TUN-5286: Upgrade crypto/ssh package to fix CVE-2020-29652

2025-07-28 05:29:57 +00:00 · 2021-10-21 15:34:00 +01:00
parent 2ce11a20c4
commit 2ca4633f89
137 changed files with 2608 additions and 4603 deletions
--- a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go
@@ -26,6 +26,10 @@ const (
 	// NonceSizeX is the size of the nonce used with the XChaCha20-Poly1305
 	// variant of this AEAD, in bytes.
 	NonceSizeX = 24
+
+	// Overhead is the size of the Poly1305 authentication tag, and the
+	// difference between a ciphertext length and its plaintext.
+	Overhead = 16
 )

 type chacha20poly1305 struct {
@@ -47,7 +51,7 @@ func (c *chacha20poly1305) NonceSize() int {
 }

 func (c *chacha20poly1305) Overhead() int {
-	return 16
+	return Overhead
 }

 func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
--- a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build !gccgo,!purego
+//go:build gc && !purego
+// +build gc,!purego

 package chacha20poly1305

--- a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s
@@ -4,7 +4,8 @@

 // This file was originally from https://golang.org/cl/24717 by Vlad Krasnov of CloudFlare.

-// +build !gccgo,!purego
+//go:build gc && !purego
+// +build gc,!purego

 #include "textflag.h"
 // General register allocation
--- a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go
@@ -8,8 +8,8 @@ import (
 	"encoding/binary"

 	"golang.org/x/crypto/chacha20"
+	"golang.org/x/crypto/internal/poly1305"
 	"golang.org/x/crypto/internal/subtle"
-	"golang.org/x/crypto/poly1305"
 )

 func writeWithPadding(p *poly1305.MAC, b []byte) {
--- a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build !amd64 gccgo purego
+//go:build !amd64 || !gc || purego
+// +build !amd64 !gc purego

 package chacha20poly1305

--- a/vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go
@@ -35,7 +35,7 @@ func (*xchacha20poly1305) NonceSize() int {
 }

 func (*xchacha20poly1305) Overhead() int {
-	return 16
+	return Overhead
 }

 func (x *xchacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {