-func ListenAndServe(server *http.Server, tlsConfigPath string, logger log.Logger) error {
- listener, err := net.Listen("tcp", server.Addr)
- if err != nil {
- return err
- }
- defer listener.Close()
- return Serve(listener, server, tlsConfigPath, logger)
-}
-
-// Server starts the server on the given listener. Based on the file
-// tlsConfigPath, TLS or basic auth could be enabled.
-func Serve(l net.Listener, server *http.Server, tlsConfigPath string, logger log.Logger) error {
- if tlsConfigPath == "" {
- level.Info(logger).Log("msg", "TLS is disabled.", "http2", false)
- return server.Serve(l)
- }
-
- if err := validateUsers(tlsConfigPath); err != nil {
- return err
- }
-
- // Setup basic authentication.
- var handler http.Handler = http.DefaultServeMux
- if server.Handler != nil {
- handler = server.Handler
- }
-
- c, err := getConfig(tlsConfigPath)
- if err != nil {
- return err
- }
-
- server.Handler = &webHandler{
- tlsConfigPath: tlsConfigPath,
- logger: logger,
- handler: handler,
- cache: newCache(),
- }
-
- config, err := ConfigToTLSConfig(&c.TLSConfig)
- switch err {
- case nil:
- if !c.HTTPConfig.HTTP2 {
- server.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler))
- }
- // Valid TLS config.
- level.Info(logger).Log("msg", "TLS is enabled.", "http2", c.HTTPConfig.HTTP2)
- case errNoTLSConfig:
- // No TLS config, back to plain HTTP.
- level.Info(logger).Log("msg", "TLS is disabled.", "http2", false)
- return server.Serve(l)
- default:
- // Invalid TLS config.
- return err
- }
-
- server.TLSConfig = config
-
- // Set the GetConfigForClient method of the HTTPS server so that the config
- // and certs are reloaded on new connections.
- server.TLSConfig.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
2023-11-07 09:07:04 +00:00
- config, err := getTLSConfig(tlsConfigPath)
- if err != nil {
- return nil, err
- }
- config.NextProtos = server.TLSConfig.NextProtos
- return config, nil
2023-05-09 05:17:53 +00:00
- }
- return server.ServeTLS(l, "", "")
-}
-
-// Validate configuration file by reading the configuration and the certificates.
-func Validate(tlsConfigPath string) error {
- if tlsConfigPath == "" {
- return nil
- }
- if err := validateUsers(tlsConfigPath); err != nil {
- return err
- }
- c, err := getConfig(tlsConfigPath)
- if err != nil {
- return err
- }
- _, err = ConfigToTLSConfig(&c.TLSConfig)
- if err == errNoTLSConfig {
- return nil
- }
- return err
-}
-
type cipher uint16
func (c *cipher) UnmarshalYAML(unmarshal func(interface{}) error) error {
2023-11-07 09:07:04 +00:00
@@ -351,11 +255,3 @@
2023-05-09 05:17:53 +00:00
}
return fmt.Sprintf("%v", tv), nil
}
-
-// Listen starts the server on the given address. Based on the file
-// tlsConfigPath, TLS or basic auth could be enabled.
-//
-// Deprecated: Use ListenAndServe instead.
-func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error {
- return ListenAndServe(server, tlsConfigPath, logger)
-}
2023-11-07 09:07:04 +00:00
diff a/vendor/github.com/go-git/go-git/v5/options.go b/vendor/github.com/go-git/go-git/v5/options.go
--- a/vendor/github.com/go-git/go-git/v5/options.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/options.go 2022-12-20 10:24:35.162653691 -0500
@@ -7,7 +7,7 @@
"strings"
"time"
- "github.com/ProtonMail/go-crypto/openpgp"
+ // "github.com/ProtonMail/go-crypto/openpgp"
"github.com/go-git/go-git/v5/config"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/object"
@@ -434,7 +434,7 @@
// SignKey denotes a key to sign the commit with. A nil value here means the
// commit will not be signed. The private key must be present and already
// decrypted.
- SignKey *openpgp.Entity
+ // SignKey *openpgp.Entity
}
// Validate validates the fields and sets the default values.
@@ -517,7 +517,7 @@
Message string
// SignKey denotes a key to sign the tag with. A nil value here means the tag
// will not be signed. The private key must be present and already decrypted.
- SignKey *openpgp.Entity
+ // SignKey *openpgp.Entity
}
// Validate validates the fields and sets the default values.
diff a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go
--- a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go 2022-12-20 10:33:26.630073026 -0500
@@ -9,7 +9,7 @@
"io"
"strings"
- "github.com/ProtonMail/go-crypto/openpgp"
+ // "github.com/ProtonMail/go-crypto/openpgp"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/storer"
@@ -354,7 +354,8 @@
// Verify performs PGP verification of the commit with a provided armored
// keyring and returns openpgp.Entity associated with verifying key on success.
-func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
+func (c *Commit) Verify(armoredKeyRing string) (*int, error) {
+ /*
keyRingReader := strings.NewReader(armoredKeyRing)
keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
if err != nil {
@@ -375,6 +376,8 @@
}
return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil)
+ */
+ return nil, nil
}
func indent(t string) string {
diff a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go
--- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go 2022-12-20 10:37:05.542949113 -0500
@@ -6,9 +6,9 @@
"fmt"
"io"
stdioutil "io/ioutil"
- "strings"
+ // "strings"
- "github.com/ProtonMail/go-crypto/openpgp"
+ // "github.com/ProtonMail/go-crypto/openpgp"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/storer"
@@ -284,7 +284,8 @@
// Verify performs PGP verification of the tag with a provided armored
// keyring and returns openpgp.Entity associated with verifying key on success.
-func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
+func (t *Tag) Verify(armoredKeyRing string) (*int, error) {
+ /*
keyRingReader := strings.NewReader(armoredKeyRing)
keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader)
if err != nil {
@@ -305,6 +306,8 @@
}
return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil)
+ */
+ return nil, nil
}
// TagIter provides an iterator for a set of tags.
diff a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go 2022-12-20 13:42:13.659296361 -0500
@@ -1,6 +1,7 @@
package ssh
import (
+ /*
"errors"
"fmt"
"io/ioutil"
@@ -14,6 +15,7 @@
sshagent "github.com/xanzy/ssh-agent"
"golang.org/x/crypto/ssh"
"golang.org/x/crypto/ssh/knownhosts"
+ */
)
const DefaultUsername = "git"
@@ -22,10 +24,12 @@
// must implement. The clientConfig method returns the ssh client
// configuration needed to establish an ssh connection.
type AuthMethod interface {
+ /*
transport.AuthMethod
// ClientConfig should return a valid ssh.ClientConfig to be used to create
// a connection to the SSH server.
ClientConfig() (*ssh.ClientConfig, error)
+ */
}
// The names of the AuthMethod implementations. To be returned by the
@@ -42,78 +46,101 @@
// KeyboardInteractive implements AuthMethod by using a
// prompt/response sequence controlled by the server.
type KeyboardInteractive struct {
+ /*
User string
Challenge ssh.KeyboardInteractiveChallenge
HostKeyCallbackHelper
+ */
}
func (a *KeyboardInteractive) Name() string {
- return KeyboardInteractiveName
+ // return KeyboardInteractiveName
+ return ""
}
func (a *KeyboardInteractive) String() string {
- return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ return ""
}
-func (a *KeyboardInteractive) ClientConfig() (*ssh.ClientConfig, error) {
+func (a *KeyboardInteractive) ClientConfig() (*int, error) {
+ /*
return a.SetHostKeyCallback(&ssh.ClientConfig{
User: a.User,
Auth: []ssh.AuthMethod{
a.Challenge,
},
})
+ */
+ return nil, nil
}
// Password implements AuthMethod by using the given password.
type Password struct {
+ /*
User string
Password string
HostKeyCallbackHelper
+ */
}
func (a *Password) Name() string {
- return PasswordName
+ // return PasswordName
+ return ""
}
func (a *Password) String() string {
- return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ return ""
}
-func (a *Password) ClientConfig() (*ssh.ClientConfig, error) {
+func (a *Password) ClientConfig() (*int, error) {
+ /*
return a.SetHostKeyCallback(&ssh.ClientConfig{
User: a.User,
Auth: []ssh.AuthMethod{ssh.Password(a.Password)},
})
+ */
+ return nil, nil
}
// PasswordCallback implements AuthMethod by using a callback
// to fetch the password.
type PasswordCallback struct {
+ /*
User string
Callback func() (pass string, err error)
HostKeyCallbackHelper
+ */
}
func (a *PasswordCallback) Name() string {
- return PasswordCallbackName
+ // return PasswordCallbackName
+ return ""
}
func (a *PasswordCallback) String() string {
- return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ return ""
}
-func (a *PasswordCallback) ClientConfig() (*ssh.ClientConfig, error) {
+func (a *PasswordCallback) ClientConfig() (*int, error) {
+ /*
return a.SetHostKeyCallback(&ssh.ClientConfig{
User: a.User,
Auth: []ssh.AuthMethod{ssh.PasswordCallback(a.Callback)},
})
+ */
+ return nil, nil
}
// PublicKeys implements AuthMethod by using the given key pairs.
type PublicKeys struct {
+ /*
User string
Signer ssh.Signer
HostKeyCallbackHelper
+ */
}
// NewPublicKeys returns a PublicKeys from a PEM encoded private key. An
@@ -121,6 +148,7 @@
// encrypted PEM block otherwise password should be empty. It supports RSA
// (PKCS#1), PKCS#8, DSA (OpenSSL), and ECDSA private keys.
func NewPublicKeys(user string, pemBytes []byte, password string) (*PublicKeys, error) {
+ /*
signer, err := ssh.ParsePrivateKey(pemBytes)
if _, ok := err.(*ssh.PassphraseMissingError); ok {
signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password))
@@ -129,36 +157,47 @@
return nil, err
}
return &PublicKeys{User: user, Signer: signer}, nil
+ */
+ return nil, nil
}
// NewPublicKeysFromFile returns a PublicKeys from a file containing a PEM
// encoded private key. An encryption password should be given if the pemBytes
// contains a password encrypted PEM block otherwise password should be empty.
func NewPublicKeysFromFile(user, pemFile, password string) (*PublicKeys, error) {
+ /*
bytes, err := ioutil.ReadFile(pemFile)
if err != nil {
return nil, err
}
return NewPublicKeys(user, bytes, password)
+ */
+ return nil, nil
}
func (a *PublicKeys) Name() string {
- return PublicKeysName
+ // return PublicKeysName
+ return ""
}
func (a *PublicKeys) String() string {
- return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ return ""
}
-func (a *PublicKeys) ClientConfig() (*ssh.ClientConfig, error) {
+func (a *PublicKeys) ClientConfig() (*int, error) {
+ /*
return a.SetHostKeyCallback(&ssh.ClientConfig{
User: a.User,
Auth: []ssh.AuthMethod{ssh.PublicKeys(a.Signer)},
})
+ */
+ return nil, nil
}
func username() (string, error) {
+ /*
var username string
if user, err := user.Current(); err == nil {
username = user.Username
@@ -171,20 +210,25 @@
}
return username, nil
+ */
+ return "", nil
}
// PublicKeysCallback implements AuthMethod by asking a
// ssh.agent.Agent to act as a signer.
type PublicKeysCallback struct {
+ /*
User string
Callback func() (signers []ssh.Signer, err error)
HostKeyCallbackHelper
+ */
}
// NewSSHAgentAuth returns a PublicKeysCallback based on a SSH agent, it opens
// a pipe with the SSH agent and uses the pipe as the implementer of the public
// key callback function.
func NewSSHAgentAuth(u string) (*PublicKeysCallback, error) {
+ /*
var err error
if u == "" {
u, err = username()
@@ -202,21 +246,28 @@
User: u,
Callback: a.Signers,
}, nil
+ */
+ return nil, nil
}
func (a *PublicKeysCallback) Name() string {
- return PublicKeysCallbackName
+ // return PublicKeysCallbackName
+ return ""
}
func (a *PublicKeysCallback) String() string {
- return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name())
+ return ""
}
-func (a *PublicKeysCallback) ClientConfig() (*ssh.ClientConfig, error) {
+func (a *PublicKeysCallback) ClientConfig() (*int, error) {
+ /*
return a.SetHostKeyCallback(&ssh.ClientConfig{
User: a.User,
Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)},
})
+ */
+ return nil, nil
}
// NewKnownHostsCallback returns ssh.HostKeyCallback based on a file based on a
@@ -229,7 +280,8 @@
// If SSH_KNOWN_HOSTS is not set the following file locations will be used:
// ~/.ssh/known_hosts
// /etc/ssh/ssh_known_hosts
-func NewKnownHostsCallback(files ...string) (ssh.HostKeyCallback, error) {
+func NewKnownHostsCallback(files ...string) (*int, error) {
+ /*
var err error
if len(files) == 0 {
@@ -243,9 +295,12 @@
}
return knownhosts.New(files...)
+ */
+ return nil, nil
}
-func getDefaultKnownHostsFiles() ([]string, error) {
+func getDefaultKnownHostsFiles() (*int, error) {
+ /*
files := filepath.SplitList(os.Getenv("SSH_KNOWN_HOSTS"))
if len(files) != 0 {
return files, nil
@@ -260,9 +315,12 @@
filepath.Join(homeDirPath, "/.ssh/known_hosts"),
"/etc/ssh/ssh_known_hosts",
}, nil
+ */
+ return nil, nil
}
-func filterKnownHostsFiles(files ...string) ([]string, error) {
+func filterKnownHostsFiles(files ...string) (*int, error) {
+ /*
var out []string
for _, file := range files {
_, err := os.Stat(file)
@@ -281,6 +339,8 @@
}
return out, nil
+ */
+ return nil, nil
}
// HostKeyCallbackHelper is a helper that provides common functionality to
@@ -289,13 +349,14 @@
// HostKeyCallback is the function type used for verifying server keys.
// If nil default callback will be create using NewKnownHostsCallback
// without argument.
- HostKeyCallback ssh.HostKeyCallback
+ // HostKeyCallback ssh.HostKeyCallback
}
// SetHostKeyCallback sets the field HostKeyCallback in the given cfg. If
// HostKeyCallback is empty a default callback is created using
// NewKnownHostsCallback.
-func (m *HostKeyCallbackHelper) SetHostKeyCallback(cfg *ssh.ClientConfig) (*ssh.ClientConfig, error) {
+func (m *HostKeyCallbackHelper) SetHostKeyCallback(*int) (*int, error) {
+ /*
var err error
if m.HostKeyCallback == nil {
if m.HostKeyCallback, err = NewKnownHostsCallback(); err != nil {
@@ -305,4 +366,6 @@
cfg.HostKeyCallback = m.HostKeyCallback
return cfg, nil
+ */
+ return nil, nil
}
diff a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go 2022-12-20 14:01:25.825788050 -0500
@@ -2,18 +2,22 @@
package ssh
import (
- "context"
+ // "context"
"fmt"
+ /*
"reflect"
"strconv"
"strings"
+ */
"github.com/go-git/go-git/v5/plumbing/transport"
"github.com/go-git/go-git/v5/plumbing/transport/internal/common"
"github.com/kevinburke/ssh_config"
+ /*
"golang.org/x/crypto/ssh"
"golang.org/x/net/proxy"
+ */
)
// DefaultClient is the default SSH client.
@@ -28,23 +32,26 @@
}
// NewClient creates a new SSH client with an optional *ssh.ClientConfig.
-func NewClient(config *ssh.ClientConfig) transport.Transport {
- return common.NewClient(&runner{config: config})
+func NewClient(*int) transport.Transport {
+ // return common.NewClient(&runner{config: config})
+ return nil
}
// DefaultAuthBuilder is the function used to create a default AuthMethod, when
// the user doesn't provide any.
var DefaultAuthBuilder = func(user string) (AuthMethod, error) {
- return NewSSHAgentAuth(user)
+ // return NewSSHAgentAuth(user)
+ return nil, nil
}
const DefaultPort = 22
type runner struct {
- config *ssh.ClientConfig
+ // config *ssh.ClientConfig
}
func (r *runner) Command(cmd string, ep *transport.Endpoint, auth transport.AuthMethod) (common.Command, error) {
+ /*
c := &command{command: cmd, endpoint: ep, config: r.config}
if auth != nil {
c.setAuth(auth)
@@ -54,9 +61,12 @@
return nil, err
}
return c, nil
+ */
+ return nil, nil
}
type command struct {
+ /*
*ssh.Session
connected bool
command string
@@ -64,24 +74,29 @@
client *ssh.Client
auth AuthMethod
config *ssh.ClientConfig
+ */
}
func (c *command) setAuth(auth transport.AuthMethod) error {
+ /*
a, ok := auth.(AuthMethod)
if !ok {
return transport.ErrInvalidAuthMethod
}
c.auth = a
+ */
return nil
}
func (c *command) Start() error {
- return c.Session.Start(endpointToCommand(c.command, c.endpoint))
+ // return c.Session.Start(endpointToCommand(c.command, c.endpoint))
+ return nil
}
// Close closes the SSH session and connection.
func (c *command) Close() error {
+ /*
if !c.connected {
return nil
}
@@ -99,6 +114,8 @@
}
return err
+ */
+ return nil
}
// connect connects to the SSH server, unless a AuthMethod was set with
@@ -106,6 +123,7 @@
// it connects to a SSH agent, using the address stored in the SSH_AUTH_SOCK
// environment var.
func (c *command) connect() error {
+ /*
if c.connected {
return transport.ErrAlreadyConnected
}
@@ -136,10 +154,12 @@
}
c.connected = true
+ */
return nil
}
-func dial(network, addr string, config *ssh.ClientConfig) (*ssh.Client, error) {
+func dial(network, addr string, config *int) (*int, error) {
+ /*
var (
ctx = context.Background()
cancel context.CancelFunc
@@ -160,9 +180,12 @@
return nil, err
}
return ssh.NewClient(c, chans, reqs), nil
+ */
+ return nil, nil
}
func (c *command) getHostWithPort() string {
+ /*
if addr, found := c.doGetHostWithPortFromSSHConfig(); found {
return addr
}
@@ -174,9 +197,12 @@
}
return fmt.Sprintf("%s:%d", host, port)
+ */
+ return ""
}
func (c *command) doGetHostWithPortFromSSHConfig() (addr string, found bool) {
+ /*
if DefaultSSHConfig == nil {
return
}
@@ -202,12 +228,13 @@
}
addr = fmt.Sprintf("%s:%d", host, port)
+ */
return
}
func (c *command) setAuthFromEndpoint() error {
var err error
- c.auth, err = DefaultAuthBuilder(c.endpoint.User)
+ // c.auth, err = DefaultAuthBuilder(c.endpoint.User)
return err
}
@@ -215,7 +242,8 @@
return fmt.Sprintf("%s '%s'", cmd, ep.Path)
}
-func overrideConfig(overrides *ssh.ClientConfig, c *ssh.ClientConfig) {
+func overrideConfig(overrides *int, c *int) {
+ /*
if overrides == nil {
return
}
@@ -232,4 +260,5 @@
}
*c = vc.Interface().(ssh.ClientConfig)
+ */
}
diff a/vendor/github.com/go-git/go-git/v5/repository.go b/vendor/github.com/go-git/go-git/v5/repository.go
--- a/vendor/github.com/go-git/go-git/v5/repository.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/repository.go 2022-12-20 13:46:57.584666477 -0500
@@ -13,7 +13,7 @@
"strings"
"time"
- "github.com/ProtonMail/go-crypto/openpgp"
+ // "github.com/ProtonMail/go-crypto/openpgp"
"github.com/go-git/go-billy/v5"
"github.com/go-git/go-billy/v5/osfs"
"github.com/go-git/go-billy/v5/util"
@@ -706,6 +706,7 @@
Target: hash,
}
+ /*
if opts.SignKey != nil {
sig, err := r.buildTagSignature(tag, opts.SignKey)
if err != nil {
@@ -714,6 +715,7 @@
tag.PGPSignature = sig
}
+ */
obj := r.Storer.NewEncodedObject()
if err := tag.Encode(obj); err != nil {
@@ -723,7 +725,8 @@
return r.Storer.SetEncodedObject(obj)
}
-func (r *Repository) buildTagSignature(tag *object.Tag, signKey *openpgp.Entity) (string, error) {
+func (r *Repository) buildTagSignature(tag *object.Tag, signKey *int) (string, error) {
+ /*
encoded := &plumbing.MemoryObject{}
if err := tag.Encode(encoded); err != nil {
return "", err
@@ -740,6 +743,8 @@
}
return b.String(), nil
+ */
+ return "", nil
}
// Tag returns a tag from the repository.
diff a/vendor/github.com/go-git/go-git/v5/worktree_commit.go b/vendor/github.com/go-git/go-git/v5/worktree_commit.go
--- a/vendor/github.com/go-git/go-git/v5/worktree_commit.go 2022-10-30 20:00:00.000000000 -0400
+++ b/vendor/github.com/go-git/go-git/v5/worktree_commit.go 2022-12-20 13:47:27.671919357 -0500
@@ -1,7 +1,7 @@
package git
import (
- "bytes"
+ // "bytes"
"path"
"sort"
"strings"
@@ -12,7 +12,7 @@
"github.com/go-git/go-git/v5/plumbing/object"
"github.com/go-git/go-git/v5/storage"
- "github.com/ProtonMail/go-crypto/openpgp"
+ // "github.com/ProtonMail/go-crypto/openpgp"
"github.com/go-git/go-billy/v5"
)
@@ -101,6 +101,7 @@
ParentHashes: opts.Parents,
}
+ /*
if opts.SignKey != nil {
sig, err := w.buildCommitSignature(commit, opts.SignKey)
if err != nil {
@@ -108,6 +109,7 @@
}
commit.PGPSignature = sig
}
+ */
obj := w.r.Storer.NewEncodedObject()
if err := commit.Encode(obj); err != nil {
@@ -116,7 +118,8 @@
return w.r.Storer.SetEncodedObject(obj)
}
-func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *openpgp.Entity) (string, error) {
+func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *int) (string, error) {
+ /*
encoded := &plumbing.MemoryObject{}
if err := commit.Encode(encoded); err != nil {
return "", err
@@ -130,6 +133,8 @@
return "", err
}
return b.String(), nil
+ */
+ return "", nil
}
// buildTreeHelper converts a given index.Index file into multiple git objects