patch removed backend crypto the `Makefile` removed a few files containing (unused) crypto algorithms from the vendor tarball, which are not used in Grafana. This patch removes all references to the deleted files. diff --git a/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go new file mode 100644 index 0000000000..871e612a61 --- /dev/null +++ b/vendor/golang.org/x/crypto/openpgp/elgamal/elgamal.go @@ -0,0 +1,25 @@ +package elgamal + +import ( + "io" + "math/big" +) + +// PublicKey represents an ElGamal public key. +type PublicKey struct { + G, P, Y *big.Int +} + +// PrivateKey represents an ElGamal private key. +type PrivateKey struct { + PublicKey + X *big.Int +} + +func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) { + panic("ElGamal encryption not available") +} + +func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) { + panic("ElGamal encryption not available") +} diff --git a/vendor/golang.org/x/crypto/openpgp/packet/packet.go b/vendor/golang.org/x/crypto/openpgp/packet/packet.go index 0a19794a8e..25a5ee9158 100644 --- a/vendor/golang.org/x/crypto/openpgp/packet/packet.go +++ b/vendor/golang.org/x/crypto/openpgp/packet/packet.go @@ -22,7 +22,6 @@ import ( "math/big" "math/bits" - "golang.org/x/crypto/cast5" "golang.org/x/crypto/openpgp/errors" ) @@ -493,7 +492,7 @@ func (cipher CipherFunction) KeySize() int { case Cipher3DES: return 24 case CipherCAST5: - return cast5.KeySize + panic("cast5 cipher not available") case CipherAES128: return 16 case CipherAES192: @@ -523,7 +522,7 @@ func (cipher CipherFunction) new(key []byte) (block cipher.Block) { case Cipher3DES: block, _ = des.NewTripleDESCipher(key) case CipherCAST5: - block, _ = cast5.NewCipher(key) + panic("cast5 cipher not available") case CipherAES128, CipherAES192, CipherAES256: block, _ = aes.NewCipher(key) } diff --git a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go index 6126030eb9..3a54c5f2b1 100644 --- a/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go +++ b/vendor/golang.org/x/crypto/openpgp/packet/symmetrically_encrypted.go @@ -5,13 +5,12 @@ package packet import ( - "crypto/cipher" "crypto/sha1" "crypto/subtle" - "golang.org/x/crypto/openpgp/errors" "hash" "io" - "strconv" + + "golang.org/x/crypto/openpgp/errors" ) // SymmetricallyEncrypted represents a symmetrically encrypted byte string. The @@ -45,46 +44,7 @@ func (se *SymmetricallyEncrypted) parse(r io.Reader) error { // packet can be read. An incorrect key can, with high probability, be detected // immediately and this will result in a KeyIncorrect error being returned. func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) { - keySize := c.KeySize() - if keySize == 0 { - return nil, errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c))) - } - if len(key) != keySize { - return nil, errors.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length") - } - - if se.prefix == nil { - se.prefix = make([]byte, c.blockSize()+2) - _, err := readFull(se.contents, se.prefix) - if err != nil { - return nil, err - } - } else if len(se.prefix) != c.blockSize()+2 { - return nil, errors.InvalidArgumentError("can't try ciphers with different block lengths") - } - - ocfbResync := OCFBResync - if se.MDC { - // MDC packets use a different form of OCFB mode. - ocfbResync = OCFBNoResync - } - - s := NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync) - if s == nil { - return nil, errors.ErrKeyIncorrect - } - - plaintext := cipher.StreamReader{S: s, R: se.contents} - - if se.MDC { - // MDC packets have an embedded hash that we need to check. - h := sha1.New() - h.Write(se.prefix) - return &seMDCReader{in: plaintext, h: h}, nil - } - - // Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser. - return seReader{plaintext}, nil + panic("OCFB cipher not available") } // seReader wraps an io.Reader with a no-op Close method. @@ -254,37 +214,5 @@ func (c noOpCloser) Close() error { // written. // If config is nil, sensible defaults will be used. func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte, config *Config) (contents io.WriteCloser, err error) { - if c.KeySize() != len(key) { - return nil, errors.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length") - } - writeCloser := noOpCloser{w} - ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC) - if err != nil { - return - } - - _, err = ciphertext.Write([]byte{symmetricallyEncryptedVersion}) - if err != nil { - return - } - - block := c.new(key) - blockSize := block.BlockSize() - iv := make([]byte, blockSize) - _, err = config.Random().Read(iv) - if err != nil { - return - } - s, prefix := NewOCFBEncrypter(block, iv, OCFBNoResync) - _, err = ciphertext.Write(prefix) - if err != nil { - return - } - plaintext := cipher.StreamWriter{S: s, W: ciphertext} - - h := sha1.New() - h.Write(iv) - h.Write(iv[blockSize-2:]) - contents = &seMDCWriter{w: plaintext, h: h} - return + panic("OCFB cipher not available") } diff --git a/vendor/golang.org/x/crypto/pkcs12/crypto.go b/vendor/golang.org/x/crypto/pkcs12/crypto.go index 484ca51b71..5f502b8df1 100644 --- a/vendor/golang.org/x/crypto/pkcs12/crypto.go +++ b/vendor/golang.org/x/crypto/pkcs12/crypto.go @@ -11,8 +11,6 @@ import ( "crypto/x509/pkix" "encoding/asn1" "errors" - - "golang.org/x/crypto/pkcs12/internal/rc2" ) var ( @@ -46,10 +44,6 @@ func (shaWithTripleDESCBC) deriveIV(salt, password []byte, iterations int) []byt type shaWith40BitRC2CBC struct{} -func (shaWith40BitRC2CBC) create(key []byte) (cipher.Block, error) { - return rc2.New(key, len(key)*8) -} - func (shaWith40BitRC2CBC) deriveKey(salt, password []byte, iterations int) []byte { return pbkdf(sha1Sum, 20, 64, salt, password, iterations, 1, 5) } @@ -70,7 +64,7 @@ func pbDecrypterFor(algorithm pkix.AlgorithmIdentifier, password []byte) (cipher case algorithm.Algorithm.Equal(oidPBEWithSHAAnd3KeyTripleDESCBC): cipherType = shaWithTripleDESCBC{} case algorithm.Algorithm.Equal(oidPBEWithSHAAnd40BitRC2CBC): - cipherType = shaWith40BitRC2CBC{} + panic("RC2 encryption not available") default: return nil, 0, NotImplementedError("algorithm " + algorithm.Algorithm.String() + " is not supported") } diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go index ae3ebc03b9..11dbc3c56e 100644 --- a/vendor/github.com/prometheus/exporter-toolkit/web/handler.go +++ b/vendor/github.com/prometheus/exporter-toolkit/web/handler.go @@ -16,14 +16,11 @@ package web import ( - "encoding/hex" "fmt" "net/http" - "strings" "sync" "github.com/go-kit/log" - "golang.org/x/crypto/bcrypt" ) // extraHTTPHeaders is a map of HTTP headers that can be added to HTTP @@ -36,22 +34,6 @@ var extraHTTPHeaders = map[string][]string{ "Content-Security-Policy": nil, } -func validateUsers(configPath string) error { - c, err := getConfig(configPath) - if err != nil { - return err - } - - for _, p := range c.Users { - _, err = bcrypt.Cost([]byte(p)) - if err != nil { - return err - } - } - - return nil -} - // validateHeaderConfig checks that the provided header configuration is correct. // It does not check the validity of all the values, only the ones which are // well-defined enumerations. @@ -67,60 +49,3 @@ type webHandler struct { // only once in parallel as this is CPU intensive. bcryptMtx sync.Mutex } - -func (u *webHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { - c, err := getConfig(u.tlsConfigPath) - if err != nil { - u.logger.Log("msg", "Unable to parse configuration", "err", err) - http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) - return - } - - // Configure http headers. - for k, v := range c.HTTPConfig.Header { - w.Header().Set(k, v) - } - - if len(c.Users) == 0 { - u.handler.ServeHTTP(w, r) - return - } - - user, pass, auth := r.BasicAuth() - if auth { - hashedPassword, validUser := c.Users[user] - - if !validUser { - // The user is not found. Use a fixed password hash to - // prevent user enumeration by timing requests. - // This is a bcrypt-hashed version of "fakepassword". - hashedPassword = "$2y$10$QOauhQNbBCuQDKes6eFzPeMqBSjb7Mr5DUmpZ/VcEd00UAV/LDeSi" - } - - cacheKey := strings.Join( - []string{ - hex.EncodeToString([]byte(user)), - hex.EncodeToString([]byte(hashedPassword)), - hex.EncodeToString([]byte(pass)), - }, ":") - authOk, ok := u.cache.get(cacheKey) - - if !ok { - // This user, hashedPassword, password is not cached. - u.bcryptMtx.Lock() - err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(pass)) - u.bcryptMtx.Unlock() - - authOk = validUser && err == nil - u.cache.set(cacheKey, authOk) - } - - if authOk && validUser { - u.handler.ServeHTTP(w, r) - return - } - } - - w.Header().Set("WWW-Authenticate", "Basic") - http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) -} diff --git a/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go b/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go --- grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-13 20:00:00.000000000 -0400 +++ /tmp/rpkg/grafana-1-v6p2z4of/grafana-9.2.2/vendor/github.com/prometheus/exporter-toolkit/web/tls_config.go 2023-03-16 13:43:13.300238021 -0400 @@ -18,12 +18,8 @@ "crypto/x509" "fmt" "io/ioutil" - "net" - "net/http" "path/filepath" - "github.com/go-kit/log" - "github.com/go-kit/log/level" "github.com/pkg/errors" config_util "github.com/prometheus/common/config" "gopkg.in/yaml.v2" @@ -177,98 +173,6 @@ return cfg, nil } -// ListenAndServe starts the server on the given address. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -func ListenAndServe(server *http.Server, tlsConfigPath string, logger log.Logger) error { - listener, err := net.Listen("tcp", server.Addr) - if err != nil { - return err - } - defer listener.Close() - return Serve(listener, server, tlsConfigPath, logger) -} - -// Server starts the server on the given listener. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -func Serve(l net.Listener, server *http.Server, tlsConfigPath string, logger log.Logger) error { - if tlsConfigPath == "" { - level.Info(logger).Log("msg", "TLS is disabled.", "http2", false) - return server.Serve(l) - } - - if err := validateUsers(tlsConfigPath); err != nil { - return err - } - - // Setup basic authentication. - var handler http.Handler = http.DefaultServeMux - if server.Handler != nil { - handler = server.Handler - } - - c, err := getConfig(tlsConfigPath) - if err != nil { - return err - } - - server.Handler = &webHandler{ - tlsConfigPath: tlsConfigPath, - logger: logger, - handler: handler, - cache: newCache(), - } - - config, err := ConfigToTLSConfig(&c.TLSConfig) - switch err { - case nil: - if !c.HTTPConfig.HTTP2 { - server.TLSNextProto = make(map[string]func(*http.Server, *tls.Conn, http.Handler)) - } - // Valid TLS config. - level.Info(logger).Log("msg", "TLS is enabled.", "http2", c.HTTPConfig.HTTP2) - case errNoTLSConfig: - // No TLS config, back to plain HTTP. - level.Info(logger).Log("msg", "TLS is disabled.", "http2", false) - return server.Serve(l) - default: - // Invalid TLS config. - return err - } - - server.TLSConfig = config - - // Set the GetConfigForClient method of the HTTPS server so that the config - // and certs are reloaded on new connections. - server.TLSConfig.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) { - config, err := getTLSConfig(tlsConfigPath) - if err != nil { - return nil, err - } - config.NextProtos = server.TLSConfig.NextProtos - return config, nil - } - return server.ServeTLS(l, "", "") -} - -// Validate configuration file by reading the configuration and the certificates. -func Validate(tlsConfigPath string) error { - if tlsConfigPath == "" { - return nil - } - if err := validateUsers(tlsConfigPath); err != nil { - return err - } - c, err := getConfig(tlsConfigPath) - if err != nil { - return err - } - _, err = ConfigToTLSConfig(&c.TLSConfig) - if err == errNoTLSConfig { - return nil - } - return err -} - type cipher uint16 func (c *cipher) UnmarshalYAML(unmarshal func(interface{}) error) error { @@ -351,11 +255,3 @@ } return fmt.Sprintf("%v", tv), nil } - -// Listen starts the server on the given address. Based on the file -// tlsConfigPath, TLS or basic auth could be enabled. -// -// Deprecated: Use ListenAndServe instead. -func Listen(server *http.Server, tlsConfigPath string, logger log.Logger) error { - return ListenAndServe(server, tlsConfigPath, logger) -} diff a/vendor/github.com/go-git/go-git/v5/options.go b/vendor/github.com/go-git/go-git/v5/options.go --- a/vendor/github.com/go-git/go-git/v5/options.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/options.go 2022-12-20 10:24:35.162653691 -0500 @@ -7,7 +7,7 @@ "strings" "time" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/config" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" @@ -434,7 +434,7 @@ // SignKey denotes a key to sign the commit with. A nil value here means the // commit will not be signed. The private key must be present and already // decrypted. - SignKey *openpgp.Entity + // SignKey *openpgp.Entity } // Validate validates the fields and sets the default values. @@ -517,7 +517,7 @@ Message string // SignKey denotes a key to sign the tag with. A nil value here means the tag // will not be signed. The private key must be present and already decrypted. - SignKey *openpgp.Entity + // SignKey *openpgp.Entity } // Validate validates the fields and sets the default values. diff a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go 2022-12-20 10:33:26.630073026 -0500 @@ -9,7 +9,7 @@ "io" "strings" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/storer" @@ -354,7 +354,8 @@ // Verify performs PGP verification of the commit with a provided armored // keyring and returns openpgp.Entity associated with verifying key on success. -func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) { +func (c *Commit) Verify(armoredKeyRing string) (*int, error) { + /* keyRingReader := strings.NewReader(armoredKeyRing) keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) if err != nil { @@ -375,6 +376,8 @@ } return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + */ + return nil, nil } func indent(t string) string { diff a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go 2022-12-20 10:37:05.542949113 -0500 @@ -6,9 +6,9 @@ "fmt" "io" stdioutil "io/ioutil" - "strings" + // "strings" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/storer" @@ -284,7 +284,8 @@ // Verify performs PGP verification of the tag with a provided armored // keyring and returns openpgp.Entity associated with verifying key on success. -func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) { +func (t *Tag) Verify(armoredKeyRing string) (*int, error) { + /* keyRingReader := strings.NewReader(armoredKeyRing) keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) if err != nil { @@ -305,6 +306,8 @@ } return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil) + */ + return nil, nil } // TagIter provides an iterator for a set of tags. diff a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go 2022-12-20 13:42:13.659296361 -0500 @@ -1,6 +1,7 @@ package ssh import ( + /* "errors" "fmt" "io/ioutil" @@ -14,6 +15,7 @@ sshagent "github.com/xanzy/ssh-agent" "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/knownhosts" + */ ) const DefaultUsername = "git" @@ -22,10 +24,12 @@ // must implement. The clientConfig method returns the ssh client // configuration needed to establish an ssh connection. type AuthMethod interface { + /* transport.AuthMethod // ClientConfig should return a valid ssh.ClientConfig to be used to create // a connection to the SSH server. ClientConfig() (*ssh.ClientConfig, error) + */ } // The names of the AuthMethod implementations. To be returned by the @@ -42,78 +46,101 @@ // KeyboardInteractive implements AuthMethod by using a // prompt/response sequence controlled by the server. type KeyboardInteractive struct { + /* User string Challenge ssh.KeyboardInteractiveChallenge HostKeyCallbackHelper + */ } func (a *KeyboardInteractive) Name() string { - return KeyboardInteractiveName + // return KeyboardInteractiveName + return "" } func (a *KeyboardInteractive) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *KeyboardInteractive) ClientConfig() (*ssh.ClientConfig, error) { +func (a *KeyboardInteractive) ClientConfig() (*int, error) { + /* return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ a.Challenge, }, }) + */ + return nil, nil } // Password implements AuthMethod by using the given password. type Password struct { + /* User string Password string HostKeyCallbackHelper + */ } func (a *Password) Name() string { - return PasswordName + // return PasswordName + return "" } func (a *Password) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *Password) ClientConfig() (*ssh.ClientConfig, error) { +func (a *Password) ClientConfig() (*int, error) { + /* return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.Password(a.Password)}, }) + */ + return nil, nil } // PasswordCallback implements AuthMethod by using a callback // to fetch the password. type PasswordCallback struct { + /* User string Callback func() (pass string, err error) HostKeyCallbackHelper + */ } func (a *PasswordCallback) Name() string { - return PasswordCallbackName + // return PasswordCallbackName + return "" } func (a *PasswordCallback) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PasswordCallback) ClientConfig() (*ssh.ClientConfig, error) { +func (a *PasswordCallback) ClientConfig() (*int, error) { + /* return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PasswordCallback(a.Callback)}, }) + */ + return nil, nil } // PublicKeys implements AuthMethod by using the given key pairs. type PublicKeys struct { + /* User string Signer ssh.Signer HostKeyCallbackHelper + */ } // NewPublicKeys returns a PublicKeys from a PEM encoded private key. An @@ -121,6 +148,7 @@ // encrypted PEM block otherwise password should be empty. It supports RSA // (PKCS#1), PKCS#8, DSA (OpenSSL), and ECDSA private keys. func NewPublicKeys(user string, pemBytes []byte, password string) (*PublicKeys, error) { + /* signer, err := ssh.ParsePrivateKey(pemBytes) if _, ok := err.(*ssh.PassphraseMissingError); ok { signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password)) @@ -129,36 +157,47 @@ return nil, err } return &PublicKeys{User: user, Signer: signer}, nil + */ + return nil, nil } // NewPublicKeysFromFile returns a PublicKeys from a file containing a PEM // encoded private key. An encryption password should be given if the pemBytes // contains a password encrypted PEM block otherwise password should be empty. func NewPublicKeysFromFile(user, pemFile, password string) (*PublicKeys, error) { + /* bytes, err := ioutil.ReadFile(pemFile) if err != nil { return nil, err } return NewPublicKeys(user, bytes, password) + */ + return nil, nil } func (a *PublicKeys) Name() string { - return PublicKeysName + // return PublicKeysName + return "" } func (a *PublicKeys) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PublicKeys) ClientConfig() (*ssh.ClientConfig, error) { +func (a *PublicKeys) ClientConfig() (*int, error) { + /* return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PublicKeys(a.Signer)}, }) + */ + return nil, nil } func username() (string, error) { + /* var username string if user, err := user.Current(); err == nil { username = user.Username @@ -171,20 +210,25 @@ } return username, nil + */ + return "", nil } // PublicKeysCallback implements AuthMethod by asking a // ssh.agent.Agent to act as a signer. type PublicKeysCallback struct { + /* User string Callback func() (signers []ssh.Signer, err error) HostKeyCallbackHelper + */ } // NewSSHAgentAuth returns a PublicKeysCallback based on a SSH agent, it opens // a pipe with the SSH agent and uses the pipe as the implementer of the public // key callback function. func NewSSHAgentAuth(u string) (*PublicKeysCallback, error) { + /* var err error if u == "" { u, err = username() @@ -202,21 +246,28 @@ User: u, Callback: a.Signers, }, nil + */ + return nil, nil } func (a *PublicKeysCallback) Name() string { - return PublicKeysCallbackName + // return PublicKeysCallbackName + return "" } func (a *PublicKeysCallback) String() string { - return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + // return fmt.Sprintf("user: %s, name: %s", a.User, a.Name()) + return "" } -func (a *PublicKeysCallback) ClientConfig() (*ssh.ClientConfig, error) { +func (a *PublicKeysCallback) ClientConfig() (*int, error) { + /* return a.SetHostKeyCallback(&ssh.ClientConfig{ User: a.User, Auth: []ssh.AuthMethod{ssh.PublicKeysCallback(a.Callback)}, }) + */ + return nil, nil } // NewKnownHostsCallback returns ssh.HostKeyCallback based on a file based on a @@ -229,7 +280,8 @@ // If SSH_KNOWN_HOSTS is not set the following file locations will be used: // ~/.ssh/known_hosts // /etc/ssh/ssh_known_hosts -func NewKnownHostsCallback(files ...string) (ssh.HostKeyCallback, error) { +func NewKnownHostsCallback(files ...string) (*int, error) { + /* var err error if len(files) == 0 { @@ -243,9 +295,12 @@ } return knownhosts.New(files...) + */ + return nil, nil } -func getDefaultKnownHostsFiles() ([]string, error) { +func getDefaultKnownHostsFiles() (*int, error) { + /* files := filepath.SplitList(os.Getenv("SSH_KNOWN_HOSTS")) if len(files) != 0 { return files, nil @@ -260,9 +315,12 @@ filepath.Join(homeDirPath, "/.ssh/known_hosts"), "/etc/ssh/ssh_known_hosts", }, nil + */ + return nil, nil } -func filterKnownHostsFiles(files ...string) ([]string, error) { +func filterKnownHostsFiles(files ...string) (*int, error) { + /* var out []string for _, file := range files { _, err := os.Stat(file) @@ -281,6 +339,8 @@ } return out, nil + */ + return nil, nil } // HostKeyCallbackHelper is a helper that provides common functionality to @@ -289,13 +349,14 @@ // HostKeyCallback is the function type used for verifying server keys. // If nil default callback will be create using NewKnownHostsCallback // without argument. - HostKeyCallback ssh.HostKeyCallback + // HostKeyCallback ssh.HostKeyCallback } // SetHostKeyCallback sets the field HostKeyCallback in the given cfg. If // HostKeyCallback is empty a default callback is created using // NewKnownHostsCallback. -func (m *HostKeyCallbackHelper) SetHostKeyCallback(cfg *ssh.ClientConfig) (*ssh.ClientConfig, error) { +func (m *HostKeyCallbackHelper) SetHostKeyCallback(*int) (*int, error) { + /* var err error if m.HostKeyCallback == nil { if m.HostKeyCallback, err = NewKnownHostsCallback(); err != nil { @@ -305,4 +366,6 @@ cfg.HostKeyCallback = m.HostKeyCallback return cfg, nil + */ + return nil, nil } diff a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/common.go 2022-12-20 14:01:25.825788050 -0500 @@ -2,18 +2,22 @@ package ssh import ( - "context" + // "context" "fmt" + /* "reflect" "strconv" "strings" + */ "github.com/go-git/go-git/v5/plumbing/transport" "github.com/go-git/go-git/v5/plumbing/transport/internal/common" "github.com/kevinburke/ssh_config" + /* "golang.org/x/crypto/ssh" "golang.org/x/net/proxy" + */ ) // DefaultClient is the default SSH client. @@ -28,23 +32,26 @@ } // NewClient creates a new SSH client with an optional *ssh.ClientConfig. -func NewClient(config *ssh.ClientConfig) transport.Transport { - return common.NewClient(&runner{config: config}) +func NewClient(*int) transport.Transport { + // return common.NewClient(&runner{config: config}) + return nil } // DefaultAuthBuilder is the function used to create a default AuthMethod, when // the user doesn't provide any. var DefaultAuthBuilder = func(user string) (AuthMethod, error) { - return NewSSHAgentAuth(user) + // return NewSSHAgentAuth(user) + return nil, nil } const DefaultPort = 22 type runner struct { - config *ssh.ClientConfig + // config *ssh.ClientConfig } func (r *runner) Command(cmd string, ep *transport.Endpoint, auth transport.AuthMethod) (common.Command, error) { + /* c := &command{command: cmd, endpoint: ep, config: r.config} if auth != nil { c.setAuth(auth) @@ -54,9 +61,12 @@ return nil, err } return c, nil + */ + return nil, nil } type command struct { + /* *ssh.Session connected bool command string @@ -64,24 +74,29 @@ client *ssh.Client auth AuthMethod config *ssh.ClientConfig + */ } func (c *command) setAuth(auth transport.AuthMethod) error { + /* a, ok := auth.(AuthMethod) if !ok { return transport.ErrInvalidAuthMethod } c.auth = a + */ return nil } func (c *command) Start() error { - return c.Session.Start(endpointToCommand(c.command, c.endpoint)) + // return c.Session.Start(endpointToCommand(c.command, c.endpoint)) + return nil } // Close closes the SSH session and connection. func (c *command) Close() error { + /* if !c.connected { return nil } @@ -99,6 +114,8 @@ } return err + */ + return nil } // connect connects to the SSH server, unless a AuthMethod was set with @@ -106,6 +123,7 @@ // it connects to a SSH agent, using the address stored in the SSH_AUTH_SOCK // environment var. func (c *command) connect() error { + /* if c.connected { return transport.ErrAlreadyConnected } @@ -136,10 +154,12 @@ } c.connected = true + */ return nil } -func dial(network, addr string, config *ssh.ClientConfig) (*ssh.Client, error) { +func dial(network, addr string, config *int) (*int, error) { + /* var ( ctx = context.Background() cancel context.CancelFunc @@ -160,9 +180,12 @@ return nil, err } return ssh.NewClient(c, chans, reqs), nil + */ + return nil, nil } func (c *command) getHostWithPort() string { + /* if addr, found := c.doGetHostWithPortFromSSHConfig(); found { return addr } @@ -174,9 +197,12 @@ } return fmt.Sprintf("%s:%d", host, port) + */ + return "" } func (c *command) doGetHostWithPortFromSSHConfig() (addr string, found bool) { + /* if DefaultSSHConfig == nil { return } @@ -202,12 +228,13 @@ } addr = fmt.Sprintf("%s:%d", host, port) + */ return } func (c *command) setAuthFromEndpoint() error { var err error - c.auth, err = DefaultAuthBuilder(c.endpoint.User) + // c.auth, err = DefaultAuthBuilder(c.endpoint.User) return err } @@ -215,7 +242,8 @@ return fmt.Sprintf("%s '%s'", cmd, ep.Path) } -func overrideConfig(overrides *ssh.ClientConfig, c *ssh.ClientConfig) { +func overrideConfig(overrides *int, c *int) { + /* if overrides == nil { return } @@ -232,4 +260,5 @@ } *c = vc.Interface().(ssh.ClientConfig) + */ } diff a/vendor/github.com/go-git/go-git/v5/repository.go b/vendor/github.com/go-git/go-git/v5/repository.go --- a/vendor/github.com/go-git/go-git/v5/repository.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/repository.go 2022-12-20 13:46:57.584666477 -0500 @@ -13,7 +13,7 @@ "strings" "time" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-billy/v5" "github.com/go-git/go-billy/v5/osfs" "github.com/go-git/go-billy/v5/util" @@ -706,6 +706,7 @@ Target: hash, } + /* if opts.SignKey != nil { sig, err := r.buildTagSignature(tag, opts.SignKey) if err != nil { @@ -714,6 +715,7 @@ tag.PGPSignature = sig } + */ obj := r.Storer.NewEncodedObject() if err := tag.Encode(obj); err != nil { @@ -723,7 +725,8 @@ return r.Storer.SetEncodedObject(obj) } -func (r *Repository) buildTagSignature(tag *object.Tag, signKey *openpgp.Entity) (string, error) { +func (r *Repository) buildTagSignature(tag *object.Tag, signKey *int) (string, error) { + /* encoded := &plumbing.MemoryObject{} if err := tag.Encode(encoded); err != nil { return "", err @@ -740,6 +743,8 @@ } return b.String(), nil + */ + return "", nil } // Tag returns a tag from the repository. diff a/vendor/github.com/go-git/go-git/v5/worktree_commit.go b/vendor/github.com/go-git/go-git/v5/worktree_commit.go --- a/vendor/github.com/go-git/go-git/v5/worktree_commit.go 2022-10-30 20:00:00.000000000 -0400 +++ b/vendor/github.com/go-git/go-git/v5/worktree_commit.go 2022-12-20 13:47:27.671919357 -0500 @@ -1,7 +1,7 @@ package git import ( - "bytes" + // "bytes" "path" "sort" "strings" @@ -12,7 +12,7 @@ "github.com/go-git/go-git/v5/plumbing/object" "github.com/go-git/go-git/v5/storage" - "github.com/ProtonMail/go-crypto/openpgp" + // "github.com/ProtonMail/go-crypto/openpgp" "github.com/go-git/go-billy/v5" ) @@ -101,6 +101,7 @@ ParentHashes: opts.Parents, } + /* if opts.SignKey != nil { sig, err := w.buildCommitSignature(commit, opts.SignKey) if err != nil { @@ -108,6 +109,7 @@ } commit.PGPSignature = sig } + */ obj := w.r.Storer.NewEncodedObject() if err := commit.Encode(obj); err != nil { @@ -116,7 +118,8 @@ return w.r.Storer.SetEncodedObject(obj) } -func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *openpgp.Entity) (string, error) { +func (w *Worktree) buildCommitSignature(commit *object.Commit, signKey *int) (string, error) { + /* encoded := &plumbing.MemoryObject{} if err := commit.Encode(encoded); err != nil { return "", err @@ -130,6 +133,8 @@ return "", err } return b.String(), nil + */ + return "", nil } // buildTreeHelper converts a given index.Index file into multiple git objects