patch removed backend crypto the `Makefile` removed a few files containing (unused) crypto algorithms from the vendor tarball, which are not used in Grafana. This patch removes all references to the deleted files. diff --git a/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go new file mode 100644 index 0000000000..871e612a61 --- /dev/null +++ b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go @@ -0,0 +1,25 @@ +package elgamal + +import ( + "io" + "math/big" +) + +// PublicKey represents an ElGamal public key. +type PublicKey struct { + G, P, Y *big.Int +} + +// PrivateKey represents an ElGamal private key. +type PrivateKey struct { + PublicKey + X *big.Int +} + +func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) { + panic("ElGamal encryption not available") +} + +func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) { + panic("ElGamal encryption not available") +} diff --git a/vendor/golang.org/x/crypto/openpgp/packet/packet.go b/vendor/golang.org/x/crypto/openpgp/packet/packet.go index 0a19794a8e..25a5ee9158 100644 --- a/vendor/golang.org/x/crypto/openpgp/packet/packet.go +++ b/vendor/golang.org/x/crypto/openpgp/packet/packet.go @@ -22,7 +22,6 @@ import ( "math/big" "math/bits" - "golang.org/x/crypto/cast5" "golang.org/x/crypto/openpgp/errors" ) @@ -493,7 +492,7 @@ func (cipher CipherFunction) KeySize() int { case Cipher3DES: return 24 case CipherCAST5: - return cast5.KeySize + panic("cast5 cipher not available") case CipherAES128: return 16 case CipherAES192: @@ -523,7 +522,7 @@ func (cipher CipherFunction) new(key []byte) (block cipher.Block) { case Cipher3DES: block, _ = des.NewTripleDESCipher(key) case CipherCAST5: - block, _ = cast5.NewCipher(key) + panic("cast5 cipher not available") case CipherAES128, CipherAES192, CipherAES256: block, _ = aes.NewCipher(key) } diff --git a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go index 6126030eb9..3a54c5f2b1 100644 --- a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go +++ b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go @@ -5,13 +5,12 @@ package packet import ( - "crypto/cipher" "crypto/sha1" "crypto/subtle" - "golang.org/x/crypto/openpgp/errors" "hash" "io" - "strconv" + + "golang.org/x/crypto/openpgp/errors" ) // SymmetricallyEncrypted represents a symmetrically encrypted byte string. The @@ -45,46 +44,7 @@ func (se *SymmetricallyEncrypted) parse(r io.Reader) error { // packet can be read. An incorrect key can, with high probability, be detected // immediately and this will result in a KeyIncorrect error being returned. func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) { - keySize := c.KeySize() - if keySize == 0 { - return nil, errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c))) - } - if len(key) != keySize { - return nil, errors.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length") - } - - if se.prefix == nil { - se.prefix = make([]byte, c.blockSize()+2) - _, err := readFull(se.contents, se.prefix) - if err != nil { - return nil, err - } - } else if len(se.prefix) != c.blockSize()+2 { - return nil, errors.InvalidArgumentError("can't try ciphers with different block lengths") - } - - ocfbResync := OCFBResync - if se.MDC { - // MDC packets use a different form of OCFB mode. - ocfbResync = OCFBNoResync - } - - s := NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync) - if s == nil { - return nil, errors.ErrKeyIncorrect - } - - plaintext := cipher.StreamReader{S: s, R: se.contents} - - if se.MDC { - // MDC packets have an embedded hash that we need to check. - h := sha1.New() - h.Write(se.prefix) - return &seMDCReader{in: plaintext, h: h}, nil - } - - // Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser. - return seReader{plaintext}, nil + panic("OCFB cipher not available") } // seReader wraps an io.Reader with a no-op Close method. @@ -254,37 +214,5 @@ func (c noOpCloser) Close() error { // written. // If config is nil, sensible defaults will be used. func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte, config *Config) (contents io.WriteCloser, err error) { - if c.KeySize() != len(key) { - return nil, errors.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length") - } - writeCloser := noOpCloser{w} - ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC) - if err != nil { - return - } - - _, err = ciphertext.Write([]byte{symmetricallyEncryptedVersion}) - if err != nil { - return - } - - block := c.new(key) - blockSize := block.BlockSize() - iv := make([]byte, blockSize) - _, err = config.Random().Read(iv) - if err != nil { - return - } - s, prefix := NewOCFBEncrypter(block, iv, OCFBNoResync) - _, err = ciphertext.Write(prefix) - if err != nil { - return - } - plaintext := cipher.StreamWriter{S: s, W: ciphertext} - - h := sha1.New() - h.Write(iv) - h.Write(iv[blockSize-2:]) - contents = &seMDCWriter{w: plaintext, h: h} - return + panic("OCFB cipher not available") } diff --git a/vendor/golang.org/x/crypto/pkcs12/crypto.go b/vendor/golang.org/x/crypto/pkcs12/crypto.go index 484ca51b71..5f502b8df1 100644 --- a/vendor/golang.org/x/crypto/pkcs12/crypto.go +++ b/vendor/golang.org/x/crypto/pkcs12/crypto.go @@ -11,8 +11,6 @@ import ( "crypto/x509/pkix" "encoding/asn1" "errors" - - "golang.org/x/crypto/pkcs12/internal/rc2" ) var ( @@ -46,10 +44,6 @@ func (shaWithTripleDESCBC) deriveIV(salt, password []byte, iterations int) []byt type shaWith40BitRC2CBC struct{} -func (shaWith40BitRC2CBC) create(key []byte) (cipher.Block, error) { - return rc2.New(key, len(key)*8) -} - func (shaWith40BitRC2CBC) deriveKey(salt, password []byte, iterations int) []byte { return pbkdf(sha1Sum, 20, 64, salt, password, iterations, 1, 5) } @@ -70,7 +64,7 @@ func pbDecrypterFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher case algorithm.Algorithm.Equal(oidPBEWithSHAAnd3KeyTripleDESCBC): cipherType = shaWithTripleDESCBC{} case algorithm.Algorithm.Equal(oidPBEWithSHAAnd40BitRC2CBC): - cipherType = shaWith40BitRC2CBC{} + panic("RC2 encryption not available") default: return nil, 0, NotImplementedError("algorithm " + algorithm.Algorithm.String() + " is not supported") } diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go index ae3ebc03b9..11dbc3c56e 100644 --- a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go +++ b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go @@ -16,14 +16,11 @@ package web import ( - "encoding/hex" "fmt" "net/http" - "strings" "sync" "github.com/go-kit/log" - "golang.org/x/crypto/bcrypt" ) // extraHTTPHeaders is a map of HTTP headers that can be added to HTTP @@ -36,22 +34,6 @@ var extraHTTPHeaders = map[string][]string{ "Content-Security-Policy": nil, } -func validateUsers(configPath string) error { - c, err := getConfig(configPath) - if err != nil { - return err - } - - for _, p := range c.Users { - _, err = bcrypt.Cost([]byte(p)) - if err != nil { - return err - } - } - - return nil -} - // validateHeaderConfig checks that the provided header configuration is correct. // It does not check the validity of all the values, only the ones which are // well-defined enumerations. @@ -67,60 +49,3 @@ type webHandler struct { // only once in parallel as this is CPU intensive. bcryptMtx sync.Mutex } - -func (u *webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { - c, err := getConfig(u.tlsConfigPath) - if err != nil { - u.logger.Log("msg", "Unable to parse configuration", "err", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - // Configure http headers. - for k, v := range c.HTTPConfig.Header { - w.Header().Set(k, v) - } - - if len(c.Users) == 0 { - u.handler.ServeHTTP(w, r) - return - } - - user, pass, auth := r.BasicAuth() - if auth { - hashedPassword, validUser := c.Users[user] - - if !validUser { - // The user is not found. Use a fixed password hash to - // prevent user enumeration by timing requests. - // This is a bcrypt-hashed version of "fakepassword". - hashedPassword = "$2y$10$QOauhQNbBCuQDKes6eFzPeMqBSjb7Mr5DUmpZ/VcEd00UAV/LDeSi" - } - - cacheKey := strings.Join( - []string{ - hex.EncodeToString([]byte(user)), - hex.EncodeToString([]byte(hashedPassword)), - hex.EncodeToString([]byte(pass)), - }, ":") - authOk, ok := u.cache.get(cacheKey) - - if !ok { - // This user, hashedPassword, password is not cached. - u.bcryptMtx.Lock() - err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(pass)) - u.bcryptMtx.Unlock() - - authOk = validUser && err == nil - u.cache.set(cacheKey, authOk) - } - - if authOk && validUser { - u.handler.ServeHTTP(w, r) - return - } - } - - w.Header().Set("WWW-Authenticate", "Basic") - http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) -} diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go b/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go --- grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-13 20:00:00.000000000 -0400 +++ /tmp/rpkg/grafana-1-v6p2z4of/grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-16 13:43:13.300238021 -0400 @@ -18,12 +18,8 @@ "crypto/x509" "fmt" "io/ioutil" - "net" - "net/http" "path/filepath" - "github.com/go-kit/log" - "github.com/go-kit/log/level" "github.com/pkg/errors" config_util "github.com/prometheus/common/config" "gopkg.in/yaml.v2" @@ -177,98 +173,6 @@ return cfg, nil } -// ListenAndServe starts the server on the given address. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -func ListenAndServe(server *http.Server, tlsConfigPath string, logger log.Logger) error { - listener, err := net.Listen("tcp", server.Addr) - if err != nil { - return err - } - defer listener.Close() - return Serve(listener, server, tlsConfigPath, logger) -} - -// Server starts the server on the given listener. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -func Serve(l net.Listener, server *http.Server, tlsConfigPath string, logger log.Logger) error { - if tlsConfigPath == "" { - level.Info(logger).Log("msg", "TLS is disabled.", "http2", false) - return server.Serve(l) - } - - if err := validateUsers(tlsConfigPath); err != nil { - return err - } - - // Setup basic authentication. - var handler http.Handler = http.DefaultServeMux - if server.Handler != nil { - handler = server.Handler - } - - c, err := getConfig(tlsConfigPath) - if err != nil { - return err - } - - server.Handler = &webHandler{ - tlsConfigPath: tlsConfigPath, - logger: logger, - handler: handler, - cache: newCache(), - } - - config, err := ConfigToTLSConfig(&c.TLSConfig) - switch err { - case nil: - if !c.HTTPConfig.HTTP2 { - server.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler)) - } - // Valid TLS config. - level.Info(logger).Log("msg", "TLS is enabled.", "http2", c.HTTPConfig.HTTP2) - case errNoTLSConfig: - // No TLS config, back to plain HTTP. - level.Info(logger).Log("msg", "TLS is disabled.", "http2", false) - return server.Serve(l) - default: - // Invalid TLS config. - return err - } - - server.TLSConfig = config - - // Set the GetConfigForClient method of the HTTPS server so that the config - // and certs are reloaded on new connections. - server.TLSConfig.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) { - config, err := getTLSConfig(tlsConfigPath) - if err != nil { - return nil, err - } - config.NextProtos = server.TLSConfig.NextProtos - return config, nil - } - return server.ServeTLS(l, "", "") -} - -// Validate configuration file by reading the configuration and the certificates. -func Validate(tlsConfigPath string) error { - if tlsConfigPath == "" { - return nil - } - if err := validateUsers(tlsConfigPath); err != nil { - return err - } - c, err := getConfig(tlsConfigPath) - if err != nil { - return err - } - _, err = ConfigToTLSConfig(&c.TLSConfig) - if err == errNoTLSConfig { - return nil - } - return err -} - type cipher uint16 func (c *cipher) UnmarshalYAML(unmarshal func(interface{}) error) error { @@ -351,11 +255,3 @@ } return fmt.Sprintf("%v", tv), nil } - -// Listen starts the server on the given address. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -// -// Deprecated: Use ListenAndServe instead. -func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error { - return ListenAndServe(server, tlsConfigPath, logger) -} diff --git a/vendor/github.com/go-git/go-git/v5/options.go b/vendor/github.com/go-git/go-git/v5/options.go index 3cd0f952..65e5df68 100644 --- a/vendor/github.com/go-git/go-git/v5/options.go +++ b/vendor/github.com/go-git/go-git/v5/options.go @@ -7,7 +7,7 @@ import ( "strings" "time" - "github.com/ProtonMail/go-crypto/openpgp" + //"github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/config" "github.com/go-git/go-git/v5/plumbing" formatcfg "github.com/go-git/go-git/v5/plumbing/format/config" @@ -541,7 +541,7 @@ type CommitOptions struct { // SignKey denotes a key to sign the commit with. A nil value here means the // commit will not be signed. The private key must be present and already // decrypted. - SignKey *openpgp.Entity + // SignKey *openpgp.Entity // Signer denotes a cryptographic signer to sign the commit with. // A nil value here means the commit will not be signed. // Takes precedence over SignKey. @@ -639,7 +639,7 @@ type CreateTagOptions struct { Message string // SignKey denotes a key to sign the tag with. A nil value here means the tag // will not be signed. The private key must be present and already decrypted. - SignKey *openpgp.Entity + // SignKey *openpgp.Entity } // Validate validates the fields and sets the default values. diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go index 3d096e18..f7720dc5 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go @@ -8,7 +8,7 @@ import ( "io" "strings" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/storer" @@ -408,27 +408,30 @@ func (c *Commit) String() string { // Verify performs PGP verification of the commit with a provided armored // keyring and returns openpgp.Entity associated with verifying key on success. -func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) { - keyRingReader := strings.NewReader(armoredKeyRing) - keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) - if err != nil { - return nil, err - } +func (c *Commit) Verify(armoredKeyRing string) (*int, error) { + /* + keyRingReader := strings.NewReader(armoredKeyRing) + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + return nil, err + } - // Extract signature. - signature := strings.NewReader(c.PGPSignature) + // Extract signature. + signature := strings.NewReader(c.PGPSignature) - encoded := &plumbing.MemoryObject{} - // Encode commit components, excluding signature and get a reader object. - if err := c.EncodeWithoutSignature(encoded); err != nil { - return nil, err - } - er, err := encoded.Reader() - if err != nil { - return nil, err - } + encoded := &plumbing.MemoryObject{} + // Encode commit components, excluding signature and get a reader object. + if err := c.EncodeWithoutSignature(encoded); err != nil { + return nil, err + } + er, err := encoded.Reader() + if err != nil { + return nil, err + } - return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + */ + return nil, nil } // Less defines a compare function to determine which commit is 'earlier' by: diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go index cf46c08e..4579308e 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go @@ -4,9 +4,10 @@ import ( "bytes" "fmt" "io" - "strings" - "github.com/ProtonMail/go-crypto/openpgp" + // "strings" + + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/storer" "github.com/go-git/go-git/v5/utils/ioutil" @@ -257,27 +258,30 @@ func (t *Tag) String() string { // Verify performs PGP verification of the tag with a provided armored // keyring and returns openpgp.Entity associated with verifying key on success. -func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) { - keyRingReader := strings.NewReader(armoredKeyRing) - keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) - if err != nil { - return nil, err - } +func (t *Tag) Verify(armoredKeyRing string) (*int, error) { + /* + keyRingReader := strings.NewReader(armoredKeyRing) + keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) + if err != nil { + return nil, err + } - // Extract signature. - signature := strings.NewReader(t.PGPSignature) + // Extract signature. + signature := strings.NewReader(t.PGPSignature) - encoded := &plumbing.MemoryObject{} - // Encode tag components, excluding signature and get a reader object. - if err := t.EncodeWithoutSignature(encoded); err != nil { - return nil, err - } - er, err := encoded.Reader() - if err != nil { - return nil, err - } + encoded := &plumbing.MemoryObject{} + // Encode tag components, excluding signature and get a reader object. + if err := t.EncodeWithoutSignature(encoded); err != nil { + return nil, err + } + er, err := encoded.Reader() + if err != nil { + return nil, err + } - return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + */ + return nil, nil } // TagIter provides an iterator for a set of tags. diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go index f9c598e6..927ad49a 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go @@ -1,6 +1,6 @@ package ssh -import ( +/* "errors" "fmt" "os" @@ -12,7 +12,7 @@ import ( "github.com/skeema/knownhosts" sshagent "github.com/xanzy/ssh-agent" "golang.org/x/crypto/ssh" -) +*/ const DefaultUsername = "git" @@ -20,10 +20,12 @@ const DefaultUsername = "git" // must implement. The clientConfig method returns the ssh client // configuration needed to establish an ssh connection. type AuthMethod interface { - transport.AuthMethod - // ClientConfig should return a valid ssh.ClientConfig to be used to create - // a connection to the SSH server. - ClientConfig() (*ssh.ClientConfig, error) + /* + transport.AuthMethod + // ClientConfig should return a valid ssh.ClientConfig to be used to create + // a connection to the SSH server. + ClientConfig() (*ssh.ClientConfig, error) + */ } // The names of the AuthMethod implementations. To be returned by the @@ -40,78 +42,102 @@ const ( // KeyboardInteractive implements AuthMethod by using a // prompt/response sequence controlled by the server. type KeyboardInteractive struct { - User string - Challenge ssh.KeyboardInteractiveChallenge - HostKeyCallbackHelper + /* + User string + Challenge ssh.KeyboardInteractiveChallenge + HostKeyCallbackHelper + */ } func (a *KeyboardInteractive) Name() string { - return KeyboardInteractiveName + // return KeyboardInteractiveName + return "" } func (a *KeyboardInteractive) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *KeyboardInteractive) ClientConfig() (*ssh.ClientConfig, error) { - return a.SetHostKeyCallback(&ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ - a.Challenge, - }, - }) +func (a *KeyboardInteractive) ClientConfig() (*int, error) { + /* + return a.SetHostKeyCallback(&ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ + a.Challenge, + }, + }) + */ + return nil, nil } // Password implements AuthMethod by using the given password. type Password struct { - User string - Password string - HostKeyCallbackHelper + /* + User string + Password string + HostKeyCallbackHelper + */ } func (a *Password) Name() string { - return PasswordName + // return PasswordName + return "" } func (a *Password) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *Password) ClientConfig() (*ssh.ClientConfig, error) { - return a.SetHostKeyCallback(&ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ssh.Password(a.Password)}, - }) +func (a *Password) ClientConfig() (*int, error) { + /* + return a.SetHostKeyCallback(&ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ssh.Password(a.Password)}, + }) + */ + return nil, nil } // PasswordCallback implements AuthMethod by using a callback // to fetch the password. type PasswordCallback struct { - User string - Callback func() (pass string, err error) - HostKeyCallbackHelper + /* + User string + Callback func() (pass string, err error) + HostKeyCallbackHelper + */ } func (a *PasswordCallback) Name() string { - return PasswordCallbackName + // return PasswordCallbackName + return "" + } func (a *PasswordCallback) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + //return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PasswordCallback) ClientConfig() (*ssh.ClientConfig, error) { - return a.SetHostKeyCallback(&ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ssh.PasswordCallback(a.Callback)}, - }) +func (a *PasswordCallback) ClientConfig() (*int, error) { + /* + return a.SetHostKeyCallback(&ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ssh.PasswordCallback(a.Callback)}, + }) + */ + return nil, nil } // PublicKeys implements AuthMethod by using the given key pairs. type PublicKeys struct { - User string - Signer ssh.Signer - HostKeyCallbackHelper + /* + User string + Signer ssh.Signer + HostKeyCallbackHelper + */ } // NewPublicKeys returns a PublicKeys from a PEM encoded private key. An @@ -119,102 +145,126 @@ type PublicKeys struct { // encrypted PEM block otherwise password should be empty. It supports RSA // (PKCS#1), PKCS#8, DSA (OpenSSL), and ECDSA private keys. func NewPublicKeys(user string, pemBytes []byte, password string) (*PublicKeys, error) { - signer, err := ssh.ParsePrivateKey(pemBytes) - if _, ok := err.(*ssh.PassphraseMissingError); ok { - signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password)) - } - if err != nil { - return nil, err - } - return &PublicKeys{User: user, Signer: signer}, nil + /* + signer, err := ssh.ParsePrivateKey(pemBytes) + if _, ok := err.(*ssh.PassphraseMissingError); ok { + signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password)) + } + if err != nil { + return nil, err + } + return &PublicKeys{User: user, Signer: signer}, nil + */ + return nil, nil } // NewPublicKeysFromFile returns a PublicKeys from a file containing a PEM // encoded private key. An encryption password should be given if the pemBytes // contains a password encrypted PEM block otherwise password should be empty. func NewPublicKeysFromFile(user, pemFile, password string) (*PublicKeys, error) { - bytes, err := os.ReadFile(pemFile) - if err != nil { - return nil, err - } + /* + bytes, err := os.ReadFile(pemFile) + if err != nil { + return nil, err + } - return NewPublicKeys(user, bytes, password) + return NewPublicKeys(user, bytes, password) + */ + return nil, nil } func (a *PublicKeys) Name() string { - return PublicKeysName + // return PublicKeysName + return "" } func (a *PublicKeys) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PublicKeys) ClientConfig() (*ssh.ClientConfig, error) { - return a.SetHostKeyCallback(&ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ssh.PublicKeys(a.Signer)}, - }) +func (a *PublicKeys) ClientConfig() (*int, error) { + /* + return a.SetHostKeyCallback(&ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ssh.PublicKeys(a.Signer)}, + }) + */ + return nil, nil } func username() (string, error) { - var username string - if user, err := user.Current(); err == nil { - username = user.Username - } else { - username = os.Getenv("USER") - } - - if username == "" { - return "", errors.New("failed to get username") - } - - return username, nil + /* + var username string + if user, err := user.Current(); err == nil { + username = user.Username + } else { + username = os.Getenv("USER") + } + + if username == "" { + return "", errors.New("failed to get username") + } + + return username, nil + */ + return "", nil } // PublicKeysCallback implements AuthMethod by asking a // ssh.agent.Agent to act as a signer. type PublicKeysCallback struct { - User string - Callback func() (signers []ssh.Signer, err error) - HostKeyCallbackHelper + /* + User string + Callback func() (signers []ssh.Signer, err error) + HostKeyCallbackHelper + */ } // NewSSHAgentAuth returns a PublicKeysCallback based on a SSH agent, it opens // a pipe with the SSH agent and uses the pipe as the implementer of the public // key callback function. func NewSSHAgentAuth(u string) (*PublicKeysCallback, error) { - var err error - if u == "" { - u, err = username() - if err != nil { - return nil, err + /* + var err error + if u == "" { + u, err = username() + if err != nil { + return nil, err + } } - } - a, _, err := sshagent.New() - if err != nil { - return nil, fmt.Errorf("error creating SSH agent: %q", err) - } + a, _, err := sshagent.New() + if err != nil { + return nil, fmt.Errorf("error creating SSH agent: %q", err) + } - return &PublicKeysCallback{ - User: u, - Callback: a.Signers, - }, nil + return &PublicKeysCallback{ + User: u, + Callback: a.Signers, + }, nil + */ + return nil, nil } func (a *PublicKeysCallback) Name() string { - return PublicKeysCallbackName + // return PublicKeysCallbackName + return "" } func (a *PublicKeysCallback) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PublicKeysCallback) ClientConfig() (*ssh.ClientConfig, error) { - return a.SetHostKeyCallback(&ssh.ClientConfig{ - User: a.User, - Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, - }) +func (a *PublicKeysCallback) ClientConfig() (*int, error) { + /* + return a.SetHostKeyCallback(&ssh.ClientConfig{ + User: a.User, + Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, + }) + */ + return nil, nil } // NewKnownHostsCallback returns ssh.HostKeyCallback based on a file based on a @@ -229,63 +279,75 @@ func (a *PublicKeysCallback) ClientConfig() (*ssh.ClientConfig, error) { // // ~/.ssh/known_hosts // /etc/ssh/ssh_known_hosts -func NewKnownHostsCallback(files ...string) (ssh.HostKeyCallback, error) { - db, err := newKnownHostsDb(files...) - return db.HostKeyCallback(), err +func NewKnownHostsCallback(files ...string) (*int, error) { + /* + db, err := newKnownHostsDb(files...) + return db.HostKeyCallback(), err + */ + return nil, nil } -func newKnownHostsDb(files ...string) (*knownhosts.HostKeyDB, error) { - var err error +func newKnownHostsDb(files ...string) (*int, error) { + /* + var err error - if len(files) == 0 { - if files, err = getDefaultKnownHostsFiles(); err != nil { - return nil, err + if len(files) == 0 { + if files, err = getDefaultKnownHostsFiles(); err != nil { + return nil, err + } } - } - - if files, err = filterKnownHostsFiles(files...); err != nil { - return nil, err - } - return knownhosts.NewDB(files...) -} + if files, err = filterKnownHostsFiles(files...); err != nil { + return nil, err + } -func getDefaultKnownHostsFiles() ([]string, error) { - files := filepath.SplitList(os.Getenv("SSH_KNOWN_HOSTS")) - if len(files) != 0 { - return files, nil - } - - homeDirPath, err := os.UserHomeDir() - if err != nil { - return nil, err - } - - return []string{ - filepath.Join(homeDirPath, "/.ssh/known_hosts"), - "/etc/ssh/ssh_known_hosts", - }, nil + return knownhosts.NewDB(files...) + */ + return nil, nil } -func filterKnownHostsFiles(files ...string) ([]string, error) { - var out []string - for _, file := range files { - _, err := os.Stat(file) - if err == nil { - out = append(out, file) - continue +func getDefaultKnownHostsFiles() (*int, error) { + /* + files := filepath.SplitList(os.Getenv("SSH_KNOWN_HOSTS")) + if len(files) != 0 { + return files, nil } - if !os.IsNotExist(err) { + homeDirPath, err := os.UserHomeDir() + if err != nil { return nil, err } - } - if len(out) == 0 { - return nil, fmt.Errorf("unable to find any valid known_hosts file, set SSH_KNOWN_HOSTS env variable") - } + return []string{ + filepath.Join(homeDirPath, "/.ssh/known_hosts"), + "/etc/ssh/ssh_known_hosts", + }, nil + */ + return nil, nil +} + +func filterKnownHostsFiles(files ...string) (*int, error) { + /* + var out []string + for _, file := range files { + _, err := os.Stat(file) + if err == nil { + out = append(out, file) + continue + } + + if !os.IsNotExist(err) { + return nil, err + } + } - return out, nil + if len(out) == 0 { + return nil, fmt.Errorf("unable to find any valid known_hosts file, set SSH_KNOWN_HOSTS env variable") + } + + return out, nil + */ + return nil, nil } // HostKeyCallbackHelper is a helper that provides common functionality to @@ -294,21 +356,24 @@ type HostKeyCallbackHelper struct { // HostKeyCallback is the function type used for verifying server keys. // If nil default callback will be create using NewKnownHostsCallback // without argument. - HostKeyCallback ssh.HostKeyCallback + // HostKeyCallback ssh.HostKeyCallback } // SetHostKeyCallback sets the field HostKeyCallback in the given cfg. If // HostKeyCallback is empty a default callback is created using // NewKnownHostsCallback. -func (m *HostKeyCallbackHelper) SetHostKeyCallback(cfg *ssh.ClientConfig) (*ssh.ClientConfig, error) { - if m.HostKeyCallback == nil { - db, err := newKnownHostsDb() - if err != nil { - return cfg, err +func (m *HostKeyCallbackHelper) SetHostKeyCallback(*int) (*int, error) { + /* + if m.HostKeyCallback == nil { + db, err := newKnownHostsDb() + if err != nil { + return cfg, err + } + m.HostKeyCallback = db.HostKeyCallback() } - m.HostKeyCallback = db.HostKeyCallback() - } - cfg.HostKeyCallback = m.HostKeyCallback - return cfg, nil + cfg.HostKeyCallback = m.HostKeyCallback + return cfg, nil + */ + return nil, nil } diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go index a37024f0..2a8e1f44 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go @@ -2,20 +2,23 @@ package ssh import ( - "context" + // "context" "fmt" - "net" - "reflect" - "strconv" - "strings" + /* + "net" + "reflect" + "strconv" + "strings" + */ "github.com/go-git/go-git/v5/plumbing/transport" "github.com/go-git/go-git/v5/plumbing/transport/internal/common" "github.com/kevinburke/ssh_config" - "golang.org/x/crypto/ssh" - "golang.org/x/net/proxy" -) + /* + "golang.org/x/crypto/ssh" + "golang.org/x/net/proxy" + */) // DefaultClient is the default SSH client. var DefaultClient = NewClient(nil) @@ -29,79 +32,92 @@ type sshConfig interface { } // NewClient creates a new SSH client with an optional *ssh.ClientConfig. -func NewClient(config *ssh.ClientConfig) transport.Transport { - return common.NewClient(&runner{config: config}) +func NewClient(*int) transport.Transport { + // return common.NewClient(&runner{config: config}) + return nil } // DefaultAuthBuilder is the function used to create a default AuthMethod, when // the user doesn't provide any. var DefaultAuthBuilder = func(user string) (AuthMethod, error) { - return NewSSHAgentAuth(user) + // return NewSSHAgentAuth(user) + return nil, nil } const DefaultPort = 22 type runner struct { - config *ssh.ClientConfig + // config *ssh.ClientConfig } func (r *runner) Command(cmd string, ep *transport.Endpoint, auth transport.AuthMethod) (common.Command, error) { - c := &command{command: cmd, endpoint: ep, config: r.config} - if auth != nil { - if err := c.setAuth(auth); err != nil { - return nil, err + /* + c := &command{command: cmd, endpoint: ep, config: r.config} + if auth != nil { + if err := c.setAuth(auth); err != nil { + return nil, err + } } - } - if err := c.connect(); err != nil { - return nil, err - } - return c, nil + if err := c.connect(); err != nil { + return nil, err + } + return c, nil + */ + return nil, nil } type command struct { - *ssh.Session - connected bool - command string - endpoint *transport.Endpoint - client *ssh.Client - auth AuthMethod - config *ssh.ClientConfig + /* + *ssh.Session + connected bool + command string + endpoint *transport.Endpoint + client *ssh.Client + auth AuthMethod + config *ssh.ClientConfig + */ } func (c *command) setAuth(auth transport.AuthMethod) error { - a, ok := auth.(AuthMethod) - if !ok { - return transport.ErrInvalidAuthMethod - } + /* + a, ok := auth.(AuthMethod) + if !ok { + return transport.ErrInvalidAuthMethod + } - c.auth = a + c.auth = a + */ return nil } func (c *command) Start() error { - return c.Session.Start(endpointToCommand(c.command, c.endpoint)) + // return c.Session.Start(endpointToCommand(c.command, c.endpoint)) + return nil } // Close closes the SSH session and connection. func (c *command) Close() error { - if !c.connected { - return nil - } + /* + if !c.connected { + return nil + } - c.connected = false + c.connected = false - //XXX: If did read the full packfile, then the session might be already - // closed. - _ = c.Session.Close() - err := c.client.Close() + //XXX: If did read the full packfile, then the session might be already + // closed. + _ = c.Session.Close() + err := c.client.Close() - //XXX: in go1.16+ we can use errors.Is(err, net.ErrClosed) - if err != nil && strings.HasSuffix(err.Error(), "use of closed network connection") { - return nil - } + //XXX: in go1.16+ we can use errors.Is(err, net.ErrClosed) + if err != nil && strings.HasSuffix(err.Error(), "use of closed network connection") { + return nil + } - return err + return err + */ + return nil } // connect connects to the SSH server, unless a AuthMethod was set with @@ -109,153 +125,164 @@ func (c *command) Close() error { // it connects to a SSH agent, using the address stored in the SSH_AUTH_SOCK // environment var. func (c *command) connect() error { - if c.connected { - return transport.ErrAlreadyConnected - } + /* + if c.connected { + return transport.ErrAlreadyConnected + } - if c.auth == nil { - if err := c.setAuthFromEndpoint(); err != nil { - return err + if c.auth == nil { + if err := c.setAuthFromEndpoint(); err != nil { + return err + } } - } - var err error - config, err := c.auth.ClientConfig() - if err != nil { - return err - } - hostWithPort := c.getHostWithPort() - if config.HostKeyCallback == nil { - db, err := newKnownHostsDb() + var err error + config, err := c.auth.ClientConfig() if err != nil { return err } + hostWithPort := c.getHostWithPort() + if config.HostKeyCallback == nil { + db, err := newKnownHostsDb() + if err != nil { + return err + } + + config.HostKeyCallback = db.HostKeyCallback() + config.HostKeyAlgorithms = db.HostKeyAlgorithms(hostWithPort) + } else if len(config.HostKeyAlgorithms) == 0 { + // Set the HostKeyAlgorithms based on HostKeyCallback. + // For background see https://github.com/go-git/go-git/issues/411 as well as + // https://github.com/golang/go/issues/29286 for root cause. + db, err := newKnownHostsDb() + if err != nil { + return err + } + + // Note that the knownhost database is used, as it provides additional functionality + // to handle ssh cert-authorities. + config.HostKeyAlgorithms = db.HostKeyAlgorithms(hostWithPort) + } + + overrideConfig(c.config, config) - config.HostKeyCallback = db.HostKeyCallback() - config.HostKeyAlgorithms = db.HostKeyAlgorithms(hostWithPort) - } else if len(config.HostKeyAlgorithms) == 0 { - // Set the HostKeyAlgorithms based on HostKeyCallback. - // For background see https://github.com/go-git/go-git/issues/411 as well as - // https://github.com/golang/go/issues/29286 for root cause. - db, err := newKnownHostsDb() + c.client, err = dial("tcp", hostWithPort, c.endpoint.Proxy, config) if err != nil { return err } - // Note that the knownhost database is used, as it provides additional functionality - // to handle ssh cert-authorities. - config.HostKeyAlgorithms = db.HostKeyAlgorithms(hostWithPort) - } - - overrideConfig(c.config, config) - - c.client, err = dial("tcp", hostWithPort, c.endpoint.Proxy, config) - if err != nil { - return err - } - - c.Session, err = c.client.NewSession() - if err != nil { - _ = c.client.Close() - return err - } + c.Session, err = c.client.NewSession() + if err != nil { + _ = c.client.Close() + return err + } - c.connected = true + c.connected = true + return nil + */ return nil } -func dial(network, addr string, proxyOpts transport.ProxyOptions, config *ssh.ClientConfig) (*ssh.Client, error) { - var ( - ctx = context.Background() - cancel context.CancelFunc - ) - if config.Timeout > 0 { - ctx, cancel = context.WithTimeout(ctx, config.Timeout) - } else { - ctx, cancel = context.WithCancel(ctx) - } - defer cancel() - - var conn net.Conn - var dialErr error - - if proxyOpts.URL != "" { - proxyUrl, err := proxyOpts.FullURL() - if err != nil { - return nil, err +func dial(network, addr string, proxyOpts transport.ProxyOptions, config *int) (*int, error) { + /* + var ( + ctx = context.Background() + cancel context.CancelFunc + ) + if config.Timeout > 0 { + ctx, cancel = context.WithTimeout(ctx, config.Timeout) + } else { + ctx, cancel = context.WithCancel(ctx) } - dialer, err := proxy.FromURL(proxyUrl, proxy.Direct) - if err != nil { - return nil, err + defer cancel() + + var conn net.Conn + var dialErr error + + if proxyOpts.URL != "" { + proxyUrl, err := proxyOpts.FullURL() + if err != nil { + return nil, err + } + dialer, err := proxy.FromURL(proxyUrl, proxy.Direct) + if err != nil { + return nil, err + } + + // Try to use a ContextDialer, but fall back to a Dialer if that goes south. + ctxDialer, ok := dialer.(proxy.ContextDialer) + if !ok { + return nil, fmt.Errorf("expected ssh proxy dialer to be of type %s; got %s", + reflect.TypeOf(ctxDialer), reflect.TypeOf(dialer)) + } + conn, dialErr = ctxDialer.DialContext(ctx, "tcp", addr) + } else { + conn, dialErr = proxy.Dial(ctx, network, addr) + } + if dialErr != nil { + return nil, dialErr } - // Try to use a ContextDialer, but fall back to a Dialer if that goes south. - ctxDialer, ok := dialer.(proxy.ContextDialer) - if !ok { - return nil, fmt.Errorf("expected ssh proxy dialer to be of type %s; got %s", - reflect.TypeOf(ctxDialer), reflect.TypeOf(dialer)) + c, chans, reqs, err := ssh.NewClientConn(conn, addr, config) + if err != nil { + return nil, err } - conn, dialErr = ctxDialer.DialContext(ctx, "tcp", addr) - } else { - conn, dialErr = proxy.Dial(ctx, network, addr) - } - if dialErr != nil { - return nil, dialErr - } - - c, chans, reqs, err := ssh.NewClientConn(conn, addr, config) - if err != nil { - return nil, err - } - return ssh.NewClient(c, chans, reqs), nil + return ssh.NewClient(c, chans, reqs), nil + */ + return nil, nil } func (c *command) getHostWithPort() string { - if addr, found := c.doGetHostWithPortFromSSHConfig(); found { - return addr - } + /* + if addr, found := c.doGetHostWithPortFromSSHConfig(); found { + return addr + } - host := c.endpoint.Host - port := c.endpoint.Port - if port <= 0 { - port = DefaultPort - } + host := c.endpoint.Host + port := c.endpoint.Port + if port <= 0 { + port = DefaultPort + } - return net.JoinHostPort(host, strconv.Itoa(port)) + return net.JoinHostPort(host, strconv.Itoa(port)) + */ + return "" } func (c *command) doGetHostWithPortFromSSHConfig() (addr string, found bool) { - if DefaultSSHConfig == nil { - return - } - - host := c.endpoint.Host - port := c.endpoint.Port - - configHost := DefaultSSHConfig.Get(c.endpoint.Host, "Hostname") - if configHost != "" { - host = configHost - found = true - } - - if !found { - return - } - - configPort := DefaultSSHConfig.Get(c.endpoint.Host, "Port") - if configPort != "" { - if i, err := strconv.Atoi(configPort); err == nil { - port = i + /* + if DefaultSSHConfig == nil { + return + } + + host := c.endpoint.Host + port := c.endpoint.Port + + configHost := DefaultSSHConfig.Get(c.endpoint.Host, "Hostname") + if configHost != "" { + host = configHost + found = true } - } - addr = net.JoinHostPort(host, strconv.Itoa(port)) + if !found { + return + } + + configPort := DefaultSSHConfig.Get(c.endpoint.Host, "Port") + if configPort != "" { + if i, err := strconv.Atoi(configPort); err == nil { + port = i + } + } + + addr = net.JoinHostPort(host, strconv.Itoa(port)) + */ return } func (c *command) setAuthFromEndpoint() error { var err error - c.auth, err = DefaultAuthBuilder(c.endpoint.User) + // c.auth, err = DefaultAuthBuilder(c.endpoint.User) return err } @@ -263,21 +290,23 @@ func endpointToCommand(cmd string, ep *transport.Endpoint) string { return fmt.Sprintf("%s '%s'", cmd, ep.Path) } -func overrideConfig(overrides *ssh.ClientConfig, c *ssh.ClientConfig) { - if overrides == nil { - return - } +func overrideConfig(overrides *int, c *int) { + /* + if overrides == nil { + return + } - t := reflect.TypeOf(*c) - vc := reflect.ValueOf(c).Elem() - vo := reflect.ValueOf(overrides).Elem() + t := reflect.TypeOf(*c) + vc := reflect.ValueOf(c).Elem() + vo := reflect.ValueOf(overrides).Elem() - for i := 0; i < t.NumField(); i++ { - f := t.Field(i) - vcf := vc.FieldByName(f.Name) - vof := vo.FieldByName(f.Name) - vcf.Set(vof) - } + for i := 0; i < t.NumField(); i++ { + f := t.Field(i) + vcf := vc.FieldByName(f.Name) + vof := vo.FieldByName(f.Name) + vcf.Set(vof) + } - *c = vc.Interface().(ssh.ClientConfig) + *c = vc.Interface().(ssh.ClientConfig) + */ } diff --git a/vendor/github.com/go-git/go-git/v5/repository.go b/vendor/github.com/go-git/go-git/v5/repository.go index 200098e7..82059ca4 100644 --- a/vendor/github.com/go-git/go-git/v5/repository.go +++ b/vendor/github.com/go-git/go-git/v5/repository.go @@ -15,7 +15,7 @@ import ( "time" "dario.cat/mergo" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-billy/v5" "github.com/go-git/go-billy/v5/osfs" "github.com/go-git/go-billy/v5/util" @@ -783,14 +783,16 @@ func (r *Repository) createTagObject(name string, hash plumbing.Hash, opts *Crea Target: hash, } - if opts.SignKey != nil { - sig, err := r.buildTagSignature(tag, opts.SignKey) - if err != nil { - return plumbing.ZeroHash, err - } + /* + if opts.SignKey != nil { + sig, err := r.buildTagSignature(tag, opts.SignKey) + if err != nil { + return plumbing.ZeroHash, err + } - tag.PGPSignature = sig - } + tag.PGPSignature = sig + } + */ obj := r.Storer.NewEncodedObject() if err := tag.Encode(obj); err != nil { @@ -800,23 +802,26 @@ func (r *Repository) createTagObject(name string, hash plumbing.Hash, opts *Crea return r.Storer.SetEncodedObject(obj) } -func (r *Repository) buildTagSignature(tag *object.Tag, signKey *openpgp.Entity) (string, error) { - encoded := &plumbing.MemoryObject{} - if err := tag.Encode(encoded); err != nil { - return "", err - } +func (r *Repository) buildTagSignature(tag *object.Tag, signKey *int) (string, error) { + /* + encoded := &plumbing.MemoryObject{} + if err := tag.Encode(encoded); err != nil { + return "", err + } - rdr, err := encoded.Reader() - if err != nil { - return "", err - } + rdr, err := encoded.Reader() + if err != nil { + return "", err + } - var b bytes.Buffer - if err := openpgp.ArmoredDetachSign(&b, signKey, rdr, nil); err != nil { - return "", err - } + var b bytes.Buffer + if err := openpgp.ArmoredDetachSign(&b, signKey, rdr, nil); err != nil { + return "", err + } - return b.String(), nil + return b.String(), nil + */ + return "", nil } // Tag returns a tag from the repository. diff --git a/vendor/github.com/go-git/go-git/v5/worktree_commit.go b/vendor/github.com/go-git/go-git/v5/worktree_commit.go index 9b1988ae..53e50576 100644 --- a/vendor/github.com/go-git/go-git/v5/worktree_commit.go +++ b/vendor/github.com/go-git/go-git/v5/worktree_commit.go @@ -1,7 +1,7 @@ package git import ( - "bytes" + // "bytes" "errors" "io" "path" @@ -15,8 +15,8 @@ import ( "github.com/go-git/go-git/v5/plumbing/object" "github.com/go-git/go-git/v5/storage" - "github.com/ProtonMail/go-crypto/openpgp" - "github.com/ProtonMail/go-crypto/openpgp/packet" + // "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp/packet" "github.com/go-git/go-billy/v5" ) @@ -150,17 +150,19 @@ func (w *Worktree) buildCommitObject(msg string, opts *CommitOptions, tree plumb } // Convert SignKey into a Signer if set. Existing Signer should take priority. - signer := opts.Signer - if signer == nil && opts.SignKey != nil { - signer = &gpgSigner{key: opts.SignKey} - } - if signer != nil { - sig, err := signObject(signer, commit) - if err != nil { - return plumbing.ZeroHash, err + /* + signer := opts.Signer + if signer == nil && opts.SignKey != nil { + signer = &gpgSigner{key: opts.SignKey} } - commit.PGPSignature = string(sig) - } + if signer != nil { + sig, err := signObject(signer, commit) + if err != nil { + return plumbing.ZeroHash, err + } + commit.PGPSignature = string(sig) + } + */ obj := w.r.Storer.NewEncodedObject() if err := commit.Encode(obj); err != nil { @@ -178,16 +180,21 @@ func (w *Worktree) sanitize(signature object.Signature) object.Signature { } type gpgSigner struct { - key *openpgp.Entity - cfg *packet.Config + /* + key *openpgp.Entity + cfg *packet.Config + */ } func (s *gpgSigner) Sign(message io.Reader) ([]byte, error) { - var b bytes.Buffer - if err := openpgp.ArmoredDetachSign(&b, s.key, message, s.cfg); err != nil { - return nil, err - } - return b.Bytes(), nil + /* + var b bytes.Buffer + if err := openpgp.ArmoredDetachSign(&b, s.key, message, s.cfg); err != nil { + return nil, err + } + return b.Bytes(), nil + */ + return nil, nil } // buildTreeHelper converts a given index.Index file into multiple git objects