diff --git a/connection/quic.go b/connection/quic.go
new file mode 100644
index 00000000..e9a34746
--- /dev/null
+++ b/connection/quic.go
@@ -0,0 +1,84 @@
+package connection
+
+import (
+ "context"
+ "crypto/tls"
+ "net"
+
+ "github.com/lucas-clemente/quic-go"
+ "github.com/pkg/errors"
+ "github.com/rs/zerolog"
+
+ quicpogs "github.com/cloudflare/cloudflared/quic"
+)
+
+// QUICConnection represents the type that facilitates Proxying via QUIC streams.
+type QUICConnection struct {
+ session quic.Session
+ logger zerolog.Logger
+}
+
+// NewQUICConnection returns a new instance of QUICConnection.
+func NewQUICConnection(
+ ctx context.Context,
+ quicConfig *quic.Config,
+ edgeAddr net.Addr,
+ tlsConfig *tls.Config,
+ logger zerolog.Logger,
+) (*QUICConnection, error) {
+ session, err := quic.DialAddr(edgeAddr.String(), tlsConfig, quicConfig)
+ if err != nil {
+ return nil, errors.Wrap(err, "failed to dial to edge")
+ }
+
+ //TODO: RegisterConnectionRPC here.
+
+ return &QUICConnection{
+ session: session,
+ logger: logger,
+ }, nil
+}
+
+// Serve starts a QUIC session that begins accepting streams.
+func (q *QUICConnection) Serve(ctx context.Context) error {
+ ctx, cancel := context.WithCancel(ctx)
+ defer cancel()
+
+ for {
+ stream, err := q.session.AcceptStream(ctx)
+ if err != nil {
+ return errors.Wrap(err, "failed to accept QUIC stream")
+ }
+ go func() {
+ defer stream.Close()
+ if err = q.handleStream(stream); err != nil {
+ q.logger.Err(err).Msg("Failed to handle QUIC stream")
+ }
+ }()
+ }
+}
+
+// Close calls this to close the QuicConnection stream.
+func (q *QUICConnection) Close() {
+ q.session.CloseWithError(0, "")
+}
+
+func (q *QUICConnection) handleStream(stream quic.Stream) error {
+ connectRequest, err := quicpogs.ReadConnectRequestData(stream)
+ if err != nil {
+ return err
+ }
+
+ switch connectRequest.Type {
+ case quicpogs.ConnectionTypeHTTP, quicpogs.ConnectionTypeWebsocket:
+ // Temporary dummy code for the unit test.
+ if err := quicpogs.WriteConnectResponseData(stream, nil, quicpogs.Metadata{Key: "HTTPStatus", Val: "200"}); err != nil {
+ return err
+ }
+
+ stream.Write([]byte("OK"))
+ case quicpogs.ConnectionTypeTCP:
+
+ }
+ return nil
+}
diff --git a/connection/quic_test.go b/connection/quic_test.go
new file mode 100644
index 00000000..0f1b7964
--- /dev/null
+++ b/connection/quic_test.go
@@ -0,0 +1,161 @@
+package connection
+
+import (
+ "context"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/tls"
+ "crypto/x509"
+ "encoding/pem"
+ "io/ioutil"
+ "math/big"
+ "net"
+ "os"
+ "sync"
+ "testing"
+
+ "github.com/lucas-clemente/quic-go"
+ "github.com/rs/zerolog"
+ "github.com/stretchr/testify/assert"
+ "github.com/stretchr/testify/require"
+
+ quicpogs "github.com/cloudflare/cloudflared/quic"
+)
+
+// TestQUICServer tests if a quic server accepts and responds to a quic client with the acceptance protocol.
+// It also serves as a demonstration for communication with the QUIC connection started by a cloudflared.
+func TestQUICServer(t *testing.T) {
+ quicConfig := &quic.Config{
+ KeepAlive: true,
+ }
+
+ log := zerolog.New(os.Stdout)
+
+ udpAddr, err := net.ResolveUDPAddr("udp", "127.0.0.1:0")
+
+ require.NoError(t, err)
+ udpListener, err := net.ListenUDP(udpAddr.Network(), udpAddr)
+ require.NoError(t, err)
+ defer udpListener.Close()
+ tlsConfig := generateTLSConfig()
+ tlsConfClient := &tls.Config{
+ InsecureSkipVerify: true,
+ NextProtos: []string{"argotunnel"},
+ }
+ var tests = []struct {
+ desc string
+ dest string
+ connectionType quicpogs.ConnectionType
+ metadata []quicpogs.Metadata
+ message []byte
+ expectedMessage []byte
+ }{
+ {
+ desc: "",
+ dest: "somehost.com",
+ connectionType: quicpogs.ConnectionTypeWebsocket,
+ metadata: []quicpogs.Metadata{
+ quicpogs.Metadata{
+ Key: "key",
+ Val: "value",
+ },
+ },
+ expectedMessage: []byte("OK"),
+ },
+ }
+
+ for _, test := range tests {
+ t.Run(test.desc, func(t *testing.T) {
+ ctx, cancel := context.WithCancel(context.Background())
+
+ var wg sync.WaitGroup
+ go func() {
+ wg.Add(1)
+ quicServer(
+ t, udpListener, tlsConfig, quicConfig,
+ test.dest, test.connectionType, test.metadata, test.message, test.expectedMessage,
+ )
+ wg.Done()
+ }()
+
+ qC, err := NewQUICConnection(context.Background(), quicConfig, udpListener.LocalAddr(), tlsConfClient, log)
+ require.NoError(t, err)
+
+ go func() {
+ wg.Wait()
+ cancel()
+ }()
+
+ qC.Serve(ctx)
+
+ })
+ }
+
+}
+
+func quicServer(
+ t *testing.T,
+ conn net.PacketConn,
+ tlsConf *tls.Config,
+ config *quic.Config,
+ dest string,
+ connectionType quicpogs.ConnectionType,
+ metadata []quicpogs.Metadata,
+ message []byte,
+ expectedResponse []byte,
+) {
+ ctx, cancel := context.WithCancel(context.Background())
+ defer cancel()
+
+ earlyListener, err := quic.ListenEarly(conn, tlsConf, config)
+ require.NoError(t, err)
+
+ session, err := earlyListener.Accept(ctx)
+ require.NoError(t, err)
+
+ stream, err := session.OpenStreamSync(context.Background())
+ require.NoError(t, err)
+
+ // Start off ALPN
+ err = quicpogs.WriteConnectRequestData(stream, dest, connectionType, metadata...)
+ require.NoError(t, err)
+
+ _, err = quicpogs.ReadConnectResponseData(stream)
+ require.NoError(t, err)
+
+ if message != nil {
+ // ALPN successful. Write data.
+ _, err = stream.Write([]byte(message))
+ require.NoError(t, err)
+ }
+
+ response, err := ioutil.ReadAll(stream)
+ require.NoError(t, err)
+
+ // For now it is an echo server. Verify if the same data is returned.
+ assert.Equal(t, expectedResponse, response)
+}
+
+// Setup a bare-bones TLS config for the server
+func generateTLSConfig() *tls.Config {
+ key, err := rsa.GenerateKey(rand.Reader, 1024)
+ if err != nil {
+ panic(err)
+ }
+ template := x509.Certificate{SerialNumber: big.NewInt(1)}
+ certDER, err := x509.CreateCertificate(rand.Reader, &template, &template, &key.PublicKey, key)
+ if err != nil {
+ panic(err)
+ }
+ keyPEM := pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(key)})
+ certPEM := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: certDER})
+
+ tlsCert, err := tls.X509KeyPair(certPEM, keyPEM)
+ if err != nil {
+ panic(err)
+ }
+ return &tls.Config{
+ Certificates: []tls.Certificate{tlsCert},
+ NextProtos: []string{"argotunnel"},
+ }
+}
diff --git a/go.mod b/go.mod
index 3122d039..b49ce86f 100644
--- a/go.mod
+++ b/go.mod
@@ -29,6 +29,7 @@ require (
github.com/json-iterator/go v1.1.10
github.com/kr/text v0.2.0 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect
+ github.com/lucas-clemente/quic-go v0.21.1
github.com/mattn/go-colorable v0.1.8
github.com/miekg/dns v1.1.31
github.com/mitchellh/go-homedir v1.1.0
@@ -45,10 +46,10 @@ require (
github.com/urfave/cli/v2 v2.2.0
go.uber.org/automaxprocs v1.4.0
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a
- golang.org/x/net v0.0.0-20200904194848-62affa334b73
+ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43 // indirect
- golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208
- golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4
+ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+ golang.org/x/sys v0.0.0-20210510120138-977fb7262007
golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d // indirect
google.golang.org/grpc v1.32.0 // indirect
diff --git a/go.sum b/go.sum
index 6328b01e..8fe712bb 100644
--- a/go.sum
+++ b/go.sum
@@ -1,5 +1,7 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.31.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.37.0/go.mod h1:TS1dMSSfndXH133OKGwekG838Om/cQT0BUHV3HcBgoo=
cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU=
cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY=
@@ -31,7 +33,12 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
contrib.go.opencensus.io/exporter/ocagent v0.4.12/go.mod h1:450APlNTSR6FrvC3CTRqYosuDstRB9un7SOx2k/9ckA=
+dmitri.shuralyov.com/app/changes v0.0.0-20180602232624-0a106ad413e3/go.mod h1:Yl+fi1br7+Rr3LqpNJf1/uxUdtRUV+Tnj0o93V2B9MU=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBrvjyP0v+ecvNYvCpyZgu5/xkfAUhi6wJj28eUfSU=
+dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
+dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
+git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
github.com/Azure/azure-sdk-for-go v32.4.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/azure-sdk-for-go v40.6.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc=
github.com/Azure/go-autorest/autorest v0.1.0/go.mod h1:AKyIcETwSUFxIcs/Wnq/C+kwCtlEYGUVd7FPNb2slmg=
@@ -84,6 +91,7 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF
github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190808125512-07798873deee/go.mod h1:myCDvQSzCW+wB1WAlocEru4wMGJxy+vlxHdhegi1CDQ=
github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8=
+github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
@@ -101,6 +109,8 @@ github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+Ce
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
+github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
+github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
github.com/caddyserver/caddy v1.0.5 h1:5B1Hs0UF2x2tggr2X9jL2qOZtDXbIWQb9YLbmlxHSuM=
github.com/caddyserver/caddy v1.0.5/go.mod h1:AnFHB+/MrgRC+mJAvuAgQ38ePzw+wKeW0wzENpdQQKY=
github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
@@ -113,6 +123,7 @@ github.com/certifi/gocertifi v0.0.0-20200211180108-c7c1fbc02894 h1:JLaf/iINcLyjw
github.com/certifi/gocertifi v0.0.0-20200211180108-c7c1fbc02894/go.mod h1:sGbDF6GwGcLpkNXPUTkMRoywsNa/ol15pxFe6ERfguA=
github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cheekybits/genny v1.0.0 h1:uGGa4nei+j20rOSeDeP5Of12XVm7TGUd4dJA9RDitfE=
github.com/cheekybits/genny v1.0.0/go.mod h1:+tQajlRqAUrPI7DOSpB0XAqZYtQakVtB7wXkRAgjxjQ=
github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
@@ -133,6 +144,7 @@ github.com/coreos/go-oidc v0.0.0-20171002155002-a93f71fdfe73 h1:7CNPV0LWRCa1FNmq
github.com/coreos/go-oidc v0.0.0-20171002155002-a93f71fdfe73/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf h1:iW4rZ826su+pqaw19uhpSCzhj44qo35pNgKFGqzDKkU=
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
@@ -185,6 +197,7 @@ github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5Kwzbycv
github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 h1:BHsljHzVlRcyQhjrss6TZTdY2VfCqZPbv5k3iBFa2ZQ=
github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
+github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
@@ -198,6 +211,7 @@ github.com/getsentry/raven-go v0.0.0-20180517221441-ed7bcb39ff10 h1:YO10pIIBftO/
github.com/getsentry/raven-go v0.0.0-20180517221441-ed7bcb39ff10/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ=
github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
github.com/go-acme/lego/v3 v3.1.0/go.mod h1:074uqt+JS6plx+c9Xaiz6+L+GBb+7itGtzfcDM2AhEE=
github.com/go-acme/lego/v3 v3.2.0/go.mod h1:074uqt+JS6plx+c9Xaiz6+L+GBb+7itGtzfcDM2AhEE=
github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s=
@@ -241,6 +255,7 @@ github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4er
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
@@ -248,6 +263,7 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt
github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw=
github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.0/go.mod h1:Qd/q+1AKNOZr9uGQzbzCmRO6sUih6GTPZv6a1/R87v0=
@@ -276,6 +292,7 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -293,6 +310,8 @@ github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+
github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY=
+github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg=
github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
@@ -312,6 +331,7 @@ github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/ad
github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
+github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
github.com/grpc-ecosystem/grpc-gateway v1.8.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU=
@@ -350,6 +370,7 @@ github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod
github.com/infobloxopen/go-trees v0.0.0-20190313150506-2af4e13f9062/go.mod h1:PcNJqIlcX/dj3DTG/+QQnRvSgTMG6CLpRMjWcv4+J6w=
github.com/ipostelnik/cli/v2 v2.3.1-0.20210324024421-b6ea8234fe3d h1:PRDnysJ9dF1vUMmEzBu6aHQeUluSQy4eWH3RsSSy/vI=
github.com/ipostelnik/cli/v2 v2.3.1-0.20210324024421-b6ea8234fe3d/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
+github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
github.com/jimstudt/http-authentication v0.0.0-20140401203705-3eca13d6893a/go.mod h1:wK6yTYYcgjHE1Z1QtXACPDjcFJyBskHEdagmnq3vsP8=
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
@@ -379,6 +400,7 @@ github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFB
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
@@ -392,14 +414,25 @@ github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0U
github.com/linode/linodego v0.10.0/go.mod h1:cziNP7pbvE3mXIPneHj0oRY8L1WtGEIKlZ8LANE4eXA=
github.com/liquidweb/liquidweb-go v1.6.0/go.mod h1:UDcVnAMDkZxpw4Y7NOHkqoeiGacVLEIG/i5J9cyixzQ=
github.com/lucas-clemente/quic-go v0.13.1/go.mod h1:Vn3/Fb0/77b02SGhQk36KzOUmXgVpFfizUfW5WMaqyU=
+github.com/lucas-clemente/quic-go v0.21.1 h1:uuhCcu885TE9u/piPYMChI/yqA1lXfaLUEx8uCMxf8w=
+github.com/lucas-clemente/quic-go v0.21.1/go.mod h1:U9kFi5LKbNIlU30dkuM9vxmTxWq4Bvzee/MjBI+07UA=
github.com/lucasb-eyer/go-colorful v1.0.2/go.mod h1:0MS4r+7BZKSJ5mw4/S5MPN+qHFF1fYclkSPilDOKW0s=
github.com/lucasb-eyer/go-colorful v1.0.3 h1:QIbQXiugsb+q10B+MI+7DI1oQLdmnep86tWFlaaUAac=
github.com/lucasb-eyer/go-colorful v1.0.3/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0=
+github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/marten-seemann/chacha20 v0.2.0/go.mod h1:HSdjFau7GzYRj+ahFNwsO3ouVJr1HFkWoEwNDb4TMtE=
github.com/marten-seemann/qpack v0.1.0/go.mod h1:LFt1NU/Ptjip0C2CPkhimBz5CGE3WGDAUWqna+CNTrI=
+github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
github.com/marten-seemann/qtls v0.4.1/go.mod h1:pxVXcHHw1pNIt8Qo0pwSYQEoZ8yYOOPXTCZLQQunvRc=
+github.com/marten-seemann/qtls-go1-15 v0.1.4 h1:RehYMOyRW8hPVEja1KBVsFVNSm35Jj9Mvs5yNoZZ28A=
+github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
+github.com/marten-seemann/qtls-go1-16 v0.1.3 h1:XEZ1xGorVy9u+lJq+WXNE+hiqRYLNvJGYmwfwKQN2gU=
+github.com/marten-seemann/qtls-go1-16 v0.1.3/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
+github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2 h1:SficYjyOthSrliKI+EaFuXS6HqSsX3dkY9AqxAAjBjw=
+github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
github.com/mattn/go-colorable v0.1.8 h1:c1ghPdyEDarC70ftn0y+A/Ee++9zz8ljHG1b13eJ0s8=
github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
@@ -415,6 +448,7 @@ github.com/mattn/go-tty v0.0.0-20180219170247-931426f7535a/go.mod h1:XPvLUNfbS4f
github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
github.com/mholt/certmagic v0.8.3/go.mod h1:91uJzK5K8IWtYQqTi5R2tsxV1pCde+wdGfaRaOZi6aQ=
+github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.15/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.29/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
@@ -451,11 +485,14 @@ github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxzi
github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
github.com/nbio/st v0.0.0-20140626010706-e9e8d9816f32/go.mod h1:9wM+0iRr9ahx58uYLpLIr5fm8diHn0JbqRycJi6w0Ms=
+github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
+github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
github.com/nrdcg/auroradns v1.0.0/go.mod h1:6JPXKzIRzZzMqtTDgueIhTi6rFf1QvYE/HzqidhOhjw=
github.com/nrdcg/goinwx v0.6.1/go.mod h1:XPiut7enlbEdntAqalBIqcYcTEVhpv/dKWgDCX2SwKQ=
github.com/nrdcg/namesilo v0.2.1/go.mod h1:lwMvfQTyYq+BbjJd30ylEG4GPSS6PII0Tia4rRpRiyw=
+github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
@@ -464,9 +501,13 @@ github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB
github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
+github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis=
github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74=
@@ -476,6 +517,7 @@ github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
github.com/openzipkin-contrib/zipkin-go-opentracing v0.3.5/go.mod h1:uVHyebswE1cCXr2A73cRM2frx5ld1RJUCJkFNZ90ZiI=
github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
+github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8=
github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
@@ -500,6 +542,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35 h1:J9b7z+QKAmPf4YLrFg6oQUotqHQeUNWwkvo7jZp1GLU=
github.com/pquerna/cachecontrol v0.0.0-20180517163645-1555304b9b35/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA=
+github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
@@ -515,6 +558,7 @@ github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:
github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M=
github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
+github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc=
@@ -523,6 +567,7 @@ github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8b
github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
github.com/prometheus/common v0.13.0 h1:vJlpe9wPgDRM1Z+7Wj3zUUjY1nr6/1jNKyl7llliccg=
github.com/prometheus/common v0.13.0/go.mod h1:U+gB1OBLb1lF3O42bTCL+FK18tX9Oar16Clt/msog/s=
+github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
@@ -545,6 +590,8 @@ github.com/rs/zerolog v1.20.0 h1:38k9hgtUBdxFwE34yS8rTHmHBa4eN16E4DJlv177LNs=
github.com/rs/zerolog v1.20.0/go.mod h1:IzD0RJ65iWH0w97OQQebJEvTZYvsCUm9WVLWBQrJRjo=
github.com/russross/blackfriday v0.0.0-20170610170232-067529f716f4 h1:S9YlS71UNJIyS61OqGAmLXv3w5zclSidN+qwr80XxKs=
github.com/russross/blackfriday v0.0.0-20170610170232-067529f716f4/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+github.com/russross/blackfriday v1.5.2 h1:HyvC0ARfnZBqnXwABFeSZHpKvJHJJfPz81GNueLj0oo=
+github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -553,7 +600,30 @@ github.com/sacloud/libsacloud v1.26.1/go.mod h1:79ZwATmHLIFZIMd7sxA3LwzVy/B77uj3
github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
+github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY=
+github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM=
+github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0=
+github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk=
+github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ=
+github.com/shurcooL/gofontwoff v0.0.0-20180329035133-29b52fc0a18d/go.mod h1:05UtEgK5zq39gLST6uB0cf3NEHjETfB4Fgr3Gx5R9Vw=
+github.com/shurcooL/gopherjslib v0.0.0-20160914041154-feb6d3990c2c/go.mod h1:8d3azKNyqcHP1GaQE/c6dDgjkgSx2BZ4IoEi4F1reUI=
+github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b/go.mod h1:ZpfEhSmds4ytuByIcDnOLkTHGUI6KNqRNPDLHDk+mUU=
+github.com/shurcooL/highlight_go v0.0.0-20181028180052-98c3abbbae20/go.mod h1:UDKB5a1T23gOMUJrI+uSuH0VRDStOiUVSjBTRDVBVag=
+github.com/shurcooL/home v0.0.0-20181020052607-80b7ffcb30f9/go.mod h1:+rgNQw2P9ARFAs37qieuu7ohDNQ3gds9msbT2yn85sg=
+github.com/shurcooL/htmlg v0.0.0-20170918183704-d01228ac9e50/go.mod h1:zPn1wHpTIePGnXSHpsVPWEktKXHr6+SS6x/IKRb7cpw=
+github.com/shurcooL/httperror v0.0.0-20170206035902-86b7830d14cc/go.mod h1:aYMfkZ6DWSJPJ6c4Wwz3QtW22G7mf/PEgaB9k/ik5+Y=
+github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
+github.com/shurcooL/httpgzip v0.0.0-20180522190206-b1c53ac65af9/go.mod h1:919LwcH0M7/W4fcZ0/jy0qGght1GIhqyS/EgWGH2j5Q=
+github.com/shurcooL/issues v0.0.0-20181008053335-6292fdc1e191/go.mod h1:e2qWDig5bLteJ4fwvDAc2NHzqFEthkqn7aOZAOpj+PQ=
+github.com/shurcooL/issuesapp v0.0.0-20180602232740-048589ce2241/go.mod h1:NPpHK2TI7iSaM0buivtFUc9offApnI0Alt/K8hcHy0I=
+github.com/shurcooL/notifications v0.0.0-20181007000457-627ab5aea122/go.mod h1:b5uSkrEVM1jQUspwbixRBhaIjIzL2xazXp6kntxYle0=
+github.com/shurcooL/octicon v0.0.0-20181028054416-fa4f57f9efb2/go.mod h1:eWdoE5JD4R5UVWDucdOPg1g2fqQRq78IQa9zlOV1vpQ=
+github.com/shurcooL/reactions v0.0.0-20181006231557-f2e0b4ca5b82/go.mod h1:TCR1lToEk4d2s07G3XGfz2QrgHXg4RJBvjrOozvoWfk=
+github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/shurcooL/users v0.0.0-20180125191416-49c67e49c537/go.mod h1:QJTqeLYEDaXHZDBsXlPCDqdhQuJkuw4NOtaxYe3xii4=
+github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5kWdCj2z2KEozexVbfEZIWiTjhE0+UjmZgPqehw=
github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
@@ -563,6 +633,8 @@ github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:s
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
+github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE=
+github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA=
github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -579,6 +651,7 @@ github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81P
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.0 h1:jlIyCplCJFULU/01vCkhKuTyc3OorI3bJFuw6obfgho=
github.com/stretchr/testify v1.6.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
github.com/timewasted/linode v0.0.0-20160829202747-37e84520dcf7/go.mod h1:imsgLplxEC/etjIhdr3dNzV3JeT27LbVu5pYWm0JCBY=
github.com/tinylib/msgp v1.1.2 h1:gWmO7n0Ys2RBEb7GPYB9Ujq8Mk5p2U08lRnmMcGy6BQ=
github.com/tinylib/msgp v1.1.2/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
@@ -588,6 +661,8 @@ github.com/uber-go/atomic v1.3.2/go.mod h1:/Ct5t2lcmbJ4OSe/waGBoaVvVqtO0bmtfVNex
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/urfave/cli v1.22.1 h1:+mkCCcOFKPnCmVYVcURKps1Xe+3zP90gSYGNfRkjoIY=
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
+github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
github.com/vultr/govultr v0.1.4/go.mod h1:9H008Uxr/C4vFNGLqKx232C206GL0PBHzOP0809bGNA=
github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
@@ -596,9 +671,11 @@ github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
go.etcd.io/etcd v0.5.0-alpha.5.0.20200306183522-221f0cc107cb/go.mod h1:VZB9Yx4s43MHItytoe8jcvaEFEgF2QzHDZGfQ/XQjvQ=
+go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
@@ -619,11 +696,15 @@ go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9E
go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
go.uber.org/zap v1.14.1/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc=
+go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
+golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw=
golang.org/x/crypto v0.0.0-20180621125126-a49355c7e3f8/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190418165655-df01cb2cc480/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -635,6 +716,7 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
golang.org/x/crypto v0.0.0-20191202143827-86a70503ff7e/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a h1:vclmkQCjlDX5OydZ9wv8rBCcS0QyQY66Mpf/7BZbInM=
@@ -651,6 +733,7 @@ golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EH
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
+golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
@@ -669,12 +752,15 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB
golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180611182652-db08ff08e862/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181029044818-c44066c5c816/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -683,6 +769,7 @@ golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73r
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190228165749-92fc7df08ae7/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -707,19 +794,25 @@ golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/
golang.org/x/net v0.0.0-20200501053045-e0ff5e5a1de5/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200506145744-7e3656a0809f/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200513185701-a91f0712d120/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200520182314-0ba52f642ac2/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
golang.org/x/net v0.0.0-20200904194848-62affa334b73 h1:MXfv8rhZWmFeqX3GNZRsd6vOLoaCHjYEX3qkRo3YBUA=
golang.org/x/net v0.0.0-20200904194848-62affa334b73/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43 h1:ld7aEMNHoBnnDAX15v1T6z31v8HwR2A9FYOuAhWqkwc=
golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
+golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -729,6 +822,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208 h1:qwRHBd0NqMbJxfbotnDhm2ByMI1Shq4Y6oRJo21SGJA=
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180622082034-63fc586f45fe/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -736,12 +831,14 @@ golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5h
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -759,6 +856,7 @@ golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191128015809-6d18c012aee9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -777,6 +875,7 @@ golang.org/x/sys v0.0.0-20200420163511-1957bb5e6d1f/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200501052902-10377860bb8e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200511232937-7e40ca221e25/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200515095857-1151b9dac4a9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -784,6 +883,10 @@ golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4 h1:myAQVi0cGEoqQVR5POX+8RR2mrocKqNN1hmeMqhX27k=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf h1:MZ2shdL+ZM/XzY3ZGOnh4Nlpnxz5GSOhOmtHo3iPU6M=
golang.org/x/term v0.0.0-20201210144234-2321bbc49cbf/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -802,6 +905,7 @@ golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGm
golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
@@ -849,11 +953,15 @@ golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roY
golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
+golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
+google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
+google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y=
google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
@@ -874,6 +982,7 @@ google.golang.org/api v0.29.0/go.mod h1:Lcubydp8VUV7KeIHD9z2Bys/sm/vGKnG1UHuDBSr
google.golang.org/api v0.30.0/go.mod h1:QGmEvQ87FHZNiUVJkT14jQNYJ4ZJjdRF23ZXz5138Fc=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0=
@@ -882,6 +991,9 @@ google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuh
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg=
+google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
@@ -913,6 +1025,8 @@ google.golang.org/genproto v0.0.0-20200804131852-c06518451d9c/go.mod h1:FWY/as6D
google.golang.org/genproto v0.0.0-20200825200019-8632dd797987/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d h1:92D1fum1bJLKSdr11OJ+54YeCMCGYIygTA7R/YZxH5M=
google.golang.org/genproto v0.0.0-20200904004341-0bd0a958aa1d/go.mod h1:FWY/as6DDZQgahTzZj3fqbO1CbirC29ZNUFHwi0/+no=
+google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
+google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio=
google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.19.1/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
@@ -985,6 +1099,7 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ=
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -1010,5 +1125,7 @@ sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnM
sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc=
sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
+sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
+sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
zombiezen.com/go/capnproto2 v2.18.0+incompatible h1:mwfXZniffG5mXokQGHUJWGnqIBggoPfT/CEwon9Yess=
zombiezen.com/go/capnproto2 v2.18.0+incompatible/go.mod h1:XO5Pr2SbXgqZwn0m0Ru54QBqpOf4K5AYBO+8LAOBQEQ=
diff --git a/vendor/github.com/cheekybits/genny/LICENSE b/vendor/github.com/cheekybits/genny/LICENSE
new file mode 100644
index 00000000..519d7f22
--- /dev/null
+++ b/vendor/github.com/cheekybits/genny/LICENSE
@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 cheekybits
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
diff --git a/vendor/github.com/cheekybits/genny/generic/doc.go b/vendor/github.com/cheekybits/genny/generic/doc.go
new file mode 100644
index 00000000..3bd6c869
--- /dev/null
+++ b/vendor/github.com/cheekybits/genny/generic/doc.go
@@ -0,0 +1,2 @@
+// Package generic contains the generic marker types.
+package generic
diff --git a/vendor/github.com/cheekybits/genny/generic/generic.go b/vendor/github.com/cheekybits/genny/generic/generic.go
new file mode 100644
index 00000000..04a2306c
--- /dev/null
+++ b/vendor/github.com/cheekybits/genny/generic/generic.go
@@ -0,0 +1,13 @@
+package generic
+
+// Type is the placeholder type that indicates a generic value.
+// When genny is executed, variables of this type will be replaced with
+// references to the specific types.
+// var GenericType generic.Type
+type Type interface{}
+
+// Number is the placehoder type that indiccates a generic numerical value.
+// When genny is executed, variables of this type will be replaced with
+// references to the specific types.
+// var GenericType generic.Number
+type Number float64
diff --git a/vendor/github.com/lucas-clemente/quic-go/.gitignore b/vendor/github.com/lucas-clemente/quic-go/.gitignore
new file mode 100644
index 00000000..3cc06f24
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/.gitignore
@@ -0,0 +1,17 @@
+debug
+debug.test
+main
+mockgen_tmp.go
+*.qtr
+*.qlog
+*.txt
+race.[0-9]*
+
+fuzzing/*/*.zip
+fuzzing/*/coverprofile
+fuzzing/*/crashers
+fuzzing/*/sonarprofile
+fuzzing/*/suppressions
+fuzzing/*/corpus/
+
+gomock_reflect_*/
diff --git a/vendor/github.com/lucas-clemente/quic-go/.golangci.yml b/vendor/github.com/lucas-clemente/quic-go/.golangci.yml
new file mode 100644
index 00000000..381ba3bf
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/.golangci.yml
@@ -0,0 +1,49 @@
+run:
+ skip-files:
+ - internal/qtls/structs_equal_test.go
+
+linters-settings:
+ depguard:
+ type: blacklist
+ packages:
+ - github.com/marten-seemann/qtls
+ packages-with-error-message:
+ - github.com/marten-seemann/qtls: "importing qtls only allowed in internal/qtls"
+ misspell:
+ ignore-words:
+ - ect
+
+linters:
+ disable-all: true
+ enable:
+ - asciicheck
+ - deadcode
+ - depguard
+ - exhaustive
+ - exportloopref
+ - goconst
+ - goimports
+ - gofmt # redundant, since gofmt *should* be a no-op after gofumpt
+ - gofumpt
+ - gosimple
+ - ineffassign
+ - misspell
+ - prealloc
+ - scopelint
+ - staticcheck
+ - stylecheck
+ - structcheck
+ - unconvert
+ - unparam
+ - unused
+ - varcheck
+ - vet
+
+issues:
+ exclude-rules:
+ - path: qlog/
+ linters:
+ - goconst
+ - path: internal/qtls
+ linters:
+ - depguard
diff --git a/vendor/github.com/lucas-clemente/quic-go/.travis.yml b/vendor/github.com/lucas-clemente/quic-go/.travis.yml
new file mode 100644
index 00000000..e899d793
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/.travis.yml
@@ -0,0 +1,31 @@
+dist: xenial
+group: travis_latest
+
+language: go
+
+go:
+ - "1.14.x"
+ - "1.15.x"
+
+# first part of the GOARCH workaround
+# setting the GOARCH directly doesn't work, since the value will be overwritten later
+# so set it to a temporary environment variable first
+env:
+ global:
+ - TIMESCALE_FACTOR=20
+ matrix:
+ - TRAVIS_GOARCH=amd64 TESTMODE=integration
+ - TRAVIS_GOARCH=386 TESTMODE=integration
+
+# second part of the GOARCH workaround
+# now actually set the GOARCH env variable to the value of the temporary variable set earlier
+before_install:
+ - travis_retry go get golang.org/x/tools/cmd/cover
+ - travis_retry go get github.com/onsi/ginkgo/ginkgo
+ - travis_retry go get github.com/onsi/gomega
+ - export GOARCH=$TRAVIS_GOARCH
+ - go env # for debugging
+ - travis_retry go get -t ./...
+
+script:
+ - .travis/script.sh
diff --git a/vendor/github.com/lucas-clemente/quic-go/Changelog.md b/vendor/github.com/lucas-clemente/quic-go/Changelog.md
new file mode 100644
index 00000000..457a0a6f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/Changelog.md
@@ -0,0 +1,94 @@
+# Changelog
+
+## v0.20.0 (unreleased)
+
+- Remove the `quic.Config.HandshakeTimeout`. Introduce a `quic.Config.HandshakeIdleTimeout`.
+
+## v0.17.1 (2020-06-20)
+
+- Supports QUIC WG draft-29.
+- Improve bundling of ACK frames (#2543).
+
+## v0.16.0 (2020-05-31)
+
+- Supports QUIC WG draft-28.
+
+## v0.15.0 (2020-03-01)
+
+- Supports QUIC WG draft-27.
+- Add support for 0-RTT.
+- Remove `Session.Close()`. Applications need to pass an application error code to the transport using `Session.CloseWithError()`.
+- Make the TLS Cipher Suites configurable (via `tls.Config.CipherSuites`).
+
+## v0.14.0 (2019-12-04)
+
+- Supports QUIC WG draft-24.
+
+## v0.13.0 (2019-11-05)
+
+- Supports QUIC WG draft-23.
+- Add an `EarlyListener` that allows sending of 0.5-RTT data.
+- Add a `TokenStore` to store address validation tokens.
+- Issue and use new connection IDs during a connection.
+
+## v0.12.0 (2019-08-05)
+
+- Implement HTTP/3.
+- Rename `quic.Cookie` to `quic.Token` and `quic.Config.AcceptCookie` to `quic.Config.AcceptToken`.
+- Distinguish between Retry tokens and tokens sent in NEW_TOKEN frames.
+- Enforce application protocol negotiation (via `tls.Config.NextProtos`).
+- Use a varint for error codes.
+- Add support for [quic-trace](https://github.com/google/quic-trace).
+- Add a context to `Listener.Accept`, `Session.Accept{Uni}Stream` and `Session.Open{Uni}StreamSync`.
+- Implement TLS key updates.
+
+## v0.11.0 (2019-04-05)
+
+- Drop support for gQUIC. For qQUIC support, please switch to the *gquic* branch.
+- Implement QUIC WG draft-19.
+- Use [qtls](https://github.com/marten-seemann/qtls) for TLS 1.3.
+- Return a `tls.ConnectionState` from `quic.Session.ConnectionState()`.
+- Remove the error return values from `quic.Stream.CancelRead()` and `quic.Stream.CancelWrite()`
+
+## v0.10.0 (2018-08-28)
+
+- Add support for QUIC 44, drop support for QUIC 42.
+
+## v0.9.0 (2018-08-15)
+
+- Add a `quic.Config` option for the length of the connection ID (for IETF QUIC).
+- Split Session.Close into one method for regular closing and one for closing with an error.
+
+## v0.8.0 (2018-06-26)
+
+- Add support for unidirectional streams (for IETF QUIC).
+- Add a `quic.Config` option for the maximum number of incoming streams.
+- Add support for QUIC 42 and 43.
+- Add dial functions that use a context.
+- Multiplex clients on a net.PacketConn, when using Dial(conn).
+
+## v0.7.0 (2018-02-03)
+
+- The lower boundary for packets included in ACKs is now derived, and the value sent in STOP_WAITING frames is ignored.
+- Remove `DialNonFWSecure` and `DialAddrNonFWSecure`.
+- Expose the `ConnectionState` in the `Session` (experimental API).
+- Implement packet pacing.
+
+## v0.6.0 (2017-12-12)
+
+- Add support for QUIC 39, drop support for QUIC 35 - 37
+- Added `quic.Config` options for maximal flow control windows
+- Add a `quic.Config` option for QUIC versions
+- Add a `quic.Config` option to request omission of the connection ID from a server
+- Add a `quic.Config` option to configure the source address validation
+- Add a `quic.Config` option to configure the handshake timeout
+- Add a `quic.Config` option to configure the idle timeout
+- Add a `quic.Config` option to configure keep-alive
+- Rename the STK to Cookie
+- Implement `net.Conn`-style deadlines for streams
+- Remove the `tls.Config` from the `quic.Config`. The `tls.Config` must now be passed to the `Dial` and `Listen` functions as a separate parameter. See the [Godoc](https://godoc.org/github.com/lucas-clemente/quic-go) for details.
+- Changed the log level environment variable to only accept strings ("DEBUG", "INFO", "ERROR"), see [the wiki](https://github.com/lucas-clemente/quic-go/wiki/Logging) for more details.
+- Rename the `h2quic.QuicRoundTripper` to `h2quic.RoundTripper`
+- Changed `h2quic.Server.Serve()` to accept a `net.PacketConn`
+- Drop support for Go 1.7 and 1.8.
+- Various bugfixes
diff --git a/vendor/github.com/lucas-clemente/quic-go/LICENSE b/vendor/github.com/lucas-clemente/quic-go/LICENSE
new file mode 100644
index 00000000..51378bef
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/LICENSE
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2016 the quic-go authors & Google, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/github.com/lucas-clemente/quic-go/README.md b/vendor/github.com/lucas-clemente/quic-go/README.md
new file mode 100644
index 00000000..8da4449a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/README.md
@@ -0,0 +1,49 @@
+# A QUIC implementation in pure Go
+
+
+
+[](https://pkg.go.dev/github.com/lucas-clemente/quic-go)
+[](https://travis-ci.org/lucas-clemente/quic-go)
+[](https://circleci.com/gh/lucas-clemente/quic-go)
+[](https://ci.appveyor.com/project/lucas-clemente/quic-go/branch/master)
+[](https://codecov.io/gh/lucas-clemente/quic-go/)
+
+quic-go is an implementation of the [QUIC protocol, RFC 9000](https://datatracker.ietf.org/doc/html/rfc9000) protocol in Go.
+In addition to RFC 9000, it currently implements the [IETF QUIC draft-29](https://tools.ietf.org/html/draft-ietf-quic-transport-29), [draft-32](https://tools.ietf.org/html/draft-ietf-quic-transport-32) and [draft-34](https://tools.ietf.org/html/draft-ietf-quic-transport-34). Support for draft versions will be eventually be dropped, as these are phased out of the ecosystem.
+
+## Guides
+
+*We currently support Go 1.15.x, Go 1.16.x and Go 1.17 Beta 1, with [Go modules](https://github.com/golang/go/wiki/Modules) support enabled.*
+
+Running tests:
+
+ go test ./...
+
+### QUIC without HTTP/3
+
+Take a look at [this echo example](example/echo/echo.go).
+
+## Usage
+
+### As a server
+
+See the [example server](example/main.go). Starting a QUIC server is very similar to the standard lib http in go:
+
+```go
+http.Handle("/", http.FileServer(http.Dir(wwwDir)))
+http3.ListenAndServeQUIC("localhost:4242", "/path/to/cert/chain.pem", "/path/to/privkey.pem", nil)
+```
+
+### As a client
+
+See the [example client](example/client/main.go). Use a `http3.RoundTripper` as a `Transport` in a `http.Client`.
+
+```go
+http.Client{
+ Transport: &http3.RoundTripper{},
+}
+```
+
+## Contributing
+
+We are always happy to welcome new contributors! We have a number of self-contained issues that are suitable for first-time contributors, they are tagged with [help wanted](https://github.com/lucas-clemente/quic-go/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22). If you have any questions, please feel free to reach out by opening an issue or leaving a comment.
diff --git a/vendor/github.com/lucas-clemente/quic-go/buffer_pool.go b/vendor/github.com/lucas-clemente/quic-go/buffer_pool.go
new file mode 100644
index 00000000..c0b7067d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/buffer_pool.go
@@ -0,0 +1,80 @@
+package quic
+
+import (
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+type packetBuffer struct {
+ Data []byte
+
+ // refCount counts how many packets Data is used in.
+ // It doesn't support concurrent use.
+ // It is > 1 when used for coalesced packet.
+ refCount int
+}
+
+// Split increases the refCount.
+// It must be called when a packet buffer is used for more than one packet,
+// e.g. when splitting coalesced packets.
+func (b *packetBuffer) Split() {
+ b.refCount++
+}
+
+// Decrement decrements the reference counter.
+// It doesn't put the buffer back into the pool.
+func (b *packetBuffer) Decrement() {
+ b.refCount--
+ if b.refCount < 0 {
+ panic("negative packetBuffer refCount")
+ }
+}
+
+// MaybeRelease puts the packet buffer back into the pool,
+// if the reference counter already reached 0.
+func (b *packetBuffer) MaybeRelease() {
+ // only put the packetBuffer back if it's not used any more
+ if b.refCount == 0 {
+ b.putBack()
+ }
+}
+
+// Release puts back the packet buffer into the pool.
+// It should be called when processing is definitely finished.
+func (b *packetBuffer) Release() {
+ b.Decrement()
+ if b.refCount != 0 {
+ panic("packetBuffer refCount not zero")
+ }
+ b.putBack()
+}
+
+// Len returns the length of Data
+func (b *packetBuffer) Len() protocol.ByteCount {
+ return protocol.ByteCount(len(b.Data))
+}
+
+func (b *packetBuffer) putBack() {
+ if cap(b.Data) != int(protocol.MaxPacketBufferSize) {
+ panic("putPacketBuffer called with packet of wrong size!")
+ }
+ bufferPool.Put(b)
+}
+
+var bufferPool sync.Pool
+
+func getPacketBuffer() *packetBuffer {
+ buf := bufferPool.Get().(*packetBuffer)
+ buf.refCount = 1
+ buf.Data = buf.Data[:0]
+ return buf
+}
+
+func init() {
+ bufferPool.New = func() interface{} {
+ return &packetBuffer{
+ Data: make([]byte, 0, protocol.MaxPacketBufferSize),
+ }
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/client.go b/vendor/github.com/lucas-clemente/quic-go/client.go
new file mode 100644
index 00000000..bd899fe8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/client.go
@@ -0,0 +1,336 @@
+package quic
+
+import (
+ "context"
+ "crypto/tls"
+ "errors"
+ "fmt"
+ "net"
+ "strings"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+type client struct {
+ conn sendConn
+ // If the client is created with DialAddr, we create a packet conn.
+ // If it is started with Dial, we take a packet conn as a parameter.
+ createdPacketConn bool
+
+ use0RTT bool
+
+ packetHandlers packetHandlerManager
+
+ tlsConf *tls.Config
+ config *Config
+
+ srcConnID protocol.ConnectionID
+ destConnID protocol.ConnectionID
+
+ initialPacketNumber protocol.PacketNumber
+ hasNegotiatedVersion bool
+ version protocol.VersionNumber
+
+ handshakeChan chan struct{}
+
+ session quicSession
+
+ tracer logging.ConnectionTracer
+ tracingID uint64
+ logger utils.Logger
+}
+
+var (
+ // make it possible to mock connection ID generation in the tests
+ generateConnectionID = protocol.GenerateConnectionID
+ generateConnectionIDForInitial = protocol.GenerateConnectionIDForInitial
+)
+
+// DialAddr establishes a new QUIC connection to a server.
+// It uses a new UDP connection and closes this connection when the QUIC session is closed.
+// The hostname for SNI is taken from the given address.
+// The tls.Config.CipherSuites allows setting of TLS 1.3 cipher suites.
+func DialAddr(
+ addr string,
+ tlsConf *tls.Config,
+ config *Config,
+) (Session, error) {
+ return DialAddrContext(context.Background(), addr, tlsConf, config)
+}
+
+// DialAddrEarly establishes a new 0-RTT QUIC connection to a server.
+// It uses a new UDP connection and closes this connection when the QUIC session is closed.
+// The hostname for SNI is taken from the given address.
+// The tls.Config.CipherSuites allows setting of TLS 1.3 cipher suites.
+func DialAddrEarly(
+ addr string,
+ tlsConf *tls.Config,
+ config *Config,
+) (EarlySession, error) {
+ return DialAddrEarlyContext(context.Background(), addr, tlsConf, config)
+}
+
+// DialAddrEarlyContext establishes a new 0-RTT QUIC connection to a server using provided context.
+// See DialAddrEarly for details
+func DialAddrEarlyContext(
+ ctx context.Context,
+ addr string,
+ tlsConf *tls.Config,
+ config *Config,
+) (EarlySession, error) {
+ sess, err := dialAddrContext(ctx, addr, tlsConf, config, true)
+ if err != nil {
+ return nil, err
+ }
+ utils.Logger.WithPrefix(utils.DefaultLogger, "client").Debugf("Returning early session")
+ return sess, nil
+}
+
+// DialAddrContext establishes a new QUIC connection to a server using the provided context.
+// See DialAddr for details.
+func DialAddrContext(
+ ctx context.Context,
+ addr string,
+ tlsConf *tls.Config,
+ config *Config,
+) (Session, error) {
+ return dialAddrContext(ctx, addr, tlsConf, config, false)
+}
+
+func dialAddrContext(
+ ctx context.Context,
+ addr string,
+ tlsConf *tls.Config,
+ config *Config,
+ use0RTT bool,
+) (quicSession, error) {
+ udpAddr, err := net.ResolveUDPAddr("udp", addr)
+ if err != nil {
+ return nil, err
+ }
+ udpConn, err := net.ListenUDP("udp", &net.UDPAddr{IP: net.IPv4zero, Port: 0})
+ if err != nil {
+ return nil, err
+ }
+ return dialContext(ctx, udpConn, udpAddr, addr, tlsConf, config, use0RTT, true)
+}
+
+// Dial establishes a new QUIC connection to a server using a net.PacketConn. If
+// the PacketConn satisfies the OOBCapablePacketConn interface (as a net.UDPConn
+// does), ECN and packet info support will be enabled. In this case, ReadMsgUDP
+// and WriteMsgUDP will be used instead of ReadFrom and WriteTo to read/write
+// packets. The same PacketConn can be used for multiple calls to Dial and
+// Listen, QUIC connection IDs are used for demultiplexing the different
+// connections. The host parameter is used for SNI. The tls.Config must define
+// an application protocol (using NextProtos).
+func Dial(
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ host string,
+ tlsConf *tls.Config,
+ config *Config,
+) (Session, error) {
+ return dialContext(context.Background(), pconn, remoteAddr, host, tlsConf, config, false, false)
+}
+
+// DialEarly establishes a new 0-RTT QUIC connection to a server using a net.PacketConn.
+// The same PacketConn can be used for multiple calls to Dial and Listen,
+// QUIC connection IDs are used for demultiplexing the different connections.
+// The host parameter is used for SNI.
+// The tls.Config must define an application protocol (using NextProtos).
+func DialEarly(
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ host string,
+ tlsConf *tls.Config,
+ config *Config,
+) (EarlySession, error) {
+ return DialEarlyContext(context.Background(), pconn, remoteAddr, host, tlsConf, config)
+}
+
+// DialEarlyContext establishes a new 0-RTT QUIC connection to a server using a net.PacketConn using the provided context.
+// See DialEarly for details.
+func DialEarlyContext(
+ ctx context.Context,
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ host string,
+ tlsConf *tls.Config,
+ config *Config,
+) (EarlySession, error) {
+ return dialContext(ctx, pconn, remoteAddr, host, tlsConf, config, true, false)
+}
+
+// DialContext establishes a new QUIC connection to a server using a net.PacketConn using the provided context.
+// See Dial for details.
+func DialContext(
+ ctx context.Context,
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ host string,
+ tlsConf *tls.Config,
+ config *Config,
+) (Session, error) {
+ return dialContext(ctx, pconn, remoteAddr, host, tlsConf, config, false, false)
+}
+
+func dialContext(
+ ctx context.Context,
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ host string,
+ tlsConf *tls.Config,
+ config *Config,
+ use0RTT bool,
+ createdPacketConn bool,
+) (quicSession, error) {
+ if tlsConf == nil {
+ return nil, errors.New("quic: tls.Config not set")
+ }
+ if err := validateConfig(config); err != nil {
+ return nil, err
+ }
+ config = populateClientConfig(config, createdPacketConn)
+ packetHandlers, err := getMultiplexer().AddConn(pconn, config.ConnectionIDLength, config.StatelessResetKey, config.Tracer)
+ if err != nil {
+ return nil, err
+ }
+ c, err := newClient(pconn, remoteAddr, config, tlsConf, host, use0RTT, createdPacketConn)
+ if err != nil {
+ return nil, err
+ }
+ c.packetHandlers = packetHandlers
+
+ c.tracingID = nextSessionTracingID()
+ if c.config.Tracer != nil {
+ c.tracer = c.config.Tracer.TracerForConnection(
+ context.WithValue(ctx, SessionTracingKey, c.tracingID),
+ protocol.PerspectiveClient,
+ c.destConnID,
+ )
+ }
+ if c.tracer != nil {
+ c.tracer.StartedConnection(c.conn.LocalAddr(), c.conn.RemoteAddr(), c.srcConnID, c.destConnID)
+ }
+ if err := c.dial(ctx); err != nil {
+ return nil, err
+ }
+ return c.session, nil
+}
+
+func newClient(
+ pconn net.PacketConn,
+ remoteAddr net.Addr,
+ config *Config,
+ tlsConf *tls.Config,
+ host string,
+ use0RTT bool,
+ createdPacketConn bool,
+) (*client, error) {
+ if tlsConf == nil {
+ tlsConf = &tls.Config{}
+ }
+ if tlsConf.ServerName == "" {
+ sni := host
+ if strings.IndexByte(sni, ':') != -1 {
+ var err error
+ sni, _, err = net.SplitHostPort(sni)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ tlsConf.ServerName = sni
+ }
+
+ // check that all versions are actually supported
+ if config != nil {
+ for _, v := range config.Versions {
+ if !protocol.IsValidVersion(v) {
+ return nil, fmt.Errorf("%s is not a valid QUIC version", v)
+ }
+ }
+ }
+
+ srcConnID, err := generateConnectionID(config.ConnectionIDLength)
+ if err != nil {
+ return nil, err
+ }
+ destConnID, err := generateConnectionIDForInitial()
+ if err != nil {
+ return nil, err
+ }
+ c := &client{
+ srcConnID: srcConnID,
+ destConnID: destConnID,
+ conn: newSendPconn(pconn, remoteAddr),
+ createdPacketConn: createdPacketConn,
+ use0RTT: use0RTT,
+ tlsConf: tlsConf,
+ config: config,
+ version: config.Versions[0],
+ handshakeChan: make(chan struct{}),
+ logger: utils.DefaultLogger.WithPrefix("client"),
+ }
+ return c, nil
+}
+
+func (c *client) dial(ctx context.Context) error {
+ c.logger.Infof("Starting new connection to %s (%s -> %s), source connection ID %s, destination connection ID %s, version %s", c.tlsConf.ServerName, c.conn.LocalAddr(), c.conn.RemoteAddr(), c.srcConnID, c.destConnID, c.version)
+
+ c.session = newClientSession(
+ c.conn,
+ c.packetHandlers,
+ c.destConnID,
+ c.srcConnID,
+ c.config,
+ c.tlsConf,
+ c.initialPacketNumber,
+ c.use0RTT,
+ c.hasNegotiatedVersion,
+ c.tracer,
+ c.tracingID,
+ c.logger,
+ c.version,
+ )
+ c.packetHandlers.Add(c.srcConnID, c.session)
+
+ errorChan := make(chan error, 1)
+ go func() {
+ err := c.session.run() // returns as soon as the session is closed
+ if !errors.Is(err, &errCloseForRecreating{}) && c.createdPacketConn {
+ c.packetHandlers.Destroy()
+ }
+ errorChan <- err
+ }()
+
+ // only set when we're using 0-RTT
+ // Otherwise, earlySessionChan will be nil. Receiving from a nil chan blocks forever.
+ var earlySessionChan <-chan struct{}
+ if c.use0RTT {
+ earlySessionChan = c.session.earlySessionReady()
+ }
+
+ select {
+ case <-ctx.Done():
+ c.session.shutdown()
+ return ctx.Err()
+ case err := <-errorChan:
+ var recreateErr *errCloseForRecreating
+ if errors.As(err, &recreateErr) {
+ c.initialPacketNumber = recreateErr.nextPacketNumber
+ c.version = recreateErr.nextVersion
+ c.hasNegotiatedVersion = true
+ return c.dial(ctx)
+ }
+ return err
+ case <-earlySessionChan:
+ // ready to send 0-RTT data
+ return nil
+ case <-c.session.HandshakeComplete().Done():
+ // handshake successfully completed
+ return nil
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/closed_session.go b/vendor/github.com/lucas-clemente/quic-go/closed_session.go
new file mode 100644
index 00000000..31279020
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/closed_session.go
@@ -0,0 +1,112 @@
+package quic
+
+import (
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+// A closedLocalSession is a session that we closed locally.
+// When receiving packets for such a session, we need to retransmit the packet containing the CONNECTION_CLOSE frame,
+// with an exponential backoff.
+type closedLocalSession struct {
+ conn sendConn
+ connClosePacket []byte
+
+ closeOnce sync.Once
+ closeChan chan struct{} // is closed when the session is closed or destroyed
+
+ receivedPackets chan *receivedPacket
+ counter uint64 // number of packets received
+
+ perspective protocol.Perspective
+
+ logger utils.Logger
+}
+
+var _ packetHandler = &closedLocalSession{}
+
+// newClosedLocalSession creates a new closedLocalSession and runs it.
+func newClosedLocalSession(
+ conn sendConn,
+ connClosePacket []byte,
+ perspective protocol.Perspective,
+ logger utils.Logger,
+) packetHandler {
+ s := &closedLocalSession{
+ conn: conn,
+ connClosePacket: connClosePacket,
+ perspective: perspective,
+ logger: logger,
+ closeChan: make(chan struct{}),
+ receivedPackets: make(chan *receivedPacket, 64),
+ }
+ go s.run()
+ return s
+}
+
+func (s *closedLocalSession) run() {
+ for {
+ select {
+ case p := <-s.receivedPackets:
+ s.handlePacketImpl(p)
+ case <-s.closeChan:
+ return
+ }
+ }
+}
+
+func (s *closedLocalSession) handlePacket(p *receivedPacket) {
+ select {
+ case s.receivedPackets <- p:
+ default:
+ }
+}
+
+func (s *closedLocalSession) handlePacketImpl(_ *receivedPacket) {
+ s.counter++
+ // exponential backoff
+ // only send a CONNECTION_CLOSE for the 1st, 2nd, 4th, 8th, 16th, ... packet arriving
+ for n := s.counter; n > 1; n = n / 2 {
+ if n%2 != 0 {
+ return
+ }
+ }
+ s.logger.Debugf("Received %d packets after sending CONNECTION_CLOSE. Retransmitting.", s.counter)
+ if err := s.conn.Write(s.connClosePacket); err != nil {
+ s.logger.Debugf("Error retransmitting CONNECTION_CLOSE: %s", err)
+ }
+}
+
+func (s *closedLocalSession) shutdown() {
+ s.destroy(nil)
+}
+
+func (s *closedLocalSession) destroy(error) {
+ s.closeOnce.Do(func() {
+ close(s.closeChan)
+ })
+}
+
+func (s *closedLocalSession) getPerspective() protocol.Perspective {
+ return s.perspective
+}
+
+// A closedRemoteSession is a session that was closed remotely.
+// For such a session, we might receive reordered packets that were sent before the CONNECTION_CLOSE.
+// We can just ignore those packets.
+type closedRemoteSession struct {
+ perspective protocol.Perspective
+}
+
+var _ packetHandler = &closedRemoteSession{}
+
+func newClosedRemoteSession(pers protocol.Perspective) packetHandler {
+ return &closedRemoteSession{perspective: pers}
+}
+
+func (s *closedRemoteSession) handlePacket(*receivedPacket) {}
+func (s *closedRemoteSession) shutdown() {}
+func (s *closedRemoteSession) destroy(error) {}
+func (s *closedRemoteSession) getPerspective() protocol.Perspective { return s.perspective }
diff --git a/vendor/github.com/lucas-clemente/quic-go/codecov.yml b/vendor/github.com/lucas-clemente/quic-go/codecov.yml
new file mode 100644
index 00000000..ee9cfd3b
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/codecov.yml
@@ -0,0 +1,21 @@
+coverage:
+ round: nearest
+ ignore:
+ - streams_map_incoming_bidi.go
+ - streams_map_incoming_uni.go
+ - streams_map_outgoing_bidi.go
+ - streams_map_outgoing_uni.go
+ - http3/gzip_reader.go
+ - interop/
+ - internal/ackhandler/packet_linkedlist.go
+ - internal/utils/byteinterval_linkedlist.go
+ - internal/utils/newconnectionid_linkedlist.go
+ - internal/utils/packetinterval_linkedlist.go
+ - internal/utils/linkedlist/linkedlist.go
+ - fuzzing/
+ - metrics/
+ status:
+ project:
+ default:
+ threshold: 0.5
+ patch: false
diff --git a/vendor/github.com/lucas-clemente/quic-go/config.go b/vendor/github.com/lucas-clemente/quic-go/config.go
new file mode 100644
index 00000000..61ee7a21
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/config.go
@@ -0,0 +1,122 @@
+package quic
+
+import (
+ "errors"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/utils"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// Clone clones a Config
+func (c *Config) Clone() *Config {
+ copy := *c
+ return ©
+}
+
+func (c *Config) handshakeTimeout() time.Duration {
+ return utils.MaxDuration(protocol.DefaultHandshakeTimeout, 2*c.HandshakeIdleTimeout)
+}
+
+func validateConfig(config *Config) error {
+ if config == nil {
+ return nil
+ }
+ if config.MaxIncomingStreams > 1<<60 {
+ return errors.New("invalid value for Config.MaxIncomingStreams")
+ }
+ if config.MaxIncomingUniStreams > 1<<60 {
+ return errors.New("invalid value for Config.MaxIncomingUniStreams")
+ }
+ return nil
+}
+
+// populateServerConfig populates fields in the quic.Config with their default values, if none are set
+// it may be called with nil
+func populateServerConfig(config *Config) *Config {
+ config = populateConfig(config)
+ if config.ConnectionIDLength == 0 {
+ config.ConnectionIDLength = protocol.DefaultConnectionIDLength
+ }
+ if config.AcceptToken == nil {
+ config.AcceptToken = defaultAcceptToken
+ }
+ return config
+}
+
+// populateClientConfig populates fields in the quic.Config with their default values, if none are set
+// it may be called with nil
+func populateClientConfig(config *Config, createdPacketConn bool) *Config {
+ config = populateConfig(config)
+ if config.ConnectionIDLength == 0 && !createdPacketConn {
+ config.ConnectionIDLength = protocol.DefaultConnectionIDLength
+ }
+ return config
+}
+
+func populateConfig(config *Config) *Config {
+ if config == nil {
+ config = &Config{}
+ }
+ versions := config.Versions
+ if len(versions) == 0 {
+ versions = protocol.SupportedVersions
+ }
+ handshakeIdleTimeout := protocol.DefaultHandshakeIdleTimeout
+ if config.HandshakeIdleTimeout != 0 {
+ handshakeIdleTimeout = config.HandshakeIdleTimeout
+ }
+ idleTimeout := protocol.DefaultIdleTimeout
+ if config.MaxIdleTimeout != 0 {
+ idleTimeout = config.MaxIdleTimeout
+ }
+ initialStreamReceiveWindow := config.InitialStreamReceiveWindow
+ if initialStreamReceiveWindow == 0 {
+ initialStreamReceiveWindow = protocol.DefaultInitialMaxStreamData
+ }
+ maxStreamReceiveWindow := config.MaxStreamReceiveWindow
+ if maxStreamReceiveWindow == 0 {
+ maxStreamReceiveWindow = protocol.DefaultMaxReceiveStreamFlowControlWindow
+ }
+ initialConnectionReceiveWindow := config.InitialConnectionReceiveWindow
+ if initialConnectionReceiveWindow == 0 {
+ initialConnectionReceiveWindow = protocol.DefaultInitialMaxData
+ }
+ maxConnectionReceiveWindow := config.MaxConnectionReceiveWindow
+ if maxConnectionReceiveWindow == 0 {
+ maxConnectionReceiveWindow = protocol.DefaultMaxReceiveConnectionFlowControlWindow
+ }
+ maxIncomingStreams := config.MaxIncomingStreams
+ if maxIncomingStreams == 0 {
+ maxIncomingStreams = protocol.DefaultMaxIncomingStreams
+ } else if maxIncomingStreams < 0 {
+ maxIncomingStreams = 0
+ }
+ maxIncomingUniStreams := config.MaxIncomingUniStreams
+ if maxIncomingUniStreams == 0 {
+ maxIncomingUniStreams = protocol.DefaultMaxIncomingUniStreams
+ } else if maxIncomingUniStreams < 0 {
+ maxIncomingUniStreams = 0
+ }
+
+ return &Config{
+ Versions: versions,
+ HandshakeIdleTimeout: handshakeIdleTimeout,
+ MaxIdleTimeout: idleTimeout,
+ AcceptToken: config.AcceptToken,
+ KeepAlive: config.KeepAlive,
+ InitialStreamReceiveWindow: initialStreamReceiveWindow,
+ MaxStreamReceiveWindow: maxStreamReceiveWindow,
+ InitialConnectionReceiveWindow: initialConnectionReceiveWindow,
+ MaxConnectionReceiveWindow: maxConnectionReceiveWindow,
+ MaxIncomingStreams: maxIncomingStreams,
+ MaxIncomingUniStreams: maxIncomingUniStreams,
+ ConnectionIDLength: config.ConnectionIDLength,
+ StatelessResetKey: config.StatelessResetKey,
+ TokenStore: config.TokenStore,
+ EnableDatagrams: config.EnableDatagrams,
+ DisablePathMTUDiscovery: config.DisablePathMTUDiscovery,
+ Tracer: config.Tracer,
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn.go b/vendor/github.com/lucas-clemente/quic-go/conn.go
new file mode 100644
index 00000000..2f4e3a23
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn.go
@@ -0,0 +1,65 @@
+package quic
+
+import (
+ "io"
+ "net"
+ "syscall"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type connection interface {
+ ReadPacket() (*receivedPacket, error)
+ WritePacket(b []byte, addr net.Addr, oob []byte) (int, error)
+ LocalAddr() net.Addr
+ io.Closer
+}
+
+// If the PacketConn passed to Dial or Listen satisfies this interface, quic-go will read the ECN bits from the IP header.
+// In this case, ReadMsgUDP() will be used instead of ReadFrom() to read packets.
+type OOBCapablePacketConn interface {
+ net.PacketConn
+ SyscallConn() (syscall.RawConn, error)
+ ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error)
+ WriteMsgUDP(b, oob []byte, addr *net.UDPAddr) (n, oobn int, err error)
+}
+
+var _ OOBCapablePacketConn = &net.UDPConn{}
+
+func wrapConn(pc net.PacketConn) (connection, error) {
+ c, ok := pc.(OOBCapablePacketConn)
+ if !ok {
+ utils.DefaultLogger.Infof("PacketConn is not a net.UDPConn. Disabling optimizations possible on UDP connections.")
+ return &basicConn{PacketConn: pc}, nil
+ }
+ return newConn(c)
+}
+
+type basicConn struct {
+ net.PacketConn
+}
+
+var _ connection = &basicConn{}
+
+func (c *basicConn) ReadPacket() (*receivedPacket, error) {
+ buffer := getPacketBuffer()
+ // The packet size should not exceed protocol.MaxPacketBufferSize bytes
+ // If it does, we only read a truncated packet, which will then end up undecryptable
+ buffer.Data = buffer.Data[:protocol.MaxPacketBufferSize]
+ n, addr, err := c.PacketConn.ReadFrom(buffer.Data)
+ if err != nil {
+ return nil, err
+ }
+ return &receivedPacket{
+ remoteAddr: addr,
+ rcvTime: time.Now(),
+ data: buffer.Data[:n],
+ buffer: buffer,
+ }, nil
+}
+
+func (c *basicConn) WritePacket(b []byte, addr net.Addr, _ []byte) (n int, err error) {
+ return c.PacketConn.WriteTo(b, addr)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_generic.go b/vendor/github.com/lucas-clemente/quic-go/conn_generic.go
new file mode 100644
index 00000000..451a70ae
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_generic.go
@@ -0,0 +1,15 @@
+// +build !darwin,!linux,!freebsd,!windows
+
+package quic
+
+import "net"
+
+func newConn(c net.PacketConn) (connection, error) {
+ return &basicConn{PacketConn: c}, nil
+}
+
+func inspectReadBuffer(interface{}) (int, error) {
+ return 0, nil
+}
+
+func (i *packetInfo) OOB() []byte { return nil }
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_helper_darwin.go b/vendor/github.com/lucas-clemente/quic-go/conn_helper_darwin.go
new file mode 100644
index 00000000..02dd973b
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_helper_darwin.go
@@ -0,0 +1,17 @@
+// +build darwin
+
+package quic
+
+import "golang.org/x/sys/unix"
+
+const msgTypeIPTOS = unix.IP_RECVTOS
+
+const (
+ ipv4RECVPKTINFO = unix.IP_RECVPKTINFO
+ ipv6RECVPKTINFO = 0x3d
+)
+
+const (
+ msgTypeIPv4PKTINFO = unix.IP_PKTINFO
+ msgTypeIPv6PKTINFO = 0x2e
+)
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_helper_freebsd.go b/vendor/github.com/lucas-clemente/quic-go/conn_helper_freebsd.go
new file mode 100644
index 00000000..8ea3fda4
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_helper_freebsd.go
@@ -0,0 +1,17 @@
+// +build freebsd
+
+package quic
+
+import "golang.org/x/sys/unix"
+
+const msgTypeIPTOS = unix.IP_RECVTOS
+
+const (
+ ipv4RECVPKTINFO = 0x7
+ ipv6RECVPKTINFO = 0x24
+)
+
+const (
+ msgTypeIPv4PKTINFO = 0x7
+ msgTypeIPv6PKTINFO = 0x2e
+)
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_helper_linux.go b/vendor/github.com/lucas-clemente/quic-go/conn_helper_linux.go
new file mode 100644
index 00000000..d825f4e2
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_helper_linux.go
@@ -0,0 +1,17 @@
+// +build linux
+
+package quic
+
+import "golang.org/x/sys/unix"
+
+const msgTypeIPTOS = unix.IP_TOS
+
+const (
+ ipv4RECVPKTINFO = unix.IP_PKTINFO
+ ipv6RECVPKTINFO = unix.IPV6_RECVPKTINFO
+)
+
+const (
+ msgTypeIPv4PKTINFO = unix.IP_PKTINFO
+ msgTypeIPv6PKTINFO = unix.IPV6_PKTINFO
+)
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_id_generator.go b/vendor/github.com/lucas-clemente/quic-go/conn_id_generator.go
new file mode 100644
index 00000000..2904a57c
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_id_generator.go
@@ -0,0 +1,143 @@
+package quic
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type connIDGenerator struct {
+ connIDLen int
+ highestSeq uint64
+
+ activeSrcConnIDs map[uint64]protocol.ConnectionID
+ initialClientDestConnID protocol.ConnectionID
+
+ addConnectionID func(protocol.ConnectionID)
+ getStatelessResetToken func(protocol.ConnectionID) protocol.StatelessResetToken
+ removeConnectionID func(protocol.ConnectionID)
+ retireConnectionID func(protocol.ConnectionID)
+ replaceWithClosed func(protocol.ConnectionID, packetHandler)
+ queueControlFrame func(wire.Frame)
+
+ version protocol.VersionNumber
+}
+
+func newConnIDGenerator(
+ initialConnectionID protocol.ConnectionID,
+ initialClientDestConnID protocol.ConnectionID, // nil for the client
+ addConnectionID func(protocol.ConnectionID),
+ getStatelessResetToken func(protocol.ConnectionID) protocol.StatelessResetToken,
+ removeConnectionID func(protocol.ConnectionID),
+ retireConnectionID func(protocol.ConnectionID),
+ replaceWithClosed func(protocol.ConnectionID, packetHandler),
+ queueControlFrame func(wire.Frame),
+ version protocol.VersionNumber,
+) *connIDGenerator {
+ m := &connIDGenerator{
+ connIDLen: initialConnectionID.Len(),
+ activeSrcConnIDs: make(map[uint64]protocol.ConnectionID),
+ addConnectionID: addConnectionID,
+ getStatelessResetToken: getStatelessResetToken,
+ removeConnectionID: removeConnectionID,
+ retireConnectionID: retireConnectionID,
+ replaceWithClosed: replaceWithClosed,
+ queueControlFrame: queueControlFrame,
+ version: version,
+ }
+ m.activeSrcConnIDs[0] = initialConnectionID
+ m.initialClientDestConnID = initialClientDestConnID
+ return m
+}
+
+func (m *connIDGenerator) SetMaxActiveConnIDs(limit uint64) error {
+ if m.connIDLen == 0 {
+ return nil
+ }
+ // The active_connection_id_limit transport parameter is the number of
+ // connection IDs the peer will store. This limit includes the connection ID
+ // used during the handshake, and the one sent in the preferred_address
+ // transport parameter.
+ // We currently don't send the preferred_address transport parameter,
+ // so we can issue (limit - 1) connection IDs.
+ for i := uint64(len(m.activeSrcConnIDs)); i < utils.MinUint64(limit, protocol.MaxIssuedConnectionIDs); i++ {
+ if err := m.issueNewConnID(); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (m *connIDGenerator) Retire(seq uint64, sentWithDestConnID protocol.ConnectionID) error {
+ if seq > m.highestSeq {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: fmt.Sprintf("retired connection ID %d (highest issued: %d)", seq, m.highestSeq),
+ }
+ }
+ connID, ok := m.activeSrcConnIDs[seq]
+ // We might already have deleted this connection ID, if this is a duplicate frame.
+ if !ok {
+ return nil
+ }
+ if connID.Equal(sentWithDestConnID) && !protocol.UseRetireBugBackwardsCompatibilityMode(RetireBugBackwardsCompatibilityMode, m.version) {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: fmt.Sprintf("retired connection ID %d (%s), which was used as the Destination Connection ID on this packet", seq, connID),
+ }
+ }
+ m.retireConnectionID(connID)
+ delete(m.activeSrcConnIDs, seq)
+ // Don't issue a replacement for the initial connection ID.
+ if seq == 0 {
+ return nil
+ }
+ return m.issueNewConnID()
+}
+
+func (m *connIDGenerator) issueNewConnID() error {
+ if protocol.UseRetireBugBackwardsCompatibilityMode(RetireBugBackwardsCompatibilityMode, m.version) {
+ return nil
+ }
+ connID, err := protocol.GenerateConnectionID(m.connIDLen)
+ if err != nil {
+ return err
+ }
+ m.activeSrcConnIDs[m.highestSeq+1] = connID
+ m.addConnectionID(connID)
+ m.queueControlFrame(&wire.NewConnectionIDFrame{
+ SequenceNumber: m.highestSeq + 1,
+ ConnectionID: connID,
+ StatelessResetToken: m.getStatelessResetToken(connID),
+ })
+ m.highestSeq++
+ return nil
+}
+
+func (m *connIDGenerator) SetHandshakeComplete() {
+ if m.initialClientDestConnID != nil {
+ m.retireConnectionID(m.initialClientDestConnID)
+ m.initialClientDestConnID = nil
+ }
+}
+
+func (m *connIDGenerator) RemoveAll() {
+ if m.initialClientDestConnID != nil {
+ m.removeConnectionID(m.initialClientDestConnID)
+ }
+ for _, connID := range m.activeSrcConnIDs {
+ m.removeConnectionID(connID)
+ }
+}
+
+func (m *connIDGenerator) ReplaceWithClosed(handler packetHandler) {
+ if m.initialClientDestConnID != nil {
+ m.replaceWithClosed(m.initialClientDestConnID, handler)
+ }
+ for _, connID := range m.activeSrcConnIDs {
+ m.replaceWithClosed(connID, handler)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_id_manager.go b/vendor/github.com/lucas-clemente/quic-go/conn_id_manager.go
new file mode 100644
index 00000000..e1b025a9
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_id_manager.go
@@ -0,0 +1,207 @@
+package quic
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type connIDManager struct {
+ queue utils.NewConnectionIDList
+
+ handshakeComplete bool
+ activeSequenceNumber uint64
+ highestRetired uint64
+ activeConnectionID protocol.ConnectionID
+ activeStatelessResetToken *protocol.StatelessResetToken
+
+ // We change the connection ID after sending on average
+ // protocol.PacketsPerConnectionID packets. The actual value is randomized
+ // hide the packet loss rate from on-path observers.
+ rand utils.Rand
+ packetsSinceLastChange uint32
+ packetsPerConnectionID uint32
+
+ addStatelessResetToken func(protocol.StatelessResetToken)
+ removeStatelessResetToken func(protocol.StatelessResetToken)
+ queueControlFrame func(wire.Frame)
+}
+
+func newConnIDManager(
+ initialDestConnID protocol.ConnectionID,
+ addStatelessResetToken func(protocol.StatelessResetToken),
+ removeStatelessResetToken func(protocol.StatelessResetToken),
+ queueControlFrame func(wire.Frame),
+) *connIDManager {
+ return &connIDManager{
+ activeConnectionID: initialDestConnID,
+ addStatelessResetToken: addStatelessResetToken,
+ removeStatelessResetToken: removeStatelessResetToken,
+ queueControlFrame: queueControlFrame,
+ }
+}
+
+func (h *connIDManager) AddFromPreferredAddress(connID protocol.ConnectionID, resetToken protocol.StatelessResetToken) error {
+ return h.addConnectionID(1, connID, resetToken)
+}
+
+func (h *connIDManager) Add(f *wire.NewConnectionIDFrame) error {
+ if err := h.add(f); err != nil {
+ return err
+ }
+ if h.queue.Len() >= protocol.MaxActiveConnectionIDs {
+ return &qerr.TransportError{ErrorCode: qerr.ConnectionIDLimitError}
+ }
+ return nil
+}
+
+func (h *connIDManager) add(f *wire.NewConnectionIDFrame) error {
+ // If the NEW_CONNECTION_ID frame is reordered, such that its sequence number is smaller than the currently active
+ // connection ID or if it was already retired, send the RETIRE_CONNECTION_ID frame immediately.
+ if f.SequenceNumber < h.activeSequenceNumber || f.SequenceNumber < h.highestRetired {
+ h.queueControlFrame(&wire.RetireConnectionIDFrame{
+ SequenceNumber: f.SequenceNumber,
+ })
+ return nil
+ }
+
+ // Retire elements in the queue.
+ // Doesn't retire the active connection ID.
+ if f.RetirePriorTo > h.highestRetired {
+ var next *utils.NewConnectionIDElement
+ for el := h.queue.Front(); el != nil; el = next {
+ if el.Value.SequenceNumber >= f.RetirePriorTo {
+ break
+ }
+ next = el.Next()
+ h.queueControlFrame(&wire.RetireConnectionIDFrame{
+ SequenceNumber: el.Value.SequenceNumber,
+ })
+ h.queue.Remove(el)
+ }
+ h.highestRetired = f.RetirePriorTo
+ }
+
+ if f.SequenceNumber == h.activeSequenceNumber {
+ return nil
+ }
+
+ if err := h.addConnectionID(f.SequenceNumber, f.ConnectionID, f.StatelessResetToken); err != nil {
+ return err
+ }
+
+ // Retire the active connection ID, if necessary.
+ if h.activeSequenceNumber < f.RetirePriorTo {
+ // The queue is guaranteed to have at least one element at this point.
+ h.updateConnectionID()
+ }
+ return nil
+}
+
+func (h *connIDManager) addConnectionID(seq uint64, connID protocol.ConnectionID, resetToken protocol.StatelessResetToken) error {
+ // insert a new element at the end
+ if h.queue.Len() == 0 || h.queue.Back().Value.SequenceNumber < seq {
+ h.queue.PushBack(utils.NewConnectionID{
+ SequenceNumber: seq,
+ ConnectionID: connID,
+ StatelessResetToken: resetToken,
+ })
+ return nil
+ }
+ // insert a new element somewhere in the middle
+ for el := h.queue.Front(); el != nil; el = el.Next() {
+ if el.Value.SequenceNumber == seq {
+ if !el.Value.ConnectionID.Equal(connID) {
+ return fmt.Errorf("received conflicting connection IDs for sequence number %d", seq)
+ }
+ if el.Value.StatelessResetToken != resetToken {
+ return fmt.Errorf("received conflicting stateless reset tokens for sequence number %d", seq)
+ }
+ break
+ }
+ if el.Value.SequenceNumber > seq {
+ h.queue.InsertBefore(utils.NewConnectionID{
+ SequenceNumber: seq,
+ ConnectionID: connID,
+ StatelessResetToken: resetToken,
+ }, el)
+ break
+ }
+ }
+ return nil
+}
+
+func (h *connIDManager) updateConnectionID() {
+ h.queueControlFrame(&wire.RetireConnectionIDFrame{
+ SequenceNumber: h.activeSequenceNumber,
+ })
+ h.highestRetired = utils.MaxUint64(h.highestRetired, h.activeSequenceNumber)
+ if h.activeStatelessResetToken != nil {
+ h.removeStatelessResetToken(*h.activeStatelessResetToken)
+ }
+
+ front := h.queue.Remove(h.queue.Front())
+ h.activeSequenceNumber = front.SequenceNumber
+ h.activeConnectionID = front.ConnectionID
+ h.activeStatelessResetToken = &front.StatelessResetToken
+ h.packetsSinceLastChange = 0
+ h.packetsPerConnectionID = protocol.PacketsPerConnectionID/2 + uint32(h.rand.Int31n(protocol.PacketsPerConnectionID))
+ h.addStatelessResetToken(*h.activeStatelessResetToken)
+}
+
+func (h *connIDManager) Close() {
+ if h.activeStatelessResetToken != nil {
+ h.removeStatelessResetToken(*h.activeStatelessResetToken)
+ }
+}
+
+// is called when the server performs a Retry
+// and when the server changes the connection ID in the first Initial sent
+func (h *connIDManager) ChangeInitialConnID(newConnID protocol.ConnectionID) {
+ if h.activeSequenceNumber != 0 {
+ panic("expected first connection ID to have sequence number 0")
+ }
+ h.activeConnectionID = newConnID
+}
+
+// is called when the server provides a stateless reset token in the transport parameters
+func (h *connIDManager) SetStatelessResetToken(token protocol.StatelessResetToken) {
+ if h.activeSequenceNumber != 0 {
+ panic("expected first connection ID to have sequence number 0")
+ }
+ h.activeStatelessResetToken = &token
+ h.addStatelessResetToken(token)
+}
+
+func (h *connIDManager) SentPacket() {
+ h.packetsSinceLastChange++
+}
+
+func (h *connIDManager) shouldUpdateConnID() bool {
+ if !h.handshakeComplete {
+ return false
+ }
+ // initiate the first change as early as possible (after handshake completion)
+ if h.queue.Len() > 0 && h.activeSequenceNumber == 0 {
+ return true
+ }
+ // For later changes, only change if
+ // 1. The queue of connection IDs is filled more than 50%.
+ // 2. We sent at least PacketsPerConnectionID packets
+ return 2*h.queue.Len() >= protocol.MaxActiveConnectionIDs &&
+ h.packetsSinceLastChange >= h.packetsPerConnectionID
+}
+
+func (h *connIDManager) Get() protocol.ConnectionID {
+ if h.shouldUpdateConnID() {
+ h.updateConnectionID()
+ }
+ return h.activeConnectionID
+}
+
+func (h *connIDManager) SetHandshakeComplete() {
+ h.handshakeComplete = true
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_oob.go b/vendor/github.com/lucas-clemente/quic-go/conn_oob.go
new file mode 100644
index 00000000..7e9878b7
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_oob.go
@@ -0,0 +1,235 @@
+// +build darwin linux freebsd
+
+package quic
+
+import (
+ "encoding/binary"
+ "errors"
+ "fmt"
+ "net"
+ "runtime"
+ "syscall"
+ "time"
+ "unsafe"
+
+ "golang.org/x/sys/unix"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+const ecnMask uint8 = 0x3
+
+func inspectReadBuffer(c interface{}) (int, error) {
+ conn, ok := c.(interface {
+ SyscallConn() (syscall.RawConn, error)
+ })
+ if !ok {
+ return 0, errors.New("doesn't have a SyscallConn")
+ }
+ rawConn, err := conn.SyscallConn()
+ if err != nil {
+ return 0, fmt.Errorf("couldn't get syscall.RawConn: %w", err)
+ }
+ var size int
+ var serr error
+ if err := rawConn.Control(func(fd uintptr) {
+ size, serr = unix.GetsockoptInt(int(fd), unix.SOL_SOCKET, unix.SO_RCVBUF)
+ }); err != nil {
+ return 0, err
+ }
+ return size, serr
+}
+
+type oobConn struct {
+ OOBCapablePacketConn
+ oobBuffer []byte
+}
+
+var _ connection = &oobConn{}
+
+func newConn(c OOBCapablePacketConn) (*oobConn, error) {
+ rawConn, err := c.SyscallConn()
+ if err != nil {
+ return nil, err
+ }
+ needsPacketInfo := false
+ if udpAddr, ok := c.LocalAddr().(*net.UDPAddr); ok && udpAddr.IP.IsUnspecified() {
+ needsPacketInfo = true
+ }
+ // We don't know if this a IPv4-only, IPv6-only or a IPv4-and-IPv6 connection.
+ // Try enabling receiving of ECN and packet info for both IP versions.
+ // We expect at least one of those syscalls to succeed.
+ var errECNIPv4, errECNIPv6, errPIIPv4, errPIIPv6 error
+ if err := rawConn.Control(func(fd uintptr) {
+ errECNIPv4 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, unix.IP_RECVTOS, 1)
+ errECNIPv6 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, unix.IPV6_RECVTCLASS, 1)
+
+ if needsPacketInfo {
+ errPIIPv4 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IP, ipv4RECVPKTINFO, 1)
+ errPIIPv6 = unix.SetsockoptInt(int(fd), unix.IPPROTO_IPV6, ipv6RECVPKTINFO, 1)
+ }
+ }); err != nil {
+ return nil, err
+ }
+ switch {
+ case errECNIPv4 == nil && errECNIPv6 == nil:
+ utils.DefaultLogger.Debugf("Activating reading of ECN bits for IPv4 and IPv6.")
+ case errECNIPv4 == nil && errECNIPv6 != nil:
+ utils.DefaultLogger.Debugf("Activating reading of ECN bits for IPv4.")
+ case errECNIPv4 != nil && errECNIPv6 == nil:
+ utils.DefaultLogger.Debugf("Activating reading of ECN bits for IPv6.")
+ case errECNIPv4 != nil && errECNIPv6 != nil:
+ return nil, errors.New("activating ECN failed for both IPv4 and IPv6")
+ }
+ if needsPacketInfo {
+ switch {
+ case errPIIPv4 == nil && errPIIPv6 == nil:
+ utils.DefaultLogger.Debugf("Activating reading of packet info for IPv4 and IPv6.")
+ case errPIIPv4 == nil && errPIIPv6 != nil:
+ utils.DefaultLogger.Debugf("Activating reading of packet info bits for IPv4.")
+ case errPIIPv4 != nil && errPIIPv6 == nil:
+ utils.DefaultLogger.Debugf("Activating reading of packet info bits for IPv6.")
+ case errPIIPv4 != nil && errPIIPv6 != nil:
+ return nil, errors.New("activating packet info failed for both IPv4 and IPv6")
+ }
+ }
+ return &oobConn{
+ OOBCapablePacketConn: c,
+ oobBuffer: make([]byte, 128),
+ }, nil
+}
+
+func (c *oobConn) ReadPacket() (*receivedPacket, error) {
+ buffer := getPacketBuffer()
+ // The packet size should not exceed protocol.MaxPacketBufferSize bytes
+ // If it does, we only read a truncated packet, which will then end up undecryptable
+ buffer.Data = buffer.Data[:protocol.MaxPacketBufferSize]
+ c.oobBuffer = c.oobBuffer[:cap(c.oobBuffer)]
+ n, oobn, _, addr, err := c.OOBCapablePacketConn.ReadMsgUDP(buffer.Data, c.oobBuffer)
+ if err != nil {
+ return nil, err
+ }
+ ctrlMsgs, err := unix.ParseSocketControlMessage(c.oobBuffer[:oobn])
+ if err != nil {
+ return nil, err
+ }
+ var ecn protocol.ECN
+ var destIP net.IP
+ var ifIndex uint32
+ for _, ctrlMsg := range ctrlMsgs {
+ if ctrlMsg.Header.Level == unix.IPPROTO_IP {
+ switch ctrlMsg.Header.Type {
+ case msgTypeIPTOS:
+ ecn = protocol.ECN(ctrlMsg.Data[0] & ecnMask)
+ case msgTypeIPv4PKTINFO:
+ // struct in_pktinfo {
+ // unsigned int ipi_ifindex; /* Interface index */
+ // struct in_addr ipi_spec_dst; /* Local address */
+ // struct in_addr ipi_addr; /* Header Destination
+ // address */
+ // };
+ if len(ctrlMsg.Data) == 12 {
+ ifIndex = binary.LittleEndian.Uint32(ctrlMsg.Data)
+ destIP = net.IP(ctrlMsg.Data[8:12])
+ } else if len(ctrlMsg.Data) == 4 {
+ // FreeBSD
+ destIP = net.IP(ctrlMsg.Data)
+ }
+ }
+ }
+ if ctrlMsg.Header.Level == unix.IPPROTO_IPV6 {
+ switch ctrlMsg.Header.Type {
+ case unix.IPV6_TCLASS:
+ ecn = protocol.ECN(ctrlMsg.Data[0] & ecnMask)
+ case msgTypeIPv6PKTINFO:
+ // struct in6_pktinfo {
+ // struct in6_addr ipi6_addr; /* src/dst IPv6 address */
+ // unsigned int ipi6_ifindex; /* send/recv interface index */
+ // };
+ if len(ctrlMsg.Data) == 20 {
+ destIP = net.IP(ctrlMsg.Data[:16])
+ ifIndex = binary.LittleEndian.Uint32(ctrlMsg.Data[16:])
+ }
+ }
+ }
+ }
+ var info *packetInfo
+ if destIP != nil {
+ info = &packetInfo{
+ addr: destIP,
+ ifIndex: ifIndex,
+ }
+ }
+ return &receivedPacket{
+ remoteAddr: addr,
+ rcvTime: time.Now(),
+ data: buffer.Data[:n],
+ ecn: ecn,
+ info: info,
+ buffer: buffer,
+ }, nil
+}
+
+func (c *oobConn) WritePacket(b []byte, addr net.Addr, oob []byte) (n int, err error) {
+ n, _, err = c.OOBCapablePacketConn.WriteMsgUDP(b, oob, addr.(*net.UDPAddr))
+ return n, err
+}
+
+func (info *packetInfo) OOB() []byte {
+ if info == nil {
+ return nil
+ }
+ if ip4 := info.addr.To4(); ip4 != nil {
+ // struct in_pktinfo {
+ // unsigned int ipi_ifindex; /* Interface index */
+ // struct in_addr ipi_spec_dst; /* Local address */
+ // struct in_addr ipi_addr; /* Header Destination address */
+ // };
+ msgLen := 12
+ if runtime.GOOS == "freebsd" {
+ msgLen = 4
+ }
+ cmsglen := cmsgLen(msgLen)
+ oob := make([]byte, cmsglen)
+ cmsg := (*syscall.Cmsghdr)(unsafe.Pointer(&oob[0]))
+ cmsg.Level = syscall.IPPROTO_TCP
+ cmsg.Type = msgTypeIPv4PKTINFO
+ cmsg.SetLen(cmsglen)
+ off := cmsgLen(0)
+ if runtime.GOOS != "freebsd" {
+ // FreeBSD does not support in_pktinfo, just an in_addr is sent
+ binary.LittleEndian.PutUint32(oob[off:], info.ifIndex)
+ off += 4
+ }
+ copy(oob[off:], ip4)
+ return oob
+ } else if len(info.addr) == 16 {
+ // struct in6_pktinfo {
+ // struct in6_addr ipi6_addr; /* src/dst IPv6 address */
+ // unsigned int ipi6_ifindex; /* send/recv interface index */
+ // };
+ const msgLen = 20
+ cmsglen := cmsgLen(msgLen)
+ oob := make([]byte, cmsglen)
+ cmsg := (*syscall.Cmsghdr)(unsafe.Pointer(&oob[0]))
+ cmsg.Level = syscall.IPPROTO_IPV6
+ cmsg.Type = msgTypeIPv6PKTINFO
+ cmsg.SetLen(cmsglen)
+ off := cmsgLen(0)
+ off += copy(oob[off:], info.addr)
+ binary.LittleEndian.PutUint32(oob[off:], info.ifIndex)
+ return oob
+ }
+ return nil
+}
+
+func cmsgLen(datalen int) int {
+ return cmsgAlign(syscall.SizeofCmsghdr) + datalen
+}
+
+func cmsgAlign(salen int) int {
+ const sizeOfPtr = 0x8
+ salign := sizeOfPtr
+ return (salen + salign - 1) & ^(salign - 1)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/conn_windows.go b/vendor/github.com/lucas-clemente/quic-go/conn_windows.go
new file mode 100644
index 00000000..2540d851
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/conn_windows.go
@@ -0,0 +1,53 @@
+// +build windows
+
+package quic
+
+import (
+ "errors"
+ "fmt"
+ "net"
+ "syscall"
+
+ "golang.org/x/sys/windows"
+)
+
+const IP_DONTFRAGMENT = 14
+
+func newConn(c OOBCapablePacketConn) (connection, error) {
+ rawConn, err := c.SyscallConn()
+ if err != nil {
+ return nil, fmt.Errorf("couldn't get syscall.RawConn: %w", err)
+ }
+ if err := rawConn.Control(func(fd uintptr) {
+ // This should succeed if the connection is a IPv4 or a dual-stack connection.
+ // It will fail for IPv6 connections.
+ // TODO: properly handle error.
+ _ = windows.SetsockoptInt(windows.Handle(fd), windows.IPPROTO_IP, IP_DONTFRAGMENT, 1)
+ }); err != nil {
+ return nil, err
+ }
+ return &basicConn{PacketConn: c}, nil
+}
+
+func inspectReadBuffer(c net.PacketConn) (int, error) {
+ conn, ok := c.(interface {
+ SyscallConn() (syscall.RawConn, error)
+ })
+ if !ok {
+ return 0, errors.New("doesn't have a SyscallConn")
+ }
+ rawConn, err := conn.SyscallConn()
+ if err != nil {
+ return 0, fmt.Errorf("couldn't get syscall.RawConn: %w", err)
+ }
+ var size int
+ var serr error
+ if err := rawConn.Control(func(fd uintptr) {
+ size, serr = windows.GetsockoptInt(windows.Handle(fd), windows.SOL_SOCKET, windows.SO_RCVBUF)
+ }); err != nil {
+ return 0, err
+ }
+ return size, serr
+}
+
+func (i *packetInfo) OOB() []byte { return nil }
diff --git a/vendor/github.com/lucas-clemente/quic-go/crypto_stream.go b/vendor/github.com/lucas-clemente/quic-go/crypto_stream.go
new file mode 100644
index 00000000..36e21d33
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/crypto_stream.go
@@ -0,0 +1,115 @@
+package quic
+
+import (
+ "fmt"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type cryptoStream interface {
+ // for receiving data
+ HandleCryptoFrame(*wire.CryptoFrame) error
+ GetCryptoData() []byte
+ Finish() error
+ // for sending data
+ io.Writer
+ HasData() bool
+ PopCryptoFrame(protocol.ByteCount) *wire.CryptoFrame
+}
+
+type cryptoStreamImpl struct {
+ queue *frameSorter
+ msgBuf []byte
+
+ highestOffset protocol.ByteCount
+ finished bool
+
+ writeOffset protocol.ByteCount
+ writeBuf []byte
+}
+
+func newCryptoStream() cryptoStream {
+ return &cryptoStreamImpl{queue: newFrameSorter()}
+}
+
+func (s *cryptoStreamImpl) HandleCryptoFrame(f *wire.CryptoFrame) error {
+ highestOffset := f.Offset + protocol.ByteCount(len(f.Data))
+ if maxOffset := highestOffset; maxOffset > protocol.MaxCryptoStreamOffset {
+ return &qerr.TransportError{
+ ErrorCode: qerr.CryptoBufferExceeded,
+ ErrorMessage: fmt.Sprintf("received invalid offset %d on crypto stream, maximum allowed %d", maxOffset, protocol.MaxCryptoStreamOffset),
+ }
+ }
+ if s.finished {
+ if highestOffset > s.highestOffset {
+ // reject crypto data received after this stream was already finished
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "received crypto data after change of encryption level",
+ }
+ }
+ // ignore data with a smaller offset than the highest received
+ // could e.g. be a retransmission
+ return nil
+ }
+ s.highestOffset = utils.MaxByteCount(s.highestOffset, highestOffset)
+ if err := s.queue.Push(f.Data, f.Offset, nil); err != nil {
+ return err
+ }
+ for {
+ _, data, _ := s.queue.Pop()
+ if data == nil {
+ return nil
+ }
+ s.msgBuf = append(s.msgBuf, data...)
+ }
+}
+
+// GetCryptoData retrieves data that was received in CRYPTO frames
+func (s *cryptoStreamImpl) GetCryptoData() []byte {
+ if len(s.msgBuf) < 4 {
+ return nil
+ }
+ msgLen := 4 + int(s.msgBuf[1])<<16 + int(s.msgBuf[2])<<8 + int(s.msgBuf[3])
+ if len(s.msgBuf) < msgLen {
+ return nil
+ }
+ msg := make([]byte, msgLen)
+ copy(msg, s.msgBuf[:msgLen])
+ s.msgBuf = s.msgBuf[msgLen:]
+ return msg
+}
+
+func (s *cryptoStreamImpl) Finish() error {
+ if s.queue.HasMoreData() {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "encryption level changed, but crypto stream has more data to read",
+ }
+ }
+ s.finished = true
+ return nil
+}
+
+// Writes writes data that should be sent out in CRYPTO frames
+func (s *cryptoStreamImpl) Write(p []byte) (int, error) {
+ s.writeBuf = append(s.writeBuf, p...)
+ return len(p), nil
+}
+
+func (s *cryptoStreamImpl) HasData() bool {
+ return len(s.writeBuf) > 0
+}
+
+func (s *cryptoStreamImpl) PopCryptoFrame(maxLen protocol.ByteCount) *wire.CryptoFrame {
+ f := &wire.CryptoFrame{Offset: s.writeOffset}
+ n := utils.MinByteCount(f.MaxDataLen(maxLen), protocol.ByteCount(len(s.writeBuf)))
+ f.Data = s.writeBuf[:n]
+ s.writeBuf = s.writeBuf[n:]
+ s.writeOffset += n
+ return f
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/crypto_stream_manager.go b/vendor/github.com/lucas-clemente/quic-go/crypto_stream_manager.go
new file mode 100644
index 00000000..66f90049
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/crypto_stream_manager.go
@@ -0,0 +1,61 @@
+package quic
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type cryptoDataHandler interface {
+ HandleMessage([]byte, protocol.EncryptionLevel) bool
+}
+
+type cryptoStreamManager struct {
+ cryptoHandler cryptoDataHandler
+
+ initialStream cryptoStream
+ handshakeStream cryptoStream
+ oneRTTStream cryptoStream
+}
+
+func newCryptoStreamManager(
+ cryptoHandler cryptoDataHandler,
+ initialStream cryptoStream,
+ handshakeStream cryptoStream,
+ oneRTTStream cryptoStream,
+) *cryptoStreamManager {
+ return &cryptoStreamManager{
+ cryptoHandler: cryptoHandler,
+ initialStream: initialStream,
+ handshakeStream: handshakeStream,
+ oneRTTStream: oneRTTStream,
+ }
+}
+
+func (m *cryptoStreamManager) HandleCryptoFrame(frame *wire.CryptoFrame, encLevel protocol.EncryptionLevel) (bool /* encryption level changed */, error) {
+ var str cryptoStream
+ //nolint:exhaustive // CRYPTO frames cannot be sent in 0-RTT packets.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ str = m.initialStream
+ case protocol.EncryptionHandshake:
+ str = m.handshakeStream
+ case protocol.Encryption1RTT:
+ str = m.oneRTTStream
+ default:
+ return false, fmt.Errorf("received CRYPTO frame with unexpected encryption level: %s", encLevel)
+ }
+ if err := str.HandleCryptoFrame(frame); err != nil {
+ return false, err
+ }
+ for {
+ data := str.GetCryptoData()
+ if data == nil {
+ return false, nil
+ }
+ if encLevelFinished := m.cryptoHandler.HandleMessage(data, encLevel); encLevelFinished {
+ return true, str.Finish()
+ }
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/datagram_queue.go b/vendor/github.com/lucas-clemente/quic-go/datagram_queue.go
new file mode 100644
index 00000000..b1cbbf6d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/datagram_queue.go
@@ -0,0 +1,87 @@
+package quic
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type datagramQueue struct {
+ sendQueue chan *wire.DatagramFrame
+ rcvQueue chan []byte
+
+ closeErr error
+ closed chan struct{}
+
+ hasData func()
+
+ dequeued chan struct{}
+
+ logger utils.Logger
+}
+
+func newDatagramQueue(hasData func(), logger utils.Logger) *datagramQueue {
+ return &datagramQueue{
+ hasData: hasData,
+ sendQueue: make(chan *wire.DatagramFrame, 1),
+ rcvQueue: make(chan []byte, protocol.DatagramRcvQueueLen),
+ dequeued: make(chan struct{}),
+ closed: make(chan struct{}),
+ logger: logger,
+ }
+}
+
+// AddAndWait queues a new DATAGRAM frame for sending.
+// It blocks until the frame has been dequeued.
+func (h *datagramQueue) AddAndWait(f *wire.DatagramFrame) error {
+ select {
+ case h.sendQueue <- f:
+ h.hasData()
+ case <-h.closed:
+ return h.closeErr
+ }
+
+ select {
+ case <-h.dequeued:
+ return nil
+ case <-h.closed:
+ return h.closeErr
+ }
+}
+
+// Get dequeues a DATAGRAM frame for sending.
+func (h *datagramQueue) Get() *wire.DatagramFrame {
+ select {
+ case f := <-h.sendQueue:
+ h.dequeued <- struct{}{}
+ return f
+ default:
+ return nil
+ }
+}
+
+// HandleDatagramFrame handles a received DATAGRAM frame.
+func (h *datagramQueue) HandleDatagramFrame(f *wire.DatagramFrame) {
+ data := make([]byte, len(f.Data))
+ copy(data, f.Data)
+ select {
+ case h.rcvQueue <- data:
+ default:
+ h.logger.Debugf("Discarding DATAGRAM frame (%d bytes payload)", len(f.Data))
+ }
+}
+
+// Receive gets a received DATAGRAM frame.
+func (h *datagramQueue) Receive() ([]byte, error) {
+ select {
+ case data := <-h.rcvQueue:
+ return data, nil
+ case <-h.closed:
+ return nil, h.closeErr
+ }
+}
+
+func (h *datagramQueue) CloseWithError(e error) {
+ h.closeErr = e
+ close(h.closed)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/errors.go b/vendor/github.com/lucas-clemente/quic-go/errors.go
new file mode 100644
index 00000000..0c9f0004
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/errors.go
@@ -0,0 +1,58 @@
+package quic
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+)
+
+type (
+ TransportError = qerr.TransportError
+ ApplicationError = qerr.ApplicationError
+ VersionNegotiationError = qerr.VersionNegotiationError
+ StatelessResetError = qerr.StatelessResetError
+ IdleTimeoutError = qerr.IdleTimeoutError
+ HandshakeTimeoutError = qerr.HandshakeTimeoutError
+)
+
+type (
+ TransportErrorCode = qerr.TransportErrorCode
+ ApplicationErrorCode = qerr.ApplicationErrorCode
+ StreamErrorCode = qerr.StreamErrorCode
+)
+
+const (
+ NoError = qerr.NoError
+ InternalError = qerr.InternalError
+ ConnectionRefused = qerr.ConnectionRefused
+ FlowControlError = qerr.FlowControlError
+ StreamLimitError = qerr.StreamLimitError
+ StreamStateError = qerr.StreamStateError
+ FinalSizeError = qerr.FinalSizeError
+ FrameEncodingError = qerr.FrameEncodingError
+ TransportParameterError = qerr.TransportParameterError
+ ConnectionIDLimitError = qerr.ConnectionIDLimitError
+ ProtocolViolation = qerr.ProtocolViolation
+ InvalidToken = qerr.InvalidToken
+ ApplicationErrorErrorCode = qerr.ApplicationErrorErrorCode
+ CryptoBufferExceeded = qerr.CryptoBufferExceeded
+ KeyUpdateError = qerr.KeyUpdateError
+ AEADLimitReached = qerr.AEADLimitReached
+ NoViablePathError = qerr.NoViablePathError
+)
+
+// A StreamError is used for Stream.CancelRead and Stream.CancelWrite.
+// It is also returned from Stream.Read and Stream.Write if the peer canceled reading or writing.
+type StreamError struct {
+ StreamID StreamID
+ ErrorCode StreamErrorCode
+}
+
+func (e *StreamError) Is(target error) bool {
+ _, ok := target.(*StreamError)
+ return ok
+}
+
+func (e *StreamError) Error() string {
+ return fmt.Sprintf("stream %d canceled with error code %d", e.StreamID, e.ErrorCode)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/frame_sorter.go b/vendor/github.com/lucas-clemente/quic-go/frame_sorter.go
new file mode 100644
index 00000000..aeafa7d4
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/frame_sorter.go
@@ -0,0 +1,224 @@
+package quic
+
+import (
+ "errors"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type frameSorterEntry struct {
+ Data []byte
+ DoneCb func()
+}
+
+type frameSorter struct {
+ queue map[protocol.ByteCount]frameSorterEntry
+ readPos protocol.ByteCount
+ gaps *utils.ByteIntervalList
+}
+
+var errDuplicateStreamData = errors.New("duplicate stream data")
+
+func newFrameSorter() *frameSorter {
+ s := frameSorter{
+ gaps: utils.NewByteIntervalList(),
+ queue: make(map[protocol.ByteCount]frameSorterEntry),
+ }
+ s.gaps.PushFront(utils.ByteInterval{Start: 0, End: protocol.MaxByteCount})
+ return &s
+}
+
+func (s *frameSorter) Push(data []byte, offset protocol.ByteCount, doneCb func()) error {
+ err := s.push(data, offset, doneCb)
+ if err == errDuplicateStreamData {
+ if doneCb != nil {
+ doneCb()
+ }
+ return nil
+ }
+ return err
+}
+
+func (s *frameSorter) push(data []byte, offset protocol.ByteCount, doneCb func()) error {
+ if len(data) == 0 {
+ return errDuplicateStreamData
+ }
+
+ start := offset
+ end := offset + protocol.ByteCount(len(data))
+
+ if end <= s.gaps.Front().Value.Start {
+ return errDuplicateStreamData
+ }
+
+ startGap, startsInGap := s.findStartGap(start)
+ endGap, endsInGap := s.findEndGap(startGap, end)
+
+ startGapEqualsEndGap := startGap == endGap
+
+ if (startGapEqualsEndGap && end <= startGap.Value.Start) ||
+ (!startGapEqualsEndGap && startGap.Value.End >= endGap.Value.Start && end <= startGap.Value.Start) {
+ return errDuplicateStreamData
+ }
+
+ startGapNext := startGap.Next()
+ startGapEnd := startGap.Value.End // save it, in case startGap is modified
+ endGapStart := endGap.Value.Start // save it, in case endGap is modified
+ endGapEnd := endGap.Value.End // save it, in case endGap is modified
+ var adjustedStartGapEnd bool
+ var wasCut bool
+
+ pos := start
+ var hasReplacedAtLeastOne bool
+ for {
+ oldEntry, ok := s.queue[pos]
+ if !ok {
+ break
+ }
+ oldEntryLen := protocol.ByteCount(len(oldEntry.Data))
+ if end-pos > oldEntryLen || (hasReplacedAtLeastOne && end-pos == oldEntryLen) {
+ // The existing frame is shorter than the new frame. Replace it.
+ delete(s.queue, pos)
+ pos += oldEntryLen
+ hasReplacedAtLeastOne = true
+ if oldEntry.DoneCb != nil {
+ oldEntry.DoneCb()
+ }
+ } else {
+ if !hasReplacedAtLeastOne {
+ return errDuplicateStreamData
+ }
+ // The existing frame is longer than the new frame.
+ // Cut the new frame such that the end aligns with the start of the existing frame.
+ data = data[:pos-start]
+ end = pos
+ wasCut = true
+ break
+ }
+ }
+
+ if !startsInGap && !hasReplacedAtLeastOne {
+ // cut the frame, such that it starts at the start of the gap
+ data = data[startGap.Value.Start-start:]
+ start = startGap.Value.Start
+ wasCut = true
+ }
+ if start <= startGap.Value.Start {
+ if end >= startGap.Value.End {
+ // The frame covers the whole startGap. Delete the gap.
+ s.gaps.Remove(startGap)
+ } else {
+ startGap.Value.Start = end
+ }
+ } else if !hasReplacedAtLeastOne {
+ startGap.Value.End = start
+ adjustedStartGapEnd = true
+ }
+
+ if !startGapEqualsEndGap {
+ s.deleteConsecutive(startGapEnd)
+ var nextGap *utils.ByteIntervalElement
+ for gap := startGapNext; gap.Value.End < endGapStart; gap = nextGap {
+ nextGap = gap.Next()
+ s.deleteConsecutive(gap.Value.End)
+ s.gaps.Remove(gap)
+ }
+ }
+
+ if !endsInGap && start != endGapEnd && end > endGapEnd {
+ // cut the frame, such that it ends at the end of the gap
+ data = data[:endGapEnd-start]
+ end = endGapEnd
+ wasCut = true
+ }
+ if end == endGapEnd {
+ if !startGapEqualsEndGap {
+ // The frame covers the whole endGap. Delete the gap.
+ s.gaps.Remove(endGap)
+ }
+ } else {
+ if startGapEqualsEndGap && adjustedStartGapEnd {
+ // The frame split the existing gap into two.
+ s.gaps.InsertAfter(utils.ByteInterval{Start: end, End: startGapEnd}, startGap)
+ } else if !startGapEqualsEndGap {
+ endGap.Value.Start = end
+ }
+ }
+
+ if wasCut && len(data) < protocol.MinStreamFrameBufferSize {
+ newData := make([]byte, len(data))
+ copy(newData, data)
+ data = newData
+ if doneCb != nil {
+ doneCb()
+ doneCb = nil
+ }
+ }
+
+ if s.gaps.Len() > protocol.MaxStreamFrameSorterGaps {
+ return errors.New("too many gaps in received data")
+ }
+
+ s.queue[start] = frameSorterEntry{Data: data, DoneCb: doneCb}
+ return nil
+}
+
+func (s *frameSorter) findStartGap(offset protocol.ByteCount) (*utils.ByteIntervalElement, bool) {
+ for gap := s.gaps.Front(); gap != nil; gap = gap.Next() {
+ if offset >= gap.Value.Start && offset <= gap.Value.End {
+ return gap, true
+ }
+ if offset < gap.Value.Start {
+ return gap, false
+ }
+ }
+ panic("no gap found")
+}
+
+func (s *frameSorter) findEndGap(startGap *utils.ByteIntervalElement, offset protocol.ByteCount) (*utils.ByteIntervalElement, bool) {
+ for gap := startGap; gap != nil; gap = gap.Next() {
+ if offset >= gap.Value.Start && offset < gap.Value.End {
+ return gap, true
+ }
+ if offset < gap.Value.Start {
+ return gap.Prev(), false
+ }
+ }
+ panic("no gap found")
+}
+
+// deleteConsecutive deletes consecutive frames from the queue, starting at pos
+func (s *frameSorter) deleteConsecutive(pos protocol.ByteCount) {
+ for {
+ oldEntry, ok := s.queue[pos]
+ if !ok {
+ break
+ }
+ oldEntryLen := protocol.ByteCount(len(oldEntry.Data))
+ delete(s.queue, pos)
+ if oldEntry.DoneCb != nil {
+ oldEntry.DoneCb()
+ }
+ pos += oldEntryLen
+ }
+}
+
+func (s *frameSorter) Pop() (protocol.ByteCount, []byte, func()) {
+ entry, ok := s.queue[s.readPos]
+ if !ok {
+ return s.readPos, nil, nil
+ }
+ delete(s.queue, s.readPos)
+ offset := s.readPos
+ s.readPos += protocol.ByteCount(len(entry.Data))
+ if s.gaps.Front().Value.End <= s.readPos {
+ panic("frame sorter BUG: read position higher than a gap")
+ }
+ return offset, entry.Data, entry.DoneCb
+}
+
+// HasMoreData says if there is any more data queued at *any* offset.
+func (s *frameSorter) HasMoreData() bool {
+ return len(s.queue) > 0
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/framer.go b/vendor/github.com/lucas-clemente/quic-go/framer.go
new file mode 100644
index 00000000..29d36b85
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/framer.go
@@ -0,0 +1,171 @@
+package quic
+
+import (
+ "errors"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+type framer interface {
+ HasData() bool
+
+ QueueControlFrame(wire.Frame)
+ AppendControlFrames([]ackhandler.Frame, protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount)
+
+ AddActiveStream(protocol.StreamID)
+ AppendStreamFrames([]ackhandler.Frame, protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount)
+
+ Handle0RTTRejection() error
+}
+
+type framerI struct {
+ mutex sync.Mutex
+
+ streamGetter streamGetter
+ version protocol.VersionNumber
+
+ activeStreams map[protocol.StreamID]struct{}
+ streamQueue []protocol.StreamID
+
+ controlFrameMutex sync.Mutex
+ controlFrames []wire.Frame
+}
+
+var _ framer = &framerI{}
+
+func newFramer(
+ streamGetter streamGetter,
+ v protocol.VersionNumber,
+) framer {
+ return &framerI{
+ streamGetter: streamGetter,
+ activeStreams: make(map[protocol.StreamID]struct{}),
+ version: v,
+ }
+}
+
+func (f *framerI) HasData() bool {
+ f.mutex.Lock()
+ hasData := len(f.streamQueue) > 0
+ f.mutex.Unlock()
+ if hasData {
+ return true
+ }
+ f.controlFrameMutex.Lock()
+ hasData = len(f.controlFrames) > 0
+ f.controlFrameMutex.Unlock()
+ return hasData
+}
+
+func (f *framerI) QueueControlFrame(frame wire.Frame) {
+ f.controlFrameMutex.Lock()
+ f.controlFrames = append(f.controlFrames, frame)
+ f.controlFrameMutex.Unlock()
+}
+
+func (f *framerI) AppendControlFrames(frames []ackhandler.Frame, maxLen protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount) {
+ var length protocol.ByteCount
+ f.controlFrameMutex.Lock()
+ for len(f.controlFrames) > 0 {
+ frame := f.controlFrames[len(f.controlFrames)-1]
+ frameLen := frame.Length(f.version)
+ if length+frameLen > maxLen {
+ break
+ }
+ frames = append(frames, ackhandler.Frame{Frame: frame})
+ length += frameLen
+ f.controlFrames = f.controlFrames[:len(f.controlFrames)-1]
+ }
+ f.controlFrameMutex.Unlock()
+ return frames, length
+}
+
+func (f *framerI) AddActiveStream(id protocol.StreamID) {
+ f.mutex.Lock()
+ if _, ok := f.activeStreams[id]; !ok {
+ f.streamQueue = append(f.streamQueue, id)
+ f.activeStreams[id] = struct{}{}
+ }
+ f.mutex.Unlock()
+}
+
+func (f *framerI) AppendStreamFrames(frames []ackhandler.Frame, maxLen protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount) {
+ var length protocol.ByteCount
+ var lastFrame *ackhandler.Frame
+ f.mutex.Lock()
+ // pop STREAM frames, until less than MinStreamFrameSize bytes are left in the packet
+ numActiveStreams := len(f.streamQueue)
+ for i := 0; i < numActiveStreams; i++ {
+ if protocol.MinStreamFrameSize+length > maxLen {
+ break
+ }
+ id := f.streamQueue[0]
+ f.streamQueue = f.streamQueue[1:]
+ // This should never return an error. Better check it anyway.
+ // The stream will only be in the streamQueue, if it enqueued itself there.
+ str, err := f.streamGetter.GetOrOpenSendStream(id)
+ // The stream can be nil if it completed after it said it had data.
+ if str == nil || err != nil {
+ delete(f.activeStreams, id)
+ continue
+ }
+ remainingLen := maxLen - length
+ // For the last STREAM frame, we'll remove the DataLen field later.
+ // Therefore, we can pretend to have more bytes available when popping
+ // the STREAM frame (which will always have the DataLen set).
+ remainingLen += quicvarint.Len(uint64(remainingLen))
+ frame, hasMoreData := str.popStreamFrame(remainingLen)
+ if hasMoreData { // put the stream back in the queue (at the end)
+ f.streamQueue = append(f.streamQueue, id)
+ } else { // no more data to send. Stream is not active any more
+ delete(f.activeStreams, id)
+ }
+ // The frame can be nil
+ // * if the receiveStream was canceled after it said it had data
+ // * the remaining size doesn't allow us to add another STREAM frame
+ if frame == nil {
+ continue
+ }
+ frames = append(frames, *frame)
+ length += frame.Length(f.version)
+ lastFrame = frame
+ }
+ f.mutex.Unlock()
+ if lastFrame != nil {
+ lastFrameLen := lastFrame.Length(f.version)
+ // account for the smaller size of the last STREAM frame
+ lastFrame.Frame.(*wire.StreamFrame).DataLenPresent = false
+ length += lastFrame.Length(f.version) - lastFrameLen
+ }
+ return frames, length
+}
+
+func (f *framerI) Handle0RTTRejection() error {
+ f.mutex.Lock()
+ defer f.mutex.Unlock()
+
+ f.controlFrameMutex.Lock()
+ f.streamQueue = f.streamQueue[:0]
+ for id := range f.activeStreams {
+ delete(f.activeStreams, id)
+ }
+ var j int
+ for i, frame := range f.controlFrames {
+ switch frame.(type) {
+ case *wire.MaxDataFrame, *wire.MaxStreamDataFrame, *wire.MaxStreamsFrame:
+ return errors.New("didn't expect MAX_DATA / MAX_STREAM_DATA / MAX_STREAMS frame to be sent in 0-RTT")
+ case *wire.DataBlockedFrame, *wire.StreamDataBlockedFrame, *wire.StreamsBlockedFrame:
+ continue
+ default:
+ f.controlFrames[j] = f.controlFrames[i]
+ j++
+ }
+ }
+ f.controlFrames = f.controlFrames[:j]
+ f.controlFrameMutex.Unlock()
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/go.mod b/vendor/github.com/lucas-clemente/quic-go/go.mod
new file mode 100644
index 00000000..22b4fc2d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/go.mod
@@ -0,0 +1,20 @@
+module github.com/lucas-clemente/quic-go
+
+go 1.15
+
+require (
+ github.com/cheekybits/genny v1.0.0
+ github.com/francoispqt/gojay v1.2.13
+ github.com/golang/mock v1.6.0
+ github.com/marten-seemann/qpack v0.2.1
+ github.com/marten-seemann/qtls-go1-15 v0.1.4
+ github.com/marten-seemann/qtls-go1-16 v0.1.3
+ github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2
+ github.com/onsi/ginkgo v1.14.0
+ github.com/onsi/gomega v1.10.1
+ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
+ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4
+ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+ golang.org/x/sys v0.0.0-20210510120138-977fb7262007
+ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
+)
diff --git a/vendor/github.com/lucas-clemente/quic-go/go.sum b/vendor/github.com/lucas-clemente/quic-go/go.sum
new file mode 100644
index 00000000..4028acce
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/go.sum
@@ -0,0 +1,258 @@
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.31.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
+cloud.google.com/go v0.37.0/go.mod h1:TS1dMSSfndXH133OKGwekG838Om/cQT0BUHV3HcBgoo=
+dmitri.shuralyov.com/app/changes v0.0.0-20180602232624-0a106ad413e3/go.mod h1:Yl+fi1br7+Rr3LqpNJf1/uxUdtRUV+Tnj0o93V2B9MU=
+dmitri.shuralyov.com/html/belt v0.0.0-20180602232347-f7d459c86be0/go.mod h1:JLBrvjyP0v+ecvNYvCpyZgu5/xkfAUhi6wJj28eUfSU=
+dmitri.shuralyov.com/service/change v0.0.0-20181023043359-a85b471d5412/go.mod h1:a1inKt/atXimZ4Mv927x+r7UpyzRUf4emIoiiSC2TN4=
+dmitri.shuralyov.com/state v0.0.0-20180228185332-28bcc343414c/go.mod h1:0PRwlb0D6DFvNNtx+9ybjezNCa8XF0xaYcETyp6rHWU=
+git.apache.org/thrift.git v0.0.0-20180902110319-2566ecd5d999/go.mod h1:fPE2ZNJGynbRyZ4dJvy6G277gSllfV2HJqblrnkyeyg=
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
+github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
+github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
+github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
+github.com/cheekybits/genny v1.0.0 h1:uGGa4nei+j20rOSeDeP5Of12XVm7TGUd4dJA9RDitfE=
+github.com/cheekybits/genny v1.0.0/go.mod h1:+tQajlRqAUrPI7DOSpB0XAqZYtQakVtB7wXkRAgjxjQ=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
+github.com/francoispqt/gojay v1.2.13 h1:d2m3sFjloqoIUQU3TsHBgj6qg/BVGlTBeHDUmyJnXKk=
+github.com/francoispqt/gojay v1.2.13/go.mod h1:ehT5mTG4ua4581f1++1WLG0vPdaA9HaiDsoyrBGkyDY=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
+github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
+github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
+github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
+github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:tluoj9z5200jBnyusfRPU2LqT6J+DAorxEvtC7LHB+E=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
+github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0=
+github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
+github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
+github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
+github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY=
+github.com/googleapis/gax-go/v2 v2.0.3/go.mod h1:LLvjysVCY1JZeum8Z6l8qUty8fiNwE08qbEPm1M08qg=
+github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
+github.com/grpc-ecosystem/grpc-gateway v1.5.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/jellevandenhooff/dkim v0.0.0-20150330215556-f50fe3d243e1/go.mod h1:E0B/fFc00Y+Rasa88328GlI/XbtyysCtTHZS8h7IrBU=
+github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
+github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.3/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI=
+github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
+github.com/marten-seemann/qpack v0.2.1 h1:jvTsT/HpCn2UZJdP+UUB53FfUUgeOyG5K1ns0OJOGVs=
+github.com/marten-seemann/qpack v0.2.1/go.mod h1:F7Gl5L1jIgN1D11ucXefiuJS9UMVP2opoCp2jDKb7wc=
+github.com/marten-seemann/qtls-go1-15 v0.1.4 h1:RehYMOyRW8hPVEja1KBVsFVNSm35Jj9Mvs5yNoZZ28A=
+github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
+github.com/marten-seemann/qtls-go1-16 v0.1.3 h1:XEZ1xGorVy9u+lJq+WXNE+hiqRYLNvJGYmwfwKQN2gU=
+github.com/marten-seemann/qtls-go1-16 v0.1.3/go.mod h1:gNpI2Ol+lRS3WwSOtIUUtRwZEQMXjYK+dQSBFbethAk=
+github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2 h1:SficYjyOthSrliKI+EaFuXS6HqSsX3dkY9AqxAAjBjw=
+github.com/marten-seemann/qtls-go1-17 v0.1.0-beta.1.2/go.mod h1:fz4HIxByo+LlWcreM4CZOYNuz3taBQ8rN2X6FqvaWo8=
+github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
+github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
+github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
+github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
+github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
+github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA=
+github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
+github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
+github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/openzipkin/zipkin-go v0.1.1/go.mod h1:NtoC/o8u3JlF1lSlyPNswIbeQH9bJTmOf0Erfk+hxe8=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_golang v0.8.0/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
+github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
+github.com/prometheus/common v0.0.0-20180801064454-c7de2306084e/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
+github.com/prometheus/procfs v0.0.0-20180725123919-05ee40e3a273/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
+github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
+github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
+github.com/shurcooL/component v0.0.0-20170202220835-f88ec8f54cc4/go.mod h1:XhFIlyj5a1fBNx5aJTbKoIq0mNaPvOagO+HjB3EtxrY=
+github.com/shurcooL/events v0.0.0-20181021180414-410e4ca65f48/go.mod h1:5u70Mqkb5O5cxEA8nxTsgrgLehJeAw6Oc4Ab1c/P1HM=
+github.com/shurcooL/github_flavored_markdown v0.0.0-20181002035957-2122de532470/go.mod h1:2dOwnU2uBioM+SGy2aZoq1f/Sd1l9OkAeAUvjSyvgU0=
+github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk=
+github.com/shurcooL/go-goon v0.0.0-20170922171312-37c2f522c041/go.mod h1:N5mDOmsrJOB+vfqUK+7DmDyjhSLIIBnXo9lvZJj3MWQ=
+github.com/shurcooL/gofontwoff v0.0.0-20180329035133-29b52fc0a18d/go.mod h1:05UtEgK5zq39gLST6uB0cf3NEHjETfB4Fgr3Gx5R9Vw=
+github.com/shurcooL/gopherjslib v0.0.0-20160914041154-feb6d3990c2c/go.mod h1:8d3azKNyqcHP1GaQE/c6dDgjkgSx2BZ4IoEi4F1reUI=
+github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b/go.mod h1:ZpfEhSmds4ytuByIcDnOLkTHGUI6KNqRNPDLHDk+mUU=
+github.com/shurcooL/highlight_go v0.0.0-20181028180052-98c3abbbae20/go.mod h1:UDKB5a1T23gOMUJrI+uSuH0VRDStOiUVSjBTRDVBVag=
+github.com/shurcooL/home v0.0.0-20181020052607-80b7ffcb30f9/go.mod h1:+rgNQw2P9ARFAs37qieuu7ohDNQ3gds9msbT2yn85sg=
+github.com/shurcooL/htmlg v0.0.0-20170918183704-d01228ac9e50/go.mod h1:zPn1wHpTIePGnXSHpsVPWEktKXHr6+SS6x/IKRb7cpw=
+github.com/shurcooL/httperror v0.0.0-20170206035902-86b7830d14cc/go.mod h1:aYMfkZ6DWSJPJ6c4Wwz3QtW22G7mf/PEgaB9k/ik5+Y=
+github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg=
+github.com/shurcooL/httpgzip v0.0.0-20180522190206-b1c53ac65af9/go.mod h1:919LwcH0M7/W4fcZ0/jy0qGght1GIhqyS/EgWGH2j5Q=
+github.com/shurcooL/issues v0.0.0-20181008053335-6292fdc1e191/go.mod h1:e2qWDig5bLteJ4fwvDAc2NHzqFEthkqn7aOZAOpj+PQ=
+github.com/shurcooL/issuesapp v0.0.0-20180602232740-048589ce2241/go.mod h1:NPpHK2TI7iSaM0buivtFUc9offApnI0Alt/K8hcHy0I=
+github.com/shurcooL/notifications v0.0.0-20181007000457-627ab5aea122/go.mod h1:b5uSkrEVM1jQUspwbixRBhaIjIzL2xazXp6kntxYle0=
+github.com/shurcooL/octicon v0.0.0-20181028054416-fa4f57f9efb2/go.mod h1:eWdoE5JD4R5UVWDucdOPg1g2fqQRq78IQa9zlOV1vpQ=
+github.com/shurcooL/reactions v0.0.0-20181006231557-f2e0b4ca5b82/go.mod h1:TCR1lToEk4d2s07G3XGfz2QrgHXg4RJBvjrOozvoWfk=
+github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/shurcooL/users v0.0.0-20180125191416-49c67e49c537/go.mod h1:QJTqeLYEDaXHZDBsXlPCDqdhQuJkuw4NOtaxYe3xii4=
+github.com/shurcooL/webdavfs v0.0.0-20170829043945-18c3829fa133/go.mod h1:hKmq5kWdCj2z2KEozexVbfEZIWiTjhE0+UjmZgPqehw=
+github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d/go.mod h1:UdhH50NIW0fCiwBSr0co2m7BnFLdv4fQTgdqdJTHFeE=
+github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA=
+github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07/go.mod h1:kDXzergiv9cbyO7IOYJZWg1U88JhDg3PB6klq9Hg2pA=
+github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU=
+github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
+go4.org v0.0.0-20180809161055-417644f6feb5/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE=
+golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw=
+golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/lint v0.0.0-20180702182130-06c8688daad7/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181029044818-c44066c5c816/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 h1:4nGaVu0QrbjT/AK2PRLuQfQuh6DJve+pELhqTdAj3x0=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
+golang.org/x/perf v0.0.0-20180704124530-6e6d33e29852/go.mod h1:JLpeXjPJfIyPr5TlbXLkXWLhP8nz10XfvxElABhCtcw=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190316082340-a2f829d7f35f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
+google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
+google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20181202183823-bd91e49a0898/go.mod h1:7Ep/1NZk928CDR8SjdVbjWNpdIf6nzjE3BTgJDr2Atg=
+google.golang.org/genproto v0.0.0-20190306203927-b5d61aea6440/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
+google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio=
+google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.23.0 h1:4MY060fB1DLGMB/7MBTLnwQUY6+F09GEiz6SsrNqyzM=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+grpc.go4.org v0.0.0-20170609214715-11d0a25b4919/go.mod h1:77eQGdRu53HpSqPFJFmuJdjuHRquDANNeA4x7B8WQ9o=
+honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck=
+sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0=
diff --git a/vendor/github.com/lucas-clemente/quic-go/interface.go b/vendor/github.com/lucas-clemente/quic-go/interface.go
new file mode 100644
index 00000000..0b1a1891
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/interface.go
@@ -0,0 +1,332 @@
+package quic
+
+import (
+ "context"
+ "errors"
+ "io"
+ "net"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/handshake"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+// RetireBugBackwardsCompatibilityMode controls a backwards compatibility mode, necessary due to a bug in
+// quic-go v0.17.2 (and earlier), where under certain circumstances, an endpoint would retire the connection
+// ID it is currently using. See https://github.com/lucas-clemente/quic-go/issues/2658.
+// The bug has now been fixed, and new deployments have nothing to worry about.
+// Deployments that already have quic-go <= v0.17.2 deployed should active RetireBugBackwardsCompatibilityMode.
+// If activated, quic-go will take steps to avoid the bug from triggering when connected to endpoints that are still
+// running quic-go <= v0.17.2.
+// This flag will be removed in a future version of quic-go.
+var RetireBugBackwardsCompatibilityMode bool
+
+// The StreamID is the ID of a QUIC stream.
+type StreamID = protocol.StreamID
+
+// A VersionNumber is a QUIC version number.
+type VersionNumber = protocol.VersionNumber
+
+const (
+ // VersionDraft29 is IETF QUIC draft-29
+ VersionDraft29 = protocol.VersionDraft29
+ // VersionDraft32 is IETF QUIC draft-32
+ VersionDraft32 = protocol.VersionDraft32
+ // VersionDraft34 is IETF QUIC draft-34
+ VersionDraft34 = protocol.VersionDraft34
+ // Version1 is RFC 9000
+ Version1 = protocol.Version1
+)
+
+// A Token can be used to verify the ownership of the client address.
+type Token struct {
+ // IsRetryToken encodes how the client received the token. There are two ways:
+ // * In a Retry packet sent when trying to establish a new connection.
+ // * In a NEW_TOKEN frame on a previous connection.
+ IsRetryToken bool
+ RemoteAddr string
+ SentTime time.Time
+}
+
+// A ClientToken is a token received by the client.
+// It can be used to skip address validation on future connection attempts.
+type ClientToken struct {
+ data []byte
+}
+
+type TokenStore interface {
+ // Pop searches for a ClientToken associated with the given key.
+ // Since tokens are not supposed to be reused, it must remove the token from the cache.
+ // It returns nil when no token is found.
+ Pop(key string) (token *ClientToken)
+
+ // Put adds a token to the cache with the given key. It might get called
+ // multiple times in a connection.
+ Put(key string, token *ClientToken)
+}
+
+// Err0RTTRejected is the returned from:
+// * Open{Uni}Stream{Sync}
+// * Accept{Uni}Stream
+// * Stream.Read and Stream.Write
+// when the server rejects a 0-RTT connection attempt.
+var Err0RTTRejected = errors.New("0-RTT rejected")
+
+// SessionTracingKey can be used to associate a ConnectionTracer with a Session.
+// It is set on the Session.Context() context,
+// as well as on the context passed to logging.Tracer.NewConnectionTracer.
+var SessionTracingKey = sessionTracingCtxKey{}
+
+type sessionTracingCtxKey struct{}
+
+// Stream is the interface implemented by QUIC streams
+// In addition to the errors listed on the Session,
+// calls to stream functions can return a StreamError if the stream is canceled.
+type Stream interface {
+ ReceiveStream
+ SendStream
+ // SetDeadline sets the read and write deadlines associated
+ // with the connection. It is equivalent to calling both
+ // SetReadDeadline and SetWriteDeadline.
+ SetDeadline(t time.Time) error
+}
+
+// A ReceiveStream is a unidirectional Receive Stream.
+type ReceiveStream interface {
+ // StreamID returns the stream ID.
+ StreamID() StreamID
+ // Read reads data from the stream.
+ // Read can be made to time out and return a net.Error with Timeout() == true
+ // after a fixed time limit; see SetDeadline and SetReadDeadline.
+ // If the stream was canceled by the peer, the error implements the StreamError
+ // interface, and Canceled() == true.
+ // If the session was closed due to a timeout, the error satisfies
+ // the net.Error interface, and Timeout() will be true.
+ io.Reader
+ // CancelRead aborts receiving on this stream.
+ // It will ask the peer to stop transmitting stream data.
+ // Read will unblock immediately, and future Read calls will fail.
+ // When called multiple times or after reading the io.EOF it is a no-op.
+ CancelRead(StreamErrorCode)
+ // SetReadDeadline sets the deadline for future Read calls and
+ // any currently-blocked Read call.
+ // A zero value for t means Read will not time out.
+
+ SetReadDeadline(t time.Time) error
+}
+
+// A SendStream is a unidirectional Send Stream.
+type SendStream interface {
+ // StreamID returns the stream ID.
+ StreamID() StreamID
+ // Write writes data to the stream.
+ // Write can be made to time out and return a net.Error with Timeout() == true
+ // after a fixed time limit; see SetDeadline and SetWriteDeadline.
+ // If the stream was canceled by the peer, the error implements the StreamError
+ // interface, and Canceled() == true.
+ // If the session was closed due to a timeout, the error satisfies
+ // the net.Error interface, and Timeout() will be true.
+ io.Writer
+ // Close closes the write-direction of the stream.
+ // Future calls to Write are not permitted after calling Close.
+ // It must not be called concurrently with Write.
+ // It must not be called after calling CancelWrite.
+ io.Closer
+ // CancelWrite aborts sending on this stream.
+ // Data already written, but not yet delivered to the peer is not guaranteed to be delivered reliably.
+ // Write will unblock immediately, and future calls to Write will fail.
+ // When called multiple times or after closing the stream it is a no-op.
+ CancelWrite(StreamErrorCode)
+ // The context is canceled as soon as the write-side of the stream is closed.
+ // This happens when Close() or CancelWrite() is called, or when the peer
+ // cancels the read-side of their stream.
+ // Warning: This API should not be considered stable and might change soon.
+ Context() context.Context
+ // SetWriteDeadline sets the deadline for future Write calls
+ // and any currently-blocked Write call.
+ // Even if write times out, it may return n > 0, indicating that
+ // some of the data was successfully written.
+ // A zero value for t means Write will not time out.
+ SetWriteDeadline(t time.Time) error
+}
+
+// A Session is a QUIC connection between two peers.
+// Calls to the session (and to streams) can return the following types of errors:
+// * ApplicationError: for errors triggered by the application running on top of QUIC
+// * TransportError: for errors triggered by the QUIC transport (in many cases a misbehaving peer)
+// * IdleTimeoutError: when the peer goes away unexpectedly (this is a net.Error timeout error)
+// * HandshakeTimeoutError: when the cryptographic handshake takes too long (this is a net.Error timeout error)
+// * StatelessResetError: when we receive a stateless reset (this is a net.Error temporary error)
+// * VersionNegotiationError: returned by the client, when there's no version overlap between the peers
+type Session interface {
+ // AcceptStream returns the next stream opened by the peer, blocking until one is available.
+ // If the session was closed due to a timeout, the error satisfies
+ // the net.Error interface, and Timeout() will be true.
+ AcceptStream(context.Context) (Stream, error)
+ // AcceptUniStream returns the next unidirectional stream opened by the peer, blocking until one is available.
+ // If the session was closed due to a timeout, the error satisfies
+ // the net.Error interface, and Timeout() will be true.
+ AcceptUniStream(context.Context) (ReceiveStream, error)
+ // OpenStream opens a new bidirectional QUIC stream.
+ // There is no signaling to the peer about new streams:
+ // The peer can only accept the stream after data has been sent on the stream.
+ // If the error is non-nil, it satisfies the net.Error interface.
+ // When reaching the peer's stream limit, err.Temporary() will be true.
+ // If the session was closed due to a timeout, Timeout() will be true.
+ OpenStream() (Stream, error)
+ // OpenStreamSync opens a new bidirectional QUIC stream.
+ // It blocks until a new stream can be opened.
+ // If the error is non-nil, it satisfies the net.Error interface.
+ // If the session was closed due to a timeout, Timeout() will be true.
+ OpenStreamSync(context.Context) (Stream, error)
+ // OpenUniStream opens a new outgoing unidirectional QUIC stream.
+ // If the error is non-nil, it satisfies the net.Error interface.
+ // When reaching the peer's stream limit, Temporary() will be true.
+ // If the session was closed due to a timeout, Timeout() will be true.
+ OpenUniStream() (SendStream, error)
+ // OpenUniStreamSync opens a new outgoing unidirectional QUIC stream.
+ // It blocks until a new stream can be opened.
+ // If the error is non-nil, it satisfies the net.Error interface.
+ // If the session was closed due to a timeout, Timeout() will be true.
+ OpenUniStreamSync(context.Context) (SendStream, error)
+ // LocalAddr returns the local address.
+ LocalAddr() net.Addr
+ // RemoteAddr returns the address of the peer.
+ RemoteAddr() net.Addr
+ // CloseWithError closes the connection with an error.
+ // The error string will be sent to the peer.
+ CloseWithError(ApplicationErrorCode, string) error
+ // The context is cancelled when the session is closed.
+ // Warning: This API should not be considered stable and might change soon.
+ Context() context.Context
+ // ConnectionState returns basic details about the QUIC connection.
+ // It blocks until the handshake completes.
+ // Warning: This API should not be considered stable and might change soon.
+ ConnectionState() ConnectionState
+
+ // SendMessage sends a message as a datagram.
+ // See https://datatracker.ietf.org/doc/draft-pauly-quic-datagram/.
+ SendMessage([]byte) error
+ // ReceiveMessage gets a message received in a datagram.
+ // See https://datatracker.ietf.org/doc/draft-pauly-quic-datagram/.
+ ReceiveMessage() ([]byte, error)
+}
+
+// An EarlySession is a session that is handshaking.
+// Data sent during the handshake is encrypted using the forward secure keys.
+// When using client certificates, the client's identity is only verified
+// after completion of the handshake.
+type EarlySession interface {
+ Session
+
+ // Blocks until the handshake completes (or fails).
+ // Data sent before completion of the handshake is encrypted with 1-RTT keys.
+ // Note that the client's identity hasn't been verified yet.
+ HandshakeComplete() context.Context
+
+ NextSession() Session
+}
+
+// Config contains all configuration data needed for a QUIC server or client.
+type Config struct {
+ // The QUIC versions that can be negotiated.
+ // If not set, it uses all versions available.
+ // Warning: This API should not be considered stable and will change soon.
+ Versions []VersionNumber
+ // The length of the connection ID in bytes.
+ // It can be 0, or any value between 4 and 18.
+ // If not set, the interpretation depends on where the Config is used:
+ // If used for dialing an address, a 0 byte connection ID will be used.
+ // If used for a server, or dialing on a packet conn, a 4 byte connection ID will be used.
+ // When dialing on a packet conn, the ConnectionIDLength value must be the same for every Dial call.
+ ConnectionIDLength int
+ // HandshakeIdleTimeout is the idle timeout before completion of the handshake.
+ // Specifically, if we don't receive any packet from the peer within this time, the connection attempt is aborted.
+ // If this value is zero, the timeout is set to 5 seconds.
+ HandshakeIdleTimeout time.Duration
+ // MaxIdleTimeout is the maximum duration that may pass without any incoming network activity.
+ // The actual value for the idle timeout is the minimum of this value and the peer's.
+ // This value only applies after the handshake has completed.
+ // If the timeout is exceeded, the connection is closed.
+ // If this value is zero, the timeout is set to 30 seconds.
+ MaxIdleTimeout time.Duration
+ // AcceptToken determines if a Token is accepted.
+ // It is called with token = nil if the client didn't send a token.
+ // If not set, a default verification function is used:
+ // * it verifies that the address matches, and
+ // * if the token is a retry token, that it was issued within the last 5 seconds
+ // * else, that it was issued within the last 24 hours.
+ // This option is only valid for the server.
+ AcceptToken func(clientAddr net.Addr, token *Token) bool
+ // The TokenStore stores tokens received from the server.
+ // Tokens are used to skip address validation on future connection attempts.
+ // The key used to store tokens is the ServerName from the tls.Config, if set
+ // otherwise the token is associated with the server's IP address.
+ TokenStore TokenStore
+ // InitialStreamReceiveWindow is the initial size of the stream-level flow control window for receiving data.
+ // If the application is consuming data quickly enough, the flow control auto-tuning algorithm
+ // will increase the window up to MaxStreamReceiveWindow.
+ // If this value is zero, it will default to 512 KB.
+ InitialStreamReceiveWindow uint64
+ // MaxStreamReceiveWindow is the maximum stream-level flow control window for receiving data.
+ // If this value is zero, it will default to 6 MB.
+ MaxStreamReceiveWindow uint64
+ // InitialConnectionReceiveWindow is the initial size of the stream-level flow control window for receiving data.
+ // If the application is consuming data quickly enough, the flow control auto-tuning algorithm
+ // will increase the window up to MaxConnectionReceiveWindow.
+ // If this value is zero, it will default to 512 KB.
+ InitialConnectionReceiveWindow uint64
+ // MaxConnectionReceiveWindow is the connection-level flow control window for receiving data.
+ // If this value is zero, it will default to 15 MB.
+ MaxConnectionReceiveWindow uint64
+ // MaxIncomingStreams is the maximum number of concurrent bidirectional streams that a peer is allowed to open.
+ // Values above 2^60 are invalid.
+ // If not set, it will default to 100.
+ // If set to a negative value, it doesn't allow any bidirectional streams.
+ MaxIncomingStreams int64
+ // MaxIncomingUniStreams is the maximum number of concurrent unidirectional streams that a peer is allowed to open.
+ // Values above 2^60 are invalid.
+ // If not set, it will default to 100.
+ // If set to a negative value, it doesn't allow any unidirectional streams.
+ MaxIncomingUniStreams int64
+ // The StatelessResetKey is used to generate stateless reset tokens.
+ // If no key is configured, sending of stateless resets is disabled.
+ StatelessResetKey []byte
+ // KeepAlive defines whether this peer will periodically send a packet to keep the connection alive.
+ KeepAlive bool
+ // DisablePathMTUDiscovery disables Path MTU Discovery (RFC 8899).
+ // Packets will then be at most 1252 (IPv4) / 1232 (IPv6) bytes in size.
+ DisablePathMTUDiscovery bool
+ // See https://datatracker.ietf.org/doc/draft-ietf-quic-datagram/.
+ // Datagrams will only be available when both peers enable datagram support.
+ EnableDatagrams bool
+ Tracer logging.Tracer
+}
+
+// ConnectionState records basic details about a QUIC connection
+type ConnectionState struct {
+ TLS handshake.ConnectionState
+ SupportsDatagrams bool
+}
+
+// A Listener for incoming QUIC connections
+type Listener interface {
+ // Close the server. All active sessions will be closed.
+ Close() error
+ // Addr returns the local network addr that the server is listening on.
+ Addr() net.Addr
+ // Accept returns new sessions. It should be called in a loop.
+ Accept(context.Context) (Session, error)
+}
+
+// An EarlyListener listens for incoming QUIC connections,
+// and returns them before the handshake completes.
+type EarlyListener interface {
+ // Close the server. All active sessions will be closed.
+ Close() error
+ // Addr returns the local network addr that the server is listening on.
+ Addr() net.Addr
+ // Accept returns new early sessions. It should be called in a loop.
+ Accept(context.Context) (EarlySession, error)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ack_eliciting.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ack_eliciting.go
new file mode 100644
index 00000000..b8cd558a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ack_eliciting.go
@@ -0,0 +1,20 @@
+package ackhandler
+
+import "github.com/lucas-clemente/quic-go/internal/wire"
+
+// IsFrameAckEliciting returns true if the frame is ack-eliciting.
+func IsFrameAckEliciting(f wire.Frame) bool {
+ _, isAck := f.(*wire.AckFrame)
+ _, isConnectionClose := f.(*wire.ConnectionCloseFrame)
+ return !isAck && !isConnectionClose
+}
+
+// HasAckElicitingFrames returns true if at least one frame is ack-eliciting.
+func HasAckElicitingFrames(fs []Frame) bool {
+ for _, f := range fs {
+ if IsFrameAckEliciting(f.Frame) {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ackhandler.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ackhandler.go
new file mode 100644
index 00000000..26291321
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/ackhandler.go
@@ -0,0 +1,21 @@
+package ackhandler
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+// NewAckHandler creates a new SentPacketHandler and a new ReceivedPacketHandler
+func NewAckHandler(
+ initialPacketNumber protocol.PacketNumber,
+ initialMaxDatagramSize protocol.ByteCount,
+ rttStats *utils.RTTStats,
+ pers protocol.Perspective,
+ tracer logging.ConnectionTracer,
+ logger utils.Logger,
+ version protocol.VersionNumber,
+) (SentPacketHandler, ReceivedPacketHandler) {
+ sph := newSentPacketHandler(initialPacketNumber, initialMaxDatagramSize, rttStats, pers, tracer, logger)
+ return sph, newReceivedPacketHandler(sph, rttStats, logger, version)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/frame.go
new file mode 100644
index 00000000..aed6038d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/frame.go
@@ -0,0 +1,9 @@
+package ackhandler
+
+import "github.com/lucas-clemente/quic-go/internal/wire"
+
+type Frame struct {
+ wire.Frame // nil if the frame has already been acknowledged in another packet
+ OnLost func(wire.Frame)
+ OnAcked func(wire.Frame)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/gen.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/gen.go
new file mode 100644
index 00000000..32235f81
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/gen.go
@@ -0,0 +1,3 @@
+package ackhandler
+
+//go:generate genny -pkg ackhandler -in ../utils/linkedlist/linkedlist.go -out packet_linkedlist.go gen Item=Packet
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/interfaces.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/interfaces.go
new file mode 100644
index 00000000..5777d97a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/interfaces.go
@@ -0,0 +1,68 @@
+package ackhandler
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// A Packet is a packet
+type Packet struct {
+ PacketNumber protocol.PacketNumber
+ Frames []Frame
+ LargestAcked protocol.PacketNumber // InvalidPacketNumber if the packet doesn't contain an ACK
+ Length protocol.ByteCount
+ EncryptionLevel protocol.EncryptionLevel
+ SendTime time.Time
+
+ IsPathMTUProbePacket bool // We don't report the loss of Path MTU probe packets to the congestion controller.
+
+ includedInBytesInFlight bool
+ declaredLost bool
+ skippedPacket bool
+}
+
+// SentPacketHandler handles ACKs received for outgoing packets
+type SentPacketHandler interface {
+ // SentPacket may modify the packet
+ SentPacket(packet *Packet)
+ ReceivedAck(ackFrame *wire.AckFrame, encLevel protocol.EncryptionLevel, recvTime time.Time) (bool /* 1-RTT packet acked */, error)
+ ReceivedBytes(protocol.ByteCount)
+ DropPackets(protocol.EncryptionLevel)
+ ResetForRetry() error
+ SetHandshakeConfirmed()
+
+ // The SendMode determines if and what kind of packets can be sent.
+ SendMode() SendMode
+ // TimeUntilSend is the time when the next packet should be sent.
+ // It is used for pacing packets.
+ TimeUntilSend() time.Time
+ // HasPacingBudget says if the pacer allows sending of a (full size) packet at this moment.
+ HasPacingBudget() bool
+ SetMaxDatagramSize(count protocol.ByteCount)
+
+ // only to be called once the handshake is complete
+ QueueProbePacket(protocol.EncryptionLevel) bool /* was a packet queued */
+
+ PeekPacketNumber(protocol.EncryptionLevel) (protocol.PacketNumber, protocol.PacketNumberLen)
+ PopPacketNumber(protocol.EncryptionLevel) protocol.PacketNumber
+
+ GetLossDetectionTimeout() time.Time
+ OnLossDetectionTimeout() error
+}
+
+type sentPacketTracker interface {
+ GetLowestPacketNotConfirmedAcked() protocol.PacketNumber
+ ReceivedPacket(protocol.EncryptionLevel)
+}
+
+// ReceivedPacketHandler handles ACKs needed to send for incoming packets
+type ReceivedPacketHandler interface {
+ IsPotentiallyDuplicate(protocol.PacketNumber, protocol.EncryptionLevel) bool
+ ReceivedPacket(pn protocol.PacketNumber, ecn protocol.ECN, encLevel protocol.EncryptionLevel, rcvTime time.Time, shouldInstigateAck bool) error
+ DropPackets(protocol.EncryptionLevel)
+
+ GetAlarmTimeout() time.Time
+ GetAckFrame(encLevel protocol.EncryptionLevel, onlyIfQueued bool) *wire.AckFrame
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/mockgen.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/mockgen.go
new file mode 100644
index 00000000..e957d253
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/mockgen.go
@@ -0,0 +1,3 @@
+package ackhandler
+
+//go:generate sh -c "../../mockgen_private.sh ackhandler mock_sent_packet_tracker_test.go github.com/lucas-clemente/quic-go/internal/ackhandler sentPacketTracker"
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_linkedlist.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_linkedlist.go
new file mode 100644
index 00000000..bb74f4ef
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_linkedlist.go
@@ -0,0 +1,217 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package ackhandler
+
+// Linked list implementation from the Go standard library.
+
+// PacketElement is an element of a linked list.
+type PacketElement struct {
+ // Next and previous pointers in the doubly-linked list of elements.
+ // To simplify the implementation, internally a list l is implemented
+ // as a ring, such that &l.root is both the next element of the last
+ // list element (l.Back()) and the previous element of the first list
+ // element (l.Front()).
+ next, prev *PacketElement
+
+ // The list to which this element belongs.
+ list *PacketList
+
+ // The value stored with this element.
+ Value Packet
+}
+
+// Next returns the next list element or nil.
+func (e *PacketElement) Next() *PacketElement {
+ if p := e.next; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// Prev returns the previous list element or nil.
+func (e *PacketElement) Prev() *PacketElement {
+ if p := e.prev; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// PacketList is a linked list of Packets.
+type PacketList struct {
+ root PacketElement // sentinel list element, only &root, root.prev, and root.next are used
+ len int // current list length excluding (this) sentinel element
+}
+
+// Init initializes or clears list l.
+func (l *PacketList) Init() *PacketList {
+ l.root.next = &l.root
+ l.root.prev = &l.root
+ l.len = 0
+ return l
+}
+
+// NewPacketList returns an initialized list.
+func NewPacketList() *PacketList { return new(PacketList).Init() }
+
+// Len returns the number of elements of list l.
+// The complexity is O(1).
+func (l *PacketList) Len() int { return l.len }
+
+// Front returns the first element of list l or nil if the list is empty.
+func (l *PacketList) Front() *PacketElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.next
+}
+
+// Back returns the last element of list l or nil if the list is empty.
+func (l *PacketList) Back() *PacketElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.prev
+}
+
+// lazyInit lazily initializes a zero List value.
+func (l *PacketList) lazyInit() {
+ if l.root.next == nil {
+ l.Init()
+ }
+}
+
+// insert inserts e after at, increments l.len, and returns e.
+func (l *PacketList) insert(e, at *PacketElement) *PacketElement {
+ n := at.next
+ at.next = e
+ e.prev = at
+ e.next = n
+ n.prev = e
+ e.list = l
+ l.len++
+ return e
+}
+
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
+func (l *PacketList) insertValue(v Packet, at *PacketElement) *PacketElement {
+ return l.insert(&PacketElement{Value: v}, at)
+}
+
+// remove removes e from its list, decrements l.len, and returns e.
+func (l *PacketList) remove(e *PacketElement) *PacketElement {
+ e.prev.next = e.next
+ e.next.prev = e.prev
+ e.next = nil // avoid memory leaks
+ e.prev = nil // avoid memory leaks
+ e.list = nil
+ l.len--
+ return e
+}
+
+// Remove removes e from l if e is an element of list l.
+// It returns the element value e.Value.
+// The element must not be nil.
+func (l *PacketList) Remove(e *PacketElement) Packet {
+ if e.list == l {
+ // if e.list == l, l must have been initialized when e was inserted
+ // in l or l == nil (e is a zero Element) and l.remove will crash
+ l.remove(e)
+ }
+ return e.Value
+}
+
+// PushFront inserts a new element e with value v at the front of list l and returns e.
+func (l *PacketList) PushFront(v Packet) *PacketElement {
+ l.lazyInit()
+ return l.insertValue(v, &l.root)
+}
+
+// PushBack inserts a new element e with value v at the back of list l and returns e.
+func (l *PacketList) PushBack(v Packet) *PacketElement {
+ l.lazyInit()
+ return l.insertValue(v, l.root.prev)
+}
+
+// InsertBefore inserts a new element e with value v immediately before mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *PacketList) InsertBefore(v Packet, mark *PacketElement) *PacketElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark.prev)
+}
+
+// InsertAfter inserts a new element e with value v immediately after mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *PacketList) InsertAfter(v Packet, mark *PacketElement) *PacketElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark)
+}
+
+// MoveToFront moves element e to the front of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *PacketList) MoveToFront(e *PacketElement) {
+ if e.list != l || l.root.next == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), &l.root)
+}
+
+// MoveToBack moves element e to the back of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *PacketList) MoveToBack(e *PacketElement) {
+ if e.list != l || l.root.prev == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), l.root.prev)
+}
+
+// MoveBefore moves element e to its new position before mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *PacketList) MoveBefore(e, mark *PacketElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark.prev)
+}
+
+// MoveAfter moves element e to its new position after mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *PacketList) MoveAfter(e, mark *PacketElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark)
+}
+
+// PushBackList inserts a copy of an other list at the back of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *PacketList) PushBackList(other *PacketList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
+ l.insertValue(e.Value, l.root.prev)
+ }
+}
+
+// PushFrontList inserts a copy of an other list at the front of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *PacketList) PushFrontList(other *PacketList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {
+ l.insertValue(e.Value, &l.root)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_number_generator.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_number_generator.go
new file mode 100644
index 00000000..7d58650c
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/packet_number_generator.go
@@ -0,0 +1,76 @@
+package ackhandler
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type packetNumberGenerator interface {
+ Peek() protocol.PacketNumber
+ Pop() protocol.PacketNumber
+}
+
+type sequentialPacketNumberGenerator struct {
+ next protocol.PacketNumber
+}
+
+var _ packetNumberGenerator = &sequentialPacketNumberGenerator{}
+
+func newSequentialPacketNumberGenerator(initial protocol.PacketNumber) packetNumberGenerator {
+ return &sequentialPacketNumberGenerator{next: initial}
+}
+
+func (p *sequentialPacketNumberGenerator) Peek() protocol.PacketNumber {
+ return p.next
+}
+
+func (p *sequentialPacketNumberGenerator) Pop() protocol.PacketNumber {
+ next := p.next
+ p.next++
+ return next
+}
+
+// The skippingPacketNumberGenerator generates the packet number for the next packet
+// it randomly skips a packet number every averagePeriod packets (on average).
+// It is guaranteed to never skip two consecutive packet numbers.
+type skippingPacketNumberGenerator struct {
+ period protocol.PacketNumber
+ maxPeriod protocol.PacketNumber
+
+ next protocol.PacketNumber
+ nextToSkip protocol.PacketNumber
+
+ rng utils.Rand
+}
+
+var _ packetNumberGenerator = &skippingPacketNumberGenerator{}
+
+func newSkippingPacketNumberGenerator(initial, initialPeriod, maxPeriod protocol.PacketNumber) packetNumberGenerator {
+ g := &skippingPacketNumberGenerator{
+ next: initial,
+ period: initialPeriod,
+ maxPeriod: maxPeriod,
+ }
+ g.generateNewSkip()
+ return g
+}
+
+func (p *skippingPacketNumberGenerator) Peek() protocol.PacketNumber {
+ return p.next
+}
+
+func (p *skippingPacketNumberGenerator) Pop() protocol.PacketNumber {
+ next := p.next
+ p.next++ // generate a new packet number for the next packet
+ if p.next == p.nextToSkip {
+ p.next++
+ p.generateNewSkip()
+ }
+ return next
+}
+
+func (p *skippingPacketNumberGenerator) generateNewSkip() {
+ // make sure that there are never two consecutive packet numbers that are skipped
+ p.nextToSkip = p.next + 2 + protocol.PacketNumber(p.rng.Int31n(int32(2*p.period)))
+ p.period = utils.MinPacketNumber(2*p.period, p.maxPeriod)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_handler.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_handler.go
new file mode 100644
index 00000000..89fb30d3
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_handler.go
@@ -0,0 +1,136 @@
+package ackhandler
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type receivedPacketHandler struct {
+ sentPackets sentPacketTracker
+
+ initialPackets *receivedPacketTracker
+ handshakePackets *receivedPacketTracker
+ appDataPackets *receivedPacketTracker
+
+ lowest1RTTPacket protocol.PacketNumber
+}
+
+var _ ReceivedPacketHandler = &receivedPacketHandler{}
+
+func newReceivedPacketHandler(
+ sentPackets sentPacketTracker,
+ rttStats *utils.RTTStats,
+ logger utils.Logger,
+ version protocol.VersionNumber,
+) ReceivedPacketHandler {
+ return &receivedPacketHandler{
+ sentPackets: sentPackets,
+ initialPackets: newReceivedPacketTracker(rttStats, logger, version),
+ handshakePackets: newReceivedPacketTracker(rttStats, logger, version),
+ appDataPackets: newReceivedPacketTracker(rttStats, logger, version),
+ lowest1RTTPacket: protocol.InvalidPacketNumber,
+ }
+}
+
+func (h *receivedPacketHandler) ReceivedPacket(
+ pn protocol.PacketNumber,
+ ecn protocol.ECN,
+ encLevel protocol.EncryptionLevel,
+ rcvTime time.Time,
+ shouldInstigateAck bool,
+) error {
+ h.sentPackets.ReceivedPacket(encLevel)
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ h.initialPackets.ReceivedPacket(pn, ecn, rcvTime, shouldInstigateAck)
+ case protocol.EncryptionHandshake:
+ h.handshakePackets.ReceivedPacket(pn, ecn, rcvTime, shouldInstigateAck)
+ case protocol.Encryption0RTT:
+ if h.lowest1RTTPacket != protocol.InvalidPacketNumber && pn > h.lowest1RTTPacket {
+ return fmt.Errorf("received packet number %d on a 0-RTT packet after receiving %d on a 1-RTT packet", pn, h.lowest1RTTPacket)
+ }
+ h.appDataPackets.ReceivedPacket(pn, ecn, rcvTime, shouldInstigateAck)
+ case protocol.Encryption1RTT:
+ if h.lowest1RTTPacket == protocol.InvalidPacketNumber || pn < h.lowest1RTTPacket {
+ h.lowest1RTTPacket = pn
+ }
+ h.appDataPackets.IgnoreBelow(h.sentPackets.GetLowestPacketNotConfirmedAcked())
+ h.appDataPackets.ReceivedPacket(pn, ecn, rcvTime, shouldInstigateAck)
+ default:
+ panic(fmt.Sprintf("received packet with unknown encryption level: %s", encLevel))
+ }
+ return nil
+}
+
+func (h *receivedPacketHandler) DropPackets(encLevel protocol.EncryptionLevel) {
+ //nolint:exhaustive // 1-RTT packet number space is never dropped.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ h.initialPackets = nil
+ case protocol.EncryptionHandshake:
+ h.handshakePackets = nil
+ case protocol.Encryption0RTT:
+ // Nothing to do here.
+ // If we are rejecting 0-RTT, no 0-RTT packets will have been decrypted.
+ default:
+ panic(fmt.Sprintf("Cannot drop keys for encryption level %s", encLevel))
+ }
+}
+
+func (h *receivedPacketHandler) GetAlarmTimeout() time.Time {
+ var initialAlarm, handshakeAlarm time.Time
+ if h.initialPackets != nil {
+ initialAlarm = h.initialPackets.GetAlarmTimeout()
+ }
+ if h.handshakePackets != nil {
+ handshakeAlarm = h.handshakePackets.GetAlarmTimeout()
+ }
+ oneRTTAlarm := h.appDataPackets.GetAlarmTimeout()
+ return utils.MinNonZeroTime(utils.MinNonZeroTime(initialAlarm, handshakeAlarm), oneRTTAlarm)
+}
+
+func (h *receivedPacketHandler) GetAckFrame(encLevel protocol.EncryptionLevel, onlyIfQueued bool) *wire.AckFrame {
+ var ack *wire.AckFrame
+ //nolint:exhaustive // 0-RTT packets can't contain ACK frames.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ if h.initialPackets != nil {
+ ack = h.initialPackets.GetAckFrame(onlyIfQueued)
+ }
+ case protocol.EncryptionHandshake:
+ if h.handshakePackets != nil {
+ ack = h.handshakePackets.GetAckFrame(onlyIfQueued)
+ }
+ case protocol.Encryption1RTT:
+ // 0-RTT packets can't contain ACK frames
+ return h.appDataPackets.GetAckFrame(onlyIfQueued)
+ default:
+ return nil
+ }
+ // For Initial and Handshake ACKs, the delay time is ignored by the receiver.
+ // Set it to 0 in order to save bytes.
+ if ack != nil {
+ ack.DelayTime = 0
+ }
+ return ack
+}
+
+func (h *receivedPacketHandler) IsPotentiallyDuplicate(pn protocol.PacketNumber, encLevel protocol.EncryptionLevel) bool {
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ if h.initialPackets != nil {
+ return h.initialPackets.IsPotentiallyDuplicate(pn)
+ }
+ case protocol.EncryptionHandshake:
+ if h.handshakePackets != nil {
+ return h.handshakePackets.IsPotentiallyDuplicate(pn)
+ }
+ case protocol.Encryption0RTT, protocol.Encryption1RTT:
+ return h.appDataPackets.IsPotentiallyDuplicate(pn)
+ }
+ panic("unexpected encryption level")
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_history.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_history.go
new file mode 100644
index 00000000..5a0391ef
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_history.go
@@ -0,0 +1,142 @@
+package ackhandler
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// The receivedPacketHistory stores if a packet number has already been received.
+// It generates ACK ranges which can be used to assemble an ACK frame.
+// It does not store packet contents.
+type receivedPacketHistory struct {
+ ranges *utils.PacketIntervalList
+
+ deletedBelow protocol.PacketNumber
+}
+
+func newReceivedPacketHistory() *receivedPacketHistory {
+ return &receivedPacketHistory{
+ ranges: utils.NewPacketIntervalList(),
+ }
+}
+
+// ReceivedPacket registers a packet with PacketNumber p and updates the ranges
+func (h *receivedPacketHistory) ReceivedPacket(p protocol.PacketNumber) bool /* is a new packet (and not a duplicate / delayed packet) */ {
+ // ignore delayed packets, if we already deleted the range
+ if p < h.deletedBelow {
+ return false
+ }
+ isNew := h.addToRanges(p)
+ h.maybeDeleteOldRanges()
+ return isNew
+}
+
+func (h *receivedPacketHistory) addToRanges(p protocol.PacketNumber) bool /* is a new packet (and not a duplicate / delayed packet) */ {
+ if h.ranges.Len() == 0 {
+ h.ranges.PushBack(utils.PacketInterval{Start: p, End: p})
+ return true
+ }
+
+ for el := h.ranges.Back(); el != nil; el = el.Prev() {
+ // p already included in an existing range. Nothing to do here
+ if p >= el.Value.Start && p <= el.Value.End {
+ return false
+ }
+
+ if el.Value.End == p-1 { // extend a range at the end
+ el.Value.End = p
+ return true
+ }
+ if el.Value.Start == p+1 { // extend a range at the beginning
+ el.Value.Start = p
+
+ prev := el.Prev()
+ if prev != nil && prev.Value.End+1 == el.Value.Start { // merge two ranges
+ prev.Value.End = el.Value.End
+ h.ranges.Remove(el)
+ }
+ return true
+ }
+
+ // create a new range at the end
+ if p > el.Value.End {
+ h.ranges.InsertAfter(utils.PacketInterval{Start: p, End: p}, el)
+ return true
+ }
+ }
+
+ // create a new range at the beginning
+ h.ranges.InsertBefore(utils.PacketInterval{Start: p, End: p}, h.ranges.Front())
+ return true
+}
+
+// Delete old ranges, if we're tracking more than 500 of them.
+// This is a DoS defense against a peer that sends us too many gaps.
+func (h *receivedPacketHistory) maybeDeleteOldRanges() {
+ for h.ranges.Len() > protocol.MaxNumAckRanges {
+ h.ranges.Remove(h.ranges.Front())
+ }
+}
+
+// DeleteBelow deletes all entries below (but not including) p
+func (h *receivedPacketHistory) DeleteBelow(p protocol.PacketNumber) {
+ if p < h.deletedBelow {
+ return
+ }
+ h.deletedBelow = p
+
+ nextEl := h.ranges.Front()
+ for el := h.ranges.Front(); nextEl != nil; el = nextEl {
+ nextEl = el.Next()
+
+ if el.Value.End < p { // delete a whole range
+ h.ranges.Remove(el)
+ } else if p > el.Value.Start && p <= el.Value.End {
+ el.Value.Start = p
+ return
+ } else { // no ranges affected. Nothing to do
+ return
+ }
+ }
+}
+
+// GetAckRanges gets a slice of all AckRanges that can be used in an AckFrame
+func (h *receivedPacketHistory) GetAckRanges() []wire.AckRange {
+ if h.ranges.Len() == 0 {
+ return nil
+ }
+
+ ackRanges := make([]wire.AckRange, h.ranges.Len())
+ i := 0
+ for el := h.ranges.Back(); el != nil; el = el.Prev() {
+ ackRanges[i] = wire.AckRange{Smallest: el.Value.Start, Largest: el.Value.End}
+ i++
+ }
+ return ackRanges
+}
+
+func (h *receivedPacketHistory) GetHighestAckRange() wire.AckRange {
+ ackRange := wire.AckRange{}
+ if h.ranges.Len() > 0 {
+ r := h.ranges.Back().Value
+ ackRange.Smallest = r.Start
+ ackRange.Largest = r.End
+ }
+ return ackRange
+}
+
+func (h *receivedPacketHistory) IsPotentiallyDuplicate(p protocol.PacketNumber) bool {
+ if p < h.deletedBelow {
+ return true
+ }
+ for el := h.ranges.Back(); el != nil; el = el.Prev() {
+ if p > el.Value.End {
+ return false
+ }
+ if p <= el.Value.End && p >= el.Value.Start {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_tracker.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_tracker.go
new file mode 100644
index 00000000..56e79269
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/received_packet_tracker.go
@@ -0,0 +1,196 @@
+package ackhandler
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// number of ack-eliciting packets received before sending an ack.
+const packetsBeforeAck = 2
+
+type receivedPacketTracker struct {
+ largestObserved protocol.PacketNumber
+ ignoreBelow protocol.PacketNumber
+ largestObservedReceivedTime time.Time
+ ect0, ect1, ecnce uint64
+
+ packetHistory *receivedPacketHistory
+
+ maxAckDelay time.Duration
+ rttStats *utils.RTTStats
+
+ hasNewAck bool // true as soon as we received an ack-eliciting new packet
+ ackQueued bool // true once we received more than 2 (or later in the connection 10) ack-eliciting packets
+
+ ackElicitingPacketsReceivedSinceLastAck int
+ ackAlarm time.Time
+ lastAck *wire.AckFrame
+
+ logger utils.Logger
+
+ version protocol.VersionNumber
+}
+
+func newReceivedPacketTracker(
+ rttStats *utils.RTTStats,
+ logger utils.Logger,
+ version protocol.VersionNumber,
+) *receivedPacketTracker {
+ return &receivedPacketTracker{
+ packetHistory: newReceivedPacketHistory(),
+ maxAckDelay: protocol.MaxAckDelay,
+ rttStats: rttStats,
+ logger: logger,
+ version: version,
+ }
+}
+
+func (h *receivedPacketTracker) ReceivedPacket(packetNumber protocol.PacketNumber, ecn protocol.ECN, rcvTime time.Time, shouldInstigateAck bool) {
+ if packetNumber < h.ignoreBelow {
+ return
+ }
+
+ isMissing := h.isMissing(packetNumber)
+ if packetNumber >= h.largestObserved {
+ h.largestObserved = packetNumber
+ h.largestObservedReceivedTime = rcvTime
+ }
+
+ if isNew := h.packetHistory.ReceivedPacket(packetNumber); isNew && shouldInstigateAck {
+ h.hasNewAck = true
+ }
+ if shouldInstigateAck {
+ h.maybeQueueAck(packetNumber, rcvTime, isMissing)
+ }
+ switch ecn {
+ case protocol.ECNNon:
+ case protocol.ECT0:
+ h.ect0++
+ case protocol.ECT1:
+ h.ect1++
+ case protocol.ECNCE:
+ h.ecnce++
+ }
+}
+
+// IgnoreBelow sets a lower limit for acknowledging packets.
+// Packets with packet numbers smaller than p will not be acked.
+func (h *receivedPacketTracker) IgnoreBelow(p protocol.PacketNumber) {
+ if p <= h.ignoreBelow {
+ return
+ }
+ h.ignoreBelow = p
+ h.packetHistory.DeleteBelow(p)
+ if h.logger.Debug() {
+ h.logger.Debugf("\tIgnoring all packets below %d.", p)
+ }
+}
+
+// isMissing says if a packet was reported missing in the last ACK.
+func (h *receivedPacketTracker) isMissing(p protocol.PacketNumber) bool {
+ if h.lastAck == nil || p < h.ignoreBelow {
+ return false
+ }
+ return p < h.lastAck.LargestAcked() && !h.lastAck.AcksPacket(p)
+}
+
+func (h *receivedPacketTracker) hasNewMissingPackets() bool {
+ if h.lastAck == nil {
+ return false
+ }
+ highestRange := h.packetHistory.GetHighestAckRange()
+ return highestRange.Smallest > h.lastAck.LargestAcked()+1 && highestRange.Len() == 1
+}
+
+// maybeQueueAck queues an ACK, if necessary.
+func (h *receivedPacketTracker) maybeQueueAck(pn protocol.PacketNumber, rcvTime time.Time, wasMissing bool) {
+ // always acknowledge the first packet
+ if h.lastAck == nil {
+ if !h.ackQueued {
+ h.logger.Debugf("\tQueueing ACK because the first packet should be acknowledged.")
+ }
+ h.ackQueued = true
+ return
+ }
+
+ if h.ackQueued {
+ return
+ }
+
+ h.ackElicitingPacketsReceivedSinceLastAck++
+
+ // Send an ACK if this packet was reported missing in an ACK sent before.
+ // Ack decimation with reordering relies on the timer to send an ACK, but if
+ // missing packets we reported in the previous ack, send an ACK immediately.
+ if wasMissing {
+ if h.logger.Debug() {
+ h.logger.Debugf("\tQueueing ACK because packet %d was missing before.", pn)
+ }
+ h.ackQueued = true
+ }
+
+ // send an ACK every 2 ack-eliciting packets
+ if h.ackElicitingPacketsReceivedSinceLastAck >= packetsBeforeAck {
+ if h.logger.Debug() {
+ h.logger.Debugf("\tQueueing ACK because packet %d packets were received after the last ACK (using initial threshold: %d).", h.ackElicitingPacketsReceivedSinceLastAck, packetsBeforeAck)
+ }
+ h.ackQueued = true
+ } else if h.ackAlarm.IsZero() {
+ if h.logger.Debug() {
+ h.logger.Debugf("\tSetting ACK timer to max ack delay: %s", h.maxAckDelay)
+ }
+ h.ackAlarm = rcvTime.Add(h.maxAckDelay)
+ }
+
+ // Queue an ACK if there are new missing packets to report.
+ if h.hasNewMissingPackets() {
+ h.logger.Debugf("\tQueuing ACK because there's a new missing packet to report.")
+ h.ackQueued = true
+ }
+
+ if h.ackQueued {
+ // cancel the ack alarm
+ h.ackAlarm = time.Time{}
+ }
+}
+
+func (h *receivedPacketTracker) GetAckFrame(onlyIfQueued bool) *wire.AckFrame {
+ if !h.hasNewAck {
+ return nil
+ }
+ now := time.Now()
+ if onlyIfQueued {
+ if !h.ackQueued && (h.ackAlarm.IsZero() || h.ackAlarm.After(now)) {
+ return nil
+ }
+ if h.logger.Debug() && !h.ackQueued && !h.ackAlarm.IsZero() {
+ h.logger.Debugf("Sending ACK because the ACK timer expired.")
+ }
+ }
+
+ ack := &wire.AckFrame{
+ AckRanges: h.packetHistory.GetAckRanges(),
+ // Make sure that the DelayTime is always positive.
+ // This is not guaranteed on systems that don't have a monotonic clock.
+ DelayTime: utils.MaxDuration(0, now.Sub(h.largestObservedReceivedTime)),
+ ECT0: h.ect0,
+ ECT1: h.ect1,
+ ECNCE: h.ecnce,
+ }
+
+ h.lastAck = ack
+ h.ackAlarm = time.Time{}
+ h.ackQueued = false
+ h.hasNewAck = false
+ h.ackElicitingPacketsReceivedSinceLastAck = 0
+ return ack
+}
+
+func (h *receivedPacketTracker) GetAlarmTimeout() time.Time { return h.ackAlarm }
+
+func (h *receivedPacketTracker) IsPotentiallyDuplicate(pn protocol.PacketNumber) bool {
+ return h.packetHistory.IsPotentiallyDuplicate(pn)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go
new file mode 100644
index 00000000..3d5fe560
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/send_mode.go
@@ -0,0 +1,40 @@
+package ackhandler
+
+import "fmt"
+
+// The SendMode says what kind of packets can be sent.
+type SendMode uint8
+
+const (
+ // SendNone means that no packets should be sent
+ SendNone SendMode = iota
+ // SendAck means an ACK-only packet should be sent
+ SendAck
+ // SendPTOInitial means that an Initial probe packet should be sent
+ SendPTOInitial
+ // SendPTOHandshake means that a Handshake probe packet should be sent
+ SendPTOHandshake
+ // SendPTOAppData means that an Application data probe packet should be sent
+ SendPTOAppData
+ // SendAny means that any packet should be sent
+ SendAny
+)
+
+func (s SendMode) String() string {
+ switch s {
+ case SendNone:
+ return "none"
+ case SendAck:
+ return "ack"
+ case SendPTOInitial:
+ return "pto (Initial)"
+ case SendPTOHandshake:
+ return "pto (Handshake)"
+ case SendPTOAppData:
+ return "pto (Application Data)"
+ case SendAny:
+ return "any"
+ default:
+ return fmt.Sprintf("invalid send mode: %d", s)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_handler.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_handler.go
new file mode 100644
index 00000000..dd8988f0
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_handler.go
@@ -0,0 +1,832 @@
+package ackhandler
+
+import (
+ "errors"
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/congestion"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+const (
+ // Maximum reordering in time space before time based loss detection considers a packet lost.
+ // Specified as an RTT multiplier.
+ timeThreshold = 9.0 / 8
+ // Maximum reordering in packets before packet threshold loss detection considers a packet lost.
+ packetThreshold = 3
+ // Before validating the client's address, the server won't send more than 3x bytes than it received.
+ amplificationFactor = 3
+ // We use Retry packets to derive an RTT estimate. Make sure we don't set the RTT to a super low value yet.
+ minRTTAfterRetry = 5 * time.Millisecond
+)
+
+type packetNumberSpace struct {
+ history *sentPacketHistory
+ pns packetNumberGenerator
+
+ lossTime time.Time
+ lastAckElicitingPacketTime time.Time
+
+ largestAcked protocol.PacketNumber
+ largestSent protocol.PacketNumber
+}
+
+func newPacketNumberSpace(initialPN protocol.PacketNumber, skipPNs bool, rttStats *utils.RTTStats) *packetNumberSpace {
+ var pns packetNumberGenerator
+ if skipPNs {
+ pns = newSkippingPacketNumberGenerator(initialPN, protocol.SkipPacketInitialPeriod, protocol.SkipPacketMaxPeriod)
+ } else {
+ pns = newSequentialPacketNumberGenerator(initialPN)
+ }
+ return &packetNumberSpace{
+ history: newSentPacketHistory(rttStats),
+ pns: pns,
+ largestSent: protocol.InvalidPacketNumber,
+ largestAcked: protocol.InvalidPacketNumber,
+ }
+}
+
+type sentPacketHandler struct {
+ initialPackets *packetNumberSpace
+ handshakePackets *packetNumberSpace
+ appDataPackets *packetNumberSpace
+
+ // Do we know that the peer completed address validation yet?
+ // Always true for the server.
+ peerCompletedAddressValidation bool
+ bytesReceived protocol.ByteCount
+ bytesSent protocol.ByteCount
+ // Have we validated the peer's address yet?
+ // Always true for the client.
+ peerAddressValidated bool
+
+ handshakeConfirmed bool
+
+ // lowestNotConfirmedAcked is the lowest packet number that we sent an ACK for, but haven't received confirmation, that this ACK actually arrived
+ // example: we send an ACK for packets 90-100 with packet number 20
+ // once we receive an ACK from the peer for packet 20, the lowestNotConfirmedAcked is 101
+ // Only applies to the application-data packet number space.
+ lowestNotConfirmedAcked protocol.PacketNumber
+
+ ackedPackets []*Packet // to avoid allocations in detectAndRemoveAckedPackets
+
+ bytesInFlight protocol.ByteCount
+
+ congestion congestion.SendAlgorithmWithDebugInfos
+ rttStats *utils.RTTStats
+
+ // The number of times a PTO has been sent without receiving an ack.
+ ptoCount uint32
+ ptoMode SendMode
+ // The number of PTO probe packets that should be sent.
+ // Only applies to the application-data packet number space.
+ numProbesToSend int
+
+ // The alarm timeout
+ alarm time.Time
+
+ perspective protocol.Perspective
+
+ tracer logging.ConnectionTracer
+ logger utils.Logger
+}
+
+var (
+ _ SentPacketHandler = &sentPacketHandler{}
+ _ sentPacketTracker = &sentPacketHandler{}
+)
+
+func newSentPacketHandler(
+ initialPN protocol.PacketNumber,
+ initialMaxDatagramSize protocol.ByteCount,
+ rttStats *utils.RTTStats,
+ pers protocol.Perspective,
+ tracer logging.ConnectionTracer,
+ logger utils.Logger,
+) *sentPacketHandler {
+ congestion := congestion.NewCubicSender(
+ congestion.DefaultClock{},
+ rttStats,
+ initialMaxDatagramSize,
+ true, // use Reno
+ tracer,
+ )
+
+ return &sentPacketHandler{
+ peerCompletedAddressValidation: pers == protocol.PerspectiveServer,
+ peerAddressValidated: pers == protocol.PerspectiveClient,
+ initialPackets: newPacketNumberSpace(initialPN, false, rttStats),
+ handshakePackets: newPacketNumberSpace(0, false, rttStats),
+ appDataPackets: newPacketNumberSpace(0, true, rttStats),
+ rttStats: rttStats,
+ congestion: congestion,
+ perspective: pers,
+ tracer: tracer,
+ logger: logger,
+ }
+}
+
+func (h *sentPacketHandler) DropPackets(encLevel protocol.EncryptionLevel) {
+ if h.perspective == protocol.PerspectiveClient && encLevel == protocol.EncryptionInitial {
+ // This function is called when the crypto setup seals a Handshake packet.
+ // If this Handshake packet is coalesced behind an Initial packet, we would drop the Initial packet number space
+ // before SentPacket() was called for that Initial packet.
+ return
+ }
+ h.dropPackets(encLevel)
+}
+
+func (h *sentPacketHandler) removeFromBytesInFlight(p *Packet) {
+ if p.includedInBytesInFlight {
+ if p.Length > h.bytesInFlight {
+ panic("negative bytes_in_flight")
+ }
+ h.bytesInFlight -= p.Length
+ p.includedInBytesInFlight = false
+ }
+}
+
+func (h *sentPacketHandler) dropPackets(encLevel protocol.EncryptionLevel) {
+ // The server won't await address validation after the handshake is confirmed.
+ // This applies even if we didn't receive an ACK for a Handshake packet.
+ if h.perspective == protocol.PerspectiveClient && encLevel == protocol.EncryptionHandshake {
+ h.peerCompletedAddressValidation = true
+ }
+ // remove outstanding packets from bytes_in_flight
+ if encLevel == protocol.EncryptionInitial || encLevel == protocol.EncryptionHandshake {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+ pnSpace.history.Iterate(func(p *Packet) (bool, error) {
+ h.removeFromBytesInFlight(p)
+ return true, nil
+ })
+ }
+ // drop the packet history
+ //nolint:exhaustive // Not every packet number space can be dropped.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ h.initialPackets = nil
+ case protocol.EncryptionHandshake:
+ h.handshakePackets = nil
+ case protocol.Encryption0RTT:
+ // This function is only called when 0-RTT is rejected,
+ // and not when the client drops 0-RTT keys when the handshake completes.
+ // When 0-RTT is rejected, all application data sent so far becomes invalid.
+ // Delete the packets from the history and remove them from bytes_in_flight.
+ h.appDataPackets.history.Iterate(func(p *Packet) (bool, error) {
+ if p.EncryptionLevel != protocol.Encryption0RTT {
+ return false, nil
+ }
+ h.removeFromBytesInFlight(p)
+ h.appDataPackets.history.Remove(p.PacketNumber)
+ return true, nil
+ })
+ default:
+ panic(fmt.Sprintf("Cannot drop keys for encryption level %s", encLevel))
+ }
+ if h.tracer != nil && h.ptoCount != 0 {
+ h.tracer.UpdatedPTOCount(0)
+ }
+ h.ptoCount = 0
+ h.numProbesToSend = 0
+ h.ptoMode = SendNone
+ h.setLossDetectionTimer()
+}
+
+func (h *sentPacketHandler) ReceivedBytes(n protocol.ByteCount) {
+ wasAmplificationLimit := h.isAmplificationLimited()
+ h.bytesReceived += n
+ if wasAmplificationLimit && !h.isAmplificationLimited() {
+ h.setLossDetectionTimer()
+ }
+}
+
+func (h *sentPacketHandler) ReceivedPacket(l protocol.EncryptionLevel) {
+ if h.perspective == protocol.PerspectiveServer && l == protocol.EncryptionHandshake && !h.peerAddressValidated {
+ h.peerAddressValidated = true
+ h.setLossDetectionTimer()
+ }
+}
+
+func (h *sentPacketHandler) packetsInFlight() int {
+ packetsInFlight := h.appDataPackets.history.Len()
+ if h.handshakePackets != nil {
+ packetsInFlight += h.handshakePackets.history.Len()
+ }
+ if h.initialPackets != nil {
+ packetsInFlight += h.initialPackets.history.Len()
+ }
+ return packetsInFlight
+}
+
+func (h *sentPacketHandler) SentPacket(packet *Packet) {
+ h.bytesSent += packet.Length
+ // For the client, drop the Initial packet number space when the first Handshake packet is sent.
+ if h.perspective == protocol.PerspectiveClient && packet.EncryptionLevel == protocol.EncryptionHandshake && h.initialPackets != nil {
+ h.dropPackets(protocol.EncryptionInitial)
+ }
+ isAckEliciting := h.sentPacketImpl(packet)
+ h.getPacketNumberSpace(packet.EncryptionLevel).history.SentPacket(packet, isAckEliciting)
+ if h.tracer != nil && isAckEliciting {
+ h.tracer.UpdatedMetrics(h.rttStats, h.congestion.GetCongestionWindow(), h.bytesInFlight, h.packetsInFlight())
+ }
+ if isAckEliciting || !h.peerCompletedAddressValidation {
+ h.setLossDetectionTimer()
+ }
+}
+
+func (h *sentPacketHandler) getPacketNumberSpace(encLevel protocol.EncryptionLevel) *packetNumberSpace {
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ return h.initialPackets
+ case protocol.EncryptionHandshake:
+ return h.handshakePackets
+ case protocol.Encryption0RTT, protocol.Encryption1RTT:
+ return h.appDataPackets
+ default:
+ panic("invalid packet number space")
+ }
+}
+
+func (h *sentPacketHandler) sentPacketImpl(packet *Packet) bool /* is ack-eliciting */ {
+ pnSpace := h.getPacketNumberSpace(packet.EncryptionLevel)
+
+ if h.logger.Debug() && pnSpace.history.HasOutstandingPackets() {
+ for p := utils.MaxPacketNumber(0, pnSpace.largestSent+1); p < packet.PacketNumber; p++ {
+ h.logger.Debugf("Skipping packet number %d", p)
+ }
+ }
+
+ pnSpace.largestSent = packet.PacketNumber
+ isAckEliciting := len(packet.Frames) > 0
+
+ if isAckEliciting {
+ pnSpace.lastAckElicitingPacketTime = packet.SendTime
+ packet.includedInBytesInFlight = true
+ h.bytesInFlight += packet.Length
+ if h.numProbesToSend > 0 {
+ h.numProbesToSend--
+ }
+ }
+ h.congestion.OnPacketSent(packet.SendTime, h.bytesInFlight, packet.PacketNumber, packet.Length, isAckEliciting)
+
+ return isAckEliciting
+}
+
+func (h *sentPacketHandler) ReceivedAck(ack *wire.AckFrame, encLevel protocol.EncryptionLevel, rcvTime time.Time) (bool /* contained 1-RTT packet */, error) {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+
+ largestAcked := ack.LargestAcked()
+ if largestAcked > pnSpace.largestSent {
+ return false, &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "received ACK for an unsent packet",
+ }
+ }
+
+ pnSpace.largestAcked = utils.MaxPacketNumber(pnSpace.largestAcked, largestAcked)
+
+ // Servers complete address validation when a protected packet is received.
+ if h.perspective == protocol.PerspectiveClient && !h.peerCompletedAddressValidation &&
+ (encLevel == protocol.EncryptionHandshake || encLevel == protocol.Encryption1RTT) {
+ h.peerCompletedAddressValidation = true
+ h.logger.Debugf("Peer doesn't await address validation any longer.")
+ // Make sure that the timer is reset, even if this ACK doesn't acknowledge any (ack-eliciting) packets.
+ h.setLossDetectionTimer()
+ }
+
+ priorInFlight := h.bytesInFlight
+ ackedPackets, err := h.detectAndRemoveAckedPackets(ack, encLevel)
+ if err != nil || len(ackedPackets) == 0 {
+ return false, err
+ }
+ // update the RTT, if the largest acked is newly acknowledged
+ if len(ackedPackets) > 0 {
+ if p := ackedPackets[len(ackedPackets)-1]; p.PacketNumber == ack.LargestAcked() {
+ // don't use the ack delay for Initial and Handshake packets
+ var ackDelay time.Duration
+ if encLevel == protocol.Encryption1RTT {
+ ackDelay = utils.MinDuration(ack.DelayTime, h.rttStats.MaxAckDelay())
+ }
+ h.rttStats.UpdateRTT(rcvTime.Sub(p.SendTime), ackDelay, rcvTime)
+ if h.logger.Debug() {
+ h.logger.Debugf("\tupdated RTT: %s (σ: %s)", h.rttStats.SmoothedRTT(), h.rttStats.MeanDeviation())
+ }
+ h.congestion.MaybeExitSlowStart()
+ }
+ }
+ if err := h.detectLostPackets(rcvTime, encLevel); err != nil {
+ return false, err
+ }
+ var acked1RTTPacket bool
+ for _, p := range ackedPackets {
+ if p.includedInBytesInFlight && !p.declaredLost {
+ h.congestion.OnPacketAcked(p.PacketNumber, p.Length, priorInFlight, rcvTime)
+ }
+ if p.EncryptionLevel == protocol.Encryption1RTT {
+ acked1RTTPacket = true
+ }
+ h.removeFromBytesInFlight(p)
+ }
+
+ // Reset the pto_count unless the client is unsure if the server has validated the client's address.
+ if h.peerCompletedAddressValidation {
+ if h.tracer != nil && h.ptoCount != 0 {
+ h.tracer.UpdatedPTOCount(0)
+ }
+ h.ptoCount = 0
+ }
+ h.numProbesToSend = 0
+
+ if h.tracer != nil {
+ h.tracer.UpdatedMetrics(h.rttStats, h.congestion.GetCongestionWindow(), h.bytesInFlight, h.packetsInFlight())
+ }
+
+ pnSpace.history.DeleteOldPackets(rcvTime)
+ h.setLossDetectionTimer()
+ return acked1RTTPacket, nil
+}
+
+func (h *sentPacketHandler) GetLowestPacketNotConfirmedAcked() protocol.PacketNumber {
+ return h.lowestNotConfirmedAcked
+}
+
+// Packets are returned in ascending packet number order.
+func (h *sentPacketHandler) detectAndRemoveAckedPackets(ack *wire.AckFrame, encLevel protocol.EncryptionLevel) ([]*Packet, error) {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+ h.ackedPackets = h.ackedPackets[:0]
+ ackRangeIndex := 0
+ lowestAcked := ack.LowestAcked()
+ largestAcked := ack.LargestAcked()
+ err := pnSpace.history.Iterate(func(p *Packet) (bool, error) {
+ // Ignore packets below the lowest acked
+ if p.PacketNumber < lowestAcked {
+ return true, nil
+ }
+ // Break after largest acked is reached
+ if p.PacketNumber > largestAcked {
+ return false, nil
+ }
+
+ if ack.HasMissingRanges() {
+ ackRange := ack.AckRanges[len(ack.AckRanges)-1-ackRangeIndex]
+
+ for p.PacketNumber > ackRange.Largest && ackRangeIndex < len(ack.AckRanges)-1 {
+ ackRangeIndex++
+ ackRange = ack.AckRanges[len(ack.AckRanges)-1-ackRangeIndex]
+ }
+
+ if p.PacketNumber < ackRange.Smallest { // packet not contained in ACK range
+ return true, nil
+ }
+ if p.PacketNumber > ackRange.Largest {
+ return false, fmt.Errorf("BUG: ackhandler would have acked wrong packet %d, while evaluating range %d -> %d", p.PacketNumber, ackRange.Smallest, ackRange.Largest)
+ }
+ }
+ if p.skippedPacket {
+ return false, &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: fmt.Sprintf("received an ACK for skipped packet number: %d (%s)", p.PacketNumber, encLevel),
+ }
+ }
+ h.ackedPackets = append(h.ackedPackets, p)
+ return true, nil
+ })
+ if h.logger.Debug() && len(h.ackedPackets) > 0 {
+ pns := make([]protocol.PacketNumber, len(h.ackedPackets))
+ for i, p := range h.ackedPackets {
+ pns[i] = p.PacketNumber
+ }
+ h.logger.Debugf("\tnewly acked packets (%d): %d", len(pns), pns)
+ }
+
+ for _, p := range h.ackedPackets {
+ if p.LargestAcked != protocol.InvalidPacketNumber && encLevel == protocol.Encryption1RTT {
+ h.lowestNotConfirmedAcked = utils.MaxPacketNumber(h.lowestNotConfirmedAcked, p.LargestAcked+1)
+ }
+
+ for _, f := range p.Frames {
+ if f.OnAcked != nil {
+ f.OnAcked(f.Frame)
+ }
+ }
+ if err := pnSpace.history.Remove(p.PacketNumber); err != nil {
+ return nil, err
+ }
+ if h.tracer != nil {
+ h.tracer.AcknowledgedPacket(encLevel, p.PacketNumber)
+ }
+ }
+
+ return h.ackedPackets, err
+}
+
+func (h *sentPacketHandler) getLossTimeAndSpace() (time.Time, protocol.EncryptionLevel) {
+ var encLevel protocol.EncryptionLevel
+ var lossTime time.Time
+
+ if h.initialPackets != nil {
+ lossTime = h.initialPackets.lossTime
+ encLevel = protocol.EncryptionInitial
+ }
+ if h.handshakePackets != nil && (lossTime.IsZero() || (!h.handshakePackets.lossTime.IsZero() && h.handshakePackets.lossTime.Before(lossTime))) {
+ lossTime = h.handshakePackets.lossTime
+ encLevel = protocol.EncryptionHandshake
+ }
+ if lossTime.IsZero() || (!h.appDataPackets.lossTime.IsZero() && h.appDataPackets.lossTime.Before(lossTime)) {
+ lossTime = h.appDataPackets.lossTime
+ encLevel = protocol.Encryption1RTT
+ }
+ return lossTime, encLevel
+}
+
+// same logic as getLossTimeAndSpace, but for lastAckElicitingPacketTime instead of lossTime
+func (h *sentPacketHandler) getPTOTimeAndSpace() (pto time.Time, encLevel protocol.EncryptionLevel, ok bool) {
+ // We only send application data probe packets once the handshake is confirmed,
+ // because before that, we don't have the keys to decrypt ACKs sent in 1-RTT packets.
+ if !h.handshakeConfirmed && !h.hasOutstandingCryptoPackets() {
+ if h.peerCompletedAddressValidation {
+ return
+ }
+ t := time.Now().Add(h.rttStats.PTO(false) << h.ptoCount)
+ if h.initialPackets != nil {
+ return t, protocol.EncryptionInitial, true
+ }
+ return t, protocol.EncryptionHandshake, true
+ }
+
+ if h.initialPackets != nil {
+ encLevel = protocol.EncryptionInitial
+ if t := h.initialPackets.lastAckElicitingPacketTime; !t.IsZero() {
+ pto = t.Add(h.rttStats.PTO(false) << h.ptoCount)
+ }
+ }
+ if h.handshakePackets != nil && !h.handshakePackets.lastAckElicitingPacketTime.IsZero() {
+ t := h.handshakePackets.lastAckElicitingPacketTime.Add(h.rttStats.PTO(false) << h.ptoCount)
+ if pto.IsZero() || (!t.IsZero() && t.Before(pto)) {
+ pto = t
+ encLevel = protocol.EncryptionHandshake
+ }
+ }
+ if h.handshakeConfirmed && !h.appDataPackets.lastAckElicitingPacketTime.IsZero() {
+ t := h.appDataPackets.lastAckElicitingPacketTime.Add(h.rttStats.PTO(true) << h.ptoCount)
+ if pto.IsZero() || (!t.IsZero() && t.Before(pto)) {
+ pto = t
+ encLevel = protocol.Encryption1RTT
+ }
+ }
+ return pto, encLevel, true
+}
+
+func (h *sentPacketHandler) hasOutstandingCryptoPackets() bool {
+ var hasInitial, hasHandshake bool
+ if h.initialPackets != nil {
+ hasInitial = h.initialPackets.history.HasOutstandingPackets()
+ }
+ if h.handshakePackets != nil {
+ hasHandshake = h.handshakePackets.history.HasOutstandingPackets()
+ }
+ return hasInitial || hasHandshake
+}
+
+func (h *sentPacketHandler) hasOutstandingPackets() bool {
+ return h.appDataPackets.history.HasOutstandingPackets() || h.hasOutstandingCryptoPackets()
+}
+
+func (h *sentPacketHandler) setLossDetectionTimer() {
+ oldAlarm := h.alarm // only needed in case tracing is enabled
+ lossTime, encLevel := h.getLossTimeAndSpace()
+ if !lossTime.IsZero() {
+ // Early retransmit timer or time loss detection.
+ h.alarm = lossTime
+ if h.tracer != nil && h.alarm != oldAlarm {
+ h.tracer.SetLossTimer(logging.TimerTypeACK, encLevel, h.alarm)
+ }
+ return
+ }
+
+ // Cancel the alarm if amplification limited.
+ if h.isAmplificationLimited() {
+ h.alarm = time.Time{}
+ if !oldAlarm.IsZero() {
+ h.logger.Debugf("Canceling loss detection timer. Amplification limited.")
+ if h.tracer != nil {
+ h.tracer.LossTimerCanceled()
+ }
+ }
+ return
+ }
+
+ // Cancel the alarm if no packets are outstanding
+ if !h.hasOutstandingPackets() && h.peerCompletedAddressValidation {
+ h.alarm = time.Time{}
+ if !oldAlarm.IsZero() {
+ h.logger.Debugf("Canceling loss detection timer. No packets in flight.")
+ if h.tracer != nil {
+ h.tracer.LossTimerCanceled()
+ }
+ }
+ return
+ }
+
+ // PTO alarm
+ ptoTime, encLevel, ok := h.getPTOTimeAndSpace()
+ if !ok {
+ return
+ }
+ h.alarm = ptoTime
+ if h.tracer != nil && h.alarm != oldAlarm {
+ h.tracer.SetLossTimer(logging.TimerTypePTO, encLevel, h.alarm)
+ }
+}
+
+func (h *sentPacketHandler) detectLostPackets(now time.Time, encLevel protocol.EncryptionLevel) error {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+ pnSpace.lossTime = time.Time{}
+
+ maxRTT := float64(utils.MaxDuration(h.rttStats.LatestRTT(), h.rttStats.SmoothedRTT()))
+ lossDelay := time.Duration(timeThreshold * maxRTT)
+
+ // Minimum time of granularity before packets are deemed lost.
+ lossDelay = utils.MaxDuration(lossDelay, protocol.TimerGranularity)
+
+ // Packets sent before this time are deemed lost.
+ lostSendTime := now.Add(-lossDelay)
+
+ priorInFlight := h.bytesInFlight
+ return pnSpace.history.Iterate(func(p *Packet) (bool, error) {
+ if p.PacketNumber > pnSpace.largestAcked {
+ return false, nil
+ }
+ if p.declaredLost || p.skippedPacket {
+ return true, nil
+ }
+
+ var packetLost bool
+ if p.SendTime.Before(lostSendTime) {
+ packetLost = true
+ if h.logger.Debug() {
+ h.logger.Debugf("\tlost packet %d (time threshold)", p.PacketNumber)
+ }
+ if h.tracer != nil {
+ h.tracer.LostPacket(p.EncryptionLevel, p.PacketNumber, logging.PacketLossTimeThreshold)
+ }
+ } else if pnSpace.largestAcked >= p.PacketNumber+packetThreshold {
+ packetLost = true
+ if h.logger.Debug() {
+ h.logger.Debugf("\tlost packet %d (reordering threshold)", p.PacketNumber)
+ }
+ if h.tracer != nil {
+ h.tracer.LostPacket(p.EncryptionLevel, p.PacketNumber, logging.PacketLossReorderingThreshold)
+ }
+ } else if pnSpace.lossTime.IsZero() {
+ // Note: This conditional is only entered once per call
+ lossTime := p.SendTime.Add(lossDelay)
+ if h.logger.Debug() {
+ h.logger.Debugf("\tsetting loss timer for packet %d (%s) to %s (in %s)", p.PacketNumber, encLevel, lossDelay, lossTime)
+ }
+ pnSpace.lossTime = lossTime
+ }
+ if packetLost {
+ p.declaredLost = true
+ // the bytes in flight need to be reduced no matter if the frames in this packet will be retransmitted
+ h.removeFromBytesInFlight(p)
+ h.queueFramesForRetransmission(p)
+ if !p.IsPathMTUProbePacket {
+ h.congestion.OnPacketLost(p.PacketNumber, p.Length, priorInFlight)
+ }
+ }
+ return true, nil
+ })
+}
+
+func (h *sentPacketHandler) OnLossDetectionTimeout() error {
+ defer h.setLossDetectionTimer()
+ earliestLossTime, encLevel := h.getLossTimeAndSpace()
+ if !earliestLossTime.IsZero() {
+ if h.logger.Debug() {
+ h.logger.Debugf("Loss detection alarm fired in loss timer mode. Loss time: %s", earliestLossTime)
+ }
+ if h.tracer != nil {
+ h.tracer.LossTimerExpired(logging.TimerTypeACK, encLevel)
+ }
+ // Early retransmit or time loss detection
+ return h.detectLostPackets(time.Now(), encLevel)
+ }
+
+ // PTO
+ // When all outstanding are acknowledged, the alarm is canceled in
+ // setLossDetectionTimer. This doesn't reset the timer in the session though.
+ // When OnAlarm is called, we therefore need to make sure that there are
+ // actually packets outstanding.
+ if h.bytesInFlight == 0 && !h.peerCompletedAddressValidation {
+ h.ptoCount++
+ h.numProbesToSend++
+ if h.initialPackets != nil {
+ h.ptoMode = SendPTOInitial
+ } else if h.handshakePackets != nil {
+ h.ptoMode = SendPTOHandshake
+ } else {
+ return errors.New("sentPacketHandler BUG: PTO fired, but bytes_in_flight is 0 and Initial and Handshake already dropped")
+ }
+ return nil
+ }
+
+ _, encLevel, ok := h.getPTOTimeAndSpace()
+ if !ok {
+ return nil
+ }
+ if ps := h.getPacketNumberSpace(encLevel); !ps.history.HasOutstandingPackets() && !h.peerCompletedAddressValidation {
+ return nil
+ }
+ h.ptoCount++
+ if h.logger.Debug() {
+ h.logger.Debugf("Loss detection alarm for %s fired in PTO mode. PTO count: %d", encLevel, h.ptoCount)
+ }
+ if h.tracer != nil {
+ h.tracer.LossTimerExpired(logging.TimerTypePTO, encLevel)
+ h.tracer.UpdatedPTOCount(h.ptoCount)
+ }
+ h.numProbesToSend += 2
+ //nolint:exhaustive // We never arm a PTO timer for 0-RTT packets.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ h.ptoMode = SendPTOInitial
+ case protocol.EncryptionHandshake:
+ h.ptoMode = SendPTOHandshake
+ case protocol.Encryption1RTT:
+ // skip a packet number in order to elicit an immediate ACK
+ _ = h.PopPacketNumber(protocol.Encryption1RTT)
+ h.ptoMode = SendPTOAppData
+ default:
+ return fmt.Errorf("PTO timer in unexpected encryption level: %s", encLevel)
+ }
+ return nil
+}
+
+func (h *sentPacketHandler) GetLossDetectionTimeout() time.Time {
+ return h.alarm
+}
+
+func (h *sentPacketHandler) PeekPacketNumber(encLevel protocol.EncryptionLevel) (protocol.PacketNumber, protocol.PacketNumberLen) {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+
+ var lowestUnacked protocol.PacketNumber
+ if p := pnSpace.history.FirstOutstanding(); p != nil {
+ lowestUnacked = p.PacketNumber
+ } else {
+ lowestUnacked = pnSpace.largestAcked + 1
+ }
+
+ pn := pnSpace.pns.Peek()
+ return pn, protocol.GetPacketNumberLengthForHeader(pn, lowestUnacked)
+}
+
+func (h *sentPacketHandler) PopPacketNumber(encLevel protocol.EncryptionLevel) protocol.PacketNumber {
+ return h.getPacketNumberSpace(encLevel).pns.Pop()
+}
+
+func (h *sentPacketHandler) SendMode() SendMode {
+ numTrackedPackets := h.appDataPackets.history.Len()
+ if h.initialPackets != nil {
+ numTrackedPackets += h.initialPackets.history.Len()
+ }
+ if h.handshakePackets != nil {
+ numTrackedPackets += h.handshakePackets.history.Len()
+ }
+
+ if h.isAmplificationLimited() {
+ h.logger.Debugf("Amplification window limited. Received %d bytes, already sent out %d bytes", h.bytesReceived, h.bytesSent)
+ return SendNone
+ }
+ // Don't send any packets if we're keeping track of the maximum number of packets.
+ // Note that since MaxOutstandingSentPackets is smaller than MaxTrackedSentPackets,
+ // we will stop sending out new data when reaching MaxOutstandingSentPackets,
+ // but still allow sending of retransmissions and ACKs.
+ if numTrackedPackets >= protocol.MaxTrackedSentPackets {
+ if h.logger.Debug() {
+ h.logger.Debugf("Limited by the number of tracked packets: tracking %d packets, maximum %d", numTrackedPackets, protocol.MaxTrackedSentPackets)
+ }
+ return SendNone
+ }
+ if h.numProbesToSend > 0 {
+ return h.ptoMode
+ }
+ // Only send ACKs if we're congestion limited.
+ if !h.congestion.CanSend(h.bytesInFlight) {
+ if h.logger.Debug() {
+ h.logger.Debugf("Congestion limited: bytes in flight %d, window %d", h.bytesInFlight, h.congestion.GetCongestionWindow())
+ }
+ return SendAck
+ }
+ if numTrackedPackets >= protocol.MaxOutstandingSentPackets {
+ if h.logger.Debug() {
+ h.logger.Debugf("Max outstanding limited: tracking %d packets, maximum: %d", numTrackedPackets, protocol.MaxOutstandingSentPackets)
+ }
+ return SendAck
+ }
+ return SendAny
+}
+
+func (h *sentPacketHandler) TimeUntilSend() time.Time {
+ return h.congestion.TimeUntilSend(h.bytesInFlight)
+}
+
+func (h *sentPacketHandler) HasPacingBudget() bool {
+ return h.congestion.HasPacingBudget()
+}
+
+func (h *sentPacketHandler) SetMaxDatagramSize(s protocol.ByteCount) {
+ h.congestion.SetMaxDatagramSize(s)
+}
+
+func (h *sentPacketHandler) isAmplificationLimited() bool {
+ if h.peerAddressValidated {
+ return false
+ }
+ return h.bytesSent >= amplificationFactor*h.bytesReceived
+}
+
+func (h *sentPacketHandler) QueueProbePacket(encLevel protocol.EncryptionLevel) bool {
+ pnSpace := h.getPacketNumberSpace(encLevel)
+ p := pnSpace.history.FirstOutstanding()
+ if p == nil {
+ return false
+ }
+ h.queueFramesForRetransmission(p)
+ // TODO: don't declare the packet lost here.
+ // Keep track of acknowledged frames instead.
+ h.removeFromBytesInFlight(p)
+ p.declaredLost = true
+ return true
+}
+
+func (h *sentPacketHandler) queueFramesForRetransmission(p *Packet) {
+ if len(p.Frames) == 0 {
+ panic("no frames")
+ }
+ for _, f := range p.Frames {
+ f.OnLost(f.Frame)
+ }
+ p.Frames = nil
+}
+
+func (h *sentPacketHandler) ResetForRetry() error {
+ h.bytesInFlight = 0
+ var firstPacketSendTime time.Time
+ h.initialPackets.history.Iterate(func(p *Packet) (bool, error) {
+ if firstPacketSendTime.IsZero() {
+ firstPacketSendTime = p.SendTime
+ }
+ if p.declaredLost || p.skippedPacket {
+ return true, nil
+ }
+ h.queueFramesForRetransmission(p)
+ return true, nil
+ })
+ // All application data packets sent at this point are 0-RTT packets.
+ // In the case of a Retry, we can assume that the server dropped all of them.
+ h.appDataPackets.history.Iterate(func(p *Packet) (bool, error) {
+ if !p.declaredLost && !p.skippedPacket {
+ h.queueFramesForRetransmission(p)
+ }
+ return true, nil
+ })
+
+ // Only use the Retry to estimate the RTT if we didn't send any retransmission for the Initial.
+ // Otherwise, we don't know which Initial the Retry was sent in response to.
+ if h.ptoCount == 0 {
+ // Don't set the RTT to a value lower than 5ms here.
+ now := time.Now()
+ h.rttStats.UpdateRTT(utils.MaxDuration(minRTTAfterRetry, now.Sub(firstPacketSendTime)), 0, now)
+ if h.logger.Debug() {
+ h.logger.Debugf("\tupdated RTT: %s (σ: %s)", h.rttStats.SmoothedRTT(), h.rttStats.MeanDeviation())
+ }
+ if h.tracer != nil {
+ h.tracer.UpdatedMetrics(h.rttStats, h.congestion.GetCongestionWindow(), h.bytesInFlight, h.packetsInFlight())
+ }
+ }
+ h.initialPackets = newPacketNumberSpace(h.initialPackets.pns.Pop(), false, h.rttStats)
+ h.appDataPackets = newPacketNumberSpace(h.appDataPackets.pns.Pop(), true, h.rttStats)
+ oldAlarm := h.alarm
+ h.alarm = time.Time{}
+ if h.tracer != nil {
+ h.tracer.UpdatedPTOCount(0)
+ if !oldAlarm.IsZero() {
+ h.tracer.LossTimerCanceled()
+ }
+ }
+ h.ptoCount = 0
+ return nil
+}
+
+func (h *sentPacketHandler) SetHandshakeConfirmed() {
+ h.handshakeConfirmed = true
+ // We don't send PTOs for application data packets before the handshake completes.
+ // Make sure the timer is armed now, if necessary.
+ h.setLossDetectionTimer()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_history.go b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_history.go
new file mode 100644
index 00000000..36489367
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/ackhandler/sent_packet_history.go
@@ -0,0 +1,108 @@
+package ackhandler
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type sentPacketHistory struct {
+ rttStats *utils.RTTStats
+ packetList *PacketList
+ packetMap map[protocol.PacketNumber]*PacketElement
+ highestSent protocol.PacketNumber
+}
+
+func newSentPacketHistory(rttStats *utils.RTTStats) *sentPacketHistory {
+ return &sentPacketHistory{
+ rttStats: rttStats,
+ packetList: NewPacketList(),
+ packetMap: make(map[protocol.PacketNumber]*PacketElement),
+ highestSent: protocol.InvalidPacketNumber,
+ }
+}
+
+func (h *sentPacketHistory) SentPacket(p *Packet, isAckEliciting bool) {
+ if p.PacketNumber <= h.highestSent {
+ panic("non-sequential packet number use")
+ }
+ // Skipped packet numbers.
+ for pn := h.highestSent + 1; pn < p.PacketNumber; pn++ {
+ el := h.packetList.PushBack(Packet{
+ PacketNumber: pn,
+ EncryptionLevel: p.EncryptionLevel,
+ SendTime: p.SendTime,
+ skippedPacket: true,
+ })
+ h.packetMap[pn] = el
+ }
+ h.highestSent = p.PacketNumber
+
+ if isAckEliciting {
+ el := h.packetList.PushBack(*p)
+ h.packetMap[p.PacketNumber] = el
+ }
+}
+
+// Iterate iterates through all packets.
+func (h *sentPacketHistory) Iterate(cb func(*Packet) (cont bool, err error)) error {
+ cont := true
+ var next *PacketElement
+ for el := h.packetList.Front(); cont && el != nil; el = next {
+ var err error
+ next = el.Next()
+ cont, err = cb(&el.Value)
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+// FirstOutStanding returns the first outstanding packet.
+func (h *sentPacketHistory) FirstOutstanding() *Packet {
+ for el := h.packetList.Front(); el != nil; el = el.Next() {
+ p := &el.Value
+ if !p.declaredLost && !p.skippedPacket && !p.IsPathMTUProbePacket {
+ return p
+ }
+ }
+ return nil
+}
+
+func (h *sentPacketHistory) Len() int {
+ return len(h.packetMap)
+}
+
+func (h *sentPacketHistory) Remove(p protocol.PacketNumber) error {
+ el, ok := h.packetMap[p]
+ if !ok {
+ return fmt.Errorf("packet %d not found in sent packet history", p)
+ }
+ h.packetList.Remove(el)
+ delete(h.packetMap, p)
+ return nil
+}
+
+func (h *sentPacketHistory) HasOutstandingPackets() bool {
+ return h.FirstOutstanding() != nil
+}
+
+func (h *sentPacketHistory) DeleteOldPackets(now time.Time) {
+ maxAge := 3 * h.rttStats.PTO(false)
+ var nextEl *PacketElement
+ for el := h.packetList.Front(); el != nil; el = nextEl {
+ nextEl = el.Next()
+ p := el.Value
+ if p.SendTime.After(now.Add(-maxAge)) {
+ break
+ }
+ if !p.skippedPacket && !p.declaredLost { // should only happen in the case of drastic RTT changes
+ continue
+ }
+ delete(h.packetMap, p.PacketNumber)
+ h.packetList.Remove(el)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/bandwidth.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/bandwidth.go
new file mode 100644
index 00000000..96b1c5aa
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/bandwidth.go
@@ -0,0 +1,25 @@
+package congestion
+
+import (
+ "math"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// Bandwidth of a connection
+type Bandwidth uint64
+
+const infBandwidth Bandwidth = math.MaxUint64
+
+const (
+ // BitsPerSecond is 1 bit per second
+ BitsPerSecond Bandwidth = 1
+ // BytesPerSecond is 1 byte per second
+ BytesPerSecond = 8 * BitsPerSecond
+)
+
+// BandwidthFromDelta calculates the bandwidth from a number of bytes and a time delta
+func BandwidthFromDelta(bytes protocol.ByteCount, delta time.Duration) Bandwidth {
+ return Bandwidth(bytes) * Bandwidth(time.Second) / Bandwidth(delta) * BytesPerSecond
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/clock.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/clock.go
new file mode 100644
index 00000000..405fae70
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/clock.go
@@ -0,0 +1,18 @@
+package congestion
+
+import "time"
+
+// A Clock returns the current time
+type Clock interface {
+ Now() time.Time
+}
+
+// DefaultClock implements the Clock interface using the Go stdlib clock.
+type DefaultClock struct{}
+
+var _ Clock = DefaultClock{}
+
+// Now gets the current time
+func (DefaultClock) Now() time.Time {
+ return time.Now()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic.go
new file mode 100644
index 00000000..beadd627
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic.go
@@ -0,0 +1,214 @@
+package congestion
+
+import (
+ "math"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+// This cubic implementation is based on the one found in Chromiums's QUIC
+// implementation, in the files net/quic/congestion_control/cubic.{hh,cc}.
+
+// Constants based on TCP defaults.
+// The following constants are in 2^10 fractions of a second instead of ms to
+// allow a 10 shift right to divide.
+
+// 1024*1024^3 (first 1024 is from 0.100^3)
+// where 0.100 is 100 ms which is the scaling round trip time.
+const (
+ cubeScale = 40
+ cubeCongestionWindowScale = 410
+ cubeFactor protocol.ByteCount = 1 << cubeScale / cubeCongestionWindowScale / maxDatagramSize
+ // TODO: when re-enabling cubic, make sure to use the actual packet size here
+ maxDatagramSize = protocol.ByteCount(protocol.InitialPacketSizeIPv4)
+)
+
+const defaultNumConnections = 1
+
+// Default Cubic backoff factor
+const beta float32 = 0.7
+
+// Additional backoff factor when loss occurs in the concave part of the Cubic
+// curve. This additional backoff factor is expected to give up bandwidth to
+// new concurrent flows and speed up convergence.
+const betaLastMax float32 = 0.85
+
+// Cubic implements the cubic algorithm from TCP
+type Cubic struct {
+ clock Clock
+
+ // Number of connections to simulate.
+ numConnections int
+
+ // Time when this cycle started, after last loss event.
+ epoch time.Time
+
+ // Max congestion window used just before last loss event.
+ // Note: to improve fairness to other streams an additional back off is
+ // applied to this value if the new value is below our latest value.
+ lastMaxCongestionWindow protocol.ByteCount
+
+ // Number of acked bytes since the cycle started (epoch).
+ ackedBytesCount protocol.ByteCount
+
+ // TCP Reno equivalent congestion window in packets.
+ estimatedTCPcongestionWindow protocol.ByteCount
+
+ // Origin point of cubic function.
+ originPointCongestionWindow protocol.ByteCount
+
+ // Time to origin point of cubic function in 2^10 fractions of a second.
+ timeToOriginPoint uint32
+
+ // Last congestion window in packets computed by cubic function.
+ lastTargetCongestionWindow protocol.ByteCount
+}
+
+// NewCubic returns a new Cubic instance
+func NewCubic(clock Clock) *Cubic {
+ c := &Cubic{
+ clock: clock,
+ numConnections: defaultNumConnections,
+ }
+ c.Reset()
+ return c
+}
+
+// Reset is called after a timeout to reset the cubic state
+func (c *Cubic) Reset() {
+ c.epoch = time.Time{}
+ c.lastMaxCongestionWindow = 0
+ c.ackedBytesCount = 0
+ c.estimatedTCPcongestionWindow = 0
+ c.originPointCongestionWindow = 0
+ c.timeToOriginPoint = 0
+ c.lastTargetCongestionWindow = 0
+}
+
+func (c *Cubic) alpha() float32 {
+ // TCPFriendly alpha is described in Section 3.3 of the CUBIC paper. Note that
+ // beta here is a cwnd multiplier, and is equal to 1-beta from the paper.
+ // We derive the equivalent alpha for an N-connection emulation as:
+ b := c.beta()
+ return 3 * float32(c.numConnections) * float32(c.numConnections) * (1 - b) / (1 + b)
+}
+
+func (c *Cubic) beta() float32 {
+ // kNConnectionBeta is the backoff factor after loss for our N-connection
+ // emulation, which emulates the effective backoff of an ensemble of N
+ // TCP-Reno connections on a single loss event. The effective multiplier is
+ // computed as:
+ return (float32(c.numConnections) - 1 + beta) / float32(c.numConnections)
+}
+
+func (c *Cubic) betaLastMax() float32 {
+ // betaLastMax is the additional backoff factor after loss for our
+ // N-connection emulation, which emulates the additional backoff of
+ // an ensemble of N TCP-Reno connections on a single loss event. The
+ // effective multiplier is computed as:
+ return (float32(c.numConnections) - 1 + betaLastMax) / float32(c.numConnections)
+}
+
+// OnApplicationLimited is called on ack arrival when sender is unable to use
+// the available congestion window. Resets Cubic state during quiescence.
+func (c *Cubic) OnApplicationLimited() {
+ // When sender is not using the available congestion window, the window does
+ // not grow. But to be RTT-independent, Cubic assumes that the sender has been
+ // using the entire window during the time since the beginning of the current
+ // "epoch" (the end of the last loss recovery period). Since
+ // application-limited periods break this assumption, we reset the epoch when
+ // in such a period. This reset effectively freezes congestion window growth
+ // through application-limited periods and allows Cubic growth to continue
+ // when the entire window is being used.
+ c.epoch = time.Time{}
+}
+
+// CongestionWindowAfterPacketLoss computes a new congestion window to use after
+// a loss event. Returns the new congestion window in packets. The new
+// congestion window is a multiplicative decrease of our current window.
+func (c *Cubic) CongestionWindowAfterPacketLoss(currentCongestionWindow protocol.ByteCount) protocol.ByteCount {
+ if currentCongestionWindow+maxDatagramSize < c.lastMaxCongestionWindow {
+ // We never reached the old max, so assume we are competing with another
+ // flow. Use our extra back off factor to allow the other flow to go up.
+ c.lastMaxCongestionWindow = protocol.ByteCount(c.betaLastMax() * float32(currentCongestionWindow))
+ } else {
+ c.lastMaxCongestionWindow = currentCongestionWindow
+ }
+ c.epoch = time.Time{} // Reset time.
+ return protocol.ByteCount(float32(currentCongestionWindow) * c.beta())
+}
+
+// CongestionWindowAfterAck computes a new congestion window to use after a received ACK.
+// Returns the new congestion window in packets. The new congestion window
+// follows a cubic function that depends on the time passed since last
+// packet loss.
+func (c *Cubic) CongestionWindowAfterAck(
+ ackedBytes protocol.ByteCount,
+ currentCongestionWindow protocol.ByteCount,
+ delayMin time.Duration,
+ eventTime time.Time,
+) protocol.ByteCount {
+ c.ackedBytesCount += ackedBytes
+
+ if c.epoch.IsZero() {
+ // First ACK after a loss event.
+ c.epoch = eventTime // Start of epoch.
+ c.ackedBytesCount = ackedBytes // Reset count.
+ // Reset estimated_tcp_congestion_window_ to be in sync with cubic.
+ c.estimatedTCPcongestionWindow = currentCongestionWindow
+ if c.lastMaxCongestionWindow <= currentCongestionWindow {
+ c.timeToOriginPoint = 0
+ c.originPointCongestionWindow = currentCongestionWindow
+ } else {
+ c.timeToOriginPoint = uint32(math.Cbrt(float64(cubeFactor * (c.lastMaxCongestionWindow - currentCongestionWindow))))
+ c.originPointCongestionWindow = c.lastMaxCongestionWindow
+ }
+ }
+
+ // Change the time unit from microseconds to 2^10 fractions per second. Take
+ // the round trip time in account. This is done to allow us to use shift as a
+ // divide operator.
+ elapsedTime := int64(eventTime.Add(delayMin).Sub(c.epoch)/time.Microsecond) << 10 / (1000 * 1000)
+
+ // Right-shifts of negative, signed numbers have implementation-dependent
+ // behavior, so force the offset to be positive, as is done in the kernel.
+ offset := int64(c.timeToOriginPoint) - elapsedTime
+ if offset < 0 {
+ offset = -offset
+ }
+
+ deltaCongestionWindow := protocol.ByteCount(cubeCongestionWindowScale*offset*offset*offset) * maxDatagramSize >> cubeScale
+ var targetCongestionWindow protocol.ByteCount
+ if elapsedTime > int64(c.timeToOriginPoint) {
+ targetCongestionWindow = c.originPointCongestionWindow + deltaCongestionWindow
+ } else {
+ targetCongestionWindow = c.originPointCongestionWindow - deltaCongestionWindow
+ }
+ // Limit the CWND increase to half the acked bytes.
+ targetCongestionWindow = utils.MinByteCount(targetCongestionWindow, currentCongestionWindow+c.ackedBytesCount/2)
+
+ // Increase the window by approximately Alpha * 1 MSS of bytes every
+ // time we ack an estimated tcp window of bytes. For small
+ // congestion windows (less than 25), the formula below will
+ // increase slightly slower than linearly per estimated tcp window
+ // of bytes.
+ c.estimatedTCPcongestionWindow += protocol.ByteCount(float32(c.ackedBytesCount) * c.alpha() * float32(maxDatagramSize) / float32(c.estimatedTCPcongestionWindow))
+ c.ackedBytesCount = 0
+
+ // We have a new cubic congestion window.
+ c.lastTargetCongestionWindow = targetCongestionWindow
+
+ // Compute target congestion_window based on cubic target and estimated TCP
+ // congestion_window, use highest (fastest).
+ if targetCongestionWindow < c.estimatedTCPcongestionWindow {
+ targetCongestionWindow = c.estimatedTCPcongestionWindow
+ }
+ return targetCongestionWindow
+}
+
+// SetNumConnections sets the number of emulated connections
+func (c *Cubic) SetNumConnections(n int) {
+ c.numConnections = n
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic_sender.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic_sender.go
new file mode 100644
index 00000000..c2cdc61b
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/cubic_sender.go
@@ -0,0 +1,316 @@
+package congestion
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+const (
+ // maxDatagramSize is the default maximum packet size used in the Linux TCP implementation.
+ // Used in QUIC for congestion window computations in bytes.
+ initialMaxDatagramSize = protocol.ByteCount(protocol.InitialPacketSizeIPv4)
+ maxBurstPackets = 3
+ renoBeta = 0.7 // Reno backoff factor.
+ minCongestionWindowPackets = 2
+ initialCongestionWindow = 32
+)
+
+type cubicSender struct {
+ hybridSlowStart HybridSlowStart
+ rttStats *utils.RTTStats
+ cubic *Cubic
+ pacer *pacer
+ clock Clock
+
+ reno bool
+
+ // Track the largest packet that has been sent.
+ largestSentPacketNumber protocol.PacketNumber
+
+ // Track the largest packet that has been acked.
+ largestAckedPacketNumber protocol.PacketNumber
+
+ // Track the largest packet number outstanding when a CWND cutback occurs.
+ largestSentAtLastCutback protocol.PacketNumber
+
+ // Whether the last loss event caused us to exit slowstart.
+ // Used for stats collection of slowstartPacketsLost
+ lastCutbackExitedSlowstart bool
+
+ // Congestion window in packets.
+ congestionWindow protocol.ByteCount
+
+ // Slow start congestion window in bytes, aka ssthresh.
+ slowStartThreshold protocol.ByteCount
+
+ // ACK counter for the Reno implementation.
+ numAckedPackets uint64
+
+ initialCongestionWindow protocol.ByteCount
+ initialMaxCongestionWindow protocol.ByteCount
+
+ maxDatagramSize protocol.ByteCount
+
+ lastState logging.CongestionState
+ tracer logging.ConnectionTracer
+}
+
+var (
+ _ SendAlgorithm = &cubicSender{}
+ _ SendAlgorithmWithDebugInfos = &cubicSender{}
+)
+
+// NewCubicSender makes a new cubic sender
+func NewCubicSender(
+ clock Clock,
+ rttStats *utils.RTTStats,
+ initialMaxDatagramSize protocol.ByteCount,
+ reno bool,
+ tracer logging.ConnectionTracer,
+) *cubicSender {
+ return newCubicSender(
+ clock,
+ rttStats,
+ reno,
+ initialMaxDatagramSize,
+ initialCongestionWindow*initialMaxDatagramSize,
+ protocol.MaxCongestionWindowPackets*initialMaxDatagramSize,
+ tracer,
+ )
+}
+
+func newCubicSender(
+ clock Clock,
+ rttStats *utils.RTTStats,
+ reno bool,
+ initialMaxDatagramSize,
+ initialCongestionWindow,
+ initialMaxCongestionWindow protocol.ByteCount,
+ tracer logging.ConnectionTracer,
+) *cubicSender {
+ c := &cubicSender{
+ rttStats: rttStats,
+ largestSentPacketNumber: protocol.InvalidPacketNumber,
+ largestAckedPacketNumber: protocol.InvalidPacketNumber,
+ largestSentAtLastCutback: protocol.InvalidPacketNumber,
+ initialCongestionWindow: initialCongestionWindow,
+ initialMaxCongestionWindow: initialMaxCongestionWindow,
+ congestionWindow: initialCongestionWindow,
+ slowStartThreshold: protocol.MaxByteCount,
+ cubic: NewCubic(clock),
+ clock: clock,
+ reno: reno,
+ tracer: tracer,
+ maxDatagramSize: initialMaxDatagramSize,
+ }
+ c.pacer = newPacer(c.BandwidthEstimate)
+ if c.tracer != nil {
+ c.lastState = logging.CongestionStateSlowStart
+ c.tracer.UpdatedCongestionState(logging.CongestionStateSlowStart)
+ }
+ return c
+}
+
+// TimeUntilSend returns when the next packet should be sent.
+func (c *cubicSender) TimeUntilSend(_ protocol.ByteCount) time.Time {
+ return c.pacer.TimeUntilSend()
+}
+
+func (c *cubicSender) HasPacingBudget() bool {
+ return c.pacer.Budget(c.clock.Now()) >= c.maxDatagramSize
+}
+
+func (c *cubicSender) maxCongestionWindow() protocol.ByteCount {
+ return c.maxDatagramSize * protocol.MaxCongestionWindowPackets
+}
+
+func (c *cubicSender) minCongestionWindow() protocol.ByteCount {
+ return c.maxDatagramSize * minCongestionWindowPackets
+}
+
+func (c *cubicSender) OnPacketSent(
+ sentTime time.Time,
+ _ protocol.ByteCount,
+ packetNumber protocol.PacketNumber,
+ bytes protocol.ByteCount,
+ isRetransmittable bool,
+) {
+ c.pacer.SentPacket(sentTime, bytes)
+ if !isRetransmittable {
+ return
+ }
+ c.largestSentPacketNumber = packetNumber
+ c.hybridSlowStart.OnPacketSent(packetNumber)
+}
+
+func (c *cubicSender) CanSend(bytesInFlight protocol.ByteCount) bool {
+ return bytesInFlight < c.GetCongestionWindow()
+}
+
+func (c *cubicSender) InRecovery() bool {
+ return c.largestAckedPacketNumber != protocol.InvalidPacketNumber && c.largestAckedPacketNumber <= c.largestSentAtLastCutback
+}
+
+func (c *cubicSender) InSlowStart() bool {
+ return c.GetCongestionWindow() < c.slowStartThreshold
+}
+
+func (c *cubicSender) GetCongestionWindow() protocol.ByteCount {
+ return c.congestionWindow
+}
+
+func (c *cubicSender) MaybeExitSlowStart() {
+ if c.InSlowStart() &&
+ c.hybridSlowStart.ShouldExitSlowStart(c.rttStats.LatestRTT(), c.rttStats.MinRTT(), c.GetCongestionWindow()/c.maxDatagramSize) {
+ // exit slow start
+ c.slowStartThreshold = c.congestionWindow
+ c.maybeTraceStateChange(logging.CongestionStateCongestionAvoidance)
+ }
+}
+
+func (c *cubicSender) OnPacketAcked(
+ ackedPacketNumber protocol.PacketNumber,
+ ackedBytes protocol.ByteCount,
+ priorInFlight protocol.ByteCount,
+ eventTime time.Time,
+) {
+ c.largestAckedPacketNumber = utils.MaxPacketNumber(ackedPacketNumber, c.largestAckedPacketNumber)
+ if c.InRecovery() {
+ return
+ }
+ c.maybeIncreaseCwnd(ackedPacketNumber, ackedBytes, priorInFlight, eventTime)
+ if c.InSlowStart() {
+ c.hybridSlowStart.OnPacketAcked(ackedPacketNumber)
+ }
+}
+
+func (c *cubicSender) OnPacketLost(packetNumber protocol.PacketNumber, lostBytes, priorInFlight protocol.ByteCount) {
+ // TCP NewReno (RFC6582) says that once a loss occurs, any losses in packets
+ // already sent should be treated as a single loss event, since it's expected.
+ if packetNumber <= c.largestSentAtLastCutback {
+ return
+ }
+ c.lastCutbackExitedSlowstart = c.InSlowStart()
+ c.maybeTraceStateChange(logging.CongestionStateRecovery)
+
+ if c.reno {
+ c.congestionWindow = protocol.ByteCount(float64(c.congestionWindow) * renoBeta)
+ } else {
+ c.congestionWindow = c.cubic.CongestionWindowAfterPacketLoss(c.congestionWindow)
+ }
+ if minCwnd := c.minCongestionWindow(); c.congestionWindow < minCwnd {
+ c.congestionWindow = minCwnd
+ }
+ c.slowStartThreshold = c.congestionWindow
+ c.largestSentAtLastCutback = c.largestSentPacketNumber
+ // reset packet count from congestion avoidance mode. We start
+ // counting again when we're out of recovery.
+ c.numAckedPackets = 0
+}
+
+// Called when we receive an ack. Normal TCP tracks how many packets one ack
+// represents, but quic has a separate ack for each packet.
+func (c *cubicSender) maybeIncreaseCwnd(
+ _ protocol.PacketNumber,
+ ackedBytes protocol.ByteCount,
+ priorInFlight protocol.ByteCount,
+ eventTime time.Time,
+) {
+ // Do not increase the congestion window unless the sender is close to using
+ // the current window.
+ if !c.isCwndLimited(priorInFlight) {
+ c.cubic.OnApplicationLimited()
+ c.maybeTraceStateChange(logging.CongestionStateApplicationLimited)
+ return
+ }
+ if c.congestionWindow >= c.maxCongestionWindow() {
+ return
+ }
+ if c.InSlowStart() {
+ // TCP slow start, exponential growth, increase by one for each ACK.
+ c.congestionWindow += c.maxDatagramSize
+ c.maybeTraceStateChange(logging.CongestionStateSlowStart)
+ return
+ }
+ // Congestion avoidance
+ c.maybeTraceStateChange(logging.CongestionStateCongestionAvoidance)
+ if c.reno {
+ // Classic Reno congestion avoidance.
+ c.numAckedPackets++
+ if c.numAckedPackets >= uint64(c.congestionWindow/c.maxDatagramSize) {
+ c.congestionWindow += c.maxDatagramSize
+ c.numAckedPackets = 0
+ }
+ } else {
+ c.congestionWindow = utils.MinByteCount(c.maxCongestionWindow(), c.cubic.CongestionWindowAfterAck(ackedBytes, c.congestionWindow, c.rttStats.MinRTT(), eventTime))
+ }
+}
+
+func (c *cubicSender) isCwndLimited(bytesInFlight protocol.ByteCount) bool {
+ congestionWindow := c.GetCongestionWindow()
+ if bytesInFlight >= congestionWindow {
+ return true
+ }
+ availableBytes := congestionWindow - bytesInFlight
+ slowStartLimited := c.InSlowStart() && bytesInFlight > congestionWindow/2
+ return slowStartLimited || availableBytes <= maxBurstPackets*c.maxDatagramSize
+}
+
+// BandwidthEstimate returns the current bandwidth estimate
+func (c *cubicSender) BandwidthEstimate() Bandwidth {
+ srtt := c.rttStats.SmoothedRTT()
+ if srtt == 0 {
+ // If we haven't measured an rtt, the bandwidth estimate is unknown.
+ return infBandwidth
+ }
+ return BandwidthFromDelta(c.GetCongestionWindow(), srtt)
+}
+
+// OnRetransmissionTimeout is called on an retransmission timeout
+func (c *cubicSender) OnRetransmissionTimeout(packetsRetransmitted bool) {
+ c.largestSentAtLastCutback = protocol.InvalidPacketNumber
+ if !packetsRetransmitted {
+ return
+ }
+ c.hybridSlowStart.Restart()
+ c.cubic.Reset()
+ c.slowStartThreshold = c.congestionWindow / 2
+ c.congestionWindow = c.minCongestionWindow()
+}
+
+// OnConnectionMigration is called when the connection is migrated (?)
+func (c *cubicSender) OnConnectionMigration() {
+ c.hybridSlowStart.Restart()
+ c.largestSentPacketNumber = protocol.InvalidPacketNumber
+ c.largestAckedPacketNumber = protocol.InvalidPacketNumber
+ c.largestSentAtLastCutback = protocol.InvalidPacketNumber
+ c.lastCutbackExitedSlowstart = false
+ c.cubic.Reset()
+ c.numAckedPackets = 0
+ c.congestionWindow = c.initialCongestionWindow
+ c.slowStartThreshold = c.initialMaxCongestionWindow
+}
+
+func (c *cubicSender) maybeTraceStateChange(new logging.CongestionState) {
+ if c.tracer == nil || new == c.lastState {
+ return
+ }
+ c.tracer.UpdatedCongestionState(new)
+ c.lastState = new
+}
+
+func (c *cubicSender) SetMaxDatagramSize(s protocol.ByteCount) {
+ if s < c.maxDatagramSize {
+ panic(fmt.Sprintf("congestion BUG: decreased max datagram size from %d to %d", c.maxDatagramSize, s))
+ }
+ cwndIsMinCwnd := c.congestionWindow == c.minCongestionWindow()
+ c.maxDatagramSize = s
+ if cwndIsMinCwnd {
+ c.congestionWindow = c.minCongestionWindow()
+ }
+ c.pacer.SetMaxDatagramSize(s)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/hybrid_slow_start.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/hybrid_slow_start.go
new file mode 100644
index 00000000..b5ae3d5e
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/hybrid_slow_start.go
@@ -0,0 +1,113 @@
+package congestion
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+// Note(pwestin): the magic clamping numbers come from the original code in
+// tcp_cubic.c.
+const hybridStartLowWindow = protocol.ByteCount(16)
+
+// Number of delay samples for detecting the increase of delay.
+const hybridStartMinSamples = uint32(8)
+
+// Exit slow start if the min rtt has increased by more than 1/8th.
+const hybridStartDelayFactorExp = 3 // 2^3 = 8
+// The original paper specifies 2 and 8ms, but those have changed over time.
+const (
+ hybridStartDelayMinThresholdUs = int64(4000)
+ hybridStartDelayMaxThresholdUs = int64(16000)
+)
+
+// HybridSlowStart implements the TCP hybrid slow start algorithm
+type HybridSlowStart struct {
+ endPacketNumber protocol.PacketNumber
+ lastSentPacketNumber protocol.PacketNumber
+ started bool
+ currentMinRTT time.Duration
+ rttSampleCount uint32
+ hystartFound bool
+}
+
+// StartReceiveRound is called for the start of each receive round (burst) in the slow start phase.
+func (s *HybridSlowStart) StartReceiveRound(lastSent protocol.PacketNumber) {
+ s.endPacketNumber = lastSent
+ s.currentMinRTT = 0
+ s.rttSampleCount = 0
+ s.started = true
+}
+
+// IsEndOfRound returns true if this ack is the last packet number of our current slow start round.
+func (s *HybridSlowStart) IsEndOfRound(ack protocol.PacketNumber) bool {
+ return s.endPacketNumber < ack
+}
+
+// ShouldExitSlowStart should be called on every new ack frame, since a new
+// RTT measurement can be made then.
+// rtt: the RTT for this ack packet.
+// minRTT: is the lowest delay (RTT) we have seen during the session.
+// congestionWindow: the congestion window in packets.
+func (s *HybridSlowStart) ShouldExitSlowStart(latestRTT time.Duration, minRTT time.Duration, congestionWindow protocol.ByteCount) bool {
+ if !s.started {
+ // Time to start the hybrid slow start.
+ s.StartReceiveRound(s.lastSentPacketNumber)
+ }
+ if s.hystartFound {
+ return true
+ }
+ // Second detection parameter - delay increase detection.
+ // Compare the minimum delay (s.currentMinRTT) of the current
+ // burst of packets relative to the minimum delay during the session.
+ // Note: we only look at the first few(8) packets in each burst, since we
+ // only want to compare the lowest RTT of the burst relative to previous
+ // bursts.
+ s.rttSampleCount++
+ if s.rttSampleCount <= hybridStartMinSamples {
+ if s.currentMinRTT == 0 || s.currentMinRTT > latestRTT {
+ s.currentMinRTT = latestRTT
+ }
+ }
+ // We only need to check this once per round.
+ if s.rttSampleCount == hybridStartMinSamples {
+ // Divide minRTT by 8 to get a rtt increase threshold for exiting.
+ minRTTincreaseThresholdUs := int64(minRTT / time.Microsecond >> hybridStartDelayFactorExp)
+ // Ensure the rtt threshold is never less than 2ms or more than 16ms.
+ minRTTincreaseThresholdUs = utils.MinInt64(minRTTincreaseThresholdUs, hybridStartDelayMaxThresholdUs)
+ minRTTincreaseThreshold := time.Duration(utils.MaxInt64(minRTTincreaseThresholdUs, hybridStartDelayMinThresholdUs)) * time.Microsecond
+
+ if s.currentMinRTT > (minRTT + minRTTincreaseThreshold) {
+ s.hystartFound = true
+ }
+ }
+ // Exit from slow start if the cwnd is greater than 16 and
+ // increasing delay is found.
+ return congestionWindow >= hybridStartLowWindow && s.hystartFound
+}
+
+// OnPacketSent is called when a packet was sent
+func (s *HybridSlowStart) OnPacketSent(packetNumber protocol.PacketNumber) {
+ s.lastSentPacketNumber = packetNumber
+}
+
+// OnPacketAcked gets invoked after ShouldExitSlowStart, so it's best to end
+// the round when the final packet of the burst is received and start it on
+// the next incoming ack.
+func (s *HybridSlowStart) OnPacketAcked(ackedPacketNumber protocol.PacketNumber) {
+ if s.IsEndOfRound(ackedPacketNumber) {
+ s.started = false
+ }
+}
+
+// Started returns true if started
+func (s *HybridSlowStart) Started() bool {
+ return s.started
+}
+
+// Restart the slow start phase
+func (s *HybridSlowStart) Restart() {
+ s.started = false
+ s.hystartFound = false
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/interface.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/interface.go
new file mode 100644
index 00000000..5157383f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/interface.go
@@ -0,0 +1,28 @@
+package congestion
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A SendAlgorithm performs congestion control
+type SendAlgorithm interface {
+ TimeUntilSend(bytesInFlight protocol.ByteCount) time.Time
+ HasPacingBudget() bool
+ OnPacketSent(sentTime time.Time, bytesInFlight protocol.ByteCount, packetNumber protocol.PacketNumber, bytes protocol.ByteCount, isRetransmittable bool)
+ CanSend(bytesInFlight protocol.ByteCount) bool
+ MaybeExitSlowStart()
+ OnPacketAcked(number protocol.PacketNumber, ackedBytes protocol.ByteCount, priorInFlight protocol.ByteCount, eventTime time.Time)
+ OnPacketLost(number protocol.PacketNumber, lostBytes protocol.ByteCount, priorInFlight protocol.ByteCount)
+ OnRetransmissionTimeout(packetsRetransmitted bool)
+ SetMaxDatagramSize(protocol.ByteCount)
+}
+
+// A SendAlgorithmWithDebugInfos is a SendAlgorithm that exposes some debug infos
+type SendAlgorithmWithDebugInfos interface {
+ SendAlgorithm
+ InSlowStart() bool
+ InRecovery() bool
+ GetCongestionWindow() protocol.ByteCount
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/congestion/pacer.go b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/pacer.go
new file mode 100644
index 00000000..7ec4d8f5
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/congestion/pacer.go
@@ -0,0 +1,77 @@
+package congestion
+
+import (
+ "math"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+const maxBurstSizePackets = 10
+
+// The pacer implements a token bucket pacing algorithm.
+type pacer struct {
+ budgetAtLastSent protocol.ByteCount
+ maxDatagramSize protocol.ByteCount
+ lastSentTime time.Time
+ getAdjustedBandwidth func() uint64 // in bytes/s
+}
+
+func newPacer(getBandwidth func() Bandwidth) *pacer {
+ p := &pacer{
+ maxDatagramSize: initialMaxDatagramSize,
+ getAdjustedBandwidth: func() uint64 {
+ // Bandwidth is in bits/s. We need the value in bytes/s.
+ bw := uint64(getBandwidth() / BytesPerSecond)
+ // Use a slightly higher value than the actual measured bandwidth.
+ // RTT variations then won't result in under-utilization of the congestion window.
+ // Ultimately, this will result in sending packets as acknowledgments are received rather than when timers fire,
+ // provided the congestion window is fully utilized and acknowledgments arrive at regular intervals.
+ return bw * 5 / 4
+ },
+ }
+ p.budgetAtLastSent = p.maxBurstSize()
+ return p
+}
+
+func (p *pacer) SentPacket(sendTime time.Time, size protocol.ByteCount) {
+ budget := p.Budget(sendTime)
+ if size > budget {
+ p.budgetAtLastSent = 0
+ } else {
+ p.budgetAtLastSent = budget - size
+ }
+ p.lastSentTime = sendTime
+}
+
+func (p *pacer) Budget(now time.Time) protocol.ByteCount {
+ if p.lastSentTime.IsZero() {
+ return p.maxBurstSize()
+ }
+ budget := p.budgetAtLastSent + (protocol.ByteCount(p.getAdjustedBandwidth())*protocol.ByteCount(now.Sub(p.lastSentTime).Nanoseconds()))/1e9
+ return utils.MinByteCount(p.maxBurstSize(), budget)
+}
+
+func (p *pacer) maxBurstSize() protocol.ByteCount {
+ return utils.MaxByteCount(
+ protocol.ByteCount(uint64((protocol.MinPacingDelay+protocol.TimerGranularity).Nanoseconds())*p.getAdjustedBandwidth())/1e9,
+ maxBurstSizePackets*p.maxDatagramSize,
+ )
+}
+
+// TimeUntilSend returns when the next packet should be sent.
+// It returns the zero value of time.Time if a packet can be sent immediately.
+func (p *pacer) TimeUntilSend() time.Time {
+ if p.budgetAtLastSent >= p.maxDatagramSize {
+ return time.Time{}
+ }
+ return p.lastSentTime.Add(utils.MaxDuration(
+ protocol.MinPacingDelay,
+ time.Duration(math.Ceil(float64(p.maxDatagramSize-p.budgetAtLastSent)*1e9/float64(p.getAdjustedBandwidth())))*time.Nanosecond,
+ ))
+}
+
+func (p *pacer) SetMaxDatagramSize(s protocol.ByteCount) {
+ p.maxDatagramSize = s
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/base_flow_controller.go b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/base_flow_controller.go
new file mode 100644
index 00000000..da6a7125
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/base_flow_controller.go
@@ -0,0 +1,120 @@
+package flowcontrol
+
+import (
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type baseFlowController struct {
+ // for sending data
+ bytesSent protocol.ByteCount
+ sendWindow protocol.ByteCount
+ lastBlockedAt protocol.ByteCount
+
+ // for receiving data
+ //nolint:structcheck // The mutex is used both by the stream and the connection flow controller
+ mutex sync.Mutex
+ bytesRead protocol.ByteCount
+ highestReceived protocol.ByteCount
+ receiveWindow protocol.ByteCount
+ receiveWindowSize protocol.ByteCount
+ maxReceiveWindowSize protocol.ByteCount
+
+ epochStartTime time.Time
+ epochStartOffset protocol.ByteCount
+ rttStats *utils.RTTStats
+
+ logger utils.Logger
+}
+
+// IsNewlyBlocked says if it is newly blocked by flow control.
+// For every offset, it only returns true once.
+// If it is blocked, the offset is returned.
+func (c *baseFlowController) IsNewlyBlocked() (bool, protocol.ByteCount) {
+ if c.sendWindowSize() != 0 || c.sendWindow == c.lastBlockedAt {
+ return false, 0
+ }
+ c.lastBlockedAt = c.sendWindow
+ return true, c.sendWindow
+}
+
+func (c *baseFlowController) AddBytesSent(n protocol.ByteCount) {
+ c.bytesSent += n
+}
+
+// UpdateSendWindow is be called after receiving a MAX_{STREAM_}DATA frame.
+func (c *baseFlowController) UpdateSendWindow(offset protocol.ByteCount) {
+ if offset > c.sendWindow {
+ c.sendWindow = offset
+ }
+}
+
+func (c *baseFlowController) sendWindowSize() protocol.ByteCount {
+ // this only happens during connection establishment, when data is sent before we receive the peer's transport parameters
+ if c.bytesSent > c.sendWindow {
+ return 0
+ }
+ return c.sendWindow - c.bytesSent
+}
+
+// needs to be called with locked mutex
+func (c *baseFlowController) addBytesRead(n protocol.ByteCount) {
+ // pretend we sent a WindowUpdate when reading the first byte
+ // this way auto-tuning of the window size already works for the first WindowUpdate
+ if c.bytesRead == 0 {
+ c.startNewAutoTuningEpoch(time.Now())
+ }
+ c.bytesRead += n
+}
+
+func (c *baseFlowController) hasWindowUpdate() bool {
+ bytesRemaining := c.receiveWindow - c.bytesRead
+ // update the window when more than the threshold was consumed
+ return bytesRemaining <= protocol.ByteCount(float64(c.receiveWindowSize)*(1-protocol.WindowUpdateThreshold))
+}
+
+// getWindowUpdate updates the receive window, if necessary
+// it returns the new offset
+func (c *baseFlowController) getWindowUpdate() protocol.ByteCount {
+ if !c.hasWindowUpdate() {
+ return 0
+ }
+
+ c.maybeAdjustWindowSize()
+ c.receiveWindow = c.bytesRead + c.receiveWindowSize
+ return c.receiveWindow
+}
+
+// maybeAdjustWindowSize increases the receiveWindowSize if we're sending updates too often.
+// For details about auto-tuning, see https://docs.google.com/document/d/1SExkMmGiz8VYzV3s9E35JQlJ73vhzCekKkDi85F1qCE/edit?usp=sharing.
+func (c *baseFlowController) maybeAdjustWindowSize() {
+ bytesReadInEpoch := c.bytesRead - c.epochStartOffset
+ // don't do anything if less than half the window has been consumed
+ if bytesReadInEpoch <= c.receiveWindowSize/2 {
+ return
+ }
+ rtt := c.rttStats.SmoothedRTT()
+ if rtt == 0 {
+ return
+ }
+
+ fraction := float64(bytesReadInEpoch) / float64(c.receiveWindowSize)
+ now := time.Now()
+ if now.Sub(c.epochStartTime) < time.Duration(4*fraction*float64(rtt)) {
+ // window is consumed too fast, try to increase the window size
+ c.receiveWindowSize = utils.MinByteCount(2*c.receiveWindowSize, c.maxReceiveWindowSize)
+ }
+ c.startNewAutoTuningEpoch(now)
+}
+
+func (c *baseFlowController) startNewAutoTuningEpoch(now time.Time) {
+ c.epochStartTime = now
+ c.epochStartOffset = c.bytesRead
+}
+
+func (c *baseFlowController) checkFlowControlViolation() bool {
+ return c.highestReceived > c.receiveWindow
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/connection_flow_controller.go b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/connection_flow_controller.go
new file mode 100644
index 00000000..90e7ceab
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/connection_flow_controller.go
@@ -0,0 +1,107 @@
+package flowcontrol
+
+import (
+ "errors"
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type connectionFlowController struct {
+ baseFlowController
+
+ queueWindowUpdate func()
+}
+
+var _ ConnectionFlowController = &connectionFlowController{}
+
+// NewConnectionFlowController gets a new flow controller for the connection
+// It is created before we receive the peer's transport paramenters, thus it starts with a sendWindow of 0.
+func NewConnectionFlowController(
+ receiveWindow protocol.ByteCount,
+ maxReceiveWindow protocol.ByteCount,
+ queueWindowUpdate func(),
+ rttStats *utils.RTTStats,
+ logger utils.Logger,
+) ConnectionFlowController {
+ return &connectionFlowController{
+ baseFlowController: baseFlowController{
+ rttStats: rttStats,
+ receiveWindow: receiveWindow,
+ receiveWindowSize: receiveWindow,
+ maxReceiveWindowSize: maxReceiveWindow,
+ logger: logger,
+ },
+ queueWindowUpdate: queueWindowUpdate,
+ }
+}
+
+func (c *connectionFlowController) SendWindowSize() protocol.ByteCount {
+ return c.baseFlowController.sendWindowSize()
+}
+
+// IncrementHighestReceived adds an increment to the highestReceived value
+func (c *connectionFlowController) IncrementHighestReceived(increment protocol.ByteCount) error {
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+
+ c.highestReceived += increment
+ if c.checkFlowControlViolation() {
+ return &qerr.TransportError{
+ ErrorCode: qerr.FlowControlError,
+ ErrorMessage: fmt.Sprintf("received %d bytes for the connection, allowed %d bytes", c.highestReceived, c.receiveWindow),
+ }
+ }
+ return nil
+}
+
+func (c *connectionFlowController) AddBytesRead(n protocol.ByteCount) {
+ c.mutex.Lock()
+ c.baseFlowController.addBytesRead(n)
+ shouldQueueWindowUpdate := c.hasWindowUpdate()
+ c.mutex.Unlock()
+ if shouldQueueWindowUpdate {
+ c.queueWindowUpdate()
+ }
+}
+
+func (c *connectionFlowController) GetWindowUpdate() protocol.ByteCount {
+ c.mutex.Lock()
+ oldWindowSize := c.receiveWindowSize
+ offset := c.baseFlowController.getWindowUpdate()
+ if oldWindowSize < c.receiveWindowSize {
+ c.logger.Debugf("Increasing receive flow control window for the connection to %d kB", c.receiveWindowSize/(1<<10))
+ }
+ c.mutex.Unlock()
+ return offset
+}
+
+// EnsureMinimumWindowSize sets a minimum window size
+// it should make sure that the connection-level window is increased when a stream-level window grows
+func (c *connectionFlowController) EnsureMinimumWindowSize(inc protocol.ByteCount) {
+ c.mutex.Lock()
+ if inc > c.receiveWindowSize {
+ c.logger.Debugf("Increasing receive flow control window for the connection to %d kB, in response to stream flow control window increase", c.receiveWindowSize/(1<<10))
+ c.receiveWindowSize = utils.MinByteCount(inc, c.maxReceiveWindowSize)
+ c.startNewAutoTuningEpoch(time.Now())
+ }
+ c.mutex.Unlock()
+}
+
+// The flow controller is reset when 0-RTT is rejected.
+// All stream data is invalidated, it's if we had never opened a stream and never sent any data.
+// At that point, we only have sent stream data, but we didn't have the keys to open 1-RTT keys yet.
+func (c *connectionFlowController) Reset() error {
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+
+ if c.bytesRead > 0 || c.highestReceived > 0 || !c.epochStartTime.IsZero() {
+ return errors.New("flow controller reset after reading data")
+ }
+ c.bytesSent = 0
+ c.lastBlockedAt = 0
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/interface.go b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/interface.go
new file mode 100644
index 00000000..1eeaee9f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/interface.go
@@ -0,0 +1,42 @@
+package flowcontrol
+
+import "github.com/lucas-clemente/quic-go/internal/protocol"
+
+type flowController interface {
+ // for sending
+ SendWindowSize() protocol.ByteCount
+ UpdateSendWindow(protocol.ByteCount)
+ AddBytesSent(protocol.ByteCount)
+ // for receiving
+ AddBytesRead(protocol.ByteCount)
+ GetWindowUpdate() protocol.ByteCount // returns 0 if no update is necessary
+ IsNewlyBlocked() (bool, protocol.ByteCount)
+}
+
+// A StreamFlowController is a flow controller for a QUIC stream.
+type StreamFlowController interface {
+ flowController
+ // for receiving
+ // UpdateHighestReceived should be called when a new highest offset is received
+ // final has to be to true if this is the final offset of the stream,
+ // as contained in a STREAM frame with FIN bit, and the RESET_STREAM frame
+ UpdateHighestReceived(offset protocol.ByteCount, final bool) error
+ // Abandon should be called when reading from the stream is aborted early,
+ // and there won't be any further calls to AddBytesRead.
+ Abandon()
+}
+
+// The ConnectionFlowController is the flow controller for the connection.
+type ConnectionFlowController interface {
+ flowController
+ Reset() error
+}
+
+type connectionFlowControllerI interface {
+ ConnectionFlowController
+ // The following two methods are not supposed to be called from outside this packet, but are needed internally
+ // for sending
+ EnsureMinimumWindowSize(protocol.ByteCount)
+ // for receiving
+ IncrementHighestReceived(protocol.ByteCount) error
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/stream_flow_controller.go b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/stream_flow_controller.go
new file mode 100644
index 00000000..4cb94d90
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/flowcontrol/stream_flow_controller.go
@@ -0,0 +1,146 @@
+package flowcontrol
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type streamFlowController struct {
+ baseFlowController
+
+ streamID protocol.StreamID
+
+ queueWindowUpdate func()
+
+ connection connectionFlowControllerI
+
+ receivedFinalOffset bool
+}
+
+var _ StreamFlowController = &streamFlowController{}
+
+// NewStreamFlowController gets a new flow controller for a stream
+func NewStreamFlowController(
+ streamID protocol.StreamID,
+ cfc ConnectionFlowController,
+ receiveWindow protocol.ByteCount,
+ maxReceiveWindow protocol.ByteCount,
+ initialSendWindow protocol.ByteCount,
+ queueWindowUpdate func(protocol.StreamID),
+ rttStats *utils.RTTStats,
+ logger utils.Logger,
+) StreamFlowController {
+ return &streamFlowController{
+ streamID: streamID,
+ connection: cfc.(connectionFlowControllerI),
+ queueWindowUpdate: func() { queueWindowUpdate(streamID) },
+ baseFlowController: baseFlowController{
+ rttStats: rttStats,
+ receiveWindow: receiveWindow,
+ receiveWindowSize: receiveWindow,
+ maxReceiveWindowSize: maxReceiveWindow,
+ sendWindow: initialSendWindow,
+ logger: logger,
+ },
+ }
+}
+
+// UpdateHighestReceived updates the highestReceived value, if the offset is higher.
+func (c *streamFlowController) UpdateHighestReceived(offset protocol.ByteCount, final bool) error {
+ // If the final offset for this stream is already known, check for consistency.
+ if c.receivedFinalOffset {
+ // If we receive another final offset, check that it's the same.
+ if final && offset != c.highestReceived {
+ return &qerr.TransportError{
+ ErrorCode: qerr.FinalSizeError,
+ ErrorMessage: fmt.Sprintf("received inconsistent final offset for stream %d (old: %d, new: %d bytes)", c.streamID, c.highestReceived, offset),
+ }
+ }
+ // Check that the offset is below the final offset.
+ if offset > c.highestReceived {
+ return &qerr.TransportError{
+ ErrorCode: qerr.FinalSizeError,
+ ErrorMessage: fmt.Sprintf("received offset %d for stream %d, but final offset was already received at %d", offset, c.streamID, c.highestReceived),
+ }
+ }
+ }
+
+ if final {
+ c.receivedFinalOffset = true
+ }
+ if offset == c.highestReceived {
+ return nil
+ }
+ // A higher offset was received before.
+ // This can happen due to reordering.
+ if offset <= c.highestReceived {
+ if final {
+ return &qerr.TransportError{
+ ErrorCode: qerr.FinalSizeError,
+ ErrorMessage: fmt.Sprintf("received final offset %d for stream %d, but already received offset %d before", offset, c.streamID, c.highestReceived),
+ }
+ }
+ return nil
+ }
+
+ increment := offset - c.highestReceived
+ c.highestReceived = offset
+ if c.checkFlowControlViolation() {
+ return &qerr.TransportError{
+ ErrorCode: qerr.FlowControlError,
+ ErrorMessage: fmt.Sprintf("received %d bytes on stream %d, allowed %d bytes", offset, c.streamID, c.receiveWindow),
+ }
+ }
+ return c.connection.IncrementHighestReceived(increment)
+}
+
+func (c *streamFlowController) AddBytesRead(n protocol.ByteCount) {
+ c.mutex.Lock()
+ c.baseFlowController.addBytesRead(n)
+ shouldQueueWindowUpdate := c.shouldQueueWindowUpdate()
+ c.mutex.Unlock()
+ if shouldQueueWindowUpdate {
+ c.queueWindowUpdate()
+ }
+ c.connection.AddBytesRead(n)
+}
+
+func (c *streamFlowController) Abandon() {
+ if unread := c.highestReceived - c.bytesRead; unread > 0 {
+ c.connection.AddBytesRead(unread)
+ }
+}
+
+func (c *streamFlowController) AddBytesSent(n protocol.ByteCount) {
+ c.baseFlowController.AddBytesSent(n)
+ c.connection.AddBytesSent(n)
+}
+
+func (c *streamFlowController) SendWindowSize() protocol.ByteCount {
+ return utils.MinByteCount(c.baseFlowController.sendWindowSize(), c.connection.SendWindowSize())
+}
+
+func (c *streamFlowController) shouldQueueWindowUpdate() bool {
+ return !c.receivedFinalOffset && c.hasWindowUpdate()
+}
+
+func (c *streamFlowController) GetWindowUpdate() protocol.ByteCount {
+ // If we already received the final offset for this stream, the peer won't need any additional flow control credit.
+ if c.receivedFinalOffset {
+ return 0
+ }
+
+ // Don't use defer for unlocking the mutex here, GetWindowUpdate() is called frequently and defer shows up in the profiler
+ c.mutex.Lock()
+ oldWindowSize := c.receiveWindowSize
+ offset := c.baseFlowController.getWindowUpdate()
+ if c.receiveWindowSize > oldWindowSize { // auto-tuning enlarged the window size
+ c.logger.Debugf("Increasing receive flow control window for stream %d to %d kB", c.streamID, c.receiveWindowSize/(1<<10))
+ c.connection.EnsureMinimumWindowSize(protocol.ByteCount(float64(c.receiveWindowSize) * protocol.ConnectionFlowControlMultiplier))
+ }
+ c.mutex.Unlock()
+ return offset
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/aead.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/aead.go
new file mode 100644
index 00000000..54eda9b7
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/aead.go
@@ -0,0 +1,155 @@
+package handshake
+
+import (
+ "crypto/cipher"
+ "encoding/binary"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+func createAEAD(suite *qtls.CipherSuiteTLS13, trafficSecret []byte) cipher.AEAD {
+ key := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic key", suite.KeyLen)
+ iv := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic iv", suite.IVLen())
+ return suite.AEAD(key, iv)
+}
+
+type longHeaderSealer struct {
+ aead cipher.AEAD
+ headerProtector headerProtector
+
+ // use a single slice to avoid allocations
+ nonceBuf []byte
+}
+
+var _ LongHeaderSealer = &longHeaderSealer{}
+
+func newLongHeaderSealer(aead cipher.AEAD, headerProtector headerProtector) LongHeaderSealer {
+ return &longHeaderSealer{
+ aead: aead,
+ headerProtector: headerProtector,
+ nonceBuf: make([]byte, aead.NonceSize()),
+ }
+}
+
+func (s *longHeaderSealer) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []byte {
+ binary.BigEndian.PutUint64(s.nonceBuf[len(s.nonceBuf)-8:], uint64(pn))
+ // The AEAD we're using here will be the qtls.aeadAESGCM13.
+ // It uses the nonce provided here and XOR it with the IV.
+ return s.aead.Seal(dst, s.nonceBuf, src, ad)
+}
+
+func (s *longHeaderSealer) EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
+ s.headerProtector.EncryptHeader(sample, firstByte, pnBytes)
+}
+
+func (s *longHeaderSealer) Overhead() int {
+ return s.aead.Overhead()
+}
+
+type longHeaderOpener struct {
+ aead cipher.AEAD
+ headerProtector headerProtector
+ highestRcvdPN protocol.PacketNumber // highest packet number received (which could be successfully unprotected)
+
+ // use a single slice to avoid allocations
+ nonceBuf []byte
+}
+
+var _ LongHeaderOpener = &longHeaderOpener{}
+
+func newLongHeaderOpener(aead cipher.AEAD, headerProtector headerProtector) LongHeaderOpener {
+ return &longHeaderOpener{
+ aead: aead,
+ headerProtector: headerProtector,
+ nonceBuf: make([]byte, aead.NonceSize()),
+ }
+}
+
+func (o *longHeaderOpener) DecodePacketNumber(wirePN protocol.PacketNumber, wirePNLen protocol.PacketNumberLen) protocol.PacketNumber {
+ return protocol.DecodePacketNumber(wirePNLen, o.highestRcvdPN, wirePN)
+}
+
+func (o *longHeaderOpener) Open(dst, src []byte, pn protocol.PacketNumber, ad []byte) ([]byte, error) {
+ binary.BigEndian.PutUint64(o.nonceBuf[len(o.nonceBuf)-8:], uint64(pn))
+ // The AEAD we're using here will be the qtls.aeadAESGCM13.
+ // It uses the nonce provided here and XOR it with the IV.
+ dec, err := o.aead.Open(dst, o.nonceBuf, src, ad)
+ if err == nil {
+ o.highestRcvdPN = utils.MaxPacketNumber(o.highestRcvdPN, pn)
+ } else {
+ err = ErrDecryptionFailed
+ }
+ return dec, err
+}
+
+func (o *longHeaderOpener) DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte) {
+ o.headerProtector.DecryptHeader(sample, firstByte, pnBytes)
+}
+
+type handshakeSealer struct {
+ LongHeaderSealer
+
+ dropInitialKeys func()
+ dropped bool
+}
+
+func newHandshakeSealer(
+ aead cipher.AEAD,
+ headerProtector headerProtector,
+ dropInitialKeys func(),
+ perspective protocol.Perspective,
+) LongHeaderSealer {
+ sealer := newLongHeaderSealer(aead, headerProtector)
+ // The client drops Initial keys when sending the first Handshake packet.
+ if perspective == protocol.PerspectiveServer {
+ return sealer
+ }
+ return &handshakeSealer{
+ LongHeaderSealer: sealer,
+ dropInitialKeys: dropInitialKeys,
+ }
+}
+
+func (s *handshakeSealer) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []byte {
+ data := s.LongHeaderSealer.Seal(dst, src, pn, ad)
+ if !s.dropped {
+ s.dropInitialKeys()
+ s.dropped = true
+ }
+ return data
+}
+
+type handshakeOpener struct {
+ LongHeaderOpener
+
+ dropInitialKeys func()
+ dropped bool
+}
+
+func newHandshakeOpener(
+ aead cipher.AEAD,
+ headerProtector headerProtector,
+ dropInitialKeys func(),
+ perspective protocol.Perspective,
+) LongHeaderOpener {
+ opener := newLongHeaderOpener(aead, headerProtector)
+ // The server drops Initial keys when first successfully processing a Handshake packet.
+ if perspective == protocol.PerspectiveClient {
+ return opener
+ }
+ return &handshakeOpener{
+ LongHeaderOpener: opener,
+ dropInitialKeys: dropInitialKeys,
+ }
+}
+
+func (o *handshakeOpener) Open(dst, src []byte, pn protocol.PacketNumber, ad []byte) ([]byte, error) {
+ dec, err := o.LongHeaderOpener.Open(dst, src, pn, ad)
+ if err == nil && !o.dropped {
+ o.dropInitialKeys()
+ o.dropped = true
+ }
+ return dec, err
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup.go
new file mode 100644
index 00000000..7543be99
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/crypto_setup.go
@@ -0,0 +1,800 @@
+package handshake
+
+import (
+ "bytes"
+ "crypto/tls"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// TLS unexpected_message alert
+const alertUnexpectedMessage uint8 = 10
+
+type messageType uint8
+
+// TLS handshake message types.
+const (
+ typeClientHello messageType = 1
+ typeServerHello messageType = 2
+ typeNewSessionTicket messageType = 4
+ typeEncryptedExtensions messageType = 8
+ typeCertificate messageType = 11
+ typeCertificateRequest messageType = 13
+ typeCertificateVerify messageType = 15
+ typeFinished messageType = 20
+)
+
+func (m messageType) String() string {
+ switch m {
+ case typeClientHello:
+ return "ClientHello"
+ case typeServerHello:
+ return "ServerHello"
+ case typeNewSessionTicket:
+ return "NewSessionTicket"
+ case typeEncryptedExtensions:
+ return "EncryptedExtensions"
+ case typeCertificate:
+ return "Certificate"
+ case typeCertificateRequest:
+ return "CertificateRequest"
+ case typeCertificateVerify:
+ return "CertificateVerify"
+ case typeFinished:
+ return "Finished"
+ default:
+ return fmt.Sprintf("unknown message type: %d", m)
+ }
+}
+
+const clientSessionStateRevision = 3
+
+type conn struct {
+ localAddr, remoteAddr net.Addr
+ version protocol.VersionNumber
+}
+
+var _ ConnWithVersion = &conn{}
+
+func newConn(local, remote net.Addr, version protocol.VersionNumber) ConnWithVersion {
+ return &conn{
+ localAddr: local,
+ remoteAddr: remote,
+ version: version,
+ }
+}
+
+var _ net.Conn = &conn{}
+
+func (c *conn) Read([]byte) (int, error) { return 0, nil }
+func (c *conn) Write([]byte) (int, error) { return 0, nil }
+func (c *conn) Close() error { return nil }
+func (c *conn) RemoteAddr() net.Addr { return c.remoteAddr }
+func (c *conn) LocalAddr() net.Addr { return c.localAddr }
+func (c *conn) SetReadDeadline(time.Time) error { return nil }
+func (c *conn) SetWriteDeadline(time.Time) error { return nil }
+func (c *conn) SetDeadline(time.Time) error { return nil }
+func (c *conn) GetQUICVersion() protocol.VersionNumber { return c.version }
+
+type cryptoSetup struct {
+ tlsConf *tls.Config
+ extraConf *qtls.ExtraConfig
+ conn *qtls.Conn
+
+ version protocol.VersionNumber
+
+ messageChan chan []byte
+ isReadingHandshakeMessage chan struct{}
+ readFirstHandshakeMessage bool
+
+ ourParams *wire.TransportParameters
+ peerParams *wire.TransportParameters
+ paramsChan <-chan []byte
+
+ runner handshakeRunner
+
+ alertChan chan uint8
+ // handshakeDone is closed as soon as the go routine running qtls.Handshake() returns
+ handshakeDone chan struct{}
+ // is closed when Close() is called
+ closeChan chan struct{}
+
+ zeroRTTParameters *wire.TransportParameters
+ clientHelloWritten bool
+ clientHelloWrittenChan chan *wire.TransportParameters
+
+ rttStats *utils.RTTStats
+
+ tracer logging.ConnectionTracer
+ logger utils.Logger
+
+ perspective protocol.Perspective
+
+ mutex sync.Mutex // protects all members below
+
+ handshakeCompleteTime time.Time
+
+ readEncLevel protocol.EncryptionLevel
+ writeEncLevel protocol.EncryptionLevel
+
+ zeroRTTOpener LongHeaderOpener // only set for the server
+ zeroRTTSealer LongHeaderSealer // only set for the client
+
+ initialStream io.Writer
+ initialOpener LongHeaderOpener
+ initialSealer LongHeaderSealer
+
+ handshakeStream io.Writer
+ handshakeOpener LongHeaderOpener
+ handshakeSealer LongHeaderSealer
+
+ aead *updatableAEAD
+ has1RTTSealer bool
+ has1RTTOpener bool
+}
+
+var (
+ _ qtls.RecordLayer = &cryptoSetup{}
+ _ CryptoSetup = &cryptoSetup{}
+)
+
+// NewCryptoSetupClient creates a new crypto setup for the client
+func NewCryptoSetupClient(
+ initialStream io.Writer,
+ handshakeStream io.Writer,
+ connID protocol.ConnectionID,
+ localAddr net.Addr,
+ remoteAddr net.Addr,
+ tp *wire.TransportParameters,
+ runner handshakeRunner,
+ tlsConf *tls.Config,
+ enable0RTT bool,
+ rttStats *utils.RTTStats,
+ tracer logging.ConnectionTracer,
+ logger utils.Logger,
+ version protocol.VersionNumber,
+) (CryptoSetup, <-chan *wire.TransportParameters /* ClientHello written. Receive nil for non-0-RTT */) {
+ cs, clientHelloWritten := newCryptoSetup(
+ initialStream,
+ handshakeStream,
+ connID,
+ tp,
+ runner,
+ tlsConf,
+ enable0RTT,
+ rttStats,
+ tracer,
+ logger,
+ protocol.PerspectiveClient,
+ version,
+ )
+ cs.conn = qtls.Client(newConn(localAddr, remoteAddr, version), cs.tlsConf, cs.extraConf)
+ return cs, clientHelloWritten
+}
+
+// NewCryptoSetupServer creates a new crypto setup for the server
+func NewCryptoSetupServer(
+ initialStream io.Writer,
+ handshakeStream io.Writer,
+ connID protocol.ConnectionID,
+ localAddr net.Addr,
+ remoteAddr net.Addr,
+ tp *wire.TransportParameters,
+ runner handshakeRunner,
+ tlsConf *tls.Config,
+ enable0RTT bool,
+ rttStats *utils.RTTStats,
+ tracer logging.ConnectionTracer,
+ logger utils.Logger,
+ version protocol.VersionNumber,
+) CryptoSetup {
+ cs, _ := newCryptoSetup(
+ initialStream,
+ handshakeStream,
+ connID,
+ tp,
+ runner,
+ tlsConf,
+ enable0RTT,
+ rttStats,
+ tracer,
+ logger,
+ protocol.PerspectiveServer,
+ version,
+ )
+ cs.conn = qtls.Server(newConn(localAddr, remoteAddr, version), cs.tlsConf, cs.extraConf)
+ return cs
+}
+
+func newCryptoSetup(
+ initialStream io.Writer,
+ handshakeStream io.Writer,
+ connID protocol.ConnectionID,
+ tp *wire.TransportParameters,
+ runner handshakeRunner,
+ tlsConf *tls.Config,
+ enable0RTT bool,
+ rttStats *utils.RTTStats,
+ tracer logging.ConnectionTracer,
+ logger utils.Logger,
+ perspective protocol.Perspective,
+ version protocol.VersionNumber,
+) (*cryptoSetup, <-chan *wire.TransportParameters /* ClientHello written. Receive nil for non-0-RTT */) {
+ initialSealer, initialOpener := NewInitialAEAD(connID, perspective, version)
+ if tracer != nil {
+ tracer.UpdatedKeyFromTLS(protocol.EncryptionInitial, protocol.PerspectiveClient)
+ tracer.UpdatedKeyFromTLS(protocol.EncryptionInitial, protocol.PerspectiveServer)
+ }
+ extHandler := newExtensionHandler(tp.Marshal(perspective), perspective, version)
+ cs := &cryptoSetup{
+ tlsConf: tlsConf,
+ initialStream: initialStream,
+ initialSealer: initialSealer,
+ initialOpener: initialOpener,
+ handshakeStream: handshakeStream,
+ aead: newUpdatableAEAD(rttStats, tracer, logger),
+ readEncLevel: protocol.EncryptionInitial,
+ writeEncLevel: protocol.EncryptionInitial,
+ runner: runner,
+ ourParams: tp,
+ paramsChan: extHandler.TransportParameters(),
+ rttStats: rttStats,
+ tracer: tracer,
+ logger: logger,
+ perspective: perspective,
+ handshakeDone: make(chan struct{}),
+ alertChan: make(chan uint8),
+ clientHelloWrittenChan: make(chan *wire.TransportParameters, 1),
+ messageChan: make(chan []byte, 100),
+ isReadingHandshakeMessage: make(chan struct{}),
+ closeChan: make(chan struct{}),
+ version: version,
+ }
+ var maxEarlyData uint32
+ if enable0RTT {
+ maxEarlyData = 0xffffffff
+ }
+ cs.extraConf = &qtls.ExtraConfig{
+ GetExtensions: extHandler.GetExtensions,
+ ReceivedExtensions: extHandler.ReceivedExtensions,
+ AlternativeRecordLayer: cs,
+ EnforceNextProtoSelection: true,
+ MaxEarlyData: maxEarlyData,
+ Accept0RTT: cs.accept0RTT,
+ Rejected0RTT: cs.rejected0RTT,
+ Enable0RTT: enable0RTT,
+ GetAppDataForSessionState: cs.marshalDataForSessionState,
+ SetAppDataFromSessionState: cs.handleDataFromSessionState,
+ }
+ return cs, cs.clientHelloWrittenChan
+}
+
+func (h *cryptoSetup) ChangeConnectionID(id protocol.ConnectionID) {
+ initialSealer, initialOpener := NewInitialAEAD(id, h.perspective, h.version)
+ h.initialSealer = initialSealer
+ h.initialOpener = initialOpener
+ if h.tracer != nil {
+ h.tracer.UpdatedKeyFromTLS(protocol.EncryptionInitial, protocol.PerspectiveClient)
+ h.tracer.UpdatedKeyFromTLS(protocol.EncryptionInitial, protocol.PerspectiveServer)
+ }
+}
+
+func (h *cryptoSetup) SetLargest1RTTAcked(pn protocol.PacketNumber) error {
+ return h.aead.SetLargestAcked(pn)
+}
+
+func (h *cryptoSetup) RunHandshake() {
+ // Handle errors that might occur when HandleData() is called.
+ handshakeComplete := make(chan struct{})
+ handshakeErrChan := make(chan error, 1)
+ go func() {
+ defer close(h.handshakeDone)
+ if err := h.conn.Handshake(); err != nil {
+ handshakeErrChan <- err
+ return
+ }
+ close(handshakeComplete)
+ }()
+
+ select {
+ case <-handshakeComplete: // return when the handshake is done
+ h.mutex.Lock()
+ h.handshakeCompleteTime = time.Now()
+ h.mutex.Unlock()
+ h.runner.OnHandshakeComplete()
+ case <-h.closeChan:
+ // wait until the Handshake() go routine has returned
+ <-h.handshakeDone
+ case alert := <-h.alertChan:
+ handshakeErr := <-handshakeErrChan
+ h.onError(alert, handshakeErr.Error())
+ }
+}
+
+func (h *cryptoSetup) onError(alert uint8, message string) {
+ h.runner.OnError(qerr.NewCryptoError(alert, message))
+}
+
+// Close closes the crypto setup.
+// It aborts the handshake, if it is still running.
+// It must only be called once.
+func (h *cryptoSetup) Close() error {
+ close(h.closeChan)
+ // wait until qtls.Handshake() actually returned
+ <-h.handshakeDone
+ return nil
+}
+
+// handleMessage handles a TLS handshake message.
+// It is called by the crypto streams when a new message is available.
+// It returns if it is done with messages on the same encryption level.
+func (h *cryptoSetup) HandleMessage(data []byte, encLevel protocol.EncryptionLevel) bool /* stream finished */ {
+ msgType := messageType(data[0])
+ h.logger.Debugf("Received %s message (%d bytes, encryption level: %s)", msgType, len(data), encLevel)
+ if err := h.checkEncryptionLevel(msgType, encLevel); err != nil {
+ h.onError(alertUnexpectedMessage, err.Error())
+ return false
+ }
+ h.messageChan <- data
+ if encLevel == protocol.Encryption1RTT {
+ h.handlePostHandshakeMessage()
+ return false
+ }
+readLoop:
+ for {
+ select {
+ case data := <-h.paramsChan:
+ if data == nil {
+ h.onError(0x6d, "missing quic_transport_parameters extension")
+ } else {
+ h.handleTransportParameters(data)
+ }
+ case <-h.isReadingHandshakeMessage:
+ break readLoop
+ case <-h.handshakeDone:
+ break readLoop
+ case <-h.closeChan:
+ break readLoop
+ }
+ }
+ // We're done with the Initial encryption level after processing a ClientHello / ServerHello,
+ // but only if a handshake opener and sealer was created.
+ // Otherwise, a HelloRetryRequest was performed.
+ // We're done with the Handshake encryption level after processing the Finished message.
+ return ((msgType == typeClientHello || msgType == typeServerHello) && h.handshakeOpener != nil && h.handshakeSealer != nil) ||
+ msgType == typeFinished
+}
+
+func (h *cryptoSetup) checkEncryptionLevel(msgType messageType, encLevel protocol.EncryptionLevel) error {
+ var expected protocol.EncryptionLevel
+ switch msgType {
+ case typeClientHello,
+ typeServerHello:
+ expected = protocol.EncryptionInitial
+ case typeEncryptedExtensions,
+ typeCertificate,
+ typeCertificateRequest,
+ typeCertificateVerify,
+ typeFinished:
+ expected = protocol.EncryptionHandshake
+ case typeNewSessionTicket:
+ expected = protocol.Encryption1RTT
+ default:
+ return fmt.Errorf("unexpected handshake message: %d", msgType)
+ }
+ if encLevel != expected {
+ return fmt.Errorf("expected handshake message %s to have encryption level %s, has %s", msgType, expected, encLevel)
+ }
+ return nil
+}
+
+func (h *cryptoSetup) handleTransportParameters(data []byte) {
+ var tp wire.TransportParameters
+ if err := tp.Unmarshal(data, h.perspective.Opposite()); err != nil {
+ h.runner.OnError(&qerr.TransportError{
+ ErrorCode: qerr.TransportParameterError,
+ ErrorMessage: err.Error(),
+ })
+ }
+ h.peerParams = &tp
+ h.runner.OnReceivedParams(h.peerParams)
+}
+
+// must be called after receiving the transport parameters
+func (h *cryptoSetup) marshalDataForSessionState() []byte {
+ buf := &bytes.Buffer{}
+ quicvarint.Write(buf, clientSessionStateRevision)
+ quicvarint.Write(buf, uint64(h.rttStats.SmoothedRTT().Microseconds()))
+ h.peerParams.MarshalForSessionTicket(buf)
+ return buf.Bytes()
+}
+
+func (h *cryptoSetup) handleDataFromSessionState(data []byte) {
+ tp, err := h.handleDataFromSessionStateImpl(data)
+ if err != nil {
+ h.logger.Debugf("Restoring of transport parameters from session ticket failed: %s", err.Error())
+ return
+ }
+ h.zeroRTTParameters = tp
+}
+
+func (h *cryptoSetup) handleDataFromSessionStateImpl(data []byte) (*wire.TransportParameters, error) {
+ r := bytes.NewReader(data)
+ ver, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ if ver != clientSessionStateRevision {
+ return nil, fmt.Errorf("mismatching version. Got %d, expected %d", ver, clientSessionStateRevision)
+ }
+ rtt, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ h.rttStats.SetInitialRTT(time.Duration(rtt) * time.Microsecond)
+ var tp wire.TransportParameters
+ if err := tp.UnmarshalFromSessionTicket(r); err != nil {
+ return nil, err
+ }
+ return &tp, nil
+}
+
+// only valid for the server
+func (h *cryptoSetup) GetSessionTicket() ([]byte, error) {
+ var appData []byte
+ // Save transport parameters to the session ticket if we're allowing 0-RTT.
+ if h.extraConf.MaxEarlyData > 0 {
+ appData = (&sessionTicket{
+ Parameters: h.ourParams,
+ RTT: h.rttStats.SmoothedRTT(),
+ }).Marshal()
+ }
+ return h.conn.GetSessionTicket(appData)
+}
+
+// accept0RTT is called for the server when receiving the client's session ticket.
+// It decides whether to accept 0-RTT.
+func (h *cryptoSetup) accept0RTT(sessionTicketData []byte) bool {
+ var t sessionTicket
+ if err := t.Unmarshal(sessionTicketData); err != nil {
+ h.logger.Debugf("Unmarshalling transport parameters from session ticket failed: %s", err.Error())
+ return false
+ }
+ valid := h.ourParams.ValidFor0RTT(t.Parameters)
+ if valid {
+ h.logger.Debugf("Accepting 0-RTT. Restoring RTT from session ticket: %s", t.RTT)
+ h.rttStats.SetInitialRTT(t.RTT)
+ } else {
+ h.logger.Debugf("Transport parameters changed. Rejecting 0-RTT.")
+ }
+ return valid
+}
+
+// rejected0RTT is called for the client when the server rejects 0-RTT.
+func (h *cryptoSetup) rejected0RTT() {
+ h.logger.Debugf("0-RTT was rejected. Dropping 0-RTT keys.")
+
+ h.mutex.Lock()
+ had0RTTKeys := h.zeroRTTSealer != nil
+ h.zeroRTTSealer = nil
+ h.mutex.Unlock()
+
+ if had0RTTKeys {
+ h.runner.DropKeys(protocol.Encryption0RTT)
+ }
+}
+
+func (h *cryptoSetup) handlePostHandshakeMessage() {
+ // make sure the handshake has already completed
+ <-h.handshakeDone
+
+ done := make(chan struct{})
+ defer close(done)
+
+ // h.alertChan is an unbuffered channel.
+ // If an error occurs during conn.HandlePostHandshakeMessage,
+ // it will be sent on this channel.
+ // Read it from a go-routine so that HandlePostHandshakeMessage doesn't deadlock.
+ alertChan := make(chan uint8, 1)
+ go func() {
+ <-h.isReadingHandshakeMessage
+ select {
+ case alert := <-h.alertChan:
+ alertChan <- alert
+ case <-done:
+ }
+ }()
+
+ if err := h.conn.HandlePostHandshakeMessage(); err != nil {
+ select {
+ case <-h.closeChan:
+ case alert := <-alertChan:
+ h.onError(alert, err.Error())
+ }
+ }
+}
+
+// ReadHandshakeMessage is called by TLS.
+// It blocks until a new handshake message is available.
+func (h *cryptoSetup) ReadHandshakeMessage() ([]byte, error) {
+ if !h.readFirstHandshakeMessage {
+ h.readFirstHandshakeMessage = true
+ } else {
+ select {
+ case h.isReadingHandshakeMessage <- struct{}{}:
+ case <-h.closeChan:
+ return nil, errors.New("error while handling the handshake message")
+ }
+ }
+ select {
+ case msg := <-h.messageChan:
+ return msg, nil
+ case <-h.closeChan:
+ return nil, errors.New("error while handling the handshake message")
+ }
+}
+
+func (h *cryptoSetup) SetReadKey(encLevel qtls.EncryptionLevel, suite *qtls.CipherSuiteTLS13, trafficSecret []byte) {
+ h.mutex.Lock()
+ switch encLevel {
+ case qtls.Encryption0RTT:
+ if h.perspective == protocol.PerspectiveClient {
+ panic("Received 0-RTT read key for the client")
+ }
+ h.zeroRTTOpener = newLongHeaderOpener(
+ createAEAD(suite, trafficSecret),
+ newHeaderProtector(suite, trafficSecret, true),
+ )
+ h.mutex.Unlock()
+ h.logger.Debugf("Installed 0-RTT Read keys (using %s)", tls.CipherSuiteName(suite.ID))
+ if h.tracer != nil {
+ h.tracer.UpdatedKeyFromTLS(protocol.Encryption0RTT, h.perspective.Opposite())
+ }
+ return
+ case qtls.EncryptionHandshake:
+ h.readEncLevel = protocol.EncryptionHandshake
+ h.handshakeOpener = newHandshakeOpener(
+ createAEAD(suite, trafficSecret),
+ newHeaderProtector(suite, trafficSecret, true),
+ h.dropInitialKeys,
+ h.perspective,
+ )
+ h.logger.Debugf("Installed Handshake Read keys (using %s)", tls.CipherSuiteName(suite.ID))
+ case qtls.EncryptionApplication:
+ h.readEncLevel = protocol.Encryption1RTT
+ h.aead.SetReadKey(suite, trafficSecret)
+ h.has1RTTOpener = true
+ h.logger.Debugf("Installed 1-RTT Read keys (using %s)", tls.CipherSuiteName(suite.ID))
+ default:
+ panic("unexpected read encryption level")
+ }
+ h.mutex.Unlock()
+ if h.tracer != nil {
+ h.tracer.UpdatedKeyFromTLS(h.readEncLevel, h.perspective.Opposite())
+ }
+}
+
+func (h *cryptoSetup) SetWriteKey(encLevel qtls.EncryptionLevel, suite *qtls.CipherSuiteTLS13, trafficSecret []byte) {
+ h.mutex.Lock()
+ switch encLevel {
+ case qtls.Encryption0RTT:
+ if h.perspective == protocol.PerspectiveServer {
+ panic("Received 0-RTT write key for the server")
+ }
+ h.zeroRTTSealer = newLongHeaderSealer(
+ createAEAD(suite, trafficSecret),
+ newHeaderProtector(suite, trafficSecret, true),
+ )
+ h.mutex.Unlock()
+ h.logger.Debugf("Installed 0-RTT Write keys (using %s)", tls.CipherSuiteName(suite.ID))
+ if h.tracer != nil {
+ h.tracer.UpdatedKeyFromTLS(protocol.Encryption0RTT, h.perspective)
+ }
+ return
+ case qtls.EncryptionHandshake:
+ h.writeEncLevel = protocol.EncryptionHandshake
+ h.handshakeSealer = newHandshakeSealer(
+ createAEAD(suite, trafficSecret),
+ newHeaderProtector(suite, trafficSecret, true),
+ h.dropInitialKeys,
+ h.perspective,
+ )
+ h.logger.Debugf("Installed Handshake Write keys (using %s)", tls.CipherSuiteName(suite.ID))
+ case qtls.EncryptionApplication:
+ h.writeEncLevel = protocol.Encryption1RTT
+ h.aead.SetWriteKey(suite, trafficSecret)
+ h.has1RTTSealer = true
+ h.logger.Debugf("Installed 1-RTT Write keys (using %s)", tls.CipherSuiteName(suite.ID))
+ if h.zeroRTTSealer != nil {
+ h.zeroRTTSealer = nil
+ h.logger.Debugf("Dropping 0-RTT keys.")
+ if h.tracer != nil {
+ h.tracer.DroppedEncryptionLevel(protocol.Encryption0RTT)
+ }
+ }
+ default:
+ panic("unexpected write encryption level")
+ }
+ h.mutex.Unlock()
+ if h.tracer != nil {
+ h.tracer.UpdatedKeyFromTLS(h.writeEncLevel, h.perspective)
+ }
+}
+
+// WriteRecord is called when TLS writes data
+func (h *cryptoSetup) WriteRecord(p []byte) (int, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ //nolint:exhaustive // LS records can only be written for Initial and Handshake.
+ switch h.writeEncLevel {
+ case protocol.EncryptionInitial:
+ // assume that the first WriteRecord call contains the ClientHello
+ n, err := h.initialStream.Write(p)
+ if !h.clientHelloWritten && h.perspective == protocol.PerspectiveClient {
+ h.clientHelloWritten = true
+ if h.zeroRTTSealer != nil && h.zeroRTTParameters != nil {
+ h.logger.Debugf("Doing 0-RTT.")
+ h.clientHelloWrittenChan <- h.zeroRTTParameters
+ } else {
+ h.logger.Debugf("Not doing 0-RTT.")
+ h.clientHelloWrittenChan <- nil
+ }
+ }
+ return n, err
+ case protocol.EncryptionHandshake:
+ return h.handshakeStream.Write(p)
+ default:
+ panic(fmt.Sprintf("unexpected write encryption level: %s", h.writeEncLevel))
+ }
+}
+
+func (h *cryptoSetup) SendAlert(alert uint8) {
+ select {
+ case h.alertChan <- alert:
+ case <-h.closeChan:
+ // no need to send an alert when we've already closed
+ }
+}
+
+// used a callback in the handshakeSealer and handshakeOpener
+func (h *cryptoSetup) dropInitialKeys() {
+ h.mutex.Lock()
+ h.initialOpener = nil
+ h.initialSealer = nil
+ h.mutex.Unlock()
+ h.runner.DropKeys(protocol.EncryptionInitial)
+ h.logger.Debugf("Dropping Initial keys.")
+}
+
+func (h *cryptoSetup) SetHandshakeConfirmed() {
+ h.aead.SetHandshakeConfirmed()
+ // drop Handshake keys
+ var dropped bool
+ h.mutex.Lock()
+ if h.handshakeOpener != nil {
+ h.handshakeOpener = nil
+ h.handshakeSealer = nil
+ dropped = true
+ }
+ h.mutex.Unlock()
+ if dropped {
+ h.runner.DropKeys(protocol.EncryptionHandshake)
+ h.logger.Debugf("Dropping Handshake keys.")
+ }
+}
+
+func (h *cryptoSetup) GetInitialSealer() (LongHeaderSealer, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.initialSealer == nil {
+ return nil, ErrKeysDropped
+ }
+ return h.initialSealer, nil
+}
+
+func (h *cryptoSetup) Get0RTTSealer() (LongHeaderSealer, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.zeroRTTSealer == nil {
+ return nil, ErrKeysDropped
+ }
+ return h.zeroRTTSealer, nil
+}
+
+func (h *cryptoSetup) GetHandshakeSealer() (LongHeaderSealer, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.handshakeSealer == nil {
+ if h.initialSealer == nil {
+ return nil, ErrKeysDropped
+ }
+ return nil, ErrKeysNotYetAvailable
+ }
+ return h.handshakeSealer, nil
+}
+
+func (h *cryptoSetup) Get1RTTSealer() (ShortHeaderSealer, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if !h.has1RTTSealer {
+ return nil, ErrKeysNotYetAvailable
+ }
+ return h.aead, nil
+}
+
+func (h *cryptoSetup) GetInitialOpener() (LongHeaderOpener, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.initialOpener == nil {
+ return nil, ErrKeysDropped
+ }
+ return h.initialOpener, nil
+}
+
+func (h *cryptoSetup) Get0RTTOpener() (LongHeaderOpener, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.zeroRTTOpener == nil {
+ if h.initialOpener != nil {
+ return nil, ErrKeysNotYetAvailable
+ }
+ // if the initial opener is also not available, the keys were already dropped
+ return nil, ErrKeysDropped
+ }
+ return h.zeroRTTOpener, nil
+}
+
+func (h *cryptoSetup) GetHandshakeOpener() (LongHeaderOpener, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.handshakeOpener == nil {
+ if h.initialOpener != nil {
+ return nil, ErrKeysNotYetAvailable
+ }
+ // if the initial opener is also not available, the keys were already dropped
+ return nil, ErrKeysDropped
+ }
+ return h.handshakeOpener, nil
+}
+
+func (h *cryptoSetup) Get1RTTOpener() (ShortHeaderOpener, error) {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if h.zeroRTTOpener != nil && time.Since(h.handshakeCompleteTime) > 3*h.rttStats.PTO(true) {
+ h.zeroRTTOpener = nil
+ h.logger.Debugf("Dropping 0-RTT keys.")
+ if h.tracer != nil {
+ h.tracer.DroppedEncryptionLevel(protocol.Encryption0RTT)
+ }
+ }
+
+ if !h.has1RTTOpener {
+ return nil, ErrKeysNotYetAvailable
+ }
+ return h.aead, nil
+}
+
+func (h *cryptoSetup) ConnectionState() ConnectionState {
+ return qtls.GetConnectionState(h.conn)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/header_protector.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/header_protector.go
new file mode 100644
index 00000000..e1c72c3b
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/header_protector.go
@@ -0,0 +1,127 @@
+package handshake
+
+import (
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/tls"
+ "encoding/binary"
+ "fmt"
+
+ "golang.org/x/crypto/chacha20"
+
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+)
+
+type headerProtector interface {
+ EncryptHeader(sample []byte, firstByte *byte, hdrBytes []byte)
+ DecryptHeader(sample []byte, firstByte *byte, hdrBytes []byte)
+}
+
+func newHeaderProtector(suite *qtls.CipherSuiteTLS13, trafficSecret []byte, isLongHeader bool) headerProtector {
+ switch suite.ID {
+ case tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384:
+ return newAESHeaderProtector(suite, trafficSecret, isLongHeader)
+ case tls.TLS_CHACHA20_POLY1305_SHA256:
+ return newChaChaHeaderProtector(suite, trafficSecret, isLongHeader)
+ default:
+ panic(fmt.Sprintf("Invalid cipher suite id: %d", suite.ID))
+ }
+}
+
+type aesHeaderProtector struct {
+ mask []byte
+ block cipher.Block
+ isLongHeader bool
+}
+
+var _ headerProtector = &aesHeaderProtector{}
+
+func newAESHeaderProtector(suite *qtls.CipherSuiteTLS13, trafficSecret []byte, isLongHeader bool) headerProtector {
+ hpKey := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
+ block, err := aes.NewCipher(hpKey)
+ if err != nil {
+ panic(fmt.Sprintf("error creating new AES cipher: %s", err))
+ }
+ return &aesHeaderProtector{
+ block: block,
+ mask: make([]byte, block.BlockSize()),
+ isLongHeader: isLongHeader,
+ }
+}
+
+func (p *aesHeaderProtector) DecryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ p.apply(sample, firstByte, hdrBytes)
+}
+
+func (p *aesHeaderProtector) EncryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ p.apply(sample, firstByte, hdrBytes)
+}
+
+func (p *aesHeaderProtector) apply(sample []byte, firstByte *byte, hdrBytes []byte) {
+ if len(sample) != len(p.mask) {
+ panic("invalid sample size")
+ }
+ p.block.Encrypt(p.mask, sample)
+ if p.isLongHeader {
+ *firstByte ^= p.mask[0] & 0xf
+ } else {
+ *firstByte ^= p.mask[0] & 0x1f
+ }
+ for i := range hdrBytes {
+ hdrBytes[i] ^= p.mask[i+1]
+ }
+}
+
+type chachaHeaderProtector struct {
+ mask [5]byte
+
+ key [32]byte
+ isLongHeader bool
+}
+
+var _ headerProtector = &chachaHeaderProtector{}
+
+func newChaChaHeaderProtector(suite *qtls.CipherSuiteTLS13, trafficSecret []byte, isLongHeader bool) headerProtector {
+ hpKey := hkdfExpandLabel(suite.Hash, trafficSecret, []byte{}, "quic hp", suite.KeyLen)
+
+ p := &chachaHeaderProtector{
+ isLongHeader: isLongHeader,
+ }
+ copy(p.key[:], hpKey)
+ return p
+}
+
+func (p *chachaHeaderProtector) DecryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ p.apply(sample, firstByte, hdrBytes)
+}
+
+func (p *chachaHeaderProtector) EncryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ p.apply(sample, firstByte, hdrBytes)
+}
+
+func (p *chachaHeaderProtector) apply(sample []byte, firstByte *byte, hdrBytes []byte) {
+ if len(sample) != 16 {
+ panic("invalid sample size")
+ }
+ for i := 0; i < 5; i++ {
+ p.mask[i] = 0
+ }
+ cipher, err := chacha20.NewUnauthenticatedCipher(p.key[:], sample[4:])
+ if err != nil {
+ panic(err)
+ }
+ cipher.SetCounter(binary.LittleEndian.Uint32(sample[:4]))
+ cipher.XORKeyStream(p.mask[:], p.mask[:])
+ p.applyMask(firstByte, hdrBytes)
+}
+
+func (p *chachaHeaderProtector) applyMask(firstByte *byte, hdrBytes []byte) {
+ if p.isLongHeader {
+ *firstByte ^= p.mask[0] & 0xf
+ } else {
+ *firstByte ^= p.mask[0] & 0x1f
+ }
+ for i := range hdrBytes {
+ hdrBytes[i] ^= p.mask[i+1]
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/hkdf.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/hkdf.go
new file mode 100644
index 00000000..c4fd86c5
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/hkdf.go
@@ -0,0 +1,29 @@
+package handshake
+
+import (
+ "crypto"
+ "encoding/binary"
+
+ "golang.org/x/crypto/hkdf"
+)
+
+// hkdfExpandLabel HKDF expands a label.
+// Since this implementation avoids using a cryptobyte.Builder, it is about 15% faster than the
+// hkdfExpandLabel in the standard library.
+func hkdfExpandLabel(hash crypto.Hash, secret, context []byte, label string, length int) []byte {
+ b := make([]byte, 3, 3+6+len(label)+1+len(context))
+ binary.BigEndian.PutUint16(b, uint16(length))
+ b[2] = uint8(6 + len(label))
+ b = append(b, []byte("tls13 ")...)
+ b = append(b, []byte(label)...)
+ b = b[:3+6+len(label)+1]
+ b[3+6+len(label)] = uint8(len(context))
+ b = append(b, context...)
+
+ out := make([]byte, length)
+ n, err := hkdf.Expand(hash.New, secret, b).Read(out)
+ if err != nil || n != length {
+ panic("quic: HKDF-Expand-Label invocation failed unexpectedly")
+ }
+ return out
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/initial_aead.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/initial_aead.go
new file mode 100644
index 00000000..f272297d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/initial_aead.go
@@ -0,0 +1,64 @@
+package handshake
+
+import (
+ "crypto"
+ "crypto/tls"
+
+ "golang.org/x/crypto/hkdf"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+)
+
+var (
+ quicSaltOld = []byte{0xaf, 0xbf, 0xec, 0x28, 0x99, 0x93, 0xd2, 0x4c, 0x9e, 0x97, 0x86, 0xf1, 0x9c, 0x61, 0x11, 0xe0, 0x43, 0x90, 0xa8, 0x99}
+ quicSaltDraft34 = []byte{0x38, 0x76, 0x2c, 0xf7, 0xf5, 0x59, 0x34, 0xb3, 0x4d, 0x17, 0x9a, 0xe6, 0xa4, 0xc8, 0x0c, 0xad, 0xcc, 0xbb, 0x7f, 0x0a}
+)
+
+func getSalt(v protocol.VersionNumber) []byte {
+ if v == protocol.VersionDraft34 || v == protocol.Version1 {
+ return quicSaltDraft34
+ }
+ return quicSaltOld
+}
+
+var initialSuite = &qtls.CipherSuiteTLS13{
+ ID: tls.TLS_AES_128_GCM_SHA256,
+ KeyLen: 16,
+ AEAD: qtls.AEADAESGCMTLS13,
+ Hash: crypto.SHA256,
+}
+
+// NewInitialAEAD creates a new AEAD for Initial encryption / decryption.
+func NewInitialAEAD(connID protocol.ConnectionID, pers protocol.Perspective, v protocol.VersionNumber) (LongHeaderSealer, LongHeaderOpener) {
+ clientSecret, serverSecret := computeSecrets(connID, v)
+ var mySecret, otherSecret []byte
+ if pers == protocol.PerspectiveClient {
+ mySecret = clientSecret
+ otherSecret = serverSecret
+ } else {
+ mySecret = serverSecret
+ otherSecret = clientSecret
+ }
+ myKey, myIV := computeInitialKeyAndIV(mySecret)
+ otherKey, otherIV := computeInitialKeyAndIV(otherSecret)
+
+ encrypter := qtls.AEADAESGCMTLS13(myKey, myIV)
+ decrypter := qtls.AEADAESGCMTLS13(otherKey, otherIV)
+
+ return newLongHeaderSealer(encrypter, newHeaderProtector(initialSuite, mySecret, true)),
+ newLongHeaderOpener(decrypter, newAESHeaderProtector(initialSuite, otherSecret, true))
+}
+
+func computeSecrets(connID protocol.ConnectionID, v protocol.VersionNumber) (clientSecret, serverSecret []byte) {
+ initialSecret := hkdf.Extract(crypto.SHA256.New, connID, getSalt(v))
+ clientSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "client in", crypto.SHA256.Size())
+ serverSecret = hkdfExpandLabel(crypto.SHA256, initialSecret, []byte{}, "server in", crypto.SHA256.Size())
+ return
+}
+
+func computeInitialKeyAndIV(secret []byte) (key, iv []byte) {
+ key = hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic key", 16)
+ iv = hkdfExpandLabel(crypto.SHA256, secret, []byte{}, "quic iv", 12)
+ return
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/interface.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/interface.go
new file mode 100644
index 00000000..112f6c25
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/interface.go
@@ -0,0 +1,102 @@
+package handshake
+
+import (
+ "errors"
+ "io"
+ "net"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+var (
+ // ErrKeysNotYetAvailable is returned when an opener or a sealer is requested for an encryption level,
+ // but the corresponding opener has not yet been initialized
+ // This can happen when packets arrive out of order.
+ ErrKeysNotYetAvailable = errors.New("CryptoSetup: keys at this encryption level not yet available")
+ // ErrKeysDropped is returned when an opener or a sealer is requested for an encryption level,
+ // but the corresponding keys have already been dropped.
+ ErrKeysDropped = errors.New("CryptoSetup: keys were already dropped")
+ // ErrDecryptionFailed is returned when the AEAD fails to open the packet.
+ ErrDecryptionFailed = errors.New("decryption failed")
+)
+
+// ConnectionState contains information about the state of the connection.
+type ConnectionState = qtls.ConnectionState
+
+type headerDecryptor interface {
+ DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
+}
+
+// LongHeaderOpener opens a long header packet
+type LongHeaderOpener interface {
+ headerDecryptor
+ DecodePacketNumber(wirePN protocol.PacketNumber, wirePNLen protocol.PacketNumberLen) protocol.PacketNumber
+ Open(dst, src []byte, pn protocol.PacketNumber, associatedData []byte) ([]byte, error)
+}
+
+// ShortHeaderOpener opens a short header packet
+type ShortHeaderOpener interface {
+ headerDecryptor
+ DecodePacketNumber(wirePN protocol.PacketNumber, wirePNLen protocol.PacketNumberLen) protocol.PacketNumber
+ Open(dst, src []byte, rcvTime time.Time, pn protocol.PacketNumber, kp protocol.KeyPhaseBit, associatedData []byte) ([]byte, error)
+}
+
+// LongHeaderSealer seals a long header packet
+type LongHeaderSealer interface {
+ Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
+ EncryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
+ Overhead() int
+}
+
+// ShortHeaderSealer seals a short header packet
+type ShortHeaderSealer interface {
+ LongHeaderSealer
+ KeyPhase() protocol.KeyPhaseBit
+}
+
+// A tlsExtensionHandler sends and received the QUIC TLS extension.
+type tlsExtensionHandler interface {
+ GetExtensions(msgType uint8) []qtls.Extension
+ ReceivedExtensions(msgType uint8, exts []qtls.Extension)
+ TransportParameters() <-chan []byte
+}
+
+type handshakeRunner interface {
+ OnReceivedParams(*wire.TransportParameters)
+ OnHandshakeComplete()
+ OnError(error)
+ DropKeys(protocol.EncryptionLevel)
+}
+
+// CryptoSetup handles the handshake and protecting / unprotecting packets
+type CryptoSetup interface {
+ RunHandshake()
+ io.Closer
+ ChangeConnectionID(protocol.ConnectionID)
+ GetSessionTicket() ([]byte, error)
+
+ HandleMessage([]byte, protocol.EncryptionLevel) bool
+ SetLargest1RTTAcked(protocol.PacketNumber) error
+ SetHandshakeConfirmed()
+ ConnectionState() ConnectionState
+
+ GetInitialOpener() (LongHeaderOpener, error)
+ GetHandshakeOpener() (LongHeaderOpener, error)
+ Get0RTTOpener() (LongHeaderOpener, error)
+ Get1RTTOpener() (ShortHeaderOpener, error)
+
+ GetInitialSealer() (LongHeaderSealer, error)
+ GetHandshakeSealer() (LongHeaderSealer, error)
+ Get0RTTSealer() (LongHeaderSealer, error)
+ Get1RTTSealer() (ShortHeaderSealer, error)
+}
+
+// ConnWithVersion is the connection used in the ClientHelloInfo.
+// It can be used to determine the QUIC version in use.
+type ConnWithVersion interface {
+ net.Conn
+ GetQUICVersion() protocol.VersionNumber
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/mockgen.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/mockgen.go
new file mode 100644
index 00000000..c7a8d13e
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/mockgen.go
@@ -0,0 +1,3 @@
+package handshake
+
+//go:generate sh -c "../../mockgen_private.sh handshake mock_handshake_runner_test.go github.com/lucas-clemente/quic-go/internal/handshake handshakeRunner"
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/retry.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/retry.go
new file mode 100644
index 00000000..d23c993e
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/retry.go
@@ -0,0 +1,62 @@
+package handshake
+
+import (
+ "bytes"
+ "crypto/aes"
+ "crypto/cipher"
+ "fmt"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+var (
+ oldRetryAEAD cipher.AEAD // used for QUIC draft versions up to 34
+ retryAEAD cipher.AEAD // used for QUIC draft-34
+)
+
+func init() {
+ oldRetryAEAD = initAEAD([16]byte{0xcc, 0xce, 0x18, 0x7e, 0xd0, 0x9a, 0x09, 0xd0, 0x57, 0x28, 0x15, 0x5a, 0x6c, 0xb9, 0x6b, 0xe1})
+ retryAEAD = initAEAD([16]byte{0xbe, 0x0c, 0x69, 0x0b, 0x9f, 0x66, 0x57, 0x5a, 0x1d, 0x76, 0x6b, 0x54, 0xe3, 0x68, 0xc8, 0x4e})
+}
+
+func initAEAD(key [16]byte) cipher.AEAD {
+ aes, err := aes.NewCipher(key[:])
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+ return aead
+}
+
+var (
+ retryBuf bytes.Buffer
+ retryMutex sync.Mutex
+ oldRetryNonce = [12]byte{0xe5, 0x49, 0x30, 0xf9, 0x7f, 0x21, 0x36, 0xf0, 0x53, 0x0a, 0x8c, 0x1c}
+ retryNonce = [12]byte{0x46, 0x15, 0x99, 0xd3, 0x5d, 0x63, 0x2b, 0xf2, 0x23, 0x98, 0x25, 0xbb}
+)
+
+// GetRetryIntegrityTag calculates the integrity tag on a Retry packet
+func GetRetryIntegrityTag(retry []byte, origDestConnID protocol.ConnectionID, version protocol.VersionNumber) *[16]byte {
+ retryMutex.Lock()
+ retryBuf.WriteByte(uint8(origDestConnID.Len()))
+ retryBuf.Write(origDestConnID.Bytes())
+ retryBuf.Write(retry)
+
+ var tag [16]byte
+ var sealed []byte
+ if version != protocol.VersionDraft34 && version != protocol.Version1 {
+ sealed = oldRetryAEAD.Seal(tag[:0], oldRetryNonce[:], nil, retryBuf.Bytes())
+ } else {
+ sealed = retryAEAD.Seal(tag[:0], retryNonce[:], nil, retryBuf.Bytes())
+ }
+ if len(sealed) != 16 {
+ panic(fmt.Sprintf("unexpected Retry integrity tag length: %d", len(sealed)))
+ }
+ retryBuf.Reset()
+ retryMutex.Unlock()
+ return &tag
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/session_ticket.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/session_ticket.go
new file mode 100644
index 00000000..75cc04f9
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/session_ticket.go
@@ -0,0 +1,48 @@
+package handshake
+
+import (
+ "bytes"
+ "errors"
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+const sessionTicketRevision = 2
+
+type sessionTicket struct {
+ Parameters *wire.TransportParameters
+ RTT time.Duration // to be encoded in mus
+}
+
+func (t *sessionTicket) Marshal() []byte {
+ b := &bytes.Buffer{}
+ quicvarint.Write(b, sessionTicketRevision)
+ quicvarint.Write(b, uint64(t.RTT.Microseconds()))
+ t.Parameters.MarshalForSessionTicket(b)
+ return b.Bytes()
+}
+
+func (t *sessionTicket) Unmarshal(b []byte) error {
+ r := bytes.NewReader(b)
+ rev, err := quicvarint.Read(r)
+ if err != nil {
+ return errors.New("failed to read session ticket revision")
+ }
+ if rev != sessionTicketRevision {
+ return fmt.Errorf("unknown session ticket revision: %d", rev)
+ }
+ rtt, err := quicvarint.Read(r)
+ if err != nil {
+ return errors.New("failed to read RTT")
+ }
+ var tp wire.TransportParameters
+ if err := tp.UnmarshalFromSessionTicket(r); err != nil {
+ return fmt.Errorf("unmarshaling transport parameters from session ticket failed: %s", err.Error())
+ }
+ t.Parameters = &tp
+ t.RTT = time.Duration(rtt) * time.Microsecond
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension_handler.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension_handler.go
new file mode 100644
index 00000000..8f344f08
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/tls_extension_handler.go
@@ -0,0 +1,68 @@
+package handshake
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+)
+
+const (
+ quicTLSExtensionTypeOldDrafts = 0xffa5
+ quicTLSExtensionType = 0x39
+)
+
+type extensionHandler struct {
+ ourParams []byte
+ paramsChan chan []byte
+
+ extensionType uint16
+
+ perspective protocol.Perspective
+}
+
+var _ tlsExtensionHandler = &extensionHandler{}
+
+// newExtensionHandler creates a new extension handler
+func newExtensionHandler(params []byte, pers protocol.Perspective, v protocol.VersionNumber) tlsExtensionHandler {
+ et := uint16(quicTLSExtensionType)
+ if v != protocol.VersionDraft34 && v != protocol.Version1 {
+ et = quicTLSExtensionTypeOldDrafts
+ }
+ return &extensionHandler{
+ ourParams: params,
+ paramsChan: make(chan []byte),
+ perspective: pers,
+ extensionType: et,
+ }
+}
+
+func (h *extensionHandler) GetExtensions(msgType uint8) []qtls.Extension {
+ if (h.perspective == protocol.PerspectiveClient && messageType(msgType) != typeClientHello) ||
+ (h.perspective == protocol.PerspectiveServer && messageType(msgType) != typeEncryptedExtensions) {
+ return nil
+ }
+ return []qtls.Extension{{
+ Type: h.extensionType,
+ Data: h.ourParams,
+ }}
+}
+
+func (h *extensionHandler) ReceivedExtensions(msgType uint8, exts []qtls.Extension) {
+ if (h.perspective == protocol.PerspectiveClient && messageType(msgType) != typeEncryptedExtensions) ||
+ (h.perspective == protocol.PerspectiveServer && messageType(msgType) != typeClientHello) {
+ return
+ }
+
+ var data []byte
+ for _, ext := range exts {
+ if ext.Type == h.extensionType {
+ data = ext.Data
+ break
+ }
+ }
+
+ h.paramsChan <- data
+}
+
+func (h *extensionHandler) TransportParameters() <-chan []byte {
+ return h.paramsChan
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_generator.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_generator.go
new file mode 100644
index 00000000..2df5fcd8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_generator.go
@@ -0,0 +1,134 @@
+package handshake
+
+import (
+ "encoding/asn1"
+ "fmt"
+ "io"
+ "net"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+const (
+ tokenPrefixIP byte = iota
+ tokenPrefixString
+)
+
+// A Token is derived from the client address and can be used to verify the ownership of this address.
+type Token struct {
+ IsRetryToken bool
+ RemoteAddr string
+ SentTime time.Time
+ // only set for retry tokens
+ OriginalDestConnectionID protocol.ConnectionID
+ RetrySrcConnectionID protocol.ConnectionID
+}
+
+// token is the struct that is used for ASN1 serialization and deserialization
+type token struct {
+ IsRetryToken bool
+ RemoteAddr []byte
+ Timestamp int64
+ OriginalDestConnectionID []byte
+ RetrySrcConnectionID []byte
+}
+
+// A TokenGenerator generates tokens
+type TokenGenerator struct {
+ tokenProtector tokenProtector
+}
+
+// NewTokenGenerator initializes a new TookenGenerator
+func NewTokenGenerator(rand io.Reader) (*TokenGenerator, error) {
+ tokenProtector, err := newTokenProtector(rand)
+ if err != nil {
+ return nil, err
+ }
+ return &TokenGenerator{
+ tokenProtector: tokenProtector,
+ }, nil
+}
+
+// NewRetryToken generates a new token for a Retry for a given source address
+func (g *TokenGenerator) NewRetryToken(
+ raddr net.Addr,
+ origDestConnID protocol.ConnectionID,
+ retrySrcConnID protocol.ConnectionID,
+) ([]byte, error) {
+ data, err := asn1.Marshal(token{
+ IsRetryToken: true,
+ RemoteAddr: encodeRemoteAddr(raddr),
+ OriginalDestConnectionID: origDestConnID,
+ RetrySrcConnectionID: retrySrcConnID,
+ Timestamp: time.Now().UnixNano(),
+ })
+ if err != nil {
+ return nil, err
+ }
+ return g.tokenProtector.NewToken(data)
+}
+
+// NewToken generates a new token to be sent in a NEW_TOKEN frame
+func (g *TokenGenerator) NewToken(raddr net.Addr) ([]byte, error) {
+ data, err := asn1.Marshal(token{
+ RemoteAddr: encodeRemoteAddr(raddr),
+ Timestamp: time.Now().UnixNano(),
+ })
+ if err != nil {
+ return nil, err
+ }
+ return g.tokenProtector.NewToken(data)
+}
+
+// DecodeToken decodes a token
+func (g *TokenGenerator) DecodeToken(encrypted []byte) (*Token, error) {
+ // if the client didn't send any token, DecodeToken will be called with a nil-slice
+ if len(encrypted) == 0 {
+ return nil, nil
+ }
+
+ data, err := g.tokenProtector.DecodeToken(encrypted)
+ if err != nil {
+ return nil, err
+ }
+ t := &token{}
+ rest, err := asn1.Unmarshal(data, t)
+ if err != nil {
+ return nil, err
+ }
+ if len(rest) != 0 {
+ return nil, fmt.Errorf("rest when unpacking token: %d", len(rest))
+ }
+ token := &Token{
+ IsRetryToken: t.IsRetryToken,
+ RemoteAddr: decodeRemoteAddr(t.RemoteAddr),
+ SentTime: time.Unix(0, t.Timestamp),
+ }
+ if t.IsRetryToken {
+ token.OriginalDestConnectionID = protocol.ConnectionID(t.OriginalDestConnectionID)
+ token.RetrySrcConnectionID = protocol.ConnectionID(t.RetrySrcConnectionID)
+ }
+ return token, nil
+}
+
+// encodeRemoteAddr encodes a remote address such that it can be saved in the token
+func encodeRemoteAddr(remoteAddr net.Addr) []byte {
+ if udpAddr, ok := remoteAddr.(*net.UDPAddr); ok {
+ return append([]byte{tokenPrefixIP}, udpAddr.IP...)
+ }
+ return append([]byte{tokenPrefixString}, []byte(remoteAddr.String())...)
+}
+
+// decodeRemoteAddr decodes the remote address saved in the token
+func decodeRemoteAddr(data []byte) string {
+ // data will never be empty for a token that we generated.
+ // Check it to be on the safe side
+ if len(data) == 0 {
+ return ""
+ }
+ if data[0] == tokenPrefixIP {
+ return net.IP(data[1:]).String()
+ }
+ return string(data[1:])
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_protector.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_protector.go
new file mode 100644
index 00000000..650f230b
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/token_protector.go
@@ -0,0 +1,89 @@
+package handshake
+
+import (
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/sha256"
+ "fmt"
+ "io"
+
+ "golang.org/x/crypto/hkdf"
+)
+
+// TokenProtector is used to create and verify a token
+type tokenProtector interface {
+ // NewToken creates a new token
+ NewToken([]byte) ([]byte, error)
+ // DecodeToken decodes a token
+ DecodeToken([]byte) ([]byte, error)
+}
+
+const (
+ tokenSecretSize = 32
+ tokenNonceSize = 32
+)
+
+// tokenProtector is used to create and verify a token
+type tokenProtectorImpl struct {
+ rand io.Reader
+ secret []byte
+}
+
+// newTokenProtector creates a source for source address tokens
+func newTokenProtector(rand io.Reader) (tokenProtector, error) {
+ secret := make([]byte, tokenSecretSize)
+ if _, err := rand.Read(secret); err != nil {
+ return nil, err
+ }
+ return &tokenProtectorImpl{
+ rand: rand,
+ secret: secret,
+ }, nil
+}
+
+// NewToken encodes data into a new token.
+func (s *tokenProtectorImpl) NewToken(data []byte) ([]byte, error) {
+ nonce := make([]byte, tokenNonceSize)
+ if _, err := s.rand.Read(nonce); err != nil {
+ return nil, err
+ }
+ aead, aeadNonce, err := s.createAEAD(nonce)
+ if err != nil {
+ return nil, err
+ }
+ return append(nonce, aead.Seal(nil, aeadNonce, data, nil)...), nil
+}
+
+// DecodeToken decodes a token.
+func (s *tokenProtectorImpl) DecodeToken(p []byte) ([]byte, error) {
+ if len(p) < tokenNonceSize {
+ return nil, fmt.Errorf("token too short: %d", len(p))
+ }
+ nonce := p[:tokenNonceSize]
+ aead, aeadNonce, err := s.createAEAD(nonce)
+ if err != nil {
+ return nil, err
+ }
+ return aead.Open(nil, aeadNonce, p[tokenNonceSize:], nil)
+}
+
+func (s *tokenProtectorImpl) createAEAD(nonce []byte) (cipher.AEAD, []byte, error) {
+ h := hkdf.New(sha256.New, s.secret, nonce, []byte("quic-go token source"))
+ key := make([]byte, 32) // use a 32 byte key, in order to select AES-256
+ if _, err := io.ReadFull(h, key); err != nil {
+ return nil, nil, err
+ }
+ aeadNonce := make([]byte, 12)
+ if _, err := io.ReadFull(h, aeadNonce); err != nil {
+ return nil, nil, err
+ }
+ c, err := aes.NewCipher(key)
+ if err != nil {
+ return nil, nil, err
+ }
+ aead, err := cipher.NewGCM(c)
+ if err != nil {
+ return nil, nil, err
+ }
+ return aead, aeadNonce, nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/handshake/updatable_aead.go b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/updatable_aead.go
new file mode 100644
index 00000000..094e6504
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/handshake/updatable_aead.go
@@ -0,0 +1,321 @@
+package handshake
+
+import (
+ "crypto"
+ "crypto/cipher"
+ "crypto/tls"
+ "encoding/binary"
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+// KeyUpdateInterval is the maximum number of packets we send or receive before initiating a key update.
+// It's a package-level variable to allow modifying it for testing purposes.
+var KeyUpdateInterval uint64 = protocol.KeyUpdateInterval
+
+type updatableAEAD struct {
+ suite *qtls.CipherSuiteTLS13
+
+ keyPhase protocol.KeyPhase
+ largestAcked protocol.PacketNumber
+ firstPacketNumber protocol.PacketNumber
+ handshakeConfirmed bool
+
+ keyUpdateInterval uint64
+ invalidPacketLimit uint64
+ invalidPacketCount uint64
+
+ // Time when the keys should be dropped. Keys are dropped on the next call to Open().
+ prevRcvAEADExpiry time.Time
+ prevRcvAEAD cipher.AEAD
+
+ firstRcvdWithCurrentKey protocol.PacketNumber
+ firstSentWithCurrentKey protocol.PacketNumber
+ highestRcvdPN protocol.PacketNumber // highest packet number received (which could be successfully unprotected)
+ numRcvdWithCurrentKey uint64
+ numSentWithCurrentKey uint64
+ rcvAEAD cipher.AEAD
+ sendAEAD cipher.AEAD
+ // caches cipher.AEAD.Overhead(). This speeds up calls to Overhead().
+ aeadOverhead int
+
+ nextRcvAEAD cipher.AEAD
+ nextSendAEAD cipher.AEAD
+ nextRcvTrafficSecret []byte
+ nextSendTrafficSecret []byte
+
+ headerDecrypter headerProtector
+ headerEncrypter headerProtector
+
+ rttStats *utils.RTTStats
+
+ tracer logging.ConnectionTracer
+ logger utils.Logger
+
+ // use a single slice to avoid allocations
+ nonceBuf []byte
+}
+
+var (
+ _ ShortHeaderOpener = &updatableAEAD{}
+ _ ShortHeaderSealer = &updatableAEAD{}
+)
+
+func newUpdatableAEAD(rttStats *utils.RTTStats, tracer logging.ConnectionTracer, logger utils.Logger) *updatableAEAD {
+ return &updatableAEAD{
+ firstPacketNumber: protocol.InvalidPacketNumber,
+ largestAcked: protocol.InvalidPacketNumber,
+ firstRcvdWithCurrentKey: protocol.InvalidPacketNumber,
+ firstSentWithCurrentKey: protocol.InvalidPacketNumber,
+ keyUpdateInterval: KeyUpdateInterval,
+ rttStats: rttStats,
+ tracer: tracer,
+ logger: logger,
+ }
+}
+
+func (a *updatableAEAD) rollKeys() {
+ if a.prevRcvAEAD != nil {
+ a.logger.Debugf("Dropping key phase %d ahead of scheduled time. Drop time was: %s", a.keyPhase-1, a.prevRcvAEADExpiry)
+ if a.tracer != nil {
+ a.tracer.DroppedKey(a.keyPhase - 1)
+ }
+ a.prevRcvAEADExpiry = time.Time{}
+ }
+
+ a.keyPhase++
+ a.firstRcvdWithCurrentKey = protocol.InvalidPacketNumber
+ a.firstSentWithCurrentKey = protocol.InvalidPacketNumber
+ a.numRcvdWithCurrentKey = 0
+ a.numSentWithCurrentKey = 0
+ a.prevRcvAEAD = a.rcvAEAD
+ a.rcvAEAD = a.nextRcvAEAD
+ a.sendAEAD = a.nextSendAEAD
+
+ a.nextRcvTrafficSecret = a.getNextTrafficSecret(a.suite.Hash, a.nextRcvTrafficSecret)
+ a.nextSendTrafficSecret = a.getNextTrafficSecret(a.suite.Hash, a.nextSendTrafficSecret)
+ a.nextRcvAEAD = createAEAD(a.suite, a.nextRcvTrafficSecret)
+ a.nextSendAEAD = createAEAD(a.suite, a.nextSendTrafficSecret)
+}
+
+func (a *updatableAEAD) startKeyDropTimer(now time.Time) {
+ d := 3 * a.rttStats.PTO(true)
+ a.logger.Debugf("Starting key drop timer to drop key phase %d (in %s)", a.keyPhase-1, d)
+ a.prevRcvAEADExpiry = now.Add(d)
+}
+
+func (a *updatableAEAD) getNextTrafficSecret(hash crypto.Hash, ts []byte) []byte {
+ return hkdfExpandLabel(hash, ts, []byte{}, "quic ku", hash.Size())
+}
+
+// For the client, this function is called before SetWriteKey.
+// For the server, this function is called after SetWriteKey.
+func (a *updatableAEAD) SetReadKey(suite *qtls.CipherSuiteTLS13, trafficSecret []byte) {
+ a.rcvAEAD = createAEAD(suite, trafficSecret)
+ a.headerDecrypter = newHeaderProtector(suite, trafficSecret, false)
+ if a.suite == nil {
+ a.setAEADParameters(a.rcvAEAD, suite)
+ }
+
+ a.nextRcvTrafficSecret = a.getNextTrafficSecret(suite.Hash, trafficSecret)
+ a.nextRcvAEAD = createAEAD(suite, a.nextRcvTrafficSecret)
+}
+
+// For the client, this function is called after SetReadKey.
+// For the server, this function is called before SetWriteKey.
+func (a *updatableAEAD) SetWriteKey(suite *qtls.CipherSuiteTLS13, trafficSecret []byte) {
+ a.sendAEAD = createAEAD(suite, trafficSecret)
+ a.headerEncrypter = newHeaderProtector(suite, trafficSecret, false)
+ if a.suite == nil {
+ a.setAEADParameters(a.sendAEAD, suite)
+ }
+
+ a.nextSendTrafficSecret = a.getNextTrafficSecret(suite.Hash, trafficSecret)
+ a.nextSendAEAD = createAEAD(suite, a.nextSendTrafficSecret)
+}
+
+func (a *updatableAEAD) setAEADParameters(aead cipher.AEAD, suite *qtls.CipherSuiteTLS13) {
+ a.nonceBuf = make([]byte, aead.NonceSize())
+ a.aeadOverhead = aead.Overhead()
+ a.suite = suite
+ switch suite.ID {
+ case tls.TLS_AES_128_GCM_SHA256, tls.TLS_AES_256_GCM_SHA384:
+ a.invalidPacketLimit = protocol.InvalidPacketLimitAES
+ case tls.TLS_CHACHA20_POLY1305_SHA256:
+ a.invalidPacketLimit = protocol.InvalidPacketLimitChaCha
+ default:
+ panic(fmt.Sprintf("unknown cipher suite %d", suite.ID))
+ }
+}
+
+func (a *updatableAEAD) DecodePacketNumber(wirePN protocol.PacketNumber, wirePNLen protocol.PacketNumberLen) protocol.PacketNumber {
+ return protocol.DecodePacketNumber(wirePNLen, a.highestRcvdPN, wirePN)
+}
+
+func (a *updatableAEAD) Open(dst, src []byte, rcvTime time.Time, pn protocol.PacketNumber, kp protocol.KeyPhaseBit, ad []byte) ([]byte, error) {
+ dec, err := a.open(dst, src, rcvTime, pn, kp, ad)
+ if err == ErrDecryptionFailed {
+ a.invalidPacketCount++
+ if a.invalidPacketCount >= a.invalidPacketLimit {
+ return nil, &qerr.TransportError{ErrorCode: qerr.AEADLimitReached}
+ }
+ }
+ if err == nil {
+ a.highestRcvdPN = utils.MaxPacketNumber(a.highestRcvdPN, pn)
+ }
+ return dec, err
+}
+
+func (a *updatableAEAD) open(dst, src []byte, rcvTime time.Time, pn protocol.PacketNumber, kp protocol.KeyPhaseBit, ad []byte) ([]byte, error) {
+ if a.prevRcvAEAD != nil && !a.prevRcvAEADExpiry.IsZero() && rcvTime.After(a.prevRcvAEADExpiry) {
+ a.prevRcvAEAD = nil
+ a.logger.Debugf("Dropping key phase %d", a.keyPhase-1)
+ a.prevRcvAEADExpiry = time.Time{}
+ if a.tracer != nil {
+ a.tracer.DroppedKey(a.keyPhase - 1)
+ }
+ }
+ binary.BigEndian.PutUint64(a.nonceBuf[len(a.nonceBuf)-8:], uint64(pn))
+ if kp != a.keyPhase.Bit() {
+ if a.keyPhase > 0 && a.firstRcvdWithCurrentKey == protocol.InvalidPacketNumber || pn < a.firstRcvdWithCurrentKey {
+ if a.prevRcvAEAD == nil {
+ return nil, ErrKeysDropped
+ }
+ // we updated the key, but the peer hasn't updated yet
+ dec, err := a.prevRcvAEAD.Open(dst, a.nonceBuf, src, ad)
+ if err != nil {
+ err = ErrDecryptionFailed
+ }
+ return dec, err
+ }
+ // try opening the packet with the next key phase
+ dec, err := a.nextRcvAEAD.Open(dst, a.nonceBuf, src, ad)
+ if err != nil {
+ return nil, ErrDecryptionFailed
+ }
+ // Opening succeeded. Check if the peer was allowed to update.
+ if a.keyPhase > 0 && a.firstSentWithCurrentKey == protocol.InvalidPacketNumber {
+ return nil, &qerr.TransportError{
+ ErrorCode: qerr.KeyUpdateError,
+ ErrorMessage: "keys updated too quickly",
+ }
+ }
+ a.rollKeys()
+ a.logger.Debugf("Peer updated keys to %d", a.keyPhase)
+ // The peer initiated this key update. It's safe to drop the keys for the previous generation now.
+ // Start a timer to drop the previous key generation.
+ a.startKeyDropTimer(rcvTime)
+ if a.tracer != nil {
+ a.tracer.UpdatedKey(a.keyPhase, true)
+ }
+ a.firstRcvdWithCurrentKey = pn
+ return dec, err
+ }
+ // The AEAD we're using here will be the qtls.aeadAESGCM13.
+ // It uses the nonce provided here and XOR it with the IV.
+ dec, err := a.rcvAEAD.Open(dst, a.nonceBuf, src, ad)
+ if err != nil {
+ return dec, ErrDecryptionFailed
+ }
+ a.numRcvdWithCurrentKey++
+ if a.firstRcvdWithCurrentKey == protocol.InvalidPacketNumber {
+ // We initiated the key updated, and now we received the first packet protected with the new key phase.
+ // Therefore, we are certain that the peer rolled its keys as well. Start a timer to drop the old keys.
+ if a.keyPhase > 0 {
+ a.logger.Debugf("Peer confirmed key update to phase %d", a.keyPhase)
+ a.startKeyDropTimer(rcvTime)
+ }
+ a.firstRcvdWithCurrentKey = pn
+ }
+ return dec, err
+}
+
+func (a *updatableAEAD) Seal(dst, src []byte, pn protocol.PacketNumber, ad []byte) []byte {
+ if a.firstSentWithCurrentKey == protocol.InvalidPacketNumber {
+ a.firstSentWithCurrentKey = pn
+ }
+ if a.firstPacketNumber == protocol.InvalidPacketNumber {
+ a.firstPacketNumber = pn
+ }
+ a.numSentWithCurrentKey++
+ binary.BigEndian.PutUint64(a.nonceBuf[len(a.nonceBuf)-8:], uint64(pn))
+ // The AEAD we're using here will be the qtls.aeadAESGCM13.
+ // It uses the nonce provided here and XOR it with the IV.
+ return a.sendAEAD.Seal(dst, a.nonceBuf, src, ad)
+}
+
+func (a *updatableAEAD) SetLargestAcked(pn protocol.PacketNumber) error {
+ if a.firstSentWithCurrentKey != protocol.InvalidPacketNumber &&
+ pn >= a.firstSentWithCurrentKey && a.numRcvdWithCurrentKey == 0 {
+ return &qerr.TransportError{
+ ErrorCode: qerr.KeyUpdateError,
+ ErrorMessage: fmt.Sprintf("received ACK for key phase %d, but peer didn't update keys", a.keyPhase),
+ }
+ }
+ a.largestAcked = pn
+ return nil
+}
+
+func (a *updatableAEAD) SetHandshakeConfirmed() {
+ a.handshakeConfirmed = true
+}
+
+func (a *updatableAEAD) updateAllowed() bool {
+ if !a.handshakeConfirmed {
+ return false
+ }
+ // the first key update is allowed as soon as the handshake is confirmed
+ return a.keyPhase == 0 ||
+ // subsequent key updates as soon as a packet sent with that key phase has been acknowledged
+ (a.firstSentWithCurrentKey != protocol.InvalidPacketNumber &&
+ a.largestAcked != protocol.InvalidPacketNumber &&
+ a.largestAcked >= a.firstSentWithCurrentKey)
+}
+
+func (a *updatableAEAD) shouldInitiateKeyUpdate() bool {
+ if !a.updateAllowed() {
+ return false
+ }
+ if a.numRcvdWithCurrentKey >= a.keyUpdateInterval {
+ a.logger.Debugf("Received %d packets with current key phase. Initiating key update to the next key phase: %d", a.numRcvdWithCurrentKey, a.keyPhase+1)
+ return true
+ }
+ if a.numSentWithCurrentKey >= a.keyUpdateInterval {
+ a.logger.Debugf("Sent %d packets with current key phase. Initiating key update to the next key phase: %d", a.numSentWithCurrentKey, a.keyPhase+1)
+ return true
+ }
+ return false
+}
+
+func (a *updatableAEAD) KeyPhase() protocol.KeyPhaseBit {
+ if a.shouldInitiateKeyUpdate() {
+ a.rollKeys()
+ a.logger.Debugf("Initiating key update to key phase %d", a.keyPhase)
+ if a.tracer != nil {
+ a.tracer.UpdatedKey(a.keyPhase, false)
+ }
+ }
+ return a.keyPhase.Bit()
+}
+
+func (a *updatableAEAD) Overhead() int {
+ return a.aeadOverhead
+}
+
+func (a *updatableAEAD) EncryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ a.headerEncrypter.EncryptHeader(sample, firstByte, hdrBytes)
+}
+
+func (a *updatableAEAD) DecryptHeader(sample []byte, firstByte *byte, hdrBytes []byte) {
+ a.headerDecrypter.DecryptHeader(sample, firstByte, hdrBytes)
+}
+
+func (a *updatableAEAD) FirstPacketNumber() protocol.PacketNumber {
+ return a.firstPacketNumber
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/logutils/frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/logutils/frame.go
new file mode 100644
index 00000000..6e0fd311
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/logutils/frame.go
@@ -0,0 +1,33 @@
+package logutils
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+// ConvertFrame converts a wire.Frame into a logging.Frame.
+// This makes it possible for external packages to access the frames.
+// Furthermore, it removes the data slices from CRYPTO and STREAM frames.
+func ConvertFrame(frame wire.Frame) logging.Frame {
+ switch f := frame.(type) {
+ case *wire.CryptoFrame:
+ return &logging.CryptoFrame{
+ Offset: f.Offset,
+ Length: protocol.ByteCount(len(f.Data)),
+ }
+ case *wire.StreamFrame:
+ return &logging.StreamFrame{
+ StreamID: f.StreamID,
+ Offset: f.Offset,
+ Length: f.DataLen(),
+ Fin: f.Fin,
+ }
+ case *wire.DatagramFrame:
+ return &logging.DatagramFrame{
+ Length: logging.ByteCount(len(f.Data)),
+ }
+ default:
+ return logging.Frame(frame)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/connection_id.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/connection_id.go
new file mode 100644
index 00000000..3aec2cd3
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/connection_id.go
@@ -0,0 +1,69 @@
+package protocol
+
+import (
+ "bytes"
+ "crypto/rand"
+ "fmt"
+ "io"
+)
+
+// A ConnectionID in QUIC
+type ConnectionID []byte
+
+const maxConnectionIDLen = 20
+
+// GenerateConnectionID generates a connection ID using cryptographic random
+func GenerateConnectionID(len int) (ConnectionID, error) {
+ b := make([]byte, len)
+ if _, err := rand.Read(b); err != nil {
+ return nil, err
+ }
+ return ConnectionID(b), nil
+}
+
+// GenerateConnectionIDForInitial generates a connection ID for the Initial packet.
+// It uses a length randomly chosen between 8 and 20 bytes.
+func GenerateConnectionIDForInitial() (ConnectionID, error) {
+ r := make([]byte, 1)
+ if _, err := rand.Read(r); err != nil {
+ return nil, err
+ }
+ len := MinConnectionIDLenInitial + int(r[0])%(maxConnectionIDLen-MinConnectionIDLenInitial+1)
+ return GenerateConnectionID(len)
+}
+
+// ReadConnectionID reads a connection ID of length len from the given io.Reader.
+// It returns io.EOF if there are not enough bytes to read.
+func ReadConnectionID(r io.Reader, len int) (ConnectionID, error) {
+ if len == 0 {
+ return nil, nil
+ }
+ c := make(ConnectionID, len)
+ _, err := io.ReadFull(r, c)
+ if err == io.ErrUnexpectedEOF {
+ return nil, io.EOF
+ }
+ return c, err
+}
+
+// Equal says if two connection IDs are equal
+func (c ConnectionID) Equal(other ConnectionID) bool {
+ return bytes.Equal(c, other)
+}
+
+// Len returns the length of the connection ID in bytes
+func (c ConnectionID) Len() int {
+ return len(c)
+}
+
+// Bytes returns the byte representation
+func (c ConnectionID) Bytes() []byte {
+ return []byte(c)
+}
+
+func (c ConnectionID) String() string {
+ if c.Len() == 0 {
+ return "(empty)"
+ }
+ return fmt.Sprintf("%x", c.Bytes())
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/encryption_level.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/encryption_level.go
new file mode 100644
index 00000000..32d38ab1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/encryption_level.go
@@ -0,0 +1,30 @@
+package protocol
+
+// EncryptionLevel is the encryption level
+// Default value is Unencrypted
+type EncryptionLevel uint8
+
+const (
+ // EncryptionInitial is the Initial encryption level
+ EncryptionInitial EncryptionLevel = 1 + iota
+ // EncryptionHandshake is the Handshake encryption level
+ EncryptionHandshake
+ // Encryption0RTT is the 0-RTT encryption level
+ Encryption0RTT
+ // Encryption1RTT is the 1-RTT encryption level
+ Encryption1RTT
+)
+
+func (e EncryptionLevel) String() string {
+ switch e {
+ case EncryptionInitial:
+ return "Initial"
+ case EncryptionHandshake:
+ return "Handshake"
+ case Encryption0RTT:
+ return "0-RTT"
+ case Encryption1RTT:
+ return "1-RTT"
+ }
+ return "unknown"
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/key_phase.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/key_phase.go
new file mode 100644
index 00000000..edd740cf
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/key_phase.go
@@ -0,0 +1,36 @@
+package protocol
+
+// KeyPhase is the key phase
+type KeyPhase uint64
+
+// Bit determines the key phase bit
+func (p KeyPhase) Bit() KeyPhaseBit {
+ if p%2 == 0 {
+ return KeyPhaseZero
+ }
+ return KeyPhaseOne
+}
+
+// KeyPhaseBit is the key phase bit
+type KeyPhaseBit uint8
+
+const (
+ // KeyPhaseUndefined is an undefined key phase
+ KeyPhaseUndefined KeyPhaseBit = iota
+ // KeyPhaseZero is key phase 0
+ KeyPhaseZero
+ // KeyPhaseOne is key phase 1
+ KeyPhaseOne
+)
+
+func (p KeyPhaseBit) String() string {
+ //nolint:exhaustive
+ switch p {
+ case KeyPhaseZero:
+ return "0"
+ case KeyPhaseOne:
+ return "1"
+ default:
+ return "undefined"
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/packet_number.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/packet_number.go
new file mode 100644
index 00000000..bd340161
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/packet_number.go
@@ -0,0 +1,79 @@
+package protocol
+
+// A PacketNumber in QUIC
+type PacketNumber int64
+
+// InvalidPacketNumber is a packet number that is never sent.
+// In QUIC, 0 is a valid packet number.
+const InvalidPacketNumber PacketNumber = -1
+
+// PacketNumberLen is the length of the packet number in bytes
+type PacketNumberLen uint8
+
+const (
+ // PacketNumberLen1 is a packet number length of 1 byte
+ PacketNumberLen1 PacketNumberLen = 1
+ // PacketNumberLen2 is a packet number length of 2 bytes
+ PacketNumberLen2 PacketNumberLen = 2
+ // PacketNumberLen3 is a packet number length of 3 bytes
+ PacketNumberLen3 PacketNumberLen = 3
+ // PacketNumberLen4 is a packet number length of 4 bytes
+ PacketNumberLen4 PacketNumberLen = 4
+)
+
+// DecodePacketNumber calculates the packet number based on the received packet number, its length and the last seen packet number
+func DecodePacketNumber(
+ packetNumberLength PacketNumberLen,
+ lastPacketNumber PacketNumber,
+ wirePacketNumber PacketNumber,
+) PacketNumber {
+ var epochDelta PacketNumber
+ switch packetNumberLength {
+ case PacketNumberLen1:
+ epochDelta = PacketNumber(1) << 8
+ case PacketNumberLen2:
+ epochDelta = PacketNumber(1) << 16
+ case PacketNumberLen3:
+ epochDelta = PacketNumber(1) << 24
+ case PacketNumberLen4:
+ epochDelta = PacketNumber(1) << 32
+ }
+ epoch := lastPacketNumber & ^(epochDelta - 1)
+ var prevEpochBegin PacketNumber
+ if epoch > epochDelta {
+ prevEpochBegin = epoch - epochDelta
+ }
+ nextEpochBegin := epoch + epochDelta
+ return closestTo(
+ lastPacketNumber+1,
+ epoch+wirePacketNumber,
+ closestTo(lastPacketNumber+1, prevEpochBegin+wirePacketNumber, nextEpochBegin+wirePacketNumber),
+ )
+}
+
+func closestTo(target, a, b PacketNumber) PacketNumber {
+ if delta(target, a) < delta(target, b) {
+ return a
+ }
+ return b
+}
+
+func delta(a, b PacketNumber) PacketNumber {
+ if a < b {
+ return b - a
+ }
+ return a - b
+}
+
+// GetPacketNumberLengthForHeader gets the length of the packet number for the public header
+// it never chooses a PacketNumberLen of 1 byte, since this is too short under certain circumstances
+func GetPacketNumberLengthForHeader(packetNumber, leastUnacked PacketNumber) PacketNumberLen {
+ diff := uint64(packetNumber - leastUnacked)
+ if diff < (1 << (16 - 1)) {
+ return PacketNumberLen2
+ }
+ if diff < (1 << (24 - 1)) {
+ return PacketNumberLen3
+ }
+ return PacketNumberLen4
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go
new file mode 100644
index 00000000..4bc33e27
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/params.go
@@ -0,0 +1,195 @@
+package protocol
+
+import "time"
+
+// DesiredReceiveBufferSize is the kernel UDP receive buffer size that we'd like to use.
+const DesiredReceiveBufferSize = (1 << 20) * 2 // 2 MB
+
+// InitialPacketSizeIPv4 is the maximum packet size that we use for sending IPv4 packets.
+const InitialPacketSizeIPv4 = 1252
+
+// InitialPacketSizeIPv6 is the maximum packet size that we use for sending IPv6 packets.
+const InitialPacketSizeIPv6 = 1232
+
+// MaxCongestionWindowPackets is the maximum congestion window in packet.
+const MaxCongestionWindowPackets = 10000
+
+// MaxUndecryptablePackets limits the number of undecryptable packets that are queued in the session.
+const MaxUndecryptablePackets = 32
+
+// ConnectionFlowControlMultiplier determines how much larger the connection flow control windows needs to be relative to any stream's flow control window
+// This is the value that Chromium is using
+const ConnectionFlowControlMultiplier = 1.5
+
+// DefaultInitialMaxStreamData is the default initial stream-level flow control window for receiving data
+const DefaultInitialMaxStreamData = (1 << 10) * 512 // 512 kb
+
+// DefaultInitialMaxData is the connection-level flow control window for receiving data
+const DefaultInitialMaxData = ConnectionFlowControlMultiplier * DefaultInitialMaxStreamData
+
+// DefaultMaxReceiveStreamFlowControlWindow is the default maximum stream-level flow control window for receiving data
+const DefaultMaxReceiveStreamFlowControlWindow = 6 * (1 << 20) // 6 MB
+
+// DefaultMaxReceiveConnectionFlowControlWindow is the default connection-level flow control window for receiving data
+const DefaultMaxReceiveConnectionFlowControlWindow = 15 * (1 << 20) // 15 MB
+
+// WindowUpdateThreshold is the fraction of the receive window that has to be consumed before an higher offset is advertised to the client
+const WindowUpdateThreshold = 0.25
+
+// DefaultMaxIncomingStreams is the maximum number of streams that a peer may open
+const DefaultMaxIncomingStreams = 100
+
+// DefaultMaxIncomingUniStreams is the maximum number of unidirectional streams that a peer may open
+const DefaultMaxIncomingUniStreams = 100
+
+// MaxServerUnprocessedPackets is the max number of packets stored in the server that are not yet processed.
+const MaxServerUnprocessedPackets = 1024
+
+// MaxSessionUnprocessedPackets is the max number of packets stored in each session that are not yet processed.
+const MaxSessionUnprocessedPackets = 256
+
+// SkipPacketInitialPeriod is the initial period length used for packet number skipping to prevent an Optimistic ACK attack.
+// Every time a packet number is skipped, the period is doubled, up to SkipPacketMaxPeriod.
+const SkipPacketInitialPeriod PacketNumber = 256
+
+// SkipPacketMaxPeriod is the maximum period length used for packet number skipping.
+const SkipPacketMaxPeriod PacketNumber = 128 * 1024
+
+// MaxAcceptQueueSize is the maximum number of sessions that the server queues for accepting.
+// If the queue is full, new connection attempts will be rejected.
+const MaxAcceptQueueSize = 32
+
+// TokenValidity is the duration that a (non-retry) token is considered valid
+const TokenValidity = 24 * time.Hour
+
+// RetryTokenValidity is the duration that a retry token is considered valid
+const RetryTokenValidity = 10 * time.Second
+
+// MaxOutstandingSentPackets is maximum number of packets saved for retransmission.
+// When reached, it imposes a soft limit on sending new packets:
+// Sending ACKs and retransmission is still allowed, but now new regular packets can be sent.
+const MaxOutstandingSentPackets = 2 * MaxCongestionWindowPackets
+
+// MaxTrackedSentPackets is maximum number of sent packets saved for retransmission.
+// When reached, no more packets will be sent.
+// This value *must* be larger than MaxOutstandingSentPackets.
+const MaxTrackedSentPackets = MaxOutstandingSentPackets * 5 / 4
+
+// MaxNonAckElicitingAcks is the maximum number of packets containing an ACK,
+// but no ack-eliciting frames, that we send in a row
+const MaxNonAckElicitingAcks = 19
+
+// MaxStreamFrameSorterGaps is the maximum number of gaps between received StreamFrames
+// prevents DoS attacks against the streamFrameSorter
+const MaxStreamFrameSorterGaps = 1000
+
+// MinStreamFrameBufferSize is the minimum data length of a received STREAM frame
+// that we use the buffer for. This protects against a DoS where an attacker would send us
+// very small STREAM frames to consume a lot of memory.
+const MinStreamFrameBufferSize = 128
+
+// MinCoalescedPacketSize is the minimum size of a coalesced packet that we pack.
+// If a packet has less than this number of bytes, we won't coalesce any more packets onto it.
+const MinCoalescedPacketSize = 128
+
+// MaxCryptoStreamOffset is the maximum offset allowed on any of the crypto streams.
+// This limits the size of the ClientHello and Certificates that can be received.
+const MaxCryptoStreamOffset = 16 * (1 << 10)
+
+// MinRemoteIdleTimeout is the minimum value that we accept for the remote idle timeout
+const MinRemoteIdleTimeout = 5 * time.Second
+
+// DefaultIdleTimeout is the default idle timeout
+const DefaultIdleTimeout = 30 * time.Second
+
+// DefaultHandshakeIdleTimeout is the default idle timeout used before handshake completion.
+const DefaultHandshakeIdleTimeout = 5 * time.Second
+
+// DefaultHandshakeTimeout is the default timeout for a connection until the crypto handshake succeeds.
+const DefaultHandshakeTimeout = 10 * time.Second
+
+// MaxKeepAliveInterval is the maximum time until we send a packet to keep a connection alive.
+// It should be shorter than the time that NATs clear their mapping.
+const MaxKeepAliveInterval = 20 * time.Second
+
+// RetiredConnectionIDDeleteTimeout is the time we keep closed sessions around in order to retransmit the CONNECTION_CLOSE.
+// after this time all information about the old connection will be deleted
+const RetiredConnectionIDDeleteTimeout = 5 * time.Second
+
+// MinStreamFrameSize is the minimum size that has to be left in a packet, so that we add another STREAM frame.
+// This avoids splitting up STREAM frames into small pieces, which has 2 advantages:
+// 1. it reduces the framing overhead
+// 2. it reduces the head-of-line blocking, when a packet is lost
+const MinStreamFrameSize ByteCount = 128
+
+// MaxPostHandshakeCryptoFrameSize is the maximum size of CRYPTO frames
+// we send after the handshake completes.
+const MaxPostHandshakeCryptoFrameSize = 1000
+
+// MaxAckFrameSize is the maximum size for an ACK frame that we write
+// Due to the varint encoding, ACK frames can grow (almost) indefinitely large.
+// The MaxAckFrameSize should be large enough to encode many ACK range,
+// but must ensure that a maximum size ACK frame fits into one packet.
+const MaxAckFrameSize ByteCount = 1000
+
+// MaxDatagramFrameSize is the maximum size of a DATAGRAM frame as defined in
+// https://datatracker.ietf.org/doc/draft-pauly-quic-datagram/.
+// The size is chosen such that a DATAGRAM frame fits into a QUIC packet.
+const MaxDatagramFrameSize ByteCount = 1220
+
+// DatagramRcvQueueLen is the length of the receive queue for DATAGRAM frames.
+// See https://datatracker.ietf.org/doc/draft-pauly-quic-datagram/.
+const DatagramRcvQueueLen = 128
+
+// MaxNumAckRanges is the maximum number of ACK ranges that we send in an ACK frame.
+// It also serves as a limit for the packet history.
+// If at any point we keep track of more ranges, old ranges are discarded.
+const MaxNumAckRanges = 32
+
+// MinPacingDelay is the minimum duration that is used for packet pacing
+// If the packet packing frequency is higher, multiple packets might be sent at once.
+// Example: For a packet pacing delay of 200μs, we would send 5 packets at once, wait for 1ms, and so forth.
+const MinPacingDelay = time.Millisecond
+
+// DefaultConnectionIDLength is the connection ID length that is used for multiplexed connections
+// if no other value is configured.
+const DefaultConnectionIDLength = 4
+
+// MaxActiveConnectionIDs is the number of connection IDs that we're storing.
+const MaxActiveConnectionIDs = 4
+
+// MaxIssuedConnectionIDs is the maximum number of connection IDs that we're issuing at the same time.
+const MaxIssuedConnectionIDs = 6
+
+// PacketsPerConnectionID is the number of packets we send using one connection ID.
+// If the peer provices us with enough new connection IDs, we switch to a new connection ID.
+const PacketsPerConnectionID = 10000
+
+// AckDelayExponent is the ack delay exponent used when sending ACKs.
+const AckDelayExponent = 3
+
+// Estimated timer granularity.
+// The loss detection timer will not be set to a value smaller than granularity.
+const TimerGranularity = time.Millisecond
+
+// MaxAckDelay is the maximum time by which we delay sending ACKs.
+const MaxAckDelay = 25 * time.Millisecond
+
+// MaxAckDelayInclGranularity is the max_ack_delay including the timer granularity.
+// This is the value that should be advertised to the peer.
+const MaxAckDelayInclGranularity = MaxAckDelay + TimerGranularity
+
+// KeyUpdateInterval is the maximum number of packets we send or receive before initiating a key update.
+const KeyUpdateInterval = 100 * 1000
+
+// Max0RTTQueueingDuration is the maximum time that we store 0-RTT packets in order to wait for the corresponding Initial to be received.
+const Max0RTTQueueingDuration = 100 * time.Millisecond
+
+// Max0RTTQueues is the maximum number of connections that we buffer 0-RTT packets for.
+const Max0RTTQueues = 32
+
+// Max0RTTQueueLen is the maximum number of 0-RTT packets that we buffer for each connection.
+// When a new session is created, all buffered packets are passed to the session immediately.
+// To avoid blocking, this value has to be smaller than MaxSessionUnprocessedPackets.
+// To avoid packets being dropped as undecryptable by the session, this value has to be smaller than MaxUndecryptablePackets.
+const Max0RTTQueueLen = 31
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/perspective.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/perspective.go
new file mode 100644
index 00000000..43358fec
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/perspective.go
@@ -0,0 +1,26 @@
+package protocol
+
+// Perspective determines if we're acting as a server or a client
+type Perspective int
+
+// the perspectives
+const (
+ PerspectiveServer Perspective = 1
+ PerspectiveClient Perspective = 2
+)
+
+// Opposite returns the perspective of the peer
+func (p Perspective) Opposite() Perspective {
+ return 3 - p
+}
+
+func (p Perspective) String() string {
+ switch p {
+ case PerspectiveServer:
+ return "Server"
+ case PerspectiveClient:
+ return "Client"
+ default:
+ return "invalid perspective"
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/protocol.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/protocol.go
new file mode 100644
index 00000000..8241e274
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/protocol.go
@@ -0,0 +1,97 @@
+package protocol
+
+import (
+ "fmt"
+ "time"
+)
+
+// The PacketType is the Long Header Type
+type PacketType uint8
+
+const (
+ // PacketTypeInitial is the packet type of an Initial packet
+ PacketTypeInitial PacketType = 1 + iota
+ // PacketTypeRetry is the packet type of a Retry packet
+ PacketTypeRetry
+ // PacketTypeHandshake is the packet type of a Handshake packet
+ PacketTypeHandshake
+ // PacketType0RTT is the packet type of a 0-RTT packet
+ PacketType0RTT
+)
+
+func (t PacketType) String() string {
+ switch t {
+ case PacketTypeInitial:
+ return "Initial"
+ case PacketTypeRetry:
+ return "Retry"
+ case PacketTypeHandshake:
+ return "Handshake"
+ case PacketType0RTT:
+ return "0-RTT Protected"
+ default:
+ return fmt.Sprintf("unknown packet type: %d", t)
+ }
+}
+
+type ECN uint8
+
+const (
+ ECNNon ECN = iota // 00
+ ECT1 // 01
+ ECT0 // 10
+ ECNCE // 11
+)
+
+// A ByteCount in QUIC
+type ByteCount int64
+
+// MaxByteCount is the maximum value of a ByteCount
+const MaxByteCount = ByteCount(1<<62 - 1)
+
+// InvalidByteCount is an invalid byte count
+const InvalidByteCount ByteCount = -1
+
+// A StatelessResetToken is a stateless reset token.
+type StatelessResetToken [16]byte
+
+// MaxPacketBufferSize maximum packet size of any QUIC packet, based on
+// ethernet's max size, minus the IP and UDP headers. IPv6 has a 40 byte header,
+// UDP adds an additional 8 bytes. This is a total overhead of 48 bytes.
+// Ethernet's max packet size is 1500 bytes, 1500 - 48 = 1452.
+const MaxPacketBufferSize ByteCount = 1452
+
+// MinInitialPacketSize is the minimum size an Initial packet is required to have.
+const MinInitialPacketSize = 1200
+
+// MinUnknownVersionPacketSize is the minimum size a packet with an unknown version
+// needs to have in order to trigger a Version Negotiation packet.
+const MinUnknownVersionPacketSize = MinInitialPacketSize
+
+// MinStatelessResetSize is the minimum size of a stateless reset packet that we send
+const MinStatelessResetSize = 1 /* first byte */ + 20 /* max. conn ID length */ + 4 /* max. packet number length */ + 1 /* min. payload length */ + 16 /* token */
+
+// MinConnectionIDLenInitial is the minimum length of the destination connection ID on an Initial packet.
+const MinConnectionIDLenInitial = 8
+
+// DefaultAckDelayExponent is the default ack delay exponent
+const DefaultAckDelayExponent = 3
+
+// MaxAckDelayExponent is the maximum ack delay exponent
+const MaxAckDelayExponent = 20
+
+// DefaultMaxAckDelay is the default max_ack_delay
+const DefaultMaxAckDelay = 25 * time.Millisecond
+
+// MaxMaxAckDelay is the maximum max_ack_delay
+const MaxMaxAckDelay = (1<<14 - 1) * time.Millisecond
+
+// MaxConnIDLen is the maximum length of the connection ID
+const MaxConnIDLen = 20
+
+// InvalidPacketLimitAES is the maximum number of packets that we can fail to decrypt when using
+// AEAD_AES_128_GCM or AEAD_AES_265_GCM.
+const InvalidPacketLimitAES = 1 << 52
+
+// InvalidPacketLimitChaCha is the maximum number of packets that we can fail to decrypt when using AEAD_CHACHA20_POLY1305.
+const InvalidPacketLimitChaCha = 1 << 36
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/stream.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/stream.go
new file mode 100644
index 00000000..ad7de864
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/stream.go
@@ -0,0 +1,76 @@
+package protocol
+
+// StreamType encodes if this is a unidirectional or bidirectional stream
+type StreamType uint8
+
+const (
+ // StreamTypeUni is a unidirectional stream
+ StreamTypeUni StreamType = iota
+ // StreamTypeBidi is a bidirectional stream
+ StreamTypeBidi
+)
+
+// InvalidPacketNumber is a stream ID that is invalid.
+// The first valid stream ID in QUIC is 0.
+const InvalidStreamID StreamID = -1
+
+// StreamNum is the stream number
+type StreamNum int64
+
+const (
+ // InvalidStreamNum is an invalid stream number.
+ InvalidStreamNum = -1
+ // MaxStreamCount is the maximum stream count value that can be sent in MAX_STREAMS frames
+ // and as the stream count in the transport parameters
+ MaxStreamCount StreamNum = 1 << 60
+)
+
+// StreamID calculates the stream ID.
+func (s StreamNum) StreamID(stype StreamType, pers Perspective) StreamID {
+ if s == 0 {
+ return InvalidStreamID
+ }
+ var first StreamID
+ switch stype {
+ case StreamTypeBidi:
+ switch pers {
+ case PerspectiveClient:
+ first = 0
+ case PerspectiveServer:
+ first = 1
+ }
+ case StreamTypeUni:
+ switch pers {
+ case PerspectiveClient:
+ first = 2
+ case PerspectiveServer:
+ first = 3
+ }
+ }
+ return first + 4*StreamID(s-1)
+}
+
+// A StreamID in QUIC
+type StreamID int64
+
+// InitiatedBy says if the stream was initiated by the client or by the server
+func (s StreamID) InitiatedBy() Perspective {
+ if s%2 == 0 {
+ return PerspectiveClient
+ }
+ return PerspectiveServer
+}
+
+// Type says if this is a unidirectional or bidirectional stream
+func (s StreamID) Type() StreamType {
+ if s%4 >= 2 {
+ return StreamTypeUni
+ }
+ return StreamTypeBidi
+}
+
+// StreamNum returns how many streams in total are below this
+// Example: for stream 9 it returns 3 (i.e. streams 1, 5 and 9)
+func (s StreamID) StreamNum() StreamNum {
+ return StreamNum(s/4) + 1
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/protocol/version.go b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/version.go
new file mode 100644
index 00000000..8e6a4f1f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/protocol/version.go
@@ -0,0 +1,134 @@
+package protocol
+
+import (
+ "crypto/rand"
+ "encoding/binary"
+ "fmt"
+ "math"
+)
+
+// VersionNumber is a version number as int
+type VersionNumber uint32
+
+// gQUIC version range as defined in the wiki: https://github.com/quicwg/base-drafts/wiki/QUIC-Versions
+const (
+ gquicVersion0 = 0x51303030
+ maxGquicVersion = 0x51303439
+)
+
+// The version numbers, making grepping easier
+const (
+ VersionTLS VersionNumber = 0x1
+ VersionWhatever VersionNumber = math.MaxUint32 - 1 // for when the version doesn't matter
+ VersionUnknown VersionNumber = math.MaxUint32
+ VersionDraft29 VersionNumber = 0xff00001d
+ VersionDraft32 VersionNumber = 0xff000020
+ VersionDraft34 VersionNumber = 0xff000022
+ Version1 VersionNumber = 0x1
+)
+
+// SupportedVersions lists the versions that the server supports
+// must be in sorted descending order
+var SupportedVersions = []VersionNumber{Version1, VersionDraft34, VersionDraft32, VersionDraft29}
+
+// IsValidVersion says if the version is known to quic-go
+func IsValidVersion(v VersionNumber) bool {
+ return v == VersionTLS || IsSupportedVersion(SupportedVersions, v)
+}
+
+func (vn VersionNumber) String() string {
+ // For releases, VersionTLS will be set to a draft version.
+ // A switch statement can't contain duplicate cases.
+ if vn == VersionTLS && VersionTLS != VersionDraft29 && VersionTLS != VersionDraft32 && VersionTLS != Version1 {
+ return "TLS dev version (WIP)"
+ }
+ //nolint:exhaustive
+ switch vn {
+ case VersionWhatever:
+ return "whatever"
+ case VersionUnknown:
+ return "unknown"
+ case VersionDraft29:
+ return "draft-29"
+ case VersionDraft32:
+ return "draft-32"
+ case VersionDraft34:
+ return "draft-34"
+ case Version1:
+ return "v1"
+ default:
+ if vn.isGQUIC() {
+ return fmt.Sprintf("gQUIC %d", vn.toGQUICVersion())
+ }
+ return fmt.Sprintf("%#x", uint32(vn))
+ }
+}
+
+func (vn VersionNumber) isGQUIC() bool {
+ return vn > gquicVersion0 && vn <= maxGquicVersion
+}
+
+func (vn VersionNumber) toGQUICVersion() int {
+ return int(10*(vn-gquicVersion0)/0x100) + int(vn%0x10)
+}
+
+// UseRetireBugBackwardsCompatibilityMode says if it is necessary to use the backwards compatilibity mode.
+// This is only the case if it 1. is enabled and 2. draft-29 is used.
+func UseRetireBugBackwardsCompatibilityMode(enabled bool, v VersionNumber) bool {
+ return enabled && v == VersionDraft29
+}
+
+// IsSupportedVersion returns true if the server supports this version
+func IsSupportedVersion(supported []VersionNumber, v VersionNumber) bool {
+ for _, t := range supported {
+ if t == v {
+ return true
+ }
+ }
+ return false
+}
+
+// ChooseSupportedVersion finds the best version in the overlap of ours and theirs
+// ours is a slice of versions that we support, sorted by our preference (descending)
+// theirs is a slice of versions offered by the peer. The order does not matter.
+// The bool returned indicates if a matching version was found.
+func ChooseSupportedVersion(ours, theirs []VersionNumber) (VersionNumber, bool) {
+ for _, ourVer := range ours {
+ for _, theirVer := range theirs {
+ if ourVer == theirVer {
+ return ourVer, true
+ }
+ }
+ }
+ return 0, false
+}
+
+// generateReservedVersion generates a reserved version number (v & 0x0f0f0f0f == 0x0a0a0a0a)
+func generateReservedVersion() VersionNumber {
+ b := make([]byte, 4)
+ _, _ = rand.Read(b) // ignore the error here. Failure to read random data doesn't break anything
+ return VersionNumber((binary.BigEndian.Uint32(b) | 0x0a0a0a0a) & 0xfafafafa)
+}
+
+// GetGreasedVersions adds one reserved version number to a slice of version numbers, at a random position
+func GetGreasedVersions(supported []VersionNumber) []VersionNumber {
+ b := make([]byte, 1)
+ _, _ = rand.Read(b) // ignore the error here. Failure to read random data doesn't break anything
+ randPos := int(b[0]) % (len(supported) + 1)
+ greased := make([]VersionNumber, len(supported)+1)
+ copy(greased, supported[:randPos])
+ greased[randPos] = generateReservedVersion()
+ copy(greased[randPos+1:], supported[randPos:])
+ return greased
+}
+
+// StripGreasedVersions strips all greased versions from a slice of versions
+func StripGreasedVersions(versions []VersionNumber) []VersionNumber {
+ realVersions := make([]VersionNumber, 0, len(versions))
+ for _, v := range versions {
+ if v&0x0f0f0f0f != 0x0a0a0a0a {
+ realVersions = append(realVersions, v)
+ }
+ }
+ return realVersions
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qerr/error_codes.go b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/error_codes.go
new file mode 100644
index 00000000..bee42d51
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/error_codes.go
@@ -0,0 +1,88 @@
+package qerr
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/qtls"
+)
+
+// TransportErrorCode is a QUIC transport error.
+type TransportErrorCode uint64
+
+// The error codes defined by QUIC
+const (
+ NoError TransportErrorCode = 0x0
+ InternalError TransportErrorCode = 0x1
+ ConnectionRefused TransportErrorCode = 0x2
+ FlowControlError TransportErrorCode = 0x3
+ StreamLimitError TransportErrorCode = 0x4
+ StreamStateError TransportErrorCode = 0x5
+ FinalSizeError TransportErrorCode = 0x6
+ FrameEncodingError TransportErrorCode = 0x7
+ TransportParameterError TransportErrorCode = 0x8
+ ConnectionIDLimitError TransportErrorCode = 0x9
+ ProtocolViolation TransportErrorCode = 0xa
+ InvalidToken TransportErrorCode = 0xb
+ ApplicationErrorErrorCode TransportErrorCode = 0xc
+ CryptoBufferExceeded TransportErrorCode = 0xd
+ KeyUpdateError TransportErrorCode = 0xe
+ AEADLimitReached TransportErrorCode = 0xf
+ NoViablePathError TransportErrorCode = 0x10
+)
+
+func (e TransportErrorCode) IsCryptoError() bool {
+ return e >= 0x100 && e < 0x200
+}
+
+// Message is a description of the error.
+// It only returns a non-empty string for crypto errors.
+func (e TransportErrorCode) Message() string {
+ if !e.IsCryptoError() {
+ return ""
+ }
+ return qtls.Alert(e - 0x100).Error()
+}
+
+func (e TransportErrorCode) String() string {
+ switch e {
+ case NoError:
+ return "NO_ERROR"
+ case InternalError:
+ return "INTERNAL_ERROR"
+ case ConnectionRefused:
+ return "CONNECTION_REFUSED"
+ case FlowControlError:
+ return "FLOW_CONTROL_ERROR"
+ case StreamLimitError:
+ return "STREAM_LIMIT_ERROR"
+ case StreamStateError:
+ return "STREAM_STATE_ERROR"
+ case FinalSizeError:
+ return "FINAL_SIZE_ERROR"
+ case FrameEncodingError:
+ return "FRAME_ENCODING_ERROR"
+ case TransportParameterError:
+ return "TRANSPORT_PARAMETER_ERROR"
+ case ConnectionIDLimitError:
+ return "CONNECTION_ID_LIMIT_ERROR"
+ case ProtocolViolation:
+ return "PROTOCOL_VIOLATION"
+ case InvalidToken:
+ return "INVALID_TOKEN"
+ case ApplicationErrorErrorCode:
+ return "APPLICATION_ERROR"
+ case CryptoBufferExceeded:
+ return "CRYPTO_BUFFER_EXCEEDED"
+ case KeyUpdateError:
+ return "KEY_UPDATE_ERROR"
+ case AEADLimitReached:
+ return "AEAD_LIMIT_REACHED"
+ case NoViablePathError:
+ return "NO_VIABLE_PATH"
+ default:
+ if e.IsCryptoError() {
+ return fmt.Sprintf("CRYPTO_ERROR (%#x)", uint16(e))
+ }
+ return fmt.Sprintf("unknown error code: %#x", uint16(e))
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors.go b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors.go
new file mode 100644
index 00000000..65d3e007
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors.go
@@ -0,0 +1,106 @@
+package qerr
+
+import (
+ "fmt"
+ "net"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+var (
+ ErrHandshakeTimeout = &HandshakeTimeoutError{}
+ ErrIdleTimeout = &IdleTimeoutError{}
+)
+
+type TransportError struct {
+ Remote bool
+ FrameType uint64
+ ErrorCode TransportErrorCode
+ ErrorMessage string
+}
+
+var _ error = &TransportError{}
+
+// NewCryptoError create a new TransportError instance for a crypto error
+func NewCryptoError(tlsAlert uint8, errorMessage string) *TransportError {
+ return &TransportError{
+ ErrorCode: 0x100 + TransportErrorCode(tlsAlert),
+ ErrorMessage: errorMessage,
+ }
+}
+
+func (e *TransportError) Error() string {
+ str := e.ErrorCode.String()
+ if e.FrameType != 0 {
+ str += fmt.Sprintf(" (frame type: %#x)", e.FrameType)
+ }
+ msg := e.ErrorMessage
+ if len(msg) == 0 {
+ msg = e.ErrorCode.Message()
+ }
+ if len(msg) == 0 {
+ return str
+ }
+ return str + ": " + msg
+}
+
+// An ApplicationErrorCode is an application-defined error code.
+type ApplicationErrorCode uint64
+
+// A StreamErrorCode is an error code used to cancel streams.
+type StreamErrorCode uint64
+
+type ApplicationError struct {
+ Remote bool
+ ErrorCode ApplicationErrorCode
+ ErrorMessage string
+}
+
+var _ error = &ApplicationError{}
+
+func (e *ApplicationError) Error() string {
+ if len(e.ErrorMessage) == 0 {
+ return fmt.Sprintf("Application error %#x", e.ErrorCode)
+ }
+ return fmt.Sprintf("Application error %#x: %s", e.ErrorCode, e.ErrorMessage)
+}
+
+type IdleTimeoutError struct{}
+
+var _ error = &IdleTimeoutError{}
+
+func (e *IdleTimeoutError) Timeout() bool { return true }
+func (e *IdleTimeoutError) Temporary() bool { return false }
+func (e *IdleTimeoutError) Error() string { return "timeout: no recent network activity" }
+
+type HandshakeTimeoutError struct{}
+
+var _ error = &HandshakeTimeoutError{}
+
+func (e *HandshakeTimeoutError) Timeout() bool { return true }
+func (e *HandshakeTimeoutError) Temporary() bool { return false }
+func (e *HandshakeTimeoutError) Error() string { return "timeout: handshake did not complete in time" }
+
+// A VersionNegotiationError occurs when the client and the server can't agree on a QUIC version.
+type VersionNegotiationError struct {
+ Ours []protocol.VersionNumber
+ Theirs []protocol.VersionNumber
+}
+
+func (e *VersionNegotiationError) Error() string {
+ return fmt.Sprintf("no compatible QUIC version found (we support %s, server offered %s)", e.Ours, e.Theirs)
+}
+
+// A StatelessResetError occurs when we receive a stateless reset.
+type StatelessResetError struct {
+ Token protocol.StatelessResetToken
+}
+
+var _ net.Error = &StatelessResetError{}
+
+func (e *StatelessResetError) Error() string {
+ return fmt.Sprintf("received a stateless reset with token %x", e.Token)
+}
+
+func (e *StatelessResetError) Timeout() bool { return false }
+func (e *StatelessResetError) Temporary() bool { return true }
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_go116.go b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_go116.go
new file mode 100644
index 00000000..173cd91d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_go116.go
@@ -0,0 +1,55 @@
+// +build go1.16
+
+package qerr
+
+import (
+ "net"
+)
+
+func (e *TransportError) Is(target error) bool {
+ _, ok := target.(*TransportError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
+
+func (e *ApplicationError) Is(target error) bool {
+ _, ok := target.(*ApplicationError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
+
+func (e *IdleTimeoutError) Is(target error) bool {
+ _, ok := target.(*IdleTimeoutError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
+
+func (e *HandshakeTimeoutError) Is(target error) bool {
+ _, ok := target.(*HandshakeTimeoutError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
+
+func (e *VersionNegotiationError) Is(target error) bool {
+ _, ok := target.(*VersionNegotiationError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
+
+func (e *StatelessResetError) Is(target error) bool {
+ _, ok := target.(*StatelessResetError)
+ if ok {
+ return true
+ }
+ return target == net.ErrClosed
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_not_go116.go b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_not_go116.go
new file mode 100644
index 00000000..747022b7
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qerr/errors_not_go116.go
@@ -0,0 +1,33 @@
+// +build !go1.16
+
+package qerr
+
+func (e *TransportError) Is(target error) bool {
+ _, ok := target.(*TransportError)
+ return ok
+}
+
+func (e *ApplicationError) Is(target error) bool {
+ _, ok := target.(*ApplicationError)
+ return ok
+}
+
+func (e *IdleTimeoutError) Is(target error) bool {
+ _, ok := target.(*IdleTimeoutError)
+ return ok
+}
+
+func (e *HandshakeTimeoutError) Is(target error) bool {
+ _, ok := target.(*HandshakeTimeoutError)
+ return ok
+}
+
+func (e *VersionNegotiationError) Is(target error) bool {
+ _, ok := target.(*VersionNegotiationError)
+ return ok
+}
+
+func (e *StatelessResetError) Is(target error) bool {
+ _, ok := target.(*StatelessResetError)
+ return ok
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go115.go b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go115.go
new file mode 100644
index 00000000..6eedc497
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go115.go
@@ -0,0 +1,100 @@
+// +build go1.15
+// +build !go1.16
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/cipher"
+ "crypto/tls"
+ "net"
+ "unsafe"
+
+ "github.com/marten-seemann/qtls-go1-15"
+)
+
+type (
+ // Alert is a TLS alert
+ Alert = qtls.Alert
+ // A Certificate is qtls.Certificate.
+ Certificate = qtls.Certificate
+ // CertificateRequestInfo contains inforamtion about a certificate request.
+ CertificateRequestInfo = qtls.CertificateRequestInfo
+ // A CipherSuiteTLS13 is a cipher suite for TLS 1.3
+ CipherSuiteTLS13 = qtls.CipherSuiteTLS13
+ // ClientHelloInfo contains information about a ClientHello.
+ ClientHelloInfo = qtls.ClientHelloInfo
+ // ClientSessionCache is a cache used for session resumption.
+ ClientSessionCache = qtls.ClientSessionCache
+ // ClientSessionState is a state needed for session resumption.
+ ClientSessionState = qtls.ClientSessionState
+ // A Config is a qtls.Config.
+ Config = qtls.Config
+ // A Conn is a qtls.Conn.
+ Conn = qtls.Conn
+ // ConnectionState contains information about the state of the connection.
+ ConnectionState = qtls.ConnectionStateWith0RTT
+ // EncryptionLevel is the encryption level of a message.
+ EncryptionLevel = qtls.EncryptionLevel
+ // Extension is a TLS extension
+ Extension = qtls.Extension
+ // ExtraConfig is the qtls.ExtraConfig
+ ExtraConfig = qtls.ExtraConfig
+ // RecordLayer is a qtls RecordLayer.
+ RecordLayer = qtls.RecordLayer
+)
+
+const (
+ // EncryptionHandshake is the Handshake encryption level
+ EncryptionHandshake = qtls.EncryptionHandshake
+ // Encryption0RTT is the 0-RTT encryption level
+ Encryption0RTT = qtls.Encryption0RTT
+ // EncryptionApplication is the application data encryption level
+ EncryptionApplication = qtls.EncryptionApplication
+)
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return qtls.AEADAESGCMTLS13(key, fixedNonce)
+}
+
+// Client returns a new TLS client side connection.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Client(conn, config, extraConfig)
+}
+
+// Server returns a new TLS server side connection.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Server(conn, config, extraConfig)
+}
+
+func GetConnectionState(conn *Conn) ConnectionState {
+ return conn.ConnectionStateWith0RTT()
+}
+
+// ToTLSConnectionState extracts the tls.ConnectionState
+func ToTLSConnectionState(cs ConnectionState) tls.ConnectionState {
+ return cs.ConnectionState
+}
+
+type cipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+ Hash crypto.Hash
+}
+
+//go:linkname cipherSuiteTLS13ByID github.com/marten-seemann/qtls-go1-15.cipherSuiteTLS13ByID
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13
+
+// CipherSuiteTLS13ByID gets a TLS 1.3 cipher suite.
+func CipherSuiteTLS13ByID(id uint16) *CipherSuiteTLS13 {
+ val := cipherSuiteTLS13ByID(id)
+ cs := (*cipherSuiteTLS13)(unsafe.Pointer(val))
+ return &qtls.CipherSuiteTLS13{
+ ID: cs.ID,
+ KeyLen: cs.KeyLen,
+ AEAD: cs.AEAD,
+ Hash: cs.Hash,
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go116.go b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go116.go
new file mode 100644
index 00000000..35826df4
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go116.go
@@ -0,0 +1,100 @@
+// +build go1.16
+// +build !go1.17
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/cipher"
+ "crypto/tls"
+ "net"
+ "unsafe"
+
+ "github.com/marten-seemann/qtls-go1-16"
+)
+
+type (
+ // Alert is a TLS alert
+ Alert = qtls.Alert
+ // A Certificate is qtls.Certificate.
+ Certificate = qtls.Certificate
+ // CertificateRequestInfo contains inforamtion about a certificate request.
+ CertificateRequestInfo = qtls.CertificateRequestInfo
+ // A CipherSuiteTLS13 is a cipher suite for TLS 1.3
+ CipherSuiteTLS13 = qtls.CipherSuiteTLS13
+ // ClientHelloInfo contains information about a ClientHello.
+ ClientHelloInfo = qtls.ClientHelloInfo
+ // ClientSessionCache is a cache used for session resumption.
+ ClientSessionCache = qtls.ClientSessionCache
+ // ClientSessionState is a state needed for session resumption.
+ ClientSessionState = qtls.ClientSessionState
+ // A Config is a qtls.Config.
+ Config = qtls.Config
+ // A Conn is a qtls.Conn.
+ Conn = qtls.Conn
+ // ConnectionState contains information about the state of the connection.
+ ConnectionState = qtls.ConnectionStateWith0RTT
+ // EncryptionLevel is the encryption level of a message.
+ EncryptionLevel = qtls.EncryptionLevel
+ // Extension is a TLS extension
+ Extension = qtls.Extension
+ // ExtraConfig is the qtls.ExtraConfig
+ ExtraConfig = qtls.ExtraConfig
+ // RecordLayer is a qtls RecordLayer.
+ RecordLayer = qtls.RecordLayer
+)
+
+const (
+ // EncryptionHandshake is the Handshake encryption level
+ EncryptionHandshake = qtls.EncryptionHandshake
+ // Encryption0RTT is the 0-RTT encryption level
+ Encryption0RTT = qtls.Encryption0RTT
+ // EncryptionApplication is the application data encryption level
+ EncryptionApplication = qtls.EncryptionApplication
+)
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return qtls.AEADAESGCMTLS13(key, fixedNonce)
+}
+
+// Client returns a new TLS client side connection.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Client(conn, config, extraConfig)
+}
+
+// Server returns a new TLS server side connection.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Server(conn, config, extraConfig)
+}
+
+func GetConnectionState(conn *Conn) ConnectionState {
+ return conn.ConnectionStateWith0RTT()
+}
+
+// ToTLSConnectionState extracts the tls.ConnectionState
+func ToTLSConnectionState(cs ConnectionState) tls.ConnectionState {
+ return cs.ConnectionState
+}
+
+type cipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+ Hash crypto.Hash
+}
+
+//go:linkname cipherSuiteTLS13ByID github.com/marten-seemann/qtls-go1-16.cipherSuiteTLS13ByID
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13
+
+// CipherSuiteTLS13ByID gets a TLS 1.3 cipher suite.
+func CipherSuiteTLS13ByID(id uint16) *CipherSuiteTLS13 {
+ val := cipherSuiteTLS13ByID(id)
+ cs := (*cipherSuiteTLS13)(unsafe.Pointer(val))
+ return &qtls.CipherSuiteTLS13{
+ ID: cs.ID,
+ KeyLen: cs.KeyLen,
+ AEAD: cs.AEAD,
+ Hash: cs.Hash,
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go117.go b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go117.go
new file mode 100644
index 00000000..8e076101
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go117.go
@@ -0,0 +1,99 @@
+// +build go1.17
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/cipher"
+ "crypto/tls"
+ "net"
+ "unsafe"
+
+ "github.com/marten-seemann/qtls-go1-17"
+)
+
+type (
+ // Alert is a TLS alert
+ Alert = qtls.Alert
+ // A Certificate is qtls.Certificate.
+ Certificate = qtls.Certificate
+ // CertificateRequestInfo contains inforamtion about a certificate request.
+ CertificateRequestInfo = qtls.CertificateRequestInfo
+ // A CipherSuiteTLS13 is a cipher suite for TLS 1.3
+ CipherSuiteTLS13 = qtls.CipherSuiteTLS13
+ // ClientHelloInfo contains information about a ClientHello.
+ ClientHelloInfo = qtls.ClientHelloInfo
+ // ClientSessionCache is a cache used for session resumption.
+ ClientSessionCache = qtls.ClientSessionCache
+ // ClientSessionState is a state needed for session resumption.
+ ClientSessionState = qtls.ClientSessionState
+ // A Config is a qtls.Config.
+ Config = qtls.Config
+ // A Conn is a qtls.Conn.
+ Conn = qtls.Conn
+ // ConnectionState contains information about the state of the connection.
+ ConnectionState = qtls.ConnectionStateWith0RTT
+ // EncryptionLevel is the encryption level of a message.
+ EncryptionLevel = qtls.EncryptionLevel
+ // Extension is a TLS extension
+ Extension = qtls.Extension
+ // ExtraConfig is the qtls.ExtraConfig
+ ExtraConfig = qtls.ExtraConfig
+ // RecordLayer is a qtls RecordLayer.
+ RecordLayer = qtls.RecordLayer
+)
+
+const (
+ // EncryptionHandshake is the Handshake encryption level
+ EncryptionHandshake = qtls.EncryptionHandshake
+ // Encryption0RTT is the 0-RTT encryption level
+ Encryption0RTT = qtls.Encryption0RTT
+ // EncryptionApplication is the application data encryption level
+ EncryptionApplication = qtls.EncryptionApplication
+)
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return qtls.AEADAESGCMTLS13(key, fixedNonce)
+}
+
+// Client returns a new TLS client side connection.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Client(conn, config, extraConfig)
+}
+
+// Server returns a new TLS server side connection.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ return qtls.Server(conn, config, extraConfig)
+}
+
+func GetConnectionState(conn *Conn) ConnectionState {
+ return conn.ConnectionStateWith0RTT()
+}
+
+// ToTLSConnectionState extracts the tls.ConnectionState
+func ToTLSConnectionState(cs ConnectionState) tls.ConnectionState {
+ return cs.ConnectionState
+}
+
+type cipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+ Hash crypto.Hash
+}
+
+//go:linkname cipherSuiteTLS13ByID github.com/marten-seemann/qtls-go1-17.cipherSuiteTLS13ByID
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13
+
+// CipherSuiteTLS13ByID gets a TLS 1.3 cipher suite.
+func CipherSuiteTLS13ByID(id uint16) *CipherSuiteTLS13 {
+ val := cipherSuiteTLS13ByID(id)
+ cs := (*cipherSuiteTLS13)(unsafe.Pointer(val))
+ return &qtls.CipherSuiteTLS13{
+ ID: cs.ID,
+ KeyLen: cs.KeyLen,
+ AEAD: cs.AEAD,
+ Hash: cs.Hash,
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go118.go b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go118.go
new file mode 100644
index 00000000..fa2df5fd
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/qtls/go118.go
@@ -0,0 +1,5 @@
+// +build go1.18
+
+package qtls
+
+var _ int = "quic-go doesn't build on Go 1.18 yet."
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/atomic_bool.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/atomic_bool.go
new file mode 100644
index 00000000..cf464250
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/atomic_bool.go
@@ -0,0 +1,22 @@
+package utils
+
+import "sync/atomic"
+
+// An AtomicBool is an atomic bool
+type AtomicBool struct {
+ v int32
+}
+
+// Set sets the value
+func (a *AtomicBool) Set(value bool) {
+ var n int32
+ if value {
+ n = 1
+ }
+ atomic.StoreInt32(&a.v, n)
+}
+
+// Get gets the value
+func (a *AtomicBool) Get() bool {
+ return atomic.LoadInt32(&a.v) != 0
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/buffered_write_closer.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/buffered_write_closer.go
new file mode 100644
index 00000000..b5b9d6fc
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/buffered_write_closer.go
@@ -0,0 +1,26 @@
+package utils
+
+import (
+ "bufio"
+ "io"
+)
+
+type bufferedWriteCloser struct {
+ *bufio.Writer
+ io.Closer
+}
+
+// NewBufferedWriteCloser creates an io.WriteCloser from a bufio.Writer and an io.Closer
+func NewBufferedWriteCloser(writer *bufio.Writer, closer io.Closer) io.WriteCloser {
+ return &bufferedWriteCloser{
+ Writer: writer,
+ Closer: closer,
+ }
+}
+
+func (h bufferedWriteCloser) Close() error {
+ if err := h.Writer.Flush(); err != nil {
+ return err
+ }
+ return h.Closer.Close()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteinterval_linkedlist.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteinterval_linkedlist.go
new file mode 100644
index 00000000..096023ef
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteinterval_linkedlist.go
@@ -0,0 +1,217 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package utils
+
+// Linked list implementation from the Go standard library.
+
+// ByteIntervalElement is an element of a linked list.
+type ByteIntervalElement struct {
+ // Next and previous pointers in the doubly-linked list of elements.
+ // To simplify the implementation, internally a list l is implemented
+ // as a ring, such that &l.root is both the next element of the last
+ // list element (l.Back()) and the previous element of the first list
+ // element (l.Front()).
+ next, prev *ByteIntervalElement
+
+ // The list to which this element belongs.
+ list *ByteIntervalList
+
+ // The value stored with this element.
+ Value ByteInterval
+}
+
+// Next returns the next list element or nil.
+func (e *ByteIntervalElement) Next() *ByteIntervalElement {
+ if p := e.next; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// Prev returns the previous list element or nil.
+func (e *ByteIntervalElement) Prev() *ByteIntervalElement {
+ if p := e.prev; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// ByteIntervalList is a linked list of ByteIntervals.
+type ByteIntervalList struct {
+ root ByteIntervalElement // sentinel list element, only &root, root.prev, and root.next are used
+ len int // current list length excluding (this) sentinel element
+}
+
+// Init initializes or clears list l.
+func (l *ByteIntervalList) Init() *ByteIntervalList {
+ l.root.next = &l.root
+ l.root.prev = &l.root
+ l.len = 0
+ return l
+}
+
+// NewByteIntervalList returns an initialized list.
+func NewByteIntervalList() *ByteIntervalList { return new(ByteIntervalList).Init() }
+
+// Len returns the number of elements of list l.
+// The complexity is O(1).
+func (l *ByteIntervalList) Len() int { return l.len }
+
+// Front returns the first element of list l or nil if the list is empty.
+func (l *ByteIntervalList) Front() *ByteIntervalElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.next
+}
+
+// Back returns the last element of list l or nil if the list is empty.
+func (l *ByteIntervalList) Back() *ByteIntervalElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.prev
+}
+
+// lazyInit lazily initializes a zero List value.
+func (l *ByteIntervalList) lazyInit() {
+ if l.root.next == nil {
+ l.Init()
+ }
+}
+
+// insert inserts e after at, increments l.len, and returns e.
+func (l *ByteIntervalList) insert(e, at *ByteIntervalElement) *ByteIntervalElement {
+ n := at.next
+ at.next = e
+ e.prev = at
+ e.next = n
+ n.prev = e
+ e.list = l
+ l.len++
+ return e
+}
+
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
+func (l *ByteIntervalList) insertValue(v ByteInterval, at *ByteIntervalElement) *ByteIntervalElement {
+ return l.insert(&ByteIntervalElement{Value: v}, at)
+}
+
+// remove removes e from its list, decrements l.len, and returns e.
+func (l *ByteIntervalList) remove(e *ByteIntervalElement) *ByteIntervalElement {
+ e.prev.next = e.next
+ e.next.prev = e.prev
+ e.next = nil // avoid memory leaks
+ e.prev = nil // avoid memory leaks
+ e.list = nil
+ l.len--
+ return e
+}
+
+// Remove removes e from l if e is an element of list l.
+// It returns the element value e.Value.
+// The element must not be nil.
+func (l *ByteIntervalList) Remove(e *ByteIntervalElement) ByteInterval {
+ if e.list == l {
+ // if e.list == l, l must have been initialized when e was inserted
+ // in l or l == nil (e is a zero Element) and l.remove will crash
+ l.remove(e)
+ }
+ return e.Value
+}
+
+// PushFront inserts a new element e with value v at the front of list l and returns e.
+func (l *ByteIntervalList) PushFront(v ByteInterval) *ByteIntervalElement {
+ l.lazyInit()
+ return l.insertValue(v, &l.root)
+}
+
+// PushBack inserts a new element e with value v at the back of list l and returns e.
+func (l *ByteIntervalList) PushBack(v ByteInterval) *ByteIntervalElement {
+ l.lazyInit()
+ return l.insertValue(v, l.root.prev)
+}
+
+// InsertBefore inserts a new element e with value v immediately before mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *ByteIntervalList) InsertBefore(v ByteInterval, mark *ByteIntervalElement) *ByteIntervalElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark.prev)
+}
+
+// InsertAfter inserts a new element e with value v immediately after mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *ByteIntervalList) InsertAfter(v ByteInterval, mark *ByteIntervalElement) *ByteIntervalElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark)
+}
+
+// MoveToFront moves element e to the front of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *ByteIntervalList) MoveToFront(e *ByteIntervalElement) {
+ if e.list != l || l.root.next == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), &l.root)
+}
+
+// MoveToBack moves element e to the back of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *ByteIntervalList) MoveToBack(e *ByteIntervalElement) {
+ if e.list != l || l.root.prev == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), l.root.prev)
+}
+
+// MoveBefore moves element e to its new position before mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *ByteIntervalList) MoveBefore(e, mark *ByteIntervalElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark.prev)
+}
+
+// MoveAfter moves element e to its new position after mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *ByteIntervalList) MoveAfter(e, mark *ByteIntervalElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark)
+}
+
+// PushBackList inserts a copy of an other list at the back of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *ByteIntervalList) PushBackList(other *ByteIntervalList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
+ l.insertValue(e.Value, l.root.prev)
+ }
+}
+
+// PushFrontList inserts a copy of an other list at the front of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *ByteIntervalList) PushFrontList(other *ByteIntervalList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {
+ l.insertValue(e.Value, &l.root)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder.go
new file mode 100644
index 00000000..d1f52842
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder.go
@@ -0,0 +1,17 @@
+package utils
+
+import (
+ "bytes"
+ "io"
+)
+
+// A ByteOrder specifies how to convert byte sequences into 16-, 32-, or 64-bit unsigned integers.
+type ByteOrder interface {
+ ReadUint32(io.ByteReader) (uint32, error)
+ ReadUint24(io.ByteReader) (uint32, error)
+ ReadUint16(io.ByteReader) (uint16, error)
+
+ WriteUint32(*bytes.Buffer, uint32)
+ WriteUint24(*bytes.Buffer, uint32)
+ WriteUint16(*bytes.Buffer, uint16)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder_big_endian.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder_big_endian.go
new file mode 100644
index 00000000..d05542e1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/byteorder_big_endian.go
@@ -0,0 +1,89 @@
+package utils
+
+import (
+ "bytes"
+ "io"
+)
+
+// BigEndian is the big-endian implementation of ByteOrder.
+var BigEndian ByteOrder = bigEndian{}
+
+type bigEndian struct{}
+
+var _ ByteOrder = &bigEndian{}
+
+// ReadUintN reads N bytes
+func (bigEndian) ReadUintN(b io.ByteReader, length uint8) (uint64, error) {
+ var res uint64
+ for i := uint8(0); i < length; i++ {
+ bt, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ res ^= uint64(bt) << ((length - 1 - i) * 8)
+ }
+ return res, nil
+}
+
+// ReadUint32 reads a uint32
+func (bigEndian) ReadUint32(b io.ByteReader) (uint32, error) {
+ var b1, b2, b3, b4 uint8
+ var err error
+ if b4, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b3, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b2, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b1, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ return uint32(b1) + uint32(b2)<<8 + uint32(b3)<<16 + uint32(b4)<<24, nil
+}
+
+// ReadUint24 reads a uint24
+func (bigEndian) ReadUint24(b io.ByteReader) (uint32, error) {
+ var b1, b2, b3 uint8
+ var err error
+ if b3, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b2, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b1, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ return uint32(b1) + uint32(b2)<<8 + uint32(b3)<<16, nil
+}
+
+// ReadUint16 reads a uint16
+func (bigEndian) ReadUint16(b io.ByteReader) (uint16, error) {
+ var b1, b2 uint8
+ var err error
+ if b2, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ if b1, err = b.ReadByte(); err != nil {
+ return 0, err
+ }
+ return uint16(b1) + uint16(b2)<<8, nil
+}
+
+// WriteUint32 writes a uint32
+func (bigEndian) WriteUint32(b *bytes.Buffer, i uint32) {
+ b.Write([]byte{uint8(i >> 24), uint8(i >> 16), uint8(i >> 8), uint8(i)})
+}
+
+// WriteUint24 writes a uint24
+func (bigEndian) WriteUint24(b *bytes.Buffer, i uint32) {
+ b.Write([]byte{uint8(i >> 16), uint8(i >> 8), uint8(i)})
+}
+
+// WriteUint16 writes a uint16
+func (bigEndian) WriteUint16(b *bytes.Buffer, i uint16) {
+ b.Write([]byte{uint8(i >> 8), uint8(i)})
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/gen.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/gen.go
new file mode 100644
index 00000000..8a63e958
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/gen.go
@@ -0,0 +1,5 @@
+package utils
+
+//go:generate genny -pkg utils -in linkedlist/linkedlist.go -out byteinterval_linkedlist.go gen Item=ByteInterval
+//go:generate genny -pkg utils -in linkedlist/linkedlist.go -out packetinterval_linkedlist.go gen Item=PacketInterval
+//go:generate genny -pkg utils -in linkedlist/linkedlist.go -out newconnectionid_linkedlist.go gen Item=NewConnectionID
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/ip.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/ip.go
new file mode 100644
index 00000000..7ac7ffec
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/ip.go
@@ -0,0 +1,10 @@
+package utils
+
+import "net"
+
+func IsIPv4(ip net.IP) bool {
+ // If ip is not an IPv4 address, To4 returns nil.
+ // Note that there might be some corner cases, where this is not correct.
+ // See https://stackoverflow.com/questions/22751035/golang-distinguish-ipv4-ipv6.
+ return ip.To4() != nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/log.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/log.go
new file mode 100644
index 00000000..e27f01b4
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/log.go
@@ -0,0 +1,131 @@
+package utils
+
+import (
+ "fmt"
+ "log"
+ "os"
+ "strings"
+ "time"
+)
+
+// LogLevel of quic-go
+type LogLevel uint8
+
+const (
+ // LogLevelNothing disables
+ LogLevelNothing LogLevel = iota
+ // LogLevelError enables err logs
+ LogLevelError
+ // LogLevelInfo enables info logs (e.g. packets)
+ LogLevelInfo
+ // LogLevelDebug enables debug logs (e.g. packet contents)
+ LogLevelDebug
+)
+
+const logEnv = "QUIC_GO_LOG_LEVEL"
+
+// A Logger logs.
+type Logger interface {
+ SetLogLevel(LogLevel)
+ SetLogTimeFormat(format string)
+ WithPrefix(prefix string) Logger
+ Debug() bool
+
+ Errorf(format string, args ...interface{})
+ Infof(format string, args ...interface{})
+ Debugf(format string, args ...interface{})
+}
+
+// DefaultLogger is used by quic-go for logging.
+var DefaultLogger Logger
+
+type defaultLogger struct {
+ prefix string
+
+ logLevel LogLevel
+ timeFormat string
+}
+
+var _ Logger = &defaultLogger{}
+
+// SetLogLevel sets the log level
+func (l *defaultLogger) SetLogLevel(level LogLevel) {
+ l.logLevel = level
+}
+
+// SetLogTimeFormat sets the format of the timestamp
+// an empty string disables the logging of timestamps
+func (l *defaultLogger) SetLogTimeFormat(format string) {
+ log.SetFlags(0) // disable timestamp logging done by the log package
+ l.timeFormat = format
+}
+
+// Debugf logs something
+func (l *defaultLogger) Debugf(format string, args ...interface{}) {
+ if l.logLevel == LogLevelDebug {
+ l.logMessage(format, args...)
+ }
+}
+
+// Infof logs something
+func (l *defaultLogger) Infof(format string, args ...interface{}) {
+ if l.logLevel >= LogLevelInfo {
+ l.logMessage(format, args...)
+ }
+}
+
+// Errorf logs something
+func (l *defaultLogger) Errorf(format string, args ...interface{}) {
+ if l.logLevel >= LogLevelError {
+ l.logMessage(format, args...)
+ }
+}
+
+func (l *defaultLogger) logMessage(format string, args ...interface{}) {
+ var pre string
+
+ if len(l.timeFormat) > 0 {
+ pre = time.Now().Format(l.timeFormat) + " "
+ }
+ if len(l.prefix) > 0 {
+ pre += l.prefix + " "
+ }
+ log.Printf(pre+format, args...)
+}
+
+func (l *defaultLogger) WithPrefix(prefix string) Logger {
+ if len(l.prefix) > 0 {
+ prefix = l.prefix + " " + prefix
+ }
+ return &defaultLogger{
+ logLevel: l.logLevel,
+ timeFormat: l.timeFormat,
+ prefix: prefix,
+ }
+}
+
+// Debug returns true if the log level is LogLevelDebug
+func (l *defaultLogger) Debug() bool {
+ return l.logLevel == LogLevelDebug
+}
+
+func init() {
+ DefaultLogger = &defaultLogger{}
+ DefaultLogger.SetLogLevel(readLoggingEnv())
+}
+
+func readLoggingEnv() LogLevel {
+ switch strings.ToLower(os.Getenv(logEnv)) {
+ case "":
+ return LogLevelNothing
+ case "debug":
+ return LogLevelDebug
+ case "info":
+ return LogLevelInfo
+ case "error":
+ return LogLevelError
+ default:
+ fmt.Fprintln(os.Stderr, "invalid quic-go log level, see https://github.com/lucas-clemente/quic-go/wiki/Logging")
+ return LogLevelNothing
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/minmax.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/minmax.go
new file mode 100644
index 00000000..ee1f85f6
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/minmax.go
@@ -0,0 +1,170 @@
+package utils
+
+import (
+ "math"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// InfDuration is a duration of infinite length
+const InfDuration = time.Duration(math.MaxInt64)
+
+// Max returns the maximum of two Ints
+func Max(a, b int) int {
+ if a < b {
+ return b
+ }
+ return a
+}
+
+// MaxUint32 returns the maximum of two uint32
+func MaxUint32(a, b uint32) uint32 {
+ if a < b {
+ return b
+ }
+ return a
+}
+
+// MaxUint64 returns the maximum of two uint64
+func MaxUint64(a, b uint64) uint64 {
+ if a < b {
+ return b
+ }
+ return a
+}
+
+// MinUint64 returns the maximum of two uint64
+func MinUint64(a, b uint64) uint64 {
+ if a < b {
+ return a
+ }
+ return b
+}
+
+// Min returns the minimum of two Ints
+func Min(a, b int) int {
+ if a < b {
+ return a
+ }
+ return b
+}
+
+// MinUint32 returns the maximum of two uint32
+func MinUint32(a, b uint32) uint32 {
+ if a < b {
+ return a
+ }
+ return b
+}
+
+// MinInt64 returns the minimum of two int64
+func MinInt64(a, b int64) int64 {
+ if a < b {
+ return a
+ }
+ return b
+}
+
+// MaxInt64 returns the minimum of two int64
+func MaxInt64(a, b int64) int64 {
+ if a > b {
+ return a
+ }
+ return b
+}
+
+// MinByteCount returns the minimum of two ByteCounts
+func MinByteCount(a, b protocol.ByteCount) protocol.ByteCount {
+ if a < b {
+ return a
+ }
+ return b
+}
+
+// MaxByteCount returns the maximum of two ByteCounts
+func MaxByteCount(a, b protocol.ByteCount) protocol.ByteCount {
+ if a < b {
+ return b
+ }
+ return a
+}
+
+// MaxDuration returns the max duration
+func MaxDuration(a, b time.Duration) time.Duration {
+ if a > b {
+ return a
+ }
+ return b
+}
+
+// MinDuration returns the minimum duration
+func MinDuration(a, b time.Duration) time.Duration {
+ if a > b {
+ return b
+ }
+ return a
+}
+
+// MinNonZeroDuration return the minimum duration that's not zero.
+func MinNonZeroDuration(a, b time.Duration) time.Duration {
+ if a == 0 {
+ return b
+ }
+ if b == 0 {
+ return a
+ }
+ return MinDuration(a, b)
+}
+
+// AbsDuration returns the absolute value of a time duration
+func AbsDuration(d time.Duration) time.Duration {
+ if d >= 0 {
+ return d
+ }
+ return -d
+}
+
+// MinTime returns the earlier time
+func MinTime(a, b time.Time) time.Time {
+ if a.After(b) {
+ return b
+ }
+ return a
+}
+
+// MinNonZeroTime returns the earlist time that is not time.Time{}
+// If both a and b are time.Time{}, it returns time.Time{}
+func MinNonZeroTime(a, b time.Time) time.Time {
+ if a.IsZero() {
+ return b
+ }
+ if b.IsZero() {
+ return a
+ }
+ return MinTime(a, b)
+}
+
+// MaxTime returns the later time
+func MaxTime(a, b time.Time) time.Time {
+ if a.After(b) {
+ return a
+ }
+ return b
+}
+
+// MaxPacketNumber returns the max packet number
+func MaxPacketNumber(a, b protocol.PacketNumber) protocol.PacketNumber {
+ if a > b {
+ return a
+ }
+ return b
+}
+
+// MinPacketNumber returns the min packet number
+func MinPacketNumber(a, b protocol.PacketNumber) protocol.PacketNumber {
+ if a < b {
+ return a
+ }
+ return b
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/new_connection_id.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/new_connection_id.go
new file mode 100644
index 00000000..694ee7aa
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/new_connection_id.go
@@ -0,0 +1,12 @@
+package utils
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// NewConnectionID is a new connection ID
+type NewConnectionID struct {
+ SequenceNumber uint64
+ ConnectionID protocol.ConnectionID
+ StatelessResetToken protocol.StatelessResetToken
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/newconnectionid_linkedlist.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/newconnectionid_linkedlist.go
new file mode 100644
index 00000000..d59562e5
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/newconnectionid_linkedlist.go
@@ -0,0 +1,217 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package utils
+
+// Linked list implementation from the Go standard library.
+
+// NewConnectionIDElement is an element of a linked list.
+type NewConnectionIDElement struct {
+ // Next and previous pointers in the doubly-linked list of elements.
+ // To simplify the implementation, internally a list l is implemented
+ // as a ring, such that &l.root is both the next element of the last
+ // list element (l.Back()) and the previous element of the first list
+ // element (l.Front()).
+ next, prev *NewConnectionIDElement
+
+ // The list to which this element belongs.
+ list *NewConnectionIDList
+
+ // The value stored with this element.
+ Value NewConnectionID
+}
+
+// Next returns the next list element or nil.
+func (e *NewConnectionIDElement) Next() *NewConnectionIDElement {
+ if p := e.next; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// Prev returns the previous list element or nil.
+func (e *NewConnectionIDElement) Prev() *NewConnectionIDElement {
+ if p := e.prev; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// NewConnectionIDList is a linked list of NewConnectionIDs.
+type NewConnectionIDList struct {
+ root NewConnectionIDElement // sentinel list element, only &root, root.prev, and root.next are used
+ len int // current list length excluding (this) sentinel element
+}
+
+// Init initializes or clears list l.
+func (l *NewConnectionIDList) Init() *NewConnectionIDList {
+ l.root.next = &l.root
+ l.root.prev = &l.root
+ l.len = 0
+ return l
+}
+
+// NewNewConnectionIDList returns an initialized list.
+func NewNewConnectionIDList() *NewConnectionIDList { return new(NewConnectionIDList).Init() }
+
+// Len returns the number of elements of list l.
+// The complexity is O(1).
+func (l *NewConnectionIDList) Len() int { return l.len }
+
+// Front returns the first element of list l or nil if the list is empty.
+func (l *NewConnectionIDList) Front() *NewConnectionIDElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.next
+}
+
+// Back returns the last element of list l or nil if the list is empty.
+func (l *NewConnectionIDList) Back() *NewConnectionIDElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.prev
+}
+
+// lazyInit lazily initializes a zero List value.
+func (l *NewConnectionIDList) lazyInit() {
+ if l.root.next == nil {
+ l.Init()
+ }
+}
+
+// insert inserts e after at, increments l.len, and returns e.
+func (l *NewConnectionIDList) insert(e, at *NewConnectionIDElement) *NewConnectionIDElement {
+ n := at.next
+ at.next = e
+ e.prev = at
+ e.next = n
+ n.prev = e
+ e.list = l
+ l.len++
+ return e
+}
+
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
+func (l *NewConnectionIDList) insertValue(v NewConnectionID, at *NewConnectionIDElement) *NewConnectionIDElement {
+ return l.insert(&NewConnectionIDElement{Value: v}, at)
+}
+
+// remove removes e from its list, decrements l.len, and returns e.
+func (l *NewConnectionIDList) remove(e *NewConnectionIDElement) *NewConnectionIDElement {
+ e.prev.next = e.next
+ e.next.prev = e.prev
+ e.next = nil // avoid memory leaks
+ e.prev = nil // avoid memory leaks
+ e.list = nil
+ l.len--
+ return e
+}
+
+// Remove removes e from l if e is an element of list l.
+// It returns the element value e.Value.
+// The element must not be nil.
+func (l *NewConnectionIDList) Remove(e *NewConnectionIDElement) NewConnectionID {
+ if e.list == l {
+ // if e.list == l, l must have been initialized when e was inserted
+ // in l or l == nil (e is a zero Element) and l.remove will crash
+ l.remove(e)
+ }
+ return e.Value
+}
+
+// PushFront inserts a new element e with value v at the front of list l and returns e.
+func (l *NewConnectionIDList) PushFront(v NewConnectionID) *NewConnectionIDElement {
+ l.lazyInit()
+ return l.insertValue(v, &l.root)
+}
+
+// PushBack inserts a new element e with value v at the back of list l and returns e.
+func (l *NewConnectionIDList) PushBack(v NewConnectionID) *NewConnectionIDElement {
+ l.lazyInit()
+ return l.insertValue(v, l.root.prev)
+}
+
+// InsertBefore inserts a new element e with value v immediately before mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *NewConnectionIDList) InsertBefore(v NewConnectionID, mark *NewConnectionIDElement) *NewConnectionIDElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark.prev)
+}
+
+// InsertAfter inserts a new element e with value v immediately after mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *NewConnectionIDList) InsertAfter(v NewConnectionID, mark *NewConnectionIDElement) *NewConnectionIDElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark)
+}
+
+// MoveToFront moves element e to the front of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *NewConnectionIDList) MoveToFront(e *NewConnectionIDElement) {
+ if e.list != l || l.root.next == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), &l.root)
+}
+
+// MoveToBack moves element e to the back of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *NewConnectionIDList) MoveToBack(e *NewConnectionIDElement) {
+ if e.list != l || l.root.prev == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), l.root.prev)
+}
+
+// MoveBefore moves element e to its new position before mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *NewConnectionIDList) MoveBefore(e, mark *NewConnectionIDElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark.prev)
+}
+
+// MoveAfter moves element e to its new position after mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *NewConnectionIDList) MoveAfter(e, mark *NewConnectionIDElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark)
+}
+
+// PushBackList inserts a copy of an other list at the back of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *NewConnectionIDList) PushBackList(other *NewConnectionIDList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
+ l.insertValue(e.Value, l.root.prev)
+ }
+}
+
+// PushFrontList inserts a copy of an other list at the front of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *NewConnectionIDList) PushFrontList(other *NewConnectionIDList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {
+ l.insertValue(e.Value, &l.root)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/packet_interval.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/packet_interval.go
new file mode 100644
index 00000000..62cc8b9c
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/packet_interval.go
@@ -0,0 +1,9 @@
+package utils
+
+import "github.com/lucas-clemente/quic-go/internal/protocol"
+
+// PacketInterval is an interval from one PacketNumber to the other
+type PacketInterval struct {
+ Start protocol.PacketNumber
+ End protocol.PacketNumber
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/packetinterval_linkedlist.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/packetinterval_linkedlist.go
new file mode 100644
index 00000000..b461e85a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/packetinterval_linkedlist.go
@@ -0,0 +1,217 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package utils
+
+// Linked list implementation from the Go standard library.
+
+// PacketIntervalElement is an element of a linked list.
+type PacketIntervalElement struct {
+ // Next and previous pointers in the doubly-linked list of elements.
+ // To simplify the implementation, internally a list l is implemented
+ // as a ring, such that &l.root is both the next element of the last
+ // list element (l.Back()) and the previous element of the first list
+ // element (l.Front()).
+ next, prev *PacketIntervalElement
+
+ // The list to which this element belongs.
+ list *PacketIntervalList
+
+ // The value stored with this element.
+ Value PacketInterval
+}
+
+// Next returns the next list element or nil.
+func (e *PacketIntervalElement) Next() *PacketIntervalElement {
+ if p := e.next; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// Prev returns the previous list element or nil.
+func (e *PacketIntervalElement) Prev() *PacketIntervalElement {
+ if p := e.prev; e.list != nil && p != &e.list.root {
+ return p
+ }
+ return nil
+}
+
+// PacketIntervalList is a linked list of PacketIntervals.
+type PacketIntervalList struct {
+ root PacketIntervalElement // sentinel list element, only &root, root.prev, and root.next are used
+ len int // current list length excluding (this) sentinel element
+}
+
+// Init initializes or clears list l.
+func (l *PacketIntervalList) Init() *PacketIntervalList {
+ l.root.next = &l.root
+ l.root.prev = &l.root
+ l.len = 0
+ return l
+}
+
+// NewPacketIntervalList returns an initialized list.
+func NewPacketIntervalList() *PacketIntervalList { return new(PacketIntervalList).Init() }
+
+// Len returns the number of elements of list l.
+// The complexity is O(1).
+func (l *PacketIntervalList) Len() int { return l.len }
+
+// Front returns the first element of list l or nil if the list is empty.
+func (l *PacketIntervalList) Front() *PacketIntervalElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.next
+}
+
+// Back returns the last element of list l or nil if the list is empty.
+func (l *PacketIntervalList) Back() *PacketIntervalElement {
+ if l.len == 0 {
+ return nil
+ }
+ return l.root.prev
+}
+
+// lazyInit lazily initializes a zero List value.
+func (l *PacketIntervalList) lazyInit() {
+ if l.root.next == nil {
+ l.Init()
+ }
+}
+
+// insert inserts e after at, increments l.len, and returns e.
+func (l *PacketIntervalList) insert(e, at *PacketIntervalElement) *PacketIntervalElement {
+ n := at.next
+ at.next = e
+ e.prev = at
+ e.next = n
+ n.prev = e
+ e.list = l
+ l.len++
+ return e
+}
+
+// insertValue is a convenience wrapper for insert(&Element{Value: v}, at).
+func (l *PacketIntervalList) insertValue(v PacketInterval, at *PacketIntervalElement) *PacketIntervalElement {
+ return l.insert(&PacketIntervalElement{Value: v}, at)
+}
+
+// remove removes e from its list, decrements l.len, and returns e.
+func (l *PacketIntervalList) remove(e *PacketIntervalElement) *PacketIntervalElement {
+ e.prev.next = e.next
+ e.next.prev = e.prev
+ e.next = nil // avoid memory leaks
+ e.prev = nil // avoid memory leaks
+ e.list = nil
+ l.len--
+ return e
+}
+
+// Remove removes e from l if e is an element of list l.
+// It returns the element value e.Value.
+// The element must not be nil.
+func (l *PacketIntervalList) Remove(e *PacketIntervalElement) PacketInterval {
+ if e.list == l {
+ // if e.list == l, l must have been initialized when e was inserted
+ // in l or l == nil (e is a zero Element) and l.remove will crash
+ l.remove(e)
+ }
+ return e.Value
+}
+
+// PushFront inserts a new element e with value v at the front of list l and returns e.
+func (l *PacketIntervalList) PushFront(v PacketInterval) *PacketIntervalElement {
+ l.lazyInit()
+ return l.insertValue(v, &l.root)
+}
+
+// PushBack inserts a new element e with value v at the back of list l and returns e.
+func (l *PacketIntervalList) PushBack(v PacketInterval) *PacketIntervalElement {
+ l.lazyInit()
+ return l.insertValue(v, l.root.prev)
+}
+
+// InsertBefore inserts a new element e with value v immediately before mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *PacketIntervalList) InsertBefore(v PacketInterval, mark *PacketIntervalElement) *PacketIntervalElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark.prev)
+}
+
+// InsertAfter inserts a new element e with value v immediately after mark and returns e.
+// If mark is not an element of l, the list is not modified.
+// The mark must not be nil.
+func (l *PacketIntervalList) InsertAfter(v PacketInterval, mark *PacketIntervalElement) *PacketIntervalElement {
+ if mark.list != l {
+ return nil
+ }
+ // see comment in List.Remove about initialization of l
+ return l.insertValue(v, mark)
+}
+
+// MoveToFront moves element e to the front of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *PacketIntervalList) MoveToFront(e *PacketIntervalElement) {
+ if e.list != l || l.root.next == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), &l.root)
+}
+
+// MoveToBack moves element e to the back of list l.
+// If e is not an element of l, the list is not modified.
+// The element must not be nil.
+func (l *PacketIntervalList) MoveToBack(e *PacketIntervalElement) {
+ if e.list != l || l.root.prev == e {
+ return
+ }
+ // see comment in List.Remove about initialization of l
+ l.insert(l.remove(e), l.root.prev)
+}
+
+// MoveBefore moves element e to its new position before mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *PacketIntervalList) MoveBefore(e, mark *PacketIntervalElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark.prev)
+}
+
+// MoveAfter moves element e to its new position after mark.
+// If e or mark is not an element of l, or e == mark, the list is not modified.
+// The element and mark must not be nil.
+func (l *PacketIntervalList) MoveAfter(e, mark *PacketIntervalElement) {
+ if e.list != l || e == mark || mark.list != l {
+ return
+ }
+ l.insert(l.remove(e), mark)
+}
+
+// PushBackList inserts a copy of an other list at the back of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *PacketIntervalList) PushBackList(other *PacketIntervalList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Front(); i > 0; i, e = i-1, e.Next() {
+ l.insertValue(e.Value, l.root.prev)
+ }
+}
+
+// PushFrontList inserts a copy of an other list at the front of list l.
+// The lists l and other may be the same. They must not be nil.
+func (l *PacketIntervalList) PushFrontList(other *PacketIntervalList) {
+ l.lazyInit()
+ for i, e := other.Len(), other.Back(); i > 0; i, e = i-1, e.Prev() {
+ l.insertValue(e.Value, &l.root)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/rand.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/rand.go
new file mode 100644
index 00000000..30069144
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/rand.go
@@ -0,0 +1,29 @@
+package utils
+
+import (
+ "crypto/rand"
+ "encoding/binary"
+)
+
+// Rand is a wrapper around crypto/rand that adds some convenience functions known from math/rand.
+type Rand struct {
+ buf [4]byte
+}
+
+func (r *Rand) Int31() int32 {
+ rand.Read(r.buf[:])
+ return int32(binary.BigEndian.Uint32(r.buf[:]) & ^uint32(1<<31))
+}
+
+// copied from the standard library math/rand implementation of Int63n
+func (r *Rand) Int31n(n int32) int32 {
+ if n&(n-1) == 0 { // n is power of two, can mask
+ return r.Int31() & (n - 1)
+ }
+ max := int32((1 << 31) - 1 - (1<<31)%uint32(n))
+ v := r.Int31()
+ for v > max {
+ v = r.Int31()
+ }
+ return v % n
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/rtt_stats.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/rtt_stats.go
new file mode 100644
index 00000000..66642ba8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/rtt_stats.go
@@ -0,0 +1,127 @@
+package utils
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+const (
+ rttAlpha = 0.125
+ oneMinusAlpha = 1 - rttAlpha
+ rttBeta = 0.25
+ oneMinusBeta = 1 - rttBeta
+ // The default RTT used before an RTT sample is taken.
+ defaultInitialRTT = 100 * time.Millisecond
+)
+
+// RTTStats provides round-trip statistics
+type RTTStats struct {
+ hasMeasurement bool
+
+ minRTT time.Duration
+ latestRTT time.Duration
+ smoothedRTT time.Duration
+ meanDeviation time.Duration
+
+ maxAckDelay time.Duration
+}
+
+// NewRTTStats makes a properly initialized RTTStats object
+func NewRTTStats() *RTTStats {
+ return &RTTStats{}
+}
+
+// MinRTT Returns the minRTT for the entire connection.
+// May return Zero if no valid updates have occurred.
+func (r *RTTStats) MinRTT() time.Duration { return r.minRTT }
+
+// LatestRTT returns the most recent rtt measurement.
+// May return Zero if no valid updates have occurred.
+func (r *RTTStats) LatestRTT() time.Duration { return r.latestRTT }
+
+// SmoothedRTT returns the smoothed RTT for the connection.
+// May return Zero if no valid updates have occurred.
+func (r *RTTStats) SmoothedRTT() time.Duration { return r.smoothedRTT }
+
+// MeanDeviation gets the mean deviation
+func (r *RTTStats) MeanDeviation() time.Duration { return r.meanDeviation }
+
+// MaxAckDelay gets the max_ack_delay advertised by the peer
+func (r *RTTStats) MaxAckDelay() time.Duration { return r.maxAckDelay }
+
+// PTO gets the probe timeout duration.
+func (r *RTTStats) PTO(includeMaxAckDelay bool) time.Duration {
+ if r.SmoothedRTT() == 0 {
+ return 2 * defaultInitialRTT
+ }
+ pto := r.SmoothedRTT() + MaxDuration(4*r.MeanDeviation(), protocol.TimerGranularity)
+ if includeMaxAckDelay {
+ pto += r.MaxAckDelay()
+ }
+ return pto
+}
+
+// UpdateRTT updates the RTT based on a new sample.
+func (r *RTTStats) UpdateRTT(sendDelta, ackDelay time.Duration, now time.Time) {
+ if sendDelta == InfDuration || sendDelta <= 0 {
+ return
+ }
+
+ // Update r.minRTT first. r.minRTT does not use an rttSample corrected for
+ // ackDelay but the raw observed sendDelta, since poor clock granularity at
+ // the client may cause a high ackDelay to result in underestimation of the
+ // r.minRTT.
+ if r.minRTT == 0 || r.minRTT > sendDelta {
+ r.minRTT = sendDelta
+ }
+
+ // Correct for ackDelay if information received from the peer results in a
+ // an RTT sample at least as large as minRTT. Otherwise, only use the
+ // sendDelta.
+ sample := sendDelta
+ if sample-r.minRTT >= ackDelay {
+ sample -= ackDelay
+ }
+ r.latestRTT = sample
+ // First time call.
+ if !r.hasMeasurement {
+ r.hasMeasurement = true
+ r.smoothedRTT = sample
+ r.meanDeviation = sample / 2
+ } else {
+ r.meanDeviation = time.Duration(oneMinusBeta*float32(r.meanDeviation/time.Microsecond)+rttBeta*float32(AbsDuration(r.smoothedRTT-sample)/time.Microsecond)) * time.Microsecond
+ r.smoothedRTT = time.Duration((float32(r.smoothedRTT/time.Microsecond)*oneMinusAlpha)+(float32(sample/time.Microsecond)*rttAlpha)) * time.Microsecond
+ }
+}
+
+// SetMaxAckDelay sets the max_ack_delay
+func (r *RTTStats) SetMaxAckDelay(mad time.Duration) {
+ r.maxAckDelay = mad
+}
+
+// SetInitialRTT sets the initial RTT.
+// It is used during the 0-RTT handshake when restoring the RTT stats from the session state.
+func (r *RTTStats) SetInitialRTT(t time.Duration) {
+ if r.hasMeasurement {
+ panic("initial RTT set after first measurement")
+ }
+ r.smoothedRTT = t
+ r.latestRTT = t
+}
+
+// OnConnectionMigration is called when connection migrates and rtt measurement needs to be reset.
+func (r *RTTStats) OnConnectionMigration() {
+ r.latestRTT = 0
+ r.minRTT = 0
+ r.smoothedRTT = 0
+ r.meanDeviation = 0
+}
+
+// ExpireSmoothedMetrics causes the smoothed_rtt to be increased to the latest_rtt if the latest_rtt
+// is larger. The mean deviation is increased to the most recent deviation if
+// it's larger.
+func (r *RTTStats) ExpireSmoothedMetrics() {
+ r.meanDeviation = MaxDuration(r.meanDeviation, AbsDuration(r.smoothedRTT-r.latestRTT))
+ r.smoothedRTT = MaxDuration(r.smoothedRTT, r.latestRTT)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/streamframe_interval.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/streamframe_interval.go
new file mode 100644
index 00000000..ec16d251
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/streamframe_interval.go
@@ -0,0 +1,9 @@
+package utils
+
+import "github.com/lucas-clemente/quic-go/internal/protocol"
+
+// ByteInterval is an interval from one ByteCount to the other
+type ByteInterval struct {
+ Start protocol.ByteCount
+ End protocol.ByteCount
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/utils/timer.go b/vendor/github.com/lucas-clemente/quic-go/internal/utils/timer.go
new file mode 100644
index 00000000..a4f5e67a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/utils/timer.go
@@ -0,0 +1,53 @@
+package utils
+
+import (
+ "math"
+ "time"
+)
+
+// A Timer wrapper that behaves correctly when resetting
+type Timer struct {
+ t *time.Timer
+ read bool
+ deadline time.Time
+}
+
+// NewTimer creates a new timer that is not set
+func NewTimer() *Timer {
+ return &Timer{t: time.NewTimer(time.Duration(math.MaxInt64))}
+}
+
+// Chan returns the channel of the wrapped timer
+func (t *Timer) Chan() <-chan time.Time {
+ return t.t.C
+}
+
+// Reset the timer, no matter whether the value was read or not
+func (t *Timer) Reset(deadline time.Time) {
+ if deadline.Equal(t.deadline) && !t.read {
+ // No need to reset the timer
+ return
+ }
+
+ // We need to drain the timer if the value from its channel was not read yet.
+ // See https://groups.google.com/forum/#!topic/golang-dev/c9UUfASVPoU
+ if !t.t.Stop() && !t.read {
+ <-t.t.C
+ }
+ if !deadline.IsZero() {
+ t.t.Reset(time.Until(deadline))
+ }
+
+ t.read = false
+ t.deadline = deadline
+}
+
+// SetRead should be called after the value from the chan was read
+func (t *Timer) SetRead() {
+ t.read = true
+}
+
+// Stop stops the timer
+func (t *Timer) Stop() {
+ t.t.Stop()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_frame.go
new file mode 100644
index 00000000..e5280a73
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_frame.go
@@ -0,0 +1,251 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "sort"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+var errInvalidAckRanges = errors.New("AckFrame: ACK frame contains invalid ACK ranges")
+
+// An AckFrame is an ACK frame
+type AckFrame struct {
+ AckRanges []AckRange // has to be ordered. The highest ACK range goes first, the lowest ACK range goes last
+ DelayTime time.Duration
+
+ ECT0, ECT1, ECNCE uint64
+}
+
+// parseAckFrame reads an ACK frame
+func parseAckFrame(r *bytes.Reader, ackDelayExponent uint8, _ protocol.VersionNumber) (*AckFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+ ecn := typeByte&0x1 > 0
+
+ frame := &AckFrame{}
+
+ la, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ largestAcked := protocol.PacketNumber(la)
+ delay, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+
+ delayTime := time.Duration(delay*1< largestAcked {
+ return nil, errors.New("invalid first ACK range")
+ }
+ smallest := largestAcked - ackBlock
+
+ // read all the other ACK ranges
+ frame.AckRanges = append(frame.AckRanges, AckRange{Smallest: smallest, Largest: largestAcked})
+ for i := uint64(0); i < numBlocks; i++ {
+ g, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ gap := protocol.PacketNumber(g)
+ if smallest < gap+2 {
+ return nil, errInvalidAckRanges
+ }
+ largest := smallest - gap - 2
+
+ ab, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ ackBlock := protocol.PacketNumber(ab)
+
+ if ackBlock > largest {
+ return nil, errInvalidAckRanges
+ }
+ smallest = largest - ackBlock
+ frame.AckRanges = append(frame.AckRanges, AckRange{Smallest: smallest, Largest: largest})
+ }
+
+ if !frame.validateAckRanges() {
+ return nil, errInvalidAckRanges
+ }
+
+ // parse (and skip) the ECN section
+ if ecn {
+ for i := 0; i < 3; i++ {
+ if _, err := quicvarint.Read(r); err != nil {
+ return nil, err
+ }
+ }
+ }
+
+ return frame, nil
+}
+
+// Write writes an ACK frame.
+func (f *AckFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ hasECN := f.ECT0 > 0 || f.ECT1 > 0 || f.ECNCE > 0
+ if hasECN {
+ b.WriteByte(0x3)
+ } else {
+ b.WriteByte(0x2)
+ }
+ quicvarint.Write(b, uint64(f.LargestAcked()))
+ quicvarint.Write(b, encodeAckDelay(f.DelayTime))
+
+ numRanges := f.numEncodableAckRanges()
+ quicvarint.Write(b, uint64(numRanges-1))
+
+ // write the first range
+ _, firstRange := f.encodeAckRange(0)
+ quicvarint.Write(b, firstRange)
+
+ // write all the other range
+ for i := 1; i < numRanges; i++ {
+ gap, len := f.encodeAckRange(i)
+ quicvarint.Write(b, gap)
+ quicvarint.Write(b, len)
+ }
+
+ if hasECN {
+ quicvarint.Write(b, f.ECT0)
+ quicvarint.Write(b, f.ECT1)
+ quicvarint.Write(b, f.ECNCE)
+ }
+ return nil
+}
+
+// Length of a written frame
+func (f *AckFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ largestAcked := f.AckRanges[0].Largest
+ numRanges := f.numEncodableAckRanges()
+
+ length := 1 + quicvarint.Len(uint64(largestAcked)) + quicvarint.Len(encodeAckDelay(f.DelayTime))
+
+ length += quicvarint.Len(uint64(numRanges - 1))
+ lowestInFirstRange := f.AckRanges[0].Smallest
+ length += quicvarint.Len(uint64(largestAcked - lowestInFirstRange))
+
+ for i := 1; i < numRanges; i++ {
+ gap, len := f.encodeAckRange(i)
+ length += quicvarint.Len(gap)
+ length += quicvarint.Len(len)
+ }
+ if f.ECT0 > 0 || f.ECT1 > 0 || f.ECNCE > 0 {
+ length += quicvarint.Len(f.ECT0)
+ length += quicvarint.Len(f.ECT1)
+ length += quicvarint.Len(f.ECNCE)
+ }
+ return length
+}
+
+// gets the number of ACK ranges that can be encoded
+// such that the resulting frame is smaller than the maximum ACK frame size
+func (f *AckFrame) numEncodableAckRanges() int {
+ length := 1 + quicvarint.Len(uint64(f.LargestAcked())) + quicvarint.Len(encodeAckDelay(f.DelayTime))
+ length += 2 // assume that the number of ranges will consume 2 bytes
+ for i := 1; i < len(f.AckRanges); i++ {
+ gap, len := f.encodeAckRange(i)
+ rangeLen := quicvarint.Len(gap) + quicvarint.Len(len)
+ if length+rangeLen > protocol.MaxAckFrameSize {
+ // Writing range i would exceed the MaxAckFrameSize.
+ // So encode one range less than that.
+ return i - 1
+ }
+ length += rangeLen
+ }
+ return len(f.AckRanges)
+}
+
+func (f *AckFrame) encodeAckRange(i int) (uint64 /* gap */, uint64 /* length */) {
+ if i == 0 {
+ return 0, uint64(f.AckRanges[0].Largest - f.AckRanges[0].Smallest)
+ }
+ return uint64(f.AckRanges[i-1].Smallest - f.AckRanges[i].Largest - 2),
+ uint64(f.AckRanges[i].Largest - f.AckRanges[i].Smallest)
+}
+
+// HasMissingRanges returns if this frame reports any missing packets
+func (f *AckFrame) HasMissingRanges() bool {
+ return len(f.AckRanges) > 1
+}
+
+func (f *AckFrame) validateAckRanges() bool {
+ if len(f.AckRanges) == 0 {
+ return false
+ }
+
+ // check the validity of every single ACK range
+ for _, ackRange := range f.AckRanges {
+ if ackRange.Smallest > ackRange.Largest {
+ return false
+ }
+ }
+
+ // check the consistency for ACK with multiple NACK ranges
+ for i, ackRange := range f.AckRanges {
+ if i == 0 {
+ continue
+ }
+ lastAckRange := f.AckRanges[i-1]
+ if lastAckRange.Smallest <= ackRange.Smallest {
+ return false
+ }
+ if lastAckRange.Smallest <= ackRange.Largest+1 {
+ return false
+ }
+ }
+
+ return true
+}
+
+// LargestAcked is the largest acked packet number
+func (f *AckFrame) LargestAcked() protocol.PacketNumber {
+ return f.AckRanges[0].Largest
+}
+
+// LowestAcked is the lowest acked packet number
+func (f *AckFrame) LowestAcked() protocol.PacketNumber {
+ return f.AckRanges[len(f.AckRanges)-1].Smallest
+}
+
+// AcksPacket determines if this ACK frame acks a certain packet number
+func (f *AckFrame) AcksPacket(p protocol.PacketNumber) bool {
+ if p < f.LowestAcked() || p > f.LargestAcked() {
+ return false
+ }
+
+ i := sort.Search(len(f.AckRanges), func(i int) bool {
+ return p >= f.AckRanges[i].Smallest
+ })
+ // i will always be < len(f.AckRanges), since we checked above that p is not bigger than the largest acked
+ return p <= f.AckRanges[i].Largest
+}
+
+func encodeAckDelay(delay time.Duration) uint64 {
+ return uint64(delay.Nanoseconds() / (1000 * (1 << protocol.AckDelayExponent)))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_range.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_range.go
new file mode 100644
index 00000000..0f418580
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ack_range.go
@@ -0,0 +1,14 @@
+package wire
+
+import "github.com/lucas-clemente/quic-go/internal/protocol"
+
+// AckRange is an ACK range
+type AckRange struct {
+ Smallest protocol.PacketNumber
+ Largest protocol.PacketNumber
+}
+
+// Len returns the number of packets contained in this ACK range
+func (r AckRange) Len() protocol.PacketNumber {
+ return r.Largest - r.Smallest + 1
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/connection_close_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/connection_close_frame.go
new file mode 100644
index 00000000..4ce49af6
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/connection_close_frame.go
@@ -0,0 +1,83 @@
+package wire
+
+import (
+ "bytes"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A ConnectionCloseFrame is a CONNECTION_CLOSE frame
+type ConnectionCloseFrame struct {
+ IsApplicationError bool
+ ErrorCode uint64
+ FrameType uint64
+ ReasonPhrase string
+}
+
+func parseConnectionCloseFrame(r *bytes.Reader, _ protocol.VersionNumber) (*ConnectionCloseFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ f := &ConnectionCloseFrame{IsApplicationError: typeByte == 0x1d}
+ ec, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ f.ErrorCode = ec
+ // read the Frame Type, if this is not an application error
+ if !f.IsApplicationError {
+ ft, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ f.FrameType = ft
+ }
+ var reasonPhraseLen uint64
+ reasonPhraseLen, err = quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ // shortcut to prevent the unnecessary allocation of dataLen bytes
+ // if the dataLen is larger than the remaining length of the packet
+ // reading the whole reason phrase would result in EOF when attempting to READ
+ if int(reasonPhraseLen) > r.Len() {
+ return nil, io.EOF
+ }
+
+ reasonPhrase := make([]byte, reasonPhraseLen)
+ if _, err := io.ReadFull(r, reasonPhrase); err != nil {
+ // this should never happen, since we already checked the reasonPhraseLen earlier
+ return nil, err
+ }
+ f.ReasonPhrase = string(reasonPhrase)
+ return f, nil
+}
+
+// Length of a written frame
+func (f *ConnectionCloseFrame) Length(protocol.VersionNumber) protocol.ByteCount {
+ length := 1 + quicvarint.Len(f.ErrorCode) + quicvarint.Len(uint64(len(f.ReasonPhrase))) + protocol.ByteCount(len(f.ReasonPhrase))
+ if !f.IsApplicationError {
+ length += quicvarint.Len(f.FrameType) // for the frame type
+ }
+ return length
+}
+
+func (f *ConnectionCloseFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ if f.IsApplicationError {
+ b.WriteByte(0x1d)
+ } else {
+ b.WriteByte(0x1c)
+ }
+
+ quicvarint.Write(b, f.ErrorCode)
+ if !f.IsApplicationError {
+ quicvarint.Write(b, f.FrameType)
+ }
+ quicvarint.Write(b, uint64(len(f.ReasonPhrase)))
+ b.WriteString(f.ReasonPhrase)
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/crypto_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/crypto_frame.go
new file mode 100644
index 00000000..6301c878
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/crypto_frame.go
@@ -0,0 +1,102 @@
+package wire
+
+import (
+ "bytes"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A CryptoFrame is a CRYPTO frame
+type CryptoFrame struct {
+ Offset protocol.ByteCount
+ Data []byte
+}
+
+func parseCryptoFrame(r *bytes.Reader, _ protocol.VersionNumber) (*CryptoFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ frame := &CryptoFrame{}
+ offset, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ frame.Offset = protocol.ByteCount(offset)
+ dataLen, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ if dataLen > uint64(r.Len()) {
+ return nil, io.EOF
+ }
+ if dataLen != 0 {
+ frame.Data = make([]byte, dataLen)
+ if _, err := io.ReadFull(r, frame.Data); err != nil {
+ // this should never happen, since we already checked the dataLen earlier
+ return nil, err
+ }
+ }
+ return frame, nil
+}
+
+func (f *CryptoFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x6)
+ quicvarint.Write(b, uint64(f.Offset))
+ quicvarint.Write(b, uint64(len(f.Data)))
+ b.Write(f.Data)
+ return nil
+}
+
+// Length of a written frame
+func (f *CryptoFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.Offset)) + quicvarint.Len(uint64(len(f.Data))) + protocol.ByteCount(len(f.Data))
+}
+
+// MaxDataLen returns the maximum data length
+func (f *CryptoFrame) MaxDataLen(maxSize protocol.ByteCount) protocol.ByteCount {
+ // pretend that the data size will be 1 bytes
+ // if it turns out that varint encoding the length will consume 2 bytes, we need to adjust the data length afterwards
+ headerLen := 1 + quicvarint.Len(uint64(f.Offset)) + 1
+ if headerLen > maxSize {
+ return 0
+ }
+ maxDataLen := maxSize - headerLen
+ if quicvarint.Len(uint64(maxDataLen)) != 1 {
+ maxDataLen--
+ }
+ return maxDataLen
+}
+
+// MaybeSplitOffFrame splits a frame such that it is not bigger than n bytes.
+// It returns if the frame was actually split.
+// The frame might not be split if:
+// * the size is large enough to fit the whole frame
+// * the size is too small to fit even a 1-byte frame. In that case, the frame returned is nil.
+func (f *CryptoFrame) MaybeSplitOffFrame(maxSize protocol.ByteCount, version protocol.VersionNumber) (*CryptoFrame, bool /* was splitting required */) {
+ if f.Length(version) <= maxSize {
+ return nil, false
+ }
+
+ n := f.MaxDataLen(maxSize)
+ if n == 0 {
+ return nil, true
+ }
+
+ newLen := protocol.ByteCount(len(f.Data)) - n
+
+ new := &CryptoFrame{}
+ new.Offset = f.Offset
+ new.Data = make([]byte, newLen)
+
+ // swap the data slices
+ new.Data, f.Data = f.Data, new.Data
+
+ copy(f.Data, new.Data[n:])
+ new.Data = new.Data[:n]
+ f.Offset += n
+
+ return new, true
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/data_blocked_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/data_blocked_frame.go
new file mode 100644
index 00000000..459f04d1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/data_blocked_frame.go
@@ -0,0 +1,38 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A DataBlockedFrame is a DATA_BLOCKED frame
+type DataBlockedFrame struct {
+ MaximumData protocol.ByteCount
+}
+
+func parseDataBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*DataBlockedFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ offset, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ return &DataBlockedFrame{
+ MaximumData: protocol.ByteCount(offset),
+ }, nil
+}
+
+func (f *DataBlockedFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ typeByte := uint8(0x14)
+ b.WriteByte(typeByte)
+ quicvarint.Write(b, uint64(f.MaximumData))
+ return nil
+}
+
+// Length of a written frame
+func (f *DataBlockedFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.MaximumData))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/datagram_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/datagram_frame.go
new file mode 100644
index 00000000..9d6e55cb
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/datagram_frame.go
@@ -0,0 +1,85 @@
+package wire
+
+import (
+ "bytes"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A DatagramFrame is a DATAGRAM frame
+type DatagramFrame struct {
+ DataLenPresent bool
+ Data []byte
+}
+
+func parseDatagramFrame(r *bytes.Reader, _ protocol.VersionNumber) (*DatagramFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ f := &DatagramFrame{}
+ f.DataLenPresent = typeByte&0x1 > 0
+
+ var length uint64
+ if f.DataLenPresent {
+ var err error
+ len, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ if len > uint64(r.Len()) {
+ return nil, io.EOF
+ }
+ length = len
+ } else {
+ length = uint64(r.Len())
+ }
+ f.Data = make([]byte, length)
+ if _, err := io.ReadFull(r, f.Data); err != nil {
+ return nil, err
+ }
+ return f, nil
+}
+
+func (f *DatagramFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ typeByte := uint8(0x30)
+ if f.DataLenPresent {
+ typeByte ^= 0x1
+ }
+ b.WriteByte(typeByte)
+ if f.DataLenPresent {
+ quicvarint.Write(b, uint64(len(f.Data)))
+ }
+ b.Write(f.Data)
+ return nil
+}
+
+// MaxDataLen returns the maximum data length
+func (f *DatagramFrame) MaxDataLen(maxSize protocol.ByteCount, version protocol.VersionNumber) protocol.ByteCount {
+ headerLen := protocol.ByteCount(1)
+ if f.DataLenPresent {
+ // pretend that the data size will be 1 bytes
+ // if it turns out that varint encoding the length will consume 2 bytes, we need to adjust the data length afterwards
+ headerLen++
+ }
+ if headerLen > maxSize {
+ return 0
+ }
+ maxDataLen := maxSize - headerLen
+ if f.DataLenPresent && quicvarint.Len(uint64(maxDataLen)) != 1 {
+ maxDataLen--
+ }
+ return maxDataLen
+}
+
+// Length of a written frame
+func (f *DatagramFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ length := 1 + protocol.ByteCount(len(f.Data))
+ if f.DataLenPresent {
+ length += quicvarint.Len(uint64(len(f.Data)))
+ }
+ return length
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/extended_header.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/extended_header.go
new file mode 100644
index 00000000..b8938aca
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/extended_header.go
@@ -0,0 +1,235 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "fmt"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// ErrInvalidReservedBits is returned when the reserved bits are incorrect.
+// When this error is returned, parsing continues, and an ExtendedHeader is returned.
+// This is necessary because we need to decrypt the packet in that case,
+// in order to avoid a timing side-channel.
+var ErrInvalidReservedBits = errors.New("invalid reserved bits")
+
+// ExtendedHeader is the header of a QUIC packet.
+type ExtendedHeader struct {
+ Header
+
+ typeByte byte
+
+ KeyPhase protocol.KeyPhaseBit
+
+ PacketNumberLen protocol.PacketNumberLen
+ PacketNumber protocol.PacketNumber
+
+ parsedLen protocol.ByteCount
+}
+
+func (h *ExtendedHeader) parse(b *bytes.Reader, v protocol.VersionNumber) (bool /* reserved bits valid */, error) {
+ startLen := b.Len()
+ // read the (now unencrypted) first byte
+ var err error
+ h.typeByte, err = b.ReadByte()
+ if err != nil {
+ return false, err
+ }
+ if _, err := b.Seek(int64(h.Header.ParsedLen())-1, io.SeekCurrent); err != nil {
+ return false, err
+ }
+ var reservedBitsValid bool
+ if h.IsLongHeader {
+ reservedBitsValid, err = h.parseLongHeader(b, v)
+ } else {
+ reservedBitsValid, err = h.parseShortHeader(b, v)
+ }
+ if err != nil {
+ return false, err
+ }
+ h.parsedLen = protocol.ByteCount(startLen - b.Len())
+ return reservedBitsValid, err
+}
+
+func (h *ExtendedHeader) parseLongHeader(b *bytes.Reader, _ protocol.VersionNumber) (bool /* reserved bits valid */, error) {
+ if err := h.readPacketNumber(b); err != nil {
+ return false, err
+ }
+ if h.typeByte&0xc != 0 {
+ return false, nil
+ }
+ return true, nil
+}
+
+func (h *ExtendedHeader) parseShortHeader(b *bytes.Reader, _ protocol.VersionNumber) (bool /* reserved bits valid */, error) {
+ h.KeyPhase = protocol.KeyPhaseZero
+ if h.typeByte&0x4 > 0 {
+ h.KeyPhase = protocol.KeyPhaseOne
+ }
+
+ if err := h.readPacketNumber(b); err != nil {
+ return false, err
+ }
+ if h.typeByte&0x18 != 0 {
+ return false, nil
+ }
+ return true, nil
+}
+
+func (h *ExtendedHeader) readPacketNumber(b *bytes.Reader) error {
+ h.PacketNumberLen = protocol.PacketNumberLen(h.typeByte&0x3) + 1
+ switch h.PacketNumberLen {
+ case protocol.PacketNumberLen1:
+ n, err := b.ReadByte()
+ if err != nil {
+ return err
+ }
+ h.PacketNumber = protocol.PacketNumber(n)
+ case protocol.PacketNumberLen2:
+ n, err := utils.BigEndian.ReadUint16(b)
+ if err != nil {
+ return err
+ }
+ h.PacketNumber = protocol.PacketNumber(n)
+ case protocol.PacketNumberLen3:
+ n, err := utils.BigEndian.ReadUint24(b)
+ if err != nil {
+ return err
+ }
+ h.PacketNumber = protocol.PacketNumber(n)
+ case protocol.PacketNumberLen4:
+ n, err := utils.BigEndian.ReadUint32(b)
+ if err != nil {
+ return err
+ }
+ h.PacketNumber = protocol.PacketNumber(n)
+ default:
+ return fmt.Errorf("invalid packet number length: %d", h.PacketNumberLen)
+ }
+ return nil
+}
+
+// Write writes the Header.
+func (h *ExtendedHeader) Write(b *bytes.Buffer, ver protocol.VersionNumber) error {
+ if h.DestConnectionID.Len() > protocol.MaxConnIDLen {
+ return fmt.Errorf("invalid connection ID length: %d bytes", h.DestConnectionID.Len())
+ }
+ if h.SrcConnectionID.Len() > protocol.MaxConnIDLen {
+ return fmt.Errorf("invalid connection ID length: %d bytes", h.SrcConnectionID.Len())
+ }
+ if h.IsLongHeader {
+ return h.writeLongHeader(b, ver)
+ }
+ return h.writeShortHeader(b, ver)
+}
+
+func (h *ExtendedHeader) writeLongHeader(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ var packetType uint8
+ //nolint:exhaustive
+ switch h.Type {
+ case protocol.PacketTypeInitial:
+ packetType = 0x0
+ case protocol.PacketType0RTT:
+ packetType = 0x1
+ case protocol.PacketTypeHandshake:
+ packetType = 0x2
+ case protocol.PacketTypeRetry:
+ packetType = 0x3
+ }
+ firstByte := 0xc0 | packetType<<4
+ if h.Type != protocol.PacketTypeRetry {
+ // Retry packets don't have a packet number
+ firstByte |= uint8(h.PacketNumberLen - 1)
+ }
+
+ b.WriteByte(firstByte)
+ utils.BigEndian.WriteUint32(b, uint32(h.Version))
+ b.WriteByte(uint8(h.DestConnectionID.Len()))
+ b.Write(h.DestConnectionID.Bytes())
+ b.WriteByte(uint8(h.SrcConnectionID.Len()))
+ b.Write(h.SrcConnectionID.Bytes())
+
+ //nolint:exhaustive
+ switch h.Type {
+ case protocol.PacketTypeRetry:
+ b.Write(h.Token)
+ return nil
+ case protocol.PacketTypeInitial:
+ quicvarint.Write(b, uint64(len(h.Token)))
+ b.Write(h.Token)
+ }
+ quicvarint.WriteWithLen(b, uint64(h.Length), 2)
+ return h.writePacketNumber(b)
+}
+
+func (h *ExtendedHeader) writeShortHeader(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ typeByte := 0x40 | uint8(h.PacketNumberLen-1)
+ if h.KeyPhase == protocol.KeyPhaseOne {
+ typeByte |= byte(1 << 2)
+ }
+
+ b.WriteByte(typeByte)
+ b.Write(h.DestConnectionID.Bytes())
+ return h.writePacketNumber(b)
+}
+
+func (h *ExtendedHeader) writePacketNumber(b *bytes.Buffer) error {
+ switch h.PacketNumberLen {
+ case protocol.PacketNumberLen1:
+ b.WriteByte(uint8(h.PacketNumber))
+ case protocol.PacketNumberLen2:
+ utils.BigEndian.WriteUint16(b, uint16(h.PacketNumber))
+ case protocol.PacketNumberLen3:
+ utils.BigEndian.WriteUint24(b, uint32(h.PacketNumber))
+ case protocol.PacketNumberLen4:
+ utils.BigEndian.WriteUint32(b, uint32(h.PacketNumber))
+ default:
+ return fmt.Errorf("invalid packet number length: %d", h.PacketNumberLen)
+ }
+ return nil
+}
+
+// ParsedLen returns the number of bytes that were consumed when parsing the header
+func (h *ExtendedHeader) ParsedLen() protocol.ByteCount {
+ return h.parsedLen
+}
+
+// GetLength determines the length of the Header.
+func (h *ExtendedHeader) GetLength(v protocol.VersionNumber) protocol.ByteCount {
+ if h.IsLongHeader {
+ length := 1 /* type byte */ + 4 /* version */ + 1 /* dest conn ID len */ + protocol.ByteCount(h.DestConnectionID.Len()) + 1 /* src conn ID len */ + protocol.ByteCount(h.SrcConnectionID.Len()) + protocol.ByteCount(h.PacketNumberLen) + 2 /* length */
+ if h.Type == protocol.PacketTypeInitial {
+ length += quicvarint.Len(uint64(len(h.Token))) + protocol.ByteCount(len(h.Token))
+ }
+ return length
+ }
+
+ length := protocol.ByteCount(1 /* type byte */ + h.DestConnectionID.Len())
+ length += protocol.ByteCount(h.PacketNumberLen)
+ return length
+}
+
+// Log logs the Header
+func (h *ExtendedHeader) Log(logger utils.Logger) {
+ if h.IsLongHeader {
+ var token string
+ if h.Type == protocol.PacketTypeInitial || h.Type == protocol.PacketTypeRetry {
+ if len(h.Token) == 0 {
+ token = "Token: (empty), "
+ } else {
+ token = fmt.Sprintf("Token: %#x, ", h.Token)
+ }
+ if h.Type == protocol.PacketTypeRetry {
+ logger.Debugf("\tLong Header{Type: %s, DestConnectionID: %s, SrcConnectionID: %s, %sVersion: %s}", h.Type, h.DestConnectionID, h.SrcConnectionID, token, h.Version)
+ return
+ }
+ }
+ logger.Debugf("\tLong Header{Type: %s, DestConnectionID: %s, SrcConnectionID: %s, %sPacketNumber: %d, PacketNumberLen: %d, Length: %d, Version: %s}", h.Type, h.DestConnectionID, h.SrcConnectionID, token, h.PacketNumber, h.PacketNumberLen, h.Length, h.Version)
+ } else {
+ logger.Debugf("\tShort Header{DestConnectionID: %s, PacketNumber: %d, PacketNumberLen: %d, KeyPhase: %s}", h.DestConnectionID, h.PacketNumber, h.PacketNumberLen, h.KeyPhase)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/frame_parser.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/frame_parser.go
new file mode 100644
index 00000000..f3a51ecb
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/frame_parser.go
@@ -0,0 +1,143 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "fmt"
+ "reflect"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+)
+
+type frameParser struct {
+ ackDelayExponent uint8
+
+ supportsDatagrams bool
+
+ version protocol.VersionNumber
+}
+
+// NewFrameParser creates a new frame parser.
+func NewFrameParser(supportsDatagrams bool, v protocol.VersionNumber) FrameParser {
+ return &frameParser{
+ supportsDatagrams: supportsDatagrams,
+ version: v,
+ }
+}
+
+// ParseNext parses the next frame.
+// It skips PADDING frames.
+func (p *frameParser) ParseNext(r *bytes.Reader, encLevel protocol.EncryptionLevel) (Frame, error) {
+ for r.Len() != 0 {
+ typeByte, _ := r.ReadByte()
+ if typeByte == 0x0 { // PADDING frame
+ continue
+ }
+ r.UnreadByte()
+
+ f, err := p.parseFrame(r, typeByte, encLevel)
+ if err != nil {
+ return nil, &qerr.TransportError{
+ FrameType: uint64(typeByte),
+ ErrorCode: qerr.FrameEncodingError,
+ ErrorMessage: err.Error(),
+ }
+ }
+ return f, nil
+ }
+ return nil, nil
+}
+
+func (p *frameParser) parseFrame(r *bytes.Reader, typeByte byte, encLevel protocol.EncryptionLevel) (Frame, error) {
+ var frame Frame
+ var err error
+ if typeByte&0xf8 == 0x8 {
+ frame, err = parseStreamFrame(r, p.version)
+ } else {
+ switch typeByte {
+ case 0x1:
+ frame, err = parsePingFrame(r, p.version)
+ case 0x2, 0x3:
+ ackDelayExponent := p.ackDelayExponent
+ if encLevel != protocol.Encryption1RTT {
+ ackDelayExponent = protocol.DefaultAckDelayExponent
+ }
+ frame, err = parseAckFrame(r, ackDelayExponent, p.version)
+ case 0x4:
+ frame, err = parseResetStreamFrame(r, p.version)
+ case 0x5:
+ frame, err = parseStopSendingFrame(r, p.version)
+ case 0x6:
+ frame, err = parseCryptoFrame(r, p.version)
+ case 0x7:
+ frame, err = parseNewTokenFrame(r, p.version)
+ case 0x10:
+ frame, err = parseMaxDataFrame(r, p.version)
+ case 0x11:
+ frame, err = parseMaxStreamDataFrame(r, p.version)
+ case 0x12, 0x13:
+ frame, err = parseMaxStreamsFrame(r, p.version)
+ case 0x14:
+ frame, err = parseDataBlockedFrame(r, p.version)
+ case 0x15:
+ frame, err = parseStreamDataBlockedFrame(r, p.version)
+ case 0x16, 0x17:
+ frame, err = parseStreamsBlockedFrame(r, p.version)
+ case 0x18:
+ frame, err = parseNewConnectionIDFrame(r, p.version)
+ case 0x19:
+ frame, err = parseRetireConnectionIDFrame(r, p.version)
+ case 0x1a:
+ frame, err = parsePathChallengeFrame(r, p.version)
+ case 0x1b:
+ frame, err = parsePathResponseFrame(r, p.version)
+ case 0x1c, 0x1d:
+ frame, err = parseConnectionCloseFrame(r, p.version)
+ case 0x1e:
+ frame, err = parseHandshakeDoneFrame(r, p.version)
+ case 0x30, 0x31:
+ if p.supportsDatagrams {
+ frame, err = parseDatagramFrame(r, p.version)
+ break
+ }
+ fallthrough
+ default:
+ err = errors.New("unknown frame type")
+ }
+ }
+ if err != nil {
+ return nil, err
+ }
+ if !p.isAllowedAtEncLevel(frame, encLevel) {
+ return nil, fmt.Errorf("%s not allowed at encryption level %s", reflect.TypeOf(frame).Elem().Name(), encLevel)
+ }
+ return frame, nil
+}
+
+func (p *frameParser) isAllowedAtEncLevel(f Frame, encLevel protocol.EncryptionLevel) bool {
+ switch encLevel {
+ case protocol.EncryptionInitial, protocol.EncryptionHandshake:
+ switch f.(type) {
+ case *CryptoFrame, *AckFrame, *ConnectionCloseFrame, *PingFrame:
+ return true
+ default:
+ return false
+ }
+ case protocol.Encryption0RTT:
+ switch f.(type) {
+ case *CryptoFrame, *AckFrame, *ConnectionCloseFrame, *NewTokenFrame, *PathResponseFrame, *RetireConnectionIDFrame:
+ return false
+ default:
+ return true
+ }
+ case protocol.Encryption1RTT:
+ return true
+ default:
+ panic("unknown encryption level")
+ }
+}
+
+func (p *frameParser) SetAckDelayExponent(exp uint8) {
+ p.ackDelayExponent = exp
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/handshake_done_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/handshake_done_frame.go
new file mode 100644
index 00000000..158d659f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/handshake_done_frame.go
@@ -0,0 +1,28 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A HandshakeDoneFrame is a HANDSHAKE_DONE frame
+type HandshakeDoneFrame struct{}
+
+// ParseHandshakeDoneFrame parses a HandshakeDone frame
+func parseHandshakeDoneFrame(r *bytes.Reader, _ protocol.VersionNumber) (*HandshakeDoneFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ return &HandshakeDoneFrame{}, nil
+}
+
+func (f *HandshakeDoneFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x1e)
+ return nil
+}
+
+// Length of a written frame
+func (f *HandshakeDoneFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/header.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/header.go
new file mode 100644
index 00000000..07ca9f05
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/header.go
@@ -0,0 +1,257 @@
+package wire
+
+import (
+ "bytes"
+ "encoding/binary"
+ "errors"
+ "fmt"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// ParseConnectionID parses the destination connection ID of a packet.
+// It uses the data slice for the connection ID.
+// That means that the connection ID must not be used after the packet buffer is released.
+func ParseConnectionID(data []byte, shortHeaderConnIDLen int) (protocol.ConnectionID, error) {
+ if len(data) == 0 {
+ return nil, io.EOF
+ }
+ isLongHeader := data[0]&0x80 > 0
+ if !isLongHeader {
+ if len(data) < shortHeaderConnIDLen+1 {
+ return nil, io.EOF
+ }
+ return protocol.ConnectionID(data[1 : 1+shortHeaderConnIDLen]), nil
+ }
+ if len(data) < 6 {
+ return nil, io.EOF
+ }
+ destConnIDLen := int(data[5])
+ if len(data) < 6+destConnIDLen {
+ return nil, io.EOF
+ }
+ return protocol.ConnectionID(data[6 : 6+destConnIDLen]), nil
+}
+
+// IsVersionNegotiationPacket says if this is a version negotiation packet
+func IsVersionNegotiationPacket(b []byte) bool {
+ if len(b) < 5 {
+ return false
+ }
+ return b[0]&0x80 > 0 && b[1] == 0 && b[2] == 0 && b[3] == 0 && b[4] == 0
+}
+
+// Is0RTTPacket says if this is a 0-RTT packet.
+// A packet sent with a version we don't understand can never be a 0-RTT packet.
+func Is0RTTPacket(b []byte) bool {
+ if len(b) < 5 {
+ return false
+ }
+ if b[0]&0x80 == 0 {
+ return false
+ }
+ if !protocol.IsSupportedVersion(protocol.SupportedVersions, protocol.VersionNumber(binary.BigEndian.Uint32(b[1:5]))) {
+ return false
+ }
+ return b[0]&0x30>>4 == 0x1
+}
+
+var ErrUnsupportedVersion = errors.New("unsupported version")
+
+// The Header is the version independent part of the header
+type Header struct {
+ IsLongHeader bool
+ typeByte byte
+ Type protocol.PacketType
+
+ Version protocol.VersionNumber
+ SrcConnectionID protocol.ConnectionID
+ DestConnectionID protocol.ConnectionID
+
+ Length protocol.ByteCount
+
+ Token []byte
+
+ parsedLen protocol.ByteCount // how many bytes were read while parsing this header
+}
+
+// ParsePacket parses a packet.
+// If the packet has a long header, the packet is cut according to the length field.
+// If we understand the version, the packet is header up unto the packet number.
+// Otherwise, only the invariant part of the header is parsed.
+func ParsePacket(data []byte, shortHeaderConnIDLen int) (*Header, []byte /* packet data */, []byte /* rest */, error) {
+ hdr, err := parseHeader(bytes.NewReader(data), shortHeaderConnIDLen)
+ if err != nil {
+ if err == ErrUnsupportedVersion {
+ return hdr, nil, nil, ErrUnsupportedVersion
+ }
+ return nil, nil, nil, err
+ }
+ var rest []byte
+ if hdr.IsLongHeader {
+ if protocol.ByteCount(len(data)) < hdr.ParsedLen()+hdr.Length {
+ return nil, nil, nil, fmt.Errorf("packet length (%d bytes) is smaller than the expected length (%d bytes)", len(data)-int(hdr.ParsedLen()), hdr.Length)
+ }
+ packetLen := int(hdr.ParsedLen() + hdr.Length)
+ rest = data[packetLen:]
+ data = data[:packetLen]
+ }
+ return hdr, data, rest, nil
+}
+
+// ParseHeader parses the header.
+// For short header packets: up to the packet number.
+// For long header packets:
+// * if we understand the version: up to the packet number
+// * if not, only the invariant part of the header
+func parseHeader(b *bytes.Reader, shortHeaderConnIDLen int) (*Header, error) {
+ startLen := b.Len()
+ h, err := parseHeaderImpl(b, shortHeaderConnIDLen)
+ if err != nil {
+ return h, err
+ }
+ h.parsedLen = protocol.ByteCount(startLen - b.Len())
+ return h, err
+}
+
+func parseHeaderImpl(b *bytes.Reader, shortHeaderConnIDLen int) (*Header, error) {
+ typeByte, err := b.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ h := &Header{
+ typeByte: typeByte,
+ IsLongHeader: typeByte&0x80 > 0,
+ }
+
+ if !h.IsLongHeader {
+ if h.typeByte&0x40 == 0 {
+ return nil, errors.New("not a QUIC packet")
+ }
+ if err := h.parseShortHeader(b, shortHeaderConnIDLen); err != nil {
+ return nil, err
+ }
+ return h, nil
+ }
+ return h, h.parseLongHeader(b)
+}
+
+func (h *Header) parseShortHeader(b *bytes.Reader, shortHeaderConnIDLen int) error {
+ var err error
+ h.DestConnectionID, err = protocol.ReadConnectionID(b, shortHeaderConnIDLen)
+ return err
+}
+
+func (h *Header) parseLongHeader(b *bytes.Reader) error {
+ v, err := utils.BigEndian.ReadUint32(b)
+ if err != nil {
+ return err
+ }
+ h.Version = protocol.VersionNumber(v)
+ if h.Version != 0 && h.typeByte&0x40 == 0 {
+ return errors.New("not a QUIC packet")
+ }
+ destConnIDLen, err := b.ReadByte()
+ if err != nil {
+ return err
+ }
+ h.DestConnectionID, err = protocol.ReadConnectionID(b, int(destConnIDLen))
+ if err != nil {
+ return err
+ }
+ srcConnIDLen, err := b.ReadByte()
+ if err != nil {
+ return err
+ }
+ h.SrcConnectionID, err = protocol.ReadConnectionID(b, int(srcConnIDLen))
+ if err != nil {
+ return err
+ }
+ if h.Version == 0 { // version negotiation packet
+ return nil
+ }
+ // If we don't understand the version, we have no idea how to interpret the rest of the bytes
+ if !protocol.IsSupportedVersion(protocol.SupportedVersions, h.Version) {
+ return ErrUnsupportedVersion
+ }
+
+ switch (h.typeByte & 0x30) >> 4 {
+ case 0x0:
+ h.Type = protocol.PacketTypeInitial
+ case 0x1:
+ h.Type = protocol.PacketType0RTT
+ case 0x2:
+ h.Type = protocol.PacketTypeHandshake
+ case 0x3:
+ h.Type = protocol.PacketTypeRetry
+ }
+
+ if h.Type == protocol.PacketTypeRetry {
+ tokenLen := b.Len() - 16
+ if tokenLen <= 0 {
+ return io.EOF
+ }
+ h.Token = make([]byte, tokenLen)
+ if _, err := io.ReadFull(b, h.Token); err != nil {
+ return err
+ }
+ _, err := b.Seek(16, io.SeekCurrent)
+ return err
+ }
+
+ if h.Type == protocol.PacketTypeInitial {
+ tokenLen, err := quicvarint.Read(b)
+ if err != nil {
+ return err
+ }
+ if tokenLen > uint64(b.Len()) {
+ return io.EOF
+ }
+ h.Token = make([]byte, tokenLen)
+ if _, err := io.ReadFull(b, h.Token); err != nil {
+ return err
+ }
+ }
+
+ pl, err := quicvarint.Read(b)
+ if err != nil {
+ return err
+ }
+ h.Length = protocol.ByteCount(pl)
+ return nil
+}
+
+// ParsedLen returns the number of bytes that were consumed when parsing the header
+func (h *Header) ParsedLen() protocol.ByteCount {
+ return h.parsedLen
+}
+
+// ParseExtended parses the version dependent part of the header.
+// The Reader has to be set such that it points to the first byte of the header.
+func (h *Header) ParseExtended(b *bytes.Reader, ver protocol.VersionNumber) (*ExtendedHeader, error) {
+ extHdr := h.toExtendedHeader()
+ reservedBitsValid, err := extHdr.parse(b, ver)
+ if err != nil {
+ return nil, err
+ }
+ if !reservedBitsValid {
+ return extHdr, ErrInvalidReservedBits
+ }
+ return extHdr, nil
+}
+
+func (h *Header) toExtendedHeader() *ExtendedHeader {
+ return &ExtendedHeader{Header: *h}
+}
+
+// PacketType is the type of the packet, for logging purposes
+func (h *Header) PacketType() string {
+ if h.IsLongHeader {
+ return h.Type.String()
+ }
+ return "1-RTT"
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/interface.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/interface.go
new file mode 100644
index 00000000..99fdc80f
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/interface.go
@@ -0,0 +1,19 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A Frame in QUIC
+type Frame interface {
+ Write(b *bytes.Buffer, version protocol.VersionNumber) error
+ Length(version protocol.VersionNumber) protocol.ByteCount
+}
+
+// A FrameParser parses QUIC frames, one by one.
+type FrameParser interface {
+ ParseNext(*bytes.Reader, protocol.EncryptionLevel) (Frame, error)
+ SetAckDelayExponent(uint8)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/log.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/log.go
new file mode 100644
index 00000000..30cf9424
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/log.go
@@ -0,0 +1,72 @@
+package wire
+
+import (
+ "fmt"
+ "strings"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+// LogFrame logs a frame, either sent or received
+func LogFrame(logger utils.Logger, frame Frame, sent bool) {
+ if !logger.Debug() {
+ return
+ }
+ dir := "<-"
+ if sent {
+ dir = "->"
+ }
+ switch f := frame.(type) {
+ case *CryptoFrame:
+ dataLen := protocol.ByteCount(len(f.Data))
+ logger.Debugf("\t%s &wire.CryptoFrame{Offset: %d, Data length: %d, Offset + Data length: %d}", dir, f.Offset, dataLen, f.Offset+dataLen)
+ case *StreamFrame:
+ logger.Debugf("\t%s &wire.StreamFrame{StreamID: %d, Fin: %t, Offset: %d, Data length: %d, Offset + Data length: %d}", dir, f.StreamID, f.Fin, f.Offset, f.DataLen(), f.Offset+f.DataLen())
+ case *ResetStreamFrame:
+ logger.Debugf("\t%s &wire.ResetStreamFrame{StreamID: %d, ErrorCode: %#x, FinalSize: %d}", dir, f.StreamID, f.ErrorCode, f.FinalSize)
+ case *AckFrame:
+ hasECN := f.ECT0 > 0 || f.ECT1 > 0 || f.ECNCE > 0
+ var ecn string
+ if hasECN {
+ ecn = fmt.Sprintf(", ECT0: %d, ECT1: %d, CE: %d", f.ECT0, f.ECT1, f.ECNCE)
+ }
+ if len(f.AckRanges) > 1 {
+ ackRanges := make([]string, len(f.AckRanges))
+ for i, r := range f.AckRanges {
+ ackRanges[i] = fmt.Sprintf("{Largest: %d, Smallest: %d}", r.Largest, r.Smallest)
+ }
+ logger.Debugf("\t%s &wire.AckFrame{LargestAcked: %d, LowestAcked: %d, AckRanges: {%s}, DelayTime: %s%s}", dir, f.LargestAcked(), f.LowestAcked(), strings.Join(ackRanges, ", "), f.DelayTime.String(), ecn)
+ } else {
+ logger.Debugf("\t%s &wire.AckFrame{LargestAcked: %d, LowestAcked: %d, DelayTime: %s%s}", dir, f.LargestAcked(), f.LowestAcked(), f.DelayTime.String(), ecn)
+ }
+ case *MaxDataFrame:
+ logger.Debugf("\t%s &wire.MaxDataFrame{MaximumData: %d}", dir, f.MaximumData)
+ case *MaxStreamDataFrame:
+ logger.Debugf("\t%s &wire.MaxStreamDataFrame{StreamID: %d, MaximumStreamData: %d}", dir, f.StreamID, f.MaximumStreamData)
+ case *DataBlockedFrame:
+ logger.Debugf("\t%s &wire.DataBlockedFrame{MaximumData: %d}", dir, f.MaximumData)
+ case *StreamDataBlockedFrame:
+ logger.Debugf("\t%s &wire.StreamDataBlockedFrame{StreamID: %d, MaximumStreamData: %d}", dir, f.StreamID, f.MaximumStreamData)
+ case *MaxStreamsFrame:
+ switch f.Type {
+ case protocol.StreamTypeUni:
+ logger.Debugf("\t%s &wire.MaxStreamsFrame{Type: uni, MaxStreamNum: %d}", dir, f.MaxStreamNum)
+ case protocol.StreamTypeBidi:
+ logger.Debugf("\t%s &wire.MaxStreamsFrame{Type: bidi, MaxStreamNum: %d}", dir, f.MaxStreamNum)
+ }
+ case *StreamsBlockedFrame:
+ switch f.Type {
+ case protocol.StreamTypeUni:
+ logger.Debugf("\t%s &wire.StreamsBlockedFrame{Type: uni, MaxStreams: %d}", dir, f.StreamLimit)
+ case protocol.StreamTypeBidi:
+ logger.Debugf("\t%s &wire.StreamsBlockedFrame{Type: bidi, MaxStreams: %d}", dir, f.StreamLimit)
+ }
+ case *NewConnectionIDFrame:
+ logger.Debugf("\t%s &wire.NewConnectionIDFrame{SequenceNumber: %d, ConnectionID: %s, StatelessResetToken: %#x}", dir, f.SequenceNumber, f.ConnectionID, f.StatelessResetToken)
+ case *NewTokenFrame:
+ logger.Debugf("\t%s &wire.NewTokenFrame{Token: %#x}", dir, f.Token)
+ default:
+ logger.Debugf("\t%s %#v", dir, frame)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_data_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_data_frame.go
new file mode 100644
index 00000000..a9a09248
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_data_frame.go
@@ -0,0 +1,40 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A MaxDataFrame carries flow control information for the connection
+type MaxDataFrame struct {
+ MaximumData protocol.ByteCount
+}
+
+// parseMaxDataFrame parses a MAX_DATA frame
+func parseMaxDataFrame(r *bytes.Reader, _ protocol.VersionNumber) (*MaxDataFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ frame := &MaxDataFrame{}
+ byteOffset, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ frame.MaximumData = protocol.ByteCount(byteOffset)
+ return frame, nil
+}
+
+// Write writes a MAX_STREAM_DATA frame
+func (f *MaxDataFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ b.WriteByte(0x10)
+ quicvarint.Write(b, uint64(f.MaximumData))
+ return nil
+}
+
+// Length of a written frame
+func (f *MaxDataFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.MaximumData))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_stream_data_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_stream_data_frame.go
new file mode 100644
index 00000000..728ecbe8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_stream_data_frame.go
@@ -0,0 +1,46 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A MaxStreamDataFrame is a MAX_STREAM_DATA frame
+type MaxStreamDataFrame struct {
+ StreamID protocol.StreamID
+ MaximumStreamData protocol.ByteCount
+}
+
+func parseMaxStreamDataFrame(r *bytes.Reader, _ protocol.VersionNumber) (*MaxStreamDataFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ sid, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ offset, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+
+ return &MaxStreamDataFrame{
+ StreamID: protocol.StreamID(sid),
+ MaximumStreamData: protocol.ByteCount(offset),
+ }, nil
+}
+
+func (f *MaxStreamDataFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ b.WriteByte(0x11)
+ quicvarint.Write(b, uint64(f.StreamID))
+ quicvarint.Write(b, uint64(f.MaximumStreamData))
+ return nil
+}
+
+// Length of a written frame
+func (f *MaxStreamDataFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.StreamID)) + quicvarint.Len(uint64(f.MaximumStreamData))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_streams_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_streams_frame.go
new file mode 100644
index 00000000..73d7e13e
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/max_streams_frame.go
@@ -0,0 +1,55 @@
+package wire
+
+import (
+ "bytes"
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A MaxStreamsFrame is a MAX_STREAMS frame
+type MaxStreamsFrame struct {
+ Type protocol.StreamType
+ MaxStreamNum protocol.StreamNum
+}
+
+func parseMaxStreamsFrame(r *bytes.Reader, _ protocol.VersionNumber) (*MaxStreamsFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ f := &MaxStreamsFrame{}
+ switch typeByte {
+ case 0x12:
+ f.Type = protocol.StreamTypeBidi
+ case 0x13:
+ f.Type = protocol.StreamTypeUni
+ }
+ streamID, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ f.MaxStreamNum = protocol.StreamNum(streamID)
+ if f.MaxStreamNum > protocol.MaxStreamCount {
+ return nil, fmt.Errorf("%d exceeds the maximum stream count", f.MaxStreamNum)
+ }
+ return f, nil
+}
+
+func (f *MaxStreamsFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ switch f.Type {
+ case protocol.StreamTypeBidi:
+ b.WriteByte(0x12)
+ case protocol.StreamTypeUni:
+ b.WriteByte(0x13)
+ }
+ quicvarint.Write(b, uint64(f.MaxStreamNum))
+ return nil
+}
+
+// Length of a written frame
+func (f *MaxStreamsFrame) Length(protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.MaxStreamNum))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_connection_id_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_connection_id_frame.go
new file mode 100644
index 00000000..1a017ba9
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_connection_id_frame.go
@@ -0,0 +1,80 @@
+package wire
+
+import (
+ "bytes"
+ "fmt"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A NewConnectionIDFrame is a NEW_CONNECTION_ID frame
+type NewConnectionIDFrame struct {
+ SequenceNumber uint64
+ RetirePriorTo uint64
+ ConnectionID protocol.ConnectionID
+ StatelessResetToken protocol.StatelessResetToken
+}
+
+func parseNewConnectionIDFrame(r *bytes.Reader, _ protocol.VersionNumber) (*NewConnectionIDFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ seq, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ ret, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ if ret > seq {
+ //nolint:stylecheck
+ return nil, fmt.Errorf("Retire Prior To value (%d) larger than Sequence Number (%d)", ret, seq)
+ }
+ connIDLen, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+ if connIDLen > protocol.MaxConnIDLen {
+ return nil, fmt.Errorf("invalid connection ID length: %d", connIDLen)
+ }
+ connID, err := protocol.ReadConnectionID(r, int(connIDLen))
+ if err != nil {
+ return nil, err
+ }
+ frame := &NewConnectionIDFrame{
+ SequenceNumber: seq,
+ RetirePriorTo: ret,
+ ConnectionID: connID,
+ }
+ if _, err := io.ReadFull(r, frame.StatelessResetToken[:]); err != nil {
+ if err == io.ErrUnexpectedEOF {
+ return nil, io.EOF
+ }
+ return nil, err
+ }
+
+ return frame, nil
+}
+
+func (f *NewConnectionIDFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x18)
+ quicvarint.Write(b, f.SequenceNumber)
+ quicvarint.Write(b, f.RetirePriorTo)
+ connIDLen := f.ConnectionID.Len()
+ if connIDLen > protocol.MaxConnIDLen {
+ return fmt.Errorf("invalid connection ID length: %d", connIDLen)
+ }
+ b.WriteByte(uint8(connIDLen))
+ b.Write(f.ConnectionID.Bytes())
+ b.Write(f.StatelessResetToken[:])
+ return nil
+}
+
+// Length of a written frame
+func (f *NewConnectionIDFrame) Length(protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(f.SequenceNumber) + quicvarint.Len(f.RetirePriorTo) + 1 /* connection ID length */ + protocol.ByteCount(f.ConnectionID.Len()) + 16
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_token_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_token_frame.go
new file mode 100644
index 00000000..3d5d5c3a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/new_token_frame.go
@@ -0,0 +1,48 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A NewTokenFrame is a NEW_TOKEN frame
+type NewTokenFrame struct {
+ Token []byte
+}
+
+func parseNewTokenFrame(r *bytes.Reader, _ protocol.VersionNumber) (*NewTokenFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ tokenLen, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ if uint64(r.Len()) < tokenLen {
+ return nil, io.EOF
+ }
+ if tokenLen == 0 {
+ return nil, errors.New("token must not be empty")
+ }
+ token := make([]byte, int(tokenLen))
+ if _, err := io.ReadFull(r, token); err != nil {
+ return nil, err
+ }
+ return &NewTokenFrame{Token: token}, nil
+}
+
+func (f *NewTokenFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x7)
+ quicvarint.Write(b, uint64(len(f.Token)))
+ b.Write(f.Token)
+ return nil
+}
+
+// Length of a written frame
+func (f *NewTokenFrame) Length(protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(len(f.Token))) + protocol.ByteCount(len(f.Token))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_challenge_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_challenge_frame.go
new file mode 100644
index 00000000..5ec82177
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_challenge_frame.go
@@ -0,0 +1,38 @@
+package wire
+
+import (
+ "bytes"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A PathChallengeFrame is a PATH_CHALLENGE frame
+type PathChallengeFrame struct {
+ Data [8]byte
+}
+
+func parsePathChallengeFrame(r *bytes.Reader, _ protocol.VersionNumber) (*PathChallengeFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ frame := &PathChallengeFrame{}
+ if _, err := io.ReadFull(r, frame.Data[:]); err != nil {
+ if err == io.ErrUnexpectedEOF {
+ return nil, io.EOF
+ }
+ return nil, err
+ }
+ return frame, nil
+}
+
+func (f *PathChallengeFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x1a)
+ b.Write(f.Data[:])
+ return nil
+}
+
+// Length of a written frame
+func (f *PathChallengeFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1 + 8
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_response_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_response_frame.go
new file mode 100644
index 00000000..262819f8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/path_response_frame.go
@@ -0,0 +1,38 @@
+package wire
+
+import (
+ "bytes"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A PathResponseFrame is a PATH_RESPONSE frame
+type PathResponseFrame struct {
+ Data [8]byte
+}
+
+func parsePathResponseFrame(r *bytes.Reader, _ protocol.VersionNumber) (*PathResponseFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ frame := &PathResponseFrame{}
+ if _, err := io.ReadFull(r, frame.Data[:]); err != nil {
+ if err == io.ErrUnexpectedEOF {
+ return nil, io.EOF
+ }
+ return nil, err
+ }
+ return frame, nil
+}
+
+func (f *PathResponseFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x1b)
+ b.Write(f.Data[:])
+ return nil
+}
+
+// Length of a written frame
+func (f *PathResponseFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1 + 8
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/ping_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ping_frame.go
new file mode 100644
index 00000000..dc029e45
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/ping_frame.go
@@ -0,0 +1,27 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// A PingFrame is a PING frame
+type PingFrame struct{}
+
+func parsePingFrame(r *bytes.Reader, _ protocol.VersionNumber) (*PingFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+ return &PingFrame{}, nil
+}
+
+func (f *PingFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ b.WriteByte(0x1)
+ return nil
+}
+
+// Length of a written frame
+func (f *PingFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/pool.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/pool.go
new file mode 100644
index 00000000..c057395e
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/pool.go
@@ -0,0 +1,33 @@
+package wire
+
+import (
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+var pool sync.Pool
+
+func init() {
+ pool.New = func() interface{} {
+ return &StreamFrame{
+ Data: make([]byte, 0, protocol.MaxPacketBufferSize),
+ fromPool: true,
+ }
+ }
+}
+
+func GetStreamFrame() *StreamFrame {
+ f := pool.Get().(*StreamFrame)
+ return f
+}
+
+func putStreamFrame(f *StreamFrame) {
+ if !f.fromPool {
+ return
+ }
+ if protocol.ByteCount(cap(f.Data)) != protocol.MaxPacketBufferSize {
+ panic("wire.PutStreamFrame called with packet of wrong size!")
+ }
+ pool.Put(f)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/reset_stream_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/reset_stream_frame.go
new file mode 100644
index 00000000..69bbc2b9
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/reset_stream_frame.go
@@ -0,0 +1,58 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A ResetStreamFrame is a RESET_STREAM frame in QUIC
+type ResetStreamFrame struct {
+ StreamID protocol.StreamID
+ ErrorCode qerr.StreamErrorCode
+ FinalSize protocol.ByteCount
+}
+
+func parseResetStreamFrame(r *bytes.Reader, _ protocol.VersionNumber) (*ResetStreamFrame, error) {
+ if _, err := r.ReadByte(); err != nil { // read the TypeByte
+ return nil, err
+ }
+
+ var streamID protocol.StreamID
+ var byteOffset protocol.ByteCount
+ sid, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ streamID = protocol.StreamID(sid)
+ errorCode, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ bo, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ byteOffset = protocol.ByteCount(bo)
+
+ return &ResetStreamFrame{
+ StreamID: streamID,
+ ErrorCode: qerr.StreamErrorCode(errorCode),
+ FinalSize: byteOffset,
+ }, nil
+}
+
+func (f *ResetStreamFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x4)
+ quicvarint.Write(b, uint64(f.StreamID))
+ quicvarint.Write(b, uint64(f.ErrorCode))
+ quicvarint.Write(b, uint64(f.FinalSize))
+ return nil
+}
+
+// Length of a written frame
+func (f *ResetStreamFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.StreamID)) + quicvarint.Len(uint64(f.ErrorCode)) + quicvarint.Len(uint64(f.FinalSize))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/retire_connection_id_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/retire_connection_id_frame.go
new file mode 100644
index 00000000..0f7e58c8
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/retire_connection_id_frame.go
@@ -0,0 +1,36 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A RetireConnectionIDFrame is a RETIRE_CONNECTION_ID frame
+type RetireConnectionIDFrame struct {
+ SequenceNumber uint64
+}
+
+func parseRetireConnectionIDFrame(r *bytes.Reader, _ protocol.VersionNumber) (*RetireConnectionIDFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ seq, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ return &RetireConnectionIDFrame{SequenceNumber: seq}, nil
+}
+
+func (f *RetireConnectionIDFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x19)
+ quicvarint.Write(b, f.SequenceNumber)
+ return nil
+}
+
+// Length of a written frame
+func (f *RetireConnectionIDFrame) Length(protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(f.SequenceNumber)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/stop_sending_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stop_sending_frame.go
new file mode 100644
index 00000000..fb1160c1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stop_sending_frame.go
@@ -0,0 +1,48 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A StopSendingFrame is a STOP_SENDING frame
+type StopSendingFrame struct {
+ StreamID protocol.StreamID
+ ErrorCode qerr.StreamErrorCode
+}
+
+// parseStopSendingFrame parses a STOP_SENDING frame
+func parseStopSendingFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StopSendingFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ streamID, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ errorCode, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+
+ return &StopSendingFrame{
+ StreamID: protocol.StreamID(streamID),
+ ErrorCode: qerr.StreamErrorCode(errorCode),
+ }, nil
+}
+
+// Length of a written frame
+func (f *StopSendingFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.StreamID)) + quicvarint.Len(uint64(f.ErrorCode))
+}
+
+func (f *StopSendingFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ b.WriteByte(0x5)
+ quicvarint.Write(b, uint64(f.StreamID))
+ quicvarint.Write(b, uint64(f.ErrorCode))
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_data_blocked_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_data_blocked_frame.go
new file mode 100644
index 00000000..dc6d631a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_data_blocked_frame.go
@@ -0,0 +1,46 @@
+package wire
+
+import (
+ "bytes"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A StreamDataBlockedFrame is a STREAM_DATA_BLOCKED frame
+type StreamDataBlockedFrame struct {
+ StreamID protocol.StreamID
+ MaximumStreamData protocol.ByteCount
+}
+
+func parseStreamDataBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamDataBlockedFrame, error) {
+ if _, err := r.ReadByte(); err != nil {
+ return nil, err
+ }
+
+ sid, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ offset, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+
+ return &StreamDataBlockedFrame{
+ StreamID: protocol.StreamID(sid),
+ MaximumStreamData: protocol.ByteCount(offset),
+ }, nil
+}
+
+func (f *StreamDataBlockedFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ b.WriteByte(0x15)
+ quicvarint.Write(b, uint64(f.StreamID))
+ quicvarint.Write(b, uint64(f.MaximumStreamData))
+ return nil
+}
+
+// Length of a written frame
+func (f *StreamDataBlockedFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.StreamID)) + quicvarint.Len(uint64(f.MaximumStreamData))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_frame.go
new file mode 100644
index 00000000..66340d16
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/stream_frame.go
@@ -0,0 +1,189 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A StreamFrame of QUIC
+type StreamFrame struct {
+ StreamID protocol.StreamID
+ Offset protocol.ByteCount
+ Data []byte
+ Fin bool
+ DataLenPresent bool
+
+ fromPool bool
+}
+
+func parseStreamFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ hasOffset := typeByte&0x4 > 0
+ fin := typeByte&0x1 > 0
+ hasDataLen := typeByte&0x2 > 0
+
+ streamID, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ var offset uint64
+ if hasOffset {
+ offset, err = quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ var dataLen uint64
+ if hasDataLen {
+ var err error
+ dataLen, err = quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ // The rest of the packet is data
+ dataLen = uint64(r.Len())
+ }
+
+ var frame *StreamFrame
+ if dataLen < protocol.MinStreamFrameBufferSize {
+ frame = &StreamFrame{Data: make([]byte, dataLen)}
+ } else {
+ frame = GetStreamFrame()
+ // The STREAM frame can't be larger than the StreamFrame we obtained from the buffer,
+ // since those StreamFrames have a buffer length of the maximum packet size.
+ if dataLen > uint64(cap(frame.Data)) {
+ return nil, io.EOF
+ }
+ frame.Data = frame.Data[:dataLen]
+ }
+
+ frame.StreamID = protocol.StreamID(streamID)
+ frame.Offset = protocol.ByteCount(offset)
+ frame.Fin = fin
+ frame.DataLenPresent = hasDataLen
+
+ if dataLen != 0 {
+ if _, err := io.ReadFull(r, frame.Data); err != nil {
+ return nil, err
+ }
+ }
+ if frame.Offset+frame.DataLen() > protocol.MaxByteCount {
+ return nil, errors.New("stream data overflows maximum offset")
+ }
+ return frame, nil
+}
+
+// Write writes a STREAM frame
+func (f *StreamFrame) Write(b *bytes.Buffer, version protocol.VersionNumber) error {
+ if len(f.Data) == 0 && !f.Fin {
+ return errors.New("StreamFrame: attempting to write empty frame without FIN")
+ }
+
+ typeByte := byte(0x8)
+ if f.Fin {
+ typeByte ^= 0x1
+ }
+ hasOffset := f.Offset != 0
+ if f.DataLenPresent {
+ typeByte ^= 0x2
+ }
+ if hasOffset {
+ typeByte ^= 0x4
+ }
+ b.WriteByte(typeByte)
+ quicvarint.Write(b, uint64(f.StreamID))
+ if hasOffset {
+ quicvarint.Write(b, uint64(f.Offset))
+ }
+ if f.DataLenPresent {
+ quicvarint.Write(b, uint64(f.DataLen()))
+ }
+ b.Write(f.Data)
+ return nil
+}
+
+// Length returns the total length of the STREAM frame
+func (f *StreamFrame) Length(version protocol.VersionNumber) protocol.ByteCount {
+ length := 1 + quicvarint.Len(uint64(f.StreamID))
+ if f.Offset != 0 {
+ length += quicvarint.Len(uint64(f.Offset))
+ }
+ if f.DataLenPresent {
+ length += quicvarint.Len(uint64(f.DataLen()))
+ }
+ return length + f.DataLen()
+}
+
+// DataLen gives the length of data in bytes
+func (f *StreamFrame) DataLen() protocol.ByteCount {
+ return protocol.ByteCount(len(f.Data))
+}
+
+// MaxDataLen returns the maximum data length
+// If 0 is returned, writing will fail (a STREAM frame must contain at least 1 byte of data).
+func (f *StreamFrame) MaxDataLen(maxSize protocol.ByteCount, version protocol.VersionNumber) protocol.ByteCount {
+ headerLen := 1 + quicvarint.Len(uint64(f.StreamID))
+ if f.Offset != 0 {
+ headerLen += quicvarint.Len(uint64(f.Offset))
+ }
+ if f.DataLenPresent {
+ // pretend that the data size will be 1 bytes
+ // if it turns out that varint encoding the length will consume 2 bytes, we need to adjust the data length afterwards
+ headerLen++
+ }
+ if headerLen > maxSize {
+ return 0
+ }
+ maxDataLen := maxSize - headerLen
+ if f.DataLenPresent && quicvarint.Len(uint64(maxDataLen)) != 1 {
+ maxDataLen--
+ }
+ return maxDataLen
+}
+
+// MaybeSplitOffFrame splits a frame such that it is not bigger than n bytes.
+// It returns if the frame was actually split.
+// The frame might not be split if:
+// * the size is large enough to fit the whole frame
+// * the size is too small to fit even a 1-byte frame. In that case, the frame returned is nil.
+func (f *StreamFrame) MaybeSplitOffFrame(maxSize protocol.ByteCount, version protocol.VersionNumber) (*StreamFrame, bool /* was splitting required */) {
+ if maxSize >= f.Length(version) {
+ return nil, false
+ }
+
+ n := f.MaxDataLen(maxSize, version)
+ if n == 0 {
+ return nil, true
+ }
+
+ new := GetStreamFrame()
+ new.StreamID = f.StreamID
+ new.Offset = f.Offset
+ new.Fin = false
+ new.DataLenPresent = f.DataLenPresent
+
+ // swap the data slices
+ new.Data, f.Data = f.Data, new.Data
+ new.fromPool, f.fromPool = f.fromPool, new.fromPool
+
+ f.Data = f.Data[:protocol.ByteCount(len(new.Data))-n]
+ copy(f.Data, new.Data[n:])
+ new.Data = new.Data[:n]
+ f.Offset += n
+
+ return new, true
+}
+
+func (f *StreamFrame) PutBack() {
+ putStreamFrame(f)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/streams_blocked_frame.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/streams_blocked_frame.go
new file mode 100644
index 00000000..f4066071
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/streams_blocked_frame.go
@@ -0,0 +1,55 @@
+package wire
+
+import (
+ "bytes"
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+// A StreamsBlockedFrame is a STREAMS_BLOCKED frame
+type StreamsBlockedFrame struct {
+ Type protocol.StreamType
+ StreamLimit protocol.StreamNum
+}
+
+func parseStreamsBlockedFrame(r *bytes.Reader, _ protocol.VersionNumber) (*StreamsBlockedFrame, error) {
+ typeByte, err := r.ReadByte()
+ if err != nil {
+ return nil, err
+ }
+
+ f := &StreamsBlockedFrame{}
+ switch typeByte {
+ case 0x16:
+ f.Type = protocol.StreamTypeBidi
+ case 0x17:
+ f.Type = protocol.StreamTypeUni
+ }
+ streamLimit, err := quicvarint.Read(r)
+ if err != nil {
+ return nil, err
+ }
+ f.StreamLimit = protocol.StreamNum(streamLimit)
+ if f.StreamLimit > protocol.MaxStreamCount {
+ return nil, fmt.Errorf("%d exceeds the maximum stream count", f.StreamLimit)
+ }
+ return f, nil
+}
+
+func (f *StreamsBlockedFrame) Write(b *bytes.Buffer, _ protocol.VersionNumber) error {
+ switch f.Type {
+ case protocol.StreamTypeBidi:
+ b.WriteByte(0x16)
+ case protocol.StreamTypeUni:
+ b.WriteByte(0x17)
+ }
+ quicvarint.Write(b, uint64(f.StreamLimit))
+ return nil
+}
+
+// Length of a written frame
+func (f *StreamsBlockedFrame) Length(_ protocol.VersionNumber) protocol.ByteCount {
+ return 1 + quicvarint.Len(uint64(f.StreamLimit))
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/transport_parameters.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/transport_parameters.go
new file mode 100644
index 00000000..b7e0a8c9
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/transport_parameters.go
@@ -0,0 +1,476 @@
+package wire
+
+import (
+ "bytes"
+ "errors"
+ "fmt"
+ "io"
+ "math/rand"
+ "net"
+ "sort"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/quicvarint"
+)
+
+const transportParameterMarshalingVersion = 1
+
+func init() {
+ rand.Seed(time.Now().UTC().UnixNano())
+}
+
+type transportParameterID uint64
+
+const (
+ originalDestinationConnectionIDParameterID transportParameterID = 0x0
+ maxIdleTimeoutParameterID transportParameterID = 0x1
+ statelessResetTokenParameterID transportParameterID = 0x2
+ maxUDPPayloadSizeParameterID transportParameterID = 0x3
+ initialMaxDataParameterID transportParameterID = 0x4
+ initialMaxStreamDataBidiLocalParameterID transportParameterID = 0x5
+ initialMaxStreamDataBidiRemoteParameterID transportParameterID = 0x6
+ initialMaxStreamDataUniParameterID transportParameterID = 0x7
+ initialMaxStreamsBidiParameterID transportParameterID = 0x8
+ initialMaxStreamsUniParameterID transportParameterID = 0x9
+ ackDelayExponentParameterID transportParameterID = 0xa
+ maxAckDelayParameterID transportParameterID = 0xb
+ disableActiveMigrationParameterID transportParameterID = 0xc
+ preferredAddressParameterID transportParameterID = 0xd
+ activeConnectionIDLimitParameterID transportParameterID = 0xe
+ initialSourceConnectionIDParameterID transportParameterID = 0xf
+ retrySourceConnectionIDParameterID transportParameterID = 0x10
+ // https://datatracker.ietf.org/doc/draft-ietf-quic-datagram/
+ maxDatagramFrameSizeParameterID transportParameterID = 0x20
+)
+
+// PreferredAddress is the value encoding in the preferred_address transport parameter
+type PreferredAddress struct {
+ IPv4 net.IP
+ IPv4Port uint16
+ IPv6 net.IP
+ IPv6Port uint16
+ ConnectionID protocol.ConnectionID
+ StatelessResetToken protocol.StatelessResetToken
+}
+
+// TransportParameters are parameters sent to the peer during the handshake
+type TransportParameters struct {
+ InitialMaxStreamDataBidiLocal protocol.ByteCount
+ InitialMaxStreamDataBidiRemote protocol.ByteCount
+ InitialMaxStreamDataUni protocol.ByteCount
+ InitialMaxData protocol.ByteCount
+
+ MaxAckDelay time.Duration
+ AckDelayExponent uint8
+
+ DisableActiveMigration bool
+
+ MaxUDPPayloadSize protocol.ByteCount
+
+ MaxUniStreamNum protocol.StreamNum
+ MaxBidiStreamNum protocol.StreamNum
+
+ MaxIdleTimeout time.Duration
+
+ PreferredAddress *PreferredAddress
+
+ OriginalDestinationConnectionID protocol.ConnectionID
+ InitialSourceConnectionID protocol.ConnectionID
+ RetrySourceConnectionID *protocol.ConnectionID // use a pointer here to distinguish zero-length connection IDs from missing transport parameters
+
+ StatelessResetToken *protocol.StatelessResetToken
+ ActiveConnectionIDLimit uint64
+
+ MaxDatagramFrameSize protocol.ByteCount
+}
+
+// Unmarshal the transport parameters
+func (p *TransportParameters) Unmarshal(data []byte, sentBy protocol.Perspective) error {
+ if err := p.unmarshal(bytes.NewReader(data), sentBy, false); err != nil {
+ return &qerr.TransportError{
+ ErrorCode: qerr.TransportParameterError,
+ ErrorMessage: err.Error(),
+ }
+ }
+ return nil
+}
+
+func (p *TransportParameters) unmarshal(r *bytes.Reader, sentBy protocol.Perspective, fromSessionTicket bool) error {
+ // needed to check that every parameter is only sent at most once
+ var parameterIDs []transportParameterID
+
+ var (
+ readOriginalDestinationConnectionID bool
+ readInitialSourceConnectionID bool
+ )
+
+ p.AckDelayExponent = protocol.DefaultAckDelayExponent
+ p.MaxAckDelay = protocol.DefaultMaxAckDelay
+ p.MaxDatagramFrameSize = protocol.InvalidByteCount
+
+ for r.Len() > 0 {
+ paramIDInt, err := quicvarint.Read(r)
+ if err != nil {
+ return err
+ }
+ paramID := transportParameterID(paramIDInt)
+ paramLen, err := quicvarint.Read(r)
+ if err != nil {
+ return err
+ }
+ if uint64(r.Len()) < paramLen {
+ return fmt.Errorf("remaining length (%d) smaller than parameter length (%d)", r.Len(), paramLen)
+ }
+ parameterIDs = append(parameterIDs, paramID)
+ switch paramID {
+ case maxIdleTimeoutParameterID,
+ maxUDPPayloadSizeParameterID,
+ initialMaxDataParameterID,
+ initialMaxStreamDataBidiLocalParameterID,
+ initialMaxStreamDataBidiRemoteParameterID,
+ initialMaxStreamDataUniParameterID,
+ initialMaxStreamsBidiParameterID,
+ initialMaxStreamsUniParameterID,
+ maxAckDelayParameterID,
+ activeConnectionIDLimitParameterID,
+ maxDatagramFrameSizeParameterID,
+ ackDelayExponentParameterID:
+ if err := p.readNumericTransportParameter(r, paramID, int(paramLen)); err != nil {
+ return err
+ }
+ case preferredAddressParameterID:
+ if sentBy == protocol.PerspectiveClient {
+ return errors.New("client sent a preferred_address")
+ }
+ if err := p.readPreferredAddress(r, int(paramLen)); err != nil {
+ return err
+ }
+ case disableActiveMigrationParameterID:
+ if paramLen != 0 {
+ return fmt.Errorf("wrong length for disable_active_migration: %d (expected empty)", paramLen)
+ }
+ p.DisableActiveMigration = true
+ case statelessResetTokenParameterID:
+ if sentBy == protocol.PerspectiveClient {
+ return errors.New("client sent a stateless_reset_token")
+ }
+ if paramLen != 16 {
+ return fmt.Errorf("wrong length for stateless_reset_token: %d (expected 16)", paramLen)
+ }
+ var token protocol.StatelessResetToken
+ r.Read(token[:])
+ p.StatelessResetToken = &token
+ case originalDestinationConnectionIDParameterID:
+ if sentBy == protocol.PerspectiveClient {
+ return errors.New("client sent an original_destination_connection_id")
+ }
+ p.OriginalDestinationConnectionID, _ = protocol.ReadConnectionID(r, int(paramLen))
+ readOriginalDestinationConnectionID = true
+ case initialSourceConnectionIDParameterID:
+ p.InitialSourceConnectionID, _ = protocol.ReadConnectionID(r, int(paramLen))
+ readInitialSourceConnectionID = true
+ case retrySourceConnectionIDParameterID:
+ if sentBy == protocol.PerspectiveClient {
+ return errors.New("client sent a retry_source_connection_id")
+ }
+ connID, _ := protocol.ReadConnectionID(r, int(paramLen))
+ p.RetrySourceConnectionID = &connID
+ default:
+ r.Seek(int64(paramLen), io.SeekCurrent)
+ }
+ }
+
+ if !fromSessionTicket {
+ if sentBy == protocol.PerspectiveServer && !readOriginalDestinationConnectionID {
+ return errors.New("missing original_destination_connection_id")
+ }
+ if p.MaxUDPPayloadSize == 0 {
+ p.MaxUDPPayloadSize = protocol.MaxByteCount
+ }
+ if !readInitialSourceConnectionID {
+ return errors.New("missing initial_source_connection_id")
+ }
+ }
+
+ // check that every transport parameter was sent at most once
+ sort.Slice(parameterIDs, func(i, j int) bool { return parameterIDs[i] < parameterIDs[j] })
+ for i := 0; i < len(parameterIDs)-1; i++ {
+ if parameterIDs[i] == parameterIDs[i+1] {
+ return fmt.Errorf("received duplicate transport parameter %#x", parameterIDs[i])
+ }
+ }
+
+ return nil
+}
+
+func (p *TransportParameters) readPreferredAddress(r *bytes.Reader, expectedLen int) error {
+ remainingLen := r.Len()
+ pa := &PreferredAddress{}
+ ipv4 := make([]byte, 4)
+ if _, err := io.ReadFull(r, ipv4); err != nil {
+ return err
+ }
+ pa.IPv4 = net.IP(ipv4)
+ port, err := utils.BigEndian.ReadUint16(r)
+ if err != nil {
+ return err
+ }
+ pa.IPv4Port = port
+ ipv6 := make([]byte, 16)
+ if _, err := io.ReadFull(r, ipv6); err != nil {
+ return err
+ }
+ pa.IPv6 = net.IP(ipv6)
+ port, err = utils.BigEndian.ReadUint16(r)
+ if err != nil {
+ return err
+ }
+ pa.IPv6Port = port
+ connIDLen, err := r.ReadByte()
+ if err != nil {
+ return err
+ }
+ if connIDLen == 0 || connIDLen > protocol.MaxConnIDLen {
+ return fmt.Errorf("invalid connection ID length: %d", connIDLen)
+ }
+ connID, err := protocol.ReadConnectionID(r, int(connIDLen))
+ if err != nil {
+ return err
+ }
+ pa.ConnectionID = connID
+ if _, err := io.ReadFull(r, pa.StatelessResetToken[:]); err != nil {
+ return err
+ }
+ if bytesRead := remainingLen - r.Len(); bytesRead != expectedLen {
+ return fmt.Errorf("expected preferred_address to be %d long, read %d bytes", expectedLen, bytesRead)
+ }
+ p.PreferredAddress = pa
+ return nil
+}
+
+func (p *TransportParameters) readNumericTransportParameter(
+ r *bytes.Reader,
+ paramID transportParameterID,
+ expectedLen int,
+) error {
+ remainingLen := r.Len()
+ val, err := quicvarint.Read(r)
+ if err != nil {
+ return fmt.Errorf("error while reading transport parameter %d: %s", paramID, err)
+ }
+ if remainingLen-r.Len() != expectedLen {
+ return fmt.Errorf("inconsistent transport parameter length for transport parameter %#x", paramID)
+ }
+ //nolint:exhaustive // This only covers the numeric transport parameters.
+ switch paramID {
+ case initialMaxStreamDataBidiLocalParameterID:
+ p.InitialMaxStreamDataBidiLocal = protocol.ByteCount(val)
+ case initialMaxStreamDataBidiRemoteParameterID:
+ p.InitialMaxStreamDataBidiRemote = protocol.ByteCount(val)
+ case initialMaxStreamDataUniParameterID:
+ p.InitialMaxStreamDataUni = protocol.ByteCount(val)
+ case initialMaxDataParameterID:
+ p.InitialMaxData = protocol.ByteCount(val)
+ case initialMaxStreamsBidiParameterID:
+ p.MaxBidiStreamNum = protocol.StreamNum(val)
+ if p.MaxBidiStreamNum > protocol.MaxStreamCount {
+ return fmt.Errorf("initial_max_streams_bidi too large: %d (maximum %d)", p.MaxBidiStreamNum, protocol.MaxStreamCount)
+ }
+ case initialMaxStreamsUniParameterID:
+ p.MaxUniStreamNum = protocol.StreamNum(val)
+ if p.MaxUniStreamNum > protocol.MaxStreamCount {
+ return fmt.Errorf("initial_max_streams_uni too large: %d (maximum %d)", p.MaxUniStreamNum, protocol.MaxStreamCount)
+ }
+ case maxIdleTimeoutParameterID:
+ p.MaxIdleTimeout = utils.MaxDuration(protocol.MinRemoteIdleTimeout, time.Duration(val)*time.Millisecond)
+ case maxUDPPayloadSizeParameterID:
+ if val < 1200 {
+ return fmt.Errorf("invalid value for max_packet_size: %d (minimum 1200)", val)
+ }
+ p.MaxUDPPayloadSize = protocol.ByteCount(val)
+ case ackDelayExponentParameterID:
+ if val > protocol.MaxAckDelayExponent {
+ return fmt.Errorf("invalid value for ack_delay_exponent: %d (maximum %d)", val, protocol.MaxAckDelayExponent)
+ }
+ p.AckDelayExponent = uint8(val)
+ case maxAckDelayParameterID:
+ if val > uint64(protocol.MaxMaxAckDelay/time.Millisecond) {
+ return fmt.Errorf("invalid value for max_ack_delay: %dms (maximum %dms)", val, protocol.MaxMaxAckDelay/time.Millisecond)
+ }
+ p.MaxAckDelay = time.Duration(val) * time.Millisecond
+ case activeConnectionIDLimitParameterID:
+ p.ActiveConnectionIDLimit = val
+ case maxDatagramFrameSizeParameterID:
+ p.MaxDatagramFrameSize = protocol.ByteCount(val)
+ default:
+ return fmt.Errorf("TransportParameter BUG: transport parameter %d not found", paramID)
+ }
+ return nil
+}
+
+// Marshal the transport parameters
+func (p *TransportParameters) Marshal(pers protocol.Perspective) []byte {
+ b := &bytes.Buffer{}
+
+ // add a greased value
+ quicvarint.Write(b, uint64(27+31*rand.Intn(100)))
+ length := rand.Intn(16)
+ randomData := make([]byte, length)
+ rand.Read(randomData)
+ quicvarint.Write(b, uint64(length))
+ b.Write(randomData)
+
+ // initial_max_stream_data_bidi_local
+ p.marshalVarintParam(b, initialMaxStreamDataBidiLocalParameterID, uint64(p.InitialMaxStreamDataBidiLocal))
+ // initial_max_stream_data_bidi_remote
+ p.marshalVarintParam(b, initialMaxStreamDataBidiRemoteParameterID, uint64(p.InitialMaxStreamDataBidiRemote))
+ // initial_max_stream_data_uni
+ p.marshalVarintParam(b, initialMaxStreamDataUniParameterID, uint64(p.InitialMaxStreamDataUni))
+ // initial_max_data
+ p.marshalVarintParam(b, initialMaxDataParameterID, uint64(p.InitialMaxData))
+ // initial_max_bidi_streams
+ p.marshalVarintParam(b, initialMaxStreamsBidiParameterID, uint64(p.MaxBidiStreamNum))
+ // initial_max_uni_streams
+ p.marshalVarintParam(b, initialMaxStreamsUniParameterID, uint64(p.MaxUniStreamNum))
+ // idle_timeout
+ p.marshalVarintParam(b, maxIdleTimeoutParameterID, uint64(p.MaxIdleTimeout/time.Millisecond))
+ // max_packet_size
+ p.marshalVarintParam(b, maxUDPPayloadSizeParameterID, uint64(protocol.MaxPacketBufferSize))
+ // max_ack_delay
+ // Only send it if is different from the default value.
+ if p.MaxAckDelay != protocol.DefaultMaxAckDelay {
+ p.marshalVarintParam(b, maxAckDelayParameterID, uint64(p.MaxAckDelay/time.Millisecond))
+ }
+ // ack_delay_exponent
+ // Only send it if is different from the default value.
+ if p.AckDelayExponent != protocol.DefaultAckDelayExponent {
+ p.marshalVarintParam(b, ackDelayExponentParameterID, uint64(p.AckDelayExponent))
+ }
+ // disable_active_migration
+ if p.DisableActiveMigration {
+ quicvarint.Write(b, uint64(disableActiveMigrationParameterID))
+ quicvarint.Write(b, 0)
+ }
+ if pers == protocol.PerspectiveServer {
+ // stateless_reset_token
+ if p.StatelessResetToken != nil {
+ quicvarint.Write(b, uint64(statelessResetTokenParameterID))
+ quicvarint.Write(b, 16)
+ b.Write(p.StatelessResetToken[:])
+ }
+ // original_destination_connection_id
+ quicvarint.Write(b, uint64(originalDestinationConnectionIDParameterID))
+ quicvarint.Write(b, uint64(p.OriginalDestinationConnectionID.Len()))
+ b.Write(p.OriginalDestinationConnectionID.Bytes())
+ // preferred_address
+ if p.PreferredAddress != nil {
+ quicvarint.Write(b, uint64(preferredAddressParameterID))
+ quicvarint.Write(b, 4+2+16+2+1+uint64(p.PreferredAddress.ConnectionID.Len())+16)
+ ipv4 := p.PreferredAddress.IPv4
+ b.Write(ipv4[len(ipv4)-4:])
+ utils.BigEndian.WriteUint16(b, p.PreferredAddress.IPv4Port)
+ b.Write(p.PreferredAddress.IPv6)
+ utils.BigEndian.WriteUint16(b, p.PreferredAddress.IPv6Port)
+ b.WriteByte(uint8(p.PreferredAddress.ConnectionID.Len()))
+ b.Write(p.PreferredAddress.ConnectionID.Bytes())
+ b.Write(p.PreferredAddress.StatelessResetToken[:])
+ }
+ }
+ // active_connection_id_limit
+ p.marshalVarintParam(b, activeConnectionIDLimitParameterID, p.ActiveConnectionIDLimit)
+ // initial_source_connection_id
+ quicvarint.Write(b, uint64(initialSourceConnectionIDParameterID))
+ quicvarint.Write(b, uint64(p.InitialSourceConnectionID.Len()))
+ b.Write(p.InitialSourceConnectionID.Bytes())
+ // retry_source_connection_id
+ if pers == protocol.PerspectiveServer && p.RetrySourceConnectionID != nil {
+ quicvarint.Write(b, uint64(retrySourceConnectionIDParameterID))
+ quicvarint.Write(b, uint64(p.RetrySourceConnectionID.Len()))
+ b.Write(p.RetrySourceConnectionID.Bytes())
+ }
+ if p.MaxDatagramFrameSize != protocol.InvalidByteCount {
+ p.marshalVarintParam(b, maxDatagramFrameSizeParameterID, uint64(p.MaxDatagramFrameSize))
+ }
+ return b.Bytes()
+}
+
+func (p *TransportParameters) marshalVarintParam(b *bytes.Buffer, id transportParameterID, val uint64) {
+ quicvarint.Write(b, uint64(id))
+ quicvarint.Write(b, uint64(quicvarint.Len(val)))
+ quicvarint.Write(b, val)
+}
+
+// MarshalForSessionTicket marshals the transport parameters we save in the session ticket.
+// When sending a 0-RTT enabled TLS session tickets, we need to save the transport parameters.
+// The client will remember the transport parameters used in the last session,
+// and apply those to the 0-RTT data it sends.
+// Saving the transport parameters in the ticket gives the server the option to reject 0-RTT
+// if the transport parameters changed.
+// Since the session ticket is encrypted, the serialization format is defined by the server.
+// For convenience, we use the same format that we also use for sending the transport parameters.
+func (p *TransportParameters) MarshalForSessionTicket(b *bytes.Buffer) {
+ quicvarint.Write(b, transportParameterMarshalingVersion)
+
+ // initial_max_stream_data_bidi_local
+ p.marshalVarintParam(b, initialMaxStreamDataBidiLocalParameterID, uint64(p.InitialMaxStreamDataBidiLocal))
+ // initial_max_stream_data_bidi_remote
+ p.marshalVarintParam(b, initialMaxStreamDataBidiRemoteParameterID, uint64(p.InitialMaxStreamDataBidiRemote))
+ // initial_max_stream_data_uni
+ p.marshalVarintParam(b, initialMaxStreamDataUniParameterID, uint64(p.InitialMaxStreamDataUni))
+ // initial_max_data
+ p.marshalVarintParam(b, initialMaxDataParameterID, uint64(p.InitialMaxData))
+ // initial_max_bidi_streams
+ p.marshalVarintParam(b, initialMaxStreamsBidiParameterID, uint64(p.MaxBidiStreamNum))
+ // initial_max_uni_streams
+ p.marshalVarintParam(b, initialMaxStreamsUniParameterID, uint64(p.MaxUniStreamNum))
+ // active_connection_id_limit
+ p.marshalVarintParam(b, activeConnectionIDLimitParameterID, p.ActiveConnectionIDLimit)
+}
+
+// UnmarshalFromSessionTicket unmarshals transport parameters from a session ticket.
+func (p *TransportParameters) UnmarshalFromSessionTicket(r *bytes.Reader) error {
+ version, err := quicvarint.Read(r)
+ if err != nil {
+ return err
+ }
+ if version != transportParameterMarshalingVersion {
+ return fmt.Errorf("unknown transport parameter marshaling version: %d", version)
+ }
+ return p.unmarshal(r, protocol.PerspectiveServer, true)
+}
+
+// ValidFor0RTT checks if the transport parameters match those saved in the session ticket.
+func (p *TransportParameters) ValidFor0RTT(saved *TransportParameters) bool {
+ return p.InitialMaxStreamDataBidiLocal >= saved.InitialMaxStreamDataBidiLocal &&
+ p.InitialMaxStreamDataBidiRemote >= saved.InitialMaxStreamDataBidiRemote &&
+ p.InitialMaxStreamDataUni >= saved.InitialMaxStreamDataUni &&
+ p.InitialMaxData >= saved.InitialMaxData &&
+ p.MaxBidiStreamNum >= saved.MaxBidiStreamNum &&
+ p.MaxUniStreamNum >= saved.MaxUniStreamNum &&
+ p.ActiveConnectionIDLimit == saved.ActiveConnectionIDLimit
+}
+
+// String returns a string representation, intended for logging.
+func (p *TransportParameters) String() string {
+ logString := "&wire.TransportParameters{OriginalDestinationConnectionID: %s, InitialSourceConnectionID: %s, "
+ logParams := []interface{}{p.OriginalDestinationConnectionID, p.InitialSourceConnectionID}
+ if p.RetrySourceConnectionID != nil {
+ logString += "RetrySourceConnectionID: %s, "
+ logParams = append(logParams, p.RetrySourceConnectionID)
+ }
+ logString += "InitialMaxStreamDataBidiLocal: %d, InitialMaxStreamDataBidiRemote: %d, InitialMaxStreamDataUni: %d, InitialMaxData: %d, MaxBidiStreamNum: %d, MaxUniStreamNum: %d, MaxIdleTimeout: %s, AckDelayExponent: %d, MaxAckDelay: %s, ActiveConnectionIDLimit: %d"
+ logParams = append(logParams, []interface{}{p.InitialMaxStreamDataBidiLocal, p.InitialMaxStreamDataBidiRemote, p.InitialMaxStreamDataUni, p.InitialMaxData, p.MaxBidiStreamNum, p.MaxUniStreamNum, p.MaxIdleTimeout, p.AckDelayExponent, p.MaxAckDelay, p.ActiveConnectionIDLimit}...)
+ if p.StatelessResetToken != nil { // the client never sends a stateless reset token
+ logString += ", StatelessResetToken: %#x"
+ logParams = append(logParams, *p.StatelessResetToken)
+ }
+ if p.MaxDatagramFrameSize != protocol.InvalidByteCount {
+ logString += ", MaxDatagramFrameSize: %d"
+ logParams = append(logParams, p.MaxDatagramFrameSize)
+ }
+ logString += "}"
+ return fmt.Sprintf(logString, logParams...)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/internal/wire/version_negotiation.go b/vendor/github.com/lucas-clemente/quic-go/internal/wire/version_negotiation.go
new file mode 100644
index 00000000..bcae87d1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/internal/wire/version_negotiation.go
@@ -0,0 +1,54 @@
+package wire
+
+import (
+ "bytes"
+ "crypto/rand"
+ "errors"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+// ParseVersionNegotiationPacket parses a Version Negotiation packet.
+func ParseVersionNegotiationPacket(b *bytes.Reader) (*Header, []protocol.VersionNumber, error) {
+ hdr, err := parseHeader(b, 0)
+ if err != nil {
+ return nil, nil, err
+ }
+ if b.Len() == 0 {
+ //nolint:stylecheck
+ return nil, nil, errors.New("Version Negotiation packet has empty version list")
+ }
+ if b.Len()%4 != 0 {
+ //nolint:stylecheck
+ return nil, nil, errors.New("Version Negotiation packet has a version list with an invalid length")
+ }
+ versions := make([]protocol.VersionNumber, b.Len()/4)
+ for i := 0; b.Len() > 0; i++ {
+ v, err := utils.BigEndian.ReadUint32(b)
+ if err != nil {
+ return nil, nil, err
+ }
+ versions[i] = protocol.VersionNumber(v)
+ }
+ return hdr, versions, nil
+}
+
+// ComposeVersionNegotiation composes a Version Negotiation
+func ComposeVersionNegotiation(destConnID, srcConnID protocol.ConnectionID, versions []protocol.VersionNumber) ([]byte, error) {
+ greasedVersions := protocol.GetGreasedVersions(versions)
+ expectedLen := 1 /* type byte */ + 4 /* version field */ + 1 /* dest connection ID length field */ + destConnID.Len() + 1 /* src connection ID length field */ + srcConnID.Len() + len(greasedVersions)*4
+ buf := bytes.NewBuffer(make([]byte, 0, expectedLen))
+ r := make([]byte, 1)
+ _, _ = rand.Read(r) // ignore the error here. It is not critical to have perfect random here.
+ buf.WriteByte(r[0] | 0x80)
+ utils.BigEndian.WriteUint32(buf, 0) // version 0
+ buf.WriteByte(uint8(destConnID.Len()))
+ buf.Write(destConnID)
+ buf.WriteByte(uint8(srcConnID.Len()))
+ buf.Write(srcConnID)
+ for _, v := range greasedVersions {
+ utils.BigEndian.WriteUint32(buf, uint32(v))
+ }
+ return buf.Bytes(), nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/frame.go b/vendor/github.com/lucas-clemente/quic-go/logging/frame.go
new file mode 100644
index 00000000..75705092
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/frame.go
@@ -0,0 +1,66 @@
+package logging
+
+import "github.com/lucas-clemente/quic-go/internal/wire"
+
+// A Frame is a QUIC frame
+type Frame interface{}
+
+// The AckRange is used within the AckFrame.
+// It is a range of packet numbers that is being acknowledged.
+type AckRange = wire.AckRange
+
+type (
+ // An AckFrame is an ACK frame.
+ AckFrame = wire.AckFrame
+ // A ConnectionCloseFrame is a CONNECTION_CLOSE frame.
+ ConnectionCloseFrame = wire.ConnectionCloseFrame
+ // A DataBlockedFrame is a DATA_BLOCKED frame.
+ DataBlockedFrame = wire.DataBlockedFrame
+ // A HandshakeDoneFrame is a HANDSHAKE_DONE frame.
+ HandshakeDoneFrame = wire.HandshakeDoneFrame
+ // A MaxDataFrame is a MAX_DATA frame.
+ MaxDataFrame = wire.MaxDataFrame
+ // A MaxStreamDataFrame is a MAX_STREAM_DATA frame.
+ MaxStreamDataFrame = wire.MaxStreamDataFrame
+ // A MaxStreamsFrame is a MAX_STREAMS_FRAME.
+ MaxStreamsFrame = wire.MaxStreamsFrame
+ // A NewConnectionIDFrame is a NEW_CONNECTION_ID frame.
+ NewConnectionIDFrame = wire.NewConnectionIDFrame
+ // A NewTokenFrame is a NEW_TOKEN frame.
+ NewTokenFrame = wire.NewTokenFrame
+ // A PathChallengeFrame is a PATH_CHALLENGE frame.
+ PathChallengeFrame = wire.PathChallengeFrame
+ // A PathResponseFrame is a PATH_RESPONSE frame.
+ PathResponseFrame = wire.PathResponseFrame
+ // A PingFrame is a PING frame.
+ PingFrame = wire.PingFrame
+ // A ResetStreamFrame is a RESET_STREAM frame.
+ ResetStreamFrame = wire.ResetStreamFrame
+ // A RetireConnectionIDFrame is a RETIRE_CONNECTION_ID frame.
+ RetireConnectionIDFrame = wire.RetireConnectionIDFrame
+ // A StopSendingFrame is a STOP_SENDING frame.
+ StopSendingFrame = wire.StopSendingFrame
+ // A StreamsBlockedFrame is a STREAMS_BLOCKED frame.
+ StreamsBlockedFrame = wire.StreamsBlockedFrame
+ // A StreamDataBlockedFrame is a STREAM_DATA_BLOCKED frame.
+ StreamDataBlockedFrame = wire.StreamDataBlockedFrame
+)
+
+// A CryptoFrame is a CRYPTO frame.
+type CryptoFrame struct {
+ Offset ByteCount
+ Length ByteCount
+}
+
+// A StreamFrame is a STREAM frame.
+type StreamFrame struct {
+ StreamID StreamID
+ Offset ByteCount
+ Length ByteCount
+ Fin bool
+}
+
+// A DatagramFrame is a DATAGRAM frame.
+type DatagramFrame struct {
+ Length ByteCount
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/interface.go b/vendor/github.com/lucas-clemente/quic-go/logging/interface.go
new file mode 100644
index 00000000..f71d68f7
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/interface.go
@@ -0,0 +1,134 @@
+// Package logging defines a logging interface for quic-go.
+// This package should not be considered stable
+package logging
+
+import (
+ "context"
+ "net"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/utils"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type (
+ // A ByteCount is used to count bytes.
+ ByteCount = protocol.ByteCount
+ // A ConnectionID is a QUIC Connection ID.
+ ConnectionID = protocol.ConnectionID
+ // The EncryptionLevel is the encryption level of a packet.
+ EncryptionLevel = protocol.EncryptionLevel
+ // The KeyPhase is the key phase of the 1-RTT keys.
+ KeyPhase = protocol.KeyPhase
+ // The KeyPhaseBit is the value of the key phase bit of the 1-RTT packets.
+ KeyPhaseBit = protocol.KeyPhaseBit
+ // The PacketNumber is the packet number of a packet.
+ PacketNumber = protocol.PacketNumber
+ // The Perspective is the role of a QUIC endpoint (client or server).
+ Perspective = protocol.Perspective
+ // A StatelessResetToken is a stateless reset token.
+ StatelessResetToken = protocol.StatelessResetToken
+ // The StreamID is the stream ID.
+ StreamID = protocol.StreamID
+ // The StreamNum is the number of the stream.
+ StreamNum = protocol.StreamNum
+ // The StreamType is the type of the stream (unidirectional or bidirectional).
+ StreamType = protocol.StreamType
+ // The VersionNumber is the QUIC version.
+ VersionNumber = protocol.VersionNumber
+
+ // The Header is the QUIC packet header, before removing header protection.
+ Header = wire.Header
+ // The ExtendedHeader is the QUIC packet header, after removing header protection.
+ ExtendedHeader = wire.ExtendedHeader
+ // The TransportParameters are QUIC transport parameters.
+ TransportParameters = wire.TransportParameters
+ // The PreferredAddress is the preferred address sent in the transport parameters.
+ PreferredAddress = wire.PreferredAddress
+
+ // A TransportError is a transport-level error code.
+ TransportError = qerr.TransportErrorCode
+ // An ApplicationError is an application-defined error code.
+ ApplicationError = qerr.TransportErrorCode
+
+ // The RTTStats contain statistics used by the congestion controller.
+ RTTStats = utils.RTTStats
+)
+
+const (
+ // KeyPhaseZero is key phase bit 0
+ KeyPhaseZero KeyPhaseBit = protocol.KeyPhaseZero
+ // KeyPhaseOne is key phase bit 1
+ KeyPhaseOne KeyPhaseBit = protocol.KeyPhaseOne
+)
+
+const (
+ // PerspectiveServer is used for a QUIC server
+ PerspectiveServer Perspective = protocol.PerspectiveServer
+ // PerspectiveClient is used for a QUIC client
+ PerspectiveClient Perspective = protocol.PerspectiveClient
+)
+
+const (
+ // EncryptionInitial is the Initial encryption level
+ EncryptionInitial EncryptionLevel = protocol.EncryptionInitial
+ // EncryptionHandshake is the Handshake encryption level
+ EncryptionHandshake EncryptionLevel = protocol.EncryptionHandshake
+ // Encryption1RTT is the 1-RTT encryption level
+ Encryption1RTT EncryptionLevel = protocol.Encryption1RTT
+ // Encryption0RTT is the 0-RTT encryption level
+ Encryption0RTT EncryptionLevel = protocol.Encryption0RTT
+)
+
+const (
+ // StreamTypeUni is a unidirectional stream
+ StreamTypeUni = protocol.StreamTypeUni
+ // StreamTypeBidi is a bidirectional stream
+ StreamTypeBidi = protocol.StreamTypeBidi
+)
+
+// A Tracer traces events.
+type Tracer interface {
+ // TracerForConnection requests a new tracer for a connection.
+ // The ODCID is the original destination connection ID:
+ // The destination connection ID that the client used on the first Initial packet it sent on this connection.
+ // If nil is returned, tracing will be disabled for this connection.
+ TracerForConnection(ctx context.Context, p Perspective, odcid ConnectionID) ConnectionTracer
+
+ SentPacket(net.Addr, *Header, ByteCount, []Frame)
+ DroppedPacket(net.Addr, PacketType, ByteCount, PacketDropReason)
+}
+
+// A ConnectionTracer records events.
+type ConnectionTracer interface {
+ StartedConnection(local, remote net.Addr, srcConnID, destConnID ConnectionID)
+ NegotiatedVersion(chosen VersionNumber, clientVersions, serverVersions []VersionNumber)
+ ClosedConnection(error)
+ SentTransportParameters(*TransportParameters)
+ ReceivedTransportParameters(*TransportParameters)
+ RestoredTransportParameters(parameters *TransportParameters) // for 0-RTT
+ SentPacket(hdr *ExtendedHeader, size ByteCount, ack *AckFrame, frames []Frame)
+ ReceivedVersionNegotiationPacket(*Header, []VersionNumber)
+ ReceivedRetry(*Header)
+ ReceivedPacket(hdr *ExtendedHeader, size ByteCount, frames []Frame)
+ BufferedPacket(PacketType)
+ DroppedPacket(PacketType, ByteCount, PacketDropReason)
+ UpdatedMetrics(rttStats *RTTStats, cwnd, bytesInFlight ByteCount, packetsInFlight int)
+ AcknowledgedPacket(EncryptionLevel, PacketNumber)
+ LostPacket(EncryptionLevel, PacketNumber, PacketLossReason)
+ UpdatedCongestionState(CongestionState)
+ UpdatedPTOCount(value uint32)
+ UpdatedKeyFromTLS(EncryptionLevel, Perspective)
+ UpdatedKey(generation KeyPhase, remote bool)
+ DroppedEncryptionLevel(EncryptionLevel)
+ DroppedKey(generation KeyPhase)
+ SetLossTimer(TimerType, EncryptionLevel, time.Time)
+ LossTimerExpired(TimerType, EncryptionLevel)
+ LossTimerCanceled()
+ // Close is called when the connection is closed.
+ Close()
+ Debug(name, msg string)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/mockgen.go b/vendor/github.com/lucas-clemente/quic-go/logging/mockgen.go
new file mode 100644
index 00000000..1bd6d6c1
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/mockgen.go
@@ -0,0 +1,4 @@
+package logging
+
+//go:generate sh -c "mockgen -package logging -self_package github.com/lucas-clemente/quic-go/logging -destination mock_connection_tracer_test.go github.com/lucas-clemente/quic-go/logging ConnectionTracer && goimports -w mock_connection_tracer_test.go"
+//go:generate sh -c "mockgen -package logging -self_package github.com/lucas-clemente/quic-go/logging -destination mock_tracer_test.go github.com/lucas-clemente/quic-go/logging Tracer && goimports -w mock_tracer_test.go"
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/multiplex.go b/vendor/github.com/lucas-clemente/quic-go/logging/multiplex.go
new file mode 100644
index 00000000..8280e8cd
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/multiplex.go
@@ -0,0 +1,219 @@
+package logging
+
+import (
+ "context"
+ "net"
+ "time"
+)
+
+type tracerMultiplexer struct {
+ tracers []Tracer
+}
+
+var _ Tracer = &tracerMultiplexer{}
+
+// NewMultiplexedTracer creates a new tracer that multiplexes events to multiple tracers.
+func NewMultiplexedTracer(tracers ...Tracer) Tracer {
+ if len(tracers) == 0 {
+ return nil
+ }
+ if len(tracers) == 1 {
+ return tracers[0]
+ }
+ return &tracerMultiplexer{tracers}
+}
+
+func (m *tracerMultiplexer) TracerForConnection(ctx context.Context, p Perspective, odcid ConnectionID) ConnectionTracer {
+ var connTracers []ConnectionTracer
+ for _, t := range m.tracers {
+ if ct := t.TracerForConnection(ctx, p, odcid); ct != nil {
+ connTracers = append(connTracers, ct)
+ }
+ }
+ return NewMultiplexedConnectionTracer(connTracers...)
+}
+
+func (m *tracerMultiplexer) SentPacket(remote net.Addr, hdr *Header, size ByteCount, frames []Frame) {
+ for _, t := range m.tracers {
+ t.SentPacket(remote, hdr, size, frames)
+ }
+}
+
+func (m *tracerMultiplexer) DroppedPacket(remote net.Addr, typ PacketType, size ByteCount, reason PacketDropReason) {
+ for _, t := range m.tracers {
+ t.DroppedPacket(remote, typ, size, reason)
+ }
+}
+
+type connTracerMultiplexer struct {
+ tracers []ConnectionTracer
+}
+
+var _ ConnectionTracer = &connTracerMultiplexer{}
+
+// NewMultiplexedConnectionTracer creates a new connection tracer that multiplexes events to multiple tracers.
+func NewMultiplexedConnectionTracer(tracers ...ConnectionTracer) ConnectionTracer {
+ if len(tracers) == 0 {
+ return nil
+ }
+ if len(tracers) == 1 {
+ return tracers[0]
+ }
+ return &connTracerMultiplexer{tracers: tracers}
+}
+
+func (m *connTracerMultiplexer) StartedConnection(local, remote net.Addr, srcConnID, destConnID ConnectionID) {
+ for _, t := range m.tracers {
+ t.StartedConnection(local, remote, srcConnID, destConnID)
+ }
+}
+
+func (m *connTracerMultiplexer) NegotiatedVersion(chosen VersionNumber, clientVersions, serverVersions []VersionNumber) {
+ for _, t := range m.tracers {
+ t.NegotiatedVersion(chosen, clientVersions, serverVersions)
+ }
+}
+
+func (m *connTracerMultiplexer) ClosedConnection(e error) {
+ for _, t := range m.tracers {
+ t.ClosedConnection(e)
+ }
+}
+
+func (m *connTracerMultiplexer) SentTransportParameters(tp *TransportParameters) {
+ for _, t := range m.tracers {
+ t.SentTransportParameters(tp)
+ }
+}
+
+func (m *connTracerMultiplexer) ReceivedTransportParameters(tp *TransportParameters) {
+ for _, t := range m.tracers {
+ t.ReceivedTransportParameters(tp)
+ }
+}
+
+func (m *connTracerMultiplexer) RestoredTransportParameters(tp *TransportParameters) {
+ for _, t := range m.tracers {
+ t.RestoredTransportParameters(tp)
+ }
+}
+
+func (m *connTracerMultiplexer) SentPacket(hdr *ExtendedHeader, size ByteCount, ack *AckFrame, frames []Frame) {
+ for _, t := range m.tracers {
+ t.SentPacket(hdr, size, ack, frames)
+ }
+}
+
+func (m *connTracerMultiplexer) ReceivedVersionNegotiationPacket(hdr *Header, versions []VersionNumber) {
+ for _, t := range m.tracers {
+ t.ReceivedVersionNegotiationPacket(hdr, versions)
+ }
+}
+
+func (m *connTracerMultiplexer) ReceivedRetry(hdr *Header) {
+ for _, t := range m.tracers {
+ t.ReceivedRetry(hdr)
+ }
+}
+
+func (m *connTracerMultiplexer) ReceivedPacket(hdr *ExtendedHeader, size ByteCount, frames []Frame) {
+ for _, t := range m.tracers {
+ t.ReceivedPacket(hdr, size, frames)
+ }
+}
+
+func (m *connTracerMultiplexer) BufferedPacket(typ PacketType) {
+ for _, t := range m.tracers {
+ t.BufferedPacket(typ)
+ }
+}
+
+func (m *connTracerMultiplexer) DroppedPacket(typ PacketType, size ByteCount, reason PacketDropReason) {
+ for _, t := range m.tracers {
+ t.DroppedPacket(typ, size, reason)
+ }
+}
+
+func (m *connTracerMultiplexer) UpdatedCongestionState(state CongestionState) {
+ for _, t := range m.tracers {
+ t.UpdatedCongestionState(state)
+ }
+}
+
+func (m *connTracerMultiplexer) UpdatedMetrics(rttStats *RTTStats, cwnd, bytesInFLight ByteCount, packetsInFlight int) {
+ for _, t := range m.tracers {
+ t.UpdatedMetrics(rttStats, cwnd, bytesInFLight, packetsInFlight)
+ }
+}
+
+func (m *connTracerMultiplexer) AcknowledgedPacket(encLevel EncryptionLevel, pn PacketNumber) {
+ for _, t := range m.tracers {
+ t.AcknowledgedPacket(encLevel, pn)
+ }
+}
+
+func (m *connTracerMultiplexer) LostPacket(encLevel EncryptionLevel, pn PacketNumber, reason PacketLossReason) {
+ for _, t := range m.tracers {
+ t.LostPacket(encLevel, pn, reason)
+ }
+}
+
+func (m *connTracerMultiplexer) UpdatedPTOCount(value uint32) {
+ for _, t := range m.tracers {
+ t.UpdatedPTOCount(value)
+ }
+}
+
+func (m *connTracerMultiplexer) UpdatedKeyFromTLS(encLevel EncryptionLevel, perspective Perspective) {
+ for _, t := range m.tracers {
+ t.UpdatedKeyFromTLS(encLevel, perspective)
+ }
+}
+
+func (m *connTracerMultiplexer) UpdatedKey(generation KeyPhase, remote bool) {
+ for _, t := range m.tracers {
+ t.UpdatedKey(generation, remote)
+ }
+}
+
+func (m *connTracerMultiplexer) DroppedEncryptionLevel(encLevel EncryptionLevel) {
+ for _, t := range m.tracers {
+ t.DroppedEncryptionLevel(encLevel)
+ }
+}
+
+func (m *connTracerMultiplexer) DroppedKey(generation KeyPhase) {
+ for _, t := range m.tracers {
+ t.DroppedKey(generation)
+ }
+}
+
+func (m *connTracerMultiplexer) SetLossTimer(typ TimerType, encLevel EncryptionLevel, exp time.Time) {
+ for _, t := range m.tracers {
+ t.SetLossTimer(typ, encLevel, exp)
+ }
+}
+
+func (m *connTracerMultiplexer) LossTimerExpired(typ TimerType, encLevel EncryptionLevel) {
+ for _, t := range m.tracers {
+ t.LossTimerExpired(typ, encLevel)
+ }
+}
+
+func (m *connTracerMultiplexer) LossTimerCanceled() {
+ for _, t := range m.tracers {
+ t.LossTimerCanceled()
+ }
+}
+
+func (m *connTracerMultiplexer) Debug(name, msg string) {
+ for _, t := range m.tracers {
+ t.Debug(name, msg)
+ }
+}
+
+func (m *connTracerMultiplexer) Close() {
+ for _, t := range m.tracers {
+ t.Close()
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/packet_header.go b/vendor/github.com/lucas-clemente/quic-go/logging/packet_header.go
new file mode 100644
index 00000000..ea4282fe
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/packet_header.go
@@ -0,0 +1,27 @@
+package logging
+
+import (
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// PacketTypeFromHeader determines the packet type from a *wire.Header.
+func PacketTypeFromHeader(hdr *Header) PacketType {
+ if !hdr.IsLongHeader {
+ return PacketType1RTT
+ }
+ if hdr.Version == 0 {
+ return PacketTypeVersionNegotiation
+ }
+ switch hdr.Type {
+ case protocol.PacketTypeInitial:
+ return PacketTypeInitial
+ case protocol.PacketTypeHandshake:
+ return PacketTypeHandshake
+ case protocol.PacketType0RTT:
+ return PacketType0RTT
+ case protocol.PacketTypeRetry:
+ return PacketTypeRetry
+ default:
+ return PacketTypeNotDetermined
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/logging/types.go b/vendor/github.com/lucas-clemente/quic-go/logging/types.go
new file mode 100644
index 00000000..e1886503
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/logging/types.go
@@ -0,0 +1,94 @@
+package logging
+
+// PacketType is the packet type of a QUIC packet
+type PacketType uint8
+
+const (
+ // PacketTypeInitial is the packet type of an Initial packet
+ PacketTypeInitial PacketType = iota
+ // PacketTypeHandshake is the packet type of a Handshake packet
+ PacketTypeHandshake
+ // PacketTypeRetry is the packet type of a Retry packet
+ PacketTypeRetry
+ // PacketType0RTT is the packet type of a 0-RTT packet
+ PacketType0RTT
+ // PacketTypeVersionNegotiation is the packet type of a Version Negotiation packet
+ PacketTypeVersionNegotiation
+ // PacketType1RTT is a 1-RTT packet
+ PacketType1RTT
+ // PacketTypeStatelessReset is a stateless reset
+ PacketTypeStatelessReset
+ // PacketTypeNotDetermined is the packet type when it could not be determined
+ PacketTypeNotDetermined
+)
+
+type PacketLossReason uint8
+
+const (
+ // PacketLossReorderingThreshold: when a packet is deemed lost due to reordering threshold
+ PacketLossReorderingThreshold PacketLossReason = iota
+ // PacketLossTimeThreshold: when a packet is deemed lost due to time threshold
+ PacketLossTimeThreshold
+)
+
+type PacketDropReason uint8
+
+const (
+ // PacketDropKeyUnavailable is used when a packet is dropped because keys are unavailable
+ PacketDropKeyUnavailable PacketDropReason = iota
+ // PacketDropUnknownConnectionID is used when a packet is dropped because the connection ID is unknown
+ PacketDropUnknownConnectionID
+ // PacketDropHeaderParseError is used when a packet is dropped because header parsing failed
+ PacketDropHeaderParseError
+ // PacketDropPayloadDecryptError is used when a packet is dropped because decrypting the payload failed
+ PacketDropPayloadDecryptError
+ // PacketDropProtocolViolation is used when a packet is dropped due to a protocol violation
+ PacketDropProtocolViolation
+ // PacketDropDOSPrevention is used when a packet is dropped to mitigate a DoS attack
+ PacketDropDOSPrevention
+ // PacketDropUnsupportedVersion is used when a packet is dropped because the version is not supported
+ PacketDropUnsupportedVersion
+ // PacketDropUnexpectedPacket is used when an unexpected packet is received
+ PacketDropUnexpectedPacket
+ // PacketDropUnexpectedSourceConnectionID is used when a packet with an unexpected source connection ID is received
+ PacketDropUnexpectedSourceConnectionID
+ // PacketDropUnexpectedVersion is used when a packet with an unexpected version is received
+ PacketDropUnexpectedVersion
+ // PacketDropDuplicate is used when a duplicate packet is received
+ PacketDropDuplicate
+)
+
+// TimerType is the type of the loss detection timer
+type TimerType uint8
+
+const (
+ // TimerTypeACK is the timer type for the early retransmit timer
+ TimerTypeACK TimerType = iota
+ // TimerTypePTO is the timer type for the PTO retransmit timer
+ TimerTypePTO
+)
+
+// TimeoutReason is the reason why a session is closed
+type TimeoutReason uint8
+
+const (
+ // TimeoutReasonHandshake is used when the session is closed due to a handshake timeout
+ // This reason is not defined in the qlog draft, but very useful for debugging.
+ TimeoutReasonHandshake TimeoutReason = iota
+ // TimeoutReasonIdle is used when the session is closed due to an idle timeout
+ // This reason is not defined in the qlog draft, but very useful for debugging.
+ TimeoutReasonIdle
+)
+
+type CongestionState uint8
+
+const (
+ // CongestionStateSlowStart is the slow start phase of Reno / Cubic
+ CongestionStateSlowStart CongestionState = iota
+ // CongestionStateCongestionAvoidance is the slow start phase of Reno / Cubic
+ CongestionStateCongestionAvoidance
+ // CongestionStateCongestionAvoidance is the recovery phase of Reno / Cubic
+ CongestionStateRecovery
+ // CongestionStateApplicationLimited means that the congestion controller is application limited
+ CongestionStateApplicationLimited
+)
diff --git a/vendor/github.com/lucas-clemente/quic-go/mockgen.go b/vendor/github.com/lucas-clemente/quic-go/mockgen.go
new file mode 100644
index 00000000..d5e9ae10
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/mockgen.go
@@ -0,0 +1,26 @@
+package quic
+
+//go:generate sh -c "./mockgen_private.sh quic mock_send_conn_test.go github.com/lucas-clemente/quic-go sendConn"
+//go:generate sh -c "./mockgen_private.sh quic mock_sender_test.go github.com/lucas-clemente/quic-go sender"
+//go:generate sh -c "./mockgen_private.sh quic mock_stream_internal_test.go github.com/lucas-clemente/quic-go streamI"
+//go:generate sh -c "./mockgen_private.sh quic mock_crypto_stream_test.go github.com/lucas-clemente/quic-go cryptoStream"
+//go:generate sh -c "./mockgen_private.sh quic mock_receive_stream_internal_test.go github.com/lucas-clemente/quic-go receiveStreamI"
+//go:generate sh -c "./mockgen_private.sh quic mock_send_stream_internal_test.go github.com/lucas-clemente/quic-go sendStreamI"
+//go:generate sh -c "./mockgen_private.sh quic mock_stream_sender_test.go github.com/lucas-clemente/quic-go streamSender"
+//go:generate sh -c "./mockgen_private.sh quic mock_stream_getter_test.go github.com/lucas-clemente/quic-go streamGetter"
+//go:generate sh -c "./mockgen_private.sh quic mock_crypto_data_handler_test.go github.com/lucas-clemente/quic-go cryptoDataHandler"
+//go:generate sh -c "./mockgen_private.sh quic mock_frame_source_test.go github.com/lucas-clemente/quic-go frameSource"
+//go:generate sh -c "./mockgen_private.sh quic mock_ack_frame_source_test.go github.com/lucas-clemente/quic-go ackFrameSource"
+//go:generate sh -c "./mockgen_private.sh quic mock_stream_manager_test.go github.com/lucas-clemente/quic-go streamManager"
+//go:generate sh -c "./mockgen_private.sh quic mock_sealing_manager_test.go github.com/lucas-clemente/quic-go sealingManager"
+//go:generate sh -c "./mockgen_private.sh quic mock_unpacker_test.go github.com/lucas-clemente/quic-go unpacker"
+//go:generate sh -c "./mockgen_private.sh quic mock_packer_test.go github.com/lucas-clemente/quic-go packer"
+//go:generate sh -c "./mockgen_private.sh quic mock_mtu_discoverer_test.go github.com/lucas-clemente/quic-go mtuDiscoverer"
+//go:generate sh -c "./mockgen_private.sh quic mock_session_runner_test.go github.com/lucas-clemente/quic-go sessionRunner"
+//go:generate sh -c "./mockgen_private.sh quic mock_quic_session_test.go github.com/lucas-clemente/quic-go quicSession"
+//go:generate sh -c "./mockgen_private.sh quic mock_packet_handler_test.go github.com/lucas-clemente/quic-go packetHandler"
+//go:generate sh -c "./mockgen_private.sh quic mock_unknown_packet_handler_test.go github.com/lucas-clemente/quic-go unknownPacketHandler"
+//go:generate sh -c "./mockgen_private.sh quic mock_packet_handler_manager_test.go github.com/lucas-clemente/quic-go packetHandlerManager"
+//go:generate sh -c "./mockgen_private.sh quic mock_multiplexer_test.go github.com/lucas-clemente/quic-go multiplexer"
+//go:generate sh -c "mockgen -package quic -self_package github.com/lucas-clemente/quic-go -destination mock_token_store_test.go github.com/lucas-clemente/quic-go TokenStore && goimports -w mock_token_store_test.go"
+//go:generate sh -c "mockgen -package quic -self_package github.com/lucas-clemente/quic-go -destination mock_packetconn_test.go net PacketConn && goimports -w mock_packetconn_test.go"
diff --git a/vendor/github.com/lucas-clemente/quic-go/mockgen_private.sh b/vendor/github.com/lucas-clemente/quic-go/mockgen_private.sh
new file mode 100644
index 00000000..15c3c513
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/mockgen_private.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+DEST=$2
+PACKAGE=$3
+TMPFILE="mockgen_tmp.go"
+# uppercase the name of the interface
+ORIG_INTERFACE_NAME=$4
+INTERFACE_NAME="$(tr '[:lower:]' '[:upper:]' <<< ${ORIG_INTERFACE_NAME:0:1})${ORIG_INTERFACE_NAME:1}"
+
+# Gather all files that contain interface definitions.
+# These interfaces might be used as embedded interfaces,
+# so we need to pass them to mockgen as aux_files.
+AUX=()
+for f in *.go; do
+ if [[ -z ${f##*_test.go} ]]; then
+ # skip test files
+ continue;
+ fi
+ if $(egrep -qe "type (.*) interface" $f); then
+ AUX+=("github.com/lucas-clemente/quic-go=$f")
+ fi
+done
+
+# Find the file that defines the interface we're mocking.
+for f in *.go; do
+ if [[ -z ${f##*_test.go} ]]; then
+ # skip test files
+ continue;
+ fi
+ INTERFACE=$(sed -n "/^type $ORIG_INTERFACE_NAME interface/,/^}/p" $f)
+ if [[ -n "$INTERFACE" ]]; then
+ SRC=$f
+ break
+ fi
+done
+
+if [[ -z "$INTERFACE" ]]; then
+ echo "Interface $ORIG_INTERFACE_NAME not found."
+ exit 1
+fi
+
+AUX_FILES=$(IFS=, ; echo "${AUX[*]}")
+
+## create a public alias for the interface, so that mockgen can process it
+echo -e "package $1\n" > $TMPFILE
+echo "$INTERFACE" | sed "s/$ORIG_INTERFACE_NAME/$INTERFACE_NAME/" >> $TMPFILE
+goimports -w $TMPFILE
+mockgen -package $1 -self_package $3 -destination $DEST -source=$TMPFILE -aux_files $AUX_FILES
+goimports -w $DEST
+sed "s/$TMPFILE/$SRC/" "$DEST" > "$DEST.new" && mv "$DEST.new" "$DEST"
+rm "$TMPFILE"
diff --git a/vendor/github.com/lucas-clemente/quic-go/mtu_discoverer.go b/vendor/github.com/lucas-clemente/quic-go/mtu_discoverer.go
new file mode 100644
index 00000000..a5a83021
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/mtu_discoverer.go
@@ -0,0 +1,84 @@
+package quic
+
+import (
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type mtuDiscoverer interface {
+ ShouldSendProbe(now time.Time) bool
+ NextProbeTime() time.Time
+ GetPing() (ping ackhandler.Frame, datagramSize protocol.ByteCount)
+}
+
+const (
+ // At some point, we have to stop searching for a higher MTU.
+ // We're happy to send a packet that's 10 bytes smaller than the actual MTU.
+ maxMTUDiff = 20
+ // send a probe packet every mtuProbeDelay RTTs
+ mtuProbeDelay = 5
+)
+
+type mtuFinder struct {
+ lastProbeTime time.Time
+ probeInFlight bool
+ mtuIncreased func(protocol.ByteCount)
+
+ rttStats *utils.RTTStats
+ current protocol.ByteCount
+ max protocol.ByteCount // the maximum value, as advertised by the peer (or our maximum size buffer)
+}
+
+var _ mtuDiscoverer = &mtuFinder{}
+
+func newMTUDiscoverer(rttStats *utils.RTTStats, start, max protocol.ByteCount, mtuIncreased func(protocol.ByteCount)) mtuDiscoverer {
+ return &mtuFinder{
+ current: start,
+ rttStats: rttStats,
+ lastProbeTime: time.Now(), // to make sure the first probe packet is not sent immediately
+ mtuIncreased: mtuIncreased,
+ max: max,
+ }
+}
+
+func (f *mtuFinder) done() bool {
+ return f.max-f.current <= maxMTUDiff+1
+}
+
+func (f *mtuFinder) ShouldSendProbe(now time.Time) bool {
+ if f.probeInFlight || f.done() {
+ return false
+ }
+ return !now.Before(f.NextProbeTime())
+}
+
+// NextProbeTime returns the time when the next probe packet should be sent.
+// It returns the zero value if no probe packet should be sent.
+func (f *mtuFinder) NextProbeTime() time.Time {
+ if f.probeInFlight || f.done() {
+ return time.Time{}
+ }
+ return f.lastProbeTime.Add(mtuProbeDelay * f.rttStats.SmoothedRTT())
+}
+
+func (f *mtuFinder) GetPing() (ackhandler.Frame, protocol.ByteCount) {
+ size := (f.max + f.current) / 2
+ f.lastProbeTime = time.Now()
+ f.probeInFlight = true
+ return ackhandler.Frame{
+ Frame: &wire.PingFrame{},
+ OnLost: func(wire.Frame) {
+ f.probeInFlight = false
+ f.max = size
+ },
+ OnAcked: func(wire.Frame) {
+ f.probeInFlight = false
+ f.current = size
+ f.mtuIncreased(size)
+ },
+ }, size
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/multiplexer.go b/vendor/github.com/lucas-clemente/quic-go/multiplexer.go
new file mode 100644
index 00000000..006305af
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/multiplexer.go
@@ -0,0 +1,107 @@
+package quic
+
+import (
+ "bytes"
+ "fmt"
+ "net"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+var (
+ connMuxerOnce sync.Once
+ connMuxer multiplexer
+)
+
+type indexableConn interface {
+ LocalAddr() net.Addr
+}
+
+type multiplexer interface {
+ AddConn(c net.PacketConn, connIDLen int, statelessResetKey []byte, tracer logging.Tracer) (packetHandlerManager, error)
+ RemoveConn(indexableConn) error
+}
+
+type connManager struct {
+ connIDLen int
+ statelessResetKey []byte
+ tracer logging.Tracer
+ manager packetHandlerManager
+}
+
+// The connMultiplexer listens on multiple net.PacketConns and dispatches
+// incoming packets to the session handler.
+type connMultiplexer struct {
+ mutex sync.Mutex
+
+ conns map[string] /* LocalAddr().String() */ connManager
+ newPacketHandlerManager func(net.PacketConn, int, []byte, logging.Tracer, utils.Logger) (packetHandlerManager, error) // so it can be replaced in the tests
+
+ logger utils.Logger
+}
+
+var _ multiplexer = &connMultiplexer{}
+
+func getMultiplexer() multiplexer {
+ connMuxerOnce.Do(func() {
+ connMuxer = &connMultiplexer{
+ conns: make(map[string]connManager),
+ logger: utils.DefaultLogger.WithPrefix("muxer"),
+ newPacketHandlerManager: newPacketHandlerMap,
+ }
+ })
+ return connMuxer
+}
+
+func (m *connMultiplexer) AddConn(
+ c net.PacketConn,
+ connIDLen int,
+ statelessResetKey []byte,
+ tracer logging.Tracer,
+) (packetHandlerManager, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ addr := c.LocalAddr()
+ connIndex := addr.Network() + " " + addr.String()
+ p, ok := m.conns[connIndex]
+ if !ok {
+ manager, err := m.newPacketHandlerManager(c, connIDLen, statelessResetKey, tracer, m.logger)
+ if err != nil {
+ return nil, err
+ }
+ p = connManager{
+ connIDLen: connIDLen,
+ statelessResetKey: statelessResetKey,
+ manager: manager,
+ tracer: tracer,
+ }
+ m.conns[connIndex] = p
+ } else {
+ if p.connIDLen != connIDLen {
+ return nil, fmt.Errorf("cannot use %d byte connection IDs on a connection that is already using %d byte connction IDs", connIDLen, p.connIDLen)
+ }
+ if statelessResetKey != nil && !bytes.Equal(p.statelessResetKey, statelessResetKey) {
+ return nil, fmt.Errorf("cannot use different stateless reset keys on the same packet conn")
+ }
+ if tracer != p.tracer {
+ return nil, fmt.Errorf("cannot use different tracers on the same packet conn")
+ }
+ }
+ return p.manager, nil
+}
+
+func (m *connMultiplexer) RemoveConn(c indexableConn) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ connIndex := c.LocalAddr().Network() + " " + c.LocalAddr().String()
+ if _, ok := m.conns[connIndex]; !ok {
+ return fmt.Errorf("cannote remove connection, connection is unknown")
+ }
+
+ delete(m.conns, connIndex)
+ return nil
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/packet_handler_map.go b/vendor/github.com/lucas-clemente/quic-go/packet_handler_map.go
new file mode 100644
index 00000000..5b4659d2
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/packet_handler_map.go
@@ -0,0 +1,467 @@
+package quic
+
+import (
+ "crypto/hmac"
+ "crypto/rand"
+ "crypto/sha256"
+ "errors"
+ "fmt"
+ "hash"
+ "log"
+ "net"
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+type zeroRTTQueue struct {
+ queue []*receivedPacket
+ retireTimer *time.Timer
+}
+
+var _ packetHandler = &zeroRTTQueue{}
+
+func (h *zeroRTTQueue) handlePacket(p *receivedPacket) {
+ if len(h.queue) < protocol.Max0RTTQueueLen {
+ h.queue = append(h.queue, p)
+ }
+}
+func (h *zeroRTTQueue) shutdown() {}
+func (h *zeroRTTQueue) destroy(error) {}
+func (h *zeroRTTQueue) getPerspective() protocol.Perspective { return protocol.PerspectiveClient }
+func (h *zeroRTTQueue) EnqueueAll(sess packetHandler) {
+ for _, p := range h.queue {
+ sess.handlePacket(p)
+ }
+}
+
+func (h *zeroRTTQueue) Clear() {
+ for _, p := range h.queue {
+ p.buffer.Release()
+ }
+}
+
+type packetHandlerMapEntry struct {
+ packetHandler packetHandler
+ is0RTTQueue bool
+}
+
+// The packetHandlerMap stores packetHandlers, identified by connection ID.
+// It is used:
+// * by the server to store sessions
+// * when multiplexing outgoing connections to store clients
+type packetHandlerMap struct {
+ mutex sync.Mutex
+
+ conn connection
+ connIDLen int
+
+ handlers map[string] /* string(ConnectionID)*/ packetHandlerMapEntry
+ resetTokens map[protocol.StatelessResetToken] /* stateless reset token */ packetHandler
+ server unknownPacketHandler
+ numZeroRTTEntries int
+
+ listening chan struct{} // is closed when listen returns
+ closed bool
+
+ deleteRetiredSessionsAfter time.Duration
+ zeroRTTQueueDuration time.Duration
+
+ statelessResetEnabled bool
+ statelessResetMutex sync.Mutex
+ statelessResetHasher hash.Hash
+
+ tracer logging.Tracer
+ logger utils.Logger
+}
+
+var _ packetHandlerManager = &packetHandlerMap{}
+
+func setReceiveBuffer(c net.PacketConn, logger utils.Logger) error {
+ conn, ok := c.(interface{ SetReadBuffer(int) error })
+ if !ok {
+ return errors.New("connection doesn't allow setting of receive buffer size. Not a *net.UDPConn?")
+ }
+ size, err := inspectReadBuffer(c)
+ if err != nil {
+ return fmt.Errorf("failed to determine receive buffer size: %w", err)
+ }
+ if size >= protocol.DesiredReceiveBufferSize {
+ logger.Debugf("Conn has receive buffer of %d kiB (wanted: at least %d kiB)", size/1024, protocol.DesiredReceiveBufferSize/1024)
+ }
+ if err := conn.SetReadBuffer(protocol.DesiredReceiveBufferSize); err != nil {
+ return fmt.Errorf("failed to increase receive buffer size: %w", err)
+ }
+ newSize, err := inspectReadBuffer(c)
+ if err != nil {
+ return fmt.Errorf("failed to determine receive buffer size: %w", err)
+ }
+ if newSize == size {
+ return fmt.Errorf("failed to increase receive buffer size (wanted: %d kiB, got %d kiB)", protocol.DesiredReceiveBufferSize/1024, newSize/1024)
+ }
+ if newSize < protocol.DesiredReceiveBufferSize {
+ return fmt.Errorf("failed to sufficiently increase receive buffer size (was: %d kiB, wanted: %d kiB, got: %d kiB)", size/1024, protocol.DesiredReceiveBufferSize/1024, newSize/1024)
+ }
+ logger.Debugf("Increased receive buffer size to %d kiB", newSize/1024)
+ return nil
+}
+
+// only print warnings about the UPD receive buffer size once
+var receiveBufferWarningOnce sync.Once
+
+func newPacketHandlerMap(
+ c net.PacketConn,
+ connIDLen int,
+ statelessResetKey []byte,
+ tracer logging.Tracer,
+ logger utils.Logger,
+) (packetHandlerManager, error) {
+ if err := setReceiveBuffer(c, logger); err != nil {
+ receiveBufferWarningOnce.Do(func() {
+ log.Printf("%s. See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.", err)
+ })
+ }
+ conn, err := wrapConn(c)
+ if err != nil {
+ return nil, err
+ }
+ m := &packetHandlerMap{
+ conn: conn,
+ connIDLen: connIDLen,
+ listening: make(chan struct{}),
+ handlers: make(map[string]packetHandlerMapEntry),
+ resetTokens: make(map[protocol.StatelessResetToken]packetHandler),
+ deleteRetiredSessionsAfter: protocol.RetiredConnectionIDDeleteTimeout,
+ zeroRTTQueueDuration: protocol.Max0RTTQueueingDuration,
+ statelessResetEnabled: len(statelessResetKey) > 0,
+ statelessResetHasher: hmac.New(sha256.New, statelessResetKey),
+ tracer: tracer,
+ logger: logger,
+ }
+ go m.listen()
+
+ if logger.Debug() {
+ go m.logUsage()
+ }
+ return m, nil
+}
+
+func (h *packetHandlerMap) logUsage() {
+ ticker := time.NewTicker(2 * time.Second)
+ var printedZero bool
+ for {
+ select {
+ case <-h.listening:
+ return
+ case <-ticker.C:
+ }
+
+ h.mutex.Lock()
+ numHandlers := len(h.handlers)
+ numTokens := len(h.resetTokens)
+ h.mutex.Unlock()
+ // If the number tracked handlers and tokens is zero, only print it a single time.
+ hasZero := numHandlers == 0 && numTokens == 0
+ if !hasZero || (hasZero && !printedZero) {
+ h.logger.Debugf("Tracking %d connection IDs and %d reset tokens.\n", numHandlers, numTokens)
+ printedZero = false
+ if hasZero {
+ printedZero = true
+ }
+ }
+ }
+}
+
+func (h *packetHandlerMap) Add(id protocol.ConnectionID, handler packetHandler) bool /* was added */ {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if _, ok := h.handlers[string(id)]; ok {
+ h.logger.Debugf("Not adding connection ID %s, as it already exists.", id)
+ return false
+ }
+ h.handlers[string(id)] = packetHandlerMapEntry{packetHandler: handler}
+ h.logger.Debugf("Adding connection ID %s.", id)
+ return true
+}
+
+func (h *packetHandlerMap) AddWithConnID(clientDestConnID, newConnID protocol.ConnectionID, fn func() packetHandler) bool {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ var q *zeroRTTQueue
+ if entry, ok := h.handlers[string(clientDestConnID)]; ok {
+ if !entry.is0RTTQueue {
+ h.logger.Debugf("Not adding connection ID %s for a new session, as it already exists.", clientDestConnID)
+ return false
+ }
+ q = entry.packetHandler.(*zeroRTTQueue)
+ q.retireTimer.Stop()
+ h.numZeroRTTEntries--
+ if h.numZeroRTTEntries < 0 {
+ panic("number of 0-RTT queues < 0")
+ }
+ }
+ sess := fn()
+ if q != nil {
+ q.EnqueueAll(sess)
+ }
+ h.handlers[string(clientDestConnID)] = packetHandlerMapEntry{packetHandler: sess}
+ h.handlers[string(newConnID)] = packetHandlerMapEntry{packetHandler: sess}
+ h.logger.Debugf("Adding connection IDs %s and %s for a new session.", clientDestConnID, newConnID)
+ return true
+}
+
+func (h *packetHandlerMap) Remove(id protocol.ConnectionID) {
+ h.mutex.Lock()
+ delete(h.handlers, string(id))
+ h.mutex.Unlock()
+ h.logger.Debugf("Removing connection ID %s.", id)
+}
+
+func (h *packetHandlerMap) Retire(id protocol.ConnectionID) {
+ h.logger.Debugf("Retiring connection ID %s in %s.", id, h.deleteRetiredSessionsAfter)
+ time.AfterFunc(h.deleteRetiredSessionsAfter, func() {
+ h.mutex.Lock()
+ delete(h.handlers, string(id))
+ h.mutex.Unlock()
+ h.logger.Debugf("Removing connection ID %s after it has been retired.", id)
+ })
+}
+
+func (h *packetHandlerMap) ReplaceWithClosed(id protocol.ConnectionID, handler packetHandler) {
+ h.mutex.Lock()
+ h.handlers[string(id)] = packetHandlerMapEntry{packetHandler: handler}
+ h.mutex.Unlock()
+ h.logger.Debugf("Replacing session for connection ID %s with a closed session.", id)
+
+ time.AfterFunc(h.deleteRetiredSessionsAfter, func() {
+ h.mutex.Lock()
+ handler.shutdown()
+ delete(h.handlers, string(id))
+ h.mutex.Unlock()
+ h.logger.Debugf("Removing connection ID %s for a closed session after it has been retired.", id)
+ })
+}
+
+func (h *packetHandlerMap) AddResetToken(token protocol.StatelessResetToken, handler packetHandler) {
+ h.mutex.Lock()
+ h.resetTokens[token] = handler
+ h.mutex.Unlock()
+}
+
+func (h *packetHandlerMap) RemoveResetToken(token protocol.StatelessResetToken) {
+ h.mutex.Lock()
+ delete(h.resetTokens, token)
+ h.mutex.Unlock()
+}
+
+func (h *packetHandlerMap) SetServer(s unknownPacketHandler) {
+ h.mutex.Lock()
+ h.server = s
+ h.mutex.Unlock()
+}
+
+func (h *packetHandlerMap) CloseServer() {
+ h.mutex.Lock()
+ if h.server == nil {
+ h.mutex.Unlock()
+ return
+ }
+ h.server = nil
+ var wg sync.WaitGroup
+ for _, entry := range h.handlers {
+ if entry.packetHandler.getPerspective() == protocol.PerspectiveServer {
+ wg.Add(1)
+ go func(handler packetHandler) {
+ // blocks until the CONNECTION_CLOSE has been sent and the run-loop has stopped
+ handler.shutdown()
+ wg.Done()
+ }(entry.packetHandler)
+ }
+ }
+ h.mutex.Unlock()
+ wg.Wait()
+}
+
+// Destroy closes the underlying connection and waits until listen() has returned.
+// It does not close active sessions.
+func (h *packetHandlerMap) Destroy() error {
+ if err := h.conn.Close(); err != nil {
+ return err
+ }
+ <-h.listening // wait until listening returns
+ return nil
+}
+
+func (h *packetHandlerMap) close(e error) error {
+ h.mutex.Lock()
+ if h.closed {
+ h.mutex.Unlock()
+ return nil
+ }
+
+ var wg sync.WaitGroup
+ for _, entry := range h.handlers {
+ wg.Add(1)
+ go func(handler packetHandler) {
+ handler.destroy(e)
+ wg.Done()
+ }(entry.packetHandler)
+ }
+
+ if h.server != nil {
+ h.server.setCloseError(e)
+ }
+ h.closed = true
+ h.mutex.Unlock()
+ wg.Wait()
+ return getMultiplexer().RemoveConn(h.conn)
+}
+
+func (h *packetHandlerMap) listen() {
+ defer close(h.listening)
+ for {
+ p, err := h.conn.ReadPacket()
+ if nerr, ok := err.(net.Error); ok && nerr.Temporary() {
+ h.logger.Debugf("Temporary error reading from conn: %w", err)
+ continue
+ }
+ if err != nil {
+ h.close(err)
+ return
+ }
+ h.handlePacket(p)
+ }
+}
+
+func (h *packetHandlerMap) handlePacket(p *receivedPacket) {
+ connID, err := wire.ParseConnectionID(p.data, h.connIDLen)
+ if err != nil {
+ h.logger.Debugf("error parsing connection ID on packet from %s: %s", p.remoteAddr, err)
+ if h.tracer != nil {
+ h.tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropHeaderParseError)
+ }
+ p.buffer.MaybeRelease()
+ return
+ }
+
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+
+ if isStatelessReset := h.maybeHandleStatelessReset(p.data); isStatelessReset {
+ return
+ }
+
+ if entry, ok := h.handlers[string(connID)]; ok {
+ if entry.is0RTTQueue { // only enqueue 0-RTT packets in the 0-RTT queue
+ if wire.Is0RTTPacket(p.data) {
+ entry.packetHandler.handlePacket(p)
+ return
+ }
+ } else { // existing session
+ entry.packetHandler.handlePacket(p)
+ return
+ }
+ }
+ if p.data[0]&0x80 == 0 {
+ go h.maybeSendStatelessReset(p, connID)
+ return
+ }
+ if h.server == nil { // no server set
+ h.logger.Debugf("received a packet with an unexpected connection ID %s", connID)
+ return
+ }
+ if wire.Is0RTTPacket(p.data) {
+ if h.numZeroRTTEntries >= protocol.Max0RTTQueues {
+ return
+ }
+ h.numZeroRTTEntries++
+ queue := &zeroRTTQueue{queue: make([]*receivedPacket, 0, 8)}
+ h.handlers[string(connID)] = packetHandlerMapEntry{
+ packetHandler: queue,
+ is0RTTQueue: true,
+ }
+ queue.retireTimer = time.AfterFunc(h.zeroRTTQueueDuration, func() {
+ h.mutex.Lock()
+ defer h.mutex.Unlock()
+ // The entry might have been replaced by an actual session.
+ // Only delete it if it's still a 0-RTT queue.
+ if entry, ok := h.handlers[string(connID)]; ok && entry.is0RTTQueue {
+ delete(h.handlers, string(connID))
+ h.numZeroRTTEntries--
+ if h.numZeroRTTEntries < 0 {
+ panic("number of 0-RTT queues < 0")
+ }
+ entry.packetHandler.(*zeroRTTQueue).Clear()
+ if h.logger.Debug() {
+ h.logger.Debugf("Removing 0-RTT queue for %s.", connID)
+ }
+ }
+ })
+ queue.handlePacket(p)
+ return
+ }
+ h.server.handlePacket(p)
+}
+
+func (h *packetHandlerMap) maybeHandleStatelessReset(data []byte) bool {
+ // stateless resets are always short header packets
+ if data[0]&0x80 != 0 {
+ return false
+ }
+ if len(data) < 17 /* type byte + 16 bytes for the reset token */ {
+ return false
+ }
+
+ var token protocol.StatelessResetToken
+ copy(token[:], data[len(data)-16:])
+ if sess, ok := h.resetTokens[token]; ok {
+ h.logger.Debugf("Received a stateless reset with token %#x. Closing session.", token)
+ go sess.destroy(&StatelessResetError{Token: token})
+ return true
+ }
+ return false
+}
+
+func (h *packetHandlerMap) GetStatelessResetToken(connID protocol.ConnectionID) protocol.StatelessResetToken {
+ var token protocol.StatelessResetToken
+ if !h.statelessResetEnabled {
+ // Return a random stateless reset token.
+ // This token will be sent in the server's transport parameters.
+ // By using a random token, an off-path attacker won't be able to disrupt the connection.
+ rand.Read(token[:])
+ return token
+ }
+ h.statelessResetMutex.Lock()
+ h.statelessResetHasher.Write(connID.Bytes())
+ copy(token[:], h.statelessResetHasher.Sum(nil))
+ h.statelessResetHasher.Reset()
+ h.statelessResetMutex.Unlock()
+ return token
+}
+
+func (h *packetHandlerMap) maybeSendStatelessReset(p *receivedPacket, connID protocol.ConnectionID) {
+ defer p.buffer.Release()
+ if !h.statelessResetEnabled {
+ return
+ }
+ // Don't send a stateless reset in response to very small packets.
+ // This includes packets that could be stateless resets.
+ if len(p.data) <= protocol.MinStatelessResetSize {
+ return
+ }
+ token := h.GetStatelessResetToken(connID)
+ h.logger.Debugf("Sending stateless reset to %s (connection ID: %s). Token: %#x", p.remoteAddr, connID, token)
+ data := make([]byte, protocol.MinStatelessResetSize-16, protocol.MinStatelessResetSize)
+ rand.Read(data)
+ data[0] = (data[0] & 0x7f) | 0x40
+ data = append(data, token[:]...)
+ if _, err := h.conn.WritePacket(data, p.remoteAddr, p.info.OOB()); err != nil {
+ h.logger.Debugf("Error sending Stateless Reset: %s", err)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/packet_packer.go b/vendor/github.com/lucas-clemente/quic-go/packet_packer.go
new file mode 100644
index 00000000..1d037ab2
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/packet_packer.go
@@ -0,0 +1,894 @@
+package quic
+
+import (
+ "bytes"
+ "errors"
+ "fmt"
+ "net"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/handshake"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type packer interface {
+ PackCoalescedPacket() (*coalescedPacket, error)
+ PackPacket() (*packedPacket, error)
+ MaybePackProbePacket(protocol.EncryptionLevel) (*packedPacket, error)
+ MaybePackAckPacket(handshakeConfirmed bool) (*packedPacket, error)
+ PackConnectionClose(*qerr.TransportError) (*coalescedPacket, error)
+ PackApplicationClose(*qerr.ApplicationError) (*coalescedPacket, error)
+
+ SetMaxPacketSize(protocol.ByteCount)
+ PackMTUProbePacket(ping ackhandler.Frame, size protocol.ByteCount) (*packedPacket, error)
+
+ HandleTransportParameters(*wire.TransportParameters)
+ SetToken([]byte)
+}
+
+type sealer interface {
+ handshake.LongHeaderSealer
+}
+
+type payload struct {
+ frames []ackhandler.Frame
+ ack *wire.AckFrame
+ length protocol.ByteCount
+}
+
+type packedPacket struct {
+ buffer *packetBuffer
+ *packetContents
+}
+
+type packetContents struct {
+ header *wire.ExtendedHeader
+ ack *wire.AckFrame
+ frames []ackhandler.Frame
+
+ length protocol.ByteCount
+
+ isMTUProbePacket bool
+}
+
+type coalescedPacket struct {
+ buffer *packetBuffer
+ packets []*packetContents
+}
+
+func (p *packetContents) EncryptionLevel() protocol.EncryptionLevel {
+ if !p.header.IsLongHeader {
+ return protocol.Encryption1RTT
+ }
+ //nolint:exhaustive // Will never be called for Retry packets (and they don't have encrypted data).
+ switch p.header.Type {
+ case protocol.PacketTypeInitial:
+ return protocol.EncryptionInitial
+ case protocol.PacketTypeHandshake:
+ return protocol.EncryptionHandshake
+ case protocol.PacketType0RTT:
+ return protocol.Encryption0RTT
+ default:
+ panic("can't determine encryption level")
+ }
+}
+
+func (p *packetContents) IsAckEliciting() bool {
+ return ackhandler.HasAckElicitingFrames(p.frames)
+}
+
+func (p *packetContents) ToAckHandlerPacket(now time.Time, q *retransmissionQueue) *ackhandler.Packet {
+ largestAcked := protocol.InvalidPacketNumber
+ if p.ack != nil {
+ largestAcked = p.ack.LargestAcked()
+ }
+ encLevel := p.EncryptionLevel()
+ for i := range p.frames {
+ if p.frames[i].OnLost != nil {
+ continue
+ }
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ p.frames[i].OnLost = q.AddInitial
+ case protocol.EncryptionHandshake:
+ p.frames[i].OnLost = q.AddHandshake
+ case protocol.Encryption0RTT, protocol.Encryption1RTT:
+ p.frames[i].OnLost = q.AddAppData
+ }
+ }
+ return &ackhandler.Packet{
+ PacketNumber: p.header.PacketNumber,
+ LargestAcked: largestAcked,
+ Frames: p.frames,
+ Length: p.length,
+ EncryptionLevel: encLevel,
+ SendTime: now,
+ IsPathMTUProbePacket: p.isMTUProbePacket,
+ }
+}
+
+func getMaxPacketSize(addr net.Addr) protocol.ByteCount {
+ maxSize := protocol.ByteCount(protocol.MinInitialPacketSize)
+ // If this is not a UDP address, we don't know anything about the MTU.
+ // Use the minimum size of an Initial packet as the max packet size.
+ if udpAddr, ok := addr.(*net.UDPAddr); ok {
+ if utils.IsIPv4(udpAddr.IP) {
+ maxSize = protocol.InitialPacketSizeIPv4
+ } else {
+ maxSize = protocol.InitialPacketSizeIPv6
+ }
+ }
+ return maxSize
+}
+
+type packetNumberManager interface {
+ PeekPacketNumber(protocol.EncryptionLevel) (protocol.PacketNumber, protocol.PacketNumberLen)
+ PopPacketNumber(protocol.EncryptionLevel) protocol.PacketNumber
+}
+
+type sealingManager interface {
+ GetInitialSealer() (handshake.LongHeaderSealer, error)
+ GetHandshakeSealer() (handshake.LongHeaderSealer, error)
+ Get0RTTSealer() (handshake.LongHeaderSealer, error)
+ Get1RTTSealer() (handshake.ShortHeaderSealer, error)
+}
+
+type frameSource interface {
+ HasData() bool
+ AppendStreamFrames([]ackhandler.Frame, protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount)
+ AppendControlFrames([]ackhandler.Frame, protocol.ByteCount) ([]ackhandler.Frame, protocol.ByteCount)
+}
+
+type ackFrameSource interface {
+ GetAckFrame(encLevel protocol.EncryptionLevel, onlyIfQueued bool) *wire.AckFrame
+}
+
+type packetPacker struct {
+ srcConnID protocol.ConnectionID
+ getDestConnID func() protocol.ConnectionID
+
+ perspective protocol.Perspective
+ version protocol.VersionNumber
+ cryptoSetup sealingManager
+
+ initialStream cryptoStream
+ handshakeStream cryptoStream
+
+ token []byte
+
+ pnManager packetNumberManager
+ framer frameSource
+ acks ackFrameSource
+ datagramQueue *datagramQueue
+ retransmissionQueue *retransmissionQueue
+
+ maxPacketSize protocol.ByteCount
+ numNonAckElicitingAcks int
+}
+
+var _ packer = &packetPacker{}
+
+func newPacketPacker(
+ srcConnID protocol.ConnectionID,
+ getDestConnID func() protocol.ConnectionID,
+ initialStream cryptoStream,
+ handshakeStream cryptoStream,
+ packetNumberManager packetNumberManager,
+ retransmissionQueue *retransmissionQueue,
+ remoteAddr net.Addr, // only used for determining the max packet size
+ cryptoSetup sealingManager,
+ framer frameSource,
+ acks ackFrameSource,
+ datagramQueue *datagramQueue,
+ perspective protocol.Perspective,
+ version protocol.VersionNumber,
+) *packetPacker {
+ return &packetPacker{
+ cryptoSetup: cryptoSetup,
+ getDestConnID: getDestConnID,
+ srcConnID: srcConnID,
+ initialStream: initialStream,
+ handshakeStream: handshakeStream,
+ retransmissionQueue: retransmissionQueue,
+ datagramQueue: datagramQueue,
+ perspective: perspective,
+ version: version,
+ framer: framer,
+ acks: acks,
+ pnManager: packetNumberManager,
+ maxPacketSize: getMaxPacketSize(remoteAddr),
+ }
+}
+
+// PackConnectionClose packs a packet that closes the connection with a transport error.
+func (p *packetPacker) PackConnectionClose(e *qerr.TransportError) (*coalescedPacket, error) {
+ var reason string
+ // don't send details of crypto errors
+ if !e.ErrorCode.IsCryptoError() {
+ reason = e.ErrorMessage
+ }
+ return p.packConnectionClose(false, uint64(e.ErrorCode), e.FrameType, reason)
+}
+
+// PackApplicationClose packs a packet that closes the connection with an application error.
+func (p *packetPacker) PackApplicationClose(e *qerr.ApplicationError) (*coalescedPacket, error) {
+ return p.packConnectionClose(true, uint64(e.ErrorCode), 0, e.ErrorMessage)
+}
+
+func (p *packetPacker) packConnectionClose(
+ isApplicationError bool,
+ errorCode uint64,
+ frameType uint64,
+ reason string,
+) (*coalescedPacket, error) {
+ var sealers [4]sealer
+ var hdrs [4]*wire.ExtendedHeader
+ var payloads [4]*payload
+ var size protocol.ByteCount
+ var numPackets uint8
+ encLevels := [4]protocol.EncryptionLevel{protocol.EncryptionInitial, protocol.EncryptionHandshake, protocol.Encryption0RTT, protocol.Encryption1RTT}
+ for i, encLevel := range encLevels {
+ if p.perspective == protocol.PerspectiveServer && encLevel == protocol.Encryption0RTT {
+ continue
+ }
+ ccf := &wire.ConnectionCloseFrame{
+ IsApplicationError: isApplicationError,
+ ErrorCode: errorCode,
+ FrameType: frameType,
+ ReasonPhrase: reason,
+ }
+ // don't send application errors in Initial or Handshake packets
+ if isApplicationError && (encLevel == protocol.EncryptionInitial || encLevel == protocol.EncryptionHandshake) {
+ ccf.IsApplicationError = false
+ ccf.ErrorCode = uint64(qerr.ApplicationErrorErrorCode)
+ ccf.ReasonPhrase = ""
+ }
+ payload := &payload{
+ frames: []ackhandler.Frame{{Frame: ccf}},
+ length: ccf.Length(p.version),
+ }
+
+ var sealer sealer
+ var err error
+ var keyPhase protocol.KeyPhaseBit // only set for 1-RTT
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ sealer, err = p.cryptoSetup.GetInitialSealer()
+ case protocol.EncryptionHandshake:
+ sealer, err = p.cryptoSetup.GetHandshakeSealer()
+ case protocol.Encryption0RTT:
+ sealer, err = p.cryptoSetup.Get0RTTSealer()
+ case protocol.Encryption1RTT:
+ var s handshake.ShortHeaderSealer
+ s, err = p.cryptoSetup.Get1RTTSealer()
+ if err == nil {
+ keyPhase = s.KeyPhase()
+ }
+ sealer = s
+ }
+ if err == handshake.ErrKeysNotYetAvailable || err == handshake.ErrKeysDropped {
+ continue
+ }
+ if err != nil {
+ return nil, err
+ }
+ sealers[i] = sealer
+ var hdr *wire.ExtendedHeader
+ if encLevel == protocol.Encryption1RTT {
+ hdr = p.getShortHeader(keyPhase)
+ } else {
+ hdr = p.getLongHeader(encLevel)
+ }
+ hdrs[i] = hdr
+ payloads[i] = payload
+ size += p.packetLength(hdr, payload) + protocol.ByteCount(sealer.Overhead())
+ numPackets++
+ }
+ contents := make([]*packetContents, 0, numPackets)
+ buffer := getPacketBuffer()
+ for i, encLevel := range encLevels {
+ if sealers[i] == nil {
+ continue
+ }
+ var paddingLen protocol.ByteCount
+ if encLevel == protocol.EncryptionInitial {
+ paddingLen = p.initialPaddingLen(payloads[i].frames, size)
+ }
+ c, err := p.appendPacket(buffer, hdrs[i], payloads[i], paddingLen, encLevel, sealers[i], false)
+ if err != nil {
+ return nil, err
+ }
+ contents = append(contents, c)
+ }
+ return &coalescedPacket{buffer: buffer, packets: contents}, nil
+}
+
+// packetLength calculates the length of the serialized packet.
+// It takes into account that packets that have a tiny payload need to be padded,
+// such that len(payload) + packet number len >= 4 + AEAD overhead
+func (p *packetPacker) packetLength(hdr *wire.ExtendedHeader, payload *payload) protocol.ByteCount {
+ var paddingLen protocol.ByteCount
+ pnLen := protocol.ByteCount(hdr.PacketNumberLen)
+ if payload.length < 4-pnLen {
+ paddingLen = 4 - pnLen - payload.length
+ }
+ return hdr.GetLength(p.version) + payload.length + paddingLen
+}
+
+func (p *packetPacker) MaybePackAckPacket(handshakeConfirmed bool) (*packedPacket, error) {
+ var encLevel protocol.EncryptionLevel
+ var ack *wire.AckFrame
+ if !handshakeConfirmed {
+ ack = p.acks.GetAckFrame(protocol.EncryptionInitial, true)
+ if ack != nil {
+ encLevel = protocol.EncryptionInitial
+ } else {
+ ack = p.acks.GetAckFrame(protocol.EncryptionHandshake, true)
+ if ack != nil {
+ encLevel = protocol.EncryptionHandshake
+ }
+ }
+ }
+ if ack == nil {
+ ack = p.acks.GetAckFrame(protocol.Encryption1RTT, true)
+ if ack == nil {
+ return nil, nil
+ }
+ encLevel = protocol.Encryption1RTT
+ }
+ payload := &payload{
+ ack: ack,
+ length: ack.Length(p.version),
+ }
+
+ sealer, hdr, err := p.getSealerAndHeader(encLevel)
+ if err != nil {
+ return nil, err
+ }
+ return p.writeSinglePacket(hdr, payload, encLevel, sealer)
+}
+
+// size is the expected size of the packet, if no padding was applied.
+func (p *packetPacker) initialPaddingLen(frames []ackhandler.Frame, size protocol.ByteCount) protocol.ByteCount {
+ // For the server, only ack-eliciting Initial packets need to be padded.
+ if p.perspective == protocol.PerspectiveServer && !ackhandler.HasAckElicitingFrames(frames) {
+ return 0
+ }
+ if size >= p.maxPacketSize {
+ return 0
+ }
+ return p.maxPacketSize - size
+}
+
+// PackCoalescedPacket packs a new packet.
+// It packs an Initial / Handshake if there is data to send in these packet number spaces.
+// It should only be called before the handshake is confirmed.
+func (p *packetPacker) PackCoalescedPacket() (*coalescedPacket, error) {
+ maxPacketSize := p.maxPacketSize
+ if p.perspective == protocol.PerspectiveClient {
+ maxPacketSize = protocol.MinInitialPacketSize
+ }
+ var initialHdr, handshakeHdr, appDataHdr *wire.ExtendedHeader
+ var initialPayload, handshakePayload, appDataPayload *payload
+ var numPackets int
+ // Try packing an Initial packet.
+ initialSealer, err := p.cryptoSetup.GetInitialSealer()
+ if err != nil && err != handshake.ErrKeysDropped {
+ return nil, err
+ }
+ var size protocol.ByteCount
+ if initialSealer != nil {
+ initialHdr, initialPayload = p.maybeGetCryptoPacket(maxPacketSize-protocol.ByteCount(initialSealer.Overhead()), size, protocol.EncryptionInitial)
+ if initialPayload != nil {
+ size += p.packetLength(initialHdr, initialPayload) + protocol.ByteCount(initialSealer.Overhead())
+ numPackets++
+ }
+ }
+
+ // Add a Handshake packet.
+ var handshakeSealer sealer
+ if size < maxPacketSize-protocol.MinCoalescedPacketSize {
+ var err error
+ handshakeSealer, err = p.cryptoSetup.GetHandshakeSealer()
+ if err != nil && err != handshake.ErrKeysDropped && err != handshake.ErrKeysNotYetAvailable {
+ return nil, err
+ }
+ if handshakeSealer != nil {
+ handshakeHdr, handshakePayload = p.maybeGetCryptoPacket(maxPacketSize-size-protocol.ByteCount(handshakeSealer.Overhead()), size, protocol.EncryptionHandshake)
+ if handshakePayload != nil {
+ s := p.packetLength(handshakeHdr, handshakePayload) + protocol.ByteCount(handshakeSealer.Overhead())
+ size += s
+ numPackets++
+ }
+ }
+ }
+
+ // Add a 0-RTT / 1-RTT packet.
+ var appDataSealer sealer
+ appDataEncLevel := protocol.Encryption1RTT
+ if size < maxPacketSize-protocol.MinCoalescedPacketSize {
+ var err error
+ appDataSealer, appDataHdr, appDataPayload = p.maybeGetAppDataPacket(maxPacketSize-size, size)
+ if err != nil {
+ return nil, err
+ }
+ if appDataHdr != nil {
+ if appDataHdr.IsLongHeader {
+ appDataEncLevel = protocol.Encryption0RTT
+ }
+ if appDataPayload != nil {
+ size += p.packetLength(appDataHdr, appDataPayload) + protocol.ByteCount(appDataSealer.Overhead())
+ numPackets++
+ }
+ }
+ }
+
+ if numPackets == 0 {
+ return nil, nil
+ }
+
+ buffer := getPacketBuffer()
+ packet := &coalescedPacket{
+ buffer: buffer,
+ packets: make([]*packetContents, 0, numPackets),
+ }
+ if initialPayload != nil {
+ padding := p.initialPaddingLen(initialPayload.frames, size)
+ cont, err := p.appendPacket(buffer, initialHdr, initialPayload, padding, protocol.EncryptionInitial, initialSealer, false)
+ if err != nil {
+ return nil, err
+ }
+ packet.packets = append(packet.packets, cont)
+ }
+ if handshakePayload != nil {
+ cont, err := p.appendPacket(buffer, handshakeHdr, handshakePayload, 0, protocol.EncryptionHandshake, handshakeSealer, false)
+ if err != nil {
+ return nil, err
+ }
+ packet.packets = append(packet.packets, cont)
+ }
+ if appDataPayload != nil {
+ cont, err := p.appendPacket(buffer, appDataHdr, appDataPayload, 0, appDataEncLevel, appDataSealer, false)
+ if err != nil {
+ return nil, err
+ }
+ packet.packets = append(packet.packets, cont)
+ }
+ return packet, nil
+}
+
+// PackPacket packs a packet in the application data packet number space.
+// It should be called after the handshake is confirmed.
+func (p *packetPacker) PackPacket() (*packedPacket, error) {
+ sealer, hdr, payload := p.maybeGetAppDataPacket(p.maxPacketSize, 0)
+ if payload == nil {
+ return nil, nil
+ }
+ buffer := getPacketBuffer()
+ encLevel := protocol.Encryption1RTT
+ if hdr.IsLongHeader {
+ encLevel = protocol.Encryption0RTT
+ }
+ cont, err := p.appendPacket(buffer, hdr, payload, 0, encLevel, sealer, false)
+ if err != nil {
+ return nil, err
+ }
+ return &packedPacket{
+ buffer: buffer,
+ packetContents: cont,
+ }, nil
+}
+
+func (p *packetPacker) maybeGetCryptoPacket(maxPacketSize, currentSize protocol.ByteCount, encLevel protocol.EncryptionLevel) (*wire.ExtendedHeader, *payload) {
+ var s cryptoStream
+ var hasRetransmission bool
+ //nolint:exhaustive // Initial and Handshake are the only two encryption levels here.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ s = p.initialStream
+ hasRetransmission = p.retransmissionQueue.HasInitialData()
+ case protocol.EncryptionHandshake:
+ s = p.handshakeStream
+ hasRetransmission = p.retransmissionQueue.HasHandshakeData()
+ }
+
+ hasData := s.HasData()
+ var ack *wire.AckFrame
+ if encLevel == protocol.EncryptionInitial || currentSize == 0 {
+ ack = p.acks.GetAckFrame(encLevel, !hasRetransmission && !hasData)
+ }
+ if !hasData && !hasRetransmission && ack == nil {
+ // nothing to send
+ return nil, nil
+ }
+
+ var payload payload
+ if ack != nil {
+ payload.ack = ack
+ payload.length = ack.Length(p.version)
+ maxPacketSize -= payload.length
+ }
+ hdr := p.getLongHeader(encLevel)
+ maxPacketSize -= hdr.GetLength(p.version)
+ if hasRetransmission {
+ for {
+ var f wire.Frame
+ //nolint:exhaustive // 0-RTT packets can't contain any retransmission.s
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ f = p.retransmissionQueue.GetInitialFrame(maxPacketSize)
+ case protocol.EncryptionHandshake:
+ f = p.retransmissionQueue.GetHandshakeFrame(maxPacketSize)
+ }
+ if f == nil {
+ break
+ }
+ payload.frames = append(payload.frames, ackhandler.Frame{Frame: f})
+ frameLen := f.Length(p.version)
+ payload.length += frameLen
+ maxPacketSize -= frameLen
+ }
+ } else if s.HasData() {
+ cf := s.PopCryptoFrame(maxPacketSize)
+ payload.frames = []ackhandler.Frame{{Frame: cf}}
+ payload.length += cf.Length(p.version)
+ }
+ return hdr, &payload
+}
+
+func (p *packetPacker) maybeGetAppDataPacket(maxPacketSize, currentSize protocol.ByteCount) (sealer, *wire.ExtendedHeader, *payload) {
+ var sealer sealer
+ var encLevel protocol.EncryptionLevel
+ var hdr *wire.ExtendedHeader
+ oneRTTSealer, err := p.cryptoSetup.Get1RTTSealer()
+ if err == nil {
+ encLevel = protocol.Encryption1RTT
+ sealer = oneRTTSealer
+ hdr = p.getShortHeader(oneRTTSealer.KeyPhase())
+ } else {
+ // 1-RTT sealer not yet available
+ if p.perspective != protocol.PerspectiveClient {
+ return nil, nil, nil
+ }
+ sealer, err = p.cryptoSetup.Get0RTTSealer()
+ if sealer == nil || err != nil {
+ return nil, nil, nil
+ }
+ encLevel = protocol.Encryption0RTT
+ hdr = p.getLongHeader(protocol.Encryption0RTT)
+ }
+
+ maxPayloadSize := maxPacketSize - hdr.GetLength(p.version) - protocol.ByteCount(sealer.Overhead())
+ payload := p.maybeGetAppDataPacketWithEncLevel(maxPayloadSize, encLevel == protocol.Encryption1RTT && currentSize == 0)
+ return sealer, hdr, payload
+}
+
+func (p *packetPacker) maybeGetAppDataPacketWithEncLevel(maxPayloadSize protocol.ByteCount, ackAllowed bool) *payload {
+ payload := p.composeNextPacket(maxPayloadSize, ackAllowed)
+
+ // check if we have anything to send
+ if len(payload.frames) == 0 {
+ if payload.ack == nil {
+ return nil
+ }
+ // the packet only contains an ACK
+ if p.numNonAckElicitingAcks >= protocol.MaxNonAckElicitingAcks {
+ ping := &wire.PingFrame{}
+ // don't retransmit the PING frame when it is lost
+ payload.frames = append(payload.frames, ackhandler.Frame{Frame: ping, OnLost: func(wire.Frame) {}})
+ payload.length += ping.Length(p.version)
+ p.numNonAckElicitingAcks = 0
+ } else {
+ p.numNonAckElicitingAcks++
+ }
+ } else {
+ p.numNonAckElicitingAcks = 0
+ }
+ return payload
+}
+
+func (p *packetPacker) composeNextPacket(maxFrameSize protocol.ByteCount, ackAllowed bool) *payload {
+ payload := &payload{frames: make([]ackhandler.Frame, 0, 1)}
+
+ var hasDatagram bool
+ if p.datagramQueue != nil {
+ if datagram := p.datagramQueue.Get(); datagram != nil {
+ payload.frames = append(payload.frames, ackhandler.Frame{
+ Frame: datagram,
+ // set it to a no-op. Then we won't set the default callback, which would retransmit the frame.
+ OnLost: func(wire.Frame) {},
+ })
+ payload.length += datagram.Length(p.version)
+ hasDatagram = true
+ }
+ }
+
+ var ack *wire.AckFrame
+ hasData := p.framer.HasData()
+ hasRetransmission := p.retransmissionQueue.HasAppData()
+ // TODO: make sure ACKs are sent when a lot of DATAGRAMs are queued
+ if !hasDatagram && ackAllowed {
+ ack = p.acks.GetAckFrame(protocol.Encryption1RTT, !hasRetransmission && !hasData)
+ if ack != nil {
+ payload.ack = ack
+ payload.length += ack.Length(p.version)
+ }
+ }
+
+ if ack == nil && !hasData && !hasRetransmission {
+ return payload
+ }
+
+ if hasRetransmission {
+ for {
+ remainingLen := maxFrameSize - payload.length
+ if remainingLen < protocol.MinStreamFrameSize {
+ break
+ }
+ f := p.retransmissionQueue.GetAppDataFrame(remainingLen)
+ if f == nil {
+ break
+ }
+ payload.frames = append(payload.frames, ackhandler.Frame{Frame: f})
+ payload.length += f.Length(p.version)
+ }
+ }
+
+ if hasData {
+ var lengthAdded protocol.ByteCount
+ payload.frames, lengthAdded = p.framer.AppendControlFrames(payload.frames, maxFrameSize-payload.length)
+ payload.length += lengthAdded
+
+ payload.frames, lengthAdded = p.framer.AppendStreamFrames(payload.frames, maxFrameSize-payload.length)
+ payload.length += lengthAdded
+ }
+ return payload
+}
+
+func (p *packetPacker) MaybePackProbePacket(encLevel protocol.EncryptionLevel) (*packedPacket, error) {
+ var hdr *wire.ExtendedHeader
+ var payload *payload
+ var sealer sealer
+ //nolint:exhaustive // Probe packets are never sent for 0-RTT.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ var err error
+ sealer, err = p.cryptoSetup.GetInitialSealer()
+ if err != nil {
+ return nil, err
+ }
+ hdr, payload = p.maybeGetCryptoPacket(p.maxPacketSize-protocol.ByteCount(sealer.Overhead()), 0, protocol.EncryptionInitial)
+ case protocol.EncryptionHandshake:
+ var err error
+ sealer, err = p.cryptoSetup.GetHandshakeSealer()
+ if err != nil {
+ return nil, err
+ }
+ hdr, payload = p.maybeGetCryptoPacket(p.maxPacketSize-protocol.ByteCount(sealer.Overhead()), 0, protocol.EncryptionHandshake)
+ case protocol.Encryption1RTT:
+ oneRTTSealer, err := p.cryptoSetup.Get1RTTSealer()
+ if err != nil {
+ return nil, err
+ }
+ sealer = oneRTTSealer
+ hdr = p.getShortHeader(oneRTTSealer.KeyPhase())
+ payload = p.maybeGetAppDataPacketWithEncLevel(p.maxPacketSize-protocol.ByteCount(sealer.Overhead())-hdr.GetLength(p.version), true)
+ default:
+ panic("unknown encryption level")
+ }
+ if payload == nil {
+ return nil, nil
+ }
+ size := p.packetLength(hdr, payload) + protocol.ByteCount(sealer.Overhead())
+ var padding protocol.ByteCount
+ if encLevel == protocol.EncryptionInitial {
+ padding = p.initialPaddingLen(payload.frames, size)
+ }
+ buffer := getPacketBuffer()
+ cont, err := p.appendPacket(buffer, hdr, payload, padding, encLevel, sealer, false)
+ if err != nil {
+ return nil, err
+ }
+ return &packedPacket{
+ buffer: buffer,
+ packetContents: cont,
+ }, nil
+}
+
+func (p *packetPacker) PackMTUProbePacket(ping ackhandler.Frame, size protocol.ByteCount) (*packedPacket, error) {
+ payload := &payload{
+ frames: []ackhandler.Frame{ping},
+ length: ping.Length(p.version),
+ }
+ buffer := getPacketBuffer()
+ sealer, err := p.cryptoSetup.Get1RTTSealer()
+ if err != nil {
+ return nil, err
+ }
+ hdr := p.getShortHeader(sealer.KeyPhase())
+ padding := size - p.packetLength(hdr, payload) - protocol.ByteCount(sealer.Overhead())
+ contents, err := p.appendPacket(buffer, hdr, payload, padding, protocol.Encryption1RTT, sealer, true)
+ if err != nil {
+ return nil, err
+ }
+ contents.isMTUProbePacket = true
+ return &packedPacket{
+ buffer: buffer,
+ packetContents: contents,
+ }, nil
+}
+
+func (p *packetPacker) getSealerAndHeader(encLevel protocol.EncryptionLevel) (sealer, *wire.ExtendedHeader, error) {
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ sealer, err := p.cryptoSetup.GetInitialSealer()
+ if err != nil {
+ return nil, nil, err
+ }
+ hdr := p.getLongHeader(protocol.EncryptionInitial)
+ return sealer, hdr, nil
+ case protocol.Encryption0RTT:
+ sealer, err := p.cryptoSetup.Get0RTTSealer()
+ if err != nil {
+ return nil, nil, err
+ }
+ hdr := p.getLongHeader(protocol.Encryption0RTT)
+ return sealer, hdr, nil
+ case protocol.EncryptionHandshake:
+ sealer, err := p.cryptoSetup.GetHandshakeSealer()
+ if err != nil {
+ return nil, nil, err
+ }
+ hdr := p.getLongHeader(protocol.EncryptionHandshake)
+ return sealer, hdr, nil
+ case protocol.Encryption1RTT:
+ sealer, err := p.cryptoSetup.Get1RTTSealer()
+ if err != nil {
+ return nil, nil, err
+ }
+ hdr := p.getShortHeader(sealer.KeyPhase())
+ return sealer, hdr, nil
+ default:
+ return nil, nil, fmt.Errorf("unexpected encryption level: %s", encLevel)
+ }
+}
+
+func (p *packetPacker) getShortHeader(kp protocol.KeyPhaseBit) *wire.ExtendedHeader {
+ pn, pnLen := p.pnManager.PeekPacketNumber(protocol.Encryption1RTT)
+ hdr := &wire.ExtendedHeader{}
+ hdr.PacketNumber = pn
+ hdr.PacketNumberLen = pnLen
+ hdr.DestConnectionID = p.getDestConnID()
+ hdr.KeyPhase = kp
+ return hdr
+}
+
+func (p *packetPacker) getLongHeader(encLevel protocol.EncryptionLevel) *wire.ExtendedHeader {
+ pn, pnLen := p.pnManager.PeekPacketNumber(encLevel)
+ hdr := &wire.ExtendedHeader{
+ PacketNumber: pn,
+ PacketNumberLen: pnLen,
+ }
+ hdr.IsLongHeader = true
+ hdr.Version = p.version
+ hdr.SrcConnectionID = p.srcConnID
+ hdr.DestConnectionID = p.getDestConnID()
+
+ //nolint:exhaustive // 1-RTT packets are not long header packets.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ hdr.Type = protocol.PacketTypeInitial
+ hdr.Token = p.token
+ case protocol.EncryptionHandshake:
+ hdr.Type = protocol.PacketTypeHandshake
+ case protocol.Encryption0RTT:
+ hdr.Type = protocol.PacketType0RTT
+ }
+ return hdr
+}
+
+// writeSinglePacket packs a single packet.
+func (p *packetPacker) writeSinglePacket(
+ hdr *wire.ExtendedHeader,
+ payload *payload,
+ encLevel protocol.EncryptionLevel,
+ sealer sealer,
+) (*packedPacket, error) {
+ buffer := getPacketBuffer()
+ var paddingLen protocol.ByteCount
+ if encLevel == protocol.EncryptionInitial {
+ paddingLen = p.initialPaddingLen(payload.frames, hdr.GetLength(p.version)+payload.length+protocol.ByteCount(sealer.Overhead()))
+ }
+ contents, err := p.appendPacket(buffer, hdr, payload, paddingLen, encLevel, sealer, false)
+ if err != nil {
+ return nil, err
+ }
+ return &packedPacket{
+ buffer: buffer,
+ packetContents: contents,
+ }, nil
+}
+
+func (p *packetPacker) appendPacket(buffer *packetBuffer, header *wire.ExtendedHeader, payload *payload, padding protocol.ByteCount, encLevel protocol.EncryptionLevel, sealer sealer, isMTUProbePacket bool) (*packetContents, error) {
+ var paddingLen protocol.ByteCount
+ pnLen := protocol.ByteCount(header.PacketNumberLen)
+ if payload.length < 4-pnLen {
+ paddingLen = 4 - pnLen - payload.length
+ }
+ paddingLen += padding
+ if header.IsLongHeader {
+ header.Length = pnLen + protocol.ByteCount(sealer.Overhead()) + payload.length + paddingLen
+ }
+
+ hdrOffset := buffer.Len()
+ buf := bytes.NewBuffer(buffer.Data)
+ if err := header.Write(buf, p.version); err != nil {
+ return nil, err
+ }
+ payloadOffset := buf.Len()
+
+ if payload.ack != nil {
+ if err := payload.ack.Write(buf, p.version); err != nil {
+ return nil, err
+ }
+ }
+ if paddingLen > 0 {
+ buf.Write(make([]byte, paddingLen))
+ }
+ for _, frame := range payload.frames {
+ if err := frame.Write(buf, p.version); err != nil {
+ return nil, err
+ }
+ }
+
+ if payloadSize := protocol.ByteCount(buf.Len()-payloadOffset) - paddingLen; payloadSize != payload.length {
+ return nil, fmt.Errorf("PacketPacker BUG: payload size inconsistent (expected %d, got %d bytes)", payload.length, payloadSize)
+ }
+ if !isMTUProbePacket {
+ if size := protocol.ByteCount(buf.Len() + sealer.Overhead()); size > p.maxPacketSize {
+ return nil, fmt.Errorf("PacketPacker BUG: packet too large (%d bytes, allowed %d bytes)", size, p.maxPacketSize)
+ }
+ }
+
+ raw := buffer.Data
+ // encrypt the packet
+ raw = raw[:buf.Len()]
+ _ = sealer.Seal(raw[payloadOffset:payloadOffset], raw[payloadOffset:], header.PacketNumber, raw[hdrOffset:payloadOffset])
+ raw = raw[0 : buf.Len()+sealer.Overhead()]
+ // apply header protection
+ pnOffset := payloadOffset - int(header.PacketNumberLen)
+ sealer.EncryptHeader(raw[pnOffset+4:pnOffset+4+16], &raw[hdrOffset], raw[pnOffset:payloadOffset])
+ buffer.Data = raw
+
+ num := p.pnManager.PopPacketNumber(encLevel)
+ if num != header.PacketNumber {
+ return nil, errors.New("packetPacker BUG: Peeked and Popped packet numbers do not match")
+ }
+ return &packetContents{
+ header: header,
+ ack: payload.ack,
+ frames: payload.frames,
+ length: buffer.Len() - hdrOffset,
+ }, nil
+}
+
+func (p *packetPacker) SetToken(token []byte) {
+ p.token = token
+}
+
+// When a higher MTU is discovered, use it.
+func (p *packetPacker) SetMaxPacketSize(s protocol.ByteCount) {
+ p.maxPacketSize = s
+}
+
+// If the peer sets a max_packet_size that's smaller than the size we're currently using,
+// we need to reduce the size of packets we send.
+func (p *packetPacker) HandleTransportParameters(params *wire.TransportParameters) {
+ if params.MaxUDPPayloadSize != 0 {
+ p.maxPacketSize = utils.MinByteCount(p.maxPacketSize, params.MaxUDPPayloadSize)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go b/vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go
new file mode 100644
index 00000000..f78c6a63
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/packet_unpacker.go
@@ -0,0 +1,201 @@
+package quic
+
+import (
+ "bytes"
+ "fmt"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/handshake"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type headerDecryptor interface {
+ DecryptHeader(sample []byte, firstByte *byte, pnBytes []byte)
+}
+
+type headerParseError struct {
+ err error
+}
+
+func (e *headerParseError) Is(err error) bool {
+ _, ok := err.(*headerParseError)
+ return ok
+}
+
+func (e *headerParseError) Unwrap() error {
+ return e.err
+}
+
+func (e *headerParseError) Error() string {
+ return e.err.Error()
+}
+
+type unpackedPacket struct {
+ packetNumber protocol.PacketNumber // the decoded packet number
+ hdr *wire.ExtendedHeader
+ encryptionLevel protocol.EncryptionLevel
+ data []byte
+}
+
+// The packetUnpacker unpacks QUIC packets.
+type packetUnpacker struct {
+ cs handshake.CryptoSetup
+
+ version protocol.VersionNumber
+}
+
+var _ unpacker = &packetUnpacker{}
+
+func newPacketUnpacker(cs handshake.CryptoSetup, version protocol.VersionNumber) unpacker {
+ return &packetUnpacker{
+ cs: cs,
+ version: version,
+ }
+}
+
+// If the reserved bits are invalid, the error is wire.ErrInvalidReservedBits.
+// If any other error occurred when parsing the header, the error is of type headerParseError.
+// If decrypting the payload fails for any reason, the error is the error returned by the AEAD.
+func (u *packetUnpacker) Unpack(hdr *wire.Header, rcvTime time.Time, data []byte) (*unpackedPacket, error) {
+ var encLevel protocol.EncryptionLevel
+ var extHdr *wire.ExtendedHeader
+ var decrypted []byte
+ //nolint:exhaustive // Retry packets can't be unpacked.
+ switch hdr.Type {
+ case protocol.PacketTypeInitial:
+ encLevel = protocol.EncryptionInitial
+ opener, err := u.cs.GetInitialOpener()
+ if err != nil {
+ return nil, err
+ }
+ extHdr, decrypted, err = u.unpackLongHeaderPacket(opener, hdr, data)
+ if err != nil {
+ return nil, err
+ }
+ case protocol.PacketTypeHandshake:
+ encLevel = protocol.EncryptionHandshake
+ opener, err := u.cs.GetHandshakeOpener()
+ if err != nil {
+ return nil, err
+ }
+ extHdr, decrypted, err = u.unpackLongHeaderPacket(opener, hdr, data)
+ if err != nil {
+ return nil, err
+ }
+ case protocol.PacketType0RTT:
+ encLevel = protocol.Encryption0RTT
+ opener, err := u.cs.Get0RTTOpener()
+ if err != nil {
+ return nil, err
+ }
+ extHdr, decrypted, err = u.unpackLongHeaderPacket(opener, hdr, data)
+ if err != nil {
+ return nil, err
+ }
+ default:
+ if hdr.IsLongHeader {
+ return nil, fmt.Errorf("unknown packet type: %s", hdr.Type)
+ }
+ encLevel = protocol.Encryption1RTT
+ opener, err := u.cs.Get1RTTOpener()
+ if err != nil {
+ return nil, err
+ }
+ extHdr, decrypted, err = u.unpackShortHeaderPacket(opener, hdr, rcvTime, data)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return &unpackedPacket{
+ hdr: extHdr,
+ packetNumber: extHdr.PacketNumber,
+ encryptionLevel: encLevel,
+ data: decrypted,
+ }, nil
+}
+
+func (u *packetUnpacker) unpackLongHeaderPacket(opener handshake.LongHeaderOpener, hdr *wire.Header, data []byte) (*wire.ExtendedHeader, []byte, error) {
+ extHdr, parseErr := u.unpackHeader(opener, hdr, data)
+ // If the reserved bits are set incorrectly, we still need to continue unpacking.
+ // This avoids a timing side-channel, which otherwise might allow an attacker
+ // to gain information about the header encryption.
+ if parseErr != nil && parseErr != wire.ErrInvalidReservedBits {
+ return nil, nil, parseErr
+ }
+ extHdrLen := extHdr.ParsedLen()
+ extHdr.PacketNumber = opener.DecodePacketNumber(extHdr.PacketNumber, extHdr.PacketNumberLen)
+ decrypted, err := opener.Open(data[extHdrLen:extHdrLen], data[extHdrLen:], extHdr.PacketNumber, data[:extHdrLen])
+ if err != nil {
+ return nil, nil, err
+ }
+ if parseErr != nil {
+ return nil, nil, parseErr
+ }
+ return extHdr, decrypted, nil
+}
+
+func (u *packetUnpacker) unpackShortHeaderPacket(
+ opener handshake.ShortHeaderOpener,
+ hdr *wire.Header,
+ rcvTime time.Time,
+ data []byte,
+) (*wire.ExtendedHeader, []byte, error) {
+ extHdr, parseErr := u.unpackHeader(opener, hdr, data)
+ // If the reserved bits are set incorrectly, we still need to continue unpacking.
+ // This avoids a timing side-channel, which otherwise might allow an attacker
+ // to gain information about the header encryption.
+ if parseErr != nil && parseErr != wire.ErrInvalidReservedBits {
+ return nil, nil, parseErr
+ }
+ extHdr.PacketNumber = opener.DecodePacketNumber(extHdr.PacketNumber, extHdr.PacketNumberLen)
+ extHdrLen := extHdr.ParsedLen()
+ decrypted, err := opener.Open(data[extHdrLen:extHdrLen], data[extHdrLen:], rcvTime, extHdr.PacketNumber, extHdr.KeyPhase, data[:extHdrLen])
+ if err != nil {
+ return nil, nil, err
+ }
+ if parseErr != nil {
+ return nil, nil, parseErr
+ }
+ return extHdr, decrypted, nil
+}
+
+// The error is either nil, a wire.ErrInvalidReservedBits or of type headerParseError.
+func (u *packetUnpacker) unpackHeader(hd headerDecryptor, hdr *wire.Header, data []byte) (*wire.ExtendedHeader, error) {
+ extHdr, err := unpackHeader(hd, hdr, data, u.version)
+ if err != nil && err != wire.ErrInvalidReservedBits {
+ return nil, &headerParseError{err: err}
+ }
+ return extHdr, err
+}
+
+func unpackHeader(hd headerDecryptor, hdr *wire.Header, data []byte, version protocol.VersionNumber) (*wire.ExtendedHeader, error) {
+ r := bytes.NewReader(data)
+
+ hdrLen := hdr.ParsedLen()
+ if protocol.ByteCount(len(data)) < hdrLen+4+16 {
+ //nolint:stylecheck
+ return nil, fmt.Errorf("Packet too small. Expected at least 20 bytes after the header, got %d", protocol.ByteCount(len(data))-hdrLen)
+ }
+ // The packet number can be up to 4 bytes long, but we won't know the length until we decrypt it.
+ // 1. save a copy of the 4 bytes
+ origPNBytes := make([]byte, 4)
+ copy(origPNBytes, data[hdrLen:hdrLen+4])
+ // 2. decrypt the header, assuming a 4 byte packet number
+ hd.DecryptHeader(
+ data[hdrLen+4:hdrLen+4+16],
+ &data[0],
+ data[hdrLen:hdrLen+4],
+ )
+ // 3. parse the header (and learn the actual length of the packet number)
+ extHdr, parseErr := hdr.ParseExtended(r, version)
+ if parseErr != nil && parseErr != wire.ErrInvalidReservedBits {
+ return nil, parseErr
+ }
+ // 4. if the packet number is shorter than 4 bytes, replace the remaining bytes with the copy we saved earlier
+ if extHdr.PacketNumberLen != protocol.PacketNumberLen4 {
+ copy(data[extHdr.ParsedLen():hdrLen+4], origPNBytes[int(extHdr.PacketNumberLen):])
+ }
+ return extHdr, parseErr
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/quicvarint/varint.go b/vendor/github.com/lucas-clemente/quic-go/quicvarint/varint.go
new file mode 100644
index 00000000..fd3ae11d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/quicvarint/varint.go
@@ -0,0 +1,134 @@
+package quicvarint
+
+import (
+ "bytes"
+ "fmt"
+ "io"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// taken from the QUIC draft
+const (
+ maxVarInt1 = 63
+ maxVarInt2 = 16383
+ maxVarInt4 = 1073741823
+ maxVarInt8 = 4611686018427387903
+)
+
+// Read reads a number in the QUIC varint format
+func Read(b io.ByteReader) (uint64, error) {
+ firstByte, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ // the first two bits of the first byte encode the length
+ len := 1 << ((firstByte & 0xc0) >> 6)
+ b1 := firstByte & (0xff - 0xc0)
+ if len == 1 {
+ return uint64(b1), nil
+ }
+ b2, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ if len == 2 {
+ return uint64(b2) + uint64(b1)<<8, nil
+ }
+ b3, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ b4, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ if len == 4 {
+ return uint64(b4) + uint64(b3)<<8 + uint64(b2)<<16 + uint64(b1)<<24, nil
+ }
+ b5, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ b6, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ b7, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ b8, err := b.ReadByte()
+ if err != nil {
+ return 0, err
+ }
+ return uint64(b8) + uint64(b7)<<8 + uint64(b6)<<16 + uint64(b5)<<24 + uint64(b4)<<32 + uint64(b3)<<40 + uint64(b2)<<48 + uint64(b1)<<56, nil
+}
+
+// Write writes a number in the QUIC varint format
+func Write(b *bytes.Buffer, i uint64) {
+ if i <= maxVarInt1 {
+ b.WriteByte(uint8(i))
+ } else if i <= maxVarInt2 {
+ b.Write([]byte{uint8(i>>8) | 0x40, uint8(i)})
+ } else if i <= maxVarInt4 {
+ b.Write([]byte{uint8(i>>24) | 0x80, uint8(i >> 16), uint8(i >> 8), uint8(i)})
+ } else if i <= maxVarInt8 {
+ b.Write([]byte{
+ uint8(i>>56) | 0xc0, uint8(i >> 48), uint8(i >> 40), uint8(i >> 32),
+ uint8(i >> 24), uint8(i >> 16), uint8(i >> 8), uint8(i),
+ })
+ } else {
+ panic(fmt.Sprintf("%#x doesn't fit into 62 bits", i))
+ }
+}
+
+// WriteWithLen writes a number in the QUIC varint format, with the desired length.
+func WriteWithLen(b *bytes.Buffer, i uint64, length protocol.ByteCount) {
+ if length != 1 && length != 2 && length != 4 && length != 8 {
+ panic("invalid varint length")
+ }
+ l := Len(i)
+ if l == length {
+ Write(b, i)
+ return
+ }
+ if l > length {
+ panic(fmt.Sprintf("cannot encode %d in %d bytes", i, length))
+ }
+ if length == 2 {
+ b.WriteByte(0b01000000)
+ } else if length == 4 {
+ b.WriteByte(0b10000000)
+ } else if length == 8 {
+ b.WriteByte(0b11000000)
+ }
+ for j := protocol.ByteCount(1); j < length-l; j++ {
+ b.WriteByte(0)
+ }
+ for j := protocol.ByteCount(0); j < l; j++ {
+ b.WriteByte(uint8(i >> (8 * (l - 1 - j))))
+ }
+}
+
+// Len determines the number of bytes that will be needed to write a number
+func Len(i uint64) protocol.ByteCount {
+ if i <= maxVarInt1 {
+ return 1
+ }
+ if i <= maxVarInt2 {
+ return 2
+ }
+ if i <= maxVarInt4 {
+ return 4
+ }
+ if i <= maxVarInt8 {
+ return 8
+ }
+ // Don't use a fmt.Sprintf here to format the error message.
+ // The function would then exceed the inlining budget.
+ panic(struct {
+ message string
+ num uint64
+ }{"value doesn't fit into 62 bits: ", i})
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/receive_stream.go b/vendor/github.com/lucas-clemente/quic-go/receive_stream.go
new file mode 100644
index 00000000..cca3f709
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/receive_stream.go
@@ -0,0 +1,326 @@
+package quic
+
+import (
+ "fmt"
+ "io"
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type receiveStreamI interface {
+ ReceiveStream
+
+ handleStreamFrame(*wire.StreamFrame) error
+ handleResetStreamFrame(*wire.ResetStreamFrame) error
+ closeForShutdown(error)
+ getWindowUpdate() protocol.ByteCount
+}
+
+type receiveStream struct {
+ mutex sync.Mutex
+
+ streamID protocol.StreamID
+
+ sender streamSender
+
+ frameQueue *frameSorter
+ finalOffset protocol.ByteCount
+
+ currentFrame []byte
+ currentFrameDone func()
+ currentFrameIsLast bool // is the currentFrame the last frame on this stream
+ readPosInFrame int
+
+ closeForShutdownErr error
+ cancelReadErr error
+ resetRemotelyErr *StreamError
+
+ closedForShutdown bool // set when CloseForShutdown() is called
+ finRead bool // set once we read a frame with a Fin
+ canceledRead bool // set when CancelRead() is called
+ resetRemotely bool // set when HandleResetStreamFrame() is called
+
+ readChan chan struct{}
+ deadline time.Time
+
+ flowController flowcontrol.StreamFlowController
+ version protocol.VersionNumber
+}
+
+var (
+ _ ReceiveStream = &receiveStream{}
+ _ receiveStreamI = &receiveStream{}
+)
+
+func newReceiveStream(
+ streamID protocol.StreamID,
+ sender streamSender,
+ flowController flowcontrol.StreamFlowController,
+ version protocol.VersionNumber,
+) *receiveStream {
+ return &receiveStream{
+ streamID: streamID,
+ sender: sender,
+ flowController: flowController,
+ frameQueue: newFrameSorter(),
+ readChan: make(chan struct{}, 1),
+ finalOffset: protocol.MaxByteCount,
+ version: version,
+ }
+}
+
+func (s *receiveStream) StreamID() protocol.StreamID {
+ return s.streamID
+}
+
+// Read implements io.Reader. It is not thread safe!
+func (s *receiveStream) Read(p []byte) (int, error) {
+ s.mutex.Lock()
+ completed, n, err := s.readImpl(p)
+ s.mutex.Unlock()
+
+ if completed {
+ s.sender.onStreamCompleted(s.streamID)
+ }
+ return n, err
+}
+
+func (s *receiveStream) readImpl(p []byte) (bool /*stream completed */, int, error) {
+ if s.finRead {
+ return false, 0, io.EOF
+ }
+ if s.canceledRead {
+ return false, 0, s.cancelReadErr
+ }
+ if s.resetRemotely {
+ return false, 0, s.resetRemotelyErr
+ }
+ if s.closedForShutdown {
+ return false, 0, s.closeForShutdownErr
+ }
+
+ bytesRead := 0
+ var deadlineTimer *utils.Timer
+ for bytesRead < len(p) {
+ if s.currentFrame == nil || s.readPosInFrame >= len(s.currentFrame) {
+ s.dequeueNextFrame()
+ }
+ if s.currentFrame == nil && bytesRead > 0 {
+ return false, bytesRead, s.closeForShutdownErr
+ }
+
+ for {
+ // Stop waiting on errors
+ if s.closedForShutdown {
+ return false, bytesRead, s.closeForShutdownErr
+ }
+ if s.canceledRead {
+ return false, bytesRead, s.cancelReadErr
+ }
+ if s.resetRemotely {
+ return false, bytesRead, s.resetRemotelyErr
+ }
+
+ deadline := s.deadline
+ if !deadline.IsZero() {
+ if !time.Now().Before(deadline) {
+ return false, bytesRead, errDeadline
+ }
+ if deadlineTimer == nil {
+ deadlineTimer = utils.NewTimer()
+ defer deadlineTimer.Stop()
+ }
+ deadlineTimer.Reset(deadline)
+ }
+
+ if s.currentFrame != nil || s.currentFrameIsLast {
+ break
+ }
+
+ s.mutex.Unlock()
+ if deadline.IsZero() {
+ <-s.readChan
+ } else {
+ select {
+ case <-s.readChan:
+ case <-deadlineTimer.Chan():
+ deadlineTimer.SetRead()
+ }
+ }
+ s.mutex.Lock()
+ if s.currentFrame == nil {
+ s.dequeueNextFrame()
+ }
+ }
+
+ if bytesRead > len(p) {
+ return false, bytesRead, fmt.Errorf("BUG: bytesRead (%d) > len(p) (%d) in stream.Read", bytesRead, len(p))
+ }
+ if s.readPosInFrame > len(s.currentFrame) {
+ return false, bytesRead, fmt.Errorf("BUG: readPosInFrame (%d) > frame.DataLen (%d) in stream.Read", s.readPosInFrame, len(s.currentFrame))
+ }
+
+ s.mutex.Unlock()
+
+ m := copy(p[bytesRead:], s.currentFrame[s.readPosInFrame:])
+ s.readPosInFrame += m
+ bytesRead += m
+
+ s.mutex.Lock()
+ // when a RESET_STREAM was received, the was already informed about the final byteOffset for this stream
+ if !s.resetRemotely {
+ s.flowController.AddBytesRead(protocol.ByteCount(m))
+ }
+
+ if s.readPosInFrame >= len(s.currentFrame) && s.currentFrameIsLast {
+ s.finRead = true
+ return true, bytesRead, io.EOF
+ }
+ }
+ return false, bytesRead, nil
+}
+
+func (s *receiveStream) dequeueNextFrame() {
+ var offset protocol.ByteCount
+ // We're done with the last frame. Release the buffer.
+ if s.currentFrameDone != nil {
+ s.currentFrameDone()
+ }
+ offset, s.currentFrame, s.currentFrameDone = s.frameQueue.Pop()
+ s.currentFrameIsLast = offset+protocol.ByteCount(len(s.currentFrame)) >= s.finalOffset
+ s.readPosInFrame = 0
+}
+
+func (s *receiveStream) CancelRead(errorCode StreamErrorCode) {
+ s.mutex.Lock()
+ completed := s.cancelReadImpl(errorCode)
+ s.mutex.Unlock()
+
+ if completed {
+ s.flowController.Abandon()
+ s.sender.onStreamCompleted(s.streamID)
+ }
+}
+
+func (s *receiveStream) cancelReadImpl(errorCode qerr.StreamErrorCode) bool /* completed */ {
+ if s.finRead || s.canceledRead || s.resetRemotely {
+ return false
+ }
+ s.canceledRead = true
+ s.cancelReadErr = fmt.Errorf("Read on stream %d canceled with error code %d", s.streamID, errorCode)
+ s.signalRead()
+ s.sender.queueControlFrame(&wire.StopSendingFrame{
+ StreamID: s.streamID,
+ ErrorCode: errorCode,
+ })
+ // We're done with this stream if the final offset was already received.
+ return s.finalOffset != protocol.MaxByteCount
+}
+
+func (s *receiveStream) handleStreamFrame(frame *wire.StreamFrame) error {
+ s.mutex.Lock()
+ completed, err := s.handleStreamFrameImpl(frame)
+ s.mutex.Unlock()
+
+ if completed {
+ s.flowController.Abandon()
+ s.sender.onStreamCompleted(s.streamID)
+ }
+ return err
+}
+
+func (s *receiveStream) handleStreamFrameImpl(frame *wire.StreamFrame) (bool /* completed */, error) {
+ maxOffset := frame.Offset + frame.DataLen()
+ if err := s.flowController.UpdateHighestReceived(maxOffset, frame.Fin); err != nil {
+ return false, err
+ }
+ var newlyRcvdFinalOffset bool
+ if frame.Fin {
+ newlyRcvdFinalOffset = s.finalOffset == protocol.MaxByteCount
+ s.finalOffset = maxOffset
+ }
+ if s.canceledRead {
+ return newlyRcvdFinalOffset, nil
+ }
+ if err := s.frameQueue.Push(frame.Data, frame.Offset, frame.PutBack); err != nil {
+ return false, err
+ }
+ s.signalRead()
+ return false, nil
+}
+
+func (s *receiveStream) handleResetStreamFrame(frame *wire.ResetStreamFrame) error {
+ s.mutex.Lock()
+ completed, err := s.handleResetStreamFrameImpl(frame)
+ s.mutex.Unlock()
+
+ if completed {
+ s.flowController.Abandon()
+ s.sender.onStreamCompleted(s.streamID)
+ }
+ return err
+}
+
+func (s *receiveStream) handleResetStreamFrameImpl(frame *wire.ResetStreamFrame) (bool /*completed */, error) {
+ if s.closedForShutdown {
+ return false, nil
+ }
+ if err := s.flowController.UpdateHighestReceived(frame.FinalSize, true); err != nil {
+ return false, err
+ }
+ newlyRcvdFinalOffset := s.finalOffset == protocol.MaxByteCount
+ s.finalOffset = frame.FinalSize
+
+ // ignore duplicate RESET_STREAM frames for this stream (after checking their final offset)
+ if s.resetRemotely {
+ return false, nil
+ }
+ s.resetRemotely = true
+ s.resetRemotelyErr = &StreamError{
+ StreamID: s.streamID,
+ ErrorCode: frame.ErrorCode,
+ }
+ s.signalRead()
+ return newlyRcvdFinalOffset, nil
+}
+
+func (s *receiveStream) CloseRemote(offset protocol.ByteCount) {
+ s.handleStreamFrame(&wire.StreamFrame{Fin: true, Offset: offset})
+}
+
+func (s *receiveStream) SetReadDeadline(t time.Time) error {
+ s.mutex.Lock()
+ s.deadline = t
+ s.mutex.Unlock()
+ s.signalRead()
+ return nil
+}
+
+// CloseForShutdown closes a stream abruptly.
+// It makes Read unblock (and return the error) immediately.
+// The peer will NOT be informed about this: the stream is closed without sending a FIN or RESET.
+func (s *receiveStream) closeForShutdown(err error) {
+ s.mutex.Lock()
+ s.closedForShutdown = true
+ s.closeForShutdownErr = err
+ s.mutex.Unlock()
+ s.signalRead()
+}
+
+func (s *receiveStream) getWindowUpdate() protocol.ByteCount {
+ return s.flowController.GetWindowUpdate()
+}
+
+// signalRead performs a non-blocking send on the readChan
+func (s *receiveStream) signalRead() {
+ select {
+ case s.readChan <- struct{}{}:
+ default:
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/retransmission_queue.go b/vendor/github.com/lucas-clemente/quic-go/retransmission_queue.go
new file mode 100644
index 00000000..0cfbbc4d
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/retransmission_queue.go
@@ -0,0 +1,131 @@
+package quic
+
+import (
+ "fmt"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type retransmissionQueue struct {
+ initial []wire.Frame
+ initialCryptoData []*wire.CryptoFrame
+
+ handshake []wire.Frame
+ handshakeCryptoData []*wire.CryptoFrame
+
+ appData []wire.Frame
+
+ version protocol.VersionNumber
+}
+
+func newRetransmissionQueue(ver protocol.VersionNumber) *retransmissionQueue {
+ return &retransmissionQueue{version: ver}
+}
+
+func (q *retransmissionQueue) AddInitial(f wire.Frame) {
+ if cf, ok := f.(*wire.CryptoFrame); ok {
+ q.initialCryptoData = append(q.initialCryptoData, cf)
+ return
+ }
+ q.initial = append(q.initial, f)
+}
+
+func (q *retransmissionQueue) AddHandshake(f wire.Frame) {
+ if cf, ok := f.(*wire.CryptoFrame); ok {
+ q.handshakeCryptoData = append(q.handshakeCryptoData, cf)
+ return
+ }
+ q.handshake = append(q.handshake, f)
+}
+
+func (q *retransmissionQueue) HasInitialData() bool {
+ return len(q.initialCryptoData) > 0 || len(q.initial) > 0
+}
+
+func (q *retransmissionQueue) HasHandshakeData() bool {
+ return len(q.handshakeCryptoData) > 0 || len(q.handshake) > 0
+}
+
+func (q *retransmissionQueue) HasAppData() bool {
+ return len(q.appData) > 0
+}
+
+func (q *retransmissionQueue) AddAppData(f wire.Frame) {
+ if _, ok := f.(*wire.StreamFrame); ok {
+ panic("STREAM frames are handled with their respective streams.")
+ }
+ q.appData = append(q.appData, f)
+}
+
+func (q *retransmissionQueue) GetInitialFrame(maxLen protocol.ByteCount) wire.Frame {
+ if len(q.initialCryptoData) > 0 {
+ f := q.initialCryptoData[0]
+ newFrame, needsSplit := f.MaybeSplitOffFrame(maxLen, q.version)
+ if newFrame == nil && !needsSplit { // the whole frame fits
+ q.initialCryptoData = q.initialCryptoData[1:]
+ return f
+ }
+ if newFrame != nil { // frame was split. Leave the original frame in the queue.
+ return newFrame
+ }
+ }
+ if len(q.initial) == 0 {
+ return nil
+ }
+ f := q.initial[0]
+ if f.Length(q.version) > maxLen {
+ return nil
+ }
+ q.initial = q.initial[1:]
+ return f
+}
+
+func (q *retransmissionQueue) GetHandshakeFrame(maxLen protocol.ByteCount) wire.Frame {
+ if len(q.handshakeCryptoData) > 0 {
+ f := q.handshakeCryptoData[0]
+ newFrame, needsSplit := f.MaybeSplitOffFrame(maxLen, q.version)
+ if newFrame == nil && !needsSplit { // the whole frame fits
+ q.handshakeCryptoData = q.handshakeCryptoData[1:]
+ return f
+ }
+ if newFrame != nil { // frame was split. Leave the original frame in the queue.
+ return newFrame
+ }
+ }
+ if len(q.handshake) == 0 {
+ return nil
+ }
+ f := q.handshake[0]
+ if f.Length(q.version) > maxLen {
+ return nil
+ }
+ q.handshake = q.handshake[1:]
+ return f
+}
+
+func (q *retransmissionQueue) GetAppDataFrame(maxLen protocol.ByteCount) wire.Frame {
+ if len(q.appData) == 0 {
+ return nil
+ }
+ f := q.appData[0]
+ if f.Length(q.version) > maxLen {
+ return nil
+ }
+ q.appData = q.appData[1:]
+ return f
+}
+
+func (q *retransmissionQueue) DropPackets(encLevel protocol.EncryptionLevel) {
+ //nolint:exhaustive // Can only drop Initial and Handshake packet number space.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ q.initial = nil
+ q.initialCryptoData = nil
+ case protocol.EncryptionHandshake:
+ q.handshake = nil
+ q.handshakeCryptoData = nil
+ default:
+ panic(fmt.Sprintf("unexpected encryption level: %s", encLevel))
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/send_conn.go b/vendor/github.com/lucas-clemente/quic-go/send_conn.go
new file mode 100644
index 00000000..b276af11
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/send_conn.go
@@ -0,0 +1,74 @@
+package quic
+
+import (
+ "net"
+)
+
+// A sendConn allows sending using a simple Write() on a non-connected packet conn.
+type sendConn interface {
+ Write([]byte) error
+ Close() error
+ LocalAddr() net.Addr
+ RemoteAddr() net.Addr
+}
+
+type sconn struct {
+ connection
+
+ remoteAddr net.Addr
+ info *packetInfo
+ oob []byte
+}
+
+var _ sendConn = &sconn{}
+
+func newSendConn(c connection, remote net.Addr, info *packetInfo) sendConn {
+ return &sconn{
+ connection: c,
+ remoteAddr: remote,
+ info: info,
+ oob: info.OOB(),
+ }
+}
+
+func (c *sconn) Write(p []byte) error {
+ _, err := c.WritePacket(p, c.remoteAddr, c.oob)
+ return err
+}
+
+func (c *sconn) RemoteAddr() net.Addr {
+ return c.remoteAddr
+}
+
+func (c *sconn) LocalAddr() net.Addr {
+ addr := c.connection.LocalAddr()
+ if c.info != nil {
+ if udpAddr, ok := addr.(*net.UDPAddr); ok {
+ addrCopy := *udpAddr
+ addrCopy.IP = c.info.addr
+ addr = &addrCopy
+ }
+ }
+ return addr
+}
+
+type spconn struct {
+ net.PacketConn
+
+ remoteAddr net.Addr
+}
+
+var _ sendConn = &spconn{}
+
+func newSendPconn(c net.PacketConn, remote net.Addr) sendConn {
+ return &spconn{PacketConn: c, remoteAddr: remote}
+}
+
+func (c *spconn) Write(p []byte) error {
+ _, err := c.WriteTo(p, c.remoteAddr)
+ return err
+}
+
+func (c *spconn) RemoteAddr() net.Addr {
+ return c.remoteAddr
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/send_queue.go b/vendor/github.com/lucas-clemente/quic-go/send_queue.go
new file mode 100644
index 00000000..bf25dded
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/send_queue.go
@@ -0,0 +1,82 @@
+package quic
+
+type sender interface {
+ Send(p *packetBuffer)
+ Run() error
+ WouldBlock() bool
+ Available() <-chan struct{}
+ Close()
+}
+
+type sendQueue struct {
+ queue chan *packetBuffer
+ closeCalled chan struct{} // runStopped when Close() is called
+ runStopped chan struct{} // runStopped when the run loop returns
+ available chan struct{}
+ conn sendConn
+}
+
+var _ sender = &sendQueue{}
+
+const sendQueueCapacity = 8
+
+func newSendQueue(conn sendConn) sender {
+ return &sendQueue{
+ conn: conn,
+ runStopped: make(chan struct{}),
+ closeCalled: make(chan struct{}),
+ available: make(chan struct{}, 1),
+ queue: make(chan *packetBuffer, sendQueueCapacity),
+ }
+}
+
+// Send sends out a packet. It's guaranteed to not block.
+// Callers need to make sure that there's actually space in the send queue by calling WouldBlock.
+// Otherwise Send will panic.
+func (h *sendQueue) Send(p *packetBuffer) {
+ select {
+ case h.queue <- p:
+ case <-h.runStopped:
+ default:
+ panic("sendQueue.Send would have blocked")
+ }
+}
+
+func (h *sendQueue) WouldBlock() bool {
+ return len(h.queue) == sendQueueCapacity
+}
+
+func (h *sendQueue) Available() <-chan struct{} {
+ return h.available
+}
+
+func (h *sendQueue) Run() error {
+ defer close(h.runStopped)
+ var shouldClose bool
+ for {
+ if shouldClose && len(h.queue) == 0 {
+ return nil
+ }
+ select {
+ case <-h.closeCalled:
+ h.closeCalled = nil // prevent this case from being selected again
+ // make sure that all queued packets are actually sent out
+ shouldClose = true
+ case p := <-h.queue:
+ if err := h.conn.Write(p.Data); err != nil {
+ return err
+ }
+ p.Release()
+ select {
+ case h.available <- struct{}{}:
+ default:
+ }
+ }
+ }
+}
+
+func (h *sendQueue) Close() {
+ close(h.closeCalled)
+ // wait until the run loop returned
+ <-h.runStopped
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/send_stream.go b/vendor/github.com/lucas-clemente/quic-go/send_stream.go
new file mode 100644
index 00000000..946243ca
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/send_stream.go
@@ -0,0 +1,488 @@
+package quic
+
+import (
+ "context"
+ "fmt"
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type sendStreamI interface {
+ SendStream
+ handleStopSendingFrame(*wire.StopSendingFrame)
+ hasData() bool
+ popStreamFrame(maxBytes protocol.ByteCount) (*ackhandler.Frame, bool)
+ closeForShutdown(error)
+ updateSendWindow(protocol.ByteCount)
+}
+
+type sendStream struct {
+ mutex sync.Mutex
+
+ numOutstandingFrames int64
+ retransmissionQueue []*wire.StreamFrame
+
+ ctx context.Context
+ ctxCancel context.CancelFunc
+
+ streamID protocol.StreamID
+ sender streamSender
+
+ writeOffset protocol.ByteCount
+
+ cancelWriteErr error
+ closeForShutdownErr error
+
+ closedForShutdown bool // set when CloseForShutdown() is called
+ finishedWriting bool // set once Close() is called
+ canceledWrite bool // set when CancelWrite() is called, or a STOP_SENDING frame is received
+ finSent bool // set when a STREAM_FRAME with FIN bit has been sent
+ completed bool // set when this stream has been reported to the streamSender as completed
+
+ dataForWriting []byte // during a Write() call, this slice is the part of p that still needs to be sent out
+ nextFrame *wire.StreamFrame
+
+ writeChan chan struct{}
+ deadline time.Time
+
+ flowController flowcontrol.StreamFlowController
+
+ version protocol.VersionNumber
+}
+
+var (
+ _ SendStream = &sendStream{}
+ _ sendStreamI = &sendStream{}
+)
+
+func newSendStream(
+ streamID protocol.StreamID,
+ sender streamSender,
+ flowController flowcontrol.StreamFlowController,
+ version protocol.VersionNumber,
+) *sendStream {
+ s := &sendStream{
+ streamID: streamID,
+ sender: sender,
+ flowController: flowController,
+ writeChan: make(chan struct{}, 1),
+ version: version,
+ }
+ s.ctx, s.ctxCancel = context.WithCancel(context.Background())
+ return s
+}
+
+func (s *sendStream) StreamID() protocol.StreamID {
+ return s.streamID // same for receiveStream and sendStream
+}
+
+func (s *sendStream) Write(p []byte) (int, error) {
+ s.mutex.Lock()
+ defer s.mutex.Unlock()
+
+ if s.finishedWriting {
+ return 0, fmt.Errorf("write on closed stream %d", s.streamID)
+ }
+ if s.canceledWrite {
+ return 0, s.cancelWriteErr
+ }
+ if s.closeForShutdownErr != nil {
+ return 0, s.closeForShutdownErr
+ }
+ if !s.deadline.IsZero() && !time.Now().Before(s.deadline) {
+ return 0, errDeadline
+ }
+ if len(p) == 0 {
+ return 0, nil
+ }
+
+ s.dataForWriting = p
+
+ var (
+ deadlineTimer *utils.Timer
+ bytesWritten int
+ notifiedSender bool
+ )
+ for {
+ var copied bool
+ var deadline time.Time
+ // As soon as dataForWriting becomes smaller than a certain size x, we copy all the data to a STREAM frame (s.nextFrame),
+ // which can the be popped the next time we assemble a packet.
+ // This allows us to return Write() when all data but x bytes have been sent out.
+ // When the user now calls Close(), this is much more likely to happen before we popped that last STREAM frame,
+ // allowing us to set the FIN bit on that frame (instead of sending an empty STREAM frame with FIN).
+ if s.canBufferStreamFrame() && len(s.dataForWriting) > 0 {
+ if s.nextFrame == nil {
+ f := wire.GetStreamFrame()
+ f.Offset = s.writeOffset
+ f.StreamID = s.streamID
+ f.DataLenPresent = true
+ f.Data = f.Data[:len(s.dataForWriting)]
+ copy(f.Data, s.dataForWriting)
+ s.nextFrame = f
+ } else {
+ l := len(s.nextFrame.Data)
+ s.nextFrame.Data = s.nextFrame.Data[:l+len(s.dataForWriting)]
+ copy(s.nextFrame.Data[l:], s.dataForWriting)
+ }
+ s.dataForWriting = nil
+ bytesWritten = len(p)
+ copied = true
+ } else {
+ bytesWritten = len(p) - len(s.dataForWriting)
+ deadline = s.deadline
+ if !deadline.IsZero() {
+ if !time.Now().Before(deadline) {
+ s.dataForWriting = nil
+ return bytesWritten, errDeadline
+ }
+ if deadlineTimer == nil {
+ deadlineTimer = utils.NewTimer()
+ defer deadlineTimer.Stop()
+ }
+ deadlineTimer.Reset(deadline)
+ }
+ if s.dataForWriting == nil || s.canceledWrite || s.closedForShutdown {
+ break
+ }
+ }
+
+ s.mutex.Unlock()
+ if !notifiedSender {
+ s.sender.onHasStreamData(s.streamID) // must be called without holding the mutex
+ notifiedSender = true
+ }
+ if copied {
+ s.mutex.Lock()
+ break
+ }
+ if deadline.IsZero() {
+ <-s.writeChan
+ } else {
+ select {
+ case <-s.writeChan:
+ case <-deadlineTimer.Chan():
+ deadlineTimer.SetRead()
+ }
+ }
+ s.mutex.Lock()
+ }
+
+ if bytesWritten == len(p) {
+ return bytesWritten, nil
+ }
+ if s.closeForShutdownErr != nil {
+ return bytesWritten, s.closeForShutdownErr
+ } else if s.cancelWriteErr != nil {
+ return bytesWritten, s.cancelWriteErr
+ }
+ return bytesWritten, nil
+}
+
+func (s *sendStream) canBufferStreamFrame() bool {
+ var l protocol.ByteCount
+ if s.nextFrame != nil {
+ l = s.nextFrame.DataLen()
+ }
+ return l+protocol.ByteCount(len(s.dataForWriting)) <= protocol.MaxPacketBufferSize
+}
+
+// popStreamFrame returns the next STREAM frame that is supposed to be sent on this stream
+// maxBytes is the maximum length this frame (including frame header) will have.
+func (s *sendStream) popStreamFrame(maxBytes protocol.ByteCount) (*ackhandler.Frame, bool /* has more data to send */) {
+ s.mutex.Lock()
+ f, hasMoreData := s.popNewOrRetransmittedStreamFrame(maxBytes)
+ if f != nil {
+ s.numOutstandingFrames++
+ }
+ s.mutex.Unlock()
+
+ if f == nil {
+ return nil, hasMoreData
+ }
+ return &ackhandler.Frame{Frame: f, OnLost: s.queueRetransmission, OnAcked: s.frameAcked}, hasMoreData
+}
+
+func (s *sendStream) popNewOrRetransmittedStreamFrame(maxBytes protocol.ByteCount) (*wire.StreamFrame, bool /* has more data to send */) {
+ if s.canceledWrite || s.closeForShutdownErr != nil {
+ return nil, false
+ }
+
+ if len(s.retransmissionQueue) > 0 {
+ f, hasMoreRetransmissions := s.maybeGetRetransmission(maxBytes)
+ if f != nil || hasMoreRetransmissions {
+ if f == nil {
+ return nil, true
+ }
+ // We always claim that we have more data to send.
+ // This might be incorrect, in which case there'll be a spurious call to popStreamFrame in the future.
+ return f, true
+ }
+ }
+
+ if len(s.dataForWriting) == 0 && s.nextFrame == nil {
+ if s.finishedWriting && !s.finSent {
+ s.finSent = true
+ return &wire.StreamFrame{
+ StreamID: s.streamID,
+ Offset: s.writeOffset,
+ DataLenPresent: true,
+ Fin: true,
+ }, false
+ }
+ return nil, false
+ }
+
+ sendWindow := s.flowController.SendWindowSize()
+ if sendWindow == 0 {
+ if isBlocked, offset := s.flowController.IsNewlyBlocked(); isBlocked {
+ s.sender.queueControlFrame(&wire.StreamDataBlockedFrame{
+ StreamID: s.streamID,
+ MaximumStreamData: offset,
+ })
+ return nil, false
+ }
+ return nil, true
+ }
+
+ f, hasMoreData := s.popNewStreamFrame(maxBytes, sendWindow)
+ if dataLen := f.DataLen(); dataLen > 0 {
+ s.writeOffset += f.DataLen()
+ s.flowController.AddBytesSent(f.DataLen())
+ }
+ f.Fin = s.finishedWriting && s.dataForWriting == nil && s.nextFrame == nil && !s.finSent
+ if f.Fin {
+ s.finSent = true
+ }
+ return f, hasMoreData
+}
+
+func (s *sendStream) popNewStreamFrame(maxBytes, sendWindow protocol.ByteCount) (*wire.StreamFrame, bool) {
+ if s.nextFrame != nil {
+ nextFrame := s.nextFrame
+ s.nextFrame = nil
+
+ maxDataLen := utils.MinByteCount(sendWindow, nextFrame.MaxDataLen(maxBytes, s.version))
+ if nextFrame.DataLen() > maxDataLen {
+ s.nextFrame = wire.GetStreamFrame()
+ s.nextFrame.StreamID = s.streamID
+ s.nextFrame.Offset = s.writeOffset + maxDataLen
+ s.nextFrame.Data = s.nextFrame.Data[:nextFrame.DataLen()-maxDataLen]
+ s.nextFrame.DataLenPresent = true
+ copy(s.nextFrame.Data, nextFrame.Data[maxDataLen:])
+ nextFrame.Data = nextFrame.Data[:maxDataLen]
+ } else {
+ s.signalWrite()
+ }
+ return nextFrame, s.nextFrame != nil || s.dataForWriting != nil
+ }
+
+ f := wire.GetStreamFrame()
+ f.Fin = false
+ f.StreamID = s.streamID
+ f.Offset = s.writeOffset
+ f.DataLenPresent = true
+ f.Data = f.Data[:0]
+
+ hasMoreData := s.popNewStreamFrameWithoutBuffer(f, maxBytes, sendWindow)
+ if len(f.Data) == 0 && !f.Fin {
+ f.PutBack()
+ return nil, hasMoreData
+ }
+ return f, hasMoreData
+}
+
+func (s *sendStream) popNewStreamFrameWithoutBuffer(f *wire.StreamFrame, maxBytes, sendWindow protocol.ByteCount) bool {
+ maxDataLen := f.MaxDataLen(maxBytes, s.version)
+ if maxDataLen == 0 { // a STREAM frame must have at least one byte of data
+ return s.dataForWriting != nil || s.nextFrame != nil || s.finishedWriting
+ }
+ s.getDataForWriting(f, utils.MinByteCount(maxDataLen, sendWindow))
+
+ return s.dataForWriting != nil || s.nextFrame != nil || s.finishedWriting
+}
+
+func (s *sendStream) maybeGetRetransmission(maxBytes protocol.ByteCount) (*wire.StreamFrame, bool /* has more retransmissions */) {
+ f := s.retransmissionQueue[0]
+ newFrame, needsSplit := f.MaybeSplitOffFrame(maxBytes, s.version)
+ if needsSplit {
+ return newFrame, true
+ }
+ s.retransmissionQueue = s.retransmissionQueue[1:]
+ return f, len(s.retransmissionQueue) > 0
+}
+
+func (s *sendStream) hasData() bool {
+ s.mutex.Lock()
+ hasData := len(s.dataForWriting) > 0
+ s.mutex.Unlock()
+ return hasData
+}
+
+func (s *sendStream) getDataForWriting(f *wire.StreamFrame, maxBytes protocol.ByteCount) {
+ if protocol.ByteCount(len(s.dataForWriting)) <= maxBytes {
+ f.Data = f.Data[:len(s.dataForWriting)]
+ copy(f.Data, s.dataForWriting)
+ s.dataForWriting = nil
+ s.signalWrite()
+ return
+ }
+ f.Data = f.Data[:maxBytes]
+ copy(f.Data, s.dataForWriting)
+ s.dataForWriting = s.dataForWriting[maxBytes:]
+ if s.canBufferStreamFrame() {
+ s.signalWrite()
+ }
+}
+
+func (s *sendStream) frameAcked(f wire.Frame) {
+ f.(*wire.StreamFrame).PutBack()
+
+ s.mutex.Lock()
+ if s.canceledWrite {
+ s.mutex.Unlock()
+ return
+ }
+ s.numOutstandingFrames--
+ if s.numOutstandingFrames < 0 {
+ panic("numOutStandingFrames negative")
+ }
+ newlyCompleted := s.isNewlyCompleted()
+ s.mutex.Unlock()
+
+ if newlyCompleted {
+ s.sender.onStreamCompleted(s.streamID)
+ }
+}
+
+func (s *sendStream) isNewlyCompleted() bool {
+ completed := (s.finSent || s.canceledWrite) && s.numOutstandingFrames == 0 && len(s.retransmissionQueue) == 0
+ if completed && !s.completed {
+ s.completed = true
+ return true
+ }
+ return false
+}
+
+func (s *sendStream) queueRetransmission(f wire.Frame) {
+ sf := f.(*wire.StreamFrame)
+ sf.DataLenPresent = true
+ s.mutex.Lock()
+ if s.canceledWrite {
+ s.mutex.Unlock()
+ return
+ }
+ s.retransmissionQueue = append(s.retransmissionQueue, sf)
+ s.numOutstandingFrames--
+ if s.numOutstandingFrames < 0 {
+ panic("numOutStandingFrames negative")
+ }
+ s.mutex.Unlock()
+
+ s.sender.onHasStreamData(s.streamID)
+}
+
+func (s *sendStream) Close() error {
+ s.mutex.Lock()
+ if s.closedForShutdown {
+ s.mutex.Unlock()
+ return nil
+ }
+ if s.canceledWrite {
+ s.mutex.Unlock()
+ return fmt.Errorf("close called for canceled stream %d", s.streamID)
+ }
+ s.ctxCancel()
+ s.finishedWriting = true
+ s.mutex.Unlock()
+
+ s.sender.onHasStreamData(s.streamID) // need to send the FIN, must be called without holding the mutex
+ return nil
+}
+
+func (s *sendStream) CancelWrite(errorCode StreamErrorCode) {
+ s.cancelWriteImpl(errorCode, fmt.Errorf("Write on stream %d canceled with error code %d", s.streamID, errorCode))
+}
+
+// must be called after locking the mutex
+func (s *sendStream) cancelWriteImpl(errorCode qerr.StreamErrorCode, writeErr error) {
+ s.mutex.Lock()
+ if s.canceledWrite {
+ s.mutex.Unlock()
+ return
+ }
+ s.ctxCancel()
+ s.canceledWrite = true
+ s.cancelWriteErr = writeErr
+ s.numOutstandingFrames = 0
+ s.retransmissionQueue = nil
+ newlyCompleted := s.isNewlyCompleted()
+ s.mutex.Unlock()
+
+ s.signalWrite()
+ s.sender.queueControlFrame(&wire.ResetStreamFrame{
+ StreamID: s.streamID,
+ FinalSize: s.writeOffset,
+ ErrorCode: errorCode,
+ })
+ if newlyCompleted {
+ s.sender.onStreamCompleted(s.streamID)
+ }
+}
+
+func (s *sendStream) updateSendWindow(limit protocol.ByteCount) {
+ s.mutex.Lock()
+ hasStreamData := s.dataForWriting != nil || s.nextFrame != nil
+ s.mutex.Unlock()
+
+ s.flowController.UpdateSendWindow(limit)
+ if hasStreamData {
+ s.sender.onHasStreamData(s.streamID)
+ }
+}
+
+func (s *sendStream) handleStopSendingFrame(frame *wire.StopSendingFrame) {
+ s.cancelWriteImpl(frame.ErrorCode, &StreamError{
+ StreamID: s.streamID,
+ ErrorCode: frame.ErrorCode,
+ })
+}
+
+func (s *sendStream) Context() context.Context {
+ return s.ctx
+}
+
+func (s *sendStream) SetWriteDeadline(t time.Time) error {
+ s.mutex.Lock()
+ s.deadline = t
+ s.mutex.Unlock()
+ s.signalWrite()
+ return nil
+}
+
+// CloseForShutdown closes a stream abruptly.
+// It makes Write unblock (and return the error) immediately.
+// The peer will NOT be informed about this: the stream is closed without sending a FIN or RST.
+func (s *sendStream) closeForShutdown(err error) {
+ s.mutex.Lock()
+ s.ctxCancel()
+ s.closedForShutdown = true
+ s.closeForShutdownErr = err
+ s.mutex.Unlock()
+ s.signalWrite()
+}
+
+// signalWrite performs a non-blocking send on the writeChan
+func (s *sendStream) signalWrite() {
+ select {
+ case s.writeChan <- struct{}{}:
+ default:
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/server.go b/vendor/github.com/lucas-clemente/quic-go/server.go
new file mode 100644
index 00000000..f2b94c42
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/server.go
@@ -0,0 +1,669 @@
+package quic
+
+import (
+ "bytes"
+ "context"
+ "crypto/rand"
+ "crypto/tls"
+ "errors"
+ "fmt"
+ "net"
+ "sync"
+ "sync/atomic"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/handshake"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+// packetHandler handles packets
+type packetHandler interface {
+ handlePacket(*receivedPacket)
+ shutdown()
+ destroy(error)
+ getPerspective() protocol.Perspective
+}
+
+type unknownPacketHandler interface {
+ handlePacket(*receivedPacket)
+ setCloseError(error)
+}
+
+type packetHandlerManager interface {
+ AddWithConnID(protocol.ConnectionID, protocol.ConnectionID, func() packetHandler) bool
+ Destroy() error
+ sessionRunner
+ SetServer(unknownPacketHandler)
+ CloseServer()
+}
+
+type quicSession interface {
+ EarlySession
+ earlySessionReady() <-chan struct{}
+ handlePacket(*receivedPacket)
+ GetVersion() protocol.VersionNumber
+ getPerspective() protocol.Perspective
+ run() error
+ destroy(error)
+ shutdown()
+}
+
+// A Listener of QUIC
+type baseServer struct {
+ mutex sync.Mutex
+
+ acceptEarlySessions bool
+
+ tlsConf *tls.Config
+ config *Config
+
+ conn connection
+ // If the server is started with ListenAddr, we create a packet conn.
+ // If it is started with Listen, we take a packet conn as a parameter.
+ createdPacketConn bool
+
+ tokenGenerator *handshake.TokenGenerator
+
+ sessionHandler packetHandlerManager
+
+ receivedPackets chan *receivedPacket
+
+ // set as a member, so they can be set in the tests
+ newSession func(
+ sendConn,
+ sessionRunner,
+ protocol.ConnectionID, /* original dest connection ID */
+ *protocol.ConnectionID, /* retry src connection ID */
+ protocol.ConnectionID, /* client dest connection ID */
+ protocol.ConnectionID, /* destination connection ID */
+ protocol.ConnectionID, /* source connection ID */
+ protocol.StatelessResetToken,
+ *Config,
+ *tls.Config,
+ *handshake.TokenGenerator,
+ bool, /* enable 0-RTT */
+ logging.ConnectionTracer,
+ uint64,
+ utils.Logger,
+ protocol.VersionNumber,
+ ) quicSession
+
+ serverError error
+ errorChan chan struct{}
+ closed bool
+ running chan struct{} // closed as soon as run() returns
+
+ sessionQueue chan quicSession
+ sessionQueueLen int32 // to be used as an atomic
+
+ logger utils.Logger
+}
+
+var (
+ _ Listener = &baseServer{}
+ _ unknownPacketHandler = &baseServer{}
+)
+
+type earlyServer struct{ *baseServer }
+
+var _ EarlyListener = &earlyServer{}
+
+func (s *earlyServer) Accept(ctx context.Context) (EarlySession, error) {
+ return s.baseServer.accept(ctx)
+}
+
+// ListenAddr creates a QUIC server listening on a given address.
+// The tls.Config must not be nil and must contain a certificate configuration.
+// The quic.Config may be nil, in that case the default values will be used.
+func ListenAddr(addr string, tlsConf *tls.Config, config *Config) (Listener, error) {
+ return listenAddr(addr, tlsConf, config, false)
+}
+
+// ListenAddrEarly works like ListenAddr, but it returns sessions before the handshake completes.
+func ListenAddrEarly(addr string, tlsConf *tls.Config, config *Config) (EarlyListener, error) {
+ s, err := listenAddr(addr, tlsConf, config, true)
+ if err != nil {
+ return nil, err
+ }
+ return &earlyServer{s}, nil
+}
+
+func listenAddr(addr string, tlsConf *tls.Config, config *Config, acceptEarly bool) (*baseServer, error) {
+ udpAddr, err := net.ResolveUDPAddr("udp", addr)
+ if err != nil {
+ return nil, err
+ }
+ conn, err := net.ListenUDP("udp", udpAddr)
+ if err != nil {
+ return nil, err
+ }
+ serv, err := listen(conn, tlsConf, config, acceptEarly)
+ if err != nil {
+ return nil, err
+ }
+ serv.createdPacketConn = true
+ return serv, nil
+}
+
+// Listen listens for QUIC connections on a given net.PacketConn. If the
+// PacketConn satisfies the OOBCapablePacketConn interface (as a net.UDPConn
+// does), ECN and packet info support will be enabled. In this case, ReadMsgUDP
+// and WriteMsgUDP will be used instead of ReadFrom and WriteTo to read/write
+// packets. A single net.PacketConn only be used for a single call to Listen.
+// The PacketConn can be used for simultaneous calls to Dial. QUIC connection
+// IDs are used for demultiplexing the different connections. The tls.Config
+// must not be nil and must contain a certificate configuration. The
+// tls.Config.CipherSuites allows setting of TLS 1.3 cipher suites. Furthermore,
+// it must define an application control (using NextProtos). The quic.Config may
+// be nil, in that case the default values will be used.
+func Listen(conn net.PacketConn, tlsConf *tls.Config, config *Config) (Listener, error) {
+ return listen(conn, tlsConf, config, false)
+}
+
+// ListenEarly works like Listen, but it returns sessions before the handshake completes.
+func ListenEarly(conn net.PacketConn, tlsConf *tls.Config, config *Config) (EarlyListener, error) {
+ s, err := listen(conn, tlsConf, config, true)
+ if err != nil {
+ return nil, err
+ }
+ return &earlyServer{s}, nil
+}
+
+func listen(conn net.PacketConn, tlsConf *tls.Config, config *Config, acceptEarly bool) (*baseServer, error) {
+ if tlsConf == nil {
+ return nil, errors.New("quic: tls.Config not set")
+ }
+ if err := validateConfig(config); err != nil {
+ return nil, err
+ }
+ config = populateServerConfig(config)
+ for _, v := range config.Versions {
+ if !protocol.IsValidVersion(v) {
+ return nil, fmt.Errorf("%s is not a valid QUIC version", v)
+ }
+ }
+
+ sessionHandler, err := getMultiplexer().AddConn(conn, config.ConnectionIDLength, config.StatelessResetKey, config.Tracer)
+ if err != nil {
+ return nil, err
+ }
+ tokenGenerator, err := handshake.NewTokenGenerator(rand.Reader)
+ if err != nil {
+ return nil, err
+ }
+ c, err := wrapConn(conn)
+ if err != nil {
+ return nil, err
+ }
+ s := &baseServer{
+ conn: c,
+ tlsConf: tlsConf,
+ config: config,
+ tokenGenerator: tokenGenerator,
+ sessionHandler: sessionHandler,
+ sessionQueue: make(chan quicSession),
+ errorChan: make(chan struct{}),
+ running: make(chan struct{}),
+ receivedPackets: make(chan *receivedPacket, protocol.MaxServerUnprocessedPackets),
+ newSession: newSession,
+ logger: utils.DefaultLogger.WithPrefix("server"),
+ acceptEarlySessions: acceptEarly,
+ }
+ go s.run()
+ sessionHandler.SetServer(s)
+ s.logger.Debugf("Listening for %s connections on %s", conn.LocalAddr().Network(), conn.LocalAddr().String())
+ return s, nil
+}
+
+func (s *baseServer) run() {
+ defer close(s.running)
+ for {
+ select {
+ case <-s.errorChan:
+ return
+ default:
+ }
+ select {
+ case <-s.errorChan:
+ return
+ case p := <-s.receivedPackets:
+ if bufferStillInUse := s.handlePacketImpl(p); !bufferStillInUse {
+ p.buffer.Release()
+ }
+ }
+ }
+}
+
+var defaultAcceptToken = func(clientAddr net.Addr, token *Token) bool {
+ if token == nil {
+ return false
+ }
+ validity := protocol.TokenValidity
+ if token.IsRetryToken {
+ validity = protocol.RetryTokenValidity
+ }
+ if time.Now().After(token.SentTime.Add(validity)) {
+ return false
+ }
+ var sourceAddr string
+ if udpAddr, ok := clientAddr.(*net.UDPAddr); ok {
+ sourceAddr = udpAddr.IP.String()
+ } else {
+ sourceAddr = clientAddr.String()
+ }
+ return sourceAddr == token.RemoteAddr
+}
+
+// Accept returns sessions that already completed the handshake.
+// It is only valid if acceptEarlySessions is false.
+func (s *baseServer) Accept(ctx context.Context) (Session, error) {
+ return s.accept(ctx)
+}
+
+func (s *baseServer) accept(ctx context.Context) (quicSession, error) {
+ select {
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ case sess := <-s.sessionQueue:
+ atomic.AddInt32(&s.sessionQueueLen, -1)
+ return sess, nil
+ case <-s.errorChan:
+ return nil, s.serverError
+ }
+}
+
+// Close the server
+func (s *baseServer) Close() error {
+ s.mutex.Lock()
+ if s.closed {
+ s.mutex.Unlock()
+ return nil
+ }
+ if s.serverError == nil {
+ s.serverError = errors.New("server closed")
+ }
+ // If the server was started with ListenAddr, we created the packet conn.
+ // We need to close it in order to make the go routine reading from that conn return.
+ createdPacketConn := s.createdPacketConn
+ s.closed = true
+ close(s.errorChan)
+ s.mutex.Unlock()
+
+ <-s.running
+ s.sessionHandler.CloseServer()
+ if createdPacketConn {
+ return s.sessionHandler.Destroy()
+ }
+ return nil
+}
+
+func (s *baseServer) setCloseError(e error) {
+ s.mutex.Lock()
+ defer s.mutex.Unlock()
+ if s.closed {
+ return
+ }
+ s.closed = true
+ s.serverError = e
+ close(s.errorChan)
+}
+
+// Addr returns the server's network address
+func (s *baseServer) Addr() net.Addr {
+ return s.conn.LocalAddr()
+}
+
+func (s *baseServer) handlePacket(p *receivedPacket) {
+ select {
+ case s.receivedPackets <- p:
+ default:
+ s.logger.Debugf("Dropping packet from %s (%d bytes). Server receive queue full.", p.remoteAddr, p.Size())
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropDOSPrevention)
+ }
+ }
+}
+
+func (s *baseServer) handlePacketImpl(p *receivedPacket) bool /* is the buffer still in use? */ {
+ if wire.IsVersionNegotiationPacket(p.data) {
+ s.logger.Debugf("Dropping Version Negotiation packet.")
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return false
+ }
+ // If we're creating a new session, the packet will be passed to the session.
+ // The header will then be parsed again.
+ hdr, _, _, err := wire.ParsePacket(p.data, s.config.ConnectionIDLength)
+ if err != nil && err != wire.ErrUnsupportedVersion {
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropHeaderParseError)
+ }
+ s.logger.Debugf("Error parsing packet: %s", err)
+ return false
+ }
+ // Short header packets should never end up here in the first place
+ if !hdr.IsLongHeader {
+ panic(fmt.Sprintf("misrouted packet: %#v", hdr))
+ }
+ if hdr.Type == protocol.PacketTypeInitial && p.Size() < protocol.MinInitialPacketSize {
+ s.logger.Debugf("Dropping a packet that is too small to be a valid Initial (%d bytes)", p.Size())
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeInitial, p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return false
+ }
+ // send a Version Negotiation Packet if the client is speaking a different protocol version
+ if !protocol.IsSupportedVersion(s.config.Versions, hdr.Version) {
+ if p.Size() < protocol.MinUnknownVersionPacketSize {
+ s.logger.Debugf("Dropping a packet with an unknown version that is too small (%d bytes)", p.Size())
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return false
+ }
+ go s.sendVersionNegotiationPacket(p, hdr)
+ return false
+ }
+ if hdr.IsLongHeader && hdr.Type != protocol.PacketTypeInitial {
+ // Drop long header packets.
+ // There's little point in sending a Stateless Reset, since the client
+ // might not have received the token yet.
+ s.logger.Debugf("Dropping long header packet of type %s (%d bytes)", hdr.Type, len(p.data))
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return false
+ }
+
+ s.logger.Debugf("<- Received Initial packet.")
+
+ if err := s.handleInitialImpl(p, hdr); err != nil {
+ s.logger.Errorf("Error occurred handling initial packet: %s", err)
+ }
+ // Don't put the packet buffer back.
+ // handleInitialImpl deals with the buffer.
+ return true
+}
+
+func (s *baseServer) handleInitialImpl(p *receivedPacket, hdr *wire.Header) error {
+ if len(hdr.Token) == 0 && hdr.DestConnectionID.Len() < protocol.MinConnectionIDLenInitial {
+ p.buffer.Release()
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeInitial, p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return errors.New("too short connection ID")
+ }
+
+ var (
+ token *Token
+ retrySrcConnID *protocol.ConnectionID
+ )
+ origDestConnID := hdr.DestConnectionID
+ if len(hdr.Token) > 0 {
+ c, err := s.tokenGenerator.DecodeToken(hdr.Token)
+ if err == nil {
+ token = &Token{
+ IsRetryToken: c.IsRetryToken,
+ RemoteAddr: c.RemoteAddr,
+ SentTime: c.SentTime,
+ }
+ if token.IsRetryToken {
+ origDestConnID = c.OriginalDestConnectionID
+ retrySrcConnID = &c.RetrySrcConnectionID
+ }
+ }
+ }
+ if !s.config.AcceptToken(p.remoteAddr, token) {
+ go func() {
+ defer p.buffer.Release()
+ if token != nil && token.IsRetryToken {
+ if err := s.maybeSendInvalidToken(p, hdr); err != nil {
+ s.logger.Debugf("Error sending INVALID_TOKEN error: %s", err)
+ }
+ return
+ }
+ if err := s.sendRetry(p.remoteAddr, hdr, p.info); err != nil {
+ s.logger.Debugf("Error sending Retry: %s", err)
+ }
+ }()
+ return nil
+ }
+
+ if queueLen := atomic.LoadInt32(&s.sessionQueueLen); queueLen >= protocol.MaxAcceptQueueSize {
+ s.logger.Debugf("Rejecting new connection. Server currently busy. Accept queue length: %d (max %d)", queueLen, protocol.MaxAcceptQueueSize)
+ go func() {
+ defer p.buffer.Release()
+ if err := s.sendConnectionRefused(p.remoteAddr, hdr, p.info); err != nil {
+ s.logger.Debugf("Error rejecting connection: %s", err)
+ }
+ }()
+ return nil
+ }
+
+ connID, err := protocol.GenerateConnectionID(s.config.ConnectionIDLength)
+ if err != nil {
+ return err
+ }
+ s.logger.Debugf("Changing connection ID to %s.", connID)
+ var sess quicSession
+ tracingID := nextSessionTracingID()
+ if added := s.sessionHandler.AddWithConnID(hdr.DestConnectionID, connID, func() packetHandler {
+ var tracer logging.ConnectionTracer
+ if s.config.Tracer != nil {
+ // Use the same connection ID that is passed to the client's GetLogWriter callback.
+ connID := hdr.DestConnectionID
+ if origDestConnID.Len() > 0 {
+ connID = origDestConnID
+ }
+ tracer = s.config.Tracer.TracerForConnection(
+ context.WithValue(context.Background(), SessionTracingKey, tracingID),
+ protocol.PerspectiveServer,
+ connID,
+ )
+ }
+ sess = s.newSession(
+ newSendConn(s.conn, p.remoteAddr, p.info),
+ s.sessionHandler,
+ origDestConnID,
+ retrySrcConnID,
+ hdr.DestConnectionID,
+ hdr.SrcConnectionID,
+ connID,
+ s.sessionHandler.GetStatelessResetToken(connID),
+ s.config,
+ s.tlsConf,
+ s.tokenGenerator,
+ s.acceptEarlySessions,
+ tracer,
+ tracingID,
+ s.logger,
+ hdr.Version,
+ )
+ sess.handlePacket(p)
+ return sess
+ }); !added {
+ return nil
+ }
+ go sess.run()
+ go s.handleNewSession(sess)
+ if sess == nil {
+ p.buffer.Release()
+ return nil
+ }
+ return nil
+}
+
+func (s *baseServer) handleNewSession(sess quicSession) {
+ sessCtx := sess.Context()
+ if s.acceptEarlySessions {
+ // wait until the early session is ready (or the handshake fails)
+ select {
+ case <-sess.earlySessionReady():
+ case <-sessCtx.Done():
+ return
+ }
+ } else {
+ // wait until the handshake is complete (or fails)
+ select {
+ case <-sess.HandshakeComplete().Done():
+ case <-sessCtx.Done():
+ return
+ }
+ }
+
+ atomic.AddInt32(&s.sessionQueueLen, 1)
+ select {
+ case s.sessionQueue <- sess:
+ // blocks until the session is accepted
+ case <-sessCtx.Done():
+ atomic.AddInt32(&s.sessionQueueLen, -1)
+ // don't pass sessions that were already closed to Accept()
+ }
+}
+
+func (s *baseServer) sendRetry(remoteAddr net.Addr, hdr *wire.Header, info *packetInfo) error {
+ // Log the Initial packet now.
+ // If no Retry is sent, the packet will be logged by the session.
+ (&wire.ExtendedHeader{Header: *hdr}).Log(s.logger)
+ srcConnID, err := protocol.GenerateConnectionID(s.config.ConnectionIDLength)
+ if err != nil {
+ return err
+ }
+ token, err := s.tokenGenerator.NewRetryToken(remoteAddr, hdr.DestConnectionID, srcConnID)
+ if err != nil {
+ return err
+ }
+ replyHdr := &wire.ExtendedHeader{}
+ replyHdr.IsLongHeader = true
+ replyHdr.Type = protocol.PacketTypeRetry
+ replyHdr.Version = hdr.Version
+ replyHdr.SrcConnectionID = srcConnID
+ replyHdr.DestConnectionID = hdr.SrcConnectionID
+ replyHdr.Token = token
+ if s.logger.Debug() {
+ s.logger.Debugf("Changing connection ID to %s.", srcConnID)
+ s.logger.Debugf("-> Sending Retry")
+ replyHdr.Log(s.logger)
+ }
+
+ packetBuffer := getPacketBuffer()
+ defer packetBuffer.Release()
+ buf := bytes.NewBuffer(packetBuffer.Data)
+ if err := replyHdr.Write(buf, hdr.Version); err != nil {
+ return err
+ }
+ // append the Retry integrity tag
+ tag := handshake.GetRetryIntegrityTag(buf.Bytes(), hdr.DestConnectionID, hdr.Version)
+ buf.Write(tag[:])
+ if s.config.Tracer != nil {
+ s.config.Tracer.SentPacket(remoteAddr, &replyHdr.Header, protocol.ByteCount(buf.Len()), nil)
+ }
+ _, err = s.conn.WritePacket(buf.Bytes(), remoteAddr, info.OOB())
+ return err
+}
+
+func (s *baseServer) maybeSendInvalidToken(p *receivedPacket, hdr *wire.Header) error {
+ // Only send INVALID_TOKEN if we can unprotect the packet.
+ // This makes sure that we won't send it for packets that were corrupted.
+ sealer, opener := handshake.NewInitialAEAD(hdr.DestConnectionID, protocol.PerspectiveServer, hdr.Version)
+ data := p.data[:hdr.ParsedLen()+hdr.Length]
+ extHdr, err := unpackHeader(opener, hdr, data, hdr.Version)
+ if err != nil {
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeInitial, p.Size(), logging.PacketDropHeaderParseError)
+ }
+ // don't return the error here. Just drop the packet.
+ return nil
+ }
+ hdrLen := extHdr.ParsedLen()
+ if _, err := opener.Open(data[hdrLen:hdrLen], data[hdrLen:], extHdr.PacketNumber, data[:hdrLen]); err != nil {
+ // don't return the error here. Just drop the packet.
+ if s.config.Tracer != nil {
+ s.config.Tracer.DroppedPacket(p.remoteAddr, logging.PacketTypeInitial, p.Size(), logging.PacketDropPayloadDecryptError)
+ }
+ return nil
+ }
+ if s.logger.Debug() {
+ s.logger.Debugf("Client sent an invalid retry token. Sending INVALID_TOKEN to %s.", p.remoteAddr)
+ }
+ return s.sendError(p.remoteAddr, hdr, sealer, qerr.InvalidToken, p.info)
+}
+
+func (s *baseServer) sendConnectionRefused(remoteAddr net.Addr, hdr *wire.Header, info *packetInfo) error {
+ sealer, _ := handshake.NewInitialAEAD(hdr.DestConnectionID, protocol.PerspectiveServer, hdr.Version)
+ return s.sendError(remoteAddr, hdr, sealer, qerr.ConnectionRefused, info)
+}
+
+// sendError sends the error as a response to the packet received with header hdr
+func (s *baseServer) sendError(remoteAddr net.Addr, hdr *wire.Header, sealer handshake.LongHeaderSealer, errorCode qerr.TransportErrorCode, info *packetInfo) error {
+ packetBuffer := getPacketBuffer()
+ defer packetBuffer.Release()
+ buf := bytes.NewBuffer(packetBuffer.Data)
+
+ ccf := &wire.ConnectionCloseFrame{ErrorCode: uint64(errorCode)}
+
+ replyHdr := &wire.ExtendedHeader{}
+ replyHdr.IsLongHeader = true
+ replyHdr.Type = protocol.PacketTypeInitial
+ replyHdr.Version = hdr.Version
+ replyHdr.SrcConnectionID = hdr.DestConnectionID
+ replyHdr.DestConnectionID = hdr.SrcConnectionID
+ replyHdr.PacketNumberLen = protocol.PacketNumberLen4
+ replyHdr.Length = 4 /* packet number len */ + ccf.Length(hdr.Version) + protocol.ByteCount(sealer.Overhead())
+ if err := replyHdr.Write(buf, hdr.Version); err != nil {
+ return err
+ }
+ payloadOffset := buf.Len()
+
+ if err := ccf.Write(buf, hdr.Version); err != nil {
+ return err
+ }
+
+ raw := buf.Bytes()
+ _ = sealer.Seal(raw[payloadOffset:payloadOffset], raw[payloadOffset:], replyHdr.PacketNumber, raw[:payloadOffset])
+ raw = raw[0 : buf.Len()+sealer.Overhead()]
+
+ pnOffset := payloadOffset - int(replyHdr.PacketNumberLen)
+ sealer.EncryptHeader(
+ raw[pnOffset+4:pnOffset+4+16],
+ &raw[0],
+ raw[pnOffset:payloadOffset],
+ )
+
+ replyHdr.Log(s.logger)
+ wire.LogFrame(s.logger, ccf, true)
+ if s.config.Tracer != nil {
+ s.config.Tracer.SentPacket(remoteAddr, &replyHdr.Header, protocol.ByteCount(len(raw)), []logging.Frame{ccf})
+ }
+ _, err := s.conn.WritePacket(raw, remoteAddr, info.OOB())
+ return err
+}
+
+func (s *baseServer) sendVersionNegotiationPacket(p *receivedPacket, hdr *wire.Header) {
+ s.logger.Debugf("Client offered version %s, sending Version Negotiation", hdr.Version)
+ data, err := wire.ComposeVersionNegotiation(hdr.SrcConnectionID, hdr.DestConnectionID, s.config.Versions)
+ if err != nil {
+ s.logger.Debugf("Error composing Version Negotiation: %s", err)
+ return
+ }
+ if s.config.Tracer != nil {
+ s.config.Tracer.SentPacket(
+ p.remoteAddr,
+ &wire.Header{
+ IsLongHeader: true,
+ DestConnectionID: hdr.SrcConnectionID,
+ SrcConnectionID: hdr.DestConnectionID,
+ },
+ protocol.ByteCount(len(data)),
+ nil,
+ )
+ }
+ if _, err := s.conn.WritePacket(data, p.remoteAddr, p.info.OOB()); err != nil {
+ s.logger.Debugf("Error sending Version Negotiation: %s", err)
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/session.go b/vendor/github.com/lucas-clemente/quic-go/session.go
new file mode 100644
index 00000000..97ed9df6
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/session.go
@@ -0,0 +1,1994 @@
+package quic
+
+import (
+ "bytes"
+ "context"
+ "crypto/tls"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "reflect"
+ "sync"
+ "sync/atomic"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/handshake"
+ "github.com/lucas-clemente/quic-go/internal/logutils"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/utils"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+ "github.com/lucas-clemente/quic-go/logging"
+)
+
+type unpacker interface {
+ Unpack(hdr *wire.Header, rcvTime time.Time, data []byte) (*unpackedPacket, error)
+}
+
+type streamGetter interface {
+ GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error)
+ GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error)
+}
+
+type streamManager interface {
+ GetOrOpenSendStream(protocol.StreamID) (sendStreamI, error)
+ GetOrOpenReceiveStream(protocol.StreamID) (receiveStreamI, error)
+ OpenStream() (Stream, error)
+ OpenUniStream() (SendStream, error)
+ OpenStreamSync(context.Context) (Stream, error)
+ OpenUniStreamSync(context.Context) (SendStream, error)
+ AcceptStream(context.Context) (Stream, error)
+ AcceptUniStream(context.Context) (ReceiveStream, error)
+ DeleteStream(protocol.StreamID) error
+ UpdateLimits(*wire.TransportParameters)
+ HandleMaxStreamsFrame(*wire.MaxStreamsFrame)
+ CloseWithError(error)
+ ResetFor0RTT()
+ UseResetMaps()
+}
+
+type cryptoStreamHandler interface {
+ RunHandshake()
+ ChangeConnectionID(protocol.ConnectionID)
+ SetLargest1RTTAcked(protocol.PacketNumber) error
+ SetHandshakeConfirmed()
+ GetSessionTicket() ([]byte, error)
+ io.Closer
+ ConnectionState() handshake.ConnectionState
+}
+
+type packetInfo struct {
+ addr net.IP
+ ifIndex uint32
+}
+
+type receivedPacket struct {
+ buffer *packetBuffer
+
+ remoteAddr net.Addr
+ rcvTime time.Time
+ data []byte
+
+ ecn protocol.ECN
+
+ info *packetInfo
+}
+
+func (p *receivedPacket) Size() protocol.ByteCount { return protocol.ByteCount(len(p.data)) }
+
+func (p *receivedPacket) Clone() *receivedPacket {
+ return &receivedPacket{
+ remoteAddr: p.remoteAddr,
+ rcvTime: p.rcvTime,
+ data: p.data,
+ buffer: p.buffer,
+ ecn: p.ecn,
+ info: p.info,
+ }
+}
+
+type sessionRunner interface {
+ Add(protocol.ConnectionID, packetHandler) bool
+ GetStatelessResetToken(protocol.ConnectionID) protocol.StatelessResetToken
+ Retire(protocol.ConnectionID)
+ Remove(protocol.ConnectionID)
+ ReplaceWithClosed(protocol.ConnectionID, packetHandler)
+ AddResetToken(protocol.StatelessResetToken, packetHandler)
+ RemoveResetToken(protocol.StatelessResetToken)
+}
+
+type handshakeRunner struct {
+ onReceivedParams func(*wire.TransportParameters)
+ onError func(error)
+ dropKeys func(protocol.EncryptionLevel)
+ onHandshakeComplete func()
+}
+
+func (r *handshakeRunner) OnReceivedParams(tp *wire.TransportParameters) { r.onReceivedParams(tp) }
+func (r *handshakeRunner) OnError(e error) { r.onError(e) }
+func (r *handshakeRunner) DropKeys(el protocol.EncryptionLevel) { r.dropKeys(el) }
+func (r *handshakeRunner) OnHandshakeComplete() { r.onHandshakeComplete() }
+
+type closeError struct {
+ err error
+ remote bool
+ immediate bool
+}
+
+type errCloseForRecreating struct {
+ nextPacketNumber protocol.PacketNumber
+ nextVersion protocol.VersionNumber
+}
+
+func (e *errCloseForRecreating) Error() string {
+ return "closing session in order to recreate it"
+}
+
+func (e *errCloseForRecreating) Is(target error) bool {
+ _, ok := target.(*errCloseForRecreating)
+ return ok
+}
+
+var sessionTracingID uint64 // to be accessed atomically
+func nextSessionTracingID() uint64 { return atomic.AddUint64(&sessionTracingID, 1) }
+
+// A Session is a QUIC session
+type session struct {
+ // Destination connection ID used during the handshake.
+ // Used to check source connection ID on incoming packets.
+ handshakeDestConnID protocol.ConnectionID
+ // Set for the client. Destination connection ID used on the first Initial sent.
+ origDestConnID protocol.ConnectionID
+ retrySrcConnID *protocol.ConnectionID // only set for the client (and if a Retry was performed)
+
+ srcConnIDLen int
+
+ perspective protocol.Perspective
+ version protocol.VersionNumber
+ config *Config
+
+ conn sendConn
+ sendQueue sender
+
+ streamsMap streamManager
+ connIDManager *connIDManager
+ connIDGenerator *connIDGenerator
+
+ rttStats *utils.RTTStats
+
+ cryptoStreamManager *cryptoStreamManager
+ sentPacketHandler ackhandler.SentPacketHandler
+ receivedPacketHandler ackhandler.ReceivedPacketHandler
+ retransmissionQueue *retransmissionQueue
+ framer framer
+ windowUpdateQueue *windowUpdateQueue
+ connFlowController flowcontrol.ConnectionFlowController
+ tokenStoreKey string // only set for the client
+ tokenGenerator *handshake.TokenGenerator // only set for the server
+
+ unpacker unpacker
+ frameParser wire.FrameParser
+ packer packer
+ mtuDiscoverer mtuDiscoverer // initialized when the handshake completes
+
+ oneRTTStream cryptoStream // only set for the server
+ cryptoStreamHandler cryptoStreamHandler
+
+ receivedPackets chan *receivedPacket
+ sendingScheduled chan struct{}
+
+ closeOnce sync.Once
+ // closeChan is used to notify the run loop that it should terminate
+ closeChan chan closeError
+
+ ctx context.Context
+ ctxCancel context.CancelFunc
+ handshakeCtx context.Context
+ handshakeCtxCancel context.CancelFunc
+
+ undecryptablePackets []*receivedPacket // undecryptable packets, waiting for a change in encryption level
+ undecryptablePacketsToProcess []*receivedPacket
+
+ clientHelloWritten <-chan *wire.TransportParameters
+ earlySessionReadyChan chan struct{}
+ handshakeCompleteChan chan struct{} // is closed when the handshake completes
+ handshakeComplete bool
+ handshakeConfirmed bool
+
+ receivedRetry bool
+ versionNegotiated bool
+ receivedFirstPacket bool
+
+ idleTimeout time.Duration
+ sessionCreationTime time.Time
+ // The idle timeout is set based on the max of the time we received the last packet...
+ lastPacketReceivedTime time.Time
+ // ... and the time we sent a new ack-eliciting packet after receiving a packet.
+ firstAckElicitingPacketAfterIdleSentTime time.Time
+ // pacingDeadline is the time when the next packet should be sent
+ pacingDeadline time.Time
+
+ peerParams *wire.TransportParameters
+
+ timer *utils.Timer
+ // keepAlivePingSent stores whether a keep alive PING is in flight.
+ // It is reset as soon as we receive a packet from the peer.
+ keepAlivePingSent bool
+ keepAliveInterval time.Duration
+
+ datagramQueue *datagramQueue
+
+ logID string
+ tracer logging.ConnectionTracer
+ logger utils.Logger
+}
+
+var (
+ _ Session = &session{}
+ _ EarlySession = &session{}
+ _ streamSender = &session{}
+ deadlineSendImmediately = time.Time{}.Add(42 * time.Millisecond) // any value > time.Time{} and before time.Now() is fine
+)
+
+var newSession = func(
+ conn sendConn,
+ runner sessionRunner,
+ origDestConnID protocol.ConnectionID,
+ retrySrcConnID *protocol.ConnectionID,
+ clientDestConnID protocol.ConnectionID,
+ destConnID protocol.ConnectionID,
+ srcConnID protocol.ConnectionID,
+ statelessResetToken protocol.StatelessResetToken,
+ conf *Config,
+ tlsConf *tls.Config,
+ tokenGenerator *handshake.TokenGenerator,
+ enable0RTT bool,
+ tracer logging.ConnectionTracer,
+ tracingID uint64,
+ logger utils.Logger,
+ v protocol.VersionNumber,
+) quicSession {
+ s := &session{
+ conn: conn,
+ config: conf,
+ handshakeDestConnID: destConnID,
+ srcConnIDLen: srcConnID.Len(),
+ tokenGenerator: tokenGenerator,
+ oneRTTStream: newCryptoStream(),
+ perspective: protocol.PerspectiveServer,
+ handshakeCompleteChan: make(chan struct{}),
+ tracer: tracer,
+ logger: logger,
+ version: v,
+ }
+ if origDestConnID != nil {
+ s.logID = origDestConnID.String()
+ } else {
+ s.logID = destConnID.String()
+ }
+ s.connIDManager = newConnIDManager(
+ destConnID,
+ func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) },
+ runner.RemoveResetToken,
+ s.queueControlFrame,
+ )
+ s.connIDGenerator = newConnIDGenerator(
+ srcConnID,
+ clientDestConnID,
+ func(connID protocol.ConnectionID) { runner.Add(connID, s) },
+ runner.GetStatelessResetToken,
+ runner.Remove,
+ runner.Retire,
+ runner.ReplaceWithClosed,
+ s.queueControlFrame,
+ s.version,
+ )
+ s.preSetup()
+ s.ctx, s.ctxCancel = context.WithCancel(context.WithValue(context.Background(), SessionTracingKey, tracingID))
+ s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler(
+ 0,
+ getMaxPacketSize(s.conn.RemoteAddr()),
+ s.rttStats,
+ s.perspective,
+ s.tracer,
+ s.logger,
+ s.version,
+ )
+ initialStream := newCryptoStream()
+ handshakeStream := newCryptoStream()
+ params := &wire.TransportParameters{
+ InitialMaxStreamDataBidiLocal: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxStreamDataBidiRemote: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxStreamDataUni: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxData: protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
+ MaxIdleTimeout: s.config.MaxIdleTimeout,
+ MaxBidiStreamNum: protocol.StreamNum(s.config.MaxIncomingStreams),
+ MaxUniStreamNum: protocol.StreamNum(s.config.MaxIncomingUniStreams),
+ MaxAckDelay: protocol.MaxAckDelayInclGranularity,
+ AckDelayExponent: protocol.AckDelayExponent,
+ DisableActiveMigration: true,
+ StatelessResetToken: &statelessResetToken,
+ OriginalDestinationConnectionID: origDestConnID,
+ ActiveConnectionIDLimit: protocol.MaxActiveConnectionIDs,
+ InitialSourceConnectionID: srcConnID,
+ RetrySourceConnectionID: retrySrcConnID,
+ }
+ if s.config.EnableDatagrams {
+ params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize
+ }
+ if s.tracer != nil {
+ s.tracer.SentTransportParameters(params)
+ }
+ cs := handshake.NewCryptoSetupServer(
+ initialStream,
+ handshakeStream,
+ clientDestConnID,
+ conn.LocalAddr(),
+ conn.RemoteAddr(),
+ params,
+ &handshakeRunner{
+ onReceivedParams: s.handleTransportParameters,
+ onError: s.closeLocal,
+ dropKeys: s.dropEncryptionLevel,
+ onHandshakeComplete: func() {
+ runner.Retire(clientDestConnID)
+ close(s.handshakeCompleteChan)
+ },
+ },
+ tlsConf,
+ enable0RTT,
+ s.rttStats,
+ tracer,
+ logger,
+ s.version,
+ )
+ s.cryptoStreamHandler = cs
+ s.packer = newPacketPacker(
+ srcConnID,
+ s.connIDManager.Get,
+ initialStream,
+ handshakeStream,
+ s.sentPacketHandler,
+ s.retransmissionQueue,
+ s.RemoteAddr(),
+ cs,
+ s.framer,
+ s.receivedPacketHandler,
+ s.datagramQueue,
+ s.perspective,
+ s.version,
+ )
+ s.unpacker = newPacketUnpacker(cs, s.version)
+ s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream, s.oneRTTStream)
+ return s
+}
+
+// declare this as a variable, such that we can it mock it in the tests
+var newClientSession = func(
+ conn sendConn,
+ runner sessionRunner,
+ destConnID protocol.ConnectionID,
+ srcConnID protocol.ConnectionID,
+ conf *Config,
+ tlsConf *tls.Config,
+ initialPacketNumber protocol.PacketNumber,
+ enable0RTT bool,
+ hasNegotiatedVersion bool,
+ tracer logging.ConnectionTracer,
+ tracingID uint64,
+ logger utils.Logger,
+ v protocol.VersionNumber,
+) quicSession {
+ s := &session{
+ conn: conn,
+ config: conf,
+ origDestConnID: destConnID,
+ handshakeDestConnID: destConnID,
+ srcConnIDLen: srcConnID.Len(),
+ perspective: protocol.PerspectiveClient,
+ handshakeCompleteChan: make(chan struct{}),
+ logID: destConnID.String(),
+ logger: logger,
+ tracer: tracer,
+ versionNegotiated: hasNegotiatedVersion,
+ version: v,
+ }
+ s.connIDManager = newConnIDManager(
+ destConnID,
+ func(token protocol.StatelessResetToken) { runner.AddResetToken(token, s) },
+ runner.RemoveResetToken,
+ s.queueControlFrame,
+ )
+ s.connIDGenerator = newConnIDGenerator(
+ srcConnID,
+ nil,
+ func(connID protocol.ConnectionID) { runner.Add(connID, s) },
+ runner.GetStatelessResetToken,
+ runner.Remove,
+ runner.Retire,
+ runner.ReplaceWithClosed,
+ s.queueControlFrame,
+ s.version,
+ )
+ s.preSetup()
+ s.ctx, s.ctxCancel = context.WithCancel(context.WithValue(context.Background(), SessionTracingKey, tracingID))
+ s.sentPacketHandler, s.receivedPacketHandler = ackhandler.NewAckHandler(
+ initialPacketNumber,
+ getMaxPacketSize(s.conn.RemoteAddr()),
+ s.rttStats,
+ s.perspective,
+ s.tracer,
+ s.logger,
+ s.version,
+ )
+ initialStream := newCryptoStream()
+ handshakeStream := newCryptoStream()
+ params := &wire.TransportParameters{
+ InitialMaxStreamDataBidiRemote: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxStreamDataBidiLocal: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxStreamDataUni: protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ InitialMaxData: protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
+ MaxIdleTimeout: s.config.MaxIdleTimeout,
+ MaxBidiStreamNum: protocol.StreamNum(s.config.MaxIncomingStreams),
+ MaxUniStreamNum: protocol.StreamNum(s.config.MaxIncomingUniStreams),
+ MaxAckDelay: protocol.MaxAckDelayInclGranularity,
+ AckDelayExponent: protocol.AckDelayExponent,
+ DisableActiveMigration: true,
+ ActiveConnectionIDLimit: protocol.MaxActiveConnectionIDs,
+ InitialSourceConnectionID: srcConnID,
+ }
+ if s.config.EnableDatagrams {
+ params.MaxDatagramFrameSize = protocol.MaxDatagramFrameSize
+ }
+ if s.tracer != nil {
+ s.tracer.SentTransportParameters(params)
+ }
+ cs, clientHelloWritten := handshake.NewCryptoSetupClient(
+ initialStream,
+ handshakeStream,
+ destConnID,
+ conn.LocalAddr(),
+ conn.RemoteAddr(),
+ params,
+ &handshakeRunner{
+ onReceivedParams: s.handleTransportParameters,
+ onError: s.closeLocal,
+ dropKeys: s.dropEncryptionLevel,
+ onHandshakeComplete: func() { close(s.handshakeCompleteChan) },
+ },
+ tlsConf,
+ enable0RTT,
+ s.rttStats,
+ tracer,
+ logger,
+ s.version,
+ )
+ s.clientHelloWritten = clientHelloWritten
+ s.cryptoStreamHandler = cs
+ s.cryptoStreamManager = newCryptoStreamManager(cs, initialStream, handshakeStream, newCryptoStream())
+ s.unpacker = newPacketUnpacker(cs, s.version)
+ s.packer = newPacketPacker(
+ srcConnID,
+ s.connIDManager.Get,
+ initialStream,
+ handshakeStream,
+ s.sentPacketHandler,
+ s.retransmissionQueue,
+ s.RemoteAddr(),
+ cs,
+ s.framer,
+ s.receivedPacketHandler,
+ s.datagramQueue,
+ s.perspective,
+ s.version,
+ )
+ if len(tlsConf.ServerName) > 0 {
+ s.tokenStoreKey = tlsConf.ServerName
+ } else {
+ s.tokenStoreKey = conn.RemoteAddr().String()
+ }
+ if s.config.TokenStore != nil {
+ if token := s.config.TokenStore.Pop(s.tokenStoreKey); token != nil {
+ s.packer.SetToken(token.data)
+ }
+ }
+ return s
+}
+
+func (s *session) preSetup() {
+ s.sendQueue = newSendQueue(s.conn)
+ s.retransmissionQueue = newRetransmissionQueue(s.version)
+ s.frameParser = wire.NewFrameParser(s.config.EnableDatagrams, s.version)
+ s.rttStats = &utils.RTTStats{}
+ s.connFlowController = flowcontrol.NewConnectionFlowController(
+ protocol.ByteCount(s.config.InitialConnectionReceiveWindow),
+ protocol.ByteCount(s.config.MaxConnectionReceiveWindow),
+ s.onHasConnectionWindowUpdate,
+ s.rttStats,
+ s.logger,
+ )
+ s.earlySessionReadyChan = make(chan struct{})
+ s.streamsMap = newStreamsMap(
+ s,
+ s.newFlowController,
+ uint64(s.config.MaxIncomingStreams),
+ uint64(s.config.MaxIncomingUniStreams),
+ s.perspective,
+ s.version,
+ )
+ s.framer = newFramer(s.streamsMap, s.version)
+ s.receivedPackets = make(chan *receivedPacket, protocol.MaxSessionUnprocessedPackets)
+ s.closeChan = make(chan closeError, 1)
+ s.sendingScheduled = make(chan struct{}, 1)
+ s.handshakeCtx, s.handshakeCtxCancel = context.WithCancel(context.Background())
+
+ now := time.Now()
+ s.lastPacketReceivedTime = now
+ s.sessionCreationTime = now
+
+ s.windowUpdateQueue = newWindowUpdateQueue(s.streamsMap, s.connFlowController, s.framer.QueueControlFrame)
+ if s.config.EnableDatagrams {
+ s.datagramQueue = newDatagramQueue(s.scheduleSending, s.logger)
+ }
+}
+
+// run the session main loop
+func (s *session) run() error {
+ defer s.ctxCancel()
+
+ s.timer = utils.NewTimer()
+
+ go s.cryptoStreamHandler.RunHandshake()
+ go func() {
+ if err := s.sendQueue.Run(); err != nil {
+ s.destroyImpl(err)
+ }
+ }()
+
+ if s.perspective == protocol.PerspectiveClient {
+ select {
+ case zeroRTTParams := <-s.clientHelloWritten:
+ s.scheduleSending()
+ if zeroRTTParams != nil {
+ s.restoreTransportParameters(zeroRTTParams)
+ close(s.earlySessionReadyChan)
+ }
+ case closeErr := <-s.closeChan:
+ // put the close error back into the channel, so that the run loop can receive it
+ s.closeChan <- closeErr
+ }
+ }
+
+ var (
+ closeErr closeError
+ sendQueueAvailable <-chan struct{}
+ )
+
+runLoop:
+ for {
+ // Close immediately if requested
+ select {
+ case closeErr = <-s.closeChan:
+ break runLoop
+ case <-s.handshakeCompleteChan:
+ s.handleHandshakeComplete()
+ default:
+ }
+
+ s.maybeResetTimer()
+
+ var processedUndecryptablePacket bool
+ if len(s.undecryptablePacketsToProcess) > 0 {
+ queue := s.undecryptablePacketsToProcess
+ s.undecryptablePacketsToProcess = nil
+ for _, p := range queue {
+ if processed := s.handlePacketImpl(p); processed {
+ processedUndecryptablePacket = true
+ }
+ // Don't set timers and send packets if the packet made us close the session.
+ select {
+ case closeErr = <-s.closeChan:
+ break runLoop
+ default:
+ }
+ }
+ } else if !processedUndecryptablePacket {
+ select {
+ case closeErr = <-s.closeChan:
+ break runLoop
+ case <-s.timer.Chan():
+ s.timer.SetRead()
+ // We do all the interesting stuff after the switch statement, so
+ // nothing to see here.
+ case <-s.sendingScheduled:
+ // We do all the interesting stuff after the switch statement, so
+ // nothing to see here.
+ case <-sendQueueAvailable:
+ case firstPacket := <-s.receivedPackets:
+ wasProcessed := s.handlePacketImpl(firstPacket)
+ // Don't set timers and send packets if the packet made us close the session.
+ select {
+ case closeErr = <-s.closeChan:
+ break runLoop
+ default:
+ }
+ if s.handshakeComplete {
+ // Now process all packets in the receivedPackets channel.
+ // Limit the number of packets to the length of the receivedPackets channel,
+ // so we eventually get a chance to send out an ACK when receiving a lot of packets.
+ numPackets := len(s.receivedPackets)
+ receiveLoop:
+ for i := 0; i < numPackets; i++ {
+ select {
+ case p := <-s.receivedPackets:
+ if processed := s.handlePacketImpl(p); processed {
+ wasProcessed = true
+ }
+ select {
+ case closeErr = <-s.closeChan:
+ break runLoop
+ default:
+ }
+ default:
+ break receiveLoop
+ }
+ }
+ }
+ // Only reset the timers if this packet was actually processed.
+ // This avoids modifying any state when handling undecryptable packets,
+ // which could be injected by an attacker.
+ if !wasProcessed {
+ continue
+ }
+ case <-s.handshakeCompleteChan:
+ s.handleHandshakeComplete()
+ }
+ }
+
+ now := time.Now()
+ if timeout := s.sentPacketHandler.GetLossDetectionTimeout(); !timeout.IsZero() && timeout.Before(now) {
+ // This could cause packets to be retransmitted.
+ // Check it before trying to send packets.
+ if err := s.sentPacketHandler.OnLossDetectionTimeout(); err != nil {
+ s.closeLocal(err)
+ }
+ }
+
+ if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() && !now.Before(keepAliveTime) {
+ // send a PING frame since there is no activity in the session
+ s.logger.Debugf("Sending a keep-alive PING to keep the connection alive.")
+ s.framer.QueueControlFrame(&wire.PingFrame{})
+ s.keepAlivePingSent = true
+ } else if !s.handshakeComplete && now.Sub(s.sessionCreationTime) >= s.config.handshakeTimeout() {
+ s.destroyImpl(qerr.ErrHandshakeTimeout)
+ continue
+ } else {
+ idleTimeoutStartTime := s.idleTimeoutStartTime()
+ if (!s.handshakeComplete && now.Sub(idleTimeoutStartTime) >= s.config.HandshakeIdleTimeout) ||
+ (s.handshakeComplete && now.Sub(idleTimeoutStartTime) >= s.idleTimeout) {
+ s.destroyImpl(qerr.ErrIdleTimeout)
+ continue
+ }
+ }
+
+ if s.sendQueue.WouldBlock() {
+ // The send queue is still busy sending out packets.
+ // Wait until there's space to enqueue new packets.
+ sendQueueAvailable = s.sendQueue.Available()
+ continue
+ }
+ if err := s.sendPackets(); err != nil {
+ s.closeLocal(err)
+ }
+ if s.sendQueue.WouldBlock() {
+ sendQueueAvailable = s.sendQueue.Available()
+ } else {
+ sendQueueAvailable = nil
+ }
+ }
+
+ s.handleCloseError(&closeErr)
+ if !errors.Is(closeErr.err, &errCloseForRecreating{}) && s.tracer != nil {
+ s.tracer.Close()
+ }
+ s.logger.Infof("Connection %s closed.", s.logID)
+ s.cryptoStreamHandler.Close()
+ s.sendQueue.Close()
+ s.timer.Stop()
+ return closeErr.err
+}
+
+// blocks until the early session can be used
+func (s *session) earlySessionReady() <-chan struct{} {
+ return s.earlySessionReadyChan
+}
+
+func (s *session) HandshakeComplete() context.Context {
+ return s.handshakeCtx
+}
+
+func (s *session) Context() context.Context {
+ return s.ctx
+}
+
+func (s *session) supportsDatagrams() bool {
+ return s.peerParams.MaxDatagramFrameSize != protocol.InvalidByteCount
+}
+
+func (s *session) ConnectionState() ConnectionState {
+ return ConnectionState{
+ TLS: s.cryptoStreamHandler.ConnectionState(),
+ SupportsDatagrams: s.supportsDatagrams(),
+ }
+}
+
+// Time when the next keep-alive packet should be sent.
+// It returns a zero time if no keep-alive should be sent.
+func (s *session) nextKeepAliveTime() time.Time {
+ if !s.config.KeepAlive || s.keepAlivePingSent || !s.firstAckElicitingPacketAfterIdleSentTime.IsZero() {
+ return time.Time{}
+ }
+ return s.lastPacketReceivedTime.Add(s.keepAliveInterval)
+}
+
+func (s *session) maybeResetTimer() {
+ var deadline time.Time
+ if !s.handshakeComplete {
+ deadline = utils.MinTime(
+ s.sessionCreationTime.Add(s.config.handshakeTimeout()),
+ s.idleTimeoutStartTime().Add(s.config.HandshakeIdleTimeout),
+ )
+ } else {
+ if keepAliveTime := s.nextKeepAliveTime(); !keepAliveTime.IsZero() {
+ deadline = keepAliveTime
+ } else {
+ deadline = s.idleTimeoutStartTime().Add(s.idleTimeout)
+ }
+ }
+ if s.handshakeConfirmed && !s.config.DisablePathMTUDiscovery {
+ if probeTime := s.mtuDiscoverer.NextProbeTime(); !probeTime.IsZero() {
+ deadline = utils.MinTime(deadline, probeTime)
+ }
+ }
+
+ if ackAlarm := s.receivedPacketHandler.GetAlarmTimeout(); !ackAlarm.IsZero() {
+ deadline = utils.MinTime(deadline, ackAlarm)
+ }
+ if lossTime := s.sentPacketHandler.GetLossDetectionTimeout(); !lossTime.IsZero() {
+ deadline = utils.MinTime(deadline, lossTime)
+ }
+ if !s.pacingDeadline.IsZero() {
+ deadline = utils.MinTime(deadline, s.pacingDeadline)
+ }
+
+ s.timer.Reset(deadline)
+}
+
+func (s *session) idleTimeoutStartTime() time.Time {
+ return utils.MaxTime(s.lastPacketReceivedTime, s.firstAckElicitingPacketAfterIdleSentTime)
+}
+
+func (s *session) handleHandshakeComplete() {
+ s.handshakeComplete = true
+ s.handshakeCompleteChan = nil // prevent this case from ever being selected again
+ defer s.handshakeCtxCancel()
+ // Once the handshake completes, we have derived 1-RTT keys.
+ // There's no point in queueing undecryptable packets for later decryption any more.
+ s.undecryptablePackets = nil
+
+ s.connIDManager.SetHandshakeComplete()
+ s.connIDGenerator.SetHandshakeComplete()
+
+ if s.perspective == protocol.PerspectiveClient {
+ s.applyTransportParameters()
+ return
+ }
+
+ s.handleHandshakeConfirmed()
+
+ ticket, err := s.cryptoStreamHandler.GetSessionTicket()
+ if err != nil {
+ s.closeLocal(err)
+ }
+ if ticket != nil {
+ s.oneRTTStream.Write(ticket)
+ for s.oneRTTStream.HasData() {
+ s.queueControlFrame(s.oneRTTStream.PopCryptoFrame(protocol.MaxPostHandshakeCryptoFrameSize))
+ }
+ }
+ token, err := s.tokenGenerator.NewToken(s.conn.RemoteAddr())
+ if err != nil {
+ s.closeLocal(err)
+ }
+ s.queueControlFrame(&wire.NewTokenFrame{Token: token})
+ s.queueControlFrame(&wire.HandshakeDoneFrame{})
+}
+
+func (s *session) handleHandshakeConfirmed() {
+ s.handshakeConfirmed = true
+ s.sentPacketHandler.SetHandshakeConfirmed()
+ s.cryptoStreamHandler.SetHandshakeConfirmed()
+
+ if !s.config.DisablePathMTUDiscovery {
+ maxPacketSize := s.peerParams.MaxUDPPayloadSize
+ if maxPacketSize == 0 {
+ maxPacketSize = protocol.MaxByteCount
+ }
+ maxPacketSize = utils.MinByteCount(maxPacketSize, protocol.MaxPacketBufferSize)
+ s.mtuDiscoverer = newMTUDiscoverer(
+ s.rttStats,
+ getMaxPacketSize(s.conn.RemoteAddr()),
+ maxPacketSize,
+ func(size protocol.ByteCount) {
+ s.sentPacketHandler.SetMaxDatagramSize(size)
+ s.packer.SetMaxPacketSize(size)
+ },
+ )
+ }
+}
+
+func (s *session) handlePacketImpl(rp *receivedPacket) bool {
+ s.sentPacketHandler.ReceivedBytes(rp.Size())
+
+ if wire.IsVersionNegotiationPacket(rp.data) {
+ s.handleVersionNegotiationPacket(rp)
+ return false
+ }
+
+ var counter uint8
+ var lastConnID protocol.ConnectionID
+ var processed bool
+ data := rp.data
+ p := rp
+ for len(data) > 0 {
+ if counter > 0 {
+ p = p.Clone()
+ p.data = data
+ }
+
+ hdr, packetData, rest, err := wire.ParsePacket(p.data, s.srcConnIDLen)
+ if err != nil {
+ if s.tracer != nil {
+ dropReason := logging.PacketDropHeaderParseError
+ if err == wire.ErrUnsupportedVersion {
+ dropReason = logging.PacketDropUnsupportedVersion
+ }
+ s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, protocol.ByteCount(len(data)), dropReason)
+ }
+ s.logger.Debugf("error parsing packet: %s", err)
+ break
+ }
+
+ if hdr.IsLongHeader && hdr.Version != s.version {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), protocol.ByteCount(len(data)), logging.PacketDropUnexpectedVersion)
+ }
+ s.logger.Debugf("Dropping packet with version %x. Expected %x.", hdr.Version, s.version)
+ break
+ }
+
+ if counter > 0 && !hdr.DestConnectionID.Equal(lastConnID) {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), protocol.ByteCount(len(data)), logging.PacketDropUnknownConnectionID)
+ }
+ s.logger.Debugf("coalesced packet has different destination connection ID: %s, expected %s", hdr.DestConnectionID, lastConnID)
+ break
+ }
+ lastConnID = hdr.DestConnectionID
+
+ if counter > 0 {
+ p.buffer.Split()
+ }
+ counter++
+
+ // only log if this actually a coalesced packet
+ if s.logger.Debug() && (counter > 1 || len(rest) > 0) {
+ s.logger.Debugf("Parsed a coalesced packet. Part %d: %d bytes. Remaining: %d bytes.", counter, len(packetData), len(rest))
+ }
+ p.data = packetData
+ if wasProcessed := s.handleSinglePacket(p, hdr); wasProcessed {
+ processed = true
+ }
+ data = rest
+ }
+ p.buffer.MaybeRelease()
+ return processed
+}
+
+func (s *session) handleSinglePacket(p *receivedPacket, hdr *wire.Header) bool /* was the packet successfully processed */ {
+ var wasQueued bool
+
+ defer func() {
+ // Put back the packet buffer if the packet wasn't queued for later decryption.
+ if !wasQueued {
+ p.buffer.Decrement()
+ }
+ }()
+
+ if hdr.Type == protocol.PacketTypeRetry {
+ return s.handleRetryPacket(hdr, p.data)
+ }
+
+ // The server can change the source connection ID with the first Handshake packet.
+ // After this, all packets with a different source connection have to be ignored.
+ if s.receivedFirstPacket && hdr.IsLongHeader && hdr.Type == protocol.PacketTypeInitial && !hdr.SrcConnectionID.Equal(s.handshakeDestConnID) {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeInitial, p.Size(), logging.PacketDropUnknownConnectionID)
+ }
+ s.logger.Debugf("Dropping Initial packet (%d bytes) with unexpected source connection ID: %s (expected %s)", p.Size(), hdr.SrcConnectionID, s.handshakeDestConnID)
+ return false
+ }
+ // drop 0-RTT packets, if we are a client
+ if s.perspective == protocol.PerspectiveClient && hdr.Type == protocol.PacketType0RTT {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketType0RTT, p.Size(), logging.PacketDropKeyUnavailable)
+ }
+ return false
+ }
+
+ packet, err := s.unpacker.Unpack(hdr, p.rcvTime, p.data)
+ if err != nil {
+ switch err {
+ case handshake.ErrKeysDropped:
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropKeyUnavailable)
+ }
+ s.logger.Debugf("Dropping %s packet (%d bytes) because we already dropped the keys.", hdr.PacketType(), p.Size())
+ case handshake.ErrKeysNotYetAvailable:
+ // Sealer for this encryption level not yet available.
+ // Try again later.
+ wasQueued = true
+ s.tryQueueingUndecryptablePacket(p, hdr)
+ case wire.ErrInvalidReservedBits:
+ s.closeLocal(&qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: err.Error(),
+ })
+ case handshake.ErrDecryptionFailed:
+ // This might be a packet injected by an attacker. Drop it.
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropPayloadDecryptError)
+ }
+ s.logger.Debugf("Dropping %s packet (%d bytes) that could not be unpacked. Error: %s", hdr.PacketType(), p.Size(), err)
+ default:
+ var headerErr *headerParseError
+ if errors.As(err, &headerErr) {
+ // This might be a packet injected by an attacker. Drop it.
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropHeaderParseError)
+ }
+ s.logger.Debugf("Dropping %s packet (%d bytes) for which we couldn't unpack the header. Error: %s", hdr.PacketType(), p.Size(), err)
+ } else {
+ // This is an error returned by the AEAD (other than ErrDecryptionFailed).
+ // For example, a PROTOCOL_VIOLATION due to key updates.
+ s.closeLocal(err)
+ }
+ }
+ return false
+ }
+
+ if s.logger.Debug() {
+ s.logger.Debugf("<- Reading packet %d (%d bytes) for connection %s, %s", packet.packetNumber, p.Size(), hdr.DestConnectionID, packet.encryptionLevel)
+ packet.hdr.Log(s.logger)
+ }
+
+ if s.receivedPacketHandler.IsPotentiallyDuplicate(packet.packetNumber, packet.encryptionLevel) {
+ s.logger.Debugf("Dropping (potentially) duplicate packet.")
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropDuplicate)
+ }
+ return false
+ }
+
+ if err := s.handleUnpackedPacket(packet, p.ecn, p.rcvTime, p.Size()); err != nil {
+ s.closeLocal(err)
+ return false
+ }
+ return true
+}
+
+func (s *session) handleRetryPacket(hdr *wire.Header, data []byte) bool /* was this a valid Retry */ {
+ if s.perspective == protocol.PerspectiveServer {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
+ }
+ s.logger.Debugf("Ignoring Retry.")
+ return false
+ }
+ if s.receivedFirstPacket {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
+ }
+ s.logger.Debugf("Ignoring Retry, since we already received a packet.")
+ return false
+ }
+ destConnID := s.connIDManager.Get()
+ if hdr.SrcConnectionID.Equal(destConnID) {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropUnexpectedPacket)
+ }
+ s.logger.Debugf("Ignoring Retry, since the server didn't change the Source Connection ID.")
+ return false
+ }
+ // If a token is already set, this means that we already received a Retry from the server.
+ // Ignore this Retry packet.
+ if s.receivedRetry {
+ s.logger.Debugf("Ignoring Retry, since a Retry was already received.")
+ return false
+ }
+
+ tag := handshake.GetRetryIntegrityTag(data[:len(data)-16], destConnID, hdr.Version)
+ if !bytes.Equal(data[len(data)-16:], tag[:]) {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeRetry, protocol.ByteCount(len(data)), logging.PacketDropPayloadDecryptError)
+ }
+ s.logger.Debugf("Ignoring spoofed Retry. Integrity Tag doesn't match.")
+ return false
+ }
+
+ if s.logger.Debug() {
+ s.logger.Debugf("<- Received Retry:")
+ (&wire.ExtendedHeader{Header: *hdr}).Log(s.logger)
+ s.logger.Debugf("Switching destination connection ID to: %s", hdr.SrcConnectionID)
+ }
+ if s.tracer != nil {
+ s.tracer.ReceivedRetry(hdr)
+ }
+ newDestConnID := hdr.SrcConnectionID
+ s.receivedRetry = true
+ if err := s.sentPacketHandler.ResetForRetry(); err != nil {
+ s.closeLocal(err)
+ return false
+ }
+ s.handshakeDestConnID = newDestConnID
+ s.retrySrcConnID = &newDestConnID
+ s.cryptoStreamHandler.ChangeConnectionID(newDestConnID)
+ s.packer.SetToken(hdr.Token)
+ s.connIDManager.ChangeInitialConnID(newDestConnID)
+ s.scheduleSending()
+ return true
+}
+
+func (s *session) handleVersionNegotiationPacket(p *receivedPacket) {
+ if s.perspective == protocol.PerspectiveServer || // servers never receive version negotiation packets
+ s.receivedFirstPacket || s.versionNegotiated { // ignore delayed / duplicated version negotiation packets
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedPacket)
+ }
+ return
+ }
+
+ hdr, supportedVersions, err := wire.ParseVersionNegotiationPacket(bytes.NewReader(p.data))
+ if err != nil {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropHeaderParseError)
+ }
+ s.logger.Debugf("Error parsing Version Negotiation packet: %s", err)
+ return
+ }
+
+ for _, v := range supportedVersions {
+ if v == s.version {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeVersionNegotiation, p.Size(), logging.PacketDropUnexpectedVersion)
+ }
+ // The Version Negotiation packet contains the version that we offered.
+ // This might be a packet sent by an attacker, or it was corrupted.
+ return
+ }
+ }
+
+ s.logger.Infof("Received a Version Negotiation packet. Supported Versions: %s", supportedVersions)
+ if s.tracer != nil {
+ s.tracer.ReceivedVersionNegotiationPacket(hdr, supportedVersions)
+ }
+ newVersion, ok := protocol.ChooseSupportedVersion(s.config.Versions, supportedVersions)
+ if !ok {
+ s.destroyImpl(&VersionNegotiationError{
+ Ours: s.config.Versions,
+ Theirs: supportedVersions,
+ })
+ s.logger.Infof("No compatible QUIC version found.")
+ return
+ }
+ if s.tracer != nil {
+ s.tracer.NegotiatedVersion(newVersion, s.config.Versions, supportedVersions)
+ }
+
+ s.logger.Infof("Switching to QUIC version %s.", newVersion)
+ nextPN, _ := s.sentPacketHandler.PeekPacketNumber(protocol.EncryptionInitial)
+ s.destroyImpl(&errCloseForRecreating{
+ nextPacketNumber: nextPN,
+ nextVersion: newVersion,
+ })
+}
+
+func (s *session) handleUnpackedPacket(
+ packet *unpackedPacket,
+ ecn protocol.ECN,
+ rcvTime time.Time,
+ packetSize protocol.ByteCount, // only for logging
+) error {
+ if len(packet.data) == 0 {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "empty packet",
+ }
+ }
+
+ if !s.receivedFirstPacket {
+ s.receivedFirstPacket = true
+ if !s.versionNegotiated && s.tracer != nil {
+ var clientVersions, serverVersions []protocol.VersionNumber
+ switch s.perspective {
+ case protocol.PerspectiveClient:
+ clientVersions = s.config.Versions
+ case protocol.PerspectiveServer:
+ serverVersions = s.config.Versions
+ }
+ s.tracer.NegotiatedVersion(s.version, clientVersions, serverVersions)
+ }
+ // The server can change the source connection ID with the first Handshake packet.
+ if s.perspective == protocol.PerspectiveClient && packet.hdr.IsLongHeader && !packet.hdr.SrcConnectionID.Equal(s.handshakeDestConnID) {
+ cid := packet.hdr.SrcConnectionID
+ s.logger.Debugf("Received first packet. Switching destination connection ID to: %s", cid)
+ s.handshakeDestConnID = cid
+ s.connIDManager.ChangeInitialConnID(cid)
+ }
+ // We create the session as soon as we receive the first packet from the client.
+ // We do that before authenticating the packet.
+ // That means that if the source connection ID was corrupted,
+ // we might have create a session with an incorrect source connection ID.
+ // Once we authenticate the first packet, we need to update it.
+ if s.perspective == protocol.PerspectiveServer {
+ if !packet.hdr.SrcConnectionID.Equal(s.handshakeDestConnID) {
+ s.handshakeDestConnID = packet.hdr.SrcConnectionID
+ s.connIDManager.ChangeInitialConnID(packet.hdr.SrcConnectionID)
+ }
+ if s.tracer != nil {
+ s.tracer.StartedConnection(
+ s.conn.LocalAddr(),
+ s.conn.RemoteAddr(),
+ packet.hdr.SrcConnectionID,
+ packet.hdr.DestConnectionID,
+ )
+ }
+ }
+ }
+
+ s.lastPacketReceivedTime = rcvTime
+ s.firstAckElicitingPacketAfterIdleSentTime = time.Time{}
+ s.keepAlivePingSent = false
+
+ // Only used for tracing.
+ // If we're not tracing, this slice will always remain empty.
+ var frames []wire.Frame
+ r := bytes.NewReader(packet.data)
+ var isAckEliciting bool
+ for {
+ frame, err := s.frameParser.ParseNext(r, packet.encryptionLevel)
+ if err != nil {
+ return err
+ }
+ if frame == nil {
+ break
+ }
+ if ackhandler.IsFrameAckEliciting(frame) {
+ isAckEliciting = true
+ }
+ // Only process frames now if we're not logging.
+ // If we're logging, we need to make sure that the packet_received event is logged first.
+ if s.tracer == nil {
+ if err := s.handleFrame(frame, packet.encryptionLevel, packet.hdr.DestConnectionID); err != nil {
+ return err
+ }
+ } else {
+ frames = append(frames, frame)
+ }
+ }
+
+ if s.tracer != nil {
+ fs := make([]logging.Frame, len(frames))
+ for i, frame := range frames {
+ fs[i] = logutils.ConvertFrame(frame)
+ }
+ s.tracer.ReceivedPacket(packet.hdr, packetSize, fs)
+ for _, frame := range frames {
+ if err := s.handleFrame(frame, packet.encryptionLevel, packet.hdr.DestConnectionID); err != nil {
+ return err
+ }
+ }
+ }
+
+ return s.receivedPacketHandler.ReceivedPacket(packet.packetNumber, ecn, packet.encryptionLevel, rcvTime, isAckEliciting)
+}
+
+func (s *session) handleFrame(f wire.Frame, encLevel protocol.EncryptionLevel, destConnID protocol.ConnectionID) error {
+ var err error
+ wire.LogFrame(s.logger, f, false)
+ switch frame := f.(type) {
+ case *wire.CryptoFrame:
+ err = s.handleCryptoFrame(frame, encLevel)
+ case *wire.StreamFrame:
+ err = s.handleStreamFrame(frame)
+ case *wire.AckFrame:
+ err = s.handleAckFrame(frame, encLevel)
+ case *wire.ConnectionCloseFrame:
+ s.handleConnectionCloseFrame(frame)
+ case *wire.ResetStreamFrame:
+ err = s.handleResetStreamFrame(frame)
+ case *wire.MaxDataFrame:
+ s.handleMaxDataFrame(frame)
+ case *wire.MaxStreamDataFrame:
+ err = s.handleMaxStreamDataFrame(frame)
+ case *wire.MaxStreamsFrame:
+ s.handleMaxStreamsFrame(frame)
+ case *wire.DataBlockedFrame:
+ case *wire.StreamDataBlockedFrame:
+ case *wire.StreamsBlockedFrame:
+ case *wire.StopSendingFrame:
+ err = s.handleStopSendingFrame(frame)
+ case *wire.PingFrame:
+ case *wire.PathChallengeFrame:
+ s.handlePathChallengeFrame(frame)
+ case *wire.PathResponseFrame:
+ // since we don't send PATH_CHALLENGEs, we don't expect PATH_RESPONSEs
+ err = errors.New("unexpected PATH_RESPONSE frame")
+ case *wire.NewTokenFrame:
+ err = s.handleNewTokenFrame(frame)
+ case *wire.NewConnectionIDFrame:
+ err = s.handleNewConnectionIDFrame(frame)
+ case *wire.RetireConnectionIDFrame:
+ err = s.handleRetireConnectionIDFrame(frame, destConnID)
+ case *wire.HandshakeDoneFrame:
+ err = s.handleHandshakeDoneFrame()
+ case *wire.DatagramFrame:
+ err = s.handleDatagramFrame(frame)
+ default:
+ err = fmt.Errorf("unexpected frame type: %s", reflect.ValueOf(&frame).Elem().Type().Name())
+ }
+ return err
+}
+
+// handlePacket is called by the server with a new packet
+func (s *session) handlePacket(p *receivedPacket) {
+ // Discard packets once the amount of queued packets is larger than
+ // the channel size, protocol.MaxSessionUnprocessedPackets
+ select {
+ case s.receivedPackets <- p:
+ default:
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeNotDetermined, p.Size(), logging.PacketDropDOSPrevention)
+ }
+ }
+}
+
+func (s *session) handleConnectionCloseFrame(frame *wire.ConnectionCloseFrame) {
+ if frame.IsApplicationError {
+ s.closeRemote(&qerr.ApplicationError{
+ Remote: true,
+ ErrorCode: qerr.ApplicationErrorCode(frame.ErrorCode),
+ ErrorMessage: frame.ReasonPhrase,
+ })
+ return
+ }
+ s.closeRemote(&qerr.TransportError{
+ Remote: true,
+ ErrorCode: qerr.TransportErrorCode(frame.ErrorCode),
+ FrameType: frame.FrameType,
+ ErrorMessage: frame.ReasonPhrase,
+ })
+}
+
+func (s *session) handleCryptoFrame(frame *wire.CryptoFrame, encLevel protocol.EncryptionLevel) error {
+ encLevelChanged, err := s.cryptoStreamManager.HandleCryptoFrame(frame, encLevel)
+ if err != nil {
+ return err
+ }
+ if encLevelChanged {
+ // Queue all packets for decryption that have been undecryptable so far.
+ s.undecryptablePacketsToProcess = s.undecryptablePackets
+ s.undecryptablePackets = nil
+ }
+ return nil
+}
+
+func (s *session) handleStreamFrame(frame *wire.StreamFrame) error {
+ str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID)
+ if err != nil {
+ return err
+ }
+ if str == nil {
+ // Stream is closed and already garbage collected
+ // ignore this StreamFrame
+ return nil
+ }
+ return str.handleStreamFrame(frame)
+}
+
+func (s *session) handleMaxDataFrame(frame *wire.MaxDataFrame) {
+ s.connFlowController.UpdateSendWindow(frame.MaximumData)
+}
+
+func (s *session) handleMaxStreamDataFrame(frame *wire.MaxStreamDataFrame) error {
+ str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID)
+ if err != nil {
+ return err
+ }
+ if str == nil {
+ // stream is closed and already garbage collected
+ return nil
+ }
+ str.updateSendWindow(frame.MaximumStreamData)
+ return nil
+}
+
+func (s *session) handleMaxStreamsFrame(frame *wire.MaxStreamsFrame) {
+ s.streamsMap.HandleMaxStreamsFrame(frame)
+}
+
+func (s *session) handleResetStreamFrame(frame *wire.ResetStreamFrame) error {
+ str, err := s.streamsMap.GetOrOpenReceiveStream(frame.StreamID)
+ if err != nil {
+ return err
+ }
+ if str == nil {
+ // stream is closed and already garbage collected
+ return nil
+ }
+ return str.handleResetStreamFrame(frame)
+}
+
+func (s *session) handleStopSendingFrame(frame *wire.StopSendingFrame) error {
+ str, err := s.streamsMap.GetOrOpenSendStream(frame.StreamID)
+ if err != nil {
+ return err
+ }
+ if str == nil {
+ // stream is closed and already garbage collected
+ return nil
+ }
+ str.handleStopSendingFrame(frame)
+ return nil
+}
+
+func (s *session) handlePathChallengeFrame(frame *wire.PathChallengeFrame) {
+ s.queueControlFrame(&wire.PathResponseFrame{Data: frame.Data})
+}
+
+func (s *session) handleNewTokenFrame(frame *wire.NewTokenFrame) error {
+ if s.perspective == protocol.PerspectiveServer {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "received NEW_TOKEN frame from the client",
+ }
+ }
+ if s.config.TokenStore != nil {
+ s.config.TokenStore.Put(s.tokenStoreKey, &ClientToken{data: frame.Token})
+ }
+ return nil
+}
+
+func (s *session) handleNewConnectionIDFrame(f *wire.NewConnectionIDFrame) error {
+ return s.connIDManager.Add(f)
+}
+
+func (s *session) handleRetireConnectionIDFrame(f *wire.RetireConnectionIDFrame, destConnID protocol.ConnectionID) error {
+ return s.connIDGenerator.Retire(f.SequenceNumber, destConnID)
+}
+
+func (s *session) handleHandshakeDoneFrame() error {
+ if s.perspective == protocol.PerspectiveServer {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "received a HANDSHAKE_DONE frame",
+ }
+ }
+ if !s.handshakeConfirmed {
+ s.handleHandshakeConfirmed()
+ }
+ return nil
+}
+
+func (s *session) handleAckFrame(frame *wire.AckFrame, encLevel protocol.EncryptionLevel) error {
+ acked1RTTPacket, err := s.sentPacketHandler.ReceivedAck(frame, encLevel, s.lastPacketReceivedTime)
+ if err != nil {
+ return err
+ }
+ if !acked1RTTPacket {
+ return nil
+ }
+ if s.perspective == protocol.PerspectiveClient && !s.handshakeConfirmed {
+ s.handleHandshakeConfirmed()
+ }
+ return s.cryptoStreamHandler.SetLargest1RTTAcked(frame.LargestAcked())
+}
+
+func (s *session) handleDatagramFrame(f *wire.DatagramFrame) error {
+ if f.Length(s.version) > protocol.MaxDatagramFrameSize {
+ return &qerr.TransportError{
+ ErrorCode: qerr.ProtocolViolation,
+ ErrorMessage: "DATAGRAM frame too large",
+ }
+ }
+ s.datagramQueue.HandleDatagramFrame(f)
+ return nil
+}
+
+// closeLocal closes the session and send a CONNECTION_CLOSE containing the error
+func (s *session) closeLocal(e error) {
+ s.closeOnce.Do(func() {
+ if e == nil {
+ s.logger.Infof("Closing session.")
+ } else {
+ s.logger.Errorf("Closing session with error: %s", e)
+ }
+ s.closeChan <- closeError{err: e, immediate: false, remote: false}
+ })
+}
+
+// destroy closes the session without sending the error on the wire
+func (s *session) destroy(e error) {
+ s.destroyImpl(e)
+ <-s.ctx.Done()
+}
+
+func (s *session) destroyImpl(e error) {
+ s.closeOnce.Do(func() {
+ if nerr, ok := e.(net.Error); ok && nerr.Timeout() {
+ s.logger.Errorf("Destroying session: %s", e)
+ } else {
+ s.logger.Errorf("Destroying session with error: %s", e)
+ }
+ s.closeChan <- closeError{err: e, immediate: true, remote: false}
+ })
+}
+
+func (s *session) closeRemote(e error) {
+ s.closeOnce.Do(func() {
+ s.logger.Errorf("Peer closed session with error: %s", e)
+ s.closeChan <- closeError{err: e, immediate: true, remote: true}
+ })
+}
+
+// Close the connection. It sends a NO_ERROR application error.
+// It waits until the run loop has stopped before returning
+func (s *session) shutdown() {
+ s.closeLocal(nil)
+ <-s.ctx.Done()
+}
+
+func (s *session) CloseWithError(code ApplicationErrorCode, desc string) error {
+ s.closeLocal(&qerr.ApplicationError{
+ ErrorCode: code,
+ ErrorMessage: desc,
+ })
+ <-s.ctx.Done()
+ return nil
+}
+
+func (s *session) handleCloseError(closeErr *closeError) {
+ e := closeErr.err
+ if e == nil {
+ e = &qerr.ApplicationError{}
+ } else {
+ defer func() {
+ closeErr.err = e
+ }()
+ }
+
+ switch {
+ case errors.Is(e, qerr.ErrIdleTimeout),
+ errors.Is(e, qerr.ErrHandshakeTimeout),
+ errors.Is(e, &StatelessResetError{}),
+ errors.Is(e, &VersionNegotiationError{}),
+ errors.Is(e, &errCloseForRecreating{}),
+ errors.Is(e, &qerr.ApplicationError{}),
+ errors.Is(e, &qerr.TransportError{}):
+ default:
+ e = &qerr.TransportError{
+ ErrorCode: qerr.InternalError,
+ ErrorMessage: e.Error(),
+ }
+ }
+
+ s.streamsMap.CloseWithError(e)
+ s.connIDManager.Close()
+ if s.datagramQueue != nil {
+ s.datagramQueue.CloseWithError(e)
+ }
+
+ if s.tracer != nil && !errors.Is(e, &errCloseForRecreating{}) {
+ s.tracer.ClosedConnection(e)
+ }
+
+ // If this is a remote close we're done here
+ if closeErr.remote {
+ s.connIDGenerator.ReplaceWithClosed(newClosedRemoteSession(s.perspective))
+ return
+ }
+ if closeErr.immediate {
+ s.connIDGenerator.RemoveAll()
+ return
+ }
+ connClosePacket, err := s.sendConnectionClose(e)
+ if err != nil {
+ s.logger.Debugf("Error sending CONNECTION_CLOSE: %s", err)
+ }
+ cs := newClosedLocalSession(s.conn, connClosePacket, s.perspective, s.logger)
+ s.connIDGenerator.ReplaceWithClosed(cs)
+}
+
+func (s *session) dropEncryptionLevel(encLevel protocol.EncryptionLevel) {
+ s.sentPacketHandler.DropPackets(encLevel)
+ s.receivedPacketHandler.DropPackets(encLevel)
+ if s.tracer != nil {
+ s.tracer.DroppedEncryptionLevel(encLevel)
+ }
+ if encLevel == protocol.Encryption0RTT {
+ s.streamsMap.ResetFor0RTT()
+ if err := s.connFlowController.Reset(); err != nil {
+ s.closeLocal(err)
+ }
+ if err := s.framer.Handle0RTTRejection(); err != nil {
+ s.closeLocal(err)
+ }
+ }
+}
+
+// is called for the client, when restoring transport parameters saved for 0-RTT
+func (s *session) restoreTransportParameters(params *wire.TransportParameters) {
+ if s.logger.Debug() {
+ s.logger.Debugf("Restoring Transport Parameters: %s", params)
+ }
+
+ s.peerParams = params
+ s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit)
+ s.connFlowController.UpdateSendWindow(params.InitialMaxData)
+ s.streamsMap.UpdateLimits(params)
+}
+
+func (s *session) handleTransportParameters(params *wire.TransportParameters) {
+ if err := s.checkTransportParameters(params); err != nil {
+ s.closeLocal(&qerr.TransportError{
+ ErrorCode: qerr.TransportParameterError,
+ ErrorMessage: err.Error(),
+ })
+ }
+ s.peerParams = params
+ // On the client side we have to wait for handshake completion.
+ // During a 0-RTT connection, we are only allowed to use the new transport parameters for 1-RTT packets.
+ if s.perspective == protocol.PerspectiveServer {
+ s.applyTransportParameters()
+ // On the server side, the early session is ready as soon as we processed
+ // the client's transport parameters.
+ close(s.earlySessionReadyChan)
+ }
+}
+
+func (s *session) checkTransportParameters(params *wire.TransportParameters) error {
+ if s.logger.Debug() {
+ s.logger.Debugf("Processed Transport Parameters: %s", params)
+ }
+ if s.tracer != nil {
+ s.tracer.ReceivedTransportParameters(params)
+ }
+
+ // check the initial_source_connection_id
+ if !params.InitialSourceConnectionID.Equal(s.handshakeDestConnID) {
+ return fmt.Errorf("expected initial_source_connection_id to equal %s, is %s", s.handshakeDestConnID, params.InitialSourceConnectionID)
+ }
+
+ if s.perspective == protocol.PerspectiveServer {
+ return nil
+ }
+ // check the original_destination_connection_id
+ if !params.OriginalDestinationConnectionID.Equal(s.origDestConnID) {
+ return fmt.Errorf("expected original_destination_connection_id to equal %s, is %s", s.origDestConnID, params.OriginalDestinationConnectionID)
+ }
+ if s.retrySrcConnID != nil { // a Retry was performed
+ if params.RetrySourceConnectionID == nil {
+ return errors.New("missing retry_source_connection_id")
+ }
+ if !(*params.RetrySourceConnectionID).Equal(*s.retrySrcConnID) {
+ return fmt.Errorf("expected retry_source_connection_id to equal %s, is %s", s.retrySrcConnID, *params.RetrySourceConnectionID)
+ }
+ } else if params.RetrySourceConnectionID != nil {
+ return errors.New("received retry_source_connection_id, although no Retry was performed")
+ }
+ return nil
+}
+
+func (s *session) applyTransportParameters() {
+ params := s.peerParams
+ // Our local idle timeout will always be > 0.
+ s.idleTimeout = utils.MinNonZeroDuration(s.config.MaxIdleTimeout, params.MaxIdleTimeout)
+ s.keepAliveInterval = utils.MinDuration(s.idleTimeout/2, protocol.MaxKeepAliveInterval)
+ s.streamsMap.UpdateLimits(params)
+ s.packer.HandleTransportParameters(params)
+ s.frameParser.SetAckDelayExponent(params.AckDelayExponent)
+ s.connFlowController.UpdateSendWindow(params.InitialMaxData)
+ s.rttStats.SetMaxAckDelay(params.MaxAckDelay)
+ s.connIDGenerator.SetMaxActiveConnIDs(params.ActiveConnectionIDLimit)
+ if params.StatelessResetToken != nil {
+ s.connIDManager.SetStatelessResetToken(*params.StatelessResetToken)
+ }
+ // We don't support connection migration yet, so we don't have any use for the preferred_address.
+ if params.PreferredAddress != nil {
+ // Retire the connection ID.
+ s.connIDManager.AddFromPreferredAddress(params.PreferredAddress.ConnectionID, params.PreferredAddress.StatelessResetToken)
+ }
+}
+
+func (s *session) sendPackets() error {
+ s.pacingDeadline = time.Time{}
+
+ var sentPacket bool // only used in for packets sent in send mode SendAny
+ for {
+ sendMode := s.sentPacketHandler.SendMode()
+ if sendMode == ackhandler.SendAny && s.handshakeComplete && !s.sentPacketHandler.HasPacingBudget() {
+ deadline := s.sentPacketHandler.TimeUntilSend()
+ if deadline.IsZero() {
+ deadline = deadlineSendImmediately
+ }
+ s.pacingDeadline = deadline
+ // Allow sending of an ACK if we're pacing limit (if we haven't sent out a packet yet).
+ // This makes sure that a peer that is mostly receiving data (and thus has an inaccurate cwnd estimate)
+ // sends enough ACKs to allow its peer to utilize the bandwidth.
+ if sentPacket {
+ return nil
+ }
+ sendMode = ackhandler.SendAck
+ }
+ switch sendMode {
+ case ackhandler.SendNone:
+ return nil
+ case ackhandler.SendAck:
+ // If we already sent packets, and the send mode switches to SendAck,
+ // as we've just become congestion limited.
+ // There's no need to try to send an ACK at this moment.
+ if sentPacket {
+ return nil
+ }
+ // We can at most send a single ACK only packet.
+ // There will only be a new ACK after receiving new packets.
+ // SendAck is only returned when we're congestion limited, so we don't need to set the pacingt timer.
+ return s.maybeSendAckOnlyPacket()
+ case ackhandler.SendPTOInitial:
+ if err := s.sendProbePacket(protocol.EncryptionInitial); err != nil {
+ return err
+ }
+ case ackhandler.SendPTOHandshake:
+ if err := s.sendProbePacket(protocol.EncryptionHandshake); err != nil {
+ return err
+ }
+ case ackhandler.SendPTOAppData:
+ if err := s.sendProbePacket(protocol.Encryption1RTT); err != nil {
+ return err
+ }
+ case ackhandler.SendAny:
+ sent, err := s.sendPacket()
+ if err != nil || !sent {
+ return err
+ }
+ sentPacket = true
+ default:
+ return fmt.Errorf("BUG: invalid send mode %d", sendMode)
+ }
+ // Prioritize receiving of packets over sending out more packets.
+ if len(s.receivedPackets) > 0 {
+ s.pacingDeadline = deadlineSendImmediately
+ return nil
+ }
+ if s.sendQueue.WouldBlock() {
+ return nil
+ }
+ }
+}
+
+func (s *session) maybeSendAckOnlyPacket() error {
+ packet, err := s.packer.MaybePackAckPacket(s.handshakeConfirmed)
+ if err != nil {
+ return err
+ }
+ if packet == nil {
+ return nil
+ }
+ s.sendPackedPacket(packet, time.Now())
+ return nil
+}
+
+func (s *session) sendProbePacket(encLevel protocol.EncryptionLevel) error {
+ // Queue probe packets until we actually send out a packet,
+ // or until there are no more packets to queue.
+ var packet *packedPacket
+ for {
+ if wasQueued := s.sentPacketHandler.QueueProbePacket(encLevel); !wasQueued {
+ break
+ }
+ var err error
+ packet, err = s.packer.MaybePackProbePacket(encLevel)
+ if err != nil {
+ return err
+ }
+ if packet != nil {
+ break
+ }
+ }
+ if packet == nil {
+ //nolint:exhaustive // Cannot send probe packets for 0-RTT.
+ switch encLevel {
+ case protocol.EncryptionInitial:
+ s.retransmissionQueue.AddInitial(&wire.PingFrame{})
+ case protocol.EncryptionHandshake:
+ s.retransmissionQueue.AddHandshake(&wire.PingFrame{})
+ case protocol.Encryption1RTT:
+ s.retransmissionQueue.AddAppData(&wire.PingFrame{})
+ default:
+ panic("unexpected encryption level")
+ }
+ var err error
+ packet, err = s.packer.MaybePackProbePacket(encLevel)
+ if err != nil {
+ return err
+ }
+ }
+ if packet == nil || packet.packetContents == nil {
+ return fmt.Errorf("session BUG: couldn't pack %s probe packet", encLevel)
+ }
+ s.sendPackedPacket(packet, time.Now())
+ return nil
+}
+
+func (s *session) sendPacket() (bool, error) {
+ if isBlocked, offset := s.connFlowController.IsNewlyBlocked(); isBlocked {
+ s.framer.QueueControlFrame(&wire.DataBlockedFrame{MaximumData: offset})
+ }
+ s.windowUpdateQueue.QueueAll()
+
+ now := time.Now()
+ if !s.handshakeConfirmed {
+ packet, err := s.packer.PackCoalescedPacket()
+ if err != nil || packet == nil {
+ return false, err
+ }
+ s.logCoalescedPacket(packet)
+ for _, p := range packet.packets {
+ if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && p.IsAckEliciting() {
+ s.firstAckElicitingPacketAfterIdleSentTime = now
+ }
+ s.sentPacketHandler.SentPacket(p.ToAckHandlerPacket(now, s.retransmissionQueue))
+ }
+ s.connIDManager.SentPacket()
+ s.sendQueue.Send(packet.buffer)
+ return true, nil
+ }
+ if !s.config.DisablePathMTUDiscovery && s.mtuDiscoverer.ShouldSendProbe(now) {
+ packet, err := s.packer.PackMTUProbePacket(s.mtuDiscoverer.GetPing())
+ if err != nil {
+ return false, err
+ }
+ s.sendPackedPacket(packet, now)
+ return true, nil
+ }
+ packet, err := s.packer.PackPacket()
+ if err != nil || packet == nil {
+ return false, err
+ }
+ s.sendPackedPacket(packet, now)
+ return true, nil
+}
+
+func (s *session) sendPackedPacket(packet *packedPacket, now time.Time) {
+ if s.firstAckElicitingPacketAfterIdleSentTime.IsZero() && packet.IsAckEliciting() {
+ s.firstAckElicitingPacketAfterIdleSentTime = now
+ }
+ s.logPacket(packet)
+ s.sentPacketHandler.SentPacket(packet.ToAckHandlerPacket(now, s.retransmissionQueue))
+ s.connIDManager.SentPacket()
+ s.sendQueue.Send(packet.buffer)
+}
+
+func (s *session) sendConnectionClose(e error) ([]byte, error) {
+ var packet *coalescedPacket
+ var err error
+ var transportErr *qerr.TransportError
+ var applicationErr *qerr.ApplicationError
+ if errors.As(e, &transportErr) {
+ packet, err = s.packer.PackConnectionClose(transportErr)
+ } else if errors.As(e, &applicationErr) {
+ packet, err = s.packer.PackApplicationClose(applicationErr)
+ } else {
+ packet, err = s.packer.PackConnectionClose(&qerr.TransportError{
+ ErrorCode: qerr.InternalError,
+ ErrorMessage: fmt.Sprintf("session BUG: unspecified error type (msg: %s)", e.Error()),
+ })
+ }
+ if err != nil {
+ return nil, err
+ }
+ s.logCoalescedPacket(packet)
+ return packet.buffer.Data, s.conn.Write(packet.buffer.Data)
+}
+
+func (s *session) logPacketContents(p *packetContents) {
+ // tracing
+ if s.tracer != nil {
+ frames := make([]logging.Frame, 0, len(p.frames))
+ for _, f := range p.frames {
+ frames = append(frames, logutils.ConvertFrame(f.Frame))
+ }
+ s.tracer.SentPacket(p.header, p.length, p.ack, frames)
+ }
+
+ // quic-go logging
+ if !s.logger.Debug() {
+ return
+ }
+ p.header.Log(s.logger)
+ if p.ack != nil {
+ wire.LogFrame(s.logger, p.ack, true)
+ }
+ for _, frame := range p.frames {
+ wire.LogFrame(s.logger, frame.Frame, true)
+ }
+}
+
+func (s *session) logCoalescedPacket(packet *coalescedPacket) {
+ if s.logger.Debug() {
+ if len(packet.packets) > 1 {
+ s.logger.Debugf("-> Sending coalesced packet (%d parts, %d bytes) for connection %s", len(packet.packets), packet.buffer.Len(), s.logID)
+ } else {
+ s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, %s", packet.packets[0].header.PacketNumber, packet.buffer.Len(), s.logID, packet.packets[0].EncryptionLevel())
+ }
+ }
+ for _, p := range packet.packets {
+ s.logPacketContents(p)
+ }
+}
+
+func (s *session) logPacket(packet *packedPacket) {
+ if s.logger.Debug() {
+ s.logger.Debugf("-> Sending packet %d (%d bytes) for connection %s, %s", packet.header.PacketNumber, packet.buffer.Len(), s.logID, packet.EncryptionLevel())
+ }
+ s.logPacketContents(packet.packetContents)
+}
+
+// AcceptStream returns the next stream openend by the peer
+func (s *session) AcceptStream(ctx context.Context) (Stream, error) {
+ return s.streamsMap.AcceptStream(ctx)
+}
+
+func (s *session) AcceptUniStream(ctx context.Context) (ReceiveStream, error) {
+ return s.streamsMap.AcceptUniStream(ctx)
+}
+
+// OpenStream opens a stream
+func (s *session) OpenStream() (Stream, error) {
+ return s.streamsMap.OpenStream()
+}
+
+func (s *session) OpenStreamSync(ctx context.Context) (Stream, error) {
+ return s.streamsMap.OpenStreamSync(ctx)
+}
+
+func (s *session) OpenUniStream() (SendStream, error) {
+ return s.streamsMap.OpenUniStream()
+}
+
+func (s *session) OpenUniStreamSync(ctx context.Context) (SendStream, error) {
+ return s.streamsMap.OpenUniStreamSync(ctx)
+}
+
+func (s *session) newFlowController(id protocol.StreamID) flowcontrol.StreamFlowController {
+ initialSendWindow := s.peerParams.InitialMaxStreamDataUni
+ if id.Type() == protocol.StreamTypeBidi {
+ if id.InitiatedBy() == s.perspective {
+ initialSendWindow = s.peerParams.InitialMaxStreamDataBidiRemote
+ } else {
+ initialSendWindow = s.peerParams.InitialMaxStreamDataBidiLocal
+ }
+ }
+ return flowcontrol.NewStreamFlowController(
+ id,
+ s.connFlowController,
+ protocol.ByteCount(s.config.InitialStreamReceiveWindow),
+ protocol.ByteCount(s.config.MaxStreamReceiveWindow),
+ initialSendWindow,
+ s.onHasStreamWindowUpdate,
+ s.rttStats,
+ s.logger,
+ )
+}
+
+// scheduleSending signals that we have data for sending
+func (s *session) scheduleSending() {
+ select {
+ case s.sendingScheduled <- struct{}{}:
+ default:
+ }
+}
+
+func (s *session) tryQueueingUndecryptablePacket(p *receivedPacket, hdr *wire.Header) {
+ if s.handshakeComplete {
+ panic("shouldn't queue undecryptable packets after handshake completion")
+ }
+ if len(s.undecryptablePackets)+1 > protocol.MaxUndecryptablePackets {
+ if s.tracer != nil {
+ s.tracer.DroppedPacket(logging.PacketTypeFromHeader(hdr), p.Size(), logging.PacketDropDOSPrevention)
+ }
+ s.logger.Infof("Dropping undecryptable packet (%d bytes). Undecryptable packet queue full.", p.Size())
+ return
+ }
+ s.logger.Infof("Queueing packet (%d bytes) for later decryption", p.Size())
+ if s.tracer != nil {
+ s.tracer.BufferedPacket(logging.PacketTypeFromHeader(hdr))
+ }
+ s.undecryptablePackets = append(s.undecryptablePackets, p)
+}
+
+func (s *session) queueControlFrame(f wire.Frame) {
+ s.framer.QueueControlFrame(f)
+ s.scheduleSending()
+}
+
+func (s *session) onHasStreamWindowUpdate(id protocol.StreamID) {
+ s.windowUpdateQueue.AddStream(id)
+ s.scheduleSending()
+}
+
+func (s *session) onHasConnectionWindowUpdate() {
+ s.windowUpdateQueue.AddConnection()
+ s.scheduleSending()
+}
+
+func (s *session) onHasStreamData(id protocol.StreamID) {
+ s.framer.AddActiveStream(id)
+ s.scheduleSending()
+}
+
+func (s *session) onStreamCompleted(id protocol.StreamID) {
+ if err := s.streamsMap.DeleteStream(id); err != nil {
+ s.closeLocal(err)
+ }
+}
+
+func (s *session) SendMessage(p []byte) error {
+ f := &wire.DatagramFrame{DataLenPresent: true}
+ if protocol.ByteCount(len(p)) > f.MaxDataLen(s.peerParams.MaxDatagramFrameSize, s.version) {
+ return errors.New("message too large")
+ }
+ f.Data = make([]byte, len(p))
+ copy(f.Data, p)
+ s.datagramQueue.AddAndWait(f)
+ return nil
+}
+
+func (s *session) ReceiveMessage() ([]byte, error) {
+ return s.datagramQueue.Receive()
+}
+
+func (s *session) LocalAddr() net.Addr {
+ return s.conn.LocalAddr()
+}
+
+func (s *session) RemoteAddr() net.Addr {
+ return s.conn.RemoteAddr()
+}
+
+func (s *session) getPerspective() protocol.Perspective {
+ return s.perspective
+}
+
+func (s *session) GetVersion() protocol.VersionNumber {
+ return s.version
+}
+
+func (s *session) NextSession() Session {
+ <-s.HandshakeComplete().Done()
+ s.streamsMap.UseResetMaps()
+ return s
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/stream.go b/vendor/github.com/lucas-clemente/quic-go/stream.go
new file mode 100644
index 00000000..95bbcb35
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/stream.go
@@ -0,0 +1,149 @@
+package quic
+
+import (
+ "net"
+ "os"
+ "sync"
+ "time"
+
+ "github.com/lucas-clemente/quic-go/internal/ackhandler"
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type deadlineError struct{}
+
+func (deadlineError) Error() string { return "deadline exceeded" }
+func (deadlineError) Temporary() bool { return true }
+func (deadlineError) Timeout() bool { return true }
+func (deadlineError) Unwrap() error { return os.ErrDeadlineExceeded }
+
+var errDeadline net.Error = &deadlineError{}
+
+// The streamSender is notified by the stream about various events.
+type streamSender interface {
+ queueControlFrame(wire.Frame)
+ onHasStreamData(protocol.StreamID)
+ // must be called without holding the mutex that is acquired by closeForShutdown
+ onStreamCompleted(protocol.StreamID)
+}
+
+// Each of the both stream halves gets its own uniStreamSender.
+// This is necessary in order to keep track when both halves have been completed.
+type uniStreamSender struct {
+ streamSender
+ onStreamCompletedImpl func()
+}
+
+func (s *uniStreamSender) queueControlFrame(f wire.Frame) {
+ s.streamSender.queueControlFrame(f)
+}
+
+func (s *uniStreamSender) onHasStreamData(id protocol.StreamID) {
+ s.streamSender.onHasStreamData(id)
+}
+
+func (s *uniStreamSender) onStreamCompleted(protocol.StreamID) {
+ s.onStreamCompletedImpl()
+}
+
+var _ streamSender = &uniStreamSender{}
+
+type streamI interface {
+ Stream
+ closeForShutdown(error)
+ // for receiving
+ handleStreamFrame(*wire.StreamFrame) error
+ handleResetStreamFrame(*wire.ResetStreamFrame) error
+ getWindowUpdate() protocol.ByteCount
+ // for sending
+ hasData() bool
+ handleStopSendingFrame(*wire.StopSendingFrame)
+ popStreamFrame(maxBytes protocol.ByteCount) (*ackhandler.Frame, bool)
+ updateSendWindow(protocol.ByteCount)
+}
+
+var (
+ _ receiveStreamI = (streamI)(nil)
+ _ sendStreamI = (streamI)(nil)
+)
+
+// A Stream assembles the data from StreamFrames and provides a super-convenient Read-Interface
+//
+// Read() and Write() may be called concurrently, but multiple calls to Read() or Write() individually must be synchronized manually.
+type stream struct {
+ receiveStream
+ sendStream
+
+ completedMutex sync.Mutex
+ sender streamSender
+ receiveStreamCompleted bool
+ sendStreamCompleted bool
+
+ version protocol.VersionNumber
+}
+
+var _ Stream = &stream{}
+
+// newStream creates a new Stream
+func newStream(streamID protocol.StreamID,
+ sender streamSender,
+ flowController flowcontrol.StreamFlowController,
+ version protocol.VersionNumber,
+) *stream {
+ s := &stream{sender: sender, version: version}
+ senderForSendStream := &uniStreamSender{
+ streamSender: sender,
+ onStreamCompletedImpl: func() {
+ s.completedMutex.Lock()
+ s.sendStreamCompleted = true
+ s.checkIfCompleted()
+ s.completedMutex.Unlock()
+ },
+ }
+ s.sendStream = *newSendStream(streamID, senderForSendStream, flowController, version)
+ senderForReceiveStream := &uniStreamSender{
+ streamSender: sender,
+ onStreamCompletedImpl: func() {
+ s.completedMutex.Lock()
+ s.receiveStreamCompleted = true
+ s.checkIfCompleted()
+ s.completedMutex.Unlock()
+ },
+ }
+ s.receiveStream = *newReceiveStream(streamID, senderForReceiveStream, flowController, version)
+ return s
+}
+
+// need to define StreamID() here, since both receiveStream and readStream have a StreamID()
+func (s *stream) StreamID() protocol.StreamID {
+ // the result is same for receiveStream and sendStream
+ return s.sendStream.StreamID()
+}
+
+func (s *stream) Close() error {
+ return s.sendStream.Close()
+}
+
+func (s *stream) SetDeadline(t time.Time) error {
+ _ = s.SetReadDeadline(t) // SetReadDeadline never errors
+ _ = s.SetWriteDeadline(t) // SetWriteDeadline never errors
+ return nil
+}
+
+// CloseForShutdown closes a stream abruptly.
+// It makes Read and Write unblock (and return the error) immediately.
+// The peer will NOT be informed about this: the stream is closed without sending a FIN or RST.
+func (s *stream) closeForShutdown(err error) {
+ s.sendStream.closeForShutdown(err)
+ s.receiveStream.closeForShutdown(err)
+}
+
+// checkIfCompleted is called from the uniStreamSender, when one of the stream halves is completed.
+// It makes sure that the onStreamCompleted callback is only called if both receive and send side have completed.
+func (s *stream) checkIfCompleted() {
+ if s.sendStreamCompleted && s.receiveStreamCompleted {
+ s.sender.onStreamCompleted(s.StreamID())
+ }
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map.go b/vendor/github.com/lucas-clemente/quic-go/streams_map.go
new file mode 100644
index 00000000..79c1ee91
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map.go
@@ -0,0 +1,317 @@
+package quic
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "net"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/qerr"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type streamError struct {
+ message string
+ nums []protocol.StreamNum
+}
+
+func (e streamError) Error() string {
+ return e.message
+}
+
+func convertStreamError(err error, stype protocol.StreamType, pers protocol.Perspective) error {
+ strError, ok := err.(streamError)
+ if !ok {
+ return err
+ }
+ ids := make([]interface{}, len(strError.nums))
+ for i, num := range strError.nums {
+ ids[i] = num.StreamID(stype, pers)
+ }
+ return fmt.Errorf(strError.Error(), ids...)
+}
+
+type streamOpenErr struct{ error }
+
+var _ net.Error = &streamOpenErr{}
+
+func (e streamOpenErr) Temporary() bool { return e.error == errTooManyOpenStreams }
+func (streamOpenErr) Timeout() bool { return false }
+
+// errTooManyOpenStreams is used internally by the outgoing streams maps.
+var errTooManyOpenStreams = errors.New("too many open streams")
+
+type streamsMap struct {
+ perspective protocol.Perspective
+ version protocol.VersionNumber
+
+ maxIncomingBidiStreams uint64
+ maxIncomingUniStreams uint64
+
+ sender streamSender
+ newFlowController func(protocol.StreamID) flowcontrol.StreamFlowController
+
+ mutex sync.Mutex
+ outgoingBidiStreams *outgoingBidiStreamsMap
+ outgoingUniStreams *outgoingUniStreamsMap
+ incomingBidiStreams *incomingBidiStreamsMap
+ incomingUniStreams *incomingUniStreamsMap
+ reset bool
+}
+
+var _ streamManager = &streamsMap{}
+
+func newStreamsMap(
+ sender streamSender,
+ newFlowController func(protocol.StreamID) flowcontrol.StreamFlowController,
+ maxIncomingBidiStreams uint64,
+ maxIncomingUniStreams uint64,
+ perspective protocol.Perspective,
+ version protocol.VersionNumber,
+) streamManager {
+ m := &streamsMap{
+ perspective: perspective,
+ newFlowController: newFlowController,
+ maxIncomingBidiStreams: maxIncomingBidiStreams,
+ maxIncomingUniStreams: maxIncomingUniStreams,
+ sender: sender,
+ version: version,
+ }
+ m.initMaps()
+ return m
+}
+
+func (m *streamsMap) initMaps() {
+ m.outgoingBidiStreams = newOutgoingBidiStreamsMap(
+ func(num protocol.StreamNum) streamI {
+ id := num.StreamID(protocol.StreamTypeBidi, m.perspective)
+ return newStream(id, m.sender, m.newFlowController(id), m.version)
+ },
+ m.sender.queueControlFrame,
+ )
+ m.incomingBidiStreams = newIncomingBidiStreamsMap(
+ func(num protocol.StreamNum) streamI {
+ id := num.StreamID(protocol.StreamTypeBidi, m.perspective.Opposite())
+ return newStream(id, m.sender, m.newFlowController(id), m.version)
+ },
+ m.maxIncomingBidiStreams,
+ m.sender.queueControlFrame,
+ )
+ m.outgoingUniStreams = newOutgoingUniStreamsMap(
+ func(num protocol.StreamNum) sendStreamI {
+ id := num.StreamID(protocol.StreamTypeUni, m.perspective)
+ return newSendStream(id, m.sender, m.newFlowController(id), m.version)
+ },
+ m.sender.queueControlFrame,
+ )
+ m.incomingUniStreams = newIncomingUniStreamsMap(
+ func(num protocol.StreamNum) receiveStreamI {
+ id := num.StreamID(protocol.StreamTypeUni, m.perspective.Opposite())
+ return newReceiveStream(id, m.sender, m.newFlowController(id), m.version)
+ },
+ m.maxIncomingUniStreams,
+ m.sender.queueControlFrame,
+ )
+}
+
+func (m *streamsMap) OpenStream() (Stream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.outgoingBidiStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.OpenStream()
+ return str, convertStreamError(err, protocol.StreamTypeBidi, m.perspective)
+}
+
+func (m *streamsMap) OpenStreamSync(ctx context.Context) (Stream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.outgoingBidiStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.OpenStreamSync(ctx)
+ return str, convertStreamError(err, protocol.StreamTypeBidi, m.perspective)
+}
+
+func (m *streamsMap) OpenUniStream() (SendStream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.outgoingUniStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.OpenStream()
+ return str, convertStreamError(err, protocol.StreamTypeBidi, m.perspective)
+}
+
+func (m *streamsMap) OpenUniStreamSync(ctx context.Context) (SendStream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.outgoingUniStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.OpenStreamSync(ctx)
+ return str, convertStreamError(err, protocol.StreamTypeUni, m.perspective)
+}
+
+func (m *streamsMap) AcceptStream(ctx context.Context) (Stream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.incomingBidiStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.AcceptStream(ctx)
+ return str, convertStreamError(err, protocol.StreamTypeBidi, m.perspective.Opposite())
+}
+
+func (m *streamsMap) AcceptUniStream(ctx context.Context) (ReceiveStream, error) {
+ m.mutex.Lock()
+ reset := m.reset
+ mm := m.incomingUniStreams
+ m.mutex.Unlock()
+ if reset {
+ return nil, Err0RTTRejected
+ }
+ str, err := mm.AcceptStream(ctx)
+ return str, convertStreamError(err, protocol.StreamTypeUni, m.perspective.Opposite())
+}
+
+func (m *streamsMap) DeleteStream(id protocol.StreamID) error {
+ num := id.StreamNum()
+ switch id.Type() {
+ case protocol.StreamTypeUni:
+ if id.InitiatedBy() == m.perspective {
+ return convertStreamError(m.outgoingUniStreams.DeleteStream(num), protocol.StreamTypeUni, m.perspective)
+ }
+ return convertStreamError(m.incomingUniStreams.DeleteStream(num), protocol.StreamTypeUni, m.perspective.Opposite())
+ case protocol.StreamTypeBidi:
+ if id.InitiatedBy() == m.perspective {
+ return convertStreamError(m.outgoingBidiStreams.DeleteStream(num), protocol.StreamTypeBidi, m.perspective)
+ }
+ return convertStreamError(m.incomingBidiStreams.DeleteStream(num), protocol.StreamTypeBidi, m.perspective.Opposite())
+ }
+ panic("")
+}
+
+func (m *streamsMap) GetOrOpenReceiveStream(id protocol.StreamID) (receiveStreamI, error) {
+ str, err := m.getOrOpenReceiveStream(id)
+ if err != nil {
+ return nil, &qerr.TransportError{
+ ErrorCode: qerr.StreamStateError,
+ ErrorMessage: err.Error(),
+ }
+ }
+ return str, nil
+}
+
+func (m *streamsMap) getOrOpenReceiveStream(id protocol.StreamID) (receiveStreamI, error) {
+ num := id.StreamNum()
+ switch id.Type() {
+ case protocol.StreamTypeUni:
+ if id.InitiatedBy() == m.perspective {
+ // an outgoing unidirectional stream is a send stream, not a receive stream
+ return nil, fmt.Errorf("peer attempted to open receive stream %d", id)
+ }
+ str, err := m.incomingUniStreams.GetOrOpenStream(num)
+ return str, convertStreamError(err, protocol.StreamTypeUni, m.perspective)
+ case protocol.StreamTypeBidi:
+ var str receiveStreamI
+ var err error
+ if id.InitiatedBy() == m.perspective {
+ str, err = m.outgoingBidiStreams.GetStream(num)
+ } else {
+ str, err = m.incomingBidiStreams.GetOrOpenStream(num)
+ }
+ return str, convertStreamError(err, protocol.StreamTypeBidi, id.InitiatedBy())
+ }
+ panic("")
+}
+
+func (m *streamsMap) GetOrOpenSendStream(id protocol.StreamID) (sendStreamI, error) {
+ str, err := m.getOrOpenSendStream(id)
+ if err != nil {
+ return nil, &qerr.TransportError{
+ ErrorCode: qerr.StreamStateError,
+ ErrorMessage: err.Error(),
+ }
+ }
+ return str, nil
+}
+
+func (m *streamsMap) getOrOpenSendStream(id protocol.StreamID) (sendStreamI, error) {
+ num := id.StreamNum()
+ switch id.Type() {
+ case protocol.StreamTypeUni:
+ if id.InitiatedBy() == m.perspective {
+ str, err := m.outgoingUniStreams.GetStream(num)
+ return str, convertStreamError(err, protocol.StreamTypeUni, m.perspective)
+ }
+ // an incoming unidirectional stream is a receive stream, not a send stream
+ return nil, fmt.Errorf("peer attempted to open send stream %d", id)
+ case protocol.StreamTypeBidi:
+ var str sendStreamI
+ var err error
+ if id.InitiatedBy() == m.perspective {
+ str, err = m.outgoingBidiStreams.GetStream(num)
+ } else {
+ str, err = m.incomingBidiStreams.GetOrOpenStream(num)
+ }
+ return str, convertStreamError(err, protocol.StreamTypeBidi, id.InitiatedBy())
+ }
+ panic("")
+}
+
+func (m *streamsMap) HandleMaxStreamsFrame(f *wire.MaxStreamsFrame) {
+ switch f.Type {
+ case protocol.StreamTypeUni:
+ m.outgoingUniStreams.SetMaxStream(f.MaxStreamNum)
+ case protocol.StreamTypeBidi:
+ m.outgoingBidiStreams.SetMaxStream(f.MaxStreamNum)
+ }
+}
+
+func (m *streamsMap) UpdateLimits(p *wire.TransportParameters) {
+ m.outgoingBidiStreams.UpdateSendWindow(p.InitialMaxStreamDataBidiRemote)
+ m.outgoingBidiStreams.SetMaxStream(p.MaxBidiStreamNum)
+ m.outgoingUniStreams.UpdateSendWindow(p.InitialMaxStreamDataUni)
+ m.outgoingUniStreams.SetMaxStream(p.MaxUniStreamNum)
+}
+
+func (m *streamsMap) CloseWithError(err error) {
+ m.outgoingBidiStreams.CloseWithError(err)
+ m.outgoingUniStreams.CloseWithError(err)
+ m.incomingBidiStreams.CloseWithError(err)
+ m.incomingUniStreams.CloseWithError(err)
+}
+
+// ResetFor0RTT resets is used when 0-RTT is rejected. In that case, the streams maps are
+// 1. closed with an Err0RTTRejected, making calls to Open{Uni}Stream{Sync} / Accept{Uni}Stream return that error.
+// 2. reset to their initial state, such that we can immediately process new incoming stream data.
+// Afterwards, calls to Open{Uni}Stream{Sync} / Accept{Uni}Stream will continue to return the error,
+// until UseResetMaps() has been called.
+func (m *streamsMap) ResetFor0RTT() {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+ m.reset = true
+ m.CloseWithError(Err0RTTRejected)
+ m.initMaps()
+}
+
+func (m *streamsMap) UseResetMaps() {
+ m.mutex.Lock()
+ m.reset = false
+ m.mutex.Unlock()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_generic_helper.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_generic_helper.go
new file mode 100644
index 00000000..26b56233
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_generic_helper.go
@@ -0,0 +1,18 @@
+package quic
+
+import (
+ "github.com/cheekybits/genny/generic"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+)
+
+// In the auto-generated streams maps, we need to be able to close the streams.
+// Therefore, extend the generic.Type with the stream close method.
+// This definition must be in a file that Genny doesn't process.
+type item interface {
+ generic.Type
+ updateSendWindow(protocol.ByteCount)
+ closeForShutdown(error)
+}
+
+const streamTypeGeneric protocol.StreamType = protocol.StreamTypeUni
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_bidi.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_bidi.go
new file mode 100644
index 00000000..46c8c73a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_bidi.go
@@ -0,0 +1,192 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// When a stream is deleted before it was accepted, we can't delete it from the map immediately.
+// We need to wait until the application accepts it, and delete it then.
+type streamIEntry struct {
+ stream streamI
+ shouldDelete bool
+}
+
+type incomingBidiStreamsMap struct {
+ mutex sync.RWMutex
+ newStreamChan chan struct{}
+
+ streams map[protocol.StreamNum]streamIEntry
+
+ nextStreamToAccept protocol.StreamNum // the next stream that will be returned by AcceptStream()
+ nextStreamToOpen protocol.StreamNum // the highest stream that the peer opened
+ maxStream protocol.StreamNum // the highest stream that the peer is allowed to open
+ maxNumStreams uint64 // maximum number of streams
+
+ newStream func(protocol.StreamNum) streamI
+ queueMaxStreamID func(*wire.MaxStreamsFrame)
+
+ closeErr error
+}
+
+func newIncomingBidiStreamsMap(
+ newStream func(protocol.StreamNum) streamI,
+ maxStreams uint64,
+ queueControlFrame func(wire.Frame),
+) *incomingBidiStreamsMap {
+ return &incomingBidiStreamsMap{
+ newStreamChan: make(chan struct{}, 1),
+ streams: make(map[protocol.StreamNum]streamIEntry),
+ maxStream: protocol.StreamNum(maxStreams),
+ maxNumStreams: maxStreams,
+ newStream: newStream,
+ nextStreamToOpen: 1,
+ nextStreamToAccept: 1,
+ queueMaxStreamID: func(f *wire.MaxStreamsFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *incomingBidiStreamsMap) AcceptStream(ctx context.Context) (streamI, error) {
+ // drain the newStreamChan, so we don't check the map twice if the stream doesn't exist
+ select {
+ case <-m.newStreamChan:
+ default:
+ }
+
+ m.mutex.Lock()
+
+ var num protocol.StreamNum
+ var entry streamIEntry
+ for {
+ num = m.nextStreamToAccept
+ if m.closeErr != nil {
+ m.mutex.Unlock()
+ return nil, m.closeErr
+ }
+ var ok bool
+ entry, ok = m.streams[num]
+ if ok {
+ break
+ }
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ case <-m.newStreamChan:
+ }
+ m.mutex.Lock()
+ }
+ m.nextStreamToAccept++
+ // If this stream was completed before being accepted, we can delete it now.
+ if entry.shouldDelete {
+ if err := m.deleteStream(num); err != nil {
+ m.mutex.Unlock()
+ return nil, err
+ }
+ }
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingBidiStreamsMap) GetOrOpenStream(num protocol.StreamNum) (streamI, error) {
+ m.mutex.RLock()
+ if num > m.maxStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer tried to open stream %d (current limit: %d)",
+ nums: []protocol.StreamNum{num, m.maxStream},
+ }
+ }
+ // if the num is smaller than the highest we accepted
+ // * this stream exists in the map, and we can return it, or
+ // * this stream was already closed, then we can return the nil
+ if num < m.nextStreamToOpen {
+ var s streamI
+ // If the stream was already queued for deletion, and is just waiting to be accepted, don't return it.
+ if entry, ok := m.streams[num]; ok && !entry.shouldDelete {
+ s = entry.stream
+ }
+ m.mutex.RUnlock()
+ return s, nil
+ }
+ m.mutex.RUnlock()
+
+ m.mutex.Lock()
+ // no need to check the two error conditions from above again
+ // * maxStream can only increase, so if the id was valid before, it definitely is valid now
+ // * highestStream is only modified by this function
+ for newNum := m.nextStreamToOpen; newNum <= num; newNum++ {
+ m.streams[newNum] = streamIEntry{stream: m.newStream(newNum)}
+ select {
+ case m.newStreamChan <- struct{}{}:
+ default:
+ }
+ }
+ m.nextStreamToOpen = num + 1
+ entry := m.streams[num]
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingBidiStreamsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ return m.deleteStream(num)
+}
+
+func (m *incomingBidiStreamsMap) deleteStream(num protocol.StreamNum) error {
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown incoming stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+
+ // Don't delete this stream yet, if it was not yet accepted.
+ // Just save it to streamsToDelete map, to make sure it is deleted as soon as it gets accepted.
+ if num >= m.nextStreamToAccept {
+ entry, ok := m.streams[num]
+ if ok && entry.shouldDelete {
+ return streamError{
+ message: "tried to delete incoming stream %d multiple times",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ entry.shouldDelete = true
+ m.streams[num] = entry // can't assign to struct in map, so we need to reassign
+ return nil
+ }
+
+ delete(m.streams, num)
+ // queue a MAX_STREAM_ID frame, giving the peer the option to open a new stream
+ if m.maxNumStreams > uint64(len(m.streams)) {
+ maxStream := m.nextStreamToOpen + protocol.StreamNum(m.maxNumStreams-uint64(len(m.streams))) - 1
+ // Never send a value larger than protocol.MaxStreamCount.
+ if maxStream <= protocol.MaxStreamCount {
+ m.maxStream = maxStream
+ m.queueMaxStreamID(&wire.MaxStreamsFrame{
+ Type: protocol.StreamTypeBidi,
+ MaxStreamNum: m.maxStream,
+ })
+ }
+ }
+ return nil
+}
+
+func (m *incomingBidiStreamsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, entry := range m.streams {
+ entry.stream.closeForShutdown(err)
+ }
+ m.mutex.Unlock()
+ close(m.newStreamChan)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_generic.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_generic.go
new file mode 100644
index 00000000..4c7696a0
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_generic.go
@@ -0,0 +1,190 @@
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// When a stream is deleted before it was accepted, we can't delete it from the map immediately.
+// We need to wait until the application accepts it, and delete it then.
+type itemEntry struct {
+ stream item
+ shouldDelete bool
+}
+
+//go:generate genny -in $GOFILE -out streams_map_incoming_bidi.go gen "item=streamI Item=BidiStream streamTypeGeneric=protocol.StreamTypeBidi"
+//go:generate genny -in $GOFILE -out streams_map_incoming_uni.go gen "item=receiveStreamI Item=UniStream streamTypeGeneric=protocol.StreamTypeUni"
+type incomingItemsMap struct {
+ mutex sync.RWMutex
+ newStreamChan chan struct{}
+
+ streams map[protocol.StreamNum]itemEntry
+
+ nextStreamToAccept protocol.StreamNum // the next stream that will be returned by AcceptStream()
+ nextStreamToOpen protocol.StreamNum // the highest stream that the peer opened
+ maxStream protocol.StreamNum // the highest stream that the peer is allowed to open
+ maxNumStreams uint64 // maximum number of streams
+
+ newStream func(protocol.StreamNum) item
+ queueMaxStreamID func(*wire.MaxStreamsFrame)
+
+ closeErr error
+}
+
+func newIncomingItemsMap(
+ newStream func(protocol.StreamNum) item,
+ maxStreams uint64,
+ queueControlFrame func(wire.Frame),
+) *incomingItemsMap {
+ return &incomingItemsMap{
+ newStreamChan: make(chan struct{}, 1),
+ streams: make(map[protocol.StreamNum]itemEntry),
+ maxStream: protocol.StreamNum(maxStreams),
+ maxNumStreams: maxStreams,
+ newStream: newStream,
+ nextStreamToOpen: 1,
+ nextStreamToAccept: 1,
+ queueMaxStreamID: func(f *wire.MaxStreamsFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *incomingItemsMap) AcceptStream(ctx context.Context) (item, error) {
+ // drain the newStreamChan, so we don't check the map twice if the stream doesn't exist
+ select {
+ case <-m.newStreamChan:
+ default:
+ }
+
+ m.mutex.Lock()
+
+ var num protocol.StreamNum
+ var entry itemEntry
+ for {
+ num = m.nextStreamToAccept
+ if m.closeErr != nil {
+ m.mutex.Unlock()
+ return nil, m.closeErr
+ }
+ var ok bool
+ entry, ok = m.streams[num]
+ if ok {
+ break
+ }
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ case <-m.newStreamChan:
+ }
+ m.mutex.Lock()
+ }
+ m.nextStreamToAccept++
+ // If this stream was completed before being accepted, we can delete it now.
+ if entry.shouldDelete {
+ if err := m.deleteStream(num); err != nil {
+ m.mutex.Unlock()
+ return nil, err
+ }
+ }
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingItemsMap) GetOrOpenStream(num protocol.StreamNum) (item, error) {
+ m.mutex.RLock()
+ if num > m.maxStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer tried to open stream %d (current limit: %d)",
+ nums: []protocol.StreamNum{num, m.maxStream},
+ }
+ }
+ // if the num is smaller than the highest we accepted
+ // * this stream exists in the map, and we can return it, or
+ // * this stream was already closed, then we can return the nil
+ if num < m.nextStreamToOpen {
+ var s item
+ // If the stream was already queued for deletion, and is just waiting to be accepted, don't return it.
+ if entry, ok := m.streams[num]; ok && !entry.shouldDelete {
+ s = entry.stream
+ }
+ m.mutex.RUnlock()
+ return s, nil
+ }
+ m.mutex.RUnlock()
+
+ m.mutex.Lock()
+ // no need to check the two error conditions from above again
+ // * maxStream can only increase, so if the id was valid before, it definitely is valid now
+ // * highestStream is only modified by this function
+ for newNum := m.nextStreamToOpen; newNum <= num; newNum++ {
+ m.streams[newNum] = itemEntry{stream: m.newStream(newNum)}
+ select {
+ case m.newStreamChan <- struct{}{}:
+ default:
+ }
+ }
+ m.nextStreamToOpen = num + 1
+ entry := m.streams[num]
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingItemsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ return m.deleteStream(num)
+}
+
+func (m *incomingItemsMap) deleteStream(num protocol.StreamNum) error {
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown incoming stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+
+ // Don't delete this stream yet, if it was not yet accepted.
+ // Just save it to streamsToDelete map, to make sure it is deleted as soon as it gets accepted.
+ if num >= m.nextStreamToAccept {
+ entry, ok := m.streams[num]
+ if ok && entry.shouldDelete {
+ return streamError{
+ message: "tried to delete incoming stream %d multiple times",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ entry.shouldDelete = true
+ m.streams[num] = entry // can't assign to struct in map, so we need to reassign
+ return nil
+ }
+
+ delete(m.streams, num)
+ // queue a MAX_STREAM_ID frame, giving the peer the option to open a new stream
+ if m.maxNumStreams > uint64(len(m.streams)) {
+ maxStream := m.nextStreamToOpen + protocol.StreamNum(m.maxNumStreams-uint64(len(m.streams))) - 1
+ // Never send a value larger than protocol.MaxStreamCount.
+ if maxStream <= protocol.MaxStreamCount {
+ m.maxStream = maxStream
+ m.queueMaxStreamID(&wire.MaxStreamsFrame{
+ Type: streamTypeGeneric,
+ MaxStreamNum: m.maxStream,
+ })
+ }
+ }
+ return nil
+}
+
+func (m *incomingItemsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, entry := range m.streams {
+ entry.stream.closeForShutdown(err)
+ }
+ m.mutex.Unlock()
+ close(m.newStreamChan)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_uni.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_uni.go
new file mode 100644
index 00000000..5bddec00
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_incoming_uni.go
@@ -0,0 +1,192 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+// When a stream is deleted before it was accepted, we can't delete it from the map immediately.
+// We need to wait until the application accepts it, and delete it then.
+type receiveStreamIEntry struct {
+ stream receiveStreamI
+ shouldDelete bool
+}
+
+type incomingUniStreamsMap struct {
+ mutex sync.RWMutex
+ newStreamChan chan struct{}
+
+ streams map[protocol.StreamNum]receiveStreamIEntry
+
+ nextStreamToAccept protocol.StreamNum // the next stream that will be returned by AcceptStream()
+ nextStreamToOpen protocol.StreamNum // the highest stream that the peer opened
+ maxStream protocol.StreamNum // the highest stream that the peer is allowed to open
+ maxNumStreams uint64 // maximum number of streams
+
+ newStream func(protocol.StreamNum) receiveStreamI
+ queueMaxStreamID func(*wire.MaxStreamsFrame)
+
+ closeErr error
+}
+
+func newIncomingUniStreamsMap(
+ newStream func(protocol.StreamNum) receiveStreamI,
+ maxStreams uint64,
+ queueControlFrame func(wire.Frame),
+) *incomingUniStreamsMap {
+ return &incomingUniStreamsMap{
+ newStreamChan: make(chan struct{}, 1),
+ streams: make(map[protocol.StreamNum]receiveStreamIEntry),
+ maxStream: protocol.StreamNum(maxStreams),
+ maxNumStreams: maxStreams,
+ newStream: newStream,
+ nextStreamToOpen: 1,
+ nextStreamToAccept: 1,
+ queueMaxStreamID: func(f *wire.MaxStreamsFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *incomingUniStreamsMap) AcceptStream(ctx context.Context) (receiveStreamI, error) {
+ // drain the newStreamChan, so we don't check the map twice if the stream doesn't exist
+ select {
+ case <-m.newStreamChan:
+ default:
+ }
+
+ m.mutex.Lock()
+
+ var num protocol.StreamNum
+ var entry receiveStreamIEntry
+ for {
+ num = m.nextStreamToAccept
+ if m.closeErr != nil {
+ m.mutex.Unlock()
+ return nil, m.closeErr
+ }
+ var ok bool
+ entry, ok = m.streams[num]
+ if ok {
+ break
+ }
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ return nil, ctx.Err()
+ case <-m.newStreamChan:
+ }
+ m.mutex.Lock()
+ }
+ m.nextStreamToAccept++
+ // If this stream was completed before being accepted, we can delete it now.
+ if entry.shouldDelete {
+ if err := m.deleteStream(num); err != nil {
+ m.mutex.Unlock()
+ return nil, err
+ }
+ }
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingUniStreamsMap) GetOrOpenStream(num protocol.StreamNum) (receiveStreamI, error) {
+ m.mutex.RLock()
+ if num > m.maxStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer tried to open stream %d (current limit: %d)",
+ nums: []protocol.StreamNum{num, m.maxStream},
+ }
+ }
+ // if the num is smaller than the highest we accepted
+ // * this stream exists in the map, and we can return it, or
+ // * this stream was already closed, then we can return the nil
+ if num < m.nextStreamToOpen {
+ var s receiveStreamI
+ // If the stream was already queued for deletion, and is just waiting to be accepted, don't return it.
+ if entry, ok := m.streams[num]; ok && !entry.shouldDelete {
+ s = entry.stream
+ }
+ m.mutex.RUnlock()
+ return s, nil
+ }
+ m.mutex.RUnlock()
+
+ m.mutex.Lock()
+ // no need to check the two error conditions from above again
+ // * maxStream can only increase, so if the id was valid before, it definitely is valid now
+ // * highestStream is only modified by this function
+ for newNum := m.nextStreamToOpen; newNum <= num; newNum++ {
+ m.streams[newNum] = receiveStreamIEntry{stream: m.newStream(newNum)}
+ select {
+ case m.newStreamChan <- struct{}{}:
+ default:
+ }
+ }
+ m.nextStreamToOpen = num + 1
+ entry := m.streams[num]
+ m.mutex.Unlock()
+ return entry.stream, nil
+}
+
+func (m *incomingUniStreamsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ return m.deleteStream(num)
+}
+
+func (m *incomingUniStreamsMap) deleteStream(num protocol.StreamNum) error {
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown incoming stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+
+ // Don't delete this stream yet, if it was not yet accepted.
+ // Just save it to streamsToDelete map, to make sure it is deleted as soon as it gets accepted.
+ if num >= m.nextStreamToAccept {
+ entry, ok := m.streams[num]
+ if ok && entry.shouldDelete {
+ return streamError{
+ message: "tried to delete incoming stream %d multiple times",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ entry.shouldDelete = true
+ m.streams[num] = entry // can't assign to struct in map, so we need to reassign
+ return nil
+ }
+
+ delete(m.streams, num)
+ // queue a MAX_STREAM_ID frame, giving the peer the option to open a new stream
+ if m.maxNumStreams > uint64(len(m.streams)) {
+ maxStream := m.nextStreamToOpen + protocol.StreamNum(m.maxNumStreams-uint64(len(m.streams))) - 1
+ // Never send a value larger than protocol.MaxStreamCount.
+ if maxStream <= protocol.MaxStreamCount {
+ m.maxStream = maxStream
+ m.queueMaxStreamID(&wire.MaxStreamsFrame{
+ Type: protocol.StreamTypeUni,
+ MaxStreamNum: m.maxStream,
+ })
+ }
+ }
+ return nil
+}
+
+func (m *incomingUniStreamsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, entry := range m.streams {
+ entry.stream.closeForShutdown(err)
+ }
+ m.mutex.Unlock()
+ close(m.newStreamChan)
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go
new file mode 100644
index 00000000..3f7ec166
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_bidi.go
@@ -0,0 +1,226 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type outgoingBidiStreamsMap struct {
+ mutex sync.RWMutex
+
+ streams map[protocol.StreamNum]streamI
+
+ openQueue map[uint64]chan struct{}
+ lowestInQueue uint64
+ highestInQueue uint64
+
+ nextStream protocol.StreamNum // stream ID of the stream returned by OpenStream(Sync)
+ maxStream protocol.StreamNum // the maximum stream ID we're allowed to open
+ blockedSent bool // was a STREAMS_BLOCKED sent for the current maxStream
+
+ newStream func(protocol.StreamNum) streamI
+ queueStreamIDBlocked func(*wire.StreamsBlockedFrame)
+
+ closeErr error
+}
+
+func newOutgoingBidiStreamsMap(
+ newStream func(protocol.StreamNum) streamI,
+ queueControlFrame func(wire.Frame),
+) *outgoingBidiStreamsMap {
+ return &outgoingBidiStreamsMap{
+ streams: make(map[protocol.StreamNum]streamI),
+ openQueue: make(map[uint64]chan struct{}),
+ maxStream: protocol.InvalidStreamNum,
+ nextStream: 1,
+ newStream: newStream,
+ queueStreamIDBlocked: func(f *wire.StreamsBlockedFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *outgoingBidiStreamsMap) OpenStream() (streamI, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ // if there are OpenStreamSync calls waiting, return an error here
+ if len(m.openQueue) > 0 || m.nextStream > m.maxStream {
+ m.maybeSendBlockedFrame()
+ return nil, streamOpenErr{errTooManyOpenStreams}
+ }
+ return m.openStream(), nil
+}
+
+func (m *outgoingBidiStreamsMap) OpenStreamSync(ctx context.Context) (streamI, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ if err := ctx.Err(); err != nil {
+ return nil, err
+ }
+
+ if len(m.openQueue) == 0 && m.nextStream <= m.maxStream {
+ return m.openStream(), nil
+ }
+
+ waitChan := make(chan struct{}, 1)
+ queuePos := m.highestInQueue
+ m.highestInQueue++
+ if len(m.openQueue) == 0 {
+ m.lowestInQueue = queuePos
+ }
+ m.openQueue[queuePos] = waitChan
+ m.maybeSendBlockedFrame()
+
+ for {
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ m.mutex.Lock()
+ delete(m.openQueue, queuePos)
+ return nil, ctx.Err()
+ case <-waitChan:
+ }
+ m.mutex.Lock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+ if m.nextStream > m.maxStream {
+ // no stream available. Continue waiting
+ continue
+ }
+ str := m.openStream()
+ delete(m.openQueue, queuePos)
+ m.lowestInQueue = queuePos + 1
+ m.unblockOpenSync()
+ return str, nil
+ }
+}
+
+func (m *outgoingBidiStreamsMap) openStream() streamI {
+ s := m.newStream(m.nextStream)
+ m.streams[m.nextStream] = s
+ m.nextStream++
+ return s
+}
+
+// maybeSendBlockedFrame queues a STREAMS_BLOCKED frame for the current stream offset,
+// if we haven't sent one for this offset yet
+func (m *outgoingBidiStreamsMap) maybeSendBlockedFrame() {
+ if m.blockedSent {
+ return
+ }
+
+ var streamNum protocol.StreamNum
+ if m.maxStream != protocol.InvalidStreamNum {
+ streamNum = m.maxStream
+ }
+ m.queueStreamIDBlocked(&wire.StreamsBlockedFrame{
+ Type: protocol.StreamTypeBidi,
+ StreamLimit: streamNum,
+ })
+ m.blockedSent = true
+}
+
+func (m *outgoingBidiStreamsMap) GetStream(num protocol.StreamNum) (streamI, error) {
+ m.mutex.RLock()
+ if num >= m.nextStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer attempted to open stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ s := m.streams[num]
+ m.mutex.RUnlock()
+ return s, nil
+}
+
+func (m *outgoingBidiStreamsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown outgoing stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ delete(m.streams, num)
+ return nil
+}
+
+func (m *outgoingBidiStreamsMap) SetMaxStream(num protocol.StreamNum) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if num <= m.maxStream {
+ return
+ }
+ m.maxStream = num
+ m.blockedSent = false
+ if m.maxStream < m.nextStream-1+protocol.StreamNum(len(m.openQueue)) {
+ m.maybeSendBlockedFrame()
+ }
+ m.unblockOpenSync()
+}
+
+// UpdateSendWindow is called when the peer's transport parameters are received.
+// Only in the case of a 0-RTT handshake will we have open streams at this point.
+// We might need to update the send window, in case the server increased it.
+func (m *outgoingBidiStreamsMap) UpdateSendWindow(limit protocol.ByteCount) {
+ m.mutex.Lock()
+ for _, str := range m.streams {
+ str.updateSendWindow(limit)
+ }
+ m.mutex.Unlock()
+}
+
+// unblockOpenSync unblocks the next OpenStreamSync go-routine to open a new stream
+func (m *outgoingBidiStreamsMap) unblockOpenSync() {
+ if len(m.openQueue) == 0 {
+ return
+ }
+ for qp := m.lowestInQueue; qp <= m.highestInQueue; qp++ {
+ c, ok := m.openQueue[qp]
+ if !ok { // entry was deleted because the context was canceled
+ continue
+ }
+ // unblockOpenSync is called both from OpenStreamSync and from SetMaxStream.
+ // It's sufficient to only unblock OpenStreamSync once.
+ select {
+ case c <- struct{}{}:
+ default:
+ }
+ return
+ }
+}
+
+func (m *outgoingBidiStreamsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, str := range m.streams {
+ str.closeForShutdown(err)
+ }
+ for _, c := range m.openQueue {
+ if c != nil {
+ close(c)
+ }
+ }
+ m.mutex.Unlock()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go
new file mode 100644
index 00000000..dde75043
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_generic.go
@@ -0,0 +1,224 @@
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+//go:generate genny -in $GOFILE -out streams_map_outgoing_bidi.go gen "item=streamI Item=BidiStream streamTypeGeneric=protocol.StreamTypeBidi"
+//go:generate genny -in $GOFILE -out streams_map_outgoing_uni.go gen "item=sendStreamI Item=UniStream streamTypeGeneric=protocol.StreamTypeUni"
+type outgoingItemsMap struct {
+ mutex sync.RWMutex
+
+ streams map[protocol.StreamNum]item
+
+ openQueue map[uint64]chan struct{}
+ lowestInQueue uint64
+ highestInQueue uint64
+
+ nextStream protocol.StreamNum // stream ID of the stream returned by OpenStream(Sync)
+ maxStream protocol.StreamNum // the maximum stream ID we're allowed to open
+ blockedSent bool // was a STREAMS_BLOCKED sent for the current maxStream
+
+ newStream func(protocol.StreamNum) item
+ queueStreamIDBlocked func(*wire.StreamsBlockedFrame)
+
+ closeErr error
+}
+
+func newOutgoingItemsMap(
+ newStream func(protocol.StreamNum) item,
+ queueControlFrame func(wire.Frame),
+) *outgoingItemsMap {
+ return &outgoingItemsMap{
+ streams: make(map[protocol.StreamNum]item),
+ openQueue: make(map[uint64]chan struct{}),
+ maxStream: protocol.InvalidStreamNum,
+ nextStream: 1,
+ newStream: newStream,
+ queueStreamIDBlocked: func(f *wire.StreamsBlockedFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *outgoingItemsMap) OpenStream() (item, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ // if there are OpenStreamSync calls waiting, return an error here
+ if len(m.openQueue) > 0 || m.nextStream > m.maxStream {
+ m.maybeSendBlockedFrame()
+ return nil, streamOpenErr{errTooManyOpenStreams}
+ }
+ return m.openStream(), nil
+}
+
+func (m *outgoingItemsMap) OpenStreamSync(ctx context.Context) (item, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ if err := ctx.Err(); err != nil {
+ return nil, err
+ }
+
+ if len(m.openQueue) == 0 && m.nextStream <= m.maxStream {
+ return m.openStream(), nil
+ }
+
+ waitChan := make(chan struct{}, 1)
+ queuePos := m.highestInQueue
+ m.highestInQueue++
+ if len(m.openQueue) == 0 {
+ m.lowestInQueue = queuePos
+ }
+ m.openQueue[queuePos] = waitChan
+ m.maybeSendBlockedFrame()
+
+ for {
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ m.mutex.Lock()
+ delete(m.openQueue, queuePos)
+ return nil, ctx.Err()
+ case <-waitChan:
+ }
+ m.mutex.Lock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+ if m.nextStream > m.maxStream {
+ // no stream available. Continue waiting
+ continue
+ }
+ str := m.openStream()
+ delete(m.openQueue, queuePos)
+ m.lowestInQueue = queuePos + 1
+ m.unblockOpenSync()
+ return str, nil
+ }
+}
+
+func (m *outgoingItemsMap) openStream() item {
+ s := m.newStream(m.nextStream)
+ m.streams[m.nextStream] = s
+ m.nextStream++
+ return s
+}
+
+// maybeSendBlockedFrame queues a STREAMS_BLOCKED frame for the current stream offset,
+// if we haven't sent one for this offset yet
+func (m *outgoingItemsMap) maybeSendBlockedFrame() {
+ if m.blockedSent {
+ return
+ }
+
+ var streamNum protocol.StreamNum
+ if m.maxStream != protocol.InvalidStreamNum {
+ streamNum = m.maxStream
+ }
+ m.queueStreamIDBlocked(&wire.StreamsBlockedFrame{
+ Type: streamTypeGeneric,
+ StreamLimit: streamNum,
+ })
+ m.blockedSent = true
+}
+
+func (m *outgoingItemsMap) GetStream(num protocol.StreamNum) (item, error) {
+ m.mutex.RLock()
+ if num >= m.nextStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer attempted to open stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ s := m.streams[num]
+ m.mutex.RUnlock()
+ return s, nil
+}
+
+func (m *outgoingItemsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown outgoing stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ delete(m.streams, num)
+ return nil
+}
+
+func (m *outgoingItemsMap) SetMaxStream(num protocol.StreamNum) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if num <= m.maxStream {
+ return
+ }
+ m.maxStream = num
+ m.blockedSent = false
+ if m.maxStream < m.nextStream-1+protocol.StreamNum(len(m.openQueue)) {
+ m.maybeSendBlockedFrame()
+ }
+ m.unblockOpenSync()
+}
+
+// UpdateSendWindow is called when the peer's transport parameters are received.
+// Only in the case of a 0-RTT handshake will we have open streams at this point.
+// We might need to update the send window, in case the server increased it.
+func (m *outgoingItemsMap) UpdateSendWindow(limit protocol.ByteCount) {
+ m.mutex.Lock()
+ for _, str := range m.streams {
+ str.updateSendWindow(limit)
+ }
+ m.mutex.Unlock()
+}
+
+// unblockOpenSync unblocks the next OpenStreamSync go-routine to open a new stream
+func (m *outgoingItemsMap) unblockOpenSync() {
+ if len(m.openQueue) == 0 {
+ return
+ }
+ for qp := m.lowestInQueue; qp <= m.highestInQueue; qp++ {
+ c, ok := m.openQueue[qp]
+ if !ok { // entry was deleted because the context was canceled
+ continue
+ }
+ // unblockOpenSync is called both from OpenStreamSync and from SetMaxStream.
+ // It's sufficient to only unblock OpenStreamSync once.
+ select {
+ case c <- struct{}{}:
+ default:
+ }
+ return
+ }
+}
+
+func (m *outgoingItemsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, str := range m.streams {
+ str.closeForShutdown(err)
+ }
+ for _, c := range m.openQueue {
+ if c != nil {
+ close(c)
+ }
+ }
+ m.mutex.Unlock()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go
new file mode 100644
index 00000000..8782364a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/streams_map_outgoing_uni.go
@@ -0,0 +1,226 @@
+// This file was automatically generated by genny.
+// Any changes will be lost if this file is regenerated.
+// see https://github.com/cheekybits/genny
+
+package quic
+
+import (
+ "context"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type outgoingUniStreamsMap struct {
+ mutex sync.RWMutex
+
+ streams map[protocol.StreamNum]sendStreamI
+
+ openQueue map[uint64]chan struct{}
+ lowestInQueue uint64
+ highestInQueue uint64
+
+ nextStream protocol.StreamNum // stream ID of the stream returned by OpenStream(Sync)
+ maxStream protocol.StreamNum // the maximum stream ID we're allowed to open
+ blockedSent bool // was a STREAMS_BLOCKED sent for the current maxStream
+
+ newStream func(protocol.StreamNum) sendStreamI
+ queueStreamIDBlocked func(*wire.StreamsBlockedFrame)
+
+ closeErr error
+}
+
+func newOutgoingUniStreamsMap(
+ newStream func(protocol.StreamNum) sendStreamI,
+ queueControlFrame func(wire.Frame),
+) *outgoingUniStreamsMap {
+ return &outgoingUniStreamsMap{
+ streams: make(map[protocol.StreamNum]sendStreamI),
+ openQueue: make(map[uint64]chan struct{}),
+ maxStream: protocol.InvalidStreamNum,
+ nextStream: 1,
+ newStream: newStream,
+ queueStreamIDBlocked: func(f *wire.StreamsBlockedFrame) { queueControlFrame(f) },
+ }
+}
+
+func (m *outgoingUniStreamsMap) OpenStream() (sendStreamI, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ // if there are OpenStreamSync calls waiting, return an error here
+ if len(m.openQueue) > 0 || m.nextStream > m.maxStream {
+ m.maybeSendBlockedFrame()
+ return nil, streamOpenErr{errTooManyOpenStreams}
+ }
+ return m.openStream(), nil
+}
+
+func (m *outgoingUniStreamsMap) OpenStreamSync(ctx context.Context) (sendStreamI, error) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+
+ if err := ctx.Err(); err != nil {
+ return nil, err
+ }
+
+ if len(m.openQueue) == 0 && m.nextStream <= m.maxStream {
+ return m.openStream(), nil
+ }
+
+ waitChan := make(chan struct{}, 1)
+ queuePos := m.highestInQueue
+ m.highestInQueue++
+ if len(m.openQueue) == 0 {
+ m.lowestInQueue = queuePos
+ }
+ m.openQueue[queuePos] = waitChan
+ m.maybeSendBlockedFrame()
+
+ for {
+ m.mutex.Unlock()
+ select {
+ case <-ctx.Done():
+ m.mutex.Lock()
+ delete(m.openQueue, queuePos)
+ return nil, ctx.Err()
+ case <-waitChan:
+ }
+ m.mutex.Lock()
+
+ if m.closeErr != nil {
+ return nil, m.closeErr
+ }
+ if m.nextStream > m.maxStream {
+ // no stream available. Continue waiting
+ continue
+ }
+ str := m.openStream()
+ delete(m.openQueue, queuePos)
+ m.lowestInQueue = queuePos + 1
+ m.unblockOpenSync()
+ return str, nil
+ }
+}
+
+func (m *outgoingUniStreamsMap) openStream() sendStreamI {
+ s := m.newStream(m.nextStream)
+ m.streams[m.nextStream] = s
+ m.nextStream++
+ return s
+}
+
+// maybeSendBlockedFrame queues a STREAMS_BLOCKED frame for the current stream offset,
+// if we haven't sent one for this offset yet
+func (m *outgoingUniStreamsMap) maybeSendBlockedFrame() {
+ if m.blockedSent {
+ return
+ }
+
+ var streamNum protocol.StreamNum
+ if m.maxStream != protocol.InvalidStreamNum {
+ streamNum = m.maxStream
+ }
+ m.queueStreamIDBlocked(&wire.StreamsBlockedFrame{
+ Type: protocol.StreamTypeUni,
+ StreamLimit: streamNum,
+ })
+ m.blockedSent = true
+}
+
+func (m *outgoingUniStreamsMap) GetStream(num protocol.StreamNum) (sendStreamI, error) {
+ m.mutex.RLock()
+ if num >= m.nextStream {
+ m.mutex.RUnlock()
+ return nil, streamError{
+ message: "peer attempted to open stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ s := m.streams[num]
+ m.mutex.RUnlock()
+ return s, nil
+}
+
+func (m *outgoingUniStreamsMap) DeleteStream(num protocol.StreamNum) error {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if _, ok := m.streams[num]; !ok {
+ return streamError{
+ message: "tried to delete unknown outgoing stream %d",
+ nums: []protocol.StreamNum{num},
+ }
+ }
+ delete(m.streams, num)
+ return nil
+}
+
+func (m *outgoingUniStreamsMap) SetMaxStream(num protocol.StreamNum) {
+ m.mutex.Lock()
+ defer m.mutex.Unlock()
+
+ if num <= m.maxStream {
+ return
+ }
+ m.maxStream = num
+ m.blockedSent = false
+ if m.maxStream < m.nextStream-1+protocol.StreamNum(len(m.openQueue)) {
+ m.maybeSendBlockedFrame()
+ }
+ m.unblockOpenSync()
+}
+
+// UpdateSendWindow is called when the peer's transport parameters are received.
+// Only in the case of a 0-RTT handshake will we have open streams at this point.
+// We might need to update the send window, in case the server increased it.
+func (m *outgoingUniStreamsMap) UpdateSendWindow(limit protocol.ByteCount) {
+ m.mutex.Lock()
+ for _, str := range m.streams {
+ str.updateSendWindow(limit)
+ }
+ m.mutex.Unlock()
+}
+
+// unblockOpenSync unblocks the next OpenStreamSync go-routine to open a new stream
+func (m *outgoingUniStreamsMap) unblockOpenSync() {
+ if len(m.openQueue) == 0 {
+ return
+ }
+ for qp := m.lowestInQueue; qp <= m.highestInQueue; qp++ {
+ c, ok := m.openQueue[qp]
+ if !ok { // entry was deleted because the context was canceled
+ continue
+ }
+ // unblockOpenSync is called both from OpenStreamSync and from SetMaxStream.
+ // It's sufficient to only unblock OpenStreamSync once.
+ select {
+ case c <- struct{}{}:
+ default:
+ }
+ return
+ }
+}
+
+func (m *outgoingUniStreamsMap) CloseWithError(err error) {
+ m.mutex.Lock()
+ m.closeErr = err
+ for _, str := range m.streams {
+ str.closeForShutdown(err)
+ }
+ for _, c := range m.openQueue {
+ if c != nil {
+ close(c)
+ }
+ }
+ m.mutex.Unlock()
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/token_store.go b/vendor/github.com/lucas-clemente/quic-go/token_store.go
new file mode 100644
index 00000000..9641dc5a
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/token_store.go
@@ -0,0 +1,117 @@
+package quic
+
+import (
+ "container/list"
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/utils"
+)
+
+type singleOriginTokenStore struct {
+ tokens []*ClientToken
+ len int
+ p int
+}
+
+func newSingleOriginTokenStore(size int) *singleOriginTokenStore {
+ return &singleOriginTokenStore{tokens: make([]*ClientToken, size)}
+}
+
+func (s *singleOriginTokenStore) Add(token *ClientToken) {
+ s.tokens[s.p] = token
+ s.p = s.index(s.p + 1)
+ s.len = utils.Min(s.len+1, len(s.tokens))
+}
+
+func (s *singleOriginTokenStore) Pop() *ClientToken {
+ s.p = s.index(s.p - 1)
+ token := s.tokens[s.p]
+ s.tokens[s.p] = nil
+ s.len = utils.Max(s.len-1, 0)
+ return token
+}
+
+func (s *singleOriginTokenStore) Len() int {
+ return s.len
+}
+
+func (s *singleOriginTokenStore) index(i int) int {
+ mod := len(s.tokens)
+ return (i + mod) % mod
+}
+
+type lruTokenStoreEntry struct {
+ key string
+ cache *singleOriginTokenStore
+}
+
+type lruTokenStore struct {
+ mutex sync.Mutex
+
+ m map[string]*list.Element
+ q *list.List
+ capacity int
+ singleOriginSize int
+}
+
+var _ TokenStore = &lruTokenStore{}
+
+// NewLRUTokenStore creates a new LRU cache for tokens received by the client.
+// maxOrigins specifies how many origins this cache is saving tokens for.
+// tokensPerOrigin specifies the maximum number of tokens per origin.
+func NewLRUTokenStore(maxOrigins, tokensPerOrigin int) TokenStore {
+ return &lruTokenStore{
+ m: make(map[string]*list.Element),
+ q: list.New(),
+ capacity: maxOrigins,
+ singleOriginSize: tokensPerOrigin,
+ }
+}
+
+func (s *lruTokenStore) Put(key string, token *ClientToken) {
+ s.mutex.Lock()
+ defer s.mutex.Unlock()
+
+ if el, ok := s.m[key]; ok {
+ entry := el.Value.(*lruTokenStoreEntry)
+ entry.cache.Add(token)
+ s.q.MoveToFront(el)
+ return
+ }
+
+ if s.q.Len() < s.capacity {
+ entry := &lruTokenStoreEntry{
+ key: key,
+ cache: newSingleOriginTokenStore(s.singleOriginSize),
+ }
+ entry.cache.Add(token)
+ s.m[key] = s.q.PushFront(entry)
+ return
+ }
+
+ elem := s.q.Back()
+ entry := elem.Value.(*lruTokenStoreEntry)
+ delete(s.m, entry.key)
+ entry.key = key
+ entry.cache = newSingleOriginTokenStore(s.singleOriginSize)
+ entry.cache.Add(token)
+ s.q.MoveToFront(elem)
+ s.m[key] = elem
+}
+
+func (s *lruTokenStore) Pop(key string) *ClientToken {
+ s.mutex.Lock()
+ defer s.mutex.Unlock()
+
+ var token *ClientToken
+ if el, ok := s.m[key]; ok {
+ s.q.MoveToFront(el)
+ cache := el.Value.(*lruTokenStoreEntry).cache
+ token = cache.Pop()
+ if cache.Len() == 0 {
+ s.q.Remove(el)
+ delete(s.m, key)
+ }
+ }
+ return token
+}
diff --git a/vendor/github.com/lucas-clemente/quic-go/window_update_queue.go b/vendor/github.com/lucas-clemente/quic-go/window_update_queue.go
new file mode 100644
index 00000000..2abcf673
--- /dev/null
+++ b/vendor/github.com/lucas-clemente/quic-go/window_update_queue.go
@@ -0,0 +1,71 @@
+package quic
+
+import (
+ "sync"
+
+ "github.com/lucas-clemente/quic-go/internal/flowcontrol"
+ "github.com/lucas-clemente/quic-go/internal/protocol"
+ "github.com/lucas-clemente/quic-go/internal/wire"
+)
+
+type windowUpdateQueue struct {
+ mutex sync.Mutex
+
+ queue map[protocol.StreamID]struct{} // used as a set
+ queuedConn bool // connection-level window update
+
+ streamGetter streamGetter
+ connFlowController flowcontrol.ConnectionFlowController
+ callback func(wire.Frame)
+}
+
+func newWindowUpdateQueue(
+ streamGetter streamGetter,
+ connFC flowcontrol.ConnectionFlowController,
+ cb func(wire.Frame),
+) *windowUpdateQueue {
+ return &windowUpdateQueue{
+ queue: make(map[protocol.StreamID]struct{}),
+ streamGetter: streamGetter,
+ connFlowController: connFC,
+ callback: cb,
+ }
+}
+
+func (q *windowUpdateQueue) AddStream(id protocol.StreamID) {
+ q.mutex.Lock()
+ q.queue[id] = struct{}{}
+ q.mutex.Unlock()
+}
+
+func (q *windowUpdateQueue) AddConnection() {
+ q.mutex.Lock()
+ q.queuedConn = true
+ q.mutex.Unlock()
+}
+
+func (q *windowUpdateQueue) QueueAll() {
+ q.mutex.Lock()
+ // queue a connection-level window update
+ if q.queuedConn {
+ q.callback(&wire.MaxDataFrame{MaximumData: q.connFlowController.GetWindowUpdate()})
+ q.queuedConn = false
+ }
+ // queue all stream-level window updates
+ for id := range q.queue {
+ delete(q.queue, id)
+ str, err := q.streamGetter.GetOrOpenReceiveStream(id)
+ if err != nil || str == nil { // the stream can be nil if it was completed before dequeing the window update
+ continue
+ }
+ offset := str.getWindowUpdate()
+ if offset == 0 { // can happen if we received a final offset, right after queueing the window update
+ continue
+ }
+ q.callback(&wire.MaxStreamDataFrame{
+ StreamID: id,
+ MaximumStreamData: offset,
+ })
+ }
+ q.mutex.Unlock()
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/LICENSE b/vendor/github.com/marten-seemann/qtls-go1-15/LICENSE
new file mode 100644
index 00000000..6a66aea5
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+ * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+ * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/README.md b/vendor/github.com/marten-seemann/qtls-go1-15/README.md
new file mode 100644
index 00000000..0d318abe
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/README.md
@@ -0,0 +1,6 @@
+# qtls
+
+[](https://godoc.org/github.com/marten-seemann/qtls)
+[](https://circleci.com/gh/marten-seemann/qtls)
+
+This repository contains a modified version of the standard library's TLS implementation, modified for the QUIC protocol. It is used by [quic-go](https://github.com/lucas-clemente/quic-go).
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/alert.go b/vendor/github.com/marten-seemann/qtls-go1-15/alert.go
new file mode 100644
index 00000000..3feac79b
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/alert.go
@@ -0,0 +1,102 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import "strconv"
+
+type alert uint8
+
+// Alert is a TLS alert
+type Alert = alert
+
+const (
+ // alert level
+ alertLevelWarning = 1
+ alertLevelError = 2
+)
+
+const (
+ alertCloseNotify alert = 0
+ alertUnexpectedMessage alert = 10
+ alertBadRecordMAC alert = 20
+ alertDecryptionFailed alert = 21
+ alertRecordOverflow alert = 22
+ alertDecompressionFailure alert = 30
+ alertHandshakeFailure alert = 40
+ alertBadCertificate alert = 42
+ alertUnsupportedCertificate alert = 43
+ alertCertificateRevoked alert = 44
+ alertCertificateExpired alert = 45
+ alertCertificateUnknown alert = 46
+ alertIllegalParameter alert = 47
+ alertUnknownCA alert = 48
+ alertAccessDenied alert = 49
+ alertDecodeError alert = 50
+ alertDecryptError alert = 51
+ alertExportRestriction alert = 60
+ alertProtocolVersion alert = 70
+ alertInsufficientSecurity alert = 71
+ alertInternalError alert = 80
+ alertInappropriateFallback alert = 86
+ alertUserCanceled alert = 90
+ alertNoRenegotiation alert = 100
+ alertMissingExtension alert = 109
+ alertUnsupportedExtension alert = 110
+ alertCertificateUnobtainable alert = 111
+ alertUnrecognizedName alert = 112
+ alertBadCertificateStatusResponse alert = 113
+ alertBadCertificateHashValue alert = 114
+ alertUnknownPSKIdentity alert = 115
+ alertCertificateRequired alert = 116
+ alertNoApplicationProtocol alert = 120
+)
+
+var alertText = map[alert]string{
+ alertCloseNotify: "close notify",
+ alertUnexpectedMessage: "unexpected message",
+ alertBadRecordMAC: "bad record MAC",
+ alertDecryptionFailed: "decryption failed",
+ alertRecordOverflow: "record overflow",
+ alertDecompressionFailure: "decompression failure",
+ alertHandshakeFailure: "handshake failure",
+ alertBadCertificate: "bad certificate",
+ alertUnsupportedCertificate: "unsupported certificate",
+ alertCertificateRevoked: "revoked certificate",
+ alertCertificateExpired: "expired certificate",
+ alertCertificateUnknown: "unknown certificate",
+ alertIllegalParameter: "illegal parameter",
+ alertUnknownCA: "unknown certificate authority",
+ alertAccessDenied: "access denied",
+ alertDecodeError: "error decoding message",
+ alertDecryptError: "error decrypting message",
+ alertExportRestriction: "export restriction",
+ alertProtocolVersion: "protocol version not supported",
+ alertInsufficientSecurity: "insufficient security level",
+ alertInternalError: "internal error",
+ alertInappropriateFallback: "inappropriate fallback",
+ alertUserCanceled: "user canceled",
+ alertNoRenegotiation: "no renegotiation",
+ alertMissingExtension: "missing extension",
+ alertUnsupportedExtension: "unsupported extension",
+ alertCertificateUnobtainable: "certificate unobtainable",
+ alertUnrecognizedName: "unrecognized name",
+ alertBadCertificateStatusResponse: "bad certificate status response",
+ alertBadCertificateHashValue: "bad certificate hash value",
+ alertUnknownPSKIdentity: "unknown PSK identity",
+ alertCertificateRequired: "certificate required",
+ alertNoApplicationProtocol: "no application protocol",
+}
+
+func (e alert) String() string {
+ s, ok := alertText[e]
+ if ok {
+ return "tls: " + s
+ }
+ return "tls: alert(" + strconv.Itoa(int(e)) + ")"
+}
+
+func (e alert) Error() string {
+ return e.String()
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/auth.go b/vendor/github.com/marten-seemann/qtls-go1-15/auth.go
new file mode 100644
index 00000000..1ef675fd
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/auth.go
@@ -0,0 +1,289 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+)
+
+// verifyHandshakeSignature verifies a signature against pre-hashed
+// (if required) handshake contents.
+func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc crypto.Hash, signed, sig []byte) error {
+ switch sigType {
+ case signatureECDSA:
+ pubKey, ok := pubkey.(*ecdsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an ECDSA public key, got %T", pubkey)
+ }
+ if !ecdsa.VerifyASN1(pubKey, signed, sig) {
+ return errors.New("ECDSA verification failure")
+ }
+ case signatureEd25519:
+ pubKey, ok := pubkey.(ed25519.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an Ed25519 public key, got %T", pubkey)
+ }
+ if !ed25519.Verify(pubKey, signed, sig) {
+ return errors.New("Ed25519 verification failure")
+ }
+ case signaturePKCS1v15:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, signed, sig); err != nil {
+ return err
+ }
+ case signatureRSAPSS:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ signOpts := &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash}
+ if err := rsa.VerifyPSS(pubKey, hashFunc, signed, sig, signOpts); err != nil {
+ return err
+ }
+ default:
+ return errors.New("internal error: unknown signature type")
+ }
+ return nil
+}
+
+const (
+ serverSignatureContext = "TLS 1.3, server CertificateVerify\x00"
+ clientSignatureContext = "TLS 1.3, client CertificateVerify\x00"
+)
+
+var signaturePadding = []byte{
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+}
+
+// signedMessage returns the pre-hashed (if necessary) message to be signed by
+// certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3.
+func signedMessage(sigHash crypto.Hash, context string, transcript hash.Hash) []byte {
+ if sigHash == directSigning {
+ b := &bytes.Buffer{}
+ b.Write(signaturePadding)
+ io.WriteString(b, context)
+ b.Write(transcript.Sum(nil))
+ return b.Bytes()
+ }
+ h := sigHash.New()
+ h.Write(signaturePadding)
+ io.WriteString(h, context)
+ h.Write(transcript.Sum(nil))
+ return h.Sum(nil)
+}
+
+// typeAndHashFromSignatureScheme returns the corresponding signature type and
+// crypto.Hash for a given TLS SignatureScheme.
+func typeAndHashFromSignatureScheme(signatureAlgorithm SignatureScheme) (sigType uint8, hash crypto.Hash, err error) {
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512:
+ sigType = signaturePKCS1v15
+ case PSSWithSHA256, PSSWithSHA384, PSSWithSHA512:
+ sigType = signatureRSAPSS
+ case ECDSAWithSHA1, ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512:
+ sigType = signatureECDSA
+ case Ed25519:
+ sigType = signatureEd25519
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, ECDSAWithSHA1:
+ hash = crypto.SHA1
+ case PKCS1WithSHA256, PSSWithSHA256, ECDSAWithP256AndSHA256:
+ hash = crypto.SHA256
+ case PKCS1WithSHA384, PSSWithSHA384, ECDSAWithP384AndSHA384:
+ hash = crypto.SHA384
+ case PKCS1WithSHA512, PSSWithSHA512, ECDSAWithP521AndSHA512:
+ hash = crypto.SHA512
+ case Ed25519:
+ hash = directSigning
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ return sigType, hash, nil
+}
+
+// legacyTypeAndHashFromPublicKey returns the fixed signature type and crypto.Hash for
+// a given public key used with TLS 1.0 and 1.1, before the introduction of
+// signature algorithm negotiation.
+func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash crypto.Hash, err error) {
+ switch pub.(type) {
+ case *rsa.PublicKey:
+ return signaturePKCS1v15, crypto.MD5SHA1, nil
+ case *ecdsa.PublicKey:
+ return signatureECDSA, crypto.SHA1, nil
+ case ed25519.PublicKey:
+ // RFC 8422 specifies support for Ed25519 in TLS 1.0 and 1.1,
+ // but it requires holding on to a handshake transcript to do a
+ // full signature, and not even OpenSSL bothers with the
+ // complexity, so we can't even test it properly.
+ return 0, 0, fmt.Errorf("tls: Ed25519 public keys are not supported before TLS 1.2")
+ default:
+ return 0, 0, fmt.Errorf("tls: unsupported public key: %T", pub)
+ }
+}
+
+var rsaSignatureSchemes = []struct {
+ scheme SignatureScheme
+ minModulusBytes int
+ maxVersion uint16
+}{
+ // RSA-PSS is used with PSSSaltLengthEqualsHash, and requires
+ // emLen >= hLen + sLen + 2
+ {PSSWithSHA256, crypto.SHA256.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA384, crypto.SHA384.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA512, crypto.SHA512.Size()*2 + 2, VersionTLS13},
+ // PKCS #1 v1.5 uses prefixes from hashPrefixes in crypto/rsa, and requires
+ // emLen >= len(prefix) + hLen + 11
+ // TLS 1.3 dropped support for PKCS #1 v1.5 in favor of RSA-PSS.
+ {PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11, VersionTLS12},
+}
+
+// signatureSchemesForCertificate returns the list of supported SignatureSchemes
+// for a given certificate, based on the public key and the protocol version,
+// and optionally filtered by its explicit SupportedSignatureAlgorithms.
+//
+// This function must be kept in sync with supportedSignatureAlgorithms.
+func signatureSchemesForCertificate(version uint16, cert *Certificate) []SignatureScheme {
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil
+ }
+
+ var sigAlgs []SignatureScheme
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ if version != VersionTLS13 {
+ // In TLS 1.2 and earlier, ECDSA algorithms are not
+ // constrained to a single curve.
+ sigAlgs = []SignatureScheme{
+ ECDSAWithP256AndSHA256,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ ECDSAWithSHA1,
+ }
+ break
+ }
+ switch pub.Curve {
+ case elliptic.P256():
+ sigAlgs = []SignatureScheme{ECDSAWithP256AndSHA256}
+ case elliptic.P384():
+ sigAlgs = []SignatureScheme{ECDSAWithP384AndSHA384}
+ case elliptic.P521():
+ sigAlgs = []SignatureScheme{ECDSAWithP521AndSHA512}
+ default:
+ return nil
+ }
+ case *rsa.PublicKey:
+ size := pub.Size()
+ sigAlgs = make([]SignatureScheme, 0, len(rsaSignatureSchemes))
+ for _, candidate := range rsaSignatureSchemes {
+ if size >= candidate.minModulusBytes && version <= candidate.maxVersion {
+ sigAlgs = append(sigAlgs, candidate.scheme)
+ }
+ }
+ case ed25519.PublicKey:
+ sigAlgs = []SignatureScheme{Ed25519}
+ default:
+ return nil
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ var filteredSigAlgs []SignatureScheme
+ for _, sigAlg := range sigAlgs {
+ if isSupportedSignatureAlgorithm(sigAlg, cert.SupportedSignatureAlgorithms) {
+ filteredSigAlgs = append(filteredSigAlgs, sigAlg)
+ }
+ }
+ return filteredSigAlgs
+ }
+ return sigAlgs
+}
+
+// selectSignatureScheme picks a SignatureScheme from the peer's preference list
+// that works with the selected certificate. It's only called for protocol
+// versions that support signature algorithms, so TLS 1.2 and 1.3.
+func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureScheme) (SignatureScheme, error) {
+ supportedAlgs := signatureSchemesForCertificate(vers, c)
+ if len(supportedAlgs) == 0 {
+ return 0, unsupportedCertificateError(c)
+ }
+ if len(peerAlgs) == 0 && vers == VersionTLS12 {
+ // For TLS 1.2, if the client didn't send signature_algorithms then we
+ // can assume that it supports SHA1. See RFC 5246, Section 7.4.1.4.1.
+ peerAlgs = []SignatureScheme{PKCS1WithSHA1, ECDSAWithSHA1}
+ }
+ // Pick signature scheme in the peer's preference order, as our
+ // preference order is not configurable.
+ for _, preferredAlg := range peerAlgs {
+ if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) {
+ return preferredAlg, nil
+ }
+ }
+ return 0, errors.New("tls: peer doesn't support any of the certificate's signature algorithms")
+}
+
+// unsupportedCertificateError returns a helpful error for certificates with
+// an unsupported private key.
+func unsupportedCertificateError(cert *Certificate) error {
+ switch cert.PrivateKey.(type) {
+ case rsa.PrivateKey, ecdsa.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is %T, expected *%T",
+ cert.PrivateKey, cert.PrivateKey)
+ case *ed25519.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is *ed25519.PrivateKey, expected ed25519.PrivateKey")
+ }
+
+ signer, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return fmt.Errorf("tls: certificate private key (%T) does not implement crypto.Signer",
+ cert.PrivateKey)
+ }
+
+ switch pub := signer.Public().(type) {
+ case *ecdsa.PublicKey:
+ switch pub.Curve {
+ case elliptic.P256():
+ case elliptic.P384():
+ case elliptic.P521():
+ default:
+ return fmt.Errorf("tls: unsupported certificate curve (%s)", pub.Curve.Params().Name)
+ }
+ case *rsa.PublicKey:
+ return fmt.Errorf("tls: certificate RSA key size too small for supported signature algorithms")
+ case ed25519.PublicKey:
+ default:
+ return fmt.Errorf("tls: unsupported certificate key (%T)", pub)
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ return fmt.Errorf("tls: peer doesn't support the certificate custom signature algorithms")
+ }
+
+ return fmt.Errorf("tls: internal error: unsupported key (%T)", cert.PrivateKey)
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/cipher_suites.go b/vendor/github.com/marten-seemann/qtls-go1-15/cipher_suites.go
new file mode 100644
index 00000000..0d0ebb2d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/cipher_suites.go
@@ -0,0 +1,553 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/des"
+ "crypto/hmac"
+ "crypto/rc4"
+ "crypto/sha1"
+ "crypto/sha256"
+ "crypto/x509"
+ "fmt"
+ "hash"
+
+ "golang.org/x/crypto/chacha20poly1305"
+)
+
+// CipherSuite is a TLS cipher suite. Note that most functions in this package
+// accept and expose cipher suite IDs instead of this type.
+type CipherSuite struct {
+ ID uint16
+ Name string
+
+ // Supported versions is the list of TLS protocol versions that can
+ // negotiate this cipher suite.
+ SupportedVersions []uint16
+
+ // Insecure is true if the cipher suite has known security issues
+ // due to its primitives, design, or implementation.
+ Insecure bool
+}
+
+var (
+ supportedUpToTLS12 = []uint16{VersionTLS10, VersionTLS11, VersionTLS12}
+ supportedOnlyTLS12 = []uint16{VersionTLS12}
+ supportedOnlyTLS13 = []uint16{VersionTLS13}
+)
+
+// CipherSuites returns a list of cipher suites currently implemented by this
+// package, excluding those with security issues, which are returned by
+// InsecureCipherSuites.
+//
+// The list is sorted by ID. Note that the default cipher suites selected by
+// this package might depend on logic that can't be captured by a static list.
+func CipherSuites() []*CipherSuite {
+ return []*CipherSuite{
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+
+ {TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", supportedOnlyTLS13, false},
+ {TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", supportedOnlyTLS13, false},
+ {TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256", supportedOnlyTLS13, false},
+
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ }
+}
+
+// InsecureCipherSuites returns a list of cipher suites currently implemented by
+// this package and which have security issues.
+//
+// Most applications should not use the cipher suites in this list, and should
+// only use those returned by CipherSuites.
+func InsecureCipherSuites() []*CipherSuite {
+ // RC4 suites are broken because RC4 is.
+ // CBC-SHA256 suites have no Lucky13 countermeasures.
+ return []*CipherSuite{
+ {TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ }
+}
+
+// CipherSuiteName returns the standard name for the passed cipher suite ID
+// (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representation
+// of the ID value if the cipher suite is not implemented by this package.
+func CipherSuiteName(id uint16) string {
+ for _, c := range CipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ for _, c := range InsecureCipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ return fmt.Sprintf("0x%04X", id)
+}
+
+// a keyAgreement implements the client and server side of a TLS key agreement
+// protocol by generating and processing key exchange messages.
+type keyAgreement interface {
+ // On the server side, the first two methods are called in order.
+
+ // In the case that the key agreement protocol doesn't use a
+ // ServerKeyExchange message, generateServerKeyExchange can return nil,
+ // nil.
+ generateServerKeyExchange(*config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
+ processClientKeyExchange(*config, *Certificate, *clientKeyExchangeMsg, uint16) ([]byte, error)
+
+ // On the client side, the next two methods are called in order.
+
+ // This method may not be called if the server doesn't send a
+ // ServerKeyExchange message.
+ processServerKeyExchange(*config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error
+ generateClientKeyExchange(*config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
+}
+
+const (
+ // suiteECDHE indicates that the cipher suite involves elliptic curve
+ // Diffie-Hellman. This means that it should only be selected when the
+ // client indicates that it supports ECC with a curve and point format
+ // that we're happy with.
+ suiteECDHE = 1 << iota
+ // suiteECSign indicates that the cipher suite involves an ECDSA or
+ // EdDSA signature and therefore may only be selected when the server's
+ // certificate is ECDSA or EdDSA. If this is not set then the cipher suite
+ // is RSA based.
+ suiteECSign
+ // suiteTLS12 indicates that the cipher suite should only be advertised
+ // and accepted when using TLS 1.2.
+ suiteTLS12
+ // suiteSHA384 indicates that the cipher suite uses SHA384 as the
+ // handshake hash.
+ suiteSHA384
+ // suiteDefaultOff indicates that this cipher suite is not included by
+ // default.
+ suiteDefaultOff
+)
+
+// A cipherSuite is a specific combination of key agreement, cipher and MAC function.
+type cipherSuite struct {
+ id uint16
+ // the lengths, in bytes, of the key material needed for each component.
+ keyLen int
+ macLen int
+ ivLen int
+ ka func(version uint16) keyAgreement
+ // flags is a bitmask of the suite* values, above.
+ flags int
+ cipher func(key, iv []byte, isRead bool) interface{}
+ mac func(version uint16, macKey []byte) macFunction
+ aead func(key, fixedNonce []byte) aead
+}
+
+var cipherSuites = []*cipherSuite{
+ // Ciphersuite order is chosen so that ECDHE comes before plain RSA and
+ // AEADs are the top preference.
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, rsaKA, suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil},
+
+ // RC4-based cipher suites are disabled by default.
+ {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, suiteDefaultOff, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, suiteECDHE | suiteDefaultOff, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteDefaultOff, cipherRC4, macSHA1, nil},
+}
+
+// selectCipherSuite returns the first cipher suite from ids which is also in
+// supportedIDs and passes the ok filter.
+func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite {
+ for _, id := range ids {
+ candidate := cipherSuiteByID(id)
+ if candidate == nil || !ok(candidate) {
+ continue
+ }
+
+ for _, suppID := range supportedIDs {
+ if id == suppID {
+ return candidate
+ }
+ }
+ }
+ return nil
+}
+
+// A cipherSuiteTLS13 defines only the pair of the AEAD algorithm and hash
+// algorithm to be used with HKDF. See RFC 8446, Appendix B.4.
+type cipherSuiteTLS13 struct {
+ id uint16
+ keyLen int
+ aead func(key, fixedNonce []byte) aead
+ hash crypto.Hash
+}
+
+type CipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ Hash crypto.Hash
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+}
+
+func (c *CipherSuiteTLS13) IVLen() int {
+ return aeadNonceLength
+}
+
+var cipherSuitesTLS13 = []*cipherSuiteTLS13{
+ {TLS_AES_128_GCM_SHA256, 16, aeadAESGCMTLS13, crypto.SHA256},
+ {TLS_CHACHA20_POLY1305_SHA256, 32, aeadChaCha20Poly1305, crypto.SHA256},
+ {TLS_AES_256_GCM_SHA384, 32, aeadAESGCMTLS13, crypto.SHA384},
+}
+
+func cipherRC4(key, iv []byte, isRead bool) interface{} {
+ cipher, _ := rc4.NewCipher(key)
+ return cipher
+}
+
+func cipher3DES(key, iv []byte, isRead bool) interface{} {
+ block, _ := des.NewTripleDESCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+func cipherAES(key, iv []byte, isRead bool) interface{} {
+ block, _ := aes.NewCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+// macSHA1 returns a macFunction for the given protocol version.
+func macSHA1(version uint16, key []byte) macFunction {
+ return tls10MAC{h: hmac.New(newConstantTimeHash(sha1.New), key)}
+}
+
+// macSHA256 returns a SHA-256 based MAC. These are only supported in TLS 1.2
+// so the given version is ignored.
+func macSHA256(version uint16, key []byte) macFunction {
+ return tls10MAC{h: hmac.New(sha256.New, key)}
+}
+
+type macFunction interface {
+ // Size returns the length of the MAC.
+ Size() int
+ // MAC appends the MAC of (seq, header, data) to out. The extra data is fed
+ // into the MAC after obtaining the result to normalize timing. The result
+ // is only valid until the next invocation of MAC as the buffer is reused.
+ MAC(seq, header, data, extra []byte) []byte
+}
+
+type aead interface {
+ cipher.AEAD
+
+ // explicitNonceLen returns the number of bytes of explicit nonce
+ // included in each record. This is eight for older AEADs and
+ // zero for modern ones.
+ explicitNonceLen() int
+}
+
+const (
+ aeadNonceLength = 12
+ noncePrefixLength = 4
+)
+
+// prefixNonceAEAD wraps an AEAD and prefixes a fixed portion of the nonce to
+// each call.
+type prefixNonceAEAD struct {
+ // nonce contains the fixed part of the nonce in the first four bytes.
+ nonce [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *prefixNonceAEAD) NonceSize() int { return aeadNonceLength - noncePrefixLength }
+func (f *prefixNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *prefixNonceAEAD) explicitNonceLen() int { return f.NonceSize() }
+
+func (f *prefixNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Seal(out, f.nonce[:], plaintext, additionalData)
+}
+
+func (f *prefixNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Open(out, f.nonce[:], ciphertext, additionalData)
+}
+
+// xoredNonceAEAD wraps an AEAD by XORing in a fixed pattern to the nonce
+// before each call.
+type xorNonceAEAD struct {
+ nonceMask [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *xorNonceAEAD) NonceSize() int { return 8 } // 64-bit sequence number
+func (f *xorNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *xorNonceAEAD) explicitNonceLen() int { return 0 }
+
+func (f *xorNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result := f.aead.Seal(out, f.nonceMask[:], plaintext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result
+}
+
+func (f *xorNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result, err := f.aead.Open(out, f.nonceMask[:], ciphertext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result, err
+}
+
+func aeadAESGCM(key, noncePrefix []byte) aead {
+ if len(noncePrefix) != noncePrefixLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &prefixNonceAEAD{aead: aead}
+ copy(ret.nonce[:], noncePrefix)
+ return ret
+}
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return aeadAESGCMTLS13(key, fixedNonce)
+}
+
+func aeadAESGCMTLS13(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+func aeadChaCha20Poly1305(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aead, err := chacha20poly1305.New(key)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+type constantTimeHash interface {
+ hash.Hash
+ ConstantTimeSum(b []byte) []byte
+}
+
+// cthWrapper wraps any hash.Hash that implements ConstantTimeSum, and replaces
+// with that all calls to Sum. It's used to obtain a ConstantTimeSum-based HMAC.
+type cthWrapper struct {
+ h constantTimeHash
+}
+
+func (c *cthWrapper) Size() int { return c.h.Size() }
+func (c *cthWrapper) BlockSize() int { return c.h.BlockSize() }
+func (c *cthWrapper) Reset() { c.h.Reset() }
+func (c *cthWrapper) Write(p []byte) (int, error) { return c.h.Write(p) }
+func (c *cthWrapper) Sum(b []byte) []byte { return c.h.ConstantTimeSum(b) }
+
+func newConstantTimeHash(h func() hash.Hash) func() hash.Hash {
+ return func() hash.Hash {
+ return &cthWrapper{h().(constantTimeHash)}
+ }
+}
+
+// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, Section 6.2.3.
+type tls10MAC struct {
+ h hash.Hash
+ buf []byte
+}
+
+func (s tls10MAC) Size() int {
+ return s.h.Size()
+}
+
+// MAC is guaranteed to take constant time, as long as
+// len(seq)+len(header)+len(data)+len(extra) is constant. extra is not fed into
+// the MAC, but is only provided to make the timing profile constant.
+func (s tls10MAC) MAC(seq, header, data, extra []byte) []byte {
+ s.h.Reset()
+ s.h.Write(seq)
+ s.h.Write(header)
+ s.h.Write(data)
+ res := s.h.Sum(s.buf[:0])
+ if extra != nil {
+ s.h.Write(extra)
+ }
+ return res
+}
+
+func rsaKA(version uint16) keyAgreement {
+ return rsaKeyAgreement{}
+}
+
+func ecdheECDSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: false,
+ version: version,
+ }
+}
+
+func ecdheRSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: true,
+ version: version,
+ }
+}
+
+// mutualCipherSuite returns a cipherSuite given a list of supported
+// ciphersuites and the id requested by the peer.
+func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteByID(id uint16) *cipherSuite {
+ for _, cipherSuite := range cipherSuites {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteTLS13ByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {
+ for _, cipherSuite := range cipherSuitesTLS13 {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+// A list of cipher suite IDs that are, or have been, implemented by this
+// package.
+//
+// See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
+const (
+ // TLS 1.0 - 1.2 cipher suites.
+ TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a
+ TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
+ TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
+ TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
+ TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
+ TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca8
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca9
+
+ // TLS 1.3 cipher suites.
+ TLS_AES_128_GCM_SHA256 uint16 = 0x1301
+ TLS_AES_256_GCM_SHA384 uint16 = 0x1302
+ TLS_CHACHA20_POLY1305_SHA256 uint16 = 0x1303
+
+ // TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
+ // that the client is doing version fallback. See RFC 7507.
+ TLS_FALLBACK_SCSV uint16 = 0x5600
+
+ // Legacy names for the corresponding cipher suites with the correct _SHA256
+ // suffix, retained for backward compatibility.
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/common.go b/vendor/github.com/marten-seemann/qtls-go1-15/common.go
new file mode 100644
index 00000000..3a67e297
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/common.go
@@ -0,0 +1,1525 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "container/list"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/sha512"
+ "crypto/tls"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "strings"
+ "sync"
+ "time"
+
+ "golang.org/x/sys/cpu"
+)
+
+const (
+ VersionTLS10 = 0x0301
+ VersionTLS11 = 0x0302
+ VersionTLS12 = 0x0303
+ VersionTLS13 = 0x0304
+
+ // Deprecated: SSLv3 is cryptographically broken, and is no longer
+ // supported by this package. See golang.org/issue/32716.
+ VersionSSL30 = 0x0300
+)
+
+const (
+ maxPlaintext = 16384 // maximum plaintext payload length
+ maxCiphertext = 16384 + 2048 // maximum ciphertext payload length
+ maxCiphertextTLS13 = 16384 + 256 // maximum ciphertext length in TLS 1.3
+ recordHeaderLen = 5 // record header length
+ maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB)
+ maxUselessRecords = 16 // maximum number of consecutive non-advancing records
+)
+
+// TLS record types.
+type recordType uint8
+
+const (
+ recordTypeChangeCipherSpec recordType = 20
+ recordTypeAlert recordType = 21
+ recordTypeHandshake recordType = 22
+ recordTypeApplicationData recordType = 23
+)
+
+// TLS handshake message types.
+const (
+ typeHelloRequest uint8 = 0
+ typeClientHello uint8 = 1
+ typeServerHello uint8 = 2
+ typeNewSessionTicket uint8 = 4
+ typeEndOfEarlyData uint8 = 5
+ typeEncryptedExtensions uint8 = 8
+ typeCertificate uint8 = 11
+ typeServerKeyExchange uint8 = 12
+ typeCertificateRequest uint8 = 13
+ typeServerHelloDone uint8 = 14
+ typeCertificateVerify uint8 = 15
+ typeClientKeyExchange uint8 = 16
+ typeFinished uint8 = 20
+ typeCertificateStatus uint8 = 22
+ typeKeyUpdate uint8 = 24
+ typeNextProtocol uint8 = 67 // Not IANA assigned
+ typeMessageHash uint8 = 254 // synthetic message
+)
+
+// TLS compression types.
+const (
+ compressionNone uint8 = 0
+)
+
+type Extension struct {
+ Type uint16
+ Data []byte
+}
+
+// TLS extension numbers
+const (
+ extensionServerName uint16 = 0
+ extensionStatusRequest uint16 = 5
+ extensionSupportedCurves uint16 = 10 // supported_groups in TLS 1.3, see RFC 8446, Section 4.2.7
+ extensionSupportedPoints uint16 = 11
+ extensionSignatureAlgorithms uint16 = 13
+ extensionALPN uint16 = 16
+ extensionSCT uint16 = 18
+ extensionSessionTicket uint16 = 35
+ extensionPreSharedKey uint16 = 41
+ extensionEarlyData uint16 = 42
+ extensionSupportedVersions uint16 = 43
+ extensionCookie uint16 = 44
+ extensionPSKModes uint16 = 45
+ extensionCertificateAuthorities uint16 = 47
+ extensionSignatureAlgorithmsCert uint16 = 50
+ extensionKeyShare uint16 = 51
+ extensionRenegotiationInfo uint16 = 0xff01
+)
+
+// TLS signaling cipher suite values
+const (
+ scsvRenegotiation uint16 = 0x00ff
+)
+
+type EncryptionLevel uint8
+
+const (
+ EncryptionHandshake EncryptionLevel = iota
+ Encryption0RTT
+ EncryptionApplication
+)
+
+// CurveID is a tls.CurveID
+type CurveID = tls.CurveID
+
+const (
+ CurveP256 CurveID = 23
+ CurveP384 CurveID = 24
+ CurveP521 CurveID = 25
+ X25519 CurveID = 29
+)
+
+// TLS 1.3 Key Share. See RFC 8446, Section 4.2.8.
+type keyShare struct {
+ group CurveID
+ data []byte
+}
+
+// TLS 1.3 PSK Key Exchange Modes. See RFC 8446, Section 4.2.9.
+const (
+ pskModePlain uint8 = 0
+ pskModeDHE uint8 = 1
+)
+
+// TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved
+// session. See RFC 8446, Section 4.2.11.
+type pskIdentity struct {
+ label []byte
+ obfuscatedTicketAge uint32
+}
+
+// TLS Elliptic Curve Point Formats
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
+const (
+ pointFormatUncompressed uint8 = 0
+)
+
+// TLS CertificateStatusType (RFC 3546)
+const (
+ statusTypeOCSP uint8 = 1
+)
+
+// Certificate types (for certificateRequestMsg)
+const (
+ certTypeRSASign = 1
+ certTypeECDSASign = 64 // ECDSA or EdDSA keys, see RFC 8422, Section 3.
+)
+
+// Signature algorithms (for internal signaling use). Starting at 225 to avoid overlap with
+// TLS 1.2 codepoints (RFC 5246, Appendix A.4.1), with which these have nothing to do.
+const (
+ signaturePKCS1v15 uint8 = iota + 225
+ signatureRSAPSS
+ signatureECDSA
+ signatureEd25519
+)
+
+// directSigning is a standard Hash value that signals that no pre-hashing
+// should be performed, and that the input should be signed directly. It is the
+// hash function associated with the Ed25519 signature scheme.
+var directSigning crypto.Hash = 0
+
+// supportedSignatureAlgorithms contains the signature and hash algorithms that
+// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
+// CertificateRequest. The two fields are merged to match with TLS 1.3.
+// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
+var supportedSignatureAlgorithms = []SignatureScheme{
+ PSSWithSHA256,
+ ECDSAWithP256AndSHA256,
+ Ed25519,
+ PSSWithSHA384,
+ PSSWithSHA512,
+ PKCS1WithSHA256,
+ PKCS1WithSHA384,
+ PKCS1WithSHA512,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ PKCS1WithSHA1,
+ ECDSAWithSHA1,
+}
+
+// helloRetryRequestRandom is set as the Random value of a ServerHello
+// to signal that the message is actually a HelloRetryRequest.
+var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3.
+ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
+ 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91,
+ 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E,
+ 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C,
+}
+
+const (
+ // downgradeCanaryTLS12 or downgradeCanaryTLS11 is embedded in the server
+ // random as a downgrade protection if the server would be capable of
+ // negotiating a higher version. See RFC 8446, Section 4.1.3.
+ downgradeCanaryTLS12 = "DOWNGRD\x01"
+ downgradeCanaryTLS11 = "DOWNGRD\x00"
+)
+
+// testingOnlyForceDowngradeCanary is set in tests to force the server side to
+// include downgrade canaries even if it's using its highers supported version.
+var testingOnlyForceDowngradeCanary bool
+
+type ConnectionState = tls.ConnectionState
+
+// ConnectionState records basic TLS details about the connection.
+type connectionState struct {
+ // Version is the TLS version used by the connection (e.g. VersionTLS12).
+ Version uint16
+
+ // HandshakeComplete is true if the handshake has concluded.
+ HandshakeComplete bool
+
+ // DidResume is true if this connection was successfully resumed from a
+ // previous session with a session ticket or similar mechanism.
+ DidResume bool
+
+ // CipherSuite is the cipher suite negotiated for the connection (e.g.
+ // TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_AES_128_GCM_SHA256).
+ CipherSuite uint16
+
+ // NegotiatedProtocol is the application protocol negotiated with ALPN.
+ //
+ // Note that on the client side, this is currently not guaranteed to be from
+ // Config.NextProtos.
+ NegotiatedProtocol string
+
+ // NegotiatedProtocolIsMutual used to indicate a mutual NPN negotiation.
+ //
+ // Deprecated: this value is always true.
+ NegotiatedProtocolIsMutual bool
+
+ // ServerName is the value of the Server Name Indication extension sent by
+ // the client. It's available both on the server and on the client side.
+ ServerName string
+
+ // PeerCertificates are the parsed certificates sent by the peer, in the
+ // order in which they were sent. The first element is the leaf certificate
+ // that the connection is verified against.
+ //
+ // On the client side, it can't be empty. On the server side, it can be
+ // empty if Config.ClientAuth is not RequireAnyClientCert or
+ // RequireAndVerifyClientCert.
+ PeerCertificates []*x509.Certificate
+
+ // VerifiedChains is a list of one or more chains where the first element is
+ // PeerCertificates[0] and the last element is from Config.RootCAs (on the
+ // client side) or Config.ClientCAs (on the server side).
+ //
+ // On the client side, it's set if Config.InsecureSkipVerify is false. On
+ // the server side, it's set if Config.ClientAuth is VerifyClientCertIfGiven
+ // (and the peer provided a certificate) or RequireAndVerifyClientCert.
+ VerifiedChains [][]*x509.Certificate
+
+ // SignedCertificateTimestamps is a list of SCTs provided by the peer
+ // through the TLS handshake for the leaf certificate, if any.
+ SignedCertificateTimestamps [][]byte
+
+ // OCSPResponse is a stapled Online Certificate Status Protocol (OCSP)
+ // response provided by the peer for the leaf certificate, if any.
+ OCSPResponse []byte
+
+ // TLSUnique contains the "tls-unique" channel binding value (see RFC 5929,
+ // Section 3). This value will be nil for TLS 1.3 connections and for all
+ // resumed connections.
+ //
+ // Deprecated: there are conditions in which this value might not be unique
+ // to a connection. See the Security Considerations sections of RFC 5705 and
+ // RFC 7627, and https://mitls.org/pages/attacks/3SHAKE#channelbindings.
+ TLSUnique []byte
+
+ // ekm is a closure exposed via ExportKeyingMaterial.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+}
+
+type ConnectionStateWith0RTT struct {
+ ConnectionState
+
+ Used0RTT bool // true if 0-RTT was both offered and accepted
+}
+
+// ClientAuthType is tls.ClientAuthType
+type ClientAuthType = tls.ClientAuthType
+
+const (
+ NoClientCert = tls.NoClientCert
+ RequestClientCert = tls.RequestClientCert
+ RequireAnyClientCert = tls.RequireAnyClientCert
+ VerifyClientCertIfGiven = tls.VerifyClientCertIfGiven
+ RequireAndVerifyClientCert = tls.RequireAndVerifyClientCert
+)
+
+// requiresClientCert reports whether the ClientAuthType requires a client
+// certificate to be provided.
+func requiresClientCert(c ClientAuthType) bool {
+ switch c {
+ case RequireAnyClientCert, RequireAndVerifyClientCert:
+ return true
+ default:
+ return false
+ }
+}
+
+// ClientSessionState contains the state needed by clients to resume TLS
+// sessions.
+type ClientSessionState = tls.ClientSessionState
+
+type clientSessionState struct {
+ sessionTicket []uint8 // Encrypted ticket used for session resumption with server
+ vers uint16 // TLS version negotiated for the session
+ cipherSuite uint16 // Ciphersuite negotiated for the session
+ masterSecret []byte // Full handshake MasterSecret, or TLS 1.3 resumption_master_secret
+ serverCertificates []*x509.Certificate // Certificate chain presented by the server
+ verifiedChains [][]*x509.Certificate // Certificate chains we built for verification
+ receivedAt time.Time // When the session ticket was received from the server
+ ocspResponse []byte // Stapled OCSP response presented by the server
+ scts [][]byte // SCTs presented by the server
+
+ // TLS 1.3 fields.
+ nonce []byte // Ticket nonce sent by the server, to derive PSK
+ useBy time.Time // Expiration of the ticket lifetime as set by the server
+ ageAdd uint32 // Random obfuscation factor for sending the ticket age
+}
+
+// ClientSessionCache is a cache of ClientSessionState objects that can be used
+// by a client to resume a TLS session with a given server. ClientSessionCache
+// implementations should expect to be called concurrently from different
+// goroutines. Up to TLS 1.2, only ticket-based resumption is supported, not
+// SessionID-based resumption. In TLS 1.3 they were merged into PSK modes, which
+// are supported via this interface.
+//go:generate sh -c "mockgen -package qtls -destination mock_client_session_cache_test.go github.com/marten-seemann/qtls-go1-15 ClientSessionCache"
+type ClientSessionCache = tls.ClientSessionCache
+
+// SignatureScheme is a tls.SignatureScheme
+type SignatureScheme = tls.SignatureScheme
+
+const (
+ // RSASSA-PKCS1-v1_5 algorithms.
+ PKCS1WithSHA256 SignatureScheme = 0x0401
+ PKCS1WithSHA384 SignatureScheme = 0x0501
+ PKCS1WithSHA512 SignatureScheme = 0x0601
+
+ // RSASSA-PSS algorithms with public key OID rsaEncryption.
+ PSSWithSHA256 SignatureScheme = 0x0804
+ PSSWithSHA384 SignatureScheme = 0x0805
+ PSSWithSHA512 SignatureScheme = 0x0806
+
+ // ECDSA algorithms. Only constrained to a specific curve in TLS 1.3.
+ ECDSAWithP256AndSHA256 SignatureScheme = 0x0403
+ ECDSAWithP384AndSHA384 SignatureScheme = 0x0503
+ ECDSAWithP521AndSHA512 SignatureScheme = 0x0603
+
+ // EdDSA algorithms.
+ Ed25519 SignatureScheme = 0x0807
+
+ // Legacy signature and hash algorithms for TLS 1.2.
+ PKCS1WithSHA1 SignatureScheme = 0x0201
+ ECDSAWithSHA1 SignatureScheme = 0x0203
+)
+
+// ClientHelloInfo contains information from a ClientHello message in order to
+// guide application logic in the GetCertificate and GetConfigForClient callbacks.
+type ClientHelloInfo = tls.ClientHelloInfo
+
+type clientHelloInfo struct {
+ // CipherSuites lists the CipherSuites supported by the client (e.g.
+ // TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).
+ CipherSuites []uint16
+
+ // ServerName indicates the name of the server requested by the client
+ // in order to support virtual hosting. ServerName is only set if the
+ // client is using SNI (see RFC 4366, Section 3.1).
+ ServerName string
+
+ // SupportedCurves lists the elliptic curves supported by the client.
+ // SupportedCurves is set only if the Supported Elliptic Curves
+ // Extension is being used (see RFC 4492, Section 5.1.1).
+ SupportedCurves []CurveID
+
+ // SupportedPoints lists the point formats supported by the client.
+ // SupportedPoints is set only if the Supported Point Formats Extension
+ // is being used (see RFC 4492, Section 5.1.2).
+ SupportedPoints []uint8
+
+ // SignatureSchemes lists the signature and hash schemes that the client
+ // is willing to verify. SignatureSchemes is set only if the Signature
+ // Algorithms Extension is being used (see RFC 5246, Section 7.4.1.4.1).
+ SignatureSchemes []SignatureScheme
+
+ // SupportedProtos lists the application protocols supported by the client.
+ // SupportedProtos is set only if the Application-Layer Protocol
+ // Negotiation Extension is being used (see RFC 7301, Section 3.1).
+ //
+ // Servers can select a protocol by setting Config.NextProtos in a
+ // GetConfigForClient return value.
+ SupportedProtos []string
+
+ // SupportedVersions lists the TLS versions supported by the client.
+ // For TLS versions less than 1.3, this is extrapolated from the max
+ // version advertised by the client, so values other than the greatest
+ // might be rejected if used.
+ SupportedVersions []uint16
+
+ // Conn is the underlying net.Conn for the connection. Do not read
+ // from, or write to, this connection; that will cause the TLS
+ // connection to fail.
+ Conn net.Conn
+
+ // config is embedded by the GetCertificate or GetConfigForClient caller,
+ // for use with SupportsCertificate.
+ config *Config
+}
+
+// CertificateRequestInfo contains information from a server's
+// CertificateRequest message, which is used to demand a certificate and proof
+// of control from a client.
+type CertificateRequestInfo = tls.CertificateRequestInfo
+
+// RenegotiationSupport enumerates the different levels of support for TLS
+// renegotiation. TLS renegotiation is the act of performing subsequent
+// handshakes on a connection after the first. This significantly complicates
+// the state machine and has been the source of numerous, subtle security
+// issues. Initiating a renegotiation is not supported, but support for
+// accepting renegotiation requests may be enabled.
+//
+// Even when enabled, the server may not change its identity between handshakes
+// (i.e. the leaf certificate must be the same). Additionally, concurrent
+// handshake and application data flow is not permitted so renegotiation can
+// only be used with protocols that synchronise with the renegotiation, such as
+// HTTPS.
+//
+// Renegotiation is not defined in TLS 1.3.
+type RenegotiationSupport = tls.RenegotiationSupport
+
+const (
+ // RenegotiateNever disables renegotiation.
+ RenegotiateNever = tls.RenegotiateNever
+
+ // RenegotiateOnceAsClient allows a remote server to request
+ // renegotiation once per connection.
+ RenegotiateOnceAsClient = tls.RenegotiateOnceAsClient
+
+ // RenegotiateFreelyAsClient allows a remote server to repeatedly
+ // request renegotiation.
+ RenegotiateFreelyAsClient = tls.RenegotiateFreelyAsClient
+)
+
+// A Config structure is used to configure a TLS client or server.
+// After one has been passed to a TLS function it must not be
+// modified. A Config may be reused; the tls package will also not
+// modify it.
+type Config = tls.Config
+
+type config struct {
+ // Rand provides the source of entropy for nonces and RSA blinding.
+ // If Rand is nil, TLS uses the cryptographic random reader in package
+ // crypto/rand.
+ // The Reader must be safe for use by multiple goroutines.
+ Rand io.Reader
+
+ // Time returns the current time as the number of seconds since the epoch.
+ // If Time is nil, TLS uses time.Now.
+ Time func() time.Time
+
+ // Certificates contains one or more certificate chains to present to the
+ // other side of the connection. The first certificate compatible with the
+ // peer's requirements is selected automatically.
+ //
+ // Server configurations must set one of Certificates, GetCertificate or
+ // GetConfigForClient. Clients doing client-authentication may set either
+ // Certificates or GetClientCertificate.
+ //
+ // Note: if there are multiple Certificates, and they don't have the
+ // optional field Leaf set, certificate selection will incur a significant
+ // per-handshake performance cost.
+ Certificates []Certificate
+
+ // NameToCertificate maps from a certificate name to an element of
+ // Certificates. Note that a certificate name can be of the form
+ // '*.example.com' and so doesn't have to be a domain name as such.
+ //
+ // Deprecated: NameToCertificate only allows associating a single
+ // certificate with a given name. Leave this field nil to let the library
+ // select the first compatible chain from Certificates.
+ NameToCertificate map[string]*Certificate
+
+ // GetCertificate returns a Certificate based on the given
+ // ClientHelloInfo. It will only be called if the client supplies SNI
+ // information or if Certificates is empty.
+ //
+ // If GetCertificate is nil or returns nil, then the certificate is
+ // retrieved from NameToCertificate. If NameToCertificate is nil, the
+ // best element of Certificates will be used.
+ GetCertificate func(*ClientHelloInfo) (*Certificate, error)
+
+ // GetClientCertificate, if not nil, is called when a server requests a
+ // certificate from a client. If set, the contents of Certificates will
+ // be ignored.
+ //
+ // If GetClientCertificate returns an error, the handshake will be
+ // aborted and that error will be returned. Otherwise
+ // GetClientCertificate must return a non-nil Certificate. If
+ // Certificate.Certificate is empty then no certificate will be sent to
+ // the server. If this is unacceptable to the server then it may abort
+ // the handshake.
+ //
+ // GetClientCertificate may be called multiple times for the same
+ // connection if renegotiation occurs or if TLS 1.3 is in use.
+ GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)
+
+ // GetConfigForClient, if not nil, is called after a ClientHello is
+ // received from a client. It may return a non-nil Config in order to
+ // change the Config that will be used to handle this connection. If
+ // the returned Config is nil, the original Config will be used. The
+ // Config returned by this callback may not be subsequently modified.
+ //
+ // If GetConfigForClient is nil, the Config passed to Server() will be
+ // used for all connections.
+ //
+ // If SessionTicketKey was explicitly set on the returned Config, or if
+ // SetSessionTicketKeys was called on the returned Config, those keys will
+ // be used. Otherwise, the original Config keys will be used (and possibly
+ // rotated if they are automatically managed).
+ GetConfigForClient func(*ClientHelloInfo) (*Config, error)
+
+ // VerifyPeerCertificate, if not nil, is called after normal
+ // certificate verification by either a TLS client or server. It
+ // receives the raw ASN.1 certificates provided by the peer and also
+ // any verified chains that normal processing found. If it returns a
+ // non-nil error, the handshake is aborted and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. If normal verification is disabled by
+ // setting InsecureSkipVerify, or (for a server) when ClientAuth is
+ // RequestClientCert or RequireAnyClientCert, then this callback will
+ // be considered but the verifiedChains argument will always be nil.
+ VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
+
+ // VerifyConnection, if not nil, is called after normal certificate
+ // verification and after VerifyPeerCertificate by either a TLS client
+ // or server. If it returns a non-nil error, the handshake is aborted
+ // and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. This callback will run for all connections
+ // regardless of InsecureSkipVerify or ClientAuth settings.
+ VerifyConnection func(ConnectionState) error
+
+ // RootCAs defines the set of root certificate authorities
+ // that clients use when verifying server certificates.
+ // If RootCAs is nil, TLS uses the host's root CA set.
+ RootCAs *x509.CertPool
+
+ // NextProtos is a list of supported application level protocols, in
+ // order of preference.
+ NextProtos []string
+
+ // ServerName is used to verify the hostname on the returned
+ // certificates unless InsecureSkipVerify is given. It is also included
+ // in the client's handshake to support virtual hosting unless it is
+ // an IP address.
+ ServerName string
+
+ // ClientAuth determines the server's policy for
+ // TLS Client Authentication. The default is NoClientCert.
+ ClientAuth ClientAuthType
+
+ // ClientCAs defines the set of root certificate authorities
+ // that servers use if required to verify a client certificate
+ // by the policy in ClientAuth.
+ ClientCAs *x509.CertPool
+
+ // InsecureSkipVerify controls whether a client verifies the server's
+ // certificate chain and host name. If InsecureSkipVerify is true, crypto/tls
+ // accepts any certificate presented by the server and any host name in that
+ // certificate. In this mode, TLS is susceptible to machine-in-the-middle
+ // attacks unless custom verification is used. This should be used only for
+ // testing or in combination with VerifyConnection or VerifyPeerCertificate.
+ InsecureSkipVerify bool
+
+ // CipherSuites is a list of supported cipher suites for TLS versions up to
+ // TLS 1.2. If CipherSuites is nil, a default list of secure cipher suites
+ // is used, with a preference order based on hardware performance. The
+ // default cipher suites might change over Go versions. Note that TLS 1.3
+ // ciphersuites are not configurable.
+ CipherSuites []uint16
+
+ // PreferServerCipherSuites controls whether the server selects the
+ // client's most preferred ciphersuite, or the server's most preferred
+ // ciphersuite. If true then the server's preference, as expressed in
+ // the order of elements in CipherSuites, is used.
+ PreferServerCipherSuites bool
+
+ // SessionTicketsDisabled may be set to true to disable session ticket and
+ // PSK (resumption) support. Note that on clients, session ticket support is
+ // also disabled if ClientSessionCache is nil.
+ SessionTicketsDisabled bool
+
+ // SessionTicketKey is used by TLS servers to provide session resumption.
+ // See RFC 5077 and the PSK mode of RFC 8446. If zero, it will be filled
+ // with random data before the first server handshake.
+ //
+ // Deprecated: if this field is left at zero, session ticket keys will be
+ // automatically rotated every day and dropped after seven days. For
+ // customizing the rotation schedule or synchronizing servers that are
+ // terminating connections for the same host, use SetSessionTicketKeys.
+ SessionTicketKey [32]byte
+
+ // ClientSessionCache is a cache of ClientSessionState entries for TLS
+ // session resumption. It is only used by clients.
+ ClientSessionCache ClientSessionCache
+
+ // MinVersion contains the minimum TLS version that is acceptable.
+ // If zero, TLS 1.0 is currently taken as the minimum.
+ MinVersion uint16
+
+ // MaxVersion contains the maximum TLS version that is acceptable.
+ // If zero, the maximum version supported by this package is used,
+ // which is currently TLS 1.3.
+ MaxVersion uint16
+
+ // CurvePreferences contains the elliptic curves that will be used in
+ // an ECDHE handshake, in preference order. If empty, the default will
+ // be used. The client will use the first preference as the type for
+ // its key share in TLS 1.3. This may change in the future.
+ CurvePreferences []CurveID
+
+ // DynamicRecordSizingDisabled disables adaptive sizing of TLS records.
+ // When true, the largest possible TLS record size is always used. When
+ // false, the size of TLS records may be adjusted in an attempt to
+ // improve latency.
+ DynamicRecordSizingDisabled bool
+
+ // Renegotiation controls what types of renegotiation are supported.
+ // The default, none, is correct for the vast majority of applications.
+ Renegotiation RenegotiationSupport
+
+ // KeyLogWriter optionally specifies a destination for TLS master secrets
+ // in NSS key log format that can be used to allow external programs
+ // such as Wireshark to decrypt TLS connections.
+ // See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format.
+ // Use of KeyLogWriter compromises security and should only be
+ // used for debugging.
+ KeyLogWriter io.Writer
+
+ // mutex protects sessionTicketKeys and autoSessionTicketKeys.
+ mutex sync.RWMutex
+ // sessionTicketKeys contains zero or more ticket keys. If set, it means the
+ // the keys were set with SessionTicketKey or SetSessionTicketKeys. The
+ // first key is used for new tickets and any subsequent keys can be used to
+ // decrypt old tickets. The slice contents are not protected by the mutex
+ // and are immutable.
+ sessionTicketKeys []ticketKey
+ // autoSessionTicketKeys is like sessionTicketKeys but is owned by the
+ // auto-rotation logic. See Config.ticketKeys.
+ autoSessionTicketKeys []ticketKey
+}
+
+// A RecordLayer handles encrypting and decrypting of TLS messages.
+type RecordLayer interface {
+ SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ ReadHandshakeMessage() ([]byte, error)
+ WriteRecord([]byte) (int, error)
+ SendAlert(uint8)
+}
+
+type ExtraConfig struct {
+ // GetExtensions, if not nil, is called before a message that allows
+ // sending of extensions is sent.
+ // Currently only implemented for the ClientHello message (for the client)
+ // and for the EncryptedExtensions message (for the server).
+ // Only valid for TLS 1.3.
+ GetExtensions func(handshakeMessageType uint8) []Extension
+
+ // ReceivedExtensions, if not nil, is called when a message that allows the
+ // inclusion of extensions is received.
+ // It is called with an empty slice of extensions, if the message didn't
+ // contain any extensions.
+ // Currently only implemented for the ClientHello message (sent by the
+ // client) and for the EncryptedExtensions message (sent by the server).
+ // Only valid for TLS 1.3.
+ ReceivedExtensions func(handshakeMessageType uint8, exts []Extension)
+
+ // AlternativeRecordLayer is used by QUIC
+ AlternativeRecordLayer RecordLayer
+
+ // Enforce the selection of a supported application protocol.
+ // Only works for TLS 1.3.
+ // If enabled, client and server have to agree on an application protocol.
+ // Otherwise, connection establishment fails.
+ EnforceNextProtoSelection bool
+
+ // If MaxEarlyData is greater than 0, the client will be allowed to send early
+ // data when resuming a session.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning on the client.
+ MaxEarlyData uint32
+
+ // The Accept0RTT callback is called when the client offers 0-RTT.
+ // The server then has to decide if it wants to accept or reject 0-RTT.
+ // It is only used for servers.
+ Accept0RTT func(appData []byte) bool
+
+ // 0RTTRejected is called when the server rejectes 0-RTT.
+ // It is only used for clients.
+ Rejected0RTT func()
+
+ // If set, the client will export the 0-RTT key when resuming a session that
+ // allows sending of early data.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning to the server.
+ Enable0RTT bool
+
+ // Is called when the client saves a session ticket to the session ticket.
+ // This gives the application the opportunity to save some data along with the ticket,
+ // which can be restored when the session ticket is used.
+ GetAppDataForSessionState func() []byte
+
+ // Is called when the client uses a session ticket.
+ // Restores the application data that was saved earlier on GetAppDataForSessionTicket.
+ SetAppDataFromSessionState func([]byte)
+}
+
+// Clone clones.
+func (c *ExtraConfig) Clone() *ExtraConfig {
+ return &ExtraConfig{
+ GetExtensions: c.GetExtensions,
+ ReceivedExtensions: c.ReceivedExtensions,
+ AlternativeRecordLayer: c.AlternativeRecordLayer,
+ EnforceNextProtoSelection: c.EnforceNextProtoSelection,
+ MaxEarlyData: c.MaxEarlyData,
+ Enable0RTT: c.Enable0RTT,
+ Accept0RTT: c.Accept0RTT,
+ Rejected0RTT: c.Rejected0RTT,
+ GetAppDataForSessionState: c.GetAppDataForSessionState,
+ SetAppDataFromSessionState: c.SetAppDataFromSessionState,
+ }
+}
+
+func (c *ExtraConfig) usesAlternativeRecordLayer() bool {
+ return c != nil && c.AlternativeRecordLayer != nil
+}
+
+const (
+ // ticketKeyNameLen is the number of bytes of identifier that is prepended to
+ // an encrypted session ticket in order to identify the key used to encrypt it.
+ ticketKeyNameLen = 16
+
+ // ticketKeyLifetime is how long a ticket key remains valid and can be used to
+ // resume a client connection.
+ ticketKeyLifetime = 7 * 24 * time.Hour // 7 days
+
+ // ticketKeyRotation is how often the server should rotate the session ticket key
+ // that is used for new tickets.
+ ticketKeyRotation = 24 * time.Hour
+)
+
+// ticketKey is the internal representation of a session ticket key.
+type ticketKey struct {
+ // keyName is an opaque byte string that serves to identify the session
+ // ticket key. It's exposed as plaintext in every session ticket.
+ keyName [ticketKeyNameLen]byte
+ aesKey [16]byte
+ hmacKey [16]byte
+ // created is the time at which this ticket key was created. See Config.ticketKeys.
+ created time.Time
+}
+
+// ticketKeyFromBytes converts from the external representation of a session
+// ticket key to a ticketKey. Externally, session ticket keys are 32 random
+// bytes and this function expands that into sufficient name and key material.
+func (c *config) ticketKeyFromBytes(b [32]byte) (key ticketKey) {
+ hashed := sha512.Sum512(b[:])
+ copy(key.keyName[:], hashed[:ticketKeyNameLen])
+ copy(key.aesKey[:], hashed[ticketKeyNameLen:ticketKeyNameLen+16])
+ copy(key.hmacKey[:], hashed[ticketKeyNameLen+16:ticketKeyNameLen+32])
+ key.created = c.time()
+ return key
+}
+
+// maxSessionTicketLifetime is the maximum allowed lifetime of a TLS 1.3 session
+// ticket, and the lifetime we set for tickets we send.
+const maxSessionTicketLifetime = 7 * 24 * time.Hour
+
+// Clone returns a shallow clone of c. It is safe to clone a Config that is
+// being used concurrently by a TLS client or server.
+func (c *config) Clone() *config {
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ return &config{
+ Rand: c.Rand,
+ Time: c.Time,
+ Certificates: c.Certificates,
+ NameToCertificate: c.NameToCertificate,
+ GetCertificate: c.GetCertificate,
+ GetClientCertificate: c.GetClientCertificate,
+ GetConfigForClient: c.GetConfigForClient,
+ VerifyPeerCertificate: c.VerifyPeerCertificate,
+ VerifyConnection: c.VerifyConnection,
+ RootCAs: c.RootCAs,
+ NextProtos: c.NextProtos,
+ ServerName: c.ServerName,
+ ClientAuth: c.ClientAuth,
+ ClientCAs: c.ClientCAs,
+ InsecureSkipVerify: c.InsecureSkipVerify,
+ CipherSuites: c.CipherSuites,
+ PreferServerCipherSuites: c.PreferServerCipherSuites,
+ SessionTicketsDisabled: c.SessionTicketsDisabled,
+ SessionTicketKey: c.SessionTicketKey,
+ ClientSessionCache: c.ClientSessionCache,
+ MinVersion: c.MinVersion,
+ MaxVersion: c.MaxVersion,
+ CurvePreferences: c.CurvePreferences,
+ DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled,
+ Renegotiation: c.Renegotiation,
+ KeyLogWriter: c.KeyLogWriter,
+ sessionTicketKeys: c.sessionTicketKeys,
+ autoSessionTicketKeys: c.autoSessionTicketKeys,
+ }
+}
+
+// deprecatedSessionTicketKey is set as the prefix of SessionTicketKey if it was
+// randomized for backwards compatibility but is not in use.
+var deprecatedSessionTicketKey = []byte("DEPRECATED")
+
+// initLegacySessionTicketKeyRLocked ensures the legacy SessionTicketKey field is
+// randomized if empty, and that sessionTicketKeys is populated from it otherwise.
+func (c *config) initLegacySessionTicketKeyRLocked() {
+ // Don't write if SessionTicketKey is already defined as our deprecated string,
+ // or if it is defined by the user but sessionTicketKeys is already set.
+ if c.SessionTicketKey != [32]byte{} &&
+ (bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) || len(c.sessionTicketKeys) > 0) {
+ return
+ }
+
+ // We need to write some data, so get an exclusive lock and re-check any conditions.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ if c.SessionTicketKey == [32]byte{} {
+ if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil {
+ panic(fmt.Sprintf("tls: unable to generate random session ticket key: %v", err))
+ }
+ // Write the deprecated prefix at the beginning so we know we created
+ // it. This key with the DEPRECATED prefix isn't used as an actual
+ // session ticket key, and is only randomized in case the application
+ // reuses it for some reason.
+ copy(c.SessionTicketKey[:], deprecatedSessionTicketKey)
+ } else if !bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) && len(c.sessionTicketKeys) == 0 {
+ c.sessionTicketKeys = []ticketKey{c.ticketKeyFromBytes(c.SessionTicketKey)}
+ }
+
+}
+
+// ticketKeys returns the ticketKeys for this connection.
+// If configForClient has explicitly set keys, those will
+// be returned. Otherwise, the keys on c will be used and
+// may be rotated if auto-managed.
+// During rotation, any expired session ticket keys are deleted from
+// c.sessionTicketKeys. If the session ticket key that is currently
+// encrypting tickets (ie. the first ticketKey in c.sessionTicketKeys)
+// is not fresh, then a new session ticket key will be
+// created and prepended to c.sessionTicketKeys.
+func (c *config) ticketKeys(configForClient *config) []ticketKey {
+ // If the ConfigForClient callback returned a Config with explicitly set
+ // keys, use those, otherwise just use the original Config.
+ if configForClient != nil {
+ configForClient.mutex.RLock()
+ if configForClient.SessionTicketsDisabled {
+ return nil
+ }
+ configForClient.initLegacySessionTicketKeyRLocked()
+ if len(configForClient.sessionTicketKeys) != 0 {
+ ret := configForClient.sessionTicketKeys
+ configForClient.mutex.RUnlock()
+ return ret
+ }
+ configForClient.mutex.RUnlock()
+ }
+
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ if c.SessionTicketsDisabled {
+ return nil
+ }
+ c.initLegacySessionTicketKeyRLocked()
+ if len(c.sessionTicketKeys) != 0 {
+ return c.sessionTicketKeys
+ }
+ // Fast path for the common case where the key is fresh enough.
+ if len(c.autoSessionTicketKeys) > 0 && c.time().Sub(c.autoSessionTicketKeys[0].created) < ticketKeyRotation {
+ return c.autoSessionTicketKeys
+ }
+
+ // autoSessionTicketKeys are managed by auto-rotation.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ // Re-check the condition in case it changed since obtaining the new lock.
+ if len(c.autoSessionTicketKeys) == 0 || c.time().Sub(c.autoSessionTicketKeys[0].created) >= ticketKeyRotation {
+ var newKey [32]byte
+ if _, err := io.ReadFull(c.rand(), newKey[:]); err != nil {
+ panic(fmt.Sprintf("unable to generate random session ticket key: %v", err))
+ }
+ valid := make([]ticketKey, 0, len(c.autoSessionTicketKeys)+1)
+ valid = append(valid, c.ticketKeyFromBytes(newKey))
+ for _, k := range c.autoSessionTicketKeys {
+ // While rotating the current key, also remove any expired ones.
+ if c.time().Sub(k.created) < ticketKeyLifetime {
+ valid = append(valid, k)
+ }
+ }
+ c.autoSessionTicketKeys = valid
+ }
+ return c.autoSessionTicketKeys
+}
+
+// SetSessionTicketKeys updates the session ticket keys for a server.
+//
+// The first key will be used when creating new tickets, while all keys can be
+// used for decrypting tickets. It is safe to call this function while the
+// server is running in order to rotate the session ticket keys. The function
+// will panic if keys is empty.
+//
+// Calling this function will turn off automatic session ticket key rotation.
+//
+// If multiple servers are terminating connections for the same host they should
+// all have the same session ticket keys. If the session ticket keys leaks,
+// previously recorded and future TLS connections using those keys might be
+// compromised.
+func (c *config) SetSessionTicketKeys(keys [][32]byte) {
+ if len(keys) == 0 {
+ panic("tls: keys must have at least one key")
+ }
+
+ newKeys := make([]ticketKey, len(keys))
+ for i, bytes := range keys {
+ newKeys[i] = c.ticketKeyFromBytes(bytes)
+ }
+
+ c.mutex.Lock()
+ c.sessionTicketKeys = newKeys
+ c.mutex.Unlock()
+}
+
+func (c *config) rand() io.Reader {
+ r := c.Rand
+ if r == nil {
+ return rand.Reader
+ }
+ return r
+}
+
+func (c *config) time() time.Time {
+ t := c.Time
+ if t == nil {
+ t = time.Now
+ }
+ return t()
+}
+
+func (c *config) cipherSuites() []uint16 {
+ s := c.CipherSuites
+ if s == nil {
+ s = defaultCipherSuites()
+ }
+ return s
+}
+
+var supportedVersions = []uint16{
+ VersionTLS13,
+ VersionTLS12,
+ VersionTLS11,
+ VersionTLS10,
+}
+
+func (c *config) supportedVersions() []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if c != nil && c.MinVersion != 0 && v < c.MinVersion {
+ continue
+ }
+ if c != nil && c.MaxVersion != 0 && v > c.MaxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+func (c *config) maxSupportedVersion() uint16 {
+ supportedVersions := c.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return 0
+ }
+ return supportedVersions[0]
+}
+
+// supportedVersionsFromMax returns a list of supported versions derived from a
+// legacy maximum version value. Note that only versions supported by this
+// library are returned. Any newer peer will use supportedVersions anyway.
+func supportedVersionsFromMax(maxVersion uint16) []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if v > maxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521}
+
+func (c *config) curvePreferences() []CurveID {
+ if c == nil || len(c.CurvePreferences) == 0 {
+ return defaultCurvePreferences
+ }
+ return c.CurvePreferences
+}
+
+func (c *config) supportsCurve(curve CurveID) bool {
+ for _, cc := range c.curvePreferences() {
+ if cc == curve {
+ return true
+ }
+ }
+ return false
+}
+
+// mutualVersion returns the protocol version to use given the advertised
+// versions of the peer. Priority is given to the peer preference order.
+func (c *config) mutualVersion(peerVersions []uint16) (uint16, bool) {
+ supportedVersions := c.supportedVersions()
+ for _, peerVersion := range peerVersions {
+ for _, v := range supportedVersions {
+ if v == peerVersion {
+ return v, true
+ }
+ }
+ }
+ return 0, false
+}
+
+var errNoCertificates = errors.New("tls: no certificates configured")
+
+// getCertificate returns the best certificate for the given ClientHelloInfo,
+// defaulting to the first element of c.Certificates.
+func (c *config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) {
+ if c.GetCertificate != nil &&
+ (len(c.Certificates) == 0 || len(clientHello.ServerName) > 0) {
+ cert, err := c.GetCertificate(clientHello)
+ if cert != nil || err != nil {
+ return cert, err
+ }
+ }
+
+ if len(c.Certificates) == 0 {
+ return nil, errNoCertificates
+ }
+
+ if len(c.Certificates) == 1 {
+ // There's only one choice, so no point doing any work.
+ return &c.Certificates[0], nil
+ }
+
+ if c.NameToCertificate != nil {
+ name := strings.ToLower(clientHello.ServerName)
+ if cert, ok := c.NameToCertificate[name]; ok {
+ return cert, nil
+ }
+ if len(name) > 0 {
+ labels := strings.Split(name, ".")
+ labels[0] = "*"
+ wildcardName := strings.Join(labels, ".")
+ if cert, ok := c.NameToCertificate[wildcardName]; ok {
+ return cert, nil
+ }
+ }
+ }
+
+ for _, cert := range c.Certificates {
+ if err := clientHello.SupportsCertificate(&cert); err == nil {
+ return &cert, nil
+ }
+ }
+
+ // If nothing matches, return the first certificate.
+ return &c.Certificates[0], nil
+}
+
+// SupportsCertificate returns nil if the provided certificate is supported by
+// the client that sent the ClientHello. Otherwise, it returns an error
+// describing the reason for the incompatibility.
+//
+// If this ClientHelloInfo was passed to a GetConfigForClient or GetCertificate
+// callback, this method will take into account the associated Config. Note that
+// if GetConfigForClient returns a different Config, the change can't be
+// accounted for by this method.
+//
+// This function will call x509.ParseCertificate unless c.Leaf is set, which can
+// incur a significant performance cost.
+func (chi *clientHelloInfo) SupportsCertificate(c *Certificate) error {
+ // Note we don't currently support certificate_authorities nor
+ // signature_algorithms_cert, and don't check the algorithms of the
+ // signatures on the chain (which anyway are a SHOULD, see RFC 8446,
+ // Section 4.4.2.2).
+
+ config := chi.config
+ if config == nil {
+ config = &Config{}
+ }
+ conf := fromConfig(config)
+ vers, ok := conf.mutualVersion(chi.SupportedVersions)
+ if !ok {
+ return errors.New("no mutually supported protocol versions")
+ }
+
+ // If the client specified the name they are trying to connect to, the
+ // certificate needs to be valid for it.
+ if chi.ServerName != "" {
+ x509Cert, err := leafCertificate(c)
+ if err != nil {
+ return fmt.Errorf("failed to parse certificate: %w", err)
+ }
+ if err := x509Cert.VerifyHostname(chi.ServerName); err != nil {
+ return fmt.Errorf("certificate is not valid for requested server name: %w", err)
+ }
+ }
+
+ // supportsRSAFallback returns nil if the certificate and connection support
+ // the static RSA key exchange, and unsupported otherwise. The logic for
+ // supporting static RSA is completely disjoint from the logic for
+ // supporting signed key exchanges, so we just check it as a fallback.
+ supportsRSAFallback := func(unsupported error) error {
+ // TLS 1.3 dropped support for the static RSA key exchange.
+ if vers == VersionTLS13 {
+ return unsupported
+ }
+ // The static RSA key exchange works by decrypting a challenge with the
+ // RSA private key, not by signing, so check the PrivateKey implements
+ // crypto.Decrypter, like *rsa.PrivateKey does.
+ if priv, ok := c.PrivateKey.(crypto.Decrypter); ok {
+ if _, ok := priv.Public().(*rsa.PublicKey); !ok {
+ return unsupported
+ }
+ } else {
+ return unsupported
+ }
+ // Finally, there needs to be a mutual cipher suite that uses the static
+ // RSA key exchange instead of ECDHE.
+ rsaCipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ return false
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if rsaCipherSuite == nil {
+ return unsupported
+ }
+ return nil
+ }
+
+ // If the client sent the signature_algorithms extension, ensure it supports
+ // schemes we can use with this certificate and TLS version.
+ if len(chi.SignatureSchemes) > 0 {
+ if _, err := selectSignatureScheme(vers, c, chi.SignatureSchemes); err != nil {
+ return supportsRSAFallback(err)
+ }
+ }
+
+ // In TLS 1.3 we are done because supported_groups is only relevant to the
+ // ECDHE computation, point format negotiation is removed, cipher suites are
+ // only relevant to the AEAD choice, and static RSA does not exist.
+ if vers == VersionTLS13 {
+ return nil
+ }
+
+ // The only signed key exchange we support is ECDHE.
+ if !supportsECDHE(conf, chi.SupportedCurves, chi.SupportedPoints) {
+ return supportsRSAFallback(errors.New("client doesn't support ECDHE, can only use legacy RSA key exchange"))
+ }
+
+ var ecdsaCipherSuite bool
+ if priv, ok := c.PrivateKey.(crypto.Signer); ok {
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ var curve CurveID
+ switch pub.Curve {
+ case elliptic.P256():
+ curve = CurveP256
+ case elliptic.P384():
+ curve = CurveP384
+ case elliptic.P521():
+ curve = CurveP521
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ var curveOk bool
+ for _, c := range chi.SupportedCurves {
+ if c == curve && conf.supportsCurve(c) {
+ curveOk = true
+ break
+ }
+ }
+ if !curveOk {
+ return errors.New("client doesn't support certificate curve")
+ }
+ ecdsaCipherSuite = true
+ case ed25519.PublicKey:
+ if vers < VersionTLS12 || len(chi.SignatureSchemes) == 0 {
+ return errors.New("connection doesn't support Ed25519")
+ }
+ ecdsaCipherSuite = true
+ case *rsa.PublicKey:
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ } else {
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+
+ // Make sure that there is a mutually supported cipher suite that works with
+ // this certificate. Cipher suite selection will then apply the logic in
+ // reverse to pick it. See also serverHandshakeState.cipherSuiteOk.
+ cipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE == 0 {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !ecdsaCipherSuite {
+ return false
+ }
+ } else {
+ if ecdsaCipherSuite {
+ return false
+ }
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if cipherSuite == nil {
+ return supportsRSAFallback(errors.New("client doesn't support any cipher suites compatible with the certificate"))
+ }
+
+ return nil
+}
+
+// BuildNameToCertificate parses c.Certificates and builds c.NameToCertificate
+// from the CommonName and SubjectAlternateName fields of each of the leaf
+// certificates.
+//
+// Deprecated: NameToCertificate only allows associating a single certificate
+// with a given name. Leave that field nil to let the library select the first
+// compatible chain from Certificates.
+func (c *config) BuildNameToCertificate() {
+ c.NameToCertificate = make(map[string]*Certificate)
+ for i := range c.Certificates {
+ cert := &c.Certificates[i]
+ x509Cert, err := leafCertificate(cert)
+ if err != nil {
+ continue
+ }
+ if len(x509Cert.Subject.CommonName) > 0 {
+ c.NameToCertificate[x509Cert.Subject.CommonName] = cert
+ }
+ for _, san := range x509Cert.DNSNames {
+ c.NameToCertificate[san] = cert
+ }
+ }
+}
+
+const (
+ keyLogLabelTLS12 = "CLIENT_RANDOM"
+ keyLogLabelEarlyTraffic = "CLIENT_EARLY_TRAFFIC_SECRET"
+ keyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0"
+ keyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0"
+)
+
+func (c *config) writeKeyLog(label string, clientRandom, secret []byte) error {
+ if c.KeyLogWriter == nil {
+ return nil
+ }
+
+ logLine := []byte(fmt.Sprintf("%s %x %x\n", label, clientRandom, secret))
+
+ writerMutex.Lock()
+ _, err := c.KeyLogWriter.Write(logLine)
+ writerMutex.Unlock()
+
+ return err
+}
+
+// writerMutex protects all KeyLogWriters globally. It is rarely enabled,
+// and is only for debugging, so a global mutex saves space.
+var writerMutex sync.Mutex
+
+// A Certificate is a chain of one or more certificates, leaf first.
+type Certificate = tls.Certificate
+
+// leaf returns the parsed leaf certificate, either from c.Leaf or by parsing
+// the corresponding c.Certificate[0].
+func leafCertificate(c *Certificate) (*x509.Certificate, error) {
+ if c.Leaf != nil {
+ return c.Leaf, nil
+ }
+ return x509.ParseCertificate(c.Certificate[0])
+}
+
+type handshakeMessage interface {
+ marshal() []byte
+ unmarshal([]byte) bool
+}
+
+// lruSessionCache is a ClientSessionCache implementation that uses an LRU
+// caching strategy.
+type lruSessionCache struct {
+ sync.Mutex
+
+ m map[string]*list.Element
+ q *list.List
+ capacity int
+}
+
+type lruSessionCacheEntry struct {
+ sessionKey string
+ state *ClientSessionState
+}
+
+// NewLRUClientSessionCache returns a ClientSessionCache with the given
+// capacity that uses an LRU strategy. If capacity is < 1, a default capacity
+// is used instead.
+func NewLRUClientSessionCache(capacity int) ClientSessionCache {
+ const defaultSessionCacheCapacity = 64
+
+ if capacity < 1 {
+ capacity = defaultSessionCacheCapacity
+ }
+ return &lruSessionCache{
+ m: make(map[string]*list.Element),
+ q: list.New(),
+ capacity: capacity,
+ }
+}
+
+// Put adds the provided (sessionKey, cs) pair to the cache. If cs is nil, the entry
+// corresponding to sessionKey is removed from the cache instead.
+func (c *lruSessionCache) Put(sessionKey string, cs *ClientSessionState) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ if cs == nil {
+ c.q.Remove(elem)
+ delete(c.m, sessionKey)
+ } else {
+ entry := elem.Value.(*lruSessionCacheEntry)
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ }
+ return
+ }
+
+ if c.q.Len() < c.capacity {
+ entry := &lruSessionCacheEntry{sessionKey, cs}
+ c.m[sessionKey] = c.q.PushFront(entry)
+ return
+ }
+
+ elem := c.q.Back()
+ entry := elem.Value.(*lruSessionCacheEntry)
+ delete(c.m, entry.sessionKey)
+ entry.sessionKey = sessionKey
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ c.m[sessionKey] = elem
+}
+
+// Get returns the ClientSessionState value associated with a given key. It
+// returns (nil, false) if no value is found.
+func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ c.q.MoveToFront(elem)
+ return elem.Value.(*lruSessionCacheEntry).state, true
+ }
+ return nil, false
+}
+
+var emptyConfig Config
+
+func defaultConfig() *Config {
+ return &emptyConfig
+}
+
+var (
+ once sync.Once
+ varDefaultCipherSuites []uint16
+ varDefaultCipherSuitesTLS13 []uint16
+)
+
+func defaultCipherSuites() []uint16 {
+ once.Do(initDefaultCipherSuites)
+ return varDefaultCipherSuites
+}
+
+func defaultCipherSuitesTLS13() []uint16 {
+ once.Do(initDefaultCipherSuites)
+ return varDefaultCipherSuitesTLS13
+}
+
+func initDefaultCipherSuites() {
+ var topCipherSuites []uint16
+
+ // Check the cpu flags for each platform that has optimized GCM implementations.
+ // Worst case, these variables will just all be false.
+ var (
+ hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ
+ hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL
+ // Keep in sync with crypto/aes/cipher_s390x.go.
+ // TODO: check for s390
+ // hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM)
+ hasGCMAsmS390X = false
+
+ hasGCMAsm = hasGCMAsmAMD64 || hasGCMAsmARM64 || hasGCMAsmS390X
+ )
+
+ if hasGCMAsm {
+ // If AES-GCM hardware is provided then prioritise AES-GCM
+ // cipher suites.
+ topCipherSuites = []uint16{
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ }
+ varDefaultCipherSuitesTLS13 = []uint16{
+ TLS_AES_128_GCM_SHA256,
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_256_GCM_SHA384,
+ }
+ } else {
+ // Without AES-GCM hardware, we put the ChaCha20-Poly1305
+ // cipher suites first.
+ topCipherSuites = []uint16{
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ }
+ varDefaultCipherSuitesTLS13 = []uint16{
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_128_GCM_SHA256,
+ TLS_AES_256_GCM_SHA384,
+ }
+ }
+
+ varDefaultCipherSuites = make([]uint16, 0, len(cipherSuites))
+ varDefaultCipherSuites = append(varDefaultCipherSuites, topCipherSuites...)
+
+NextCipherSuite:
+ for _, suite := range cipherSuites {
+ if suite.flags&suiteDefaultOff != 0 {
+ continue
+ }
+ for _, existing := range varDefaultCipherSuites {
+ if existing == suite.id {
+ continue NextCipherSuite
+ }
+ }
+ varDefaultCipherSuites = append(varDefaultCipherSuites, suite.id)
+ }
+}
+
+func unexpectedMessageError(wanted, got interface{}) error {
+ return fmt.Errorf("tls: received unexpected handshake message of type %T when waiting for %T", got, wanted)
+}
+
+func isSupportedSignatureAlgorithm(sigAlg SignatureScheme, supportedSignatureAlgorithms []SignatureScheme) bool {
+ for _, s := range supportedSignatureAlgorithms {
+ if s == sigAlg {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/conn.go b/vendor/github.com/marten-seemann/qtls-go1-15/conn.go
new file mode 100644
index 00000000..df64c1e6
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/conn.go
@@ -0,0 +1,1507 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// TLS low level connection and record layer
+
+package qtls
+
+import (
+ "bytes"
+ "crypto/cipher"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "sync"
+ "sync/atomic"
+ "time"
+)
+
+// A Conn represents a secured connection.
+// It implements the net.Conn interface.
+type Conn struct {
+ // constant
+ conn net.Conn
+ isClient bool
+ handshakeFn func() error // (*Conn).clientHandshake or serverHandshake
+
+ // handshakeStatus is 1 if the connection is currently transferring
+ // application data (i.e. is not currently processing a handshake).
+ // This field is only to be accessed with sync/atomic.
+ handshakeStatus uint32
+ // constant after handshake; protected by handshakeMutex
+ handshakeMutex sync.Mutex
+ handshakeErr error // error resulting from handshake
+ vers uint16 // TLS version
+ haveVers bool // version has been negotiated
+ config *config // configuration passed to constructor
+ // handshakes counts the number of handshakes performed on the
+ // connection so far. If renegotiation is disabled then this is either
+ // zero or one.
+ extraConfig *ExtraConfig
+
+ handshakes int
+ didResume bool // whether this connection was a session resumption
+ cipherSuite uint16
+ ocspResponse []byte // stapled OCSP response
+ scts [][]byte // signed certificate timestamps from server
+ peerCertificates []*x509.Certificate
+ // verifiedChains contains the certificate chains that we built, as
+ // opposed to the ones presented by the server.
+ verifiedChains [][]*x509.Certificate
+ // serverName contains the server name indicated by the client, if any.
+ serverName string
+ // secureRenegotiation is true if the server echoed the secure
+ // renegotiation extension. (This is meaningless as a server because
+ // renegotiation is not supported in that case.)
+ secureRenegotiation bool
+ // ekm is a closure for exporting keying material.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+ // For the client:
+ // resumptionSecret is the resumption_master_secret for handling
+ // NewSessionTicket messages. nil if config.SessionTicketsDisabled.
+ // For the server:
+ // resumptionSecret is the resumption_master_secret for generating
+ // NewSessionTicket messages. Only used when the alternative record
+ // layer is set. nil if config.SessionTicketsDisabled.
+ resumptionSecret []byte
+
+ // ticketKeys is the set of active session ticket keys for this
+ // connection. The first one is used to encrypt new tickets and
+ // all are tried to decrypt tickets.
+ ticketKeys []ticketKey
+
+ // clientFinishedIsFirst is true if the client sent the first Finished
+ // message during the most recent handshake. This is recorded because
+ // the first transmitted Finished message is the tls-unique
+ // channel-binding value.
+ clientFinishedIsFirst bool
+
+ // closeNotifyErr is any error from sending the alertCloseNotify record.
+ closeNotifyErr error
+ // closeNotifySent is true if the Conn attempted to send an
+ // alertCloseNotify record.
+ closeNotifySent bool
+
+ // clientFinished and serverFinished contain the Finished message sent
+ // by the client or server in the most recent handshake. This is
+ // retained to support the renegotiation extension and tls-unique
+ // channel-binding.
+ clientFinished [12]byte
+ serverFinished [12]byte
+
+ clientProtocol string
+ clientProtocolFallback bool
+
+ // input/output
+ in, out halfConn
+ rawInput bytes.Buffer // raw input, starting with a record header
+ input bytes.Reader // application data waiting to be read, from rawInput.Next
+ hand bytes.Buffer // handshake data waiting to be read
+ outBuf []byte // scratch buffer used by out.encrypt
+ buffering bool // whether records are buffered in sendBuf
+ sendBuf []byte // a buffer of records waiting to be sent
+
+ // bytesSent counts the bytes of application data sent.
+ // packetsSent counts packets.
+ bytesSent int64
+ packetsSent int64
+
+ // retryCount counts the number of consecutive non-advancing records
+ // received by Conn.readRecord. That is, records that neither advance the
+ // handshake, nor deliver application data. Protected by in.Mutex.
+ retryCount int
+
+ // activeCall is an atomic int32; the low bit is whether Close has
+ // been called. the rest of the bits are the number of goroutines
+ // in Conn.Write.
+ activeCall int32
+
+ used0RTT bool
+
+ tmp [16]byte
+}
+
+// Access to net.Conn methods.
+// Cannot just embed net.Conn because that would
+// export the struct field too.
+
+// LocalAddr returns the local network address.
+func (c *Conn) LocalAddr() net.Addr {
+ return c.conn.LocalAddr()
+}
+
+// RemoteAddr returns the remote network address.
+func (c *Conn) RemoteAddr() net.Addr {
+ return c.conn.RemoteAddr()
+}
+
+// SetDeadline sets the read and write deadlines associated with the connection.
+// A zero value for t means Read and Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetDeadline(t time.Time) error {
+ return c.conn.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline on the underlying connection.
+// A zero value for t means Read will not time out.
+func (c *Conn) SetReadDeadline(t time.Time) error {
+ return c.conn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline on the underlying connection.
+// A zero value for t means Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+ return c.conn.SetWriteDeadline(t)
+}
+
+// A halfConn represents one direction of the record layer
+// connection, either sending or receiving.
+type halfConn struct {
+ sync.Mutex
+
+ err error // first permanent error
+ version uint16 // protocol version
+ cipher interface{} // cipher algorithm
+ mac macFunction
+ seq [8]byte // 64-bit sequence number
+ additionalData [13]byte // to avoid allocs; interface method args escape
+
+ nextCipher interface{} // next encryption state
+ nextMac macFunction // next MAC algorithm
+
+ trafficSecret []byte // current TLS 1.3 traffic secret
+
+ setKeyCallback func(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+}
+
+type permamentError struct {
+ err net.Error
+}
+
+func (e *permamentError) Error() string { return e.err.Error() }
+func (e *permamentError) Unwrap() error { return e.err }
+func (e *permamentError) Timeout() bool { return e.err.Timeout() }
+func (e *permamentError) Temporary() bool { return false }
+
+func (hc *halfConn) setErrorLocked(err error) error {
+ if e, ok := err.(net.Error); ok {
+ hc.err = &permamentError{err: e}
+ } else {
+ hc.err = err
+ }
+ return hc.err
+}
+
+// prepareCipherSpec sets the encryption and MAC states
+// that a subsequent changeCipherSpec will use.
+func (hc *halfConn) prepareCipherSpec(version uint16, cipher interface{}, mac macFunction) {
+ hc.version = version
+ hc.nextCipher = cipher
+ hc.nextMac = mac
+}
+
+// changeCipherSpec changes the encryption and MAC states
+// to the ones previously passed to prepareCipherSpec.
+func (hc *halfConn) changeCipherSpec() error {
+ if hc.nextCipher == nil || hc.version == VersionTLS13 {
+ return alertInternalError
+ }
+ hc.cipher = hc.nextCipher
+ hc.mac = hc.nextMac
+ hc.nextCipher = nil
+ hc.nextMac = nil
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+ return nil
+}
+
+func (hc *halfConn) exportKey(encLevel EncryptionLevel, suite *cipherSuiteTLS13, trafficSecret []byte) {
+ if hc.setKeyCallback != nil {
+ s := &CipherSuiteTLS13{
+ ID: suite.id,
+ KeyLen: suite.keyLen,
+ Hash: suite.hash,
+ AEAD: func(key, fixedNonce []byte) cipher.AEAD { return suite.aead(key, fixedNonce) },
+ }
+ hc.setKeyCallback(encLevel, s, trafficSecret)
+ }
+}
+
+func (hc *halfConn) setTrafficSecret(suite *cipherSuiteTLS13, secret []byte) {
+ hc.trafficSecret = secret
+ key, iv := suite.trafficKey(secret)
+ hc.cipher = suite.aead(key, iv)
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+}
+
+// incSeq increments the sequence number.
+func (hc *halfConn) incSeq() {
+ for i := 7; i >= 0; i-- {
+ hc.seq[i]++
+ if hc.seq[i] != 0 {
+ return
+ }
+ }
+
+ // Not allowed to let sequence number wrap.
+ // Instead, must renegotiate before it does.
+ // Not likely enough to bother.
+ panic("TLS: sequence number wraparound")
+}
+
+// explicitNonceLen returns the number of bytes of explicit nonce or IV included
+// in each record. Explicit nonces are present only in CBC modes after TLS 1.0
+// and in certain AEAD modes in TLS 1.2.
+func (hc *halfConn) explicitNonceLen() int {
+ if hc.cipher == nil {
+ return 0
+ }
+
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ return 0
+ case aead:
+ return c.explicitNonceLen()
+ case cbcMode:
+ // TLS 1.1 introduced a per-record explicit IV to fix the BEAST attack.
+ if hc.version >= VersionTLS11 {
+ return c.BlockSize()
+ }
+ return 0
+ default:
+ panic("unknown cipher type")
+ }
+}
+
+// extractPadding returns, in constant time, the length of the padding to remove
+// from the end of payload. It also returns a byte which is equal to 255 if the
+// padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2.
+func extractPadding(payload []byte) (toRemove int, good byte) {
+ if len(payload) < 1 {
+ return 0, 0
+ }
+
+ paddingLen := payload[len(payload)-1]
+ t := uint(len(payload)-1) - uint(paddingLen)
+ // if len(payload) >= (paddingLen - 1) then the MSB of t is zero
+ good = byte(int32(^t) >> 31)
+
+ // The maximum possible padding length plus the actual length field
+ toCheck := 256
+ // The length of the padded data is public, so we can use an if here
+ if toCheck > len(payload) {
+ toCheck = len(payload)
+ }
+
+ for i := 0; i < toCheck; i++ {
+ t := uint(paddingLen) - uint(i)
+ // if i <= paddingLen then the MSB of t is zero
+ mask := byte(int32(^t) >> 31)
+ b := payload[len(payload)-1-i]
+ good &^= mask&paddingLen ^ mask&b
+ }
+
+ // We AND together the bits of good and replicate the result across
+ // all the bits.
+ good &= good << 4
+ good &= good << 2
+ good &= good << 1
+ good = uint8(int8(good) >> 7)
+
+ // Zero the padding length on error. This ensures any unchecked bytes
+ // are included in the MAC. Otherwise, an attacker that could
+ // distinguish MAC failures from padding failures could mount an attack
+ // similar to POODLE in SSL 3.0: given a good ciphertext that uses a
+ // full block's worth of padding, replace the final block with another
+ // block. If the MAC check passed but the padding check failed, the
+ // last byte of that block decrypted to the block size.
+ //
+ // See also macAndPaddingGood logic below.
+ paddingLen &= good
+
+ toRemove = int(paddingLen) + 1
+ return
+}
+
+func roundUp(a, b int) int {
+ return a + (b-a%b)%b
+}
+
+// cbcMode is an interface for block ciphers using cipher block chaining.
+type cbcMode interface {
+ cipher.BlockMode
+ SetIV([]byte)
+}
+
+// decrypt authenticates and decrypts the record if protection is active at
+// this stage. The returned plaintext might overlap with the input.
+func (hc *halfConn) decrypt(record []byte) ([]byte, recordType, error) {
+ var plaintext []byte
+ typ := recordType(record[0])
+ payload := record[recordHeaderLen:]
+
+ // In TLS 1.3, change_cipher_spec messages are to be ignored without being
+ // decrypted. See RFC 8446, Appendix D.4.
+ if hc.version == VersionTLS13 && typ == recordTypeChangeCipherSpec {
+ return payload, typ, nil
+ }
+
+ paddingGood := byte(255)
+ paddingLen := 0
+
+ explicitNonceLen := hc.explicitNonceLen()
+
+ if hc.cipher != nil {
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ c.XORKeyStream(payload, payload)
+ case aead:
+ if len(payload) < explicitNonceLen {
+ return nil, 0, alertBadRecordMAC
+ }
+ nonce := payload[:explicitNonceLen]
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+ payload = payload[explicitNonceLen:]
+
+ additionalData := hc.additionalData[:]
+ if hc.version == VersionTLS13 {
+ additionalData = record[:recordHeaderLen]
+ } else {
+ copy(additionalData, hc.seq[:])
+ copy(additionalData[8:], record[:3])
+ n := len(payload) - c.Overhead()
+ additionalData[11] = byte(n >> 8)
+ additionalData[12] = byte(n)
+ }
+
+ var err error
+ plaintext, err = c.Open(payload[:0], nonce, payload, additionalData)
+ if err != nil {
+ return nil, 0, alertBadRecordMAC
+ }
+ case cbcMode:
+ blockSize := c.BlockSize()
+ minPayload := explicitNonceLen + roundUp(hc.mac.Size()+1, blockSize)
+ if len(payload)%blockSize != 0 || len(payload) < minPayload {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ if explicitNonceLen > 0 {
+ c.SetIV(payload[:explicitNonceLen])
+ payload = payload[explicitNonceLen:]
+ }
+ c.CryptBlocks(payload, payload)
+
+ // In a limited attempt to protect against CBC padding oracles like
+ // Lucky13, the data past paddingLen (which is secret) is passed to
+ // the MAC function as extra data, to be fed into the HMAC after
+ // computing the digest. This makes the MAC roughly constant time as
+ // long as the digest computation is constant time and does not
+ // affect the subsequent write, modulo cache effects.
+ paddingLen, paddingGood = extractPadding(payload)
+ default:
+ panic("unknown cipher type")
+ }
+
+ if hc.version == VersionTLS13 {
+ if typ != recordTypeApplicationData {
+ return nil, 0, alertUnexpectedMessage
+ }
+ if len(plaintext) > maxPlaintext+1 {
+ return nil, 0, alertRecordOverflow
+ }
+ // Remove padding and find the ContentType scanning from the end.
+ for i := len(plaintext) - 1; i >= 0; i-- {
+ if plaintext[i] != 0 {
+ typ = recordType(plaintext[i])
+ plaintext = plaintext[:i]
+ break
+ }
+ if i == 0 {
+ return nil, 0, alertUnexpectedMessage
+ }
+ }
+ }
+ } else {
+ plaintext = payload
+ }
+
+ if hc.mac != nil {
+ macSize := hc.mac.Size()
+ if len(payload) < macSize {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ n := len(payload) - macSize - paddingLen
+ n = subtle.ConstantTimeSelect(int(uint32(n)>>31), 0, n) // if n < 0 { n = 0 }
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ remoteMAC := payload[n : n+macSize]
+ localMAC := hc.mac.MAC(hc.seq[0:], record[:recordHeaderLen], payload[:n], payload[n+macSize:])
+
+ // This is equivalent to checking the MACs and paddingGood
+ // separately, but in constant-time to prevent distinguishing
+ // padding failures from MAC failures. Depending on what value
+ // of paddingLen was returned on bad padding, distinguishing
+ // bad MAC from bad padding can lead to an attack.
+ //
+ // See also the logic at the end of extractPadding.
+ macAndPaddingGood := subtle.ConstantTimeCompare(localMAC, remoteMAC) & int(paddingGood)
+ if macAndPaddingGood != 1 {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ plaintext = payload[:n]
+ }
+
+ hc.incSeq()
+ return plaintext, typ, nil
+}
+
+func (c *Conn) setAlternativeRecordLayer() {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.in.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetReadKey
+ c.out.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetWriteKey
+ }
+}
+
+// sliceForAppend extends the input slice by n bytes. head is the full extended
+// slice, while tail is the appended part. If the original slice has sufficient
+// capacity no allocation is performed.
+func sliceForAppend(in []byte, n int) (head, tail []byte) {
+ if total := len(in) + n; cap(in) >= total {
+ head = in[:total]
+ } else {
+ head = make([]byte, total)
+ copy(head, in)
+ }
+ tail = head[len(in):]
+ return
+}
+
+// encrypt encrypts payload, adding the appropriate nonce and/or MAC, and
+// appends it to record, which contains the record header.
+func (hc *halfConn) encrypt(record, payload []byte, rand io.Reader) ([]byte, error) {
+ if hc.cipher == nil {
+ return append(record, payload...), nil
+ }
+
+ var explicitNonce []byte
+ if explicitNonceLen := hc.explicitNonceLen(); explicitNonceLen > 0 {
+ record, explicitNonce = sliceForAppend(record, explicitNonceLen)
+ if _, isCBC := hc.cipher.(cbcMode); !isCBC && explicitNonceLen < 16 {
+ // The AES-GCM construction in TLS has an explicit nonce so that the
+ // nonce can be random. However, the nonce is only 8 bytes which is
+ // too small for a secure, random nonce. Therefore we use the
+ // sequence number as the nonce. The 3DES-CBC construction also has
+ // an 8 bytes nonce but its nonces must be unpredictable (see RFC
+ // 5246, Appendix F.3), forcing us to use randomness. That's not
+ // 3DES' biggest problem anyway because the birthday bound on block
+ // collision is reached first due to its simlarly small block size
+ // (see the Sweet32 attack).
+ copy(explicitNonce, hc.seq[:])
+ } else {
+ if _, err := io.ReadFull(rand, explicitNonce); err != nil {
+ return nil, err
+ }
+ }
+ }
+
+ var mac []byte
+ if hc.mac != nil {
+ mac = hc.mac.MAC(hc.seq[:], record[:recordHeaderLen], payload, nil)
+ }
+
+ var dst []byte
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ record, dst = sliceForAppend(record, len(payload)+len(mac))
+ c.XORKeyStream(dst[:len(payload)], payload)
+ c.XORKeyStream(dst[len(payload):], mac)
+ case aead:
+ nonce := explicitNonce
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+
+ if hc.version == VersionTLS13 {
+ record = append(record, payload...)
+
+ // Encrypt the actual ContentType and replace the plaintext one.
+ record = append(record, record[0])
+ record[0] = byte(recordTypeApplicationData)
+
+ n := len(payload) + 1 + c.Overhead()
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+
+ record = c.Seal(record[:recordHeaderLen],
+ nonce, record[recordHeaderLen:], record[:recordHeaderLen])
+ } else {
+ copy(hc.additionalData[:], hc.seq[:])
+ copy(hc.additionalData[8:], record)
+ record = c.Seal(record, nonce, payload, hc.additionalData[:])
+ }
+ case cbcMode:
+ blockSize := c.BlockSize()
+ plaintextLen := len(payload) + len(mac)
+ paddingLen := blockSize - plaintextLen%blockSize
+ record, dst = sliceForAppend(record, plaintextLen+paddingLen)
+ copy(dst, payload)
+ copy(dst[len(payload):], mac)
+ for i := plaintextLen; i < len(dst); i++ {
+ dst[i] = byte(paddingLen - 1)
+ }
+ if len(explicitNonce) > 0 {
+ c.SetIV(explicitNonce)
+ }
+ c.CryptBlocks(dst, dst)
+ default:
+ panic("unknown cipher type")
+ }
+
+ // Update length to include nonce, MAC and any block padding needed.
+ n := len(record) - recordHeaderLen
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ hc.incSeq()
+
+ return record, nil
+}
+
+// RecordHeaderError is returned when a TLS record header is invalid.
+type RecordHeaderError struct {
+ // Msg contains a human readable string that describes the error.
+ Msg string
+ // RecordHeader contains the five bytes of TLS record header that
+ // triggered the error.
+ RecordHeader [5]byte
+ // Conn provides the underlying net.Conn in the case that a client
+ // sent an initial handshake that didn't look like TLS.
+ // It is nil if there's already been a handshake or a TLS alert has
+ // been written to the connection.
+ Conn net.Conn
+}
+
+func (e RecordHeaderError) Error() string { return "tls: " + e.Msg }
+
+func (c *Conn) newRecordHeaderError(conn net.Conn, msg string) (err RecordHeaderError) {
+ err.Msg = msg
+ err.Conn = conn
+ copy(err.RecordHeader[:], c.rawInput.Bytes())
+ return err
+}
+
+func (c *Conn) readRecord() error {
+ return c.readRecordOrCCS(false)
+}
+
+func (c *Conn) readChangeCipherSpec() error {
+ return c.readRecordOrCCS(true)
+}
+
+// readRecordOrCCS reads one or more TLS records from the connection and
+// updates the record layer state. Some invariants:
+// * c.in must be locked
+// * c.input must be empty
+// During the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.in.changeCipherSpec is called
+// - an error is returned
+// After the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.input is set
+// - an error is returned
+func (c *Conn) readRecordOrCCS(expectChangeCipherSpec bool) error {
+ if c.in.err != nil {
+ return c.in.err
+ }
+ handshakeComplete := c.handshakeComplete()
+
+ // This function modifies c.rawInput, which owns the c.input memory.
+ if c.input.Len() != 0 {
+ return c.in.setErrorLocked(errors.New("tls: internal error: attempted to read record with pending application data"))
+ }
+ c.input.Reset(nil)
+
+ // Read header, payload.
+ if err := c.readFromUntil(c.conn, recordHeaderLen); err != nil {
+ // RFC 8446, Section 6.1 suggests that EOF without an alertCloseNotify
+ // is an error, but popular web sites seem to do this, so we accept it
+ // if and only if at the record boundary.
+ if err == io.ErrUnexpectedEOF && c.rawInput.Len() == 0 {
+ err = io.EOF
+ }
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+ hdr := c.rawInput.Bytes()[:recordHeaderLen]
+ typ := recordType(hdr[0])
+
+ // No valid TLS record has a type of 0x80, however SSLv2 handshakes
+ // start with a uint16 length where the MSB is set and the first record
+ // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests
+ // an SSLv2 client.
+ if !handshakeComplete && typ == 0x80 {
+ c.sendAlert(alertProtocolVersion)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, "unsupported SSLv2 handshake received"))
+ }
+
+ vers := uint16(hdr[1])<<8 | uint16(hdr[2])
+ n := int(hdr[3])<<8 | int(hdr[4])
+ if c.haveVers && c.vers != VersionTLS13 && vers != c.vers {
+ c.sendAlert(alertProtocolVersion)
+ msg := fmt.Sprintf("received record with version %x when expecting version %x", vers, c.vers)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if !c.haveVers {
+ // First message, be extra suspicious: this might not be a TLS
+ // client. Bail out before reading a full 'body', if possible.
+ // The current max version is 3.3 so if the version is >= 16.0,
+ // it's probably not real.
+ if (typ != recordTypeAlert && typ != recordTypeHandshake) || vers >= 0x1000 {
+ return c.in.setErrorLocked(c.newRecordHeaderError(c.conn, "first record does not look like a TLS handshake"))
+ }
+ }
+ if c.vers == VersionTLS13 && n > maxCiphertextTLS13 || n > maxCiphertext {
+ c.sendAlert(alertRecordOverflow)
+ msg := fmt.Sprintf("oversized record received with length %d", n)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if err := c.readFromUntil(c.conn, recordHeaderLen+n); err != nil {
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+
+ // Process message.
+ record := c.rawInput.Next(recordHeaderLen + n)
+ data, typ, err := c.in.decrypt(record)
+ if err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+ if len(data) > maxPlaintext {
+ return c.in.setErrorLocked(c.sendAlert(alertRecordOverflow))
+ }
+
+ // Application Data messages are always protected.
+ if c.in.cipher == nil && typ == recordTypeApplicationData {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ if typ != recordTypeAlert && typ != recordTypeChangeCipherSpec && len(data) > 0 {
+ // This is a state-advancing message: reset the retry count.
+ c.retryCount = 0
+ }
+
+ // Handshake messages MUST NOT be interleaved with other record types in TLS 1.3.
+ if c.vers == VersionTLS13 && typ != recordTypeHandshake && c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ switch typ {
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+
+ case recordTypeAlert:
+ if len(data) != 2 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if alert(data[1]) == alertCloseNotify {
+ return c.in.setErrorLocked(io.EOF)
+ }
+ if c.vers == VersionTLS13 {
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ }
+ switch data[0] {
+ case alertLevelWarning:
+ // Drop the record on the floor and retry.
+ return c.retryReadRecord(expectChangeCipherSpec)
+ case alertLevelError:
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ case recordTypeChangeCipherSpec:
+ if len(data) != 1 || data[0] != 1 {
+ return c.in.setErrorLocked(c.sendAlert(alertDecodeError))
+ }
+ // Handshake messages are not allowed to fragment across the CCS.
+ if c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // In TLS 1.3, change_cipher_spec records are ignored until the
+ // Finished. See RFC 8446, Appendix D.4. Note that according to Section
+ // 5, a server can send a ChangeCipherSpec before its ServerHello, when
+ // c.vers is still unset. That's not useful though and suspicious if the
+ // server then selects a lower protocol version, so don't allow that.
+ if c.vers == VersionTLS13 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ if !expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if err := c.in.changeCipherSpec(); err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+
+ case recordTypeApplicationData:
+ if !handshakeComplete || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // Some OpenSSL servers send empty records in order to randomize the
+ // CBC IV. Ignore a limited number of empty records.
+ if len(data) == 0 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ // Note that data is owned by c.rawInput, following the Next call above,
+ // to avoid copying the plaintext. This is safe because c.rawInput is
+ // not read from or written to until c.input is drained.
+ c.input.Reset(data)
+
+ case recordTypeHandshake:
+ if len(data) == 0 || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ c.hand.Write(data)
+ }
+
+ return nil
+}
+
+// retryReadRecord recurses into readRecordOrCCS to drop a non-advancing record, like
+// a warning alert, empty application_data, or a change_cipher_spec in TLS 1.3.
+func (c *Conn) retryReadRecord(expectChangeCipherSpec bool) error {
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many ignored records"))
+ }
+ return c.readRecordOrCCS(expectChangeCipherSpec)
+}
+
+// atLeastReader reads from R, stopping with EOF once at least N bytes have been
+// read. It is different from an io.LimitedReader in that it doesn't cut short
+// the last Read call, and in that it considers an early EOF an error.
+type atLeastReader struct {
+ R io.Reader
+ N int64
+}
+
+func (r *atLeastReader) Read(p []byte) (int, error) {
+ if r.N <= 0 {
+ return 0, io.EOF
+ }
+ n, err := r.R.Read(p)
+ r.N -= int64(n) // won't underflow unless len(p) >= n > 9223372036854775809
+ if r.N > 0 && err == io.EOF {
+ return n, io.ErrUnexpectedEOF
+ }
+ if r.N <= 0 && err == nil {
+ return n, io.EOF
+ }
+ return n, err
+}
+
+// readFromUntil reads from r into c.rawInput until c.rawInput contains
+// at least n bytes or else returns an error.
+func (c *Conn) readFromUntil(r io.Reader, n int) error {
+ if c.rawInput.Len() >= n {
+ return nil
+ }
+ needs := n - c.rawInput.Len()
+ // There might be extra input waiting on the wire. Make a best effort
+ // attempt to fetch it so that it can be used in (*Conn).Read to
+ // "predict" closeNotify alerts.
+ c.rawInput.Grow(needs + bytes.MinRead)
+ _, err := c.rawInput.ReadFrom(&atLeastReader{r, int64(needs)})
+ return err
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlertLocked(err alert) error {
+ switch err {
+ case alertNoRenegotiation, alertCloseNotify:
+ c.tmp[0] = alertLevelWarning
+ default:
+ c.tmp[0] = alertLevelError
+ }
+ c.tmp[1] = byte(err)
+
+ _, writeErr := c.writeRecordLocked(recordTypeAlert, c.tmp[0:2])
+ if err == alertCloseNotify {
+ // closeNotify is a special case in that it isn't an error.
+ return writeErr
+ }
+
+ return c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err})
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlert(err alert) error {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.extraConfig.AlternativeRecordLayer.SendAlert(uint8(err))
+ return &net.OpError{Op: "local error", Err: err}
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+ return c.sendAlertLocked(err)
+}
+
+const (
+ // tcpMSSEstimate is a conservative estimate of the TCP maximum segment
+ // size (MSS). A constant is used, rather than querying the kernel for
+ // the actual MSS, to avoid complexity. The value here is the IPv6
+ // minimum MTU (1280 bytes) minus the overhead of an IPv6 header (40
+ // bytes) and a TCP header with timestamps (32 bytes).
+ tcpMSSEstimate = 1208
+
+ // recordSizeBoostThreshold is the number of bytes of application data
+ // sent after which the TLS record size will be increased to the
+ // maximum.
+ recordSizeBoostThreshold = 128 * 1024
+)
+
+// maxPayloadSizeForWrite returns the maximum TLS payload size to use for the
+// next application data record. There is the following trade-off:
+//
+// - For latency-sensitive applications, such as web browsing, each TLS
+// record should fit in one TCP segment.
+// - For throughput-sensitive applications, such as large file transfers,
+// larger TLS records better amortize framing and encryption overheads.
+//
+// A simple heuristic that works well in practice is to use small records for
+// the first 1MB of data, then use larger records for subsequent data, and
+// reset back to smaller records after the connection becomes idle. See "High
+// Performance Web Networking", Chapter 4, or:
+// https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/
+//
+// In the interests of simplicity and determinism, this code does not attempt
+// to reset the record size once the connection is idle, however.
+func (c *Conn) maxPayloadSizeForWrite(typ recordType) int {
+ if c.config.DynamicRecordSizingDisabled || typ != recordTypeApplicationData {
+ return maxPlaintext
+ }
+
+ if c.bytesSent >= recordSizeBoostThreshold {
+ return maxPlaintext
+ }
+
+ // Subtract TLS overheads to get the maximum payload size.
+ payloadBytes := tcpMSSEstimate - recordHeaderLen - c.out.explicitNonceLen()
+ if c.out.cipher != nil {
+ switch ciph := c.out.cipher.(type) {
+ case cipher.Stream:
+ payloadBytes -= c.out.mac.Size()
+ case cipher.AEAD:
+ payloadBytes -= ciph.Overhead()
+ case cbcMode:
+ blockSize := ciph.BlockSize()
+ // The payload must fit in a multiple of blockSize, with
+ // room for at least one padding byte.
+ payloadBytes = (payloadBytes & ^(blockSize - 1)) - 1
+ // The MAC is appended before padding so affects the
+ // payload size directly.
+ payloadBytes -= c.out.mac.Size()
+ default:
+ panic("unknown cipher type")
+ }
+ }
+ if c.vers == VersionTLS13 {
+ payloadBytes-- // encrypted ContentType
+ }
+
+ // Allow packet growth in arithmetic progression up to max.
+ pkt := c.packetsSent
+ c.packetsSent++
+ if pkt > 1000 {
+ return maxPlaintext // avoid overflow in multiply below
+ }
+
+ n := payloadBytes * int(pkt+1)
+ if n > maxPlaintext {
+ n = maxPlaintext
+ }
+ return n
+}
+
+func (c *Conn) write(data []byte) (int, error) {
+ if c.buffering {
+ c.sendBuf = append(c.sendBuf, data...)
+ return len(data), nil
+ }
+
+ n, err := c.conn.Write(data)
+ c.bytesSent += int64(n)
+ return n, err
+}
+
+func (c *Conn) flush() (int, error) {
+ if len(c.sendBuf) == 0 {
+ return 0, nil
+ }
+
+ n, err := c.conn.Write(c.sendBuf)
+ c.bytesSent += int64(n)
+ c.sendBuf = nil
+ c.buffering = false
+ return n, err
+}
+
+// writeRecordLocked writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecordLocked(typ recordType, data []byte) (int, error) {
+ var n int
+ for len(data) > 0 {
+ m := len(data)
+ if maxPayload := c.maxPayloadSizeForWrite(typ); m > maxPayload {
+ m = maxPayload
+ }
+
+ _, c.outBuf = sliceForAppend(c.outBuf[:0], recordHeaderLen)
+ c.outBuf[0] = byte(typ)
+ vers := c.vers
+ if vers == 0 {
+ // Some TLS servers fail if the record version is
+ // greater than TLS 1.0 for the initial ClientHello.
+ vers = VersionTLS10
+ } else if vers == VersionTLS13 {
+ // TLS 1.3 froze the record layer version to 1.2.
+ // See RFC 8446, Section 5.1.
+ vers = VersionTLS12
+ }
+ c.outBuf[1] = byte(vers >> 8)
+ c.outBuf[2] = byte(vers)
+ c.outBuf[3] = byte(m >> 8)
+ c.outBuf[4] = byte(m)
+
+ var err error
+ c.outBuf, err = c.out.encrypt(c.outBuf, data[:m], c.config.rand())
+ if err != nil {
+ return n, err
+ }
+ if _, err := c.write(c.outBuf); err != nil {
+ return n, err
+ }
+ n += m
+ data = data[m:]
+ }
+
+ if typ == recordTypeChangeCipherSpec && c.vers != VersionTLS13 {
+ if err := c.out.changeCipherSpec(); err != nil {
+ return n, c.sendAlertLocked(err.(alert))
+ }
+ }
+
+ return n, nil
+}
+
+// writeRecord writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecord(typ recordType, data []byte) (int, error) {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ if typ == recordTypeChangeCipherSpec {
+ return len(data), nil
+ }
+ return c.extraConfig.AlternativeRecordLayer.WriteRecord(data)
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ return c.writeRecordLocked(typ, data)
+}
+
+// readHandshake reads the next handshake message from
+// the record layer.
+func (c *Conn) readHandshake() (interface{}, error) {
+ var data []byte
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ var err error
+ data, err = c.extraConfig.AlternativeRecordLayer.ReadHandshakeMessage()
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ for c.hand.Len() < 4 {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+
+ data = c.hand.Bytes()
+ n := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if n > maxHandshake {
+ c.sendAlertLocked(alertInternalError)
+ return nil, c.in.setErrorLocked(fmt.Errorf("tls: handshake message of length %d bytes exceeds maximum of %d bytes", n, maxHandshake))
+ }
+ for c.hand.Len() < 4+n {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+ data = c.hand.Next(4 + n)
+ }
+ var m handshakeMessage
+ switch data[0] {
+ case typeHelloRequest:
+ m = new(helloRequestMsg)
+ case typeClientHello:
+ m = new(clientHelloMsg)
+ case typeServerHello:
+ m = new(serverHelloMsg)
+ case typeNewSessionTicket:
+ if c.vers == VersionTLS13 {
+ m = new(newSessionTicketMsgTLS13)
+ } else {
+ m = new(newSessionTicketMsg)
+ }
+ case typeCertificate:
+ if c.vers == VersionTLS13 {
+ m = new(certificateMsgTLS13)
+ } else {
+ m = new(certificateMsg)
+ }
+ case typeCertificateRequest:
+ if c.vers == VersionTLS13 {
+ m = new(certificateRequestMsgTLS13)
+ } else {
+ m = &certificateRequestMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ }
+ case typeCertificateStatus:
+ m = new(certificateStatusMsg)
+ case typeServerKeyExchange:
+ m = new(serverKeyExchangeMsg)
+ case typeServerHelloDone:
+ m = new(serverHelloDoneMsg)
+ case typeClientKeyExchange:
+ m = new(clientKeyExchangeMsg)
+ case typeCertificateVerify:
+ m = &certificateVerifyMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ case typeFinished:
+ m = new(finishedMsg)
+ case typeEncryptedExtensions:
+ m = new(encryptedExtensionsMsg)
+ case typeEndOfEarlyData:
+ m = new(endOfEarlyDataMsg)
+ case typeKeyUpdate:
+ m = new(keyUpdateMsg)
+ default:
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ // The handshake message unmarshalers
+ // expect to be able to keep references to data,
+ // so pass in a fresh copy that won't be overwritten.
+ data = append([]byte(nil), data...)
+
+ if !m.unmarshal(data) {
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ return m, nil
+}
+
+var (
+ errClosed = errors.New("tls: use of closed connection")
+ errShutdown = errors.New("tls: protocol is shutdown")
+)
+
+// Write writes data to the connection.
+func (c *Conn) Write(b []byte) (int, error) {
+ // interlock with Close below
+ for {
+ x := atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return 0, errClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x+2) {
+ break
+ }
+ }
+ defer atomic.AddInt32(&c.activeCall, -2)
+
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if err := c.out.err; err != nil {
+ return 0, err
+ }
+
+ if !c.handshakeComplete() {
+ return 0, alertInternalError
+ }
+
+ if c.closeNotifySent {
+ return 0, errShutdown
+ }
+
+ // TLS 1.0 is susceptible to a chosen-plaintext
+ // attack when using block mode ciphers due to predictable IVs.
+ // This can be prevented by splitting each Application Data
+ // record into two records, effectively randomizing the IV.
+ //
+ // https://www.openssl.org/~bodo/tls-cbc.txt
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=665814
+ // https://www.imperialviolet.org/2012/01/15/beastfollowup.html
+
+ var m int
+ if len(b) > 1 && c.vers == VersionTLS10 {
+ if _, ok := c.out.cipher.(cipher.BlockMode); ok {
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b[:1])
+ if err != nil {
+ return n, c.out.setErrorLocked(err)
+ }
+ m, b = 1, b[1:]
+ }
+ }
+
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b)
+ return n + m, c.out.setErrorLocked(err)
+}
+
+// handleRenegotiation processes a HelloRequest handshake message.
+func (c *Conn) handleRenegotiation() error {
+ if c.vers == VersionTLS13 {
+ return errors.New("tls: internal error: unexpected renegotiation")
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ helloReq, ok := msg.(*helloRequestMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(helloReq, msg)
+ }
+
+ if !c.isClient {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+
+ switch c.config.Renegotiation {
+ case RenegotiateNever:
+ return c.sendAlert(alertNoRenegotiation)
+ case RenegotiateOnceAsClient:
+ if c.handshakes > 1 {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+ case RenegotiateFreelyAsClient:
+ // Ok.
+ default:
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: unknown Renegotiation value")
+ }
+
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ atomic.StoreUint32(&c.handshakeStatus, 0)
+ if c.handshakeErr = c.clientHandshake(); c.handshakeErr == nil {
+ c.handshakes++
+ }
+ return c.handshakeErr
+}
+
+func (c *Conn) HandlePostHandshakeMessage() error {
+ return c.handlePostHandshakeMessage()
+}
+
+// handlePostHandshakeMessage processes a handshake message arrived after the
+// handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation.
+func (c *Conn) handlePostHandshakeMessage() error {
+ if c.vers != VersionTLS13 {
+ return c.handleRenegotiation()
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many non-advancing records"))
+ }
+
+ switch msg := msg.(type) {
+ case *newSessionTicketMsgTLS13:
+ return c.handleNewSessionTicket(msg)
+ case *keyUpdateMsg:
+ return c.handleKeyUpdate(msg)
+ default:
+ c.sendAlert(alertUnexpectedMessage)
+ return fmt.Errorf("tls: received unexpected handshake message of type %T", msg)
+ }
+}
+
+func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error {
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil {
+ return c.in.setErrorLocked(c.sendAlert(alertInternalError))
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.in.trafficSecret)
+ c.in.setTrafficSecret(cipherSuite, newSecret)
+
+ if keyUpdate.updateRequested {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ msg := &keyUpdateMsg{}
+ _, err := c.writeRecordLocked(recordTypeHandshake, msg.marshal())
+ if err != nil {
+ // Surface the error at the next write.
+ c.out.setErrorLocked(err)
+ return nil
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.out.trafficSecret)
+ c.out.setTrafficSecret(cipherSuite, newSecret)
+ }
+
+ return nil
+}
+
+// Read can be made to time out and return a net.Error with Timeout() == true
+// after a fixed time limit; see SetDeadline and SetReadDeadline.
+func (c *Conn) Read(b []byte) (int, error) {
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+ if len(b) == 0 {
+ // Put this after Handshake, in case people were calling
+ // Read(nil) for the side effect of the Handshake.
+ return 0, nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ for c.input.Len() == 0 {
+ if err := c.readRecord(); err != nil {
+ return 0, err
+ }
+ for c.hand.Len() > 0 {
+ if err := c.handlePostHandshakeMessage(); err != nil {
+ return 0, err
+ }
+ }
+ }
+
+ n, _ := c.input.Read(b)
+
+ // If a close-notify alert is waiting, read it so that we can return (n,
+ // EOF) instead of (n, nil), to signal to the HTTP response reading
+ // goroutine that the connection is now closed. This eliminates a race
+ // where the HTTP response reading goroutine would otherwise not observe
+ // the EOF until its next read, by which time a client goroutine might
+ // have already tried to reuse the HTTP connection for a new request.
+ // See https://golang.org/cl/76400046 and https://golang.org/issue/3514
+ if n != 0 && c.input.Len() == 0 && c.rawInput.Len() > 0 &&
+ recordType(c.rawInput.Bytes()[0]) == recordTypeAlert {
+ if err := c.readRecord(); err != nil {
+ return n, err // will be io.EOF on closeNotify
+ }
+ }
+
+ return n, nil
+}
+
+// Close closes the connection.
+func (c *Conn) Close() error {
+ // Interlock with Conn.Write above.
+ var x int32
+ for {
+ x = atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return errClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x|1) {
+ break
+ }
+ }
+ if x != 0 {
+ // io.Writer and io.Closer should not be used concurrently.
+ // If Close is called while a Write is currently in-flight,
+ // interpret that as a sign that this Close is really just
+ // being used to break the Write and/or clean up resources and
+ // avoid sending the alertCloseNotify, which may block
+ // waiting on handshakeMutex or the c.out mutex.
+ return c.conn.Close()
+ }
+
+ var alertErr error
+
+ if c.handshakeComplete() {
+ alertErr = c.closeNotify()
+ }
+
+ if err := c.conn.Close(); err != nil {
+ return err
+ }
+ return alertErr
+}
+
+var errEarlyCloseWrite = errors.New("tls: CloseWrite called before handshake complete")
+
+// CloseWrite shuts down the writing side of the connection. It should only be
+// called once the handshake has completed and does not call CloseWrite on the
+// underlying connection. Most callers should just use Close.
+func (c *Conn) CloseWrite() error {
+ if !c.handshakeComplete() {
+ return errEarlyCloseWrite
+ }
+
+ return c.closeNotify()
+}
+
+func (c *Conn) closeNotify() error {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if !c.closeNotifySent {
+ c.closeNotifyErr = c.sendAlertLocked(alertCloseNotify)
+ c.closeNotifySent = true
+ }
+ return c.closeNotifyErr
+}
+
+// Handshake runs the client or server handshake
+// protocol if it has not yet been run.
+//
+// Most uses of this package need not call Handshake explicitly: the
+// first Read or Write will call it automatically.
+//
+// For control over canceling or setting a timeout on a handshake, use
+// the Dialer's DialContext method.
+func (c *Conn) Handshake() error {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ if err := c.handshakeErr; err != nil {
+ return err
+ }
+ if c.handshakeComplete() {
+ return nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ c.handshakeErr = c.handshakeFn()
+ if c.handshakeErr == nil {
+ c.handshakes++
+ } else {
+ // If an error occurred during the handshake try to flush the
+ // alert that might be left in the buffer.
+ c.flush()
+ }
+
+ if c.handshakeErr == nil && !c.handshakeComplete() {
+ c.handshakeErr = errors.New("tls: internal error: handshake should have had a result")
+ }
+
+ return c.handshakeErr
+}
+
+// ConnectionState returns basic TLS details about the connection.
+func (c *Conn) ConnectionState() ConnectionState {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return c.connectionStateLocked()
+}
+
+// ConnectionStateWith0RTT returns basic TLS details (incl. 0-RTT status) about the connection.
+func (c *Conn) ConnectionStateWith0RTT() ConnectionStateWith0RTT {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return ConnectionStateWith0RTT{
+ ConnectionState: c.connectionStateLocked(),
+ Used0RTT: c.used0RTT,
+ }
+}
+
+func (c *Conn) connectionStateLocked() ConnectionState {
+ var state connectionState
+ state.HandshakeComplete = c.handshakeComplete()
+ state.Version = c.vers
+ state.NegotiatedProtocol = c.clientProtocol
+ state.DidResume = c.didResume
+ state.NegotiatedProtocolIsMutual = !c.clientProtocolFallback
+ state.ServerName = c.serverName
+ state.CipherSuite = c.cipherSuite
+ state.PeerCertificates = c.peerCertificates
+ state.VerifiedChains = c.verifiedChains
+ state.SignedCertificateTimestamps = c.scts
+ state.OCSPResponse = c.ocspResponse
+ if !c.didResume && c.vers != VersionTLS13 {
+ if c.clientFinishedIsFirst {
+ state.TLSUnique = c.clientFinished[:]
+ } else {
+ state.TLSUnique = c.serverFinished[:]
+ }
+ }
+ if c.config.Renegotiation != RenegotiateNever {
+ state.ekm = noExportedKeyingMaterial
+ } else {
+ state.ekm = c.ekm
+ }
+ return toConnectionState(state)
+}
+
+// OCSPResponse returns the stapled OCSP response from the TLS server, if
+// any. (Only valid for client connections.)
+func (c *Conn) OCSPResponse() []byte {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ return c.ocspResponse
+}
+
+// VerifyHostname checks that the peer certificate chain is valid for
+// connecting to host. If so, it returns nil; if not, it returns an error
+// describing the problem.
+func (c *Conn) VerifyHostname(host string) error {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ if !c.isClient {
+ return errors.New("tls: VerifyHostname called on TLS server connection")
+ }
+ if !c.handshakeComplete() {
+ return errors.New("tls: handshake has not yet been performed")
+ }
+ if len(c.verifiedChains) == 0 {
+ return errors.New("tls: handshake did not verify certificate chain")
+ }
+ return c.peerCertificates[0].VerifyHostname(host)
+}
+
+func (c *Conn) handshakeComplete() bool {
+ return atomic.LoadUint32(&c.handshakeStatus) == 1
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/go.mod b/vendor/github.com/marten-seemann/qtls-go1-15/go.mod
new file mode 100644
index 00000000..756fcebb
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/go.mod
@@ -0,0 +1,9 @@
+module github.com/marten-seemann/qtls-go1-15
+
+go 1.15
+
+require (
+ github.com/golang/mock v1.4.4
+ golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d
+ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/go.sum b/vendor/github.com/marten-seemann/qtls-go1-15/go.sum
new file mode 100644
index 00000000..c23ddd60
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/go.sum
@@ -0,0 +1,14 @@
+github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc=
+github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d h1:1ZiEyfaQIg3Qh0EoqpwAakHVhecoE5wlSg5GjnafJGw=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepxRw6jWvR5iDRdvjHgy8=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client.go b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client.go
new file mode 100644
index 00000000..3d1dd9e0
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client.go
@@ -0,0 +1,1107 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "strings"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+const clientSessionStateVersion = 1
+
+type clientHandshakeState struct {
+ c *Conn
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ suite *cipherSuite
+ finishedHash finishedHash
+ masterSecret []byte
+ session *clientSessionState
+}
+
+func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
+ config := c.config
+ if len(config.ServerName) == 0 && !config.InsecureSkipVerify {
+ return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config")
+ }
+
+ nextProtosLength := 0
+ for _, proto := range config.NextProtos {
+ if l := len(proto); l == 0 || l > 255 {
+ return nil, nil, errors.New("tls: invalid NextProtos value")
+ } else {
+ nextProtosLength += 1 + l
+ }
+ }
+ if nextProtosLength > 0xffff {
+ return nil, nil, errors.New("tls: NextProtos values too large")
+ }
+
+ var supportedVersions []uint16
+ var clientHelloVersion uint16
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ if config.maxSupportedVersion() < VersionTLS13 {
+ return nil, nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ // Only offer TLS 1.3 when QUIC is used.
+ supportedVersions = []uint16{VersionTLS13}
+ clientHelloVersion = VersionTLS13
+ } else {
+ supportedVersions = config.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return nil, nil, errors.New("tls: no supported versions satisfy MinVersion and MaxVersion")
+ }
+ clientHelloVersion = config.maxSupportedVersion()
+ }
+
+ // The version at the beginning of the ClientHello was capped at TLS 1.2
+ // for compatibility reasons. The supported_versions extension is used
+ // to negotiate versions now. See RFC 8446, Section 4.2.1.
+ if clientHelloVersion > VersionTLS12 {
+ clientHelloVersion = VersionTLS12
+ }
+
+ hello := &clientHelloMsg{
+ vers: clientHelloVersion,
+ compressionMethods: []uint8{compressionNone},
+ random: make([]byte, 32),
+ ocspStapling: true,
+ scts: true,
+ serverName: hostnameInSNI(config.ServerName),
+ supportedCurves: config.curvePreferences(),
+ supportedPoints: []uint8{pointFormatUncompressed},
+ secureRenegotiationSupported: true,
+ alpnProtocols: config.NextProtos,
+ supportedVersions: supportedVersions,
+ }
+
+ if c.handshakes > 0 {
+ hello.secureRenegotiation = c.clientFinished[:]
+ }
+
+ possibleCipherSuites := config.cipherSuites()
+ hello.cipherSuites = make([]uint16, 0, len(possibleCipherSuites))
+
+ // add non-TLS 1.3 cipher suites
+ if c.config.MinVersion <= VersionTLS12 {
+ for _, suiteId := range possibleCipherSuites {
+ for _, suite := range cipherSuites {
+ if suite.id != suiteId {
+ continue
+ }
+ // Don't advertise TLS 1.2-only cipher suites unless
+ // we're attempting TLS 1.2.
+ if hello.vers < VersionTLS12 && suite.flags&suiteTLS12 != 0 {
+ break
+ }
+ hello.cipherSuites = append(hello.cipherSuites, suiteId)
+ break
+ }
+ }
+ }
+
+ _, err := io.ReadFull(config.rand(), hello.random)
+ if err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+
+ // A random session ID is used to detect when the server accepted a ticket
+ // and is resuming a session (see RFC 5077). In TLS 1.3, it's always set as
+ // a compatibility measure (see RFC 8446, Section 4.1.2).
+ if c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ hello.sessionId = make([]byte, 32)
+ if _, err := io.ReadFull(config.rand(), hello.sessionId); err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+ }
+
+ if hello.vers >= VersionTLS12 {
+ hello.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ var params ecdheParameters
+ if hello.supportedVersions[0] == VersionTLS13 {
+ var hasTLS13CipherSuite bool
+ // add TLS 1.3 cipher suites
+ for _, suiteID := range possibleCipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ hasTLS13CipherSuite = true
+ hello.cipherSuites = append(hello.cipherSuites, suiteID)
+ }
+ }
+ }
+ if !hasTLS13CipherSuite {
+ hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13()...)
+ }
+
+ curveID := config.curvePreferences()[0]
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err = generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, nil, err
+ }
+ hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ if hello.supportedVersions[0] == VersionTLS13 && c.extraConfig != nil && c.extraConfig.GetExtensions != nil {
+ hello.additionalExtensions = c.extraConfig.GetExtensions(typeClientHello)
+ }
+
+ return hello, params, nil
+}
+
+func (c *Conn) clientHandshake() (err error) {
+ if c.config == nil {
+ c.config = fromConfig(defaultConfig())
+ }
+ c.setAlternativeRecordLayer()
+
+ // This may be a renegotiation handshake, in which case some fields
+ // need to be reset.
+ c.didResume = false
+
+ hello, ecdheParams, err := c.makeClientHello()
+ if err != nil {
+ return err
+ }
+ c.serverName = hello.serverName
+
+ cacheKey, session, earlySecret, binderKey := c.loadSession(hello)
+ if cacheKey != "" && session != nil {
+ var deletedTicket bool
+ if session.vers == VersionTLS13 && hello.earlyData && c.extraConfig != nil && c.extraConfig.Enable0RTT {
+ // don't reuse a session ticket that enabled 0-RTT
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ deletedTicket = true
+
+ if suite := cipherSuiteTLS13ByID(session.cipherSuite); suite != nil {
+ h := suite.hash.New()
+ h.Write(hello.marshal())
+ clientEarlySecret := suite.deriveSecret(earlySecret, "c e traffic", h)
+ c.out.exportKey(Encryption0RTT, suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+ }
+ if !deletedTicket {
+ defer func() {
+ // If we got a handshake failure when resuming a session, throw away
+ // the session ticket. See RFC 5077, Section 3.2.
+ //
+ // RFC 8446 makes no mention of dropping tickets on failure, but it
+ // does require servers to abort on invalid binders, so we need to
+ // delete tickets to recover from a corrupted PSK.
+ if err != nil {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ }
+ }()
+ }
+ }
+
+ if _, err := c.writeRecord(recordTypeHandshake, hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+
+ if err := c.pickTLSVersion(serverHello); err != nil {
+ return err
+ }
+
+ // If we are negotiating a protocol version that's lower than what we
+ // support, check for the server downgrade canaries.
+ // See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ tls12Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS12
+ tls11Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS11
+ if maxVers == VersionTLS13 && c.vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade) ||
+ maxVers == VersionTLS12 && c.vers <= VersionTLS11 && tls11Downgrade {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox")
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := &clientHandshakeStateTLS13{
+ c: c,
+ serverHello: serverHello,
+ hello: hello,
+ ecdheParams: ecdheParams,
+ session: session,
+ earlySecret: earlySecret,
+ binderKey: binderKey,
+ }
+
+ // In TLS 1.3, session tickets are delivered after the handshake.
+ return hs.handshake()
+ }
+
+ hs := &clientHandshakeState{
+ c: c,
+ serverHello: serverHello,
+ hello: hello,
+ session: session,
+ }
+
+ if err := hs.handshake(); err != nil {
+ return err
+ }
+
+ // If we had a successful handshake and hs.session is different from
+ // the one already cached - cache a new one.
+ if cacheKey != "" && hs.session != nil && session != hs.session {
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(hs.session))
+ }
+
+ return nil
+}
+
+// extract the app data saved in the session.nonce,
+// and set the session.nonce to the actual nonce value
+func (c *Conn) decodeSessionState(session *clientSessionState) (uint32 /* max early data */, []byte /* app data */, bool /* ok */) {
+ s := cryptobyte.String(session.nonce)
+ var version uint16
+ if !s.ReadUint16(&version) {
+ return 0, nil, false
+ }
+ if version != clientSessionStateVersion {
+ return 0, nil, false
+ }
+ var maxEarlyData uint32
+ if !s.ReadUint32(&maxEarlyData) {
+ return 0, nil, false
+ }
+ var appData []byte
+ if !readUint16LengthPrefixed(&s, &appData) {
+ return 0, nil, false
+ }
+ var nonce []byte
+ if !readUint16LengthPrefixed(&s, &nonce) {
+ return 0, nil, false
+ }
+ session.nonce = nonce
+ return maxEarlyData, appData, true
+}
+
+func (c *Conn) loadSession(hello *clientHelloMsg) (cacheKey string,
+ session *clientSessionState, earlySecret, binderKey []byte) {
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return "", nil, nil, nil
+ }
+
+ hello.ticketSupported = true
+
+ if hello.supportedVersions[0] == VersionTLS13 {
+ // Require DHE on resumption as it guarantees forward secrecy against
+ // compromise of the session ticket key. See RFC 8446, Section 4.2.9.
+ hello.pskModes = []uint8{pskModeDHE}
+ }
+
+ // Session resumption is not allowed if renegotiating because
+ // renegotiation is primarily used to allow a client to send a client
+ // certificate, which would be skipped if session resumption occurred.
+ if c.handshakes != 0 {
+ return "", nil, nil, nil
+ }
+
+ // Try to resume a previously negotiated TLS session, if available.
+ cacheKey = clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ sess, ok := c.config.ClientSessionCache.Get(cacheKey)
+ if !ok || sess == nil {
+ return cacheKey, nil, nil, nil
+ }
+ session = fromClientSessionState(sess)
+
+ var appData []byte
+ var maxEarlyData uint32
+ if session.vers == VersionTLS13 {
+ var ok bool
+ maxEarlyData, appData, ok = c.decodeSessionState(session)
+ if !ok { // delete it, if parsing failed
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ // Check that version used for the previous session is still valid.
+ versOk := false
+ for _, v := range hello.supportedVersions {
+ if v == session.vers {
+ versOk = true
+ break
+ }
+ }
+ if !versOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Check that the cached server certificate is not expired, and that it's
+ // valid for the ServerName. This should be ensured by the cache key, but
+ // protect the application from a faulty ClientSessionCache implementation.
+ if !c.config.InsecureSkipVerify {
+ if len(session.verifiedChains) == 0 {
+ // The original connection had InsecureSkipVerify, while this doesn't.
+ return cacheKey, nil, nil, nil
+ }
+ serverCert := session.serverCertificates[0]
+ if c.config.time().After(serverCert.NotAfter) {
+ // Expired certificate, delete the entry.
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ if err := serverCert.VerifyHostname(c.config.ServerName); err != nil {
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ if session.vers != VersionTLS13 {
+ // In TLS 1.2 the cipher suite must match the resumed session. Ensure we
+ // are still offering it.
+ if mutualCipherSuite(hello.cipherSuites, session.cipherSuite) == nil {
+ return cacheKey, nil, nil, nil
+ }
+
+ hello.sessionTicket = session.sessionTicket
+ return
+ }
+
+ // Check that the session ticket is not expired.
+ if c.config.time().After(session.useBy) {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+
+ // In TLS 1.3 the KDF hash must match the resumed session. Ensure we
+ // offer at least one cipher suite with that hash.
+ cipherSuite := cipherSuiteTLS13ByID(session.cipherSuite)
+ if cipherSuite == nil {
+ return cacheKey, nil, nil, nil
+ }
+ cipherSuiteOk := false
+ for _, offeredID := range hello.cipherSuites {
+ offeredSuite := cipherSuiteTLS13ByID(offeredID)
+ if offeredSuite != nil && offeredSuite.hash == cipherSuite.hash {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Set the pre_shared_key extension. See RFC 8446, Section 4.2.11.1.
+ ticketAge := uint32(c.config.time().Sub(session.receivedAt) / time.Millisecond)
+ identity := pskIdentity{
+ label: session.sessionTicket,
+ obfuscatedTicketAge: ticketAge + session.ageAdd,
+ }
+ hello.pskIdentities = []pskIdentity{identity}
+ hello.pskBinders = [][]byte{make([]byte, cipherSuite.hash.Size())}
+
+ // Compute the PSK binders. See RFC 8446, Section 4.2.11.2.
+ psk := cipherSuite.expandLabel(session.masterSecret, "resumption",
+ session.nonce, cipherSuite.hash.Size())
+ earlySecret = cipherSuite.extract(psk, nil)
+ binderKey = cipherSuite.deriveSecret(earlySecret, resumptionBinderLabel, nil)
+ if c.extraConfig != nil {
+ hello.earlyData = c.extraConfig.Enable0RTT && maxEarlyData > 0
+ }
+ transcript := cipherSuite.hash.New()
+ transcript.Write(hello.marshalWithoutBinders())
+ pskBinders := [][]byte{cipherSuite.finishedHash(binderKey, transcript)}
+ hello.updateBinders(pskBinders)
+
+ if session.vers == VersionTLS13 && c.extraConfig != nil && c.extraConfig.SetAppDataFromSessionState != nil {
+ c.extraConfig.SetAppDataFromSessionState(appData)
+ }
+ return
+}
+
+func (c *Conn) pickTLSVersion(serverHello *serverHelloMsg) error {
+ peerVersion := serverHello.vers
+ if serverHello.supportedVersion != 0 {
+ peerVersion = serverHello.supportedVersion
+ }
+
+ vers, ok := c.config.mutualVersion([]uint16{peerVersion})
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return fmt.Errorf("tls: server selected unsupported protocol version %x", peerVersion)
+ }
+
+ c.vers = vers
+ c.haveVers = true
+ c.in.version = vers
+ c.out.version = vers
+
+ return nil
+}
+
+// Does the handshake, either a full one or resumes old session. Requires hs.c,
+// hs.hello, hs.serverHello, and, optionally, hs.session to be set.
+func (hs *clientHandshakeState) handshake() error {
+ c := hs.c
+
+ isResume, err := hs.processServerHello()
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+
+ // No signatures of the handshake are needed in a resumption.
+ // Otherwise, in a full handshake, if we don't have any certificates
+ // configured then we will never send a CertificateVerify message and
+ // thus no signatures are needed in that case either.
+ if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+
+ hs.finishedHash.Write(hs.hello.marshal())
+ hs.finishedHash.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ c.didResume = isResume
+ if isResume {
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ } else {
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *clientHandshakeState) pickCipherSuite() error {
+ if hs.suite = mutualCipherSuite(hs.hello.cipherSuites, hs.serverHello.cipherSuite); hs.suite == nil {
+ hs.c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+
+ hs.c.cipherSuite = hs.suite.id
+ return nil
+}
+
+func (hs *clientHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok || len(certMsg.certificates) == 0 {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ cs, ok := msg.(*certificateStatusMsg)
+ if ok {
+ // RFC4366 on Certificate Status Request:
+ // The server MAY return a "certificate_status" message.
+
+ if !hs.serverHello.ocspStapling {
+ // If a server returns a "CertificateStatus" message, then the
+ // server MUST have included an extension of type "status_request"
+ // with empty "extension_data" in the extended server hello.
+
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received unexpected CertificateStatus message")
+ }
+ hs.finishedHash.Write(cs.marshal())
+
+ c.ocspResponse = cs.response
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ if c.handshakes == 0 {
+ // If this is the first handshake on a connection, process and
+ // (optionally) verify the server's certificates.
+ if err := c.verifyServerCertificate(certMsg.certificates); err != nil {
+ return err
+ }
+ } else {
+ // This is a renegotiation handshake. We require that the
+ // server's identity (i.e. leaf certificate) is unchanged and
+ // thus any previous trust decision is still valid.
+ //
+ // See https://mitls.org/pages/attacks/3SHAKE for the
+ // motivation behind this requirement.
+ if !bytes.Equal(c.peerCertificates[0].Raw, certMsg.certificates[0]) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: server's identity changed during renegotiation")
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+
+ skx, ok := msg.(*serverKeyExchangeMsg)
+ if ok {
+ hs.finishedHash.Write(skx.marshal())
+ err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, c.peerCertificates[0], skx)
+ if err != nil {
+ c.sendAlert(alertUnexpectedMessage)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ var chainToSend *Certificate
+ var certRequested bool
+ certReq, ok := msg.(*certificateRequestMsg)
+ if ok {
+ certRequested = true
+ hs.finishedHash.Write(certReq.marshal())
+
+ cri := certificateRequestInfoFromMsg(c.vers, certReq)
+ if chainToSend, err = c.getClientCertificate(cri); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ shd, ok := msg.(*serverHelloDoneMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(shd, msg)
+ }
+ hs.finishedHash.Write(shd.marshal())
+
+ // If the server requested a certificate then we have to send a
+ // Certificate message, even if it's empty because we don't have a
+ // certificate to send.
+ if certRequested {
+ certMsg = new(certificateMsg)
+ certMsg.certificates = chainToSend.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+ }
+
+ preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, c.peerCertificates[0])
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ if ckx != nil {
+ hs.finishedHash.Write(ckx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, ckx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ if chainToSend != nil && len(chainToSend.Certificate) > 0 {
+ certVerify := &certificateVerifyMsg{}
+
+ key, ok := chainToSend.PrivateKey.(crypto.Signer)
+ if !ok {
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: client certificate private key of type %T does not implement crypto.Signer", chainToSend.PrivateKey)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ signatureAlgorithm, err := selectSignatureScheme(c.vers, chainToSend, certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ certVerify.hasSignatureAlgorithm = true
+ certVerify.signatureAlgorithm = signatureAlgorithm
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(key.Public())
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ certVerify.signature, err = key.Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerify.marshal()); err != nil {
+ return err
+ }
+ }
+
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to write to key log: " + err.Error())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *clientHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash macFunction
+ if hs.suite.cipher != nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */)
+ clientHash = hs.suite.mac(c.vers, clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */)
+ serverHash = hs.suite.mac(c.vers, serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, serverCipher, serverHash)
+ c.out.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ return nil
+}
+
+func (hs *clientHandshakeState) serverResumedSession() bool {
+ // If the server responded with the same sessionId then it means the
+ // sessionTicket is being used to resume a TLS session.
+ return hs.session != nil && hs.hello.sessionId != nil &&
+ bytes.Equal(hs.serverHello.sessionId, hs.hello.sessionId)
+}
+
+func (hs *clientHandshakeState) processServerHello() (bool, error) {
+ c := hs.c
+
+ if err := hs.pickCipherSuite(); err != nil {
+ return false, err
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertUnexpectedMessage)
+ return false, errors.New("tls: server selected unsupported compression format")
+ }
+
+ if c.handshakes == 0 && hs.serverHello.secureRenegotiationSupported {
+ c.secureRenegotiation = true
+ if len(hs.serverHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+ }
+
+ if c.handshakes > 0 && c.secureRenegotiation {
+ var expectedSecureRenegotiation [24]byte
+ copy(expectedSecureRenegotiation[:], c.clientFinished[:])
+ copy(expectedSecureRenegotiation[12:], c.serverFinished[:])
+ if !bytes.Equal(hs.serverHello.secureRenegotiation, expectedSecureRenegotiation[:]) {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: incorrect renegotiation extension contents")
+ }
+ }
+
+ clientDidALPN := len(hs.hello.alpnProtocols) > 0
+ serverHasALPN := len(hs.serverHello.alpnProtocol) > 0
+
+ if !clientDidALPN && serverHasALPN {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server advertised unrequested ALPN extension")
+ }
+
+ if serverHasALPN {
+ c.clientProtocol = hs.serverHello.alpnProtocol
+ c.clientProtocolFallback = false
+ }
+ c.scts = hs.serverHello.scts
+
+ if !hs.serverResumedSession() {
+ return false, nil
+ }
+
+ if hs.session.vers != c.vers {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different version")
+ }
+
+ if hs.session.cipherSuite != hs.suite.id {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different cipher suite")
+ }
+
+ // Restore masterSecret, peerCerts, and ocspResponse from previous state
+ hs.masterSecret = hs.session.masterSecret
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ // Let the ServerHello SCTs override the session SCTs from the original
+ // connection, if any are provided
+ if len(c.scts) == 0 && len(hs.session.scts) != 0 {
+ c.scts = hs.session.scts
+ }
+
+ return true, nil
+}
+
+func (hs *clientHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ serverFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverFinished, msg)
+ }
+
+ verify := hs.finishedHash.serverSum(hs.masterSecret)
+ if len(verify) != len(serverFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server's Finished message was incorrect")
+ }
+ hs.finishedHash.Write(serverFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *clientHandshakeState) readSessionTicket() error {
+ if !hs.serverHello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ sessionTicketMsg, ok := msg.(*newSessionTicketMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(sessionTicketMsg, msg)
+ }
+ hs.finishedHash.Write(sessionTicketMsg.marshal())
+
+ hs.session = &clientSessionState{
+ sessionTicket: sessionTicketMsg.ticket,
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ masterSecret: hs.masterSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+ copy(out, finished.verifyData)
+ return nil
+}
+
+// verifyServerCertificate parses and verifies the provided chain, setting
+// c.verifiedChains and c.peerCertificates or sending the appropriate alert.
+func (c *Conn) verifyServerCertificate(certificates [][]byte) error {
+ certs := make([]*x509.Certificate, len(certificates))
+ for i, asn1Data := range certificates {
+ cert, err := x509.ParseCertificate(asn1Data)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse certificate from server: " + err.Error())
+ }
+ certs[i] = cert
+ }
+
+ if !c.config.InsecureSkipVerify {
+ opts := x509.VerifyOptions{
+ Roots: c.config.RootCAs,
+ CurrentTime: c.config.time(),
+ DNSName: c.config.ServerName,
+ Intermediates: x509.NewCertPool(),
+ }
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+ var err error
+ c.verifiedChains, err = certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ switch certs[0].PublicKey.(type) {
+ case *rsa.PublicKey, *ecdsa.PublicKey, ed25519.PublicKey:
+ break
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: server's certificate contains an unsupported type of public key: %T", certs[0].PublicKey)
+ }
+
+ c.peerCertificates = certs
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+// certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS
+// <= 1.2 CertificateRequest, making an effort to fill in missing information.
+func certificateRequestInfoFromMsg(vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
+ cri := &CertificateRequestInfo{
+ AcceptableCAs: certReq.certificateAuthorities,
+ Version: vers,
+ }
+
+ var rsaAvail, ecAvail bool
+ for _, certType := range certReq.certificateTypes {
+ switch certType {
+ case certTypeRSASign:
+ rsaAvail = true
+ case certTypeECDSASign:
+ ecAvail = true
+ }
+ }
+
+ if !certReq.hasSignatureAlgorithm {
+ // Prior to TLS 1.2, signature schemes did not exist. In this case we
+ // make up a list based on the acceptable certificate types, to help
+ // GetClientCertificate and SupportsCertificate select the right certificate.
+ // The hash part of the SignatureScheme is a lie here, because
+ // TLS 1.0 and 1.1 always use MD5+SHA1 for RSA and SHA1 for ECDSA.
+ switch {
+ case rsaAvail && ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case rsaAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ }
+ }
+ return cri
+ }
+
+ // Filter the signature schemes based on the certificate types.
+ // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated").
+ cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms))
+ for _, sigScheme := range certReq.supportedSignatureAlgorithms {
+ sigType, _, err := typeAndHashFromSignatureScheme(sigScheme)
+ if err != nil {
+ continue
+ }
+ switch sigType {
+ case signatureECDSA, signatureEd25519:
+ if ecAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ case signatureRSAPSS, signaturePKCS1v15:
+ if rsaAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ }
+ }
+
+ return cri
+}
+
+func (c *Conn) getClientCertificate(cri *CertificateRequestInfo) (*Certificate, error) {
+ if c.config.GetClientCertificate != nil {
+ return c.config.GetClientCertificate(cri)
+ }
+
+ for _, chain := range c.config.Certificates {
+ if err := cri.SupportsCertificate(&chain); err != nil {
+ continue
+ }
+ return &chain, nil
+ }
+
+ // No acceptable certificate found. Don't send a certificate.
+ return new(Certificate), nil
+}
+
+const clientSessionCacheKeyPrefix = "qtls-"
+
+// clientSessionCacheKey returns a key used to cache sessionTickets that could
+// be used to resume previously negotiated TLS sessions with a server.
+func clientSessionCacheKey(serverAddr net.Addr, config *config) string {
+ if len(config.ServerName) > 0 {
+ return clientSessionCacheKeyPrefix + config.ServerName
+ }
+ return clientSessionCacheKeyPrefix + serverAddr.String()
+}
+
+// mutualProtocol finds the mutual Next Protocol Negotiation or ALPN protocol
+// given list of possible protocols and a list of the preference order. The
+// first list must not be empty. It returns the resulting protocol and flag
+// indicating if the fallback case was reached.
+func mutualProtocol(protos, preferenceProtos []string) (string, bool) {
+ for _, s := range preferenceProtos {
+ for _, c := range protos {
+ if s == c {
+ return s, false
+ }
+ }
+ }
+
+ return protos[0], true
+}
+
+// hostnameInSNI converts name into an appropriate hostname for SNI.
+// Literal IP addresses and absolute FQDNs are not permitted as SNI values.
+// See RFC 6066, Section 3.
+func hostnameInSNI(name string) string {
+ host := name
+ if len(host) > 0 && host[0] == '[' && host[len(host)-1] == ']' {
+ host = host[1 : len(host)-1]
+ }
+ if i := strings.LastIndex(host, "%"); i > 0 {
+ host = host[:i]
+ }
+ if net.ParseIP(host) != nil {
+ return ""
+ }
+ for len(name) > 0 && name[len(name)-1] == '.' {
+ name = name[:len(name)-1]
+ }
+ return name
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client_tls13.go
new file mode 100644
index 00000000..e0c7b58c
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_client_tls13.go
@@ -0,0 +1,734 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "encoding/binary"
+ "errors"
+ "fmt"
+ "hash"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+type clientHandshakeStateTLS13 struct {
+ c *Conn
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ ecdheParams ecdheParameters
+
+ session *clientSessionState
+ earlySecret []byte
+ binderKey []byte
+
+ certReq *certificateRequestMsgTLS13
+ usingPSK bool
+ sentDummyCCS bool
+ suite *cipherSuiteTLS13
+ transcript hash.Hash
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+}
+
+// handshake requires hs.c, hs.hello, hs.serverHello, hs.ecdheParams, and,
+// optionally, hs.session, hs.earlySecret and hs.binderKey to be set.
+func (hs *clientHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // The server must not select TLS 1.3 in a renegotiation. See RFC 8446,
+ // sections 4.1.2 and 4.1.3.
+ if c.handshakes > 0 {
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: server selected TLS 1.3 in a renegotiation")
+ }
+
+ // Consistency check on the presence of a keyShare and its parameters.
+ if hs.ecdheParams == nil || len(hs.hello.keyShares) != 1 {
+ return c.sendAlert(alertInternalError)
+ }
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ hs.transcript = hs.suite.hash.New()
+ hs.transcript.Write(hs.hello.marshal())
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.processHelloRetryRequest(); err != nil {
+ return err
+ }
+ }
+
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ if err := hs.processServerHello(); err != nil {
+ return err
+ }
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.establishHandshakeKeys(); err != nil {
+ return err
+ }
+ if err := hs.readServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.readServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readServerFinished(); err != nil {
+ return err
+ }
+ if err := hs.sendClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendClientFinished(); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// checkServerHelloOrHRR does validity checks that apply to both ServerHello and
+// HelloRetryRequest messages. It sets hs.suite.
+func (hs *clientHandshakeStateTLS13) checkServerHelloOrHRR() error {
+ c := hs.c
+
+ if hs.serverHello.supportedVersion == 0 {
+ c.sendAlert(alertMissingExtension)
+ return errors.New("tls: server selected TLS 1.3 using the legacy version field")
+ }
+
+ if hs.serverHello.supportedVersion != VersionTLS13 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid version after a HelloRetryRequest")
+ }
+
+ if hs.serverHello.vers != VersionTLS12 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an incorrect legacy version")
+ }
+
+ if hs.serverHello.ocspStapling ||
+ hs.serverHello.ticketSupported ||
+ hs.serverHello.secureRenegotiationSupported ||
+ len(hs.serverHello.secureRenegotiation) != 0 ||
+ len(hs.serverHello.alpnProtocol) != 0 ||
+ len(hs.serverHello.scts) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a ServerHello extension forbidden in TLS 1.3")
+ }
+
+ if !bytes.Equal(hs.hello.sessionId, hs.serverHello.sessionId) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not echo the legacy session ID")
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported compression format")
+ }
+
+ selectedSuite := mutualCipherSuiteTLS13(hs.hello.cipherSuites, hs.serverHello.cipherSuite)
+ if hs.suite != nil && selectedSuite != hs.suite {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server changed cipher suite after a HelloRetryRequest")
+ }
+ if selectedSuite == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+ hs.suite = selectedSuite
+ c.cipherSuite = hs.suite.id
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *clientHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+// processHelloRetryRequest handles the HRR in hs.serverHello, modifies and
+// resends hs.hello, and reads the new ServerHello into hs.serverHello.
+func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. (The idea is that the server might offload transcript
+ // storage to the client in the cookie.) See RFC 8446, Section 4.4.1.
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ // The only HelloRetryRequest extensions we support are key_share and
+ // cookie, and clients must abort the handshake if the HRR would not result
+ // in any change in the ClientHello.
+ if hs.serverHello.selectedGroup == 0 && hs.serverHello.cookie == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest message")
+ }
+
+ if hs.serverHello.cookie != nil {
+ hs.hello.cookie = hs.serverHello.cookie
+ }
+
+ if hs.serverHello.serverShare.group != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received malformed key_share extension")
+ }
+
+ // If the server sent a key_share extension selecting a group, ensure it's
+ // a group we advertised but did not send a key share for, and send a key
+ // share for it this time.
+ if curveID := hs.serverHello.selectedGroup; curveID != 0 {
+ curveOK := false
+ for _, id := range hs.hello.supportedCurves {
+ if id == curveID {
+ curveOK = true
+ break
+ }
+ }
+ if !curveOK {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+ if hs.ecdheParams.CurveID() == curveID {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest key_share")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), curveID)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.ecdheParams = params
+ hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ hs.hello.raw = nil
+ if len(hs.hello.pskIdentities) > 0 {
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash == hs.suite.hash {
+ // Update binders and obfuscated_ticket_age.
+ ticketAge := uint32(c.config.time().Sub(hs.session.receivedAt) / time.Millisecond)
+ hs.hello.pskIdentities[0].obfuscatedTicketAge = ticketAge + hs.session.ageAdd
+
+ transcript := hs.suite.hash.New()
+ transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ transcript.Write(chHash)
+ transcript.Write(hs.serverHello.marshal())
+ transcript.Write(hs.hello.marshalWithoutBinders())
+ pskBinders := [][]byte{hs.suite.finishedHash(hs.binderKey, transcript)}
+ hs.hello.updateBinders(pskBinders)
+ } else {
+ // Server selected a cipher suite incompatible with the PSK.
+ hs.hello.pskIdentities = nil
+ hs.hello.pskBinders = nil
+ }
+ }
+
+ if hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ hs.hello.earlyData = false // disable 0-RTT
+
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+ hs.serverHello = serverHello
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) processServerHello() error {
+ c := hs.c
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: server sent two HelloRetryRequest messages")
+ }
+
+ if len(hs.serverHello.cookie) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a cookie in a normal ServerHello")
+ }
+
+ if hs.serverHello.selectedGroup != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: malformed key_share extension")
+ }
+
+ if hs.serverHello.serverShare.group == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not send a key share")
+ }
+ if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+
+ if !hs.serverHello.selectedIdentityPresent {
+ return nil
+ }
+
+ if int(hs.serverHello.selectedIdentity) >= len(hs.hello.pskIdentities) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK")
+ }
+
+ if len(hs.hello.pskIdentities) != 1 || hs.session == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash != hs.suite.hash {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK and cipher suite pair")
+ }
+
+ hs.usingPSK = true
+ c.didResume = true
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ c.scts = hs.session.scts
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error {
+ c := hs.c
+
+ sharedKey := hs.ecdheParams.SharedKey(hs.serverHello.serverShare.data)
+ if sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid server key share")
+ }
+
+ earlySecret := hs.earlySecret
+ if !hs.usingPSK {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ handshakeSecret := hs.suite.extract(sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.out.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.hello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(handshakeSecret, "derived", nil))
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerParameters() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ encryptedExtensions, ok := msg.(*encryptedExtensionsMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(encryptedExtensions, msg)
+ }
+ // Notify the caller if 0-RTT was rejected.
+ if !encryptedExtensions.earlyData && hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ c.used0RTT = encryptedExtensions.earlyData
+ if hs.c.extraConfig != nil && hs.c.extraConfig.ReceivedExtensions != nil {
+ hs.c.extraConfig.ReceivedExtensions(typeEncryptedExtensions, encryptedExtensions.additionalExtensions)
+ }
+ hs.transcript.Write(encryptedExtensions.marshal())
+
+ if len(encryptedExtensions.alpnProtocol) != 0 && len(hs.hello.alpnProtocols) == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server advertised unrequested ALPN extension")
+ }
+ if c.extraConfig != nil && c.extraConfig.EnforceNextProtoSelection {
+ if len(encryptedExtensions.alpnProtocol) == 0 {
+ // the server didn't select an ALPN
+ c.sendAlert(alertNoApplicationProtocol)
+ return errors.New("ALPN negotiation failed. Server didn't offer any protocols")
+ }
+ if _, fallback := mutualProtocol([]string{encryptedExtensions.alpnProtocol}, hs.c.config.NextProtos); fallback {
+ // the protocol selected by the server was not offered
+ c.sendAlert(alertNoApplicationProtocol)
+ return fmt.Errorf("ALPN negotiation failed. Server offered: %q", encryptedExtensions.alpnProtocol)
+ }
+ }
+ c.clientProtocol = encryptedExtensions.alpnProtocol
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
+ c := hs.c
+
+ // Either a PSK or a certificate is always used, but not both.
+ // See RFC 8446, Section 4.1.1.
+ if hs.usingPSK {
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certReq, ok := msg.(*certificateRequestMsgTLS13)
+ if ok {
+ hs.transcript.Write(certReq.marshal())
+
+ hs.certReq = certReq
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ if len(certMsg.certificate.Certificate) == 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received empty certificates message")
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ c.scts = certMsg.certificate.SignedCertificateTimestamps
+ c.ocspResponse = certMsg.certificate.OCSPStaple
+
+ if err := c.verifyServerCertificate(certMsg.certificate.Certificate); err != nil {
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ expectedMAC := hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ if !hmac.Equal(expectedMAC, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid server finished hash")
+ }
+
+ hs.transcript.Write(finished.marshal())
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err = c.config.writeKeyLog(keyLogLabelClientTraffic, hs.hello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
+ c := hs.c
+
+ if hs.certReq == nil {
+ return nil
+ }
+
+ cert, err := c.getClientCertificate(&CertificateRequestInfo{
+ AcceptableCAs: hs.certReq.certificateAuthorities,
+ SignatureSchemes: hs.certReq.supportedSignatureAlgorithms,
+ Version: c.vers,
+ })
+ if err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *cert
+ certMsg.scts = hs.certReq.scts && len(cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.certReq.ocspStapling && len(cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ // If we sent an empty certificate message, skip the CertificateVerify.
+ if len(cert.Certificate) == 0 {
+ return nil
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+
+ certVerifyMsg.signatureAlgorithm, err = selectSignatureScheme(c.vers, cert, hs.certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ // getClientCertificate returned a certificate incompatible with the
+ // CertificateRequestInfo supported signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerifyMsg.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ c.out.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.out.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ if !c.config.SessionTicketsDisabled && c.config.ClientSessionCache != nil {
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+ }
+
+ return nil
+}
+
+func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error {
+ if !c.isClient {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received new session ticket from a client")
+ }
+
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return nil
+ }
+
+ // See RFC 8446, Section 4.6.1.
+ if msg.lifetime == 0 {
+ return nil
+ }
+ lifetime := time.Duration(msg.lifetime) * time.Second
+ if lifetime > maxSessionTicketLifetime {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: received a session ticket with invalid lifetime")
+ }
+
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil || c.resumptionSecret == nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ // We need to save the max_early_data_size that the server sent us, in order
+ // to decide if we're going to try 0-RTT with this ticket.
+ // However, at the same time, the qtls.ClientSessionTicket needs to be equal to
+ // the tls.ClientSessionTicket, so we can't just add a new field to the struct.
+ // We therefore abuse the nonce field (which is a byte slice)
+ nonceWithEarlyData := make([]byte, len(msg.nonce)+4)
+ binary.BigEndian.PutUint32(nonceWithEarlyData, msg.maxEarlyData)
+ copy(nonceWithEarlyData[4:], msg.nonce)
+
+ var appData []byte
+ if c.extraConfig != nil && c.extraConfig.GetAppDataForSessionState != nil {
+ appData = c.extraConfig.GetAppDataForSessionState()
+ }
+ var b cryptobyte.Builder
+ b.AddUint16(clientSessionStateVersion) // revision
+ b.AddUint32(msg.maxEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(appData)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(msg.nonce)
+ })
+
+ // Save the resumption_master_secret and nonce instead of deriving the PSK
+ // to do the least amount of work on NewSessionTicket messages before we
+ // know if the ticket will be used. Forward secrecy of resumed connections
+ // is guaranteed by the requirement for pskModeDHE.
+ session := &clientSessionState{
+ sessionTicket: msg.label,
+ vers: c.vers,
+ cipherSuite: c.cipherSuite,
+ masterSecret: c.resumptionSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ nonce: b.BytesOrPanic(),
+ useBy: c.config.time().Add(lifetime),
+ ageAdd: msg.ageAdd,
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(session))
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/handshake_messages.go b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_messages.go
new file mode 100644
index 00000000..1ab75762
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_messages.go
@@ -0,0 +1,1832 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "fmt"
+ "strings"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// The marshalingFunction type is an adapter to allow the use of ordinary
+// functions as cryptobyte.MarshalingValue.
+type marshalingFunction func(b *cryptobyte.Builder) error
+
+func (f marshalingFunction) Marshal(b *cryptobyte.Builder) error {
+ return f(b)
+}
+
+// addBytesWithLength appends a sequence of bytes to the cryptobyte.Builder. If
+// the length of the sequence is not the value specified, it produces an error.
+func addBytesWithLength(b *cryptobyte.Builder, v []byte, n int) {
+ b.AddValue(marshalingFunction(func(b *cryptobyte.Builder) error {
+ if len(v) != n {
+ return fmt.Errorf("invalid value length: expected %d, got %d", n, len(v))
+ }
+ b.AddBytes(v)
+ return nil
+ }))
+}
+
+// addUint64 appends a big-endian, 64-bit value to the cryptobyte.Builder.
+func addUint64(b *cryptobyte.Builder, v uint64) {
+ b.AddUint32(uint32(v >> 32))
+ b.AddUint32(uint32(v))
+}
+
+// readUint64 decodes a big-endian, 64-bit value into out and advances over it.
+// It reports whether the read was successful.
+func readUint64(s *cryptobyte.String, out *uint64) bool {
+ var hi, lo uint32
+ if !s.ReadUint32(&hi) || !s.ReadUint32(&lo) {
+ return false
+ }
+ *out = uint64(hi)<<32 | uint64(lo)
+ return true
+}
+
+// readUint8LengthPrefixed acts like s.ReadUint8LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint8LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint8LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint16LengthPrefixed acts like s.ReadUint16LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint16LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint16LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint24LengthPrefixed acts like s.ReadUint24LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint24LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint24LengthPrefixed((*cryptobyte.String)(out))
+}
+
+type clientHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuites []uint16
+ compressionMethods []uint8
+ serverName string
+ ocspStapling bool
+ supportedCurves []CurveID
+ supportedPoints []uint8
+ ticketSupported bool
+ sessionTicket []uint8
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocols []string
+ scts bool
+ supportedVersions []uint16
+ cookie []byte
+ keyShares []keyShare
+ earlyData bool
+ pskModes []uint8
+ pskIdentities []pskIdentity
+ pskBinders [][]byte
+ additionalExtensions []Extension
+}
+
+func (m *clientHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeClientHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, suite := range m.cipherSuites {
+ b.AddUint16(suite)
+ }
+ })
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.compressionMethods)
+ })
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.serverName) > 0 {
+ // RFC 6066, Section 3
+ b.AddUint16(extensionServerName)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // name_type = host_name
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.serverName))
+ })
+ })
+ })
+ }
+ if m.ocspStapling {
+ // RFC 4366, Section 3.6
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(1) // status_type = ocsp
+ b.AddUint16(0) // empty responder_id_list
+ b.AddUint16(0) // empty request_extensions
+ })
+ }
+ if len(m.supportedCurves) > 0 {
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ b.AddUint16(extensionSupportedCurves)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, curve := range m.supportedCurves {
+ b.AddUint16(uint16(curve))
+ }
+ })
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ // RFC 4492, Section 5.1.2
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+ if m.ticketSupported {
+ // RFC 5077, Section 3.2
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionTicket)
+ })
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ // RFC 5246, Section 7.4.1.4.1
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ // RFC 8446, Section 4.2.3
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if m.secureRenegotiationSupported {
+ // RFC 5746, Section 3.2
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocols) > 0 {
+ // RFC 7301, Section 3.1
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, proto := range m.alpnProtocols {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(proto))
+ })
+ }
+ })
+ })
+ }
+ if m.scts {
+ // RFC 6962, Section 3.3.1
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedVersions) > 0 {
+ // RFC 8446, Section 4.2.1
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, vers := range m.supportedVersions {
+ b.AddUint16(vers)
+ }
+ })
+ })
+ }
+ if len(m.cookie) > 0 {
+ // RFC 8446, Section 4.2.2
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if len(m.keyShares) > 0 {
+ // RFC 8446, Section 4.2.8
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ks := range m.keyShares {
+ b.AddUint16(uint16(ks.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ks.data)
+ })
+ }
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.pskModes) > 0 {
+ // RFC 8446, Section 4.2.9
+ b.AddUint16(extensionPSKModes)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.pskModes)
+ })
+ })
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ if len(m.pskIdentities) > 0 { // pre_shared_key must be the last extension
+ // RFC 8446, Section 4.2.11
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, psk := range m.pskIdentities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(psk.label)
+ })
+ b.AddUint32(psk.obfuscatedTicketAge)
+ }
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+// marshalWithoutBinders returns the ClientHello through the
+// PreSharedKeyExtension.identities field, according to RFC 8446, Section
+// 4.2.11.2. Note that m.pskBinders must be set to slices of the correct length.
+func (m *clientHelloMsg) marshalWithoutBinders() []byte {
+ bindersLen := 2 // uint16 length prefix
+ for _, binder := range m.pskBinders {
+ bindersLen += 1 // uint8 length prefix
+ bindersLen += len(binder)
+ }
+
+ fullMessage := m.marshal()
+ return fullMessage[:len(fullMessage)-bindersLen]
+}
+
+// updateBinders updates the m.pskBinders field, if necessary updating the
+// cached marshaled representation. The supplied binders must have the same
+// length as the current m.pskBinders.
+func (m *clientHelloMsg) updateBinders(pskBinders [][]byte) {
+ if len(pskBinders) != len(m.pskBinders) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ for i := range m.pskBinders {
+ if len(pskBinders[i]) != len(m.pskBinders[i]) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ }
+ m.pskBinders = pskBinders
+ if m.raw != nil {
+ lenWithoutBinders := len(m.marshalWithoutBinders())
+ // TODO(filippo): replace with NewFixedBuilder once CL 148882 is imported.
+ b := cryptobyte.NewBuilder(m.raw[:lenWithoutBinders])
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ if len(b.BytesOrPanic()) != len(m.raw) {
+ panic("tls: internal error: failed to update binders")
+ }
+ }
+}
+
+func (m *clientHelloMsg) unmarshal(data []byte) bool {
+ *m = clientHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) {
+ return false
+ }
+
+ var cipherSuites cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&cipherSuites) {
+ return false
+ }
+ m.cipherSuites = []uint16{}
+ m.secureRenegotiationSupported = false
+ for !cipherSuites.Empty() {
+ var suite uint16
+ if !cipherSuites.ReadUint16(&suite) {
+ return false
+ }
+ if suite == scsvRenegotiation {
+ m.secureRenegotiationSupported = true
+ }
+ m.cipherSuites = append(m.cipherSuites, suite)
+ }
+
+ if !readUint8LengthPrefixed(&s, &m.compressionMethods) {
+ return false
+ }
+
+ if s.Empty() {
+ // ClientHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionServerName:
+ // RFC 6066, Section 3
+ var nameList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&nameList) || nameList.Empty() {
+ return false
+ }
+ for !nameList.Empty() {
+ var nameType uint8
+ var serverName cryptobyte.String
+ if !nameList.ReadUint8(&nameType) ||
+ !nameList.ReadUint16LengthPrefixed(&serverName) ||
+ serverName.Empty() {
+ return false
+ }
+ if nameType != 0 {
+ continue
+ }
+ if len(m.serverName) != 0 {
+ // Multiple names of the same name_type are prohibited.
+ return false
+ }
+ m.serverName = string(serverName)
+ // An SNI value may not include a trailing dot.
+ if strings.HasSuffix(m.serverName, ".") {
+ return false
+ }
+ }
+ case extensionStatusRequest:
+ // RFC 4366, Section 3.6
+ var statusType uint8
+ var ignored cryptobyte.String
+ if !extData.ReadUint8(&statusType) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) {
+ return false
+ }
+ m.ocspStapling = statusType == statusTypeOCSP
+ case extensionSupportedCurves:
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ var curves cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&curves) || curves.Empty() {
+ return false
+ }
+ for !curves.Empty() {
+ var curve uint16
+ if !curves.ReadUint16(&curve) {
+ return false
+ }
+ m.supportedCurves = append(m.supportedCurves, CurveID(curve))
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ case extensionSessionTicket:
+ // RFC 5077, Section 3.2
+ m.ticketSupported = true
+ extData.ReadBytes(&m.sessionTicket, len(extData))
+ case extensionSignatureAlgorithms:
+ // RFC 5246, Section 7.4.1.4.1
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ // RFC 8446, Section 4.2.3
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionRenegotiationInfo:
+ // RFC 5746, Section 3.2
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ // RFC 7301, Section 3.1
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ for !protoList.Empty() {
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() {
+ return false
+ }
+ m.alpnProtocols = append(m.alpnProtocols, string(proto))
+ }
+ case extensionSCT:
+ // RFC 6962, Section 3.3.1
+ m.scts = true
+ case extensionSupportedVersions:
+ // RFC 8446, Section 4.2.1
+ var versList cryptobyte.String
+ if !extData.ReadUint8LengthPrefixed(&versList) || versList.Empty() {
+ return false
+ }
+ for !versList.Empty() {
+ var vers uint16
+ if !versList.ReadUint16(&vers) {
+ return false
+ }
+ m.supportedVersions = append(m.supportedVersions, vers)
+ }
+ case extensionCookie:
+ // RFC 8446, Section 4.2.2
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // RFC 8446, Section 4.2.8
+ var clientShares cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&clientShares) {
+ return false
+ }
+ for !clientShares.Empty() {
+ var ks keyShare
+ if !clientShares.ReadUint16((*uint16)(&ks.group)) ||
+ !readUint16LengthPrefixed(&clientShares, &ks.data) ||
+ len(ks.data) == 0 {
+ return false
+ }
+ m.keyShares = append(m.keyShares, ks)
+ }
+ case extensionEarlyData:
+ // RFC 8446, Section 4.2.10
+ m.earlyData = true
+ case extensionPSKModes:
+ // RFC 8446, Section 4.2.9
+ if !readUint8LengthPrefixed(&extData, &m.pskModes) {
+ return false
+ }
+ case extensionPreSharedKey:
+ // RFC 8446, Section 4.2.11
+ if !extensions.Empty() {
+ return false // pre_shared_key must be the last extension
+ }
+ var identities cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&identities) || identities.Empty() {
+ return false
+ }
+ for !identities.Empty() {
+ var psk pskIdentity
+ if !readUint16LengthPrefixed(&identities, &psk.label) ||
+ !identities.ReadUint32(&psk.obfuscatedTicketAge) ||
+ len(psk.label) == 0 {
+ return false
+ }
+ m.pskIdentities = append(m.pskIdentities, psk)
+ }
+ var binders cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&binders) || binders.Empty() {
+ return false
+ }
+ for !binders.Empty() {
+ var binder []byte
+ if !readUint8LengthPrefixed(&binders, &binder) ||
+ len(binder) == 0 {
+ return false
+ }
+ m.pskBinders = append(m.pskBinders, binder)
+ }
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type serverHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuite uint16
+ compressionMethod uint8
+ ocspStapling bool
+ ticketSupported bool
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocol string
+ scts [][]byte
+ supportedVersion uint16
+ serverShare keyShare
+ selectedIdentityPresent bool
+ selectedIdentity uint16
+ supportedPoints []uint8
+
+ // HelloRetryRequest extensions
+ cookie []byte
+ selectedGroup CurveID
+}
+
+func (m *serverHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeServerHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16(m.cipherSuite)
+ b.AddUint8(m.compressionMethod)
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.ticketSupported {
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.secureRenegotiationSupported {
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if len(m.scts) > 0 {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range m.scts {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ if m.supportedVersion != 0 {
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.supportedVersion)
+ })
+ }
+ if m.serverShare.group != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.serverShare.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.serverShare.data)
+ })
+ })
+ }
+ if m.selectedIdentityPresent {
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.selectedIdentity)
+ })
+ }
+
+ if len(m.cookie) > 0 {
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if m.selectedGroup != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.selectedGroup))
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *serverHelloMsg) unmarshal(data []byte) bool {
+ *m = serverHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) ||
+ !s.ReadUint16(&m.cipherSuite) ||
+ !s.ReadUint8(&m.compressionMethod) {
+ return false
+ }
+
+ if s.Empty() {
+ // ServerHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSessionTicket:
+ m.ticketSupported = true
+ case extensionRenegotiationInfo:
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ m.scts = append(m.scts, sct)
+ }
+ case extensionSupportedVersions:
+ if !extData.ReadUint16(&m.supportedVersion) {
+ return false
+ }
+ case extensionCookie:
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // This extension has different formats in SH and HRR, accept either
+ // and let the handshake logic decide. See RFC 8446, Section 4.2.8.
+ if len(extData) == 2 {
+ if !extData.ReadUint16((*uint16)(&m.selectedGroup)) {
+ return false
+ }
+ } else {
+ if !extData.ReadUint16((*uint16)(&m.serverShare.group)) ||
+ !readUint16LengthPrefixed(&extData, &m.serverShare.data) {
+ return false
+ }
+ }
+ case extensionPreSharedKey:
+ m.selectedIdentityPresent = true
+ if !extData.ReadUint16(&m.selectedIdentity) {
+ return false
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type encryptedExtensionsMsg struct {
+ raw []byte
+ alpnProtocol string
+ earlyData bool
+
+ additionalExtensions []Extension
+}
+
+func (m *encryptedExtensionsMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeEncryptedExtensions)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *encryptedExtensionsMsg) unmarshal(data []byte) bool {
+ *m = encryptedExtensionsMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionEarlyData:
+ m.earlyData = true
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type endOfEarlyDataMsg struct{}
+
+func (m *endOfEarlyDataMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeEndOfEarlyData
+ return x
+}
+
+func (m *endOfEarlyDataMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type keyUpdateMsg struct {
+ raw []byte
+ updateRequested bool
+}
+
+func (m *keyUpdateMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeKeyUpdate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.updateRequested {
+ b.AddUint8(1)
+ } else {
+ b.AddUint8(0)
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *keyUpdateMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var updateRequested uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&updateRequested) || !s.Empty() {
+ return false
+ }
+ switch updateRequested {
+ case 0:
+ m.updateRequested = false
+ case 1:
+ m.updateRequested = true
+ default:
+ return false
+ }
+ return true
+}
+
+type newSessionTicketMsgTLS13 struct {
+ raw []byte
+ lifetime uint32
+ ageAdd uint32
+ nonce []byte
+ label []byte
+ maxEarlyData uint32
+}
+
+func (m *newSessionTicketMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeNewSessionTicket)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.lifetime)
+ b.AddUint32(m.ageAdd)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.nonce)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.label)
+ })
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.maxEarlyData > 0 {
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.maxEarlyData)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *newSessionTicketMsgTLS13) unmarshal(data []byte) bool {
+ *m = newSessionTicketMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint32(&m.lifetime) ||
+ !s.ReadUint32(&m.ageAdd) ||
+ !readUint8LengthPrefixed(&s, &m.nonce) ||
+ !readUint16LengthPrefixed(&s, &m.label) ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionEarlyData:
+ if !extData.ReadUint32(&m.maxEarlyData) {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateRequestMsgTLS13 struct {
+ raw []byte
+ ocspStapling bool
+ scts bool
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateRequest)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ // certificate_request_context (SHALL be zero length unless used for
+ // post-handshake authentication)
+ b.AddUint8(0)
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.scts {
+ // RFC 8446, Section 4.4.2.1 makes no mention of
+ // signed_certificate_timestamp in CertificateRequest, but
+ // "Extensions in the Certificate message from the client MUST
+ // correspond to extensions in the CertificateRequest message
+ // from the server." and it appears in the table in Section 4.2.
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.certificateAuthorities) > 0 {
+ b.AddUint16(extensionCertificateAuthorities)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ca := range m.certificateAuthorities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ca)
+ })
+ }
+ })
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateRequestMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateRequestMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context, extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSCT:
+ m.scts = true
+ case extensionSignatureAlgorithms:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionCertificateAuthorities:
+ var auths cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&auths) || auths.Empty() {
+ return false
+ }
+ for !auths.Empty() {
+ var ca []byte
+ if !readUint16LengthPrefixed(&auths, &ca) || len(ca) == 0 {
+ return false
+ }
+ m.certificateAuthorities = append(m.certificateAuthorities, ca)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateMsg struct {
+ raw []byte
+ certificates [][]byte
+}
+
+func (m *certificateMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var i int
+ for _, slice := range m.certificates {
+ i += len(slice)
+ }
+
+ length := 3 + 3*len(m.certificates) + i
+ x = make([]byte, 4+length)
+ x[0] = typeCertificate
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ certificateOctets := length - 3
+ x[4] = uint8(certificateOctets >> 16)
+ x[5] = uint8(certificateOctets >> 8)
+ x[6] = uint8(certificateOctets)
+
+ y := x[7:]
+ for _, slice := range m.certificates {
+ y[0] = uint8(len(slice) >> 16)
+ y[1] = uint8(len(slice) >> 8)
+ y[2] = uint8(len(slice))
+ copy(y[3:], slice)
+ y = y[3+len(slice):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateMsg) unmarshal(data []byte) bool {
+ if len(data) < 7 {
+ return false
+ }
+
+ m.raw = data
+ certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6])
+ if uint32(len(data)) != certsLen+7 {
+ return false
+ }
+
+ numCerts := 0
+ d := data[7:]
+ for certsLen > 0 {
+ if len(d) < 4 {
+ return false
+ }
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ if uint32(len(d)) < 3+certLen {
+ return false
+ }
+ d = d[3+certLen:]
+ certsLen -= 3 + certLen
+ numCerts++
+ }
+
+ m.certificates = make([][]byte, numCerts)
+ d = data[7:]
+ for i := 0; i < numCerts; i++ {
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ m.certificates[i] = d[3 : 3+certLen]
+ d = d[3+certLen:]
+ }
+
+ return true
+}
+
+type certificateMsgTLS13 struct {
+ raw []byte
+ certificate Certificate
+ ocspStapling bool
+ scts bool
+}
+
+func (m *certificateMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // certificate_request_context
+
+ certificate := m.certificate
+ if !m.ocspStapling {
+ certificate.OCSPStaple = nil
+ }
+ if !m.scts {
+ certificate.SignedCertificateTimestamps = nil
+ }
+ marshalCertificate(b, certificate)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func marshalCertificate(b *cryptobyte.Builder, certificate Certificate) {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for i, cert := range certificate.Certificate {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if i > 0 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ return
+ }
+ if certificate.OCSPStaple != nil {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(certificate.OCSPStaple)
+ })
+ })
+ }
+ if certificate.SignedCertificateTimestamps != nil {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range certificate.SignedCertificateTimestamps {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ })
+ }
+ })
+}
+
+func (m *certificateMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !unmarshalCertificate(&s, &m.certificate) ||
+ !s.Empty() {
+ return false
+ }
+
+ m.scts = m.certificate.SignedCertificateTimestamps != nil
+ m.ocspStapling = m.certificate.OCSPStaple != nil
+
+ return true
+}
+
+func unmarshalCertificate(s *cryptobyte.String, certificate *Certificate) bool {
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ var extensions cryptobyte.String
+ if !readUint24LengthPrefixed(&certList, &cert) ||
+ !certList.ReadUint16LengthPrefixed(&extensions) {
+ return false
+ }
+ certificate.Certificate = append(certificate.Certificate, cert)
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+ if len(certificate.Certificate) > 1 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ continue
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ var statusType uint8
+ if !extData.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&extData, &certificate.OCSPStaple) ||
+ len(certificate.OCSPStaple) == 0 {
+ return false
+ }
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ certificate.SignedCertificateTimestamps = append(
+ certificate.SignedCertificateTimestamps, sct)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+ }
+ return true
+}
+
+type serverKeyExchangeMsg struct {
+ raw []byte
+ key []byte
+}
+
+func (m *serverKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.key)
+ x := make([]byte, length+4)
+ x[0] = typeServerKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.key)
+
+ m.raw = x
+ return x
+}
+
+func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ m.key = data[4:]
+ return true
+}
+
+type certificateStatusMsg struct {
+ raw []byte
+ response []byte
+}
+
+func (m *certificateStatusMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateStatus)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.response)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateStatusMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var statusType uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&s, &m.response) ||
+ len(m.response) == 0 || !s.Empty() {
+ return false
+ }
+ return true
+}
+
+type serverHelloDoneMsg struct{}
+
+func (m *serverHelloDoneMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeServerHelloDone
+ return x
+}
+
+func (m *serverHelloDoneMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type clientKeyExchangeMsg struct {
+ raw []byte
+ ciphertext []byte
+}
+
+func (m *clientKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.ciphertext)
+ x := make([]byte, length+4)
+ x[0] = typeClientKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.ciphertext)
+
+ m.raw = x
+ return x
+}
+
+func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ l := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if l != len(data)-4 {
+ return false
+ }
+ m.ciphertext = data[4:]
+ return true
+}
+
+type finishedMsg struct {
+ raw []byte
+ verifyData []byte
+}
+
+func (m *finishedMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeFinished)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.verifyData)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *finishedMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+ return s.Skip(1) &&
+ readUint24LengthPrefixed(&s, &m.verifyData) &&
+ s.Empty()
+}
+
+type certificateRequestMsg struct {
+ raw []byte
+ // hasSignatureAlgorithm indicates whether this message includes a list of
+ // supported signature algorithms. This change was introduced with TLS 1.2.
+ hasSignatureAlgorithm bool
+
+ certificateTypes []byte
+ supportedSignatureAlgorithms []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 4346, Section 7.4.4.
+ length := 1 + len(m.certificateTypes) + 2
+ casLength := 0
+ for _, ca := range m.certificateAuthorities {
+ casLength += 2 + len(ca)
+ }
+ length += casLength
+
+ if m.hasSignatureAlgorithm {
+ length += 2 + 2*len(m.supportedSignatureAlgorithms)
+ }
+
+ x = make([]byte, 4+length)
+ x[0] = typeCertificateRequest
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ x[4] = uint8(len(m.certificateTypes))
+
+ copy(x[5:], m.certificateTypes)
+ y := x[5+len(m.certificateTypes):]
+
+ if m.hasSignatureAlgorithm {
+ n := len(m.supportedSignatureAlgorithms) * 2
+ y[0] = uint8(n >> 8)
+ y[1] = uint8(n)
+ y = y[2:]
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ y[0] = uint8(sigAlgo >> 8)
+ y[1] = uint8(sigAlgo)
+ y = y[2:]
+ }
+ }
+
+ y[0] = uint8(casLength >> 8)
+ y[1] = uint8(casLength)
+ y = y[2:]
+ for _, ca := range m.certificateAuthorities {
+ y[0] = uint8(len(ca) >> 8)
+ y[1] = uint8(len(ca))
+ y = y[2:]
+ copy(y, ca)
+ y = y[len(ca):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateRequestMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 5 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ numCertTypes := int(data[4])
+ data = data[5:]
+ if numCertTypes == 0 || len(data) <= numCertTypes {
+ return false
+ }
+
+ m.certificateTypes = make([]byte, numCertTypes)
+ if copy(m.certificateTypes, data) != numCertTypes {
+ return false
+ }
+
+ data = data[numCertTypes:]
+
+ if m.hasSignatureAlgorithm {
+ if len(data) < 2 {
+ return false
+ }
+ sigAndHashLen := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if sigAndHashLen&1 != 0 {
+ return false
+ }
+ if len(data) < int(sigAndHashLen) {
+ return false
+ }
+ numSigAlgos := sigAndHashLen / 2
+ m.supportedSignatureAlgorithms = make([]SignatureScheme, numSigAlgos)
+ for i := range m.supportedSignatureAlgorithms {
+ m.supportedSignatureAlgorithms[i] = SignatureScheme(data[0])<<8 | SignatureScheme(data[1])
+ data = data[2:]
+ }
+ }
+
+ if len(data) < 2 {
+ return false
+ }
+ casLength := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if len(data) < int(casLength) {
+ return false
+ }
+ cas := make([]byte, casLength)
+ copy(cas, data)
+ data = data[casLength:]
+
+ m.certificateAuthorities = nil
+ for len(cas) > 0 {
+ if len(cas) < 2 {
+ return false
+ }
+ caLen := uint16(cas[0])<<8 | uint16(cas[1])
+ cas = cas[2:]
+
+ if len(cas) < int(caLen) {
+ return false
+ }
+
+ m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen])
+ cas = cas[caLen:]
+ }
+
+ return len(data) == 0
+}
+
+type certificateVerifyMsg struct {
+ raw []byte
+ hasSignatureAlgorithm bool // format change introduced in TLS 1.2
+ signatureAlgorithm SignatureScheme
+ signature []byte
+}
+
+func (m *certificateVerifyMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateVerify)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.hasSignatureAlgorithm {
+ b.AddUint16(uint16(m.signatureAlgorithm))
+ }
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.signature)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateVerifyMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) { // message type and uint24 length field
+ return false
+ }
+ if m.hasSignatureAlgorithm {
+ if !s.ReadUint16((*uint16)(&m.signatureAlgorithm)) {
+ return false
+ }
+ }
+ return readUint16LengthPrefixed(&s, &m.signature) && s.Empty()
+}
+
+type newSessionTicketMsg struct {
+ raw []byte
+ ticket []byte
+}
+
+func (m *newSessionTicketMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 5077, Section 3.3.
+ ticketLen := len(m.ticket)
+ length := 2 + 4 + ticketLen
+ x = make([]byte, 4+length)
+ x[0] = typeNewSessionTicket
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ x[8] = uint8(ticketLen >> 8)
+ x[9] = uint8(ticketLen)
+ copy(x[10:], m.ticket)
+
+ m.raw = x
+
+ return
+}
+
+func (m *newSessionTicketMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 10 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ ticketLen := int(data[8])<<8 + int(data[9])
+ if len(data)-10 != ticketLen {
+ return false
+ }
+
+ m.ticket = data[10:]
+
+ return true
+}
+
+type helloRequestMsg struct {
+}
+
+func (*helloRequestMsg) marshal() []byte {
+ return []byte{typeHelloRequest, 0, 0, 0}
+}
+
+func (*helloRequestMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server.go b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server.go
new file mode 100644
index 00000000..51b52e3d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server.go
@@ -0,0 +1,863 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// serverHandshakeState contains details of a server handshake in progress.
+// It's discarded once the handshake has completed.
+type serverHandshakeState struct {
+ c *Conn
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ suite *cipherSuite
+ ecdheOk bool
+ ecSignOk bool
+ rsaDecryptOk bool
+ rsaSignOk bool
+ sessionState *sessionState
+ finishedHash finishedHash
+ masterSecret []byte
+ cert *Certificate
+}
+
+// serverHandshake performs a TLS handshake as a server.
+func (c *Conn) serverHandshake() error {
+ c.setAlternativeRecordLayer()
+
+ clientHello, err := c.readClientHello()
+ if err != nil {
+ return err
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := serverHandshakeStateTLS13{
+ c: c,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+ } else if c.extraConfig.usesAlternativeRecordLayer() {
+ // This should already have been caught by the check that the ClientHello doesn't
+ // offer any (supported) versions older than TLS 1.3.
+ // Check again to make sure we can't be tricked into using an older version.
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: negotiated TLS < 1.3 when using QUIC")
+ }
+
+ hs := serverHandshakeState{
+ c: c,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+}
+
+func (hs *serverHandshakeState) handshake() error {
+ c := hs.c
+
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+
+ // For an overview of TLS handshaking, see RFC 5246, Section 7.3.
+ c.buffering = true
+ if hs.checkForResumption() {
+ // The client has included a session ticket and so we do an abbreviated handshake.
+ c.didResume = true
+ if err := hs.doResumeHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ if err := hs.readFinished(nil); err != nil {
+ return err
+ }
+ } else {
+ // The client didn't include a session ticket, or it wasn't
+ // valid so we do a full handshake.
+ if err := hs.pickCipherSuite(); err != nil {
+ return err
+ }
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ c.buffering = true
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(nil); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// readClientHello reads a ClientHello message and selects the protocol version.
+func (c *Conn) readClientHello() (*clientHelloMsg, error) {
+ msg, err := c.readHandshake()
+ if err != nil {
+ return nil, err
+ }
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return nil, unexpectedMessageError(clientHello, msg)
+ }
+
+ var configForClient *config
+ originalConfig := c.config
+ if c.config.GetConfigForClient != nil {
+ chi := newClientHelloInfo(c, clientHello)
+ if cfc, err := c.config.GetConfigForClient(chi); err != nil {
+ c.sendAlert(alertInternalError)
+ return nil, err
+ } else if cfc != nil {
+ configForClient = fromConfig(cfc)
+ c.config = configForClient
+ }
+ }
+ c.ticketKeys = originalConfig.ticketKeys(configForClient)
+
+ clientVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ clientVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ // In QUIC, the client MUST NOT offer any old TLS versions.
+ // Here, we can only check that none of the other supported versions of this library
+ // (TLS 1.0 - TLS 1.2) is offered. We don't check for any SSL versions here.
+ for _, ver := range clientVersions {
+ if ver == VersionTLS13 {
+ continue
+ }
+ for _, v := range supportedVersions {
+ if ver == v {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered old TLS version %#x", ver)
+ }
+ }
+ }
+ // Make the config we're using allows us to use TLS 1.3.
+ if c.config.maxSupportedVersion() < VersionTLS13 {
+ c.sendAlert(alertInternalError)
+ return nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ }
+ c.vers, ok = c.config.mutualVersion(clientVersions)
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+ }
+ c.haveVers = true
+ c.in.version = c.vers
+ c.out.version = c.vers
+
+ return clientHello, nil
+}
+
+func (hs *serverHandshakeState) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.hello.vers = c.vers
+
+ foundCompression := false
+ // We only support null compression, so check that the client offered it.
+ for _, compression := range hs.clientHello.compressionMethods {
+ if compression == compressionNone {
+ foundCompression = true
+ break
+ }
+ }
+
+ if !foundCompression {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client does not support uncompressed connections")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ serverRandom := hs.hello.random
+ // Downgrade protection canaries. See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ if maxVers >= VersionTLS12 && c.vers < maxVers || testingOnlyForceDowngradeCanary {
+ if c.vers == VersionTLS12 {
+ copy(serverRandom[24:], downgradeCanaryTLS12)
+ } else {
+ copy(serverRandom[24:], downgradeCanaryTLS11)
+ }
+ serverRandom = serverRandom[:24]
+ }
+ _, err := io.ReadFull(c.config.rand(), serverRandom)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.secureRenegotiationSupported = hs.clientHello.secureRenegotiationSupported
+ hs.hello.compressionMethod = compressionNone
+ if len(hs.clientHello.serverName) > 0 {
+ c.serverName = hs.clientHello.serverName
+ }
+
+ if len(hs.clientHello.alpnProtocols) > 0 {
+ if selectedProto, fallback := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); !fallback {
+ hs.hello.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+ }
+ }
+
+ hs.cert, err = c.config.getCertificate(newClientHelloInfo(c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ if hs.clientHello.scts {
+ hs.hello.scts = hs.cert.SignedCertificateTimestamps
+ }
+
+ hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.clientHello.supportedPoints)
+
+ if hs.ecdheOk {
+ // Although omitting the ec_point_formats extension is permitted, some
+ // old OpenSSL version will refuse to handshake if not present.
+ //
+ // Per RFC 4492, section 5.1.2, implementations MUST support the
+ // uncompressed point format. See golang.org/issue/31943.
+ hs.hello.supportedPoints = []uint8{pointFormatUncompressed}
+ }
+
+ if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok {
+ switch priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ hs.ecSignOk = true
+ case ed25519.PublicKey:
+ hs.ecSignOk = true
+ case *rsa.PublicKey:
+ hs.rsaSignOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported signing key type (%T)", priv.Public())
+ }
+ }
+ if priv, ok := hs.cert.PrivateKey.(crypto.Decrypter); ok {
+ switch priv.Public().(type) {
+ case *rsa.PublicKey:
+ hs.rsaDecryptOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported decryption key type (%T)", priv.Public())
+ }
+ }
+
+ return nil
+}
+
+// supportsECDHE returns whether ECDHE key exchanges can be used with this
+// pre-TLS 1.3 client.
+func supportsECDHE(c *config, supportedCurves []CurveID, supportedPoints []uint8) bool {
+ supportsCurve := false
+ for _, curve := range supportedCurves {
+ if c.supportsCurve(curve) {
+ supportsCurve = true
+ break
+ }
+ }
+
+ supportsPointFormat := false
+ for _, pointFormat := range supportedPoints {
+ if pointFormat == pointFormatUncompressed {
+ supportsPointFormat = true
+ break
+ }
+ }
+
+ return supportsCurve && supportsPointFormat
+}
+
+func (hs *serverHandshakeState) pickCipherSuite() error {
+ c := hs.c
+
+ var preferenceList, supportedList []uint16
+ if c.config.PreferServerCipherSuites {
+ preferenceList = c.config.cipherSuites()
+ supportedList = hs.clientHello.cipherSuites
+ } else {
+ preferenceList = hs.clientHello.cipherSuites
+ supportedList = c.config.cipherSuites()
+ }
+
+ hs.suite = selectCipherSuite(preferenceList, supportedList, hs.cipherSuiteOk)
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // The client is doing a fallback connection. See RFC 7507.
+ if hs.clientHello.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) cipherSuiteOk(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ if !hs.ecdheOk {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !hs.ecSignOk {
+ return false
+ }
+ } else if !hs.rsaSignOk {
+ return false
+ }
+ } else if !hs.rsaDecryptOk {
+ return false
+ }
+ if hs.c.vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+}
+
+// checkForResumption reports whether we should perform resumption on this connection.
+func (hs *serverHandshakeState) checkForResumption() bool {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ plaintext, usedOldKey := c.decryptTicket(hs.clientHello.sessionTicket)
+ if plaintext == nil {
+ return false
+ }
+ hs.sessionState = &sessionState{usedOldKey: usedOldKey}
+ ok := hs.sessionState.unmarshal(plaintext)
+ if !ok {
+ return false
+ }
+
+ createdAt := time.Unix(int64(hs.sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ return false
+ }
+
+ // Never resume a session for a different TLS version.
+ if c.vers != hs.sessionState.vers {
+ return false
+ }
+
+ cipherSuiteOk := false
+ // Check that the client is still offering the ciphersuite in the session.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == hs.sessionState.cipherSuite {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return false
+ }
+
+ // Check that we also support the ciphersuite from the session.
+ hs.suite = selectCipherSuite([]uint16{hs.sessionState.cipherSuite},
+ c.config.cipherSuites(), hs.cipherSuiteOk)
+ if hs.suite == nil {
+ return false
+ }
+
+ sessionHasClientCerts := len(hs.sessionState.certificates) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ return false
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ return false
+ }
+
+ return true
+}
+
+func (hs *serverHandshakeState) doResumeHandshake() error {
+ c := hs.c
+
+ hs.hello.cipherSuite = hs.suite.id
+ c.cipherSuite = hs.suite.id
+ // We echo the client's session ID in the ServerHello to let it know
+ // that we're doing a resumption.
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.ticketSupported = hs.sessionState.usedOldKey
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+ hs.finishedHash.discardHandshakeBuffer()
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: hs.sessionState.certificates,
+ }); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ hs.masterSecret = hs.sessionState.masterSecret
+
+ return nil
+}
+
+func (hs *serverHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 {
+ hs.hello.ocspStapling = true
+ }
+
+ hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled
+ hs.hello.cipherSuite = hs.suite.id
+
+ hs.finishedHash = newFinishedHash(hs.c.vers, hs.suite)
+ if c.config.ClientAuth == NoClientCert {
+ // No need to keep a full record of the handshake if client
+ // certificates won't be used.
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsg)
+ certMsg.certificates = hs.cert.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ if hs.hello.ocspStapling {
+ certStatus := new(certificateStatusMsg)
+ certStatus.response = hs.cert.OCSPStaple
+ hs.finishedHash.Write(certStatus.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certStatus.marshal()); err != nil {
+ return err
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+ skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ if skx != nil {
+ hs.finishedHash.Write(skx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, skx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ var certReq *certificateRequestMsg
+ if c.config.ClientAuth >= RequestClientCert {
+ // Request a client certificate
+ certReq = new(certificateRequestMsg)
+ certReq.certificateTypes = []byte{
+ byte(certTypeRSASign),
+ byte(certTypeECDSASign),
+ }
+ if c.vers >= VersionTLS12 {
+ certReq.hasSignatureAlgorithm = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ // An empty list of certificateAuthorities signals to
+ // the client that it may send any certificate in response
+ // to our request. When we know the CAs we trust, then
+ // we can send them down, so that the client can choose
+ // an appropriate certificate to give to us.
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+ hs.finishedHash.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ helloDone := new(serverHelloDoneMsg)
+ hs.finishedHash.Write(helloDone.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloDone.marshal()); err != nil {
+ return err
+ }
+
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ var pub crypto.PublicKey // public key for client auth, if any
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message, even if it's empty.
+ if c.config.ClientAuth >= RequestClientCert {
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: certMsg.certificates,
+ }); err != nil {
+ return err
+ }
+ if len(certMsg.certificates) != 0 {
+ pub = c.peerCertificates[0].PublicKey
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ // Get client key exchange
+ ckx, ok := msg.(*clientKeyExchangeMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(ckx, msg)
+ }
+ hs.finishedHash.Write(ckx.marshal())
+
+ preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx, c.vers)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.clientHello.random, hs.hello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ // If we received a client cert in response to our certificate request message,
+ // the client will send us a certificateVerifyMsg immediately after the
+ // clientKeyExchangeMsg. This message is a digest of all preceding
+ // handshake-layer messages that is signed using the private key corresponding
+ // to the client's certificate. This allows us to verify that the client is in
+ // possession of the private key of the certificate.
+ if len(c.peerCertificates) > 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, certReq.supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(pub)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ if err := verifyHandshakeSignature(sigType, pub, sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *serverHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash macFunction
+
+ if hs.suite.aead == nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, true /* for reading */)
+ clientHash = hs.suite.mac(c.vers, clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, false /* not for reading */)
+ serverHash = hs.suite.mac(c.vers, serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ c.out.prepareCipherSpec(c.vers, serverCipher, serverHash)
+
+ return nil
+}
+
+func (hs *serverHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ clientFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientFinished, msg)
+ }
+
+ verify := hs.finishedHash.clientSum(hs.masterSecret)
+ if len(verify) != len(clientFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client's Finished message is incorrect")
+ }
+
+ hs.finishedHash.Write(clientFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *serverHandshakeState) sendSessionTicket() error {
+ // ticketSupported is set in a resumption handshake if the
+ // ticket from the client was encrypted with an old session
+ // ticket key and thus a refreshed ticket should be sent.
+ if !hs.hello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ m := new(newSessionTicketMsg)
+
+ createdAt := uint64(c.config.time().Unix())
+ if hs.sessionState != nil {
+ // If this is re-wrapping an old key, then keep
+ // the original time it was created.
+ createdAt = hs.sessionState.createdAt
+ }
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionState{
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ createdAt: createdAt,
+ masterSecret: hs.masterSecret,
+ certificates: certsFromClient,
+ }
+ var err error
+ m.ticket, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash.Write(m.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.serverSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ copy(out, finished.verifyData)
+
+ return nil
+}
+
+// processCertsFromClient takes a chain of client certificates either from a
+// Certificates message or from a sessionState and verifies them. It returns
+// the public key of the leaf certificate.
+func (c *Conn) processCertsFromClient(certificate Certificate) error {
+ certificates := certificate.Certificate
+ certs := make([]*x509.Certificate, len(certificates))
+ var err error
+ for i, asn1Data := range certificates {
+ if certs[i], err = x509.ParseCertificate(asn1Data); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse client certificate: " + err.Error())
+ }
+ }
+
+ if len(certs) == 0 && requiresClientCert(c.config.ClientAuth) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: client didn't provide a certificate")
+ }
+
+ if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 {
+ opts := x509.VerifyOptions{
+ Roots: c.config.ClientCAs,
+ CurrentTime: c.config.time(),
+ Intermediates: x509.NewCertPool(),
+ KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
+ }
+
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+
+ chains, err := certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to verify client certificate: " + err.Error())
+ }
+
+ c.verifiedChains = chains
+ }
+
+ c.peerCertificates = certs
+ c.ocspResponse = certificate.OCSPStaple
+ c.scts = certificate.SignedCertificateTimestamps
+
+ if len(certs) > 0 {
+ switch certs[0].PublicKey.(type) {
+ case *ecdsa.PublicKey, *rsa.PublicKey, ed25519.PublicKey:
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: client certificate contains an unsupported public key of type %T", certs[0].PublicKey)
+ }
+ }
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+func newClientHelloInfo(c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo {
+ supportedVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ supportedVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+
+ return toClientHelloInfo(&clientHelloInfo{
+ CipherSuites: clientHello.cipherSuites,
+ ServerName: clientHello.serverName,
+ SupportedCurves: clientHello.supportedCurves,
+ SupportedPoints: clientHello.supportedPoints,
+ SignatureSchemes: clientHello.supportedSignatureAlgorithms,
+ SupportedProtos: clientHello.alpnProtocols,
+ SupportedVersions: supportedVersions,
+ Conn: c.conn,
+ config: toConfig(c.config),
+ })
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server_tls13.go
new file mode 100644
index 00000000..196cd0ff
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/handshake_server_tls13.go
@@ -0,0 +1,895 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// maxClientPSKIdentities is the number of client PSK identities the server will
+// attempt to validate. It will ignore the rest not to let cheap ClientHello
+// messages cause too much work in session ticket decryption attempts.
+const maxClientPSKIdentities = 5
+
+type serverHandshakeStateTLS13 struct {
+ c *Conn
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ encryptedExtensions *encryptedExtensionsMsg
+ sentDummyCCS bool
+ usingPSK bool
+ suite *cipherSuiteTLS13
+ cert *Certificate
+ sigAlg SignatureScheme
+ earlySecret []byte
+ sharedKey []byte
+ handshakeSecret []byte
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+ transcript hash.Hash
+ clientFinished []byte
+}
+
+func (hs *serverHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // For an overview of the TLS 1.3 handshake, see RFC 8446, Section 2.
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+ if err := hs.checkForResumption(); err != nil {
+ return err
+ }
+ if err := hs.pickCertificate(); err != nil {
+ return err
+ }
+ c.buffering = true
+ if err := hs.sendServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.sendServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendServerFinished(); err != nil {
+ return err
+ }
+ // Note that at this point we could start sending application data without
+ // waiting for the client's second flight, but the application might not
+ // expect the lack of replay protection of the ClientHello parameters.
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ if err := hs.readClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readClientFinished(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.encryptedExtensions = new(encryptedExtensionsMsg)
+
+ // TLS 1.3 froze the ServerHello.legacy_version field, and uses
+ // supported_versions instead. See RFC 8446, sections 4.1.3 and 4.2.1.
+ hs.hello.vers = VersionTLS12
+ hs.hello.supportedVersion = c.vers
+
+ if len(hs.clientHello.supportedVersions) == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client used the legacy version field to negotiate TLS 1.3")
+ }
+
+ // Abort if the client is doing a fallback and landing lower than what we
+ // support. See RFC 7507, which however does not specify the interaction
+ // with supported_versions. The only difference is that with
+ // supported_versions a client has a chance to attempt a [TLS 1.2, TLS 1.4]
+ // handshake in case TLS 1.3 is broken but 1.2 is not. Alas, in that case,
+ // it will have to drop the TLS_FALLBACK_SCSV protection if it falls back to
+ // TLS 1.2, because a TLS 1.3 server would abort here. The situation before
+ // supported_versions was not better because there was just no way to do a
+ // TLS 1.4 handshake without risking the server selecting TLS 1.3.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // Use c.vers instead of max(supported_versions) because an attacker
+ // could defeat this by adding an arbitrary high version otherwise.
+ if c.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ if len(hs.clientHello.compressionMethods) != 1 ||
+ hs.clientHello.compressionMethods[0] != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: TLS 1.3 client supports illegal compression methods")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ if _, err := io.ReadFull(c.config.rand(), hs.hello.random); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.compressionMethod = compressionNone
+
+ var preferenceList, supportedList, ourList []uint16
+ for _, suiteID := range c.config.CipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ ourList = append(ourList, suiteID)
+ }
+ }
+ }
+ if len(ourList) == 0 {
+ ourList = defaultCipherSuitesTLS13()
+ }
+ if c.config.PreferServerCipherSuites {
+ preferenceList = ourList
+ supportedList = hs.clientHello.cipherSuites
+ } else {
+ preferenceList = hs.clientHello.cipherSuites
+ supportedList = ourList
+ }
+ for _, suiteID := range preferenceList {
+ hs.suite = mutualCipherSuiteTLS13(supportedList, suiteID)
+ if hs.suite != nil {
+ break
+ }
+ }
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+ hs.hello.cipherSuite = hs.suite.id
+ hs.transcript = hs.suite.hash.New()
+
+ // Pick the ECDHE group in server preference order, but give priority to
+ // groups with a key share, to avoid a HelloRetryRequest round-trip.
+ var selectedGroup CurveID
+ var clientKeyShare *keyShare
+GroupSelection:
+ for _, preferredGroup := range c.config.curvePreferences() {
+ for _, ks := range hs.clientHello.keyShares {
+ if ks.group == preferredGroup {
+ selectedGroup = ks.group
+ clientKeyShare = &ks
+ break GroupSelection
+ }
+ }
+ if selectedGroup != 0 {
+ continue
+ }
+ for _, group := range hs.clientHello.supportedCurves {
+ if group == preferredGroup {
+ selectedGroup = group
+ break
+ }
+ }
+ }
+ if selectedGroup == 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no ECDHE curve supported by both client and server")
+ }
+ if clientKeyShare == nil {
+ if err := hs.doHelloRetryRequest(selectedGroup); err != nil {
+ return err
+ }
+ clientKeyShare = &hs.clientHello.keyShares[0]
+ }
+
+ if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), selectedGroup)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()}
+ hs.sharedKey = params.SharedKey(clientKeyShare.data)
+ if hs.sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid client key share")
+ }
+
+ c.serverName = hs.clientHello.serverName
+
+ if c.extraConfig != nil && c.extraConfig.ReceivedExtensions != nil {
+ c.extraConfig.ReceivedExtensions(typeClientHello, hs.clientHello.additionalExtensions)
+ }
+
+ if len(hs.clientHello.alpnProtocols) > 0 {
+ if selectedProto, fallback := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); !fallback {
+ hs.encryptedExtensions.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) checkForResumption() error {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return nil
+ }
+
+ modeOK := false
+ for _, mode := range hs.clientHello.pskModes {
+ if mode == pskModeDHE {
+ modeOK = true
+ break
+ }
+ }
+ if !modeOK {
+ return nil
+ }
+
+ if len(hs.clientHello.pskIdentities) != len(hs.clientHello.pskBinders) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid or missing PSK binders")
+ }
+ if len(hs.clientHello.pskIdentities) == 0 {
+ return nil
+ }
+
+ for i, identity := range hs.clientHello.pskIdentities {
+ if i >= maxClientPSKIdentities {
+ break
+ }
+
+ plaintext, _ := c.decryptTicket(identity.label)
+ if plaintext == nil {
+ continue
+ }
+ sessionState := new(sessionStateTLS13)
+ if ok := sessionState.unmarshal(plaintext); !ok {
+ continue
+ }
+
+ if hs.clientHello.earlyData {
+ if sessionState.maxEarlyData == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: client sent unexpected early data")
+ }
+
+ if sessionState.alpn == c.clientProtocol &&
+ c.extraConfig != nil && c.extraConfig.MaxEarlyData > 0 &&
+ c.extraConfig.Accept0RTT != nil && c.extraConfig.Accept0RTT(sessionState.appData) {
+ hs.encryptedExtensions.earlyData = true
+ c.used0RTT = true
+ }
+ }
+
+ createdAt := time.Unix(int64(sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ continue
+ }
+
+ // We don't check the obfuscated ticket age because it's affected by
+ // clock skew and it's only a freshness signal useful for shrinking the
+ // window for replay attacks, which don't affect us as we don't do 0-RTT.
+
+ pskSuite := cipherSuiteTLS13ByID(sessionState.cipherSuite)
+ if pskSuite == nil || pskSuite.hash != hs.suite.hash {
+ continue
+ }
+
+ // PSK connections don't re-establish client certificates, but carry
+ // them over in the session ticket. Ensure the presence of client certs
+ // in the ticket is consistent with the configured requirements.
+ sessionHasClientCerts := len(sessionState.certificate.Certificate) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ continue
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ continue
+ }
+
+ psk := hs.suite.expandLabel(sessionState.resumptionSecret, "resumption",
+ nil, hs.suite.hash.Size())
+ hs.earlySecret = hs.suite.extract(psk, nil)
+ binderKey := hs.suite.deriveSecret(hs.earlySecret, resumptionBinderLabel, nil)
+ // Clone the transcript in case a HelloRetryRequest was recorded.
+ transcript := cloneHash(hs.transcript, hs.suite.hash)
+ if transcript == nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: internal error: failed to clone hash")
+ }
+ transcript.Write(hs.clientHello.marshalWithoutBinders())
+ pskBinder := hs.suite.finishedHash(binderKey, transcript)
+ if !hmac.Equal(hs.clientHello.pskBinders[i], pskBinder) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid PSK binder")
+ }
+
+ c.didResume = true
+ if err := c.processCertsFromClient(sessionState.certificate); err != nil {
+ return err
+ }
+
+ h := cloneHash(hs.transcript, hs.suite.hash)
+ h.Write(hs.clientHello.marshal())
+ if hs.encryptedExtensions.earlyData {
+ clientEarlySecret := hs.suite.deriveSecret(hs.earlySecret, "c e traffic", h)
+ c.in.exportKey(Encryption0RTT, hs.suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hs.clientHello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+
+ hs.hello.selectedIdentityPresent = true
+ hs.hello.selectedIdentity = uint16(i)
+ hs.usingPSK = true
+ return nil
+ }
+
+ return nil
+}
+
+// cloneHash uses the encoding.BinaryMarshaler and encoding.BinaryUnmarshaler
+// interfaces implemented by standard library hashes to clone the state of in
+// to a new instance of h. It returns nil if the operation fails.
+func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+ // Recreate the interface to avoid importing encoding.
+ type binaryMarshaler interface {
+ MarshalBinary() (data []byte, err error)
+ UnmarshalBinary(data []byte) error
+ }
+ marshaler, ok := in.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ state, err := marshaler.MarshalBinary()
+ if err != nil {
+ return nil
+ }
+ out := h.New()
+ unmarshaler, ok := out.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ if err := unmarshaler.UnmarshalBinary(state); err != nil {
+ return nil
+ }
+ return out
+}
+
+func (hs *serverHandshakeStateTLS13) pickCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ // signature_algorithms is required in TLS 1.3. See RFC 8446, Section 4.2.3.
+ if len(hs.clientHello.supportedSignatureAlgorithms) == 0 {
+ return c.sendAlert(alertMissingExtension)
+ }
+
+ certificate, err := c.config.getCertificate(newClientHelloInfo(c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ hs.sigAlg, err = selectSignatureScheme(c.vers, certificate, hs.clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ // getCertificate returned a certificate that is unsupported or
+ // incompatible with the client's signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.cert = certificate
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *serverHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. See RFC 8446, Section 4.4.1.
+ hs.transcript.Write(hs.clientHello.marshal())
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+
+ helloRetryRequest := &serverHelloMsg{
+ vers: hs.hello.vers,
+ random: helloRetryRequestRandom,
+ sessionId: hs.hello.sessionId,
+ cipherSuite: hs.hello.cipherSuite,
+ compressionMethod: hs.hello.compressionMethod,
+ supportedVersion: hs.hello.supportedVersion,
+ selectedGroup: selectedGroup,
+ }
+
+ hs.transcript.Write(helloRetryRequest.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientHello, msg)
+ }
+
+ if len(clientHello.keyShares) != 1 || clientHello.keyShares[0].group != selectedGroup {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client sent invalid key share in second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client indicated early data in second ClientHello")
+ }
+
+ if illegalClientHelloChange(clientHello, hs.clientHello) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client illegally modified second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client offered 0-RTT data in second ClientHello")
+ }
+
+ hs.clientHello = clientHello
+ return nil
+}
+
+// illegalClientHelloChange reports whether the two ClientHello messages are
+// different, with the exception of the changes allowed before and after a
+// HelloRetryRequest. See RFC 8446, Section 4.1.2.
+func illegalClientHelloChange(ch, ch1 *clientHelloMsg) bool {
+ if len(ch.supportedVersions) != len(ch1.supportedVersions) ||
+ len(ch.cipherSuites) != len(ch1.cipherSuites) ||
+ len(ch.supportedCurves) != len(ch1.supportedCurves) ||
+ len(ch.supportedSignatureAlgorithms) != len(ch1.supportedSignatureAlgorithms) ||
+ len(ch.supportedSignatureAlgorithmsCert) != len(ch1.supportedSignatureAlgorithmsCert) ||
+ len(ch.alpnProtocols) != len(ch1.alpnProtocols) {
+ return true
+ }
+ for i := range ch.supportedVersions {
+ if ch.supportedVersions[i] != ch1.supportedVersions[i] {
+ return true
+ }
+ }
+ for i := range ch.cipherSuites {
+ if ch.cipherSuites[i] != ch1.cipherSuites[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedCurves {
+ if ch.supportedCurves[i] != ch1.supportedCurves[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithms {
+ if ch.supportedSignatureAlgorithms[i] != ch1.supportedSignatureAlgorithms[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithmsCert {
+ if ch.supportedSignatureAlgorithmsCert[i] != ch1.supportedSignatureAlgorithmsCert[i] {
+ return true
+ }
+ }
+ for i := range ch.alpnProtocols {
+ if ch.alpnProtocols[i] != ch1.alpnProtocols[i] {
+ return true
+ }
+ }
+ return ch.vers != ch1.vers ||
+ !bytes.Equal(ch.random, ch1.random) ||
+ !bytes.Equal(ch.sessionId, ch1.sessionId) ||
+ !bytes.Equal(ch.compressionMethods, ch1.compressionMethods) ||
+ ch.serverName != ch1.serverName ||
+ ch.ocspStapling != ch1.ocspStapling ||
+ !bytes.Equal(ch.supportedPoints, ch1.supportedPoints) ||
+ ch.ticketSupported != ch1.ticketSupported ||
+ !bytes.Equal(ch.sessionTicket, ch1.sessionTicket) ||
+ ch.secureRenegotiationSupported != ch1.secureRenegotiationSupported ||
+ !bytes.Equal(ch.secureRenegotiation, ch1.secureRenegotiation) ||
+ ch.scts != ch1.scts ||
+ !bytes.Equal(ch.cookie, ch1.cookie) ||
+ !bytes.Equal(ch.pskModes, ch1.pskModes)
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
+ c := hs.c
+
+ if c.extraConfig != nil && c.extraConfig.EnforceNextProtoSelection && len(c.clientProtocol) == 0 {
+ c.sendAlert(alertNoApplicationProtocol)
+ return fmt.Errorf("ALPN negotiation failed. Client offered: %q", hs.clientHello.alpnProtocols)
+ }
+
+ hs.transcript.Write(hs.clientHello.marshal())
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ earlySecret := hs.earlySecret
+ if earlySecret == nil {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ hs.handshakeSecret = hs.suite.extract(hs.sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.in.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.clientHello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if hs.c.extraConfig != nil && hs.c.extraConfig.GetExtensions != nil {
+ hs.encryptedExtensions.additionalExtensions = hs.c.extraConfig.GetExtensions(typeEncryptedExtensions)
+ }
+
+ hs.transcript.Write(hs.encryptedExtensions.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.encryptedExtensions.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) requestClientCert() bool {
+ return hs.c.config.ClientAuth >= RequestClientCert && !hs.usingPSK
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ if hs.requestClientCert() {
+ // Request a client certificate
+ certReq := new(certificateRequestMsgTLS13)
+ certReq.ocspStapling = true
+ certReq.scts = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+
+ hs.transcript.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *hs.cert
+ certMsg.scts = hs.clientHello.scts && len(hs.cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+ certVerifyMsg.signatureAlgorithm = hs.sigAlg
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(hs.sigAlg)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := hs.cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ public := hs.cert.PrivateKey.(crypto.Signer).Public()
+ if rsaKey, ok := public.(*rsa.PublicKey); ok && sigType == signatureRSAPSS &&
+ rsaKey.N.BitLen()/8 < sigHash.Size()*2+2 { // key too small for RSA-PSS
+ c.sendAlert(alertHandshakeFailure)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(hs.handshakeSecret, "derived", nil))
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ // If we did not request client certificates, at this point we can
+ // precompute the client finished and roll the transcript forward to send
+ // session tickets in our first flight.
+ if !hs.requestClientCert() {
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) shouldSendSessionTickets() bool {
+ if hs.c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ // Don't send tickets the client wouldn't use. See RFC 8446, Section 4.2.9.
+ for _, pskMode := range hs.clientHello.pskModes {
+ if pskMode == pskModeDHE {
+ return true
+ }
+ }
+ return false
+}
+
+func (hs *serverHandshakeStateTLS13) sendSessionTickets() error {
+ c := hs.c
+
+ hs.clientFinished = hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ finishedMsg := &finishedMsg{
+ verifyData: hs.clientFinished,
+ }
+ hs.transcript.Write(finishedMsg.marshal())
+
+ if !hs.shouldSendSessionTickets() {
+ return nil
+ }
+
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+
+ // Don't send session tickets when the alternative record layer is set.
+ // Instead, save the resumption secret on the Conn.
+ // Session tickets can then be generated by calling Conn.GetSessionTicket().
+ if hs.c.extraConfig != nil && hs.c.extraConfig.AlternativeRecordLayer != nil {
+ return nil
+ }
+
+ m, err := hs.c.getSessionTicketMsg(nil)
+ if err != nil {
+ return err
+ }
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientCertificate() error {
+ c := hs.c
+
+ if !hs.requestClientCert() {
+ // Make sure the connection is still being verified whether or not
+ // the server requested a client certificate.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message. If it's empty, no CertificateVerify is sent.
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(certMsg.certificate); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if len(certMsg.certificate.Certificate) != 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+ }
+
+ // If we waited until the client certificates to send session tickets, we
+ // are ready to do it now.
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ if !hmac.Equal(hs.clientFinished, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid client finished hash")
+ }
+
+ c.in.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.in.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/key_agreement.go b/vendor/github.com/marten-seemann/qtls-go1-15/key_agreement.go
new file mode 100644
index 00000000..7c8139b0
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/key_agreement.go
@@ -0,0 +1,334 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/md5"
+ "crypto/rsa"
+ "crypto/sha1"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+)
+
+var errClientKeyExchange = errors.New("tls: invalid ClientKeyExchange message")
+var errServerKeyExchange = errors.New("tls: invalid ServerKeyExchange message")
+
+// rsaKeyAgreement implements the standard TLS key agreement where the client
+// encrypts the pre-master secret to the server's public key.
+type rsaKeyAgreement struct{}
+
+func (ka rsaKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ return nil, nil
+}
+
+func (ka rsaKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) < 2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1])
+ if ciphertextLen != len(ckx.ciphertext)-2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertext := ckx.ciphertext[2:]
+
+ priv, ok := cert.PrivateKey.(crypto.Decrypter)
+ if !ok {
+ return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter")
+ }
+ // Perform constant time RSA PKCS #1 v1.5 decryption
+ preMasterSecret, err := priv.Decrypt(config.rand(), ciphertext, &rsa.PKCS1v15DecryptOptions{SessionKeyLen: 48})
+ if err != nil {
+ return nil, err
+ }
+ // We don't check the version number in the premaster secret. For one,
+ // by checking it, we would leak information about the validity of the
+ // encrypted pre-master secret. Secondly, it provides only a small
+ // benefit against a downgrade attack and some implementations send the
+ // wrong version anyway. See the discussion at the end of section
+ // 7.4.7.1 of RFC 4346.
+ return preMasterSecret, nil
+}
+
+func (ka rsaKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ return errors.New("tls: unexpected ServerKeyExchange")
+}
+
+func (ka rsaKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ preMasterSecret := make([]byte, 48)
+ preMasterSecret[0] = byte(clientHello.vers >> 8)
+ preMasterSecret[1] = byte(clientHello.vers)
+ _, err := io.ReadFull(config.rand(), preMasterSecret[2:])
+ if err != nil {
+ return nil, nil, err
+ }
+
+ encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret)
+ if err != nil {
+ return nil, nil, err
+ }
+ ckx := new(clientKeyExchangeMsg)
+ ckx.ciphertext = make([]byte, len(encrypted)+2)
+ ckx.ciphertext[0] = byte(len(encrypted) >> 8)
+ ckx.ciphertext[1] = byte(len(encrypted))
+ copy(ckx.ciphertext[2:], encrypted)
+ return preMasterSecret, ckx, nil
+}
+
+// sha1Hash calculates a SHA1 hash over the given byte slices.
+func sha1Hash(slices [][]byte) []byte {
+ hsha1 := sha1.New()
+ for _, slice := range slices {
+ hsha1.Write(slice)
+ }
+ return hsha1.Sum(nil)
+}
+
+// md5SHA1Hash implements TLS 1.0's hybrid hash function which consists of the
+// concatenation of an MD5 and SHA1 hash.
+func md5SHA1Hash(slices [][]byte) []byte {
+ md5sha1 := make([]byte, md5.Size+sha1.Size)
+ hmd5 := md5.New()
+ for _, slice := range slices {
+ hmd5.Write(slice)
+ }
+ copy(md5sha1, hmd5.Sum(nil))
+ copy(md5sha1[md5.Size:], sha1Hash(slices))
+ return md5sha1
+}
+
+// hashForServerKeyExchange hashes the given slices and returns their digest
+// using the given hash function (for >= TLS 1.2) or using a default based on
+// the sigType (for earlier TLS versions). For Ed25519 signatures, which don't
+// do pre-hashing, it returns the concatenation of the slices.
+func hashForServerKeyExchange(sigType uint8, hashFunc crypto.Hash, version uint16, slices ...[]byte) []byte {
+ if sigType == signatureEd25519 {
+ var signed []byte
+ for _, slice := range slices {
+ signed = append(signed, slice...)
+ }
+ return signed
+ }
+ if version >= VersionTLS12 {
+ h := hashFunc.New()
+ for _, slice := range slices {
+ h.Write(slice)
+ }
+ digest := h.Sum(nil)
+ return digest
+ }
+ if sigType == signatureECDSA {
+ return sha1Hash(slices)
+ }
+ return md5SHA1Hash(slices)
+}
+
+// ecdheKeyAgreement implements a TLS key agreement where the server
+// generates an ephemeral EC public/private key pair and signs it. The
+// pre-master secret is then calculated using ECDH. The signature may
+// be ECDSA, Ed25519 or RSA.
+type ecdheKeyAgreement struct {
+ version uint16
+ isRSA bool
+ params ecdheParameters
+
+ // ckx and preMasterSecret are generated in processServerKeyExchange
+ // and returned in generateClientKeyExchange.
+ ckx *clientKeyExchangeMsg
+ preMasterSecret []byte
+}
+
+func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ var curveID CurveID
+ for _, c := range clientHello.supportedCurves {
+ if config.supportsCurve(c) {
+ curveID = c
+ break
+ }
+ }
+
+ if curveID == 0 {
+ return nil, errors.New("tls: no supported elliptic curves offered")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, err
+ }
+ ka.params = params
+
+ // See RFC 4492, Section 5.4.
+ ecdhePublic := params.PublicKey()
+ serverECDHEParams := make([]byte, 1+2+1+len(ecdhePublic))
+ serverECDHEParams[0] = 3 // named curve
+ serverECDHEParams[1] = byte(curveID >> 8)
+ serverECDHEParams[2] = byte(curveID)
+ serverECDHEParams[3] = byte(len(ecdhePublic))
+ copy(serverECDHEParams[4:], ecdhePublic)
+
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil, fmt.Errorf("tls: certificate private key of type %T does not implement crypto.Signer", cert.PrivateKey)
+ }
+
+ var signatureAlgorithm SignatureScheme
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm, err = selectSignatureScheme(ka.version, cert, clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ return nil, err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(priv.Public())
+ if err != nil {
+ return nil, err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return nil, errors.New("tls: certificate cannot be used with the selected cipher suite")
+ }
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, hello.random, serverECDHEParams)
+
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := priv.Sign(config.rand(), signed, signOpts)
+ if err != nil {
+ return nil, errors.New("tls: failed to sign ECDHE parameters: " + err.Error())
+ }
+
+ skx := new(serverKeyExchangeMsg)
+ sigAndHashLen := 0
+ if ka.version >= VersionTLS12 {
+ sigAndHashLen = 2
+ }
+ skx.key = make([]byte, len(serverECDHEParams)+sigAndHashLen+2+len(sig))
+ copy(skx.key, serverECDHEParams)
+ k := skx.key[len(serverECDHEParams):]
+ if ka.version >= VersionTLS12 {
+ k[0] = byte(signatureAlgorithm >> 8)
+ k[1] = byte(signatureAlgorithm)
+ k = k[2:]
+ }
+ k[0] = byte(len(sig) >> 8)
+ k[1] = byte(len(sig))
+ copy(k[2:], sig)
+
+ return skx, nil
+}
+
+func (ka *ecdheKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
+ return nil, errClientKeyExchange
+ }
+
+ preMasterSecret := ka.params.SharedKey(ckx.ciphertext[1:])
+ if preMasterSecret == nil {
+ return nil, errClientKeyExchange
+ }
+
+ return preMasterSecret, nil
+}
+
+func (ka *ecdheKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ if len(skx.key) < 4 {
+ return errServerKeyExchange
+ }
+ if skx.key[0] != 3 { // named curve
+ return errors.New("tls: server selected unsupported curve")
+ }
+ curveID := CurveID(skx.key[1])<<8 | CurveID(skx.key[2])
+
+ publicLen := int(skx.key[3])
+ if publicLen+4 > len(skx.key) {
+ return errServerKeyExchange
+ }
+ serverECDHEParams := skx.key[:4+publicLen]
+ publicKey := serverECDHEParams[4:]
+
+ sig := skx.key[4+publicLen:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return errors.New("tls: server selected unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return err
+ }
+ ka.params = params
+
+ ka.preMasterSecret = params.SharedKey(publicKey)
+ if ka.preMasterSecret == nil {
+ return errServerKeyExchange
+ }
+
+ ourPublicKey := params.PublicKey()
+ ka.ckx = new(clientKeyExchangeMsg)
+ ka.ckx.ciphertext = make([]byte, 1+len(ourPublicKey))
+ ka.ckx.ciphertext[0] = byte(len(ourPublicKey))
+ copy(ka.ckx.ciphertext[1:], ourPublicKey)
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm := SignatureScheme(sig[0])<<8 | SignatureScheme(sig[1])
+ sig = sig[2:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if !isSupportedSignatureAlgorithm(signatureAlgorithm, clientHello.supportedSignatureAlgorithms) {
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(cert.PublicKey)
+ if err != nil {
+ return err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return errServerKeyExchange
+ }
+
+ sigLen := int(sig[0])<<8 | int(sig[1])
+ if sigLen+2 != len(sig) {
+ return errServerKeyExchange
+ }
+ sig = sig[2:]
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, serverHello.random, serverECDHEParams)
+ if err := verifyHandshakeSignature(sigType, cert.PublicKey, sigHash, signed, sig); err != nil {
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+ return nil
+}
+
+func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ if ka.ckx == nil {
+ return nil, nil, errors.New("tls: missing ServerKeyExchange message")
+ }
+
+ return ka.preMasterSecret, ka.ckx, nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/key_schedule.go b/vendor/github.com/marten-seemann/qtls-go1-15/key_schedule.go
new file mode 100644
index 00000000..42c07f6f
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/key_schedule.go
@@ -0,0 +1,214 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/elliptic"
+ "crypto/hmac"
+ "errors"
+ "hash"
+ "io"
+ "math/big"
+
+ "golang.org/x/crypto/cryptobyte"
+ "golang.org/x/crypto/curve25519"
+ "golang.org/x/crypto/hkdf"
+)
+
+// This file contains the functions necessary to compute the TLS 1.3 key
+// schedule. See RFC 8446, Section 7.
+
+const (
+ resumptionBinderLabel = "res binder"
+ clientHandshakeTrafficLabel = "c hs traffic"
+ serverHandshakeTrafficLabel = "s hs traffic"
+ clientApplicationTrafficLabel = "c ap traffic"
+ serverApplicationTrafficLabel = "s ap traffic"
+ exporterLabel = "exp master"
+ resumptionLabel = "res master"
+ trafficUpdateLabel = "traffic upd"
+)
+
+// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt.
+func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte {
+ if newSecret == nil {
+ newSecret = make([]byte, hash.Size())
+ }
+ return hkdf.Extract(hash.New, newSecret, currentSecret)
+}
+
+// HkdfExpandLabel HKDF expands a label
+func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte {
+ return hkdfExpandLabel(hash, secret, hashValue, label, L)
+}
+
+func hkdfExpandLabel(hash crypto.Hash, secret, context []byte, label string, length int) []byte {
+ var hkdfLabel cryptobyte.Builder
+ hkdfLabel.AddUint16(uint16(length))
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte("tls13 "))
+ b.AddBytes([]byte(label))
+ })
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(context)
+ })
+ out := make([]byte, length)
+ n, err := hkdf.Expand(hash.New, secret, hkdfLabel.BytesOrPanic()).Read(out)
+ if err != nil || n != length {
+ panic("tls: HKDF-Expand-Label invocation failed unexpectedly")
+ }
+ return out
+}
+
+// expandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) expandLabel(secret []byte, label string, context []byte, length int) []byte {
+ return hkdfExpandLabel(c.hash, secret, context, label, length)
+}
+
+// deriveSecret implements Derive-Secret from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) deriveSecret(secret []byte, label string, transcript hash.Hash) []byte {
+ if transcript == nil {
+ transcript = c.hash.New()
+ }
+ return c.expandLabel(secret, label, transcript.Sum(nil), c.hash.Size())
+}
+
+// extract implements HKDF-Extract with the cipher suite hash.
+func (c *cipherSuiteTLS13) extract(newSecret, currentSecret []byte) []byte {
+ return HkdfExtract(c.hash, newSecret, currentSecret)
+}
+
+// nextTrafficSecret generates the next traffic secret, given the current one,
+// according to RFC 8446, Section 7.2.
+func (c *cipherSuiteTLS13) nextTrafficSecret(trafficSecret []byte) []byte {
+ return c.expandLabel(trafficSecret, trafficUpdateLabel, nil, c.hash.Size())
+}
+
+// trafficKey generates traffic keys according to RFC 8446, Section 7.3.
+func (c *cipherSuiteTLS13) trafficKey(trafficSecret []byte) (key, iv []byte) {
+ key = c.expandLabel(trafficSecret, "key", nil, c.keyLen)
+ iv = c.expandLabel(trafficSecret, "iv", nil, aeadNonceLength)
+ return
+}
+
+// finishedHash generates the Finished verify_data or PskBinderEntry according
+// to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey
+// selection.
+func (c *cipherSuiteTLS13) finishedHash(baseKey []byte, transcript hash.Hash) []byte {
+ finishedKey := c.expandLabel(baseKey, "finished", nil, c.hash.Size())
+ verifyData := hmac.New(c.hash.New, finishedKey)
+ verifyData.Write(transcript.Sum(nil))
+ return verifyData.Sum(nil)
+}
+
+// exportKeyingMaterial implements RFC5705 exporters for TLS 1.3 according to
+// RFC 8446, Section 7.5.
+func (c *cipherSuiteTLS13) exportKeyingMaterial(masterSecret []byte, transcript hash.Hash) func(string, []byte, int) ([]byte, error) {
+ expMasterSecret := c.deriveSecret(masterSecret, exporterLabel, transcript)
+ return func(label string, context []byte, length int) ([]byte, error) {
+ secret := c.deriveSecret(expMasterSecret, label, nil)
+ h := c.hash.New()
+ h.Write(context)
+ return c.expandLabel(secret, "exporter", h.Sum(nil), length), nil
+ }
+}
+
+// ecdheParameters implements Diffie-Hellman with either NIST curves or X25519,
+// according to RFC 8446, Section 4.2.8.2.
+type ecdheParameters interface {
+ CurveID() CurveID
+ PublicKey() []byte
+ SharedKey(peerPublicKey []byte) []byte
+}
+
+func generateECDHEParameters(rand io.Reader, curveID CurveID) (ecdheParameters, error) {
+ if curveID == X25519 {
+ privateKey := make([]byte, curve25519.ScalarSize)
+ if _, err := io.ReadFull(rand, privateKey); err != nil {
+ return nil, err
+ }
+ publicKey, err := curve25519.X25519(privateKey, curve25519.Basepoint)
+ if err != nil {
+ return nil, err
+ }
+ return &x25519Parameters{privateKey: privateKey, publicKey: publicKey}, nil
+ }
+
+ curve, ok := curveForCurveID(curveID)
+ if !ok {
+ return nil, errors.New("tls: internal error: unsupported curve")
+ }
+
+ p := &nistParameters{curveID: curveID}
+ var err error
+ p.privateKey, p.x, p.y, err = elliptic.GenerateKey(curve, rand)
+ if err != nil {
+ return nil, err
+ }
+ return p, nil
+}
+
+func curveForCurveID(id CurveID) (elliptic.Curve, bool) {
+ switch id {
+ case CurveP256:
+ return elliptic.P256(), true
+ case CurveP384:
+ return elliptic.P384(), true
+ case CurveP521:
+ return elliptic.P521(), true
+ default:
+ return nil, false
+ }
+}
+
+type nistParameters struct {
+ privateKey []byte
+ x, y *big.Int // public key
+ curveID CurveID
+}
+
+func (p *nistParameters) CurveID() CurveID {
+ return p.curveID
+}
+
+func (p *nistParameters) PublicKey() []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ return elliptic.Marshal(curve, p.x, p.y)
+}
+
+func (p *nistParameters) SharedKey(peerPublicKey []byte) []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ // Unmarshal also checks whether the given point is on the curve.
+ x, y := elliptic.Unmarshal(curve, peerPublicKey)
+ if x == nil {
+ return nil
+ }
+
+ xShared, _ := curve.ScalarMult(x, y, p.privateKey)
+ sharedKey := make([]byte, (curve.Params().BitSize+7)/8)
+ return xShared.FillBytes(sharedKey)
+}
+
+type x25519Parameters struct {
+ privateKey []byte
+ publicKey []byte
+}
+
+func (p *x25519Parameters) CurveID() CurveID {
+ return X25519
+}
+
+func (p *x25519Parameters) PublicKey() []byte {
+ return p.publicKey[:]
+}
+
+func (p *x25519Parameters) SharedKey(peerPublicKey []byte) []byte {
+ sharedKey, err := curve25519.X25519(p.privateKey, peerPublicKey)
+ if err != nil {
+ return nil
+ }
+ return sharedKey
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/prf.go b/vendor/github.com/marten-seemann/qtls-go1-15/prf.go
new file mode 100644
index 00000000..9eb0221a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/prf.go
@@ -0,0 +1,283 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/hmac"
+ "crypto/md5"
+ "crypto/sha1"
+ "crypto/sha256"
+ "crypto/sha512"
+ "errors"
+ "fmt"
+ "hash"
+)
+
+// Split a premaster secret in two as specified in RFC 4346, Section 5.
+func splitPreMasterSecret(secret []byte) (s1, s2 []byte) {
+ s1 = secret[0 : (len(secret)+1)/2]
+ s2 = secret[len(secret)/2:]
+ return
+}
+
+// pHash implements the P_hash function, as defined in RFC 4346, Section 5.
+func pHash(result, secret, seed []byte, hash func() hash.Hash) {
+ h := hmac.New(hash, secret)
+ h.Write(seed)
+ a := h.Sum(nil)
+
+ j := 0
+ for j < len(result) {
+ h.Reset()
+ h.Write(a)
+ h.Write(seed)
+ b := h.Sum(nil)
+ copy(result[j:], b)
+ j += len(b)
+
+ h.Reset()
+ h.Write(a)
+ a = h.Sum(nil)
+ }
+}
+
+// prf10 implements the TLS 1.0 pseudo-random function, as defined in RFC 2246, Section 5.
+func prf10(result, secret, label, seed []byte) {
+ hashSHA1 := sha1.New
+ hashMD5 := md5.New
+
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ s1, s2 := splitPreMasterSecret(secret)
+ pHash(result, s1, labelAndSeed, hashMD5)
+ result2 := make([]byte, len(result))
+ pHash(result2, s2, labelAndSeed, hashSHA1)
+
+ for i, b := range result2 {
+ result[i] ^= b
+ }
+}
+
+// prf12 implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, Section 5.
+func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) {
+ return func(result, secret, label, seed []byte) {
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ pHash(result, secret, labelAndSeed, hashFunc)
+ }
+}
+
+const (
+ masterSecretLength = 48 // Length of a master secret in TLS 1.1.
+ finishedVerifyLength = 12 // Length of verify_data in a Finished message.
+)
+
+var masterSecretLabel = []byte("master secret")
+var keyExpansionLabel = []byte("key expansion")
+var clientFinishedLabel = []byte("client finished")
+var serverFinishedLabel = []byte("server finished")
+
+func prfAndHashForVersion(version uint16, suite *cipherSuite) (func(result, secret, label, seed []byte), crypto.Hash) {
+ switch version {
+ case VersionTLS10, VersionTLS11:
+ return prf10, crypto.Hash(0)
+ case VersionTLS12:
+ if suite.flags&suiteSHA384 != 0 {
+ return prf12(sha512.New384), crypto.SHA384
+ }
+ return prf12(sha256.New), crypto.SHA256
+ default:
+ panic("unknown version")
+ }
+}
+
+func prfForVersion(version uint16, suite *cipherSuite) func(result, secret, label, seed []byte) {
+ prf, _ := prfAndHashForVersion(version, suite)
+ return prf
+}
+
+// masterFromPreMasterSecret generates the master secret from the pre-master
+// secret. See RFC 5246, Section 8.1.
+func masterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret, clientRandom, serverRandom []byte) []byte {
+ seed := make([]byte, 0, len(clientRandom)+len(serverRandom))
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ masterSecret := make([]byte, masterSecretLength)
+ prfForVersion(version, suite)(masterSecret, preMasterSecret, masterSecretLabel, seed)
+ return masterSecret
+}
+
+// keysFromMasterSecret generates the connection keys from the master
+// secret, given the lengths of the MAC key, cipher key and IV, as defined in
+// RFC 2246, Section 6.3.
+func keysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) {
+ seed := make([]byte, 0, len(serverRandom)+len(clientRandom))
+ seed = append(seed, serverRandom...)
+ seed = append(seed, clientRandom...)
+
+ n := 2*macLen + 2*keyLen + 2*ivLen
+ keyMaterial := make([]byte, n)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, keyExpansionLabel, seed)
+ clientMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ serverMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ clientKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ serverKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ clientIV = keyMaterial[:ivLen]
+ keyMaterial = keyMaterial[ivLen:]
+ serverIV = keyMaterial[:ivLen]
+ return
+}
+
+func newFinishedHash(version uint16, cipherSuite *cipherSuite) finishedHash {
+ var buffer []byte
+ if version >= VersionTLS12 {
+ buffer = []byte{}
+ }
+
+ prf, hash := prfAndHashForVersion(version, cipherSuite)
+ if hash != 0 {
+ return finishedHash{hash.New(), hash.New(), nil, nil, buffer, version, prf}
+ }
+
+ return finishedHash{sha1.New(), sha1.New(), md5.New(), md5.New(), buffer, version, prf}
+}
+
+// A finishedHash calculates the hash of a set of handshake messages suitable
+// for including in a Finished message.
+type finishedHash struct {
+ client hash.Hash
+ server hash.Hash
+
+ // Prior to TLS 1.2, an additional MD5 hash is required.
+ clientMD5 hash.Hash
+ serverMD5 hash.Hash
+
+ // In TLS 1.2, a full buffer is sadly required.
+ buffer []byte
+
+ version uint16
+ prf func(result, secret, label, seed []byte)
+}
+
+func (h *finishedHash) Write(msg []byte) (n int, err error) {
+ h.client.Write(msg)
+ h.server.Write(msg)
+
+ if h.version < VersionTLS12 {
+ h.clientMD5.Write(msg)
+ h.serverMD5.Write(msg)
+ }
+
+ if h.buffer != nil {
+ h.buffer = append(h.buffer, msg...)
+ }
+
+ return len(msg), nil
+}
+
+func (h finishedHash) Sum() []byte {
+ if h.version >= VersionTLS12 {
+ return h.client.Sum(nil)
+ }
+
+ out := make([]byte, 0, md5.Size+sha1.Size)
+ out = h.clientMD5.Sum(out)
+ return h.client.Sum(out)
+}
+
+// clientSum returns the contents of the verify_data member of a client's
+// Finished message.
+func (h finishedHash) clientSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, clientFinishedLabel, h.Sum())
+ return out
+}
+
+// serverSum returns the contents of the verify_data member of a server's
+// Finished message.
+func (h finishedHash) serverSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, serverFinishedLabel, h.Sum())
+ return out
+}
+
+// hashForClientCertificate returns the handshake messages so far, pre-hashed if
+// necessary, suitable for signing by a TLS client certificate.
+func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash, masterSecret []byte) []byte {
+ if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil {
+ panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer")
+ }
+
+ if sigType == signatureEd25519 {
+ return h.buffer
+ }
+
+ if h.version >= VersionTLS12 {
+ hash := hashAlg.New()
+ hash.Write(h.buffer)
+ return hash.Sum(nil)
+ }
+
+ if sigType == signatureECDSA {
+ return h.server.Sum(nil)
+ }
+
+ return h.Sum()
+}
+
+// discardHandshakeBuffer is called when there is no more need to
+// buffer the entirety of the handshake messages.
+func (h *finishedHash) discardHandshakeBuffer() {
+ h.buffer = nil
+}
+
+// noExportedKeyingMaterial is used as a value of
+// ConnectionState.ekm when renegotiation is enabled and thus
+// we wish to fail all key-material export requests.
+func noExportedKeyingMaterial(label string, context []byte, length int) ([]byte, error) {
+ return nil, errors.New("crypto/tls: ExportKeyingMaterial is unavailable when renegotiation is enabled")
+}
+
+// ekmFromMasterSecret generates exported keying material as defined in RFC 5705.
+func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) {
+ return func(label string, context []byte, length int) ([]byte, error) {
+ switch label {
+ case "client finished", "server finished", "master secret", "key expansion":
+ // These values are reserved and may not be used.
+ return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label)
+ }
+
+ seedLen := len(serverRandom) + len(clientRandom)
+ if context != nil {
+ seedLen += 2 + len(context)
+ }
+ seed := make([]byte, 0, seedLen)
+
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ if context != nil {
+ if len(context) >= 1<<16 {
+ return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long")
+ }
+ seed = append(seed, byte(len(context)>>8), byte(len(context)))
+ seed = append(seed, context...)
+ }
+
+ keyMaterial := make([]byte, length)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, []byte(label), seed)
+ return keyMaterial, nil
+ }
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/ticket.go b/vendor/github.com/marten-seemann/qtls-go1-15/ticket.go
new file mode 100644
index 00000000..006b8c1d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/ticket.go
@@ -0,0 +1,259 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/hmac"
+ "crypto/sha256"
+ "crypto/subtle"
+ "errors"
+ "io"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// sessionState contains the information that is serialized into a session
+// ticket in order to later resume a connection.
+type sessionState struct {
+ vers uint16
+ cipherSuite uint16
+ createdAt uint64
+ masterSecret []byte // opaque master_secret<1..2^16-1>;
+ // struct { opaque certificate<1..2^24-1> } Certificate;
+ certificates [][]byte // Certificate certificate_list<0..2^24-1>;
+
+ // usedOldKey is true if the ticket from which this session came from
+ // was encrypted with an older key and thus should be refreshed.
+ usedOldKey bool
+}
+
+func (m *sessionState) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(m.vers)
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.masterSecret)
+ })
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, cert := range m.certificates {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ }
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionState) unmarshal(data []byte) bool {
+ *m = sessionState{usedOldKey: m.usedOldKey}
+ s := cryptobyte.String(data)
+ if ok := s.ReadUint16(&m.vers) &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint16LengthPrefixed(&s, &m.masterSecret) &&
+ len(m.masterSecret) != 0; !ok {
+ return false
+ }
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ if !readUint24LengthPrefixed(&certList, &cert) {
+ return false
+ }
+ m.certificates = append(m.certificates, cert)
+ }
+ return s.Empty()
+}
+
+// sessionStateTLS13 is the content of a TLS 1.3 session ticket. Its first
+// version (revision = 0) doesn't carry any of the information needed for 0-RTT
+// validation and the nonce is always empty.
+// version (revision = 1) carries the max_early_data_size sent in the ticket.
+// version (revision = 2) carries the ALPN sent in the ticket.
+type sessionStateTLS13 struct {
+ // uint8 version = 0x0304;
+ // uint8 revision = 2;
+ cipherSuite uint16
+ createdAt uint64
+ resumptionSecret []byte // opaque resumption_master_secret<1..2^8-1>;
+ certificate Certificate // CertificateEntry certificate_list<0..2^24-1>;
+ maxEarlyData uint32
+ alpn string
+
+ appData []byte
+}
+
+func (m *sessionStateTLS13) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(VersionTLS13)
+ b.AddUint8(2) // revision
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.resumptionSecret)
+ })
+ marshalCertificate(&b, m.certificate)
+ b.AddUint32(m.maxEarlyData)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpn))
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.appData)
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionStateTLS13) unmarshal(data []byte) bool {
+ *m = sessionStateTLS13{}
+ s := cryptobyte.String(data)
+ var version uint16
+ var revision uint8
+ var alpn []byte
+ ret := s.ReadUint16(&version) &&
+ version == VersionTLS13 &&
+ s.ReadUint8(&revision) &&
+ revision == 2 &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint8LengthPrefixed(&s, &m.resumptionSecret) &&
+ len(m.resumptionSecret) != 0 &&
+ unmarshalCertificate(&s, &m.certificate) &&
+ s.ReadUint32(&m.maxEarlyData) &&
+ readUint8LengthPrefixed(&s, &alpn) &&
+ readUint16LengthPrefixed(&s, &m.appData) &&
+ s.Empty()
+ m.alpn = string(alpn)
+ return ret
+}
+
+func (c *Conn) encryptTicket(state []byte) ([]byte, error) {
+ if len(c.ticketKeys) == 0 {
+ return nil, errors.New("tls: internal error: session ticket keys unavailable")
+ }
+
+ encrypted := make([]byte, ticketKeyNameLen+aes.BlockSize+len(state)+sha256.Size)
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+
+ if _, err := io.ReadFull(c.config.rand(), iv); err != nil {
+ return nil, err
+ }
+ key := c.ticketKeys[0]
+ copy(keyName, key.keyName[:])
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error())
+ }
+ cipher.NewCTR(block, iv).XORKeyStream(encrypted[ticketKeyNameLen+aes.BlockSize:], state)
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ mac.Sum(macBytes[:0])
+
+ return encrypted, nil
+}
+
+func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey bool) {
+ if len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size {
+ return nil, false
+ }
+
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+ ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size]
+
+ keyIndex := -1
+ for i, candidateKey := range c.ticketKeys {
+ if bytes.Equal(keyName, candidateKey.keyName[:]) {
+ keyIndex = i
+ break
+ }
+ }
+ if keyIndex == -1 {
+ return nil, false
+ }
+ key := &c.ticketKeys[keyIndex]
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ expected := mac.Sum(nil)
+
+ if subtle.ConstantTimeCompare(macBytes, expected) != 1 {
+ return nil, false
+ }
+
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, false
+ }
+ plaintext = make([]byte, len(ciphertext))
+ cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext)
+
+ return plaintext, keyIndex > 0
+}
+
+func (c *Conn) getSessionTicketMsg(appData []byte) (*newSessionTicketMsgTLS13, error) {
+ m := new(newSessionTicketMsgTLS13)
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionStateTLS13{
+ cipherSuite: c.cipherSuite,
+ createdAt: uint64(c.config.time().Unix()),
+ resumptionSecret: c.resumptionSecret,
+ certificate: Certificate{
+ Certificate: certsFromClient,
+ OCSPStaple: c.ocspResponse,
+ SignedCertificateTimestamps: c.scts,
+ },
+ appData: appData,
+ alpn: c.clientProtocol,
+ }
+ if c.extraConfig != nil {
+ state.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ var err error
+ m.label, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return nil, err
+ }
+ m.lifetime = uint32(maxSessionTicketLifetime / time.Second)
+ if c.extraConfig != nil {
+ m.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ return m, nil
+}
+
+// GetSessionTicket generates a new session ticket.
+// It should only be called after the handshake completes.
+// It can only be used for servers, and only if the alternative record layer is set.
+// The ticket may be nil if config.SessionTicketsDisabled is set,
+// or if the client isn't able to receive session tickets.
+func (c *Conn) GetSessionTicket(appData []byte) ([]byte, error) {
+ if c.isClient || !c.handshakeComplete() || c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ return nil, errors.New("GetSessionTicket is only valid for servers after completion of the handshake, and if an alternative record layer is set.")
+ }
+ if c.config.SessionTicketsDisabled {
+ return nil, nil
+ }
+
+ m, err := c.getSessionTicketMsg(appData)
+ if err != nil {
+ return nil, err
+ }
+ return m.marshal(), nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/tls.go b/vendor/github.com/marten-seemann/qtls-go1-15/tls.go
new file mode 100644
index 00000000..f4d7b7c9
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/tls.go
@@ -0,0 +1,393 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// package qtls partially implements TLS 1.2, as specified in RFC 5246,
+// and TLS 1.3, as specified in RFC 8446.
+package qtls
+
+// BUG(agl): The crypto/tls package only implements some countermeasures
+// against Lucky13 attacks on CBC-mode encryption, and only on SHA1
+// variants. See http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/pem"
+ "errors"
+ "fmt"
+ "io/ioutil"
+ "net"
+ "strings"
+ "time"
+)
+
+// Server returns a new TLS server side connection
+// using conn as the underlying transport.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ }
+ c.handshakeFn = c.serverHandshake
+ return c
+}
+
+// Client returns a new TLS client side connection
+// using conn as the underlying transport.
+// The config cannot be nil: users must set either ServerName or
+// InsecureSkipVerify in the config.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ isClient: true,
+ }
+ c.handshakeFn = c.clientHandshake
+ return c
+}
+
+// A listener implements a network listener (net.Listener) for TLS connections.
+type listener struct {
+ net.Listener
+ config *Config
+ extraConfig *ExtraConfig
+}
+
+// Accept waits for and returns the next incoming TLS connection.
+// The returned connection is of type *Conn.
+func (l *listener) Accept() (net.Conn, error) {
+ c, err := l.Listener.Accept()
+ if err != nil {
+ return nil, err
+ }
+ return Server(c, l.config, l.extraConfig), nil
+}
+
+// NewListener creates a Listener which accepts connections from an inner
+// Listener and wraps each connection with Server.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func NewListener(inner net.Listener, config *Config, extraConfig *ExtraConfig) net.Listener {
+ l := new(listener)
+ l.Listener = inner
+ l.config = config
+ l.extraConfig = extraConfig
+ return l
+}
+
+// Listen creates a TLS listener accepting connections on the
+// given network address using net.Listen.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Listen(network, laddr string, config *Config, extraConfig *ExtraConfig) (net.Listener, error) {
+ if config == nil || len(config.Certificates) == 0 &&
+ config.GetCertificate == nil && config.GetConfigForClient == nil {
+ return nil, errors.New("tls: neither Certificates, GetCertificate, nor GetConfigForClient set in Config")
+ }
+ l, err := net.Listen(network, laddr)
+ if err != nil {
+ return nil, err
+ }
+ return NewListener(l, config, extraConfig), nil
+}
+
+type timeoutError struct{}
+
+func (timeoutError) Error() string { return "tls: DialWithDialer timed out" }
+func (timeoutError) Timeout() bool { return true }
+func (timeoutError) Temporary() bool { return true }
+
+// DialWithDialer connects to the given network address using dialer.Dial and
+// then initiates a TLS handshake, returning the resulting TLS connection. Any
+// timeout or deadline given in the dialer apply to connection and TLS
+// handshake as a whole.
+//
+// DialWithDialer interprets a nil configuration as equivalent to the zero
+// configuration; see the documentation of Config for the defaults.
+func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return dial(context.Background(), dialer, network, addr, config, extraConfig)
+}
+
+func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ // We want the Timeout and Deadline values from dialer to cover the
+ // whole process: TCP connection and TLS handshake. This means that we
+ // also need to start our own timers now.
+ timeout := netDialer.Timeout
+
+ if !netDialer.Deadline.IsZero() {
+ deadlineTimeout := time.Until(netDialer.Deadline)
+ if timeout == 0 || deadlineTimeout < timeout {
+ timeout = deadlineTimeout
+ }
+ }
+
+ // hsErrCh is non-nil if we might not wait for Handshake to complete.
+ var hsErrCh chan error
+ if timeout != 0 || ctx.Done() != nil {
+ hsErrCh = make(chan error, 2)
+ }
+ if timeout != 0 {
+ timer := time.AfterFunc(timeout, func() {
+ hsErrCh <- timeoutError{}
+ })
+ defer timer.Stop()
+ }
+
+ rawConn, err := netDialer.DialContext(ctx, network, addr)
+ if err != nil {
+ return nil, err
+ }
+
+ colonPos := strings.LastIndex(addr, ":")
+ if colonPos == -1 {
+ colonPos = len(addr)
+ }
+ hostname := addr[:colonPos]
+
+ if config == nil {
+ config = defaultConfig()
+ }
+ // If no ServerName is set, infer the ServerName
+ // from the hostname we're connecting to.
+ if config.ServerName == "" {
+ // Make a copy to avoid polluting argument or default.
+ c := config.Clone()
+ c.ServerName = hostname
+ config = c
+ }
+
+ conn := Client(rawConn, config, extraConfig)
+
+ if hsErrCh == nil {
+ err = conn.Handshake()
+ } else {
+ go func() {
+ hsErrCh <- conn.Handshake()
+ }()
+
+ select {
+ case <-ctx.Done():
+ err = ctx.Err()
+ case err = <-hsErrCh:
+ if err != nil {
+ // If the error was due to the context
+ // closing, prefer the context's error, rather
+ // than some random network teardown error.
+ if e := ctx.Err(); e != nil {
+ err = e
+ }
+ }
+ }
+ }
+
+ if err != nil {
+ rawConn.Close()
+ return nil, err
+ }
+
+ return conn, nil
+}
+
+// Dial connects to the given network address using net.Dial
+// and then initiates a TLS handshake, returning the resulting
+// TLS connection.
+// Dial interprets a nil configuration as equivalent to
+// the zero configuration; see the documentation of Config
+// for the defaults.
+func Dial(network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return DialWithDialer(new(net.Dialer), network, addr, config, extraConfig)
+}
+
+// Dialer dials TLS connections given a configuration and a Dialer for the
+// underlying connection.
+type Dialer struct {
+ // NetDialer is the optional dialer to use for the TLS connections'
+ // underlying TCP connections.
+ // A nil NetDialer is equivalent to the net.Dialer zero value.
+ NetDialer *net.Dialer
+
+ // Config is the TLS configuration to use for new connections.
+ // A nil configuration is equivalent to the zero
+ // configuration; see the documentation of Config for the
+ // defaults.
+ Config *Config
+
+ ExtraConfig *ExtraConfig
+}
+
+// Dial connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+func (d *Dialer) Dial(network, addr string) (net.Conn, error) {
+ return d.DialContext(context.Background(), network, addr)
+}
+
+func (d *Dialer) netDialer() *net.Dialer {
+ if d.NetDialer != nil {
+ return d.NetDialer
+ }
+ return new(net.Dialer)
+}
+
+// DialContext connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The provided Context must be non-nil. If the context expires before
+// the connection is complete, an error is returned. Once successfully
+// connected, any expiration of the context will not affect the
+// connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+ c, err := dial(ctx, d.netDialer(), network, addr, d.Config, d.ExtraConfig)
+ if err != nil {
+ // Don't return c (a typed nil) in an interface.
+ return nil, err
+ }
+ return c, nil
+}
+
+// LoadX509KeyPair reads and parses a public/private key pair from a pair
+// of files. The files must contain PEM encoded data. The certificate file
+// may contain intermediate certificates following the leaf certificate to
+// form a certificate chain. On successful return, Certificate.Leaf will
+// be nil because the parsed form of the certificate is not retained.
+func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) {
+ certPEMBlock, err := ioutil.ReadFile(certFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ keyPEMBlock, err := ioutil.ReadFile(keyFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ return X509KeyPair(certPEMBlock, keyPEMBlock)
+}
+
+// X509KeyPair parses a public/private key pair from a pair of
+// PEM encoded data. On successful return, Certificate.Leaf will be nil because
+// the parsed form of the certificate is not retained.
+func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) {
+ fail := func(err error) (Certificate, error) { return Certificate{}, err }
+
+ var cert Certificate
+ var skippedBlockTypes []string
+ for {
+ var certDERBlock *pem.Block
+ certDERBlock, certPEMBlock = pem.Decode(certPEMBlock)
+ if certDERBlock == nil {
+ break
+ }
+ if certDERBlock.Type == "CERTIFICATE" {
+ cert.Certificate = append(cert.Certificate, certDERBlock.Bytes)
+ } else {
+ skippedBlockTypes = append(skippedBlockTypes, certDERBlock.Type)
+ }
+ }
+
+ if len(cert.Certificate) == 0 {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in certificate input"))
+ }
+ if len(skippedBlockTypes) == 1 && strings.HasSuffix(skippedBlockTypes[0], "PRIVATE KEY") {
+ return fail(errors.New("tls: failed to find certificate PEM data in certificate input, but did find a private key; PEM inputs may have been switched"))
+ }
+ return fail(fmt.Errorf("tls: failed to find \"CERTIFICATE\" PEM block in certificate input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+
+ skippedBlockTypes = skippedBlockTypes[:0]
+ var keyDERBlock *pem.Block
+ for {
+ keyDERBlock, keyPEMBlock = pem.Decode(keyPEMBlock)
+ if keyDERBlock == nil {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in key input"))
+ }
+ if len(skippedBlockTypes) == 1 && skippedBlockTypes[0] == "CERTIFICATE" {
+ return fail(errors.New("tls: found a certificate rather than a key in the PEM for the private key"))
+ }
+ return fail(fmt.Errorf("tls: failed to find PEM block with type ending in \"PRIVATE KEY\" in key input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+ if keyDERBlock.Type == "PRIVATE KEY" || strings.HasSuffix(keyDERBlock.Type, " PRIVATE KEY") {
+ break
+ }
+ skippedBlockTypes = append(skippedBlockTypes, keyDERBlock.Type)
+ }
+
+ // We don't need to parse the public key for TLS, but we so do anyway
+ // to check that it looks sane and matches the private key.
+ x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
+ if err != nil {
+ return fail(err)
+ }
+
+ cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes)
+ if err != nil {
+ return fail(err)
+ }
+
+ switch pub := x509Cert.PublicKey.(type) {
+ case *rsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*rsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.N.Cmp(priv.N) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case *ecdsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case ed25519.PublicKey:
+ priv, ok := cert.PrivateKey.(ed25519.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if !bytes.Equal(priv.Public().(ed25519.PublicKey), pub) {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ default:
+ return fail(errors.New("tls: unknown public key algorithm"))
+ }
+
+ return cert, nil
+}
+
+// Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates
+// PKCS #1 private keys by default, while OpenSSL 1.0.0 generates PKCS #8 keys.
+// OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three.
+func parsePrivateKey(der []byte) (crypto.PrivateKey, error) {
+ if key, err := x509.ParsePKCS1PrivateKey(der); err == nil {
+ return key, nil
+ }
+ if key, err := x509.ParsePKCS8PrivateKey(der); err == nil {
+ switch key := key.(type) {
+ case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey:
+ return key, nil
+ default:
+ return nil, errors.New("tls: found unknown private key type in PKCS#8 wrapping")
+ }
+ }
+ if key, err := x509.ParseECPrivateKey(der); err == nil {
+ return key, nil
+ }
+
+ return nil, errors.New("tls: failed to parse private key")
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-15/unsafe.go b/vendor/github.com/marten-seemann/qtls-go1-15/unsafe.go
new file mode 100644
index 00000000..1bf13d83
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-15/unsafe.go
@@ -0,0 +1,89 @@
+package qtls
+
+import (
+ "crypto/tls"
+ "reflect"
+ "unsafe"
+)
+
+func init() {
+ if !structsEqual(&tls.ConnectionState{}, &connectionState{}) {
+ panic("qtls.ConnectionState doesn't match")
+ }
+ if !structsEqual(&tls.ClientSessionState{}, &clientSessionState{}) {
+ panic("qtls.ClientSessionState doesn't match")
+ }
+ if !structsEqual(&tls.Config{}, &config{}) {
+ panic("qtls.Config doesn't match")
+ }
+ if !structsEqual(&tls.ClientHelloInfo{}, &clientHelloInfo{}) {
+ panic("qtls.ClientHelloInfo doesn't match")
+ }
+}
+
+func toConnectionState(c connectionState) ConnectionState {
+ return *(*ConnectionState)(unsafe.Pointer(&c))
+}
+
+func toClientSessionState(s *clientSessionState) *ClientSessionState {
+ return (*ClientSessionState)(unsafe.Pointer(s))
+}
+
+func fromClientSessionState(s *ClientSessionState) *clientSessionState {
+ return (*clientSessionState)(unsafe.Pointer(s))
+}
+
+func toConfig(c *config) *Config {
+ return (*Config)(unsafe.Pointer(c))
+}
+
+func fromConfig(c *Config) *config {
+ return (*config)(unsafe.Pointer(c))
+}
+
+func toClientHelloInfo(chi *clientHelloInfo) *ClientHelloInfo {
+ return (*ClientHelloInfo)(unsafe.Pointer(chi))
+}
+
+func structsEqual(a, b interface{}) bool {
+ return compare(reflect.ValueOf(a), reflect.ValueOf(b))
+}
+
+func compare(a, b reflect.Value) bool {
+ sa := a.Elem()
+ sb := b.Elem()
+ if sa.NumField() != sb.NumField() {
+ return false
+ }
+ for i := 0; i < sa.NumField(); i++ {
+ fa := sa.Type().Field(i)
+ fb := sb.Type().Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ if fa.Type.Kind() != fb.Type.Kind() {
+ return false
+ }
+ if fa.Type.Kind() == reflect.Slice {
+ if !compareStruct(fa.Type.Elem(), fb.Type.Elem()) {
+ return false
+ }
+ continue
+ }
+ return false
+ }
+ }
+ return true
+}
+
+func compareStruct(a, b reflect.Type) bool {
+ if a.NumField() != b.NumField() {
+ return false
+ }
+ for i := 0; i < a.NumField(); i++ {
+ fa := a.Field(i)
+ fb := b.Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ return false
+ }
+ }
+ return true
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/LICENSE b/vendor/github.com/marten-seemann/qtls-go1-16/LICENSE
new file mode 100644
index 00000000..6a66aea5
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+ * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+ * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/README.md b/vendor/github.com/marten-seemann/qtls-go1-16/README.md
new file mode 100644
index 00000000..0d318abe
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/README.md
@@ -0,0 +1,6 @@
+# qtls
+
+[](https://godoc.org/github.com/marten-seemann/qtls)
+[](https://circleci.com/gh/marten-seemann/qtls)
+
+This repository contains a modified version of the standard library's TLS implementation, modified for the QUIC protocol. It is used by [quic-go](https://github.com/lucas-clemente/quic-go).
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/alert.go b/vendor/github.com/marten-seemann/qtls-go1-16/alert.go
new file mode 100644
index 00000000..3feac79b
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/alert.go
@@ -0,0 +1,102 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import "strconv"
+
+type alert uint8
+
+// Alert is a TLS alert
+type Alert = alert
+
+const (
+ // alert level
+ alertLevelWarning = 1
+ alertLevelError = 2
+)
+
+const (
+ alertCloseNotify alert = 0
+ alertUnexpectedMessage alert = 10
+ alertBadRecordMAC alert = 20
+ alertDecryptionFailed alert = 21
+ alertRecordOverflow alert = 22
+ alertDecompressionFailure alert = 30
+ alertHandshakeFailure alert = 40
+ alertBadCertificate alert = 42
+ alertUnsupportedCertificate alert = 43
+ alertCertificateRevoked alert = 44
+ alertCertificateExpired alert = 45
+ alertCertificateUnknown alert = 46
+ alertIllegalParameter alert = 47
+ alertUnknownCA alert = 48
+ alertAccessDenied alert = 49
+ alertDecodeError alert = 50
+ alertDecryptError alert = 51
+ alertExportRestriction alert = 60
+ alertProtocolVersion alert = 70
+ alertInsufficientSecurity alert = 71
+ alertInternalError alert = 80
+ alertInappropriateFallback alert = 86
+ alertUserCanceled alert = 90
+ alertNoRenegotiation alert = 100
+ alertMissingExtension alert = 109
+ alertUnsupportedExtension alert = 110
+ alertCertificateUnobtainable alert = 111
+ alertUnrecognizedName alert = 112
+ alertBadCertificateStatusResponse alert = 113
+ alertBadCertificateHashValue alert = 114
+ alertUnknownPSKIdentity alert = 115
+ alertCertificateRequired alert = 116
+ alertNoApplicationProtocol alert = 120
+)
+
+var alertText = map[alert]string{
+ alertCloseNotify: "close notify",
+ alertUnexpectedMessage: "unexpected message",
+ alertBadRecordMAC: "bad record MAC",
+ alertDecryptionFailed: "decryption failed",
+ alertRecordOverflow: "record overflow",
+ alertDecompressionFailure: "decompression failure",
+ alertHandshakeFailure: "handshake failure",
+ alertBadCertificate: "bad certificate",
+ alertUnsupportedCertificate: "unsupported certificate",
+ alertCertificateRevoked: "revoked certificate",
+ alertCertificateExpired: "expired certificate",
+ alertCertificateUnknown: "unknown certificate",
+ alertIllegalParameter: "illegal parameter",
+ alertUnknownCA: "unknown certificate authority",
+ alertAccessDenied: "access denied",
+ alertDecodeError: "error decoding message",
+ alertDecryptError: "error decrypting message",
+ alertExportRestriction: "export restriction",
+ alertProtocolVersion: "protocol version not supported",
+ alertInsufficientSecurity: "insufficient security level",
+ alertInternalError: "internal error",
+ alertInappropriateFallback: "inappropriate fallback",
+ alertUserCanceled: "user canceled",
+ alertNoRenegotiation: "no renegotiation",
+ alertMissingExtension: "missing extension",
+ alertUnsupportedExtension: "unsupported extension",
+ alertCertificateUnobtainable: "certificate unobtainable",
+ alertUnrecognizedName: "unrecognized name",
+ alertBadCertificateStatusResponse: "bad certificate status response",
+ alertBadCertificateHashValue: "bad certificate hash value",
+ alertUnknownPSKIdentity: "unknown PSK identity",
+ alertCertificateRequired: "certificate required",
+ alertNoApplicationProtocol: "no application protocol",
+}
+
+func (e alert) String() string {
+ s, ok := alertText[e]
+ if ok {
+ return "tls: " + s
+ }
+ return "tls: alert(" + strconv.Itoa(int(e)) + ")"
+}
+
+func (e alert) Error() string {
+ return e.String()
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/auth.go b/vendor/github.com/marten-seemann/qtls-go1-16/auth.go
new file mode 100644
index 00000000..1ef675fd
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/auth.go
@@ -0,0 +1,289 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+)
+
+// verifyHandshakeSignature verifies a signature against pre-hashed
+// (if required) handshake contents.
+func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc crypto.Hash, signed, sig []byte) error {
+ switch sigType {
+ case signatureECDSA:
+ pubKey, ok := pubkey.(*ecdsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an ECDSA public key, got %T", pubkey)
+ }
+ if !ecdsa.VerifyASN1(pubKey, signed, sig) {
+ return errors.New("ECDSA verification failure")
+ }
+ case signatureEd25519:
+ pubKey, ok := pubkey.(ed25519.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an Ed25519 public key, got %T", pubkey)
+ }
+ if !ed25519.Verify(pubKey, signed, sig) {
+ return errors.New("Ed25519 verification failure")
+ }
+ case signaturePKCS1v15:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, signed, sig); err != nil {
+ return err
+ }
+ case signatureRSAPSS:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ signOpts := &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash}
+ if err := rsa.VerifyPSS(pubKey, hashFunc, signed, sig, signOpts); err != nil {
+ return err
+ }
+ default:
+ return errors.New("internal error: unknown signature type")
+ }
+ return nil
+}
+
+const (
+ serverSignatureContext = "TLS 1.3, server CertificateVerify\x00"
+ clientSignatureContext = "TLS 1.3, client CertificateVerify\x00"
+)
+
+var signaturePadding = []byte{
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+}
+
+// signedMessage returns the pre-hashed (if necessary) message to be signed by
+// certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3.
+func signedMessage(sigHash crypto.Hash, context string, transcript hash.Hash) []byte {
+ if sigHash == directSigning {
+ b := &bytes.Buffer{}
+ b.Write(signaturePadding)
+ io.WriteString(b, context)
+ b.Write(transcript.Sum(nil))
+ return b.Bytes()
+ }
+ h := sigHash.New()
+ h.Write(signaturePadding)
+ io.WriteString(h, context)
+ h.Write(transcript.Sum(nil))
+ return h.Sum(nil)
+}
+
+// typeAndHashFromSignatureScheme returns the corresponding signature type and
+// crypto.Hash for a given TLS SignatureScheme.
+func typeAndHashFromSignatureScheme(signatureAlgorithm SignatureScheme) (sigType uint8, hash crypto.Hash, err error) {
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512:
+ sigType = signaturePKCS1v15
+ case PSSWithSHA256, PSSWithSHA384, PSSWithSHA512:
+ sigType = signatureRSAPSS
+ case ECDSAWithSHA1, ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512:
+ sigType = signatureECDSA
+ case Ed25519:
+ sigType = signatureEd25519
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, ECDSAWithSHA1:
+ hash = crypto.SHA1
+ case PKCS1WithSHA256, PSSWithSHA256, ECDSAWithP256AndSHA256:
+ hash = crypto.SHA256
+ case PKCS1WithSHA384, PSSWithSHA384, ECDSAWithP384AndSHA384:
+ hash = crypto.SHA384
+ case PKCS1WithSHA512, PSSWithSHA512, ECDSAWithP521AndSHA512:
+ hash = crypto.SHA512
+ case Ed25519:
+ hash = directSigning
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ return sigType, hash, nil
+}
+
+// legacyTypeAndHashFromPublicKey returns the fixed signature type and crypto.Hash for
+// a given public key used with TLS 1.0 and 1.1, before the introduction of
+// signature algorithm negotiation.
+func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash crypto.Hash, err error) {
+ switch pub.(type) {
+ case *rsa.PublicKey:
+ return signaturePKCS1v15, crypto.MD5SHA1, nil
+ case *ecdsa.PublicKey:
+ return signatureECDSA, crypto.SHA1, nil
+ case ed25519.PublicKey:
+ // RFC 8422 specifies support for Ed25519 in TLS 1.0 and 1.1,
+ // but it requires holding on to a handshake transcript to do a
+ // full signature, and not even OpenSSL bothers with the
+ // complexity, so we can't even test it properly.
+ return 0, 0, fmt.Errorf("tls: Ed25519 public keys are not supported before TLS 1.2")
+ default:
+ return 0, 0, fmt.Errorf("tls: unsupported public key: %T", pub)
+ }
+}
+
+var rsaSignatureSchemes = []struct {
+ scheme SignatureScheme
+ minModulusBytes int
+ maxVersion uint16
+}{
+ // RSA-PSS is used with PSSSaltLengthEqualsHash, and requires
+ // emLen >= hLen + sLen + 2
+ {PSSWithSHA256, crypto.SHA256.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA384, crypto.SHA384.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA512, crypto.SHA512.Size()*2 + 2, VersionTLS13},
+ // PKCS #1 v1.5 uses prefixes from hashPrefixes in crypto/rsa, and requires
+ // emLen >= len(prefix) + hLen + 11
+ // TLS 1.3 dropped support for PKCS #1 v1.5 in favor of RSA-PSS.
+ {PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11, VersionTLS12},
+}
+
+// signatureSchemesForCertificate returns the list of supported SignatureSchemes
+// for a given certificate, based on the public key and the protocol version,
+// and optionally filtered by its explicit SupportedSignatureAlgorithms.
+//
+// This function must be kept in sync with supportedSignatureAlgorithms.
+func signatureSchemesForCertificate(version uint16, cert *Certificate) []SignatureScheme {
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil
+ }
+
+ var sigAlgs []SignatureScheme
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ if version != VersionTLS13 {
+ // In TLS 1.2 and earlier, ECDSA algorithms are not
+ // constrained to a single curve.
+ sigAlgs = []SignatureScheme{
+ ECDSAWithP256AndSHA256,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ ECDSAWithSHA1,
+ }
+ break
+ }
+ switch pub.Curve {
+ case elliptic.P256():
+ sigAlgs = []SignatureScheme{ECDSAWithP256AndSHA256}
+ case elliptic.P384():
+ sigAlgs = []SignatureScheme{ECDSAWithP384AndSHA384}
+ case elliptic.P521():
+ sigAlgs = []SignatureScheme{ECDSAWithP521AndSHA512}
+ default:
+ return nil
+ }
+ case *rsa.PublicKey:
+ size := pub.Size()
+ sigAlgs = make([]SignatureScheme, 0, len(rsaSignatureSchemes))
+ for _, candidate := range rsaSignatureSchemes {
+ if size >= candidate.minModulusBytes && version <= candidate.maxVersion {
+ sigAlgs = append(sigAlgs, candidate.scheme)
+ }
+ }
+ case ed25519.PublicKey:
+ sigAlgs = []SignatureScheme{Ed25519}
+ default:
+ return nil
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ var filteredSigAlgs []SignatureScheme
+ for _, sigAlg := range sigAlgs {
+ if isSupportedSignatureAlgorithm(sigAlg, cert.SupportedSignatureAlgorithms) {
+ filteredSigAlgs = append(filteredSigAlgs, sigAlg)
+ }
+ }
+ return filteredSigAlgs
+ }
+ return sigAlgs
+}
+
+// selectSignatureScheme picks a SignatureScheme from the peer's preference list
+// that works with the selected certificate. It's only called for protocol
+// versions that support signature algorithms, so TLS 1.2 and 1.3.
+func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureScheme) (SignatureScheme, error) {
+ supportedAlgs := signatureSchemesForCertificate(vers, c)
+ if len(supportedAlgs) == 0 {
+ return 0, unsupportedCertificateError(c)
+ }
+ if len(peerAlgs) == 0 && vers == VersionTLS12 {
+ // For TLS 1.2, if the client didn't send signature_algorithms then we
+ // can assume that it supports SHA1. See RFC 5246, Section 7.4.1.4.1.
+ peerAlgs = []SignatureScheme{PKCS1WithSHA1, ECDSAWithSHA1}
+ }
+ // Pick signature scheme in the peer's preference order, as our
+ // preference order is not configurable.
+ for _, preferredAlg := range peerAlgs {
+ if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) {
+ return preferredAlg, nil
+ }
+ }
+ return 0, errors.New("tls: peer doesn't support any of the certificate's signature algorithms")
+}
+
+// unsupportedCertificateError returns a helpful error for certificates with
+// an unsupported private key.
+func unsupportedCertificateError(cert *Certificate) error {
+ switch cert.PrivateKey.(type) {
+ case rsa.PrivateKey, ecdsa.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is %T, expected *%T",
+ cert.PrivateKey, cert.PrivateKey)
+ case *ed25519.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is *ed25519.PrivateKey, expected ed25519.PrivateKey")
+ }
+
+ signer, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return fmt.Errorf("tls: certificate private key (%T) does not implement crypto.Signer",
+ cert.PrivateKey)
+ }
+
+ switch pub := signer.Public().(type) {
+ case *ecdsa.PublicKey:
+ switch pub.Curve {
+ case elliptic.P256():
+ case elliptic.P384():
+ case elliptic.P521():
+ default:
+ return fmt.Errorf("tls: unsupported certificate curve (%s)", pub.Curve.Params().Name)
+ }
+ case *rsa.PublicKey:
+ return fmt.Errorf("tls: certificate RSA key size too small for supported signature algorithms")
+ case ed25519.PublicKey:
+ default:
+ return fmt.Errorf("tls: unsupported certificate key (%T)", pub)
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ return fmt.Errorf("tls: peer doesn't support the certificate custom signature algorithms")
+ }
+
+ return fmt.Errorf("tls: internal error: unsupported key (%T)", cert.PrivateKey)
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/cipher_suites.go b/vendor/github.com/marten-seemann/qtls-go1-16/cipher_suites.go
new file mode 100644
index 00000000..78f80107
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/cipher_suites.go
@@ -0,0 +1,532 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/des"
+ "crypto/hmac"
+ "crypto/rc4"
+ "crypto/sha1"
+ "crypto/sha256"
+ "crypto/x509"
+ "fmt"
+ "hash"
+
+ "golang.org/x/crypto/chacha20poly1305"
+)
+
+// CipherSuite is a TLS cipher suite. Note that most functions in this package
+// accept and expose cipher suite IDs instead of this type.
+type CipherSuite struct {
+ ID uint16
+ Name string
+
+ // Supported versions is the list of TLS protocol versions that can
+ // negotiate this cipher suite.
+ SupportedVersions []uint16
+
+ // Insecure is true if the cipher suite has known security issues
+ // due to its primitives, design, or implementation.
+ Insecure bool
+}
+
+var (
+ supportedUpToTLS12 = []uint16{VersionTLS10, VersionTLS11, VersionTLS12}
+ supportedOnlyTLS12 = []uint16{VersionTLS12}
+ supportedOnlyTLS13 = []uint16{VersionTLS13}
+)
+
+// CipherSuites returns a list of cipher suites currently implemented by this
+// package, excluding those with security issues, which are returned by
+// InsecureCipherSuites.
+//
+// The list is sorted by ID. Note that the default cipher suites selected by
+// this package might depend on logic that can't be captured by a static list.
+func CipherSuites() []*CipherSuite {
+ return []*CipherSuite{
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+
+ {TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", supportedOnlyTLS13, false},
+ {TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", supportedOnlyTLS13, false},
+ {TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256", supportedOnlyTLS13, false},
+
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ }
+}
+
+// InsecureCipherSuites returns a list of cipher suites currently implemented by
+// this package and which have security issues.
+//
+// Most applications should not use the cipher suites in this list, and should
+// only use those returned by CipherSuites.
+func InsecureCipherSuites() []*CipherSuite {
+ // RC4 suites are broken because RC4 is.
+ // CBC-SHA256 suites have no Lucky13 countermeasures.
+ return []*CipherSuite{
+ {TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ }
+}
+
+// CipherSuiteName returns the standard name for the passed cipher suite ID
+// (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representation
+// of the ID value if the cipher suite is not implemented by this package.
+func CipherSuiteName(id uint16) string {
+ for _, c := range CipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ for _, c := range InsecureCipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ return fmt.Sprintf("0x%04X", id)
+}
+
+// a keyAgreement implements the client and server side of a TLS key agreement
+// protocol by generating and processing key exchange messages.
+type keyAgreement interface {
+ // On the server side, the first two methods are called in order.
+
+ // In the case that the key agreement protocol doesn't use a
+ // ServerKeyExchange message, generateServerKeyExchange can return nil,
+ // nil.
+ generateServerKeyExchange(*config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
+ processClientKeyExchange(*config, *Certificate, *clientKeyExchangeMsg, uint16) ([]byte, error)
+
+ // On the client side, the next two methods are called in order.
+
+ // This method may not be called if the server doesn't send a
+ // ServerKeyExchange message.
+ processServerKeyExchange(*config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error
+ generateClientKeyExchange(*config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
+}
+
+const (
+ // suiteECDHE indicates that the cipher suite involves elliptic curve
+ // Diffie-Hellman. This means that it should only be selected when the
+ // client indicates that it supports ECC with a curve and point format
+ // that we're happy with.
+ suiteECDHE = 1 << iota
+ // suiteECSign indicates that the cipher suite involves an ECDSA or
+ // EdDSA signature and therefore may only be selected when the server's
+ // certificate is ECDSA or EdDSA. If this is not set then the cipher suite
+ // is RSA based.
+ suiteECSign
+ // suiteTLS12 indicates that the cipher suite should only be advertised
+ // and accepted when using TLS 1.2.
+ suiteTLS12
+ // suiteSHA384 indicates that the cipher suite uses SHA384 as the
+ // handshake hash.
+ suiteSHA384
+ // suiteDefaultOff indicates that this cipher suite is not included by
+ // default.
+ suiteDefaultOff
+)
+
+// A cipherSuite is a specific combination of key agreement, cipher and MAC function.
+type cipherSuite struct {
+ id uint16
+ // the lengths, in bytes, of the key material needed for each component.
+ keyLen int
+ macLen int
+ ivLen int
+ ka func(version uint16) keyAgreement
+ // flags is a bitmask of the suite* values, above.
+ flags int
+ cipher func(key, iv []byte, isRead bool) interface{}
+ mac func(key []byte) hash.Hash
+ aead func(key, fixedNonce []byte) aead
+}
+
+var cipherSuites = []*cipherSuite{
+ // Ciphersuite order is chosen so that ECDHE comes before plain RSA and
+ // AEADs are the top preference.
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, rsaKA, suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12 | suiteDefaultOff, cipherAES, macSHA256, nil},
+ {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil},
+
+ // RC4-based cipher suites are disabled by default.
+ {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, suiteDefaultOff, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, suiteECDHE | suiteDefaultOff, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteDefaultOff, cipherRC4, macSHA1, nil},
+}
+
+// selectCipherSuite returns the first cipher suite from ids which is also in
+// supportedIDs and passes the ok filter.
+func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite {
+ for _, id := range ids {
+ candidate := cipherSuiteByID(id)
+ if candidate == nil || !ok(candidate) {
+ continue
+ }
+
+ for _, suppID := range supportedIDs {
+ if id == suppID {
+ return candidate
+ }
+ }
+ }
+ return nil
+}
+
+// A cipherSuiteTLS13 defines only the pair of the AEAD algorithm and hash
+// algorithm to be used with HKDF. See RFC 8446, Appendix B.4.
+type cipherSuiteTLS13 struct {
+ id uint16
+ keyLen int
+ aead func(key, fixedNonce []byte) aead
+ hash crypto.Hash
+}
+
+type CipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ Hash crypto.Hash
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+}
+
+func (c *CipherSuiteTLS13) IVLen() int {
+ return aeadNonceLength
+}
+
+var cipherSuitesTLS13 = []*cipherSuiteTLS13{
+ {TLS_AES_128_GCM_SHA256, 16, aeadAESGCMTLS13, crypto.SHA256},
+ {TLS_CHACHA20_POLY1305_SHA256, 32, aeadChaCha20Poly1305, crypto.SHA256},
+ {TLS_AES_256_GCM_SHA384, 32, aeadAESGCMTLS13, crypto.SHA384},
+}
+
+func cipherRC4(key, iv []byte, isRead bool) interface{} {
+ cipher, _ := rc4.NewCipher(key)
+ return cipher
+}
+
+func cipher3DES(key, iv []byte, isRead bool) interface{} {
+ block, _ := des.NewTripleDESCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+func cipherAES(key, iv []byte, isRead bool) interface{} {
+ block, _ := aes.NewCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+// macSHA1 returns a SHA-1 based constant time MAC.
+func macSHA1(key []byte) hash.Hash {
+ return hmac.New(newConstantTimeHash(sha1.New), key)
+}
+
+// macSHA256 returns a SHA-256 based MAC. This is only supported in TLS 1.2 and
+// is currently only used in disabled-by-default cipher suites.
+func macSHA256(key []byte) hash.Hash {
+ return hmac.New(sha256.New, key)
+}
+
+type aead interface {
+ cipher.AEAD
+
+ // explicitNonceLen returns the number of bytes of explicit nonce
+ // included in each record. This is eight for older AEADs and
+ // zero for modern ones.
+ explicitNonceLen() int
+}
+
+const (
+ aeadNonceLength = 12
+ noncePrefixLength = 4
+)
+
+// prefixNonceAEAD wraps an AEAD and prefixes a fixed portion of the nonce to
+// each call.
+type prefixNonceAEAD struct {
+ // nonce contains the fixed part of the nonce in the first four bytes.
+ nonce [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *prefixNonceAEAD) NonceSize() int { return aeadNonceLength - noncePrefixLength }
+func (f *prefixNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *prefixNonceAEAD) explicitNonceLen() int { return f.NonceSize() }
+
+func (f *prefixNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Seal(out, f.nonce[:], plaintext, additionalData)
+}
+
+func (f *prefixNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Open(out, f.nonce[:], ciphertext, additionalData)
+}
+
+// xoredNonceAEAD wraps an AEAD by XORing in a fixed pattern to the nonce
+// before each call.
+type xorNonceAEAD struct {
+ nonceMask [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *xorNonceAEAD) NonceSize() int { return 8 } // 64-bit sequence number
+func (f *xorNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *xorNonceAEAD) explicitNonceLen() int { return 0 }
+
+func (f *xorNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result := f.aead.Seal(out, f.nonceMask[:], plaintext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result
+}
+
+func (f *xorNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result, err := f.aead.Open(out, f.nonceMask[:], ciphertext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result, err
+}
+
+func aeadAESGCM(key, noncePrefix []byte) aead {
+ if len(noncePrefix) != noncePrefixLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &prefixNonceAEAD{aead: aead}
+ copy(ret.nonce[:], noncePrefix)
+ return ret
+}
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return aeadAESGCMTLS13(key, fixedNonce)
+}
+
+func aeadAESGCMTLS13(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+func aeadChaCha20Poly1305(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aead, err := chacha20poly1305.New(key)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+type constantTimeHash interface {
+ hash.Hash
+ ConstantTimeSum(b []byte) []byte
+}
+
+// cthWrapper wraps any hash.Hash that implements ConstantTimeSum, and replaces
+// with that all calls to Sum. It's used to obtain a ConstantTimeSum-based HMAC.
+type cthWrapper struct {
+ h constantTimeHash
+}
+
+func (c *cthWrapper) Size() int { return c.h.Size() }
+func (c *cthWrapper) BlockSize() int { return c.h.BlockSize() }
+func (c *cthWrapper) Reset() { c.h.Reset() }
+func (c *cthWrapper) Write(p []byte) (int, error) { return c.h.Write(p) }
+func (c *cthWrapper) Sum(b []byte) []byte { return c.h.ConstantTimeSum(b) }
+
+func newConstantTimeHash(h func() hash.Hash) func() hash.Hash {
+ return func() hash.Hash {
+ return &cthWrapper{h().(constantTimeHash)}
+ }
+}
+
+// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, Section 6.2.3.
+func tls10MAC(h hash.Hash, out, seq, header, data, extra []byte) []byte {
+ h.Reset()
+ h.Write(seq)
+ h.Write(header)
+ h.Write(data)
+ res := h.Sum(out)
+ if extra != nil {
+ h.Write(extra)
+ }
+ return res
+}
+
+func rsaKA(version uint16) keyAgreement {
+ return rsaKeyAgreement{}
+}
+
+func ecdheECDSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: false,
+ version: version,
+ }
+}
+
+func ecdheRSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: true,
+ version: version,
+ }
+}
+
+// mutualCipherSuite returns a cipherSuite given a list of supported
+// ciphersuites and the id requested by the peer.
+func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteByID(id uint16) *cipherSuite {
+ for _, cipherSuite := range cipherSuites {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteTLS13ByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {
+ for _, cipherSuite := range cipherSuitesTLS13 {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+// A list of cipher suite IDs that are, or have been, implemented by this
+// package.
+//
+// See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
+const (
+ // TLS 1.0 - 1.2 cipher suites.
+ TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a
+ TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
+ TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
+ TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
+ TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
+ TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca8
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca9
+
+ // TLS 1.3 cipher suites.
+ TLS_AES_128_GCM_SHA256 uint16 = 0x1301
+ TLS_AES_256_GCM_SHA384 uint16 = 0x1302
+ TLS_CHACHA20_POLY1305_SHA256 uint16 = 0x1303
+
+ // TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
+ // that the client is doing version fallback. See RFC 7507.
+ TLS_FALLBACK_SCSV uint16 = 0x5600
+
+ // Legacy names for the corresponding cipher suites with the correct _SHA256
+ // suffix, retained for backward compatibility.
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/common.go b/vendor/github.com/marten-seemann/qtls-go1-16/common.go
new file mode 100644
index 00000000..9d07e175
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/common.go
@@ -0,0 +1,1590 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "container/list"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/sha512"
+ "crypto/tls"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "runtime"
+ "sort"
+ "strings"
+ "sync"
+ "time"
+
+ "golang.org/x/sys/cpu"
+)
+
+const (
+ VersionTLS10 = 0x0301
+ VersionTLS11 = 0x0302
+ VersionTLS12 = 0x0303
+ VersionTLS13 = 0x0304
+
+ // Deprecated: SSLv3 is cryptographically broken, and is no longer
+ // supported by this package. See golang.org/issue/32716.
+ VersionSSL30 = 0x0300
+)
+
+const (
+ maxPlaintext = 16384 // maximum plaintext payload length
+ maxCiphertext = 16384 + 2048 // maximum ciphertext payload length
+ maxCiphertextTLS13 = 16384 + 256 // maximum ciphertext length in TLS 1.3
+ recordHeaderLen = 5 // record header length
+ maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB)
+ maxUselessRecords = 16 // maximum number of consecutive non-advancing records
+)
+
+// TLS record types.
+type recordType uint8
+
+const (
+ recordTypeChangeCipherSpec recordType = 20
+ recordTypeAlert recordType = 21
+ recordTypeHandshake recordType = 22
+ recordTypeApplicationData recordType = 23
+)
+
+// TLS handshake message types.
+const (
+ typeHelloRequest uint8 = 0
+ typeClientHello uint8 = 1
+ typeServerHello uint8 = 2
+ typeNewSessionTicket uint8 = 4
+ typeEndOfEarlyData uint8 = 5
+ typeEncryptedExtensions uint8 = 8
+ typeCertificate uint8 = 11
+ typeServerKeyExchange uint8 = 12
+ typeCertificateRequest uint8 = 13
+ typeServerHelloDone uint8 = 14
+ typeCertificateVerify uint8 = 15
+ typeClientKeyExchange uint8 = 16
+ typeFinished uint8 = 20
+ typeCertificateStatus uint8 = 22
+ typeKeyUpdate uint8 = 24
+ typeNextProtocol uint8 = 67 // Not IANA assigned
+ typeMessageHash uint8 = 254 // synthetic message
+)
+
+// TLS compression types.
+const (
+ compressionNone uint8 = 0
+)
+
+type Extension struct {
+ Type uint16
+ Data []byte
+}
+
+// TLS extension numbers
+const (
+ extensionServerName uint16 = 0
+ extensionStatusRequest uint16 = 5
+ extensionSupportedCurves uint16 = 10 // supported_groups in TLS 1.3, see RFC 8446, Section 4.2.7
+ extensionSupportedPoints uint16 = 11
+ extensionSignatureAlgorithms uint16 = 13
+ extensionALPN uint16 = 16
+ extensionSCT uint16 = 18
+ extensionSessionTicket uint16 = 35
+ extensionPreSharedKey uint16 = 41
+ extensionEarlyData uint16 = 42
+ extensionSupportedVersions uint16 = 43
+ extensionCookie uint16 = 44
+ extensionPSKModes uint16 = 45
+ extensionCertificateAuthorities uint16 = 47
+ extensionSignatureAlgorithmsCert uint16 = 50
+ extensionKeyShare uint16 = 51
+ extensionRenegotiationInfo uint16 = 0xff01
+)
+
+// TLS signaling cipher suite values
+const (
+ scsvRenegotiation uint16 = 0x00ff
+)
+
+type EncryptionLevel uint8
+
+const (
+ EncryptionHandshake EncryptionLevel = iota
+ Encryption0RTT
+ EncryptionApplication
+)
+
+// CurveID is a tls.CurveID
+type CurveID = tls.CurveID
+
+const (
+ CurveP256 CurveID = 23
+ CurveP384 CurveID = 24
+ CurveP521 CurveID = 25
+ X25519 CurveID = 29
+)
+
+// TLS 1.3 Key Share. See RFC 8446, Section 4.2.8.
+type keyShare struct {
+ group CurveID
+ data []byte
+}
+
+// TLS 1.3 PSK Key Exchange Modes. See RFC 8446, Section 4.2.9.
+const (
+ pskModePlain uint8 = 0
+ pskModeDHE uint8 = 1
+)
+
+// TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved
+// session. See RFC 8446, Section 4.2.11.
+type pskIdentity struct {
+ label []byte
+ obfuscatedTicketAge uint32
+}
+
+// TLS Elliptic Curve Point Formats
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
+const (
+ pointFormatUncompressed uint8 = 0
+)
+
+// TLS CertificateStatusType (RFC 3546)
+const (
+ statusTypeOCSP uint8 = 1
+)
+
+// Certificate types (for certificateRequestMsg)
+const (
+ certTypeRSASign = 1
+ certTypeECDSASign = 64 // ECDSA or EdDSA keys, see RFC 8422, Section 3.
+)
+
+// Signature algorithms (for internal signaling use). Starting at 225 to avoid overlap with
+// TLS 1.2 codepoints (RFC 5246, Appendix A.4.1), with which these have nothing to do.
+const (
+ signaturePKCS1v15 uint8 = iota + 225
+ signatureRSAPSS
+ signatureECDSA
+ signatureEd25519
+)
+
+// directSigning is a standard Hash value that signals that no pre-hashing
+// should be performed, and that the input should be signed directly. It is the
+// hash function associated with the Ed25519 signature scheme.
+var directSigning crypto.Hash = 0
+
+// supportedSignatureAlgorithms contains the signature and hash algorithms that
+// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
+// CertificateRequest. The two fields are merged to match with TLS 1.3.
+// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
+var supportedSignatureAlgorithms = []SignatureScheme{
+ PSSWithSHA256,
+ ECDSAWithP256AndSHA256,
+ Ed25519,
+ PSSWithSHA384,
+ PSSWithSHA512,
+ PKCS1WithSHA256,
+ PKCS1WithSHA384,
+ PKCS1WithSHA512,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ PKCS1WithSHA1,
+ ECDSAWithSHA1,
+}
+
+// helloRetryRequestRandom is set as the Random value of a ServerHello
+// to signal that the message is actually a HelloRetryRequest.
+var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3.
+ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
+ 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91,
+ 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E,
+ 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C,
+}
+
+const (
+ // downgradeCanaryTLS12 or downgradeCanaryTLS11 is embedded in the server
+ // random as a downgrade protection if the server would be capable of
+ // negotiating a higher version. See RFC 8446, Section 4.1.3.
+ downgradeCanaryTLS12 = "DOWNGRD\x01"
+ downgradeCanaryTLS11 = "DOWNGRD\x00"
+)
+
+// testingOnlyForceDowngradeCanary is set in tests to force the server side to
+// include downgrade canaries even if it's using its highers supported version.
+var testingOnlyForceDowngradeCanary bool
+
+type ConnectionState = tls.ConnectionState
+
+// ConnectionState records basic TLS details about the connection.
+type connectionState struct {
+ // Version is the TLS version used by the connection (e.g. VersionTLS12).
+ Version uint16
+
+ // HandshakeComplete is true if the handshake has concluded.
+ HandshakeComplete bool
+
+ // DidResume is true if this connection was successfully resumed from a
+ // previous session with a session ticket or similar mechanism.
+ DidResume bool
+
+ // CipherSuite is the cipher suite negotiated for the connection (e.g.
+ // TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_AES_128_GCM_SHA256).
+ CipherSuite uint16
+
+ // NegotiatedProtocol is the application protocol negotiated with ALPN.
+ NegotiatedProtocol string
+
+ // NegotiatedProtocolIsMutual used to indicate a mutual NPN negotiation.
+ //
+ // Deprecated: this value is always true.
+ NegotiatedProtocolIsMutual bool
+
+ // ServerName is the value of the Server Name Indication extension sent by
+ // the client. It's available both on the server and on the client side.
+ ServerName string
+
+ // PeerCertificates are the parsed certificates sent by the peer, in the
+ // order in which they were sent. The first element is the leaf certificate
+ // that the connection is verified against.
+ //
+ // On the client side, it can't be empty. On the server side, it can be
+ // empty if Config.ClientAuth is not RequireAnyClientCert or
+ // RequireAndVerifyClientCert.
+ PeerCertificates []*x509.Certificate
+
+ // VerifiedChains is a list of one or more chains where the first element is
+ // PeerCertificates[0] and the last element is from Config.RootCAs (on the
+ // client side) or Config.ClientCAs (on the server side).
+ //
+ // On the client side, it's set if Config.InsecureSkipVerify is false. On
+ // the server side, it's set if Config.ClientAuth is VerifyClientCertIfGiven
+ // (and the peer provided a certificate) or RequireAndVerifyClientCert.
+ VerifiedChains [][]*x509.Certificate
+
+ // SignedCertificateTimestamps is a list of SCTs provided by the peer
+ // through the TLS handshake for the leaf certificate, if any.
+ SignedCertificateTimestamps [][]byte
+
+ // OCSPResponse is a stapled Online Certificate Status Protocol (OCSP)
+ // response provided by the peer for the leaf certificate, if any.
+ OCSPResponse []byte
+
+ // TLSUnique contains the "tls-unique" channel binding value (see RFC 5929,
+ // Section 3). This value will be nil for TLS 1.3 connections and for all
+ // resumed connections.
+ //
+ // Deprecated: there are conditions in which this value might not be unique
+ // to a connection. See the Security Considerations sections of RFC 5705 and
+ // RFC 7627, and https://mitls.org/pages/attacks/3SHAKE#channelbindings.
+ TLSUnique []byte
+
+ // ekm is a closure exposed via ExportKeyingMaterial.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+}
+
+type ConnectionStateWith0RTT struct {
+ ConnectionState
+
+ Used0RTT bool // true if 0-RTT was both offered and accepted
+}
+
+// ClientAuthType is tls.ClientAuthType
+type ClientAuthType = tls.ClientAuthType
+
+const (
+ NoClientCert = tls.NoClientCert
+ RequestClientCert = tls.RequestClientCert
+ RequireAnyClientCert = tls.RequireAnyClientCert
+ VerifyClientCertIfGiven = tls.VerifyClientCertIfGiven
+ RequireAndVerifyClientCert = tls.RequireAndVerifyClientCert
+)
+
+// requiresClientCert reports whether the ClientAuthType requires a client
+// certificate to be provided.
+func requiresClientCert(c ClientAuthType) bool {
+ switch c {
+ case RequireAnyClientCert, RequireAndVerifyClientCert:
+ return true
+ default:
+ return false
+ }
+}
+
+// ClientSessionState contains the state needed by clients to resume TLS
+// sessions.
+type ClientSessionState = tls.ClientSessionState
+
+type clientSessionState struct {
+ sessionTicket []uint8 // Encrypted ticket used for session resumption with server
+ vers uint16 // TLS version negotiated for the session
+ cipherSuite uint16 // Ciphersuite negotiated for the session
+ masterSecret []byte // Full handshake MasterSecret, or TLS 1.3 resumption_master_secret
+ serverCertificates []*x509.Certificate // Certificate chain presented by the server
+ verifiedChains [][]*x509.Certificate // Certificate chains we built for verification
+ receivedAt time.Time // When the session ticket was received from the server
+ ocspResponse []byte // Stapled OCSP response presented by the server
+ scts [][]byte // SCTs presented by the server
+
+ // TLS 1.3 fields.
+ nonce []byte // Ticket nonce sent by the server, to derive PSK
+ useBy time.Time // Expiration of the ticket lifetime as set by the server
+ ageAdd uint32 // Random obfuscation factor for sending the ticket age
+}
+
+// ClientSessionCache is a cache of ClientSessionState objects that can be used
+// by a client to resume a TLS session with a given server. ClientSessionCache
+// implementations should expect to be called concurrently from different
+// goroutines. Up to TLS 1.2, only ticket-based resumption is supported, not
+// SessionID-based resumption. In TLS 1.3 they were merged into PSK modes, which
+// are supported via this interface.
+//go:generate sh -c "mockgen -package qtls -destination mock_client_session_cache_test.go github.com/marten-seemann/qtls-go1-15 ClientSessionCache"
+type ClientSessionCache = tls.ClientSessionCache
+
+// SignatureScheme is a tls.SignatureScheme
+type SignatureScheme = tls.SignatureScheme
+
+const (
+ // RSASSA-PKCS1-v1_5 algorithms.
+ PKCS1WithSHA256 SignatureScheme = 0x0401
+ PKCS1WithSHA384 SignatureScheme = 0x0501
+ PKCS1WithSHA512 SignatureScheme = 0x0601
+
+ // RSASSA-PSS algorithms with public key OID rsaEncryption.
+ PSSWithSHA256 SignatureScheme = 0x0804
+ PSSWithSHA384 SignatureScheme = 0x0805
+ PSSWithSHA512 SignatureScheme = 0x0806
+
+ // ECDSA algorithms. Only constrained to a specific curve in TLS 1.3.
+ ECDSAWithP256AndSHA256 SignatureScheme = 0x0403
+ ECDSAWithP384AndSHA384 SignatureScheme = 0x0503
+ ECDSAWithP521AndSHA512 SignatureScheme = 0x0603
+
+ // EdDSA algorithms.
+ Ed25519 SignatureScheme = 0x0807
+
+ // Legacy signature and hash algorithms for TLS 1.2.
+ PKCS1WithSHA1 SignatureScheme = 0x0201
+ ECDSAWithSHA1 SignatureScheme = 0x0203
+)
+
+// ClientHelloInfo contains information from a ClientHello message in order to
+// guide application logic in the GetCertificate and GetConfigForClient callbacks.
+type ClientHelloInfo = tls.ClientHelloInfo
+
+type clientHelloInfo struct {
+ // CipherSuites lists the CipherSuites supported by the client (e.g.
+ // TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).
+ CipherSuites []uint16
+
+ // ServerName indicates the name of the server requested by the client
+ // in order to support virtual hosting. ServerName is only set if the
+ // client is using SNI (see RFC 4366, Section 3.1).
+ ServerName string
+
+ // SupportedCurves lists the elliptic curves supported by the client.
+ // SupportedCurves is set only if the Supported Elliptic Curves
+ // Extension is being used (see RFC 4492, Section 5.1.1).
+ SupportedCurves []CurveID
+
+ // SupportedPoints lists the point formats supported by the client.
+ // SupportedPoints is set only if the Supported Point Formats Extension
+ // is being used (see RFC 4492, Section 5.1.2).
+ SupportedPoints []uint8
+
+ // SignatureSchemes lists the signature and hash schemes that the client
+ // is willing to verify. SignatureSchemes is set only if the Signature
+ // Algorithms Extension is being used (see RFC 5246, Section 7.4.1.4.1).
+ SignatureSchemes []SignatureScheme
+
+ // SupportedProtos lists the application protocols supported by the client.
+ // SupportedProtos is set only if the Application-Layer Protocol
+ // Negotiation Extension is being used (see RFC 7301, Section 3.1).
+ //
+ // Servers can select a protocol by setting Config.NextProtos in a
+ // GetConfigForClient return value.
+ SupportedProtos []string
+
+ // SupportedVersions lists the TLS versions supported by the client.
+ // For TLS versions less than 1.3, this is extrapolated from the max
+ // version advertised by the client, so values other than the greatest
+ // might be rejected if used.
+ SupportedVersions []uint16
+
+ // Conn is the underlying net.Conn for the connection. Do not read
+ // from, or write to, this connection; that will cause the TLS
+ // connection to fail.
+ Conn net.Conn
+
+ // config is embedded by the GetCertificate or GetConfigForClient caller,
+ // for use with SupportsCertificate.
+ config *Config
+}
+
+// CertificateRequestInfo contains information from a server's
+// CertificateRequest message, which is used to demand a certificate and proof
+// of control from a client.
+type CertificateRequestInfo = tls.CertificateRequestInfo
+
+type certificateRequestInfo struct {
+ // AcceptableCAs contains zero or more, DER-encoded, X.501
+ // Distinguished Names. These are the names of root or intermediate CAs
+ // that the server wishes the returned certificate to be signed by. An
+ // empty slice indicates that the server has no preference.
+ AcceptableCAs [][]byte
+
+ // SignatureSchemes lists the signature schemes that the server is
+ // willing to verify.
+ SignatureSchemes []SignatureScheme
+
+ // Version is the TLS version that was negotiated for this connection.
+ Version uint16
+}
+
+// RenegotiationSupport enumerates the different levels of support for TLS
+// renegotiation. TLS renegotiation is the act of performing subsequent
+// handshakes on a connection after the first. This significantly complicates
+// the state machine and has been the source of numerous, subtle security
+// issues. Initiating a renegotiation is not supported, but support for
+// accepting renegotiation requests may be enabled.
+//
+// Even when enabled, the server may not change its identity between handshakes
+// (i.e. the leaf certificate must be the same). Additionally, concurrent
+// handshake and application data flow is not permitted so renegotiation can
+// only be used with protocols that synchronise with the renegotiation, such as
+// HTTPS.
+//
+// Renegotiation is not defined in TLS 1.3.
+type RenegotiationSupport = tls.RenegotiationSupport
+
+const (
+ // RenegotiateNever disables renegotiation.
+ RenegotiateNever = tls.RenegotiateNever
+
+ // RenegotiateOnceAsClient allows a remote server to request
+ // renegotiation once per connection.
+ RenegotiateOnceAsClient = tls.RenegotiateOnceAsClient
+
+ // RenegotiateFreelyAsClient allows a remote server to repeatedly
+ // request renegotiation.
+ RenegotiateFreelyAsClient = tls.RenegotiateFreelyAsClient
+)
+
+// A Config structure is used to configure a TLS client or server.
+// After one has been passed to a TLS function it must not be
+// modified. A Config may be reused; the tls package will also not
+// modify it.
+type Config = tls.Config
+
+type config struct {
+ // Rand provides the source of entropy for nonces and RSA blinding.
+ // If Rand is nil, TLS uses the cryptographic random reader in package
+ // crypto/rand.
+ // The Reader must be safe for use by multiple goroutines.
+ Rand io.Reader
+
+ // Time returns the current time as the number of seconds since the epoch.
+ // If Time is nil, TLS uses time.Now.
+ Time func() time.Time
+
+ // Certificates contains one or more certificate chains to present to the
+ // other side of the connection. The first certificate compatible with the
+ // peer's requirements is selected automatically.
+ //
+ // Server configurations must set one of Certificates, GetCertificate or
+ // GetConfigForClient. Clients doing client-authentication may set either
+ // Certificates or GetClientCertificate.
+ //
+ // Note: if there are multiple Certificates, and they don't have the
+ // optional field Leaf set, certificate selection will incur a significant
+ // per-handshake performance cost.
+ Certificates []Certificate
+
+ // NameToCertificate maps from a certificate name to an element of
+ // Certificates. Note that a certificate name can be of the form
+ // '*.example.com' and so doesn't have to be a domain name as such.
+ //
+ // Deprecated: NameToCertificate only allows associating a single
+ // certificate with a given name. Leave this field nil to let the library
+ // select the first compatible chain from Certificates.
+ NameToCertificate map[string]*Certificate
+
+ // GetCertificate returns a Certificate based on the given
+ // ClientHelloInfo. It will only be called if the client supplies SNI
+ // information or if Certificates is empty.
+ //
+ // If GetCertificate is nil or returns nil, then the certificate is
+ // retrieved from NameToCertificate. If NameToCertificate is nil, the
+ // best element of Certificates will be used.
+ GetCertificate func(*ClientHelloInfo) (*Certificate, error)
+
+ // GetClientCertificate, if not nil, is called when a server requests a
+ // certificate from a client. If set, the contents of Certificates will
+ // be ignored.
+ //
+ // If GetClientCertificate returns an error, the handshake will be
+ // aborted and that error will be returned. Otherwise
+ // GetClientCertificate must return a non-nil Certificate. If
+ // Certificate.Certificate is empty then no certificate will be sent to
+ // the server. If this is unacceptable to the server then it may abort
+ // the handshake.
+ //
+ // GetClientCertificate may be called multiple times for the same
+ // connection if renegotiation occurs or if TLS 1.3 is in use.
+ GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)
+
+ // GetConfigForClient, if not nil, is called after a ClientHello is
+ // received from a client. It may return a non-nil Config in order to
+ // change the Config that will be used to handle this connection. If
+ // the returned Config is nil, the original Config will be used. The
+ // Config returned by this callback may not be subsequently modified.
+ //
+ // If GetConfigForClient is nil, the Config passed to Server() will be
+ // used for all connections.
+ //
+ // If SessionTicketKey was explicitly set on the returned Config, or if
+ // SetSessionTicketKeys was called on the returned Config, those keys will
+ // be used. Otherwise, the original Config keys will be used (and possibly
+ // rotated if they are automatically managed).
+ GetConfigForClient func(*ClientHelloInfo) (*Config, error)
+
+ // VerifyPeerCertificate, if not nil, is called after normal
+ // certificate verification by either a TLS client or server. It
+ // receives the raw ASN.1 certificates provided by the peer and also
+ // any verified chains that normal processing found. If it returns a
+ // non-nil error, the handshake is aborted and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. If normal verification is disabled by
+ // setting InsecureSkipVerify, or (for a server) when ClientAuth is
+ // RequestClientCert or RequireAnyClientCert, then this callback will
+ // be considered but the verifiedChains argument will always be nil.
+ VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
+
+ // VerifyConnection, if not nil, is called after normal certificate
+ // verification and after VerifyPeerCertificate by either a TLS client
+ // or server. If it returns a non-nil error, the handshake is aborted
+ // and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. This callback will run for all connections
+ // regardless of InsecureSkipVerify or ClientAuth settings.
+ VerifyConnection func(ConnectionState) error
+
+ // RootCAs defines the set of root certificate authorities
+ // that clients use when verifying server certificates.
+ // If RootCAs is nil, TLS uses the host's root CA set.
+ RootCAs *x509.CertPool
+
+ // NextProtos is a list of supported application level protocols, in
+ // order of preference.
+ NextProtos []string
+
+ // ServerName is used to verify the hostname on the returned
+ // certificates unless InsecureSkipVerify is given. It is also included
+ // in the client's handshake to support virtual hosting unless it is
+ // an IP address.
+ ServerName string
+
+ // ClientAuth determines the server's policy for
+ // TLS Client Authentication. The default is NoClientCert.
+ ClientAuth ClientAuthType
+
+ // ClientCAs defines the set of root certificate authorities
+ // that servers use if required to verify a client certificate
+ // by the policy in ClientAuth.
+ ClientCAs *x509.CertPool
+
+ // InsecureSkipVerify controls whether a client verifies the server's
+ // certificate chain and host name. If InsecureSkipVerify is true, crypto/tls
+ // accepts any certificate presented by the server and any host name in that
+ // certificate. In this mode, TLS is susceptible to machine-in-the-middle
+ // attacks unless custom verification is used. This should be used only for
+ // testing or in combination with VerifyConnection or VerifyPeerCertificate.
+ InsecureSkipVerify bool
+
+ // CipherSuites is a list of supported cipher suites for TLS versions up to
+ // TLS 1.2. If CipherSuites is nil, a default list of secure cipher suites
+ // is used, with a preference order based on hardware performance. The
+ // default cipher suites might change over Go versions. Note that TLS 1.3
+ // ciphersuites are not configurable.
+ CipherSuites []uint16
+
+ // PreferServerCipherSuites controls whether the server selects the
+ // client's most preferred ciphersuite, or the server's most preferred
+ // ciphersuite. If true then the server's preference, as expressed in
+ // the order of elements in CipherSuites, is used.
+ PreferServerCipherSuites bool
+
+ // SessionTicketsDisabled may be set to true to disable session ticket and
+ // PSK (resumption) support. Note that on clients, session ticket support is
+ // also disabled if ClientSessionCache is nil.
+ SessionTicketsDisabled bool
+
+ // SessionTicketKey is used by TLS servers to provide session resumption.
+ // See RFC 5077 and the PSK mode of RFC 8446. If zero, it will be filled
+ // with random data before the first server handshake.
+ //
+ // Deprecated: if this field is left at zero, session ticket keys will be
+ // automatically rotated every day and dropped after seven days. For
+ // customizing the rotation schedule or synchronizing servers that are
+ // terminating connections for the same host, use SetSessionTicketKeys.
+ SessionTicketKey [32]byte
+
+ // ClientSessionCache is a cache of ClientSessionState entries for TLS
+ // session resumption. It is only used by clients.
+ ClientSessionCache ClientSessionCache
+
+ // MinVersion contains the minimum TLS version that is acceptable.
+ // If zero, TLS 1.0 is currently taken as the minimum.
+ MinVersion uint16
+
+ // MaxVersion contains the maximum TLS version that is acceptable.
+ // If zero, the maximum version supported by this package is used,
+ // which is currently TLS 1.3.
+ MaxVersion uint16
+
+ // CurvePreferences contains the elliptic curves that will be used in
+ // an ECDHE handshake, in preference order. If empty, the default will
+ // be used. The client will use the first preference as the type for
+ // its key share in TLS 1.3. This may change in the future.
+ CurvePreferences []CurveID
+
+ // DynamicRecordSizingDisabled disables adaptive sizing of TLS records.
+ // When true, the largest possible TLS record size is always used. When
+ // false, the size of TLS records may be adjusted in an attempt to
+ // improve latency.
+ DynamicRecordSizingDisabled bool
+
+ // Renegotiation controls what types of renegotiation are supported.
+ // The default, none, is correct for the vast majority of applications.
+ Renegotiation RenegotiationSupport
+
+ // KeyLogWriter optionally specifies a destination for TLS master secrets
+ // in NSS key log format that can be used to allow external programs
+ // such as Wireshark to decrypt TLS connections.
+ // See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format.
+ // Use of KeyLogWriter compromises security and should only be
+ // used for debugging.
+ KeyLogWriter io.Writer
+
+ // mutex protects sessionTicketKeys and autoSessionTicketKeys.
+ mutex sync.RWMutex
+ // sessionTicketKeys contains zero or more ticket keys. If set, it means the
+ // the keys were set with SessionTicketKey or SetSessionTicketKeys. The
+ // first key is used for new tickets and any subsequent keys can be used to
+ // decrypt old tickets. The slice contents are not protected by the mutex
+ // and are immutable.
+ sessionTicketKeys []ticketKey
+ // autoSessionTicketKeys is like sessionTicketKeys but is owned by the
+ // auto-rotation logic. See Config.ticketKeys.
+ autoSessionTicketKeys []ticketKey
+}
+
+// A RecordLayer handles encrypting and decrypting of TLS messages.
+type RecordLayer interface {
+ SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ ReadHandshakeMessage() ([]byte, error)
+ WriteRecord([]byte) (int, error)
+ SendAlert(uint8)
+}
+
+type ExtraConfig struct {
+ // GetExtensions, if not nil, is called before a message that allows
+ // sending of extensions is sent.
+ // Currently only implemented for the ClientHello message (for the client)
+ // and for the EncryptedExtensions message (for the server).
+ // Only valid for TLS 1.3.
+ GetExtensions func(handshakeMessageType uint8) []Extension
+
+ // ReceivedExtensions, if not nil, is called when a message that allows the
+ // inclusion of extensions is received.
+ // It is called with an empty slice of extensions, if the message didn't
+ // contain any extensions.
+ // Currently only implemented for the ClientHello message (sent by the
+ // client) and for the EncryptedExtensions message (sent by the server).
+ // Only valid for TLS 1.3.
+ ReceivedExtensions func(handshakeMessageType uint8, exts []Extension)
+
+ // AlternativeRecordLayer is used by QUIC
+ AlternativeRecordLayer RecordLayer
+
+ // Enforce the selection of a supported application protocol.
+ // Only works for TLS 1.3.
+ // If enabled, client and server have to agree on an application protocol.
+ // Otherwise, connection establishment fails.
+ EnforceNextProtoSelection bool
+
+ // If MaxEarlyData is greater than 0, the client will be allowed to send early
+ // data when resuming a session.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning on the client.
+ MaxEarlyData uint32
+
+ // The Accept0RTT callback is called when the client offers 0-RTT.
+ // The server then has to decide if it wants to accept or reject 0-RTT.
+ // It is only used for servers.
+ Accept0RTT func(appData []byte) bool
+
+ // 0RTTRejected is called when the server rejectes 0-RTT.
+ // It is only used for clients.
+ Rejected0RTT func()
+
+ // If set, the client will export the 0-RTT key when resuming a session that
+ // allows sending of early data.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning to the server.
+ Enable0RTT bool
+
+ // Is called when the client saves a session ticket to the session ticket.
+ // This gives the application the opportunity to save some data along with the ticket,
+ // which can be restored when the session ticket is used.
+ GetAppDataForSessionState func() []byte
+
+ // Is called when the client uses a session ticket.
+ // Restores the application data that was saved earlier on GetAppDataForSessionTicket.
+ SetAppDataFromSessionState func([]byte)
+}
+
+// Clone clones.
+func (c *ExtraConfig) Clone() *ExtraConfig {
+ return &ExtraConfig{
+ GetExtensions: c.GetExtensions,
+ ReceivedExtensions: c.ReceivedExtensions,
+ AlternativeRecordLayer: c.AlternativeRecordLayer,
+ EnforceNextProtoSelection: c.EnforceNextProtoSelection,
+ MaxEarlyData: c.MaxEarlyData,
+ Enable0RTT: c.Enable0RTT,
+ Accept0RTT: c.Accept0RTT,
+ Rejected0RTT: c.Rejected0RTT,
+ GetAppDataForSessionState: c.GetAppDataForSessionState,
+ SetAppDataFromSessionState: c.SetAppDataFromSessionState,
+ }
+}
+
+func (c *ExtraConfig) usesAlternativeRecordLayer() bool {
+ return c != nil && c.AlternativeRecordLayer != nil
+}
+
+const (
+ // ticketKeyNameLen is the number of bytes of identifier that is prepended to
+ // an encrypted session ticket in order to identify the key used to encrypt it.
+ ticketKeyNameLen = 16
+
+ // ticketKeyLifetime is how long a ticket key remains valid and can be used to
+ // resume a client connection.
+ ticketKeyLifetime = 7 * 24 * time.Hour // 7 days
+
+ // ticketKeyRotation is how often the server should rotate the session ticket key
+ // that is used for new tickets.
+ ticketKeyRotation = 24 * time.Hour
+)
+
+// ticketKey is the internal representation of a session ticket key.
+type ticketKey struct {
+ // keyName is an opaque byte string that serves to identify the session
+ // ticket key. It's exposed as plaintext in every session ticket.
+ keyName [ticketKeyNameLen]byte
+ aesKey [16]byte
+ hmacKey [16]byte
+ // created is the time at which this ticket key was created. See Config.ticketKeys.
+ created time.Time
+}
+
+// ticketKeyFromBytes converts from the external representation of a session
+// ticket key to a ticketKey. Externally, session ticket keys are 32 random
+// bytes and this function expands that into sufficient name and key material.
+func (c *config) ticketKeyFromBytes(b [32]byte) (key ticketKey) {
+ hashed := sha512.Sum512(b[:])
+ copy(key.keyName[:], hashed[:ticketKeyNameLen])
+ copy(key.aesKey[:], hashed[ticketKeyNameLen:ticketKeyNameLen+16])
+ copy(key.hmacKey[:], hashed[ticketKeyNameLen+16:ticketKeyNameLen+32])
+ key.created = c.time()
+ return key
+}
+
+// maxSessionTicketLifetime is the maximum allowed lifetime of a TLS 1.3 session
+// ticket, and the lifetime we set for tickets we send.
+const maxSessionTicketLifetime = 7 * 24 * time.Hour
+
+// Clone returns a shallow clone of c or nil if c is nil. It is safe to clone a Config that is
+// being used concurrently by a TLS client or server.
+func (c *config) Clone() *config {
+ if c == nil {
+ return nil
+ }
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ return &config{
+ Rand: c.Rand,
+ Time: c.Time,
+ Certificates: c.Certificates,
+ NameToCertificate: c.NameToCertificate,
+ GetCertificate: c.GetCertificate,
+ GetClientCertificate: c.GetClientCertificate,
+ GetConfigForClient: c.GetConfigForClient,
+ VerifyPeerCertificate: c.VerifyPeerCertificate,
+ VerifyConnection: c.VerifyConnection,
+ RootCAs: c.RootCAs,
+ NextProtos: c.NextProtos,
+ ServerName: c.ServerName,
+ ClientAuth: c.ClientAuth,
+ ClientCAs: c.ClientCAs,
+ InsecureSkipVerify: c.InsecureSkipVerify,
+ CipherSuites: c.CipherSuites,
+ PreferServerCipherSuites: c.PreferServerCipherSuites,
+ SessionTicketsDisabled: c.SessionTicketsDisabled,
+ SessionTicketKey: c.SessionTicketKey,
+ ClientSessionCache: c.ClientSessionCache,
+ MinVersion: c.MinVersion,
+ MaxVersion: c.MaxVersion,
+ CurvePreferences: c.CurvePreferences,
+ DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled,
+ Renegotiation: c.Renegotiation,
+ KeyLogWriter: c.KeyLogWriter,
+ sessionTicketKeys: c.sessionTicketKeys,
+ autoSessionTicketKeys: c.autoSessionTicketKeys,
+ }
+}
+
+// deprecatedSessionTicketKey is set as the prefix of SessionTicketKey if it was
+// randomized for backwards compatibility but is not in use.
+var deprecatedSessionTicketKey = []byte("DEPRECATED")
+
+// initLegacySessionTicketKeyRLocked ensures the legacy SessionTicketKey field is
+// randomized if empty, and that sessionTicketKeys is populated from it otherwise.
+func (c *config) initLegacySessionTicketKeyRLocked() {
+ // Don't write if SessionTicketKey is already defined as our deprecated string,
+ // or if it is defined by the user but sessionTicketKeys is already set.
+ if c.SessionTicketKey != [32]byte{} &&
+ (bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) || len(c.sessionTicketKeys) > 0) {
+ return
+ }
+
+ // We need to write some data, so get an exclusive lock and re-check any conditions.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ if c.SessionTicketKey == [32]byte{} {
+ if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil {
+ panic(fmt.Sprintf("tls: unable to generate random session ticket key: %v", err))
+ }
+ // Write the deprecated prefix at the beginning so we know we created
+ // it. This key with the DEPRECATED prefix isn't used as an actual
+ // session ticket key, and is only randomized in case the application
+ // reuses it for some reason.
+ copy(c.SessionTicketKey[:], deprecatedSessionTicketKey)
+ } else if !bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) && len(c.sessionTicketKeys) == 0 {
+ c.sessionTicketKeys = []ticketKey{c.ticketKeyFromBytes(c.SessionTicketKey)}
+ }
+
+}
+
+// ticketKeys returns the ticketKeys for this connection.
+// If configForClient has explicitly set keys, those will
+// be returned. Otherwise, the keys on c will be used and
+// may be rotated if auto-managed.
+// During rotation, any expired session ticket keys are deleted from
+// c.sessionTicketKeys. If the session ticket key that is currently
+// encrypting tickets (ie. the first ticketKey in c.sessionTicketKeys)
+// is not fresh, then a new session ticket key will be
+// created and prepended to c.sessionTicketKeys.
+func (c *config) ticketKeys(configForClient *config) []ticketKey {
+ // If the ConfigForClient callback returned a Config with explicitly set
+ // keys, use those, otherwise just use the original Config.
+ if configForClient != nil {
+ configForClient.mutex.RLock()
+ if configForClient.SessionTicketsDisabled {
+ return nil
+ }
+ configForClient.initLegacySessionTicketKeyRLocked()
+ if len(configForClient.sessionTicketKeys) != 0 {
+ ret := configForClient.sessionTicketKeys
+ configForClient.mutex.RUnlock()
+ return ret
+ }
+ configForClient.mutex.RUnlock()
+ }
+
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ if c.SessionTicketsDisabled {
+ return nil
+ }
+ c.initLegacySessionTicketKeyRLocked()
+ if len(c.sessionTicketKeys) != 0 {
+ return c.sessionTicketKeys
+ }
+ // Fast path for the common case where the key is fresh enough.
+ if len(c.autoSessionTicketKeys) > 0 && c.time().Sub(c.autoSessionTicketKeys[0].created) < ticketKeyRotation {
+ return c.autoSessionTicketKeys
+ }
+
+ // autoSessionTicketKeys are managed by auto-rotation.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ // Re-check the condition in case it changed since obtaining the new lock.
+ if len(c.autoSessionTicketKeys) == 0 || c.time().Sub(c.autoSessionTicketKeys[0].created) >= ticketKeyRotation {
+ var newKey [32]byte
+ if _, err := io.ReadFull(c.rand(), newKey[:]); err != nil {
+ panic(fmt.Sprintf("unable to generate random session ticket key: %v", err))
+ }
+ valid := make([]ticketKey, 0, len(c.autoSessionTicketKeys)+1)
+ valid = append(valid, c.ticketKeyFromBytes(newKey))
+ for _, k := range c.autoSessionTicketKeys {
+ // While rotating the current key, also remove any expired ones.
+ if c.time().Sub(k.created) < ticketKeyLifetime {
+ valid = append(valid, k)
+ }
+ }
+ c.autoSessionTicketKeys = valid
+ }
+ return c.autoSessionTicketKeys
+}
+
+// SetSessionTicketKeys updates the session ticket keys for a server.
+//
+// The first key will be used when creating new tickets, while all keys can be
+// used for decrypting tickets. It is safe to call this function while the
+// server is running in order to rotate the session ticket keys. The function
+// will panic if keys is empty.
+//
+// Calling this function will turn off automatic session ticket key rotation.
+//
+// If multiple servers are terminating connections for the same host they should
+// all have the same session ticket keys. If the session ticket keys leaks,
+// previously recorded and future TLS connections using those keys might be
+// compromised.
+func (c *config) SetSessionTicketKeys(keys [][32]byte) {
+ if len(keys) == 0 {
+ panic("tls: keys must have at least one key")
+ }
+
+ newKeys := make([]ticketKey, len(keys))
+ for i, bytes := range keys {
+ newKeys[i] = c.ticketKeyFromBytes(bytes)
+ }
+
+ c.mutex.Lock()
+ c.sessionTicketKeys = newKeys
+ c.mutex.Unlock()
+}
+
+func (c *config) rand() io.Reader {
+ r := c.Rand
+ if r == nil {
+ return rand.Reader
+ }
+ return r
+}
+
+func (c *config) time() time.Time {
+ t := c.Time
+ if t == nil {
+ t = time.Now
+ }
+ return t()
+}
+
+func (c *config) cipherSuites() []uint16 {
+ s := c.CipherSuites
+ if s == nil {
+ s = defaultCipherSuites()
+ }
+ return s
+}
+
+var supportedVersions = []uint16{
+ VersionTLS13,
+ VersionTLS12,
+ VersionTLS11,
+ VersionTLS10,
+}
+
+func (c *config) supportedVersions() []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if c != nil && c.MinVersion != 0 && v < c.MinVersion {
+ continue
+ }
+ if c != nil && c.MaxVersion != 0 && v > c.MaxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+func (c *config) maxSupportedVersion() uint16 {
+ supportedVersions := c.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return 0
+ }
+ return supportedVersions[0]
+}
+
+// supportedVersionsFromMax returns a list of supported versions derived from a
+// legacy maximum version value. Note that only versions supported by this
+// library are returned. Any newer peer will use supportedVersions anyway.
+func supportedVersionsFromMax(maxVersion uint16) []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if v > maxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521}
+
+func (c *config) curvePreferences() []CurveID {
+ if c == nil || len(c.CurvePreferences) == 0 {
+ return defaultCurvePreferences
+ }
+ return c.CurvePreferences
+}
+
+func (c *config) supportsCurve(curve CurveID) bool {
+ for _, cc := range c.curvePreferences() {
+ if cc == curve {
+ return true
+ }
+ }
+ return false
+}
+
+// mutualVersion returns the protocol version to use given the advertised
+// versions of the peer. Priority is given to the peer preference order.
+func (c *config) mutualVersion(peerVersions []uint16) (uint16, bool) {
+ supportedVersions := c.supportedVersions()
+ for _, peerVersion := range peerVersions {
+ for _, v := range supportedVersions {
+ if v == peerVersion {
+ return v, true
+ }
+ }
+ }
+ return 0, false
+}
+
+var errNoCertificates = errors.New("tls: no certificates configured")
+
+// getCertificate returns the best certificate for the given ClientHelloInfo,
+// defaulting to the first element of c.Certificates.
+func (c *config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) {
+ if c.GetCertificate != nil &&
+ (len(c.Certificates) == 0 || len(clientHello.ServerName) > 0) {
+ cert, err := c.GetCertificate(clientHello)
+ if cert != nil || err != nil {
+ return cert, err
+ }
+ }
+
+ if len(c.Certificates) == 0 {
+ return nil, errNoCertificates
+ }
+
+ if len(c.Certificates) == 1 {
+ // There's only one choice, so no point doing any work.
+ return &c.Certificates[0], nil
+ }
+
+ if c.NameToCertificate != nil {
+ name := strings.ToLower(clientHello.ServerName)
+ if cert, ok := c.NameToCertificate[name]; ok {
+ return cert, nil
+ }
+ if len(name) > 0 {
+ labels := strings.Split(name, ".")
+ labels[0] = "*"
+ wildcardName := strings.Join(labels, ".")
+ if cert, ok := c.NameToCertificate[wildcardName]; ok {
+ return cert, nil
+ }
+ }
+ }
+
+ for _, cert := range c.Certificates {
+ if err := clientHello.SupportsCertificate(&cert); err == nil {
+ return &cert, nil
+ }
+ }
+
+ // If nothing matches, return the first certificate.
+ return &c.Certificates[0], nil
+}
+
+// SupportsCertificate returns nil if the provided certificate is supported by
+// the client that sent the ClientHello. Otherwise, it returns an error
+// describing the reason for the incompatibility.
+//
+// If this ClientHelloInfo was passed to a GetConfigForClient or GetCertificate
+// callback, this method will take into account the associated Config. Note that
+// if GetConfigForClient returns a different Config, the change can't be
+// accounted for by this method.
+//
+// This function will call x509.ParseCertificate unless c.Leaf is set, which can
+// incur a significant performance cost.
+func (chi *clientHelloInfo) SupportsCertificate(c *Certificate) error {
+ // Note we don't currently support certificate_authorities nor
+ // signature_algorithms_cert, and don't check the algorithms of the
+ // signatures on the chain (which anyway are a SHOULD, see RFC 8446,
+ // Section 4.4.2.2).
+
+ config := chi.config
+ if config == nil {
+ config = &Config{}
+ }
+ conf := fromConfig(config)
+ vers, ok := conf.mutualVersion(chi.SupportedVersions)
+ if !ok {
+ return errors.New("no mutually supported protocol versions")
+ }
+
+ // If the client specified the name they are trying to connect to, the
+ // certificate needs to be valid for it.
+ if chi.ServerName != "" {
+ x509Cert, err := leafCertificate(c)
+ if err != nil {
+ return fmt.Errorf("failed to parse certificate: %w", err)
+ }
+ if err := x509Cert.VerifyHostname(chi.ServerName); err != nil {
+ return fmt.Errorf("certificate is not valid for requested server name: %w", err)
+ }
+ }
+
+ // supportsRSAFallback returns nil if the certificate and connection support
+ // the static RSA key exchange, and unsupported otherwise. The logic for
+ // supporting static RSA is completely disjoint from the logic for
+ // supporting signed key exchanges, so we just check it as a fallback.
+ supportsRSAFallback := func(unsupported error) error {
+ // TLS 1.3 dropped support for the static RSA key exchange.
+ if vers == VersionTLS13 {
+ return unsupported
+ }
+ // The static RSA key exchange works by decrypting a challenge with the
+ // RSA private key, not by signing, so check the PrivateKey implements
+ // crypto.Decrypter, like *rsa.PrivateKey does.
+ if priv, ok := c.PrivateKey.(crypto.Decrypter); ok {
+ if _, ok := priv.Public().(*rsa.PublicKey); !ok {
+ return unsupported
+ }
+ } else {
+ return unsupported
+ }
+ // Finally, there needs to be a mutual cipher suite that uses the static
+ // RSA key exchange instead of ECDHE.
+ rsaCipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ return false
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if rsaCipherSuite == nil {
+ return unsupported
+ }
+ return nil
+ }
+
+ // If the client sent the signature_algorithms extension, ensure it supports
+ // schemes we can use with this certificate and TLS version.
+ if len(chi.SignatureSchemes) > 0 {
+ if _, err := selectSignatureScheme(vers, c, chi.SignatureSchemes); err != nil {
+ return supportsRSAFallback(err)
+ }
+ }
+
+ // In TLS 1.3 we are done because supported_groups is only relevant to the
+ // ECDHE computation, point format negotiation is removed, cipher suites are
+ // only relevant to the AEAD choice, and static RSA does not exist.
+ if vers == VersionTLS13 {
+ return nil
+ }
+
+ // The only signed key exchange we support is ECDHE.
+ if !supportsECDHE(conf, chi.SupportedCurves, chi.SupportedPoints) {
+ return supportsRSAFallback(errors.New("client doesn't support ECDHE, can only use legacy RSA key exchange"))
+ }
+
+ var ecdsaCipherSuite bool
+ if priv, ok := c.PrivateKey.(crypto.Signer); ok {
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ var curve CurveID
+ switch pub.Curve {
+ case elliptic.P256():
+ curve = CurveP256
+ case elliptic.P384():
+ curve = CurveP384
+ case elliptic.P521():
+ curve = CurveP521
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ var curveOk bool
+ for _, c := range chi.SupportedCurves {
+ if c == curve && conf.supportsCurve(c) {
+ curveOk = true
+ break
+ }
+ }
+ if !curveOk {
+ return errors.New("client doesn't support certificate curve")
+ }
+ ecdsaCipherSuite = true
+ case ed25519.PublicKey:
+ if vers < VersionTLS12 || len(chi.SignatureSchemes) == 0 {
+ return errors.New("connection doesn't support Ed25519")
+ }
+ ecdsaCipherSuite = true
+ case *rsa.PublicKey:
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ } else {
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+
+ // Make sure that there is a mutually supported cipher suite that works with
+ // this certificate. Cipher suite selection will then apply the logic in
+ // reverse to pick it. See also serverHandshakeState.cipherSuiteOk.
+ cipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE == 0 {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !ecdsaCipherSuite {
+ return false
+ }
+ } else {
+ if ecdsaCipherSuite {
+ return false
+ }
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if cipherSuite == nil {
+ return supportsRSAFallback(errors.New("client doesn't support any cipher suites compatible with the certificate"))
+ }
+
+ return nil
+}
+
+// BuildNameToCertificate parses c.Certificates and builds c.NameToCertificate
+// from the CommonName and SubjectAlternateName fields of each of the leaf
+// certificates.
+//
+// Deprecated: NameToCertificate only allows associating a single certificate
+// with a given name. Leave that field nil to let the library select the first
+// compatible chain from Certificates.
+func (c *config) BuildNameToCertificate() {
+ c.NameToCertificate = make(map[string]*Certificate)
+ for i := range c.Certificates {
+ cert := &c.Certificates[i]
+ x509Cert, err := leafCertificate(cert)
+ if err != nil {
+ continue
+ }
+ // If SANs are *not* present, some clients will consider the certificate
+ // valid for the name in the Common Name.
+ if x509Cert.Subject.CommonName != "" && len(x509Cert.DNSNames) == 0 {
+ c.NameToCertificate[x509Cert.Subject.CommonName] = cert
+ }
+ for _, san := range x509Cert.DNSNames {
+ c.NameToCertificate[san] = cert
+ }
+ }
+}
+
+const (
+ keyLogLabelTLS12 = "CLIENT_RANDOM"
+ keyLogLabelEarlyTraffic = "CLIENT_EARLY_TRAFFIC_SECRET"
+ keyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0"
+ keyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0"
+)
+
+func (c *config) writeKeyLog(label string, clientRandom, secret []byte) error {
+ if c.KeyLogWriter == nil {
+ return nil
+ }
+
+ logLine := []byte(fmt.Sprintf("%s %x %x\n", label, clientRandom, secret))
+
+ writerMutex.Lock()
+ _, err := c.KeyLogWriter.Write(logLine)
+ writerMutex.Unlock()
+
+ return err
+}
+
+// writerMutex protects all KeyLogWriters globally. It is rarely enabled,
+// and is only for debugging, so a global mutex saves space.
+var writerMutex sync.Mutex
+
+// A Certificate is a chain of one or more certificates, leaf first.
+type Certificate = tls.Certificate
+
+// leaf returns the parsed leaf certificate, either from c.Leaf or by parsing
+// the corresponding c.Certificate[0].
+func leafCertificate(c *Certificate) (*x509.Certificate, error) {
+ if c.Leaf != nil {
+ return c.Leaf, nil
+ }
+ return x509.ParseCertificate(c.Certificate[0])
+}
+
+type handshakeMessage interface {
+ marshal() []byte
+ unmarshal([]byte) bool
+}
+
+// lruSessionCache is a ClientSessionCache implementation that uses an LRU
+// caching strategy.
+type lruSessionCache struct {
+ sync.Mutex
+
+ m map[string]*list.Element
+ q *list.List
+ capacity int
+}
+
+type lruSessionCacheEntry struct {
+ sessionKey string
+ state *ClientSessionState
+}
+
+// NewLRUClientSessionCache returns a ClientSessionCache with the given
+// capacity that uses an LRU strategy. If capacity is < 1, a default capacity
+// is used instead.
+func NewLRUClientSessionCache(capacity int) ClientSessionCache {
+ const defaultSessionCacheCapacity = 64
+
+ if capacity < 1 {
+ capacity = defaultSessionCacheCapacity
+ }
+ return &lruSessionCache{
+ m: make(map[string]*list.Element),
+ q: list.New(),
+ capacity: capacity,
+ }
+}
+
+// Put adds the provided (sessionKey, cs) pair to the cache. If cs is nil, the entry
+// corresponding to sessionKey is removed from the cache instead.
+func (c *lruSessionCache) Put(sessionKey string, cs *ClientSessionState) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ if cs == nil {
+ c.q.Remove(elem)
+ delete(c.m, sessionKey)
+ } else {
+ entry := elem.Value.(*lruSessionCacheEntry)
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ }
+ return
+ }
+
+ if c.q.Len() < c.capacity {
+ entry := &lruSessionCacheEntry{sessionKey, cs}
+ c.m[sessionKey] = c.q.PushFront(entry)
+ return
+ }
+
+ elem := c.q.Back()
+ entry := elem.Value.(*lruSessionCacheEntry)
+ delete(c.m, entry.sessionKey)
+ entry.sessionKey = sessionKey
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ c.m[sessionKey] = elem
+}
+
+// Get returns the ClientSessionState value associated with a given key. It
+// returns (nil, false) if no value is found.
+func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ c.q.MoveToFront(elem)
+ return elem.Value.(*lruSessionCacheEntry).state, true
+ }
+ return nil, false
+}
+
+var emptyConfig Config
+
+func defaultConfig() *Config {
+ return &emptyConfig
+}
+
+var (
+ once sync.Once
+ varDefaultCipherSuites []uint16
+ varDefaultCipherSuitesTLS13 []uint16
+)
+
+func defaultCipherSuites() []uint16 {
+ once.Do(initDefaultCipherSuites)
+ return varDefaultCipherSuites
+}
+
+func defaultCipherSuitesTLS13() []uint16 {
+ once.Do(initDefaultCipherSuites)
+ return varDefaultCipherSuitesTLS13
+}
+
+var (
+ hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ
+ hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL
+ // Keep in sync with crypto/aes/cipher_s390x.go.
+ hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR && (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM)
+
+ hasAESGCMHardwareSupport = runtime.GOARCH == "amd64" && hasGCMAsmAMD64 ||
+ runtime.GOARCH == "arm64" && hasGCMAsmARM64 ||
+ runtime.GOARCH == "s390x" && hasGCMAsmS390X
+)
+
+func initDefaultCipherSuites() {
+ var topCipherSuites []uint16
+
+ if hasAESGCMHardwareSupport {
+ // If AES-GCM hardware is provided then prioritise AES-GCM
+ // cipher suites.
+ topCipherSuites = []uint16{
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ }
+ varDefaultCipherSuitesTLS13 = []uint16{
+ TLS_AES_128_GCM_SHA256,
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_256_GCM_SHA384,
+ }
+ } else {
+ // Without AES-GCM hardware, we put the ChaCha20-Poly1305
+ // cipher suites first.
+ topCipherSuites = []uint16{
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+ }
+ varDefaultCipherSuitesTLS13 = []uint16{
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_128_GCM_SHA256,
+ TLS_AES_256_GCM_SHA384,
+ }
+ }
+
+ varDefaultCipherSuites = make([]uint16, 0, len(cipherSuites))
+ varDefaultCipherSuites = append(varDefaultCipherSuites, topCipherSuites...)
+
+NextCipherSuite:
+ for _, suite := range cipherSuites {
+ if suite.flags&suiteDefaultOff != 0 {
+ continue
+ }
+ for _, existing := range varDefaultCipherSuites {
+ if existing == suite.id {
+ continue NextCipherSuite
+ }
+ }
+ varDefaultCipherSuites = append(varDefaultCipherSuites, suite.id)
+ }
+}
+
+func unexpectedMessageError(wanted, got interface{}) error {
+ return fmt.Errorf("tls: received unexpected handshake message of type %T when waiting for %T", got, wanted)
+}
+
+func isSupportedSignatureAlgorithm(sigAlg SignatureScheme, supportedSignatureAlgorithms []SignatureScheme) bool {
+ for _, s := range supportedSignatureAlgorithms {
+ if s == sigAlg {
+ return true
+ }
+ }
+ return false
+}
+
+var aesgcmCiphers = map[uint16]bool{
+ // 1.2
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: true,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: true,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: true,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: true,
+ // 1.3
+ TLS_AES_128_GCM_SHA256: true,
+ TLS_AES_256_GCM_SHA384: true,
+}
+
+var nonAESGCMAEADCiphers = map[uint16]bool{
+ // 1.2
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: true,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: true,
+ // 1.3
+ TLS_CHACHA20_POLY1305_SHA256: true,
+}
+
+// aesgcmPreferred returns whether the first valid cipher in the preference list
+// is an AES-GCM cipher, implying the peer has hardware support for it.
+func aesgcmPreferred(ciphers []uint16) bool {
+ for _, cID := range ciphers {
+ c := cipherSuiteByID(cID)
+ if c == nil {
+ c13 := cipherSuiteTLS13ByID(cID)
+ if c13 == nil {
+ continue
+ }
+ return aesgcmCiphers[cID]
+ }
+ return aesgcmCiphers[cID]
+ }
+ return false
+}
+
+// deprioritizeAES reorders cipher preference lists by rearranging
+// adjacent AEAD ciphers such that AES-GCM based ciphers are moved
+// after other AEAD ciphers. It returns a fresh slice.
+func deprioritizeAES(ciphers []uint16) []uint16 {
+ reordered := make([]uint16, len(ciphers))
+ copy(reordered, ciphers)
+ sort.SliceStable(reordered, func(i, j int) bool {
+ return nonAESGCMAEADCiphers[reordered[i]] && aesgcmCiphers[reordered[j]]
+ })
+ return reordered
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/conn.go b/vendor/github.com/marten-seemann/qtls-go1-16/conn.go
new file mode 100644
index 00000000..fa5eb3f1
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/conn.go
@@ -0,0 +1,1536 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// TLS low level connection and record layer
+
+package qtls
+
+import (
+ "bytes"
+ "crypto/cipher"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "net"
+ "sync"
+ "sync/atomic"
+ "time"
+)
+
+// A Conn represents a secured connection.
+// It implements the net.Conn interface.
+type Conn struct {
+ // constant
+ conn net.Conn
+ isClient bool
+ handshakeFn func() error // (*Conn).clientHandshake or serverHandshake
+
+ // handshakeStatus is 1 if the connection is currently transferring
+ // application data (i.e. is not currently processing a handshake).
+ // This field is only to be accessed with sync/atomic.
+ handshakeStatus uint32
+ // constant after handshake; protected by handshakeMutex
+ handshakeMutex sync.Mutex
+ handshakeErr error // error resulting from handshake
+ vers uint16 // TLS version
+ haveVers bool // version has been negotiated
+ config *config // configuration passed to constructor
+ // handshakes counts the number of handshakes performed on the
+ // connection so far. If renegotiation is disabled then this is either
+ // zero or one.
+ extraConfig *ExtraConfig
+
+ handshakes int
+ didResume bool // whether this connection was a session resumption
+ cipherSuite uint16
+ ocspResponse []byte // stapled OCSP response
+ scts [][]byte // signed certificate timestamps from server
+ peerCertificates []*x509.Certificate
+ // verifiedChains contains the certificate chains that we built, as
+ // opposed to the ones presented by the server.
+ verifiedChains [][]*x509.Certificate
+ // serverName contains the server name indicated by the client, if any.
+ serverName string
+ // secureRenegotiation is true if the server echoed the secure
+ // renegotiation extension. (This is meaningless as a server because
+ // renegotiation is not supported in that case.)
+ secureRenegotiation bool
+ // ekm is a closure for exporting keying material.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+ // For the client:
+ // resumptionSecret is the resumption_master_secret for handling
+ // NewSessionTicket messages. nil if config.SessionTicketsDisabled.
+ // For the server:
+ // resumptionSecret is the resumption_master_secret for generating
+ // NewSessionTicket messages. Only used when the alternative record
+ // layer is set. nil if config.SessionTicketsDisabled.
+ resumptionSecret []byte
+
+ // ticketKeys is the set of active session ticket keys for this
+ // connection. The first one is used to encrypt new tickets and
+ // all are tried to decrypt tickets.
+ ticketKeys []ticketKey
+
+ // clientFinishedIsFirst is true if the client sent the first Finished
+ // message during the most recent handshake. This is recorded because
+ // the first transmitted Finished message is the tls-unique
+ // channel-binding value.
+ clientFinishedIsFirst bool
+
+ // closeNotifyErr is any error from sending the alertCloseNotify record.
+ closeNotifyErr error
+ // closeNotifySent is true if the Conn attempted to send an
+ // alertCloseNotify record.
+ closeNotifySent bool
+
+ // clientFinished and serverFinished contain the Finished message sent
+ // by the client or server in the most recent handshake. This is
+ // retained to support the renegotiation extension and tls-unique
+ // channel-binding.
+ clientFinished [12]byte
+ serverFinished [12]byte
+
+ // clientProtocol is the negotiated ALPN protocol.
+ clientProtocol string
+
+ // input/output
+ in, out halfConn
+ rawInput bytes.Buffer // raw input, starting with a record header
+ input bytes.Reader // application data waiting to be read, from rawInput.Next
+ hand bytes.Buffer // handshake data waiting to be read
+ buffering bool // whether records are buffered in sendBuf
+ sendBuf []byte // a buffer of records waiting to be sent
+
+ // bytesSent counts the bytes of application data sent.
+ // packetsSent counts packets.
+ bytesSent int64
+ packetsSent int64
+
+ // retryCount counts the number of consecutive non-advancing records
+ // received by Conn.readRecord. That is, records that neither advance the
+ // handshake, nor deliver application data. Protected by in.Mutex.
+ retryCount int
+
+ // activeCall is an atomic int32; the low bit is whether Close has
+ // been called. the rest of the bits are the number of goroutines
+ // in Conn.Write.
+ activeCall int32
+
+ used0RTT bool
+
+ tmp [16]byte
+}
+
+// Access to net.Conn methods.
+// Cannot just embed net.Conn because that would
+// export the struct field too.
+
+// LocalAddr returns the local network address.
+func (c *Conn) LocalAddr() net.Addr {
+ return c.conn.LocalAddr()
+}
+
+// RemoteAddr returns the remote network address.
+func (c *Conn) RemoteAddr() net.Addr {
+ return c.conn.RemoteAddr()
+}
+
+// SetDeadline sets the read and write deadlines associated with the connection.
+// A zero value for t means Read and Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetDeadline(t time.Time) error {
+ return c.conn.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline on the underlying connection.
+// A zero value for t means Read will not time out.
+func (c *Conn) SetReadDeadline(t time.Time) error {
+ return c.conn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline on the underlying connection.
+// A zero value for t means Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+ return c.conn.SetWriteDeadline(t)
+}
+
+// A halfConn represents one direction of the record layer
+// connection, either sending or receiving.
+type halfConn struct {
+ sync.Mutex
+
+ err error // first permanent error
+ version uint16 // protocol version
+ cipher interface{} // cipher algorithm
+ mac hash.Hash
+ seq [8]byte // 64-bit sequence number
+
+ scratchBuf [13]byte // to avoid allocs; interface method args escape
+
+ nextCipher interface{} // next encryption state
+ nextMac hash.Hash // next MAC algorithm
+
+ trafficSecret []byte // current TLS 1.3 traffic secret
+
+ setKeyCallback func(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+}
+
+type permanentError struct {
+ err net.Error
+}
+
+func (e *permanentError) Error() string { return e.err.Error() }
+func (e *permanentError) Unwrap() error { return e.err }
+func (e *permanentError) Timeout() bool { return e.err.Timeout() }
+func (e *permanentError) Temporary() bool { return false }
+
+func (hc *halfConn) setErrorLocked(err error) error {
+ if e, ok := err.(net.Error); ok {
+ hc.err = &permanentError{err: e}
+ } else {
+ hc.err = err
+ }
+ return hc.err
+}
+
+// prepareCipherSpec sets the encryption and MAC states
+// that a subsequent changeCipherSpec will use.
+func (hc *halfConn) prepareCipherSpec(version uint16, cipher interface{}, mac hash.Hash) {
+ hc.version = version
+ hc.nextCipher = cipher
+ hc.nextMac = mac
+}
+
+// changeCipherSpec changes the encryption and MAC states
+// to the ones previously passed to prepareCipherSpec.
+func (hc *halfConn) changeCipherSpec() error {
+ if hc.nextCipher == nil || hc.version == VersionTLS13 {
+ return alertInternalError
+ }
+ hc.cipher = hc.nextCipher
+ hc.mac = hc.nextMac
+ hc.nextCipher = nil
+ hc.nextMac = nil
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+ return nil
+}
+
+func (hc *halfConn) exportKey(encLevel EncryptionLevel, suite *cipherSuiteTLS13, trafficSecret []byte) {
+ if hc.setKeyCallback != nil {
+ s := &CipherSuiteTLS13{
+ ID: suite.id,
+ KeyLen: suite.keyLen,
+ Hash: suite.hash,
+ AEAD: func(key, fixedNonce []byte) cipher.AEAD { return suite.aead(key, fixedNonce) },
+ }
+ hc.setKeyCallback(encLevel, s, trafficSecret)
+ }
+}
+
+func (hc *halfConn) setTrafficSecret(suite *cipherSuiteTLS13, secret []byte) {
+ hc.trafficSecret = secret
+ key, iv := suite.trafficKey(secret)
+ hc.cipher = suite.aead(key, iv)
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+}
+
+// incSeq increments the sequence number.
+func (hc *halfConn) incSeq() {
+ for i := 7; i >= 0; i-- {
+ hc.seq[i]++
+ if hc.seq[i] != 0 {
+ return
+ }
+ }
+
+ // Not allowed to let sequence number wrap.
+ // Instead, must renegotiate before it does.
+ // Not likely enough to bother.
+ panic("TLS: sequence number wraparound")
+}
+
+// explicitNonceLen returns the number of bytes of explicit nonce or IV included
+// in each record. Explicit nonces are present only in CBC modes after TLS 1.0
+// and in certain AEAD modes in TLS 1.2.
+func (hc *halfConn) explicitNonceLen() int {
+ if hc.cipher == nil {
+ return 0
+ }
+
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ return 0
+ case aead:
+ return c.explicitNonceLen()
+ case cbcMode:
+ // TLS 1.1 introduced a per-record explicit IV to fix the BEAST attack.
+ if hc.version >= VersionTLS11 {
+ return c.BlockSize()
+ }
+ return 0
+ default:
+ panic("unknown cipher type")
+ }
+}
+
+// extractPadding returns, in constant time, the length of the padding to remove
+// from the end of payload. It also returns a byte which is equal to 255 if the
+// padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2.
+func extractPadding(payload []byte) (toRemove int, good byte) {
+ if len(payload) < 1 {
+ return 0, 0
+ }
+
+ paddingLen := payload[len(payload)-1]
+ t := uint(len(payload)-1) - uint(paddingLen)
+ // if len(payload) >= (paddingLen - 1) then the MSB of t is zero
+ good = byte(int32(^t) >> 31)
+
+ // The maximum possible padding length plus the actual length field
+ toCheck := 256
+ // The length of the padded data is public, so we can use an if here
+ if toCheck > len(payload) {
+ toCheck = len(payload)
+ }
+
+ for i := 0; i < toCheck; i++ {
+ t := uint(paddingLen) - uint(i)
+ // if i <= paddingLen then the MSB of t is zero
+ mask := byte(int32(^t) >> 31)
+ b := payload[len(payload)-1-i]
+ good &^= mask&paddingLen ^ mask&b
+ }
+
+ // We AND together the bits of good and replicate the result across
+ // all the bits.
+ good &= good << 4
+ good &= good << 2
+ good &= good << 1
+ good = uint8(int8(good) >> 7)
+
+ // Zero the padding length on error. This ensures any unchecked bytes
+ // are included in the MAC. Otherwise, an attacker that could
+ // distinguish MAC failures from padding failures could mount an attack
+ // similar to POODLE in SSL 3.0: given a good ciphertext that uses a
+ // full block's worth of padding, replace the final block with another
+ // block. If the MAC check passed but the padding check failed, the
+ // last byte of that block decrypted to the block size.
+ //
+ // See also macAndPaddingGood logic below.
+ paddingLen &= good
+
+ toRemove = int(paddingLen) + 1
+ return
+}
+
+func roundUp(a, b int) int {
+ return a + (b-a%b)%b
+}
+
+// cbcMode is an interface for block ciphers using cipher block chaining.
+type cbcMode interface {
+ cipher.BlockMode
+ SetIV([]byte)
+}
+
+// decrypt authenticates and decrypts the record if protection is active at
+// this stage. The returned plaintext might overlap with the input.
+func (hc *halfConn) decrypt(record []byte) ([]byte, recordType, error) {
+ var plaintext []byte
+ typ := recordType(record[0])
+ payload := record[recordHeaderLen:]
+
+ // In TLS 1.3, change_cipher_spec messages are to be ignored without being
+ // decrypted. See RFC 8446, Appendix D.4.
+ if hc.version == VersionTLS13 && typ == recordTypeChangeCipherSpec {
+ return payload, typ, nil
+ }
+
+ paddingGood := byte(255)
+ paddingLen := 0
+
+ explicitNonceLen := hc.explicitNonceLen()
+
+ if hc.cipher != nil {
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ c.XORKeyStream(payload, payload)
+ case aead:
+ if len(payload) < explicitNonceLen {
+ return nil, 0, alertBadRecordMAC
+ }
+ nonce := payload[:explicitNonceLen]
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+ payload = payload[explicitNonceLen:]
+
+ var additionalData []byte
+ if hc.version == VersionTLS13 {
+ additionalData = record[:recordHeaderLen]
+ } else {
+ additionalData = append(hc.scratchBuf[:0], hc.seq[:]...)
+ additionalData = append(additionalData, record[:3]...)
+ n := len(payload) - c.Overhead()
+ additionalData = append(additionalData, byte(n>>8), byte(n))
+ }
+
+ var err error
+ plaintext, err = c.Open(payload[:0], nonce, payload, additionalData)
+ if err != nil {
+ return nil, 0, alertBadRecordMAC
+ }
+ case cbcMode:
+ blockSize := c.BlockSize()
+ minPayload := explicitNonceLen + roundUp(hc.mac.Size()+1, blockSize)
+ if len(payload)%blockSize != 0 || len(payload) < minPayload {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ if explicitNonceLen > 0 {
+ c.SetIV(payload[:explicitNonceLen])
+ payload = payload[explicitNonceLen:]
+ }
+ c.CryptBlocks(payload, payload)
+
+ // In a limited attempt to protect against CBC padding oracles like
+ // Lucky13, the data past paddingLen (which is secret) is passed to
+ // the MAC function as extra data, to be fed into the HMAC after
+ // computing the digest. This makes the MAC roughly constant time as
+ // long as the digest computation is constant time and does not
+ // affect the subsequent write, modulo cache effects.
+ paddingLen, paddingGood = extractPadding(payload)
+ default:
+ panic("unknown cipher type")
+ }
+
+ if hc.version == VersionTLS13 {
+ if typ != recordTypeApplicationData {
+ return nil, 0, alertUnexpectedMessage
+ }
+ if len(plaintext) > maxPlaintext+1 {
+ return nil, 0, alertRecordOverflow
+ }
+ // Remove padding and find the ContentType scanning from the end.
+ for i := len(plaintext) - 1; i >= 0; i-- {
+ if plaintext[i] != 0 {
+ typ = recordType(plaintext[i])
+ plaintext = plaintext[:i]
+ break
+ }
+ if i == 0 {
+ return nil, 0, alertUnexpectedMessage
+ }
+ }
+ }
+ } else {
+ plaintext = payload
+ }
+
+ if hc.mac != nil {
+ macSize := hc.mac.Size()
+ if len(payload) < macSize {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ n := len(payload) - macSize - paddingLen
+ n = subtle.ConstantTimeSelect(int(uint32(n)>>31), 0, n) // if n < 0 { n = 0 }
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ remoteMAC := payload[n : n+macSize]
+ localMAC := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload[:n], payload[n+macSize:])
+
+ // This is equivalent to checking the MACs and paddingGood
+ // separately, but in constant-time to prevent distinguishing
+ // padding failures from MAC failures. Depending on what value
+ // of paddingLen was returned on bad padding, distinguishing
+ // bad MAC from bad padding can lead to an attack.
+ //
+ // See also the logic at the end of extractPadding.
+ macAndPaddingGood := subtle.ConstantTimeCompare(localMAC, remoteMAC) & int(paddingGood)
+ if macAndPaddingGood != 1 {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ plaintext = payload[:n]
+ }
+
+ hc.incSeq()
+ return plaintext, typ, nil
+}
+
+func (c *Conn) setAlternativeRecordLayer() {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.in.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetReadKey
+ c.out.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetWriteKey
+ }
+}
+
+// sliceForAppend extends the input slice by n bytes. head is the full extended
+// slice, while tail is the appended part. If the original slice has sufficient
+// capacity no allocation is performed.
+func sliceForAppend(in []byte, n int) (head, tail []byte) {
+ if total := len(in) + n; cap(in) >= total {
+ head = in[:total]
+ } else {
+ head = make([]byte, total)
+ copy(head, in)
+ }
+ tail = head[len(in):]
+ return
+}
+
+// encrypt encrypts payload, adding the appropriate nonce and/or MAC, and
+// appends it to record, which must already contain the record header.
+func (hc *halfConn) encrypt(record, payload []byte, rand io.Reader) ([]byte, error) {
+ if hc.cipher == nil {
+ return append(record, payload...), nil
+ }
+
+ var explicitNonce []byte
+ if explicitNonceLen := hc.explicitNonceLen(); explicitNonceLen > 0 {
+ record, explicitNonce = sliceForAppend(record, explicitNonceLen)
+ if _, isCBC := hc.cipher.(cbcMode); !isCBC && explicitNonceLen < 16 {
+ // The AES-GCM construction in TLS has an explicit nonce so that the
+ // nonce can be random. However, the nonce is only 8 bytes which is
+ // too small for a secure, random nonce. Therefore we use the
+ // sequence number as the nonce. The 3DES-CBC construction also has
+ // an 8 bytes nonce but its nonces must be unpredictable (see RFC
+ // 5246, Appendix F.3), forcing us to use randomness. That's not
+ // 3DES' biggest problem anyway because the birthday bound on block
+ // collision is reached first due to its similarly small block size
+ // (see the Sweet32 attack).
+ copy(explicitNonce, hc.seq[:])
+ } else {
+ if _, err := io.ReadFull(rand, explicitNonce); err != nil {
+ return nil, err
+ }
+ }
+ }
+
+ var dst []byte
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ mac := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload, nil)
+ record, dst = sliceForAppend(record, len(payload)+len(mac))
+ c.XORKeyStream(dst[:len(payload)], payload)
+ c.XORKeyStream(dst[len(payload):], mac)
+ case aead:
+ nonce := explicitNonce
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+
+ if hc.version == VersionTLS13 {
+ record = append(record, payload...)
+
+ // Encrypt the actual ContentType and replace the plaintext one.
+ record = append(record, record[0])
+ record[0] = byte(recordTypeApplicationData)
+
+ n := len(payload) + 1 + c.Overhead()
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+
+ record = c.Seal(record[:recordHeaderLen],
+ nonce, record[recordHeaderLen:], record[:recordHeaderLen])
+ } else {
+ additionalData := append(hc.scratchBuf[:0], hc.seq[:]...)
+ additionalData = append(additionalData, record[:recordHeaderLen]...)
+ record = c.Seal(record, nonce, payload, additionalData)
+ }
+ case cbcMode:
+ mac := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload, nil)
+ blockSize := c.BlockSize()
+ plaintextLen := len(payload) + len(mac)
+ paddingLen := blockSize - plaintextLen%blockSize
+ record, dst = sliceForAppend(record, plaintextLen+paddingLen)
+ copy(dst, payload)
+ copy(dst[len(payload):], mac)
+ for i := plaintextLen; i < len(dst); i++ {
+ dst[i] = byte(paddingLen - 1)
+ }
+ if len(explicitNonce) > 0 {
+ c.SetIV(explicitNonce)
+ }
+ c.CryptBlocks(dst, dst)
+ default:
+ panic("unknown cipher type")
+ }
+
+ // Update length to include nonce, MAC and any block padding needed.
+ n := len(record) - recordHeaderLen
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ hc.incSeq()
+
+ return record, nil
+}
+
+// RecordHeaderError is returned when a TLS record header is invalid.
+type RecordHeaderError struct {
+ // Msg contains a human readable string that describes the error.
+ Msg string
+ // RecordHeader contains the five bytes of TLS record header that
+ // triggered the error.
+ RecordHeader [5]byte
+ // Conn provides the underlying net.Conn in the case that a client
+ // sent an initial handshake that didn't look like TLS.
+ // It is nil if there's already been a handshake or a TLS alert has
+ // been written to the connection.
+ Conn net.Conn
+}
+
+func (e RecordHeaderError) Error() string { return "tls: " + e.Msg }
+
+func (c *Conn) newRecordHeaderError(conn net.Conn, msg string) (err RecordHeaderError) {
+ err.Msg = msg
+ err.Conn = conn
+ copy(err.RecordHeader[:], c.rawInput.Bytes())
+ return err
+}
+
+func (c *Conn) readRecord() error {
+ return c.readRecordOrCCS(false)
+}
+
+func (c *Conn) readChangeCipherSpec() error {
+ return c.readRecordOrCCS(true)
+}
+
+// readRecordOrCCS reads one or more TLS records from the connection and
+// updates the record layer state. Some invariants:
+// * c.in must be locked
+// * c.input must be empty
+// During the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.in.changeCipherSpec is called
+// - an error is returned
+// After the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.input is set
+// - an error is returned
+func (c *Conn) readRecordOrCCS(expectChangeCipherSpec bool) error {
+ if c.in.err != nil {
+ return c.in.err
+ }
+ handshakeComplete := c.handshakeComplete()
+
+ // This function modifies c.rawInput, which owns the c.input memory.
+ if c.input.Len() != 0 {
+ return c.in.setErrorLocked(errors.New("tls: internal error: attempted to read record with pending application data"))
+ }
+ c.input.Reset(nil)
+
+ // Read header, payload.
+ if err := c.readFromUntil(c.conn, recordHeaderLen); err != nil {
+ // RFC 8446, Section 6.1 suggests that EOF without an alertCloseNotify
+ // is an error, but popular web sites seem to do this, so we accept it
+ // if and only if at the record boundary.
+ if err == io.ErrUnexpectedEOF && c.rawInput.Len() == 0 {
+ err = io.EOF
+ }
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+ hdr := c.rawInput.Bytes()[:recordHeaderLen]
+ typ := recordType(hdr[0])
+
+ // No valid TLS record has a type of 0x80, however SSLv2 handshakes
+ // start with a uint16 length where the MSB is set and the first record
+ // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests
+ // an SSLv2 client.
+ if !handshakeComplete && typ == 0x80 {
+ c.sendAlert(alertProtocolVersion)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, "unsupported SSLv2 handshake received"))
+ }
+
+ vers := uint16(hdr[1])<<8 | uint16(hdr[2])
+ n := int(hdr[3])<<8 | int(hdr[4])
+ if c.haveVers && c.vers != VersionTLS13 && vers != c.vers {
+ c.sendAlert(alertProtocolVersion)
+ msg := fmt.Sprintf("received record with version %x when expecting version %x", vers, c.vers)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if !c.haveVers {
+ // First message, be extra suspicious: this might not be a TLS
+ // client. Bail out before reading a full 'body', if possible.
+ // The current max version is 3.3 so if the version is >= 16.0,
+ // it's probably not real.
+ if (typ != recordTypeAlert && typ != recordTypeHandshake) || vers >= 0x1000 {
+ return c.in.setErrorLocked(c.newRecordHeaderError(c.conn, "first record does not look like a TLS handshake"))
+ }
+ }
+ if c.vers == VersionTLS13 && n > maxCiphertextTLS13 || n > maxCiphertext {
+ c.sendAlert(alertRecordOverflow)
+ msg := fmt.Sprintf("oversized record received with length %d", n)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if err := c.readFromUntil(c.conn, recordHeaderLen+n); err != nil {
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+
+ // Process message.
+ record := c.rawInput.Next(recordHeaderLen + n)
+ data, typ, err := c.in.decrypt(record)
+ if err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+ if len(data) > maxPlaintext {
+ return c.in.setErrorLocked(c.sendAlert(alertRecordOverflow))
+ }
+
+ // Application Data messages are always protected.
+ if c.in.cipher == nil && typ == recordTypeApplicationData {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ if typ != recordTypeAlert && typ != recordTypeChangeCipherSpec && len(data) > 0 {
+ // This is a state-advancing message: reset the retry count.
+ c.retryCount = 0
+ }
+
+ // Handshake messages MUST NOT be interleaved with other record types in TLS 1.3.
+ if c.vers == VersionTLS13 && typ != recordTypeHandshake && c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ switch typ {
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+
+ case recordTypeAlert:
+ if len(data) != 2 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if alert(data[1]) == alertCloseNotify {
+ return c.in.setErrorLocked(io.EOF)
+ }
+ if c.vers == VersionTLS13 {
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ }
+ switch data[0] {
+ case alertLevelWarning:
+ // Drop the record on the floor and retry.
+ return c.retryReadRecord(expectChangeCipherSpec)
+ case alertLevelError:
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ case recordTypeChangeCipherSpec:
+ if len(data) != 1 || data[0] != 1 {
+ return c.in.setErrorLocked(c.sendAlert(alertDecodeError))
+ }
+ // Handshake messages are not allowed to fragment across the CCS.
+ if c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // In TLS 1.3, change_cipher_spec records are ignored until the
+ // Finished. See RFC 8446, Appendix D.4. Note that according to Section
+ // 5, a server can send a ChangeCipherSpec before its ServerHello, when
+ // c.vers is still unset. That's not useful though and suspicious if the
+ // server then selects a lower protocol version, so don't allow that.
+ if c.vers == VersionTLS13 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ if !expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if err := c.in.changeCipherSpec(); err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+
+ case recordTypeApplicationData:
+ if !handshakeComplete || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // Some OpenSSL servers send empty records in order to randomize the
+ // CBC IV. Ignore a limited number of empty records.
+ if len(data) == 0 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ // Note that data is owned by c.rawInput, following the Next call above,
+ // to avoid copying the plaintext. This is safe because c.rawInput is
+ // not read from or written to until c.input is drained.
+ c.input.Reset(data)
+
+ case recordTypeHandshake:
+ if len(data) == 0 || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ c.hand.Write(data)
+ }
+
+ return nil
+}
+
+// retryReadRecord recurses into readRecordOrCCS to drop a non-advancing record, like
+// a warning alert, empty application_data, or a change_cipher_spec in TLS 1.3.
+func (c *Conn) retryReadRecord(expectChangeCipherSpec bool) error {
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many ignored records"))
+ }
+ return c.readRecordOrCCS(expectChangeCipherSpec)
+}
+
+// atLeastReader reads from R, stopping with EOF once at least N bytes have been
+// read. It is different from an io.LimitedReader in that it doesn't cut short
+// the last Read call, and in that it considers an early EOF an error.
+type atLeastReader struct {
+ R io.Reader
+ N int64
+}
+
+func (r *atLeastReader) Read(p []byte) (int, error) {
+ if r.N <= 0 {
+ return 0, io.EOF
+ }
+ n, err := r.R.Read(p)
+ r.N -= int64(n) // won't underflow unless len(p) >= n > 9223372036854775809
+ if r.N > 0 && err == io.EOF {
+ return n, io.ErrUnexpectedEOF
+ }
+ if r.N <= 0 && err == nil {
+ return n, io.EOF
+ }
+ return n, err
+}
+
+// readFromUntil reads from r into c.rawInput until c.rawInput contains
+// at least n bytes or else returns an error.
+func (c *Conn) readFromUntil(r io.Reader, n int) error {
+ if c.rawInput.Len() >= n {
+ return nil
+ }
+ needs := n - c.rawInput.Len()
+ // There might be extra input waiting on the wire. Make a best effort
+ // attempt to fetch it so that it can be used in (*Conn).Read to
+ // "predict" closeNotify alerts.
+ c.rawInput.Grow(needs + bytes.MinRead)
+ _, err := c.rawInput.ReadFrom(&atLeastReader{r, int64(needs)})
+ return err
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlertLocked(err alert) error {
+ switch err {
+ case alertNoRenegotiation, alertCloseNotify:
+ c.tmp[0] = alertLevelWarning
+ default:
+ c.tmp[0] = alertLevelError
+ }
+ c.tmp[1] = byte(err)
+
+ _, writeErr := c.writeRecordLocked(recordTypeAlert, c.tmp[0:2])
+ if err == alertCloseNotify {
+ // closeNotify is a special case in that it isn't an error.
+ return writeErr
+ }
+
+ return c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err})
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlert(err alert) error {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.extraConfig.AlternativeRecordLayer.SendAlert(uint8(err))
+ return &net.OpError{Op: "local error", Err: err}
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+ return c.sendAlertLocked(err)
+}
+
+const (
+ // tcpMSSEstimate is a conservative estimate of the TCP maximum segment
+ // size (MSS). A constant is used, rather than querying the kernel for
+ // the actual MSS, to avoid complexity. The value here is the IPv6
+ // minimum MTU (1280 bytes) minus the overhead of an IPv6 header (40
+ // bytes) and a TCP header with timestamps (32 bytes).
+ tcpMSSEstimate = 1208
+
+ // recordSizeBoostThreshold is the number of bytes of application data
+ // sent after which the TLS record size will be increased to the
+ // maximum.
+ recordSizeBoostThreshold = 128 * 1024
+)
+
+// maxPayloadSizeForWrite returns the maximum TLS payload size to use for the
+// next application data record. There is the following trade-off:
+//
+// - For latency-sensitive applications, such as web browsing, each TLS
+// record should fit in one TCP segment.
+// - For throughput-sensitive applications, such as large file transfers,
+// larger TLS records better amortize framing and encryption overheads.
+//
+// A simple heuristic that works well in practice is to use small records for
+// the first 1MB of data, then use larger records for subsequent data, and
+// reset back to smaller records after the connection becomes idle. See "High
+// Performance Web Networking", Chapter 4, or:
+// https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/
+//
+// In the interests of simplicity and determinism, this code does not attempt
+// to reset the record size once the connection is idle, however.
+func (c *Conn) maxPayloadSizeForWrite(typ recordType) int {
+ if c.config.DynamicRecordSizingDisabled || typ != recordTypeApplicationData {
+ return maxPlaintext
+ }
+
+ if c.bytesSent >= recordSizeBoostThreshold {
+ return maxPlaintext
+ }
+
+ // Subtract TLS overheads to get the maximum payload size.
+ payloadBytes := tcpMSSEstimate - recordHeaderLen - c.out.explicitNonceLen()
+ if c.out.cipher != nil {
+ switch ciph := c.out.cipher.(type) {
+ case cipher.Stream:
+ payloadBytes -= c.out.mac.Size()
+ case cipher.AEAD:
+ payloadBytes -= ciph.Overhead()
+ case cbcMode:
+ blockSize := ciph.BlockSize()
+ // The payload must fit in a multiple of blockSize, with
+ // room for at least one padding byte.
+ payloadBytes = (payloadBytes & ^(blockSize - 1)) - 1
+ // The MAC is appended before padding so affects the
+ // payload size directly.
+ payloadBytes -= c.out.mac.Size()
+ default:
+ panic("unknown cipher type")
+ }
+ }
+ if c.vers == VersionTLS13 {
+ payloadBytes-- // encrypted ContentType
+ }
+
+ // Allow packet growth in arithmetic progression up to max.
+ pkt := c.packetsSent
+ c.packetsSent++
+ if pkt > 1000 {
+ return maxPlaintext // avoid overflow in multiply below
+ }
+
+ n := payloadBytes * int(pkt+1)
+ if n > maxPlaintext {
+ n = maxPlaintext
+ }
+ return n
+}
+
+func (c *Conn) write(data []byte) (int, error) {
+ if c.buffering {
+ c.sendBuf = append(c.sendBuf, data...)
+ return len(data), nil
+ }
+
+ n, err := c.conn.Write(data)
+ c.bytesSent += int64(n)
+ return n, err
+}
+
+func (c *Conn) flush() (int, error) {
+ if len(c.sendBuf) == 0 {
+ return 0, nil
+ }
+
+ n, err := c.conn.Write(c.sendBuf)
+ c.bytesSent += int64(n)
+ c.sendBuf = nil
+ c.buffering = false
+ return n, err
+}
+
+// outBufPool pools the record-sized scratch buffers used by writeRecordLocked.
+var outBufPool = sync.Pool{
+ New: func() interface{} {
+ return new([]byte)
+ },
+}
+
+// writeRecordLocked writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecordLocked(typ recordType, data []byte) (int, error) {
+ outBufPtr := outBufPool.Get().(*[]byte)
+ outBuf := *outBufPtr
+ defer func() {
+ // You might be tempted to simplify this by just passing &outBuf to Put,
+ // but that would make the local copy of the outBuf slice header escape
+ // to the heap, causing an allocation. Instead, we keep around the
+ // pointer to the slice header returned by Get, which is already on the
+ // heap, and overwrite and return that.
+ *outBufPtr = outBuf
+ outBufPool.Put(outBufPtr)
+ }()
+
+ var n int
+ for len(data) > 0 {
+ m := len(data)
+ if maxPayload := c.maxPayloadSizeForWrite(typ); m > maxPayload {
+ m = maxPayload
+ }
+
+ _, outBuf = sliceForAppend(outBuf[:0], recordHeaderLen)
+ outBuf[0] = byte(typ)
+ vers := c.vers
+ if vers == 0 {
+ // Some TLS servers fail if the record version is
+ // greater than TLS 1.0 for the initial ClientHello.
+ vers = VersionTLS10
+ } else if vers == VersionTLS13 {
+ // TLS 1.3 froze the record layer version to 1.2.
+ // See RFC 8446, Section 5.1.
+ vers = VersionTLS12
+ }
+ outBuf[1] = byte(vers >> 8)
+ outBuf[2] = byte(vers)
+ outBuf[3] = byte(m >> 8)
+ outBuf[4] = byte(m)
+
+ var err error
+ outBuf, err = c.out.encrypt(outBuf, data[:m], c.config.rand())
+ if err != nil {
+ return n, err
+ }
+ if _, err := c.write(outBuf); err != nil {
+ return n, err
+ }
+ n += m
+ data = data[m:]
+ }
+
+ if typ == recordTypeChangeCipherSpec && c.vers != VersionTLS13 {
+ if err := c.out.changeCipherSpec(); err != nil {
+ return n, c.sendAlertLocked(err.(alert))
+ }
+ }
+
+ return n, nil
+}
+
+// writeRecord writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecord(typ recordType, data []byte) (int, error) {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ if typ == recordTypeChangeCipherSpec {
+ return len(data), nil
+ }
+ return c.extraConfig.AlternativeRecordLayer.WriteRecord(data)
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ return c.writeRecordLocked(typ, data)
+}
+
+// readHandshake reads the next handshake message from
+// the record layer.
+func (c *Conn) readHandshake() (interface{}, error) {
+ var data []byte
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ var err error
+ data, err = c.extraConfig.AlternativeRecordLayer.ReadHandshakeMessage()
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ for c.hand.Len() < 4 {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+
+ data = c.hand.Bytes()
+ n := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if n > maxHandshake {
+ c.sendAlertLocked(alertInternalError)
+ return nil, c.in.setErrorLocked(fmt.Errorf("tls: handshake message of length %d bytes exceeds maximum of %d bytes", n, maxHandshake))
+ }
+ for c.hand.Len() < 4+n {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+ data = c.hand.Next(4 + n)
+ }
+ var m handshakeMessage
+ switch data[0] {
+ case typeHelloRequest:
+ m = new(helloRequestMsg)
+ case typeClientHello:
+ m = new(clientHelloMsg)
+ case typeServerHello:
+ m = new(serverHelloMsg)
+ case typeNewSessionTicket:
+ if c.vers == VersionTLS13 {
+ m = new(newSessionTicketMsgTLS13)
+ } else {
+ m = new(newSessionTicketMsg)
+ }
+ case typeCertificate:
+ if c.vers == VersionTLS13 {
+ m = new(certificateMsgTLS13)
+ } else {
+ m = new(certificateMsg)
+ }
+ case typeCertificateRequest:
+ if c.vers == VersionTLS13 {
+ m = new(certificateRequestMsgTLS13)
+ } else {
+ m = &certificateRequestMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ }
+ case typeCertificateStatus:
+ m = new(certificateStatusMsg)
+ case typeServerKeyExchange:
+ m = new(serverKeyExchangeMsg)
+ case typeServerHelloDone:
+ m = new(serverHelloDoneMsg)
+ case typeClientKeyExchange:
+ m = new(clientKeyExchangeMsg)
+ case typeCertificateVerify:
+ m = &certificateVerifyMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ case typeFinished:
+ m = new(finishedMsg)
+ case typeEncryptedExtensions:
+ m = new(encryptedExtensionsMsg)
+ case typeEndOfEarlyData:
+ m = new(endOfEarlyDataMsg)
+ case typeKeyUpdate:
+ m = new(keyUpdateMsg)
+ default:
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ // The handshake message unmarshalers
+ // expect to be able to keep references to data,
+ // so pass in a fresh copy that won't be overwritten.
+ data = append([]byte(nil), data...)
+
+ if !m.unmarshal(data) {
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ return m, nil
+}
+
+var (
+ errShutdown = errors.New("tls: protocol is shutdown")
+)
+
+// Write writes data to the connection.
+//
+// As Write calls Handshake, in order to prevent indefinite blocking a deadline
+// must be set for both Read and Write before Write is called when the handshake
+// has not yet completed. See SetDeadline, SetReadDeadline, and
+// SetWriteDeadline.
+func (c *Conn) Write(b []byte) (int, error) {
+ // interlock with Close below
+ for {
+ x := atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return 0, net.ErrClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x+2) {
+ break
+ }
+ }
+ defer atomic.AddInt32(&c.activeCall, -2)
+
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if err := c.out.err; err != nil {
+ return 0, err
+ }
+
+ if !c.handshakeComplete() {
+ return 0, alertInternalError
+ }
+
+ if c.closeNotifySent {
+ return 0, errShutdown
+ }
+
+ // TLS 1.0 is susceptible to a chosen-plaintext
+ // attack when using block mode ciphers due to predictable IVs.
+ // This can be prevented by splitting each Application Data
+ // record into two records, effectively randomizing the IV.
+ //
+ // https://www.openssl.org/~bodo/tls-cbc.txt
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=665814
+ // https://www.imperialviolet.org/2012/01/15/beastfollowup.html
+
+ var m int
+ if len(b) > 1 && c.vers == VersionTLS10 {
+ if _, ok := c.out.cipher.(cipher.BlockMode); ok {
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b[:1])
+ if err != nil {
+ return n, c.out.setErrorLocked(err)
+ }
+ m, b = 1, b[1:]
+ }
+ }
+
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b)
+ return n + m, c.out.setErrorLocked(err)
+}
+
+// handleRenegotiation processes a HelloRequest handshake message.
+func (c *Conn) handleRenegotiation() error {
+ if c.vers == VersionTLS13 {
+ return errors.New("tls: internal error: unexpected renegotiation")
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ helloReq, ok := msg.(*helloRequestMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(helloReq, msg)
+ }
+
+ if !c.isClient {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+
+ switch c.config.Renegotiation {
+ case RenegotiateNever:
+ return c.sendAlert(alertNoRenegotiation)
+ case RenegotiateOnceAsClient:
+ if c.handshakes > 1 {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+ case RenegotiateFreelyAsClient:
+ // Ok.
+ default:
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: unknown Renegotiation value")
+ }
+
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ atomic.StoreUint32(&c.handshakeStatus, 0)
+ if c.handshakeErr = c.clientHandshake(); c.handshakeErr == nil {
+ c.handshakes++
+ }
+ return c.handshakeErr
+}
+
+func (c *Conn) HandlePostHandshakeMessage() error {
+ return c.handlePostHandshakeMessage()
+}
+
+// handlePostHandshakeMessage processes a handshake message arrived after the
+// handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation.
+func (c *Conn) handlePostHandshakeMessage() error {
+ if c.vers != VersionTLS13 {
+ return c.handleRenegotiation()
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many non-advancing records"))
+ }
+
+ switch msg := msg.(type) {
+ case *newSessionTicketMsgTLS13:
+ return c.handleNewSessionTicket(msg)
+ case *keyUpdateMsg:
+ return c.handleKeyUpdate(msg)
+ default:
+ c.sendAlert(alertUnexpectedMessage)
+ return fmt.Errorf("tls: received unexpected handshake message of type %T", msg)
+ }
+}
+
+func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error {
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil {
+ return c.in.setErrorLocked(c.sendAlert(alertInternalError))
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.in.trafficSecret)
+ c.in.setTrafficSecret(cipherSuite, newSecret)
+
+ if keyUpdate.updateRequested {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ msg := &keyUpdateMsg{}
+ _, err := c.writeRecordLocked(recordTypeHandshake, msg.marshal())
+ if err != nil {
+ // Surface the error at the next write.
+ c.out.setErrorLocked(err)
+ return nil
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.out.trafficSecret)
+ c.out.setTrafficSecret(cipherSuite, newSecret)
+ }
+
+ return nil
+}
+
+// Read reads data from the connection.
+//
+// As Read calls Handshake, in order to prevent indefinite blocking a deadline
+// must be set for both Read and Write before Read is called when the handshake
+// has not yet completed. See SetDeadline, SetReadDeadline, and
+// SetWriteDeadline.
+func (c *Conn) Read(b []byte) (int, error) {
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+ if len(b) == 0 {
+ // Put this after Handshake, in case people were calling
+ // Read(nil) for the side effect of the Handshake.
+ return 0, nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ for c.input.Len() == 0 {
+ if err := c.readRecord(); err != nil {
+ return 0, err
+ }
+ for c.hand.Len() > 0 {
+ if err := c.handlePostHandshakeMessage(); err != nil {
+ return 0, err
+ }
+ }
+ }
+
+ n, _ := c.input.Read(b)
+
+ // If a close-notify alert is waiting, read it so that we can return (n,
+ // EOF) instead of (n, nil), to signal to the HTTP response reading
+ // goroutine that the connection is now closed. This eliminates a race
+ // where the HTTP response reading goroutine would otherwise not observe
+ // the EOF until its next read, by which time a client goroutine might
+ // have already tried to reuse the HTTP connection for a new request.
+ // See https://golang.org/cl/76400046 and https://golang.org/issue/3514
+ if n != 0 && c.input.Len() == 0 && c.rawInput.Len() > 0 &&
+ recordType(c.rawInput.Bytes()[0]) == recordTypeAlert {
+ if err := c.readRecord(); err != nil {
+ return n, err // will be io.EOF on closeNotify
+ }
+ }
+
+ return n, nil
+}
+
+// Close closes the connection.
+func (c *Conn) Close() error {
+ // Interlock with Conn.Write above.
+ var x int32
+ for {
+ x = atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return net.ErrClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x|1) {
+ break
+ }
+ }
+ if x != 0 {
+ // io.Writer and io.Closer should not be used concurrently.
+ // If Close is called while a Write is currently in-flight,
+ // interpret that as a sign that this Close is really just
+ // being used to break the Write and/or clean up resources and
+ // avoid sending the alertCloseNotify, which may block
+ // waiting on handshakeMutex or the c.out mutex.
+ return c.conn.Close()
+ }
+
+ var alertErr error
+ if c.handshakeComplete() {
+ if err := c.closeNotify(); err != nil {
+ alertErr = fmt.Errorf("tls: failed to send closeNotify alert (but connection was closed anyway): %w", err)
+ }
+ }
+
+ if err := c.conn.Close(); err != nil {
+ return err
+ }
+ return alertErr
+}
+
+var errEarlyCloseWrite = errors.New("tls: CloseWrite called before handshake complete")
+
+// CloseWrite shuts down the writing side of the connection. It should only be
+// called once the handshake has completed and does not call CloseWrite on the
+// underlying connection. Most callers should just use Close.
+func (c *Conn) CloseWrite() error {
+ if !c.handshakeComplete() {
+ return errEarlyCloseWrite
+ }
+
+ return c.closeNotify()
+}
+
+func (c *Conn) closeNotify() error {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if !c.closeNotifySent {
+ // Set a Write Deadline to prevent possibly blocking forever.
+ c.SetWriteDeadline(time.Now().Add(time.Second * 5))
+ c.closeNotifyErr = c.sendAlertLocked(alertCloseNotify)
+ c.closeNotifySent = true
+ // Any subsequent writes will fail.
+ c.SetWriteDeadline(time.Now())
+ }
+ return c.closeNotifyErr
+}
+
+// Handshake runs the client or server handshake
+// protocol if it has not yet been run.
+//
+// Most uses of this package need not call Handshake explicitly: the
+// first Read or Write will call it automatically.
+//
+// For control over canceling or setting a timeout on a handshake, use
+// the Dialer's DialContext method.
+func (c *Conn) Handshake() error {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ if err := c.handshakeErr; err != nil {
+ return err
+ }
+ if c.handshakeComplete() {
+ return nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ c.handshakeErr = c.handshakeFn()
+ if c.handshakeErr == nil {
+ c.handshakes++
+ } else {
+ // If an error occurred during the handshake try to flush the
+ // alert that might be left in the buffer.
+ c.flush()
+ }
+
+ if c.handshakeErr == nil && !c.handshakeComplete() {
+ c.handshakeErr = errors.New("tls: internal error: handshake should have had a result")
+ }
+
+ return c.handshakeErr
+}
+
+// ConnectionState returns basic TLS details about the connection.
+func (c *Conn) ConnectionState() ConnectionState {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return c.connectionStateLocked()
+}
+
+// ConnectionStateWith0RTT returns basic TLS details (incl. 0-RTT status) about the connection.
+func (c *Conn) ConnectionStateWith0RTT() ConnectionStateWith0RTT {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return ConnectionStateWith0RTT{
+ ConnectionState: c.connectionStateLocked(),
+ Used0RTT: c.used0RTT,
+ }
+}
+
+func (c *Conn) connectionStateLocked() ConnectionState {
+ var state connectionState
+ state.HandshakeComplete = c.handshakeComplete()
+ state.Version = c.vers
+ state.NegotiatedProtocol = c.clientProtocol
+ state.DidResume = c.didResume
+ state.NegotiatedProtocolIsMutual = true
+ state.ServerName = c.serverName
+ state.CipherSuite = c.cipherSuite
+ state.PeerCertificates = c.peerCertificates
+ state.VerifiedChains = c.verifiedChains
+ state.SignedCertificateTimestamps = c.scts
+ state.OCSPResponse = c.ocspResponse
+ if !c.didResume && c.vers != VersionTLS13 {
+ if c.clientFinishedIsFirst {
+ state.TLSUnique = c.clientFinished[:]
+ } else {
+ state.TLSUnique = c.serverFinished[:]
+ }
+ }
+ if c.config.Renegotiation != RenegotiateNever {
+ state.ekm = noExportedKeyingMaterial
+ } else {
+ state.ekm = c.ekm
+ }
+ return toConnectionState(state)
+}
+
+// OCSPResponse returns the stapled OCSP response from the TLS server, if
+// any. (Only valid for client connections.)
+func (c *Conn) OCSPResponse() []byte {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ return c.ocspResponse
+}
+
+// VerifyHostname checks that the peer certificate chain is valid for
+// connecting to host. If so, it returns nil; if not, it returns an error
+// describing the problem.
+func (c *Conn) VerifyHostname(host string) error {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ if !c.isClient {
+ return errors.New("tls: VerifyHostname called on TLS server connection")
+ }
+ if !c.handshakeComplete() {
+ return errors.New("tls: handshake has not yet been performed")
+ }
+ if len(c.verifiedChains) == 0 {
+ return errors.New("tls: handshake did not verify certificate chain")
+ }
+ return c.peerCertificates[0].VerifyHostname(host)
+}
+
+func (c *Conn) handshakeComplete() bool {
+ return atomic.LoadUint32(&c.handshakeStatus) == 1
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/go.mod b/vendor/github.com/marten-seemann/qtls-go1-16/go.mod
new file mode 100644
index 00000000..28c2c4c9
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/go.mod
@@ -0,0 +1,9 @@
+module github.com/marten-seemann/qtls-go1-16
+
+go 1.16
+
+require (
+ github.com/golang/mock v1.4.4
+ golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d
+ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/go.sum b/vendor/github.com/marten-seemann/qtls-go1-16/go.sum
new file mode 100644
index 00000000..c23ddd60
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/go.sum
@@ -0,0 +1,14 @@
+github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc=
+github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d h1:1ZiEyfaQIg3Qh0EoqpwAakHVhecoE5wlSg5GjnafJGw=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepxRw6jWvR5iDRdvjHgy8=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client.go b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client.go
new file mode 100644
index 00000000..a447061a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client.go
@@ -0,0 +1,1105 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "net"
+ "strings"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+const clientSessionStateVersion = 1
+
+type clientHandshakeState struct {
+ c *Conn
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ suite *cipherSuite
+ finishedHash finishedHash
+ masterSecret []byte
+ session *clientSessionState
+}
+
+func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
+ config := c.config
+ if len(config.ServerName) == 0 && !config.InsecureSkipVerify {
+ return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config")
+ }
+
+ nextProtosLength := 0
+ for _, proto := range config.NextProtos {
+ if l := len(proto); l == 0 || l > 255 {
+ return nil, nil, errors.New("tls: invalid NextProtos value")
+ } else {
+ nextProtosLength += 1 + l
+ }
+ }
+ if nextProtosLength > 0xffff {
+ return nil, nil, errors.New("tls: NextProtos values too large")
+ }
+
+ var supportedVersions []uint16
+ var clientHelloVersion uint16
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ if config.maxSupportedVersion() < VersionTLS13 {
+ return nil, nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ // Only offer TLS 1.3 when QUIC is used.
+ supportedVersions = []uint16{VersionTLS13}
+ clientHelloVersion = VersionTLS13
+ } else {
+ supportedVersions = config.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return nil, nil, errors.New("tls: no supported versions satisfy MinVersion and MaxVersion")
+ }
+ clientHelloVersion = config.maxSupportedVersion()
+ }
+
+ // The version at the beginning of the ClientHello was capped at TLS 1.2
+ // for compatibility reasons. The supported_versions extension is used
+ // to negotiate versions now. See RFC 8446, Section 4.2.1.
+ if clientHelloVersion > VersionTLS12 {
+ clientHelloVersion = VersionTLS12
+ }
+
+ hello := &clientHelloMsg{
+ vers: clientHelloVersion,
+ compressionMethods: []uint8{compressionNone},
+ random: make([]byte, 32),
+ ocspStapling: true,
+ scts: true,
+ serverName: hostnameInSNI(config.ServerName),
+ supportedCurves: config.curvePreferences(),
+ supportedPoints: []uint8{pointFormatUncompressed},
+ secureRenegotiationSupported: true,
+ alpnProtocols: config.NextProtos,
+ supportedVersions: supportedVersions,
+ }
+
+ if c.handshakes > 0 {
+ hello.secureRenegotiation = c.clientFinished[:]
+ }
+
+ possibleCipherSuites := config.cipherSuites()
+ hello.cipherSuites = make([]uint16, 0, len(possibleCipherSuites))
+
+ // add non-TLS 1.3 cipher suites
+ if c.config.MinVersion <= VersionTLS12 {
+ for _, suiteId := range possibleCipherSuites {
+ for _, suite := range cipherSuites {
+ if suite.id != suiteId {
+ continue
+ }
+ // Don't advertise TLS 1.2-only cipher suites unless
+ // we're attempting TLS 1.2.
+ if hello.vers < VersionTLS12 && suite.flags&suiteTLS12 != 0 {
+ break
+ }
+ hello.cipherSuites = append(hello.cipherSuites, suiteId)
+ break
+ }
+ }
+ }
+
+ _, err := io.ReadFull(config.rand(), hello.random)
+ if err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+
+ // A random session ID is used to detect when the server accepted a ticket
+ // and is resuming a session (see RFC 5077). In TLS 1.3, it's always set as
+ // a compatibility measure (see RFC 8446, Section 4.1.2).
+ if c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ hello.sessionId = make([]byte, 32)
+ if _, err := io.ReadFull(config.rand(), hello.sessionId); err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+ }
+
+ if hello.vers >= VersionTLS12 {
+ hello.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ var params ecdheParameters
+ if hello.supportedVersions[0] == VersionTLS13 {
+ var hasTLS13CipherSuite bool
+ // add TLS 1.3 cipher suites
+ for _, suiteID := range possibleCipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ hasTLS13CipherSuite = true
+ hello.cipherSuites = append(hello.cipherSuites, suiteID)
+ }
+ }
+ }
+ if !hasTLS13CipherSuite {
+ hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13()...)
+ }
+
+ curveID := config.curvePreferences()[0]
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err = generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, nil, err
+ }
+ hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ if hello.supportedVersions[0] == VersionTLS13 && c.extraConfig != nil && c.extraConfig.GetExtensions != nil {
+ hello.additionalExtensions = c.extraConfig.GetExtensions(typeClientHello)
+ }
+
+ return hello, params, nil
+}
+
+func (c *Conn) clientHandshake() (err error) {
+ if c.config == nil {
+ c.config = fromConfig(defaultConfig())
+ }
+ c.setAlternativeRecordLayer()
+
+ // This may be a renegotiation handshake, in which case some fields
+ // need to be reset.
+ c.didResume = false
+
+ hello, ecdheParams, err := c.makeClientHello()
+ if err != nil {
+ return err
+ }
+ c.serverName = hello.serverName
+
+ cacheKey, session, earlySecret, binderKey := c.loadSession(hello)
+ if cacheKey != "" && session != nil {
+ var deletedTicket bool
+ if session.vers == VersionTLS13 && hello.earlyData && c.extraConfig != nil && c.extraConfig.Enable0RTT {
+ // don't reuse a session ticket that enabled 0-RTT
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ deletedTicket = true
+
+ if suite := cipherSuiteTLS13ByID(session.cipherSuite); suite != nil {
+ h := suite.hash.New()
+ h.Write(hello.marshal())
+ clientEarlySecret := suite.deriveSecret(earlySecret, "c e traffic", h)
+ c.out.exportKey(Encryption0RTT, suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+ }
+ if !deletedTicket {
+ defer func() {
+ // If we got a handshake failure when resuming a session, throw away
+ // the session ticket. See RFC 5077, Section 3.2.
+ //
+ // RFC 8446 makes no mention of dropping tickets on failure, but it
+ // does require servers to abort on invalid binders, so we need to
+ // delete tickets to recover from a corrupted PSK.
+ if err != nil {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ }
+ }()
+ }
+ }
+
+ if _, err := c.writeRecord(recordTypeHandshake, hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+
+ if err := c.pickTLSVersion(serverHello); err != nil {
+ return err
+ }
+
+ // If we are negotiating a protocol version that's lower than what we
+ // support, check for the server downgrade canaries.
+ // See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ tls12Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS12
+ tls11Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS11
+ if maxVers == VersionTLS13 && c.vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade) ||
+ maxVers == VersionTLS12 && c.vers <= VersionTLS11 && tls11Downgrade {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox")
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := &clientHandshakeStateTLS13{
+ c: c,
+ serverHello: serverHello,
+ hello: hello,
+ ecdheParams: ecdheParams,
+ session: session,
+ earlySecret: earlySecret,
+ binderKey: binderKey,
+ }
+
+ // In TLS 1.3, session tickets are delivered after the handshake.
+ return hs.handshake()
+ }
+
+ hs := &clientHandshakeState{
+ c: c,
+ serverHello: serverHello,
+ hello: hello,
+ session: session,
+ }
+
+ if err := hs.handshake(); err != nil {
+ return err
+ }
+
+ // If we had a successful handshake and hs.session is different from
+ // the one already cached - cache a new one.
+ if cacheKey != "" && hs.session != nil && session != hs.session {
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(hs.session))
+ }
+
+ return nil
+}
+
+// extract the app data saved in the session.nonce,
+// and set the session.nonce to the actual nonce value
+func (c *Conn) decodeSessionState(session *clientSessionState) (uint32 /* max early data */, []byte /* app data */, bool /* ok */) {
+ s := cryptobyte.String(session.nonce)
+ var version uint16
+ if !s.ReadUint16(&version) {
+ return 0, nil, false
+ }
+ if version != clientSessionStateVersion {
+ return 0, nil, false
+ }
+ var maxEarlyData uint32
+ if !s.ReadUint32(&maxEarlyData) {
+ return 0, nil, false
+ }
+ var appData []byte
+ if !readUint16LengthPrefixed(&s, &appData) {
+ return 0, nil, false
+ }
+ var nonce []byte
+ if !readUint16LengthPrefixed(&s, &nonce) {
+ return 0, nil, false
+ }
+ session.nonce = nonce
+ return maxEarlyData, appData, true
+}
+
+func (c *Conn) loadSession(hello *clientHelloMsg) (cacheKey string,
+ session *clientSessionState, earlySecret, binderKey []byte) {
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return "", nil, nil, nil
+ }
+
+ hello.ticketSupported = true
+
+ if hello.supportedVersions[0] == VersionTLS13 {
+ // Require DHE on resumption as it guarantees forward secrecy against
+ // compromise of the session ticket key. See RFC 8446, Section 4.2.9.
+ hello.pskModes = []uint8{pskModeDHE}
+ }
+
+ // Session resumption is not allowed if renegotiating because
+ // renegotiation is primarily used to allow a client to send a client
+ // certificate, which would be skipped if session resumption occurred.
+ if c.handshakes != 0 {
+ return "", nil, nil, nil
+ }
+
+ // Try to resume a previously negotiated TLS session, if available.
+ cacheKey = clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ sess, ok := c.config.ClientSessionCache.Get(cacheKey)
+ if !ok || sess == nil {
+ return cacheKey, nil, nil, nil
+ }
+ session = fromClientSessionState(sess)
+
+ var appData []byte
+ var maxEarlyData uint32
+ if session.vers == VersionTLS13 {
+ var ok bool
+ maxEarlyData, appData, ok = c.decodeSessionState(session)
+ if !ok { // delete it, if parsing failed
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ // Check that version used for the previous session is still valid.
+ versOk := false
+ for _, v := range hello.supportedVersions {
+ if v == session.vers {
+ versOk = true
+ break
+ }
+ }
+ if !versOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Check that the cached server certificate is not expired, and that it's
+ // valid for the ServerName. This should be ensured by the cache key, but
+ // protect the application from a faulty ClientSessionCache implementation.
+ if !c.config.InsecureSkipVerify {
+ if len(session.verifiedChains) == 0 {
+ // The original connection had InsecureSkipVerify, while this doesn't.
+ return cacheKey, nil, nil, nil
+ }
+ serverCert := session.serverCertificates[0]
+ if c.config.time().After(serverCert.NotAfter) {
+ // Expired certificate, delete the entry.
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ if err := serverCert.VerifyHostname(c.config.ServerName); err != nil {
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ if session.vers != VersionTLS13 {
+ // In TLS 1.2 the cipher suite must match the resumed session. Ensure we
+ // are still offering it.
+ if mutualCipherSuite(hello.cipherSuites, session.cipherSuite) == nil {
+ return cacheKey, nil, nil, nil
+ }
+
+ hello.sessionTicket = session.sessionTicket
+ return
+ }
+
+ // Check that the session ticket is not expired.
+ if c.config.time().After(session.useBy) {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+
+ // In TLS 1.3 the KDF hash must match the resumed session. Ensure we
+ // offer at least one cipher suite with that hash.
+ cipherSuite := cipherSuiteTLS13ByID(session.cipherSuite)
+ if cipherSuite == nil {
+ return cacheKey, nil, nil, nil
+ }
+ cipherSuiteOk := false
+ for _, offeredID := range hello.cipherSuites {
+ offeredSuite := cipherSuiteTLS13ByID(offeredID)
+ if offeredSuite != nil && offeredSuite.hash == cipherSuite.hash {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Set the pre_shared_key extension. See RFC 8446, Section 4.2.11.1.
+ ticketAge := uint32(c.config.time().Sub(session.receivedAt) / time.Millisecond)
+ identity := pskIdentity{
+ label: session.sessionTicket,
+ obfuscatedTicketAge: ticketAge + session.ageAdd,
+ }
+ hello.pskIdentities = []pskIdentity{identity}
+ hello.pskBinders = [][]byte{make([]byte, cipherSuite.hash.Size())}
+
+ // Compute the PSK binders. See RFC 8446, Section 4.2.11.2.
+ psk := cipherSuite.expandLabel(session.masterSecret, "resumption",
+ session.nonce, cipherSuite.hash.Size())
+ earlySecret = cipherSuite.extract(psk, nil)
+ binderKey = cipherSuite.deriveSecret(earlySecret, resumptionBinderLabel, nil)
+ if c.extraConfig != nil {
+ hello.earlyData = c.extraConfig.Enable0RTT && maxEarlyData > 0
+ }
+ transcript := cipherSuite.hash.New()
+ transcript.Write(hello.marshalWithoutBinders())
+ pskBinders := [][]byte{cipherSuite.finishedHash(binderKey, transcript)}
+ hello.updateBinders(pskBinders)
+
+ if session.vers == VersionTLS13 && c.extraConfig != nil && c.extraConfig.SetAppDataFromSessionState != nil {
+ c.extraConfig.SetAppDataFromSessionState(appData)
+ }
+ return
+}
+
+func (c *Conn) pickTLSVersion(serverHello *serverHelloMsg) error {
+ peerVersion := serverHello.vers
+ if serverHello.supportedVersion != 0 {
+ peerVersion = serverHello.supportedVersion
+ }
+
+ vers, ok := c.config.mutualVersion([]uint16{peerVersion})
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return fmt.Errorf("tls: server selected unsupported protocol version %x", peerVersion)
+ }
+
+ c.vers = vers
+ c.haveVers = true
+ c.in.version = vers
+ c.out.version = vers
+
+ return nil
+}
+
+// Does the handshake, either a full one or resumes old session. Requires hs.c,
+// hs.hello, hs.serverHello, and, optionally, hs.session to be set.
+func (hs *clientHandshakeState) handshake() error {
+ c := hs.c
+
+ isResume, err := hs.processServerHello()
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+
+ // No signatures of the handshake are needed in a resumption.
+ // Otherwise, in a full handshake, if we don't have any certificates
+ // configured then we will never send a CertificateVerify message and
+ // thus no signatures are needed in that case either.
+ if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+
+ hs.finishedHash.Write(hs.hello.marshal())
+ hs.finishedHash.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ c.didResume = isResume
+ if isResume {
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ } else {
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *clientHandshakeState) pickCipherSuite() error {
+ if hs.suite = mutualCipherSuite(hs.hello.cipherSuites, hs.serverHello.cipherSuite); hs.suite == nil {
+ hs.c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+
+ hs.c.cipherSuite = hs.suite.id
+ return nil
+}
+
+func (hs *clientHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok || len(certMsg.certificates) == 0 {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ cs, ok := msg.(*certificateStatusMsg)
+ if ok {
+ // RFC4366 on Certificate Status Request:
+ // The server MAY return a "certificate_status" message.
+
+ if !hs.serverHello.ocspStapling {
+ // If a server returns a "CertificateStatus" message, then the
+ // server MUST have included an extension of type "status_request"
+ // with empty "extension_data" in the extended server hello.
+
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received unexpected CertificateStatus message")
+ }
+ hs.finishedHash.Write(cs.marshal())
+
+ c.ocspResponse = cs.response
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ if c.handshakes == 0 {
+ // If this is the first handshake on a connection, process and
+ // (optionally) verify the server's certificates.
+ if err := c.verifyServerCertificate(certMsg.certificates); err != nil {
+ return err
+ }
+ } else {
+ // This is a renegotiation handshake. We require that the
+ // server's identity (i.e. leaf certificate) is unchanged and
+ // thus any previous trust decision is still valid.
+ //
+ // See https://mitls.org/pages/attacks/3SHAKE for the
+ // motivation behind this requirement.
+ if !bytes.Equal(c.peerCertificates[0].Raw, certMsg.certificates[0]) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: server's identity changed during renegotiation")
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+
+ skx, ok := msg.(*serverKeyExchangeMsg)
+ if ok {
+ hs.finishedHash.Write(skx.marshal())
+ err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, c.peerCertificates[0], skx)
+ if err != nil {
+ c.sendAlert(alertUnexpectedMessage)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ var chainToSend *Certificate
+ var certRequested bool
+ certReq, ok := msg.(*certificateRequestMsg)
+ if ok {
+ certRequested = true
+ hs.finishedHash.Write(certReq.marshal())
+
+ cri := certificateRequestInfoFromMsg(c.vers, certReq)
+ if chainToSend, err = c.getClientCertificate(cri); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ shd, ok := msg.(*serverHelloDoneMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(shd, msg)
+ }
+ hs.finishedHash.Write(shd.marshal())
+
+ // If the server requested a certificate then we have to send a
+ // Certificate message, even if it's empty because we don't have a
+ // certificate to send.
+ if certRequested {
+ certMsg = new(certificateMsg)
+ certMsg.certificates = chainToSend.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+ }
+
+ preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, c.peerCertificates[0])
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ if ckx != nil {
+ hs.finishedHash.Write(ckx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, ckx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ if chainToSend != nil && len(chainToSend.Certificate) > 0 {
+ certVerify := &certificateVerifyMsg{}
+
+ key, ok := chainToSend.PrivateKey.(crypto.Signer)
+ if !ok {
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: client certificate private key of type %T does not implement crypto.Signer", chainToSend.PrivateKey)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ signatureAlgorithm, err := selectSignatureScheme(c.vers, chainToSend, certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ certVerify.hasSignatureAlgorithm = true
+ certVerify.signatureAlgorithm = signatureAlgorithm
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(key.Public())
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ certVerify.signature, err = key.Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerify.marshal()); err != nil {
+ return err
+ }
+ }
+
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to write to key log: " + err.Error())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *clientHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash hash.Hash
+ if hs.suite.cipher != nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */)
+ clientHash = hs.suite.mac(clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */)
+ serverHash = hs.suite.mac(serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, serverCipher, serverHash)
+ c.out.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ return nil
+}
+
+func (hs *clientHandshakeState) serverResumedSession() bool {
+ // If the server responded with the same sessionId then it means the
+ // sessionTicket is being used to resume a TLS session.
+ return hs.session != nil && hs.hello.sessionId != nil &&
+ bytes.Equal(hs.serverHello.sessionId, hs.hello.sessionId)
+}
+
+func (hs *clientHandshakeState) processServerHello() (bool, error) {
+ c := hs.c
+
+ if err := hs.pickCipherSuite(); err != nil {
+ return false, err
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertUnexpectedMessage)
+ return false, errors.New("tls: server selected unsupported compression format")
+ }
+
+ if c.handshakes == 0 && hs.serverHello.secureRenegotiationSupported {
+ c.secureRenegotiation = true
+ if len(hs.serverHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+ }
+
+ if c.handshakes > 0 && c.secureRenegotiation {
+ var expectedSecureRenegotiation [24]byte
+ copy(expectedSecureRenegotiation[:], c.clientFinished[:])
+ copy(expectedSecureRenegotiation[12:], c.serverFinished[:])
+ if !bytes.Equal(hs.serverHello.secureRenegotiation, expectedSecureRenegotiation[:]) {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: incorrect renegotiation extension contents")
+ }
+ }
+
+ if hs.serverHello.alpnProtocol != "" {
+ if len(hs.hello.alpnProtocols) == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return false, errors.New("tls: server advertised unrequested ALPN extension")
+ }
+ if mutualProtocol([]string{hs.serverHello.alpnProtocol}, hs.hello.alpnProtocols) == "" {
+ c.sendAlert(alertUnsupportedExtension)
+ return false, errors.New("tls: server selected unadvertised ALPN protocol")
+ }
+ c.clientProtocol = hs.serverHello.alpnProtocol
+ }
+
+ c.scts = hs.serverHello.scts
+
+ if !hs.serverResumedSession() {
+ return false, nil
+ }
+
+ if hs.session.vers != c.vers {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different version")
+ }
+
+ if hs.session.cipherSuite != hs.suite.id {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different cipher suite")
+ }
+
+ // Restore masterSecret, peerCerts, and ocspResponse from previous state
+ hs.masterSecret = hs.session.masterSecret
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ // Let the ServerHello SCTs override the session SCTs from the original
+ // connection, if any are provided
+ if len(c.scts) == 0 && len(hs.session.scts) != 0 {
+ c.scts = hs.session.scts
+ }
+
+ return true, nil
+}
+
+func (hs *clientHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ serverFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverFinished, msg)
+ }
+
+ verify := hs.finishedHash.serverSum(hs.masterSecret)
+ if len(verify) != len(serverFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server's Finished message was incorrect")
+ }
+ hs.finishedHash.Write(serverFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *clientHandshakeState) readSessionTicket() error {
+ if !hs.serverHello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ sessionTicketMsg, ok := msg.(*newSessionTicketMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(sessionTicketMsg, msg)
+ }
+ hs.finishedHash.Write(sessionTicketMsg.marshal())
+
+ hs.session = &clientSessionState{
+ sessionTicket: sessionTicketMsg.ticket,
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ masterSecret: hs.masterSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+ copy(out, finished.verifyData)
+ return nil
+}
+
+// verifyServerCertificate parses and verifies the provided chain, setting
+// c.verifiedChains and c.peerCertificates or sending the appropriate alert.
+func (c *Conn) verifyServerCertificate(certificates [][]byte) error {
+ certs := make([]*x509.Certificate, len(certificates))
+ for i, asn1Data := range certificates {
+ cert, err := x509.ParseCertificate(asn1Data)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse certificate from server: " + err.Error())
+ }
+ certs[i] = cert
+ }
+
+ if !c.config.InsecureSkipVerify {
+ opts := x509.VerifyOptions{
+ Roots: c.config.RootCAs,
+ CurrentTime: c.config.time(),
+ DNSName: c.config.ServerName,
+ Intermediates: x509.NewCertPool(),
+ }
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+ var err error
+ c.verifiedChains, err = certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ switch certs[0].PublicKey.(type) {
+ case *rsa.PublicKey, *ecdsa.PublicKey, ed25519.PublicKey:
+ break
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: server's certificate contains an unsupported type of public key: %T", certs[0].PublicKey)
+ }
+
+ c.peerCertificates = certs
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+// certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS
+// <= 1.2 CertificateRequest, making an effort to fill in missing information.
+func certificateRequestInfoFromMsg(vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
+ cri := &certificateRequestInfo{
+ AcceptableCAs: certReq.certificateAuthorities,
+ Version: vers,
+ }
+
+ var rsaAvail, ecAvail bool
+ for _, certType := range certReq.certificateTypes {
+ switch certType {
+ case certTypeRSASign:
+ rsaAvail = true
+ case certTypeECDSASign:
+ ecAvail = true
+ }
+ }
+
+ if !certReq.hasSignatureAlgorithm {
+ // Prior to TLS 1.2, signature schemes did not exist. In this case we
+ // make up a list based on the acceptable certificate types, to help
+ // GetClientCertificate and SupportsCertificate select the right certificate.
+ // The hash part of the SignatureScheme is a lie here, because
+ // TLS 1.0 and 1.1 always use MD5+SHA1 for RSA and SHA1 for ECDSA.
+ switch {
+ case rsaAvail && ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case rsaAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ }
+ }
+ return toCertificateRequestInfo(cri)
+ }
+
+ // Filter the signature schemes based on the certificate types.
+ // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated").
+ cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms))
+ for _, sigScheme := range certReq.supportedSignatureAlgorithms {
+ sigType, _, err := typeAndHashFromSignatureScheme(sigScheme)
+ if err != nil {
+ continue
+ }
+ switch sigType {
+ case signatureECDSA, signatureEd25519:
+ if ecAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ case signatureRSAPSS, signaturePKCS1v15:
+ if rsaAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ }
+ }
+
+ return toCertificateRequestInfo(cri)
+}
+
+func (c *Conn) getClientCertificate(cri *CertificateRequestInfo) (*Certificate, error) {
+ if c.config.GetClientCertificate != nil {
+ return c.config.GetClientCertificate(cri)
+ }
+
+ for _, chain := range c.config.Certificates {
+ if err := cri.SupportsCertificate(&chain); err != nil {
+ continue
+ }
+ return &chain, nil
+ }
+
+ // No acceptable certificate found. Don't send a certificate.
+ return new(Certificate), nil
+}
+
+const clientSessionCacheKeyPrefix = "qtls-"
+
+// clientSessionCacheKey returns a key used to cache sessionTickets that could
+// be used to resume previously negotiated TLS sessions with a server.
+func clientSessionCacheKey(serverAddr net.Addr, config *config) string {
+ if len(config.ServerName) > 0 {
+ return clientSessionCacheKeyPrefix + config.ServerName
+ }
+ return clientSessionCacheKeyPrefix + serverAddr.String()
+}
+
+// mutualProtocol finds the mutual ALPN protocol given list of possible
+// protocols and a list of the preference order.
+func mutualProtocol(protos, preferenceProtos []string) string {
+ for _, s := range preferenceProtos {
+ for _, c := range protos {
+ if s == c {
+ return s
+ }
+ }
+ }
+ return ""
+}
+
+// hostnameInSNI converts name into an appropriate hostname for SNI.
+// Literal IP addresses and absolute FQDNs are not permitted as SNI values.
+// See RFC 6066, Section 3.
+func hostnameInSNI(name string) string {
+ host := name
+ if len(host) > 0 && host[0] == '[' && host[len(host)-1] == ']' {
+ host = host[1 : len(host)-1]
+ }
+ if i := strings.LastIndex(host, "%"); i > 0 {
+ host = host[:i]
+ }
+ if net.ParseIP(host) != nil {
+ return ""
+ }
+ for len(name) > 0 && name[len(name)-1] == '.' {
+ name = name[:len(name)-1]
+ }
+ return name
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client_tls13.go
new file mode 100644
index 00000000..fb70cec0
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_client_tls13.go
@@ -0,0 +1,740 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "encoding/binary"
+ "errors"
+ "fmt"
+ "hash"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+type clientHandshakeStateTLS13 struct {
+ c *Conn
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ ecdheParams ecdheParameters
+
+ session *clientSessionState
+ earlySecret []byte
+ binderKey []byte
+
+ certReq *certificateRequestMsgTLS13
+ usingPSK bool
+ sentDummyCCS bool
+ suite *cipherSuiteTLS13
+ transcript hash.Hash
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+}
+
+// handshake requires hs.c, hs.hello, hs.serverHello, hs.ecdheParams, and,
+// optionally, hs.session, hs.earlySecret and hs.binderKey to be set.
+func (hs *clientHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // The server must not select TLS 1.3 in a renegotiation. See RFC 8446,
+ // sections 4.1.2 and 4.1.3.
+ if c.handshakes > 0 {
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: server selected TLS 1.3 in a renegotiation")
+ }
+
+ // Consistency check on the presence of a keyShare and its parameters.
+ if hs.ecdheParams == nil || len(hs.hello.keyShares) != 1 {
+ return c.sendAlert(alertInternalError)
+ }
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ hs.transcript = hs.suite.hash.New()
+ hs.transcript.Write(hs.hello.marshal())
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.processHelloRetryRequest(); err != nil {
+ return err
+ }
+ }
+
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ if err := hs.processServerHello(); err != nil {
+ return err
+ }
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.establishHandshakeKeys(); err != nil {
+ return err
+ }
+ if err := hs.readServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.readServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readServerFinished(); err != nil {
+ return err
+ }
+ if err := hs.sendClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendClientFinished(); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// checkServerHelloOrHRR does validity checks that apply to both ServerHello and
+// HelloRetryRequest messages. It sets hs.suite.
+func (hs *clientHandshakeStateTLS13) checkServerHelloOrHRR() error {
+ c := hs.c
+
+ if hs.serverHello.supportedVersion == 0 {
+ c.sendAlert(alertMissingExtension)
+ return errors.New("tls: server selected TLS 1.3 using the legacy version field")
+ }
+
+ if hs.serverHello.supportedVersion != VersionTLS13 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid version after a HelloRetryRequest")
+ }
+
+ if hs.serverHello.vers != VersionTLS12 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an incorrect legacy version")
+ }
+
+ if hs.serverHello.ocspStapling ||
+ hs.serverHello.ticketSupported ||
+ hs.serverHello.secureRenegotiationSupported ||
+ len(hs.serverHello.secureRenegotiation) != 0 ||
+ len(hs.serverHello.alpnProtocol) != 0 ||
+ len(hs.serverHello.scts) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a ServerHello extension forbidden in TLS 1.3")
+ }
+
+ if !bytes.Equal(hs.hello.sessionId, hs.serverHello.sessionId) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not echo the legacy session ID")
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported compression format")
+ }
+
+ selectedSuite := mutualCipherSuiteTLS13(hs.hello.cipherSuites, hs.serverHello.cipherSuite)
+ if hs.suite != nil && selectedSuite != hs.suite {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server changed cipher suite after a HelloRetryRequest")
+ }
+ if selectedSuite == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+ hs.suite = selectedSuite
+ c.cipherSuite = hs.suite.id
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *clientHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+// processHelloRetryRequest handles the HRR in hs.serverHello, modifies and
+// resends hs.hello, and reads the new ServerHello into hs.serverHello.
+func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. (The idea is that the server might offload transcript
+ // storage to the client in the cookie.) See RFC 8446, Section 4.4.1.
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ // The only HelloRetryRequest extensions we support are key_share and
+ // cookie, and clients must abort the handshake if the HRR would not result
+ // in any change in the ClientHello.
+ if hs.serverHello.selectedGroup == 0 && hs.serverHello.cookie == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest message")
+ }
+
+ if hs.serverHello.cookie != nil {
+ hs.hello.cookie = hs.serverHello.cookie
+ }
+
+ if hs.serverHello.serverShare.group != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received malformed key_share extension")
+ }
+
+ // If the server sent a key_share extension selecting a group, ensure it's
+ // a group we advertised but did not send a key share for, and send a key
+ // share for it this time.
+ if curveID := hs.serverHello.selectedGroup; curveID != 0 {
+ curveOK := false
+ for _, id := range hs.hello.supportedCurves {
+ if id == curveID {
+ curveOK = true
+ break
+ }
+ }
+ if !curveOK {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+ if hs.ecdheParams.CurveID() == curveID {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest key_share")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), curveID)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.ecdheParams = params
+ hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ hs.hello.raw = nil
+ if len(hs.hello.pskIdentities) > 0 {
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash == hs.suite.hash {
+ // Update binders and obfuscated_ticket_age.
+ ticketAge := uint32(c.config.time().Sub(hs.session.receivedAt) / time.Millisecond)
+ hs.hello.pskIdentities[0].obfuscatedTicketAge = ticketAge + hs.session.ageAdd
+
+ transcript := hs.suite.hash.New()
+ transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ transcript.Write(chHash)
+ transcript.Write(hs.serverHello.marshal())
+ transcript.Write(hs.hello.marshalWithoutBinders())
+ pskBinders := [][]byte{hs.suite.finishedHash(hs.binderKey, transcript)}
+ hs.hello.updateBinders(pskBinders)
+ } else {
+ // Server selected a cipher suite incompatible with the PSK.
+ hs.hello.pskIdentities = nil
+ hs.hello.pskBinders = nil
+ }
+ }
+
+ if hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ hs.hello.earlyData = false // disable 0-RTT
+
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+ hs.serverHello = serverHello
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) processServerHello() error {
+ c := hs.c
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: server sent two HelloRetryRequest messages")
+ }
+
+ if len(hs.serverHello.cookie) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a cookie in a normal ServerHello")
+ }
+
+ if hs.serverHello.selectedGroup != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: malformed key_share extension")
+ }
+
+ if hs.serverHello.serverShare.group == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not send a key share")
+ }
+ if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+
+ if !hs.serverHello.selectedIdentityPresent {
+ return nil
+ }
+
+ if int(hs.serverHello.selectedIdentity) >= len(hs.hello.pskIdentities) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK")
+ }
+
+ if len(hs.hello.pskIdentities) != 1 || hs.session == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash != hs.suite.hash {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK and cipher suite pair")
+ }
+
+ hs.usingPSK = true
+ c.didResume = true
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ c.scts = hs.session.scts
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error {
+ c := hs.c
+
+ sharedKey := hs.ecdheParams.SharedKey(hs.serverHello.serverShare.data)
+ if sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid server key share")
+ }
+
+ earlySecret := hs.earlySecret
+ if !hs.usingPSK {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ handshakeSecret := hs.suite.extract(sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.out.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.hello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(handshakeSecret, "derived", nil))
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerParameters() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ encryptedExtensions, ok := msg.(*encryptedExtensionsMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(encryptedExtensions, msg)
+ }
+ // Notify the caller if 0-RTT was rejected.
+ if !encryptedExtensions.earlyData && hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ c.used0RTT = encryptedExtensions.earlyData
+ if hs.c.extraConfig != nil && hs.c.extraConfig.ReceivedExtensions != nil {
+ hs.c.extraConfig.ReceivedExtensions(typeEncryptedExtensions, encryptedExtensions.additionalExtensions)
+ }
+ hs.transcript.Write(encryptedExtensions.marshal())
+
+ if c.extraConfig != nil && c.extraConfig.EnforceNextProtoSelection {
+ if len(encryptedExtensions.alpnProtocol) == 0 {
+ // the server didn't select an ALPN
+ c.sendAlert(alertNoApplicationProtocol)
+ return errors.New("ALPN negotiation failed. Server didn't offer any protocols")
+ }
+ if mutualProtocol([]string{encryptedExtensions.alpnProtocol}, hs.c.config.NextProtos) == "" {
+ // the protocol selected by the server was not offered
+ c.sendAlert(alertNoApplicationProtocol)
+ return fmt.Errorf("ALPN negotiation failed. Server offered: %q", encryptedExtensions.alpnProtocol)
+ }
+ }
+ if encryptedExtensions.alpnProtocol != "" {
+ if len(hs.hello.alpnProtocols) == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server advertised unrequested ALPN extension")
+ }
+ if mutualProtocol([]string{encryptedExtensions.alpnProtocol}, hs.hello.alpnProtocols) == "" {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server selected unadvertised ALPN protocol")
+ }
+ c.clientProtocol = encryptedExtensions.alpnProtocol
+ }
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
+ c := hs.c
+
+ // Either a PSK or a certificate is always used, but not both.
+ // See RFC 8446, Section 4.1.1.
+ if hs.usingPSK {
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certReq, ok := msg.(*certificateRequestMsgTLS13)
+ if ok {
+ hs.transcript.Write(certReq.marshal())
+
+ hs.certReq = certReq
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ if len(certMsg.certificate.Certificate) == 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received empty certificates message")
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ c.scts = certMsg.certificate.SignedCertificateTimestamps
+ c.ocspResponse = certMsg.certificate.OCSPStaple
+
+ if err := c.verifyServerCertificate(certMsg.certificate.Certificate); err != nil {
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ expectedMAC := hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ if !hmac.Equal(expectedMAC, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid server finished hash")
+ }
+
+ hs.transcript.Write(finished.marshal())
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err = c.config.writeKeyLog(keyLogLabelClientTraffic, hs.hello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
+ c := hs.c
+
+ if hs.certReq == nil {
+ return nil
+ }
+
+ cert, err := c.getClientCertificate(toCertificateRequestInfo(&certificateRequestInfo{
+ AcceptableCAs: hs.certReq.certificateAuthorities,
+ SignatureSchemes: hs.certReq.supportedSignatureAlgorithms,
+ Version: c.vers,
+ }))
+ if err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *cert
+ certMsg.scts = hs.certReq.scts && len(cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.certReq.ocspStapling && len(cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ // If we sent an empty certificate message, skip the CertificateVerify.
+ if len(cert.Certificate) == 0 {
+ return nil
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+
+ certVerifyMsg.signatureAlgorithm, err = selectSignatureScheme(c.vers, cert, hs.certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ // getClientCertificate returned a certificate incompatible with the
+ // CertificateRequestInfo supported signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerifyMsg.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ c.out.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.out.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ if !c.config.SessionTicketsDisabled && c.config.ClientSessionCache != nil {
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+ }
+
+ return nil
+}
+
+func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error {
+ if !c.isClient {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received new session ticket from a client")
+ }
+
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return nil
+ }
+
+ // See RFC 8446, Section 4.6.1.
+ if msg.lifetime == 0 {
+ return nil
+ }
+ lifetime := time.Duration(msg.lifetime) * time.Second
+ if lifetime > maxSessionTicketLifetime {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: received a session ticket with invalid lifetime")
+ }
+
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil || c.resumptionSecret == nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ // We need to save the max_early_data_size that the server sent us, in order
+ // to decide if we're going to try 0-RTT with this ticket.
+ // However, at the same time, the qtls.ClientSessionTicket needs to be equal to
+ // the tls.ClientSessionTicket, so we can't just add a new field to the struct.
+ // We therefore abuse the nonce field (which is a byte slice)
+ nonceWithEarlyData := make([]byte, len(msg.nonce)+4)
+ binary.BigEndian.PutUint32(nonceWithEarlyData, msg.maxEarlyData)
+ copy(nonceWithEarlyData[4:], msg.nonce)
+
+ var appData []byte
+ if c.extraConfig != nil && c.extraConfig.GetAppDataForSessionState != nil {
+ appData = c.extraConfig.GetAppDataForSessionState()
+ }
+ var b cryptobyte.Builder
+ b.AddUint16(clientSessionStateVersion) // revision
+ b.AddUint32(msg.maxEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(appData)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(msg.nonce)
+ })
+
+ // Save the resumption_master_secret and nonce instead of deriving the PSK
+ // to do the least amount of work on NewSessionTicket messages before we
+ // know if the ticket will be used. Forward secrecy of resumed connections
+ // is guaranteed by the requirement for pskModeDHE.
+ session := &clientSessionState{
+ sessionTicket: msg.label,
+ vers: c.vers,
+ cipherSuite: c.cipherSuite,
+ masterSecret: c.resumptionSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ nonce: b.BytesOrPanic(),
+ useBy: c.config.time().Add(lifetime),
+ ageAdd: msg.ageAdd,
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(session))
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/handshake_messages.go b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_messages.go
new file mode 100644
index 00000000..1ab75762
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_messages.go
@@ -0,0 +1,1832 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "fmt"
+ "strings"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// The marshalingFunction type is an adapter to allow the use of ordinary
+// functions as cryptobyte.MarshalingValue.
+type marshalingFunction func(b *cryptobyte.Builder) error
+
+func (f marshalingFunction) Marshal(b *cryptobyte.Builder) error {
+ return f(b)
+}
+
+// addBytesWithLength appends a sequence of bytes to the cryptobyte.Builder. If
+// the length of the sequence is not the value specified, it produces an error.
+func addBytesWithLength(b *cryptobyte.Builder, v []byte, n int) {
+ b.AddValue(marshalingFunction(func(b *cryptobyte.Builder) error {
+ if len(v) != n {
+ return fmt.Errorf("invalid value length: expected %d, got %d", n, len(v))
+ }
+ b.AddBytes(v)
+ return nil
+ }))
+}
+
+// addUint64 appends a big-endian, 64-bit value to the cryptobyte.Builder.
+func addUint64(b *cryptobyte.Builder, v uint64) {
+ b.AddUint32(uint32(v >> 32))
+ b.AddUint32(uint32(v))
+}
+
+// readUint64 decodes a big-endian, 64-bit value into out and advances over it.
+// It reports whether the read was successful.
+func readUint64(s *cryptobyte.String, out *uint64) bool {
+ var hi, lo uint32
+ if !s.ReadUint32(&hi) || !s.ReadUint32(&lo) {
+ return false
+ }
+ *out = uint64(hi)<<32 | uint64(lo)
+ return true
+}
+
+// readUint8LengthPrefixed acts like s.ReadUint8LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint8LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint8LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint16LengthPrefixed acts like s.ReadUint16LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint16LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint16LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint24LengthPrefixed acts like s.ReadUint24LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint24LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint24LengthPrefixed((*cryptobyte.String)(out))
+}
+
+type clientHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuites []uint16
+ compressionMethods []uint8
+ serverName string
+ ocspStapling bool
+ supportedCurves []CurveID
+ supportedPoints []uint8
+ ticketSupported bool
+ sessionTicket []uint8
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocols []string
+ scts bool
+ supportedVersions []uint16
+ cookie []byte
+ keyShares []keyShare
+ earlyData bool
+ pskModes []uint8
+ pskIdentities []pskIdentity
+ pskBinders [][]byte
+ additionalExtensions []Extension
+}
+
+func (m *clientHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeClientHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, suite := range m.cipherSuites {
+ b.AddUint16(suite)
+ }
+ })
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.compressionMethods)
+ })
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.serverName) > 0 {
+ // RFC 6066, Section 3
+ b.AddUint16(extensionServerName)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // name_type = host_name
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.serverName))
+ })
+ })
+ })
+ }
+ if m.ocspStapling {
+ // RFC 4366, Section 3.6
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(1) // status_type = ocsp
+ b.AddUint16(0) // empty responder_id_list
+ b.AddUint16(0) // empty request_extensions
+ })
+ }
+ if len(m.supportedCurves) > 0 {
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ b.AddUint16(extensionSupportedCurves)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, curve := range m.supportedCurves {
+ b.AddUint16(uint16(curve))
+ }
+ })
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ // RFC 4492, Section 5.1.2
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+ if m.ticketSupported {
+ // RFC 5077, Section 3.2
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionTicket)
+ })
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ // RFC 5246, Section 7.4.1.4.1
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ // RFC 8446, Section 4.2.3
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if m.secureRenegotiationSupported {
+ // RFC 5746, Section 3.2
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocols) > 0 {
+ // RFC 7301, Section 3.1
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, proto := range m.alpnProtocols {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(proto))
+ })
+ }
+ })
+ })
+ }
+ if m.scts {
+ // RFC 6962, Section 3.3.1
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedVersions) > 0 {
+ // RFC 8446, Section 4.2.1
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, vers := range m.supportedVersions {
+ b.AddUint16(vers)
+ }
+ })
+ })
+ }
+ if len(m.cookie) > 0 {
+ // RFC 8446, Section 4.2.2
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if len(m.keyShares) > 0 {
+ // RFC 8446, Section 4.2.8
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ks := range m.keyShares {
+ b.AddUint16(uint16(ks.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ks.data)
+ })
+ }
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.pskModes) > 0 {
+ // RFC 8446, Section 4.2.9
+ b.AddUint16(extensionPSKModes)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.pskModes)
+ })
+ })
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ if len(m.pskIdentities) > 0 { // pre_shared_key must be the last extension
+ // RFC 8446, Section 4.2.11
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, psk := range m.pskIdentities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(psk.label)
+ })
+ b.AddUint32(psk.obfuscatedTicketAge)
+ }
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+// marshalWithoutBinders returns the ClientHello through the
+// PreSharedKeyExtension.identities field, according to RFC 8446, Section
+// 4.2.11.2. Note that m.pskBinders must be set to slices of the correct length.
+func (m *clientHelloMsg) marshalWithoutBinders() []byte {
+ bindersLen := 2 // uint16 length prefix
+ for _, binder := range m.pskBinders {
+ bindersLen += 1 // uint8 length prefix
+ bindersLen += len(binder)
+ }
+
+ fullMessage := m.marshal()
+ return fullMessage[:len(fullMessage)-bindersLen]
+}
+
+// updateBinders updates the m.pskBinders field, if necessary updating the
+// cached marshaled representation. The supplied binders must have the same
+// length as the current m.pskBinders.
+func (m *clientHelloMsg) updateBinders(pskBinders [][]byte) {
+ if len(pskBinders) != len(m.pskBinders) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ for i := range m.pskBinders {
+ if len(pskBinders[i]) != len(m.pskBinders[i]) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ }
+ m.pskBinders = pskBinders
+ if m.raw != nil {
+ lenWithoutBinders := len(m.marshalWithoutBinders())
+ // TODO(filippo): replace with NewFixedBuilder once CL 148882 is imported.
+ b := cryptobyte.NewBuilder(m.raw[:lenWithoutBinders])
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ if len(b.BytesOrPanic()) != len(m.raw) {
+ panic("tls: internal error: failed to update binders")
+ }
+ }
+}
+
+func (m *clientHelloMsg) unmarshal(data []byte) bool {
+ *m = clientHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) {
+ return false
+ }
+
+ var cipherSuites cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&cipherSuites) {
+ return false
+ }
+ m.cipherSuites = []uint16{}
+ m.secureRenegotiationSupported = false
+ for !cipherSuites.Empty() {
+ var suite uint16
+ if !cipherSuites.ReadUint16(&suite) {
+ return false
+ }
+ if suite == scsvRenegotiation {
+ m.secureRenegotiationSupported = true
+ }
+ m.cipherSuites = append(m.cipherSuites, suite)
+ }
+
+ if !readUint8LengthPrefixed(&s, &m.compressionMethods) {
+ return false
+ }
+
+ if s.Empty() {
+ // ClientHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionServerName:
+ // RFC 6066, Section 3
+ var nameList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&nameList) || nameList.Empty() {
+ return false
+ }
+ for !nameList.Empty() {
+ var nameType uint8
+ var serverName cryptobyte.String
+ if !nameList.ReadUint8(&nameType) ||
+ !nameList.ReadUint16LengthPrefixed(&serverName) ||
+ serverName.Empty() {
+ return false
+ }
+ if nameType != 0 {
+ continue
+ }
+ if len(m.serverName) != 0 {
+ // Multiple names of the same name_type are prohibited.
+ return false
+ }
+ m.serverName = string(serverName)
+ // An SNI value may not include a trailing dot.
+ if strings.HasSuffix(m.serverName, ".") {
+ return false
+ }
+ }
+ case extensionStatusRequest:
+ // RFC 4366, Section 3.6
+ var statusType uint8
+ var ignored cryptobyte.String
+ if !extData.ReadUint8(&statusType) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) {
+ return false
+ }
+ m.ocspStapling = statusType == statusTypeOCSP
+ case extensionSupportedCurves:
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ var curves cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&curves) || curves.Empty() {
+ return false
+ }
+ for !curves.Empty() {
+ var curve uint16
+ if !curves.ReadUint16(&curve) {
+ return false
+ }
+ m.supportedCurves = append(m.supportedCurves, CurveID(curve))
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ case extensionSessionTicket:
+ // RFC 5077, Section 3.2
+ m.ticketSupported = true
+ extData.ReadBytes(&m.sessionTicket, len(extData))
+ case extensionSignatureAlgorithms:
+ // RFC 5246, Section 7.4.1.4.1
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ // RFC 8446, Section 4.2.3
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionRenegotiationInfo:
+ // RFC 5746, Section 3.2
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ // RFC 7301, Section 3.1
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ for !protoList.Empty() {
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() {
+ return false
+ }
+ m.alpnProtocols = append(m.alpnProtocols, string(proto))
+ }
+ case extensionSCT:
+ // RFC 6962, Section 3.3.1
+ m.scts = true
+ case extensionSupportedVersions:
+ // RFC 8446, Section 4.2.1
+ var versList cryptobyte.String
+ if !extData.ReadUint8LengthPrefixed(&versList) || versList.Empty() {
+ return false
+ }
+ for !versList.Empty() {
+ var vers uint16
+ if !versList.ReadUint16(&vers) {
+ return false
+ }
+ m.supportedVersions = append(m.supportedVersions, vers)
+ }
+ case extensionCookie:
+ // RFC 8446, Section 4.2.2
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // RFC 8446, Section 4.2.8
+ var clientShares cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&clientShares) {
+ return false
+ }
+ for !clientShares.Empty() {
+ var ks keyShare
+ if !clientShares.ReadUint16((*uint16)(&ks.group)) ||
+ !readUint16LengthPrefixed(&clientShares, &ks.data) ||
+ len(ks.data) == 0 {
+ return false
+ }
+ m.keyShares = append(m.keyShares, ks)
+ }
+ case extensionEarlyData:
+ // RFC 8446, Section 4.2.10
+ m.earlyData = true
+ case extensionPSKModes:
+ // RFC 8446, Section 4.2.9
+ if !readUint8LengthPrefixed(&extData, &m.pskModes) {
+ return false
+ }
+ case extensionPreSharedKey:
+ // RFC 8446, Section 4.2.11
+ if !extensions.Empty() {
+ return false // pre_shared_key must be the last extension
+ }
+ var identities cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&identities) || identities.Empty() {
+ return false
+ }
+ for !identities.Empty() {
+ var psk pskIdentity
+ if !readUint16LengthPrefixed(&identities, &psk.label) ||
+ !identities.ReadUint32(&psk.obfuscatedTicketAge) ||
+ len(psk.label) == 0 {
+ return false
+ }
+ m.pskIdentities = append(m.pskIdentities, psk)
+ }
+ var binders cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&binders) || binders.Empty() {
+ return false
+ }
+ for !binders.Empty() {
+ var binder []byte
+ if !readUint8LengthPrefixed(&binders, &binder) ||
+ len(binder) == 0 {
+ return false
+ }
+ m.pskBinders = append(m.pskBinders, binder)
+ }
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type serverHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuite uint16
+ compressionMethod uint8
+ ocspStapling bool
+ ticketSupported bool
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocol string
+ scts [][]byte
+ supportedVersion uint16
+ serverShare keyShare
+ selectedIdentityPresent bool
+ selectedIdentity uint16
+ supportedPoints []uint8
+
+ // HelloRetryRequest extensions
+ cookie []byte
+ selectedGroup CurveID
+}
+
+func (m *serverHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeServerHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16(m.cipherSuite)
+ b.AddUint8(m.compressionMethod)
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.ticketSupported {
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.secureRenegotiationSupported {
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if len(m.scts) > 0 {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range m.scts {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ if m.supportedVersion != 0 {
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.supportedVersion)
+ })
+ }
+ if m.serverShare.group != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.serverShare.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.serverShare.data)
+ })
+ })
+ }
+ if m.selectedIdentityPresent {
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.selectedIdentity)
+ })
+ }
+
+ if len(m.cookie) > 0 {
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if m.selectedGroup != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.selectedGroup))
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *serverHelloMsg) unmarshal(data []byte) bool {
+ *m = serverHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) ||
+ !s.ReadUint16(&m.cipherSuite) ||
+ !s.ReadUint8(&m.compressionMethod) {
+ return false
+ }
+
+ if s.Empty() {
+ // ServerHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSessionTicket:
+ m.ticketSupported = true
+ case extensionRenegotiationInfo:
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ m.scts = append(m.scts, sct)
+ }
+ case extensionSupportedVersions:
+ if !extData.ReadUint16(&m.supportedVersion) {
+ return false
+ }
+ case extensionCookie:
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // This extension has different formats in SH and HRR, accept either
+ // and let the handshake logic decide. See RFC 8446, Section 4.2.8.
+ if len(extData) == 2 {
+ if !extData.ReadUint16((*uint16)(&m.selectedGroup)) {
+ return false
+ }
+ } else {
+ if !extData.ReadUint16((*uint16)(&m.serverShare.group)) ||
+ !readUint16LengthPrefixed(&extData, &m.serverShare.data) {
+ return false
+ }
+ }
+ case extensionPreSharedKey:
+ m.selectedIdentityPresent = true
+ if !extData.ReadUint16(&m.selectedIdentity) {
+ return false
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type encryptedExtensionsMsg struct {
+ raw []byte
+ alpnProtocol string
+ earlyData bool
+
+ additionalExtensions []Extension
+}
+
+func (m *encryptedExtensionsMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeEncryptedExtensions)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *encryptedExtensionsMsg) unmarshal(data []byte) bool {
+ *m = encryptedExtensionsMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionEarlyData:
+ m.earlyData = true
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type endOfEarlyDataMsg struct{}
+
+func (m *endOfEarlyDataMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeEndOfEarlyData
+ return x
+}
+
+func (m *endOfEarlyDataMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type keyUpdateMsg struct {
+ raw []byte
+ updateRequested bool
+}
+
+func (m *keyUpdateMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeKeyUpdate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.updateRequested {
+ b.AddUint8(1)
+ } else {
+ b.AddUint8(0)
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *keyUpdateMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var updateRequested uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&updateRequested) || !s.Empty() {
+ return false
+ }
+ switch updateRequested {
+ case 0:
+ m.updateRequested = false
+ case 1:
+ m.updateRequested = true
+ default:
+ return false
+ }
+ return true
+}
+
+type newSessionTicketMsgTLS13 struct {
+ raw []byte
+ lifetime uint32
+ ageAdd uint32
+ nonce []byte
+ label []byte
+ maxEarlyData uint32
+}
+
+func (m *newSessionTicketMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeNewSessionTicket)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.lifetime)
+ b.AddUint32(m.ageAdd)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.nonce)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.label)
+ })
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.maxEarlyData > 0 {
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.maxEarlyData)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *newSessionTicketMsgTLS13) unmarshal(data []byte) bool {
+ *m = newSessionTicketMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint32(&m.lifetime) ||
+ !s.ReadUint32(&m.ageAdd) ||
+ !readUint8LengthPrefixed(&s, &m.nonce) ||
+ !readUint16LengthPrefixed(&s, &m.label) ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionEarlyData:
+ if !extData.ReadUint32(&m.maxEarlyData) {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateRequestMsgTLS13 struct {
+ raw []byte
+ ocspStapling bool
+ scts bool
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateRequest)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ // certificate_request_context (SHALL be zero length unless used for
+ // post-handshake authentication)
+ b.AddUint8(0)
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.scts {
+ // RFC 8446, Section 4.4.2.1 makes no mention of
+ // signed_certificate_timestamp in CertificateRequest, but
+ // "Extensions in the Certificate message from the client MUST
+ // correspond to extensions in the CertificateRequest message
+ // from the server." and it appears in the table in Section 4.2.
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.certificateAuthorities) > 0 {
+ b.AddUint16(extensionCertificateAuthorities)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ca := range m.certificateAuthorities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ca)
+ })
+ }
+ })
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateRequestMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateRequestMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context, extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSCT:
+ m.scts = true
+ case extensionSignatureAlgorithms:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionCertificateAuthorities:
+ var auths cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&auths) || auths.Empty() {
+ return false
+ }
+ for !auths.Empty() {
+ var ca []byte
+ if !readUint16LengthPrefixed(&auths, &ca) || len(ca) == 0 {
+ return false
+ }
+ m.certificateAuthorities = append(m.certificateAuthorities, ca)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateMsg struct {
+ raw []byte
+ certificates [][]byte
+}
+
+func (m *certificateMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var i int
+ for _, slice := range m.certificates {
+ i += len(slice)
+ }
+
+ length := 3 + 3*len(m.certificates) + i
+ x = make([]byte, 4+length)
+ x[0] = typeCertificate
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ certificateOctets := length - 3
+ x[4] = uint8(certificateOctets >> 16)
+ x[5] = uint8(certificateOctets >> 8)
+ x[6] = uint8(certificateOctets)
+
+ y := x[7:]
+ for _, slice := range m.certificates {
+ y[0] = uint8(len(slice) >> 16)
+ y[1] = uint8(len(slice) >> 8)
+ y[2] = uint8(len(slice))
+ copy(y[3:], slice)
+ y = y[3+len(slice):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateMsg) unmarshal(data []byte) bool {
+ if len(data) < 7 {
+ return false
+ }
+
+ m.raw = data
+ certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6])
+ if uint32(len(data)) != certsLen+7 {
+ return false
+ }
+
+ numCerts := 0
+ d := data[7:]
+ for certsLen > 0 {
+ if len(d) < 4 {
+ return false
+ }
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ if uint32(len(d)) < 3+certLen {
+ return false
+ }
+ d = d[3+certLen:]
+ certsLen -= 3 + certLen
+ numCerts++
+ }
+
+ m.certificates = make([][]byte, numCerts)
+ d = data[7:]
+ for i := 0; i < numCerts; i++ {
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ m.certificates[i] = d[3 : 3+certLen]
+ d = d[3+certLen:]
+ }
+
+ return true
+}
+
+type certificateMsgTLS13 struct {
+ raw []byte
+ certificate Certificate
+ ocspStapling bool
+ scts bool
+}
+
+func (m *certificateMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // certificate_request_context
+
+ certificate := m.certificate
+ if !m.ocspStapling {
+ certificate.OCSPStaple = nil
+ }
+ if !m.scts {
+ certificate.SignedCertificateTimestamps = nil
+ }
+ marshalCertificate(b, certificate)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func marshalCertificate(b *cryptobyte.Builder, certificate Certificate) {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for i, cert := range certificate.Certificate {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if i > 0 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ return
+ }
+ if certificate.OCSPStaple != nil {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(certificate.OCSPStaple)
+ })
+ })
+ }
+ if certificate.SignedCertificateTimestamps != nil {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range certificate.SignedCertificateTimestamps {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ })
+ }
+ })
+}
+
+func (m *certificateMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !unmarshalCertificate(&s, &m.certificate) ||
+ !s.Empty() {
+ return false
+ }
+
+ m.scts = m.certificate.SignedCertificateTimestamps != nil
+ m.ocspStapling = m.certificate.OCSPStaple != nil
+
+ return true
+}
+
+func unmarshalCertificate(s *cryptobyte.String, certificate *Certificate) bool {
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ var extensions cryptobyte.String
+ if !readUint24LengthPrefixed(&certList, &cert) ||
+ !certList.ReadUint16LengthPrefixed(&extensions) {
+ return false
+ }
+ certificate.Certificate = append(certificate.Certificate, cert)
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+ if len(certificate.Certificate) > 1 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ continue
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ var statusType uint8
+ if !extData.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&extData, &certificate.OCSPStaple) ||
+ len(certificate.OCSPStaple) == 0 {
+ return false
+ }
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ certificate.SignedCertificateTimestamps = append(
+ certificate.SignedCertificateTimestamps, sct)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+ }
+ return true
+}
+
+type serverKeyExchangeMsg struct {
+ raw []byte
+ key []byte
+}
+
+func (m *serverKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.key)
+ x := make([]byte, length+4)
+ x[0] = typeServerKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.key)
+
+ m.raw = x
+ return x
+}
+
+func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ m.key = data[4:]
+ return true
+}
+
+type certificateStatusMsg struct {
+ raw []byte
+ response []byte
+}
+
+func (m *certificateStatusMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateStatus)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.response)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateStatusMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var statusType uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&s, &m.response) ||
+ len(m.response) == 0 || !s.Empty() {
+ return false
+ }
+ return true
+}
+
+type serverHelloDoneMsg struct{}
+
+func (m *serverHelloDoneMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeServerHelloDone
+ return x
+}
+
+func (m *serverHelloDoneMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type clientKeyExchangeMsg struct {
+ raw []byte
+ ciphertext []byte
+}
+
+func (m *clientKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.ciphertext)
+ x := make([]byte, length+4)
+ x[0] = typeClientKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.ciphertext)
+
+ m.raw = x
+ return x
+}
+
+func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ l := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if l != len(data)-4 {
+ return false
+ }
+ m.ciphertext = data[4:]
+ return true
+}
+
+type finishedMsg struct {
+ raw []byte
+ verifyData []byte
+}
+
+func (m *finishedMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeFinished)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.verifyData)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *finishedMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+ return s.Skip(1) &&
+ readUint24LengthPrefixed(&s, &m.verifyData) &&
+ s.Empty()
+}
+
+type certificateRequestMsg struct {
+ raw []byte
+ // hasSignatureAlgorithm indicates whether this message includes a list of
+ // supported signature algorithms. This change was introduced with TLS 1.2.
+ hasSignatureAlgorithm bool
+
+ certificateTypes []byte
+ supportedSignatureAlgorithms []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 4346, Section 7.4.4.
+ length := 1 + len(m.certificateTypes) + 2
+ casLength := 0
+ for _, ca := range m.certificateAuthorities {
+ casLength += 2 + len(ca)
+ }
+ length += casLength
+
+ if m.hasSignatureAlgorithm {
+ length += 2 + 2*len(m.supportedSignatureAlgorithms)
+ }
+
+ x = make([]byte, 4+length)
+ x[0] = typeCertificateRequest
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ x[4] = uint8(len(m.certificateTypes))
+
+ copy(x[5:], m.certificateTypes)
+ y := x[5+len(m.certificateTypes):]
+
+ if m.hasSignatureAlgorithm {
+ n := len(m.supportedSignatureAlgorithms) * 2
+ y[0] = uint8(n >> 8)
+ y[1] = uint8(n)
+ y = y[2:]
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ y[0] = uint8(sigAlgo >> 8)
+ y[1] = uint8(sigAlgo)
+ y = y[2:]
+ }
+ }
+
+ y[0] = uint8(casLength >> 8)
+ y[1] = uint8(casLength)
+ y = y[2:]
+ for _, ca := range m.certificateAuthorities {
+ y[0] = uint8(len(ca) >> 8)
+ y[1] = uint8(len(ca))
+ y = y[2:]
+ copy(y, ca)
+ y = y[len(ca):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateRequestMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 5 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ numCertTypes := int(data[4])
+ data = data[5:]
+ if numCertTypes == 0 || len(data) <= numCertTypes {
+ return false
+ }
+
+ m.certificateTypes = make([]byte, numCertTypes)
+ if copy(m.certificateTypes, data) != numCertTypes {
+ return false
+ }
+
+ data = data[numCertTypes:]
+
+ if m.hasSignatureAlgorithm {
+ if len(data) < 2 {
+ return false
+ }
+ sigAndHashLen := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if sigAndHashLen&1 != 0 {
+ return false
+ }
+ if len(data) < int(sigAndHashLen) {
+ return false
+ }
+ numSigAlgos := sigAndHashLen / 2
+ m.supportedSignatureAlgorithms = make([]SignatureScheme, numSigAlgos)
+ for i := range m.supportedSignatureAlgorithms {
+ m.supportedSignatureAlgorithms[i] = SignatureScheme(data[0])<<8 | SignatureScheme(data[1])
+ data = data[2:]
+ }
+ }
+
+ if len(data) < 2 {
+ return false
+ }
+ casLength := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if len(data) < int(casLength) {
+ return false
+ }
+ cas := make([]byte, casLength)
+ copy(cas, data)
+ data = data[casLength:]
+
+ m.certificateAuthorities = nil
+ for len(cas) > 0 {
+ if len(cas) < 2 {
+ return false
+ }
+ caLen := uint16(cas[0])<<8 | uint16(cas[1])
+ cas = cas[2:]
+
+ if len(cas) < int(caLen) {
+ return false
+ }
+
+ m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen])
+ cas = cas[caLen:]
+ }
+
+ return len(data) == 0
+}
+
+type certificateVerifyMsg struct {
+ raw []byte
+ hasSignatureAlgorithm bool // format change introduced in TLS 1.2
+ signatureAlgorithm SignatureScheme
+ signature []byte
+}
+
+func (m *certificateVerifyMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateVerify)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.hasSignatureAlgorithm {
+ b.AddUint16(uint16(m.signatureAlgorithm))
+ }
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.signature)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateVerifyMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) { // message type and uint24 length field
+ return false
+ }
+ if m.hasSignatureAlgorithm {
+ if !s.ReadUint16((*uint16)(&m.signatureAlgorithm)) {
+ return false
+ }
+ }
+ return readUint16LengthPrefixed(&s, &m.signature) && s.Empty()
+}
+
+type newSessionTicketMsg struct {
+ raw []byte
+ ticket []byte
+}
+
+func (m *newSessionTicketMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 5077, Section 3.3.
+ ticketLen := len(m.ticket)
+ length := 2 + 4 + ticketLen
+ x = make([]byte, 4+length)
+ x[0] = typeNewSessionTicket
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ x[8] = uint8(ticketLen >> 8)
+ x[9] = uint8(ticketLen)
+ copy(x[10:], m.ticket)
+
+ m.raw = x
+
+ return
+}
+
+func (m *newSessionTicketMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 10 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ ticketLen := int(data[8])<<8 + int(data[9])
+ if len(data)-10 != ticketLen {
+ return false
+ }
+
+ m.ticket = data[10:]
+
+ return true
+}
+
+type helloRequestMsg struct {
+}
+
+func (*helloRequestMsg) marshal() []byte {
+ return []byte{typeHelloRequest, 0, 0, 0}
+}
+
+func (*helloRequestMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server.go b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server.go
new file mode 100644
index 00000000..5d39cc8f
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server.go
@@ -0,0 +1,878 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// serverHandshakeState contains details of a server handshake in progress.
+// It's discarded once the handshake has completed.
+type serverHandshakeState struct {
+ c *Conn
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ suite *cipherSuite
+ ecdheOk bool
+ ecSignOk bool
+ rsaDecryptOk bool
+ rsaSignOk bool
+ sessionState *sessionState
+ finishedHash finishedHash
+ masterSecret []byte
+ cert *Certificate
+}
+
+// serverHandshake performs a TLS handshake as a server.
+func (c *Conn) serverHandshake() error {
+ c.setAlternativeRecordLayer()
+
+ clientHello, err := c.readClientHello()
+ if err != nil {
+ return err
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := serverHandshakeStateTLS13{
+ c: c,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+ } else if c.extraConfig.usesAlternativeRecordLayer() {
+ // This should already have been caught by the check that the ClientHello doesn't
+ // offer any (supported) versions older than TLS 1.3.
+ // Check again to make sure we can't be tricked into using an older version.
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: negotiated TLS < 1.3 when using QUIC")
+ }
+
+ hs := serverHandshakeState{
+ c: c,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+}
+
+func (hs *serverHandshakeState) handshake() error {
+ c := hs.c
+
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+
+ // For an overview of TLS handshaking, see RFC 5246, Section 7.3.
+ c.buffering = true
+ if hs.checkForResumption() {
+ // The client has included a session ticket and so we do an abbreviated handshake.
+ c.didResume = true
+ if err := hs.doResumeHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ if err := hs.readFinished(nil); err != nil {
+ return err
+ }
+ } else {
+ // The client didn't include a session ticket, or it wasn't
+ // valid so we do a full handshake.
+ if err := hs.pickCipherSuite(); err != nil {
+ return err
+ }
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ c.buffering = true
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(nil); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// readClientHello reads a ClientHello message and selects the protocol version.
+func (c *Conn) readClientHello() (*clientHelloMsg, error) {
+ msg, err := c.readHandshake()
+ if err != nil {
+ return nil, err
+ }
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return nil, unexpectedMessageError(clientHello, msg)
+ }
+
+ var configForClient *config
+ originalConfig := c.config
+ if c.config.GetConfigForClient != nil {
+ chi := newClientHelloInfo(c, clientHello)
+ if cfc, err := c.config.GetConfigForClient(chi); err != nil {
+ c.sendAlert(alertInternalError)
+ return nil, err
+ } else if cfc != nil {
+ configForClient = fromConfig(cfc)
+ c.config = configForClient
+ }
+ }
+ c.ticketKeys = originalConfig.ticketKeys(configForClient)
+
+ clientVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ clientVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ // In QUIC, the client MUST NOT offer any old TLS versions.
+ // Here, we can only check that none of the other supported versions of this library
+ // (TLS 1.0 - TLS 1.2) is offered. We don't check for any SSL versions here.
+ for _, ver := range clientVersions {
+ if ver == VersionTLS13 {
+ continue
+ }
+ for _, v := range supportedVersions {
+ if ver == v {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered old TLS version %#x", ver)
+ }
+ }
+ }
+ // Make the config we're using allows us to use TLS 1.3.
+ if c.config.maxSupportedVersion() < VersionTLS13 {
+ c.sendAlert(alertInternalError)
+ return nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ }
+ c.vers, ok = c.config.mutualVersion(clientVersions)
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+ }
+ c.haveVers = true
+ c.in.version = c.vers
+ c.out.version = c.vers
+
+ return clientHello, nil
+}
+
+func (hs *serverHandshakeState) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.hello.vers = c.vers
+
+ foundCompression := false
+ // We only support null compression, so check that the client offered it.
+ for _, compression := range hs.clientHello.compressionMethods {
+ if compression == compressionNone {
+ foundCompression = true
+ break
+ }
+ }
+
+ if !foundCompression {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client does not support uncompressed connections")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ serverRandom := hs.hello.random
+ // Downgrade protection canaries. See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ if maxVers >= VersionTLS12 && c.vers < maxVers || testingOnlyForceDowngradeCanary {
+ if c.vers == VersionTLS12 {
+ copy(serverRandom[24:], downgradeCanaryTLS12)
+ } else {
+ copy(serverRandom[24:], downgradeCanaryTLS11)
+ }
+ serverRandom = serverRandom[:24]
+ }
+ _, err := io.ReadFull(c.config.rand(), serverRandom)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.secureRenegotiationSupported = hs.clientHello.secureRenegotiationSupported
+ hs.hello.compressionMethod = compressionNone
+ if len(hs.clientHello.serverName) > 0 {
+ c.serverName = hs.clientHello.serverName
+ }
+
+ if len(hs.clientHello.alpnProtocols) > 0 {
+ if selectedProto := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); selectedProto != "" {
+ hs.hello.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+ }
+ }
+
+ hs.cert, err = c.config.getCertificate(newClientHelloInfo(c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ if hs.clientHello.scts {
+ hs.hello.scts = hs.cert.SignedCertificateTimestamps
+ }
+
+ hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.clientHello.supportedPoints)
+
+ if hs.ecdheOk {
+ // Although omitting the ec_point_formats extension is permitted, some
+ // old OpenSSL version will refuse to handshake if not present.
+ //
+ // Per RFC 4492, section 5.1.2, implementations MUST support the
+ // uncompressed point format. See golang.org/issue/31943.
+ hs.hello.supportedPoints = []uint8{pointFormatUncompressed}
+ }
+
+ if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok {
+ switch priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ hs.ecSignOk = true
+ case ed25519.PublicKey:
+ hs.ecSignOk = true
+ case *rsa.PublicKey:
+ hs.rsaSignOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported signing key type (%T)", priv.Public())
+ }
+ }
+ if priv, ok := hs.cert.PrivateKey.(crypto.Decrypter); ok {
+ switch priv.Public().(type) {
+ case *rsa.PublicKey:
+ hs.rsaDecryptOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported decryption key type (%T)", priv.Public())
+ }
+ }
+
+ return nil
+}
+
+// supportsECDHE returns whether ECDHE key exchanges can be used with this
+// pre-TLS 1.3 client.
+func supportsECDHE(c *config, supportedCurves []CurveID, supportedPoints []uint8) bool {
+ supportsCurve := false
+ for _, curve := range supportedCurves {
+ if c.supportsCurve(curve) {
+ supportsCurve = true
+ break
+ }
+ }
+
+ supportsPointFormat := false
+ for _, pointFormat := range supportedPoints {
+ if pointFormat == pointFormatUncompressed {
+ supportsPointFormat = true
+ break
+ }
+ }
+
+ return supportsCurve && supportsPointFormat
+}
+
+func (hs *serverHandshakeState) pickCipherSuite() error {
+ c := hs.c
+
+ var preferenceList, supportedList []uint16
+ if c.config.PreferServerCipherSuites {
+ preferenceList = c.config.cipherSuites()
+ supportedList = hs.clientHello.cipherSuites
+
+ // If the client does not seem to have hardware support for AES-GCM,
+ // and the application did not specify a cipher suite preference order,
+ // prefer other AEAD ciphers even if we prioritized AES-GCM ciphers
+ // by default.
+ if c.config.CipherSuites == nil && !aesgcmPreferred(hs.clientHello.cipherSuites) {
+ preferenceList = deprioritizeAES(preferenceList)
+ }
+ } else {
+ preferenceList = hs.clientHello.cipherSuites
+ supportedList = c.config.cipherSuites()
+
+ // If we don't have hardware support for AES-GCM, prefer other AEAD
+ // ciphers even if the client prioritized AES-GCM.
+ if !hasAESGCMHardwareSupport {
+ preferenceList = deprioritizeAES(preferenceList)
+ }
+ }
+
+ hs.suite = selectCipherSuite(preferenceList, supportedList, hs.cipherSuiteOk)
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // The client is doing a fallback connection. See RFC 7507.
+ if hs.clientHello.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) cipherSuiteOk(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ if !hs.ecdheOk {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !hs.ecSignOk {
+ return false
+ }
+ } else if !hs.rsaSignOk {
+ return false
+ }
+ } else if !hs.rsaDecryptOk {
+ return false
+ }
+ if hs.c.vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+}
+
+// checkForResumption reports whether we should perform resumption on this connection.
+func (hs *serverHandshakeState) checkForResumption() bool {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ plaintext, usedOldKey := c.decryptTicket(hs.clientHello.sessionTicket)
+ if plaintext == nil {
+ return false
+ }
+ hs.sessionState = &sessionState{usedOldKey: usedOldKey}
+ ok := hs.sessionState.unmarshal(plaintext)
+ if !ok {
+ return false
+ }
+
+ createdAt := time.Unix(int64(hs.sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ return false
+ }
+
+ // Never resume a session for a different TLS version.
+ if c.vers != hs.sessionState.vers {
+ return false
+ }
+
+ cipherSuiteOk := false
+ // Check that the client is still offering the ciphersuite in the session.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == hs.sessionState.cipherSuite {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return false
+ }
+
+ // Check that we also support the ciphersuite from the session.
+ hs.suite = selectCipherSuite([]uint16{hs.sessionState.cipherSuite},
+ c.config.cipherSuites(), hs.cipherSuiteOk)
+ if hs.suite == nil {
+ return false
+ }
+
+ sessionHasClientCerts := len(hs.sessionState.certificates) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ return false
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ return false
+ }
+
+ return true
+}
+
+func (hs *serverHandshakeState) doResumeHandshake() error {
+ c := hs.c
+
+ hs.hello.cipherSuite = hs.suite.id
+ c.cipherSuite = hs.suite.id
+ // We echo the client's session ID in the ServerHello to let it know
+ // that we're doing a resumption.
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.ticketSupported = hs.sessionState.usedOldKey
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+ hs.finishedHash.discardHandshakeBuffer()
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: hs.sessionState.certificates,
+ }); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ hs.masterSecret = hs.sessionState.masterSecret
+
+ return nil
+}
+
+func (hs *serverHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 {
+ hs.hello.ocspStapling = true
+ }
+
+ hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled
+ hs.hello.cipherSuite = hs.suite.id
+
+ hs.finishedHash = newFinishedHash(hs.c.vers, hs.suite)
+ if c.config.ClientAuth == NoClientCert {
+ // No need to keep a full record of the handshake if client
+ // certificates won't be used.
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsg)
+ certMsg.certificates = hs.cert.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ if hs.hello.ocspStapling {
+ certStatus := new(certificateStatusMsg)
+ certStatus.response = hs.cert.OCSPStaple
+ hs.finishedHash.Write(certStatus.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certStatus.marshal()); err != nil {
+ return err
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+ skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ if skx != nil {
+ hs.finishedHash.Write(skx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, skx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ var certReq *certificateRequestMsg
+ if c.config.ClientAuth >= RequestClientCert {
+ // Request a client certificate
+ certReq = new(certificateRequestMsg)
+ certReq.certificateTypes = []byte{
+ byte(certTypeRSASign),
+ byte(certTypeECDSASign),
+ }
+ if c.vers >= VersionTLS12 {
+ certReq.hasSignatureAlgorithm = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ // An empty list of certificateAuthorities signals to
+ // the client that it may send any certificate in response
+ // to our request. When we know the CAs we trust, then
+ // we can send them down, so that the client can choose
+ // an appropriate certificate to give to us.
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+ hs.finishedHash.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ helloDone := new(serverHelloDoneMsg)
+ hs.finishedHash.Write(helloDone.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloDone.marshal()); err != nil {
+ return err
+ }
+
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ var pub crypto.PublicKey // public key for client auth, if any
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message, even if it's empty.
+ if c.config.ClientAuth >= RequestClientCert {
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: certMsg.certificates,
+ }); err != nil {
+ return err
+ }
+ if len(certMsg.certificates) != 0 {
+ pub = c.peerCertificates[0].PublicKey
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ // Get client key exchange
+ ckx, ok := msg.(*clientKeyExchangeMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(ckx, msg)
+ }
+ hs.finishedHash.Write(ckx.marshal())
+
+ preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx, c.vers)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.clientHello.random, hs.hello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ // If we received a client cert in response to our certificate request message,
+ // the client will send us a certificateVerifyMsg immediately after the
+ // clientKeyExchangeMsg. This message is a digest of all preceding
+ // handshake-layer messages that is signed using the private key corresponding
+ // to the client's certificate. This allows us to verify that the client is in
+ // possession of the private key of the certificate.
+ if len(c.peerCertificates) > 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, certReq.supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(pub)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ if err := verifyHandshakeSignature(sigType, pub, sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *serverHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash hash.Hash
+
+ if hs.suite.aead == nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, true /* for reading */)
+ clientHash = hs.suite.mac(clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, false /* not for reading */)
+ serverHash = hs.suite.mac(serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ c.out.prepareCipherSpec(c.vers, serverCipher, serverHash)
+
+ return nil
+}
+
+func (hs *serverHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ clientFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientFinished, msg)
+ }
+
+ verify := hs.finishedHash.clientSum(hs.masterSecret)
+ if len(verify) != len(clientFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client's Finished message is incorrect")
+ }
+
+ hs.finishedHash.Write(clientFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *serverHandshakeState) sendSessionTicket() error {
+ // ticketSupported is set in a resumption handshake if the
+ // ticket from the client was encrypted with an old session
+ // ticket key and thus a refreshed ticket should be sent.
+ if !hs.hello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ m := new(newSessionTicketMsg)
+
+ createdAt := uint64(c.config.time().Unix())
+ if hs.sessionState != nil {
+ // If this is re-wrapping an old key, then keep
+ // the original time it was created.
+ createdAt = hs.sessionState.createdAt
+ }
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionState{
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ createdAt: createdAt,
+ masterSecret: hs.masterSecret,
+ certificates: certsFromClient,
+ }
+ var err error
+ m.ticket, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash.Write(m.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.serverSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ copy(out, finished.verifyData)
+
+ return nil
+}
+
+// processCertsFromClient takes a chain of client certificates either from a
+// Certificates message or from a sessionState and verifies them. It returns
+// the public key of the leaf certificate.
+func (c *Conn) processCertsFromClient(certificate Certificate) error {
+ certificates := certificate.Certificate
+ certs := make([]*x509.Certificate, len(certificates))
+ var err error
+ for i, asn1Data := range certificates {
+ if certs[i], err = x509.ParseCertificate(asn1Data); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse client certificate: " + err.Error())
+ }
+ }
+
+ if len(certs) == 0 && requiresClientCert(c.config.ClientAuth) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: client didn't provide a certificate")
+ }
+
+ if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 {
+ opts := x509.VerifyOptions{
+ Roots: c.config.ClientCAs,
+ CurrentTime: c.config.time(),
+ Intermediates: x509.NewCertPool(),
+ KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
+ }
+
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+
+ chains, err := certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to verify client certificate: " + err.Error())
+ }
+
+ c.verifiedChains = chains
+ }
+
+ c.peerCertificates = certs
+ c.ocspResponse = certificate.OCSPStaple
+ c.scts = certificate.SignedCertificateTimestamps
+
+ if len(certs) > 0 {
+ switch certs[0].PublicKey.(type) {
+ case *ecdsa.PublicKey, *rsa.PublicKey, ed25519.PublicKey:
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: client certificate contains an unsupported public key of type %T", certs[0].PublicKey)
+ }
+ }
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+func newClientHelloInfo(c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo {
+ supportedVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ supportedVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+
+ return toClientHelloInfo(&clientHelloInfo{
+ CipherSuites: clientHello.cipherSuites,
+ ServerName: clientHello.serverName,
+ SupportedCurves: clientHello.supportedCurves,
+ SupportedPoints: clientHello.supportedPoints,
+ SignatureSchemes: clientHello.supportedSignatureAlgorithms,
+ SupportedProtos: clientHello.alpnProtocols,
+ SupportedVersions: supportedVersions,
+ Conn: c.conn,
+ config: toConfig(c.config),
+ })
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server_tls13.go
new file mode 100644
index 00000000..e1ab918d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/handshake_server_tls13.go
@@ -0,0 +1,912 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// maxClientPSKIdentities is the number of client PSK identities the server will
+// attempt to validate. It will ignore the rest not to let cheap ClientHello
+// messages cause too much work in session ticket decryption attempts.
+const maxClientPSKIdentities = 5
+
+type serverHandshakeStateTLS13 struct {
+ c *Conn
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ encryptedExtensions *encryptedExtensionsMsg
+ sentDummyCCS bool
+ usingPSK bool
+ suite *cipherSuiteTLS13
+ cert *Certificate
+ sigAlg SignatureScheme
+ earlySecret []byte
+ sharedKey []byte
+ handshakeSecret []byte
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+ transcript hash.Hash
+ clientFinished []byte
+}
+
+func (hs *serverHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // For an overview of the TLS 1.3 handshake, see RFC 8446, Section 2.
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+ if err := hs.checkForResumption(); err != nil {
+ return err
+ }
+ if err := hs.pickCertificate(); err != nil {
+ return err
+ }
+ c.buffering = true
+ if err := hs.sendServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.sendServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendServerFinished(); err != nil {
+ return err
+ }
+ // Note that at this point we could start sending application data without
+ // waiting for the client's second flight, but the application might not
+ // expect the lack of replay protection of the ClientHello parameters.
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ if err := hs.readClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readClientFinished(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.encryptedExtensions = new(encryptedExtensionsMsg)
+
+ // TLS 1.3 froze the ServerHello.legacy_version field, and uses
+ // supported_versions instead. See RFC 8446, sections 4.1.3 and 4.2.1.
+ hs.hello.vers = VersionTLS12
+ hs.hello.supportedVersion = c.vers
+
+ if len(hs.clientHello.supportedVersions) == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client used the legacy version field to negotiate TLS 1.3")
+ }
+
+ // Abort if the client is doing a fallback and landing lower than what we
+ // support. See RFC 7507, which however does not specify the interaction
+ // with supported_versions. The only difference is that with
+ // supported_versions a client has a chance to attempt a [TLS 1.2, TLS 1.4]
+ // handshake in case TLS 1.3 is broken but 1.2 is not. Alas, in that case,
+ // it will have to drop the TLS_FALLBACK_SCSV protection if it falls back to
+ // TLS 1.2, because a TLS 1.3 server would abort here. The situation before
+ // supported_versions was not better because there was just no way to do a
+ // TLS 1.4 handshake without risking the server selecting TLS 1.3.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // Use c.vers instead of max(supported_versions) because an attacker
+ // could defeat this by adding an arbitrary high version otherwise.
+ if c.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ if len(hs.clientHello.compressionMethods) != 1 ||
+ hs.clientHello.compressionMethods[0] != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: TLS 1.3 client supports illegal compression methods")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ if _, err := io.ReadFull(c.config.rand(), hs.hello.random); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.compressionMethod = compressionNone
+
+ var preferenceList, supportedList, ourList []uint16
+ var useConfiguredCipherSuites bool
+ for _, suiteID := range c.config.CipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ ourList = append(ourList, suiteID)
+ break
+ }
+ }
+ }
+ if len(ourList) > 0 {
+ useConfiguredCipherSuites = true
+ } else {
+ ourList = defaultCipherSuitesTLS13()
+ }
+ if c.config.PreferServerCipherSuites {
+ preferenceList = ourList
+ supportedList = hs.clientHello.cipherSuites
+
+ // If the client does not seem to have hardware support for AES-GCM,
+ // prefer other AEAD ciphers even if we prioritized AES-GCM ciphers
+ // by default.
+ if !useConfiguredCipherSuites && !aesgcmPreferred(hs.clientHello.cipherSuites) {
+ preferenceList = deprioritizeAES(preferenceList)
+ }
+ } else {
+ preferenceList = hs.clientHello.cipherSuites
+ supportedList = ourList
+
+ // If we don't have hardware support for AES-GCM, prefer other AEAD
+ // ciphers even if the client prioritized AES-GCM.
+ if !hasAESGCMHardwareSupport {
+ preferenceList = deprioritizeAES(preferenceList)
+ }
+ }
+ for _, suiteID := range preferenceList {
+ hs.suite = mutualCipherSuiteTLS13(supportedList, suiteID)
+ if hs.suite != nil {
+ break
+ }
+ }
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+ hs.hello.cipherSuite = hs.suite.id
+ hs.transcript = hs.suite.hash.New()
+
+ // Pick the ECDHE group in server preference order, but give priority to
+ // groups with a key share, to avoid a HelloRetryRequest round-trip.
+ var selectedGroup CurveID
+ var clientKeyShare *keyShare
+GroupSelection:
+ for _, preferredGroup := range c.config.curvePreferences() {
+ for _, ks := range hs.clientHello.keyShares {
+ if ks.group == preferredGroup {
+ selectedGroup = ks.group
+ clientKeyShare = &ks
+ break GroupSelection
+ }
+ }
+ if selectedGroup != 0 {
+ continue
+ }
+ for _, group := range hs.clientHello.supportedCurves {
+ if group == preferredGroup {
+ selectedGroup = group
+ break
+ }
+ }
+ }
+ if selectedGroup == 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no ECDHE curve supported by both client and server")
+ }
+ if clientKeyShare == nil {
+ if err := hs.doHelloRetryRequest(selectedGroup); err != nil {
+ return err
+ }
+ clientKeyShare = &hs.clientHello.keyShares[0]
+ }
+
+ if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), selectedGroup)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()}
+ hs.sharedKey = params.SharedKey(clientKeyShare.data)
+ if hs.sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid client key share")
+ }
+
+ c.serverName = hs.clientHello.serverName
+
+ if c.extraConfig != nil && c.extraConfig.ReceivedExtensions != nil {
+ c.extraConfig.ReceivedExtensions(typeClientHello, hs.clientHello.additionalExtensions)
+ }
+
+ if len(hs.clientHello.alpnProtocols) > 0 {
+ if selectedProto := mutualProtocol(hs.clientHello.alpnProtocols, c.config.NextProtos); selectedProto != "" {
+ hs.encryptedExtensions.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) checkForResumption() error {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return nil
+ }
+
+ modeOK := false
+ for _, mode := range hs.clientHello.pskModes {
+ if mode == pskModeDHE {
+ modeOK = true
+ break
+ }
+ }
+ if !modeOK {
+ return nil
+ }
+
+ if len(hs.clientHello.pskIdentities) != len(hs.clientHello.pskBinders) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid or missing PSK binders")
+ }
+ if len(hs.clientHello.pskIdentities) == 0 {
+ return nil
+ }
+
+ for i, identity := range hs.clientHello.pskIdentities {
+ if i >= maxClientPSKIdentities {
+ break
+ }
+
+ plaintext, _ := c.decryptTicket(identity.label)
+ if plaintext == nil {
+ continue
+ }
+ sessionState := new(sessionStateTLS13)
+ if ok := sessionState.unmarshal(plaintext); !ok {
+ continue
+ }
+
+ if hs.clientHello.earlyData {
+ if sessionState.maxEarlyData == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: client sent unexpected early data")
+ }
+
+ if sessionState.alpn == c.clientProtocol &&
+ c.extraConfig != nil && c.extraConfig.MaxEarlyData > 0 &&
+ c.extraConfig.Accept0RTT != nil && c.extraConfig.Accept0RTT(sessionState.appData) {
+ hs.encryptedExtensions.earlyData = true
+ c.used0RTT = true
+ }
+ }
+
+ createdAt := time.Unix(int64(sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ continue
+ }
+
+ // We don't check the obfuscated ticket age because it's affected by
+ // clock skew and it's only a freshness signal useful for shrinking the
+ // window for replay attacks, which don't affect us as we don't do 0-RTT.
+
+ pskSuite := cipherSuiteTLS13ByID(sessionState.cipherSuite)
+ if pskSuite == nil || pskSuite.hash != hs.suite.hash {
+ continue
+ }
+
+ // PSK connections don't re-establish client certificates, but carry
+ // them over in the session ticket. Ensure the presence of client certs
+ // in the ticket is consistent with the configured requirements.
+ sessionHasClientCerts := len(sessionState.certificate.Certificate) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ continue
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ continue
+ }
+
+ psk := hs.suite.expandLabel(sessionState.resumptionSecret, "resumption",
+ nil, hs.suite.hash.Size())
+ hs.earlySecret = hs.suite.extract(psk, nil)
+ binderKey := hs.suite.deriveSecret(hs.earlySecret, resumptionBinderLabel, nil)
+ // Clone the transcript in case a HelloRetryRequest was recorded.
+ transcript := cloneHash(hs.transcript, hs.suite.hash)
+ if transcript == nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: internal error: failed to clone hash")
+ }
+ transcript.Write(hs.clientHello.marshalWithoutBinders())
+ pskBinder := hs.suite.finishedHash(binderKey, transcript)
+ if !hmac.Equal(hs.clientHello.pskBinders[i], pskBinder) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid PSK binder")
+ }
+
+ c.didResume = true
+ if err := c.processCertsFromClient(sessionState.certificate); err != nil {
+ return err
+ }
+
+ h := cloneHash(hs.transcript, hs.suite.hash)
+ h.Write(hs.clientHello.marshal())
+ if hs.encryptedExtensions.earlyData {
+ clientEarlySecret := hs.suite.deriveSecret(hs.earlySecret, "c e traffic", h)
+ c.in.exportKey(Encryption0RTT, hs.suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hs.clientHello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+
+ hs.hello.selectedIdentityPresent = true
+ hs.hello.selectedIdentity = uint16(i)
+ hs.usingPSK = true
+ return nil
+ }
+
+ return nil
+}
+
+// cloneHash uses the encoding.BinaryMarshaler and encoding.BinaryUnmarshaler
+// interfaces implemented by standard library hashes to clone the state of in
+// to a new instance of h. It returns nil if the operation fails.
+func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+ // Recreate the interface to avoid importing encoding.
+ type binaryMarshaler interface {
+ MarshalBinary() (data []byte, err error)
+ UnmarshalBinary(data []byte) error
+ }
+ marshaler, ok := in.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ state, err := marshaler.MarshalBinary()
+ if err != nil {
+ return nil
+ }
+ out := h.New()
+ unmarshaler, ok := out.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ if err := unmarshaler.UnmarshalBinary(state); err != nil {
+ return nil
+ }
+ return out
+}
+
+func (hs *serverHandshakeStateTLS13) pickCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ // signature_algorithms is required in TLS 1.3. See RFC 8446, Section 4.2.3.
+ if len(hs.clientHello.supportedSignatureAlgorithms) == 0 {
+ return c.sendAlert(alertMissingExtension)
+ }
+
+ certificate, err := c.config.getCertificate(newClientHelloInfo(c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ hs.sigAlg, err = selectSignatureScheme(c.vers, certificate, hs.clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ // getCertificate returned a certificate that is unsupported or
+ // incompatible with the client's signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.cert = certificate
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *serverHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. See RFC 8446, Section 4.4.1.
+ hs.transcript.Write(hs.clientHello.marshal())
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+
+ helloRetryRequest := &serverHelloMsg{
+ vers: hs.hello.vers,
+ random: helloRetryRequestRandom,
+ sessionId: hs.hello.sessionId,
+ cipherSuite: hs.hello.cipherSuite,
+ compressionMethod: hs.hello.compressionMethod,
+ supportedVersion: hs.hello.supportedVersion,
+ selectedGroup: selectedGroup,
+ }
+
+ hs.transcript.Write(helloRetryRequest.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientHello, msg)
+ }
+
+ if len(clientHello.keyShares) != 1 || clientHello.keyShares[0].group != selectedGroup {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client sent invalid key share in second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client indicated early data in second ClientHello")
+ }
+
+ if illegalClientHelloChange(clientHello, hs.clientHello) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client illegally modified second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client offered 0-RTT data in second ClientHello")
+ }
+
+ hs.clientHello = clientHello
+ return nil
+}
+
+// illegalClientHelloChange reports whether the two ClientHello messages are
+// different, with the exception of the changes allowed before and after a
+// HelloRetryRequest. See RFC 8446, Section 4.1.2.
+func illegalClientHelloChange(ch, ch1 *clientHelloMsg) bool {
+ if len(ch.supportedVersions) != len(ch1.supportedVersions) ||
+ len(ch.cipherSuites) != len(ch1.cipherSuites) ||
+ len(ch.supportedCurves) != len(ch1.supportedCurves) ||
+ len(ch.supportedSignatureAlgorithms) != len(ch1.supportedSignatureAlgorithms) ||
+ len(ch.supportedSignatureAlgorithmsCert) != len(ch1.supportedSignatureAlgorithmsCert) ||
+ len(ch.alpnProtocols) != len(ch1.alpnProtocols) {
+ return true
+ }
+ for i := range ch.supportedVersions {
+ if ch.supportedVersions[i] != ch1.supportedVersions[i] {
+ return true
+ }
+ }
+ for i := range ch.cipherSuites {
+ if ch.cipherSuites[i] != ch1.cipherSuites[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedCurves {
+ if ch.supportedCurves[i] != ch1.supportedCurves[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithms {
+ if ch.supportedSignatureAlgorithms[i] != ch1.supportedSignatureAlgorithms[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithmsCert {
+ if ch.supportedSignatureAlgorithmsCert[i] != ch1.supportedSignatureAlgorithmsCert[i] {
+ return true
+ }
+ }
+ for i := range ch.alpnProtocols {
+ if ch.alpnProtocols[i] != ch1.alpnProtocols[i] {
+ return true
+ }
+ }
+ return ch.vers != ch1.vers ||
+ !bytes.Equal(ch.random, ch1.random) ||
+ !bytes.Equal(ch.sessionId, ch1.sessionId) ||
+ !bytes.Equal(ch.compressionMethods, ch1.compressionMethods) ||
+ ch.serverName != ch1.serverName ||
+ ch.ocspStapling != ch1.ocspStapling ||
+ !bytes.Equal(ch.supportedPoints, ch1.supportedPoints) ||
+ ch.ticketSupported != ch1.ticketSupported ||
+ !bytes.Equal(ch.sessionTicket, ch1.sessionTicket) ||
+ ch.secureRenegotiationSupported != ch1.secureRenegotiationSupported ||
+ !bytes.Equal(ch.secureRenegotiation, ch1.secureRenegotiation) ||
+ ch.scts != ch1.scts ||
+ !bytes.Equal(ch.cookie, ch1.cookie) ||
+ !bytes.Equal(ch.pskModes, ch1.pskModes)
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
+ c := hs.c
+
+ if c.extraConfig != nil && c.extraConfig.EnforceNextProtoSelection && len(c.clientProtocol) == 0 {
+ c.sendAlert(alertNoApplicationProtocol)
+ return fmt.Errorf("ALPN negotiation failed. Client offered: %q", hs.clientHello.alpnProtocols)
+ }
+
+ hs.transcript.Write(hs.clientHello.marshal())
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ earlySecret := hs.earlySecret
+ if earlySecret == nil {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ hs.handshakeSecret = hs.suite.extract(hs.sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.in.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.clientHello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if hs.c.extraConfig != nil && hs.c.extraConfig.GetExtensions != nil {
+ hs.encryptedExtensions.additionalExtensions = hs.c.extraConfig.GetExtensions(typeEncryptedExtensions)
+ }
+
+ hs.transcript.Write(hs.encryptedExtensions.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.encryptedExtensions.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) requestClientCert() bool {
+ return hs.c.config.ClientAuth >= RequestClientCert && !hs.usingPSK
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ if hs.requestClientCert() {
+ // Request a client certificate
+ certReq := new(certificateRequestMsgTLS13)
+ certReq.ocspStapling = true
+ certReq.scts = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+
+ hs.transcript.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *hs.cert
+ certMsg.scts = hs.clientHello.scts && len(hs.cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+ certVerifyMsg.signatureAlgorithm = hs.sigAlg
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(hs.sigAlg)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := hs.cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ public := hs.cert.PrivateKey.(crypto.Signer).Public()
+ if rsaKey, ok := public.(*rsa.PublicKey); ok && sigType == signatureRSAPSS &&
+ rsaKey.N.BitLen()/8 < sigHash.Size()*2+2 { // key too small for RSA-PSS
+ c.sendAlert(alertHandshakeFailure)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(hs.handshakeSecret, "derived", nil))
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ // If we did not request client certificates, at this point we can
+ // precompute the client finished and roll the transcript forward to send
+ // session tickets in our first flight.
+ if !hs.requestClientCert() {
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) shouldSendSessionTickets() bool {
+ if hs.c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ // Don't send tickets the client wouldn't use. See RFC 8446, Section 4.2.9.
+ for _, pskMode := range hs.clientHello.pskModes {
+ if pskMode == pskModeDHE {
+ return true
+ }
+ }
+ return false
+}
+
+func (hs *serverHandshakeStateTLS13) sendSessionTickets() error {
+ c := hs.c
+
+ hs.clientFinished = hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ finishedMsg := &finishedMsg{
+ verifyData: hs.clientFinished,
+ }
+ hs.transcript.Write(finishedMsg.marshal())
+
+ if !hs.shouldSendSessionTickets() {
+ return nil
+ }
+
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+
+ // Don't send session tickets when the alternative record layer is set.
+ // Instead, save the resumption secret on the Conn.
+ // Session tickets can then be generated by calling Conn.GetSessionTicket().
+ if hs.c.extraConfig != nil && hs.c.extraConfig.AlternativeRecordLayer != nil {
+ return nil
+ }
+
+ m, err := hs.c.getSessionTicketMsg(nil)
+ if err != nil {
+ return err
+ }
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientCertificate() error {
+ c := hs.c
+
+ if !hs.requestClientCert() {
+ // Make sure the connection is still being verified whether or not
+ // the server requested a client certificate.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message. If it's empty, no CertificateVerify is sent.
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(certMsg.certificate); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if len(certMsg.certificate.Certificate) != 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+ }
+
+ // If we waited until the client certificates to send session tickets, we
+ // are ready to do it now.
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ if !hmac.Equal(hs.clientFinished, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid client finished hash")
+ }
+
+ c.in.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.in.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/key_agreement.go b/vendor/github.com/marten-seemann/qtls-go1-16/key_agreement.go
new file mode 100644
index 00000000..7c8139b0
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/key_agreement.go
@@ -0,0 +1,334 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/md5"
+ "crypto/rsa"
+ "crypto/sha1"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+)
+
+var errClientKeyExchange = errors.New("tls: invalid ClientKeyExchange message")
+var errServerKeyExchange = errors.New("tls: invalid ServerKeyExchange message")
+
+// rsaKeyAgreement implements the standard TLS key agreement where the client
+// encrypts the pre-master secret to the server's public key.
+type rsaKeyAgreement struct{}
+
+func (ka rsaKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ return nil, nil
+}
+
+func (ka rsaKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) < 2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1])
+ if ciphertextLen != len(ckx.ciphertext)-2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertext := ckx.ciphertext[2:]
+
+ priv, ok := cert.PrivateKey.(crypto.Decrypter)
+ if !ok {
+ return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter")
+ }
+ // Perform constant time RSA PKCS #1 v1.5 decryption
+ preMasterSecret, err := priv.Decrypt(config.rand(), ciphertext, &rsa.PKCS1v15DecryptOptions{SessionKeyLen: 48})
+ if err != nil {
+ return nil, err
+ }
+ // We don't check the version number in the premaster secret. For one,
+ // by checking it, we would leak information about the validity of the
+ // encrypted pre-master secret. Secondly, it provides only a small
+ // benefit against a downgrade attack and some implementations send the
+ // wrong version anyway. See the discussion at the end of section
+ // 7.4.7.1 of RFC 4346.
+ return preMasterSecret, nil
+}
+
+func (ka rsaKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ return errors.New("tls: unexpected ServerKeyExchange")
+}
+
+func (ka rsaKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ preMasterSecret := make([]byte, 48)
+ preMasterSecret[0] = byte(clientHello.vers >> 8)
+ preMasterSecret[1] = byte(clientHello.vers)
+ _, err := io.ReadFull(config.rand(), preMasterSecret[2:])
+ if err != nil {
+ return nil, nil, err
+ }
+
+ encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret)
+ if err != nil {
+ return nil, nil, err
+ }
+ ckx := new(clientKeyExchangeMsg)
+ ckx.ciphertext = make([]byte, len(encrypted)+2)
+ ckx.ciphertext[0] = byte(len(encrypted) >> 8)
+ ckx.ciphertext[1] = byte(len(encrypted))
+ copy(ckx.ciphertext[2:], encrypted)
+ return preMasterSecret, ckx, nil
+}
+
+// sha1Hash calculates a SHA1 hash over the given byte slices.
+func sha1Hash(slices [][]byte) []byte {
+ hsha1 := sha1.New()
+ for _, slice := range slices {
+ hsha1.Write(slice)
+ }
+ return hsha1.Sum(nil)
+}
+
+// md5SHA1Hash implements TLS 1.0's hybrid hash function which consists of the
+// concatenation of an MD5 and SHA1 hash.
+func md5SHA1Hash(slices [][]byte) []byte {
+ md5sha1 := make([]byte, md5.Size+sha1.Size)
+ hmd5 := md5.New()
+ for _, slice := range slices {
+ hmd5.Write(slice)
+ }
+ copy(md5sha1, hmd5.Sum(nil))
+ copy(md5sha1[md5.Size:], sha1Hash(slices))
+ return md5sha1
+}
+
+// hashForServerKeyExchange hashes the given slices and returns their digest
+// using the given hash function (for >= TLS 1.2) or using a default based on
+// the sigType (for earlier TLS versions). For Ed25519 signatures, which don't
+// do pre-hashing, it returns the concatenation of the slices.
+func hashForServerKeyExchange(sigType uint8, hashFunc crypto.Hash, version uint16, slices ...[]byte) []byte {
+ if sigType == signatureEd25519 {
+ var signed []byte
+ for _, slice := range slices {
+ signed = append(signed, slice...)
+ }
+ return signed
+ }
+ if version >= VersionTLS12 {
+ h := hashFunc.New()
+ for _, slice := range slices {
+ h.Write(slice)
+ }
+ digest := h.Sum(nil)
+ return digest
+ }
+ if sigType == signatureECDSA {
+ return sha1Hash(slices)
+ }
+ return md5SHA1Hash(slices)
+}
+
+// ecdheKeyAgreement implements a TLS key agreement where the server
+// generates an ephemeral EC public/private key pair and signs it. The
+// pre-master secret is then calculated using ECDH. The signature may
+// be ECDSA, Ed25519 or RSA.
+type ecdheKeyAgreement struct {
+ version uint16
+ isRSA bool
+ params ecdheParameters
+
+ // ckx and preMasterSecret are generated in processServerKeyExchange
+ // and returned in generateClientKeyExchange.
+ ckx *clientKeyExchangeMsg
+ preMasterSecret []byte
+}
+
+func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ var curveID CurveID
+ for _, c := range clientHello.supportedCurves {
+ if config.supportsCurve(c) {
+ curveID = c
+ break
+ }
+ }
+
+ if curveID == 0 {
+ return nil, errors.New("tls: no supported elliptic curves offered")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, err
+ }
+ ka.params = params
+
+ // See RFC 4492, Section 5.4.
+ ecdhePublic := params.PublicKey()
+ serverECDHEParams := make([]byte, 1+2+1+len(ecdhePublic))
+ serverECDHEParams[0] = 3 // named curve
+ serverECDHEParams[1] = byte(curveID >> 8)
+ serverECDHEParams[2] = byte(curveID)
+ serverECDHEParams[3] = byte(len(ecdhePublic))
+ copy(serverECDHEParams[4:], ecdhePublic)
+
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil, fmt.Errorf("tls: certificate private key of type %T does not implement crypto.Signer", cert.PrivateKey)
+ }
+
+ var signatureAlgorithm SignatureScheme
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm, err = selectSignatureScheme(ka.version, cert, clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ return nil, err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(priv.Public())
+ if err != nil {
+ return nil, err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return nil, errors.New("tls: certificate cannot be used with the selected cipher suite")
+ }
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, hello.random, serverECDHEParams)
+
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := priv.Sign(config.rand(), signed, signOpts)
+ if err != nil {
+ return nil, errors.New("tls: failed to sign ECDHE parameters: " + err.Error())
+ }
+
+ skx := new(serverKeyExchangeMsg)
+ sigAndHashLen := 0
+ if ka.version >= VersionTLS12 {
+ sigAndHashLen = 2
+ }
+ skx.key = make([]byte, len(serverECDHEParams)+sigAndHashLen+2+len(sig))
+ copy(skx.key, serverECDHEParams)
+ k := skx.key[len(serverECDHEParams):]
+ if ka.version >= VersionTLS12 {
+ k[0] = byte(signatureAlgorithm >> 8)
+ k[1] = byte(signatureAlgorithm)
+ k = k[2:]
+ }
+ k[0] = byte(len(sig) >> 8)
+ k[1] = byte(len(sig))
+ copy(k[2:], sig)
+
+ return skx, nil
+}
+
+func (ka *ecdheKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
+ return nil, errClientKeyExchange
+ }
+
+ preMasterSecret := ka.params.SharedKey(ckx.ciphertext[1:])
+ if preMasterSecret == nil {
+ return nil, errClientKeyExchange
+ }
+
+ return preMasterSecret, nil
+}
+
+func (ka *ecdheKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ if len(skx.key) < 4 {
+ return errServerKeyExchange
+ }
+ if skx.key[0] != 3 { // named curve
+ return errors.New("tls: server selected unsupported curve")
+ }
+ curveID := CurveID(skx.key[1])<<8 | CurveID(skx.key[2])
+
+ publicLen := int(skx.key[3])
+ if publicLen+4 > len(skx.key) {
+ return errServerKeyExchange
+ }
+ serverECDHEParams := skx.key[:4+publicLen]
+ publicKey := serverECDHEParams[4:]
+
+ sig := skx.key[4+publicLen:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return errors.New("tls: server selected unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return err
+ }
+ ka.params = params
+
+ ka.preMasterSecret = params.SharedKey(publicKey)
+ if ka.preMasterSecret == nil {
+ return errServerKeyExchange
+ }
+
+ ourPublicKey := params.PublicKey()
+ ka.ckx = new(clientKeyExchangeMsg)
+ ka.ckx.ciphertext = make([]byte, 1+len(ourPublicKey))
+ ka.ckx.ciphertext[0] = byte(len(ourPublicKey))
+ copy(ka.ckx.ciphertext[1:], ourPublicKey)
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm := SignatureScheme(sig[0])<<8 | SignatureScheme(sig[1])
+ sig = sig[2:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if !isSupportedSignatureAlgorithm(signatureAlgorithm, clientHello.supportedSignatureAlgorithms) {
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(cert.PublicKey)
+ if err != nil {
+ return err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return errServerKeyExchange
+ }
+
+ sigLen := int(sig[0])<<8 | int(sig[1])
+ if sigLen+2 != len(sig) {
+ return errServerKeyExchange
+ }
+ sig = sig[2:]
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, serverHello.random, serverECDHEParams)
+ if err := verifyHandshakeSignature(sigType, cert.PublicKey, sigHash, signed, sig); err != nil {
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+ return nil
+}
+
+func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ if ka.ckx == nil {
+ return nil, nil, errors.New("tls: missing ServerKeyExchange message")
+ }
+
+ return ka.preMasterSecret, ka.ckx, nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/key_schedule.go b/vendor/github.com/marten-seemann/qtls-go1-16/key_schedule.go
new file mode 100644
index 00000000..42c07f6f
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/key_schedule.go
@@ -0,0 +1,214 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/elliptic"
+ "crypto/hmac"
+ "errors"
+ "hash"
+ "io"
+ "math/big"
+
+ "golang.org/x/crypto/cryptobyte"
+ "golang.org/x/crypto/curve25519"
+ "golang.org/x/crypto/hkdf"
+)
+
+// This file contains the functions necessary to compute the TLS 1.3 key
+// schedule. See RFC 8446, Section 7.
+
+const (
+ resumptionBinderLabel = "res binder"
+ clientHandshakeTrafficLabel = "c hs traffic"
+ serverHandshakeTrafficLabel = "s hs traffic"
+ clientApplicationTrafficLabel = "c ap traffic"
+ serverApplicationTrafficLabel = "s ap traffic"
+ exporterLabel = "exp master"
+ resumptionLabel = "res master"
+ trafficUpdateLabel = "traffic upd"
+)
+
+// HkdfExtract generates a pseudorandom key for use with Expand from an input secret and an optional independent salt.
+func HkdfExtract(hash crypto.Hash, newSecret, currentSecret []byte) []byte {
+ if newSecret == nil {
+ newSecret = make([]byte, hash.Size())
+ }
+ return hkdf.Extract(hash.New, newSecret, currentSecret)
+}
+
+// HkdfExpandLabel HKDF expands a label
+func HkdfExpandLabel(hash crypto.Hash, secret, hashValue []byte, label string, L int) []byte {
+ return hkdfExpandLabel(hash, secret, hashValue, label, L)
+}
+
+func hkdfExpandLabel(hash crypto.Hash, secret, context []byte, label string, length int) []byte {
+ var hkdfLabel cryptobyte.Builder
+ hkdfLabel.AddUint16(uint16(length))
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte("tls13 "))
+ b.AddBytes([]byte(label))
+ })
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(context)
+ })
+ out := make([]byte, length)
+ n, err := hkdf.Expand(hash.New, secret, hkdfLabel.BytesOrPanic()).Read(out)
+ if err != nil || n != length {
+ panic("tls: HKDF-Expand-Label invocation failed unexpectedly")
+ }
+ return out
+}
+
+// expandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) expandLabel(secret []byte, label string, context []byte, length int) []byte {
+ return hkdfExpandLabel(c.hash, secret, context, label, length)
+}
+
+// deriveSecret implements Derive-Secret from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) deriveSecret(secret []byte, label string, transcript hash.Hash) []byte {
+ if transcript == nil {
+ transcript = c.hash.New()
+ }
+ return c.expandLabel(secret, label, transcript.Sum(nil), c.hash.Size())
+}
+
+// extract implements HKDF-Extract with the cipher suite hash.
+func (c *cipherSuiteTLS13) extract(newSecret, currentSecret []byte) []byte {
+ return HkdfExtract(c.hash, newSecret, currentSecret)
+}
+
+// nextTrafficSecret generates the next traffic secret, given the current one,
+// according to RFC 8446, Section 7.2.
+func (c *cipherSuiteTLS13) nextTrafficSecret(trafficSecret []byte) []byte {
+ return c.expandLabel(trafficSecret, trafficUpdateLabel, nil, c.hash.Size())
+}
+
+// trafficKey generates traffic keys according to RFC 8446, Section 7.3.
+func (c *cipherSuiteTLS13) trafficKey(trafficSecret []byte) (key, iv []byte) {
+ key = c.expandLabel(trafficSecret, "key", nil, c.keyLen)
+ iv = c.expandLabel(trafficSecret, "iv", nil, aeadNonceLength)
+ return
+}
+
+// finishedHash generates the Finished verify_data or PskBinderEntry according
+// to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey
+// selection.
+func (c *cipherSuiteTLS13) finishedHash(baseKey []byte, transcript hash.Hash) []byte {
+ finishedKey := c.expandLabel(baseKey, "finished", nil, c.hash.Size())
+ verifyData := hmac.New(c.hash.New, finishedKey)
+ verifyData.Write(transcript.Sum(nil))
+ return verifyData.Sum(nil)
+}
+
+// exportKeyingMaterial implements RFC5705 exporters for TLS 1.3 according to
+// RFC 8446, Section 7.5.
+func (c *cipherSuiteTLS13) exportKeyingMaterial(masterSecret []byte, transcript hash.Hash) func(string, []byte, int) ([]byte, error) {
+ expMasterSecret := c.deriveSecret(masterSecret, exporterLabel, transcript)
+ return func(label string, context []byte, length int) ([]byte, error) {
+ secret := c.deriveSecret(expMasterSecret, label, nil)
+ h := c.hash.New()
+ h.Write(context)
+ return c.expandLabel(secret, "exporter", h.Sum(nil), length), nil
+ }
+}
+
+// ecdheParameters implements Diffie-Hellman with either NIST curves or X25519,
+// according to RFC 8446, Section 4.2.8.2.
+type ecdheParameters interface {
+ CurveID() CurveID
+ PublicKey() []byte
+ SharedKey(peerPublicKey []byte) []byte
+}
+
+func generateECDHEParameters(rand io.Reader, curveID CurveID) (ecdheParameters, error) {
+ if curveID == X25519 {
+ privateKey := make([]byte, curve25519.ScalarSize)
+ if _, err := io.ReadFull(rand, privateKey); err != nil {
+ return nil, err
+ }
+ publicKey, err := curve25519.X25519(privateKey, curve25519.Basepoint)
+ if err != nil {
+ return nil, err
+ }
+ return &x25519Parameters{privateKey: privateKey, publicKey: publicKey}, nil
+ }
+
+ curve, ok := curveForCurveID(curveID)
+ if !ok {
+ return nil, errors.New("tls: internal error: unsupported curve")
+ }
+
+ p := &nistParameters{curveID: curveID}
+ var err error
+ p.privateKey, p.x, p.y, err = elliptic.GenerateKey(curve, rand)
+ if err != nil {
+ return nil, err
+ }
+ return p, nil
+}
+
+func curveForCurveID(id CurveID) (elliptic.Curve, bool) {
+ switch id {
+ case CurveP256:
+ return elliptic.P256(), true
+ case CurveP384:
+ return elliptic.P384(), true
+ case CurveP521:
+ return elliptic.P521(), true
+ default:
+ return nil, false
+ }
+}
+
+type nistParameters struct {
+ privateKey []byte
+ x, y *big.Int // public key
+ curveID CurveID
+}
+
+func (p *nistParameters) CurveID() CurveID {
+ return p.curveID
+}
+
+func (p *nistParameters) PublicKey() []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ return elliptic.Marshal(curve, p.x, p.y)
+}
+
+func (p *nistParameters) SharedKey(peerPublicKey []byte) []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ // Unmarshal also checks whether the given point is on the curve.
+ x, y := elliptic.Unmarshal(curve, peerPublicKey)
+ if x == nil {
+ return nil
+ }
+
+ xShared, _ := curve.ScalarMult(x, y, p.privateKey)
+ sharedKey := make([]byte, (curve.Params().BitSize+7)/8)
+ return xShared.FillBytes(sharedKey)
+}
+
+type x25519Parameters struct {
+ privateKey []byte
+ publicKey []byte
+}
+
+func (p *x25519Parameters) CurveID() CurveID {
+ return X25519
+}
+
+func (p *x25519Parameters) PublicKey() []byte {
+ return p.publicKey[:]
+}
+
+func (p *x25519Parameters) SharedKey(peerPublicKey []byte) []byte {
+ sharedKey, err := curve25519.X25519(p.privateKey, peerPublicKey)
+ if err != nil {
+ return nil
+ }
+ return sharedKey
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/prf.go b/vendor/github.com/marten-seemann/qtls-go1-16/prf.go
new file mode 100644
index 00000000..9eb0221a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/prf.go
@@ -0,0 +1,283 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/hmac"
+ "crypto/md5"
+ "crypto/sha1"
+ "crypto/sha256"
+ "crypto/sha512"
+ "errors"
+ "fmt"
+ "hash"
+)
+
+// Split a premaster secret in two as specified in RFC 4346, Section 5.
+func splitPreMasterSecret(secret []byte) (s1, s2 []byte) {
+ s1 = secret[0 : (len(secret)+1)/2]
+ s2 = secret[len(secret)/2:]
+ return
+}
+
+// pHash implements the P_hash function, as defined in RFC 4346, Section 5.
+func pHash(result, secret, seed []byte, hash func() hash.Hash) {
+ h := hmac.New(hash, secret)
+ h.Write(seed)
+ a := h.Sum(nil)
+
+ j := 0
+ for j < len(result) {
+ h.Reset()
+ h.Write(a)
+ h.Write(seed)
+ b := h.Sum(nil)
+ copy(result[j:], b)
+ j += len(b)
+
+ h.Reset()
+ h.Write(a)
+ a = h.Sum(nil)
+ }
+}
+
+// prf10 implements the TLS 1.0 pseudo-random function, as defined in RFC 2246, Section 5.
+func prf10(result, secret, label, seed []byte) {
+ hashSHA1 := sha1.New
+ hashMD5 := md5.New
+
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ s1, s2 := splitPreMasterSecret(secret)
+ pHash(result, s1, labelAndSeed, hashMD5)
+ result2 := make([]byte, len(result))
+ pHash(result2, s2, labelAndSeed, hashSHA1)
+
+ for i, b := range result2 {
+ result[i] ^= b
+ }
+}
+
+// prf12 implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, Section 5.
+func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) {
+ return func(result, secret, label, seed []byte) {
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ pHash(result, secret, labelAndSeed, hashFunc)
+ }
+}
+
+const (
+ masterSecretLength = 48 // Length of a master secret in TLS 1.1.
+ finishedVerifyLength = 12 // Length of verify_data in a Finished message.
+)
+
+var masterSecretLabel = []byte("master secret")
+var keyExpansionLabel = []byte("key expansion")
+var clientFinishedLabel = []byte("client finished")
+var serverFinishedLabel = []byte("server finished")
+
+func prfAndHashForVersion(version uint16, suite *cipherSuite) (func(result, secret, label, seed []byte), crypto.Hash) {
+ switch version {
+ case VersionTLS10, VersionTLS11:
+ return prf10, crypto.Hash(0)
+ case VersionTLS12:
+ if suite.flags&suiteSHA384 != 0 {
+ return prf12(sha512.New384), crypto.SHA384
+ }
+ return prf12(sha256.New), crypto.SHA256
+ default:
+ panic("unknown version")
+ }
+}
+
+func prfForVersion(version uint16, suite *cipherSuite) func(result, secret, label, seed []byte) {
+ prf, _ := prfAndHashForVersion(version, suite)
+ return prf
+}
+
+// masterFromPreMasterSecret generates the master secret from the pre-master
+// secret. See RFC 5246, Section 8.1.
+func masterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret, clientRandom, serverRandom []byte) []byte {
+ seed := make([]byte, 0, len(clientRandom)+len(serverRandom))
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ masterSecret := make([]byte, masterSecretLength)
+ prfForVersion(version, suite)(masterSecret, preMasterSecret, masterSecretLabel, seed)
+ return masterSecret
+}
+
+// keysFromMasterSecret generates the connection keys from the master
+// secret, given the lengths of the MAC key, cipher key and IV, as defined in
+// RFC 2246, Section 6.3.
+func keysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) {
+ seed := make([]byte, 0, len(serverRandom)+len(clientRandom))
+ seed = append(seed, serverRandom...)
+ seed = append(seed, clientRandom...)
+
+ n := 2*macLen + 2*keyLen + 2*ivLen
+ keyMaterial := make([]byte, n)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, keyExpansionLabel, seed)
+ clientMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ serverMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ clientKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ serverKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ clientIV = keyMaterial[:ivLen]
+ keyMaterial = keyMaterial[ivLen:]
+ serverIV = keyMaterial[:ivLen]
+ return
+}
+
+func newFinishedHash(version uint16, cipherSuite *cipherSuite) finishedHash {
+ var buffer []byte
+ if version >= VersionTLS12 {
+ buffer = []byte{}
+ }
+
+ prf, hash := prfAndHashForVersion(version, cipherSuite)
+ if hash != 0 {
+ return finishedHash{hash.New(), hash.New(), nil, nil, buffer, version, prf}
+ }
+
+ return finishedHash{sha1.New(), sha1.New(), md5.New(), md5.New(), buffer, version, prf}
+}
+
+// A finishedHash calculates the hash of a set of handshake messages suitable
+// for including in a Finished message.
+type finishedHash struct {
+ client hash.Hash
+ server hash.Hash
+
+ // Prior to TLS 1.2, an additional MD5 hash is required.
+ clientMD5 hash.Hash
+ serverMD5 hash.Hash
+
+ // In TLS 1.2, a full buffer is sadly required.
+ buffer []byte
+
+ version uint16
+ prf func(result, secret, label, seed []byte)
+}
+
+func (h *finishedHash) Write(msg []byte) (n int, err error) {
+ h.client.Write(msg)
+ h.server.Write(msg)
+
+ if h.version < VersionTLS12 {
+ h.clientMD5.Write(msg)
+ h.serverMD5.Write(msg)
+ }
+
+ if h.buffer != nil {
+ h.buffer = append(h.buffer, msg...)
+ }
+
+ return len(msg), nil
+}
+
+func (h finishedHash) Sum() []byte {
+ if h.version >= VersionTLS12 {
+ return h.client.Sum(nil)
+ }
+
+ out := make([]byte, 0, md5.Size+sha1.Size)
+ out = h.clientMD5.Sum(out)
+ return h.client.Sum(out)
+}
+
+// clientSum returns the contents of the verify_data member of a client's
+// Finished message.
+func (h finishedHash) clientSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, clientFinishedLabel, h.Sum())
+ return out
+}
+
+// serverSum returns the contents of the verify_data member of a server's
+// Finished message.
+func (h finishedHash) serverSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, serverFinishedLabel, h.Sum())
+ return out
+}
+
+// hashForClientCertificate returns the handshake messages so far, pre-hashed if
+// necessary, suitable for signing by a TLS client certificate.
+func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash, masterSecret []byte) []byte {
+ if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil {
+ panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer")
+ }
+
+ if sigType == signatureEd25519 {
+ return h.buffer
+ }
+
+ if h.version >= VersionTLS12 {
+ hash := hashAlg.New()
+ hash.Write(h.buffer)
+ return hash.Sum(nil)
+ }
+
+ if sigType == signatureECDSA {
+ return h.server.Sum(nil)
+ }
+
+ return h.Sum()
+}
+
+// discardHandshakeBuffer is called when there is no more need to
+// buffer the entirety of the handshake messages.
+func (h *finishedHash) discardHandshakeBuffer() {
+ h.buffer = nil
+}
+
+// noExportedKeyingMaterial is used as a value of
+// ConnectionState.ekm when renegotiation is enabled and thus
+// we wish to fail all key-material export requests.
+func noExportedKeyingMaterial(label string, context []byte, length int) ([]byte, error) {
+ return nil, errors.New("crypto/tls: ExportKeyingMaterial is unavailable when renegotiation is enabled")
+}
+
+// ekmFromMasterSecret generates exported keying material as defined in RFC 5705.
+func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) {
+ return func(label string, context []byte, length int) ([]byte, error) {
+ switch label {
+ case "client finished", "server finished", "master secret", "key expansion":
+ // These values are reserved and may not be used.
+ return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label)
+ }
+
+ seedLen := len(serverRandom) + len(clientRandom)
+ if context != nil {
+ seedLen += 2 + len(context)
+ }
+ seed := make([]byte, 0, seedLen)
+
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ if context != nil {
+ if len(context) >= 1<<16 {
+ return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long")
+ }
+ seed = append(seed, byte(len(context)>>8), byte(len(context)))
+ seed = append(seed, context...)
+ }
+
+ keyMaterial := make([]byte, length)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, []byte(label), seed)
+ return keyMaterial, nil
+ }
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/ticket.go b/vendor/github.com/marten-seemann/qtls-go1-16/ticket.go
new file mode 100644
index 00000000..006b8c1d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/ticket.go
@@ -0,0 +1,259 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/hmac"
+ "crypto/sha256"
+ "crypto/subtle"
+ "errors"
+ "io"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// sessionState contains the information that is serialized into a session
+// ticket in order to later resume a connection.
+type sessionState struct {
+ vers uint16
+ cipherSuite uint16
+ createdAt uint64
+ masterSecret []byte // opaque master_secret<1..2^16-1>;
+ // struct { opaque certificate<1..2^24-1> } Certificate;
+ certificates [][]byte // Certificate certificate_list<0..2^24-1>;
+
+ // usedOldKey is true if the ticket from which this session came from
+ // was encrypted with an older key and thus should be refreshed.
+ usedOldKey bool
+}
+
+func (m *sessionState) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(m.vers)
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.masterSecret)
+ })
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, cert := range m.certificates {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ }
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionState) unmarshal(data []byte) bool {
+ *m = sessionState{usedOldKey: m.usedOldKey}
+ s := cryptobyte.String(data)
+ if ok := s.ReadUint16(&m.vers) &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint16LengthPrefixed(&s, &m.masterSecret) &&
+ len(m.masterSecret) != 0; !ok {
+ return false
+ }
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ if !readUint24LengthPrefixed(&certList, &cert) {
+ return false
+ }
+ m.certificates = append(m.certificates, cert)
+ }
+ return s.Empty()
+}
+
+// sessionStateTLS13 is the content of a TLS 1.3 session ticket. Its first
+// version (revision = 0) doesn't carry any of the information needed for 0-RTT
+// validation and the nonce is always empty.
+// version (revision = 1) carries the max_early_data_size sent in the ticket.
+// version (revision = 2) carries the ALPN sent in the ticket.
+type sessionStateTLS13 struct {
+ // uint8 version = 0x0304;
+ // uint8 revision = 2;
+ cipherSuite uint16
+ createdAt uint64
+ resumptionSecret []byte // opaque resumption_master_secret<1..2^8-1>;
+ certificate Certificate // CertificateEntry certificate_list<0..2^24-1>;
+ maxEarlyData uint32
+ alpn string
+
+ appData []byte
+}
+
+func (m *sessionStateTLS13) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(VersionTLS13)
+ b.AddUint8(2) // revision
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.resumptionSecret)
+ })
+ marshalCertificate(&b, m.certificate)
+ b.AddUint32(m.maxEarlyData)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpn))
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.appData)
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionStateTLS13) unmarshal(data []byte) bool {
+ *m = sessionStateTLS13{}
+ s := cryptobyte.String(data)
+ var version uint16
+ var revision uint8
+ var alpn []byte
+ ret := s.ReadUint16(&version) &&
+ version == VersionTLS13 &&
+ s.ReadUint8(&revision) &&
+ revision == 2 &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint8LengthPrefixed(&s, &m.resumptionSecret) &&
+ len(m.resumptionSecret) != 0 &&
+ unmarshalCertificate(&s, &m.certificate) &&
+ s.ReadUint32(&m.maxEarlyData) &&
+ readUint8LengthPrefixed(&s, &alpn) &&
+ readUint16LengthPrefixed(&s, &m.appData) &&
+ s.Empty()
+ m.alpn = string(alpn)
+ return ret
+}
+
+func (c *Conn) encryptTicket(state []byte) ([]byte, error) {
+ if len(c.ticketKeys) == 0 {
+ return nil, errors.New("tls: internal error: session ticket keys unavailable")
+ }
+
+ encrypted := make([]byte, ticketKeyNameLen+aes.BlockSize+len(state)+sha256.Size)
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+
+ if _, err := io.ReadFull(c.config.rand(), iv); err != nil {
+ return nil, err
+ }
+ key := c.ticketKeys[0]
+ copy(keyName, key.keyName[:])
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error())
+ }
+ cipher.NewCTR(block, iv).XORKeyStream(encrypted[ticketKeyNameLen+aes.BlockSize:], state)
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ mac.Sum(macBytes[:0])
+
+ return encrypted, nil
+}
+
+func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey bool) {
+ if len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size {
+ return nil, false
+ }
+
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+ ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size]
+
+ keyIndex := -1
+ for i, candidateKey := range c.ticketKeys {
+ if bytes.Equal(keyName, candidateKey.keyName[:]) {
+ keyIndex = i
+ break
+ }
+ }
+ if keyIndex == -1 {
+ return nil, false
+ }
+ key := &c.ticketKeys[keyIndex]
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ expected := mac.Sum(nil)
+
+ if subtle.ConstantTimeCompare(macBytes, expected) != 1 {
+ return nil, false
+ }
+
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, false
+ }
+ plaintext = make([]byte, len(ciphertext))
+ cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext)
+
+ return plaintext, keyIndex > 0
+}
+
+func (c *Conn) getSessionTicketMsg(appData []byte) (*newSessionTicketMsgTLS13, error) {
+ m := new(newSessionTicketMsgTLS13)
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionStateTLS13{
+ cipherSuite: c.cipherSuite,
+ createdAt: uint64(c.config.time().Unix()),
+ resumptionSecret: c.resumptionSecret,
+ certificate: Certificate{
+ Certificate: certsFromClient,
+ OCSPStaple: c.ocspResponse,
+ SignedCertificateTimestamps: c.scts,
+ },
+ appData: appData,
+ alpn: c.clientProtocol,
+ }
+ if c.extraConfig != nil {
+ state.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ var err error
+ m.label, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return nil, err
+ }
+ m.lifetime = uint32(maxSessionTicketLifetime / time.Second)
+ if c.extraConfig != nil {
+ m.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ return m, nil
+}
+
+// GetSessionTicket generates a new session ticket.
+// It should only be called after the handshake completes.
+// It can only be used for servers, and only if the alternative record layer is set.
+// The ticket may be nil if config.SessionTicketsDisabled is set,
+// or if the client isn't able to receive session tickets.
+func (c *Conn) GetSessionTicket(appData []byte) ([]byte, error) {
+ if c.isClient || !c.handshakeComplete() || c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ return nil, errors.New("GetSessionTicket is only valid for servers after completion of the handshake, and if an alternative record layer is set.")
+ }
+ if c.config.SessionTicketsDisabled {
+ return nil, nil
+ }
+
+ m, err := c.getSessionTicketMsg(appData)
+ if err != nil {
+ return nil, err
+ }
+ return m.marshal(), nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/tls.go b/vendor/github.com/marten-seemann/qtls-go1-16/tls.go
new file mode 100644
index 00000000..10cbae03
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/tls.go
@@ -0,0 +1,393 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// package qtls partially implements TLS 1.2, as specified in RFC 5246,
+// and TLS 1.3, as specified in RFC 8446.
+package qtls
+
+// BUG(agl): The crypto/tls package only implements some countermeasures
+// against Lucky13 attacks on CBC-mode encryption, and only on SHA1
+// variants. See http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/pem"
+ "errors"
+ "fmt"
+ "net"
+ "os"
+ "strings"
+ "time"
+)
+
+// Server returns a new TLS server side connection
+// using conn as the underlying transport.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ }
+ c.handshakeFn = c.serverHandshake
+ return c
+}
+
+// Client returns a new TLS client side connection
+// using conn as the underlying transport.
+// The config cannot be nil: users must set either ServerName or
+// InsecureSkipVerify in the config.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ isClient: true,
+ }
+ c.handshakeFn = c.clientHandshake
+ return c
+}
+
+// A listener implements a network listener (net.Listener) for TLS connections.
+type listener struct {
+ net.Listener
+ config *Config
+ extraConfig *ExtraConfig
+}
+
+// Accept waits for and returns the next incoming TLS connection.
+// The returned connection is of type *Conn.
+func (l *listener) Accept() (net.Conn, error) {
+ c, err := l.Listener.Accept()
+ if err != nil {
+ return nil, err
+ }
+ return Server(c, l.config, l.extraConfig), nil
+}
+
+// NewListener creates a Listener which accepts connections from an inner
+// Listener and wraps each connection with Server.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func NewListener(inner net.Listener, config *Config, extraConfig *ExtraConfig) net.Listener {
+ l := new(listener)
+ l.Listener = inner
+ l.config = config
+ l.extraConfig = extraConfig
+ return l
+}
+
+// Listen creates a TLS listener accepting connections on the
+// given network address using net.Listen.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Listen(network, laddr string, config *Config, extraConfig *ExtraConfig) (net.Listener, error) {
+ if config == nil || len(config.Certificates) == 0 &&
+ config.GetCertificate == nil && config.GetConfigForClient == nil {
+ return nil, errors.New("tls: neither Certificates, GetCertificate, nor GetConfigForClient set in Config")
+ }
+ l, err := net.Listen(network, laddr)
+ if err != nil {
+ return nil, err
+ }
+ return NewListener(l, config, extraConfig), nil
+}
+
+type timeoutError struct{}
+
+func (timeoutError) Error() string { return "tls: DialWithDialer timed out" }
+func (timeoutError) Timeout() bool { return true }
+func (timeoutError) Temporary() bool { return true }
+
+// DialWithDialer connects to the given network address using dialer.Dial and
+// then initiates a TLS handshake, returning the resulting TLS connection. Any
+// timeout or deadline given in the dialer apply to connection and TLS
+// handshake as a whole.
+//
+// DialWithDialer interprets a nil configuration as equivalent to the zero
+// configuration; see the documentation of Config for the defaults.
+func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return dial(context.Background(), dialer, network, addr, config, extraConfig)
+}
+
+func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ // We want the Timeout and Deadline values from dialer to cover the
+ // whole process: TCP connection and TLS handshake. This means that we
+ // also need to start our own timers now.
+ timeout := netDialer.Timeout
+
+ if !netDialer.Deadline.IsZero() {
+ deadlineTimeout := time.Until(netDialer.Deadline)
+ if timeout == 0 || deadlineTimeout < timeout {
+ timeout = deadlineTimeout
+ }
+ }
+
+ // hsErrCh is non-nil if we might not wait for Handshake to complete.
+ var hsErrCh chan error
+ if timeout != 0 || ctx.Done() != nil {
+ hsErrCh = make(chan error, 2)
+ }
+ if timeout != 0 {
+ timer := time.AfterFunc(timeout, func() {
+ hsErrCh <- timeoutError{}
+ })
+ defer timer.Stop()
+ }
+
+ rawConn, err := netDialer.DialContext(ctx, network, addr)
+ if err != nil {
+ return nil, err
+ }
+
+ colonPos := strings.LastIndex(addr, ":")
+ if colonPos == -1 {
+ colonPos = len(addr)
+ }
+ hostname := addr[:colonPos]
+
+ if config == nil {
+ config = defaultConfig()
+ }
+ // If no ServerName is set, infer the ServerName
+ // from the hostname we're connecting to.
+ if config.ServerName == "" {
+ // Make a copy to avoid polluting argument or default.
+ c := config.Clone()
+ c.ServerName = hostname
+ config = c
+ }
+
+ conn := Client(rawConn, config, extraConfig)
+
+ if hsErrCh == nil {
+ err = conn.Handshake()
+ } else {
+ go func() {
+ hsErrCh <- conn.Handshake()
+ }()
+
+ select {
+ case <-ctx.Done():
+ err = ctx.Err()
+ case err = <-hsErrCh:
+ if err != nil {
+ // If the error was due to the context
+ // closing, prefer the context's error, rather
+ // than some random network teardown error.
+ if e := ctx.Err(); e != nil {
+ err = e
+ }
+ }
+ }
+ }
+
+ if err != nil {
+ rawConn.Close()
+ return nil, err
+ }
+
+ return conn, nil
+}
+
+// Dial connects to the given network address using net.Dial
+// and then initiates a TLS handshake, returning the resulting
+// TLS connection.
+// Dial interprets a nil configuration as equivalent to
+// the zero configuration; see the documentation of Config
+// for the defaults.
+func Dial(network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return DialWithDialer(new(net.Dialer), network, addr, config, extraConfig)
+}
+
+// Dialer dials TLS connections given a configuration and a Dialer for the
+// underlying connection.
+type Dialer struct {
+ // NetDialer is the optional dialer to use for the TLS connections'
+ // underlying TCP connections.
+ // A nil NetDialer is equivalent to the net.Dialer zero value.
+ NetDialer *net.Dialer
+
+ // Config is the TLS configuration to use for new connections.
+ // A nil configuration is equivalent to the zero
+ // configuration; see the documentation of Config for the
+ // defaults.
+ Config *Config
+
+ ExtraConfig *ExtraConfig
+}
+
+// Dial connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+func (d *Dialer) Dial(network, addr string) (net.Conn, error) {
+ return d.DialContext(context.Background(), network, addr)
+}
+
+func (d *Dialer) netDialer() *net.Dialer {
+ if d.NetDialer != nil {
+ return d.NetDialer
+ }
+ return new(net.Dialer)
+}
+
+// DialContext connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The provided Context must be non-nil. If the context expires before
+// the connection is complete, an error is returned. Once successfully
+// connected, any expiration of the context will not affect the
+// connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+ c, err := dial(ctx, d.netDialer(), network, addr, d.Config, d.ExtraConfig)
+ if err != nil {
+ // Don't return c (a typed nil) in an interface.
+ return nil, err
+ }
+ return c, nil
+}
+
+// LoadX509KeyPair reads and parses a public/private key pair from a pair
+// of files. The files must contain PEM encoded data. The certificate file
+// may contain intermediate certificates following the leaf certificate to
+// form a certificate chain. On successful return, Certificate.Leaf will
+// be nil because the parsed form of the certificate is not retained.
+func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) {
+ certPEMBlock, err := os.ReadFile(certFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ keyPEMBlock, err := os.ReadFile(keyFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ return X509KeyPair(certPEMBlock, keyPEMBlock)
+}
+
+// X509KeyPair parses a public/private key pair from a pair of
+// PEM encoded data. On successful return, Certificate.Leaf will be nil because
+// the parsed form of the certificate is not retained.
+func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) {
+ fail := func(err error) (Certificate, error) { return Certificate{}, err }
+
+ var cert Certificate
+ var skippedBlockTypes []string
+ for {
+ var certDERBlock *pem.Block
+ certDERBlock, certPEMBlock = pem.Decode(certPEMBlock)
+ if certDERBlock == nil {
+ break
+ }
+ if certDERBlock.Type == "CERTIFICATE" {
+ cert.Certificate = append(cert.Certificate, certDERBlock.Bytes)
+ } else {
+ skippedBlockTypes = append(skippedBlockTypes, certDERBlock.Type)
+ }
+ }
+
+ if len(cert.Certificate) == 0 {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in certificate input"))
+ }
+ if len(skippedBlockTypes) == 1 && strings.HasSuffix(skippedBlockTypes[0], "PRIVATE KEY") {
+ return fail(errors.New("tls: failed to find certificate PEM data in certificate input, but did find a private key; PEM inputs may have been switched"))
+ }
+ return fail(fmt.Errorf("tls: failed to find \"CERTIFICATE\" PEM block in certificate input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+
+ skippedBlockTypes = skippedBlockTypes[:0]
+ var keyDERBlock *pem.Block
+ for {
+ keyDERBlock, keyPEMBlock = pem.Decode(keyPEMBlock)
+ if keyDERBlock == nil {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in key input"))
+ }
+ if len(skippedBlockTypes) == 1 && skippedBlockTypes[0] == "CERTIFICATE" {
+ return fail(errors.New("tls: found a certificate rather than a key in the PEM for the private key"))
+ }
+ return fail(fmt.Errorf("tls: failed to find PEM block with type ending in \"PRIVATE KEY\" in key input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+ if keyDERBlock.Type == "PRIVATE KEY" || strings.HasSuffix(keyDERBlock.Type, " PRIVATE KEY") {
+ break
+ }
+ skippedBlockTypes = append(skippedBlockTypes, keyDERBlock.Type)
+ }
+
+ // We don't need to parse the public key for TLS, but we so do anyway
+ // to check that it looks sane and matches the private key.
+ x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
+ if err != nil {
+ return fail(err)
+ }
+
+ cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes)
+ if err != nil {
+ return fail(err)
+ }
+
+ switch pub := x509Cert.PublicKey.(type) {
+ case *rsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*rsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.N.Cmp(priv.N) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case *ecdsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case ed25519.PublicKey:
+ priv, ok := cert.PrivateKey.(ed25519.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if !bytes.Equal(priv.Public().(ed25519.PublicKey), pub) {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ default:
+ return fail(errors.New("tls: unknown public key algorithm"))
+ }
+
+ return cert, nil
+}
+
+// Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates
+// PKCS #1 private keys by default, while OpenSSL 1.0.0 generates PKCS #8 keys.
+// OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three.
+func parsePrivateKey(der []byte) (crypto.PrivateKey, error) {
+ if key, err := x509.ParsePKCS1PrivateKey(der); err == nil {
+ return key, nil
+ }
+ if key, err := x509.ParsePKCS8PrivateKey(der); err == nil {
+ switch key := key.(type) {
+ case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey:
+ return key, nil
+ default:
+ return nil, errors.New("tls: found unknown private key type in PKCS#8 wrapping")
+ }
+ }
+ if key, err := x509.ParseECPrivateKey(der); err == nil {
+ return key, nil
+ }
+
+ return nil, errors.New("tls: failed to parse private key")
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-16/unsafe.go b/vendor/github.com/marten-seemann/qtls-go1-16/unsafe.go
new file mode 100644
index 00000000..55fa01b3
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-16/unsafe.go
@@ -0,0 +1,96 @@
+package qtls
+
+import (
+ "crypto/tls"
+ "reflect"
+ "unsafe"
+)
+
+func init() {
+ if !structsEqual(&tls.ConnectionState{}, &connectionState{}) {
+ panic("qtls.ConnectionState doesn't match")
+ }
+ if !structsEqual(&tls.ClientSessionState{}, &clientSessionState{}) {
+ panic("qtls.ClientSessionState doesn't match")
+ }
+ if !structsEqual(&tls.CertificateRequestInfo{}, &certificateRequestInfo{}) {
+ panic("qtls.CertificateRequestInfo doesn't match")
+ }
+ if !structsEqual(&tls.Config{}, &config{}) {
+ panic("qtls.Config doesn't match")
+ }
+ if !structsEqual(&tls.ClientHelloInfo{}, &clientHelloInfo{}) {
+ panic("qtls.ClientHelloInfo doesn't match")
+ }
+}
+
+func toConnectionState(c connectionState) ConnectionState {
+ return *(*ConnectionState)(unsafe.Pointer(&c))
+}
+
+func toClientSessionState(s *clientSessionState) *ClientSessionState {
+ return (*ClientSessionState)(unsafe.Pointer(s))
+}
+
+func fromClientSessionState(s *ClientSessionState) *clientSessionState {
+ return (*clientSessionState)(unsafe.Pointer(s))
+}
+
+func toCertificateRequestInfo(i *certificateRequestInfo) *CertificateRequestInfo {
+ return (*CertificateRequestInfo)(unsafe.Pointer(i))
+}
+
+func toConfig(c *config) *Config {
+ return (*Config)(unsafe.Pointer(c))
+}
+
+func fromConfig(c *Config) *config {
+ return (*config)(unsafe.Pointer(c))
+}
+
+func toClientHelloInfo(chi *clientHelloInfo) *ClientHelloInfo {
+ return (*ClientHelloInfo)(unsafe.Pointer(chi))
+}
+
+func structsEqual(a, b interface{}) bool {
+ return compare(reflect.ValueOf(a), reflect.ValueOf(b))
+}
+
+func compare(a, b reflect.Value) bool {
+ sa := a.Elem()
+ sb := b.Elem()
+ if sa.NumField() != sb.NumField() {
+ return false
+ }
+ for i := 0; i < sa.NumField(); i++ {
+ fa := sa.Type().Field(i)
+ fb := sb.Type().Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ if fa.Type.Kind() != fb.Type.Kind() {
+ return false
+ }
+ if fa.Type.Kind() == reflect.Slice {
+ if !compareStruct(fa.Type.Elem(), fb.Type.Elem()) {
+ return false
+ }
+ continue
+ }
+ return false
+ }
+ }
+ return true
+}
+
+func compareStruct(a, b reflect.Type) bool {
+ if a.NumField() != b.NumField() {
+ return false
+ }
+ for i := 0; i < a.NumField(); i++ {
+ fa := a.Field(i)
+ fb := b.Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ return false
+ }
+ }
+ return true
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/LICENSE b/vendor/github.com/marten-seemann/qtls-go1-17/LICENSE
new file mode 100644
index 00000000..6a66aea5
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+ * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+ * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/README.md b/vendor/github.com/marten-seemann/qtls-go1-17/README.md
new file mode 100644
index 00000000..3e902212
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/README.md
@@ -0,0 +1,6 @@
+# qtls
+
+[](https://pkg.go.dev/github.com/marten-seemann/qtls-go1-17)
+[](https://github.com/marten-seemann/qtls-go1-17/actions/workflows/go-test.yml)
+
+This repository contains a modified version of the standard library's TLS implementation, modified for the QUIC protocol. It is used by [quic-go](https://github.com/lucas-clemente/quic-go).
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/alert.go b/vendor/github.com/marten-seemann/qtls-go1-17/alert.go
new file mode 100644
index 00000000..3feac79b
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/alert.go
@@ -0,0 +1,102 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import "strconv"
+
+type alert uint8
+
+// Alert is a TLS alert
+type Alert = alert
+
+const (
+ // alert level
+ alertLevelWarning = 1
+ alertLevelError = 2
+)
+
+const (
+ alertCloseNotify alert = 0
+ alertUnexpectedMessage alert = 10
+ alertBadRecordMAC alert = 20
+ alertDecryptionFailed alert = 21
+ alertRecordOverflow alert = 22
+ alertDecompressionFailure alert = 30
+ alertHandshakeFailure alert = 40
+ alertBadCertificate alert = 42
+ alertUnsupportedCertificate alert = 43
+ alertCertificateRevoked alert = 44
+ alertCertificateExpired alert = 45
+ alertCertificateUnknown alert = 46
+ alertIllegalParameter alert = 47
+ alertUnknownCA alert = 48
+ alertAccessDenied alert = 49
+ alertDecodeError alert = 50
+ alertDecryptError alert = 51
+ alertExportRestriction alert = 60
+ alertProtocolVersion alert = 70
+ alertInsufficientSecurity alert = 71
+ alertInternalError alert = 80
+ alertInappropriateFallback alert = 86
+ alertUserCanceled alert = 90
+ alertNoRenegotiation alert = 100
+ alertMissingExtension alert = 109
+ alertUnsupportedExtension alert = 110
+ alertCertificateUnobtainable alert = 111
+ alertUnrecognizedName alert = 112
+ alertBadCertificateStatusResponse alert = 113
+ alertBadCertificateHashValue alert = 114
+ alertUnknownPSKIdentity alert = 115
+ alertCertificateRequired alert = 116
+ alertNoApplicationProtocol alert = 120
+)
+
+var alertText = map[alert]string{
+ alertCloseNotify: "close notify",
+ alertUnexpectedMessage: "unexpected message",
+ alertBadRecordMAC: "bad record MAC",
+ alertDecryptionFailed: "decryption failed",
+ alertRecordOverflow: "record overflow",
+ alertDecompressionFailure: "decompression failure",
+ alertHandshakeFailure: "handshake failure",
+ alertBadCertificate: "bad certificate",
+ alertUnsupportedCertificate: "unsupported certificate",
+ alertCertificateRevoked: "revoked certificate",
+ alertCertificateExpired: "expired certificate",
+ alertCertificateUnknown: "unknown certificate",
+ alertIllegalParameter: "illegal parameter",
+ alertUnknownCA: "unknown certificate authority",
+ alertAccessDenied: "access denied",
+ alertDecodeError: "error decoding message",
+ alertDecryptError: "error decrypting message",
+ alertExportRestriction: "export restriction",
+ alertProtocolVersion: "protocol version not supported",
+ alertInsufficientSecurity: "insufficient security level",
+ alertInternalError: "internal error",
+ alertInappropriateFallback: "inappropriate fallback",
+ alertUserCanceled: "user canceled",
+ alertNoRenegotiation: "no renegotiation",
+ alertMissingExtension: "missing extension",
+ alertUnsupportedExtension: "unsupported extension",
+ alertCertificateUnobtainable: "certificate unobtainable",
+ alertUnrecognizedName: "unrecognized name",
+ alertBadCertificateStatusResponse: "bad certificate status response",
+ alertBadCertificateHashValue: "bad certificate hash value",
+ alertUnknownPSKIdentity: "unknown PSK identity",
+ alertCertificateRequired: "certificate required",
+ alertNoApplicationProtocol: "no application protocol",
+}
+
+func (e alert) String() string {
+ s, ok := alertText[e]
+ if ok {
+ return "tls: " + s
+ }
+ return "tls: alert(" + strconv.Itoa(int(e)) + ")"
+}
+
+func (e alert) Error() string {
+ return e.String()
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/auth.go b/vendor/github.com/marten-seemann/qtls-go1-17/auth.go
new file mode 100644
index 00000000..1ef675fd
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/auth.go
@@ -0,0 +1,289 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rsa"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+)
+
+// verifyHandshakeSignature verifies a signature against pre-hashed
+// (if required) handshake contents.
+func verifyHandshakeSignature(sigType uint8, pubkey crypto.PublicKey, hashFunc crypto.Hash, signed, sig []byte) error {
+ switch sigType {
+ case signatureECDSA:
+ pubKey, ok := pubkey.(*ecdsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an ECDSA public key, got %T", pubkey)
+ }
+ if !ecdsa.VerifyASN1(pubKey, signed, sig) {
+ return errors.New("ECDSA verification failure")
+ }
+ case signatureEd25519:
+ pubKey, ok := pubkey.(ed25519.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an Ed25519 public key, got %T", pubkey)
+ }
+ if !ed25519.Verify(pubKey, signed, sig) {
+ return errors.New("Ed25519 verification failure")
+ }
+ case signaturePKCS1v15:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ if err := rsa.VerifyPKCS1v15(pubKey, hashFunc, signed, sig); err != nil {
+ return err
+ }
+ case signatureRSAPSS:
+ pubKey, ok := pubkey.(*rsa.PublicKey)
+ if !ok {
+ return fmt.Errorf("expected an RSA public key, got %T", pubkey)
+ }
+ signOpts := &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash}
+ if err := rsa.VerifyPSS(pubKey, hashFunc, signed, sig, signOpts); err != nil {
+ return err
+ }
+ default:
+ return errors.New("internal error: unknown signature type")
+ }
+ return nil
+}
+
+const (
+ serverSignatureContext = "TLS 1.3, server CertificateVerify\x00"
+ clientSignatureContext = "TLS 1.3, client CertificateVerify\x00"
+)
+
+var signaturePadding = []byte{
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+ 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20,
+}
+
+// signedMessage returns the pre-hashed (if necessary) message to be signed by
+// certificate keys in TLS 1.3. See RFC 8446, Section 4.4.3.
+func signedMessage(sigHash crypto.Hash, context string, transcript hash.Hash) []byte {
+ if sigHash == directSigning {
+ b := &bytes.Buffer{}
+ b.Write(signaturePadding)
+ io.WriteString(b, context)
+ b.Write(transcript.Sum(nil))
+ return b.Bytes()
+ }
+ h := sigHash.New()
+ h.Write(signaturePadding)
+ io.WriteString(h, context)
+ h.Write(transcript.Sum(nil))
+ return h.Sum(nil)
+}
+
+// typeAndHashFromSignatureScheme returns the corresponding signature type and
+// crypto.Hash for a given TLS SignatureScheme.
+func typeAndHashFromSignatureScheme(signatureAlgorithm SignatureScheme) (sigType uint8, hash crypto.Hash, err error) {
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512:
+ sigType = signaturePKCS1v15
+ case PSSWithSHA256, PSSWithSHA384, PSSWithSHA512:
+ sigType = signatureRSAPSS
+ case ECDSAWithSHA1, ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512:
+ sigType = signatureECDSA
+ case Ed25519:
+ sigType = signatureEd25519
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ switch signatureAlgorithm {
+ case PKCS1WithSHA1, ECDSAWithSHA1:
+ hash = crypto.SHA1
+ case PKCS1WithSHA256, PSSWithSHA256, ECDSAWithP256AndSHA256:
+ hash = crypto.SHA256
+ case PKCS1WithSHA384, PSSWithSHA384, ECDSAWithP384AndSHA384:
+ hash = crypto.SHA384
+ case PKCS1WithSHA512, PSSWithSHA512, ECDSAWithP521AndSHA512:
+ hash = crypto.SHA512
+ case Ed25519:
+ hash = directSigning
+ default:
+ return 0, 0, fmt.Errorf("unsupported signature algorithm: %v", signatureAlgorithm)
+ }
+ return sigType, hash, nil
+}
+
+// legacyTypeAndHashFromPublicKey returns the fixed signature type and crypto.Hash for
+// a given public key used with TLS 1.0 and 1.1, before the introduction of
+// signature algorithm negotiation.
+func legacyTypeAndHashFromPublicKey(pub crypto.PublicKey) (sigType uint8, hash crypto.Hash, err error) {
+ switch pub.(type) {
+ case *rsa.PublicKey:
+ return signaturePKCS1v15, crypto.MD5SHA1, nil
+ case *ecdsa.PublicKey:
+ return signatureECDSA, crypto.SHA1, nil
+ case ed25519.PublicKey:
+ // RFC 8422 specifies support for Ed25519 in TLS 1.0 and 1.1,
+ // but it requires holding on to a handshake transcript to do a
+ // full signature, and not even OpenSSL bothers with the
+ // complexity, so we can't even test it properly.
+ return 0, 0, fmt.Errorf("tls: Ed25519 public keys are not supported before TLS 1.2")
+ default:
+ return 0, 0, fmt.Errorf("tls: unsupported public key: %T", pub)
+ }
+}
+
+var rsaSignatureSchemes = []struct {
+ scheme SignatureScheme
+ minModulusBytes int
+ maxVersion uint16
+}{
+ // RSA-PSS is used with PSSSaltLengthEqualsHash, and requires
+ // emLen >= hLen + sLen + 2
+ {PSSWithSHA256, crypto.SHA256.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA384, crypto.SHA384.Size()*2 + 2, VersionTLS13},
+ {PSSWithSHA512, crypto.SHA512.Size()*2 + 2, VersionTLS13},
+ // PKCS #1 v1.5 uses prefixes from hashPrefixes in crypto/rsa, and requires
+ // emLen >= len(prefix) + hLen + 11
+ // TLS 1.3 dropped support for PKCS #1 v1.5 in favor of RSA-PSS.
+ {PKCS1WithSHA256, 19 + crypto.SHA256.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA384, 19 + crypto.SHA384.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA512, 19 + crypto.SHA512.Size() + 11, VersionTLS12},
+ {PKCS1WithSHA1, 15 + crypto.SHA1.Size() + 11, VersionTLS12},
+}
+
+// signatureSchemesForCertificate returns the list of supported SignatureSchemes
+// for a given certificate, based on the public key and the protocol version,
+// and optionally filtered by its explicit SupportedSignatureAlgorithms.
+//
+// This function must be kept in sync with supportedSignatureAlgorithms.
+func signatureSchemesForCertificate(version uint16, cert *Certificate) []SignatureScheme {
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil
+ }
+
+ var sigAlgs []SignatureScheme
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ if version != VersionTLS13 {
+ // In TLS 1.2 and earlier, ECDSA algorithms are not
+ // constrained to a single curve.
+ sigAlgs = []SignatureScheme{
+ ECDSAWithP256AndSHA256,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ ECDSAWithSHA1,
+ }
+ break
+ }
+ switch pub.Curve {
+ case elliptic.P256():
+ sigAlgs = []SignatureScheme{ECDSAWithP256AndSHA256}
+ case elliptic.P384():
+ sigAlgs = []SignatureScheme{ECDSAWithP384AndSHA384}
+ case elliptic.P521():
+ sigAlgs = []SignatureScheme{ECDSAWithP521AndSHA512}
+ default:
+ return nil
+ }
+ case *rsa.PublicKey:
+ size := pub.Size()
+ sigAlgs = make([]SignatureScheme, 0, len(rsaSignatureSchemes))
+ for _, candidate := range rsaSignatureSchemes {
+ if size >= candidate.minModulusBytes && version <= candidate.maxVersion {
+ sigAlgs = append(sigAlgs, candidate.scheme)
+ }
+ }
+ case ed25519.PublicKey:
+ sigAlgs = []SignatureScheme{Ed25519}
+ default:
+ return nil
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ var filteredSigAlgs []SignatureScheme
+ for _, sigAlg := range sigAlgs {
+ if isSupportedSignatureAlgorithm(sigAlg, cert.SupportedSignatureAlgorithms) {
+ filteredSigAlgs = append(filteredSigAlgs, sigAlg)
+ }
+ }
+ return filteredSigAlgs
+ }
+ return sigAlgs
+}
+
+// selectSignatureScheme picks a SignatureScheme from the peer's preference list
+// that works with the selected certificate. It's only called for protocol
+// versions that support signature algorithms, so TLS 1.2 and 1.3.
+func selectSignatureScheme(vers uint16, c *Certificate, peerAlgs []SignatureScheme) (SignatureScheme, error) {
+ supportedAlgs := signatureSchemesForCertificate(vers, c)
+ if len(supportedAlgs) == 0 {
+ return 0, unsupportedCertificateError(c)
+ }
+ if len(peerAlgs) == 0 && vers == VersionTLS12 {
+ // For TLS 1.2, if the client didn't send signature_algorithms then we
+ // can assume that it supports SHA1. See RFC 5246, Section 7.4.1.4.1.
+ peerAlgs = []SignatureScheme{PKCS1WithSHA1, ECDSAWithSHA1}
+ }
+ // Pick signature scheme in the peer's preference order, as our
+ // preference order is not configurable.
+ for _, preferredAlg := range peerAlgs {
+ if isSupportedSignatureAlgorithm(preferredAlg, supportedAlgs) {
+ return preferredAlg, nil
+ }
+ }
+ return 0, errors.New("tls: peer doesn't support any of the certificate's signature algorithms")
+}
+
+// unsupportedCertificateError returns a helpful error for certificates with
+// an unsupported private key.
+func unsupportedCertificateError(cert *Certificate) error {
+ switch cert.PrivateKey.(type) {
+ case rsa.PrivateKey, ecdsa.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is %T, expected *%T",
+ cert.PrivateKey, cert.PrivateKey)
+ case *ed25519.PrivateKey:
+ return fmt.Errorf("tls: unsupported certificate: private key is *ed25519.PrivateKey, expected ed25519.PrivateKey")
+ }
+
+ signer, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return fmt.Errorf("tls: certificate private key (%T) does not implement crypto.Signer",
+ cert.PrivateKey)
+ }
+
+ switch pub := signer.Public().(type) {
+ case *ecdsa.PublicKey:
+ switch pub.Curve {
+ case elliptic.P256():
+ case elliptic.P384():
+ case elliptic.P521():
+ default:
+ return fmt.Errorf("tls: unsupported certificate curve (%s)", pub.Curve.Params().Name)
+ }
+ case *rsa.PublicKey:
+ return fmt.Errorf("tls: certificate RSA key size too small for supported signature algorithms")
+ case ed25519.PublicKey:
+ default:
+ return fmt.Errorf("tls: unsupported certificate key (%T)", pub)
+ }
+
+ if cert.SupportedSignatureAlgorithms != nil {
+ return fmt.Errorf("tls: peer doesn't support the certificate custom signature algorithms")
+ }
+
+ return fmt.Errorf("tls: internal error: unsupported key (%T)", cert.PrivateKey)
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/cipher_suites.go b/vendor/github.com/marten-seemann/qtls-go1-17/cipher_suites.go
new file mode 100644
index 00000000..f2846642
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/cipher_suites.go
@@ -0,0 +1,705 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/des"
+ "crypto/hmac"
+ "crypto/rc4"
+ "crypto/sha1"
+ "crypto/sha256"
+ "fmt"
+ "hash"
+ "runtime"
+
+ "golang.org/x/crypto/chacha20poly1305"
+ "golang.org/x/sys/cpu"
+)
+
+// CipherSuite is a TLS cipher suite. Note that most functions in this package
+// accept and expose cipher suite IDs instead of this type.
+type CipherSuite struct {
+ ID uint16
+ Name string
+
+ // Supported versions is the list of TLS protocol versions that can
+ // negotiate this cipher suite.
+ SupportedVersions []uint16
+
+ // Insecure is true if the cipher suite has known security issues
+ // due to its primitives, design, or implementation.
+ Insecure bool
+}
+
+var (
+ supportedUpToTLS12 = []uint16{VersionTLS10, VersionTLS11, VersionTLS12}
+ supportedOnlyTLS12 = []uint16{VersionTLS12}
+ supportedOnlyTLS13 = []uint16{VersionTLS13}
+)
+
+// CipherSuites returns a list of cipher suites currently implemented by this
+// package, excluding those with security issues, which are returned by
+// InsecureCipherSuites.
+//
+// The list is sorted by ID. Note that the default cipher suites selected by
+// this package might depend on logic that can't be captured by a static list,
+// and might not match those returned by this function.
+func CipherSuites() []*CipherSuite {
+ return []*CipherSuite{
+ {TLS_RSA_WITH_AES_128_CBC_SHA, "TLS_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, "TLS_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, "TLS_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, "TLS_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+
+ {TLS_AES_128_GCM_SHA256, "TLS_AES_128_GCM_SHA256", supportedOnlyTLS13, false},
+ {TLS_AES_256_GCM_SHA384, "TLS_AES_256_GCM_SHA384", supportedOnlyTLS13, false},
+ {TLS_CHACHA20_POLY1305_SHA256, "TLS_CHACHA20_POLY1305_SHA256", supportedOnlyTLS13, false},
+
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", supportedUpToTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", supportedOnlyTLS12, false},
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256", supportedOnlyTLS12, false},
+ }
+}
+
+// InsecureCipherSuites returns a list of cipher suites currently implemented by
+// this package and which have security issues.
+//
+// Most applications should not use the cipher suites in this list, and should
+// only use those returned by CipherSuites.
+func InsecureCipherSuites() []*CipherSuite {
+ // This list includes RC4, CBC_SHA256, and 3DES cipher suites. See
+ // cipherSuitesPreferenceOrder for details.
+ return []*CipherSuite{
+ {TLS_RSA_WITH_RC4_128_SHA, "TLS_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, true},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, "TLS_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, "TLS_ECDHE_RSA_WITH_RC4_128_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", supportedUpToTLS12, true},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", supportedOnlyTLS12, true},
+ }
+}
+
+// CipherSuiteName returns the standard name for the passed cipher suite ID
+// (e.g. "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"), or a fallback representation
+// of the ID value if the cipher suite is not implemented by this package.
+func CipherSuiteName(id uint16) string {
+ for _, c := range CipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ for _, c := range InsecureCipherSuites() {
+ if c.ID == id {
+ return c.Name
+ }
+ }
+ return fmt.Sprintf("0x%04X", id)
+}
+
+const (
+ // suiteECDHE indicates that the cipher suite involves elliptic curve
+ // Diffie-Hellman. This means that it should only be selected when the
+ // client indicates that it supports ECC with a curve and point format
+ // that we're happy with.
+ suiteECDHE = 1 << iota
+ // suiteECSign indicates that the cipher suite involves an ECDSA or
+ // EdDSA signature and therefore may only be selected when the server's
+ // certificate is ECDSA or EdDSA. If this is not set then the cipher suite
+ // is RSA based.
+ suiteECSign
+ // suiteTLS12 indicates that the cipher suite should only be advertised
+ // and accepted when using TLS 1.2.
+ suiteTLS12
+ // suiteSHA384 indicates that the cipher suite uses SHA384 as the
+ // handshake hash.
+ suiteSHA384
+)
+
+// A cipherSuite is a TLS 1.0–1.2 cipher suite, and defines the key exchange
+// mechanism, as well as the cipher+MAC pair or the AEAD.
+type cipherSuite struct {
+ id uint16
+ // the lengths, in bytes, of the key material needed for each component.
+ keyLen int
+ macLen int
+ ivLen int
+ ka func(version uint16) keyAgreement
+ // flags is a bitmask of the suite* values, above.
+ flags int
+ cipher func(key, iv []byte, isRead bool) interface{}
+ mac func(key []byte) hash.Hash
+ aead func(key, fixedNonce []byte) aead
+}
+
+var cipherSuites = []*cipherSuite{ // TODO: replace with a map, since the order doesn't matter.
+ {TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, 32, 0, 12, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadChaCha20Poly1305},
+ {TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheRSAKA, suiteECDHE | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheRSAKA, suiteECDHE | suiteTLS12, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteTLS12, cipherAES, macSHA256, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, 16, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheRSAKA, suiteECDHE, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, 32, 20, 16, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_128_GCM_SHA256, 16, 0, 4, rsaKA, suiteTLS12, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_256_GCM_SHA384, 32, 0, 4, rsaKA, suiteTLS12 | suiteSHA384, nil, nil, aeadAESGCM},
+ {TLS_RSA_WITH_AES_128_CBC_SHA256, 16, 32, 16, rsaKA, suiteTLS12, cipherAES, macSHA256, nil},
+ {TLS_RSA_WITH_AES_128_CBC_SHA, 16, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_RSA_WITH_AES_256_CBC_SHA, 32, 20, 16, rsaKA, 0, cipherAES, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, ecdheRSAKA, suiteECDHE, cipher3DES, macSHA1, nil},
+ {TLS_RSA_WITH_3DES_EDE_CBC_SHA, 24, 20, 8, rsaKA, 0, cipher3DES, macSHA1, nil},
+ {TLS_RSA_WITH_RC4_128_SHA, 16, 20, 0, rsaKA, 0, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_RSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheRSAKA, suiteECDHE, cipherRC4, macSHA1, nil},
+ {TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheECDSAKA, suiteECDHE | suiteECSign, cipherRC4, macSHA1, nil},
+}
+
+// selectCipherSuite returns the first TLS 1.0–1.2 cipher suite from ids which
+// is also in supportedIDs and passes the ok filter.
+func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite {
+ for _, id := range ids {
+ candidate := cipherSuiteByID(id)
+ if candidate == nil || !ok(candidate) {
+ continue
+ }
+
+ for _, suppID := range supportedIDs {
+ if id == suppID {
+ return candidate
+ }
+ }
+ }
+ return nil
+}
+
+// A cipherSuiteTLS13 defines only the pair of the AEAD algorithm and hash
+// algorithm to be used with HKDF. See RFC 8446, Appendix B.4.
+type cipherSuiteTLS13 struct {
+ id uint16
+ keyLen int
+ aead func(key, fixedNonce []byte) aead
+ hash crypto.Hash
+}
+
+type CipherSuiteTLS13 struct {
+ ID uint16
+ KeyLen int
+ Hash crypto.Hash
+ AEAD func(key, fixedNonce []byte) cipher.AEAD
+}
+
+func (c *CipherSuiteTLS13) IVLen() int {
+ return aeadNonceLength
+}
+
+var cipherSuitesTLS13 = []*cipherSuiteTLS13{ // TODO: replace with a map.
+ {TLS_AES_128_GCM_SHA256, 16, aeadAESGCMTLS13, crypto.SHA256},
+ {TLS_CHACHA20_POLY1305_SHA256, 32, aeadChaCha20Poly1305, crypto.SHA256},
+ {TLS_AES_256_GCM_SHA384, 32, aeadAESGCMTLS13, crypto.SHA384},
+}
+
+// cipherSuitesPreferenceOrder is the order in which we'll select (on the
+// server) or advertise (on the client) TLS 1.0–1.2 cipher suites.
+//
+// Cipher suites are filtered but not reordered based on the application and
+// peer's preferences, meaning we'll never select a suite lower in this list if
+// any higher one is available. This makes it more defensible to keep weaker
+// cipher suites enabled, especially on the server side where we get the last
+// word, since there are no known downgrade attacks on cipher suites selection.
+//
+// The list is sorted by applying the following priority rules, stopping at the
+// first (most important) applicable one:
+//
+// - Anything else comes before RC4
+//
+// RC4 has practically exploitable biases. See https://www.rc4nomore.com.
+//
+// - Anything else comes before CBC_SHA256
+//
+// SHA-256 variants of the CBC ciphersuites don't implement any Lucky13
+// countermeasures. See http://www.isg.rhul.ac.uk/tls/Lucky13.html and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+//
+// - Anything else comes before 3DES
+//
+// 3DES has 64-bit blocks, which makes it fundamentally susceptible to
+// birthday attacks. See https://sweet32.info.
+//
+// - ECDHE comes before anything else
+//
+// Once we got the broken stuff out of the way, the most important
+// property a cipher suite can have is forward secrecy. We don't
+// implement FFDHE, so that means ECDHE.
+//
+// - AEADs come before CBC ciphers
+//
+// Even with Lucky13 countermeasures, MAC-then-Encrypt CBC cipher suites
+// are fundamentally fragile, and suffered from an endless sequence of
+// padding oracle attacks. See https://eprint.iacr.org/2015/1129,
+// https://www.imperialviolet.org/2014/12/08/poodleagain.html, and
+// https://blog.cloudflare.com/yet-another-padding-oracle-in-openssl-cbc-ciphersuites/.
+//
+// - AES comes before ChaCha20
+//
+// When AES hardware is available, AES-128-GCM and AES-256-GCM are faster
+// than ChaCha20Poly1305.
+//
+// When AES hardware is not available, AES-128-GCM is one or more of: much
+// slower, way more complex, and less safe (because not constant time)
+// than ChaCha20Poly1305.
+//
+// We use this list if we think both peers have AES hardware, and
+// cipherSuitesPreferenceOrderNoAES otherwise.
+//
+// - AES-128 comes before AES-256
+//
+// The only potential advantages of AES-256 are better multi-target
+// margins, and hypothetical post-quantum properties. Neither apply to
+// TLS, and AES-256 is slower due to its four extra rounds (which don't
+// contribute to the advantages above).
+//
+// - ECDSA comes before RSA
+//
+// The relative order of ECDSA and RSA cipher suites doesn't matter,
+// as they depend on the certificate. Pick one to get a stable order.
+//
+var cipherSuitesPreferenceOrder = []uint16{
+ // AEADs w/ ECDHE
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+
+ // CBC w/ ECDHE
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+
+ // AEADs w/o ECDHE
+ TLS_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_RSA_WITH_AES_256_GCM_SHA384,
+
+ // CBC w/o ECDHE
+ TLS_RSA_WITH_AES_128_CBC_SHA,
+ TLS_RSA_WITH_AES_256_CBC_SHA,
+
+ // 3DES
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+
+ // CBC_SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_RSA_WITH_AES_128_CBC_SHA256,
+
+ // RC4
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_SHA,
+}
+
+var cipherSuitesPreferenceOrderNoAES = []uint16{
+ // ChaCha20Poly1305
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
+
+ // AES-GCM w/ ECDHE
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+
+ // The rest of cipherSuitesPreferenceOrder.
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+ TLS_RSA_WITH_AES_128_GCM_SHA256,
+ TLS_RSA_WITH_AES_256_GCM_SHA384,
+ TLS_RSA_WITH_AES_128_CBC_SHA,
+ TLS_RSA_WITH_AES_256_CBC_SHA,
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA,
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_SHA,
+}
+
+// disabledCipherSuites are not used unless explicitly listed in
+// Config.CipherSuites. They MUST be at the end of cipherSuitesPreferenceOrder.
+var disabledCipherSuites = []uint16{
+ // CBC_SHA256
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+ TLS_RSA_WITH_AES_128_CBC_SHA256,
+
+ // RC4
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA,
+ TLS_RSA_WITH_RC4_128_SHA,
+}
+
+var (
+ defaultCipherSuitesLen = len(cipherSuitesPreferenceOrder) - len(disabledCipherSuites)
+ defaultCipherSuites = cipherSuitesPreferenceOrder[:defaultCipherSuitesLen]
+)
+
+// defaultCipherSuitesTLS13 is also the preference order, since there are no
+// disabled by default TLS 1.3 cipher suites. The same AES vs ChaCha20 logic as
+// cipherSuitesPreferenceOrder applies.
+var defaultCipherSuitesTLS13 = []uint16{
+ TLS_AES_128_GCM_SHA256,
+ TLS_AES_256_GCM_SHA384,
+ TLS_CHACHA20_POLY1305_SHA256,
+}
+
+var defaultCipherSuitesTLS13NoAES = []uint16{
+ TLS_CHACHA20_POLY1305_SHA256,
+ TLS_AES_128_GCM_SHA256,
+ TLS_AES_256_GCM_SHA384,
+}
+
+var (
+ hasGCMAsmAMD64 = cpu.X86.HasAES && cpu.X86.HasPCLMULQDQ
+ hasGCMAsmARM64 = cpu.ARM64.HasAES && cpu.ARM64.HasPMULL
+ // Keep in sync with crypto/aes/cipher_s390x.go.
+ hasGCMAsmS390X = cpu.S390X.HasAES && cpu.S390X.HasAESCBC && cpu.S390X.HasAESCTR &&
+ (cpu.S390X.HasGHASH || cpu.S390X.HasAESGCM)
+
+ hasAESGCMHardwareSupport = runtime.GOARCH == "amd64" && hasGCMAsmAMD64 ||
+ runtime.GOARCH == "arm64" && hasGCMAsmARM64 ||
+ runtime.GOARCH == "s390x" && hasGCMAsmS390X
+)
+
+var aesgcmCiphers = map[uint16]bool{
+ // TLS 1.2
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: true,
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: true,
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: true,
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: true,
+ // TLS 1.3
+ TLS_AES_128_GCM_SHA256: true,
+ TLS_AES_256_GCM_SHA384: true,
+}
+
+var nonAESGCMAEADCiphers = map[uint16]bool{
+ // TLS 1.2
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305: true,
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305: true,
+ // TLS 1.3
+ TLS_CHACHA20_POLY1305_SHA256: true,
+}
+
+// aesgcmPreferred returns whether the first known cipher in the preference list
+// is an AES-GCM cipher, implying the peer has hardware support for it.
+func aesgcmPreferred(ciphers []uint16) bool {
+ for _, cID := range ciphers {
+ if c := cipherSuiteByID(cID); c != nil {
+ return aesgcmCiphers[cID]
+ }
+ if c := cipherSuiteTLS13ByID(cID); c != nil {
+ return aesgcmCiphers[cID]
+ }
+ }
+ return false
+}
+
+func cipherRC4(key, iv []byte, isRead bool) interface{} {
+ cipher, _ := rc4.NewCipher(key)
+ return cipher
+}
+
+func cipher3DES(key, iv []byte, isRead bool) interface{} {
+ block, _ := des.NewTripleDESCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+func cipherAES(key, iv []byte, isRead bool) interface{} {
+ block, _ := aes.NewCipher(key)
+ if isRead {
+ return cipher.NewCBCDecrypter(block, iv)
+ }
+ return cipher.NewCBCEncrypter(block, iv)
+}
+
+// macSHA1 returns a SHA-1 based constant time MAC.
+func macSHA1(key []byte) hash.Hash {
+ return hmac.New(newConstantTimeHash(sha1.New), key)
+}
+
+// macSHA256 returns a SHA-256 based MAC. This is only supported in TLS 1.2 and
+// is currently only used in disabled-by-default cipher suites.
+func macSHA256(key []byte) hash.Hash {
+ return hmac.New(sha256.New, key)
+}
+
+type aead interface {
+ cipher.AEAD
+
+ // explicitNonceLen returns the number of bytes of explicit nonce
+ // included in each record. This is eight for older AEADs and
+ // zero for modern ones.
+ explicitNonceLen() int
+}
+
+const (
+ aeadNonceLength = 12
+ noncePrefixLength = 4
+)
+
+// prefixNonceAEAD wraps an AEAD and prefixes a fixed portion of the nonce to
+// each call.
+type prefixNonceAEAD struct {
+ // nonce contains the fixed part of the nonce in the first four bytes.
+ nonce [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *prefixNonceAEAD) NonceSize() int { return aeadNonceLength - noncePrefixLength }
+func (f *prefixNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *prefixNonceAEAD) explicitNonceLen() int { return f.NonceSize() }
+
+func (f *prefixNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Seal(out, f.nonce[:], plaintext, additionalData)
+}
+
+func (f *prefixNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ copy(f.nonce[4:], nonce)
+ return f.aead.Open(out, f.nonce[:], ciphertext, additionalData)
+}
+
+// xoredNonceAEAD wraps an AEAD by XORing in a fixed pattern to the nonce
+// before each call.
+type xorNonceAEAD struct {
+ nonceMask [aeadNonceLength]byte
+ aead cipher.AEAD
+}
+
+func (f *xorNonceAEAD) NonceSize() int { return 8 } // 64-bit sequence number
+func (f *xorNonceAEAD) Overhead() int { return f.aead.Overhead() }
+func (f *xorNonceAEAD) explicitNonceLen() int { return 0 }
+
+func (f *xorNonceAEAD) Seal(out, nonce, plaintext, additionalData []byte) []byte {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result := f.aead.Seal(out, f.nonceMask[:], plaintext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result
+}
+
+func (f *xorNonceAEAD) Open(out, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+ result, err := f.aead.Open(out, f.nonceMask[:], ciphertext, additionalData)
+ for i, b := range nonce {
+ f.nonceMask[4+i] ^= b
+ }
+
+ return result, err
+}
+
+func aeadAESGCM(key, noncePrefix []byte) aead {
+ if len(noncePrefix) != noncePrefixLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &prefixNonceAEAD{aead: aead}
+ copy(ret.nonce[:], noncePrefix)
+ return ret
+}
+
+// AEADAESGCMTLS13 creates a new AES-GCM AEAD for TLS 1.3
+func AEADAESGCMTLS13(key, fixedNonce []byte) cipher.AEAD {
+ return aeadAESGCMTLS13(key, fixedNonce)
+}
+
+func aeadAESGCMTLS13(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aes, err := aes.NewCipher(key)
+ if err != nil {
+ panic(err)
+ }
+ aead, err := cipher.NewGCM(aes)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+func aeadChaCha20Poly1305(key, nonceMask []byte) aead {
+ if len(nonceMask) != aeadNonceLength {
+ panic("tls: internal error: wrong nonce length")
+ }
+ aead, err := chacha20poly1305.New(key)
+ if err != nil {
+ panic(err)
+ }
+
+ ret := &xorNonceAEAD{aead: aead}
+ copy(ret.nonceMask[:], nonceMask)
+ return ret
+}
+
+type constantTimeHash interface {
+ hash.Hash
+ ConstantTimeSum(b []byte) []byte
+}
+
+// cthWrapper wraps any hash.Hash that implements ConstantTimeSum, and replaces
+// with that all calls to Sum. It's used to obtain a ConstantTimeSum-based HMAC.
+type cthWrapper struct {
+ h constantTimeHash
+}
+
+func (c *cthWrapper) Size() int { return c.h.Size() }
+func (c *cthWrapper) BlockSize() int { return c.h.BlockSize() }
+func (c *cthWrapper) Reset() { c.h.Reset() }
+func (c *cthWrapper) Write(p []byte) (int, error) { return c.h.Write(p) }
+func (c *cthWrapper) Sum(b []byte) []byte { return c.h.ConstantTimeSum(b) }
+
+func newConstantTimeHash(h func() hash.Hash) func() hash.Hash {
+ return func() hash.Hash {
+ return &cthWrapper{h().(constantTimeHash)}
+ }
+}
+
+// tls10MAC implements the TLS 1.0 MAC function. RFC 2246, Section 6.2.3.
+func tls10MAC(h hash.Hash, out, seq, header, data, extra []byte) []byte {
+ h.Reset()
+ h.Write(seq)
+ h.Write(header)
+ h.Write(data)
+ res := h.Sum(out)
+ if extra != nil {
+ h.Write(extra)
+ }
+ return res
+}
+
+func rsaKA(version uint16) keyAgreement {
+ return rsaKeyAgreement{}
+}
+
+func ecdheECDSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: false,
+ version: version,
+ }
+}
+
+func ecdheRSAKA(version uint16) keyAgreement {
+ return &ecdheKeyAgreement{
+ isRSA: true,
+ version: version,
+ }
+}
+
+// mutualCipherSuite returns a cipherSuite given a list of supported
+// ciphersuites and the id requested by the peer.
+func mutualCipherSuite(have []uint16, want uint16) *cipherSuite {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteByID(id uint16) *cipherSuite {
+ for _, cipherSuite := range cipherSuites {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+func mutualCipherSuiteTLS13(have []uint16, want uint16) *cipherSuiteTLS13 {
+ for _, id := range have {
+ if id == want {
+ return cipherSuiteTLS13ByID(id)
+ }
+ }
+ return nil
+}
+
+func cipherSuiteTLS13ByID(id uint16) *cipherSuiteTLS13 {
+ for _, cipherSuite := range cipherSuitesTLS13 {
+ if cipherSuite.id == id {
+ return cipherSuite
+ }
+ }
+ return nil
+}
+
+// A list of cipher suite IDs that are, or have been, implemented by this
+// package.
+//
+// See https://www.iana.org/assignments/tls-parameters/tls-parameters.xml
+const (
+ // TLS 1.0 - 1.2 cipher suites.
+ TLS_RSA_WITH_RC4_128_SHA uint16 = 0x0005
+ TLS_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0x000a
+ TLS_RSA_WITH_AES_128_CBC_SHA uint16 = 0x002f
+ TLS_RSA_WITH_AES_256_CBC_SHA uint16 = 0x0035
+ TLS_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0x003c
+ TLS_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0x009c
+ TLS_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0x009d
+ TLS_ECDHE_ECDSA_WITH_RC4_128_SHA uint16 = 0xc007
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA uint16 = 0xc009
+ TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA uint16 = 0xc00a
+ TLS_ECDHE_RSA_WITH_RC4_128_SHA uint16 = 0xc011
+ TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA uint16 = 0xc012
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA uint16 = 0xc013
+ TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA uint16 = 0xc014
+ TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc023
+ TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 uint16 = 0xc027
+ TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02f
+ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 uint16 = 0xc02b
+ TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc030
+ TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 uint16 = 0xc02c
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca8
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 uint16 = 0xcca9
+
+ // TLS 1.3 cipher suites.
+ TLS_AES_128_GCM_SHA256 uint16 = 0x1301
+ TLS_AES_256_GCM_SHA384 uint16 = 0x1302
+ TLS_CHACHA20_POLY1305_SHA256 uint16 = 0x1303
+
+ // TLS_FALLBACK_SCSV isn't a standard cipher suite but an indicator
+ // that the client is doing version fallback. See RFC 7507.
+ TLS_FALLBACK_SCSV uint16 = 0x5600
+
+ // Legacy names for the corresponding cipher suites with the correct _SHA256
+ // suffix, retained for backward compatibility.
+ TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/common.go b/vendor/github.com/marten-seemann/qtls-go1-17/common.go
new file mode 100644
index 00000000..8a9b6804
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/common.go
@@ -0,0 +1,1485 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "container/list"
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/elliptic"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/sha512"
+ "crypto/tls"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "strings"
+ "sync"
+ "time"
+)
+
+const (
+ VersionTLS10 = 0x0301
+ VersionTLS11 = 0x0302
+ VersionTLS12 = 0x0303
+ VersionTLS13 = 0x0304
+
+ // Deprecated: SSLv3 is cryptographically broken, and is no longer
+ // supported by this package. See golang.org/issue/32716.
+ VersionSSL30 = 0x0300
+)
+
+const (
+ maxPlaintext = 16384 // maximum plaintext payload length
+ maxCiphertext = 16384 + 2048 // maximum ciphertext payload length
+ maxCiphertextTLS13 = 16384 + 256 // maximum ciphertext length in TLS 1.3
+ recordHeaderLen = 5 // record header length
+ maxHandshake = 65536 // maximum handshake we support (protocol max is 16 MB)
+ maxUselessRecords = 16 // maximum number of consecutive non-advancing records
+)
+
+// TLS record types.
+type recordType uint8
+
+const (
+ recordTypeChangeCipherSpec recordType = 20
+ recordTypeAlert recordType = 21
+ recordTypeHandshake recordType = 22
+ recordTypeApplicationData recordType = 23
+)
+
+// TLS handshake message types.
+const (
+ typeHelloRequest uint8 = 0
+ typeClientHello uint8 = 1
+ typeServerHello uint8 = 2
+ typeNewSessionTicket uint8 = 4
+ typeEndOfEarlyData uint8 = 5
+ typeEncryptedExtensions uint8 = 8
+ typeCertificate uint8 = 11
+ typeServerKeyExchange uint8 = 12
+ typeCertificateRequest uint8 = 13
+ typeServerHelloDone uint8 = 14
+ typeCertificateVerify uint8 = 15
+ typeClientKeyExchange uint8 = 16
+ typeFinished uint8 = 20
+ typeCertificateStatus uint8 = 22
+ typeKeyUpdate uint8 = 24
+ typeNextProtocol uint8 = 67 // Not IANA assigned
+ typeMessageHash uint8 = 254 // synthetic message
+)
+
+// TLS compression types.
+const (
+ compressionNone uint8 = 0
+)
+
+type Extension struct {
+ Type uint16
+ Data []byte
+}
+
+// TLS extension numbers
+const (
+ extensionServerName uint16 = 0
+ extensionStatusRequest uint16 = 5
+ extensionSupportedCurves uint16 = 10 // supported_groups in TLS 1.3, see RFC 8446, Section 4.2.7
+ extensionSupportedPoints uint16 = 11
+ extensionSignatureAlgorithms uint16 = 13
+ extensionALPN uint16 = 16
+ extensionSCT uint16 = 18
+ extensionSessionTicket uint16 = 35
+ extensionPreSharedKey uint16 = 41
+ extensionEarlyData uint16 = 42
+ extensionSupportedVersions uint16 = 43
+ extensionCookie uint16 = 44
+ extensionPSKModes uint16 = 45
+ extensionCertificateAuthorities uint16 = 47
+ extensionSignatureAlgorithmsCert uint16 = 50
+ extensionKeyShare uint16 = 51
+ extensionRenegotiationInfo uint16 = 0xff01
+)
+
+// TLS signaling cipher suite values
+const (
+ scsvRenegotiation uint16 = 0x00ff
+)
+
+type EncryptionLevel uint8
+
+const (
+ EncryptionHandshake EncryptionLevel = iota
+ Encryption0RTT
+ EncryptionApplication
+)
+
+// CurveID is a tls.CurveID
+type CurveID = tls.CurveID
+
+const (
+ CurveP256 CurveID = 23
+ CurveP384 CurveID = 24
+ CurveP521 CurveID = 25
+ X25519 CurveID = 29
+)
+
+// TLS 1.3 Key Share. See RFC 8446, Section 4.2.8.
+type keyShare struct {
+ group CurveID
+ data []byte
+}
+
+// TLS 1.3 PSK Key Exchange Modes. See RFC 8446, Section 4.2.9.
+const (
+ pskModePlain uint8 = 0
+ pskModeDHE uint8 = 1
+)
+
+// TLS 1.3 PSK Identity. Can be a Session Ticket, or a reference to a saved
+// session. See RFC 8446, Section 4.2.11.
+type pskIdentity struct {
+ label []byte
+ obfuscatedTicketAge uint32
+}
+
+// TLS Elliptic Curve Point Formats
+// https://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-9
+const (
+ pointFormatUncompressed uint8 = 0
+)
+
+// TLS CertificateStatusType (RFC 3546)
+const (
+ statusTypeOCSP uint8 = 1
+)
+
+// Certificate types (for certificateRequestMsg)
+const (
+ certTypeRSASign = 1
+ certTypeECDSASign = 64 // ECDSA or EdDSA keys, see RFC 8422, Section 3.
+)
+
+// Signature algorithms (for internal signaling use). Starting at 225 to avoid overlap with
+// TLS 1.2 codepoints (RFC 5246, Appendix A.4.1), with which these have nothing to do.
+const (
+ signaturePKCS1v15 uint8 = iota + 225
+ signatureRSAPSS
+ signatureECDSA
+ signatureEd25519
+)
+
+// directSigning is a standard Hash value that signals that no pre-hashing
+// should be performed, and that the input should be signed directly. It is the
+// hash function associated with the Ed25519 signature scheme.
+var directSigning crypto.Hash = 0
+
+// supportedSignatureAlgorithms contains the signature and hash algorithms that
+// the code advertises as supported in a TLS 1.2+ ClientHello and in a TLS 1.2+
+// CertificateRequest. The two fields are merged to match with TLS 1.3.
+// Note that in TLS 1.2, the ECDSA algorithms are not constrained to P-256, etc.
+var supportedSignatureAlgorithms = []SignatureScheme{
+ PSSWithSHA256,
+ ECDSAWithP256AndSHA256,
+ Ed25519,
+ PSSWithSHA384,
+ PSSWithSHA512,
+ PKCS1WithSHA256,
+ PKCS1WithSHA384,
+ PKCS1WithSHA512,
+ ECDSAWithP384AndSHA384,
+ ECDSAWithP521AndSHA512,
+ PKCS1WithSHA1,
+ ECDSAWithSHA1,
+}
+
+// helloRetryRequestRandom is set as the Random value of a ServerHello
+// to signal that the message is actually a HelloRetryRequest.
+var helloRetryRequestRandom = []byte{ // See RFC 8446, Section 4.1.3.
+ 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11,
+ 0xBE, 0x1D, 0x8C, 0x02, 0x1E, 0x65, 0xB8, 0x91,
+ 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, 0x8C, 0x5E,
+ 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C,
+}
+
+const (
+ // downgradeCanaryTLS12 or downgradeCanaryTLS11 is embedded in the server
+ // random as a downgrade protection if the server would be capable of
+ // negotiating a higher version. See RFC 8446, Section 4.1.3.
+ downgradeCanaryTLS12 = "DOWNGRD\x01"
+ downgradeCanaryTLS11 = "DOWNGRD\x00"
+)
+
+// testingOnlyForceDowngradeCanary is set in tests to force the server side to
+// include downgrade canaries even if it's using its highers supported version.
+var testingOnlyForceDowngradeCanary bool
+
+type ConnectionState = tls.ConnectionState
+
+// ConnectionState records basic TLS details about the connection.
+type connectionState struct {
+ // Version is the TLS version used by the connection (e.g. VersionTLS12).
+ Version uint16
+
+ // HandshakeComplete is true if the handshake has concluded.
+ HandshakeComplete bool
+
+ // DidResume is true if this connection was successfully resumed from a
+ // previous session with a session ticket or similar mechanism.
+ DidResume bool
+
+ // CipherSuite is the cipher suite negotiated for the connection (e.g.
+ // TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_AES_128_GCM_SHA256).
+ CipherSuite uint16
+
+ // NegotiatedProtocol is the application protocol negotiated with ALPN.
+ NegotiatedProtocol string
+
+ // NegotiatedProtocolIsMutual used to indicate a mutual NPN negotiation.
+ //
+ // Deprecated: this value is always true.
+ NegotiatedProtocolIsMutual bool
+
+ // ServerName is the value of the Server Name Indication extension sent by
+ // the client. It's available both on the server and on the client side.
+ ServerName string
+
+ // PeerCertificates are the parsed certificates sent by the peer, in the
+ // order in which they were sent. The first element is the leaf certificate
+ // that the connection is verified against.
+ //
+ // On the client side, it can't be empty. On the server side, it can be
+ // empty if Config.ClientAuth is not RequireAnyClientCert or
+ // RequireAndVerifyClientCert.
+ PeerCertificates []*x509.Certificate
+
+ // VerifiedChains is a list of one or more chains where the first element is
+ // PeerCertificates[0] and the last element is from Config.RootCAs (on the
+ // client side) or Config.ClientCAs (on the server side).
+ //
+ // On the client side, it's set if Config.InsecureSkipVerify is false. On
+ // the server side, it's set if Config.ClientAuth is VerifyClientCertIfGiven
+ // (and the peer provided a certificate) or RequireAndVerifyClientCert.
+ VerifiedChains [][]*x509.Certificate
+
+ // SignedCertificateTimestamps is a list of SCTs provided by the peer
+ // through the TLS handshake for the leaf certificate, if any.
+ SignedCertificateTimestamps [][]byte
+
+ // OCSPResponse is a stapled Online Certificate Status Protocol (OCSP)
+ // response provided by the peer for the leaf certificate, if any.
+ OCSPResponse []byte
+
+ // TLSUnique contains the "tls-unique" channel binding value (see RFC 5929,
+ // Section 3). This value will be nil for TLS 1.3 connections and for all
+ // resumed connections.
+ //
+ // Deprecated: there are conditions in which this value might not be unique
+ // to a connection. See the Security Considerations sections of RFC 5705 and
+ // RFC 7627, and https://mitls.org/pages/attacks/3SHAKE#channelbindings.
+ TLSUnique []byte
+
+ // ekm is a closure exposed via ExportKeyingMaterial.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+}
+
+type ConnectionStateWith0RTT struct {
+ ConnectionState
+
+ Used0RTT bool // true if 0-RTT was both offered and accepted
+}
+
+// ClientAuthType is tls.ClientAuthType
+type ClientAuthType = tls.ClientAuthType
+
+const (
+ NoClientCert = tls.NoClientCert
+ RequestClientCert = tls.RequestClientCert
+ RequireAnyClientCert = tls.RequireAnyClientCert
+ VerifyClientCertIfGiven = tls.VerifyClientCertIfGiven
+ RequireAndVerifyClientCert = tls.RequireAndVerifyClientCert
+)
+
+// requiresClientCert reports whether the ClientAuthType requires a client
+// certificate to be provided.
+func requiresClientCert(c ClientAuthType) bool {
+ switch c {
+ case RequireAnyClientCert, RequireAndVerifyClientCert:
+ return true
+ default:
+ return false
+ }
+}
+
+// ClientSessionState contains the state needed by clients to resume TLS
+// sessions.
+type ClientSessionState = tls.ClientSessionState
+
+type clientSessionState struct {
+ sessionTicket []uint8 // Encrypted ticket used for session resumption with server
+ vers uint16 // TLS version negotiated for the session
+ cipherSuite uint16 // Ciphersuite negotiated for the session
+ masterSecret []byte // Full handshake MasterSecret, or TLS 1.3 resumption_master_secret
+ serverCertificates []*x509.Certificate // Certificate chain presented by the server
+ verifiedChains [][]*x509.Certificate // Certificate chains we built for verification
+ receivedAt time.Time // When the session ticket was received from the server
+ ocspResponse []byte // Stapled OCSP response presented by the server
+ scts [][]byte // SCTs presented by the server
+
+ // TLS 1.3 fields.
+ nonce []byte // Ticket nonce sent by the server, to derive PSK
+ useBy time.Time // Expiration of the ticket lifetime as set by the server
+ ageAdd uint32 // Random obfuscation factor for sending the ticket age
+}
+
+// ClientSessionCache is a cache of ClientSessionState objects that can be used
+// by a client to resume a TLS session with a given server. ClientSessionCache
+// implementations should expect to be called concurrently from different
+// goroutines. Up to TLS 1.2, only ticket-based resumption is supported, not
+// SessionID-based resumption. In TLS 1.3 they were merged into PSK modes, which
+// are supported via this interface.
+//go:generate sh -c "mockgen -package qtls -destination mock_client_session_cache_test.go github.com/marten-seemann/qtls-go1-17 ClientSessionCache"
+type ClientSessionCache = tls.ClientSessionCache
+
+// SignatureScheme is a tls.SignatureScheme
+type SignatureScheme = tls.SignatureScheme
+
+const (
+ // RSASSA-PKCS1-v1_5 algorithms.
+ PKCS1WithSHA256 SignatureScheme = 0x0401
+ PKCS1WithSHA384 SignatureScheme = 0x0501
+ PKCS1WithSHA512 SignatureScheme = 0x0601
+
+ // RSASSA-PSS algorithms with public key OID rsaEncryption.
+ PSSWithSHA256 SignatureScheme = 0x0804
+ PSSWithSHA384 SignatureScheme = 0x0805
+ PSSWithSHA512 SignatureScheme = 0x0806
+
+ // ECDSA algorithms. Only constrained to a specific curve in TLS 1.3.
+ ECDSAWithP256AndSHA256 SignatureScheme = 0x0403
+ ECDSAWithP384AndSHA384 SignatureScheme = 0x0503
+ ECDSAWithP521AndSHA512 SignatureScheme = 0x0603
+
+ // EdDSA algorithms.
+ Ed25519 SignatureScheme = 0x0807
+
+ // Legacy signature and hash algorithms for TLS 1.2.
+ PKCS1WithSHA1 SignatureScheme = 0x0201
+ ECDSAWithSHA1 SignatureScheme = 0x0203
+)
+
+// ClientHelloInfo contains information from a ClientHello message in order to
+// guide application logic in the GetCertificate and GetConfigForClient callbacks.
+type ClientHelloInfo = tls.ClientHelloInfo
+
+type clientHelloInfo struct {
+ // CipherSuites lists the CipherSuites supported by the client (e.g.
+ // TLS_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256).
+ CipherSuites []uint16
+
+ // ServerName indicates the name of the server requested by the client
+ // in order to support virtual hosting. ServerName is only set if the
+ // client is using SNI (see RFC 4366, Section 3.1).
+ ServerName string
+
+ // SupportedCurves lists the elliptic curves supported by the client.
+ // SupportedCurves is set only if the Supported Elliptic Curves
+ // Extension is being used (see RFC 4492, Section 5.1.1).
+ SupportedCurves []CurveID
+
+ // SupportedPoints lists the point formats supported by the client.
+ // SupportedPoints is set only if the Supported Point Formats Extension
+ // is being used (see RFC 4492, Section 5.1.2).
+ SupportedPoints []uint8
+
+ // SignatureSchemes lists the signature and hash schemes that the client
+ // is willing to verify. SignatureSchemes is set only if the Signature
+ // Algorithms Extension is being used (see RFC 5246, Section 7.4.1.4.1).
+ SignatureSchemes []SignatureScheme
+
+ // SupportedProtos lists the application protocols supported by the client.
+ // SupportedProtos is set only if the Application-Layer Protocol
+ // Negotiation Extension is being used (see RFC 7301, Section 3.1).
+ //
+ // Servers can select a protocol by setting Config.NextProtos in a
+ // GetConfigForClient return value.
+ SupportedProtos []string
+
+ // SupportedVersions lists the TLS versions supported by the client.
+ // For TLS versions less than 1.3, this is extrapolated from the max
+ // version advertised by the client, so values other than the greatest
+ // might be rejected if used.
+ SupportedVersions []uint16
+
+ // Conn is the underlying net.Conn for the connection. Do not read
+ // from, or write to, this connection; that will cause the TLS
+ // connection to fail.
+ Conn net.Conn
+
+ // config is embedded by the GetCertificate or GetConfigForClient caller,
+ // for use with SupportsCertificate.
+ config *Config
+
+ // ctx is the context of the handshake that is in progress.
+ ctx context.Context
+}
+
+// Context returns the context of the handshake that is in progress.
+// This context is a child of the context passed to HandshakeContext,
+// if any, and is canceled when the handshake concludes.
+func (c *clientHelloInfo) Context() context.Context {
+ return c.ctx
+}
+
+// CertificateRequestInfo contains information from a server's
+// CertificateRequest message, which is used to demand a certificate and proof
+// of control from a client.
+type CertificateRequestInfo = tls.CertificateRequestInfo
+
+type certificateRequestInfo struct {
+ // AcceptableCAs contains zero or more, DER-encoded, X.501
+ // Distinguished Names. These are the names of root or intermediate CAs
+ // that the server wishes the returned certificate to be signed by. An
+ // empty slice indicates that the server has no preference.
+ AcceptableCAs [][]byte
+
+ // SignatureSchemes lists the signature schemes that the server is
+ // willing to verify.
+ SignatureSchemes []SignatureScheme
+
+ // Version is the TLS version that was negotiated for this connection.
+ Version uint16
+
+ // ctx is the context of the handshake that is in progress.
+ ctx context.Context
+}
+
+// Context returns the context of the handshake that is in progress.
+// This context is a child of the context passed to HandshakeContext,
+// if any, and is canceled when the handshake concludes.
+func (c *certificateRequestInfo) Context() context.Context {
+ return c.ctx
+}
+
+// RenegotiationSupport enumerates the different levels of support for TLS
+// renegotiation. TLS renegotiation is the act of performing subsequent
+// handshakes on a connection after the first. This significantly complicates
+// the state machine and has been the source of numerous, subtle security
+// issues. Initiating a renegotiation is not supported, but support for
+// accepting renegotiation requests may be enabled.
+//
+// Even when enabled, the server may not change its identity between handshakes
+// (i.e. the leaf certificate must be the same). Additionally, concurrent
+// handshake and application data flow is not permitted so renegotiation can
+// only be used with protocols that synchronise with the renegotiation, such as
+// HTTPS.
+//
+// Renegotiation is not defined in TLS 1.3.
+type RenegotiationSupport = tls.RenegotiationSupport
+
+const (
+ // RenegotiateNever disables renegotiation.
+ RenegotiateNever = tls.RenegotiateNever
+
+ // RenegotiateOnceAsClient allows a remote server to request
+ // renegotiation once per connection.
+ RenegotiateOnceAsClient = tls.RenegotiateOnceAsClient
+
+ // RenegotiateFreelyAsClient allows a remote server to repeatedly
+ // request renegotiation.
+ RenegotiateFreelyAsClient = tls.RenegotiateFreelyAsClient
+)
+
+// A Config structure is used to configure a TLS client or server.
+// After one has been passed to a TLS function it must not be
+// modified. A Config may be reused; the tls package will also not
+// modify it.
+type Config = tls.Config
+
+type config struct {
+ // Rand provides the source of entropy for nonces and RSA blinding.
+ // If Rand is nil, TLS uses the cryptographic random reader in package
+ // crypto/rand.
+ // The Reader must be safe for use by multiple goroutines.
+ Rand io.Reader
+
+ // Time returns the current time as the number of seconds since the epoch.
+ // If Time is nil, TLS uses time.Now.
+ Time func() time.Time
+
+ // Certificates contains one or more certificate chains to present to the
+ // other side of the connection. The first certificate compatible with the
+ // peer's requirements is selected automatically.
+ //
+ // Server configurations must set one of Certificates, GetCertificate or
+ // GetConfigForClient. Clients doing client-authentication may set either
+ // Certificates or GetClientCertificate.
+ //
+ // Note: if there are multiple Certificates, and they don't have the
+ // optional field Leaf set, certificate selection will incur a significant
+ // per-handshake performance cost.
+ Certificates []Certificate
+
+ // NameToCertificate maps from a certificate name to an element of
+ // Certificates. Note that a certificate name can be of the form
+ // '*.example.com' and so doesn't have to be a domain name as such.
+ //
+ // Deprecated: NameToCertificate only allows associating a single
+ // certificate with a given name. Leave this field nil to let the library
+ // select the first compatible chain from Certificates.
+ NameToCertificate map[string]*Certificate
+
+ // GetCertificate returns a Certificate based on the given
+ // ClientHelloInfo. It will only be called if the client supplies SNI
+ // information or if Certificates is empty.
+ //
+ // If GetCertificate is nil or returns nil, then the certificate is
+ // retrieved from NameToCertificate. If NameToCertificate is nil, the
+ // best element of Certificates will be used.
+ GetCertificate func(*ClientHelloInfo) (*Certificate, error)
+
+ // GetClientCertificate, if not nil, is called when a server requests a
+ // certificate from a client. If set, the contents of Certificates will
+ // be ignored.
+ //
+ // If GetClientCertificate returns an error, the handshake will be
+ // aborted and that error will be returned. Otherwise
+ // GetClientCertificate must return a non-nil Certificate. If
+ // Certificate.Certificate is empty then no certificate will be sent to
+ // the server. If this is unacceptable to the server then it may abort
+ // the handshake.
+ //
+ // GetClientCertificate may be called multiple times for the same
+ // connection if renegotiation occurs or if TLS 1.3 is in use.
+ GetClientCertificate func(*CertificateRequestInfo) (*Certificate, error)
+
+ // GetConfigForClient, if not nil, is called after a ClientHello is
+ // received from a client. It may return a non-nil Config in order to
+ // change the Config that will be used to handle this connection. If
+ // the returned Config is nil, the original Config will be used. The
+ // Config returned by this callback may not be subsequently modified.
+ //
+ // If GetConfigForClient is nil, the Config passed to Server() will be
+ // used for all connections.
+ //
+ // If SessionTicketKey was explicitly set on the returned Config, or if
+ // SetSessionTicketKeys was called on the returned Config, those keys will
+ // be used. Otherwise, the original Config keys will be used (and possibly
+ // rotated if they are automatically managed).
+ GetConfigForClient func(*ClientHelloInfo) (*Config, error)
+
+ // VerifyPeerCertificate, if not nil, is called after normal
+ // certificate verification by either a TLS client or server. It
+ // receives the raw ASN.1 certificates provided by the peer and also
+ // any verified chains that normal processing found. If it returns a
+ // non-nil error, the handshake is aborted and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. If normal verification is disabled by
+ // setting InsecureSkipVerify, or (for a server) when ClientAuth is
+ // RequestClientCert or RequireAnyClientCert, then this callback will
+ // be considered but the verifiedChains argument will always be nil.
+ VerifyPeerCertificate func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error
+
+ // VerifyConnection, if not nil, is called after normal certificate
+ // verification and after VerifyPeerCertificate by either a TLS client
+ // or server. If it returns a non-nil error, the handshake is aborted
+ // and that error results.
+ //
+ // If normal verification fails then the handshake will abort before
+ // considering this callback. This callback will run for all connections
+ // regardless of InsecureSkipVerify or ClientAuth settings.
+ VerifyConnection func(ConnectionState) error
+
+ // RootCAs defines the set of root certificate authorities
+ // that clients use when verifying server certificates.
+ // If RootCAs is nil, TLS uses the host's root CA set.
+ RootCAs *x509.CertPool
+
+ // NextProtos is a list of supported application level protocols, in
+ // order of preference. If both peers support ALPN, the selected
+ // protocol will be one from this list, and the connection will fail
+ // if there is no mutually supported protocol. If NextProtos is empty
+ // or the peer doesn't support ALPN, the connection will succeed and
+ // ConnectionState.NegotiatedProtocol will be empty.
+ NextProtos []string
+
+ // ServerName is used to verify the hostname on the returned
+ // certificates unless InsecureSkipVerify is given. It is also included
+ // in the client's handshake to support virtual hosting unless it is
+ // an IP address.
+ ServerName string
+
+ // ClientAuth determines the server's policy for
+ // TLS Client Authentication. The default is NoClientCert.
+ ClientAuth ClientAuthType
+
+ // ClientCAs defines the set of root certificate authorities
+ // that servers use if required to verify a client certificate
+ // by the policy in ClientAuth.
+ ClientCAs *x509.CertPool
+
+ // InsecureSkipVerify controls whether a client verifies the server's
+ // certificate chain and host name. If InsecureSkipVerify is true, crypto/tls
+ // accepts any certificate presented by the server and any host name in that
+ // certificate. In this mode, TLS is susceptible to machine-in-the-middle
+ // attacks unless custom verification is used. This should be used only for
+ // testing or in combination with VerifyConnection or VerifyPeerCertificate.
+ InsecureSkipVerify bool
+
+ // CipherSuites is a list of enabled TLS 1.0–1.2 cipher suites. The order of
+ // the list is ignored. Note that TLS 1.3 ciphersuites are not configurable.
+ //
+ // If CipherSuites is nil, a safe default list is used. The default cipher
+ // suites might change over time.
+ CipherSuites []uint16
+
+ // PreferServerCipherSuites is a legacy field and has no effect.
+ //
+ // It used to control whether the server would follow the client's or the
+ // server's preference. Servers now select the best mutually supported
+ // cipher suite based on logic that takes into account inferred client
+ // hardware, server hardware, and security.
+ //
+ // Deprected: PreferServerCipherSuites is ignored.
+ PreferServerCipherSuites bool
+
+ // SessionTicketsDisabled may be set to true to disable session ticket and
+ // PSK (resumption) support. Note that on clients, session ticket support is
+ // also disabled if ClientSessionCache is nil.
+ SessionTicketsDisabled bool
+
+ // SessionTicketKey is used by TLS servers to provide session resumption.
+ // See RFC 5077 and the PSK mode of RFC 8446. If zero, it will be filled
+ // with random data before the first server handshake.
+ //
+ // Deprecated: if this field is left at zero, session ticket keys will be
+ // automatically rotated every day and dropped after seven days. For
+ // customizing the rotation schedule or synchronizing servers that are
+ // terminating connections for the same host, use SetSessionTicketKeys.
+ SessionTicketKey [32]byte
+
+ // ClientSessionCache is a cache of ClientSessionState entries for TLS
+ // session resumption. It is only used by clients.
+ ClientSessionCache ClientSessionCache
+
+ // MinVersion contains the minimum TLS version that is acceptable.
+ // If zero, TLS 1.0 is currently taken as the minimum.
+ MinVersion uint16
+
+ // MaxVersion contains the maximum TLS version that is acceptable.
+ // If zero, the maximum version supported by this package is used,
+ // which is currently TLS 1.3.
+ MaxVersion uint16
+
+ // CurvePreferences contains the elliptic curves that will be used in
+ // an ECDHE handshake, in preference order. If empty, the default will
+ // be used. The client will use the first preference as the type for
+ // its key share in TLS 1.3. This may change in the future.
+ CurvePreferences []CurveID
+
+ // DynamicRecordSizingDisabled disables adaptive sizing of TLS records.
+ // When true, the largest possible TLS record size is always used. When
+ // false, the size of TLS records may be adjusted in an attempt to
+ // improve latency.
+ DynamicRecordSizingDisabled bool
+
+ // Renegotiation controls what types of renegotiation are supported.
+ // The default, none, is correct for the vast majority of applications.
+ Renegotiation RenegotiationSupport
+
+ // KeyLogWriter optionally specifies a destination for TLS master secrets
+ // in NSS key log format that can be used to allow external programs
+ // such as Wireshark to decrypt TLS connections.
+ // See https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format.
+ // Use of KeyLogWriter compromises security and should only be
+ // used for debugging.
+ KeyLogWriter io.Writer
+
+ // mutex protects sessionTicketKeys and autoSessionTicketKeys.
+ mutex sync.RWMutex
+ // sessionTicketKeys contains zero or more ticket keys. If set, it means the
+ // the keys were set with SessionTicketKey or SetSessionTicketKeys. The
+ // first key is used for new tickets and any subsequent keys can be used to
+ // decrypt old tickets. The slice contents are not protected by the mutex
+ // and are immutable.
+ sessionTicketKeys []ticketKey
+ // autoSessionTicketKeys is like sessionTicketKeys but is owned by the
+ // auto-rotation logic. See Config.ticketKeys.
+ autoSessionTicketKeys []ticketKey
+}
+
+// A RecordLayer handles encrypting and decrypting of TLS messages.
+type RecordLayer interface {
+ SetReadKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ SetWriteKey(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+ ReadHandshakeMessage() ([]byte, error)
+ WriteRecord([]byte) (int, error)
+ SendAlert(uint8)
+}
+
+type ExtraConfig struct {
+ // GetExtensions, if not nil, is called before a message that allows
+ // sending of extensions is sent.
+ // Currently only implemented for the ClientHello message (for the client)
+ // and for the EncryptedExtensions message (for the server).
+ // Only valid for TLS 1.3.
+ GetExtensions func(handshakeMessageType uint8) []Extension
+
+ // ReceivedExtensions, if not nil, is called when a message that allows the
+ // inclusion of extensions is received.
+ // It is called with an empty slice of extensions, if the message didn't
+ // contain any extensions.
+ // Currently only implemented for the ClientHello message (sent by the
+ // client) and for the EncryptedExtensions message (sent by the server).
+ // Only valid for TLS 1.3.
+ ReceivedExtensions func(handshakeMessageType uint8, exts []Extension)
+
+ // AlternativeRecordLayer is used by QUIC
+ AlternativeRecordLayer RecordLayer
+
+ // Enforce the selection of a supported application protocol.
+ // Only works for TLS 1.3.
+ // If enabled, client and server have to agree on an application protocol.
+ // Otherwise, connection establishment fails.
+ EnforceNextProtoSelection bool
+
+ // If MaxEarlyData is greater than 0, the client will be allowed to send early
+ // data when resuming a session.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning on the client.
+ MaxEarlyData uint32
+
+ // The Accept0RTT callback is called when the client offers 0-RTT.
+ // The server then has to decide if it wants to accept or reject 0-RTT.
+ // It is only used for servers.
+ Accept0RTT func(appData []byte) bool
+
+ // 0RTTRejected is called when the server rejectes 0-RTT.
+ // It is only used for clients.
+ Rejected0RTT func()
+
+ // If set, the client will export the 0-RTT key when resuming a session that
+ // allows sending of early data.
+ // Requires the AlternativeRecordLayer to be set.
+ //
+ // It has no meaning to the server.
+ Enable0RTT bool
+
+ // Is called when the client saves a session ticket to the session ticket.
+ // This gives the application the opportunity to save some data along with the ticket,
+ // which can be restored when the session ticket is used.
+ GetAppDataForSessionState func() []byte
+
+ // Is called when the client uses a session ticket.
+ // Restores the application data that was saved earlier on GetAppDataForSessionTicket.
+ SetAppDataFromSessionState func([]byte)
+}
+
+// Clone clones.
+func (c *ExtraConfig) Clone() *ExtraConfig {
+ return &ExtraConfig{
+ GetExtensions: c.GetExtensions,
+ ReceivedExtensions: c.ReceivedExtensions,
+ AlternativeRecordLayer: c.AlternativeRecordLayer,
+ EnforceNextProtoSelection: c.EnforceNextProtoSelection,
+ MaxEarlyData: c.MaxEarlyData,
+ Enable0RTT: c.Enable0RTT,
+ Accept0RTT: c.Accept0RTT,
+ Rejected0RTT: c.Rejected0RTT,
+ GetAppDataForSessionState: c.GetAppDataForSessionState,
+ SetAppDataFromSessionState: c.SetAppDataFromSessionState,
+ }
+}
+
+func (c *ExtraConfig) usesAlternativeRecordLayer() bool {
+ return c != nil && c.AlternativeRecordLayer != nil
+}
+
+const (
+ // ticketKeyNameLen is the number of bytes of identifier that is prepended to
+ // an encrypted session ticket in order to identify the key used to encrypt it.
+ ticketKeyNameLen = 16
+
+ // ticketKeyLifetime is how long a ticket key remains valid and can be used to
+ // resume a client connection.
+ ticketKeyLifetime = 7 * 24 * time.Hour // 7 days
+
+ // ticketKeyRotation is how often the server should rotate the session ticket key
+ // that is used for new tickets.
+ ticketKeyRotation = 24 * time.Hour
+)
+
+// ticketKey is the internal representation of a session ticket key.
+type ticketKey struct {
+ // keyName is an opaque byte string that serves to identify the session
+ // ticket key. It's exposed as plaintext in every session ticket.
+ keyName [ticketKeyNameLen]byte
+ aesKey [16]byte
+ hmacKey [16]byte
+ // created is the time at which this ticket key was created. See Config.ticketKeys.
+ created time.Time
+}
+
+// ticketKeyFromBytes converts from the external representation of a session
+// ticket key to a ticketKey. Externally, session ticket keys are 32 random
+// bytes and this function expands that into sufficient name and key material.
+func (c *config) ticketKeyFromBytes(b [32]byte) (key ticketKey) {
+ hashed := sha512.Sum512(b[:])
+ copy(key.keyName[:], hashed[:ticketKeyNameLen])
+ copy(key.aesKey[:], hashed[ticketKeyNameLen:ticketKeyNameLen+16])
+ copy(key.hmacKey[:], hashed[ticketKeyNameLen+16:ticketKeyNameLen+32])
+ key.created = c.time()
+ return key
+}
+
+// maxSessionTicketLifetime is the maximum allowed lifetime of a TLS 1.3 session
+// ticket, and the lifetime we set for tickets we send.
+const maxSessionTicketLifetime = 7 * 24 * time.Hour
+
+// Clone returns a shallow clone of c or nil if c is nil. It is safe to clone a Config that is
+// being used concurrently by a TLS client or server.
+func (c *config) Clone() *config {
+ if c == nil {
+ return nil
+ }
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ return &config{
+ Rand: c.Rand,
+ Time: c.Time,
+ Certificates: c.Certificates,
+ NameToCertificate: c.NameToCertificate,
+ GetCertificate: c.GetCertificate,
+ GetClientCertificate: c.GetClientCertificate,
+ GetConfigForClient: c.GetConfigForClient,
+ VerifyPeerCertificate: c.VerifyPeerCertificate,
+ VerifyConnection: c.VerifyConnection,
+ RootCAs: c.RootCAs,
+ NextProtos: c.NextProtos,
+ ServerName: c.ServerName,
+ ClientAuth: c.ClientAuth,
+ ClientCAs: c.ClientCAs,
+ InsecureSkipVerify: c.InsecureSkipVerify,
+ CipherSuites: c.CipherSuites,
+ PreferServerCipherSuites: c.PreferServerCipherSuites,
+ SessionTicketsDisabled: c.SessionTicketsDisabled,
+ SessionTicketKey: c.SessionTicketKey,
+ ClientSessionCache: c.ClientSessionCache,
+ MinVersion: c.MinVersion,
+ MaxVersion: c.MaxVersion,
+ CurvePreferences: c.CurvePreferences,
+ DynamicRecordSizingDisabled: c.DynamicRecordSizingDisabled,
+ Renegotiation: c.Renegotiation,
+ KeyLogWriter: c.KeyLogWriter,
+ sessionTicketKeys: c.sessionTicketKeys,
+ autoSessionTicketKeys: c.autoSessionTicketKeys,
+ }
+}
+
+// deprecatedSessionTicketKey is set as the prefix of SessionTicketKey if it was
+// randomized for backwards compatibility but is not in use.
+var deprecatedSessionTicketKey = []byte("DEPRECATED")
+
+// initLegacySessionTicketKeyRLocked ensures the legacy SessionTicketKey field is
+// randomized if empty, and that sessionTicketKeys is populated from it otherwise.
+func (c *config) initLegacySessionTicketKeyRLocked() {
+ // Don't write if SessionTicketKey is already defined as our deprecated string,
+ // or if it is defined by the user but sessionTicketKeys is already set.
+ if c.SessionTicketKey != [32]byte{} &&
+ (bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) || len(c.sessionTicketKeys) > 0) {
+ return
+ }
+
+ // We need to write some data, so get an exclusive lock and re-check any conditions.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ if c.SessionTicketKey == [32]byte{} {
+ if _, err := io.ReadFull(c.rand(), c.SessionTicketKey[:]); err != nil {
+ panic(fmt.Sprintf("tls: unable to generate random session ticket key: %v", err))
+ }
+ // Write the deprecated prefix at the beginning so we know we created
+ // it. This key with the DEPRECATED prefix isn't used as an actual
+ // session ticket key, and is only randomized in case the application
+ // reuses it for some reason.
+ copy(c.SessionTicketKey[:], deprecatedSessionTicketKey)
+ } else if !bytes.HasPrefix(c.SessionTicketKey[:], deprecatedSessionTicketKey) && len(c.sessionTicketKeys) == 0 {
+ c.sessionTicketKeys = []ticketKey{c.ticketKeyFromBytes(c.SessionTicketKey)}
+ }
+
+}
+
+// ticketKeys returns the ticketKeys for this connection.
+// If configForClient has explicitly set keys, those will
+// be returned. Otherwise, the keys on c will be used and
+// may be rotated if auto-managed.
+// During rotation, any expired session ticket keys are deleted from
+// c.sessionTicketKeys. If the session ticket key that is currently
+// encrypting tickets (ie. the first ticketKey in c.sessionTicketKeys)
+// is not fresh, then a new session ticket key will be
+// created and prepended to c.sessionTicketKeys.
+func (c *config) ticketKeys(configForClient *config) []ticketKey {
+ // If the ConfigForClient callback returned a Config with explicitly set
+ // keys, use those, otherwise just use the original Config.
+ if configForClient != nil {
+ configForClient.mutex.RLock()
+ if configForClient.SessionTicketsDisabled {
+ return nil
+ }
+ configForClient.initLegacySessionTicketKeyRLocked()
+ if len(configForClient.sessionTicketKeys) != 0 {
+ ret := configForClient.sessionTicketKeys
+ configForClient.mutex.RUnlock()
+ return ret
+ }
+ configForClient.mutex.RUnlock()
+ }
+
+ c.mutex.RLock()
+ defer c.mutex.RUnlock()
+ if c.SessionTicketsDisabled {
+ return nil
+ }
+ c.initLegacySessionTicketKeyRLocked()
+ if len(c.sessionTicketKeys) != 0 {
+ return c.sessionTicketKeys
+ }
+ // Fast path for the common case where the key is fresh enough.
+ if len(c.autoSessionTicketKeys) > 0 && c.time().Sub(c.autoSessionTicketKeys[0].created) < ticketKeyRotation {
+ return c.autoSessionTicketKeys
+ }
+
+ // autoSessionTicketKeys are managed by auto-rotation.
+ c.mutex.RUnlock()
+ defer c.mutex.RLock()
+ c.mutex.Lock()
+ defer c.mutex.Unlock()
+ // Re-check the condition in case it changed since obtaining the new lock.
+ if len(c.autoSessionTicketKeys) == 0 || c.time().Sub(c.autoSessionTicketKeys[0].created) >= ticketKeyRotation {
+ var newKey [32]byte
+ if _, err := io.ReadFull(c.rand(), newKey[:]); err != nil {
+ panic(fmt.Sprintf("unable to generate random session ticket key: %v", err))
+ }
+ valid := make([]ticketKey, 0, len(c.autoSessionTicketKeys)+1)
+ valid = append(valid, c.ticketKeyFromBytes(newKey))
+ for _, k := range c.autoSessionTicketKeys {
+ // While rotating the current key, also remove any expired ones.
+ if c.time().Sub(k.created) < ticketKeyLifetime {
+ valid = append(valid, k)
+ }
+ }
+ c.autoSessionTicketKeys = valid
+ }
+ return c.autoSessionTicketKeys
+}
+
+// SetSessionTicketKeys updates the session ticket keys for a server.
+//
+// The first key will be used when creating new tickets, while all keys can be
+// used for decrypting tickets. It is safe to call this function while the
+// server is running in order to rotate the session ticket keys. The function
+// will panic if keys is empty.
+//
+// Calling this function will turn off automatic session ticket key rotation.
+//
+// If multiple servers are terminating connections for the same host they should
+// all have the same session ticket keys. If the session ticket keys leaks,
+// previously recorded and future TLS connections using those keys might be
+// compromised.
+func (c *config) SetSessionTicketKeys(keys [][32]byte) {
+ if len(keys) == 0 {
+ panic("tls: keys must have at least one key")
+ }
+
+ newKeys := make([]ticketKey, len(keys))
+ for i, bytes := range keys {
+ newKeys[i] = c.ticketKeyFromBytes(bytes)
+ }
+
+ c.mutex.Lock()
+ c.sessionTicketKeys = newKeys
+ c.mutex.Unlock()
+}
+
+func (c *config) rand() io.Reader {
+ r := c.Rand
+ if r == nil {
+ return rand.Reader
+ }
+ return r
+}
+
+func (c *config) time() time.Time {
+ t := c.Time
+ if t == nil {
+ t = time.Now
+ }
+ return t()
+}
+
+func (c *config) cipherSuites() []uint16 {
+ if c.CipherSuites != nil {
+ return c.CipherSuites
+ }
+ return defaultCipherSuites
+}
+
+var supportedVersions = []uint16{
+ VersionTLS13,
+ VersionTLS12,
+ VersionTLS11,
+ VersionTLS10,
+}
+
+func (c *config) supportedVersions() []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if c != nil && c.MinVersion != 0 && v < c.MinVersion {
+ continue
+ }
+ if c != nil && c.MaxVersion != 0 && v > c.MaxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+func (c *config) maxSupportedVersion() uint16 {
+ supportedVersions := c.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return 0
+ }
+ return supportedVersions[0]
+}
+
+// supportedVersionsFromMax returns a list of supported versions derived from a
+// legacy maximum version value. Note that only versions supported by this
+// library are returned. Any newer peer will use supportedVersions anyway.
+func supportedVersionsFromMax(maxVersion uint16) []uint16 {
+ versions := make([]uint16, 0, len(supportedVersions))
+ for _, v := range supportedVersions {
+ if v > maxVersion {
+ continue
+ }
+ versions = append(versions, v)
+ }
+ return versions
+}
+
+var defaultCurvePreferences = []CurveID{X25519, CurveP256, CurveP384, CurveP521}
+
+func (c *config) curvePreferences() []CurveID {
+ if c == nil || len(c.CurvePreferences) == 0 {
+ return defaultCurvePreferences
+ }
+ return c.CurvePreferences
+}
+
+func (c *config) supportsCurve(curve CurveID) bool {
+ for _, cc := range c.curvePreferences() {
+ if cc == curve {
+ return true
+ }
+ }
+ return false
+}
+
+// mutualVersion returns the protocol version to use given the advertised
+// versions of the peer. Priority is given to the peer preference order.
+func (c *config) mutualVersion(peerVersions []uint16) (uint16, bool) {
+ supportedVersions := c.supportedVersions()
+ for _, peerVersion := range peerVersions {
+ for _, v := range supportedVersions {
+ if v == peerVersion {
+ return v, true
+ }
+ }
+ }
+ return 0, false
+}
+
+var errNoCertificates = errors.New("tls: no certificates configured")
+
+// getCertificate returns the best certificate for the given ClientHelloInfo,
+// defaulting to the first element of c.Certificates.
+func (c *config) getCertificate(clientHello *ClientHelloInfo) (*Certificate, error) {
+ if c.GetCertificate != nil &&
+ (len(c.Certificates) == 0 || len(clientHello.ServerName) > 0) {
+ cert, err := c.GetCertificate(clientHello)
+ if cert != nil || err != nil {
+ return cert, err
+ }
+ }
+
+ if len(c.Certificates) == 0 {
+ return nil, errNoCertificates
+ }
+
+ if len(c.Certificates) == 1 {
+ // There's only one choice, so no point doing any work.
+ return &c.Certificates[0], nil
+ }
+
+ if c.NameToCertificate != nil {
+ name := strings.ToLower(clientHello.ServerName)
+ if cert, ok := c.NameToCertificate[name]; ok {
+ return cert, nil
+ }
+ if len(name) > 0 {
+ labels := strings.Split(name, ".")
+ labels[0] = "*"
+ wildcardName := strings.Join(labels, ".")
+ if cert, ok := c.NameToCertificate[wildcardName]; ok {
+ return cert, nil
+ }
+ }
+ }
+
+ for _, cert := range c.Certificates {
+ if err := clientHello.SupportsCertificate(&cert); err == nil {
+ return &cert, nil
+ }
+ }
+
+ // If nothing matches, return the first certificate.
+ return &c.Certificates[0], nil
+}
+
+// SupportsCertificate returns nil if the provided certificate is supported by
+// the client that sent the ClientHello. Otherwise, it returns an error
+// describing the reason for the incompatibility.
+//
+// If this ClientHelloInfo was passed to a GetConfigForClient or GetCertificate
+// callback, this method will take into account the associated Config. Note that
+// if GetConfigForClient returns a different Config, the change can't be
+// accounted for by this method.
+//
+// This function will call x509.ParseCertificate unless c.Leaf is set, which can
+// incur a significant performance cost.
+func (chi *clientHelloInfo) SupportsCertificate(c *Certificate) error {
+ // Note we don't currently support certificate_authorities nor
+ // signature_algorithms_cert, and don't check the algorithms of the
+ // signatures on the chain (which anyway are a SHOULD, see RFC 8446,
+ // Section 4.4.2.2).
+
+ config := chi.config
+ if config == nil {
+ config = &Config{}
+ }
+ conf := fromConfig(config)
+ vers, ok := conf.mutualVersion(chi.SupportedVersions)
+ if !ok {
+ return errors.New("no mutually supported protocol versions")
+ }
+
+ // If the client specified the name they are trying to connect to, the
+ // certificate needs to be valid for it.
+ if chi.ServerName != "" {
+ x509Cert, err := leafCertificate(c)
+ if err != nil {
+ return fmt.Errorf("failed to parse certificate: %w", err)
+ }
+ if err := x509Cert.VerifyHostname(chi.ServerName); err != nil {
+ return fmt.Errorf("certificate is not valid for requested server name: %w", err)
+ }
+ }
+
+ // supportsRSAFallback returns nil if the certificate and connection support
+ // the static RSA key exchange, and unsupported otherwise. The logic for
+ // supporting static RSA is completely disjoint from the logic for
+ // supporting signed key exchanges, so we just check it as a fallback.
+ supportsRSAFallback := func(unsupported error) error {
+ // TLS 1.3 dropped support for the static RSA key exchange.
+ if vers == VersionTLS13 {
+ return unsupported
+ }
+ // The static RSA key exchange works by decrypting a challenge with the
+ // RSA private key, not by signing, so check the PrivateKey implements
+ // crypto.Decrypter, like *rsa.PrivateKey does.
+ if priv, ok := c.PrivateKey.(crypto.Decrypter); ok {
+ if _, ok := priv.Public().(*rsa.PublicKey); !ok {
+ return unsupported
+ }
+ } else {
+ return unsupported
+ }
+ // Finally, there needs to be a mutual cipher suite that uses the static
+ // RSA key exchange instead of ECDHE.
+ rsaCipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ return false
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if rsaCipherSuite == nil {
+ return unsupported
+ }
+ return nil
+ }
+
+ // If the client sent the signature_algorithms extension, ensure it supports
+ // schemes we can use with this certificate and TLS version.
+ if len(chi.SignatureSchemes) > 0 {
+ if _, err := selectSignatureScheme(vers, c, chi.SignatureSchemes); err != nil {
+ return supportsRSAFallback(err)
+ }
+ }
+
+ // In TLS 1.3 we are done because supported_groups is only relevant to the
+ // ECDHE computation, point format negotiation is removed, cipher suites are
+ // only relevant to the AEAD choice, and static RSA does not exist.
+ if vers == VersionTLS13 {
+ return nil
+ }
+
+ // The only signed key exchange we support is ECDHE.
+ if !supportsECDHE(conf, chi.SupportedCurves, chi.SupportedPoints) {
+ return supportsRSAFallback(errors.New("client doesn't support ECDHE, can only use legacy RSA key exchange"))
+ }
+
+ var ecdsaCipherSuite bool
+ if priv, ok := c.PrivateKey.(crypto.Signer); ok {
+ switch pub := priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ var curve CurveID
+ switch pub.Curve {
+ case elliptic.P256():
+ curve = CurveP256
+ case elliptic.P384():
+ curve = CurveP384
+ case elliptic.P521():
+ curve = CurveP521
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ var curveOk bool
+ for _, c := range chi.SupportedCurves {
+ if c == curve && conf.supportsCurve(c) {
+ curveOk = true
+ break
+ }
+ }
+ if !curveOk {
+ return errors.New("client doesn't support certificate curve")
+ }
+ ecdsaCipherSuite = true
+ case ed25519.PublicKey:
+ if vers < VersionTLS12 || len(chi.SignatureSchemes) == 0 {
+ return errors.New("connection doesn't support Ed25519")
+ }
+ ecdsaCipherSuite = true
+ case *rsa.PublicKey:
+ default:
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+ } else {
+ return supportsRSAFallback(unsupportedCertificateError(c))
+ }
+
+ // Make sure that there is a mutually supported cipher suite that works with
+ // this certificate. Cipher suite selection will then apply the logic in
+ // reverse to pick it. See also serverHandshakeState.cipherSuiteOk.
+ cipherSuite := selectCipherSuite(chi.CipherSuites, conf.cipherSuites(), func(c *cipherSuite) bool {
+ if c.flags&suiteECDHE == 0 {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !ecdsaCipherSuite {
+ return false
+ }
+ } else {
+ if ecdsaCipherSuite {
+ return false
+ }
+ }
+ if vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+ })
+ if cipherSuite == nil {
+ return supportsRSAFallback(errors.New("client doesn't support any cipher suites compatible with the certificate"))
+ }
+
+ return nil
+}
+
+// BuildNameToCertificate parses c.Certificates and builds c.NameToCertificate
+// from the CommonName and SubjectAlternateName fields of each of the leaf
+// certificates.
+//
+// Deprecated: NameToCertificate only allows associating a single certificate
+// with a given name. Leave that field nil to let the library select the first
+// compatible chain from Certificates.
+func (c *config) BuildNameToCertificate() {
+ c.NameToCertificate = make(map[string]*Certificate)
+ for i := range c.Certificates {
+ cert := &c.Certificates[i]
+ x509Cert, err := leafCertificate(cert)
+ if err != nil {
+ continue
+ }
+ // If SANs are *not* present, some clients will consider the certificate
+ // valid for the name in the Common Name.
+ if x509Cert.Subject.CommonName != "" && len(x509Cert.DNSNames) == 0 {
+ c.NameToCertificate[x509Cert.Subject.CommonName] = cert
+ }
+ for _, san := range x509Cert.DNSNames {
+ c.NameToCertificate[san] = cert
+ }
+ }
+}
+
+const (
+ keyLogLabelTLS12 = "CLIENT_RANDOM"
+ keyLogLabelEarlyTraffic = "CLIENT_EARLY_TRAFFIC_SECRET"
+ keyLogLabelClientHandshake = "CLIENT_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelServerHandshake = "SERVER_HANDSHAKE_TRAFFIC_SECRET"
+ keyLogLabelClientTraffic = "CLIENT_TRAFFIC_SECRET_0"
+ keyLogLabelServerTraffic = "SERVER_TRAFFIC_SECRET_0"
+)
+
+func (c *config) writeKeyLog(label string, clientRandom, secret []byte) error {
+ if c.KeyLogWriter == nil {
+ return nil
+ }
+
+ logLine := []byte(fmt.Sprintf("%s %x %x\n", label, clientRandom, secret))
+
+ writerMutex.Lock()
+ _, err := c.KeyLogWriter.Write(logLine)
+ writerMutex.Unlock()
+
+ return err
+}
+
+// writerMutex protects all KeyLogWriters globally. It is rarely enabled,
+// and is only for debugging, so a global mutex saves space.
+var writerMutex sync.Mutex
+
+// A Certificate is a chain of one or more certificates, leaf first.
+type Certificate = tls.Certificate
+
+// leaf returns the parsed leaf certificate, either from c.Leaf or by parsing
+// the corresponding c.Certificate[0].
+func leafCertificate(c *Certificate) (*x509.Certificate, error) {
+ if c.Leaf != nil {
+ return c.Leaf, nil
+ }
+ return x509.ParseCertificate(c.Certificate[0])
+}
+
+type handshakeMessage interface {
+ marshal() []byte
+ unmarshal([]byte) bool
+}
+
+// lruSessionCache is a ClientSessionCache implementation that uses an LRU
+// caching strategy.
+type lruSessionCache struct {
+ sync.Mutex
+
+ m map[string]*list.Element
+ q *list.List
+ capacity int
+}
+
+type lruSessionCacheEntry struct {
+ sessionKey string
+ state *ClientSessionState
+}
+
+// NewLRUClientSessionCache returns a ClientSessionCache with the given
+// capacity that uses an LRU strategy. If capacity is < 1, a default capacity
+// is used instead.
+func NewLRUClientSessionCache(capacity int) ClientSessionCache {
+ const defaultSessionCacheCapacity = 64
+
+ if capacity < 1 {
+ capacity = defaultSessionCacheCapacity
+ }
+ return &lruSessionCache{
+ m: make(map[string]*list.Element),
+ q: list.New(),
+ capacity: capacity,
+ }
+}
+
+// Put adds the provided (sessionKey, cs) pair to the cache. If cs is nil, the entry
+// corresponding to sessionKey is removed from the cache instead.
+func (c *lruSessionCache) Put(sessionKey string, cs *ClientSessionState) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ if cs == nil {
+ c.q.Remove(elem)
+ delete(c.m, sessionKey)
+ } else {
+ entry := elem.Value.(*lruSessionCacheEntry)
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ }
+ return
+ }
+
+ if c.q.Len() < c.capacity {
+ entry := &lruSessionCacheEntry{sessionKey, cs}
+ c.m[sessionKey] = c.q.PushFront(entry)
+ return
+ }
+
+ elem := c.q.Back()
+ entry := elem.Value.(*lruSessionCacheEntry)
+ delete(c.m, entry.sessionKey)
+ entry.sessionKey = sessionKey
+ entry.state = cs
+ c.q.MoveToFront(elem)
+ c.m[sessionKey] = elem
+}
+
+// Get returns the ClientSessionState value associated with a given key. It
+// returns (nil, false) if no value is found.
+func (c *lruSessionCache) Get(sessionKey string) (*ClientSessionState, bool) {
+ c.Lock()
+ defer c.Unlock()
+
+ if elem, ok := c.m[sessionKey]; ok {
+ c.q.MoveToFront(elem)
+ return elem.Value.(*lruSessionCacheEntry).state, true
+ }
+ return nil, false
+}
+
+var emptyConfig Config
+
+func defaultConfig() *Config {
+ return &emptyConfig
+}
+
+func unexpectedMessageError(wanted, got interface{}) error {
+ return fmt.Errorf("tls: received unexpected handshake message of type %T when waiting for %T", got, wanted)
+}
+
+func isSupportedSignatureAlgorithm(sigAlg SignatureScheme, supportedSignatureAlgorithms []SignatureScheme) bool {
+ for _, s := range supportedSignatureAlgorithms {
+ if s == sigAlg {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/conn.go b/vendor/github.com/marten-seemann/qtls-go1-17/conn.go
new file mode 100644
index 00000000..b86bb66a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/conn.go
@@ -0,0 +1,1590 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// TLS low level connection and record layer
+
+package qtls
+
+import (
+ "bytes"
+ "context"
+ "crypto/cipher"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "net"
+ "sync"
+ "sync/atomic"
+ "time"
+)
+
+// A Conn represents a secured connection.
+// It implements the net.Conn interface.
+type Conn struct {
+ // constant
+ conn net.Conn
+ isClient bool
+ handshakeFn func(context.Context) error // (*Conn).clientHandshake or serverHandshake
+
+ // handshakeStatus is 1 if the connection is currently transferring
+ // application data (i.e. is not currently processing a handshake).
+ // This field is only to be accessed with sync/atomic.
+ handshakeStatus uint32
+ // constant after handshake; protected by handshakeMutex
+ handshakeMutex sync.Mutex
+ handshakeErr error // error resulting from handshake
+ vers uint16 // TLS version
+ haveVers bool // version has been negotiated
+ config *config // configuration passed to constructor
+ // handshakes counts the number of handshakes performed on the
+ // connection so far. If renegotiation is disabled then this is either
+ // zero or one.
+ extraConfig *ExtraConfig
+
+ handshakes int
+ didResume bool // whether this connection was a session resumption
+ cipherSuite uint16
+ ocspResponse []byte // stapled OCSP response
+ scts [][]byte // signed certificate timestamps from server
+ peerCertificates []*x509.Certificate
+ // verifiedChains contains the certificate chains that we built, as
+ // opposed to the ones presented by the server.
+ verifiedChains [][]*x509.Certificate
+ // serverName contains the server name indicated by the client, if any.
+ serverName string
+ // secureRenegotiation is true if the server echoed the secure
+ // renegotiation extension. (This is meaningless as a server because
+ // renegotiation is not supported in that case.)
+ secureRenegotiation bool
+ // ekm is a closure for exporting keying material.
+ ekm func(label string, context []byte, length int) ([]byte, error)
+ // For the client:
+ // resumptionSecret is the resumption_master_secret for handling
+ // NewSessionTicket messages. nil if config.SessionTicketsDisabled.
+ // For the server:
+ // resumptionSecret is the resumption_master_secret for generating
+ // NewSessionTicket messages. Only used when the alternative record
+ // layer is set. nil if config.SessionTicketsDisabled.
+ resumptionSecret []byte
+
+ // ticketKeys is the set of active session ticket keys for this
+ // connection. The first one is used to encrypt new tickets and
+ // all are tried to decrypt tickets.
+ ticketKeys []ticketKey
+
+ // clientFinishedIsFirst is true if the client sent the first Finished
+ // message during the most recent handshake. This is recorded because
+ // the first transmitted Finished message is the tls-unique
+ // channel-binding value.
+ clientFinishedIsFirst bool
+
+ // closeNotifyErr is any error from sending the alertCloseNotify record.
+ closeNotifyErr error
+ // closeNotifySent is true if the Conn attempted to send an
+ // alertCloseNotify record.
+ closeNotifySent bool
+
+ // clientFinished and serverFinished contain the Finished message sent
+ // by the client or server in the most recent handshake. This is
+ // retained to support the renegotiation extension and tls-unique
+ // channel-binding.
+ clientFinished [12]byte
+ serverFinished [12]byte
+
+ // clientProtocol is the negotiated ALPN protocol.
+ clientProtocol string
+
+ // input/output
+ in, out halfConn
+ rawInput bytes.Buffer // raw input, starting with a record header
+ input bytes.Reader // application data waiting to be read, from rawInput.Next
+ hand bytes.Buffer // handshake data waiting to be read
+ buffering bool // whether records are buffered in sendBuf
+ sendBuf []byte // a buffer of records waiting to be sent
+
+ // bytesSent counts the bytes of application data sent.
+ // packetsSent counts packets.
+ bytesSent int64
+ packetsSent int64
+
+ // retryCount counts the number of consecutive non-advancing records
+ // received by Conn.readRecord. That is, records that neither advance the
+ // handshake, nor deliver application data. Protected by in.Mutex.
+ retryCount int
+
+ // activeCall is an atomic int32; the low bit is whether Close has
+ // been called. the rest of the bits are the number of goroutines
+ // in Conn.Write.
+ activeCall int32
+
+ used0RTT bool
+
+ tmp [16]byte
+}
+
+// Access to net.Conn methods.
+// Cannot just embed net.Conn because that would
+// export the struct field too.
+
+// LocalAddr returns the local network address.
+func (c *Conn) LocalAddr() net.Addr {
+ return c.conn.LocalAddr()
+}
+
+// RemoteAddr returns the remote network address.
+func (c *Conn) RemoteAddr() net.Addr {
+ return c.conn.RemoteAddr()
+}
+
+// SetDeadline sets the read and write deadlines associated with the connection.
+// A zero value for t means Read and Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetDeadline(t time.Time) error {
+ return c.conn.SetDeadline(t)
+}
+
+// SetReadDeadline sets the read deadline on the underlying connection.
+// A zero value for t means Read will not time out.
+func (c *Conn) SetReadDeadline(t time.Time) error {
+ return c.conn.SetReadDeadline(t)
+}
+
+// SetWriteDeadline sets the write deadline on the underlying connection.
+// A zero value for t means Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
+func (c *Conn) SetWriteDeadline(t time.Time) error {
+ return c.conn.SetWriteDeadline(t)
+}
+
+// A halfConn represents one direction of the record layer
+// connection, either sending or receiving.
+type halfConn struct {
+ sync.Mutex
+
+ err error // first permanent error
+ version uint16 // protocol version
+ cipher interface{} // cipher algorithm
+ mac hash.Hash
+ seq [8]byte // 64-bit sequence number
+
+ scratchBuf [13]byte // to avoid allocs; interface method args escape
+
+ nextCipher interface{} // next encryption state
+ nextMac hash.Hash // next MAC algorithm
+
+ trafficSecret []byte // current TLS 1.3 traffic secret
+
+ setKeyCallback func(encLevel EncryptionLevel, suite *CipherSuiteTLS13, trafficSecret []byte)
+}
+
+type permanentError struct {
+ err net.Error
+}
+
+func (e *permanentError) Error() string { return e.err.Error() }
+func (e *permanentError) Unwrap() error { return e.err }
+func (e *permanentError) Timeout() bool { return e.err.Timeout() }
+func (e *permanentError) Temporary() bool { return false }
+
+func (hc *halfConn) setErrorLocked(err error) error {
+ if e, ok := err.(net.Error); ok {
+ hc.err = &permanentError{err: e}
+ } else {
+ hc.err = err
+ }
+ return hc.err
+}
+
+// prepareCipherSpec sets the encryption and MAC states
+// that a subsequent changeCipherSpec will use.
+func (hc *halfConn) prepareCipherSpec(version uint16, cipher interface{}, mac hash.Hash) {
+ hc.version = version
+ hc.nextCipher = cipher
+ hc.nextMac = mac
+}
+
+// changeCipherSpec changes the encryption and MAC states
+// to the ones previously passed to prepareCipherSpec.
+func (hc *halfConn) changeCipherSpec() error {
+ if hc.nextCipher == nil || hc.version == VersionTLS13 {
+ return alertInternalError
+ }
+ hc.cipher = hc.nextCipher
+ hc.mac = hc.nextMac
+ hc.nextCipher = nil
+ hc.nextMac = nil
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+ return nil
+}
+
+func (hc *halfConn) exportKey(encLevel EncryptionLevel, suite *cipherSuiteTLS13, trafficSecret []byte) {
+ if hc.setKeyCallback != nil {
+ s := &CipherSuiteTLS13{
+ ID: suite.id,
+ KeyLen: suite.keyLen,
+ Hash: suite.hash,
+ AEAD: func(key, fixedNonce []byte) cipher.AEAD { return suite.aead(key, fixedNonce) },
+ }
+ hc.setKeyCallback(encLevel, s, trafficSecret)
+ }
+}
+
+func (hc *halfConn) setTrafficSecret(suite *cipherSuiteTLS13, secret []byte) {
+ hc.trafficSecret = secret
+ key, iv := suite.trafficKey(secret)
+ hc.cipher = suite.aead(key, iv)
+ for i := range hc.seq {
+ hc.seq[i] = 0
+ }
+}
+
+// incSeq increments the sequence number.
+func (hc *halfConn) incSeq() {
+ for i := 7; i >= 0; i-- {
+ hc.seq[i]++
+ if hc.seq[i] != 0 {
+ return
+ }
+ }
+
+ // Not allowed to let sequence number wrap.
+ // Instead, must renegotiate before it does.
+ // Not likely enough to bother.
+ panic("TLS: sequence number wraparound")
+}
+
+// explicitNonceLen returns the number of bytes of explicit nonce or IV included
+// in each record. Explicit nonces are present only in CBC modes after TLS 1.0
+// and in certain AEAD modes in TLS 1.2.
+func (hc *halfConn) explicitNonceLen() int {
+ if hc.cipher == nil {
+ return 0
+ }
+
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ return 0
+ case aead:
+ return c.explicitNonceLen()
+ case cbcMode:
+ // TLS 1.1 introduced a per-record explicit IV to fix the BEAST attack.
+ if hc.version >= VersionTLS11 {
+ return c.BlockSize()
+ }
+ return 0
+ default:
+ panic("unknown cipher type")
+ }
+}
+
+// extractPadding returns, in constant time, the length of the padding to remove
+// from the end of payload. It also returns a byte which is equal to 255 if the
+// padding was valid and 0 otherwise. See RFC 2246, Section 6.2.3.2.
+func extractPadding(payload []byte) (toRemove int, good byte) {
+ if len(payload) < 1 {
+ return 0, 0
+ }
+
+ paddingLen := payload[len(payload)-1]
+ t := uint(len(payload)-1) - uint(paddingLen)
+ // if len(payload) >= (paddingLen - 1) then the MSB of t is zero
+ good = byte(int32(^t) >> 31)
+
+ // The maximum possible padding length plus the actual length field
+ toCheck := 256
+ // The length of the padded data is public, so we can use an if here
+ if toCheck > len(payload) {
+ toCheck = len(payload)
+ }
+
+ for i := 0; i < toCheck; i++ {
+ t := uint(paddingLen) - uint(i)
+ // if i <= paddingLen then the MSB of t is zero
+ mask := byte(int32(^t) >> 31)
+ b := payload[len(payload)-1-i]
+ good &^= mask&paddingLen ^ mask&b
+ }
+
+ // We AND together the bits of good and replicate the result across
+ // all the bits.
+ good &= good << 4
+ good &= good << 2
+ good &= good << 1
+ good = uint8(int8(good) >> 7)
+
+ // Zero the padding length on error. This ensures any unchecked bytes
+ // are included in the MAC. Otherwise, an attacker that could
+ // distinguish MAC failures from padding failures could mount an attack
+ // similar to POODLE in SSL 3.0: given a good ciphertext that uses a
+ // full block's worth of padding, replace the final block with another
+ // block. If the MAC check passed but the padding check failed, the
+ // last byte of that block decrypted to the block size.
+ //
+ // See also macAndPaddingGood logic below.
+ paddingLen &= good
+
+ toRemove = int(paddingLen) + 1
+ return
+}
+
+func roundUp(a, b int) int {
+ return a + (b-a%b)%b
+}
+
+// cbcMode is an interface for block ciphers using cipher block chaining.
+type cbcMode interface {
+ cipher.BlockMode
+ SetIV([]byte)
+}
+
+// decrypt authenticates and decrypts the record if protection is active at
+// this stage. The returned plaintext might overlap with the input.
+func (hc *halfConn) decrypt(record []byte) ([]byte, recordType, error) {
+ var plaintext []byte
+ typ := recordType(record[0])
+ payload := record[recordHeaderLen:]
+
+ // In TLS 1.3, change_cipher_spec messages are to be ignored without being
+ // decrypted. See RFC 8446, Appendix D.4.
+ if hc.version == VersionTLS13 && typ == recordTypeChangeCipherSpec {
+ return payload, typ, nil
+ }
+
+ paddingGood := byte(255)
+ paddingLen := 0
+
+ explicitNonceLen := hc.explicitNonceLen()
+
+ if hc.cipher != nil {
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ c.XORKeyStream(payload, payload)
+ case aead:
+ if len(payload) < explicitNonceLen {
+ return nil, 0, alertBadRecordMAC
+ }
+ nonce := payload[:explicitNonceLen]
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+ payload = payload[explicitNonceLen:]
+
+ var additionalData []byte
+ if hc.version == VersionTLS13 {
+ additionalData = record[:recordHeaderLen]
+ } else {
+ additionalData = append(hc.scratchBuf[:0], hc.seq[:]...)
+ additionalData = append(additionalData, record[:3]...)
+ n := len(payload) - c.Overhead()
+ additionalData = append(additionalData, byte(n>>8), byte(n))
+ }
+
+ var err error
+ plaintext, err = c.Open(payload[:0], nonce, payload, additionalData)
+ if err != nil {
+ return nil, 0, alertBadRecordMAC
+ }
+ case cbcMode:
+ blockSize := c.BlockSize()
+ minPayload := explicitNonceLen + roundUp(hc.mac.Size()+1, blockSize)
+ if len(payload)%blockSize != 0 || len(payload) < minPayload {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ if explicitNonceLen > 0 {
+ c.SetIV(payload[:explicitNonceLen])
+ payload = payload[explicitNonceLen:]
+ }
+ c.CryptBlocks(payload, payload)
+
+ // In a limited attempt to protect against CBC padding oracles like
+ // Lucky13, the data past paddingLen (which is secret) is passed to
+ // the MAC function as extra data, to be fed into the HMAC after
+ // computing the digest. This makes the MAC roughly constant time as
+ // long as the digest computation is constant time and does not
+ // affect the subsequent write, modulo cache effects.
+ paddingLen, paddingGood = extractPadding(payload)
+ default:
+ panic("unknown cipher type")
+ }
+
+ if hc.version == VersionTLS13 {
+ if typ != recordTypeApplicationData {
+ return nil, 0, alertUnexpectedMessage
+ }
+ if len(plaintext) > maxPlaintext+1 {
+ return nil, 0, alertRecordOverflow
+ }
+ // Remove padding and find the ContentType scanning from the end.
+ for i := len(plaintext) - 1; i >= 0; i-- {
+ if plaintext[i] != 0 {
+ typ = recordType(plaintext[i])
+ plaintext = plaintext[:i]
+ break
+ }
+ if i == 0 {
+ return nil, 0, alertUnexpectedMessage
+ }
+ }
+ }
+ } else {
+ plaintext = payload
+ }
+
+ if hc.mac != nil {
+ macSize := hc.mac.Size()
+ if len(payload) < macSize {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ n := len(payload) - macSize - paddingLen
+ n = subtle.ConstantTimeSelect(int(uint32(n)>>31), 0, n) // if n < 0 { n = 0 }
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ remoteMAC := payload[n : n+macSize]
+ localMAC := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload[:n], payload[n+macSize:])
+
+ // This is equivalent to checking the MACs and paddingGood
+ // separately, but in constant-time to prevent distinguishing
+ // padding failures from MAC failures. Depending on what value
+ // of paddingLen was returned on bad padding, distinguishing
+ // bad MAC from bad padding can lead to an attack.
+ //
+ // See also the logic at the end of extractPadding.
+ macAndPaddingGood := subtle.ConstantTimeCompare(localMAC, remoteMAC) & int(paddingGood)
+ if macAndPaddingGood != 1 {
+ return nil, 0, alertBadRecordMAC
+ }
+
+ plaintext = payload[:n]
+ }
+
+ hc.incSeq()
+ return plaintext, typ, nil
+}
+
+func (c *Conn) setAlternativeRecordLayer() {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.in.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetReadKey
+ c.out.setKeyCallback = c.extraConfig.AlternativeRecordLayer.SetWriteKey
+ }
+}
+
+// sliceForAppend extends the input slice by n bytes. head is the full extended
+// slice, while tail is the appended part. If the original slice has sufficient
+// capacity no allocation is performed.
+func sliceForAppend(in []byte, n int) (head, tail []byte) {
+ if total := len(in) + n; cap(in) >= total {
+ head = in[:total]
+ } else {
+ head = make([]byte, total)
+ copy(head, in)
+ }
+ tail = head[len(in):]
+ return
+}
+
+// encrypt encrypts payload, adding the appropriate nonce and/or MAC, and
+// appends it to record, which must already contain the record header.
+func (hc *halfConn) encrypt(record, payload []byte, rand io.Reader) ([]byte, error) {
+ if hc.cipher == nil {
+ return append(record, payload...), nil
+ }
+
+ var explicitNonce []byte
+ if explicitNonceLen := hc.explicitNonceLen(); explicitNonceLen > 0 {
+ record, explicitNonce = sliceForAppend(record, explicitNonceLen)
+ if _, isCBC := hc.cipher.(cbcMode); !isCBC && explicitNonceLen < 16 {
+ // The AES-GCM construction in TLS has an explicit nonce so that the
+ // nonce can be random. However, the nonce is only 8 bytes which is
+ // too small for a secure, random nonce. Therefore we use the
+ // sequence number as the nonce. The 3DES-CBC construction also has
+ // an 8 bytes nonce but its nonces must be unpredictable (see RFC
+ // 5246, Appendix F.3), forcing us to use randomness. That's not
+ // 3DES' biggest problem anyway because the birthday bound on block
+ // collision is reached first due to its similarly small block size
+ // (see the Sweet32 attack).
+ copy(explicitNonce, hc.seq[:])
+ } else {
+ if _, err := io.ReadFull(rand, explicitNonce); err != nil {
+ return nil, err
+ }
+ }
+ }
+
+ var dst []byte
+ switch c := hc.cipher.(type) {
+ case cipher.Stream:
+ mac := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload, nil)
+ record, dst = sliceForAppend(record, len(payload)+len(mac))
+ c.XORKeyStream(dst[:len(payload)], payload)
+ c.XORKeyStream(dst[len(payload):], mac)
+ case aead:
+ nonce := explicitNonce
+ if len(nonce) == 0 {
+ nonce = hc.seq[:]
+ }
+
+ if hc.version == VersionTLS13 {
+ record = append(record, payload...)
+
+ // Encrypt the actual ContentType and replace the plaintext one.
+ record = append(record, record[0])
+ record[0] = byte(recordTypeApplicationData)
+
+ n := len(payload) + 1 + c.Overhead()
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+
+ record = c.Seal(record[:recordHeaderLen],
+ nonce, record[recordHeaderLen:], record[:recordHeaderLen])
+ } else {
+ additionalData := append(hc.scratchBuf[:0], hc.seq[:]...)
+ additionalData = append(additionalData, record[:recordHeaderLen]...)
+ record = c.Seal(record, nonce, payload, additionalData)
+ }
+ case cbcMode:
+ mac := tls10MAC(hc.mac, hc.scratchBuf[:0], hc.seq[:], record[:recordHeaderLen], payload, nil)
+ blockSize := c.BlockSize()
+ plaintextLen := len(payload) + len(mac)
+ paddingLen := blockSize - plaintextLen%blockSize
+ record, dst = sliceForAppend(record, plaintextLen+paddingLen)
+ copy(dst, payload)
+ copy(dst[len(payload):], mac)
+ for i := plaintextLen; i < len(dst); i++ {
+ dst[i] = byte(paddingLen - 1)
+ }
+ if len(explicitNonce) > 0 {
+ c.SetIV(explicitNonce)
+ }
+ c.CryptBlocks(dst, dst)
+ default:
+ panic("unknown cipher type")
+ }
+
+ // Update length to include nonce, MAC and any block padding needed.
+ n := len(record) - recordHeaderLen
+ record[3] = byte(n >> 8)
+ record[4] = byte(n)
+ hc.incSeq()
+
+ return record, nil
+}
+
+// RecordHeaderError is returned when a TLS record header is invalid.
+type RecordHeaderError struct {
+ // Msg contains a human readable string that describes the error.
+ Msg string
+ // RecordHeader contains the five bytes of TLS record header that
+ // triggered the error.
+ RecordHeader [5]byte
+ // Conn provides the underlying net.Conn in the case that a client
+ // sent an initial handshake that didn't look like TLS.
+ // It is nil if there's already been a handshake or a TLS alert has
+ // been written to the connection.
+ Conn net.Conn
+}
+
+func (e RecordHeaderError) Error() string { return "tls: " + e.Msg }
+
+func (c *Conn) newRecordHeaderError(conn net.Conn, msg string) (err RecordHeaderError) {
+ err.Msg = msg
+ err.Conn = conn
+ copy(err.RecordHeader[:], c.rawInput.Bytes())
+ return err
+}
+
+func (c *Conn) readRecord() error {
+ return c.readRecordOrCCS(false)
+}
+
+func (c *Conn) readChangeCipherSpec() error {
+ return c.readRecordOrCCS(true)
+}
+
+// readRecordOrCCS reads one or more TLS records from the connection and
+// updates the record layer state. Some invariants:
+// * c.in must be locked
+// * c.input must be empty
+// During the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.in.changeCipherSpec is called
+// - an error is returned
+// After the handshake one and only one of the following will happen:
+// - c.hand grows
+// - c.input is set
+// - an error is returned
+func (c *Conn) readRecordOrCCS(expectChangeCipherSpec bool) error {
+ if c.in.err != nil {
+ return c.in.err
+ }
+ handshakeComplete := c.handshakeComplete()
+
+ // This function modifies c.rawInput, which owns the c.input memory.
+ if c.input.Len() != 0 {
+ return c.in.setErrorLocked(errors.New("tls: internal error: attempted to read record with pending application data"))
+ }
+ c.input.Reset(nil)
+
+ // Read header, payload.
+ if err := c.readFromUntil(c.conn, recordHeaderLen); err != nil {
+ // RFC 8446, Section 6.1 suggests that EOF without an alertCloseNotify
+ // is an error, but popular web sites seem to do this, so we accept it
+ // if and only if at the record boundary.
+ if err == io.ErrUnexpectedEOF && c.rawInput.Len() == 0 {
+ err = io.EOF
+ }
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+ hdr := c.rawInput.Bytes()[:recordHeaderLen]
+ typ := recordType(hdr[0])
+
+ // No valid TLS record has a type of 0x80, however SSLv2 handshakes
+ // start with a uint16 length where the MSB is set and the first record
+ // is always < 256 bytes long. Therefore typ == 0x80 strongly suggests
+ // an SSLv2 client.
+ if !handshakeComplete && typ == 0x80 {
+ c.sendAlert(alertProtocolVersion)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, "unsupported SSLv2 handshake received"))
+ }
+
+ vers := uint16(hdr[1])<<8 | uint16(hdr[2])
+ n := int(hdr[3])<<8 | int(hdr[4])
+ if c.haveVers && c.vers != VersionTLS13 && vers != c.vers {
+ c.sendAlert(alertProtocolVersion)
+ msg := fmt.Sprintf("received record with version %x when expecting version %x", vers, c.vers)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if !c.haveVers {
+ // First message, be extra suspicious: this might not be a TLS
+ // client. Bail out before reading a full 'body', if possible.
+ // The current max version is 3.3 so if the version is >= 16.0,
+ // it's probably not real.
+ if (typ != recordTypeAlert && typ != recordTypeHandshake) || vers >= 0x1000 {
+ return c.in.setErrorLocked(c.newRecordHeaderError(c.conn, "first record does not look like a TLS handshake"))
+ }
+ }
+ if c.vers == VersionTLS13 && n > maxCiphertextTLS13 || n > maxCiphertext {
+ c.sendAlert(alertRecordOverflow)
+ msg := fmt.Sprintf("oversized record received with length %d", n)
+ return c.in.setErrorLocked(c.newRecordHeaderError(nil, msg))
+ }
+ if err := c.readFromUntil(c.conn, recordHeaderLen+n); err != nil {
+ if e, ok := err.(net.Error); !ok || !e.Temporary() {
+ c.in.setErrorLocked(err)
+ }
+ return err
+ }
+
+ // Process message.
+ record := c.rawInput.Next(recordHeaderLen + n)
+ data, typ, err := c.in.decrypt(record)
+ if err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+ if len(data) > maxPlaintext {
+ return c.in.setErrorLocked(c.sendAlert(alertRecordOverflow))
+ }
+
+ // Application Data messages are always protected.
+ if c.in.cipher == nil && typ == recordTypeApplicationData {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ if typ != recordTypeAlert && typ != recordTypeChangeCipherSpec && len(data) > 0 {
+ // This is a state-advancing message: reset the retry count.
+ c.retryCount = 0
+ }
+
+ // Handshake messages MUST NOT be interleaved with other record types in TLS 1.3.
+ if c.vers == VersionTLS13 && typ != recordTypeHandshake && c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ switch typ {
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+
+ case recordTypeAlert:
+ if len(data) != 2 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if alert(data[1]) == alertCloseNotify {
+ return c.in.setErrorLocked(io.EOF)
+ }
+ if c.vers == VersionTLS13 {
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ }
+ switch data[0] {
+ case alertLevelWarning:
+ // Drop the record on the floor and retry.
+ return c.retryReadRecord(expectChangeCipherSpec)
+ case alertLevelError:
+ return c.in.setErrorLocked(&net.OpError{Op: "remote error", Err: alert(data[1])})
+ default:
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ case recordTypeChangeCipherSpec:
+ if len(data) != 1 || data[0] != 1 {
+ return c.in.setErrorLocked(c.sendAlert(alertDecodeError))
+ }
+ // Handshake messages are not allowed to fragment across the CCS.
+ if c.hand.Len() > 0 {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // In TLS 1.3, change_cipher_spec records are ignored until the
+ // Finished. See RFC 8446, Appendix D.4. Note that according to Section
+ // 5, a server can send a ChangeCipherSpec before its ServerHello, when
+ // c.vers is still unset. That's not useful though and suspicious if the
+ // server then selects a lower protocol version, so don't allow that.
+ if c.vers == VersionTLS13 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ if !expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ if err := c.in.changeCipherSpec(); err != nil {
+ return c.in.setErrorLocked(c.sendAlert(err.(alert)))
+ }
+
+ case recordTypeApplicationData:
+ if !handshakeComplete || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ // Some OpenSSL servers send empty records in order to randomize the
+ // CBC IV. Ignore a limited number of empty records.
+ if len(data) == 0 {
+ return c.retryReadRecord(expectChangeCipherSpec)
+ }
+ // Note that data is owned by c.rawInput, following the Next call above,
+ // to avoid copying the plaintext. This is safe because c.rawInput is
+ // not read from or written to until c.input is drained.
+ c.input.Reset(data)
+
+ case recordTypeHandshake:
+ if len(data) == 0 || expectChangeCipherSpec {
+ return c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ c.hand.Write(data)
+ }
+
+ return nil
+}
+
+// retryReadRecord recurses into readRecordOrCCS to drop a non-advancing record, like
+// a warning alert, empty application_data, or a change_cipher_spec in TLS 1.3.
+func (c *Conn) retryReadRecord(expectChangeCipherSpec bool) error {
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many ignored records"))
+ }
+ return c.readRecordOrCCS(expectChangeCipherSpec)
+}
+
+// atLeastReader reads from R, stopping with EOF once at least N bytes have been
+// read. It is different from an io.LimitedReader in that it doesn't cut short
+// the last Read call, and in that it considers an early EOF an error.
+type atLeastReader struct {
+ R io.Reader
+ N int64
+}
+
+func (r *atLeastReader) Read(p []byte) (int, error) {
+ if r.N <= 0 {
+ return 0, io.EOF
+ }
+ n, err := r.R.Read(p)
+ r.N -= int64(n) // won't underflow unless len(p) >= n > 9223372036854775809
+ if r.N > 0 && err == io.EOF {
+ return n, io.ErrUnexpectedEOF
+ }
+ if r.N <= 0 && err == nil {
+ return n, io.EOF
+ }
+ return n, err
+}
+
+// readFromUntil reads from r into c.rawInput until c.rawInput contains
+// at least n bytes or else returns an error.
+func (c *Conn) readFromUntil(r io.Reader, n int) error {
+ if c.rawInput.Len() >= n {
+ return nil
+ }
+ needs := n - c.rawInput.Len()
+ // There might be extra input waiting on the wire. Make a best effort
+ // attempt to fetch it so that it can be used in (*Conn).Read to
+ // "predict" closeNotify alerts.
+ c.rawInput.Grow(needs + bytes.MinRead)
+ _, err := c.rawInput.ReadFrom(&atLeastReader{r, int64(needs)})
+ return err
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlertLocked(err alert) error {
+ switch err {
+ case alertNoRenegotiation, alertCloseNotify:
+ c.tmp[0] = alertLevelWarning
+ default:
+ c.tmp[0] = alertLevelError
+ }
+ c.tmp[1] = byte(err)
+
+ _, writeErr := c.writeRecordLocked(recordTypeAlert, c.tmp[0:2])
+ if err == alertCloseNotify {
+ // closeNotify is a special case in that it isn't an error.
+ return writeErr
+ }
+
+ return c.out.setErrorLocked(&net.OpError{Op: "local error", Err: err})
+}
+
+// sendAlert sends a TLS alert message.
+func (c *Conn) sendAlert(err alert) error {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ c.extraConfig.AlternativeRecordLayer.SendAlert(uint8(err))
+ return &net.OpError{Op: "local error", Err: err}
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+ return c.sendAlertLocked(err)
+}
+
+const (
+ // tcpMSSEstimate is a conservative estimate of the TCP maximum segment
+ // size (MSS). A constant is used, rather than querying the kernel for
+ // the actual MSS, to avoid complexity. The value here is the IPv6
+ // minimum MTU (1280 bytes) minus the overhead of an IPv6 header (40
+ // bytes) and a TCP header with timestamps (32 bytes).
+ tcpMSSEstimate = 1208
+
+ // recordSizeBoostThreshold is the number of bytes of application data
+ // sent after which the TLS record size will be increased to the
+ // maximum.
+ recordSizeBoostThreshold = 128 * 1024
+)
+
+// maxPayloadSizeForWrite returns the maximum TLS payload size to use for the
+// next application data record. There is the following trade-off:
+//
+// - For latency-sensitive applications, such as web browsing, each TLS
+// record should fit in one TCP segment.
+// - For throughput-sensitive applications, such as large file transfers,
+// larger TLS records better amortize framing and encryption overheads.
+//
+// A simple heuristic that works well in practice is to use small records for
+// the first 1MB of data, then use larger records for subsequent data, and
+// reset back to smaller records after the connection becomes idle. See "High
+// Performance Web Networking", Chapter 4, or:
+// https://www.igvita.com/2013/10/24/optimizing-tls-record-size-and-buffering-latency/
+//
+// In the interests of simplicity and determinism, this code does not attempt
+// to reset the record size once the connection is idle, however.
+func (c *Conn) maxPayloadSizeForWrite(typ recordType) int {
+ if c.config.DynamicRecordSizingDisabled || typ != recordTypeApplicationData {
+ return maxPlaintext
+ }
+
+ if c.bytesSent >= recordSizeBoostThreshold {
+ return maxPlaintext
+ }
+
+ // Subtract TLS overheads to get the maximum payload size.
+ payloadBytes := tcpMSSEstimate - recordHeaderLen - c.out.explicitNonceLen()
+ if c.out.cipher != nil {
+ switch ciph := c.out.cipher.(type) {
+ case cipher.Stream:
+ payloadBytes -= c.out.mac.Size()
+ case cipher.AEAD:
+ payloadBytes -= ciph.Overhead()
+ case cbcMode:
+ blockSize := ciph.BlockSize()
+ // The payload must fit in a multiple of blockSize, with
+ // room for at least one padding byte.
+ payloadBytes = (payloadBytes & ^(blockSize - 1)) - 1
+ // The MAC is appended before padding so affects the
+ // payload size directly.
+ payloadBytes -= c.out.mac.Size()
+ default:
+ panic("unknown cipher type")
+ }
+ }
+ if c.vers == VersionTLS13 {
+ payloadBytes-- // encrypted ContentType
+ }
+
+ // Allow packet growth in arithmetic progression up to max.
+ pkt := c.packetsSent
+ c.packetsSent++
+ if pkt > 1000 {
+ return maxPlaintext // avoid overflow in multiply below
+ }
+
+ n := payloadBytes * int(pkt+1)
+ if n > maxPlaintext {
+ n = maxPlaintext
+ }
+ return n
+}
+
+func (c *Conn) write(data []byte) (int, error) {
+ if c.buffering {
+ c.sendBuf = append(c.sendBuf, data...)
+ return len(data), nil
+ }
+
+ n, err := c.conn.Write(data)
+ c.bytesSent += int64(n)
+ return n, err
+}
+
+func (c *Conn) flush() (int, error) {
+ if len(c.sendBuf) == 0 {
+ return 0, nil
+ }
+
+ n, err := c.conn.Write(c.sendBuf)
+ c.bytesSent += int64(n)
+ c.sendBuf = nil
+ c.buffering = false
+ return n, err
+}
+
+// outBufPool pools the record-sized scratch buffers used by writeRecordLocked.
+var outBufPool = sync.Pool{
+ New: func() interface{} {
+ return new([]byte)
+ },
+}
+
+// writeRecordLocked writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecordLocked(typ recordType, data []byte) (int, error) {
+ outBufPtr := outBufPool.Get().(*[]byte)
+ outBuf := *outBufPtr
+ defer func() {
+ // You might be tempted to simplify this by just passing &outBuf to Put,
+ // but that would make the local copy of the outBuf slice header escape
+ // to the heap, causing an allocation. Instead, we keep around the
+ // pointer to the slice header returned by Get, which is already on the
+ // heap, and overwrite and return that.
+ *outBufPtr = outBuf
+ outBufPool.Put(outBufPtr)
+ }()
+
+ var n int
+ for len(data) > 0 {
+ m := len(data)
+ if maxPayload := c.maxPayloadSizeForWrite(typ); m > maxPayload {
+ m = maxPayload
+ }
+
+ _, outBuf = sliceForAppend(outBuf[:0], recordHeaderLen)
+ outBuf[0] = byte(typ)
+ vers := c.vers
+ if vers == 0 {
+ // Some TLS servers fail if the record version is
+ // greater than TLS 1.0 for the initial ClientHello.
+ vers = VersionTLS10
+ } else if vers == VersionTLS13 {
+ // TLS 1.3 froze the record layer version to 1.2.
+ // See RFC 8446, Section 5.1.
+ vers = VersionTLS12
+ }
+ outBuf[1] = byte(vers >> 8)
+ outBuf[2] = byte(vers)
+ outBuf[3] = byte(m >> 8)
+ outBuf[4] = byte(m)
+
+ var err error
+ outBuf, err = c.out.encrypt(outBuf, data[:m], c.config.rand())
+ if err != nil {
+ return n, err
+ }
+ if _, err := c.write(outBuf); err != nil {
+ return n, err
+ }
+ n += m
+ data = data[m:]
+ }
+
+ if typ == recordTypeChangeCipherSpec && c.vers != VersionTLS13 {
+ if err := c.out.changeCipherSpec(); err != nil {
+ return n, c.sendAlertLocked(err.(alert))
+ }
+ }
+
+ return n, nil
+}
+
+// writeRecord writes a TLS record with the given type and payload to the
+// connection and updates the record layer state.
+func (c *Conn) writeRecord(typ recordType, data []byte) (int, error) {
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ if typ == recordTypeChangeCipherSpec {
+ return len(data), nil
+ }
+ return c.extraConfig.AlternativeRecordLayer.WriteRecord(data)
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ return c.writeRecordLocked(typ, data)
+}
+
+// readHandshake reads the next handshake message from
+// the record layer.
+func (c *Conn) readHandshake() (interface{}, error) {
+ var data []byte
+ if c.extraConfig != nil && c.extraConfig.AlternativeRecordLayer != nil {
+ var err error
+ data, err = c.extraConfig.AlternativeRecordLayer.ReadHandshakeMessage()
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ for c.hand.Len() < 4 {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+
+ data = c.hand.Bytes()
+ n := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if n > maxHandshake {
+ c.sendAlertLocked(alertInternalError)
+ return nil, c.in.setErrorLocked(fmt.Errorf("tls: handshake message of length %d bytes exceeds maximum of %d bytes", n, maxHandshake))
+ }
+ for c.hand.Len() < 4+n {
+ if err := c.readRecord(); err != nil {
+ return nil, err
+ }
+ }
+ data = c.hand.Next(4 + n)
+ }
+ var m handshakeMessage
+ switch data[0] {
+ case typeHelloRequest:
+ m = new(helloRequestMsg)
+ case typeClientHello:
+ m = new(clientHelloMsg)
+ case typeServerHello:
+ m = new(serverHelloMsg)
+ case typeNewSessionTicket:
+ if c.vers == VersionTLS13 {
+ m = new(newSessionTicketMsgTLS13)
+ } else {
+ m = new(newSessionTicketMsg)
+ }
+ case typeCertificate:
+ if c.vers == VersionTLS13 {
+ m = new(certificateMsgTLS13)
+ } else {
+ m = new(certificateMsg)
+ }
+ case typeCertificateRequest:
+ if c.vers == VersionTLS13 {
+ m = new(certificateRequestMsgTLS13)
+ } else {
+ m = &certificateRequestMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ }
+ case typeCertificateStatus:
+ m = new(certificateStatusMsg)
+ case typeServerKeyExchange:
+ m = new(serverKeyExchangeMsg)
+ case typeServerHelloDone:
+ m = new(serverHelloDoneMsg)
+ case typeClientKeyExchange:
+ m = new(clientKeyExchangeMsg)
+ case typeCertificateVerify:
+ m = &certificateVerifyMsg{
+ hasSignatureAlgorithm: c.vers >= VersionTLS12,
+ }
+ case typeFinished:
+ m = new(finishedMsg)
+ case typeEncryptedExtensions:
+ m = new(encryptedExtensionsMsg)
+ case typeEndOfEarlyData:
+ m = new(endOfEarlyDataMsg)
+ case typeKeyUpdate:
+ m = new(keyUpdateMsg)
+ default:
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+
+ // The handshake message unmarshalers
+ // expect to be able to keep references to data,
+ // so pass in a fresh copy that won't be overwritten.
+ data = append([]byte(nil), data...)
+
+ if !m.unmarshal(data) {
+ return nil, c.in.setErrorLocked(c.sendAlert(alertUnexpectedMessage))
+ }
+ return m, nil
+}
+
+var (
+ errShutdown = errors.New("tls: protocol is shutdown")
+)
+
+// Write writes data to the connection.
+//
+// As Write calls Handshake, in order to prevent indefinite blocking a deadline
+// must be set for both Read and Write before Write is called when the handshake
+// has not yet completed. See SetDeadline, SetReadDeadline, and
+// SetWriteDeadline.
+func (c *Conn) Write(b []byte) (int, error) {
+ // interlock with Close below
+ for {
+ x := atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return 0, net.ErrClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x+2) {
+ break
+ }
+ }
+ defer atomic.AddInt32(&c.activeCall, -2)
+
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if err := c.out.err; err != nil {
+ return 0, err
+ }
+
+ if !c.handshakeComplete() {
+ return 0, alertInternalError
+ }
+
+ if c.closeNotifySent {
+ return 0, errShutdown
+ }
+
+ // TLS 1.0 is susceptible to a chosen-plaintext
+ // attack when using block mode ciphers due to predictable IVs.
+ // This can be prevented by splitting each Application Data
+ // record into two records, effectively randomizing the IV.
+ //
+ // https://www.openssl.org/~bodo/tls-cbc.txt
+ // https://bugzilla.mozilla.org/show_bug.cgi?id=665814
+ // https://www.imperialviolet.org/2012/01/15/beastfollowup.html
+
+ var m int
+ if len(b) > 1 && c.vers == VersionTLS10 {
+ if _, ok := c.out.cipher.(cipher.BlockMode); ok {
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b[:1])
+ if err != nil {
+ return n, c.out.setErrorLocked(err)
+ }
+ m, b = 1, b[1:]
+ }
+ }
+
+ n, err := c.writeRecordLocked(recordTypeApplicationData, b)
+ return n + m, c.out.setErrorLocked(err)
+}
+
+// handleRenegotiation processes a HelloRequest handshake message.
+func (c *Conn) handleRenegotiation() error {
+ if c.vers == VersionTLS13 {
+ return errors.New("tls: internal error: unexpected renegotiation")
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ helloReq, ok := msg.(*helloRequestMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(helloReq, msg)
+ }
+
+ if !c.isClient {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+
+ switch c.config.Renegotiation {
+ case RenegotiateNever:
+ return c.sendAlert(alertNoRenegotiation)
+ case RenegotiateOnceAsClient:
+ if c.handshakes > 1 {
+ return c.sendAlert(alertNoRenegotiation)
+ }
+ case RenegotiateFreelyAsClient:
+ // Ok.
+ default:
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: unknown Renegotiation value")
+ }
+
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ atomic.StoreUint32(&c.handshakeStatus, 0)
+ if c.handshakeErr = c.clientHandshake(context.Background()); c.handshakeErr == nil {
+ c.handshakes++
+ }
+ return c.handshakeErr
+}
+
+func (c *Conn) HandlePostHandshakeMessage() error {
+ return c.handlePostHandshakeMessage()
+}
+
+// handlePostHandshakeMessage processes a handshake message arrived after the
+// handshake is complete. Up to TLS 1.2, it indicates the start of a renegotiation.
+func (c *Conn) handlePostHandshakeMessage() error {
+ if c.vers != VersionTLS13 {
+ return c.handleRenegotiation()
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ c.retryCount++
+ if c.retryCount > maxUselessRecords {
+ c.sendAlert(alertUnexpectedMessage)
+ return c.in.setErrorLocked(errors.New("tls: too many non-advancing records"))
+ }
+
+ switch msg := msg.(type) {
+ case *newSessionTicketMsgTLS13:
+ return c.handleNewSessionTicket(msg)
+ case *keyUpdateMsg:
+ return c.handleKeyUpdate(msg)
+ default:
+ c.sendAlert(alertUnexpectedMessage)
+ return fmt.Errorf("tls: received unexpected handshake message of type %T", msg)
+ }
+}
+
+func (c *Conn) handleKeyUpdate(keyUpdate *keyUpdateMsg) error {
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil {
+ return c.in.setErrorLocked(c.sendAlert(alertInternalError))
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.in.trafficSecret)
+ c.in.setTrafficSecret(cipherSuite, newSecret)
+
+ if keyUpdate.updateRequested {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ msg := &keyUpdateMsg{}
+ _, err := c.writeRecordLocked(recordTypeHandshake, msg.marshal())
+ if err != nil {
+ // Surface the error at the next write.
+ c.out.setErrorLocked(err)
+ return nil
+ }
+
+ newSecret := cipherSuite.nextTrafficSecret(c.out.trafficSecret)
+ c.out.setTrafficSecret(cipherSuite, newSecret)
+ }
+
+ return nil
+}
+
+// Read reads data from the connection.
+//
+// As Read calls Handshake, in order to prevent indefinite blocking a deadline
+// must be set for both Read and Write before Read is called when the handshake
+// has not yet completed. See SetDeadline, SetReadDeadline, and
+// SetWriteDeadline.
+func (c *Conn) Read(b []byte) (int, error) {
+ if err := c.Handshake(); err != nil {
+ return 0, err
+ }
+ if len(b) == 0 {
+ // Put this after Handshake, in case people were calling
+ // Read(nil) for the side effect of the Handshake.
+ return 0, nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ for c.input.Len() == 0 {
+ if err := c.readRecord(); err != nil {
+ return 0, err
+ }
+ for c.hand.Len() > 0 {
+ if err := c.handlePostHandshakeMessage(); err != nil {
+ return 0, err
+ }
+ }
+ }
+
+ n, _ := c.input.Read(b)
+
+ // If a close-notify alert is waiting, read it so that we can return (n,
+ // EOF) instead of (n, nil), to signal to the HTTP response reading
+ // goroutine that the connection is now closed. This eliminates a race
+ // where the HTTP response reading goroutine would otherwise not observe
+ // the EOF until its next read, by which time a client goroutine might
+ // have already tried to reuse the HTTP connection for a new request.
+ // See https://golang.org/cl/76400046 and https://golang.org/issue/3514
+ if n != 0 && c.input.Len() == 0 && c.rawInput.Len() > 0 &&
+ recordType(c.rawInput.Bytes()[0]) == recordTypeAlert {
+ if err := c.readRecord(); err != nil {
+ return n, err // will be io.EOF on closeNotify
+ }
+ }
+
+ return n, nil
+}
+
+// Close closes the connection.
+func (c *Conn) Close() error {
+ // Interlock with Conn.Write above.
+ var x int32
+ for {
+ x = atomic.LoadInt32(&c.activeCall)
+ if x&1 != 0 {
+ return net.ErrClosed
+ }
+ if atomic.CompareAndSwapInt32(&c.activeCall, x, x|1) {
+ break
+ }
+ }
+ if x != 0 {
+ // io.Writer and io.Closer should not be used concurrently.
+ // If Close is called while a Write is currently in-flight,
+ // interpret that as a sign that this Close is really just
+ // being used to break the Write and/or clean up resources and
+ // avoid sending the alertCloseNotify, which may block
+ // waiting on handshakeMutex or the c.out mutex.
+ return c.conn.Close()
+ }
+
+ var alertErr error
+ if c.handshakeComplete() {
+ if err := c.closeNotify(); err != nil {
+ alertErr = fmt.Errorf("tls: failed to send closeNotify alert (but connection was closed anyway): %w", err)
+ }
+ }
+
+ if err := c.conn.Close(); err != nil {
+ return err
+ }
+ return alertErr
+}
+
+var errEarlyCloseWrite = errors.New("tls: CloseWrite called before handshake complete")
+
+// CloseWrite shuts down the writing side of the connection. It should only be
+// called once the handshake has completed and does not call CloseWrite on the
+// underlying connection. Most callers should just use Close.
+func (c *Conn) CloseWrite() error {
+ if !c.handshakeComplete() {
+ return errEarlyCloseWrite
+ }
+
+ return c.closeNotify()
+}
+
+func (c *Conn) closeNotify() error {
+ c.out.Lock()
+ defer c.out.Unlock()
+
+ if !c.closeNotifySent {
+ // Set a Write Deadline to prevent possibly blocking forever.
+ c.SetWriteDeadline(time.Now().Add(time.Second * 5))
+ c.closeNotifyErr = c.sendAlertLocked(alertCloseNotify)
+ c.closeNotifySent = true
+ // Any subsequent writes will fail.
+ c.SetWriteDeadline(time.Now())
+ }
+ return c.closeNotifyErr
+}
+
+// Handshake runs the client or server handshake
+// protocol if it has not yet been run.
+//
+// Most uses of this package need not call Handshake explicitly: the
+// first Read or Write will call it automatically.
+//
+// For control over canceling or setting a timeout on a handshake, use
+// HandshakeContext or the Dialer's DialContext method instead.
+func (c *Conn) Handshake() error {
+ return c.HandshakeContext(context.Background())
+}
+
+// HandshakeContext runs the client or server handshake
+// protocol if it has not yet been run.
+//
+// The provided Context must be non-nil. If the context is canceled before
+// the handshake is complete, the handshake is interrupted and an error is returned.
+// Once the handshake has completed, cancellation of the context will not affect the
+// connection.
+//
+// Most uses of this package need not call HandshakeContext explicitly: the
+// first Read or Write will call it automatically.
+func (c *Conn) HandshakeContext(ctx context.Context) error {
+ // Delegate to unexported method for named return
+ // without confusing documented signature.
+ return c.handshakeContext(ctx)
+}
+
+func (c *Conn) handshakeContext(ctx context.Context) (ret error) {
+ handshakeCtx, cancel := context.WithCancel(ctx)
+ // Note: defer this before starting the "interrupter" goroutine
+ // so that we can tell the difference between the input being canceled and
+ // this cancellation. In the former case, we need to close the connection.
+ defer cancel()
+
+ // Start the "interrupter" goroutine, if this context might be canceled.
+ // (The background context cannot).
+ //
+ // The interrupter goroutine waits for the input context to be done and
+ // closes the connection if this happens before the function returns.
+ if ctx.Done() != nil {
+ done := make(chan struct{})
+ interruptRes := make(chan error, 1)
+ defer func() {
+ close(done)
+ if ctxErr := <-interruptRes; ctxErr != nil {
+ // Return context error to user.
+ ret = ctxErr
+ }
+ }()
+ go func() {
+ select {
+ case <-handshakeCtx.Done():
+ // Close the connection, discarding the error
+ _ = c.conn.Close()
+ interruptRes <- handshakeCtx.Err()
+ case <-done:
+ interruptRes <- nil
+ }
+ }()
+ }
+
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ if err := c.handshakeErr; err != nil {
+ return err
+ }
+ if c.handshakeComplete() {
+ return nil
+ }
+
+ c.in.Lock()
+ defer c.in.Unlock()
+
+ c.handshakeErr = c.handshakeFn(handshakeCtx)
+ if c.handshakeErr == nil {
+ c.handshakes++
+ } else {
+ // If an error occurred during the handshake try to flush the
+ // alert that might be left in the buffer.
+ c.flush()
+ }
+
+ if c.handshakeErr == nil && !c.handshakeComplete() {
+ c.handshakeErr = errors.New("tls: internal error: handshake should have had a result")
+ }
+
+ return c.handshakeErr
+}
+
+// ConnectionState returns basic TLS details about the connection.
+func (c *Conn) ConnectionState() ConnectionState {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return c.connectionStateLocked()
+}
+
+// ConnectionStateWith0RTT returns basic TLS details (incl. 0-RTT status) about the connection.
+func (c *Conn) ConnectionStateWith0RTT() ConnectionStateWith0RTT {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ return ConnectionStateWith0RTT{
+ ConnectionState: c.connectionStateLocked(),
+ Used0RTT: c.used0RTT,
+ }
+}
+
+func (c *Conn) connectionStateLocked() ConnectionState {
+ var state connectionState
+ state.HandshakeComplete = c.handshakeComplete()
+ state.Version = c.vers
+ state.NegotiatedProtocol = c.clientProtocol
+ state.DidResume = c.didResume
+ state.NegotiatedProtocolIsMutual = true
+ state.ServerName = c.serverName
+ state.CipherSuite = c.cipherSuite
+ state.PeerCertificates = c.peerCertificates
+ state.VerifiedChains = c.verifiedChains
+ state.SignedCertificateTimestamps = c.scts
+ state.OCSPResponse = c.ocspResponse
+ if !c.didResume && c.vers != VersionTLS13 {
+ if c.clientFinishedIsFirst {
+ state.TLSUnique = c.clientFinished[:]
+ } else {
+ state.TLSUnique = c.serverFinished[:]
+ }
+ }
+ if c.config.Renegotiation != RenegotiateNever {
+ state.ekm = noExportedKeyingMaterial
+ } else {
+ state.ekm = c.ekm
+ }
+ return toConnectionState(state)
+}
+
+// OCSPResponse returns the stapled OCSP response from the TLS server, if
+// any. (Only valid for client connections.)
+func (c *Conn) OCSPResponse() []byte {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+
+ return c.ocspResponse
+}
+
+// VerifyHostname checks that the peer certificate chain is valid for
+// connecting to host. If so, it returns nil; if not, it returns an error
+// describing the problem.
+func (c *Conn) VerifyHostname(host string) error {
+ c.handshakeMutex.Lock()
+ defer c.handshakeMutex.Unlock()
+ if !c.isClient {
+ return errors.New("tls: VerifyHostname called on TLS server connection")
+ }
+ if !c.handshakeComplete() {
+ return errors.New("tls: handshake has not yet been performed")
+ }
+ if len(c.verifiedChains) == 0 {
+ return errors.New("tls: handshake did not verify certificate chain")
+ }
+ return c.peerCertificates[0].VerifyHostname(host)
+}
+
+func (c *Conn) handshakeComplete() bool {
+ return atomic.LoadUint32(&c.handshakeStatus) == 1
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/go.mod b/vendor/github.com/marten-seemann/qtls-go1-17/go.mod
new file mode 100644
index 00000000..d89bf93c
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/go.mod
@@ -0,0 +1,10 @@
+module github.com/marten-seemann/qtls-go1-17
+
+go 1.17
+
+require (
+ github.com/golang/mock v1.6.0
+ github.com/marten-seemann/qtls-go1-15 v0.1.4 // indirect
+ golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d
+ golang.org/x/sys v0.0.0-20210510120138-977fb7262007
+)
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/go.sum b/vendor/github.com/marten-seemann/qtls-go1-17/go.sum
new file mode 100644
index 00000000..0412f14d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/go.sum
@@ -0,0 +1,34 @@
+github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4=
+github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
+github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
+github.com/marten-seemann/qtls-go1-15 v0.1.4 h1:RehYMOyRW8hPVEja1KBVsFVNSm35Jj9Mvs5yNoZZ28A=
+github.com/marten-seemann/qtls-go1-15 v0.1.4/go.mod h1:GyFwywLKkRt+6mfU99csTEY1joMZz5vmB1WNZH3P81I=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d h1:1ZiEyfaQIg3Qh0EoqpwAakHVhecoE5wlSg5GjnafJGw=
+golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007 h1:gG67DSER+11cZvqIMb8S8bt0vZtiN6xWYARwirrOSfE=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client.go b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client.go
new file mode 100644
index 00000000..ac5d0b4c
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client.go
@@ -0,0 +1,1111 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "net"
+ "strings"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+const clientSessionStateVersion = 1
+
+type clientHandshakeState struct {
+ c *Conn
+ ctx context.Context
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ suite *cipherSuite
+ finishedHash finishedHash
+ masterSecret []byte
+ session *clientSessionState
+}
+
+func (c *Conn) makeClientHello() (*clientHelloMsg, ecdheParameters, error) {
+ config := c.config
+ if len(config.ServerName) == 0 && !config.InsecureSkipVerify {
+ return nil, nil, errors.New("tls: either ServerName or InsecureSkipVerify must be specified in the tls.Config")
+ }
+
+ nextProtosLength := 0
+ for _, proto := range config.NextProtos {
+ if l := len(proto); l == 0 || l > 255 {
+ return nil, nil, errors.New("tls: invalid NextProtos value")
+ } else {
+ nextProtosLength += 1 + l
+ }
+ }
+ if nextProtosLength > 0xffff {
+ return nil, nil, errors.New("tls: NextProtos values too large")
+ }
+
+ var supportedVersions []uint16
+ var clientHelloVersion uint16
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ if config.maxSupportedVersion() < VersionTLS13 {
+ return nil, nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ // Only offer TLS 1.3 when QUIC is used.
+ supportedVersions = []uint16{VersionTLS13}
+ clientHelloVersion = VersionTLS13
+ } else {
+ supportedVersions = config.supportedVersions()
+ if len(supportedVersions) == 0 {
+ return nil, nil, errors.New("tls: no supported versions satisfy MinVersion and MaxVersion")
+ }
+ clientHelloVersion = config.maxSupportedVersion()
+ }
+
+ // The version at the beginning of the ClientHello was capped at TLS 1.2
+ // for compatibility reasons. The supported_versions extension is used
+ // to negotiate versions now. See RFC 8446, Section 4.2.1.
+ if clientHelloVersion > VersionTLS12 {
+ clientHelloVersion = VersionTLS12
+ }
+
+ hello := &clientHelloMsg{
+ vers: clientHelloVersion,
+ compressionMethods: []uint8{compressionNone},
+ random: make([]byte, 32),
+ ocspStapling: true,
+ scts: true,
+ serverName: hostnameInSNI(config.ServerName),
+ supportedCurves: config.curvePreferences(),
+ supportedPoints: []uint8{pointFormatUncompressed},
+ secureRenegotiationSupported: true,
+ alpnProtocols: config.NextProtos,
+ supportedVersions: supportedVersions,
+ }
+
+ if c.handshakes > 0 {
+ hello.secureRenegotiation = c.clientFinished[:]
+ }
+
+ preferenceOrder := cipherSuitesPreferenceOrder
+ if !hasAESGCMHardwareSupport {
+ preferenceOrder = cipherSuitesPreferenceOrderNoAES
+ }
+ configCipherSuites := config.cipherSuites()
+ hello.cipherSuites = make([]uint16, 0, len(configCipherSuites))
+
+ for _, suiteId := range preferenceOrder {
+ suite := mutualCipherSuite(configCipherSuites, suiteId)
+ if suite == nil {
+ continue
+ }
+ // Don't advertise TLS 1.2-only cipher suites unless
+ // we're attempting TLS 1.2.
+ if hello.vers < VersionTLS12 && suite.flags&suiteTLS12 != 0 {
+ continue
+ }
+ hello.cipherSuites = append(hello.cipherSuites, suiteId)
+ }
+
+ _, err := io.ReadFull(config.rand(), hello.random)
+ if err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+
+ // A random session ID is used to detect when the server accepted a ticket
+ // and is resuming a session (see RFC 5077). In TLS 1.3, it's always set as
+ // a compatibility measure (see RFC 8446, Section 4.1.2).
+ if c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ hello.sessionId = make([]byte, 32)
+ if _, err := io.ReadFull(config.rand(), hello.sessionId); err != nil {
+ return nil, nil, errors.New("tls: short read from Rand: " + err.Error())
+ }
+ }
+
+ if hello.vers >= VersionTLS12 {
+ hello.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ var params ecdheParameters
+ if hello.supportedVersions[0] == VersionTLS13 {
+ var suites []uint16
+ for _, suiteID := range configCipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ suites = append(suites, suiteID)
+ }
+ }
+ }
+ if len(suites) > 0 {
+ hello.cipherSuites = suites
+ } else {
+ if hasAESGCMHardwareSupport {
+ hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13...)
+ } else {
+ hello.cipherSuites = append(hello.cipherSuites, defaultCipherSuitesTLS13NoAES...)
+ }
+ }
+
+ curveID := config.curvePreferences()[0]
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err = generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, nil, err
+ }
+ hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ if hello.supportedVersions[0] == VersionTLS13 && c.extraConfig != nil && c.extraConfig.GetExtensions != nil {
+ hello.additionalExtensions = c.extraConfig.GetExtensions(typeClientHello)
+ }
+
+ return hello, params, nil
+}
+
+func (c *Conn) clientHandshake(ctx context.Context) (err error) {
+ if c.config == nil {
+ c.config = fromConfig(defaultConfig())
+ }
+ c.setAlternativeRecordLayer()
+
+ // This may be a renegotiation handshake, in which case some fields
+ // need to be reset.
+ c.didResume = false
+
+ hello, ecdheParams, err := c.makeClientHello()
+ if err != nil {
+ return err
+ }
+ c.serverName = hello.serverName
+
+ cacheKey, session, earlySecret, binderKey := c.loadSession(hello)
+ if cacheKey != "" && session != nil {
+ var deletedTicket bool
+ if session.vers == VersionTLS13 && hello.earlyData && c.extraConfig != nil && c.extraConfig.Enable0RTT {
+ // don't reuse a session ticket that enabled 0-RTT
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ deletedTicket = true
+
+ if suite := cipherSuiteTLS13ByID(session.cipherSuite); suite != nil {
+ h := suite.hash.New()
+ h.Write(hello.marshal())
+ clientEarlySecret := suite.deriveSecret(earlySecret, "c e traffic", h)
+ c.out.exportKey(Encryption0RTT, suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+ }
+ if !deletedTicket {
+ defer func() {
+ // If we got a handshake failure when resuming a session, throw away
+ // the session ticket. See RFC 5077, Section 3.2.
+ //
+ // RFC 8446 makes no mention of dropping tickets on failure, but it
+ // does require servers to abort on invalid binders, so we need to
+ // delete tickets to recover from a corrupted PSK.
+ if err != nil {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ }
+ }()
+ }
+ }
+
+ if _, err := c.writeRecord(recordTypeHandshake, hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+
+ if err := c.pickTLSVersion(serverHello); err != nil {
+ return err
+ }
+
+ // If we are negotiating a protocol version that's lower than what we
+ // support, check for the server downgrade canaries.
+ // See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ tls12Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS12
+ tls11Downgrade := string(serverHello.random[24:]) == downgradeCanaryTLS11
+ if maxVers == VersionTLS13 && c.vers <= VersionTLS12 && (tls12Downgrade || tls11Downgrade) ||
+ maxVers == VersionTLS12 && c.vers <= VersionTLS11 && tls11Downgrade {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: downgrade attempt detected, possibly due to a MitM attack or a broken middlebox")
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := &clientHandshakeStateTLS13{
+ c: c,
+ ctx: ctx,
+ serverHello: serverHello,
+ hello: hello,
+ ecdheParams: ecdheParams,
+ session: session,
+ earlySecret: earlySecret,
+ binderKey: binderKey,
+ }
+
+ // In TLS 1.3, session tickets are delivered after the handshake.
+ return hs.handshake()
+ }
+
+ hs := &clientHandshakeState{
+ c: c,
+ ctx: ctx,
+ serverHello: serverHello,
+ hello: hello,
+ session: session,
+ }
+
+ if err := hs.handshake(); err != nil {
+ return err
+ }
+
+ // If we had a successful handshake and hs.session is different from
+ // the one already cached - cache a new one.
+ if cacheKey != "" && hs.session != nil && session != hs.session {
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(hs.session))
+ }
+
+ return nil
+}
+
+// extract the app data saved in the session.nonce,
+// and set the session.nonce to the actual nonce value
+func (c *Conn) decodeSessionState(session *clientSessionState) (uint32 /* max early data */, []byte /* app data */, bool /* ok */) {
+ s := cryptobyte.String(session.nonce)
+ var version uint16
+ if !s.ReadUint16(&version) {
+ return 0, nil, false
+ }
+ if version != clientSessionStateVersion {
+ return 0, nil, false
+ }
+ var maxEarlyData uint32
+ if !s.ReadUint32(&maxEarlyData) {
+ return 0, nil, false
+ }
+ var appData []byte
+ if !readUint16LengthPrefixed(&s, &appData) {
+ return 0, nil, false
+ }
+ var nonce []byte
+ if !readUint16LengthPrefixed(&s, &nonce) {
+ return 0, nil, false
+ }
+ session.nonce = nonce
+ return maxEarlyData, appData, true
+}
+
+func (c *Conn) loadSession(hello *clientHelloMsg) (cacheKey string,
+ session *clientSessionState, earlySecret, binderKey []byte) {
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return "", nil, nil, nil
+ }
+
+ hello.ticketSupported = true
+
+ if hello.supportedVersions[0] == VersionTLS13 {
+ // Require DHE on resumption as it guarantees forward secrecy against
+ // compromise of the session ticket key. See RFC 8446, Section 4.2.9.
+ hello.pskModes = []uint8{pskModeDHE}
+ }
+
+ // Session resumption is not allowed if renegotiating because
+ // renegotiation is primarily used to allow a client to send a client
+ // certificate, which would be skipped if session resumption occurred.
+ if c.handshakes != 0 {
+ return "", nil, nil, nil
+ }
+
+ // Try to resume a previously negotiated TLS session, if available.
+ cacheKey = clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ sess, ok := c.config.ClientSessionCache.Get(cacheKey)
+ if !ok || sess == nil {
+ return cacheKey, nil, nil, nil
+ }
+ session = fromClientSessionState(sess)
+
+ var appData []byte
+ var maxEarlyData uint32
+ if session.vers == VersionTLS13 {
+ var ok bool
+ maxEarlyData, appData, ok = c.decodeSessionState(session)
+ if !ok { // delete it, if parsing failed
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ // Check that version used for the previous session is still valid.
+ versOk := false
+ for _, v := range hello.supportedVersions {
+ if v == session.vers {
+ versOk = true
+ break
+ }
+ }
+ if !versOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Check that the cached server certificate is not expired, and that it's
+ // valid for the ServerName. This should be ensured by the cache key, but
+ // protect the application from a faulty ClientSessionCache implementation.
+ if !c.config.InsecureSkipVerify {
+ if len(session.verifiedChains) == 0 {
+ // The original connection had InsecureSkipVerify, while this doesn't.
+ return cacheKey, nil, nil, nil
+ }
+ serverCert := session.serverCertificates[0]
+ if c.config.time().After(serverCert.NotAfter) {
+ // Expired certificate, delete the entry.
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+ if err := serverCert.VerifyHostname(c.config.ServerName); err != nil {
+ return cacheKey, nil, nil, nil
+ }
+ }
+
+ if session.vers != VersionTLS13 {
+ // In TLS 1.2 the cipher suite must match the resumed session. Ensure we
+ // are still offering it.
+ if mutualCipherSuite(hello.cipherSuites, session.cipherSuite) == nil {
+ return cacheKey, nil, nil, nil
+ }
+
+ hello.sessionTicket = session.sessionTicket
+ return
+ }
+
+ // Check that the session ticket is not expired.
+ if c.config.time().After(session.useBy) {
+ c.config.ClientSessionCache.Put(cacheKey, nil)
+ return cacheKey, nil, nil, nil
+ }
+
+ // In TLS 1.3 the KDF hash must match the resumed session. Ensure we
+ // offer at least one cipher suite with that hash.
+ cipherSuite := cipherSuiteTLS13ByID(session.cipherSuite)
+ if cipherSuite == nil {
+ return cacheKey, nil, nil, nil
+ }
+ cipherSuiteOk := false
+ for _, offeredID := range hello.cipherSuites {
+ offeredSuite := cipherSuiteTLS13ByID(offeredID)
+ if offeredSuite != nil && offeredSuite.hash == cipherSuite.hash {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return cacheKey, nil, nil, nil
+ }
+
+ // Set the pre_shared_key extension. See RFC 8446, Section 4.2.11.1.
+ ticketAge := uint32(c.config.time().Sub(session.receivedAt) / time.Millisecond)
+ identity := pskIdentity{
+ label: session.sessionTicket,
+ obfuscatedTicketAge: ticketAge + session.ageAdd,
+ }
+ hello.pskIdentities = []pskIdentity{identity}
+ hello.pskBinders = [][]byte{make([]byte, cipherSuite.hash.Size())}
+
+ // Compute the PSK binders. See RFC 8446, Section 4.2.11.2.
+ psk := cipherSuite.expandLabel(session.masterSecret, "resumption",
+ session.nonce, cipherSuite.hash.Size())
+ earlySecret = cipherSuite.extract(psk, nil)
+ binderKey = cipherSuite.deriveSecret(earlySecret, resumptionBinderLabel, nil)
+ if c.extraConfig != nil {
+ hello.earlyData = c.extraConfig.Enable0RTT && maxEarlyData > 0
+ }
+ transcript := cipherSuite.hash.New()
+ transcript.Write(hello.marshalWithoutBinders())
+ pskBinders := [][]byte{cipherSuite.finishedHash(binderKey, transcript)}
+ hello.updateBinders(pskBinders)
+
+ if session.vers == VersionTLS13 && c.extraConfig != nil && c.extraConfig.SetAppDataFromSessionState != nil {
+ c.extraConfig.SetAppDataFromSessionState(appData)
+ }
+ return
+}
+
+func (c *Conn) pickTLSVersion(serverHello *serverHelloMsg) error {
+ peerVersion := serverHello.vers
+ if serverHello.supportedVersion != 0 {
+ peerVersion = serverHello.supportedVersion
+ }
+
+ vers, ok := c.config.mutualVersion([]uint16{peerVersion})
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return fmt.Errorf("tls: server selected unsupported protocol version %x", peerVersion)
+ }
+
+ c.vers = vers
+ c.haveVers = true
+ c.in.version = vers
+ c.out.version = vers
+
+ return nil
+}
+
+// Does the handshake, either a full one or resumes old session. Requires hs.c,
+// hs.hello, hs.serverHello, and, optionally, hs.session to be set.
+func (hs *clientHandshakeState) handshake() error {
+ c := hs.c
+
+ isResume, err := hs.processServerHello()
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+
+ // No signatures of the handshake are needed in a resumption.
+ // Otherwise, in a full handshake, if we don't have any certificates
+ // configured then we will never send a CertificateVerify message and
+ // thus no signatures are needed in that case either.
+ if isResume || (len(c.config.Certificates) == 0 && c.config.GetClientCertificate == nil) {
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+
+ hs.finishedHash.Write(hs.hello.marshal())
+ hs.finishedHash.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ c.didResume = isResume
+ if isResume {
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ } else {
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ if err := hs.readSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *clientHandshakeState) pickCipherSuite() error {
+ if hs.suite = mutualCipherSuite(hs.hello.cipherSuites, hs.serverHello.cipherSuite); hs.suite == nil {
+ hs.c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+
+ hs.c.cipherSuite = hs.suite.id
+ return nil
+}
+
+func (hs *clientHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok || len(certMsg.certificates) == 0 {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ cs, ok := msg.(*certificateStatusMsg)
+ if ok {
+ // RFC4366 on Certificate Status Request:
+ // The server MAY return a "certificate_status" message.
+
+ if !hs.serverHello.ocspStapling {
+ // If a server returns a "CertificateStatus" message, then the
+ // server MUST have included an extension of type "status_request"
+ // with empty "extension_data" in the extended server hello.
+
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received unexpected CertificateStatus message")
+ }
+ hs.finishedHash.Write(cs.marshal())
+
+ c.ocspResponse = cs.response
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ if c.handshakes == 0 {
+ // If this is the first handshake on a connection, process and
+ // (optionally) verify the server's certificates.
+ if err := c.verifyServerCertificate(certMsg.certificates); err != nil {
+ return err
+ }
+ } else {
+ // This is a renegotiation handshake. We require that the
+ // server's identity (i.e. leaf certificate) is unchanged and
+ // thus any previous trust decision is still valid.
+ //
+ // See https://mitls.org/pages/attacks/3SHAKE for the
+ // motivation behind this requirement.
+ if !bytes.Equal(c.peerCertificates[0].Raw, certMsg.certificates[0]) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: server's identity changed during renegotiation")
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+
+ skx, ok := msg.(*serverKeyExchangeMsg)
+ if ok {
+ hs.finishedHash.Write(skx.marshal())
+ err = keyAgreement.processServerKeyExchange(c.config, hs.hello, hs.serverHello, c.peerCertificates[0], skx)
+ if err != nil {
+ c.sendAlert(alertUnexpectedMessage)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ var chainToSend *Certificate
+ var certRequested bool
+ certReq, ok := msg.(*certificateRequestMsg)
+ if ok {
+ certRequested = true
+ hs.finishedHash.Write(certReq.marshal())
+
+ cri := certificateRequestInfoFromMsg(hs.ctx, c.vers, certReq)
+ if chainToSend, err = c.getClientCertificate(cri); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ shd, ok := msg.(*serverHelloDoneMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(shd, msg)
+ }
+ hs.finishedHash.Write(shd.marshal())
+
+ // If the server requested a certificate then we have to send a
+ // Certificate message, even if it's empty because we don't have a
+ // certificate to send.
+ if certRequested {
+ certMsg = new(certificateMsg)
+ certMsg.certificates = chainToSend.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+ }
+
+ preMasterSecret, ckx, err := keyAgreement.generateClientKeyExchange(c.config, hs.hello, c.peerCertificates[0])
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ if ckx != nil {
+ hs.finishedHash.Write(ckx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, ckx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ if chainToSend != nil && len(chainToSend.Certificate) > 0 {
+ certVerify := &certificateVerifyMsg{}
+
+ key, ok := chainToSend.PrivateKey.(crypto.Signer)
+ if !ok {
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: client certificate private key of type %T does not implement crypto.Signer", chainToSend.PrivateKey)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ signatureAlgorithm, err := selectSignatureScheme(c.vers, chainToSend, certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ certVerify.hasSignatureAlgorithm = true
+ certVerify.signatureAlgorithm = signatureAlgorithm
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(key.Public())
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ certVerify.signature, err = key.Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerify.marshal()); err != nil {
+ return err
+ }
+ }
+
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.hello.random, hs.serverHello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.hello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to write to key log: " + err.Error())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *clientHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.hello.random, hs.serverHello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash hash.Hash
+ if hs.suite.cipher != nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, false /* not for reading */)
+ clientHash = hs.suite.mac(clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, true /* for reading */)
+ serverHash = hs.suite.mac(serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, serverCipher, serverHash)
+ c.out.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ return nil
+}
+
+func (hs *clientHandshakeState) serverResumedSession() bool {
+ // If the server responded with the same sessionId then it means the
+ // sessionTicket is being used to resume a TLS session.
+ return hs.session != nil && hs.hello.sessionId != nil &&
+ bytes.Equal(hs.serverHello.sessionId, hs.hello.sessionId)
+}
+
+func (hs *clientHandshakeState) processServerHello() (bool, error) {
+ c := hs.c
+
+ if err := hs.pickCipherSuite(); err != nil {
+ return false, err
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertUnexpectedMessage)
+ return false, errors.New("tls: server selected unsupported compression format")
+ }
+
+ if c.handshakes == 0 && hs.serverHello.secureRenegotiationSupported {
+ c.secureRenegotiation = true
+ if len(hs.serverHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+ }
+
+ if c.handshakes > 0 && c.secureRenegotiation {
+ var expectedSecureRenegotiation [24]byte
+ copy(expectedSecureRenegotiation[:], c.clientFinished[:])
+ copy(expectedSecureRenegotiation[12:], c.serverFinished[:])
+ if !bytes.Equal(hs.serverHello.secureRenegotiation, expectedSecureRenegotiation[:]) {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: incorrect renegotiation extension contents")
+ }
+ }
+
+ if err := checkALPN(hs.hello.alpnProtocols, hs.serverHello.alpnProtocol); err != nil {
+ c.sendAlert(alertUnsupportedExtension)
+ return false, err
+ }
+ c.clientProtocol = hs.serverHello.alpnProtocol
+
+ c.scts = hs.serverHello.scts
+
+ if !hs.serverResumedSession() {
+ return false, nil
+ }
+
+ if hs.session.vers != c.vers {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different version")
+ }
+
+ if hs.session.cipherSuite != hs.suite.id {
+ c.sendAlert(alertHandshakeFailure)
+ return false, errors.New("tls: server resumed a session with a different cipher suite")
+ }
+
+ // Restore masterSecret, peerCerts, and ocspResponse from previous state
+ hs.masterSecret = hs.session.masterSecret
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ // Let the ServerHello SCTs override the session SCTs from the original
+ // connection, if any are provided
+ if len(c.scts) == 0 && len(hs.session.scts) != 0 {
+ c.scts = hs.session.scts
+ }
+
+ return true, nil
+}
+
+// checkALPN ensure that the server's choice of ALPN protocol is compatible with
+// the protocols that we advertised in the Client Hello.
+func checkALPN(clientProtos []string, serverProto string) error {
+ if serverProto == "" {
+ return nil
+ }
+ if len(clientProtos) == 0 {
+ return errors.New("tls: server advertised unrequested ALPN extension")
+ }
+ for _, proto := range clientProtos {
+ if proto == serverProto {
+ return nil
+ }
+ }
+ return errors.New("tls: server selected unadvertised ALPN protocol")
+}
+
+func (hs *clientHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ serverFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverFinished, msg)
+ }
+
+ verify := hs.finishedHash.serverSum(hs.masterSecret)
+ if len(verify) != len(serverFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, serverFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: server's Finished message was incorrect")
+ }
+ hs.finishedHash.Write(serverFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *clientHandshakeState) readSessionTicket() error {
+ if !hs.serverHello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ sessionTicketMsg, ok := msg.(*newSessionTicketMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(sessionTicketMsg, msg)
+ }
+ hs.finishedHash.Write(sessionTicketMsg.marshal())
+
+ hs.session = &clientSessionState{
+ sessionTicket: sessionTicketMsg.ticket,
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ masterSecret: hs.masterSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.clientSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+ copy(out, finished.verifyData)
+ return nil
+}
+
+// verifyServerCertificate parses and verifies the provided chain, setting
+// c.verifiedChains and c.peerCertificates or sending the appropriate alert.
+func (c *Conn) verifyServerCertificate(certificates [][]byte) error {
+ certs := make([]*x509.Certificate, len(certificates))
+ for i, asn1Data := range certificates {
+ cert, err := x509.ParseCertificate(asn1Data)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse certificate from server: " + err.Error())
+ }
+ certs[i] = cert
+ }
+
+ if !c.config.InsecureSkipVerify {
+ opts := x509.VerifyOptions{
+ Roots: c.config.RootCAs,
+ CurrentTime: c.config.time(),
+ DNSName: c.config.ServerName,
+ Intermediates: x509.NewCertPool(),
+ }
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+ var err error
+ c.verifiedChains, err = certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ switch certs[0].PublicKey.(type) {
+ case *rsa.PublicKey, *ecdsa.PublicKey, ed25519.PublicKey:
+ break
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: server's certificate contains an unsupported type of public key: %T", certs[0].PublicKey)
+ }
+
+ c.peerCertificates = certs
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+// certificateRequestInfoFromMsg generates a CertificateRequestInfo from a TLS
+// <= 1.2 CertificateRequest, making an effort to fill in missing information.
+func certificateRequestInfoFromMsg(ctx context.Context, vers uint16, certReq *certificateRequestMsg) *CertificateRequestInfo {
+ cri := &certificateRequestInfo{
+ AcceptableCAs: certReq.certificateAuthorities,
+ Version: vers,
+ ctx: ctx,
+ }
+
+ var rsaAvail, ecAvail bool
+ for _, certType := range certReq.certificateTypes {
+ switch certType {
+ case certTypeRSASign:
+ rsaAvail = true
+ case certTypeECDSASign:
+ ecAvail = true
+ }
+ }
+
+ if !certReq.hasSignatureAlgorithm {
+ // Prior to TLS 1.2, signature schemes did not exist. In this case we
+ // make up a list based on the acceptable certificate types, to help
+ // GetClientCertificate and SupportsCertificate select the right certificate.
+ // The hash part of the SignatureScheme is a lie here, because
+ // TLS 1.0 and 1.1 always use MD5+SHA1 for RSA and SHA1 for ECDSA.
+ switch {
+ case rsaAvail && ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case rsaAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ PKCS1WithSHA256, PKCS1WithSHA384, PKCS1WithSHA512, PKCS1WithSHA1,
+ }
+ case ecAvail:
+ cri.SignatureSchemes = []SignatureScheme{
+ ECDSAWithP256AndSHA256, ECDSAWithP384AndSHA384, ECDSAWithP521AndSHA512,
+ }
+ }
+ return toCertificateRequestInfo(cri)
+ }
+
+ // Filter the signature schemes based on the certificate types.
+ // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated").
+ cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms))
+ for _, sigScheme := range certReq.supportedSignatureAlgorithms {
+ sigType, _, err := typeAndHashFromSignatureScheme(sigScheme)
+ if err != nil {
+ continue
+ }
+ switch sigType {
+ case signatureECDSA, signatureEd25519:
+ if ecAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ case signatureRSAPSS, signaturePKCS1v15:
+ if rsaAvail {
+ cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme)
+ }
+ }
+ }
+
+ return toCertificateRequestInfo(cri)
+}
+
+func (c *Conn) getClientCertificate(cri *CertificateRequestInfo) (*Certificate, error) {
+ if c.config.GetClientCertificate != nil {
+ return c.config.GetClientCertificate(cri)
+ }
+
+ for _, chain := range c.config.Certificates {
+ if err := cri.SupportsCertificate(&chain); err != nil {
+ continue
+ }
+ return &chain, nil
+ }
+
+ // No acceptable certificate found. Don't send a certificate.
+ return new(Certificate), nil
+}
+
+const clientSessionCacheKeyPrefix = "qtls-"
+
+// clientSessionCacheKey returns a key used to cache sessionTickets that could
+// be used to resume previously negotiated TLS sessions with a server.
+func clientSessionCacheKey(serverAddr net.Addr, config *config) string {
+ if len(config.ServerName) > 0 {
+ return clientSessionCacheKeyPrefix + config.ServerName
+ }
+ return clientSessionCacheKeyPrefix + serverAddr.String()
+}
+
+// hostnameInSNI converts name into an appropriate hostname for SNI.
+// Literal IP addresses and absolute FQDNs are not permitted as SNI values.
+// See RFC 6066, Section 3.
+func hostnameInSNI(name string) string {
+ host := name
+ if len(host) > 0 && host[0] == '[' && host[len(host)-1] == ']' {
+ host = host[1 : len(host)-1]
+ }
+ if i := strings.LastIndex(host, "%"); i > 0 {
+ host = host[:i]
+ }
+ if net.ParseIP(host) != nil {
+ return ""
+ }
+ for len(name) > 0 && name[len(name)-1] == '.' {
+ name = name[:len(name)-1]
+ }
+ return name
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client_tls13.go
new file mode 100644
index 00000000..0de59fc1
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_client_tls13.go
@@ -0,0 +1,732 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "encoding/binary"
+ "errors"
+ "hash"
+ "sync/atomic"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+type clientHandshakeStateTLS13 struct {
+ c *Conn
+ ctx context.Context
+ serverHello *serverHelloMsg
+ hello *clientHelloMsg
+ ecdheParams ecdheParameters
+
+ session *clientSessionState
+ earlySecret []byte
+ binderKey []byte
+
+ certReq *certificateRequestMsgTLS13
+ usingPSK bool
+ sentDummyCCS bool
+ suite *cipherSuiteTLS13
+ transcript hash.Hash
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+}
+
+// handshake requires hs.c, hs.hello, hs.serverHello, hs.ecdheParams, and,
+// optionally, hs.session, hs.earlySecret and hs.binderKey to be set.
+func (hs *clientHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // The server must not select TLS 1.3 in a renegotiation. See RFC 8446,
+ // sections 4.1.2 and 4.1.3.
+ if c.handshakes > 0 {
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: server selected TLS 1.3 in a renegotiation")
+ }
+
+ // Consistency check on the presence of a keyShare and its parameters.
+ if hs.ecdheParams == nil || len(hs.hello.keyShares) != 1 {
+ return c.sendAlert(alertInternalError)
+ }
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ hs.transcript = hs.suite.hash.New()
+ hs.transcript.Write(hs.hello.marshal())
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.processHelloRetryRequest(); err != nil {
+ return err
+ }
+ }
+
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ c.buffering = true
+ if err := hs.processServerHello(); err != nil {
+ return err
+ }
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+ if err := hs.establishHandshakeKeys(); err != nil {
+ return err
+ }
+ if err := hs.readServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.readServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readServerFinished(); err != nil {
+ return err
+ }
+ if err := hs.sendClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendClientFinished(); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// checkServerHelloOrHRR does validity checks that apply to both ServerHello and
+// HelloRetryRequest messages. It sets hs.suite.
+func (hs *clientHandshakeStateTLS13) checkServerHelloOrHRR() error {
+ c := hs.c
+
+ if hs.serverHello.supportedVersion == 0 {
+ c.sendAlert(alertMissingExtension)
+ return errors.New("tls: server selected TLS 1.3 using the legacy version field")
+ }
+
+ if hs.serverHello.supportedVersion != VersionTLS13 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid version after a HelloRetryRequest")
+ }
+
+ if hs.serverHello.vers != VersionTLS12 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an incorrect legacy version")
+ }
+
+ if hs.serverHello.ocspStapling ||
+ hs.serverHello.ticketSupported ||
+ hs.serverHello.secureRenegotiationSupported ||
+ len(hs.serverHello.secureRenegotiation) != 0 ||
+ len(hs.serverHello.alpnProtocol) != 0 ||
+ len(hs.serverHello.scts) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a ServerHello extension forbidden in TLS 1.3")
+ }
+
+ if !bytes.Equal(hs.hello.sessionId, hs.serverHello.sessionId) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not echo the legacy session ID")
+ }
+
+ if hs.serverHello.compressionMethod != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported compression format")
+ }
+
+ selectedSuite := mutualCipherSuiteTLS13(hs.hello.cipherSuites, hs.serverHello.cipherSuite)
+ if hs.suite != nil && selectedSuite != hs.suite {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server changed cipher suite after a HelloRetryRequest")
+ }
+ if selectedSuite == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server chose an unconfigured cipher suite")
+ }
+ hs.suite = selectedSuite
+ c.cipherSuite = hs.suite.id
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *clientHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+// processHelloRetryRequest handles the HRR in hs.serverHello, modifies and
+// resends hs.hello, and reads the new ServerHello into hs.serverHello.
+func (hs *clientHandshakeStateTLS13) processHelloRetryRequest() error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. (The idea is that the server might offload transcript
+ // storage to the client in the cookie.) See RFC 8446, Section 4.4.1.
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+ hs.transcript.Write(hs.serverHello.marshal())
+
+ // The only HelloRetryRequest extensions we support are key_share and
+ // cookie, and clients must abort the handshake if the HRR would not result
+ // in any change in the ClientHello.
+ if hs.serverHello.selectedGroup == 0 && hs.serverHello.cookie == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest message")
+ }
+
+ if hs.serverHello.cookie != nil {
+ hs.hello.cookie = hs.serverHello.cookie
+ }
+
+ if hs.serverHello.serverShare.group != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received malformed key_share extension")
+ }
+
+ // If the server sent a key_share extension selecting a group, ensure it's
+ // a group we advertised but did not send a key share for, and send a key
+ // share for it this time.
+ if curveID := hs.serverHello.selectedGroup; curveID != 0 {
+ curveOK := false
+ for _, id := range hs.hello.supportedCurves {
+ if id == curveID {
+ curveOK = true
+ break
+ }
+ }
+ if !curveOK {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+ if hs.ecdheParams.CurveID() == curveID {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server sent an unnecessary HelloRetryRequest key_share")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), curveID)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.ecdheParams = params
+ hs.hello.keyShares = []keyShare{{group: curveID, data: params.PublicKey()}}
+ }
+
+ hs.hello.raw = nil
+ if len(hs.hello.pskIdentities) > 0 {
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash == hs.suite.hash {
+ // Update binders and obfuscated_ticket_age.
+ ticketAge := uint32(c.config.time().Sub(hs.session.receivedAt) / time.Millisecond)
+ hs.hello.pskIdentities[0].obfuscatedTicketAge = ticketAge + hs.session.ageAdd
+
+ transcript := hs.suite.hash.New()
+ transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ transcript.Write(chHash)
+ transcript.Write(hs.serverHello.marshal())
+ transcript.Write(hs.hello.marshalWithoutBinders())
+ pskBinders := [][]byte{hs.suite.finishedHash(hs.binderKey, transcript)}
+ hs.hello.updateBinders(pskBinders)
+ } else {
+ // Server selected a cipher suite incompatible with the PSK.
+ hs.hello.pskIdentities = nil
+ hs.hello.pskBinders = nil
+ }
+ }
+
+ if hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ hs.hello.earlyData = false // disable 0-RTT
+
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ serverHello, ok := msg.(*serverHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(serverHello, msg)
+ }
+ hs.serverHello = serverHello
+
+ if err := hs.checkServerHelloOrHRR(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) processServerHello() error {
+ c := hs.c
+
+ if bytes.Equal(hs.serverHello.random, helloRetryRequestRandom) {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: server sent two HelloRetryRequest messages")
+ }
+
+ if len(hs.serverHello.cookie) != 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: server sent a cookie in a normal ServerHello")
+ }
+
+ if hs.serverHello.selectedGroup != 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: malformed key_share extension")
+ }
+
+ if hs.serverHello.serverShare.group == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server did not send a key share")
+ }
+ if hs.serverHello.serverShare.group != hs.ecdheParams.CurveID() {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected unsupported group")
+ }
+
+ if !hs.serverHello.selectedIdentityPresent {
+ return nil
+ }
+
+ if int(hs.serverHello.selectedIdentity) >= len(hs.hello.pskIdentities) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK")
+ }
+
+ if len(hs.hello.pskIdentities) != 1 || hs.session == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ pskSuite := cipherSuiteTLS13ByID(hs.session.cipherSuite)
+ if pskSuite == nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if pskSuite.hash != hs.suite.hash {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: server selected an invalid PSK and cipher suite pair")
+ }
+
+ hs.usingPSK = true
+ c.didResume = true
+ c.peerCertificates = hs.session.serverCertificates
+ c.verifiedChains = hs.session.verifiedChains
+ c.ocspResponse = hs.session.ocspResponse
+ c.scts = hs.session.scts
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) establishHandshakeKeys() error {
+ c := hs.c
+
+ sharedKey := hs.ecdheParams.SharedKey(hs.serverHello.serverShare.data)
+ if sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid server key share")
+ }
+
+ earlySecret := hs.earlySecret
+ if !hs.usingPSK {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ handshakeSecret := hs.suite.extract(sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.out.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.hello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(handshakeSecret, "derived", nil))
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerParameters() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ encryptedExtensions, ok := msg.(*encryptedExtensionsMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(encryptedExtensions, msg)
+ }
+ // Notify the caller if 0-RTT was rejected.
+ if !encryptedExtensions.earlyData && hs.hello.earlyData && c.extraConfig != nil && c.extraConfig.Rejected0RTT != nil {
+ c.extraConfig.Rejected0RTT()
+ }
+ c.used0RTT = encryptedExtensions.earlyData
+ if hs.c.extraConfig != nil && hs.c.extraConfig.ReceivedExtensions != nil {
+ hs.c.extraConfig.ReceivedExtensions(typeEncryptedExtensions, encryptedExtensions.additionalExtensions)
+ }
+ hs.transcript.Write(encryptedExtensions.marshal())
+
+ if err := checkALPN(hs.hello.alpnProtocols, encryptedExtensions.alpnProtocol); err != nil {
+ c.sendAlert(alertUnsupportedExtension)
+ return err
+ }
+ c.clientProtocol = encryptedExtensions.alpnProtocol
+
+ if c.extraConfig != nil && c.extraConfig.EnforceNextProtoSelection {
+ if len(encryptedExtensions.alpnProtocol) == 0 {
+ // the server didn't select an ALPN
+ c.sendAlert(alertNoApplicationProtocol)
+ return errors.New("ALPN negotiation failed. Server didn't offer any protocols")
+ }
+ }
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
+ c := hs.c
+
+ // Either a PSK or a certificate is always used, but not both.
+ // See RFC 8446, Section 4.1.1.
+ if hs.usingPSK {
+ // Make sure the connection is still being verified whether or not this
+ // is a resumption. Resumptions currently don't reverify certificates so
+ // they don't call verifyServerCertificate. See Issue 31641.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certReq, ok := msg.(*certificateRequestMsgTLS13)
+ if ok {
+ hs.transcript.Write(certReq.marshal())
+
+ hs.certReq = certReq
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ if len(certMsg.certificate.Certificate) == 0 {
+ c.sendAlert(alertDecodeError)
+ return errors.New("tls: received empty certificates message")
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ c.scts = certMsg.certificate.SignedCertificateTimestamps
+ c.ocspResponse = certMsg.certificate.OCSPStaple
+
+ if err := c.verifyServerCertificate(certMsg.certificate.Certificate); err != nil {
+ return err
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) readServerFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ expectedMAC := hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ if !hmac.Equal(expectedMAC, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid server finished hash")
+ }
+
+ hs.transcript.Write(finished.marshal())
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.in.setTrafficSecret(hs.suite, serverSecret)
+
+ err = c.config.writeKeyLog(keyLogLabelClientTraffic, hs.hello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.hello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
+ c := hs.c
+
+ if hs.certReq == nil {
+ return nil
+ }
+
+ cert, err := c.getClientCertificate(toCertificateRequestInfo(&certificateRequestInfo{
+ AcceptableCAs: hs.certReq.certificateAuthorities,
+ SignatureSchemes: hs.certReq.supportedSignatureAlgorithms,
+ Version: c.vers,
+ ctx: hs.ctx,
+ }))
+ if err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *cert
+ certMsg.scts = hs.certReq.scts && len(cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.certReq.ocspStapling && len(cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ // If we sent an empty certificate message, skip the CertificateVerify.
+ if len(cert.Certificate) == 0 {
+ return nil
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+
+ certVerifyMsg.signatureAlgorithm, err = selectSignatureScheme(c.vers, cert, hs.certReq.supportedSignatureAlgorithms)
+ if err != nil {
+ // getClientCertificate returned a certificate incompatible with the
+ // CertificateRequestInfo supported signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerifyMsg.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *clientHandshakeStateTLS13) sendClientFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ c.out.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.out.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ if !c.config.SessionTicketsDisabled && c.config.ClientSessionCache != nil {
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+ }
+
+ return nil
+}
+
+func (c *Conn) handleNewSessionTicket(msg *newSessionTicketMsgTLS13) error {
+ if !c.isClient {
+ c.sendAlert(alertUnexpectedMessage)
+ return errors.New("tls: received new session ticket from a client")
+ }
+
+ if c.config.SessionTicketsDisabled || c.config.ClientSessionCache == nil {
+ return nil
+ }
+
+ // See RFC 8446, Section 4.6.1.
+ if msg.lifetime == 0 {
+ return nil
+ }
+ lifetime := time.Duration(msg.lifetime) * time.Second
+ if lifetime > maxSessionTicketLifetime {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: received a session ticket with invalid lifetime")
+ }
+
+ cipherSuite := cipherSuiteTLS13ByID(c.cipherSuite)
+ if cipherSuite == nil || c.resumptionSecret == nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ // We need to save the max_early_data_size that the server sent us, in order
+ // to decide if we're going to try 0-RTT with this ticket.
+ // However, at the same time, the qtls.ClientSessionTicket needs to be equal to
+ // the tls.ClientSessionTicket, so we can't just add a new field to the struct.
+ // We therefore abuse the nonce field (which is a byte slice)
+ nonceWithEarlyData := make([]byte, len(msg.nonce)+4)
+ binary.BigEndian.PutUint32(nonceWithEarlyData, msg.maxEarlyData)
+ copy(nonceWithEarlyData[4:], msg.nonce)
+
+ var appData []byte
+ if c.extraConfig != nil && c.extraConfig.GetAppDataForSessionState != nil {
+ appData = c.extraConfig.GetAppDataForSessionState()
+ }
+ var b cryptobyte.Builder
+ b.AddUint16(clientSessionStateVersion) // revision
+ b.AddUint32(msg.maxEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(appData)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(msg.nonce)
+ })
+
+ // Save the resumption_master_secret and nonce instead of deriving the PSK
+ // to do the least amount of work on NewSessionTicket messages before we
+ // know if the ticket will be used. Forward secrecy of resumed connections
+ // is guaranteed by the requirement for pskModeDHE.
+ session := &clientSessionState{
+ sessionTicket: msg.label,
+ vers: c.vers,
+ cipherSuite: c.cipherSuite,
+ masterSecret: c.resumptionSecret,
+ serverCertificates: c.peerCertificates,
+ verifiedChains: c.verifiedChains,
+ receivedAt: c.config.time(),
+ nonce: b.BytesOrPanic(),
+ useBy: c.config.time().Add(lifetime),
+ ageAdd: msg.ageAdd,
+ ocspResponse: c.ocspResponse,
+ scts: c.scts,
+ }
+
+ cacheKey := clientSessionCacheKey(c.conn.RemoteAddr(), c.config)
+ c.config.ClientSessionCache.Put(cacheKey, toClientSessionState(session))
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/handshake_messages.go b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_messages.go
new file mode 100644
index 00000000..1ab75762
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_messages.go
@@ -0,0 +1,1832 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "fmt"
+ "strings"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// The marshalingFunction type is an adapter to allow the use of ordinary
+// functions as cryptobyte.MarshalingValue.
+type marshalingFunction func(b *cryptobyte.Builder) error
+
+func (f marshalingFunction) Marshal(b *cryptobyte.Builder) error {
+ return f(b)
+}
+
+// addBytesWithLength appends a sequence of bytes to the cryptobyte.Builder. If
+// the length of the sequence is not the value specified, it produces an error.
+func addBytesWithLength(b *cryptobyte.Builder, v []byte, n int) {
+ b.AddValue(marshalingFunction(func(b *cryptobyte.Builder) error {
+ if len(v) != n {
+ return fmt.Errorf("invalid value length: expected %d, got %d", n, len(v))
+ }
+ b.AddBytes(v)
+ return nil
+ }))
+}
+
+// addUint64 appends a big-endian, 64-bit value to the cryptobyte.Builder.
+func addUint64(b *cryptobyte.Builder, v uint64) {
+ b.AddUint32(uint32(v >> 32))
+ b.AddUint32(uint32(v))
+}
+
+// readUint64 decodes a big-endian, 64-bit value into out and advances over it.
+// It reports whether the read was successful.
+func readUint64(s *cryptobyte.String, out *uint64) bool {
+ var hi, lo uint32
+ if !s.ReadUint32(&hi) || !s.ReadUint32(&lo) {
+ return false
+ }
+ *out = uint64(hi)<<32 | uint64(lo)
+ return true
+}
+
+// readUint8LengthPrefixed acts like s.ReadUint8LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint8LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint8LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint16LengthPrefixed acts like s.ReadUint16LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint16LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint16LengthPrefixed((*cryptobyte.String)(out))
+}
+
+// readUint24LengthPrefixed acts like s.ReadUint24LengthPrefixed, but targets a
+// []byte instead of a cryptobyte.String.
+func readUint24LengthPrefixed(s *cryptobyte.String, out *[]byte) bool {
+ return s.ReadUint24LengthPrefixed((*cryptobyte.String)(out))
+}
+
+type clientHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuites []uint16
+ compressionMethods []uint8
+ serverName string
+ ocspStapling bool
+ supportedCurves []CurveID
+ supportedPoints []uint8
+ ticketSupported bool
+ sessionTicket []uint8
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocols []string
+ scts bool
+ supportedVersions []uint16
+ cookie []byte
+ keyShares []keyShare
+ earlyData bool
+ pskModes []uint8
+ pskIdentities []pskIdentity
+ pskBinders [][]byte
+ additionalExtensions []Extension
+}
+
+func (m *clientHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeClientHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, suite := range m.cipherSuites {
+ b.AddUint16(suite)
+ }
+ })
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.compressionMethods)
+ })
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.serverName) > 0 {
+ // RFC 6066, Section 3
+ b.AddUint16(extensionServerName)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // name_type = host_name
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.serverName))
+ })
+ })
+ })
+ }
+ if m.ocspStapling {
+ // RFC 4366, Section 3.6
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(1) // status_type = ocsp
+ b.AddUint16(0) // empty responder_id_list
+ b.AddUint16(0) // empty request_extensions
+ })
+ }
+ if len(m.supportedCurves) > 0 {
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ b.AddUint16(extensionSupportedCurves)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, curve := range m.supportedCurves {
+ b.AddUint16(uint16(curve))
+ }
+ })
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ // RFC 4492, Section 5.1.2
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+ if m.ticketSupported {
+ // RFC 5077, Section 3.2
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionTicket)
+ })
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ // RFC 5246, Section 7.4.1.4.1
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ // RFC 8446, Section 4.2.3
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if m.secureRenegotiationSupported {
+ // RFC 5746, Section 3.2
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocols) > 0 {
+ // RFC 7301, Section 3.1
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, proto := range m.alpnProtocols {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(proto))
+ })
+ }
+ })
+ })
+ }
+ if m.scts {
+ // RFC 6962, Section 3.3.1
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedVersions) > 0 {
+ // RFC 8446, Section 4.2.1
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, vers := range m.supportedVersions {
+ b.AddUint16(vers)
+ }
+ })
+ })
+ }
+ if len(m.cookie) > 0 {
+ // RFC 8446, Section 4.2.2
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if len(m.keyShares) > 0 {
+ // RFC 8446, Section 4.2.8
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ks := range m.keyShares {
+ b.AddUint16(uint16(ks.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ks.data)
+ })
+ }
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.pskModes) > 0 {
+ // RFC 8446, Section 4.2.9
+ b.AddUint16(extensionPSKModes)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.pskModes)
+ })
+ })
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ if len(m.pskIdentities) > 0 { // pre_shared_key must be the last extension
+ // RFC 8446, Section 4.2.11
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, psk := range m.pskIdentities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(psk.label)
+ })
+ b.AddUint32(psk.obfuscatedTicketAge)
+ }
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+// marshalWithoutBinders returns the ClientHello through the
+// PreSharedKeyExtension.identities field, according to RFC 8446, Section
+// 4.2.11.2. Note that m.pskBinders must be set to slices of the correct length.
+func (m *clientHelloMsg) marshalWithoutBinders() []byte {
+ bindersLen := 2 // uint16 length prefix
+ for _, binder := range m.pskBinders {
+ bindersLen += 1 // uint8 length prefix
+ bindersLen += len(binder)
+ }
+
+ fullMessage := m.marshal()
+ return fullMessage[:len(fullMessage)-bindersLen]
+}
+
+// updateBinders updates the m.pskBinders field, if necessary updating the
+// cached marshaled representation. The supplied binders must have the same
+// length as the current m.pskBinders.
+func (m *clientHelloMsg) updateBinders(pskBinders [][]byte) {
+ if len(pskBinders) != len(m.pskBinders) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ for i := range m.pskBinders {
+ if len(pskBinders[i]) != len(m.pskBinders[i]) {
+ panic("tls: internal error: pskBinders length mismatch")
+ }
+ }
+ m.pskBinders = pskBinders
+ if m.raw != nil {
+ lenWithoutBinders := len(m.marshalWithoutBinders())
+ // TODO(filippo): replace with NewFixedBuilder once CL 148882 is imported.
+ b := cryptobyte.NewBuilder(m.raw[:lenWithoutBinders])
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, binder := range m.pskBinders {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(binder)
+ })
+ }
+ })
+ if len(b.BytesOrPanic()) != len(m.raw) {
+ panic("tls: internal error: failed to update binders")
+ }
+ }
+}
+
+func (m *clientHelloMsg) unmarshal(data []byte) bool {
+ *m = clientHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) {
+ return false
+ }
+
+ var cipherSuites cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&cipherSuites) {
+ return false
+ }
+ m.cipherSuites = []uint16{}
+ m.secureRenegotiationSupported = false
+ for !cipherSuites.Empty() {
+ var suite uint16
+ if !cipherSuites.ReadUint16(&suite) {
+ return false
+ }
+ if suite == scsvRenegotiation {
+ m.secureRenegotiationSupported = true
+ }
+ m.cipherSuites = append(m.cipherSuites, suite)
+ }
+
+ if !readUint8LengthPrefixed(&s, &m.compressionMethods) {
+ return false
+ }
+
+ if s.Empty() {
+ // ClientHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionServerName:
+ // RFC 6066, Section 3
+ var nameList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&nameList) || nameList.Empty() {
+ return false
+ }
+ for !nameList.Empty() {
+ var nameType uint8
+ var serverName cryptobyte.String
+ if !nameList.ReadUint8(&nameType) ||
+ !nameList.ReadUint16LengthPrefixed(&serverName) ||
+ serverName.Empty() {
+ return false
+ }
+ if nameType != 0 {
+ continue
+ }
+ if len(m.serverName) != 0 {
+ // Multiple names of the same name_type are prohibited.
+ return false
+ }
+ m.serverName = string(serverName)
+ // An SNI value may not include a trailing dot.
+ if strings.HasSuffix(m.serverName, ".") {
+ return false
+ }
+ }
+ case extensionStatusRequest:
+ // RFC 4366, Section 3.6
+ var statusType uint8
+ var ignored cryptobyte.String
+ if !extData.ReadUint8(&statusType) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) ||
+ !extData.ReadUint16LengthPrefixed(&ignored) {
+ return false
+ }
+ m.ocspStapling = statusType == statusTypeOCSP
+ case extensionSupportedCurves:
+ // RFC 4492, sections 5.1.1 and RFC 8446, Section 4.2.7
+ var curves cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&curves) || curves.Empty() {
+ return false
+ }
+ for !curves.Empty() {
+ var curve uint16
+ if !curves.ReadUint16(&curve) {
+ return false
+ }
+ m.supportedCurves = append(m.supportedCurves, CurveID(curve))
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ case extensionSessionTicket:
+ // RFC 5077, Section 3.2
+ m.ticketSupported = true
+ extData.ReadBytes(&m.sessionTicket, len(extData))
+ case extensionSignatureAlgorithms:
+ // RFC 5246, Section 7.4.1.4.1
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ // RFC 8446, Section 4.2.3
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionRenegotiationInfo:
+ // RFC 5746, Section 3.2
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ // RFC 7301, Section 3.1
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ for !protoList.Empty() {
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) || proto.Empty() {
+ return false
+ }
+ m.alpnProtocols = append(m.alpnProtocols, string(proto))
+ }
+ case extensionSCT:
+ // RFC 6962, Section 3.3.1
+ m.scts = true
+ case extensionSupportedVersions:
+ // RFC 8446, Section 4.2.1
+ var versList cryptobyte.String
+ if !extData.ReadUint8LengthPrefixed(&versList) || versList.Empty() {
+ return false
+ }
+ for !versList.Empty() {
+ var vers uint16
+ if !versList.ReadUint16(&vers) {
+ return false
+ }
+ m.supportedVersions = append(m.supportedVersions, vers)
+ }
+ case extensionCookie:
+ // RFC 8446, Section 4.2.2
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // RFC 8446, Section 4.2.8
+ var clientShares cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&clientShares) {
+ return false
+ }
+ for !clientShares.Empty() {
+ var ks keyShare
+ if !clientShares.ReadUint16((*uint16)(&ks.group)) ||
+ !readUint16LengthPrefixed(&clientShares, &ks.data) ||
+ len(ks.data) == 0 {
+ return false
+ }
+ m.keyShares = append(m.keyShares, ks)
+ }
+ case extensionEarlyData:
+ // RFC 8446, Section 4.2.10
+ m.earlyData = true
+ case extensionPSKModes:
+ // RFC 8446, Section 4.2.9
+ if !readUint8LengthPrefixed(&extData, &m.pskModes) {
+ return false
+ }
+ case extensionPreSharedKey:
+ // RFC 8446, Section 4.2.11
+ if !extensions.Empty() {
+ return false // pre_shared_key must be the last extension
+ }
+ var identities cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&identities) || identities.Empty() {
+ return false
+ }
+ for !identities.Empty() {
+ var psk pskIdentity
+ if !readUint16LengthPrefixed(&identities, &psk.label) ||
+ !identities.ReadUint32(&psk.obfuscatedTicketAge) ||
+ len(psk.label) == 0 {
+ return false
+ }
+ m.pskIdentities = append(m.pskIdentities, psk)
+ }
+ var binders cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&binders) || binders.Empty() {
+ return false
+ }
+ for !binders.Empty() {
+ var binder []byte
+ if !readUint8LengthPrefixed(&binders, &binder) ||
+ len(binder) == 0 {
+ return false
+ }
+ m.pskBinders = append(m.pskBinders, binder)
+ }
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type serverHelloMsg struct {
+ raw []byte
+ vers uint16
+ random []byte
+ sessionId []byte
+ cipherSuite uint16
+ compressionMethod uint8
+ ocspStapling bool
+ ticketSupported bool
+ secureRenegotiationSupported bool
+ secureRenegotiation []byte
+ alpnProtocol string
+ scts [][]byte
+ supportedVersion uint16
+ serverShare keyShare
+ selectedIdentityPresent bool
+ selectedIdentity uint16
+ supportedPoints []uint8
+
+ // HelloRetryRequest extensions
+ cookie []byte
+ selectedGroup CurveID
+}
+
+func (m *serverHelloMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeServerHello)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.vers)
+ addBytesWithLength(b, m.random, 32)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.sessionId)
+ })
+ b.AddUint16(m.cipherSuite)
+ b.AddUint8(m.compressionMethod)
+
+ // If extensions aren't present, omit them.
+ var extensionsPresent bool
+ bWithoutExtensions := *b
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.ticketSupported {
+ b.AddUint16(extensionSessionTicket)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.secureRenegotiationSupported {
+ b.AddUint16(extensionRenegotiationInfo)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.secureRenegotiation)
+ })
+ })
+ }
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if len(m.scts) > 0 {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range m.scts {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ if m.supportedVersion != 0 {
+ b.AddUint16(extensionSupportedVersions)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.supportedVersion)
+ })
+ }
+ if m.serverShare.group != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.serverShare.group))
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.serverShare.data)
+ })
+ })
+ }
+ if m.selectedIdentityPresent {
+ b.AddUint16(extensionPreSharedKey)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(m.selectedIdentity)
+ })
+ }
+
+ if len(m.cookie) > 0 {
+ b.AddUint16(extensionCookie)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.cookie)
+ })
+ })
+ }
+ if m.selectedGroup != 0 {
+ b.AddUint16(extensionKeyShare)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16(uint16(m.selectedGroup))
+ })
+ }
+ if len(m.supportedPoints) > 0 {
+ b.AddUint16(extensionSupportedPoints)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.supportedPoints)
+ })
+ })
+ }
+
+ extensionsPresent = len(b.BytesOrPanic()) > 2
+ })
+
+ if !extensionsPresent {
+ *b = bWithoutExtensions
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *serverHelloMsg) unmarshal(data []byte) bool {
+ *m = serverHelloMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16(&m.vers) || !s.ReadBytes(&m.random, 32) ||
+ !readUint8LengthPrefixed(&s, &m.sessionId) ||
+ !s.ReadUint16(&m.cipherSuite) ||
+ !s.ReadUint8(&m.compressionMethod) {
+ return false
+ }
+
+ if s.Empty() {
+ // ServerHello is optionally followed by extension data
+ return true
+ }
+
+ var extensions cryptobyte.String
+ if !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSessionTicket:
+ m.ticketSupported = true
+ case extensionRenegotiationInfo:
+ if !readUint8LengthPrefixed(&extData, &m.secureRenegotiation) {
+ return false
+ }
+ m.secureRenegotiationSupported = true
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ m.scts = append(m.scts, sct)
+ }
+ case extensionSupportedVersions:
+ if !extData.ReadUint16(&m.supportedVersion) {
+ return false
+ }
+ case extensionCookie:
+ if !readUint16LengthPrefixed(&extData, &m.cookie) ||
+ len(m.cookie) == 0 {
+ return false
+ }
+ case extensionKeyShare:
+ // This extension has different formats in SH and HRR, accept either
+ // and let the handshake logic decide. See RFC 8446, Section 4.2.8.
+ if len(extData) == 2 {
+ if !extData.ReadUint16((*uint16)(&m.selectedGroup)) {
+ return false
+ }
+ } else {
+ if !extData.ReadUint16((*uint16)(&m.serverShare.group)) ||
+ !readUint16LengthPrefixed(&extData, &m.serverShare.data) {
+ return false
+ }
+ }
+ case extensionPreSharedKey:
+ m.selectedIdentityPresent = true
+ if !extData.ReadUint16(&m.selectedIdentity) {
+ return false
+ }
+ case extensionSupportedPoints:
+ // RFC 4492, Section 5.1.2
+ if !readUint8LengthPrefixed(&extData, &m.supportedPoints) ||
+ len(m.supportedPoints) == 0 {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type encryptedExtensionsMsg struct {
+ raw []byte
+ alpnProtocol string
+ earlyData bool
+
+ additionalExtensions []Extension
+}
+
+func (m *encryptedExtensionsMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeEncryptedExtensions)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if len(m.alpnProtocol) > 0 {
+ b.AddUint16(extensionALPN)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpnProtocol))
+ })
+ })
+ })
+ }
+ if m.earlyData {
+ // RFC 8446, Section 4.2.10
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16(0) // empty extension_data
+ }
+ for _, ext := range m.additionalExtensions {
+ b.AddUint16(ext.Type)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ext.Data)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *encryptedExtensionsMsg) unmarshal(data []byte) bool {
+ *m = encryptedExtensionsMsg{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint16LengthPrefixed(&extensions) || !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var ext uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&ext) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch ext {
+ case extensionALPN:
+ var protoList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&protoList) || protoList.Empty() {
+ return false
+ }
+ var proto cryptobyte.String
+ if !protoList.ReadUint8LengthPrefixed(&proto) ||
+ proto.Empty() || !protoList.Empty() {
+ return false
+ }
+ m.alpnProtocol = string(proto)
+ case extensionEarlyData:
+ m.earlyData = true
+ default:
+ m.additionalExtensions = append(m.additionalExtensions, Extension{Type: ext, Data: extData})
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type endOfEarlyDataMsg struct{}
+
+func (m *endOfEarlyDataMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeEndOfEarlyData
+ return x
+}
+
+func (m *endOfEarlyDataMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type keyUpdateMsg struct {
+ raw []byte
+ updateRequested bool
+}
+
+func (m *keyUpdateMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeKeyUpdate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.updateRequested {
+ b.AddUint8(1)
+ } else {
+ b.AddUint8(0)
+ }
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *keyUpdateMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var updateRequested uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&updateRequested) || !s.Empty() {
+ return false
+ }
+ switch updateRequested {
+ case 0:
+ m.updateRequested = false
+ case 1:
+ m.updateRequested = true
+ default:
+ return false
+ }
+ return true
+}
+
+type newSessionTicketMsgTLS13 struct {
+ raw []byte
+ lifetime uint32
+ ageAdd uint32
+ nonce []byte
+ label []byte
+ maxEarlyData uint32
+}
+
+func (m *newSessionTicketMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeNewSessionTicket)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.lifetime)
+ b.AddUint32(m.ageAdd)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.nonce)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.label)
+ })
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.maxEarlyData > 0 {
+ b.AddUint16(extensionEarlyData)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint32(m.maxEarlyData)
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *newSessionTicketMsgTLS13) unmarshal(data []byte) bool {
+ *m = newSessionTicketMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint32(&m.lifetime) ||
+ !s.ReadUint32(&m.ageAdd) ||
+ !readUint8LengthPrefixed(&s, &m.nonce) ||
+ !readUint16LengthPrefixed(&s, &m.label) ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionEarlyData:
+ if !extData.ReadUint32(&m.maxEarlyData) {
+ return false
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateRequestMsgTLS13 struct {
+ raw []byte
+ ocspStapling bool
+ scts bool
+ supportedSignatureAlgorithms []SignatureScheme
+ supportedSignatureAlgorithmsCert []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateRequest)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ // certificate_request_context (SHALL be zero length unless used for
+ // post-handshake authentication)
+ b.AddUint8(0)
+
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.ocspStapling {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16(0) // empty extension_data
+ }
+ if m.scts {
+ // RFC 8446, Section 4.4.2.1 makes no mention of
+ // signed_certificate_timestamp in CertificateRequest, but
+ // "Extensions in the Certificate message from the client MUST
+ // correspond to extensions in the CertificateRequest message
+ // from the server." and it appears in the table in Section 4.2.
+ b.AddUint16(extensionSCT)
+ b.AddUint16(0) // empty extension_data
+ }
+ if len(m.supportedSignatureAlgorithms) > 0 {
+ b.AddUint16(extensionSignatureAlgorithms)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.supportedSignatureAlgorithmsCert) > 0 {
+ b.AddUint16(extensionSignatureAlgorithmsCert)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sigAlgo := range m.supportedSignatureAlgorithmsCert {
+ b.AddUint16(uint16(sigAlgo))
+ }
+ })
+ })
+ }
+ if len(m.certificateAuthorities) > 0 {
+ b.AddUint16(extensionCertificateAuthorities)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, ca := range m.certificateAuthorities {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(ca)
+ })
+ }
+ })
+ })
+ }
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateRequestMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateRequestMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context, extensions cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !s.ReadUint16LengthPrefixed(&extensions) ||
+ !s.Empty() {
+ return false
+ }
+
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ m.ocspStapling = true
+ case extensionSCT:
+ m.scts = true
+ case extensionSignatureAlgorithms:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithms = append(
+ m.supportedSignatureAlgorithms, SignatureScheme(sigAndAlg))
+ }
+ case extensionSignatureAlgorithmsCert:
+ var sigAndAlgs cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sigAndAlgs) || sigAndAlgs.Empty() {
+ return false
+ }
+ for !sigAndAlgs.Empty() {
+ var sigAndAlg uint16
+ if !sigAndAlgs.ReadUint16(&sigAndAlg) {
+ return false
+ }
+ m.supportedSignatureAlgorithmsCert = append(
+ m.supportedSignatureAlgorithmsCert, SignatureScheme(sigAndAlg))
+ }
+ case extensionCertificateAuthorities:
+ var auths cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&auths) || auths.Empty() {
+ return false
+ }
+ for !auths.Empty() {
+ var ca []byte
+ if !readUint16LengthPrefixed(&auths, &ca) || len(ca) == 0 {
+ return false
+ }
+ m.certificateAuthorities = append(m.certificateAuthorities, ca)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+
+ return true
+}
+
+type certificateMsg struct {
+ raw []byte
+ certificates [][]byte
+}
+
+func (m *certificateMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var i int
+ for _, slice := range m.certificates {
+ i += len(slice)
+ }
+
+ length := 3 + 3*len(m.certificates) + i
+ x = make([]byte, 4+length)
+ x[0] = typeCertificate
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ certificateOctets := length - 3
+ x[4] = uint8(certificateOctets >> 16)
+ x[5] = uint8(certificateOctets >> 8)
+ x[6] = uint8(certificateOctets)
+
+ y := x[7:]
+ for _, slice := range m.certificates {
+ y[0] = uint8(len(slice) >> 16)
+ y[1] = uint8(len(slice) >> 8)
+ y[2] = uint8(len(slice))
+ copy(y[3:], slice)
+ y = y[3+len(slice):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateMsg) unmarshal(data []byte) bool {
+ if len(data) < 7 {
+ return false
+ }
+
+ m.raw = data
+ certsLen := uint32(data[4])<<16 | uint32(data[5])<<8 | uint32(data[6])
+ if uint32(len(data)) != certsLen+7 {
+ return false
+ }
+
+ numCerts := 0
+ d := data[7:]
+ for certsLen > 0 {
+ if len(d) < 4 {
+ return false
+ }
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ if uint32(len(d)) < 3+certLen {
+ return false
+ }
+ d = d[3+certLen:]
+ certsLen -= 3 + certLen
+ numCerts++
+ }
+
+ m.certificates = make([][]byte, numCerts)
+ d = data[7:]
+ for i := 0; i < numCerts; i++ {
+ certLen := uint32(d[0])<<16 | uint32(d[1])<<8 | uint32(d[2])
+ m.certificates[i] = d[3 : 3+certLen]
+ d = d[3+certLen:]
+ }
+
+ return true
+}
+
+type certificateMsgTLS13 struct {
+ raw []byte
+ certificate Certificate
+ ocspStapling bool
+ scts bool
+}
+
+func (m *certificateMsgTLS13) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificate)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(0) // certificate_request_context
+
+ certificate := m.certificate
+ if !m.ocspStapling {
+ certificate.OCSPStaple = nil
+ }
+ if !m.scts {
+ certificate.SignedCertificateTimestamps = nil
+ }
+ marshalCertificate(b, certificate)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func marshalCertificate(b *cryptobyte.Builder, certificate Certificate) {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for i, cert := range certificate.Certificate {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ if i > 0 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ return
+ }
+ if certificate.OCSPStaple != nil {
+ b.AddUint16(extensionStatusRequest)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(certificate.OCSPStaple)
+ })
+ })
+ }
+ if certificate.SignedCertificateTimestamps != nil {
+ b.AddUint16(extensionSCT)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, sct := range certificate.SignedCertificateTimestamps {
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(sct)
+ })
+ }
+ })
+ })
+ }
+ })
+ }
+ })
+}
+
+func (m *certificateMsgTLS13) unmarshal(data []byte) bool {
+ *m = certificateMsgTLS13{raw: data}
+ s := cryptobyte.String(data)
+
+ var context cryptobyte.String
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8LengthPrefixed(&context) || !context.Empty() ||
+ !unmarshalCertificate(&s, &m.certificate) ||
+ !s.Empty() {
+ return false
+ }
+
+ m.scts = m.certificate.SignedCertificateTimestamps != nil
+ m.ocspStapling = m.certificate.OCSPStaple != nil
+
+ return true
+}
+
+func unmarshalCertificate(s *cryptobyte.String, certificate *Certificate) bool {
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ var extensions cryptobyte.String
+ if !readUint24LengthPrefixed(&certList, &cert) ||
+ !certList.ReadUint16LengthPrefixed(&extensions) {
+ return false
+ }
+ certificate.Certificate = append(certificate.Certificate, cert)
+ for !extensions.Empty() {
+ var extension uint16
+ var extData cryptobyte.String
+ if !extensions.ReadUint16(&extension) ||
+ !extensions.ReadUint16LengthPrefixed(&extData) {
+ return false
+ }
+ if len(certificate.Certificate) > 1 {
+ // This library only supports OCSP and SCT for leaf certificates.
+ continue
+ }
+
+ switch extension {
+ case extensionStatusRequest:
+ var statusType uint8
+ if !extData.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&extData, &certificate.OCSPStaple) ||
+ len(certificate.OCSPStaple) == 0 {
+ return false
+ }
+ case extensionSCT:
+ var sctList cryptobyte.String
+ if !extData.ReadUint16LengthPrefixed(&sctList) || sctList.Empty() {
+ return false
+ }
+ for !sctList.Empty() {
+ var sct []byte
+ if !readUint16LengthPrefixed(&sctList, &sct) ||
+ len(sct) == 0 {
+ return false
+ }
+ certificate.SignedCertificateTimestamps = append(
+ certificate.SignedCertificateTimestamps, sct)
+ }
+ default:
+ // Ignore unknown extensions.
+ continue
+ }
+
+ if !extData.Empty() {
+ return false
+ }
+ }
+ }
+ return true
+}
+
+type serverKeyExchangeMsg struct {
+ raw []byte
+ key []byte
+}
+
+func (m *serverKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.key)
+ x := make([]byte, length+4)
+ x[0] = typeServerKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.key)
+
+ m.raw = x
+ return x
+}
+
+func (m *serverKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ m.key = data[4:]
+ return true
+}
+
+type certificateStatusMsg struct {
+ raw []byte
+ response []byte
+}
+
+func (m *certificateStatusMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateStatus)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddUint8(statusTypeOCSP)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.response)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateStatusMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ var statusType uint8
+ if !s.Skip(4) || // message type and uint24 length field
+ !s.ReadUint8(&statusType) || statusType != statusTypeOCSP ||
+ !readUint24LengthPrefixed(&s, &m.response) ||
+ len(m.response) == 0 || !s.Empty() {
+ return false
+ }
+ return true
+}
+
+type serverHelloDoneMsg struct{}
+
+func (m *serverHelloDoneMsg) marshal() []byte {
+ x := make([]byte, 4)
+ x[0] = typeServerHelloDone
+ return x
+}
+
+func (m *serverHelloDoneMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
+
+type clientKeyExchangeMsg struct {
+ raw []byte
+ ciphertext []byte
+}
+
+func (m *clientKeyExchangeMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+ length := len(m.ciphertext)
+ x := make([]byte, length+4)
+ x[0] = typeClientKeyExchange
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ copy(x[4:], m.ciphertext)
+
+ m.raw = x
+ return x
+}
+
+func (m *clientKeyExchangeMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ if len(data) < 4 {
+ return false
+ }
+ l := int(data[1])<<16 | int(data[2])<<8 | int(data[3])
+ if l != len(data)-4 {
+ return false
+ }
+ m.ciphertext = data[4:]
+ return true
+}
+
+type finishedMsg struct {
+ raw []byte
+ verifyData []byte
+}
+
+func (m *finishedMsg) marshal() []byte {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeFinished)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.verifyData)
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *finishedMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+ return s.Skip(1) &&
+ readUint24LengthPrefixed(&s, &m.verifyData) &&
+ s.Empty()
+}
+
+type certificateRequestMsg struct {
+ raw []byte
+ // hasSignatureAlgorithm indicates whether this message includes a list of
+ // supported signature algorithms. This change was introduced with TLS 1.2.
+ hasSignatureAlgorithm bool
+
+ certificateTypes []byte
+ supportedSignatureAlgorithms []SignatureScheme
+ certificateAuthorities [][]byte
+}
+
+func (m *certificateRequestMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 4346, Section 7.4.4.
+ length := 1 + len(m.certificateTypes) + 2
+ casLength := 0
+ for _, ca := range m.certificateAuthorities {
+ casLength += 2 + len(ca)
+ }
+ length += casLength
+
+ if m.hasSignatureAlgorithm {
+ length += 2 + 2*len(m.supportedSignatureAlgorithms)
+ }
+
+ x = make([]byte, 4+length)
+ x[0] = typeCertificateRequest
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+
+ x[4] = uint8(len(m.certificateTypes))
+
+ copy(x[5:], m.certificateTypes)
+ y := x[5+len(m.certificateTypes):]
+
+ if m.hasSignatureAlgorithm {
+ n := len(m.supportedSignatureAlgorithms) * 2
+ y[0] = uint8(n >> 8)
+ y[1] = uint8(n)
+ y = y[2:]
+ for _, sigAlgo := range m.supportedSignatureAlgorithms {
+ y[0] = uint8(sigAlgo >> 8)
+ y[1] = uint8(sigAlgo)
+ y = y[2:]
+ }
+ }
+
+ y[0] = uint8(casLength >> 8)
+ y[1] = uint8(casLength)
+ y = y[2:]
+ for _, ca := range m.certificateAuthorities {
+ y[0] = uint8(len(ca) >> 8)
+ y[1] = uint8(len(ca))
+ y = y[2:]
+ copy(y, ca)
+ y = y[len(ca):]
+ }
+
+ m.raw = x
+ return
+}
+
+func (m *certificateRequestMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 5 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ numCertTypes := int(data[4])
+ data = data[5:]
+ if numCertTypes == 0 || len(data) <= numCertTypes {
+ return false
+ }
+
+ m.certificateTypes = make([]byte, numCertTypes)
+ if copy(m.certificateTypes, data) != numCertTypes {
+ return false
+ }
+
+ data = data[numCertTypes:]
+
+ if m.hasSignatureAlgorithm {
+ if len(data) < 2 {
+ return false
+ }
+ sigAndHashLen := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if sigAndHashLen&1 != 0 {
+ return false
+ }
+ if len(data) < int(sigAndHashLen) {
+ return false
+ }
+ numSigAlgos := sigAndHashLen / 2
+ m.supportedSignatureAlgorithms = make([]SignatureScheme, numSigAlgos)
+ for i := range m.supportedSignatureAlgorithms {
+ m.supportedSignatureAlgorithms[i] = SignatureScheme(data[0])<<8 | SignatureScheme(data[1])
+ data = data[2:]
+ }
+ }
+
+ if len(data) < 2 {
+ return false
+ }
+ casLength := uint16(data[0])<<8 | uint16(data[1])
+ data = data[2:]
+ if len(data) < int(casLength) {
+ return false
+ }
+ cas := make([]byte, casLength)
+ copy(cas, data)
+ data = data[casLength:]
+
+ m.certificateAuthorities = nil
+ for len(cas) > 0 {
+ if len(cas) < 2 {
+ return false
+ }
+ caLen := uint16(cas[0])<<8 | uint16(cas[1])
+ cas = cas[2:]
+
+ if len(cas) < int(caLen) {
+ return false
+ }
+
+ m.certificateAuthorities = append(m.certificateAuthorities, cas[:caLen])
+ cas = cas[caLen:]
+ }
+
+ return len(data) == 0
+}
+
+type certificateVerifyMsg struct {
+ raw []byte
+ hasSignatureAlgorithm bool // format change introduced in TLS 1.2
+ signatureAlgorithm SignatureScheme
+ signature []byte
+}
+
+func (m *certificateVerifyMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ var b cryptobyte.Builder
+ b.AddUint8(typeCertificateVerify)
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ if m.hasSignatureAlgorithm {
+ b.AddUint16(uint16(m.signatureAlgorithm))
+ }
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.signature)
+ })
+ })
+
+ m.raw = b.BytesOrPanic()
+ return m.raw
+}
+
+func (m *certificateVerifyMsg) unmarshal(data []byte) bool {
+ m.raw = data
+ s := cryptobyte.String(data)
+
+ if !s.Skip(4) { // message type and uint24 length field
+ return false
+ }
+ if m.hasSignatureAlgorithm {
+ if !s.ReadUint16((*uint16)(&m.signatureAlgorithm)) {
+ return false
+ }
+ }
+ return readUint16LengthPrefixed(&s, &m.signature) && s.Empty()
+}
+
+type newSessionTicketMsg struct {
+ raw []byte
+ ticket []byte
+}
+
+func (m *newSessionTicketMsg) marshal() (x []byte) {
+ if m.raw != nil {
+ return m.raw
+ }
+
+ // See RFC 5077, Section 3.3.
+ ticketLen := len(m.ticket)
+ length := 2 + 4 + ticketLen
+ x = make([]byte, 4+length)
+ x[0] = typeNewSessionTicket
+ x[1] = uint8(length >> 16)
+ x[2] = uint8(length >> 8)
+ x[3] = uint8(length)
+ x[8] = uint8(ticketLen >> 8)
+ x[9] = uint8(ticketLen)
+ copy(x[10:], m.ticket)
+
+ m.raw = x
+
+ return
+}
+
+func (m *newSessionTicketMsg) unmarshal(data []byte) bool {
+ m.raw = data
+
+ if len(data) < 10 {
+ return false
+ }
+
+ length := uint32(data[1])<<16 | uint32(data[2])<<8 | uint32(data[3])
+ if uint32(len(data))-4 != length {
+ return false
+ }
+
+ ticketLen := int(data[8])<<8 + int(data[9])
+ if len(data)-10 != ticketLen {
+ return false
+ }
+
+ m.ticket = data[10:]
+
+ return true
+}
+
+type helloRequestMsg struct {
+}
+
+func (*helloRequestMsg) marshal() []byte {
+ return []byte{typeHelloRequest, 0, 0, 0}
+}
+
+func (*helloRequestMsg) unmarshal(data []byte) bool {
+ return len(data) == 4
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server.go b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server.go
new file mode 100644
index 00000000..7d3557d7
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server.go
@@ -0,0 +1,905 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/subtle"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "hash"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// serverHandshakeState contains details of a server handshake in progress.
+// It's discarded once the handshake has completed.
+type serverHandshakeState struct {
+ c *Conn
+ ctx context.Context
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ suite *cipherSuite
+ ecdheOk bool
+ ecSignOk bool
+ rsaDecryptOk bool
+ rsaSignOk bool
+ sessionState *sessionState
+ finishedHash finishedHash
+ masterSecret []byte
+ cert *Certificate
+}
+
+// serverHandshake performs a TLS handshake as a server.
+func (c *Conn) serverHandshake(ctx context.Context) error {
+ c.setAlternativeRecordLayer()
+
+ clientHello, err := c.readClientHello(ctx)
+ if err != nil {
+ return err
+ }
+
+ if c.vers == VersionTLS13 {
+ hs := serverHandshakeStateTLS13{
+ c: c,
+ ctx: ctx,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+ } else if c.extraConfig.usesAlternativeRecordLayer() {
+ // This should already have been caught by the check that the ClientHello doesn't
+ // offer any (supported) versions older than TLS 1.3.
+ // Check again to make sure we can't be tricked into using an older version.
+ c.sendAlert(alertProtocolVersion)
+ return errors.New("tls: negotiated TLS < 1.3 when using QUIC")
+ }
+
+ hs := serverHandshakeState{
+ c: c,
+ ctx: ctx,
+ clientHello: clientHello,
+ }
+ return hs.handshake()
+}
+
+func (hs *serverHandshakeState) handshake() error {
+ c := hs.c
+
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+
+ // For an overview of TLS handshaking, see RFC 5246, Section 7.3.
+ c.buffering = true
+ if hs.checkForResumption() {
+ // The client has included a session ticket and so we do an abbreviated handshake.
+ c.didResume = true
+ if err := hs.doResumeHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(c.serverFinished[:]); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = false
+ if err := hs.readFinished(nil); err != nil {
+ return err
+ }
+ } else {
+ // The client didn't include a session ticket, or it wasn't
+ // valid so we do a full handshake.
+ if err := hs.pickCipherSuite(); err != nil {
+ return err
+ }
+ if err := hs.doFullHandshake(); err != nil {
+ return err
+ }
+ if err := hs.establishKeys(); err != nil {
+ return err
+ }
+ if err := hs.readFinished(c.clientFinished[:]); err != nil {
+ return err
+ }
+ c.clientFinishedIsFirst = true
+ c.buffering = true
+ if err := hs.sendSessionTicket(); err != nil {
+ return err
+ }
+ if err := hs.sendFinished(nil); err != nil {
+ return err
+ }
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ }
+
+ c.ekm = ekmFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random)
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+// readClientHello reads a ClientHello message and selects the protocol version.
+func (c *Conn) readClientHello(ctx context.Context) (*clientHelloMsg, error) {
+ msg, err := c.readHandshake()
+ if err != nil {
+ return nil, err
+ }
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return nil, unexpectedMessageError(clientHello, msg)
+ }
+
+ var configForClient *config
+ originalConfig := c.config
+ if c.config.GetConfigForClient != nil {
+ chi := newClientHelloInfo(ctx, c, clientHello)
+ if cfc, err := c.config.GetConfigForClient(chi); err != nil {
+ c.sendAlert(alertInternalError)
+ return nil, err
+ } else if cfc != nil {
+ configForClient = fromConfig(cfc)
+ c.config = configForClient
+ }
+ }
+ c.ticketKeys = originalConfig.ticketKeys(configForClient)
+
+ clientVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ clientVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+ if c.extraConfig.usesAlternativeRecordLayer() {
+ // In QUIC, the client MUST NOT offer any old TLS versions.
+ // Here, we can only check that none of the other supported versions of this library
+ // (TLS 1.0 - TLS 1.2) is offered. We don't check for any SSL versions here.
+ for _, ver := range clientVersions {
+ if ver == VersionTLS13 {
+ continue
+ }
+ for _, v := range supportedVersions {
+ if ver == v {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered old TLS version %#x", ver)
+ }
+ }
+ }
+ // Make the config we're using allows us to use TLS 1.3.
+ if c.config.maxSupportedVersion() < VersionTLS13 {
+ c.sendAlert(alertInternalError)
+ return nil, errors.New("tls: MaxVersion prevents QUIC from using TLS 1.3")
+ }
+ }
+ c.vers, ok = c.config.mutualVersion(clientVersions)
+ if !ok {
+ c.sendAlert(alertProtocolVersion)
+ return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+ }
+ c.haveVers = true
+ c.in.version = c.vers
+ c.out.version = c.vers
+
+ return clientHello, nil
+}
+
+func (hs *serverHandshakeState) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.hello.vers = c.vers
+
+ foundCompression := false
+ // We only support null compression, so check that the client offered it.
+ for _, compression := range hs.clientHello.compressionMethods {
+ if compression == compressionNone {
+ foundCompression = true
+ break
+ }
+ }
+
+ if !foundCompression {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client does not support uncompressed connections")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ serverRandom := hs.hello.random
+ // Downgrade protection canaries. See RFC 8446, Section 4.1.3.
+ maxVers := c.config.maxSupportedVersion()
+ if maxVers >= VersionTLS12 && c.vers < maxVers || testingOnlyForceDowngradeCanary {
+ if c.vers == VersionTLS12 {
+ copy(serverRandom[24:], downgradeCanaryTLS12)
+ } else {
+ copy(serverRandom[24:], downgradeCanaryTLS11)
+ }
+ serverRandom = serverRandom[:24]
+ }
+ _, err := io.ReadFull(c.config.rand(), serverRandom)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.secureRenegotiationSupported = hs.clientHello.secureRenegotiationSupported
+ hs.hello.compressionMethod = compressionNone
+ if len(hs.clientHello.serverName) > 0 {
+ c.serverName = hs.clientHello.serverName
+ }
+
+ selectedProto, err := negotiateALPN(c.config.NextProtos, hs.clientHello.alpnProtocols)
+ if err != nil {
+ c.sendAlert(alertNoApplicationProtocol)
+ return err
+ }
+ hs.hello.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+
+ hs.cert, err = c.config.getCertificate(newClientHelloInfo(hs.ctx, c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ if hs.clientHello.scts {
+ hs.hello.scts = hs.cert.SignedCertificateTimestamps
+ }
+
+ hs.ecdheOk = supportsECDHE(c.config, hs.clientHello.supportedCurves, hs.clientHello.supportedPoints)
+
+ if hs.ecdheOk {
+ // Although omitting the ec_point_formats extension is permitted, some
+ // old OpenSSL version will refuse to handshake if not present.
+ //
+ // Per RFC 4492, section 5.1.2, implementations MUST support the
+ // uncompressed point format. See golang.org/issue/31943.
+ hs.hello.supportedPoints = []uint8{pointFormatUncompressed}
+ }
+
+ if priv, ok := hs.cert.PrivateKey.(crypto.Signer); ok {
+ switch priv.Public().(type) {
+ case *ecdsa.PublicKey:
+ hs.ecSignOk = true
+ case ed25519.PublicKey:
+ hs.ecSignOk = true
+ case *rsa.PublicKey:
+ hs.rsaSignOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported signing key type (%T)", priv.Public())
+ }
+ }
+ if priv, ok := hs.cert.PrivateKey.(crypto.Decrypter); ok {
+ switch priv.Public().(type) {
+ case *rsa.PublicKey:
+ hs.rsaDecryptOk = true
+ default:
+ c.sendAlert(alertInternalError)
+ return fmt.Errorf("tls: unsupported decryption key type (%T)", priv.Public())
+ }
+ }
+
+ return nil
+}
+
+// negotiateALPN picks a shared ALPN protocol that both sides support in server
+// preference order. If ALPN is not configured or the peer doesn't support it,
+// it returns "" and no error.
+func negotiateALPN(serverProtos, clientProtos []string) (string, error) {
+ if len(serverProtos) == 0 || len(clientProtos) == 0 {
+ return "", nil
+ }
+ var http11fallback bool
+ for _, s := range serverProtos {
+ for _, c := range clientProtos {
+ if s == c {
+ return s, nil
+ }
+ if s == "h2" && c == "http/1.1" {
+ http11fallback = true
+ }
+ }
+ }
+ // As a special case, let http/1.1 clients connect to h2 servers as if they
+ // didn't support ALPN. We used not to enforce protocol overlap, so over
+ // time a number of HTTP servers were configured with only "h2", but
+ // expected to accept connections from "http/1.1" clients. See Issue 46310.
+ if http11fallback {
+ return "", nil
+ }
+ return "", fmt.Errorf("tls: client requested unsupported application protocols (%s)", clientProtos)
+}
+
+// supportsECDHE returns whether ECDHE key exchanges can be used with this
+// pre-TLS 1.3 client.
+func supportsECDHE(c *config, supportedCurves []CurveID, supportedPoints []uint8) bool {
+ supportsCurve := false
+ for _, curve := range supportedCurves {
+ if c.supportsCurve(curve) {
+ supportsCurve = true
+ break
+ }
+ }
+
+ supportsPointFormat := false
+ for _, pointFormat := range supportedPoints {
+ if pointFormat == pointFormatUncompressed {
+ supportsPointFormat = true
+ break
+ }
+ }
+
+ return supportsCurve && supportsPointFormat
+}
+
+func (hs *serverHandshakeState) pickCipherSuite() error {
+ c := hs.c
+
+ preferenceOrder := cipherSuitesPreferenceOrder
+ if !hasAESGCMHardwareSupport || !aesgcmPreferred(hs.clientHello.cipherSuites) {
+ preferenceOrder = cipherSuitesPreferenceOrderNoAES
+ }
+
+ configCipherSuites := c.config.cipherSuites()
+ preferenceList := make([]uint16, 0, len(configCipherSuites))
+ for _, suiteID := range preferenceOrder {
+ for _, id := range configCipherSuites {
+ if id == suiteID {
+ preferenceList = append(preferenceList, id)
+ break
+ }
+ }
+ }
+
+ hs.suite = selectCipherSuite(preferenceList, hs.clientHello.cipherSuites, hs.cipherSuiteOk)
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // The client is doing a fallback connection. See RFC 7507.
+ if hs.clientHello.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) cipherSuiteOk(c *cipherSuite) bool {
+ if c.flags&suiteECDHE != 0 {
+ if !hs.ecdheOk {
+ return false
+ }
+ if c.flags&suiteECSign != 0 {
+ if !hs.ecSignOk {
+ return false
+ }
+ } else if !hs.rsaSignOk {
+ return false
+ }
+ } else if !hs.rsaDecryptOk {
+ return false
+ }
+ if hs.c.vers < VersionTLS12 && c.flags&suiteTLS12 != 0 {
+ return false
+ }
+ return true
+}
+
+// checkForResumption reports whether we should perform resumption on this connection.
+func (hs *serverHandshakeState) checkForResumption() bool {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ plaintext, usedOldKey := c.decryptTicket(hs.clientHello.sessionTicket)
+ if plaintext == nil {
+ return false
+ }
+ hs.sessionState = &sessionState{usedOldKey: usedOldKey}
+ ok := hs.sessionState.unmarshal(plaintext)
+ if !ok {
+ return false
+ }
+
+ createdAt := time.Unix(int64(hs.sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ return false
+ }
+
+ // Never resume a session for a different TLS version.
+ if c.vers != hs.sessionState.vers {
+ return false
+ }
+
+ cipherSuiteOk := false
+ // Check that the client is still offering the ciphersuite in the session.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == hs.sessionState.cipherSuite {
+ cipherSuiteOk = true
+ break
+ }
+ }
+ if !cipherSuiteOk {
+ return false
+ }
+
+ // Check that we also support the ciphersuite from the session.
+ hs.suite = selectCipherSuite([]uint16{hs.sessionState.cipherSuite},
+ c.config.cipherSuites(), hs.cipherSuiteOk)
+ if hs.suite == nil {
+ return false
+ }
+
+ sessionHasClientCerts := len(hs.sessionState.certificates) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ return false
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ return false
+ }
+
+ return true
+}
+
+func (hs *serverHandshakeState) doResumeHandshake() error {
+ c := hs.c
+
+ hs.hello.cipherSuite = hs.suite.id
+ c.cipherSuite = hs.suite.id
+ // We echo the client's session ID in the ServerHello to let it know
+ // that we're doing a resumption.
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.ticketSupported = hs.sessionState.usedOldKey
+ hs.finishedHash = newFinishedHash(c.vers, hs.suite)
+ hs.finishedHash.discardHandshakeBuffer()
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: hs.sessionState.certificates,
+ }); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ hs.masterSecret = hs.sessionState.masterSecret
+
+ return nil
+}
+
+func (hs *serverHandshakeState) doFullHandshake() error {
+ c := hs.c
+
+ if hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0 {
+ hs.hello.ocspStapling = true
+ }
+
+ hs.hello.ticketSupported = hs.clientHello.ticketSupported && !c.config.SessionTicketsDisabled
+ hs.hello.cipherSuite = hs.suite.id
+
+ hs.finishedHash = newFinishedHash(hs.c.vers, hs.suite)
+ if c.config.ClientAuth == NoClientCert {
+ // No need to keep a full record of the handshake if client
+ // certificates won't be used.
+ hs.finishedHash.discardHandshakeBuffer()
+ }
+ hs.finishedHash.Write(hs.clientHello.marshal())
+ hs.finishedHash.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ certMsg := new(certificateMsg)
+ certMsg.certificates = hs.cert.Certificate
+ hs.finishedHash.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ if hs.hello.ocspStapling {
+ certStatus := new(certificateStatusMsg)
+ certStatus.response = hs.cert.OCSPStaple
+ hs.finishedHash.Write(certStatus.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certStatus.marshal()); err != nil {
+ return err
+ }
+ }
+
+ keyAgreement := hs.suite.ka(c.vers)
+ skx, err := keyAgreement.generateServerKeyExchange(c.config, hs.cert, hs.clientHello, hs.hello)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ if skx != nil {
+ hs.finishedHash.Write(skx.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, skx.marshal()); err != nil {
+ return err
+ }
+ }
+
+ var certReq *certificateRequestMsg
+ if c.config.ClientAuth >= RequestClientCert {
+ // Request a client certificate
+ certReq = new(certificateRequestMsg)
+ certReq.certificateTypes = []byte{
+ byte(certTypeRSASign),
+ byte(certTypeECDSASign),
+ }
+ if c.vers >= VersionTLS12 {
+ certReq.hasSignatureAlgorithm = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ }
+
+ // An empty list of certificateAuthorities signals to
+ // the client that it may send any certificate in response
+ // to our request. When we know the CAs we trust, then
+ // we can send them down, so that the client can choose
+ // an appropriate certificate to give to us.
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+ hs.finishedHash.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ helloDone := new(serverHelloDoneMsg)
+ hs.finishedHash.Write(helloDone.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloDone.marshal()); err != nil {
+ return err
+ }
+
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+
+ var pub crypto.PublicKey // public key for client auth, if any
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message, even if it's empty.
+ if c.config.ClientAuth >= RequestClientCert {
+ certMsg, ok := msg.(*certificateMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.finishedHash.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(Certificate{
+ Certificate: certMsg.certificates,
+ }); err != nil {
+ return err
+ }
+ if len(certMsg.certificates) != 0 {
+ pub = c.peerCertificates[0].PublicKey
+ }
+
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ }
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ // Get client key exchange
+ ckx, ok := msg.(*clientKeyExchangeMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(ckx, msg)
+ }
+ hs.finishedHash.Write(ckx.marshal())
+
+ preMasterSecret, err := keyAgreement.processClientKeyExchange(c.config, hs.cert, ckx, c.vers)
+ if err != nil {
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.masterSecret = masterFromPreMasterSecret(c.vers, hs.suite, preMasterSecret, hs.clientHello.random, hs.hello.random)
+ if err := c.config.writeKeyLog(keyLogLabelTLS12, hs.clientHello.random, hs.masterSecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ // If we received a client cert in response to our certificate request message,
+ // the client will send us a certificateVerifyMsg immediately after the
+ // clientKeyExchangeMsg. This message is a digest of all preceding
+ // handshake-layer messages that is signed using the private key corresponding
+ // to the client's certificate. This allows us to verify that the client is in
+ // possession of the private key of the certificate.
+ if len(c.peerCertificates) > 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if c.vers >= VersionTLS12 {
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, certReq.supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(pub)
+ if err != nil {
+ c.sendAlert(alertIllegalParameter)
+ return err
+ }
+ }
+
+ signed := hs.finishedHash.hashForClientCertificate(sigType, sigHash, hs.masterSecret)
+ if err := verifyHandshakeSignature(sigType, pub, sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.finishedHash.Write(certVerify.marshal())
+ }
+
+ hs.finishedHash.discardHandshakeBuffer()
+
+ return nil
+}
+
+func (hs *serverHandshakeState) establishKeys() error {
+ c := hs.c
+
+ clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV :=
+ keysFromMasterSecret(c.vers, hs.suite, hs.masterSecret, hs.clientHello.random, hs.hello.random, hs.suite.macLen, hs.suite.keyLen, hs.suite.ivLen)
+
+ var clientCipher, serverCipher interface{}
+ var clientHash, serverHash hash.Hash
+
+ if hs.suite.aead == nil {
+ clientCipher = hs.suite.cipher(clientKey, clientIV, true /* for reading */)
+ clientHash = hs.suite.mac(clientMAC)
+ serverCipher = hs.suite.cipher(serverKey, serverIV, false /* not for reading */)
+ serverHash = hs.suite.mac(serverMAC)
+ } else {
+ clientCipher = hs.suite.aead(clientKey, clientIV)
+ serverCipher = hs.suite.aead(serverKey, serverIV)
+ }
+
+ c.in.prepareCipherSpec(c.vers, clientCipher, clientHash)
+ c.out.prepareCipherSpec(c.vers, serverCipher, serverHash)
+
+ return nil
+}
+
+func (hs *serverHandshakeState) readFinished(out []byte) error {
+ c := hs.c
+
+ if err := c.readChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+ clientFinished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientFinished, msg)
+ }
+
+ verify := hs.finishedHash.clientSum(hs.masterSecret)
+ if len(verify) != len(clientFinished.verifyData) ||
+ subtle.ConstantTimeCompare(verify, clientFinished.verifyData) != 1 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: client's Finished message is incorrect")
+ }
+
+ hs.finishedHash.Write(clientFinished.marshal())
+ copy(out, verify)
+ return nil
+}
+
+func (hs *serverHandshakeState) sendSessionTicket() error {
+ // ticketSupported is set in a resumption handshake if the
+ // ticket from the client was encrypted with an old session
+ // ticket key and thus a refreshed ticket should be sent.
+ if !hs.hello.ticketSupported {
+ return nil
+ }
+
+ c := hs.c
+ m := new(newSessionTicketMsg)
+
+ createdAt := uint64(c.config.time().Unix())
+ if hs.sessionState != nil {
+ // If this is re-wrapping an old key, then keep
+ // the original time it was created.
+ createdAt = hs.sessionState.createdAt
+ }
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionState{
+ vers: c.vers,
+ cipherSuite: hs.suite.id,
+ createdAt: createdAt,
+ masterSecret: hs.masterSecret,
+ certificates: certsFromClient,
+ }
+ var err error
+ m.ticket, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return err
+ }
+
+ hs.finishedHash.Write(m.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeState) sendFinished(out []byte) error {
+ c := hs.c
+
+ if _, err := c.writeRecord(recordTypeChangeCipherSpec, []byte{1}); err != nil {
+ return err
+ }
+
+ finished := new(finishedMsg)
+ finished.verifyData = hs.finishedHash.serverSum(hs.masterSecret)
+ hs.finishedHash.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ copy(out, finished.verifyData)
+
+ return nil
+}
+
+// processCertsFromClient takes a chain of client certificates either from a
+// Certificates message or from a sessionState and verifies them. It returns
+// the public key of the leaf certificate.
+func (c *Conn) processCertsFromClient(certificate Certificate) error {
+ certificates := certificate.Certificate
+ certs := make([]*x509.Certificate, len(certificates))
+ var err error
+ for i, asn1Data := range certificates {
+ if certs[i], err = x509.ParseCertificate(asn1Data); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to parse client certificate: " + err.Error())
+ }
+ }
+
+ if len(certs) == 0 && requiresClientCert(c.config.ClientAuth) {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: client didn't provide a certificate")
+ }
+
+ if c.config.ClientAuth >= VerifyClientCertIfGiven && len(certs) > 0 {
+ opts := x509.VerifyOptions{
+ Roots: c.config.ClientCAs,
+ CurrentTime: c.config.time(),
+ Intermediates: x509.NewCertPool(),
+ KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth},
+ }
+
+ for _, cert := range certs[1:] {
+ opts.Intermediates.AddCert(cert)
+ }
+
+ chains, err := certs[0].Verify(opts)
+ if err != nil {
+ c.sendAlert(alertBadCertificate)
+ return errors.New("tls: failed to verify client certificate: " + err.Error())
+ }
+
+ c.verifiedChains = chains
+ }
+
+ c.peerCertificates = certs
+ c.ocspResponse = certificate.OCSPStaple
+ c.scts = certificate.SignedCertificateTimestamps
+
+ if len(certs) > 0 {
+ switch certs[0].PublicKey.(type) {
+ case *ecdsa.PublicKey, *rsa.PublicKey, ed25519.PublicKey:
+ default:
+ c.sendAlert(alertUnsupportedCertificate)
+ return fmt.Errorf("tls: client certificate contains an unsupported public key of type %T", certs[0].PublicKey)
+ }
+ }
+
+ if c.config.VerifyPeerCertificate != nil {
+ if err := c.config.VerifyPeerCertificate(certificates, c.verifiedChains); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ return nil
+}
+
+func newClientHelloInfo(ctx context.Context, c *Conn, clientHello *clientHelloMsg) *ClientHelloInfo {
+ supportedVersions := clientHello.supportedVersions
+ if len(clientHello.supportedVersions) == 0 {
+ supportedVersions = supportedVersionsFromMax(clientHello.vers)
+ }
+
+ return toClientHelloInfo(&clientHelloInfo{
+ CipherSuites: clientHello.cipherSuites,
+ ServerName: clientHello.serverName,
+ SupportedCurves: clientHello.supportedCurves,
+ SupportedPoints: clientHello.supportedPoints,
+ SignatureSchemes: clientHello.supportedSignatureAlgorithms,
+ SupportedProtos: clientHello.alpnProtocols,
+ SupportedVersions: supportedVersions,
+ Conn: c.conn,
+ config: toConfig(c.config),
+ ctx: ctx,
+ })
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server_tls13.go b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server_tls13.go
new file mode 100644
index 00000000..ee2ce93d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/handshake_server_tls13.go
@@ -0,0 +1,895 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/hmac"
+ "crypto/rsa"
+ "errors"
+ "hash"
+ "io"
+ "sync/atomic"
+ "time"
+)
+
+// maxClientPSKIdentities is the number of client PSK identities the server will
+// attempt to validate. It will ignore the rest not to let cheap ClientHello
+// messages cause too much work in session ticket decryption attempts.
+const maxClientPSKIdentities = 5
+
+type serverHandshakeStateTLS13 struct {
+ c *Conn
+ ctx context.Context
+ clientHello *clientHelloMsg
+ hello *serverHelloMsg
+ alpnNegotiationErr error
+ encryptedExtensions *encryptedExtensionsMsg
+ sentDummyCCS bool
+ usingPSK bool
+ suite *cipherSuiteTLS13
+ cert *Certificate
+ sigAlg SignatureScheme
+ earlySecret []byte
+ sharedKey []byte
+ handshakeSecret []byte
+ masterSecret []byte
+ trafficSecret []byte // client_application_traffic_secret_0
+ transcript hash.Hash
+ clientFinished []byte
+}
+
+func (hs *serverHandshakeStateTLS13) handshake() error {
+ c := hs.c
+
+ // For an overview of the TLS 1.3 handshake, see RFC 8446, Section 2.
+ if err := hs.processClientHello(); err != nil {
+ return err
+ }
+ if err := hs.checkForResumption(); err != nil {
+ return err
+ }
+ if err := hs.pickCertificate(); err != nil {
+ return err
+ }
+ c.buffering = true
+ if err := hs.sendServerParameters(); err != nil {
+ return err
+ }
+ if err := hs.sendServerCertificate(); err != nil {
+ return err
+ }
+ if err := hs.sendServerFinished(); err != nil {
+ return err
+ }
+ // Note that at this point we could start sending application data without
+ // waiting for the client's second flight, but the application might not
+ // expect the lack of replay protection of the ClientHello parameters.
+ if _, err := c.flush(); err != nil {
+ return err
+ }
+ if err := hs.readClientCertificate(); err != nil {
+ return err
+ }
+ if err := hs.readClientFinished(); err != nil {
+ return err
+ }
+
+ atomic.StoreUint32(&c.handshakeStatus, 1)
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) processClientHello() error {
+ c := hs.c
+
+ hs.hello = new(serverHelloMsg)
+ hs.encryptedExtensions = new(encryptedExtensionsMsg)
+
+ // TLS 1.3 froze the ServerHello.legacy_version field, and uses
+ // supported_versions instead. See RFC 8446, sections 4.1.3 and 4.2.1.
+ hs.hello.vers = VersionTLS12
+ hs.hello.supportedVersion = c.vers
+
+ if len(hs.clientHello.supportedVersions) == 0 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client used the legacy version field to negotiate TLS 1.3")
+ }
+
+ // Abort if the client is doing a fallback and landing lower than what we
+ // support. See RFC 7507, which however does not specify the interaction
+ // with supported_versions. The only difference is that with
+ // supported_versions a client has a chance to attempt a [TLS 1.2, TLS 1.4]
+ // handshake in case TLS 1.3 is broken but 1.2 is not. Alas, in that case,
+ // it will have to drop the TLS_FALLBACK_SCSV protection if it falls back to
+ // TLS 1.2, because a TLS 1.3 server would abort here. The situation before
+ // supported_versions was not better because there was just no way to do a
+ // TLS 1.4 handshake without risking the server selecting TLS 1.3.
+ for _, id := range hs.clientHello.cipherSuites {
+ if id == TLS_FALLBACK_SCSV {
+ // Use c.vers instead of max(supported_versions) because an attacker
+ // could defeat this by adding an arbitrary high version otherwise.
+ if c.vers < c.config.maxSupportedVersion() {
+ c.sendAlert(alertInappropriateFallback)
+ return errors.New("tls: client using inappropriate protocol fallback")
+ }
+ break
+ }
+ }
+
+ if len(hs.clientHello.compressionMethods) != 1 ||
+ hs.clientHello.compressionMethods[0] != compressionNone {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: TLS 1.3 client supports illegal compression methods")
+ }
+
+ hs.hello.random = make([]byte, 32)
+ if _, err := io.ReadFull(c.config.rand(), hs.hello.random); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if len(hs.clientHello.secureRenegotiation) != 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: initial handshake had non-empty renegotiation extension")
+ }
+
+ hs.hello.sessionId = hs.clientHello.sessionId
+ hs.hello.compressionMethod = compressionNone
+
+ if hs.suite == nil {
+ var preferenceList []uint16
+ for _, suiteID := range c.config.CipherSuites {
+ for _, suite := range cipherSuitesTLS13 {
+ if suite.id == suiteID {
+ preferenceList = append(preferenceList, suiteID)
+ break
+ }
+ }
+ }
+ if len(preferenceList) == 0 {
+ preferenceList = defaultCipherSuitesTLS13
+ if !hasAESGCMHardwareSupport || !aesgcmPreferred(hs.clientHello.cipherSuites) {
+ preferenceList = defaultCipherSuitesTLS13NoAES
+ }
+ }
+ for _, suiteID := range preferenceList {
+ hs.suite = mutualCipherSuiteTLS13(hs.clientHello.cipherSuites, suiteID)
+ if hs.suite != nil {
+ break
+ }
+ }
+ }
+ if hs.suite == nil {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no cipher suite supported by both client and server")
+ }
+ c.cipherSuite = hs.suite.id
+ hs.hello.cipherSuite = hs.suite.id
+ hs.transcript = hs.suite.hash.New()
+
+ // Pick the ECDHE group in server preference order, but give priority to
+ // groups with a key share, to avoid a HelloRetryRequest round-trip.
+ var selectedGroup CurveID
+ var clientKeyShare *keyShare
+GroupSelection:
+ for _, preferredGroup := range c.config.curvePreferences() {
+ for _, ks := range hs.clientHello.keyShares {
+ if ks.group == preferredGroup {
+ selectedGroup = ks.group
+ clientKeyShare = &ks
+ break GroupSelection
+ }
+ }
+ if selectedGroup != 0 {
+ continue
+ }
+ for _, group := range hs.clientHello.supportedCurves {
+ if group == preferredGroup {
+ selectedGroup = group
+ break
+ }
+ }
+ }
+ if selectedGroup == 0 {
+ c.sendAlert(alertHandshakeFailure)
+ return errors.New("tls: no ECDHE curve supported by both client and server")
+ }
+ if clientKeyShare == nil {
+ if err := hs.doHelloRetryRequest(selectedGroup); err != nil {
+ return err
+ }
+ clientKeyShare = &hs.clientHello.keyShares[0]
+ }
+
+ if _, ok := curveForCurveID(selectedGroup); selectedGroup != X25519 && !ok {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+ params, err := generateECDHEParameters(c.config.rand(), selectedGroup)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ hs.hello.serverShare = keyShare{group: selectedGroup, data: params.PublicKey()}
+ hs.sharedKey = params.SharedKey(clientKeyShare.data)
+ if hs.sharedKey == nil {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid client key share")
+ }
+
+ c.serverName = hs.clientHello.serverName
+
+ if c.extraConfig != nil && c.extraConfig.ReceivedExtensions != nil {
+ c.extraConfig.ReceivedExtensions(typeClientHello, hs.clientHello.additionalExtensions)
+ }
+
+ selectedProto, err := negotiateALPN(c.config.NextProtos, hs.clientHello.alpnProtocols)
+ if err != nil {
+ hs.alpnNegotiationErr = err
+ }
+ hs.encryptedExtensions.alpnProtocol = selectedProto
+ c.clientProtocol = selectedProto
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) checkForResumption() error {
+ c := hs.c
+
+ if c.config.SessionTicketsDisabled {
+ return nil
+ }
+
+ modeOK := false
+ for _, mode := range hs.clientHello.pskModes {
+ if mode == pskModeDHE {
+ modeOK = true
+ break
+ }
+ }
+ if !modeOK {
+ return nil
+ }
+
+ if len(hs.clientHello.pskIdentities) != len(hs.clientHello.pskBinders) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: invalid or missing PSK binders")
+ }
+ if len(hs.clientHello.pskIdentities) == 0 {
+ return nil
+ }
+
+ for i, identity := range hs.clientHello.pskIdentities {
+ if i >= maxClientPSKIdentities {
+ break
+ }
+
+ plaintext, _ := c.decryptTicket(identity.label)
+ if plaintext == nil {
+ continue
+ }
+ sessionState := new(sessionStateTLS13)
+ if ok := sessionState.unmarshal(plaintext); !ok {
+ continue
+ }
+
+ if hs.clientHello.earlyData {
+ if sessionState.maxEarlyData == 0 {
+ c.sendAlert(alertUnsupportedExtension)
+ return errors.New("tls: client sent unexpected early data")
+ }
+
+ if hs.alpnNegotiationErr == nil && sessionState.alpn == c.clientProtocol &&
+ c.extraConfig != nil && c.extraConfig.MaxEarlyData > 0 &&
+ c.extraConfig.Accept0RTT != nil && c.extraConfig.Accept0RTT(sessionState.appData) {
+ hs.encryptedExtensions.earlyData = true
+ c.used0RTT = true
+ }
+ }
+
+ createdAt := time.Unix(int64(sessionState.createdAt), 0)
+ if c.config.time().Sub(createdAt) > maxSessionTicketLifetime {
+ continue
+ }
+
+ // We don't check the obfuscated ticket age because it's affected by
+ // clock skew and it's only a freshness signal useful for shrinking the
+ // window for replay attacks, which don't affect us as we don't do 0-RTT.
+
+ pskSuite := cipherSuiteTLS13ByID(sessionState.cipherSuite)
+ if pskSuite == nil || pskSuite.hash != hs.suite.hash {
+ continue
+ }
+
+ // PSK connections don't re-establish client certificates, but carry
+ // them over in the session ticket. Ensure the presence of client certs
+ // in the ticket is consistent with the configured requirements.
+ sessionHasClientCerts := len(sessionState.certificate.Certificate) != 0
+ needClientCerts := requiresClientCert(c.config.ClientAuth)
+ if needClientCerts && !sessionHasClientCerts {
+ continue
+ }
+ if sessionHasClientCerts && c.config.ClientAuth == NoClientCert {
+ continue
+ }
+
+ psk := hs.suite.expandLabel(sessionState.resumptionSecret, "resumption",
+ nil, hs.suite.hash.Size())
+ hs.earlySecret = hs.suite.extract(psk, nil)
+ binderKey := hs.suite.deriveSecret(hs.earlySecret, resumptionBinderLabel, nil)
+ // Clone the transcript in case a HelloRetryRequest was recorded.
+ transcript := cloneHash(hs.transcript, hs.suite.hash)
+ if transcript == nil {
+ c.sendAlert(alertInternalError)
+ return errors.New("tls: internal error: failed to clone hash")
+ }
+ transcript.Write(hs.clientHello.marshalWithoutBinders())
+ pskBinder := hs.suite.finishedHash(binderKey, transcript)
+ if !hmac.Equal(hs.clientHello.pskBinders[i], pskBinder) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid PSK binder")
+ }
+
+ c.didResume = true
+ if err := c.processCertsFromClient(sessionState.certificate); err != nil {
+ return err
+ }
+
+ h := cloneHash(hs.transcript, hs.suite.hash)
+ h.Write(hs.clientHello.marshal())
+ if hs.encryptedExtensions.earlyData {
+ clientEarlySecret := hs.suite.deriveSecret(hs.earlySecret, "c e traffic", h)
+ c.in.exportKey(Encryption0RTT, hs.suite, clientEarlySecret)
+ if err := c.config.writeKeyLog(keyLogLabelEarlyTraffic, hs.clientHello.random, clientEarlySecret); err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ }
+
+ hs.hello.selectedIdentityPresent = true
+ hs.hello.selectedIdentity = uint16(i)
+ hs.usingPSK = true
+ return nil
+ }
+
+ return nil
+}
+
+// cloneHash uses the encoding.BinaryMarshaler and encoding.BinaryUnmarshaler
+// interfaces implemented by standard library hashes to clone the state of in
+// to a new instance of h. It returns nil if the operation fails.
+func cloneHash(in hash.Hash, h crypto.Hash) hash.Hash {
+ // Recreate the interface to avoid importing encoding.
+ type binaryMarshaler interface {
+ MarshalBinary() (data []byte, err error)
+ UnmarshalBinary(data []byte) error
+ }
+ marshaler, ok := in.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ state, err := marshaler.MarshalBinary()
+ if err != nil {
+ return nil
+ }
+ out := h.New()
+ unmarshaler, ok := out.(binaryMarshaler)
+ if !ok {
+ return nil
+ }
+ if err := unmarshaler.UnmarshalBinary(state); err != nil {
+ return nil
+ }
+ return out
+}
+
+func (hs *serverHandshakeStateTLS13) pickCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ // signature_algorithms is required in TLS 1.3. See RFC 8446, Section 4.2.3.
+ if len(hs.clientHello.supportedSignatureAlgorithms) == 0 {
+ return c.sendAlert(alertMissingExtension)
+ }
+
+ certificate, err := c.config.getCertificate(newClientHelloInfo(hs.ctx, c, hs.clientHello))
+ if err != nil {
+ if err == errNoCertificates {
+ c.sendAlert(alertUnrecognizedName)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return err
+ }
+ hs.sigAlg, err = selectSignatureScheme(c.vers, certificate, hs.clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ // getCertificate returned a certificate that is unsupported or
+ // incompatible with the client's signature algorithms.
+ c.sendAlert(alertHandshakeFailure)
+ return err
+ }
+ hs.cert = certificate
+
+ return nil
+}
+
+// sendDummyChangeCipherSpec sends a ChangeCipherSpec record for compatibility
+// with middleboxes that didn't implement TLS correctly. See RFC 8446, Appendix D.4.
+func (hs *serverHandshakeStateTLS13) sendDummyChangeCipherSpec() error {
+ if hs.sentDummyCCS {
+ return nil
+ }
+ hs.sentDummyCCS = true
+
+ _, err := hs.c.writeRecord(recordTypeChangeCipherSpec, []byte{1})
+ return err
+}
+
+func (hs *serverHandshakeStateTLS13) doHelloRetryRequest(selectedGroup CurveID) error {
+ c := hs.c
+
+ // The first ClientHello gets double-hashed into the transcript upon a
+ // HelloRetryRequest. See RFC 8446, Section 4.4.1.
+ hs.transcript.Write(hs.clientHello.marshal())
+ chHash := hs.transcript.Sum(nil)
+ hs.transcript.Reset()
+ hs.transcript.Write([]byte{typeMessageHash, 0, 0, uint8(len(chHash))})
+ hs.transcript.Write(chHash)
+
+ helloRetryRequest := &serverHelloMsg{
+ vers: hs.hello.vers,
+ random: helloRetryRequestRandom,
+ sessionId: hs.hello.sessionId,
+ cipherSuite: hs.hello.cipherSuite,
+ compressionMethod: hs.hello.compressionMethod,
+ supportedVersion: hs.hello.supportedVersion,
+ selectedGroup: selectedGroup,
+ }
+
+ hs.transcript.Write(helloRetryRequest.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, helloRetryRequest.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ clientHello, ok := msg.(*clientHelloMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(clientHello, msg)
+ }
+
+ if len(clientHello.keyShares) != 1 || clientHello.keyShares[0].group != selectedGroup {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client sent invalid key share in second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client indicated early data in second ClientHello")
+ }
+
+ if illegalClientHelloChange(clientHello, hs.clientHello) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client illegally modified second ClientHello")
+ }
+
+ if clientHello.earlyData {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client offered 0-RTT data in second ClientHello")
+ }
+
+ hs.clientHello = clientHello
+ return nil
+}
+
+// illegalClientHelloChange reports whether the two ClientHello messages are
+// different, with the exception of the changes allowed before and after a
+// HelloRetryRequest. See RFC 8446, Section 4.1.2.
+func illegalClientHelloChange(ch, ch1 *clientHelloMsg) bool {
+ if len(ch.supportedVersions) != len(ch1.supportedVersions) ||
+ len(ch.cipherSuites) != len(ch1.cipherSuites) ||
+ len(ch.supportedCurves) != len(ch1.supportedCurves) ||
+ len(ch.supportedSignatureAlgorithms) != len(ch1.supportedSignatureAlgorithms) ||
+ len(ch.supportedSignatureAlgorithmsCert) != len(ch1.supportedSignatureAlgorithmsCert) ||
+ len(ch.alpnProtocols) != len(ch1.alpnProtocols) {
+ return true
+ }
+ for i := range ch.supportedVersions {
+ if ch.supportedVersions[i] != ch1.supportedVersions[i] {
+ return true
+ }
+ }
+ for i := range ch.cipherSuites {
+ if ch.cipherSuites[i] != ch1.cipherSuites[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedCurves {
+ if ch.supportedCurves[i] != ch1.supportedCurves[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithms {
+ if ch.supportedSignatureAlgorithms[i] != ch1.supportedSignatureAlgorithms[i] {
+ return true
+ }
+ }
+ for i := range ch.supportedSignatureAlgorithmsCert {
+ if ch.supportedSignatureAlgorithmsCert[i] != ch1.supportedSignatureAlgorithmsCert[i] {
+ return true
+ }
+ }
+ for i := range ch.alpnProtocols {
+ if ch.alpnProtocols[i] != ch1.alpnProtocols[i] {
+ return true
+ }
+ }
+ return ch.vers != ch1.vers ||
+ !bytes.Equal(ch.random, ch1.random) ||
+ !bytes.Equal(ch.sessionId, ch1.sessionId) ||
+ !bytes.Equal(ch.compressionMethods, ch1.compressionMethods) ||
+ ch.serverName != ch1.serverName ||
+ ch.ocspStapling != ch1.ocspStapling ||
+ !bytes.Equal(ch.supportedPoints, ch1.supportedPoints) ||
+ ch.ticketSupported != ch1.ticketSupported ||
+ !bytes.Equal(ch.sessionTicket, ch1.sessionTicket) ||
+ ch.secureRenegotiationSupported != ch1.secureRenegotiationSupported ||
+ !bytes.Equal(ch.secureRenegotiation, ch1.secureRenegotiation) ||
+ ch.scts != ch1.scts ||
+ !bytes.Equal(ch.cookie, ch1.cookie) ||
+ !bytes.Equal(ch.pskModes, ch1.pskModes)
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerParameters() error {
+ c := hs.c
+
+ hs.transcript.Write(hs.clientHello.marshal())
+ hs.transcript.Write(hs.hello.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.hello.marshal()); err != nil {
+ return err
+ }
+
+ if err := hs.sendDummyChangeCipherSpec(); err != nil {
+ return err
+ }
+
+ earlySecret := hs.earlySecret
+ if earlySecret == nil {
+ earlySecret = hs.suite.extract(nil, nil)
+ }
+ hs.handshakeSecret = hs.suite.extract(hs.sharedKey,
+ hs.suite.deriveSecret(earlySecret, "derived", nil))
+
+ clientSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ clientHandshakeTrafficLabel, hs.transcript)
+ c.in.exportKey(EncryptionHandshake, hs.suite, clientSecret)
+ c.in.setTrafficSecret(hs.suite, clientSecret)
+ serverSecret := hs.suite.deriveSecret(hs.handshakeSecret,
+ serverHandshakeTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionHandshake, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientHandshake, hs.clientHello.random, clientSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerHandshake, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ if hs.alpnNegotiationErr != nil {
+ c.sendAlert(alertNoApplicationProtocol)
+ return hs.alpnNegotiationErr
+ }
+ if hs.c.extraConfig != nil && hs.c.extraConfig.GetExtensions != nil {
+ hs.encryptedExtensions.additionalExtensions = hs.c.extraConfig.GetExtensions(typeEncryptedExtensions)
+ }
+
+ hs.transcript.Write(hs.encryptedExtensions.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, hs.encryptedExtensions.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) requestClientCert() bool {
+ return hs.c.config.ClientAuth >= RequestClientCert && !hs.usingPSK
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerCertificate() error {
+ c := hs.c
+
+ // Only one of PSK and certificates are used at a time.
+ if hs.usingPSK {
+ return nil
+ }
+
+ if hs.requestClientCert() {
+ // Request a client certificate
+ certReq := new(certificateRequestMsgTLS13)
+ certReq.ocspStapling = true
+ certReq.scts = true
+ certReq.supportedSignatureAlgorithms = supportedSignatureAlgorithms
+ if c.config.ClientCAs != nil {
+ certReq.certificateAuthorities = c.config.ClientCAs.Subjects()
+ }
+
+ hs.transcript.Write(certReq.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certReq.marshal()); err != nil {
+ return err
+ }
+ }
+
+ certMsg := new(certificateMsgTLS13)
+
+ certMsg.certificate = *hs.cert
+ certMsg.scts = hs.clientHello.scts && len(hs.cert.SignedCertificateTimestamps) > 0
+ certMsg.ocspStapling = hs.clientHello.ocspStapling && len(hs.cert.OCSPStaple) > 0
+
+ hs.transcript.Write(certMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certMsg.marshal()); err != nil {
+ return err
+ }
+
+ certVerifyMsg := new(certificateVerifyMsg)
+ certVerifyMsg.hasSignatureAlgorithm = true
+ certVerifyMsg.signatureAlgorithm = hs.sigAlg
+
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(hs.sigAlg)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+
+ signed := signedMessage(sigHash, serverSignatureContext, hs.transcript)
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := hs.cert.PrivateKey.(crypto.Signer).Sign(c.config.rand(), signed, signOpts)
+ if err != nil {
+ public := hs.cert.PrivateKey.(crypto.Signer).Public()
+ if rsaKey, ok := public.(*rsa.PublicKey); ok && sigType == signatureRSAPSS &&
+ rsaKey.N.BitLen()/8 < sigHash.Size()*2+2 { // key too small for RSA-PSS
+ c.sendAlert(alertHandshakeFailure)
+ } else {
+ c.sendAlert(alertInternalError)
+ }
+ return errors.New("tls: failed to sign handshake: " + err.Error())
+ }
+ certVerifyMsg.signature = sig
+
+ hs.transcript.Write(certVerifyMsg.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, certVerifyMsg.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) sendServerFinished() error {
+ c := hs.c
+
+ finished := &finishedMsg{
+ verifyData: hs.suite.finishedHash(c.out.trafficSecret, hs.transcript),
+ }
+
+ hs.transcript.Write(finished.marshal())
+ if _, err := c.writeRecord(recordTypeHandshake, finished.marshal()); err != nil {
+ return err
+ }
+
+ // Derive secrets that take context through the server Finished.
+
+ hs.masterSecret = hs.suite.extract(nil,
+ hs.suite.deriveSecret(hs.handshakeSecret, "derived", nil))
+
+ hs.trafficSecret = hs.suite.deriveSecret(hs.masterSecret,
+ clientApplicationTrafficLabel, hs.transcript)
+ serverSecret := hs.suite.deriveSecret(hs.masterSecret,
+ serverApplicationTrafficLabel, hs.transcript)
+ c.out.exportKey(EncryptionApplication, hs.suite, serverSecret)
+ c.out.setTrafficSecret(hs.suite, serverSecret)
+
+ err := c.config.writeKeyLog(keyLogLabelClientTraffic, hs.clientHello.random, hs.trafficSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+ err = c.config.writeKeyLog(keyLogLabelServerTraffic, hs.clientHello.random, serverSecret)
+ if err != nil {
+ c.sendAlert(alertInternalError)
+ return err
+ }
+
+ c.ekm = hs.suite.exportKeyingMaterial(hs.masterSecret, hs.transcript)
+
+ // If we did not request client certificates, at this point we can
+ // precompute the client finished and roll the transcript forward to send
+ // session tickets in our first flight.
+ if !hs.requestClientCert() {
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) shouldSendSessionTickets() bool {
+ if hs.c.config.SessionTicketsDisabled {
+ return false
+ }
+
+ // Don't send tickets the client wouldn't use. See RFC 8446, Section 4.2.9.
+ for _, pskMode := range hs.clientHello.pskModes {
+ if pskMode == pskModeDHE {
+ return true
+ }
+ }
+ return false
+}
+
+func (hs *serverHandshakeStateTLS13) sendSessionTickets() error {
+ c := hs.c
+
+ hs.clientFinished = hs.suite.finishedHash(c.in.trafficSecret, hs.transcript)
+ finishedMsg := &finishedMsg{
+ verifyData: hs.clientFinished,
+ }
+ hs.transcript.Write(finishedMsg.marshal())
+
+ if !hs.shouldSendSessionTickets() {
+ return nil
+ }
+
+ c.resumptionSecret = hs.suite.deriveSecret(hs.masterSecret,
+ resumptionLabel, hs.transcript)
+
+ // Don't send session tickets when the alternative record layer is set.
+ // Instead, save the resumption secret on the Conn.
+ // Session tickets can then be generated by calling Conn.GetSessionTicket().
+ if hs.c.extraConfig != nil && hs.c.extraConfig.AlternativeRecordLayer != nil {
+ return nil
+ }
+
+ m, err := hs.c.getSessionTicketMsg(nil)
+ if err != nil {
+ return err
+ }
+ if _, err := c.writeRecord(recordTypeHandshake, m.marshal()); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientCertificate() error {
+ c := hs.c
+
+ if !hs.requestClientCert() {
+ // Make sure the connection is still being verified whether or not
+ // the server requested a client certificate.
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+ return nil
+ }
+
+ // If we requested a client certificate, then the client must send a
+ // certificate message. If it's empty, no CertificateVerify is sent.
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certMsg, ok := msg.(*certificateMsgTLS13)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certMsg, msg)
+ }
+ hs.transcript.Write(certMsg.marshal())
+
+ if err := c.processCertsFromClient(certMsg.certificate); err != nil {
+ return err
+ }
+
+ if c.config.VerifyConnection != nil {
+ if err := c.config.VerifyConnection(c.connectionStateLocked()); err != nil {
+ c.sendAlert(alertBadCertificate)
+ return err
+ }
+ }
+
+ if len(certMsg.certificate.Certificate) != 0 {
+ msg, err = c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ certVerify, ok := msg.(*certificateVerifyMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(certVerify, msg)
+ }
+
+ // See RFC 8446, Section 4.4.3.
+ if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms) {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err := typeAndHashFromSignatureScheme(certVerify.signatureAlgorithm)
+ if err != nil {
+ return c.sendAlert(alertInternalError)
+ }
+ if sigType == signaturePKCS1v15 || sigHash == crypto.SHA1 {
+ c.sendAlert(alertIllegalParameter)
+ return errors.New("tls: client certificate used with invalid signature algorithm")
+ }
+ signed := signedMessage(sigHash, clientSignatureContext, hs.transcript)
+ if err := verifyHandshakeSignature(sigType, c.peerCertificates[0].PublicKey,
+ sigHash, signed, certVerify.signature); err != nil {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid signature by the client certificate: " + err.Error())
+ }
+
+ hs.transcript.Write(certVerify.marshal())
+ }
+
+ // If we waited until the client certificates to send session tickets, we
+ // are ready to do it now.
+ if err := hs.sendSessionTickets(); err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func (hs *serverHandshakeStateTLS13) readClientFinished() error {
+ c := hs.c
+
+ msg, err := c.readHandshake()
+ if err != nil {
+ return err
+ }
+
+ finished, ok := msg.(*finishedMsg)
+ if !ok {
+ c.sendAlert(alertUnexpectedMessage)
+ return unexpectedMessageError(finished, msg)
+ }
+
+ if !hmac.Equal(hs.clientFinished, finished.verifyData) {
+ c.sendAlert(alertDecryptError)
+ return errors.New("tls: invalid client finished hash")
+ }
+
+ c.in.exportKey(EncryptionApplication, hs.suite, hs.trafficSecret)
+ c.in.setTrafficSecret(hs.suite, hs.trafficSecret)
+
+ return nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/key_agreement.go b/vendor/github.com/marten-seemann/qtls-go1-17/key_agreement.go
new file mode 100644
index 00000000..80886efa
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/key_agreement.go
@@ -0,0 +1,353 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/md5"
+ "crypto/rsa"
+ "crypto/sha1"
+ "crypto/x509"
+ "errors"
+ "fmt"
+ "io"
+)
+
+// a keyAgreement implements the client and server side of a TLS key agreement
+// protocol by generating and processing key exchange messages.
+type keyAgreement interface {
+ // On the server side, the first two methods are called in order.
+
+ // In the case that the key agreement protocol doesn't use a
+ // ServerKeyExchange message, generateServerKeyExchange can return nil,
+ // nil.
+ generateServerKeyExchange(*config, *Certificate, *clientHelloMsg, *serverHelloMsg) (*serverKeyExchangeMsg, error)
+ processClientKeyExchange(*config, *Certificate, *clientKeyExchangeMsg, uint16) ([]byte, error)
+
+ // On the client side, the next two methods are called in order.
+
+ // This method may not be called if the server doesn't send a
+ // ServerKeyExchange message.
+ processServerKeyExchange(*config, *clientHelloMsg, *serverHelloMsg, *x509.Certificate, *serverKeyExchangeMsg) error
+ generateClientKeyExchange(*config, *clientHelloMsg, *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error)
+}
+
+var errClientKeyExchange = errors.New("tls: invalid ClientKeyExchange message")
+var errServerKeyExchange = errors.New("tls: invalid ServerKeyExchange message")
+
+// rsaKeyAgreement implements the standard TLS key agreement where the client
+// encrypts the pre-master secret to the server's public key.
+type rsaKeyAgreement struct{}
+
+func (ka rsaKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ return nil, nil
+}
+
+func (ka rsaKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) < 2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1])
+ if ciphertextLen != len(ckx.ciphertext)-2 {
+ return nil, errClientKeyExchange
+ }
+ ciphertext := ckx.ciphertext[2:]
+
+ priv, ok := cert.PrivateKey.(crypto.Decrypter)
+ if !ok {
+ return nil, errors.New("tls: certificate private key does not implement crypto.Decrypter")
+ }
+ // Perform constant time RSA PKCS #1 v1.5 decryption
+ preMasterSecret, err := priv.Decrypt(config.rand(), ciphertext, &rsa.PKCS1v15DecryptOptions{SessionKeyLen: 48})
+ if err != nil {
+ return nil, err
+ }
+ // We don't check the version number in the premaster secret. For one,
+ // by checking it, we would leak information about the validity of the
+ // encrypted pre-master secret. Secondly, it provides only a small
+ // benefit against a downgrade attack and some implementations send the
+ // wrong version anyway. See the discussion at the end of section
+ // 7.4.7.1 of RFC 4346.
+ return preMasterSecret, nil
+}
+
+func (ka rsaKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ return errors.New("tls: unexpected ServerKeyExchange")
+}
+
+func (ka rsaKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ preMasterSecret := make([]byte, 48)
+ preMasterSecret[0] = byte(clientHello.vers >> 8)
+ preMasterSecret[1] = byte(clientHello.vers)
+ _, err := io.ReadFull(config.rand(), preMasterSecret[2:])
+ if err != nil {
+ return nil, nil, err
+ }
+
+ encrypted, err := rsa.EncryptPKCS1v15(config.rand(), cert.PublicKey.(*rsa.PublicKey), preMasterSecret)
+ if err != nil {
+ return nil, nil, err
+ }
+ ckx := new(clientKeyExchangeMsg)
+ ckx.ciphertext = make([]byte, len(encrypted)+2)
+ ckx.ciphertext[0] = byte(len(encrypted) >> 8)
+ ckx.ciphertext[1] = byte(len(encrypted))
+ copy(ckx.ciphertext[2:], encrypted)
+ return preMasterSecret, ckx, nil
+}
+
+// sha1Hash calculates a SHA1 hash over the given byte slices.
+func sha1Hash(slices [][]byte) []byte {
+ hsha1 := sha1.New()
+ for _, slice := range slices {
+ hsha1.Write(slice)
+ }
+ return hsha1.Sum(nil)
+}
+
+// md5SHA1Hash implements TLS 1.0's hybrid hash function which consists of the
+// concatenation of an MD5 and SHA1 hash.
+func md5SHA1Hash(slices [][]byte) []byte {
+ md5sha1 := make([]byte, md5.Size+sha1.Size)
+ hmd5 := md5.New()
+ for _, slice := range slices {
+ hmd5.Write(slice)
+ }
+ copy(md5sha1, hmd5.Sum(nil))
+ copy(md5sha1[md5.Size:], sha1Hash(slices))
+ return md5sha1
+}
+
+// hashForServerKeyExchange hashes the given slices and returns their digest
+// using the given hash function (for >= TLS 1.2) or using a default based on
+// the sigType (for earlier TLS versions). For Ed25519 signatures, which don't
+// do pre-hashing, it returns the concatenation of the slices.
+func hashForServerKeyExchange(sigType uint8, hashFunc crypto.Hash, version uint16, slices ...[]byte) []byte {
+ if sigType == signatureEd25519 {
+ var signed []byte
+ for _, slice := range slices {
+ signed = append(signed, slice...)
+ }
+ return signed
+ }
+ if version >= VersionTLS12 {
+ h := hashFunc.New()
+ for _, slice := range slices {
+ h.Write(slice)
+ }
+ digest := h.Sum(nil)
+ return digest
+ }
+ if sigType == signatureECDSA {
+ return sha1Hash(slices)
+ }
+ return md5SHA1Hash(slices)
+}
+
+// ecdheKeyAgreement implements a TLS key agreement where the server
+// generates an ephemeral EC public/private key pair and signs it. The
+// pre-master secret is then calculated using ECDH. The signature may
+// be ECDSA, Ed25519 or RSA.
+type ecdheKeyAgreement struct {
+ version uint16
+ isRSA bool
+ params ecdheParameters
+
+ // ckx and preMasterSecret are generated in processServerKeyExchange
+ // and returned in generateClientKeyExchange.
+ ckx *clientKeyExchangeMsg
+ preMasterSecret []byte
+}
+
+func (ka *ecdheKeyAgreement) generateServerKeyExchange(config *config, cert *Certificate, clientHello *clientHelloMsg, hello *serverHelloMsg) (*serverKeyExchangeMsg, error) {
+ var curveID CurveID
+ for _, c := range clientHello.supportedCurves {
+ if config.supportsCurve(c) {
+ curveID = c
+ break
+ }
+ }
+
+ if curveID == 0 {
+ return nil, errors.New("tls: no supported elliptic curves offered")
+ }
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return nil, errors.New("tls: CurvePreferences includes unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return nil, err
+ }
+ ka.params = params
+
+ // See RFC 4492, Section 5.4.
+ ecdhePublic := params.PublicKey()
+ serverECDHEParams := make([]byte, 1+2+1+len(ecdhePublic))
+ serverECDHEParams[0] = 3 // named curve
+ serverECDHEParams[1] = byte(curveID >> 8)
+ serverECDHEParams[2] = byte(curveID)
+ serverECDHEParams[3] = byte(len(ecdhePublic))
+ copy(serverECDHEParams[4:], ecdhePublic)
+
+ priv, ok := cert.PrivateKey.(crypto.Signer)
+ if !ok {
+ return nil, fmt.Errorf("tls: certificate private key of type %T does not implement crypto.Signer", cert.PrivateKey)
+ }
+
+ var signatureAlgorithm SignatureScheme
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm, err = selectSignatureScheme(ka.version, cert, clientHello.supportedSignatureAlgorithms)
+ if err != nil {
+ return nil, err
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return nil, err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(priv.Public())
+ if err != nil {
+ return nil, err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return nil, errors.New("tls: certificate cannot be used with the selected cipher suite")
+ }
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, hello.random, serverECDHEParams)
+
+ signOpts := crypto.SignerOpts(sigHash)
+ if sigType == signatureRSAPSS {
+ signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: sigHash}
+ }
+ sig, err := priv.Sign(config.rand(), signed, signOpts)
+ if err != nil {
+ return nil, errors.New("tls: failed to sign ECDHE parameters: " + err.Error())
+ }
+
+ skx := new(serverKeyExchangeMsg)
+ sigAndHashLen := 0
+ if ka.version >= VersionTLS12 {
+ sigAndHashLen = 2
+ }
+ skx.key = make([]byte, len(serverECDHEParams)+sigAndHashLen+2+len(sig))
+ copy(skx.key, serverECDHEParams)
+ k := skx.key[len(serverECDHEParams):]
+ if ka.version >= VersionTLS12 {
+ k[0] = byte(signatureAlgorithm >> 8)
+ k[1] = byte(signatureAlgorithm)
+ k = k[2:]
+ }
+ k[0] = byte(len(sig) >> 8)
+ k[1] = byte(len(sig))
+ copy(k[2:], sig)
+
+ return skx, nil
+}
+
+func (ka *ecdheKeyAgreement) processClientKeyExchange(config *config, cert *Certificate, ckx *clientKeyExchangeMsg, version uint16) ([]byte, error) {
+ if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
+ return nil, errClientKeyExchange
+ }
+
+ preMasterSecret := ka.params.SharedKey(ckx.ciphertext[1:])
+ if preMasterSecret == nil {
+ return nil, errClientKeyExchange
+ }
+
+ return preMasterSecret, nil
+}
+
+func (ka *ecdheKeyAgreement) processServerKeyExchange(config *config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) error {
+ if len(skx.key) < 4 {
+ return errServerKeyExchange
+ }
+ if skx.key[0] != 3 { // named curve
+ return errors.New("tls: server selected unsupported curve")
+ }
+ curveID := CurveID(skx.key[1])<<8 | CurveID(skx.key[2])
+
+ publicLen := int(skx.key[3])
+ if publicLen+4 > len(skx.key) {
+ return errServerKeyExchange
+ }
+ serverECDHEParams := skx.key[:4+publicLen]
+ publicKey := serverECDHEParams[4:]
+
+ sig := skx.key[4+publicLen:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if _, ok := curveForCurveID(curveID); curveID != X25519 && !ok {
+ return errors.New("tls: server selected unsupported curve")
+ }
+
+ params, err := generateECDHEParameters(config.rand(), curveID)
+ if err != nil {
+ return err
+ }
+ ka.params = params
+
+ ka.preMasterSecret = params.SharedKey(publicKey)
+ if ka.preMasterSecret == nil {
+ return errServerKeyExchange
+ }
+
+ ourPublicKey := params.PublicKey()
+ ka.ckx = new(clientKeyExchangeMsg)
+ ka.ckx.ciphertext = make([]byte, 1+len(ourPublicKey))
+ ka.ckx.ciphertext[0] = byte(len(ourPublicKey))
+ copy(ka.ckx.ciphertext[1:], ourPublicKey)
+
+ var sigType uint8
+ var sigHash crypto.Hash
+ if ka.version >= VersionTLS12 {
+ signatureAlgorithm := SignatureScheme(sig[0])<<8 | SignatureScheme(sig[1])
+ sig = sig[2:]
+ if len(sig) < 2 {
+ return errServerKeyExchange
+ }
+
+ if !isSupportedSignatureAlgorithm(signatureAlgorithm, clientHello.supportedSignatureAlgorithms) {
+ return errors.New("tls: certificate used with invalid signature algorithm")
+ }
+ sigType, sigHash, err = typeAndHashFromSignatureScheme(signatureAlgorithm)
+ if err != nil {
+ return err
+ }
+ } else {
+ sigType, sigHash, err = legacyTypeAndHashFromPublicKey(cert.PublicKey)
+ if err != nil {
+ return err
+ }
+ }
+ if (sigType == signaturePKCS1v15 || sigType == signatureRSAPSS) != ka.isRSA {
+ return errServerKeyExchange
+ }
+
+ sigLen := int(sig[0])<<8 | int(sig[1])
+ if sigLen+2 != len(sig) {
+ return errServerKeyExchange
+ }
+ sig = sig[2:]
+
+ signed := hashForServerKeyExchange(sigType, sigHash, ka.version, clientHello.random, serverHello.random, serverECDHEParams)
+ if err := verifyHandshakeSignature(sigType, cert.PublicKey, sigHash, signed, sig); err != nil {
+ return errors.New("tls: invalid signature by the server certificate: " + err.Error())
+ }
+ return nil
+}
+
+func (ka *ecdheKeyAgreement) generateClientKeyExchange(config *config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, error) {
+ if ka.ckx == nil {
+ return nil, nil, errors.New("tls: missing ServerKeyExchange message")
+ }
+
+ return ka.preMasterSecret, ka.ckx, nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/key_schedule.go b/vendor/github.com/marten-seemann/qtls-go1-17/key_schedule.go
new file mode 100644
index 00000000..da13904a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/key_schedule.go
@@ -0,0 +1,199 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto/elliptic"
+ "crypto/hmac"
+ "errors"
+ "hash"
+ "io"
+ "math/big"
+
+ "golang.org/x/crypto/cryptobyte"
+ "golang.org/x/crypto/curve25519"
+ "golang.org/x/crypto/hkdf"
+)
+
+// This file contains the functions necessary to compute the TLS 1.3 key
+// schedule. See RFC 8446, Section 7.
+
+const (
+ resumptionBinderLabel = "res binder"
+ clientHandshakeTrafficLabel = "c hs traffic"
+ serverHandshakeTrafficLabel = "s hs traffic"
+ clientApplicationTrafficLabel = "c ap traffic"
+ serverApplicationTrafficLabel = "s ap traffic"
+ exporterLabel = "exp master"
+ resumptionLabel = "res master"
+ trafficUpdateLabel = "traffic upd"
+)
+
+// expandLabel implements HKDF-Expand-Label from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) expandLabel(secret []byte, label string, context []byte, length int) []byte {
+ var hkdfLabel cryptobyte.Builder
+ hkdfLabel.AddUint16(uint16(length))
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte("tls13 "))
+ b.AddBytes([]byte(label))
+ })
+ hkdfLabel.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(context)
+ })
+ out := make([]byte, length)
+ n, err := hkdf.Expand(c.hash.New, secret, hkdfLabel.BytesOrPanic()).Read(out)
+ if err != nil || n != length {
+ panic("tls: HKDF-Expand-Label invocation failed unexpectedly")
+ }
+ return out
+}
+
+// deriveSecret implements Derive-Secret from RFC 8446, Section 7.1.
+func (c *cipherSuiteTLS13) deriveSecret(secret []byte, label string, transcript hash.Hash) []byte {
+ if transcript == nil {
+ transcript = c.hash.New()
+ }
+ return c.expandLabel(secret, label, transcript.Sum(nil), c.hash.Size())
+}
+
+// extract implements HKDF-Extract with the cipher suite hash.
+func (c *cipherSuiteTLS13) extract(newSecret, currentSecret []byte) []byte {
+ if newSecret == nil {
+ newSecret = make([]byte, c.hash.Size())
+ }
+ return hkdf.Extract(c.hash.New, newSecret, currentSecret)
+}
+
+// nextTrafficSecret generates the next traffic secret, given the current one,
+// according to RFC 8446, Section 7.2.
+func (c *cipherSuiteTLS13) nextTrafficSecret(trafficSecret []byte) []byte {
+ return c.expandLabel(trafficSecret, trafficUpdateLabel, nil, c.hash.Size())
+}
+
+// trafficKey generates traffic keys according to RFC 8446, Section 7.3.
+func (c *cipherSuiteTLS13) trafficKey(trafficSecret []byte) (key, iv []byte) {
+ key = c.expandLabel(trafficSecret, "key", nil, c.keyLen)
+ iv = c.expandLabel(trafficSecret, "iv", nil, aeadNonceLength)
+ return
+}
+
+// finishedHash generates the Finished verify_data or PskBinderEntry according
+// to RFC 8446, Section 4.4.4. See sections 4.4 and 4.2.11.2 for the baseKey
+// selection.
+func (c *cipherSuiteTLS13) finishedHash(baseKey []byte, transcript hash.Hash) []byte {
+ finishedKey := c.expandLabel(baseKey, "finished", nil, c.hash.Size())
+ verifyData := hmac.New(c.hash.New, finishedKey)
+ verifyData.Write(transcript.Sum(nil))
+ return verifyData.Sum(nil)
+}
+
+// exportKeyingMaterial implements RFC5705 exporters for TLS 1.3 according to
+// RFC 8446, Section 7.5.
+func (c *cipherSuiteTLS13) exportKeyingMaterial(masterSecret []byte, transcript hash.Hash) func(string, []byte, int) ([]byte, error) {
+ expMasterSecret := c.deriveSecret(masterSecret, exporterLabel, transcript)
+ return func(label string, context []byte, length int) ([]byte, error) {
+ secret := c.deriveSecret(expMasterSecret, label, nil)
+ h := c.hash.New()
+ h.Write(context)
+ return c.expandLabel(secret, "exporter", h.Sum(nil), length), nil
+ }
+}
+
+// ecdheParameters implements Diffie-Hellman with either NIST curves or X25519,
+// according to RFC 8446, Section 4.2.8.2.
+type ecdheParameters interface {
+ CurveID() CurveID
+ PublicKey() []byte
+ SharedKey(peerPublicKey []byte) []byte
+}
+
+func generateECDHEParameters(rand io.Reader, curveID CurveID) (ecdheParameters, error) {
+ if curveID == X25519 {
+ privateKey := make([]byte, curve25519.ScalarSize)
+ if _, err := io.ReadFull(rand, privateKey); err != nil {
+ return nil, err
+ }
+ publicKey, err := curve25519.X25519(privateKey, curve25519.Basepoint)
+ if err != nil {
+ return nil, err
+ }
+ return &x25519Parameters{privateKey: privateKey, publicKey: publicKey}, nil
+ }
+
+ curve, ok := curveForCurveID(curveID)
+ if !ok {
+ return nil, errors.New("tls: internal error: unsupported curve")
+ }
+
+ p := &nistParameters{curveID: curveID}
+ var err error
+ p.privateKey, p.x, p.y, err = elliptic.GenerateKey(curve, rand)
+ if err != nil {
+ return nil, err
+ }
+ return p, nil
+}
+
+func curveForCurveID(id CurveID) (elliptic.Curve, bool) {
+ switch id {
+ case CurveP256:
+ return elliptic.P256(), true
+ case CurveP384:
+ return elliptic.P384(), true
+ case CurveP521:
+ return elliptic.P521(), true
+ default:
+ return nil, false
+ }
+}
+
+type nistParameters struct {
+ privateKey []byte
+ x, y *big.Int // public key
+ curveID CurveID
+}
+
+func (p *nistParameters) CurveID() CurveID {
+ return p.curveID
+}
+
+func (p *nistParameters) PublicKey() []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ return elliptic.Marshal(curve, p.x, p.y)
+}
+
+func (p *nistParameters) SharedKey(peerPublicKey []byte) []byte {
+ curve, _ := curveForCurveID(p.curveID)
+ // Unmarshal also checks whether the given point is on the curve.
+ x, y := elliptic.Unmarshal(curve, peerPublicKey)
+ if x == nil {
+ return nil
+ }
+
+ xShared, _ := curve.ScalarMult(x, y, p.privateKey)
+ sharedKey := make([]byte, (curve.Params().BitSize+7)/8)
+ return xShared.FillBytes(sharedKey)
+}
+
+type x25519Parameters struct {
+ privateKey []byte
+ publicKey []byte
+}
+
+func (p *x25519Parameters) CurveID() CurveID {
+ return X25519
+}
+
+func (p *x25519Parameters) PublicKey() []byte {
+ return p.publicKey[:]
+}
+
+func (p *x25519Parameters) SharedKey(peerPublicKey []byte) []byte {
+ sharedKey, err := curve25519.X25519(p.privateKey, peerPublicKey)
+ if err != nil {
+ return nil
+ }
+ return sharedKey
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/prf.go b/vendor/github.com/marten-seemann/qtls-go1-17/prf.go
new file mode 100644
index 00000000..9eb0221a
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/prf.go
@@ -0,0 +1,283 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "crypto"
+ "crypto/hmac"
+ "crypto/md5"
+ "crypto/sha1"
+ "crypto/sha256"
+ "crypto/sha512"
+ "errors"
+ "fmt"
+ "hash"
+)
+
+// Split a premaster secret in two as specified in RFC 4346, Section 5.
+func splitPreMasterSecret(secret []byte) (s1, s2 []byte) {
+ s1 = secret[0 : (len(secret)+1)/2]
+ s2 = secret[len(secret)/2:]
+ return
+}
+
+// pHash implements the P_hash function, as defined in RFC 4346, Section 5.
+func pHash(result, secret, seed []byte, hash func() hash.Hash) {
+ h := hmac.New(hash, secret)
+ h.Write(seed)
+ a := h.Sum(nil)
+
+ j := 0
+ for j < len(result) {
+ h.Reset()
+ h.Write(a)
+ h.Write(seed)
+ b := h.Sum(nil)
+ copy(result[j:], b)
+ j += len(b)
+
+ h.Reset()
+ h.Write(a)
+ a = h.Sum(nil)
+ }
+}
+
+// prf10 implements the TLS 1.0 pseudo-random function, as defined in RFC 2246, Section 5.
+func prf10(result, secret, label, seed []byte) {
+ hashSHA1 := sha1.New
+ hashMD5 := md5.New
+
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ s1, s2 := splitPreMasterSecret(secret)
+ pHash(result, s1, labelAndSeed, hashMD5)
+ result2 := make([]byte, len(result))
+ pHash(result2, s2, labelAndSeed, hashSHA1)
+
+ for i, b := range result2 {
+ result[i] ^= b
+ }
+}
+
+// prf12 implements the TLS 1.2 pseudo-random function, as defined in RFC 5246, Section 5.
+func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) {
+ return func(result, secret, label, seed []byte) {
+ labelAndSeed := make([]byte, len(label)+len(seed))
+ copy(labelAndSeed, label)
+ copy(labelAndSeed[len(label):], seed)
+
+ pHash(result, secret, labelAndSeed, hashFunc)
+ }
+}
+
+const (
+ masterSecretLength = 48 // Length of a master secret in TLS 1.1.
+ finishedVerifyLength = 12 // Length of verify_data in a Finished message.
+)
+
+var masterSecretLabel = []byte("master secret")
+var keyExpansionLabel = []byte("key expansion")
+var clientFinishedLabel = []byte("client finished")
+var serverFinishedLabel = []byte("server finished")
+
+func prfAndHashForVersion(version uint16, suite *cipherSuite) (func(result, secret, label, seed []byte), crypto.Hash) {
+ switch version {
+ case VersionTLS10, VersionTLS11:
+ return prf10, crypto.Hash(0)
+ case VersionTLS12:
+ if suite.flags&suiteSHA384 != 0 {
+ return prf12(sha512.New384), crypto.SHA384
+ }
+ return prf12(sha256.New), crypto.SHA256
+ default:
+ panic("unknown version")
+ }
+}
+
+func prfForVersion(version uint16, suite *cipherSuite) func(result, secret, label, seed []byte) {
+ prf, _ := prfAndHashForVersion(version, suite)
+ return prf
+}
+
+// masterFromPreMasterSecret generates the master secret from the pre-master
+// secret. See RFC 5246, Section 8.1.
+func masterFromPreMasterSecret(version uint16, suite *cipherSuite, preMasterSecret, clientRandom, serverRandom []byte) []byte {
+ seed := make([]byte, 0, len(clientRandom)+len(serverRandom))
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ masterSecret := make([]byte, masterSecretLength)
+ prfForVersion(version, suite)(masterSecret, preMasterSecret, masterSecretLabel, seed)
+ return masterSecret
+}
+
+// keysFromMasterSecret generates the connection keys from the master
+// secret, given the lengths of the MAC key, cipher key and IV, as defined in
+// RFC 2246, Section 6.3.
+func keysFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte, macLen, keyLen, ivLen int) (clientMAC, serverMAC, clientKey, serverKey, clientIV, serverIV []byte) {
+ seed := make([]byte, 0, len(serverRandom)+len(clientRandom))
+ seed = append(seed, serverRandom...)
+ seed = append(seed, clientRandom...)
+
+ n := 2*macLen + 2*keyLen + 2*ivLen
+ keyMaterial := make([]byte, n)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, keyExpansionLabel, seed)
+ clientMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ serverMAC = keyMaterial[:macLen]
+ keyMaterial = keyMaterial[macLen:]
+ clientKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ serverKey = keyMaterial[:keyLen]
+ keyMaterial = keyMaterial[keyLen:]
+ clientIV = keyMaterial[:ivLen]
+ keyMaterial = keyMaterial[ivLen:]
+ serverIV = keyMaterial[:ivLen]
+ return
+}
+
+func newFinishedHash(version uint16, cipherSuite *cipherSuite) finishedHash {
+ var buffer []byte
+ if version >= VersionTLS12 {
+ buffer = []byte{}
+ }
+
+ prf, hash := prfAndHashForVersion(version, cipherSuite)
+ if hash != 0 {
+ return finishedHash{hash.New(), hash.New(), nil, nil, buffer, version, prf}
+ }
+
+ return finishedHash{sha1.New(), sha1.New(), md5.New(), md5.New(), buffer, version, prf}
+}
+
+// A finishedHash calculates the hash of a set of handshake messages suitable
+// for including in a Finished message.
+type finishedHash struct {
+ client hash.Hash
+ server hash.Hash
+
+ // Prior to TLS 1.2, an additional MD5 hash is required.
+ clientMD5 hash.Hash
+ serverMD5 hash.Hash
+
+ // In TLS 1.2, a full buffer is sadly required.
+ buffer []byte
+
+ version uint16
+ prf func(result, secret, label, seed []byte)
+}
+
+func (h *finishedHash) Write(msg []byte) (n int, err error) {
+ h.client.Write(msg)
+ h.server.Write(msg)
+
+ if h.version < VersionTLS12 {
+ h.clientMD5.Write(msg)
+ h.serverMD5.Write(msg)
+ }
+
+ if h.buffer != nil {
+ h.buffer = append(h.buffer, msg...)
+ }
+
+ return len(msg), nil
+}
+
+func (h finishedHash) Sum() []byte {
+ if h.version >= VersionTLS12 {
+ return h.client.Sum(nil)
+ }
+
+ out := make([]byte, 0, md5.Size+sha1.Size)
+ out = h.clientMD5.Sum(out)
+ return h.client.Sum(out)
+}
+
+// clientSum returns the contents of the verify_data member of a client's
+// Finished message.
+func (h finishedHash) clientSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, clientFinishedLabel, h.Sum())
+ return out
+}
+
+// serverSum returns the contents of the verify_data member of a server's
+// Finished message.
+func (h finishedHash) serverSum(masterSecret []byte) []byte {
+ out := make([]byte, finishedVerifyLength)
+ h.prf(out, masterSecret, serverFinishedLabel, h.Sum())
+ return out
+}
+
+// hashForClientCertificate returns the handshake messages so far, pre-hashed if
+// necessary, suitable for signing by a TLS client certificate.
+func (h finishedHash) hashForClientCertificate(sigType uint8, hashAlg crypto.Hash, masterSecret []byte) []byte {
+ if (h.version >= VersionTLS12 || sigType == signatureEd25519) && h.buffer == nil {
+ panic("tls: handshake hash for a client certificate requested after discarding the handshake buffer")
+ }
+
+ if sigType == signatureEd25519 {
+ return h.buffer
+ }
+
+ if h.version >= VersionTLS12 {
+ hash := hashAlg.New()
+ hash.Write(h.buffer)
+ return hash.Sum(nil)
+ }
+
+ if sigType == signatureECDSA {
+ return h.server.Sum(nil)
+ }
+
+ return h.Sum()
+}
+
+// discardHandshakeBuffer is called when there is no more need to
+// buffer the entirety of the handshake messages.
+func (h *finishedHash) discardHandshakeBuffer() {
+ h.buffer = nil
+}
+
+// noExportedKeyingMaterial is used as a value of
+// ConnectionState.ekm when renegotiation is enabled and thus
+// we wish to fail all key-material export requests.
+func noExportedKeyingMaterial(label string, context []byte, length int) ([]byte, error) {
+ return nil, errors.New("crypto/tls: ExportKeyingMaterial is unavailable when renegotiation is enabled")
+}
+
+// ekmFromMasterSecret generates exported keying material as defined in RFC 5705.
+func ekmFromMasterSecret(version uint16, suite *cipherSuite, masterSecret, clientRandom, serverRandom []byte) func(string, []byte, int) ([]byte, error) {
+ return func(label string, context []byte, length int) ([]byte, error) {
+ switch label {
+ case "client finished", "server finished", "master secret", "key expansion":
+ // These values are reserved and may not be used.
+ return nil, fmt.Errorf("crypto/tls: reserved ExportKeyingMaterial label: %s", label)
+ }
+
+ seedLen := len(serverRandom) + len(clientRandom)
+ if context != nil {
+ seedLen += 2 + len(context)
+ }
+ seed := make([]byte, 0, seedLen)
+
+ seed = append(seed, clientRandom...)
+ seed = append(seed, serverRandom...)
+
+ if context != nil {
+ if len(context) >= 1<<16 {
+ return nil, fmt.Errorf("crypto/tls: ExportKeyingMaterial context too long")
+ }
+ seed = append(seed, byte(len(context)>>8), byte(len(context)))
+ seed = append(seed, context...)
+ }
+
+ keyMaterial := make([]byte, length)
+ prfForVersion(version, suite)(keyMaterial, masterSecret, []byte(label), seed)
+ return keyMaterial, nil
+ }
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/ticket.go b/vendor/github.com/marten-seemann/qtls-go1-17/ticket.go
new file mode 100644
index 00000000..006b8c1d
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/ticket.go
@@ -0,0 +1,259 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package qtls
+
+import (
+ "bytes"
+ "crypto/aes"
+ "crypto/cipher"
+ "crypto/hmac"
+ "crypto/sha256"
+ "crypto/subtle"
+ "errors"
+ "io"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte"
+)
+
+// sessionState contains the information that is serialized into a session
+// ticket in order to later resume a connection.
+type sessionState struct {
+ vers uint16
+ cipherSuite uint16
+ createdAt uint64
+ masterSecret []byte // opaque master_secret<1..2^16-1>;
+ // struct { opaque certificate<1..2^24-1> } Certificate;
+ certificates [][]byte // Certificate certificate_list<0..2^24-1>;
+
+ // usedOldKey is true if the ticket from which this session came from
+ // was encrypted with an older key and thus should be refreshed.
+ usedOldKey bool
+}
+
+func (m *sessionState) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(m.vers)
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.masterSecret)
+ })
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ for _, cert := range m.certificates {
+ b.AddUint24LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(cert)
+ })
+ }
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionState) unmarshal(data []byte) bool {
+ *m = sessionState{usedOldKey: m.usedOldKey}
+ s := cryptobyte.String(data)
+ if ok := s.ReadUint16(&m.vers) &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint16LengthPrefixed(&s, &m.masterSecret) &&
+ len(m.masterSecret) != 0; !ok {
+ return false
+ }
+ var certList cryptobyte.String
+ if !s.ReadUint24LengthPrefixed(&certList) {
+ return false
+ }
+ for !certList.Empty() {
+ var cert []byte
+ if !readUint24LengthPrefixed(&certList, &cert) {
+ return false
+ }
+ m.certificates = append(m.certificates, cert)
+ }
+ return s.Empty()
+}
+
+// sessionStateTLS13 is the content of a TLS 1.3 session ticket. Its first
+// version (revision = 0) doesn't carry any of the information needed for 0-RTT
+// validation and the nonce is always empty.
+// version (revision = 1) carries the max_early_data_size sent in the ticket.
+// version (revision = 2) carries the ALPN sent in the ticket.
+type sessionStateTLS13 struct {
+ // uint8 version = 0x0304;
+ // uint8 revision = 2;
+ cipherSuite uint16
+ createdAt uint64
+ resumptionSecret []byte // opaque resumption_master_secret<1..2^8-1>;
+ certificate Certificate // CertificateEntry certificate_list<0..2^24-1>;
+ maxEarlyData uint32
+ alpn string
+
+ appData []byte
+}
+
+func (m *sessionStateTLS13) marshal() []byte {
+ var b cryptobyte.Builder
+ b.AddUint16(VersionTLS13)
+ b.AddUint8(2) // revision
+ b.AddUint16(m.cipherSuite)
+ addUint64(&b, m.createdAt)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.resumptionSecret)
+ })
+ marshalCertificate(&b, m.certificate)
+ b.AddUint32(m.maxEarlyData)
+ b.AddUint8LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes([]byte(m.alpn))
+ })
+ b.AddUint16LengthPrefixed(func(b *cryptobyte.Builder) {
+ b.AddBytes(m.appData)
+ })
+ return b.BytesOrPanic()
+}
+
+func (m *sessionStateTLS13) unmarshal(data []byte) bool {
+ *m = sessionStateTLS13{}
+ s := cryptobyte.String(data)
+ var version uint16
+ var revision uint8
+ var alpn []byte
+ ret := s.ReadUint16(&version) &&
+ version == VersionTLS13 &&
+ s.ReadUint8(&revision) &&
+ revision == 2 &&
+ s.ReadUint16(&m.cipherSuite) &&
+ readUint64(&s, &m.createdAt) &&
+ readUint8LengthPrefixed(&s, &m.resumptionSecret) &&
+ len(m.resumptionSecret) != 0 &&
+ unmarshalCertificate(&s, &m.certificate) &&
+ s.ReadUint32(&m.maxEarlyData) &&
+ readUint8LengthPrefixed(&s, &alpn) &&
+ readUint16LengthPrefixed(&s, &m.appData) &&
+ s.Empty()
+ m.alpn = string(alpn)
+ return ret
+}
+
+func (c *Conn) encryptTicket(state []byte) ([]byte, error) {
+ if len(c.ticketKeys) == 0 {
+ return nil, errors.New("tls: internal error: session ticket keys unavailable")
+ }
+
+ encrypted := make([]byte, ticketKeyNameLen+aes.BlockSize+len(state)+sha256.Size)
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+
+ if _, err := io.ReadFull(c.config.rand(), iv); err != nil {
+ return nil, err
+ }
+ key := c.ticketKeys[0]
+ copy(keyName, key.keyName[:])
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, errors.New("tls: failed to create cipher while encrypting ticket: " + err.Error())
+ }
+ cipher.NewCTR(block, iv).XORKeyStream(encrypted[ticketKeyNameLen+aes.BlockSize:], state)
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ mac.Sum(macBytes[:0])
+
+ return encrypted, nil
+}
+
+func (c *Conn) decryptTicket(encrypted []byte) (plaintext []byte, usedOldKey bool) {
+ if len(encrypted) < ticketKeyNameLen+aes.BlockSize+sha256.Size {
+ return nil, false
+ }
+
+ keyName := encrypted[:ticketKeyNameLen]
+ iv := encrypted[ticketKeyNameLen : ticketKeyNameLen+aes.BlockSize]
+ macBytes := encrypted[len(encrypted)-sha256.Size:]
+ ciphertext := encrypted[ticketKeyNameLen+aes.BlockSize : len(encrypted)-sha256.Size]
+
+ keyIndex := -1
+ for i, candidateKey := range c.ticketKeys {
+ if bytes.Equal(keyName, candidateKey.keyName[:]) {
+ keyIndex = i
+ break
+ }
+ }
+ if keyIndex == -1 {
+ return nil, false
+ }
+ key := &c.ticketKeys[keyIndex]
+
+ mac := hmac.New(sha256.New, key.hmacKey[:])
+ mac.Write(encrypted[:len(encrypted)-sha256.Size])
+ expected := mac.Sum(nil)
+
+ if subtle.ConstantTimeCompare(macBytes, expected) != 1 {
+ return nil, false
+ }
+
+ block, err := aes.NewCipher(key.aesKey[:])
+ if err != nil {
+ return nil, false
+ }
+ plaintext = make([]byte, len(ciphertext))
+ cipher.NewCTR(block, iv).XORKeyStream(plaintext, ciphertext)
+
+ return plaintext, keyIndex > 0
+}
+
+func (c *Conn) getSessionTicketMsg(appData []byte) (*newSessionTicketMsgTLS13, error) {
+ m := new(newSessionTicketMsgTLS13)
+
+ var certsFromClient [][]byte
+ for _, cert := range c.peerCertificates {
+ certsFromClient = append(certsFromClient, cert.Raw)
+ }
+ state := sessionStateTLS13{
+ cipherSuite: c.cipherSuite,
+ createdAt: uint64(c.config.time().Unix()),
+ resumptionSecret: c.resumptionSecret,
+ certificate: Certificate{
+ Certificate: certsFromClient,
+ OCSPStaple: c.ocspResponse,
+ SignedCertificateTimestamps: c.scts,
+ },
+ appData: appData,
+ alpn: c.clientProtocol,
+ }
+ if c.extraConfig != nil {
+ state.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ var err error
+ m.label, err = c.encryptTicket(state.marshal())
+ if err != nil {
+ return nil, err
+ }
+ m.lifetime = uint32(maxSessionTicketLifetime / time.Second)
+ if c.extraConfig != nil {
+ m.maxEarlyData = c.extraConfig.MaxEarlyData
+ }
+ return m, nil
+}
+
+// GetSessionTicket generates a new session ticket.
+// It should only be called after the handshake completes.
+// It can only be used for servers, and only if the alternative record layer is set.
+// The ticket may be nil if config.SessionTicketsDisabled is set,
+// or if the client isn't able to receive session tickets.
+func (c *Conn) GetSessionTicket(appData []byte) ([]byte, error) {
+ if c.isClient || !c.handshakeComplete() || c.extraConfig == nil || c.extraConfig.AlternativeRecordLayer == nil {
+ return nil, errors.New("GetSessionTicket is only valid for servers after completion of the handshake, and if an alternative record layer is set.")
+ }
+ if c.config.SessionTicketsDisabled {
+ return nil, nil
+ }
+
+ m, err := c.getSessionTicketMsg(appData)
+ if err != nil {
+ return nil, err
+ }
+ return m.marshal(), nil
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/tls.go b/vendor/github.com/marten-seemann/qtls-go1-17/tls.go
new file mode 100644
index 00000000..42207c23
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/tls.go
@@ -0,0 +1,362 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// package qtls partially implements TLS 1.2, as specified in RFC 5246,
+// and TLS 1.3, as specified in RFC 8446.
+package qtls
+
+// BUG(agl): The crypto/tls package only implements some countermeasures
+// against Lucky13 attacks on CBC-mode encryption, and only on SHA1
+// variants. See http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+
+import (
+ "bytes"
+ "context"
+ "crypto"
+ "crypto/ecdsa"
+ "crypto/ed25519"
+ "crypto/rsa"
+ "crypto/x509"
+ "encoding/pem"
+ "errors"
+ "fmt"
+ "net"
+ "os"
+ "strings"
+)
+
+// Server returns a new TLS server side connection
+// using conn as the underlying transport.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Server(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ }
+ c.handshakeFn = c.serverHandshake
+ return c
+}
+
+// Client returns a new TLS client side connection
+// using conn as the underlying transport.
+// The config cannot be nil: users must set either ServerName or
+// InsecureSkipVerify in the config.
+func Client(conn net.Conn, config *Config, extraConfig *ExtraConfig) *Conn {
+ c := &Conn{
+ conn: conn,
+ config: fromConfig(config),
+ extraConfig: extraConfig,
+ isClient: true,
+ }
+ c.handshakeFn = c.clientHandshake
+ return c
+}
+
+// A listener implements a network listener (net.Listener) for TLS connections.
+type listener struct {
+ net.Listener
+ config *Config
+ extraConfig *ExtraConfig
+}
+
+// Accept waits for and returns the next incoming TLS connection.
+// The returned connection is of type *Conn.
+func (l *listener) Accept() (net.Conn, error) {
+ c, err := l.Listener.Accept()
+ if err != nil {
+ return nil, err
+ }
+ return Server(c, l.config, l.extraConfig), nil
+}
+
+// NewListener creates a Listener which accepts connections from an inner
+// Listener and wraps each connection with Server.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func NewListener(inner net.Listener, config *Config, extraConfig *ExtraConfig) net.Listener {
+ l := new(listener)
+ l.Listener = inner
+ l.config = config
+ l.extraConfig = extraConfig
+ return l
+}
+
+// Listen creates a TLS listener accepting connections on the
+// given network address using net.Listen.
+// The configuration config must be non-nil and must include
+// at least one certificate or else set GetCertificate.
+func Listen(network, laddr string, config *Config, extraConfig *ExtraConfig) (net.Listener, error) {
+ if config == nil || len(config.Certificates) == 0 &&
+ config.GetCertificate == nil && config.GetConfigForClient == nil {
+ return nil, errors.New("tls: neither Certificates, GetCertificate, nor GetConfigForClient set in Config")
+ }
+ l, err := net.Listen(network, laddr)
+ if err != nil {
+ return nil, err
+ }
+ return NewListener(l, config, extraConfig), nil
+}
+
+type timeoutError struct{}
+
+func (timeoutError) Error() string { return "tls: DialWithDialer timed out" }
+func (timeoutError) Timeout() bool { return true }
+func (timeoutError) Temporary() bool { return true }
+
+// DialWithDialer connects to the given network address using dialer.Dial and
+// then initiates a TLS handshake, returning the resulting TLS connection. Any
+// timeout or deadline given in the dialer apply to connection and TLS
+// handshake as a whole.
+//
+// DialWithDialer interprets a nil configuration as equivalent to the zero
+// configuration; see the documentation of Config for the defaults.
+//
+// DialWithDialer uses context.Background internally; to specify the context,
+// use Dialer.DialContext with NetDialer set to the desired dialer.
+func DialWithDialer(dialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return dial(context.Background(), dialer, network, addr, config, extraConfig)
+}
+
+func dial(ctx context.Context, netDialer *net.Dialer, network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ if netDialer.Timeout != 0 {
+ var cancel context.CancelFunc
+ ctx, cancel = context.WithTimeout(ctx, netDialer.Timeout)
+ defer cancel()
+ }
+
+ if !netDialer.Deadline.IsZero() {
+ var cancel context.CancelFunc
+ ctx, cancel = context.WithDeadline(ctx, netDialer.Deadline)
+ defer cancel()
+ }
+
+ rawConn, err := netDialer.DialContext(ctx, network, addr)
+ if err != nil {
+ return nil, err
+ }
+
+ colonPos := strings.LastIndex(addr, ":")
+ if colonPos == -1 {
+ colonPos = len(addr)
+ }
+ hostname := addr[:colonPos]
+
+ if config == nil {
+ config = defaultConfig()
+ }
+ // If no ServerName is set, infer the ServerName
+ // from the hostname we're connecting to.
+ if config.ServerName == "" {
+ // Make a copy to avoid polluting argument or default.
+ c := config.Clone()
+ c.ServerName = hostname
+ config = c
+ }
+
+ conn := Client(rawConn, config, extraConfig)
+ if err := conn.HandshakeContext(ctx); err != nil {
+ rawConn.Close()
+ return nil, err
+ }
+ return conn, nil
+}
+
+// Dial connects to the given network address using net.Dial
+// and then initiates a TLS handshake, returning the resulting
+// TLS connection.
+// Dial interprets a nil configuration as equivalent to
+// the zero configuration; see the documentation of Config
+// for the defaults.
+func Dial(network, addr string, config *Config, extraConfig *ExtraConfig) (*Conn, error) {
+ return DialWithDialer(new(net.Dialer), network, addr, config, extraConfig)
+}
+
+// Dialer dials TLS connections given a configuration and a Dialer for the
+// underlying connection.
+type Dialer struct {
+ // NetDialer is the optional dialer to use for the TLS connections'
+ // underlying TCP connections.
+ // A nil NetDialer is equivalent to the net.Dialer zero value.
+ NetDialer *net.Dialer
+
+ // Config is the TLS configuration to use for new connections.
+ // A nil configuration is equivalent to the zero
+ // configuration; see the documentation of Config for the
+ // defaults.
+ Config *Config
+
+ ExtraConfig *ExtraConfig
+}
+
+// Dial connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+//
+// Dial uses context.Background internally; to specify the context,
+// use DialContext.
+func (d *Dialer) Dial(network, addr string) (net.Conn, error) {
+ return d.DialContext(context.Background(), network, addr)
+}
+
+func (d *Dialer) netDialer() *net.Dialer {
+ if d.NetDialer != nil {
+ return d.NetDialer
+ }
+ return new(net.Dialer)
+}
+
+// DialContext connects to the given network address and initiates a TLS
+// handshake, returning the resulting TLS connection.
+//
+// The provided Context must be non-nil. If the context expires before
+// the connection is complete, an error is returned. Once successfully
+// connected, any expiration of the context will not affect the
+// connection.
+//
+// The returned Conn, if any, will always be of type *Conn.
+func (d *Dialer) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+ c, err := dial(ctx, d.netDialer(), network, addr, d.Config, d.ExtraConfig)
+ if err != nil {
+ // Don't return c (a typed nil) in an interface.
+ return nil, err
+ }
+ return c, nil
+}
+
+// LoadX509KeyPair reads and parses a public/private key pair from a pair
+// of files. The files must contain PEM encoded data. The certificate file
+// may contain intermediate certificates following the leaf certificate to
+// form a certificate chain. On successful return, Certificate.Leaf will
+// be nil because the parsed form of the certificate is not retained.
+func LoadX509KeyPair(certFile, keyFile string) (Certificate, error) {
+ certPEMBlock, err := os.ReadFile(certFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ keyPEMBlock, err := os.ReadFile(keyFile)
+ if err != nil {
+ return Certificate{}, err
+ }
+ return X509KeyPair(certPEMBlock, keyPEMBlock)
+}
+
+// X509KeyPair parses a public/private key pair from a pair of
+// PEM encoded data. On successful return, Certificate.Leaf will be nil because
+// the parsed form of the certificate is not retained.
+func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (Certificate, error) {
+ fail := func(err error) (Certificate, error) { return Certificate{}, err }
+
+ var cert Certificate
+ var skippedBlockTypes []string
+ for {
+ var certDERBlock *pem.Block
+ certDERBlock, certPEMBlock = pem.Decode(certPEMBlock)
+ if certDERBlock == nil {
+ break
+ }
+ if certDERBlock.Type == "CERTIFICATE" {
+ cert.Certificate = append(cert.Certificate, certDERBlock.Bytes)
+ } else {
+ skippedBlockTypes = append(skippedBlockTypes, certDERBlock.Type)
+ }
+ }
+
+ if len(cert.Certificate) == 0 {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in certificate input"))
+ }
+ if len(skippedBlockTypes) == 1 && strings.HasSuffix(skippedBlockTypes[0], "PRIVATE KEY") {
+ return fail(errors.New("tls: failed to find certificate PEM data in certificate input, but did find a private key; PEM inputs may have been switched"))
+ }
+ return fail(fmt.Errorf("tls: failed to find \"CERTIFICATE\" PEM block in certificate input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+
+ skippedBlockTypes = skippedBlockTypes[:0]
+ var keyDERBlock *pem.Block
+ for {
+ keyDERBlock, keyPEMBlock = pem.Decode(keyPEMBlock)
+ if keyDERBlock == nil {
+ if len(skippedBlockTypes) == 0 {
+ return fail(errors.New("tls: failed to find any PEM data in key input"))
+ }
+ if len(skippedBlockTypes) == 1 && skippedBlockTypes[0] == "CERTIFICATE" {
+ return fail(errors.New("tls: found a certificate rather than a key in the PEM for the private key"))
+ }
+ return fail(fmt.Errorf("tls: failed to find PEM block with type ending in \"PRIVATE KEY\" in key input after skipping PEM blocks of the following types: %v", skippedBlockTypes))
+ }
+ if keyDERBlock.Type == "PRIVATE KEY" || strings.HasSuffix(keyDERBlock.Type, " PRIVATE KEY") {
+ break
+ }
+ skippedBlockTypes = append(skippedBlockTypes, keyDERBlock.Type)
+ }
+
+ // We don't need to parse the public key for TLS, but we so do anyway
+ // to check that it looks sane and matches the private key.
+ x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
+ if err != nil {
+ return fail(err)
+ }
+
+ cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes)
+ if err != nil {
+ return fail(err)
+ }
+
+ switch pub := x509Cert.PublicKey.(type) {
+ case *rsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*rsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.N.Cmp(priv.N) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case *ecdsa.PublicKey:
+ priv, ok := cert.PrivateKey.(*ecdsa.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if pub.X.Cmp(priv.X) != 0 || pub.Y.Cmp(priv.Y) != 0 {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ case ed25519.PublicKey:
+ priv, ok := cert.PrivateKey.(ed25519.PrivateKey)
+ if !ok {
+ return fail(errors.New("tls: private key type does not match public key type"))
+ }
+ if !bytes.Equal(priv.Public().(ed25519.PublicKey), pub) {
+ return fail(errors.New("tls: private key does not match public key"))
+ }
+ default:
+ return fail(errors.New("tls: unknown public key algorithm"))
+ }
+
+ return cert, nil
+}
+
+// Attempt to parse the given private key DER block. OpenSSL 0.9.8 generates
+// PKCS #1 private keys by default, while OpenSSL 1.0.0 generates PKCS #8 keys.
+// OpenSSL ecparam generates SEC1 EC private keys for ECDSA. We try all three.
+func parsePrivateKey(der []byte) (crypto.PrivateKey, error) {
+ if key, err := x509.ParsePKCS1PrivateKey(der); err == nil {
+ return key, nil
+ }
+ if key, err := x509.ParsePKCS8PrivateKey(der); err == nil {
+ switch key := key.(type) {
+ case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey:
+ return key, nil
+ default:
+ return nil, errors.New("tls: found unknown private key type in PKCS#8 wrapping")
+ }
+ }
+ if key, err := x509.ParseECPrivateKey(der); err == nil {
+ return key, nil
+ }
+
+ return nil, errors.New("tls: failed to parse private key")
+}
diff --git a/vendor/github.com/marten-seemann/qtls-go1-17/unsafe.go b/vendor/github.com/marten-seemann/qtls-go1-17/unsafe.go
new file mode 100644
index 00000000..55fa01b3
--- /dev/null
+++ b/vendor/github.com/marten-seemann/qtls-go1-17/unsafe.go
@@ -0,0 +1,96 @@
+package qtls
+
+import (
+ "crypto/tls"
+ "reflect"
+ "unsafe"
+)
+
+func init() {
+ if !structsEqual(&tls.ConnectionState{}, &connectionState{}) {
+ panic("qtls.ConnectionState doesn't match")
+ }
+ if !structsEqual(&tls.ClientSessionState{}, &clientSessionState{}) {
+ panic("qtls.ClientSessionState doesn't match")
+ }
+ if !structsEqual(&tls.CertificateRequestInfo{}, &certificateRequestInfo{}) {
+ panic("qtls.CertificateRequestInfo doesn't match")
+ }
+ if !structsEqual(&tls.Config{}, &config{}) {
+ panic("qtls.Config doesn't match")
+ }
+ if !structsEqual(&tls.ClientHelloInfo{}, &clientHelloInfo{}) {
+ panic("qtls.ClientHelloInfo doesn't match")
+ }
+}
+
+func toConnectionState(c connectionState) ConnectionState {
+ return *(*ConnectionState)(unsafe.Pointer(&c))
+}
+
+func toClientSessionState(s *clientSessionState) *ClientSessionState {
+ return (*ClientSessionState)(unsafe.Pointer(s))
+}
+
+func fromClientSessionState(s *ClientSessionState) *clientSessionState {
+ return (*clientSessionState)(unsafe.Pointer(s))
+}
+
+func toCertificateRequestInfo(i *certificateRequestInfo) *CertificateRequestInfo {
+ return (*CertificateRequestInfo)(unsafe.Pointer(i))
+}
+
+func toConfig(c *config) *Config {
+ return (*Config)(unsafe.Pointer(c))
+}
+
+func fromConfig(c *Config) *config {
+ return (*config)(unsafe.Pointer(c))
+}
+
+func toClientHelloInfo(chi *clientHelloInfo) *ClientHelloInfo {
+ return (*ClientHelloInfo)(unsafe.Pointer(chi))
+}
+
+func structsEqual(a, b interface{}) bool {
+ return compare(reflect.ValueOf(a), reflect.ValueOf(b))
+}
+
+func compare(a, b reflect.Value) bool {
+ sa := a.Elem()
+ sb := b.Elem()
+ if sa.NumField() != sb.NumField() {
+ return false
+ }
+ for i := 0; i < sa.NumField(); i++ {
+ fa := sa.Type().Field(i)
+ fb := sb.Type().Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ if fa.Type.Kind() != fb.Type.Kind() {
+ return false
+ }
+ if fa.Type.Kind() == reflect.Slice {
+ if !compareStruct(fa.Type.Elem(), fb.Type.Elem()) {
+ return false
+ }
+ continue
+ }
+ return false
+ }
+ }
+ return true
+}
+
+func compareStruct(a, b reflect.Type) bool {
+ if a.NumField() != b.NumField() {
+ return false
+ }
+ for i := 0; i < a.NumField(); i++ {
+ fa := a.Field(i)
+ fb := b.Field(i)
+ if !reflect.DeepEqual(fa.Index, fb.Index) || fa.Name != fb.Name || fa.Anonymous != fb.Anonymous || fa.Offset != fb.Offset || !reflect.DeepEqual(fa.Type, fb.Type) {
+ return false
+ }
+ }
+ return true
+}
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go
new file mode 100644
index 00000000..0d7bac3f
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go
@@ -0,0 +1,94 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package chacha20poly1305 implements the ChaCha20-Poly1305 AEAD and its
+// extended nonce variant XChaCha20-Poly1305, as specified in RFC 8439 and
+// draft-irtf-cfrg-xchacha-01.
+package chacha20poly1305 // import "golang.org/x/crypto/chacha20poly1305"
+
+import (
+ "crypto/cipher"
+ "errors"
+)
+
+const (
+ // KeySize is the size of the key used by this AEAD, in bytes.
+ KeySize = 32
+
+ // NonceSize is the size of the nonce used with the standard variant of this
+ // AEAD, in bytes.
+ //
+ // Note that this is too short to be safely generated at random if the same
+ // key is reused more than 2³² times.
+ NonceSize = 12
+
+ // NonceSizeX is the size of the nonce used with the XChaCha20-Poly1305
+ // variant of this AEAD, in bytes.
+ NonceSizeX = 24
+)
+
+type chacha20poly1305 struct {
+ key [KeySize]byte
+}
+
+// New returns a ChaCha20-Poly1305 AEAD that uses the given 256-bit key.
+func New(key []byte) (cipher.AEAD, error) {
+ if len(key) != KeySize {
+ return nil, errors.New("chacha20poly1305: bad key length")
+ }
+ ret := new(chacha20poly1305)
+ copy(ret.key[:], key)
+ return ret, nil
+}
+
+func (c *chacha20poly1305) NonceSize() int {
+ return NonceSize
+}
+
+func (c *chacha20poly1305) Overhead() int {
+ return 16
+}
+
+func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
+ if len(nonce) != NonceSize {
+ panic("chacha20poly1305: bad nonce length passed to Seal")
+ }
+
+ if uint64(len(plaintext)) > (1<<38)-64 {
+ panic("chacha20poly1305: plaintext too large")
+ }
+
+ return c.seal(dst, nonce, plaintext, additionalData)
+}
+
+var errOpen = errors.New("chacha20poly1305: message authentication failed")
+
+func (c *chacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ if len(nonce) != NonceSize {
+ panic("chacha20poly1305: bad nonce length passed to Open")
+ }
+ if len(ciphertext) < 16 {
+ return nil, errOpen
+ }
+ if uint64(len(ciphertext)) > (1<<38)-48 {
+ panic("chacha20poly1305: ciphertext too large")
+ }
+
+ return c.open(dst, nonce, ciphertext, additionalData)
+}
+
+// sliceForAppend takes a slice and a requested number of bytes. It returns a
+// slice with the contents of the given slice followed by that many bytes and a
+// second slice that aliases into it and contains only the extra bytes. If the
+// original slice has sufficient capacity then no allocation is performed.
+func sliceForAppend(in []byte, n int) (head, tail []byte) {
+ if total := len(in) + n; cap(in) >= total {
+ head = in[:total]
+ } else {
+ head = make([]byte, total)
+ copy(head, in)
+ }
+ tail = head[len(in):]
+ return
+}
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go
new file mode 100644
index 00000000..cda77819
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.go
@@ -0,0 +1,86 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !gccgo,!purego
+
+package chacha20poly1305
+
+import (
+ "encoding/binary"
+
+ "golang.org/x/crypto/internal/subtle"
+ "golang.org/x/sys/cpu"
+)
+
+//go:noescape
+func chacha20Poly1305Open(dst []byte, key []uint32, src, ad []byte) bool
+
+//go:noescape
+func chacha20Poly1305Seal(dst []byte, key []uint32, src, ad []byte)
+
+var (
+ useAVX2 = cpu.X86.HasAVX2 && cpu.X86.HasBMI2
+)
+
+// setupState writes a ChaCha20 input matrix to state. See
+// https://tools.ietf.org/html/rfc7539#section-2.3.
+func setupState(state *[16]uint32, key *[32]byte, nonce []byte) {
+ state[0] = 0x61707865
+ state[1] = 0x3320646e
+ state[2] = 0x79622d32
+ state[3] = 0x6b206574
+
+ state[4] = binary.LittleEndian.Uint32(key[0:4])
+ state[5] = binary.LittleEndian.Uint32(key[4:8])
+ state[6] = binary.LittleEndian.Uint32(key[8:12])
+ state[7] = binary.LittleEndian.Uint32(key[12:16])
+ state[8] = binary.LittleEndian.Uint32(key[16:20])
+ state[9] = binary.LittleEndian.Uint32(key[20:24])
+ state[10] = binary.LittleEndian.Uint32(key[24:28])
+ state[11] = binary.LittleEndian.Uint32(key[28:32])
+
+ state[12] = 0
+ state[13] = binary.LittleEndian.Uint32(nonce[0:4])
+ state[14] = binary.LittleEndian.Uint32(nonce[4:8])
+ state[15] = binary.LittleEndian.Uint32(nonce[8:12])
+}
+
+func (c *chacha20poly1305) seal(dst, nonce, plaintext, additionalData []byte) []byte {
+ if !cpu.X86.HasSSSE3 {
+ return c.sealGeneric(dst, nonce, plaintext, additionalData)
+ }
+
+ var state [16]uint32
+ setupState(&state, &c.key, nonce)
+
+ ret, out := sliceForAppend(dst, len(plaintext)+16)
+ if subtle.InexactOverlap(out, plaintext) {
+ panic("chacha20poly1305: invalid buffer overlap")
+ }
+ chacha20Poly1305Seal(out[:], state[:], plaintext, additionalData)
+ return ret
+}
+
+func (c *chacha20poly1305) open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ if !cpu.X86.HasSSSE3 {
+ return c.openGeneric(dst, nonce, ciphertext, additionalData)
+ }
+
+ var state [16]uint32
+ setupState(&state, &c.key, nonce)
+
+ ciphertext = ciphertext[:len(ciphertext)-16]
+ ret, out := sliceForAppend(dst, len(ciphertext))
+ if subtle.InexactOverlap(out, ciphertext) {
+ panic("chacha20poly1305: invalid buffer overlap")
+ }
+ if !chacha20Poly1305Open(out, state[:], ciphertext, additionalData) {
+ for i := range out {
+ out[i] = 0
+ }
+ return nil, errOpen
+ }
+
+ return ret, nil
+}
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s
new file mode 100644
index 00000000..3469c872
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_amd64.s
@@ -0,0 +1,2695 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// This file was originally from https://golang.org/cl/24717 by Vlad Krasnov of CloudFlare.
+
+// +build !gccgo,!purego
+
+#include "textflag.h"
+// General register allocation
+#define oup DI
+#define inp SI
+#define inl BX
+#define adp CX // free to reuse, after we hash the additional data
+#define keyp R8 // free to reuse, when we copy the key to stack
+#define itr2 R9 // general iterator
+#define itr1 CX // general iterator
+#define acc0 R10
+#define acc1 R11
+#define acc2 R12
+#define t0 R13
+#define t1 R14
+#define t2 R15
+#define t3 R8
+// Register and stack allocation for the SSE code
+#define rStore (0*16)(BP)
+#define sStore (1*16)(BP)
+#define state1Store (2*16)(BP)
+#define state2Store (3*16)(BP)
+#define tmpStore (4*16)(BP)
+#define ctr0Store (5*16)(BP)
+#define ctr1Store (6*16)(BP)
+#define ctr2Store (7*16)(BP)
+#define ctr3Store (8*16)(BP)
+#define A0 X0
+#define A1 X1
+#define A2 X2
+#define B0 X3
+#define B1 X4
+#define B2 X5
+#define C0 X6
+#define C1 X7
+#define C2 X8
+#define D0 X9
+#define D1 X10
+#define D2 X11
+#define T0 X12
+#define T1 X13
+#define T2 X14
+#define T3 X15
+#define A3 T0
+#define B3 T1
+#define C3 T2
+#define D3 T3
+// Register and stack allocation for the AVX2 code
+#define rsStoreAVX2 (0*32)(BP)
+#define state1StoreAVX2 (1*32)(BP)
+#define state2StoreAVX2 (2*32)(BP)
+#define ctr0StoreAVX2 (3*32)(BP)
+#define ctr1StoreAVX2 (4*32)(BP)
+#define ctr2StoreAVX2 (5*32)(BP)
+#define ctr3StoreAVX2 (6*32)(BP)
+#define tmpStoreAVX2 (7*32)(BP) // 256 bytes on stack
+#define AA0 Y0
+#define AA1 Y5
+#define AA2 Y6
+#define AA3 Y7
+#define BB0 Y14
+#define BB1 Y9
+#define BB2 Y10
+#define BB3 Y11
+#define CC0 Y12
+#define CC1 Y13
+#define CC2 Y8
+#define CC3 Y15
+#define DD0 Y4
+#define DD1 Y1
+#define DD2 Y2
+#define DD3 Y3
+#define TT0 DD3
+#define TT1 AA3
+#define TT2 BB3
+#define TT3 CC3
+// ChaCha20 constants
+DATA ·chacha20Constants<>+0x00(SB)/4, $0x61707865
+DATA ·chacha20Constants<>+0x04(SB)/4, $0x3320646e
+DATA ·chacha20Constants<>+0x08(SB)/4, $0x79622d32
+DATA ·chacha20Constants<>+0x0c(SB)/4, $0x6b206574
+DATA ·chacha20Constants<>+0x10(SB)/4, $0x61707865
+DATA ·chacha20Constants<>+0x14(SB)/4, $0x3320646e
+DATA ·chacha20Constants<>+0x18(SB)/4, $0x79622d32
+DATA ·chacha20Constants<>+0x1c(SB)/4, $0x6b206574
+// <<< 16 with PSHUFB
+DATA ·rol16<>+0x00(SB)/8, $0x0504070601000302
+DATA ·rol16<>+0x08(SB)/8, $0x0D0C0F0E09080B0A
+DATA ·rol16<>+0x10(SB)/8, $0x0504070601000302
+DATA ·rol16<>+0x18(SB)/8, $0x0D0C0F0E09080B0A
+// <<< 8 with PSHUFB
+DATA ·rol8<>+0x00(SB)/8, $0x0605040702010003
+DATA ·rol8<>+0x08(SB)/8, $0x0E0D0C0F0A09080B
+DATA ·rol8<>+0x10(SB)/8, $0x0605040702010003
+DATA ·rol8<>+0x18(SB)/8, $0x0E0D0C0F0A09080B
+
+DATA ·avx2InitMask<>+0x00(SB)/8, $0x0
+DATA ·avx2InitMask<>+0x08(SB)/8, $0x0
+DATA ·avx2InitMask<>+0x10(SB)/8, $0x1
+DATA ·avx2InitMask<>+0x18(SB)/8, $0x0
+
+DATA ·avx2IncMask<>+0x00(SB)/8, $0x2
+DATA ·avx2IncMask<>+0x08(SB)/8, $0x0
+DATA ·avx2IncMask<>+0x10(SB)/8, $0x2
+DATA ·avx2IncMask<>+0x18(SB)/8, $0x0
+// Poly1305 key clamp
+DATA ·polyClampMask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF
+DATA ·polyClampMask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC
+DATA ·polyClampMask<>+0x10(SB)/8, $0xFFFFFFFFFFFFFFFF
+DATA ·polyClampMask<>+0x18(SB)/8, $0xFFFFFFFFFFFFFFFF
+
+DATA ·sseIncMask<>+0x00(SB)/8, $0x1
+DATA ·sseIncMask<>+0x08(SB)/8, $0x0
+// To load/store the last < 16 bytes in a buffer
+DATA ·andMask<>+0x00(SB)/8, $0x00000000000000ff
+DATA ·andMask<>+0x08(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x10(SB)/8, $0x000000000000ffff
+DATA ·andMask<>+0x18(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x20(SB)/8, $0x0000000000ffffff
+DATA ·andMask<>+0x28(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x30(SB)/8, $0x00000000ffffffff
+DATA ·andMask<>+0x38(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x40(SB)/8, $0x000000ffffffffff
+DATA ·andMask<>+0x48(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x50(SB)/8, $0x0000ffffffffffff
+DATA ·andMask<>+0x58(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x60(SB)/8, $0x00ffffffffffffff
+DATA ·andMask<>+0x68(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x70(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0x78(SB)/8, $0x0000000000000000
+DATA ·andMask<>+0x80(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0x88(SB)/8, $0x00000000000000ff
+DATA ·andMask<>+0x90(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0x98(SB)/8, $0x000000000000ffff
+DATA ·andMask<>+0xa0(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0xa8(SB)/8, $0x0000000000ffffff
+DATA ·andMask<>+0xb0(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0xb8(SB)/8, $0x00000000ffffffff
+DATA ·andMask<>+0xc0(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0xc8(SB)/8, $0x000000ffffffffff
+DATA ·andMask<>+0xd0(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0xd8(SB)/8, $0x0000ffffffffffff
+DATA ·andMask<>+0xe0(SB)/8, $0xffffffffffffffff
+DATA ·andMask<>+0xe8(SB)/8, $0x00ffffffffffffff
+
+GLOBL ·chacha20Constants<>(SB), (NOPTR+RODATA), $32
+GLOBL ·rol16<>(SB), (NOPTR+RODATA), $32
+GLOBL ·rol8<>(SB), (NOPTR+RODATA), $32
+GLOBL ·sseIncMask<>(SB), (NOPTR+RODATA), $16
+GLOBL ·avx2IncMask<>(SB), (NOPTR+RODATA), $32
+GLOBL ·avx2InitMask<>(SB), (NOPTR+RODATA), $32
+GLOBL ·polyClampMask<>(SB), (NOPTR+RODATA), $32
+GLOBL ·andMask<>(SB), (NOPTR+RODATA), $240
+// No PALIGNR in Go ASM yet (but VPALIGNR is present).
+#define shiftB0Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x04 // PALIGNR $4, X3, X3
+#define shiftB1Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xe4; BYTE $0x04 // PALIGNR $4, X4, X4
+#define shiftB2Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x04 // PALIGNR $4, X5, X5
+#define shiftB3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x04 // PALIGNR $4, X13, X13
+#define shiftC0Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xf6; BYTE $0x08 // PALIGNR $8, X6, X6
+#define shiftC1Left BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x08 // PALIGNR $8, X7, X7
+#define shiftC2Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc0; BYTE $0x08 // PALIGNR $8, X8, X8
+#define shiftC3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xf6; BYTE $0x08 // PALIGNR $8, X14, X14
+#define shiftD0Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc9; BYTE $0x0c // PALIGNR $12, X9, X9
+#define shiftD1Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xd2; BYTE $0x0c // PALIGNR $12, X10, X10
+#define shiftD2Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x0c // PALIGNR $12, X11, X11
+#define shiftD3Left BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x0c // PALIGNR $12, X15, X15
+#define shiftB0Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x0c // PALIGNR $12, X3, X3
+#define shiftB1Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xe4; BYTE $0x0c // PALIGNR $12, X4, X4
+#define shiftB2Right BYTE $0x66; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x0c // PALIGNR $12, X5, X5
+#define shiftB3Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xed; BYTE $0x0c // PALIGNR $12, X13, X13
+#define shiftC0Right shiftC0Left
+#define shiftC1Right shiftC1Left
+#define shiftC2Right shiftC2Left
+#define shiftC3Right shiftC3Left
+#define shiftD0Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xc9; BYTE $0x04 // PALIGNR $4, X9, X9
+#define shiftD1Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xd2; BYTE $0x04 // PALIGNR $4, X10, X10
+#define shiftD2Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xdb; BYTE $0x04 // PALIGNR $4, X11, X11
+#define shiftD3Right BYTE $0x66; BYTE $0x45; BYTE $0x0f; BYTE $0x3a; BYTE $0x0f; BYTE $0xff; BYTE $0x04 // PALIGNR $4, X15, X15
+// Some macros
+#define chachaQR(A, B, C, D, T) \
+ PADDD B, A; PXOR A, D; PSHUFB ·rol16<>(SB), D \
+ PADDD D, C; PXOR C, B; MOVO B, T; PSLLL $12, T; PSRLL $20, B; PXOR T, B \
+ PADDD B, A; PXOR A, D; PSHUFB ·rol8<>(SB), D \
+ PADDD D, C; PXOR C, B; MOVO B, T; PSLLL $7, T; PSRLL $25, B; PXOR T, B
+
+#define chachaQR_AVX2(A, B, C, D, T) \
+ VPADDD B, A, A; VPXOR A, D, D; VPSHUFB ·rol16<>(SB), D, D \
+ VPADDD D, C, C; VPXOR C, B, B; VPSLLD $12, B, T; VPSRLD $20, B, B; VPXOR T, B, B \
+ VPADDD B, A, A; VPXOR A, D, D; VPSHUFB ·rol8<>(SB), D, D \
+ VPADDD D, C, C; VPXOR C, B, B; VPSLLD $7, B, T; VPSRLD $25, B, B; VPXOR T, B, B
+
+#define polyAdd(S) ADDQ S, acc0; ADCQ 8+S, acc1; ADCQ $1, acc2
+#define polyMulStage1 MOVQ (0*8)(BP), AX; MOVQ AX, t2; MULQ acc0; MOVQ AX, t0; MOVQ DX, t1; MOVQ (0*8)(BP), AX; MULQ acc1; IMULQ acc2, t2; ADDQ AX, t1; ADCQ DX, t2
+#define polyMulStage2 MOVQ (1*8)(BP), AX; MOVQ AX, t3; MULQ acc0; ADDQ AX, t1; ADCQ $0, DX; MOVQ DX, acc0; MOVQ (1*8)(BP), AX; MULQ acc1; ADDQ AX, t2; ADCQ $0, DX
+#define polyMulStage3 IMULQ acc2, t3; ADDQ acc0, t2; ADCQ DX, t3
+#define polyMulReduceStage MOVQ t0, acc0; MOVQ t1, acc1; MOVQ t2, acc2; ANDQ $3, acc2; MOVQ t2, t0; ANDQ $-4, t0; MOVQ t3, t1; SHRQ $2, t3, t2; SHRQ $2, t3; ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $0, acc2; ADDQ t2, acc0; ADCQ t3, acc1; ADCQ $0, acc2
+
+#define polyMulStage1_AVX2 MOVQ (0*8)(BP), DX; MOVQ DX, t2; MULXQ acc0, t0, t1; IMULQ acc2, t2; MULXQ acc1, AX, DX; ADDQ AX, t1; ADCQ DX, t2
+#define polyMulStage2_AVX2 MOVQ (1*8)(BP), DX; MULXQ acc0, acc0, AX; ADDQ acc0, t1; MULXQ acc1, acc1, t3; ADCQ acc1, t2; ADCQ $0, t3
+#define polyMulStage3_AVX2 IMULQ acc2, DX; ADDQ AX, t2; ADCQ DX, t3
+
+#define polyMul polyMulStage1; polyMulStage2; polyMulStage3; polyMulReduceStage
+#define polyMulAVX2 polyMulStage1_AVX2; polyMulStage2_AVX2; polyMulStage3_AVX2; polyMulReduceStage
+// ----------------------------------------------------------------------------
+TEXT polyHashADInternal<>(SB), NOSPLIT, $0
+ // adp points to beginning of additional data
+ // itr2 holds ad length
+ XORQ acc0, acc0
+ XORQ acc1, acc1
+ XORQ acc2, acc2
+ CMPQ itr2, $13
+ JNE hashADLoop
+
+openFastTLSAD:
+ // Special treatment for the TLS case of 13 bytes
+ MOVQ (adp), acc0
+ MOVQ 5(adp), acc1
+ SHRQ $24, acc1
+ MOVQ $1, acc2
+ polyMul
+ RET
+
+hashADLoop:
+ // Hash in 16 byte chunks
+ CMPQ itr2, $16
+ JB hashADTail
+ polyAdd(0(adp))
+ LEAQ (1*16)(adp), adp
+ SUBQ $16, itr2
+ polyMul
+ JMP hashADLoop
+
+hashADTail:
+ CMPQ itr2, $0
+ JE hashADDone
+
+ // Hash last < 16 byte tail
+ XORQ t0, t0
+ XORQ t1, t1
+ XORQ t2, t2
+ ADDQ itr2, adp
+
+hashADTailLoop:
+ SHLQ $8, t0, t1
+ SHLQ $8, t0
+ MOVB -1(adp), t2
+ XORQ t2, t0
+ DECQ adp
+ DECQ itr2
+ JNE hashADTailLoop
+
+hashADTailFinish:
+ ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2
+ polyMul
+
+ // Finished AD
+hashADDone:
+ RET
+
+// ----------------------------------------------------------------------------
+// func chacha20Poly1305Open(dst, key, src, ad []byte) bool
+TEXT ·chacha20Poly1305Open(SB), 0, $288-97
+ // For aligned stack access
+ MOVQ SP, BP
+ ADDQ $32, BP
+ ANDQ $-32, BP
+ MOVQ dst+0(FP), oup
+ MOVQ key+24(FP), keyp
+ MOVQ src+48(FP), inp
+ MOVQ src_len+56(FP), inl
+ MOVQ ad+72(FP), adp
+
+ // Check for AVX2 support
+ CMPB ·useAVX2(SB), $1
+ JE chacha20Poly1305Open_AVX2
+
+ // Special optimization, for very short buffers
+ CMPQ inl, $128
+ JBE openSSE128 // About 16% faster
+
+ // For long buffers, prepare the poly key first
+ MOVOU ·chacha20Constants<>(SB), A0
+ MOVOU (1*16)(keyp), B0
+ MOVOU (2*16)(keyp), C0
+ MOVOU (3*16)(keyp), D0
+ MOVO D0, T1
+
+ // Store state on stack for future use
+ MOVO B0, state1Store
+ MOVO C0, state2Store
+ MOVO D0, ctr3Store
+ MOVQ $10, itr2
+
+openSSEPreparePolyKey:
+ chachaQR(A0, B0, C0, D0, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ chachaQR(A0, B0, C0, D0, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+ DECQ itr2
+ JNE openSSEPreparePolyKey
+
+ // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded
+ PADDL ·chacha20Constants<>(SB), A0; PADDL state1Store, B0
+
+ // Clamp and store the key
+ PAND ·polyClampMask<>(SB), A0
+ MOVO A0, rStore; MOVO B0, sStore
+
+ // Hash AAD
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+
+openSSEMainLoop:
+ CMPQ inl, $256
+ JB openSSEMainLoopDone
+
+ // Load state, increment counter blocks
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3
+
+ // Store counters
+ MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store
+
+ // There are 10 ChaCha20 iterations of 2QR each, so for 6 iterations we hash 2 blocks, and for the remaining 4 only 1 block - for a total of 16
+ MOVQ $4, itr1
+ MOVQ inp, itr2
+
+openSSEInternalLoop:
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ polyAdd(0(itr2))
+ shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left
+ shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left
+ shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left
+ polyMulStage1
+ polyMulStage2
+ LEAQ (2*8)(itr2), itr2
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ polyMulStage3
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ polyMulReduceStage
+ shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right
+ shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right
+ shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right
+ DECQ itr1
+ JGE openSSEInternalLoop
+
+ polyAdd(0(itr2))
+ polyMul
+ LEAQ (2*8)(itr2), itr2
+
+ CMPQ itr1, $-6
+ JG openSSEInternalLoop
+
+ // Add in the state
+ PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3
+ PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3
+ PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3
+ PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3
+
+ // Load - xor - store
+ MOVO D3, tmpStore
+ MOVOU (0*16)(inp), D3; PXOR D3, A0; MOVOU A0, (0*16)(oup)
+ MOVOU (1*16)(inp), D3; PXOR D3, B0; MOVOU B0, (1*16)(oup)
+ MOVOU (2*16)(inp), D3; PXOR D3, C0; MOVOU C0, (2*16)(oup)
+ MOVOU (3*16)(inp), D3; PXOR D3, D0; MOVOU D0, (3*16)(oup)
+ MOVOU (4*16)(inp), D0; PXOR D0, A1; MOVOU A1, (4*16)(oup)
+ MOVOU (5*16)(inp), D0; PXOR D0, B1; MOVOU B1, (5*16)(oup)
+ MOVOU (6*16)(inp), D0; PXOR D0, C1; MOVOU C1, (6*16)(oup)
+ MOVOU (7*16)(inp), D0; PXOR D0, D1; MOVOU D1, (7*16)(oup)
+ MOVOU (8*16)(inp), D0; PXOR D0, A2; MOVOU A2, (8*16)(oup)
+ MOVOU (9*16)(inp), D0; PXOR D0, B2; MOVOU B2, (9*16)(oup)
+ MOVOU (10*16)(inp), D0; PXOR D0, C2; MOVOU C2, (10*16)(oup)
+ MOVOU (11*16)(inp), D0; PXOR D0, D2; MOVOU D2, (11*16)(oup)
+ MOVOU (12*16)(inp), D0; PXOR D0, A3; MOVOU A3, (12*16)(oup)
+ MOVOU (13*16)(inp), D0; PXOR D0, B3; MOVOU B3, (13*16)(oup)
+ MOVOU (14*16)(inp), D0; PXOR D0, C3; MOVOU C3, (14*16)(oup)
+ MOVOU (15*16)(inp), D0; PXOR tmpStore, D0; MOVOU D0, (15*16)(oup)
+ LEAQ 256(inp), inp
+ LEAQ 256(oup), oup
+ SUBQ $256, inl
+ JMP openSSEMainLoop
+
+openSSEMainLoopDone:
+ // Handle the various tail sizes efficiently
+ TESTQ inl, inl
+ JE openSSEFinalize
+ CMPQ inl, $64
+ JBE openSSETail64
+ CMPQ inl, $128
+ JBE openSSETail128
+ CMPQ inl, $192
+ JBE openSSETail192
+ JMP openSSETail256
+
+openSSEFinalize:
+ // Hash in the PT, AAD lengths
+ ADDQ ad_len+80(FP), acc0; ADCQ src_len+56(FP), acc1; ADCQ $1, acc2
+ polyMul
+
+ // Final reduce
+ MOVQ acc0, t0
+ MOVQ acc1, t1
+ MOVQ acc2, t2
+ SUBQ $-5, acc0
+ SBBQ $-1, acc1
+ SBBQ $3, acc2
+ CMOVQCS t0, acc0
+ CMOVQCS t1, acc1
+ CMOVQCS t2, acc2
+
+ // Add in the "s" part of the key
+ ADDQ 0+sStore, acc0
+ ADCQ 8+sStore, acc1
+
+ // Finally, constant time compare to the tag at the end of the message
+ XORQ AX, AX
+ MOVQ $1, DX
+ XORQ (0*8)(inp), acc0
+ XORQ (1*8)(inp), acc1
+ ORQ acc1, acc0
+ CMOVQEQ DX, AX
+
+ // Return true iff tags are equal
+ MOVB AX, ret+96(FP)
+ RET
+
+// ----------------------------------------------------------------------------
+// Special optimization for buffers smaller than 129 bytes
+openSSE128:
+ // For up to 128 bytes of ciphertext and 64 bytes for the poly key, we require to process three blocks
+ MOVOU ·chacha20Constants<>(SB), A0; MOVOU (1*16)(keyp), B0; MOVOU (2*16)(keyp), C0; MOVOU (3*16)(keyp), D0
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO B0, T1; MOVO C0, T2; MOVO D1, T3
+ MOVQ $10, itr2
+
+openSSE128InnerCipherLoop:
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Left; shiftB1Left; shiftB2Left
+ shiftC0Left; shiftC1Left; shiftC2Left
+ shiftD0Left; shiftD1Left; shiftD2Left
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Right; shiftB1Right; shiftB2Right
+ shiftC0Right; shiftC1Right; shiftC2Right
+ shiftD0Right; shiftD1Right; shiftD2Right
+ DECQ itr2
+ JNE openSSE128InnerCipherLoop
+
+ // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2
+ PADDL T1, B0; PADDL T1, B1; PADDL T1, B2
+ PADDL T2, C1; PADDL T2, C2
+ PADDL T3, D1; PADDL ·sseIncMask<>(SB), T3; PADDL T3, D2
+
+ // Clamp and store the key
+ PAND ·polyClampMask<>(SB), A0
+ MOVOU A0, rStore; MOVOU B0, sStore
+
+ // Hash
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+
+openSSE128Open:
+ CMPQ inl, $16
+ JB openSSETail16
+ SUBQ $16, inl
+
+ // Load for hashing
+ polyAdd(0(inp))
+
+ // Load for decryption
+ MOVOU (inp), T0; PXOR T0, A1; MOVOU A1, (oup)
+ LEAQ (1*16)(inp), inp
+ LEAQ (1*16)(oup), oup
+ polyMul
+
+ // Shift the stream "left"
+ MOVO B1, A1
+ MOVO C1, B1
+ MOVO D1, C1
+ MOVO A2, D1
+ MOVO B2, A2
+ MOVO C2, B2
+ MOVO D2, C2
+ JMP openSSE128Open
+
+openSSETail16:
+ TESTQ inl, inl
+ JE openSSEFinalize
+
+ // We can safely load the CT from the end, because it is padded with the MAC
+ MOVQ inl, itr2
+ SHLQ $4, itr2
+ LEAQ ·andMask<>(SB), t0
+ MOVOU (inp), T0
+ ADDQ inl, inp
+ PAND -16(t0)(itr2*1), T0
+ MOVO T0, 0+tmpStore
+ MOVQ T0, t0
+ MOVQ 8+tmpStore, t1
+ PXOR A1, T0
+
+ // We can only store one byte at a time, since plaintext can be shorter than 16 bytes
+openSSETail16Store:
+ MOVQ T0, t3
+ MOVB t3, (oup)
+ PSRLDQ $1, T0
+ INCQ oup
+ DECQ inl
+ JNE openSSETail16Store
+ ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2
+ polyMul
+ JMP openSSEFinalize
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 64 bytes of ciphertext
+openSSETail64:
+ // Need to decrypt up to 64 bytes - prepare single block
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store
+ XORQ itr2, itr2
+ MOVQ inl, itr1
+ CMPQ itr1, $16
+ JB openSSETail64LoopB
+
+openSSETail64LoopA:
+ // Perform ChaCha rounds, while hashing the remaining input
+ polyAdd(0(inp)(itr2*1))
+ polyMul
+ SUBQ $16, itr1
+
+openSSETail64LoopB:
+ ADDQ $16, itr2
+ chachaQR(A0, B0, C0, D0, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ chachaQR(A0, B0, C0, D0, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+
+ CMPQ itr1, $16
+ JAE openSSETail64LoopA
+
+ CMPQ itr2, $160
+ JNE openSSETail64LoopB
+
+ PADDL ·chacha20Constants<>(SB), A0; PADDL state1Store, B0; PADDL state2Store, C0; PADDL ctr0Store, D0
+
+openSSETail64DecLoop:
+ CMPQ inl, $16
+ JB openSSETail64DecLoopDone
+ SUBQ $16, inl
+ MOVOU (inp), T0
+ PXOR T0, A0
+ MOVOU A0, (oup)
+ LEAQ 16(inp), inp
+ LEAQ 16(oup), oup
+ MOVO B0, A0
+ MOVO C0, B0
+ MOVO D0, C0
+ JMP openSSETail64DecLoop
+
+openSSETail64DecLoopDone:
+ MOVO A0, A1
+ JMP openSSETail16
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 128 bytes of ciphertext
+openSSETail128:
+ // Need to decrypt up to 128 bytes - prepare two blocks
+ MOVO ·chacha20Constants<>(SB), A1; MOVO state1Store, B1; MOVO state2Store, C1; MOVO ctr3Store, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr0Store
+ MOVO A1, A0; MOVO B1, B0; MOVO C1, C0; MOVO D1, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr1Store
+ XORQ itr2, itr2
+ MOVQ inl, itr1
+ ANDQ $-16, itr1
+
+openSSETail128LoopA:
+ // Perform ChaCha rounds, while hashing the remaining input
+ polyAdd(0(inp)(itr2*1))
+ polyMul
+
+openSSETail128LoopB:
+ ADDQ $16, itr2
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ shiftB1Left; shiftC1Left; shiftD1Left
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+ shiftB1Right; shiftC1Right; shiftD1Right
+
+ CMPQ itr2, itr1
+ JB openSSETail128LoopA
+
+ CMPQ itr2, $160
+ JNE openSSETail128LoopB
+
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1
+ PADDL state1Store, B0; PADDL state1Store, B1
+ PADDL state2Store, C0; PADDL state2Store, C1
+ PADDL ctr1Store, D0; PADDL ctr0Store, D1
+
+ MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3
+ PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1
+ MOVOU A1, (0*16)(oup); MOVOU B1, (1*16)(oup); MOVOU C1, (2*16)(oup); MOVOU D1, (3*16)(oup)
+
+ SUBQ $64, inl
+ LEAQ 64(inp), inp
+ LEAQ 64(oup), oup
+ JMP openSSETail64DecLoop
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 192 bytes of ciphertext
+openSSETail192:
+ // Need to decrypt up to 192 bytes - prepare three blocks
+ MOVO ·chacha20Constants<>(SB), A2; MOVO state1Store, B2; MOVO state2Store, C2; MOVO ctr3Store, D2; PADDL ·sseIncMask<>(SB), D2; MOVO D2, ctr0Store
+ MOVO A2, A1; MOVO B2, B1; MOVO C2, C1; MOVO D2, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store
+ MOVO A1, A0; MOVO B1, B0; MOVO C1, C0; MOVO D1, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr2Store
+
+ MOVQ inl, itr1
+ MOVQ $160, itr2
+ CMPQ itr1, $160
+ CMOVQGT itr2, itr1
+ ANDQ $-16, itr1
+ XORQ itr2, itr2
+
+openSSLTail192LoopA:
+ // Perform ChaCha rounds, while hashing the remaining input
+ polyAdd(0(inp)(itr2*1))
+ polyMul
+
+openSSLTail192LoopB:
+ ADDQ $16, itr2
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ shiftB1Left; shiftC1Left; shiftD1Left
+ shiftB2Left; shiftC2Left; shiftD2Left
+
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+ shiftB1Right; shiftC1Right; shiftD1Right
+ shiftB2Right; shiftC2Right; shiftD2Right
+
+ CMPQ itr2, itr1
+ JB openSSLTail192LoopA
+
+ CMPQ itr2, $160
+ JNE openSSLTail192LoopB
+
+ CMPQ inl, $176
+ JB openSSLTail192Store
+
+ polyAdd(160(inp))
+ polyMul
+
+ CMPQ inl, $192
+ JB openSSLTail192Store
+
+ polyAdd(176(inp))
+ polyMul
+
+openSSLTail192Store:
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2
+ PADDL state1Store, B0; PADDL state1Store, B1; PADDL state1Store, B2
+ PADDL state2Store, C0; PADDL state2Store, C1; PADDL state2Store, C2
+ PADDL ctr2Store, D0; PADDL ctr1Store, D1; PADDL ctr0Store, D2
+
+ MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3
+ PXOR T0, A2; PXOR T1, B2; PXOR T2, C2; PXOR T3, D2
+ MOVOU A2, (0*16)(oup); MOVOU B2, (1*16)(oup); MOVOU C2, (2*16)(oup); MOVOU D2, (3*16)(oup)
+
+ MOVOU (4*16)(inp), T0; MOVOU (5*16)(inp), T1; MOVOU (6*16)(inp), T2; MOVOU (7*16)(inp), T3
+ PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1
+ MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup)
+
+ SUBQ $128, inl
+ LEAQ 128(inp), inp
+ LEAQ 128(oup), oup
+ JMP openSSETail64DecLoop
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 256 bytes of ciphertext
+openSSETail256:
+ // Need to decrypt up to 256 bytes - prepare four blocks
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3
+
+ // Store counters
+ MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store
+ XORQ itr2, itr2
+
+openSSETail256Loop:
+ // This loop inteleaves 8 ChaCha quarter rounds with 1 poly multiplication
+ polyAdd(0(inp)(itr2*1))
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left
+ shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left
+ shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left
+ polyMulStage1
+ polyMulStage2
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ polyMulStage3
+ polyMulReduceStage
+ shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right
+ shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right
+ shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right
+ ADDQ $2*8, itr2
+ CMPQ itr2, $160
+ JB openSSETail256Loop
+ MOVQ inl, itr1
+ ANDQ $-16, itr1
+
+openSSETail256HashLoop:
+ polyAdd(0(inp)(itr2*1))
+ polyMul
+ ADDQ $2*8, itr2
+ CMPQ itr2, itr1
+ JB openSSETail256HashLoop
+
+ // Add in the state
+ PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3
+ PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3
+ PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3
+ PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3
+ MOVO D3, tmpStore
+
+ // Load - xor - store
+ MOVOU (0*16)(inp), D3; PXOR D3, A0
+ MOVOU (1*16)(inp), D3; PXOR D3, B0
+ MOVOU (2*16)(inp), D3; PXOR D3, C0
+ MOVOU (3*16)(inp), D3; PXOR D3, D0
+ MOVOU A0, (0*16)(oup)
+ MOVOU B0, (1*16)(oup)
+ MOVOU C0, (2*16)(oup)
+ MOVOU D0, (3*16)(oup)
+ MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0
+ PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1
+ MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup)
+ MOVOU (8*16)(inp), A0; MOVOU (9*16)(inp), B0; MOVOU (10*16)(inp), C0; MOVOU (11*16)(inp), D0
+ PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2
+ MOVOU A2, (8*16)(oup); MOVOU B2, (9*16)(oup); MOVOU C2, (10*16)(oup); MOVOU D2, (11*16)(oup)
+ LEAQ 192(inp), inp
+ LEAQ 192(oup), oup
+ SUBQ $192, inl
+ MOVO A3, A0
+ MOVO B3, B0
+ MOVO C3, C0
+ MOVO tmpStore, D0
+
+ JMP openSSETail64DecLoop
+
+// ----------------------------------------------------------------------------
+// ------------------------- AVX2 Code ----------------------------------------
+chacha20Poly1305Open_AVX2:
+ VZEROUPPER
+ VMOVDQU ·chacha20Constants<>(SB), AA0
+ BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x70; BYTE $0x10 // broadcasti128 16(r8), ymm14
+ BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x20 // broadcasti128 32(r8), ymm12
+ BYTE $0xc4; BYTE $0xc2; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x30 // broadcasti128 48(r8), ymm4
+ VPADDD ·avx2InitMask<>(SB), DD0, DD0
+
+ // Special optimization, for very short buffers
+ CMPQ inl, $192
+ JBE openAVX2192
+ CMPQ inl, $320
+ JBE openAVX2320
+
+ // For the general key prepare the key first - as a byproduct we have 64 bytes of cipher stream
+ VMOVDQA BB0, state1StoreAVX2
+ VMOVDQA CC0, state2StoreAVX2
+ VMOVDQA DD0, ctr3StoreAVX2
+ MOVQ $10, itr2
+
+openAVX2PreparePolyKey:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0
+ DECQ itr2
+ JNE openAVX2PreparePolyKey
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0
+ VPADDD state1StoreAVX2, BB0, BB0
+ VPADDD state2StoreAVX2, CC0, CC0
+ VPADDD ctr3StoreAVX2, DD0, DD0
+
+ VPERM2I128 $0x02, AA0, BB0, TT0
+
+ // Clamp and store poly key
+ VPAND ·polyClampMask<>(SB), TT0, TT0
+ VMOVDQA TT0, rsStoreAVX2
+
+ // Stream for the first 64 bytes
+ VPERM2I128 $0x13, AA0, BB0, AA0
+ VPERM2I128 $0x13, CC0, DD0, BB0
+
+ // Hash AD + first 64 bytes
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+ XORQ itr1, itr1
+
+openAVX2InitialHash64:
+ polyAdd(0(inp)(itr1*1))
+ polyMulAVX2
+ ADDQ $16, itr1
+ CMPQ itr1, $64
+ JNE openAVX2InitialHash64
+
+ // Decrypt the first 64 bytes
+ VPXOR (0*32)(inp), AA0, AA0
+ VPXOR (1*32)(inp), BB0, BB0
+ VMOVDQU AA0, (0*32)(oup)
+ VMOVDQU BB0, (1*32)(oup)
+ LEAQ (2*32)(inp), inp
+ LEAQ (2*32)(oup), oup
+ SUBQ $64, inl
+
+openAVX2MainLoop:
+ CMPQ inl, $512
+ JB openAVX2MainLoopDone
+
+ // Load state, increment counter blocks, store the incremented counters
+ VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3
+ VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3
+ VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2
+ XORQ itr1, itr1
+
+openAVX2InternalLoop:
+ // Lets just say this spaghetti loop interleaves 2 quarter rounds with 3 poly multiplications
+ // Effectively per 512 bytes of stream we hash 480 bytes of ciphertext
+ polyAdd(0*8(inp)(itr1*1))
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ polyMulStage1_AVX2
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ polyMulStage2_AVX2
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyMulStage3_AVX2
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulReduceStage
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ polyAdd(2*8(inp)(itr1*1))
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ polyMulStage1_AVX2
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulStage2_AVX2
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ polyMulStage3_AVX2
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ polyMulReduceStage
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyAdd(4*8(inp)(itr1*1))
+ LEAQ (6*8)(itr1), itr1
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulStage1_AVX2
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ polyMulStage2_AVX2
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ polyMulStage3_AVX2
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulReduceStage
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3
+ CMPQ itr1, $480
+ JNE openAVX2InternalLoop
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3
+ VMOVDQA CC3, tmpStoreAVX2
+
+ // We only hashed 480 of the 512 bytes available - hash the remaining 32 here
+ polyAdd(480(inp))
+ polyMulAVX2
+ VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0
+ VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0
+ VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup)
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+ VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0
+ VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup)
+
+ // and here
+ polyAdd(496(inp))
+ polyMulAVX2
+ VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0
+ VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0
+ VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup)
+ VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0
+ VPXOR (12*32)(inp), AA0, AA0; VPXOR (13*32)(inp), BB0, BB0; VPXOR (14*32)(inp), CC0, CC0; VPXOR (15*32)(inp), DD0, DD0
+ VMOVDQU AA0, (12*32)(oup); VMOVDQU BB0, (13*32)(oup); VMOVDQU CC0, (14*32)(oup); VMOVDQU DD0, (15*32)(oup)
+ LEAQ (32*16)(inp), inp
+ LEAQ (32*16)(oup), oup
+ SUBQ $(32*16), inl
+ JMP openAVX2MainLoop
+
+openAVX2MainLoopDone:
+ // Handle the various tail sizes efficiently
+ TESTQ inl, inl
+ JE openSSEFinalize
+ CMPQ inl, $128
+ JBE openAVX2Tail128
+ CMPQ inl, $256
+ JBE openAVX2Tail256
+ CMPQ inl, $384
+ JBE openAVX2Tail384
+ JMP openAVX2Tail512
+
+// ----------------------------------------------------------------------------
+// Special optimization for buffers smaller than 193 bytes
+openAVX2192:
+ // For up to 192 bytes of ciphertext and 64 bytes for the poly key, we process four blocks
+ VMOVDQA AA0, AA1
+ VMOVDQA BB0, BB1
+ VMOVDQA CC0, CC1
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA AA0, AA2
+ VMOVDQA BB0, BB2
+ VMOVDQA CC0, CC2
+ VMOVDQA DD0, DD2
+ VMOVDQA DD1, TT3
+ MOVQ $10, itr2
+
+openAVX2192InnerCipherLoop:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1
+ DECQ itr2
+ JNE openAVX2192InnerCipherLoop
+ VPADDD AA2, AA0, AA0; VPADDD AA2, AA1, AA1
+ VPADDD BB2, BB0, BB0; VPADDD BB2, BB1, BB1
+ VPADDD CC2, CC0, CC0; VPADDD CC2, CC1, CC1
+ VPADDD DD2, DD0, DD0; VPADDD TT3, DD1, DD1
+ VPERM2I128 $0x02, AA0, BB0, TT0
+
+ // Clamp and store poly key
+ VPAND ·polyClampMask<>(SB), TT0, TT0
+ VMOVDQA TT0, rsStoreAVX2
+
+ // Stream for up to 192 bytes
+ VPERM2I128 $0x13, AA0, BB0, AA0
+ VPERM2I128 $0x13, CC0, DD0, BB0
+ VPERM2I128 $0x02, AA1, BB1, CC0
+ VPERM2I128 $0x02, CC1, DD1, DD0
+ VPERM2I128 $0x13, AA1, BB1, AA1
+ VPERM2I128 $0x13, CC1, DD1, BB1
+
+openAVX2ShortOpen:
+ // Hash
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+
+openAVX2ShortOpenLoop:
+ CMPQ inl, $32
+ JB openAVX2ShortTail32
+ SUBQ $32, inl
+
+ // Load for hashing
+ polyAdd(0*8(inp))
+ polyMulAVX2
+ polyAdd(2*8(inp))
+ polyMulAVX2
+
+ // Load for decryption
+ VPXOR (inp), AA0, AA0
+ VMOVDQU AA0, (oup)
+ LEAQ (1*32)(inp), inp
+ LEAQ (1*32)(oup), oup
+
+ // Shift stream left
+ VMOVDQA BB0, AA0
+ VMOVDQA CC0, BB0
+ VMOVDQA DD0, CC0
+ VMOVDQA AA1, DD0
+ VMOVDQA BB1, AA1
+ VMOVDQA CC1, BB1
+ VMOVDQA DD1, CC1
+ VMOVDQA AA2, DD1
+ VMOVDQA BB2, AA2
+ JMP openAVX2ShortOpenLoop
+
+openAVX2ShortTail32:
+ CMPQ inl, $16
+ VMOVDQA A0, A1
+ JB openAVX2ShortDone
+
+ SUBQ $16, inl
+
+ // Load for hashing
+ polyAdd(0*8(inp))
+ polyMulAVX2
+
+ // Load for decryption
+ VPXOR (inp), A0, T0
+ VMOVDQU T0, (oup)
+ LEAQ (1*16)(inp), inp
+ LEAQ (1*16)(oup), oup
+ VPERM2I128 $0x11, AA0, AA0, AA0
+ VMOVDQA A0, A1
+
+openAVX2ShortDone:
+ VZEROUPPER
+ JMP openSSETail16
+
+// ----------------------------------------------------------------------------
+// Special optimization for buffers smaller than 321 bytes
+openAVX2320:
+ // For up to 320 bytes of ciphertext and 64 bytes for the poly key, we process six blocks
+ VMOVDQA AA0, AA1; VMOVDQA BB0, BB1; VMOVDQA CC0, CC1; VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA AA0, AA2; VMOVDQA BB0, BB2; VMOVDQA CC0, CC2; VPADDD ·avx2IncMask<>(SB), DD1, DD2
+ VMOVDQA BB0, TT1; VMOVDQA CC0, TT2; VMOVDQA DD0, TT3
+ MOVQ $10, itr2
+
+openAVX2320InnerCipherLoop:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2
+ DECQ itr2
+ JNE openAVX2320InnerCipherLoop
+
+ VMOVDQA ·chacha20Constants<>(SB), TT0
+ VPADDD TT0, AA0, AA0; VPADDD TT0, AA1, AA1; VPADDD TT0, AA2, AA2
+ VPADDD TT1, BB0, BB0; VPADDD TT1, BB1, BB1; VPADDD TT1, BB2, BB2
+ VPADDD TT2, CC0, CC0; VPADDD TT2, CC1, CC1; VPADDD TT2, CC2, CC2
+ VMOVDQA ·avx2IncMask<>(SB), TT0
+ VPADDD TT3, DD0, DD0; VPADDD TT0, TT3, TT3
+ VPADDD TT3, DD1, DD1; VPADDD TT0, TT3, TT3
+ VPADDD TT3, DD2, DD2
+
+ // Clamp and store poly key
+ VPERM2I128 $0x02, AA0, BB0, TT0
+ VPAND ·polyClampMask<>(SB), TT0, TT0
+ VMOVDQA TT0, rsStoreAVX2
+
+ // Stream for up to 320 bytes
+ VPERM2I128 $0x13, AA0, BB0, AA0
+ VPERM2I128 $0x13, CC0, DD0, BB0
+ VPERM2I128 $0x02, AA1, BB1, CC0
+ VPERM2I128 $0x02, CC1, DD1, DD0
+ VPERM2I128 $0x13, AA1, BB1, AA1
+ VPERM2I128 $0x13, CC1, DD1, BB1
+ VPERM2I128 $0x02, AA2, BB2, CC1
+ VPERM2I128 $0x02, CC2, DD2, DD1
+ VPERM2I128 $0x13, AA2, BB2, AA2
+ VPERM2I128 $0x13, CC2, DD2, BB2
+ JMP openAVX2ShortOpen
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 128 bytes of ciphertext
+openAVX2Tail128:
+ // Need to decrypt up to 128 bytes - prepare two blocks
+ VMOVDQA ·chacha20Constants<>(SB), AA1
+ VMOVDQA state1StoreAVX2, BB1
+ VMOVDQA state2StoreAVX2, CC1
+ VMOVDQA ctr3StoreAVX2, DD1
+ VPADDD ·avx2IncMask<>(SB), DD1, DD1
+ VMOVDQA DD1, DD0
+
+ XORQ itr2, itr2
+ MOVQ inl, itr1
+ ANDQ $-16, itr1
+ TESTQ itr1, itr1
+ JE openAVX2Tail128LoopB
+
+openAVX2Tail128LoopA:
+ // Perform ChaCha rounds, while hashing the remaining input
+ polyAdd(0(inp)(itr2*1))
+ polyMulAVX2
+
+openAVX2Tail128LoopB:
+ ADDQ $16, itr2
+ chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $4, BB1, BB1, BB1
+ VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $12, DD1, DD1, DD1
+ chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $12, BB1, BB1, BB1
+ VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $4, DD1, DD1, DD1
+ CMPQ itr2, itr1
+ JB openAVX2Tail128LoopA
+ CMPQ itr2, $160
+ JNE openAVX2Tail128LoopB
+
+ VPADDD ·chacha20Constants<>(SB), AA1, AA1
+ VPADDD state1StoreAVX2, BB1, BB1
+ VPADDD state2StoreAVX2, CC1, CC1
+ VPADDD DD0, DD1, DD1
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+
+openAVX2TailLoop:
+ CMPQ inl, $32
+ JB openAVX2Tail
+ SUBQ $32, inl
+
+ // Load for decryption
+ VPXOR (inp), AA0, AA0
+ VMOVDQU AA0, (oup)
+ LEAQ (1*32)(inp), inp
+ LEAQ (1*32)(oup), oup
+ VMOVDQA BB0, AA0
+ VMOVDQA CC0, BB0
+ VMOVDQA DD0, CC0
+ JMP openAVX2TailLoop
+
+openAVX2Tail:
+ CMPQ inl, $16
+ VMOVDQA A0, A1
+ JB openAVX2TailDone
+ SUBQ $16, inl
+
+ // Load for decryption
+ VPXOR (inp), A0, T0
+ VMOVDQU T0, (oup)
+ LEAQ (1*16)(inp), inp
+ LEAQ (1*16)(oup), oup
+ VPERM2I128 $0x11, AA0, AA0, AA0
+ VMOVDQA A0, A1
+
+openAVX2TailDone:
+ VZEROUPPER
+ JMP openSSETail16
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 256 bytes of ciphertext
+openAVX2Tail256:
+ // Need to decrypt up to 256 bytes - prepare four blocks
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA DD0, TT1
+ VMOVDQA DD1, TT2
+
+ // Compute the number of iterations that will hash data
+ MOVQ inl, tmpStoreAVX2
+ MOVQ inl, itr1
+ SUBQ $128, itr1
+ SHRQ $4, itr1
+ MOVQ $10, itr2
+ CMPQ itr1, $10
+ CMOVQGT itr2, itr1
+ MOVQ inp, inl
+ XORQ itr2, itr2
+
+openAVX2Tail256LoopA:
+ polyAdd(0(inl))
+ polyMulAVX2
+ LEAQ 16(inl), inl
+
+ // Perform ChaCha rounds, while hashing the remaining input
+openAVX2Tail256LoopB:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1
+ INCQ itr2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1
+ CMPQ itr2, itr1
+ JB openAVX2Tail256LoopA
+
+ CMPQ itr2, $10
+ JNE openAVX2Tail256LoopB
+
+ MOVQ inl, itr2
+ SUBQ inp, inl
+ MOVQ inl, itr1
+ MOVQ tmpStoreAVX2, inl
+
+ // Hash the remainder of data (if any)
+openAVX2Tail256Hash:
+ ADDQ $16, itr1
+ CMPQ itr1, inl
+ JGT openAVX2Tail256HashEnd
+ polyAdd (0(itr2))
+ polyMulAVX2
+ LEAQ 16(itr2), itr2
+ JMP openAVX2Tail256Hash
+
+// Store 128 bytes safely, then go to store loop
+openAVX2Tail256HashEnd:
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1
+ VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1
+ VPERM2I128 $0x02, AA0, BB0, AA2; VPERM2I128 $0x02, CC0, DD0, BB2; VPERM2I128 $0x13, AA0, BB0, CC2; VPERM2I128 $0x13, CC0, DD0, DD2
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+
+ VPXOR (0*32)(inp), AA2, AA2; VPXOR (1*32)(inp), BB2, BB2; VPXOR (2*32)(inp), CC2, CC2; VPXOR (3*32)(inp), DD2, DD2
+ VMOVDQU AA2, (0*32)(oup); VMOVDQU BB2, (1*32)(oup); VMOVDQU CC2, (2*32)(oup); VMOVDQU DD2, (3*32)(oup)
+ LEAQ (4*32)(inp), inp
+ LEAQ (4*32)(oup), oup
+ SUBQ $4*32, inl
+
+ JMP openAVX2TailLoop
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 384 bytes of ciphertext
+openAVX2Tail384:
+ // Need to decrypt up to 384 bytes - prepare six blocks
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VPADDD ·avx2IncMask<>(SB), DD1, DD2
+ VMOVDQA DD0, ctr0StoreAVX2
+ VMOVDQA DD1, ctr1StoreAVX2
+ VMOVDQA DD2, ctr2StoreAVX2
+
+ // Compute the number of iterations that will hash two blocks of data
+ MOVQ inl, tmpStoreAVX2
+ MOVQ inl, itr1
+ SUBQ $256, itr1
+ SHRQ $4, itr1
+ ADDQ $6, itr1
+ MOVQ $10, itr2
+ CMPQ itr1, $10
+ CMOVQGT itr2, itr1
+ MOVQ inp, inl
+ XORQ itr2, itr2
+
+ // Perform ChaCha rounds, while hashing the remaining input
+openAVX2Tail384LoopB:
+ polyAdd(0(inl))
+ polyMulAVX2
+ LEAQ 16(inl), inl
+
+openAVX2Tail384LoopA:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2
+ polyAdd(0(inl))
+ polyMulAVX2
+ LEAQ 16(inl), inl
+ INCQ itr2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2
+
+ CMPQ itr2, itr1
+ JB openAVX2Tail384LoopB
+
+ CMPQ itr2, $10
+ JNE openAVX2Tail384LoopA
+
+ MOVQ inl, itr2
+ SUBQ inp, inl
+ MOVQ inl, itr1
+ MOVQ tmpStoreAVX2, inl
+
+openAVX2Tail384Hash:
+ ADDQ $16, itr1
+ CMPQ itr1, inl
+ JGT openAVX2Tail384HashEnd
+ polyAdd(0(itr2))
+ polyMulAVX2
+ LEAQ 16(itr2), itr2
+ JMP openAVX2Tail384Hash
+
+// Store 256 bytes safely, then go to store loop
+openAVX2Tail384HashEnd:
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2
+ VPERM2I128 $0x02, AA0, BB0, TT0; VPERM2I128 $0x02, CC0, DD0, TT1; VPERM2I128 $0x13, AA0, BB0, TT2; VPERM2I128 $0x13, CC0, DD0, TT3
+ VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3
+ VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup)
+ VPERM2I128 $0x02, AA1, BB1, TT0; VPERM2I128 $0x02, CC1, DD1, TT1; VPERM2I128 $0x13, AA1, BB1, TT2; VPERM2I128 $0x13, CC1, DD1, TT3
+ VPXOR (4*32)(inp), TT0, TT0; VPXOR (5*32)(inp), TT1, TT1; VPXOR (6*32)(inp), TT2, TT2; VPXOR (7*32)(inp), TT3, TT3
+ VMOVDQU TT0, (4*32)(oup); VMOVDQU TT1, (5*32)(oup); VMOVDQU TT2, (6*32)(oup); VMOVDQU TT3, (7*32)(oup)
+ VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0
+ LEAQ (8*32)(inp), inp
+ LEAQ (8*32)(oup), oup
+ SUBQ $8*32, inl
+ JMP openAVX2TailLoop
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 512 bytes of ciphertext
+openAVX2Tail512:
+ VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3
+ VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3
+ VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2
+ XORQ itr1, itr1
+ MOVQ inp, itr2
+
+openAVX2Tail512LoopB:
+ polyAdd(0(itr2))
+ polyMulAVX2
+ LEAQ (2*8)(itr2), itr2
+
+openAVX2Tail512LoopA:
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyAdd(0*8(itr2))
+ polyMulAVX2
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyAdd(2*8(itr2))
+ polyMulAVX2
+ LEAQ (4*8)(itr2), itr2
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3
+ INCQ itr1
+ CMPQ itr1, $4
+ JLT openAVX2Tail512LoopB
+
+ CMPQ itr1, $10
+ JNE openAVX2Tail512LoopA
+
+ MOVQ inl, itr1
+ SUBQ $384, itr1
+ ANDQ $-16, itr1
+
+openAVX2Tail512HashLoop:
+ TESTQ itr1, itr1
+ JE openAVX2Tail512HashEnd
+ polyAdd(0(itr2))
+ polyMulAVX2
+ LEAQ 16(itr2), itr2
+ SUBQ $16, itr1
+ JMP openAVX2Tail512HashLoop
+
+openAVX2Tail512HashEnd:
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0
+ VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0
+ VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup)
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+ VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0
+ VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup)
+ VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0
+ VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0
+ VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup)
+ VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0
+
+ LEAQ (12*32)(inp), inp
+ LEAQ (12*32)(oup), oup
+ SUBQ $12*32, inl
+
+ JMP openAVX2TailLoop
+
+// ----------------------------------------------------------------------------
+// ----------------------------------------------------------------------------
+// func chacha20Poly1305Seal(dst, key, src, ad []byte)
+TEXT ·chacha20Poly1305Seal(SB), 0, $288-96
+ // For aligned stack access
+ MOVQ SP, BP
+ ADDQ $32, BP
+ ANDQ $-32, BP
+ MOVQ dst+0(FP), oup
+ MOVQ key+24(FP), keyp
+ MOVQ src+48(FP), inp
+ MOVQ src_len+56(FP), inl
+ MOVQ ad+72(FP), adp
+
+ CMPB ·useAVX2(SB), $1
+ JE chacha20Poly1305Seal_AVX2
+
+ // Special optimization, for very short buffers
+ CMPQ inl, $128
+ JBE sealSSE128 // About 15% faster
+
+ // In the seal case - prepare the poly key + 3 blocks of stream in the first iteration
+ MOVOU ·chacha20Constants<>(SB), A0
+ MOVOU (1*16)(keyp), B0
+ MOVOU (2*16)(keyp), C0
+ MOVOU (3*16)(keyp), D0
+
+ // Store state on stack for future use
+ MOVO B0, state1Store
+ MOVO C0, state2Store
+
+ // Load state, increment counter blocks
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3
+
+ // Store counters
+ MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store
+ MOVQ $10, itr2
+
+sealSSEIntroLoop:
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left
+ shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left
+ shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left
+
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right
+ shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right
+ shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right
+ DECQ itr2
+ JNE sealSSEIntroLoop
+
+ // Add in the state
+ PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3
+ PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3
+ PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3
+ PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3
+
+ // Clamp and store the key
+ PAND ·polyClampMask<>(SB), A0
+ MOVO A0, rStore
+ MOVO B0, sStore
+
+ // Hash AAD
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+
+ MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0
+ PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1
+ MOVOU A1, (0*16)(oup); MOVOU B1, (1*16)(oup); MOVOU C1, (2*16)(oup); MOVOU D1, (3*16)(oup)
+ MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0
+ PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2
+ MOVOU A2, (4*16)(oup); MOVOU B2, (5*16)(oup); MOVOU C2, (6*16)(oup); MOVOU D2, (7*16)(oup)
+
+ MOVQ $128, itr1
+ SUBQ $128, inl
+ LEAQ 128(inp), inp
+
+ MOVO A3, A1; MOVO B3, B1; MOVO C3, C1; MOVO D3, D1
+
+ CMPQ inl, $64
+ JBE sealSSE128SealHash
+
+ MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0
+ PXOR A0, A3; PXOR B0, B3; PXOR C0, C3; PXOR D0, D3
+ MOVOU A3, (8*16)(oup); MOVOU B3, (9*16)(oup); MOVOU C3, (10*16)(oup); MOVOU D3, (11*16)(oup)
+
+ ADDQ $64, itr1
+ SUBQ $64, inl
+ LEAQ 64(inp), inp
+
+ MOVQ $2, itr1
+ MOVQ $8, itr2
+
+ CMPQ inl, $64
+ JBE sealSSETail64
+ CMPQ inl, $128
+ JBE sealSSETail128
+ CMPQ inl, $192
+ JBE sealSSETail192
+
+sealSSEMainLoop:
+ // Load state, increment counter blocks
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO A2, A3; MOVO B2, B3; MOVO C2, C3; MOVO D2, D3; PADDL ·sseIncMask<>(SB), D3
+
+ // Store counters
+ MOVO D0, ctr0Store; MOVO D1, ctr1Store; MOVO D2, ctr2Store; MOVO D3, ctr3Store
+
+sealSSEInnerLoop:
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ polyAdd(0(oup))
+ shiftB0Left; shiftB1Left; shiftB2Left; shiftB3Left
+ shiftC0Left; shiftC1Left; shiftC2Left; shiftC3Left
+ shiftD0Left; shiftD1Left; shiftD2Left; shiftD3Left
+ polyMulStage1
+ polyMulStage2
+ LEAQ (2*8)(oup), oup
+ MOVO C3, tmpStore
+ chachaQR(A0, B0, C0, D0, C3); chachaQR(A1, B1, C1, D1, C3); chachaQR(A2, B2, C2, D2, C3)
+ MOVO tmpStore, C3
+ MOVO C1, tmpStore
+ polyMulStage3
+ chachaQR(A3, B3, C3, D3, C1)
+ MOVO tmpStore, C1
+ polyMulReduceStage
+ shiftB0Right; shiftB1Right; shiftB2Right; shiftB3Right
+ shiftC0Right; shiftC1Right; shiftC2Right; shiftC3Right
+ shiftD0Right; shiftD1Right; shiftD2Right; shiftD3Right
+ DECQ itr2
+ JGE sealSSEInnerLoop
+ polyAdd(0(oup))
+ polyMul
+ LEAQ (2*8)(oup), oup
+ DECQ itr1
+ JG sealSSEInnerLoop
+
+ // Add in the state
+ PADDD ·chacha20Constants<>(SB), A0; PADDD ·chacha20Constants<>(SB), A1; PADDD ·chacha20Constants<>(SB), A2; PADDD ·chacha20Constants<>(SB), A3
+ PADDD state1Store, B0; PADDD state1Store, B1; PADDD state1Store, B2; PADDD state1Store, B3
+ PADDD state2Store, C0; PADDD state2Store, C1; PADDD state2Store, C2; PADDD state2Store, C3
+ PADDD ctr0Store, D0; PADDD ctr1Store, D1; PADDD ctr2Store, D2; PADDD ctr3Store, D3
+ MOVO D3, tmpStore
+
+ // Load - xor - store
+ MOVOU (0*16)(inp), D3; PXOR D3, A0
+ MOVOU (1*16)(inp), D3; PXOR D3, B0
+ MOVOU (2*16)(inp), D3; PXOR D3, C0
+ MOVOU (3*16)(inp), D3; PXOR D3, D0
+ MOVOU A0, (0*16)(oup)
+ MOVOU B0, (1*16)(oup)
+ MOVOU C0, (2*16)(oup)
+ MOVOU D0, (3*16)(oup)
+ MOVO tmpStore, D3
+
+ MOVOU (4*16)(inp), A0; MOVOU (5*16)(inp), B0; MOVOU (6*16)(inp), C0; MOVOU (7*16)(inp), D0
+ PXOR A0, A1; PXOR B0, B1; PXOR C0, C1; PXOR D0, D1
+ MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup)
+ MOVOU (8*16)(inp), A0; MOVOU (9*16)(inp), B0; MOVOU (10*16)(inp), C0; MOVOU (11*16)(inp), D0
+ PXOR A0, A2; PXOR B0, B2; PXOR C0, C2; PXOR D0, D2
+ MOVOU A2, (8*16)(oup); MOVOU B2, (9*16)(oup); MOVOU C2, (10*16)(oup); MOVOU D2, (11*16)(oup)
+ ADDQ $192, inp
+ MOVQ $192, itr1
+ SUBQ $192, inl
+ MOVO A3, A1
+ MOVO B3, B1
+ MOVO C3, C1
+ MOVO D3, D1
+ CMPQ inl, $64
+ JBE sealSSE128SealHash
+ MOVOU (0*16)(inp), A0; MOVOU (1*16)(inp), B0; MOVOU (2*16)(inp), C0; MOVOU (3*16)(inp), D0
+ PXOR A0, A3; PXOR B0, B3; PXOR C0, C3; PXOR D0, D3
+ MOVOU A3, (12*16)(oup); MOVOU B3, (13*16)(oup); MOVOU C3, (14*16)(oup); MOVOU D3, (15*16)(oup)
+ LEAQ 64(inp), inp
+ SUBQ $64, inl
+ MOVQ $6, itr1
+ MOVQ $4, itr2
+ CMPQ inl, $192
+ JG sealSSEMainLoop
+
+ MOVQ inl, itr1
+ TESTQ inl, inl
+ JE sealSSE128SealHash
+ MOVQ $6, itr1
+ CMPQ inl, $64
+ JBE sealSSETail64
+ CMPQ inl, $128
+ JBE sealSSETail128
+ JMP sealSSETail192
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 64 bytes of plaintext
+sealSSETail64:
+ // Need to encrypt up to 64 bytes - prepare single block, hash 192 or 256 bytes
+ MOVO ·chacha20Constants<>(SB), A1
+ MOVO state1Store, B1
+ MOVO state2Store, C1
+ MOVO ctr3Store, D1
+ PADDL ·sseIncMask<>(SB), D1
+ MOVO D1, ctr0Store
+
+sealSSETail64LoopA:
+ // Perform ChaCha rounds, while hashing the previously encrypted ciphertext
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealSSETail64LoopB:
+ chachaQR(A1, B1, C1, D1, T1)
+ shiftB1Left; shiftC1Left; shiftD1Left
+ chachaQR(A1, B1, C1, D1, T1)
+ shiftB1Right; shiftC1Right; shiftD1Right
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+ DECQ itr1
+ JG sealSSETail64LoopA
+
+ DECQ itr2
+ JGE sealSSETail64LoopB
+ PADDL ·chacha20Constants<>(SB), A1
+ PADDL state1Store, B1
+ PADDL state2Store, C1
+ PADDL ctr0Store, D1
+
+ JMP sealSSE128Seal
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 128 bytes of plaintext
+sealSSETail128:
+ // Need to encrypt up to 128 bytes - prepare two blocks, hash 192 or 256 bytes
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store
+
+sealSSETail128LoopA:
+ // Perform ChaCha rounds, while hashing the previously encrypted ciphertext
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealSSETail128LoopB:
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ shiftB1Left; shiftC1Left; shiftD1Left
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+ shiftB1Right; shiftC1Right; shiftD1Right
+
+ DECQ itr1
+ JG sealSSETail128LoopA
+
+ DECQ itr2
+ JGE sealSSETail128LoopB
+
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1
+ PADDL state1Store, B0; PADDL state1Store, B1
+ PADDL state2Store, C0; PADDL state2Store, C1
+ PADDL ctr0Store, D0; PADDL ctr1Store, D1
+
+ MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3
+ PXOR T0, A0; PXOR T1, B0; PXOR T2, C0; PXOR T3, D0
+ MOVOU A0, (0*16)(oup); MOVOU B0, (1*16)(oup); MOVOU C0, (2*16)(oup); MOVOU D0, (3*16)(oup)
+
+ MOVQ $64, itr1
+ LEAQ 64(inp), inp
+ SUBQ $64, inl
+
+ JMP sealSSE128SealHash
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 192 bytes of plaintext
+sealSSETail192:
+ // Need to encrypt up to 192 bytes - prepare three blocks, hash 192 or 256 bytes
+ MOVO ·chacha20Constants<>(SB), A0; MOVO state1Store, B0; MOVO state2Store, C0; MOVO ctr3Store, D0; PADDL ·sseIncMask<>(SB), D0; MOVO D0, ctr0Store
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1; MOVO D1, ctr1Store
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2; MOVO D2, ctr2Store
+
+sealSSETail192LoopA:
+ // Perform ChaCha rounds, while hashing the previously encrypted ciphertext
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealSSETail192LoopB:
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Left; shiftC0Left; shiftD0Left
+ shiftB1Left; shiftC1Left; shiftD1Left
+ shiftB2Left; shiftC2Left; shiftD2Left
+
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Right; shiftC0Right; shiftD0Right
+ shiftB1Right; shiftC1Right; shiftD1Right
+ shiftB2Right; shiftC2Right; shiftD2Right
+
+ DECQ itr1
+ JG sealSSETail192LoopA
+
+ DECQ itr2
+ JGE sealSSETail192LoopB
+
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2
+ PADDL state1Store, B0; PADDL state1Store, B1; PADDL state1Store, B2
+ PADDL state2Store, C0; PADDL state2Store, C1; PADDL state2Store, C2
+ PADDL ctr0Store, D0; PADDL ctr1Store, D1; PADDL ctr2Store, D2
+
+ MOVOU (0*16)(inp), T0; MOVOU (1*16)(inp), T1; MOVOU (2*16)(inp), T2; MOVOU (3*16)(inp), T3
+ PXOR T0, A0; PXOR T1, B0; PXOR T2, C0; PXOR T3, D0
+ MOVOU A0, (0*16)(oup); MOVOU B0, (1*16)(oup); MOVOU C0, (2*16)(oup); MOVOU D0, (3*16)(oup)
+ MOVOU (4*16)(inp), T0; MOVOU (5*16)(inp), T1; MOVOU (6*16)(inp), T2; MOVOU (7*16)(inp), T3
+ PXOR T0, A1; PXOR T1, B1; PXOR T2, C1; PXOR T3, D1
+ MOVOU A1, (4*16)(oup); MOVOU B1, (5*16)(oup); MOVOU C1, (6*16)(oup); MOVOU D1, (7*16)(oup)
+
+ MOVO A2, A1
+ MOVO B2, B1
+ MOVO C2, C1
+ MOVO D2, D1
+ MOVQ $128, itr1
+ LEAQ 128(inp), inp
+ SUBQ $128, inl
+
+ JMP sealSSE128SealHash
+
+// ----------------------------------------------------------------------------
+// Special seal optimization for buffers smaller than 129 bytes
+sealSSE128:
+ // For up to 128 bytes of ciphertext and 64 bytes for the poly key, we require to process three blocks
+ MOVOU ·chacha20Constants<>(SB), A0; MOVOU (1*16)(keyp), B0; MOVOU (2*16)(keyp), C0; MOVOU (3*16)(keyp), D0
+ MOVO A0, A1; MOVO B0, B1; MOVO C0, C1; MOVO D0, D1; PADDL ·sseIncMask<>(SB), D1
+ MOVO A1, A2; MOVO B1, B2; MOVO C1, C2; MOVO D1, D2; PADDL ·sseIncMask<>(SB), D2
+ MOVO B0, T1; MOVO C0, T2; MOVO D1, T3
+ MOVQ $10, itr2
+
+sealSSE128InnerCipherLoop:
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Left; shiftB1Left; shiftB2Left
+ shiftC0Left; shiftC1Left; shiftC2Left
+ shiftD0Left; shiftD1Left; shiftD2Left
+ chachaQR(A0, B0, C0, D0, T0); chachaQR(A1, B1, C1, D1, T0); chachaQR(A2, B2, C2, D2, T0)
+ shiftB0Right; shiftB1Right; shiftB2Right
+ shiftC0Right; shiftC1Right; shiftC2Right
+ shiftD0Right; shiftD1Right; shiftD2Right
+ DECQ itr2
+ JNE sealSSE128InnerCipherLoop
+
+ // A0|B0 hold the Poly1305 32-byte key, C0,D0 can be discarded
+ PADDL ·chacha20Constants<>(SB), A0; PADDL ·chacha20Constants<>(SB), A1; PADDL ·chacha20Constants<>(SB), A2
+ PADDL T1, B0; PADDL T1, B1; PADDL T1, B2
+ PADDL T2, C1; PADDL T2, C2
+ PADDL T3, D1; PADDL ·sseIncMask<>(SB), T3; PADDL T3, D2
+ PAND ·polyClampMask<>(SB), A0
+ MOVOU A0, rStore
+ MOVOU B0, sStore
+
+ // Hash
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+ XORQ itr1, itr1
+
+sealSSE128SealHash:
+ // itr1 holds the number of bytes encrypted but not yet hashed
+ CMPQ itr1, $16
+ JB sealSSE128Seal
+ polyAdd(0(oup))
+ polyMul
+
+ SUBQ $16, itr1
+ ADDQ $16, oup
+
+ JMP sealSSE128SealHash
+
+sealSSE128Seal:
+ CMPQ inl, $16
+ JB sealSSETail
+ SUBQ $16, inl
+
+ // Load for decryption
+ MOVOU (inp), T0
+ PXOR T0, A1
+ MOVOU A1, (oup)
+ LEAQ (1*16)(inp), inp
+ LEAQ (1*16)(oup), oup
+
+ // Extract for hashing
+ MOVQ A1, t0
+ PSRLDQ $8, A1
+ MOVQ A1, t1
+ ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2
+ polyMul
+
+ // Shift the stream "left"
+ MOVO B1, A1
+ MOVO C1, B1
+ MOVO D1, C1
+ MOVO A2, D1
+ MOVO B2, A2
+ MOVO C2, B2
+ MOVO D2, C2
+ JMP sealSSE128Seal
+
+sealSSETail:
+ TESTQ inl, inl
+ JE sealSSEFinalize
+
+ // We can only load the PT one byte at a time to avoid read after end of buffer
+ MOVQ inl, itr2
+ SHLQ $4, itr2
+ LEAQ ·andMask<>(SB), t0
+ MOVQ inl, itr1
+ LEAQ -1(inp)(inl*1), inp
+ XORQ t2, t2
+ XORQ t3, t3
+ XORQ AX, AX
+
+sealSSETailLoadLoop:
+ SHLQ $8, t2, t3
+ SHLQ $8, t2
+ MOVB (inp), AX
+ XORQ AX, t2
+ LEAQ -1(inp), inp
+ DECQ itr1
+ JNE sealSSETailLoadLoop
+ MOVQ t2, 0+tmpStore
+ MOVQ t3, 8+tmpStore
+ PXOR 0+tmpStore, A1
+ MOVOU A1, (oup)
+ MOVOU -16(t0)(itr2*1), T0
+ PAND T0, A1
+ MOVQ A1, t0
+ PSRLDQ $8, A1
+ MOVQ A1, t1
+ ADDQ t0, acc0; ADCQ t1, acc1; ADCQ $1, acc2
+ polyMul
+
+ ADDQ inl, oup
+
+sealSSEFinalize:
+ // Hash in the buffer lengths
+ ADDQ ad_len+80(FP), acc0
+ ADCQ src_len+56(FP), acc1
+ ADCQ $1, acc2
+ polyMul
+
+ // Final reduce
+ MOVQ acc0, t0
+ MOVQ acc1, t1
+ MOVQ acc2, t2
+ SUBQ $-5, acc0
+ SBBQ $-1, acc1
+ SBBQ $3, acc2
+ CMOVQCS t0, acc0
+ CMOVQCS t1, acc1
+ CMOVQCS t2, acc2
+
+ // Add in the "s" part of the key
+ ADDQ 0+sStore, acc0
+ ADCQ 8+sStore, acc1
+
+ // Finally store the tag at the end of the message
+ MOVQ acc0, (0*8)(oup)
+ MOVQ acc1, (1*8)(oup)
+ RET
+
+// ----------------------------------------------------------------------------
+// ------------------------- AVX2 Code ----------------------------------------
+chacha20Poly1305Seal_AVX2:
+ VZEROUPPER
+ VMOVDQU ·chacha20Constants<>(SB), AA0
+ BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x70; BYTE $0x10 // broadcasti128 16(r8), ymm14
+ BYTE $0xc4; BYTE $0x42; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x20 // broadcasti128 32(r8), ymm12
+ BYTE $0xc4; BYTE $0xc2; BYTE $0x7d; BYTE $0x5a; BYTE $0x60; BYTE $0x30 // broadcasti128 48(r8), ymm4
+ VPADDD ·avx2InitMask<>(SB), DD0, DD0
+
+ // Special optimizations, for very short buffers
+ CMPQ inl, $192
+ JBE seal192AVX2 // 33% faster
+ CMPQ inl, $320
+ JBE seal320AVX2 // 17% faster
+
+ // For the general key prepare the key first - as a byproduct we have 64 bytes of cipher stream
+ VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3; VMOVDQA BB0, state1StoreAVX2
+ VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3; VMOVDQA CC0, state2StoreAVX2
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1; VMOVDQA DD0, ctr0StoreAVX2
+ VPADDD ·avx2IncMask<>(SB), DD1, DD2; VMOVDQA DD1, ctr1StoreAVX2
+ VPADDD ·avx2IncMask<>(SB), DD2, DD3; VMOVDQA DD2, ctr2StoreAVX2
+ VMOVDQA DD3, ctr3StoreAVX2
+ MOVQ $10, itr2
+
+sealAVX2IntroLoop:
+ VMOVDQA CC3, tmpStoreAVX2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3)
+ VMOVDQA tmpStoreAVX2, CC3
+ VMOVDQA CC1, tmpStoreAVX2
+ chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1)
+ VMOVDQA tmpStoreAVX2, CC1
+
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0
+ VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $12, DD1, DD1, DD1
+ VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $12, DD2, DD2, DD2
+ VPALIGNR $4, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $12, DD3, DD3, DD3
+
+ VMOVDQA CC3, tmpStoreAVX2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3)
+ VMOVDQA tmpStoreAVX2, CC3
+ VMOVDQA CC1, tmpStoreAVX2
+ chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1)
+ VMOVDQA tmpStoreAVX2, CC1
+
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0
+ VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $4, DD1, DD1, DD1
+ VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $4, DD2, DD2, DD2
+ VPALIGNR $12, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $4, DD3, DD3, DD3
+ DECQ itr2
+ JNE sealAVX2IntroLoop
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3
+
+ VPERM2I128 $0x13, CC0, DD0, CC0 // Stream bytes 96 - 127
+ VPERM2I128 $0x02, AA0, BB0, DD0 // The Poly1305 key
+ VPERM2I128 $0x13, AA0, BB0, AA0 // Stream bytes 64 - 95
+
+ // Clamp and store poly key
+ VPAND ·polyClampMask<>(SB), DD0, DD0
+ VMOVDQA DD0, rsStoreAVX2
+
+ // Hash AD
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+
+ // Can store at least 320 bytes
+ VPXOR (0*32)(inp), AA0, AA0
+ VPXOR (1*32)(inp), CC0, CC0
+ VMOVDQU AA0, (0*32)(oup)
+ VMOVDQU CC0, (1*32)(oup)
+
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+ VPXOR (2*32)(inp), AA0, AA0; VPXOR (3*32)(inp), BB0, BB0; VPXOR (4*32)(inp), CC0, CC0; VPXOR (5*32)(inp), DD0, DD0
+ VMOVDQU AA0, (2*32)(oup); VMOVDQU BB0, (3*32)(oup); VMOVDQU CC0, (4*32)(oup); VMOVDQU DD0, (5*32)(oup)
+ VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0
+ VPXOR (6*32)(inp), AA0, AA0; VPXOR (7*32)(inp), BB0, BB0; VPXOR (8*32)(inp), CC0, CC0; VPXOR (9*32)(inp), DD0, DD0
+ VMOVDQU AA0, (6*32)(oup); VMOVDQU BB0, (7*32)(oup); VMOVDQU CC0, (8*32)(oup); VMOVDQU DD0, (9*32)(oup)
+
+ MOVQ $320, itr1
+ SUBQ $320, inl
+ LEAQ 320(inp), inp
+
+ VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, CC3, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, CC3, DD3, DD0
+ CMPQ inl, $128
+ JBE sealAVX2SealHash
+
+ VPXOR (0*32)(inp), AA0, AA0; VPXOR (1*32)(inp), BB0, BB0; VPXOR (2*32)(inp), CC0, CC0; VPXOR (3*32)(inp), DD0, DD0
+ VMOVDQU AA0, (10*32)(oup); VMOVDQU BB0, (11*32)(oup); VMOVDQU CC0, (12*32)(oup); VMOVDQU DD0, (13*32)(oup)
+ SUBQ $128, inl
+ LEAQ 128(inp), inp
+
+ MOVQ $8, itr1
+ MOVQ $2, itr2
+
+ CMPQ inl, $128
+ JBE sealAVX2Tail128
+ CMPQ inl, $256
+ JBE sealAVX2Tail256
+ CMPQ inl, $384
+ JBE sealAVX2Tail384
+ CMPQ inl, $512
+ JBE sealAVX2Tail512
+
+ // We have 448 bytes to hash, but main loop hashes 512 bytes at a time - perform some rounds, before the main loop
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3
+ VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2
+
+ VMOVDQA CC3, tmpStoreAVX2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3)
+ VMOVDQA tmpStoreAVX2, CC3
+ VMOVDQA CC1, tmpStoreAVX2
+ chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1)
+ VMOVDQA tmpStoreAVX2, CC1
+
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $12, DD0, DD0, DD0
+ VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $12, DD1, DD1, DD1
+ VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $12, DD2, DD2, DD2
+ VPALIGNR $4, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $12, DD3, DD3, DD3
+
+ VMOVDQA CC3, tmpStoreAVX2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, CC3); chachaQR_AVX2(AA1, BB1, CC1, DD1, CC3); chachaQR_AVX2(AA2, BB2, CC2, DD2, CC3)
+ VMOVDQA tmpStoreAVX2, CC3
+ VMOVDQA CC1, tmpStoreAVX2
+ chachaQR_AVX2(AA3, BB3, CC3, DD3, CC1)
+ VMOVDQA tmpStoreAVX2, CC1
+
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $4, DD0, DD0, DD0
+ VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $4, DD1, DD1, DD1
+ VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $4, DD2, DD2, DD2
+ VPALIGNR $12, BB3, BB3, BB3; VPALIGNR $8, CC3, CC3, CC3; VPALIGNR $4, DD3, DD3, DD3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+
+ SUBQ $16, oup // Adjust the pointer
+ MOVQ $9, itr1
+ JMP sealAVX2InternalLoopStart
+
+sealAVX2MainLoop:
+ // Load state, increment counter blocks, store the incremented counters
+ VMOVDQU ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3
+ VMOVDQA ctr3StoreAVX2, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3
+ VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2
+ MOVQ $10, itr1
+
+sealAVX2InternalLoop:
+ polyAdd(0*8(oup))
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ polyMulStage1_AVX2
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ polyMulStage2_AVX2
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyMulStage3_AVX2
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulReduceStage
+
+sealAVX2InternalLoopStart:
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ polyAdd(2*8(oup))
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ polyMulStage1_AVX2
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulStage2_AVX2
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ polyMulStage3_AVX2
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ polyMulReduceStage
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyAdd(4*8(oup))
+ LEAQ (6*8)(oup), oup
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulStage1_AVX2
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ polyMulStage2_AVX2
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ polyMulStage3_AVX2
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyMulReduceStage
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3
+ DECQ itr1
+ JNE sealAVX2InternalLoop
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3
+ VMOVDQA CC3, tmpStoreAVX2
+
+ // We only hashed 480 of the 512 bytes available - hash the remaining 32 here
+ polyAdd(0*8(oup))
+ polyMulAVX2
+ LEAQ (4*8)(oup), oup
+ VPERM2I128 $0x02, AA0, BB0, CC3; VPERM2I128 $0x13, AA0, BB0, BB0; VPERM2I128 $0x02, CC0, DD0, AA0; VPERM2I128 $0x13, CC0, DD0, CC0
+ VPXOR (0*32)(inp), CC3, CC3; VPXOR (1*32)(inp), AA0, AA0; VPXOR (2*32)(inp), BB0, BB0; VPXOR (3*32)(inp), CC0, CC0
+ VMOVDQU CC3, (0*32)(oup); VMOVDQU AA0, (1*32)(oup); VMOVDQU BB0, (2*32)(oup); VMOVDQU CC0, (3*32)(oup)
+ VPERM2I128 $0x02, AA1, BB1, AA0; VPERM2I128 $0x02, CC1, DD1, BB0; VPERM2I128 $0x13, AA1, BB1, CC0; VPERM2I128 $0x13, CC1, DD1, DD0
+ VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0
+ VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup)
+
+ // and here
+ polyAdd(-2*8(oup))
+ polyMulAVX2
+ VPERM2I128 $0x02, AA2, BB2, AA0; VPERM2I128 $0x02, CC2, DD2, BB0; VPERM2I128 $0x13, AA2, BB2, CC0; VPERM2I128 $0x13, CC2, DD2, DD0
+ VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0
+ VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup)
+ VPERM2I128 $0x02, AA3, BB3, AA0; VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0; VPERM2I128 $0x13, AA3, BB3, CC0; VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0
+ VPXOR (12*32)(inp), AA0, AA0; VPXOR (13*32)(inp), BB0, BB0; VPXOR (14*32)(inp), CC0, CC0; VPXOR (15*32)(inp), DD0, DD0
+ VMOVDQU AA0, (12*32)(oup); VMOVDQU BB0, (13*32)(oup); VMOVDQU CC0, (14*32)(oup); VMOVDQU DD0, (15*32)(oup)
+ LEAQ (32*16)(inp), inp
+ SUBQ $(32*16), inl
+ CMPQ inl, $512
+ JG sealAVX2MainLoop
+
+ // Tail can only hash 480 bytes
+ polyAdd(0*8(oup))
+ polyMulAVX2
+ polyAdd(2*8(oup))
+ polyMulAVX2
+ LEAQ 32(oup), oup
+
+ MOVQ $10, itr1
+ MOVQ $0, itr2
+ CMPQ inl, $128
+ JBE sealAVX2Tail128
+ CMPQ inl, $256
+ JBE sealAVX2Tail256
+ CMPQ inl, $384
+ JBE sealAVX2Tail384
+ JMP sealAVX2Tail512
+
+// ----------------------------------------------------------------------------
+// Special optimization for buffers smaller than 193 bytes
+seal192AVX2:
+ // For up to 192 bytes of ciphertext and 64 bytes for the poly key, we process four blocks
+ VMOVDQA AA0, AA1
+ VMOVDQA BB0, BB1
+ VMOVDQA CC0, CC1
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA AA0, AA2
+ VMOVDQA BB0, BB2
+ VMOVDQA CC0, CC2
+ VMOVDQA DD0, DD2
+ VMOVDQA DD1, TT3
+ MOVQ $10, itr2
+
+sealAVX2192InnerCipherLoop:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1
+ DECQ itr2
+ JNE sealAVX2192InnerCipherLoop
+ VPADDD AA2, AA0, AA0; VPADDD AA2, AA1, AA1
+ VPADDD BB2, BB0, BB0; VPADDD BB2, BB1, BB1
+ VPADDD CC2, CC0, CC0; VPADDD CC2, CC1, CC1
+ VPADDD DD2, DD0, DD0; VPADDD TT3, DD1, DD1
+ VPERM2I128 $0x02, AA0, BB0, TT0
+
+ // Clamp and store poly key
+ VPAND ·polyClampMask<>(SB), TT0, TT0
+ VMOVDQA TT0, rsStoreAVX2
+
+ // Stream for up to 192 bytes
+ VPERM2I128 $0x13, AA0, BB0, AA0
+ VPERM2I128 $0x13, CC0, DD0, BB0
+ VPERM2I128 $0x02, AA1, BB1, CC0
+ VPERM2I128 $0x02, CC1, DD1, DD0
+ VPERM2I128 $0x13, AA1, BB1, AA1
+ VPERM2I128 $0x13, CC1, DD1, BB1
+
+sealAVX2ShortSeal:
+ // Hash aad
+ MOVQ ad_len+80(FP), itr2
+ CALL polyHashADInternal<>(SB)
+ XORQ itr1, itr1
+
+sealAVX2SealHash:
+ // itr1 holds the number of bytes encrypted but not yet hashed
+ CMPQ itr1, $16
+ JB sealAVX2ShortSealLoop
+ polyAdd(0(oup))
+ polyMul
+ SUBQ $16, itr1
+ ADDQ $16, oup
+ JMP sealAVX2SealHash
+
+sealAVX2ShortSealLoop:
+ CMPQ inl, $32
+ JB sealAVX2ShortTail32
+ SUBQ $32, inl
+
+ // Load for encryption
+ VPXOR (inp), AA0, AA0
+ VMOVDQU AA0, (oup)
+ LEAQ (1*32)(inp), inp
+
+ // Now can hash
+ polyAdd(0*8(oup))
+ polyMulAVX2
+ polyAdd(2*8(oup))
+ polyMulAVX2
+ LEAQ (1*32)(oup), oup
+
+ // Shift stream left
+ VMOVDQA BB0, AA0
+ VMOVDQA CC0, BB0
+ VMOVDQA DD0, CC0
+ VMOVDQA AA1, DD0
+ VMOVDQA BB1, AA1
+ VMOVDQA CC1, BB1
+ VMOVDQA DD1, CC1
+ VMOVDQA AA2, DD1
+ VMOVDQA BB2, AA2
+ JMP sealAVX2ShortSealLoop
+
+sealAVX2ShortTail32:
+ CMPQ inl, $16
+ VMOVDQA A0, A1
+ JB sealAVX2ShortDone
+
+ SUBQ $16, inl
+
+ // Load for encryption
+ VPXOR (inp), A0, T0
+ VMOVDQU T0, (oup)
+ LEAQ (1*16)(inp), inp
+
+ // Hash
+ polyAdd(0*8(oup))
+ polyMulAVX2
+ LEAQ (1*16)(oup), oup
+ VPERM2I128 $0x11, AA0, AA0, AA0
+ VMOVDQA A0, A1
+
+sealAVX2ShortDone:
+ VZEROUPPER
+ JMP sealSSETail
+
+// ----------------------------------------------------------------------------
+// Special optimization for buffers smaller than 321 bytes
+seal320AVX2:
+ // For up to 320 bytes of ciphertext and 64 bytes for the poly key, we process six blocks
+ VMOVDQA AA0, AA1; VMOVDQA BB0, BB1; VMOVDQA CC0, CC1; VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA AA0, AA2; VMOVDQA BB0, BB2; VMOVDQA CC0, CC2; VPADDD ·avx2IncMask<>(SB), DD1, DD2
+ VMOVDQA BB0, TT1; VMOVDQA CC0, TT2; VMOVDQA DD0, TT3
+ MOVQ $10, itr2
+
+sealAVX2320InnerCipherLoop:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2
+ DECQ itr2
+ JNE sealAVX2320InnerCipherLoop
+
+ VMOVDQA ·chacha20Constants<>(SB), TT0
+ VPADDD TT0, AA0, AA0; VPADDD TT0, AA1, AA1; VPADDD TT0, AA2, AA2
+ VPADDD TT1, BB0, BB0; VPADDD TT1, BB1, BB1; VPADDD TT1, BB2, BB2
+ VPADDD TT2, CC0, CC0; VPADDD TT2, CC1, CC1; VPADDD TT2, CC2, CC2
+ VMOVDQA ·avx2IncMask<>(SB), TT0
+ VPADDD TT3, DD0, DD0; VPADDD TT0, TT3, TT3
+ VPADDD TT3, DD1, DD1; VPADDD TT0, TT3, TT3
+ VPADDD TT3, DD2, DD2
+
+ // Clamp and store poly key
+ VPERM2I128 $0x02, AA0, BB0, TT0
+ VPAND ·polyClampMask<>(SB), TT0, TT0
+ VMOVDQA TT0, rsStoreAVX2
+
+ // Stream for up to 320 bytes
+ VPERM2I128 $0x13, AA0, BB0, AA0
+ VPERM2I128 $0x13, CC0, DD0, BB0
+ VPERM2I128 $0x02, AA1, BB1, CC0
+ VPERM2I128 $0x02, CC1, DD1, DD0
+ VPERM2I128 $0x13, AA1, BB1, AA1
+ VPERM2I128 $0x13, CC1, DD1, BB1
+ VPERM2I128 $0x02, AA2, BB2, CC1
+ VPERM2I128 $0x02, CC2, DD2, DD1
+ VPERM2I128 $0x13, AA2, BB2, AA2
+ VPERM2I128 $0x13, CC2, DD2, BB2
+ JMP sealAVX2ShortSeal
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 128 bytes of ciphertext
+sealAVX2Tail128:
+ // Need to decrypt up to 128 bytes - prepare two blocks
+ // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed
+ // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed
+ VMOVDQA ·chacha20Constants<>(SB), AA0
+ VMOVDQA state1StoreAVX2, BB0
+ VMOVDQA state2StoreAVX2, CC0
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0
+ VMOVDQA DD0, DD1
+
+sealAVX2Tail128LoopA:
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealAVX2Tail128LoopB:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0)
+ polyAdd(0(oup))
+ polyMul
+ VPALIGNR $4, BB0, BB0, BB0
+ VPALIGNR $8, CC0, CC0, CC0
+ VPALIGNR $12, DD0, DD0, DD0
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0)
+ polyAdd(16(oup))
+ polyMul
+ LEAQ 32(oup), oup
+ VPALIGNR $12, BB0, BB0, BB0
+ VPALIGNR $8, CC0, CC0, CC0
+ VPALIGNR $4, DD0, DD0, DD0
+ DECQ itr1
+ JG sealAVX2Tail128LoopA
+ DECQ itr2
+ JGE sealAVX2Tail128LoopB
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA1
+ VPADDD state1StoreAVX2, BB0, BB1
+ VPADDD state2StoreAVX2, CC0, CC1
+ VPADDD DD1, DD0, DD1
+
+ VPERM2I128 $0x02, AA1, BB1, AA0
+ VPERM2I128 $0x02, CC1, DD1, BB0
+ VPERM2I128 $0x13, AA1, BB1, CC0
+ VPERM2I128 $0x13, CC1, DD1, DD0
+ JMP sealAVX2ShortSealLoop
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 256 bytes of ciphertext
+sealAVX2Tail256:
+ // Need to decrypt up to 256 bytes - prepare two blocks
+ // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed
+ // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA ·chacha20Constants<>(SB), AA1
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA state1StoreAVX2, BB1
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA state2StoreAVX2, CC1
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD1
+ VMOVDQA DD0, TT1
+ VMOVDQA DD1, TT2
+
+sealAVX2Tail256LoopA:
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealAVX2Tail256LoopB:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ polyAdd(0(oup))
+ polyMul
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0)
+ polyAdd(16(oup))
+ polyMul
+ LEAQ 32(oup), oup
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1
+ DECQ itr1
+ JG sealAVX2Tail256LoopA
+ DECQ itr2
+ JGE sealAVX2Tail256LoopB
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1
+ VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1
+ VPERM2I128 $0x02, AA0, BB0, TT0
+ VPERM2I128 $0x02, CC0, DD0, TT1
+ VPERM2I128 $0x13, AA0, BB0, TT2
+ VPERM2I128 $0x13, CC0, DD0, TT3
+ VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3
+ VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup)
+ MOVQ $128, itr1
+ LEAQ 128(inp), inp
+ SUBQ $128, inl
+ VPERM2I128 $0x02, AA1, BB1, AA0
+ VPERM2I128 $0x02, CC1, DD1, BB0
+ VPERM2I128 $0x13, AA1, BB1, CC0
+ VPERM2I128 $0x13, CC1, DD1, DD0
+
+ JMP sealAVX2SealHash
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 384 bytes of ciphertext
+sealAVX2Tail384:
+ // Need to decrypt up to 384 bytes - prepare two blocks
+ // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed
+ // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2
+ VMOVDQA DD0, TT1; VMOVDQA DD1, TT2; VMOVDQA DD2, TT3
+
+sealAVX2Tail384LoopA:
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealAVX2Tail384LoopB:
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ polyAdd(0(oup))
+ polyMul
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2
+ chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, TT0)
+ polyAdd(16(oup))
+ polyMul
+ LEAQ 32(oup), oup
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2
+ DECQ itr1
+ JG sealAVX2Tail384LoopA
+ DECQ itr2
+ JGE sealAVX2Tail384LoopB
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2
+ VPADDD TT1, DD0, DD0; VPADDD TT2, DD1, DD1; VPADDD TT3, DD2, DD2
+ VPERM2I128 $0x02, AA0, BB0, TT0
+ VPERM2I128 $0x02, CC0, DD0, TT1
+ VPERM2I128 $0x13, AA0, BB0, TT2
+ VPERM2I128 $0x13, CC0, DD0, TT3
+ VPXOR (0*32)(inp), TT0, TT0; VPXOR (1*32)(inp), TT1, TT1; VPXOR (2*32)(inp), TT2, TT2; VPXOR (3*32)(inp), TT3, TT3
+ VMOVDQU TT0, (0*32)(oup); VMOVDQU TT1, (1*32)(oup); VMOVDQU TT2, (2*32)(oup); VMOVDQU TT3, (3*32)(oup)
+ VPERM2I128 $0x02, AA1, BB1, TT0
+ VPERM2I128 $0x02, CC1, DD1, TT1
+ VPERM2I128 $0x13, AA1, BB1, TT2
+ VPERM2I128 $0x13, CC1, DD1, TT3
+ VPXOR (4*32)(inp), TT0, TT0; VPXOR (5*32)(inp), TT1, TT1; VPXOR (6*32)(inp), TT2, TT2; VPXOR (7*32)(inp), TT3, TT3
+ VMOVDQU TT0, (4*32)(oup); VMOVDQU TT1, (5*32)(oup); VMOVDQU TT2, (6*32)(oup); VMOVDQU TT3, (7*32)(oup)
+ MOVQ $256, itr1
+ LEAQ 256(inp), inp
+ SUBQ $256, inl
+ VPERM2I128 $0x02, AA2, BB2, AA0
+ VPERM2I128 $0x02, CC2, DD2, BB0
+ VPERM2I128 $0x13, AA2, BB2, CC0
+ VPERM2I128 $0x13, CC2, DD2, DD0
+
+ JMP sealAVX2SealHash
+
+// ----------------------------------------------------------------------------
+// Special optimization for the last 512 bytes of ciphertext
+sealAVX2Tail512:
+ // Need to decrypt up to 512 bytes - prepare two blocks
+ // If we got here after the main loop - there are 512 encrypted bytes waiting to be hashed
+ // If we got here before the main loop - there are 448 encrpyred bytes waiting to be hashed
+ VMOVDQA ·chacha20Constants<>(SB), AA0; VMOVDQA AA0, AA1; VMOVDQA AA0, AA2; VMOVDQA AA0, AA3
+ VMOVDQA state1StoreAVX2, BB0; VMOVDQA BB0, BB1; VMOVDQA BB0, BB2; VMOVDQA BB0, BB3
+ VMOVDQA state2StoreAVX2, CC0; VMOVDQA CC0, CC1; VMOVDQA CC0, CC2; VMOVDQA CC0, CC3
+ VMOVDQA ctr3StoreAVX2, DD0
+ VPADDD ·avx2IncMask<>(SB), DD0, DD0; VPADDD ·avx2IncMask<>(SB), DD0, DD1; VPADDD ·avx2IncMask<>(SB), DD1, DD2; VPADDD ·avx2IncMask<>(SB), DD2, DD3
+ VMOVDQA DD0, ctr0StoreAVX2; VMOVDQA DD1, ctr1StoreAVX2; VMOVDQA DD2, ctr2StoreAVX2; VMOVDQA DD3, ctr3StoreAVX2
+
+sealAVX2Tail512LoopA:
+ polyAdd(0(oup))
+ polyMul
+ LEAQ 16(oup), oup
+
+sealAVX2Tail512LoopB:
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ polyAdd(0*8(oup))
+ polyMulAVX2
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2; VPALIGNR $4, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2; VPALIGNR $12, DD3, DD3, DD3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ polyAdd(2*8(oup))
+ polyMulAVX2
+ LEAQ (4*8)(oup), oup
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3
+ VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3
+ VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), DD3, DD3
+ VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3
+ VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0
+ VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1
+ VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2
+ VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3
+ VMOVDQA tmpStoreAVX2, CC3
+ VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2; VPALIGNR $12, BB3, BB3, BB3
+ VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2; VPALIGNR $8, CC3, CC3, CC3
+ VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2; VPALIGNR $4, DD3, DD3, DD3
+
+ DECQ itr1
+ JG sealAVX2Tail512LoopA
+ DECQ itr2
+ JGE sealAVX2Tail512LoopB
+
+ VPADDD ·chacha20Constants<>(SB), AA0, AA0; VPADDD ·chacha20Constants<>(SB), AA1, AA1; VPADDD ·chacha20Constants<>(SB), AA2, AA2; VPADDD ·chacha20Constants<>(SB), AA3, AA3
+ VPADDD state1StoreAVX2, BB0, BB0; VPADDD state1StoreAVX2, BB1, BB1; VPADDD state1StoreAVX2, BB2, BB2; VPADDD state1StoreAVX2, BB3, BB3
+ VPADDD state2StoreAVX2, CC0, CC0; VPADDD state2StoreAVX2, CC1, CC1; VPADDD state2StoreAVX2, CC2, CC2; VPADDD state2StoreAVX2, CC3, CC3
+ VPADDD ctr0StoreAVX2, DD0, DD0; VPADDD ctr1StoreAVX2, DD1, DD1; VPADDD ctr2StoreAVX2, DD2, DD2; VPADDD ctr3StoreAVX2, DD3, DD3
+ VMOVDQA CC3, tmpStoreAVX2
+ VPERM2I128 $0x02, AA0, BB0, CC3
+ VPXOR (0*32)(inp), CC3, CC3
+ VMOVDQU CC3, (0*32)(oup)
+ VPERM2I128 $0x02, CC0, DD0, CC3
+ VPXOR (1*32)(inp), CC3, CC3
+ VMOVDQU CC3, (1*32)(oup)
+ VPERM2I128 $0x13, AA0, BB0, CC3
+ VPXOR (2*32)(inp), CC3, CC3
+ VMOVDQU CC3, (2*32)(oup)
+ VPERM2I128 $0x13, CC0, DD0, CC3
+ VPXOR (3*32)(inp), CC3, CC3
+ VMOVDQU CC3, (3*32)(oup)
+
+ VPERM2I128 $0x02, AA1, BB1, AA0
+ VPERM2I128 $0x02, CC1, DD1, BB0
+ VPERM2I128 $0x13, AA1, BB1, CC0
+ VPERM2I128 $0x13, CC1, DD1, DD0
+ VPXOR (4*32)(inp), AA0, AA0; VPXOR (5*32)(inp), BB0, BB0; VPXOR (6*32)(inp), CC0, CC0; VPXOR (7*32)(inp), DD0, DD0
+ VMOVDQU AA0, (4*32)(oup); VMOVDQU BB0, (5*32)(oup); VMOVDQU CC0, (6*32)(oup); VMOVDQU DD0, (7*32)(oup)
+
+ VPERM2I128 $0x02, AA2, BB2, AA0
+ VPERM2I128 $0x02, CC2, DD2, BB0
+ VPERM2I128 $0x13, AA2, BB2, CC0
+ VPERM2I128 $0x13, CC2, DD2, DD0
+ VPXOR (8*32)(inp), AA0, AA0; VPXOR (9*32)(inp), BB0, BB0; VPXOR (10*32)(inp), CC0, CC0; VPXOR (11*32)(inp), DD0, DD0
+ VMOVDQU AA0, (8*32)(oup); VMOVDQU BB0, (9*32)(oup); VMOVDQU CC0, (10*32)(oup); VMOVDQU DD0, (11*32)(oup)
+
+ MOVQ $384, itr1
+ LEAQ 384(inp), inp
+ SUBQ $384, inl
+ VPERM2I128 $0x02, AA3, BB3, AA0
+ VPERM2I128 $0x02, tmpStoreAVX2, DD3, BB0
+ VPERM2I128 $0x13, AA3, BB3, CC0
+ VPERM2I128 $0x13, tmpStoreAVX2, DD3, DD0
+
+ JMP sealAVX2SealHash
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go
new file mode 100644
index 00000000..fe191d39
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go
@@ -0,0 +1,81 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package chacha20poly1305
+
+import (
+ "encoding/binary"
+
+ "golang.org/x/crypto/chacha20"
+ "golang.org/x/crypto/internal/subtle"
+ "golang.org/x/crypto/poly1305"
+)
+
+func writeWithPadding(p *poly1305.MAC, b []byte) {
+ p.Write(b)
+ if rem := len(b) % 16; rem != 0 {
+ var buf [16]byte
+ padLen := 16 - rem
+ p.Write(buf[:padLen])
+ }
+}
+
+func writeUint64(p *poly1305.MAC, n int) {
+ var buf [8]byte
+ binary.LittleEndian.PutUint64(buf[:], uint64(n))
+ p.Write(buf[:])
+}
+
+func (c *chacha20poly1305) sealGeneric(dst, nonce, plaintext, additionalData []byte) []byte {
+ ret, out := sliceForAppend(dst, len(plaintext)+poly1305.TagSize)
+ ciphertext, tag := out[:len(plaintext)], out[len(plaintext):]
+ if subtle.InexactOverlap(out, plaintext) {
+ panic("chacha20poly1305: invalid buffer overlap")
+ }
+
+ var polyKey [32]byte
+ s, _ := chacha20.NewUnauthenticatedCipher(c.key[:], nonce)
+ s.XORKeyStream(polyKey[:], polyKey[:])
+ s.SetCounter(1) // set the counter to 1, skipping 32 bytes
+ s.XORKeyStream(ciphertext, plaintext)
+
+ p := poly1305.New(&polyKey)
+ writeWithPadding(p, additionalData)
+ writeWithPadding(p, ciphertext)
+ writeUint64(p, len(additionalData))
+ writeUint64(p, len(plaintext))
+ p.Sum(tag[:0])
+
+ return ret
+}
+
+func (c *chacha20poly1305) openGeneric(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ tag := ciphertext[len(ciphertext)-16:]
+ ciphertext = ciphertext[:len(ciphertext)-16]
+
+ var polyKey [32]byte
+ s, _ := chacha20.NewUnauthenticatedCipher(c.key[:], nonce)
+ s.XORKeyStream(polyKey[:], polyKey[:])
+ s.SetCounter(1) // set the counter to 1, skipping 32 bytes
+
+ p := poly1305.New(&polyKey)
+ writeWithPadding(p, additionalData)
+ writeWithPadding(p, ciphertext)
+ writeUint64(p, len(additionalData))
+ writeUint64(p, len(ciphertext))
+
+ ret, out := sliceForAppend(dst, len(ciphertext))
+ if subtle.InexactOverlap(out, ciphertext) {
+ panic("chacha20poly1305: invalid buffer overlap")
+ }
+ if !p.Verify(tag) {
+ for i := range out {
+ out[i] = 0
+ }
+ return nil, errOpen
+ }
+
+ s.XORKeyStream(out, ciphertext)
+ return ret, nil
+}
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go
new file mode 100644
index 00000000..9ce4aa9f
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_noasm.go
@@ -0,0 +1,15 @@
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build !amd64 gccgo purego
+
+package chacha20poly1305
+
+func (c *chacha20poly1305) seal(dst, nonce, plaintext, additionalData []byte) []byte {
+ return c.sealGeneric(dst, nonce, plaintext, additionalData)
+}
+
+func (c *chacha20poly1305) open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ return c.openGeneric(dst, nonce, ciphertext, additionalData)
+}
diff --git a/vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go b/vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go
new file mode 100644
index 00000000..d9d46b96
--- /dev/null
+++ b/vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go
@@ -0,0 +1,86 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package chacha20poly1305
+
+import (
+ "crypto/cipher"
+ "errors"
+
+ "golang.org/x/crypto/chacha20"
+)
+
+type xchacha20poly1305 struct {
+ key [KeySize]byte
+}
+
+// NewX returns a XChaCha20-Poly1305 AEAD that uses the given 256-bit key.
+//
+// XChaCha20-Poly1305 is a ChaCha20-Poly1305 variant that takes a longer nonce,
+// suitable to be generated randomly without risk of collisions. It should be
+// preferred when nonce uniqueness cannot be trivially ensured, or whenever
+// nonces are randomly generated.
+func NewX(key []byte) (cipher.AEAD, error) {
+ if len(key) != KeySize {
+ return nil, errors.New("chacha20poly1305: bad key length")
+ }
+ ret := new(xchacha20poly1305)
+ copy(ret.key[:], key)
+ return ret, nil
+}
+
+func (*xchacha20poly1305) NonceSize() int {
+ return NonceSizeX
+}
+
+func (*xchacha20poly1305) Overhead() int {
+ return 16
+}
+
+func (x *xchacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {
+ if len(nonce) != NonceSizeX {
+ panic("chacha20poly1305: bad nonce length passed to Seal")
+ }
+
+ // XChaCha20-Poly1305 technically supports a 64-bit counter, so there is no
+ // size limit. However, since we reuse the ChaCha20-Poly1305 implementation,
+ // the second half of the counter is not available. This is unlikely to be
+ // an issue because the cipher.AEAD API requires the entire message to be in
+ // memory, and the counter overflows at 256 GB.
+ if uint64(len(plaintext)) > (1<<38)-64 {
+ panic("chacha20poly1305: plaintext too large")
+ }
+
+ c := new(chacha20poly1305)
+ hKey, _ := chacha20.HChaCha20(x.key[:], nonce[0:16])
+ copy(c.key[:], hKey)
+
+ // The first 4 bytes of the final nonce are unused counter space.
+ cNonce := make([]byte, NonceSize)
+ copy(cNonce[4:12], nonce[16:24])
+
+ return c.seal(dst, cNonce[:], plaintext, additionalData)
+}
+
+func (x *xchacha20poly1305) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error) {
+ if len(nonce) != NonceSizeX {
+ panic("chacha20poly1305: bad nonce length passed to Open")
+ }
+ if len(ciphertext) < 16 {
+ return nil, errOpen
+ }
+ if uint64(len(ciphertext)) > (1<<38)-48 {
+ panic("chacha20poly1305: ciphertext too large")
+ }
+
+ c := new(chacha20poly1305)
+ hKey, _ := chacha20.HChaCha20(x.key[:], nonce[0:16])
+ copy(c.key[:], hKey)
+
+ // The first 4 bytes of the final nonce are unused counter space.
+ cNonce := make([]byte, NonceSize)
+ copy(cNonce[4:12], nonce[16:24])
+
+ return c.open(dst, cNonce[:], ciphertext, additionalData)
+}
diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1.go
new file mode 100644
index 00000000..d3596ee6
--- /dev/null
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go
@@ -0,0 +1,752 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cryptobyte
+
+import (
+ encoding_asn1 "encoding/asn1"
+ "fmt"
+ "math/big"
+ "reflect"
+ "time"
+
+ "golang.org/x/crypto/cryptobyte/asn1"
+)
+
+// This file contains ASN.1-related methods for String and Builder.
+
+// Builder
+
+// AddASN1Int64 appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1Int64(v int64) {
+ b.addASN1Signed(asn1.INTEGER, v)
+}
+
+// AddASN1Int64WithTag appends a DER-encoded ASN.1 INTEGER with the
+// given tag.
+func (b *Builder) AddASN1Int64WithTag(v int64, tag asn1.Tag) {
+ b.addASN1Signed(tag, v)
+}
+
+// AddASN1Enum appends a DER-encoded ASN.1 ENUMERATION.
+func (b *Builder) AddASN1Enum(v int64) {
+ b.addASN1Signed(asn1.ENUM, v)
+}
+
+func (b *Builder) addASN1Signed(tag asn1.Tag, v int64) {
+ b.AddASN1(tag, func(c *Builder) {
+ length := 1
+ for i := v; i >= 0x80 || i < -0x80; i >>= 8 {
+ length++
+ }
+
+ for ; length > 0; length-- {
+ i := v >> uint((length-1)*8) & 0xff
+ c.AddUint8(uint8(i))
+ }
+ })
+}
+
+// AddASN1Uint64 appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1Uint64(v uint64) {
+ b.AddASN1(asn1.INTEGER, func(c *Builder) {
+ length := 1
+ for i := v; i >= 0x80; i >>= 8 {
+ length++
+ }
+
+ for ; length > 0; length-- {
+ i := v >> uint((length-1)*8) & 0xff
+ c.AddUint8(uint8(i))
+ }
+ })
+}
+
+// AddASN1BigInt appends a DER-encoded ASN.1 INTEGER.
+func (b *Builder) AddASN1BigInt(n *big.Int) {
+ if b.err != nil {
+ return
+ }
+
+ b.AddASN1(asn1.INTEGER, func(c *Builder) {
+ if n.Sign() < 0 {
+ // A negative number has to be converted to two's-complement form. So we
+ // invert and subtract 1. If the most-significant-bit isn't set then
+ // we'll need to pad the beginning with 0xff in order to keep the number
+ // negative.
+ nMinus1 := new(big.Int).Neg(n)
+ nMinus1.Sub(nMinus1, bigOne)
+ bytes := nMinus1.Bytes()
+ for i := range bytes {
+ bytes[i] ^= 0xff
+ }
+ if len(bytes) == 0 || bytes[0]&0x80 == 0 {
+ c.add(0xff)
+ }
+ c.add(bytes...)
+ } else if n.Sign() == 0 {
+ c.add(0)
+ } else {
+ bytes := n.Bytes()
+ if bytes[0]&0x80 != 0 {
+ c.add(0)
+ }
+ c.add(bytes...)
+ }
+ })
+}
+
+// AddASN1OctetString appends a DER-encoded ASN.1 OCTET STRING.
+func (b *Builder) AddASN1OctetString(bytes []byte) {
+ b.AddASN1(asn1.OCTET_STRING, func(c *Builder) {
+ c.AddBytes(bytes)
+ })
+}
+
+const generalizedTimeFormatStr = "20060102150405Z0700"
+
+// AddASN1GeneralizedTime appends a DER-encoded ASN.1 GENERALIZEDTIME.
+func (b *Builder) AddASN1GeneralizedTime(t time.Time) {
+ if t.Year() < 0 || t.Year() > 9999 {
+ b.err = fmt.Errorf("cryptobyte: cannot represent %v as a GeneralizedTime", t)
+ return
+ }
+ b.AddASN1(asn1.GeneralizedTime, func(c *Builder) {
+ c.AddBytes([]byte(t.Format(generalizedTimeFormatStr)))
+ })
+}
+
+// AddASN1BitString appends a DER-encoded ASN.1 BIT STRING. This does not
+// support BIT STRINGs that are not a whole number of bytes.
+func (b *Builder) AddASN1BitString(data []byte) {
+ b.AddASN1(asn1.BIT_STRING, func(b *Builder) {
+ b.AddUint8(0)
+ b.AddBytes(data)
+ })
+}
+
+func (b *Builder) addBase128Int(n int64) {
+ var length int
+ if n == 0 {
+ length = 1
+ } else {
+ for i := n; i > 0; i >>= 7 {
+ length++
+ }
+ }
+
+ for i := length - 1; i >= 0; i-- {
+ o := byte(n >> uint(i*7))
+ o &= 0x7f
+ if i != 0 {
+ o |= 0x80
+ }
+
+ b.add(o)
+ }
+}
+
+func isValidOID(oid encoding_asn1.ObjectIdentifier) bool {
+ if len(oid) < 2 {
+ return false
+ }
+
+ if oid[0] > 2 || (oid[0] <= 1 && oid[1] >= 40) {
+ return false
+ }
+
+ for _, v := range oid {
+ if v < 0 {
+ return false
+ }
+ }
+
+ return true
+}
+
+func (b *Builder) AddASN1ObjectIdentifier(oid encoding_asn1.ObjectIdentifier) {
+ b.AddASN1(asn1.OBJECT_IDENTIFIER, func(b *Builder) {
+ if !isValidOID(oid) {
+ b.err = fmt.Errorf("cryptobyte: invalid OID: %v", oid)
+ return
+ }
+
+ b.addBase128Int(int64(oid[0])*40 + int64(oid[1]))
+ for _, v := range oid[2:] {
+ b.addBase128Int(int64(v))
+ }
+ })
+}
+
+func (b *Builder) AddASN1Boolean(v bool) {
+ b.AddASN1(asn1.BOOLEAN, func(b *Builder) {
+ if v {
+ b.AddUint8(0xff)
+ } else {
+ b.AddUint8(0)
+ }
+ })
+}
+
+func (b *Builder) AddASN1NULL() {
+ b.add(uint8(asn1.NULL), 0)
+}
+
+// MarshalASN1 calls encoding_asn1.Marshal on its input and appends the result if
+// successful or records an error if one occurred.
+func (b *Builder) MarshalASN1(v interface{}) {
+ // NOTE(martinkr): This is somewhat of a hack to allow propagation of
+ // encoding_asn1.Marshal errors into Builder.err. N.B. if you call MarshalASN1 with a
+ // value embedded into a struct, its tag information is lost.
+ if b.err != nil {
+ return
+ }
+ bytes, err := encoding_asn1.Marshal(v)
+ if err != nil {
+ b.err = err
+ return
+ }
+ b.AddBytes(bytes)
+}
+
+// AddASN1 appends an ASN.1 object. The object is prefixed with the given tag.
+// Tags greater than 30 are not supported and result in an error (i.e.
+// low-tag-number form only). The child builder passed to the
+// BuilderContinuation can be used to build the content of the ASN.1 object.
+func (b *Builder) AddASN1(tag asn1.Tag, f BuilderContinuation) {
+ if b.err != nil {
+ return
+ }
+ // Identifiers with the low five bits set indicate high-tag-number format
+ // (two or more octets), which we don't support.
+ if tag&0x1f == 0x1f {
+ b.err = fmt.Errorf("cryptobyte: high-tag number identifier octects not supported: 0x%x", tag)
+ return
+ }
+ b.AddUint8(uint8(tag))
+ b.addLengthPrefixed(1, true, f)
+}
+
+// String
+
+// ReadASN1Boolean decodes an ASN.1 BOOLEAN and converts it to a boolean
+// representation into out and advances. It reports whether the read
+// was successful.
+func (s *String) ReadASN1Boolean(out *bool) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.BOOLEAN) || len(bytes) != 1 {
+ return false
+ }
+
+ switch bytes[0] {
+ case 0:
+ *out = false
+ case 0xff:
+ *out = true
+ default:
+ return false
+ }
+
+ return true
+}
+
+var bigIntType = reflect.TypeOf((*big.Int)(nil)).Elem()
+
+// ReadASN1Integer decodes an ASN.1 INTEGER into out and advances. If out does
+// not point to an integer or to a big.Int, it panics. It reports whether the
+// read was successful.
+func (s *String) ReadASN1Integer(out interface{}) bool {
+ if reflect.TypeOf(out).Kind() != reflect.Ptr {
+ panic("out is not a pointer")
+ }
+ switch reflect.ValueOf(out).Elem().Kind() {
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ var i int64
+ if !s.readASN1Int64(&i) || reflect.ValueOf(out).Elem().OverflowInt(i) {
+ return false
+ }
+ reflect.ValueOf(out).Elem().SetInt(i)
+ return true
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64:
+ var u uint64
+ if !s.readASN1Uint64(&u) || reflect.ValueOf(out).Elem().OverflowUint(u) {
+ return false
+ }
+ reflect.ValueOf(out).Elem().SetUint(u)
+ return true
+ case reflect.Struct:
+ if reflect.TypeOf(out).Elem() == bigIntType {
+ return s.readASN1BigInt(out.(*big.Int))
+ }
+ }
+ panic("out does not point to an integer type")
+}
+
+func checkASN1Integer(bytes []byte) bool {
+ if len(bytes) == 0 {
+ // An INTEGER is encoded with at least one octet.
+ return false
+ }
+ if len(bytes) == 1 {
+ return true
+ }
+ if bytes[0] == 0 && bytes[1]&0x80 == 0 || bytes[0] == 0xff && bytes[1]&0x80 == 0x80 {
+ // Value is not minimally encoded.
+ return false
+ }
+ return true
+}
+
+var bigOne = big.NewInt(1)
+
+func (s *String) readASN1BigInt(out *big.Int) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) {
+ return false
+ }
+ if bytes[0]&0x80 == 0x80 {
+ // Negative number.
+ neg := make([]byte, len(bytes))
+ for i, b := range bytes {
+ neg[i] = ^b
+ }
+ out.SetBytes(neg)
+ out.Add(out, bigOne)
+ out.Neg(out)
+ } else {
+ out.SetBytes(bytes)
+ }
+ return true
+}
+
+func (s *String) readASN1Int64(out *int64) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Signed(out, bytes) {
+ return false
+ }
+ return true
+}
+
+func asn1Signed(out *int64, n []byte) bool {
+ length := len(n)
+ if length > 8 {
+ return false
+ }
+ for i := 0; i < length; i++ {
+ *out <<= 8
+ *out |= int64(n[i])
+ }
+ // Shift up and down in order to sign extend the result.
+ *out <<= 64 - uint8(length)*8
+ *out >>= 64 - uint8(length)*8
+ return true
+}
+
+func (s *String) readASN1Uint64(out *uint64) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Unsigned(out, bytes) {
+ return false
+ }
+ return true
+}
+
+func asn1Unsigned(out *uint64, n []byte) bool {
+ length := len(n)
+ if length > 9 || length == 9 && n[0] != 0 {
+ // Too large for uint64.
+ return false
+ }
+ if n[0]&0x80 != 0 {
+ // Negative number.
+ return false
+ }
+ for i := 0; i < length; i++ {
+ *out <<= 8
+ *out |= uint64(n[i])
+ }
+ return true
+}
+
+// ReadASN1Int64WithTag decodes an ASN.1 INTEGER with the given tag into out
+// and advances. It reports whether the read was successful and resulted in a
+// value that can be represented in an int64.
+func (s *String) ReadASN1Int64WithTag(out *int64, tag asn1.Tag) bool {
+ var bytes String
+ return s.ReadASN1(&bytes, tag) && checkASN1Integer(bytes) && asn1Signed(out, bytes)
+}
+
+// ReadASN1Enum decodes an ASN.1 ENUMERATION into out and advances. It reports
+// whether the read was successful.
+func (s *String) ReadASN1Enum(out *int) bool {
+ var bytes String
+ var i int64
+ if !s.ReadASN1(&bytes, asn1.ENUM) || !checkASN1Integer(bytes) || !asn1Signed(&i, bytes) {
+ return false
+ }
+ if int64(int(i)) != i {
+ return false
+ }
+ *out = int(i)
+ return true
+}
+
+func (s *String) readBase128Int(out *int) bool {
+ ret := 0
+ for i := 0; len(*s) > 0; i++ {
+ if i == 4 {
+ return false
+ }
+ ret <<= 7
+ b := s.read(1)[0]
+ ret |= int(b & 0x7f)
+ if b&0x80 == 0 {
+ *out = ret
+ return true
+ }
+ }
+ return false // truncated
+}
+
+// ReadASN1ObjectIdentifier decodes an ASN.1 OBJECT IDENTIFIER into out and
+// advances. It reports whether the read was successful.
+func (s *String) ReadASN1ObjectIdentifier(out *encoding_asn1.ObjectIdentifier) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.OBJECT_IDENTIFIER) || len(bytes) == 0 {
+ return false
+ }
+
+ // In the worst case, we get two elements from the first byte (which is
+ // encoded differently) and then every varint is a single byte long.
+ components := make([]int, len(bytes)+1)
+
+ // The first varint is 40*value1 + value2:
+ // According to this packing, value1 can take the values 0, 1 and 2 only.
+ // When value1 = 0 or value1 = 1, then value2 is <= 39. When value1 = 2,
+ // then there are no restrictions on value2.
+ var v int
+ if !bytes.readBase128Int(&v) {
+ return false
+ }
+ if v < 80 {
+ components[0] = v / 40
+ components[1] = v % 40
+ } else {
+ components[0] = 2
+ components[1] = v - 80
+ }
+
+ i := 2
+ for ; len(bytes) > 0; i++ {
+ if !bytes.readBase128Int(&v) {
+ return false
+ }
+ components[i] = v
+ }
+ *out = components[:i]
+ return true
+}
+
+// ReadASN1GeneralizedTime decodes an ASN.1 GENERALIZEDTIME into out and
+// advances. It reports whether the read was successful.
+func (s *String) ReadASN1GeneralizedTime(out *time.Time) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.GeneralizedTime) {
+ return false
+ }
+ t := string(bytes)
+ res, err := time.Parse(generalizedTimeFormatStr, t)
+ if err != nil {
+ return false
+ }
+ if serialized := res.Format(generalizedTimeFormatStr); serialized != t {
+ return false
+ }
+ *out = res
+ return true
+}
+
+// ReadASN1BitString decodes an ASN.1 BIT STRING into out and advances.
+// It reports whether the read was successful.
+func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool {
+ var bytes String
+ if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 ||
+ len(bytes)*8/8 != len(bytes) {
+ return false
+ }
+
+ paddingBits := uint8(bytes[0])
+ bytes = bytes[1:]
+ if paddingBits > 7 ||
+ len(bytes) == 0 && paddingBits != 0 ||
+ len(bytes) > 0 && bytes[len(bytes)-1]&(1< 4 || len(*s) < int(2+lenLen) {
+ return false
+ }
+
+ lenBytes := String((*s)[2 : 2+lenLen])
+ if !lenBytes.readUnsigned(&len32, int(lenLen)) {
+ return false
+ }
+
+ // ITU-T X.690 section 10.1 (DER length forms) requires encoding the length
+ // with the minimum number of octets.
+ if len32 < 128 {
+ // Length should have used short-form encoding.
+ return false
+ }
+ if len32>>((lenLen-1)*8) == 0 {
+ // Leading octet is 0. Length should have been at least one byte shorter.
+ return false
+ }
+
+ headerLen = 2 + uint32(lenLen)
+ if headerLen+len32 < len32 {
+ // Overflow.
+ return false
+ }
+ length = headerLen + len32
+ }
+
+ if int(length) < 0 || !s.ReadBytes((*[]byte)(out), int(length)) {
+ return false
+ }
+ if skipHeader && !out.Skip(int(headerLen)) {
+ panic("cryptobyte: internal error")
+ }
+
+ return true
+}
diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
new file mode 100644
index 00000000..cda8e3ed
--- /dev/null
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
@@ -0,0 +1,46 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package asn1 contains supporting types for parsing and building ASN.1
+// messages with the cryptobyte package.
+package asn1 // import "golang.org/x/crypto/cryptobyte/asn1"
+
+// Tag represents an ASN.1 identifier octet, consisting of a tag number
+// (indicating a type) and class (such as context-specific or constructed).
+//
+// Methods in the cryptobyte package only support the low-tag-number form, i.e.
+// a single identifier octet with bits 7-8 encoding the class and bits 1-6
+// encoding the tag number.
+type Tag uint8
+
+const (
+ classConstructed = 0x20
+ classContextSpecific = 0x80
+)
+
+// Constructed returns t with the constructed class bit set.
+func (t Tag) Constructed() Tag { return t | classConstructed }
+
+// ContextSpecific returns t with the context-specific class bit set.
+func (t Tag) ContextSpecific() Tag { return t | classContextSpecific }
+
+// The following is a list of standard tag and class combinations.
+const (
+ BOOLEAN = Tag(1)
+ INTEGER = Tag(2)
+ BIT_STRING = Tag(3)
+ OCTET_STRING = Tag(4)
+ NULL = Tag(5)
+ OBJECT_IDENTIFIER = Tag(6)
+ ENUM = Tag(10)
+ UTF8String = Tag(12)
+ SEQUENCE = Tag(16 | classConstructed)
+ SET = Tag(17 | classConstructed)
+ PrintableString = Tag(19)
+ T61String = Tag(20)
+ IA5String = Tag(22)
+ UTCTime = Tag(23)
+ GeneralizedTime = Tag(24)
+ GeneralString = Tag(27)
+)
diff --git a/vendor/golang.org/x/crypto/cryptobyte/builder.go b/vendor/golang.org/x/crypto/cryptobyte/builder.go
new file mode 100644
index 00000000..ca7b1db5
--- /dev/null
+++ b/vendor/golang.org/x/crypto/cryptobyte/builder.go
@@ -0,0 +1,337 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cryptobyte
+
+import (
+ "errors"
+ "fmt"
+)
+
+// A Builder builds byte strings from fixed-length and length-prefixed values.
+// Builders either allocate space as needed, or are ‘fixed’, which means that
+// they write into a given buffer and produce an error if it's exhausted.
+//
+// The zero value is a usable Builder that allocates space as needed.
+//
+// Simple values are marshaled and appended to a Builder using methods on the
+// Builder. Length-prefixed values are marshaled by providing a
+// BuilderContinuation, which is a function that writes the inner contents of
+// the value to a given Builder. See the documentation for BuilderContinuation
+// for details.
+type Builder struct {
+ err error
+ result []byte
+ fixedSize bool
+ child *Builder
+ offset int
+ pendingLenLen int
+ pendingIsASN1 bool
+ inContinuation *bool
+}
+
+// NewBuilder creates a Builder that appends its output to the given buffer.
+// Like append(), the slice will be reallocated if its capacity is exceeded.
+// Use Bytes to get the final buffer.
+func NewBuilder(buffer []byte) *Builder {
+ return &Builder{
+ result: buffer,
+ }
+}
+
+// NewFixedBuilder creates a Builder that appends its output into the given
+// buffer. This builder does not reallocate the output buffer. Writes that
+// would exceed the buffer's capacity are treated as an error.
+func NewFixedBuilder(buffer []byte) *Builder {
+ return &Builder{
+ result: buffer,
+ fixedSize: true,
+ }
+}
+
+// SetError sets the value to be returned as the error from Bytes. Writes
+// performed after calling SetError are ignored.
+func (b *Builder) SetError(err error) {
+ b.err = err
+}
+
+// Bytes returns the bytes written by the builder or an error if one has
+// occurred during building.
+func (b *Builder) Bytes() ([]byte, error) {
+ if b.err != nil {
+ return nil, b.err
+ }
+ return b.result[b.offset:], nil
+}
+
+// BytesOrPanic returns the bytes written by the builder or panics if an error
+// has occurred during building.
+func (b *Builder) BytesOrPanic() []byte {
+ if b.err != nil {
+ panic(b.err)
+ }
+ return b.result[b.offset:]
+}
+
+// AddUint8 appends an 8-bit value to the byte string.
+func (b *Builder) AddUint8(v uint8) {
+ b.add(byte(v))
+}
+
+// AddUint16 appends a big-endian, 16-bit value to the byte string.
+func (b *Builder) AddUint16(v uint16) {
+ b.add(byte(v>>8), byte(v))
+}
+
+// AddUint24 appends a big-endian, 24-bit value to the byte string. The highest
+// byte of the 32-bit input value is silently truncated.
+func (b *Builder) AddUint24(v uint32) {
+ b.add(byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddUint32 appends a big-endian, 32-bit value to the byte string.
+func (b *Builder) AddUint32(v uint32) {
+ b.add(byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
+}
+
+// AddBytes appends a sequence of bytes to the byte string.
+func (b *Builder) AddBytes(v []byte) {
+ b.add(v...)
+}
+
+// BuilderContinuation is a continuation-passing interface for building
+// length-prefixed byte sequences. Builder methods for length-prefixed
+// sequences (AddUint8LengthPrefixed etc) will invoke the BuilderContinuation
+// supplied to them. The child builder passed to the continuation can be used
+// to build the content of the length-prefixed sequence. For example:
+//
+// parent := cryptobyte.NewBuilder()
+// parent.AddUint8LengthPrefixed(func (child *Builder) {
+// child.AddUint8(42)
+// child.AddUint8LengthPrefixed(func (grandchild *Builder) {
+// grandchild.AddUint8(5)
+// })
+// })
+//
+// It is an error to write more bytes to the child than allowed by the reserved
+// length prefix. After the continuation returns, the child must be considered
+// invalid, i.e. users must not store any copies or references of the child
+// that outlive the continuation.
+//
+// If the continuation panics with a value of type BuildError then the inner
+// error will be returned as the error from Bytes. If the child panics
+// otherwise then Bytes will repanic with the same value.
+type BuilderContinuation func(child *Builder)
+
+// BuildError wraps an error. If a BuilderContinuation panics with this value,
+// the panic will be recovered and the inner error will be returned from
+// Builder.Bytes.
+type BuildError struct {
+ Err error
+}
+
+// AddUint8LengthPrefixed adds a 8-bit length-prefixed byte sequence.
+func (b *Builder) AddUint8LengthPrefixed(f BuilderContinuation) {
+ b.addLengthPrefixed(1, false, f)
+}
+
+// AddUint16LengthPrefixed adds a big-endian, 16-bit length-prefixed byte sequence.
+func (b *Builder) AddUint16LengthPrefixed(f BuilderContinuation) {
+ b.addLengthPrefixed(2, false, f)
+}
+
+// AddUint24LengthPrefixed adds a big-endian, 24-bit length-prefixed byte sequence.
+func (b *Builder) AddUint24LengthPrefixed(f BuilderContinuation) {
+ b.addLengthPrefixed(3, false, f)
+}
+
+// AddUint32LengthPrefixed adds a big-endian, 32-bit length-prefixed byte sequence.
+func (b *Builder) AddUint32LengthPrefixed(f BuilderContinuation) {
+ b.addLengthPrefixed(4, false, f)
+}
+
+func (b *Builder) callContinuation(f BuilderContinuation, arg *Builder) {
+ if !*b.inContinuation {
+ *b.inContinuation = true
+
+ defer func() {
+ *b.inContinuation = false
+
+ r := recover()
+ if r == nil {
+ return
+ }
+
+ if buildError, ok := r.(BuildError); ok {
+ b.err = buildError.Err
+ } else {
+ panic(r)
+ }
+ }()
+ }
+
+ f(arg)
+}
+
+func (b *Builder) addLengthPrefixed(lenLen int, isASN1 bool, f BuilderContinuation) {
+ // Subsequent writes can be ignored if the builder has encountered an error.
+ if b.err != nil {
+ return
+ }
+
+ offset := len(b.result)
+ b.add(make([]byte, lenLen)...)
+
+ if b.inContinuation == nil {
+ b.inContinuation = new(bool)
+ }
+
+ b.child = &Builder{
+ result: b.result,
+ fixedSize: b.fixedSize,
+ offset: offset,
+ pendingLenLen: lenLen,
+ pendingIsASN1: isASN1,
+ inContinuation: b.inContinuation,
+ }
+
+ b.callContinuation(f, b.child)
+ b.flushChild()
+ if b.child != nil {
+ panic("cryptobyte: internal error")
+ }
+}
+
+func (b *Builder) flushChild() {
+ if b.child == nil {
+ return
+ }
+ b.child.flushChild()
+ child := b.child
+ b.child = nil
+
+ if child.err != nil {
+ b.err = child.err
+ return
+ }
+
+ length := len(child.result) - child.pendingLenLen - child.offset
+
+ if length < 0 {
+ panic("cryptobyte: internal error") // result unexpectedly shrunk
+ }
+
+ if child.pendingIsASN1 {
+ // For ASN.1, we reserved a single byte for the length. If that turned out
+ // to be incorrect, we have to move the contents along in order to make
+ // space.
+ if child.pendingLenLen != 1 {
+ panic("cryptobyte: internal error")
+ }
+ var lenLen, lenByte uint8
+ if int64(length) > 0xfffffffe {
+ b.err = errors.New("pending ASN.1 child too long")
+ return
+ } else if length > 0xffffff {
+ lenLen = 5
+ lenByte = 0x80 | 4
+ } else if length > 0xffff {
+ lenLen = 4
+ lenByte = 0x80 | 3
+ } else if length > 0xff {
+ lenLen = 3
+ lenByte = 0x80 | 2
+ } else if length > 0x7f {
+ lenLen = 2
+ lenByte = 0x80 | 1
+ } else {
+ lenLen = 1
+ lenByte = uint8(length)
+ length = 0
+ }
+
+ // Insert the initial length byte, make space for successive length bytes,
+ // and adjust the offset.
+ child.result[child.offset] = lenByte
+ extraBytes := int(lenLen - 1)
+ if extraBytes != 0 {
+ child.add(make([]byte, extraBytes)...)
+ childStart := child.offset + child.pendingLenLen
+ copy(child.result[childStart+extraBytes:], child.result[childStart:])
+ }
+ child.offset++
+ child.pendingLenLen = extraBytes
+ }
+
+ l := length
+ for i := child.pendingLenLen - 1; i >= 0; i-- {
+ child.result[child.offset+i] = uint8(l)
+ l >>= 8
+ }
+ if l != 0 {
+ b.err = fmt.Errorf("cryptobyte: pending child length %d exceeds %d-byte length prefix", length, child.pendingLenLen)
+ return
+ }
+
+ if b.fixedSize && &b.result[0] != &child.result[0] {
+ panic("cryptobyte: BuilderContinuation reallocated a fixed-size buffer")
+ }
+
+ b.result = child.result
+}
+
+func (b *Builder) add(bytes ...byte) {
+ if b.err != nil {
+ return
+ }
+ if b.child != nil {
+ panic("cryptobyte: attempted write while child is pending")
+ }
+ if len(b.result)+len(bytes) < len(bytes) {
+ b.err = errors.New("cryptobyte: length overflow")
+ }
+ if b.fixedSize && len(b.result)+len(bytes) > cap(b.result) {
+ b.err = errors.New("cryptobyte: Builder is exceeding its fixed-size buffer")
+ return
+ }
+ b.result = append(b.result, bytes...)
+}
+
+// Unwrite rolls back n bytes written directly to the Builder. An attempt by a
+// child builder passed to a continuation to unwrite bytes from its parent will
+// panic.
+func (b *Builder) Unwrite(n int) {
+ if b.err != nil {
+ return
+ }
+ if b.child != nil {
+ panic("cryptobyte: attempted unwrite while child is pending")
+ }
+ length := len(b.result) - b.pendingLenLen - b.offset
+ if length < 0 {
+ panic("cryptobyte: internal error")
+ }
+ if n > length {
+ panic("cryptobyte: attempted to unwrite more than was written")
+ }
+ b.result = b.result[:len(b.result)-n]
+}
+
+// A MarshalingValue marshals itself into a Builder.
+type MarshalingValue interface {
+ // Marshal is called by Builder.AddValue. It receives a pointer to a builder
+ // to marshal itself into. It may return an error that occurred during
+ // marshaling, such as unset or invalid values.
+ Marshal(b *Builder) error
+}
+
+// AddValue calls Marshal on v, passing a pointer to the builder to append to.
+// If Marshal returns an error, it is set on the Builder so that subsequent
+// appends don't have an effect.
+func (b *Builder) AddValue(v MarshalingValue) {
+ err := v.Marshal(b)
+ if err != nil {
+ b.err = err
+ }
+}
diff --git a/vendor/golang.org/x/crypto/cryptobyte/string.go b/vendor/golang.org/x/crypto/cryptobyte/string.go
new file mode 100644
index 00000000..589d297e
--- /dev/null
+++ b/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -0,0 +1,161 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package cryptobyte contains types that help with parsing and constructing
+// length-prefixed, binary messages, including ASN.1 DER. (The asn1 subpackage
+// contains useful ASN.1 constants.)
+//
+// The String type is for parsing. It wraps a []byte slice and provides helper
+// functions for consuming structures, value by value.
+//
+// The Builder type is for constructing messages. It providers helper functions
+// for appending values and also for appending length-prefixed submessages –
+// without having to worry about calculating the length prefix ahead of time.
+//
+// See the documentation and examples for the Builder and String types to get
+// started.
+package cryptobyte // import "golang.org/x/crypto/cryptobyte"
+
+// String represents a string of bytes. It provides methods for parsing
+// fixed-length and length-prefixed values from it.
+type String []byte
+
+// read advances a String by n bytes and returns them. If less than n bytes
+// remain, it returns nil.
+func (s *String) read(n int) []byte {
+ if len(*s) < n || n < 0 {
+ return nil
+ }
+ v := (*s)[:n]
+ *s = (*s)[n:]
+ return v
+}
+
+// Skip advances the String by n byte and reports whether it was successful.
+func (s *String) Skip(n int) bool {
+ return s.read(n) != nil
+}
+
+// ReadUint8 decodes an 8-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint8(out *uint8) bool {
+ v := s.read(1)
+ if v == nil {
+ return false
+ }
+ *out = uint8(v[0])
+ return true
+}
+
+// ReadUint16 decodes a big-endian, 16-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint16(out *uint16) bool {
+ v := s.read(2)
+ if v == nil {
+ return false
+ }
+ *out = uint16(v[0])<<8 | uint16(v[1])
+ return true
+}
+
+// ReadUint24 decodes a big-endian, 24-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint24(out *uint32) bool {
+ v := s.read(3)
+ if v == nil {
+ return false
+ }
+ *out = uint32(v[0])<<16 | uint32(v[1])<<8 | uint32(v[2])
+ return true
+}
+
+// ReadUint32 decodes a big-endian, 32-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint32(out *uint32) bool {
+ v := s.read(4)
+ if v == nil {
+ return false
+ }
+ *out = uint32(v[0])<<24 | uint32(v[1])<<16 | uint32(v[2])<<8 | uint32(v[3])
+ return true
+}
+
+func (s *String) readUnsigned(out *uint32, length int) bool {
+ v := s.read(length)
+ if v == nil {
+ return false
+ }
+ var result uint32
+ for i := 0; i < length; i++ {
+ result <<= 8
+ result |= uint32(v[i])
+ }
+ *out = result
+ return true
+}
+
+func (s *String) readLengthPrefixed(lenLen int, outChild *String) bool {
+ lenBytes := s.read(lenLen)
+ if lenBytes == nil {
+ return false
+ }
+ var length uint32
+ for _, b := range lenBytes {
+ length = length << 8
+ length = length | uint32(b)
+ }
+ v := s.read(int(length))
+ if v == nil {
+ return false
+ }
+ *outChild = v
+ return true
+}
+
+// ReadUint8LengthPrefixed reads the content of an 8-bit length-prefixed value
+// into out and advances over it. It reports whether the read was successful.
+func (s *String) ReadUint8LengthPrefixed(out *String) bool {
+ return s.readLengthPrefixed(1, out)
+}
+
+// ReadUint16LengthPrefixed reads the content of a big-endian, 16-bit
+// length-prefixed value into out and advances over it. It reports whether the
+// read was successful.
+func (s *String) ReadUint16LengthPrefixed(out *String) bool {
+ return s.readLengthPrefixed(2, out)
+}
+
+// ReadUint24LengthPrefixed reads the content of a big-endian, 24-bit
+// length-prefixed value into out and advances over it. It reports whether
+// the read was successful.
+func (s *String) ReadUint24LengthPrefixed(out *String) bool {
+ return s.readLengthPrefixed(3, out)
+}
+
+// ReadBytes reads n bytes into out and advances over them. It reports
+// whether the read was successful.
+func (s *String) ReadBytes(out *[]byte, n int) bool {
+ v := s.read(n)
+ if v == nil {
+ return false
+ }
+ *out = v
+ return true
+}
+
+// CopyBytes copies len(out) bytes into out and advances over them. It reports
+// whether the copy operation was successful
+func (s *String) CopyBytes(out []byte) bool {
+ n := len(out)
+ v := s.read(n)
+ if v == nil {
+ return false
+ }
+ return copy(out, v) == n
+}
+
+// Empty reports whether the string does not contain any bytes.
+func (s String) Empty() bool {
+ return len(s) == 0
+}
diff --git a/vendor/golang.org/x/crypto/hkdf/hkdf.go b/vendor/golang.org/x/crypto/hkdf/hkdf.go
new file mode 100644
index 00000000..dda3f143
--- /dev/null
+++ b/vendor/golang.org/x/crypto/hkdf/hkdf.go
@@ -0,0 +1,93 @@
+// Copyright 2014 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package hkdf implements the HMAC-based Extract-and-Expand Key Derivation
+// Function (HKDF) as defined in RFC 5869.
+//
+// HKDF is a cryptographic key derivation function (KDF) with the goal of
+// expanding limited input keying material into one or more cryptographically
+// strong secret keys.
+package hkdf // import "golang.org/x/crypto/hkdf"
+
+import (
+ "crypto/hmac"
+ "errors"
+ "hash"
+ "io"
+)
+
+// Extract generates a pseudorandom key for use with Expand from an input secret
+// and an optional independent salt.
+//
+// Only use this function if you need to reuse the extracted key with multiple
+// Expand invocations and different context values. Most common scenarios,
+// including the generation of multiple keys, should use New instead.
+func Extract(hash func() hash.Hash, secret, salt []byte) []byte {
+ if salt == nil {
+ salt = make([]byte, hash().Size())
+ }
+ extractor := hmac.New(hash, salt)
+ extractor.Write(secret)
+ return extractor.Sum(nil)
+}
+
+type hkdf struct {
+ expander hash.Hash
+ size int
+
+ info []byte
+ counter byte
+
+ prev []byte
+ buf []byte
+}
+
+func (f *hkdf) Read(p []byte) (int, error) {
+ // Check whether enough data can be generated
+ need := len(p)
+ remains := len(f.buf) + int(255-f.counter+1)*f.size
+ if remains < need {
+ return 0, errors.New("hkdf: entropy limit reached")
+ }
+ // Read any leftover from the buffer
+ n := copy(p, f.buf)
+ p = p[n:]
+
+ // Fill the rest of the buffer
+ for len(p) > 0 {
+ f.expander.Reset()
+ f.expander.Write(f.prev)
+ f.expander.Write(f.info)
+ f.expander.Write([]byte{f.counter})
+ f.prev = f.expander.Sum(f.prev[:0])
+ f.counter++
+
+ // Copy the new batch into p
+ f.buf = f.prev
+ n = copy(p, f.buf)
+ p = p[n:]
+ }
+ // Save leftovers for next run
+ f.buf = f.buf[n:]
+
+ return need, nil
+}
+
+// Expand returns a Reader, from which keys can be read, using the given
+// pseudorandom key and optional context info, skipping the extraction step.
+//
+// The pseudorandomKey should have been generated by Extract, or be a uniformly
+// random or pseudorandom cryptographically strong key. See RFC 5869, Section
+// 3.3. Most common scenarios will want to use New instead.
+func Expand(hash func() hash.Hash, pseudorandomKey, info []byte) io.Reader {
+ expander := hmac.New(hash, pseudorandomKey)
+ return &hkdf{expander, expander.Size(), info, 1, nil, nil}
+}
+
+// New returns a Reader, from which keys can be read, using the given hash,
+// secret, salt and context info. Salt and info can be nil.
+func New(hash func() hash.Hash, secret, salt, info []byte) io.Reader {
+ prk := Extract(hash, secret, salt)
+ return Expand(hash, prk, info)
+}
diff --git a/vendor/golang.org/x/net/context/go17.go b/vendor/golang.org/x/net/context/go17.go
index d20f52b7..344bd143 100644
--- a/vendor/golang.org/x/net/context/go17.go
+++ b/vendor/golang.org/x/net/context/go17.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build go1.7
// +build go1.7
package context
diff --git a/vendor/golang.org/x/net/context/go19.go b/vendor/golang.org/x/net/context/go19.go
index d88bd1db..64d31ecc 100644
--- a/vendor/golang.org/x/net/context/go19.go
+++ b/vendor/golang.org/x/net/context/go19.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build go1.9
// +build go1.9
package context
diff --git a/vendor/golang.org/x/net/context/pre_go17.go b/vendor/golang.org/x/net/context/pre_go17.go
index 0f35592d..5270db5d 100644
--- a/vendor/golang.org/x/net/context/pre_go17.go
+++ b/vendor/golang.org/x/net/context/pre_go17.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !go1.7
// +build !go1.7
package context
diff --git a/vendor/golang.org/x/net/context/pre_go19.go b/vendor/golang.org/x/net/context/pre_go19.go
index b105f80b..1f971534 100644
--- a/vendor/golang.org/x/net/context/pre_go19.go
+++ b/vendor/golang.org/x/net/context/pre_go19.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !go1.9
// +build !go1.9
package context
diff --git a/vendor/golang.org/x/net/http2/go111.go b/vendor/golang.org/x/net/http2/go111.go
index 3a131016..5bf62b03 100644
--- a/vendor/golang.org/x/net/http2/go111.go
+++ b/vendor/golang.org/x/net/http2/go111.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build go1.11
// +build go1.11
package http2
diff --git a/vendor/golang.org/x/net/http2/not_go111.go b/vendor/golang.org/x/net/http2/not_go111.go
index 161bca7c..cc0baa81 100644
--- a/vendor/golang.org/x/net/http2/not_go111.go
+++ b/vendor/golang.org/x/net/http2/not_go111.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !go1.11
// +build !go1.11
package http2
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
index 02714ade..e125bbd2 100644
--- a/vendor/golang.org/x/net/http2/server.go
+++ b/vendor/golang.org/x/net/http2/server.go
@@ -1293,7 +1293,9 @@ func (sc *serverConn) startGracefulShutdown() {
sc.shutdownOnce.Do(func() { sc.sendServeMsg(gracefulShutdownMsg) })
}
-// After sending GOAWAY, the connection will close after goAwayTimeout.
+// After sending GOAWAY with an error code (non-graceful shutdown), the
+// connection will close after goAwayTimeout.
+//
// If we close the connection immediately after sending GOAWAY, there may
// be unsent data in our kernel receive buffer, which will cause the kernel
// to send a TCP RST on close() instead of a FIN. This RST will abort the
@@ -1629,23 +1631,37 @@ func (sc *serverConn) processSettingInitialWindowSize(val uint32) error {
func (sc *serverConn) processData(f *DataFrame) error {
sc.serveG.check()
- if sc.inGoAway && sc.goAwayCode != ErrCodeNo {
+ id := f.Header().StreamID
+ if sc.inGoAway && (sc.goAwayCode != ErrCodeNo || id > sc.maxClientStreamID) {
+ // Discard all DATA frames if the GOAWAY is due to an
+ // error, or:
+ //
+ // Section 6.8: After sending a GOAWAY frame, the sender
+ // can discard frames for streams initiated by the
+ // receiver with identifiers higher than the identified
+ // last stream.
return nil
}
- data := f.Data()
- // "If a DATA frame is received whose stream is not in "open"
- // or "half closed (local)" state, the recipient MUST respond
- // with a stream error (Section 5.4.2) of type STREAM_CLOSED."
- id := f.Header().StreamID
+ data := f.Data()
state, st := sc.state(id)
if id == 0 || state == stateIdle {
+ // Section 6.1: "DATA frames MUST be associated with a
+ // stream. If a DATA frame is received whose stream
+ // identifier field is 0x0, the recipient MUST respond
+ // with a connection error (Section 5.4.1) of type
+ // PROTOCOL_ERROR."
+ //
// Section 5.1: "Receiving any frame other than HEADERS
// or PRIORITY on a stream in this state MUST be
// treated as a connection error (Section 5.4.1) of
// type PROTOCOL_ERROR."
return ConnectionError(ErrCodeProtocol)
}
+
+ // "If a DATA frame is received whose stream is not in "open"
+ // or "half closed (local)" state, the recipient MUST respond
+ // with a stream error (Section 5.4.2) of type STREAM_CLOSED."
if st == nil || state != stateOpen || st.gotTrailerHeader || st.resetQueued {
// This includes sending a RST_STREAM if the stream is
// in stateHalfClosedLocal (which currently means that
@@ -1694,6 +1710,7 @@ func (sc *serverConn) processData(f *DataFrame) error {
if len(data) > 0 {
wrote, err := st.body.Write(data)
if err != nil {
+ sc.sendWindowUpdate(nil, int(f.Length)-wrote)
return streamError(id, ErrCodeStreamClosed)
}
if wrote != len(data) {
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
index 4ec32669..7688d72c 100644
--- a/vendor/golang.org/x/net/http2/transport.go
+++ b/vendor/golang.org/x/net/http2/transport.go
@@ -154,12 +154,21 @@ func (t *Transport) pingTimeout() time.Duration {
// ConfigureTransport configures a net/http HTTP/1 Transport to use HTTP/2.
// It returns an error if t1 has already been HTTP/2-enabled.
+//
+// Use ConfigureTransports instead to configure the HTTP/2 Transport.
func ConfigureTransport(t1 *http.Transport) error {
- _, err := configureTransport(t1)
+ _, err := ConfigureTransports(t1)
return err
}
-func configureTransport(t1 *http.Transport) (*Transport, error) {
+// ConfigureTransports configures a net/http HTTP/1 Transport to use HTTP/2.
+// It returns a new HTTP/2 Transport for further configuration.
+// It returns an error if t1 has already been HTTP/2-enabled.
+func ConfigureTransports(t1 *http.Transport) (*Transport, error) {
+ return configureTransports(t1)
+}
+
+func configureTransports(t1 *http.Transport) (*Transport, error) {
connPool := new(clientConnPool)
t2 := &Transport{
ConnPool: noDialClientConnPool{connPool},
@@ -689,6 +698,7 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
cc.inflow.add(transportDefaultConnFlow + initialWindowSize)
cc.bw.Flush()
if cc.werr != nil {
+ cc.Close()
return nil, cc.werr
}
@@ -1080,6 +1090,15 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
bodyWriter := cc.t.getBodyWriterState(cs, body)
cs.on100 = bodyWriter.on100
+ defer func() {
+ cc.wmu.Lock()
+ werr := cc.werr
+ cc.wmu.Unlock()
+ if werr != nil {
+ cc.Close()
+ }
+ }()
+
cc.wmu.Lock()
endStream := !hasBody && !hasTrailers
werr := cc.writeHeaders(cs.ID, endStream, int(cc.maxFrameSize), hdrs)
@@ -1129,6 +1148,9 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
// we can keep it.
bodyWriter.cancel()
cs.abortRequestBodyWrite(errStopReqBodyWrite)
+ if hasBody && !bodyWritten {
+ <-bodyWriter.resc
+ }
}
if re.err != nil {
cc.forgetStreamID(cs.ID)
@@ -1149,6 +1171,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
} else {
bodyWriter.cancel()
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
+ <-bodyWriter.resc
}
cc.forgetStreamID(cs.ID)
return nil, cs.getStartedWrite(), errTimeout
@@ -1158,6 +1181,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
} else {
bodyWriter.cancel()
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
+ <-bodyWriter.resc
}
cc.forgetStreamID(cs.ID)
return nil, cs.getStartedWrite(), ctx.Err()
@@ -1167,6 +1191,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
} else {
bodyWriter.cancel()
cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
+ <-bodyWriter.resc
}
cc.forgetStreamID(cs.ID)
return nil, cs.getStartedWrite(), errRequestCanceled
@@ -1176,6 +1201,7 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
// forgetStreamID.
return nil, cs.getStartedWrite(), cs.resetErr
case err := <-bodyWriter.resc:
+ bodyWritten = true
// Prefer the read loop's response, if available. Issue 16102.
select {
case re := <-readLoopResCh:
@@ -1186,7 +1212,6 @@ func (cc *ClientConn) roundTrip(req *http.Request) (res *http.Response, gotErrAf
cc.forgetStreamID(cs.ID)
return nil, cs.getStartedWrite(), err
}
- bodyWritten = true
if d := cc.responseHeaderTimeout(); d != 0 {
timer := time.NewTimer(d)
defer timer.Stop()
@@ -2607,7 +2632,9 @@ func (t *Transport) getBodyWriterState(cs *clientStream, body io.Reader) (s body
func (s bodyWriterState) cancel() {
if s.timer != nil {
- s.timer.Stop()
+ if s.timer.Stop() {
+ s.resc <- nil
+ }
}
}
diff --git a/vendor/golang.org/x/net/idna/idna10.0.0.go b/vendor/golang.org/x/net/idna/idna10.0.0.go
index a98a31f4..7e69ee1b 100644
--- a/vendor/golang.org/x/net/idna/idna10.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna10.0.0.go
@@ -4,6 +4,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build go1.10
// +build go1.10
// Package idna implements IDNA2008 using the compatibility processing
diff --git a/vendor/golang.org/x/net/idna/idna9.0.0.go b/vendor/golang.org/x/net/idna/idna9.0.0.go
index 8842146b..7c745637 100644
--- a/vendor/golang.org/x/net/idna/idna9.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna9.0.0.go
@@ -4,6 +4,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !go1.10
// +build !go1.10
// Package idna implements IDNA2008 using the compatibility processing
diff --git a/vendor/golang.org/x/net/idna/tables10.0.0.go b/vendor/golang.org/x/net/idna/tables10.0.0.go
index 54fddb4b..d1d62ef4 100644
--- a/vendor/golang.org/x/net/idna/tables10.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables10.0.0.go
@@ -1,5 +1,6 @@
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+//go:build go1.10 && !go1.13
// +build go1.10,!go1.13
package idna
diff --git a/vendor/golang.org/x/net/idna/tables11.0.0.go b/vendor/golang.org/x/net/idna/tables11.0.0.go
index 8ce0811f..167efba7 100644
--- a/vendor/golang.org/x/net/idna/tables11.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables11.0.0.go
@@ -1,5 +1,6 @@
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+//go:build go1.13 && !go1.14
// +build go1.13,!go1.14
package idna
diff --git a/vendor/golang.org/x/net/idna/tables12.00.go b/vendor/golang.org/x/net/idna/tables12.0.0.go
similarity index 99%
rename from vendor/golang.org/x/net/idna/tables12.00.go
rename to vendor/golang.org/x/net/idna/tables12.0.0.go
index f4b8ea36..ab40f7bc 100644
--- a/vendor/golang.org/x/net/idna/tables12.00.go
+++ b/vendor/golang.org/x/net/idna/tables12.0.0.go
@@ -1,6 +1,7 @@
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
-// +build go1.14
+//go:build go1.14 && !go1.16
+// +build go1.14,!go1.16
package idna
diff --git a/vendor/golang.org/x/net/idna/tables13.0.0.go b/vendor/golang.org/x/net/idna/tables13.0.0.go
new file mode 100644
index 00000000..390c5e56
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/tables13.0.0.go
@@ -0,0 +1,4840 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+//go:build go1.16
+// +build go1.16
+
+package idna
+
+// UnicodeVersion is the Unicode version from which the tables in this package are derived.
+const UnicodeVersion = "13.0.0"
+
+var mappings string = "" + // Size: 8188 bytes
+ "\x00\x01 \x03 ̈\x01a\x03 ̄\x012\x013\x03 ́\x03 ̧\x011\x01o\x051⁄4\x051⁄2" +
+ "\x053⁄4\x03i̇\x03l·\x03ʼn\x01s\x03dž\x03ⱥ\x03ⱦ\x01h\x01j\x01r\x01w\x01y" +
+ "\x03 ̆\x03 ̇\x03 ̊\x03 ̨\x03 ̃\x03 ̋\x01l\x01x\x04̈́\x03 ι\x01;\x05 ̈́" +
+ "\x04եւ\x04اٴ\x04وٴ\x04ۇٴ\x04يٴ\x06क़\x06ख़\x06ग़\x06ज़\x06ड़\x06ढ़\x06फ़" +
+ "\x06य़\x06ড়\x06ঢ়\x06য়\x06ਲ਼\x06ਸ਼\x06ਖ਼\x06ਗ਼\x06ਜ਼\x06ਫ਼\x06ଡ଼\x06ଢ଼" +
+ "\x06ํา\x06ໍາ\x06ຫນ\x06ຫມ\x06གྷ\x06ཌྷ\x06དྷ\x06བྷ\x06ཛྷ\x06ཀྵ\x06ཱི\x06ཱུ" +
+ "\x06ྲྀ\x09ྲཱྀ\x06ླྀ\x09ླཱྀ\x06ཱྀ\x06ྒྷ\x06ྜྷ\x06ྡྷ\x06ྦྷ\x06ྫྷ\x06ྐྵ\x02" +
+ "в\x02д\x02о\x02с\x02т\x02ъ\x02ѣ\x02æ\x01b\x01d\x01e\x02ǝ\x01g\x01i\x01k" +
+ "\x01m\x01n\x02ȣ\x01p\x01t\x01u\x02ɐ\x02ɑ\x02ə\x02ɛ\x02ɜ\x02ŋ\x02ɔ\x02ɯ" +
+ "\x01v\x02β\x02γ\x02δ\x02φ\x02χ\x02ρ\x02н\x02ɒ\x01c\x02ɕ\x02ð\x01f\x02ɟ" +
+ "\x02ɡ\x02ɥ\x02ɨ\x02ɩ\x02ɪ\x02ʝ\x02ɭ\x02ʟ\x02ɱ\x02ɰ\x02ɲ\x02ɳ\x02ɴ\x02ɵ" +
+ "\x02ɸ\x02ʂ\x02ʃ\x02ƫ\x02ʉ\x02ʊ\x02ʋ\x02ʌ\x01z\x02ʐ\x02ʑ\x02ʒ\x02θ\x02ss" +
+ "\x02ά\x02έ\x02ή\x02ί\x02ό\x02ύ\x02ώ\x05ἀι\x05ἁι\x05ἂι\x05ἃι\x05ἄι\x05ἅι" +
+ "\x05ἆι\x05ἇι\x05ἠι\x05ἡι\x05ἢι\x05ἣι\x05ἤι\x05ἥι\x05ἦι\x05ἧι\x05ὠι\x05ὡι" +
+ "\x05ὢι\x05ὣι\x05ὤι\x05ὥι\x05ὦι\x05ὧι\x05ὰι\x04αι\x04άι\x05ᾶι\x02ι\x05 ̈͂" +
+ "\x05ὴι\x04ηι\x04ήι\x05ῆι\x05 ̓̀\x05 ̓́\x05 ̓͂\x02ΐ\x05 ̔̀\x05 ̔́\x05 ̔͂" +
+ "\x02ΰ\x05 ̈̀\x01`\x05ὼι\x04ωι\x04ώι\x05ῶι\x06′′\x09′′′\x06‵‵\x09‵‵‵\x02!" +
+ "!\x02??\x02?!\x02!?\x0c′′′′\x010\x014\x015\x016\x017\x018\x019\x01+\x01=" +
+ "\x01(\x01)\x02rs\x02ħ\x02no\x01q\x02sm\x02tm\x02ω\x02å\x02א\x02ב\x02ג" +
+ "\x02ד\x02π\x051⁄7\x051⁄9\x061⁄10\x051⁄3\x052⁄3\x051⁄5\x052⁄5\x053⁄5\x054" +
+ "⁄5\x051⁄6\x055⁄6\x051⁄8\x053⁄8\x055⁄8\x057⁄8\x041⁄\x02ii\x02iv\x02vi" +
+ "\x04viii\x02ix\x02xi\x050⁄3\x06∫∫\x09∫∫∫\x06∮∮\x09∮∮∮\x0210\x0211\x0212" +
+ "\x0213\x0214\x0215\x0216\x0217\x0218\x0219\x0220\x04(10)\x04(11)\x04(12)" +
+ "\x04(13)\x04(14)\x04(15)\x04(16)\x04(17)\x04(18)\x04(19)\x04(20)\x0c∫∫∫∫" +
+ "\x02==\x05⫝̸\x02ɫ\x02ɽ\x02ȿ\x02ɀ\x01.\x04 ゙\x04 ゚\x06より\x06コト\x05(ᄀ)\x05" +
+ "(ᄂ)\x05(ᄃ)\x05(ᄅ)\x05(ᄆ)\x05(ᄇ)\x05(ᄉ)\x05(ᄋ)\x05(ᄌ)\x05(ᄎ)\x05(ᄏ)\x05(ᄐ" +
+ ")\x05(ᄑ)\x05(ᄒ)\x05(가)\x05(나)\x05(다)\x05(라)\x05(마)\x05(바)\x05(사)\x05(아)" +
+ "\x05(자)\x05(차)\x05(카)\x05(타)\x05(파)\x05(하)\x05(주)\x08(오전)\x08(오후)\x05(一)" +
+ "\x05(二)\x05(三)\x05(四)\x05(五)\x05(六)\x05(七)\x05(八)\x05(九)\x05(十)\x05(月)" +
+ "\x05(火)\x05(水)\x05(木)\x05(金)\x05(土)\x05(日)\x05(株)\x05(有)\x05(社)\x05(名)" +
+ "\x05(特)\x05(財)\x05(祝)\x05(労)\x05(代)\x05(呼)\x05(学)\x05(監)\x05(企)\x05(資)" +
+ "\x05(協)\x05(祭)\x05(休)\x05(自)\x05(至)\x0221\x0222\x0223\x0224\x0225\x0226" +
+ "\x0227\x0228\x0229\x0230\x0231\x0232\x0233\x0234\x0235\x06참고\x06주의\x0236" +
+ "\x0237\x0238\x0239\x0240\x0241\x0242\x0243\x0244\x0245\x0246\x0247\x0248" +
+ "\x0249\x0250\x041月\x042月\x043月\x044月\x045月\x046月\x047月\x048月\x049月\x0510" +
+ "月\x0511月\x0512月\x02hg\x02ev\x06令和\x0cアパート\x0cアルファ\x0cアンペア\x09アール\x0cイニ" +
+ "ング\x09インチ\x09ウォン\x0fエスクード\x0cエーカー\x09オンス\x09オーム\x09カイリ\x0cカラット\x0cカロリー" +
+ "\x09ガロン\x09ガンマ\x06ギガ\x09ギニー\x0cキュリー\x0cギルダー\x06キロ\x0fキログラム\x12キロメートル\x0f" +
+ "キロワット\x09グラム\x0fグラムトン\x0fクルゼイロ\x0cクローネ\x09ケース\x09コルナ\x09コーポ\x0cサイクル" +
+ "\x0fサンチーム\x0cシリング\x09センチ\x09セント\x09ダース\x06デシ\x06ドル\x06トン\x06ナノ\x09ノット" +
+ "\x09ハイツ\x0fパーセント\x09パーツ\x0cバーレル\x0fピアストル\x09ピクル\x06ピコ\x06ビル\x0fファラッド\x0c" +
+ "フィート\x0fブッシェル\x09フラン\x0fヘクタール\x06ペソ\x09ペニヒ\x09ヘルツ\x09ペンス\x09ページ\x09ベータ" +
+ "\x0cポイント\x09ボルト\x06ホン\x09ポンド\x09ホール\x09ホーン\x0cマイクロ\x09マイル\x09マッハ\x09マルク" +
+ "\x0fマンション\x0cミクロン\x06ミリ\x0fミリバール\x06メガ\x0cメガトン\x0cメートル\x09ヤード\x09ヤール\x09" +
+ "ユアン\x0cリットル\x06リラ\x09ルピー\x0cルーブル\x06レム\x0fレントゲン\x09ワット\x040点\x041点\x04" +
+ "2点\x043点\x044点\x045点\x046点\x047点\x048点\x049点\x0510点\x0511点\x0512点\x0513点" +
+ "\x0514点\x0515点\x0516点\x0517点\x0518点\x0519点\x0520点\x0521点\x0522点\x0523点" +
+ "\x0524点\x02da\x02au\x02ov\x02pc\x02dm\x02iu\x06平成\x06昭和\x06大正\x06明治\x0c株" +
+ "式会社\x02pa\x02na\x02ma\x02ka\x02kb\x02mb\x02gb\x04kcal\x02pf\x02nf\x02m" +
+ "g\x02kg\x02hz\x02ml\x02dl\x02kl\x02fm\x02nm\x02mm\x02cm\x02km\x02m2\x02m" +
+ "3\x05m∕s\x06m∕s2\x07rad∕s\x08rad∕s2\x02ps\x02ns\x02ms\x02pv\x02nv\x02mv" +
+ "\x02kv\x02pw\x02nw\x02mw\x02kw\x02bq\x02cc\x02cd\x06c∕kg\x02db\x02gy\x02" +
+ "ha\x02hp\x02in\x02kk\x02kt\x02lm\x02ln\x02lx\x02ph\x02pr\x02sr\x02sv\x02" +
+ "wb\x05v∕m\x05a∕m\x041日\x042日\x043日\x044日\x045日\x046日\x047日\x048日\x049日" +
+ "\x0510日\x0511日\x0512日\x0513日\x0514日\x0515日\x0516日\x0517日\x0518日\x0519日" +
+ "\x0520日\x0521日\x0522日\x0523日\x0524日\x0525日\x0526日\x0527日\x0528日\x0529日" +
+ "\x0530日\x0531日\x02ь\x02ɦ\x02ɬ\x02ʞ\x02ʇ\x02œ\x02ʍ\x04𤋮\x04𢡊\x04𢡄\x04𣏕" +
+ "\x04𥉉\x04𥳐\x04𧻓\x02ff\x02fi\x02fl\x02st\x04մն\x04մե\x04մի\x04վն\x04մխ" +
+ "\x04יִ\x04ײַ\x02ע\x02ה\x02כ\x02ל\x02ם\x02ר\x02ת\x04שׁ\x04שׂ\x06שּׁ\x06שּ" +
+ "ׂ\x04אַ\x04אָ\x04אּ\x04בּ\x04גּ\x04דּ\x04הּ\x04וּ\x04זּ\x04טּ\x04יּ\x04" +
+ "ךּ\x04כּ\x04לּ\x04מּ\x04נּ\x04סּ\x04ףּ\x04פּ\x04צּ\x04קּ\x04רּ\x04שּ" +
+ "\x04תּ\x04וֹ\x04בֿ\x04כֿ\x04פֿ\x04אל\x02ٱ\x02ٻ\x02پ\x02ڀ\x02ٺ\x02ٿ\x02ٹ" +
+ "\x02ڤ\x02ڦ\x02ڄ\x02ڃ\x02چ\x02ڇ\x02ڍ\x02ڌ\x02ڎ\x02ڈ\x02ژ\x02ڑ\x02ک\x02گ" +
+ "\x02ڳ\x02ڱ\x02ں\x02ڻ\x02ۀ\x02ہ\x02ھ\x02ے\x02ۓ\x02ڭ\x02ۇ\x02ۆ\x02ۈ\x02ۋ" +
+ "\x02ۅ\x02ۉ\x02ې\x02ى\x04ئا\x04ئە\x04ئو\x04ئۇ\x04ئۆ\x04ئۈ\x04ئې\x04ئى\x02" +
+ "ی\x04ئج\x04ئح\x04ئم\x04ئي\x04بج\x04بح\x04بخ\x04بم\x04بى\x04بي\x04تج\x04" +
+ "تح\x04تخ\x04تم\x04تى\x04تي\x04ثج\x04ثم\x04ثى\x04ثي\x04جح\x04جم\x04حج" +
+ "\x04حم\x04خج\x04خح\x04خم\x04سج\x04سح\x04سخ\x04سم\x04صح\x04صم\x04ضج\x04ضح" +
+ "\x04ضخ\x04ضم\x04طح\x04طم\x04ظم\x04عج\x04عم\x04غج\x04غم\x04فج\x04فح\x04فخ" +
+ "\x04فم\x04فى\x04في\x04قح\x04قم\x04قى\x04قي\x04كا\x04كج\x04كح\x04كخ\x04كل" +
+ "\x04كم\x04كى\x04كي\x04لج\x04لح\x04لخ\x04لم\x04لى\x04لي\x04مج\x04مح\x04مخ" +
+ "\x04مم\x04مى\x04مي\x04نج\x04نح\x04نخ\x04نم\x04نى\x04ني\x04هج\x04هم\x04هى" +
+ "\x04هي\x04يج\x04يح\x04يخ\x04يم\x04يى\x04يي\x04ذٰ\x04رٰ\x04ىٰ\x05 ٌّ\x05 " +
+ "ٍّ\x05 َّ\x05 ُّ\x05 ِّ\x05 ّٰ\x04ئر\x04ئز\x04ئن\x04بر\x04بز\x04بن\x04ت" +
+ "ر\x04تز\x04تن\x04ثر\x04ثز\x04ثن\x04ما\x04نر\x04نز\x04نن\x04ير\x04يز\x04" +
+ "ين\x04ئخ\x04ئه\x04به\x04ته\x04صخ\x04له\x04نه\x04هٰ\x04يه\x04ثه\x04سه" +
+ "\x04شم\x04شه\x06ـَّ\x06ـُّ\x06ـِّ\x04طى\x04طي\x04عى\x04عي\x04غى\x04غي" +
+ "\x04سى\x04سي\x04شى\x04شي\x04حى\x04حي\x04جى\x04جي\x04خى\x04خي\x04صى\x04صي" +
+ "\x04ضى\x04ضي\x04شج\x04شح\x04شخ\x04شر\x04سر\x04صر\x04ضر\x04اً\x06تجم\x06ت" +
+ "حج\x06تحم\x06تخم\x06تمج\x06تمح\x06تمخ\x06جمح\x06حمي\x06حمى\x06سحج\x06سج" +
+ "ح\x06سجى\x06سمح\x06سمج\x06سمم\x06صحح\x06صمم\x06شحم\x06شجي\x06شمخ\x06شمم" +
+ "\x06ضحى\x06ضخم\x06طمح\x06طمم\x06طمي\x06عجم\x06عمم\x06عمى\x06غمم\x06غمي" +
+ "\x06غمى\x06فخم\x06قمح\x06قمم\x06لحم\x06لحي\x06لحى\x06لجج\x06لخم\x06لمح" +
+ "\x06محج\x06محم\x06محي\x06مجح\x06مجم\x06مخج\x06مخم\x06مجخ\x06همج\x06همم" +
+ "\x06نحم\x06نحى\x06نجم\x06نجى\x06نمي\x06نمى\x06يمم\x06بخي\x06تجي\x06تجى" +
+ "\x06تخي\x06تخى\x06تمي\x06تمى\x06جمي\x06جحى\x06جمى\x06سخى\x06صحي\x06شحي" +
+ "\x06ضحي\x06لجي\x06لمي\x06يحي\x06يجي\x06يمي\x06ممي\x06قمي\x06نحي\x06عمي" +
+ "\x06كمي\x06نجح\x06مخي\x06لجم\x06كمم\x06جحي\x06حجي\x06مجي\x06فمي\x06بحي" +
+ "\x06سخي\x06نجي\x06صلے\x06قلے\x08الله\x08اكبر\x08محمد\x08صلعم\x08رسول\x08" +
+ "عليه\x08وسلم\x06صلى!صلى الله عليه وسلم\x0fجل جلاله\x08ریال\x01,\x01:" +
+ "\x01!\x01?\x01_\x01{\x01}\x01[\x01]\x01#\x01&\x01*\x01-\x01<\x01>\x01\\" +
+ "\x01$\x01%\x01@\x04ـً\x04ـَ\x04ـُ\x04ـِ\x04ـّ\x04ـْ\x02ء\x02آ\x02أ\x02ؤ" +
+ "\x02إ\x02ئ\x02ا\x02ب\x02ة\x02ت\x02ث\x02ج\x02ح\x02خ\x02د\x02ذ\x02ر\x02ز" +
+ "\x02س\x02ش\x02ص\x02ض\x02ط\x02ظ\x02ع\x02غ\x02ف\x02ق\x02ك\x02ل\x02م\x02ن" +
+ "\x02ه\x02و\x02ي\x04لآ\x04لأ\x04لإ\x04لا\x01\x22\x01'\x01/\x01^\x01|\x01~" +
+ "\x02¢\x02£\x02¬\x02¦\x02¥\x08𝅗𝅥\x08𝅘𝅥\x0c𝅘𝅥𝅮\x0c𝅘𝅥𝅯\x0c𝅘𝅥𝅰\x0c𝅘𝅥𝅱\x0c𝅘𝅥𝅲" +
+ "\x08𝆹𝅥\x08𝆺𝅥\x0c𝆹𝅥𝅮\x0c𝆺𝅥𝅮\x0c𝆹𝅥𝅯\x0c𝆺𝅥𝅯\x02ı\x02ȷ\x02α\x02ε\x02ζ\x02η" +
+ "\x02κ\x02λ\x02μ\x02ν\x02ξ\x02ο\x02σ\x02τ\x02υ\x02ψ\x03∇\x03∂\x02ϝ\x02ٮ" +
+ "\x02ڡ\x02ٯ\x020,\x021,\x022,\x023,\x024,\x025,\x026,\x027,\x028,\x029," +
+ "\x03(a)\x03(b)\x03(c)\x03(d)\x03(e)\x03(f)\x03(g)\x03(h)\x03(i)\x03(j)" +
+ "\x03(k)\x03(l)\x03(m)\x03(n)\x03(o)\x03(p)\x03(q)\x03(r)\x03(s)\x03(t)" +
+ "\x03(u)\x03(v)\x03(w)\x03(x)\x03(y)\x03(z)\x07〔s〕\x02wz\x02hv\x02sd\x03p" +
+ "pv\x02wc\x02mc\x02md\x02mr\x02dj\x06ほか\x06ココ\x03サ\x03手\x03字\x03双\x03デ" +
+ "\x03二\x03多\x03解\x03天\x03交\x03映\x03無\x03料\x03前\x03後\x03再\x03新\x03初\x03終" +
+ "\x03生\x03販\x03声\x03吹\x03演\x03投\x03捕\x03一\x03三\x03遊\x03左\x03中\x03右\x03指" +
+ "\x03走\x03打\x03禁\x03空\x03合\x03満\x03有\x03月\x03申\x03割\x03営\x03配\x09〔本〕\x09〔" +
+ "三〕\x09〔二〕\x09〔安〕\x09〔点〕\x09〔打〕\x09〔盗〕\x09〔勝〕\x09〔敗〕\x03得\x03可\x03丽\x03" +
+ "丸\x03乁\x03你\x03侮\x03侻\x03倂\x03偺\x03備\x03僧\x03像\x03㒞\x03免\x03兔\x03兤\x03" +
+ "具\x03㒹\x03內\x03冗\x03冤\x03仌\x03冬\x03况\x03凵\x03刃\x03㓟\x03刻\x03剆\x03剷\x03" +
+ "㔕\x03勇\x03勉\x03勤\x03勺\x03包\x03匆\x03北\x03卉\x03卑\x03博\x03即\x03卽\x03卿\x03" +
+ "灰\x03及\x03叟\x03叫\x03叱\x03吆\x03咞\x03吸\x03呈\x03周\x03咢\x03哶\x03唐\x03啓\x03" +
+ "啣\x03善\x03喙\x03喫\x03喳\x03嗂\x03圖\x03嘆\x03圗\x03噑\x03噴\x03切\x03壮\x03城\x03" +
+ "埴\x03堍\x03型\x03堲\x03報\x03墬\x03売\x03壷\x03夆\x03夢\x03奢\x03姬\x03娛\x03娧\x03" +
+ "姘\x03婦\x03㛮\x03嬈\x03嬾\x03寃\x03寘\x03寧\x03寳\x03寿\x03将\x03尢\x03㞁\x03屠\x03" +
+ "屮\x03峀\x03岍\x03嵃\x03嵮\x03嵫\x03嵼\x03巡\x03巢\x03㠯\x03巽\x03帨\x03帽\x03幩\x03" +
+ "㡢\x03㡼\x03庰\x03庳\x03庶\x03廊\x03廾\x03舁\x03弢\x03㣇\x03形\x03彫\x03㣣\x03徚\x03" +
+ "忍\x03志\x03忹\x03悁\x03㤺\x03㤜\x03悔\x03惇\x03慈\x03慌\x03慎\x03慺\x03憎\x03憲\x03" +
+ "憤\x03憯\x03懞\x03懲\x03懶\x03成\x03戛\x03扝\x03抱\x03拔\x03捐\x03挽\x03拼\x03捨\x03" +
+ "掃\x03揤\x03搢\x03揅\x03掩\x03㨮\x03摩\x03摾\x03撝\x03摷\x03㩬\x03敏\x03敬\x03旣\x03" +
+ "書\x03晉\x03㬙\x03暑\x03㬈\x03㫤\x03冒\x03冕\x03最\x03暜\x03肭\x03䏙\x03朗\x03望\x03" +
+ "朡\x03杞\x03杓\x03㭉\x03柺\x03枅\x03桒\x03梅\x03梎\x03栟\x03椔\x03㮝\x03楂\x03榣\x03" +
+ "槪\x03檨\x03櫛\x03㰘\x03次\x03歔\x03㱎\x03歲\x03殟\x03殺\x03殻\x03汎\x03沿\x03泍\x03" +
+ "汧\x03洖\x03派\x03海\x03流\x03浩\x03浸\x03涅\x03洴\x03港\x03湮\x03㴳\x03滋\x03滇\x03" +
+ "淹\x03潮\x03濆\x03瀹\x03瀞\x03瀛\x03㶖\x03灊\x03災\x03灷\x03炭\x03煅\x03熜\x03爨\x03" +
+ "爵\x03牐\x03犀\x03犕\x03獺\x03王\x03㺬\x03玥\x03㺸\x03瑇\x03瑜\x03瑱\x03璅\x03瓊\x03" +
+ "㼛\x03甤\x03甾\x03異\x03瘐\x03㿼\x03䀈\x03直\x03眞\x03真\x03睊\x03䀹\x03瞋\x03䁆\x03" +
+ "䂖\x03硎\x03碌\x03磌\x03䃣\x03祖\x03福\x03秫\x03䄯\x03穀\x03穊\x03穏\x03䈂\x03篆\x03" +
+ "築\x03䈧\x03糒\x03䊠\x03糨\x03糣\x03紀\x03絣\x03䌁\x03緇\x03縂\x03繅\x03䌴\x03䍙\x03" +
+ "罺\x03羕\x03翺\x03者\x03聠\x03聰\x03䏕\x03育\x03脃\x03䐋\x03脾\x03媵\x03舄\x03辞\x03" +
+ "䑫\x03芑\x03芋\x03芝\x03劳\x03花\x03芳\x03芽\x03苦\x03若\x03茝\x03荣\x03莭\x03茣\x03" +
+ "莽\x03菧\x03著\x03荓\x03菊\x03菌\x03菜\x03䔫\x03蓱\x03蓳\x03蔖\x03蕤\x03䕝\x03䕡\x03" +
+ "䕫\x03虐\x03虜\x03虧\x03虩\x03蚩\x03蚈\x03蜎\x03蛢\x03蝹\x03蜨\x03蝫\x03螆\x03蟡\x03" +
+ "蠁\x03䗹\x03衠\x03衣\x03裗\x03裞\x03䘵\x03裺\x03㒻\x03䚾\x03䛇\x03誠\x03諭\x03變\x03" +
+ "豕\x03貫\x03賁\x03贛\x03起\x03跋\x03趼\x03跰\x03軔\x03輸\x03邔\x03郱\x03鄑\x03鄛\x03" +
+ "鈸\x03鋗\x03鋘\x03鉼\x03鏹\x03鐕\x03開\x03䦕\x03閷\x03䧦\x03雃\x03嶲\x03霣\x03䩮\x03" +
+ "䩶\x03韠\x03䪲\x03頋\x03頩\x03飢\x03䬳\x03餩\x03馧\x03駂\x03駾\x03䯎\x03鬒\x03鱀\x03" +
+ "鳽\x03䳎\x03䳭\x03鵧\x03䳸\x03麻\x03䵖\x03黹\x03黾\x03鼅\x03鼏\x03鼖\x03鼻"
+
+var xorData string = "" + // Size: 4862 bytes
+ "\x02\x0c\x09\x02\xb0\xec\x02\xad\xd8\x02\xad\xd9\x02\x06\x07\x02\x0f\x12" +
+ "\x02\x0f\x1f\x02\x0f\x1d\x02\x01\x13\x02\x0f\x16\x02\x0f\x0b\x02\x0f3" +
+ "\x02\x0f7\x02\x0f?\x02\x0f/\x02\x0f*\x02\x0c&\x02\x0c*\x02\x0c;\x02\x0c9" +
+ "\x02\x0c%\x02\xab\xed\x02\xab\xe2\x02\xab\xe3\x02\xa9\xe0\x02\xa9\xe1" +
+ "\x02\xa9\xe6\x02\xa3\xcb\x02\xa3\xc8\x02\xa3\xc9\x02\x01#\x02\x01\x08" +
+ "\x02\x0e>\x02\x0e'\x02\x0f\x03\x02\x03\x0d\x02\x03\x09\x02\x03\x17\x02" +
+ "\x03\x0e\x02\x02\x03\x02\x011\x02\x01\x00\x02\x01\x10\x02\x03<\x02\x07" +
+ "\x0d\x02\x02\x0c\x02\x0c0\x02\x01\x03\x02\x01\x01\x02\x01 \x02\x01\x22" +
+ "\x02\x01)\x02\x01\x0a\x02\x01\x0c\x02\x02\x06\x02\x02\x02\x02\x03\x10" +
+ "\x03\x037 \x03\x0b+\x03\x021\x00\x02\x01\x04\x02\x01\x02\x02\x019\x02" +
+ "\x03\x1c\x02\x02$\x03\x80p$\x02\x03:\x02\x03\x0a\x03\xc1r.\x03\xc1r,\x03" +
+ "\xc1r\x02\x02\x02:\x02\x02>\x02\x02,\x02\x02\x10\x02\x02\x00\x03\xc1s<" +
+ "\x03\xc1s*\x03\xc2L$\x03\xc2L;\x02\x09)\x02\x0a\x19\x03\x83\xab\xe3\x03" +
+ "\x83\xab\xf2\x03 4\xe0\x03\x81\xab\xea\x03\x81\xab\xf3\x03 4\xef\x03\x96" +
+ "\xe1\xcd\x03\x84\xe5\xc3\x02\x0d\x11\x03\x8b\xec\xcb\x03\x94\xec\xcf\x03" +
+ "\x9a\xec\xc2\x03\x8b\xec\xdb\x03\x94\xec\xdf\x03\x9a\xec\xd2\x03\x01\x0c" +
+ "!\x03\x01\x0c#\x03ʠ\x9d\x03ʣ\x9c\x03ʢ\x9f\x03ʥ\x9e\x03ʤ\x91\x03ʧ\x90\x03" +
+ "ʦ\x93\x03ʩ\x92\x03ʨ\x95\x03\xca\xf3\xb5\x03\xca\xf0\xb4\x03\xca\xf1\xb7" +
+ "\x03\xca\xf6\xb6\x03\xca\xf7\x89\x03\xca\xf4\x88\x03\xca\xf5\x8b\x03\xca" +
+ "\xfa\x8a\x03\xca\xfb\x8d\x03\xca\xf8\x8c\x03\xca\xf9\x8f\x03\xca\xfe\x8e" +
+ "\x03\xca\xff\x81\x03\xca\xfc\x80\x03\xca\xfd\x83\x03\xca\xe2\x82\x03\xca" +
+ "\xe3\x85\x03\xca\xe0\x84\x03\xca\xe1\x87\x03\xca\xe6\x86\x03\xca\xe7\x99" +
+ "\x03\xca\xe4\x98\x03\xca\xe5\x9b\x03\xca\xea\x9a\x03\xca\xeb\x9d\x03\xca" +
+ "\xe8\x9c\x03ؓ\x89\x03ߔ\x8b\x02\x010\x03\x03\x04\x1e\x03\x04\x15\x12\x03" +
+ "\x0b\x05,\x03\x06\x04\x00\x03\x06\x04)\x03\x06\x044\x03\x06\x04<\x03\x06" +
+ "\x05\x1d\x03\x06\x06\x00\x03\x06\x06\x0a\x03\x06\x06'\x03\x06\x062\x03" +
+ "\x0786\x03\x079/\x03\x079 \x03\x07:\x0e\x03\x07:\x1b\x03\x07:%\x03\x07;/" +
+ "\x03\x07;%\x03\x074\x11\x03\x076\x09\x03\x077*\x03\x070\x01\x03\x070\x0f" +
+ "\x03\x070.\x03\x071\x16\x03\x071\x04\x03\x0710\x03\x072\x18\x03\x072-" +
+ "\x03\x073\x14\x03\x073>\x03\x07'\x09\x03\x07 \x00\x03\x07\x1f\x0b\x03" +
+ "\x07\x18#\x03\x07\x18(\x03\x07\x186\x03\x07\x18\x03\x03\x07\x19\x16\x03" +
+ "\x07\x116\x03\x07\x12'\x03\x07\x13\x10\x03\x07\x0c&\x03\x07\x0c\x08\x03" +
+ "\x07\x0c\x13\x03\x07\x0d\x02\x03\x07\x0d\x1c\x03\x07\x0b5\x03\x07\x0b" +
+ "\x0a\x03\x07\x0b\x01\x03\x07\x0b\x0f\x03\x07\x05\x00\x03\x07\x05\x09\x03" +
+ "\x07\x05\x0b\x03\x07\x07\x01\x03\x07\x07\x08\x03\x07\x00<\x03\x07\x00+" +
+ "\x03\x07\x01)\x03\x07\x01\x1b\x03\x07\x01\x08\x03\x07\x03?\x03\x0445\x03" +
+ "\x044\x08\x03\x0454\x03\x04)/\x03\x04)5\x03\x04+\x05\x03\x04+\x14\x03" +
+ "\x04+ \x03\x04+<\x03\x04*&\x03\x04*\x22\x03\x04&8\x03\x04!\x01\x03\x04!" +
+ "\x22\x03\x04\x11+\x03\x04\x10.\x03\x04\x104\x03\x04\x13=\x03\x04\x12\x04" +
+ "\x03\x04\x12\x0a\x03\x04\x0d\x1d\x03\x04\x0d\x07\x03\x04\x0d \x03\x05<>" +
+ "\x03\x055<\x03\x055!\x03\x055#\x03\x055&\x03\x054\x1d\x03\x054\x02\x03" +
+ "\x054\x07\x03\x0571\x03\x053\x1a\x03\x053\x16\x03\x05.<\x03\x05.\x07\x03" +
+ "\x05):\x03\x05)<\x03\x05)\x0c\x03\x05)\x15\x03\x05+-\x03\x05+5\x03\x05$" +
+ "\x1e\x03\x05$\x14\x03\x05'\x04\x03\x05'\x14\x03\x05&\x02\x03\x05\x226" +
+ "\x03\x05\x22\x0c\x03\x05\x22\x1c\x03\x05\x19\x0a\x03\x05\x1b\x09\x03\x05" +
+ "\x1b\x0c\x03\x05\x14\x07\x03\x05\x16?\x03\x05\x16\x0c\x03\x05\x0c\x05" +
+ "\x03\x05\x0e\x0f\x03\x05\x01\x0e\x03\x05\x00(\x03\x05\x030\x03\x05\x03" +
+ "\x06\x03\x0a==\x03\x0a=1\x03\x0a=,\x03\x0a=\x0c\x03\x0a??\x03\x0a<\x08" +
+ "\x03\x0a9!\x03\x0a9)\x03\x0a97\x03\x0a99\x03\x0a6\x0a\x03\x0a6\x1c\x03" +
+ "\x0a6\x17\x03\x0a7'\x03\x0a78\x03\x0a73\x03\x0a'\x01\x03\x0a'&\x03\x0a" +
+ "\x1f\x0e\x03\x0a\x1f\x03\x03\x0a\x1f3\x03\x0a\x1b/\x03\x0a\x18\x19\x03" +
+ "\x0a\x19\x01\x03\x0a\x16\x14\x03\x0a\x0e\x22\x03\x0a\x0f\x10\x03\x0a\x0f" +
+ "\x02\x03\x0a\x0f \x03\x0a\x0c\x04\x03\x0a\x0b>\x03\x0a\x0b+\x03\x0a\x08/" +
+ "\x03\x0a\x046\x03\x0a\x05\x14\x03\x0a\x00\x04\x03\x0a\x00\x10\x03\x0a" +
+ "\x00\x14\x03\x0b<3\x03\x0b;*\x03\x0b9\x22\x03\x0b9)\x03\x0b97\x03\x0b+" +
+ "\x10\x03\x0b((\x03\x0b&5\x03\x0b$\x1c\x03\x0b$\x12\x03\x0b%\x04\x03\x0b#" +
+ "<\x03\x0b#0\x03\x0b#\x0d\x03\x0b#\x19\x03\x0b!:\x03\x0b!\x1f\x03\x0b!" +
+ "\x00\x03\x0b\x1e5\x03\x0b\x1c\x1d\x03\x0b\x1d-\x03\x0b\x1d(\x03\x0b\x18." +
+ "\x03\x0b\x18 \x03\x0b\x18\x16\x03\x0b\x14\x13\x03\x0b\x15$\x03\x0b\x15" +
+ "\x22\x03\x0b\x12\x1b\x03\x0b\x12\x10\x03\x0b\x132\x03\x0b\x13=\x03\x0b" +
+ "\x12\x18\x03\x0b\x0c&\x03\x0b\x061\x03\x0b\x06:\x03\x0b\x05#\x03\x0b\x05" +
+ "<\x03\x0b\x04\x0b\x03\x0b\x04\x04\x03\x0b\x04\x1b\x03\x0b\x042\x03\x0b" +
+ "\x041\x03\x0b\x03\x03\x03\x0b\x03\x1d\x03\x0b\x03/\x03\x0b\x03+\x03\x0b" +
+ "\x02\x1b\x03\x0b\x02\x00\x03\x0b\x01\x1e\x03\x0b\x01\x08\x03\x0b\x015" +
+ "\x03\x06\x0d9\x03\x06\x0d=\x03\x06\x0d?\x03\x02\x001\x03\x02\x003\x03" +
+ "\x02\x02\x19\x03\x02\x006\x03\x02\x02\x1b\x03\x02\x004\x03\x02\x00<\x03" +
+ "\x02\x02\x0a\x03\x02\x02\x0e\x03\x02\x01\x1a\x03\x02\x01\x07\x03\x02\x01" +
+ "\x05\x03\x02\x01\x0b\x03\x02\x01%\x03\x02\x01\x0c\x03\x02\x01\x04\x03" +
+ "\x02\x01\x1c\x03\x02\x00.\x03\x02\x002\x03\x02\x00>\x03\x02\x00\x12\x03" +
+ "\x02\x00\x16\x03\x02\x011\x03\x02\x013\x03\x02\x02 \x03\x02\x02%\x03\x02" +
+ "\x02$\x03\x02\x028\x03\x02\x02;\x03\x02\x024\x03\x02\x012\x03\x02\x022" +
+ "\x03\x02\x02/\x03\x02\x01,\x03\x02\x01\x13\x03\x02\x01\x16\x03\x02\x01" +
+ "\x11\x03\x02\x01\x1e\x03\x02\x01\x15\x03\x02\x01\x17\x03\x02\x01\x0f\x03" +
+ "\x02\x01\x08\x03\x02\x00?\x03\x02\x03\x07\x03\x02\x03\x0d\x03\x02\x03" +
+ "\x13\x03\x02\x03\x1d\x03\x02\x03\x1f\x03\x02\x00\x03\x03\x02\x00\x0d\x03" +
+ "\x02\x00\x01\x03\x02\x00\x1b\x03\x02\x00\x19\x03\x02\x00\x18\x03\x02\x00" +
+ "\x13\x03\x02\x00/\x03\x07>\x12\x03\x07<\x1f\x03\x07>\x1d\x03\x06\x1d\x0e" +
+ "\x03\x07>\x1c\x03\x07>:\x03\x07>\x13\x03\x04\x12+\x03\x07?\x03\x03\x07>" +
+ "\x02\x03\x06\x224\x03\x06\x1a.\x03\x07<%\x03\x06\x1c\x0b\x03\x0609\x03" +
+ "\x05\x1f\x01\x03\x04'\x08\x03\x93\xfd\xf5\x03\x02\x0d \x03\x02\x0d#\x03" +
+ "\x02\x0d!\x03\x02\x0d&\x03\x02\x0d\x22\x03\x02\x0d/\x03\x02\x0d,\x03\x02" +
+ "\x0d$\x03\x02\x0d'\x03\x02\x0d%\x03\x02\x0d;\x03\x02\x0d=\x03\x02\x0d?" +
+ "\x03\x099.\x03\x08\x0b7\x03\x08\x02\x14\x03\x08\x14\x0d\x03\x08.:\x03" +
+ "\x089'\x03\x0f\x0b\x18\x03\x0f\x1c1\x03\x0f\x17&\x03\x0f9\x1f\x03\x0f0" +
+ "\x0c\x03\x0e\x0a9\x03\x0e\x056\x03\x0e\x1c#\x03\x0f\x13\x0e\x03\x072\x00" +
+ "\x03\x070\x0d\x03\x072\x0b\x03\x06\x11\x18\x03\x070\x10\x03\x06\x0f(\x03" +
+ "\x072\x05\x03\x06\x0f,\x03\x073\x15\x03\x06\x07\x08\x03\x05\x16\x02\x03" +
+ "\x04\x0b \x03\x05:8\x03\x05\x16%\x03\x0a\x0d\x1f\x03\x06\x16\x10\x03\x05" +
+ "\x1d5\x03\x05*;\x03\x05\x16\x1b\x03\x04.-\x03\x06\x1a\x19\x03\x04\x03," +
+ "\x03\x0b87\x03\x04/\x0a\x03\x06\x00,\x03\x04-\x01\x03\x04\x1e-\x03\x06/(" +
+ "\x03\x0a\x0b5\x03\x06\x0e7\x03\x06\x07.\x03\x0597\x03\x0a*%\x03\x0760" +
+ "\x03\x06\x0c;\x03\x05'\x00\x03\x072.\x03\x072\x08\x03\x06=\x01\x03\x06" +
+ "\x05\x1b\x03\x06\x06\x12\x03\x06$=\x03\x06'\x0d\x03\x04\x11\x0f\x03\x076" +
+ ",\x03\x06\x07;\x03\x06.,\x03\x86\xf9\xea\x03\x8f\xff\xeb\x02\x092\x02" +
+ "\x095\x02\x094\x02\x09;\x02\x09>\x02\x098\x02\x09*\x02\x09/\x02\x09,\x02" +
+ "\x09%\x02\x09&\x02\x09#\x02\x09 \x02\x08!\x02\x08%\x02\x08$\x02\x08+\x02" +
+ "\x08.\x02\x08*\x02\x08&\x02\x088\x02\x08>\x02\x084\x02\x086\x02\x080\x02" +
+ "\x08\x10\x02\x08\x17\x02\x08\x12\x02\x08\x1d\x02\x08\x1f\x02\x08\x13\x02" +
+ "\x08\x15\x02\x08\x14\x02\x08\x0c\x03\x8b\xfd\xd0\x03\x81\xec\xc6\x03\x87" +
+ "\xe0\x8a\x03-2\xe3\x03\x80\xef\xe4\x03-2\xea\x03\x88\xe6\xeb\x03\x8e\xe6" +
+ "\xe8\x03\x84\xe6\xe9\x03\x97\xe6\xee\x03-2\xf9\x03-2\xf6\x03\x8e\xe3\xad" +
+ "\x03\x80\xe3\x92\x03\x88\xe3\x90\x03\x8e\xe3\x90\x03\x80\xe3\x97\x03\x88" +
+ "\xe3\x95\x03\x88\xfe\xcb\x03\x8e\xfe\xca\x03\x84\xfe\xcd\x03\x91\xef\xc9" +
+ "\x03-2\xc1\x03-2\xc0\x03-2\xcb\x03\x88@\x09\x03\x8e@\x08\x03\x8f\xe0\xf5" +
+ "\x03\x8e\xe6\xf9\x03\x8e\xe0\xfa\x03\x93\xff\xf4\x03\x84\xee\xd3\x03\x0b" +
+ "(\x04\x023 \x03\x0b)\x08\x021;\x02\x01*\x03\x0b#\x10\x03\x0b 0\x03\x0b!" +
+ "\x10\x03\x0b!0\x03\x07\x15\x08\x03\x09?5\x03\x07\x1f\x08\x03\x07\x17\x0b" +
+ "\x03\x09\x1f\x15\x03\x0b\x1c7\x03\x0a+#\x03\x06\x1a\x1b\x03\x06\x1a\x14" +
+ "\x03\x0a\x01\x18\x03\x06#\x1b\x03\x0a2\x0c\x03\x0a\x01\x04\x03\x09#;\x03" +
+ "\x08='\x03\x08\x1a\x0a\x03\x07\x03\x0a\x111\x03\x09\x1b\x09\x03\x073.\x03\x07" +
+ "\x01\x00\x03\x09/,\x03\x07#>\x03\x07\x048\x03\x0a\x1f\x22\x03\x098>\x03" +
+ "\x09\x11\x00\x03\x08/\x17\x03\x06'\x22\x03\x0b\x1a+\x03\x0a\x22\x19\x03" +
+ "\x0a/1\x03\x0974\x03\x09\x0f\x22\x03\x08,\x22\x03\x08?\x14\x03\x07$5\x03" +
+ "\x07<3\x03\x07=*\x03\x07\x13\x18\x03\x068\x0a\x03\x06\x09\x16\x03\x06" +
+ "\x13\x00\x03\x08\x067\x03\x08\x01\x03\x03\x08\x12\x1d\x03\x07+7\x03\x06(" +
+ ";\x03\x06\x1c?\x03\x07\x0e\x17\x03\x0a\x06\x1d\x03\x0a\x19\x07\x03\x08" +
+ "\x14$\x03\x07$;\x03\x08,$\x03\x08\x06\x0d\x03\x07\x16\x0a\x03\x06>>\x03" +
+ "\x0a\x06\x12\x03\x0a\x14)\x03\x09\x0d\x1f\x03\x09\x12\x17\x03\x09\x19" +
+ "\x01\x03\x08\x11 \x03\x08\x1d'\x03\x06<\x1a\x03\x0a.\x00\x03\x07'\x18" +
+ "\x03\x0a\x22\x08\x03\x08\x0d\x0a\x03\x08\x13)\x03\x07*)\x03\x06<,\x03" +
+ "\x07\x0b\x1a\x03\x09.\x14\x03\x09\x0d\x1e\x03\x07\x0e#\x03\x0b\x1d'\x03" +
+ "\x0a\x0a8\x03\x09%2\x03\x08+&\x03\x080\x12\x03\x0a)4\x03\x08\x06\x1f\x03" +
+ "\x0b\x1b\x1a\x03\x0a\x1b\x0f\x03\x0b\x1d*\x03\x09\x16$\x03\x090\x11\x03" +
+ "\x08\x11\x08\x03\x0a*(\x03\x0a\x042\x03\x089,\x03\x074'\x03\x07\x0f\x05" +
+ "\x03\x09\x0b\x0a\x03\x07\x1b\x01\x03\x09\x17:\x03\x09.\x0d\x03\x07.\x11" +
+ "\x03\x09+\x15\x03\x080\x13\x03\x0b\x1f\x19\x03\x0a \x11\x03\x0a\x220\x03" +
+ "\x09\x07;\x03\x08\x16\x1c\x03\x07,\x13\x03\x07\x0e/\x03\x06\x221\x03\x0a" +
+ ".\x0a\x03\x0a7\x02\x03\x0a\x032\x03\x0a\x1d.\x03\x091\x06\x03\x09\x19:" +
+ "\x03\x08\x02/\x03\x060+\x03\x06\x0f-\x03\x06\x1c\x1f\x03\x06\x1d\x07\x03" +
+ "\x0a,\x11\x03\x09=\x0d\x03\x09\x0b;\x03\x07\x1b/\x03\x0a\x1f:\x03\x09 " +
+ "\x1f\x03\x09.\x10\x03\x094\x0b\x03\x09\x1a1\x03\x08#\x1a\x03\x084\x1d" +
+ "\x03\x08\x01\x1f\x03\x08\x11\x22\x03\x07'8\x03\x07\x1a>\x03\x0757\x03" +
+ "\x06&9\x03\x06+\x11\x03\x0a.\x0b\x03\x0a,>\x03\x0a4#\x03\x08%\x17\x03" +
+ "\x07\x05\x22\x03\x07\x0c\x0b\x03\x0a\x1d+\x03\x0a\x19\x16\x03\x09+\x1f" +
+ "\x03\x09\x08\x0b\x03\x08\x16\x18\x03\x08+\x12\x03\x0b\x1d\x0c\x03\x0a=" +
+ "\x10\x03\x0a\x09\x0d\x03\x0a\x10\x11\x03\x09&0\x03\x08(\x1f\x03\x087\x07" +
+ "\x03\x08\x185\x03\x07'6\x03\x06.\x05\x03\x06=\x04\x03\x06;;\x03\x06\x06," +
+ "\x03\x0b\x18>\x03\x08\x00\x18\x03\x06 \x03\x03\x06<\x00\x03\x09%\x18\x03" +
+ "\x0b\x1c<\x03\x0a%!\x03\x0a\x09\x12\x03\x0a\x16\x02\x03\x090'\x03\x09" +
+ "\x0e=\x03\x08 \x0e\x03\x08>\x03\x03\x074>\x03\x06&?\x03\x06\x19\x09\x03" +
+ "\x06?(\x03\x0a-\x0e\x03\x09:3\x03\x098:\x03\x09\x12\x0b\x03\x09\x1d\x17" +
+ "\x03\x087\x05\x03\x082\x14\x03\x08\x06%\x03\x08\x13\x1f\x03\x06\x06\x0e" +
+ "\x03\x0a\x22<\x03\x09/<\x03\x06>+\x03\x0a'?\x03\x0a\x13\x0c\x03\x09\x10<" +
+ "\x03\x07\x1b=\x03\x0a\x19\x13\x03\x09\x22\x1d\x03\x09\x07\x0d\x03\x08)" +
+ "\x1c\x03\x06=\x1a\x03\x0a/4\x03\x0a7\x11\x03\x0a\x16:\x03\x09?3\x03\x09:" +
+ "/\x03\x09\x05\x0a\x03\x09\x14\x06\x03\x087\x22\x03\x080\x07\x03\x08\x1a" +
+ "\x1f\x03\x07\x04(\x03\x07\x04\x09\x03\x06 %\x03\x06<\x08\x03\x0a+\x14" +
+ "\x03\x09\x1d\x16\x03\x0a70\x03\x08 >\x03\x0857\x03\x070\x0a\x03\x06=\x12" +
+ "\x03\x06\x16%\x03\x06\x1d,\x03\x099#\x03\x09\x10>\x03\x07 \x1e\x03\x08" +
+ "\x0c<\x03\x08\x0b\x18\x03\x08\x15+\x03\x08,:\x03\x08%\x22\x03\x07\x0a$" +
+ "\x03\x0b\x1c=\x03\x07+\x08\x03\x0a/\x05\x03\x0a \x07\x03\x0a\x12'\x03" +
+ "\x09#\x11\x03\x08\x1b\x15\x03\x0a\x06\x01\x03\x09\x1c\x1b\x03\x0922\x03" +
+ "\x07\x14<\x03\x07\x09\x04\x03\x061\x04\x03\x07\x0e\x01\x03\x0a\x13\x18" +
+ "\x03\x0a-\x0c\x03\x0a?\x0d\x03\x0a\x09\x0a\x03\x091&\x03\x0a/\x0b\x03" +
+ "\x08$<\x03\x083\x1d\x03\x08\x0c$\x03\x08\x0d\x07\x03\x08\x0d?\x03\x08" +
+ "\x0e\x14\x03\x065\x0a\x03\x08\x1a#\x03\x08\x16#\x03\x0702\x03\x07\x03" +
+ "\x1a\x03\x06(\x1d\x03\x06+\x1b\x03\x06\x0b\x05\x03\x06\x0b\x17\x03\x06" +
+ "\x0c\x04\x03\x06\x1e\x19\x03\x06+0\x03\x062\x18\x03\x0b\x16\x1e\x03\x0a+" +
+ "\x16\x03\x0a-?\x03\x0a#:\x03\x0a#\x10\x03\x0a%$\x03\x0a>+\x03\x0a01\x03" +
+ "\x0a1\x10\x03\x0a\x099\x03\x0a\x0a\x12\x03\x0a\x19\x1f\x03\x0a\x19\x12" +
+ "\x03\x09*)\x03\x09-\x16\x03\x09.1\x03\x09.2\x03\x09<\x0e\x03\x09> \x03" +
+ "\x093\x12\x03\x09\x0b\x01\x03\x09\x1c2\x03\x09\x11\x1c\x03\x09\x15%\x03" +
+ "\x08,&\x03\x08!\x22\x03\x089(\x03\x08\x0b\x1a\x03\x08\x0d2\x03\x08\x0c" +
+ "\x04\x03\x08\x0c\x06\x03\x08\x0c\x1f\x03\x08\x0c\x0c\x03\x08\x0f\x1f\x03" +
+ "\x08\x0f\x1d\x03\x08\x00\x14\x03\x08\x03\x14\x03\x08\x06\x16\x03\x08\x1e" +
+ "#\x03\x08\x11\x11\x03\x08\x10\x18\x03\x08\x14(\x03\x07)\x1e\x03\x07.1" +
+ "\x03\x07 $\x03\x07 '\x03\x078\x08\x03\x07\x0d0\x03\x07\x0f7\x03\x07\x05#" +
+ "\x03\x07\x05\x1a\x03\x07\x1a7\x03\x07\x1d-\x03\x07\x17\x10\x03\x06)\x1f" +
+ "\x03\x062\x0b\x03\x066\x16\x03\x06\x09\x11\x03\x09(\x1e\x03\x07!5\x03" +
+ "\x0b\x11\x16\x03\x0a/\x04\x03\x0a,\x1a\x03\x0b\x173\x03\x0a,1\x03\x0a/5" +
+ "\x03\x0a\x221\x03\x0a\x22\x0d\x03\x0a?%\x03\x0a<,\x03\x0a?#\x03\x0a>\x19" +
+ "\x03\x0a\x08&\x03\x0a\x0b\x0e\x03\x0a\x0c:\x03\x0a\x0c+\x03\x0a\x03\x22" +
+ "\x03\x0a\x06)\x03\x0a\x11\x10\x03\x0a\x11\x1a\x03\x0a\x17-\x03\x0a\x14(" +
+ "\x03\x09)\x1e\x03\x09/\x09\x03\x09.\x00\x03\x09,\x07\x03\x09/*\x03\x09-9" +
+ "\x03\x09\x228\x03\x09%\x09\x03\x09:\x12\x03\x09;\x1d\x03\x09?\x06\x03" +
+ "\x093%\x03\x096\x05\x03\x096\x08\x03\x097\x02\x03\x09\x07,\x03\x09\x04," +
+ "\x03\x09\x1f\x16\x03\x09\x11\x03\x03\x09\x11\x12\x03\x09\x168\x03\x08*" +
+ "\x05\x03\x08/2\x03\x084:\x03\x08\x22+\x03\x08 0\x03\x08&\x0a\x03\x08;" +
+ "\x10\x03\x08>$\x03\x08>\x18\x03\x0829\x03\x082:\x03\x081,\x03\x081<\x03" +
+ "\x081\x1c\x03\x087#\x03\x087*\x03\x08\x09'\x03\x08\x00\x1d\x03\x08\x05-" +
+ "\x03\x08\x1f4\x03\x08\x1d\x04\x03\x08\x16\x0f\x03\x07*7\x03\x07'!\x03" +
+ "\x07%\x1b\x03\x077\x0c\x03\x07\x0c1\x03\x07\x0c.\x03\x07\x00\x06\x03\x07" +
+ "\x01\x02\x03\x07\x010\x03\x07\x06=\x03\x07\x01\x03\x03\x07\x01\x13\x03" +
+ "\x07\x06\x06\x03\x07\x05\x0a\x03\x07\x1f\x09\x03\x07\x17:\x03\x06*1\x03" +
+ "\x06-\x1d\x03\x06\x223\x03\x062:\x03\x060$\x03\x066\x1e\x03\x064\x12\x03" +
+ "\x0645\x03\x06\x0b\x00\x03\x06\x0b7\x03\x06\x07\x1f\x03\x06\x15\x12\x03" +
+ "\x0c\x05\x0f\x03\x0b+\x0b\x03\x0b+-\x03\x06\x16\x1b\x03\x06\x15\x17\x03" +
+ "\x89\xca\xea\x03\x89\xca\xe8\x03\x0c8\x10\x03\x0c8\x01\x03\x0c8\x0f\x03" +
+ "\x0d8%\x03\x0d8!\x03\x0c8-\x03\x0c8/\x03\x0c8+\x03\x0c87\x03\x0c85\x03" +
+ "\x0c9\x09\x03\x0c9\x0d\x03\x0c9\x0f\x03\x0c9\x0b\x03\xcfu\x0c\x03\xcfu" +
+ "\x0f\x03\xcfu\x0e\x03\xcfu\x09\x03\x0c9\x10\x03\x0d9\x0c\x03\xcf`;\x03" +
+ "\xcf`>\x03\xcf`9\x03\xcf`8\x03\xcf`7\x03\xcf`*\x03\xcf`-\x03\xcf`,\x03" +
+ "\x0d\x1b\x1a\x03\x0d\x1b&\x03\x0c=.\x03\x0c=%\x03\x0c>\x1e\x03\x0c>\x14" +
+ "\x03\x0c?\x06\x03\x0c?\x0b\x03\x0c?\x0c\x03\x0c?\x0d\x03\x0c?\x02\x03" +
+ "\x0c>\x0f\x03\x0c>\x08\x03\x0c>\x09\x03\x0c>,\x03\x0c>\x0c\x03\x0c?\x13" +
+ "\x03\x0c?\x16\x03\x0c?\x15\x03\x0c?\x1c\x03\x0c?\x1f\x03\x0c?\x1d\x03" +
+ "\x0c?\x1a\x03\x0c?\x17\x03\x0c?\x08\x03\x0c?\x09\x03\x0c?\x0e\x03\x0c?" +
+ "\x04\x03\x0c?\x05\x03\x0c" +
+ "\x03\x0c=2\x03\x0c=6\x03\x0c<\x07\x03\x0c<\x05\x03\x0e:!\x03\x0e:#\x03" +
+ "\x0e8\x09\x03\x0e:&\x03\x0e8\x0b\x03\x0e:$\x03\x0e:,\x03\x0e8\x1a\x03" +
+ "\x0e8\x1e\x03\x0e:*\x03\x0e:7\x03\x0e:5\x03\x0e:;\x03\x0e:\x15\x03\x0e:<" +
+ "\x03\x0e:4\x03\x0e:'\x03\x0e:-\x03\x0e:%\x03\x0e:?\x03\x0e:=\x03\x0e:)" +
+ "\x03\x0e:/\x03\xcfs'\x03\x0d=\x0f\x03\x0d+*\x03\x0d99\x03\x0d9;\x03\x0d9" +
+ "?\x03\x0d)\x0d\x03\x0d(%\x02\x01\x18\x02\x01(\x02\x01\x1e\x03\x0f$!\x03" +
+ "\x0f87\x03\x0f4\x0e\x03\x0f5\x1d\x03\x06'\x03\x03\x0f\x08\x18\x03\x0f" +
+ "\x0d\x1b\x03\x0e2=\x03\x0e;\x08\x03\x0e:\x0b\x03\x0e\x06$\x03\x0e\x0d)" +
+ "\x03\x0e\x16\x1f\x03\x0e\x16\x1b\x03\x0d$\x0a\x03\x05,\x1d\x03\x0d. \x03" +
+ "\x0d.#\x03\x0c(/\x03\x09%\x02\x03\x0d90\x03\x0d\x0e4\x03\x0d\x0d\x0f\x03" +
+ "\x0c#\x00\x03\x0c,\x1e\x03\x0c2\x0e\x03\x0c\x01\x17\x03\x0c\x09:\x03\x0e" +
+ "\x173\x03\x0c\x08\x03\x03\x0c\x11\x07\x03\x0c\x10\x18\x03\x0c\x1f\x1c" +
+ "\x03\x0c\x19\x0e\x03\x0c\x1a\x1f\x03\x0f0>\x03\x0b->\x03\x0b<+\x03\x0b8" +
+ "\x13\x03\x0b\x043\x03\x0b\x14\x03\x03\x0b\x16%\x03\x0d\x22&\x03\x0b\x1a" +
+ "\x1a\x03\x0b\x1a\x04\x03\x0a%9\x03\x0a&2\x03\x0a&0\x03\x0a!\x1a\x03\x0a!" +
+ "7\x03\x0a5\x10\x03\x0a=4\x03\x0a?\x0e\x03\x0a>\x10\x03\x0a\x00 \x03\x0a" +
+ "\x0f:\x03\x0a\x0f9\x03\x0a\x0b\x0a\x03\x0a\x17%\x03\x0a\x1b-\x03\x09-" +
+ "\x1a\x03\x09,4\x03\x09.,\x03\x09)\x09\x03\x096!\x03\x091\x1f\x03\x093" +
+ "\x16\x03\x0c+\x1f\x03\x098 \x03\x098=\x03\x0c(\x1a\x03\x0c(\x16\x03\x09" +
+ "\x0a+\x03\x09\x16\x12\x03\x09\x13\x0e\x03\x09\x153\x03\x08)!\x03\x09\x1a" +
+ "\x01\x03\x09\x18\x01\x03\x08%#\x03\x08>\x22\x03\x08\x05%\x03\x08\x02*" +
+ "\x03\x08\x15;\x03\x08\x1b7\x03\x0f\x07\x1d\x03\x0f\x04\x03\x03\x070\x0c" +
+ "\x03\x07;\x0b\x03\x07\x08\x17\x03\x07\x12\x06\x03\x06/-\x03\x0671\x03" +
+ "\x065+\x03\x06>7\x03\x06\x049\x03\x05+\x1e\x03\x05,\x17\x03\x05 \x1d\x03" +
+ "\x05\x22\x05\x03\x050\x1d"
+
+// lookup returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *idnaTrie) lookup(s []byte) (v uint16, sz int) {
+ c0 := s[0]
+ switch {
+ case c0 < 0x80: // is ASCII
+ return idnaValues[c0], 1
+ case c0 < 0xC2:
+ return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+ case c0 < 0xE0: // 2-byte UTF-8
+ if len(s) < 2 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c1), 2
+ case c0 < 0xF0: // 3-byte UTF-8
+ if len(s) < 3 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ o := uint32(i)<<6 + uint32(c1)
+ i = idnaIndex[o]
+ c2 := s[2]
+ if c2 < 0x80 || 0xC0 <= c2 {
+ return 0, 2 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c2), 3
+ case c0 < 0xF8: // 4-byte UTF-8
+ if len(s) < 4 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ o := uint32(i)<<6 + uint32(c1)
+ i = idnaIndex[o]
+ c2 := s[2]
+ if c2 < 0x80 || 0xC0 <= c2 {
+ return 0, 2 // Illegal UTF-8: not a continuation byte.
+ }
+ o = uint32(i)<<6 + uint32(c2)
+ i = idnaIndex[o]
+ c3 := s[3]
+ if c3 < 0x80 || 0xC0 <= c3 {
+ return 0, 3 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c3), 4
+ }
+ // Illegal rune
+ return 0, 1
+}
+
+// lookupUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *idnaTrie) lookupUnsafe(s []byte) uint16 {
+ c0 := s[0]
+ if c0 < 0x80 { // is ASCII
+ return idnaValues[c0]
+ }
+ i := idnaIndex[c0]
+ if c0 < 0xE0 { // 2-byte UTF-8
+ return t.lookupValue(uint32(i), s[1])
+ }
+ i = idnaIndex[uint32(i)<<6+uint32(s[1])]
+ if c0 < 0xF0 { // 3-byte UTF-8
+ return t.lookupValue(uint32(i), s[2])
+ }
+ i = idnaIndex[uint32(i)<<6+uint32(s[2])]
+ if c0 < 0xF8 { // 4-byte UTF-8
+ return t.lookupValue(uint32(i), s[3])
+ }
+ return 0
+}
+
+// lookupString returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *idnaTrie) lookupString(s string) (v uint16, sz int) {
+ c0 := s[0]
+ switch {
+ case c0 < 0x80: // is ASCII
+ return idnaValues[c0], 1
+ case c0 < 0xC2:
+ return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+ case c0 < 0xE0: // 2-byte UTF-8
+ if len(s) < 2 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c1), 2
+ case c0 < 0xF0: // 3-byte UTF-8
+ if len(s) < 3 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ o := uint32(i)<<6 + uint32(c1)
+ i = idnaIndex[o]
+ c2 := s[2]
+ if c2 < 0x80 || 0xC0 <= c2 {
+ return 0, 2 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c2), 3
+ case c0 < 0xF8: // 4-byte UTF-8
+ if len(s) < 4 {
+ return 0, 0
+ }
+ i := idnaIndex[c0]
+ c1 := s[1]
+ if c1 < 0x80 || 0xC0 <= c1 {
+ return 0, 1 // Illegal UTF-8: not a continuation byte.
+ }
+ o := uint32(i)<<6 + uint32(c1)
+ i = idnaIndex[o]
+ c2 := s[2]
+ if c2 < 0x80 || 0xC0 <= c2 {
+ return 0, 2 // Illegal UTF-8: not a continuation byte.
+ }
+ o = uint32(i)<<6 + uint32(c2)
+ i = idnaIndex[o]
+ c3 := s[3]
+ if c3 < 0x80 || 0xC0 <= c3 {
+ return 0, 3 // Illegal UTF-8: not a continuation byte.
+ }
+ return t.lookupValue(uint32(i), c3), 4
+ }
+ // Illegal rune
+ return 0, 1
+}
+
+// lookupStringUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *idnaTrie) lookupStringUnsafe(s string) uint16 {
+ c0 := s[0]
+ if c0 < 0x80 { // is ASCII
+ return idnaValues[c0]
+ }
+ i := idnaIndex[c0]
+ if c0 < 0xE0 { // 2-byte UTF-8
+ return t.lookupValue(uint32(i), s[1])
+ }
+ i = idnaIndex[uint32(i)<<6+uint32(s[1])]
+ if c0 < 0xF0 { // 3-byte UTF-8
+ return t.lookupValue(uint32(i), s[2])
+ }
+ i = idnaIndex[uint32(i)<<6+uint32(s[2])]
+ if c0 < 0xF8 { // 4-byte UTF-8
+ return t.lookupValue(uint32(i), s[3])
+ }
+ return 0
+}
+
+// idnaTrie. Total size: 30288 bytes (29.58 KiB). Checksum: c0cd84404a2f6f19.
+type idnaTrie struct{}
+
+func newIdnaTrie(i int) *idnaTrie {
+ return &idnaTrie{}
+}
+
+// lookupValue determines the type of block n and looks up the value for b.
+func (t *idnaTrie) lookupValue(n uint32, b byte) uint16 {
+ switch {
+ case n < 126:
+ return uint16(idnaValues[n<<6+uint32(b)])
+ default:
+ n -= 126
+ return uint16(idnaSparse.lookup(n, b))
+ }
+}
+
+// idnaValues: 128 blocks, 8192 entries, 16384 bytes
+// The third block is the zero block.
+var idnaValues = [8192]uint16{
+ // Block 0x0, offset 0x0
+ 0x00: 0x0080, 0x01: 0x0080, 0x02: 0x0080, 0x03: 0x0080, 0x04: 0x0080, 0x05: 0x0080,
+ 0x06: 0x0080, 0x07: 0x0080, 0x08: 0x0080, 0x09: 0x0080, 0x0a: 0x0080, 0x0b: 0x0080,
+ 0x0c: 0x0080, 0x0d: 0x0080, 0x0e: 0x0080, 0x0f: 0x0080, 0x10: 0x0080, 0x11: 0x0080,
+ 0x12: 0x0080, 0x13: 0x0080, 0x14: 0x0080, 0x15: 0x0080, 0x16: 0x0080, 0x17: 0x0080,
+ 0x18: 0x0080, 0x19: 0x0080, 0x1a: 0x0080, 0x1b: 0x0080, 0x1c: 0x0080, 0x1d: 0x0080,
+ 0x1e: 0x0080, 0x1f: 0x0080, 0x20: 0x0080, 0x21: 0x0080, 0x22: 0x0080, 0x23: 0x0080,
+ 0x24: 0x0080, 0x25: 0x0080, 0x26: 0x0080, 0x27: 0x0080, 0x28: 0x0080, 0x29: 0x0080,
+ 0x2a: 0x0080, 0x2b: 0x0080, 0x2c: 0x0080, 0x2d: 0x0008, 0x2e: 0x0008, 0x2f: 0x0080,
+ 0x30: 0x0008, 0x31: 0x0008, 0x32: 0x0008, 0x33: 0x0008, 0x34: 0x0008, 0x35: 0x0008,
+ 0x36: 0x0008, 0x37: 0x0008, 0x38: 0x0008, 0x39: 0x0008, 0x3a: 0x0080, 0x3b: 0x0080,
+ 0x3c: 0x0080, 0x3d: 0x0080, 0x3e: 0x0080, 0x3f: 0x0080,
+ // Block 0x1, offset 0x40
+ 0x40: 0x0080, 0x41: 0xe105, 0x42: 0xe105, 0x43: 0xe105, 0x44: 0xe105, 0x45: 0xe105,
+ 0x46: 0xe105, 0x47: 0xe105, 0x48: 0xe105, 0x49: 0xe105, 0x4a: 0xe105, 0x4b: 0xe105,
+ 0x4c: 0xe105, 0x4d: 0xe105, 0x4e: 0xe105, 0x4f: 0xe105, 0x50: 0xe105, 0x51: 0xe105,
+ 0x52: 0xe105, 0x53: 0xe105, 0x54: 0xe105, 0x55: 0xe105, 0x56: 0xe105, 0x57: 0xe105,
+ 0x58: 0xe105, 0x59: 0xe105, 0x5a: 0xe105, 0x5b: 0x0080, 0x5c: 0x0080, 0x5d: 0x0080,
+ 0x5e: 0x0080, 0x5f: 0x0080, 0x60: 0x0080, 0x61: 0x0008, 0x62: 0x0008, 0x63: 0x0008,
+ 0x64: 0x0008, 0x65: 0x0008, 0x66: 0x0008, 0x67: 0x0008, 0x68: 0x0008, 0x69: 0x0008,
+ 0x6a: 0x0008, 0x6b: 0x0008, 0x6c: 0x0008, 0x6d: 0x0008, 0x6e: 0x0008, 0x6f: 0x0008,
+ 0x70: 0x0008, 0x71: 0x0008, 0x72: 0x0008, 0x73: 0x0008, 0x74: 0x0008, 0x75: 0x0008,
+ 0x76: 0x0008, 0x77: 0x0008, 0x78: 0x0008, 0x79: 0x0008, 0x7a: 0x0008, 0x7b: 0x0080,
+ 0x7c: 0x0080, 0x7d: 0x0080, 0x7e: 0x0080, 0x7f: 0x0080,
+ // Block 0x2, offset 0x80
+ // Block 0x3, offset 0xc0
+ 0xc0: 0x0040, 0xc1: 0x0040, 0xc2: 0x0040, 0xc3: 0x0040, 0xc4: 0x0040, 0xc5: 0x0040,
+ 0xc6: 0x0040, 0xc7: 0x0040, 0xc8: 0x0040, 0xc9: 0x0040, 0xca: 0x0040, 0xcb: 0x0040,
+ 0xcc: 0x0040, 0xcd: 0x0040, 0xce: 0x0040, 0xcf: 0x0040, 0xd0: 0x0040, 0xd1: 0x0040,
+ 0xd2: 0x0040, 0xd3: 0x0040, 0xd4: 0x0040, 0xd5: 0x0040, 0xd6: 0x0040, 0xd7: 0x0040,
+ 0xd8: 0x0040, 0xd9: 0x0040, 0xda: 0x0040, 0xdb: 0x0040, 0xdc: 0x0040, 0xdd: 0x0040,
+ 0xde: 0x0040, 0xdf: 0x0040, 0xe0: 0x000a, 0xe1: 0x0018, 0xe2: 0x0018, 0xe3: 0x0018,
+ 0xe4: 0x0018, 0xe5: 0x0018, 0xe6: 0x0018, 0xe7: 0x0018, 0xe8: 0x001a, 0xe9: 0x0018,
+ 0xea: 0x0039, 0xeb: 0x0018, 0xec: 0x0018, 0xed: 0x03c0, 0xee: 0x0018, 0xef: 0x004a,
+ 0xf0: 0x0018, 0xf1: 0x0018, 0xf2: 0x0069, 0xf3: 0x0079, 0xf4: 0x008a, 0xf5: 0x0005,
+ 0xf6: 0x0018, 0xf7: 0x0008, 0xf8: 0x00aa, 0xf9: 0x00c9, 0xfa: 0x00d9, 0xfb: 0x0018,
+ 0xfc: 0x00e9, 0xfd: 0x0119, 0xfe: 0x0149, 0xff: 0x0018,
+ // Block 0x4, offset 0x100
+ 0x100: 0xe00d, 0x101: 0x0008, 0x102: 0xe00d, 0x103: 0x0008, 0x104: 0xe00d, 0x105: 0x0008,
+ 0x106: 0xe00d, 0x107: 0x0008, 0x108: 0xe00d, 0x109: 0x0008, 0x10a: 0xe00d, 0x10b: 0x0008,
+ 0x10c: 0xe00d, 0x10d: 0x0008, 0x10e: 0xe00d, 0x10f: 0x0008, 0x110: 0xe00d, 0x111: 0x0008,
+ 0x112: 0xe00d, 0x113: 0x0008, 0x114: 0xe00d, 0x115: 0x0008, 0x116: 0xe00d, 0x117: 0x0008,
+ 0x118: 0xe00d, 0x119: 0x0008, 0x11a: 0xe00d, 0x11b: 0x0008, 0x11c: 0xe00d, 0x11d: 0x0008,
+ 0x11e: 0xe00d, 0x11f: 0x0008, 0x120: 0xe00d, 0x121: 0x0008, 0x122: 0xe00d, 0x123: 0x0008,
+ 0x124: 0xe00d, 0x125: 0x0008, 0x126: 0xe00d, 0x127: 0x0008, 0x128: 0xe00d, 0x129: 0x0008,
+ 0x12a: 0xe00d, 0x12b: 0x0008, 0x12c: 0xe00d, 0x12d: 0x0008, 0x12e: 0xe00d, 0x12f: 0x0008,
+ 0x130: 0x0179, 0x131: 0x0008, 0x132: 0x0035, 0x133: 0x004d, 0x134: 0xe00d, 0x135: 0x0008,
+ 0x136: 0xe00d, 0x137: 0x0008, 0x138: 0x0008, 0x139: 0xe01d, 0x13a: 0x0008, 0x13b: 0xe03d,
+ 0x13c: 0x0008, 0x13d: 0xe01d, 0x13e: 0x0008, 0x13f: 0x0199,
+ // Block 0x5, offset 0x140
+ 0x140: 0x0199, 0x141: 0xe01d, 0x142: 0x0008, 0x143: 0xe03d, 0x144: 0x0008, 0x145: 0xe01d,
+ 0x146: 0x0008, 0x147: 0xe07d, 0x148: 0x0008, 0x149: 0x01b9, 0x14a: 0xe00d, 0x14b: 0x0008,
+ 0x14c: 0xe00d, 0x14d: 0x0008, 0x14e: 0xe00d, 0x14f: 0x0008, 0x150: 0xe00d, 0x151: 0x0008,
+ 0x152: 0xe00d, 0x153: 0x0008, 0x154: 0xe00d, 0x155: 0x0008, 0x156: 0xe00d, 0x157: 0x0008,
+ 0x158: 0xe00d, 0x159: 0x0008, 0x15a: 0xe00d, 0x15b: 0x0008, 0x15c: 0xe00d, 0x15d: 0x0008,
+ 0x15e: 0xe00d, 0x15f: 0x0008, 0x160: 0xe00d, 0x161: 0x0008, 0x162: 0xe00d, 0x163: 0x0008,
+ 0x164: 0xe00d, 0x165: 0x0008, 0x166: 0xe00d, 0x167: 0x0008, 0x168: 0xe00d, 0x169: 0x0008,
+ 0x16a: 0xe00d, 0x16b: 0x0008, 0x16c: 0xe00d, 0x16d: 0x0008, 0x16e: 0xe00d, 0x16f: 0x0008,
+ 0x170: 0xe00d, 0x171: 0x0008, 0x172: 0xe00d, 0x173: 0x0008, 0x174: 0xe00d, 0x175: 0x0008,
+ 0x176: 0xe00d, 0x177: 0x0008, 0x178: 0x0065, 0x179: 0xe01d, 0x17a: 0x0008, 0x17b: 0xe03d,
+ 0x17c: 0x0008, 0x17d: 0xe01d, 0x17e: 0x0008, 0x17f: 0x01d9,
+ // Block 0x6, offset 0x180
+ 0x180: 0x0008, 0x181: 0x007d, 0x182: 0xe00d, 0x183: 0x0008, 0x184: 0xe00d, 0x185: 0x0008,
+ 0x186: 0x007d, 0x187: 0xe07d, 0x188: 0x0008, 0x189: 0x0095, 0x18a: 0x00ad, 0x18b: 0xe03d,
+ 0x18c: 0x0008, 0x18d: 0x0008, 0x18e: 0x00c5, 0x18f: 0x00dd, 0x190: 0x00f5, 0x191: 0xe01d,
+ 0x192: 0x0008, 0x193: 0x010d, 0x194: 0x0125, 0x195: 0x0008, 0x196: 0x013d, 0x197: 0x013d,
+ 0x198: 0xe00d, 0x199: 0x0008, 0x19a: 0x0008, 0x19b: 0x0008, 0x19c: 0x010d, 0x19d: 0x0155,
+ 0x19e: 0x0008, 0x19f: 0x016d, 0x1a0: 0xe00d, 0x1a1: 0x0008, 0x1a2: 0xe00d, 0x1a3: 0x0008,
+ 0x1a4: 0xe00d, 0x1a5: 0x0008, 0x1a6: 0x0185, 0x1a7: 0xe07d, 0x1a8: 0x0008, 0x1a9: 0x019d,
+ 0x1aa: 0x0008, 0x1ab: 0x0008, 0x1ac: 0xe00d, 0x1ad: 0x0008, 0x1ae: 0x0185, 0x1af: 0xe0fd,
+ 0x1b0: 0x0008, 0x1b1: 0x01b5, 0x1b2: 0x01cd, 0x1b3: 0xe03d, 0x1b4: 0x0008, 0x1b5: 0xe01d,
+ 0x1b6: 0x0008, 0x1b7: 0x01e5, 0x1b8: 0xe00d, 0x1b9: 0x0008, 0x1ba: 0x0008, 0x1bb: 0x0008,
+ 0x1bc: 0xe00d, 0x1bd: 0x0008, 0x1be: 0x0008, 0x1bf: 0x0008,
+ // Block 0x7, offset 0x1c0
+ 0x1c0: 0x0008, 0x1c1: 0x0008, 0x1c2: 0x0008, 0x1c3: 0x0008, 0x1c4: 0x01e9, 0x1c5: 0x01e9,
+ 0x1c6: 0x01e9, 0x1c7: 0x01fd, 0x1c8: 0x0215, 0x1c9: 0x022d, 0x1ca: 0x0245, 0x1cb: 0x025d,
+ 0x1cc: 0x0275, 0x1cd: 0xe01d, 0x1ce: 0x0008, 0x1cf: 0xe0fd, 0x1d0: 0x0008, 0x1d1: 0xe01d,
+ 0x1d2: 0x0008, 0x1d3: 0xe03d, 0x1d4: 0x0008, 0x1d5: 0xe01d, 0x1d6: 0x0008, 0x1d7: 0xe07d,
+ 0x1d8: 0x0008, 0x1d9: 0xe01d, 0x1da: 0x0008, 0x1db: 0xe03d, 0x1dc: 0x0008, 0x1dd: 0x0008,
+ 0x1de: 0xe00d, 0x1df: 0x0008, 0x1e0: 0xe00d, 0x1e1: 0x0008, 0x1e2: 0xe00d, 0x1e3: 0x0008,
+ 0x1e4: 0xe00d, 0x1e5: 0x0008, 0x1e6: 0xe00d, 0x1e7: 0x0008, 0x1e8: 0xe00d, 0x1e9: 0x0008,
+ 0x1ea: 0xe00d, 0x1eb: 0x0008, 0x1ec: 0xe00d, 0x1ed: 0x0008, 0x1ee: 0xe00d, 0x1ef: 0x0008,
+ 0x1f0: 0x0008, 0x1f1: 0x028d, 0x1f2: 0x02a5, 0x1f3: 0x02bd, 0x1f4: 0xe00d, 0x1f5: 0x0008,
+ 0x1f6: 0x02d5, 0x1f7: 0x02ed, 0x1f8: 0xe00d, 0x1f9: 0x0008, 0x1fa: 0xe00d, 0x1fb: 0x0008,
+ 0x1fc: 0xe00d, 0x1fd: 0x0008, 0x1fe: 0xe00d, 0x1ff: 0x0008,
+ // Block 0x8, offset 0x200
+ 0x200: 0xe00d, 0x201: 0x0008, 0x202: 0xe00d, 0x203: 0x0008, 0x204: 0xe00d, 0x205: 0x0008,
+ 0x206: 0xe00d, 0x207: 0x0008, 0x208: 0xe00d, 0x209: 0x0008, 0x20a: 0xe00d, 0x20b: 0x0008,
+ 0x20c: 0xe00d, 0x20d: 0x0008, 0x20e: 0xe00d, 0x20f: 0x0008, 0x210: 0xe00d, 0x211: 0x0008,
+ 0x212: 0xe00d, 0x213: 0x0008, 0x214: 0xe00d, 0x215: 0x0008, 0x216: 0xe00d, 0x217: 0x0008,
+ 0x218: 0xe00d, 0x219: 0x0008, 0x21a: 0xe00d, 0x21b: 0x0008, 0x21c: 0xe00d, 0x21d: 0x0008,
+ 0x21e: 0xe00d, 0x21f: 0x0008, 0x220: 0x0305, 0x221: 0x0008, 0x222: 0xe00d, 0x223: 0x0008,
+ 0x224: 0xe00d, 0x225: 0x0008, 0x226: 0xe00d, 0x227: 0x0008, 0x228: 0xe00d, 0x229: 0x0008,
+ 0x22a: 0xe00d, 0x22b: 0x0008, 0x22c: 0xe00d, 0x22d: 0x0008, 0x22e: 0xe00d, 0x22f: 0x0008,
+ 0x230: 0xe00d, 0x231: 0x0008, 0x232: 0xe00d, 0x233: 0x0008, 0x234: 0x0008, 0x235: 0x0008,
+ 0x236: 0x0008, 0x237: 0x0008, 0x238: 0x0008, 0x239: 0x0008, 0x23a: 0x0209, 0x23b: 0xe03d,
+ 0x23c: 0x0008, 0x23d: 0x031d, 0x23e: 0x0229, 0x23f: 0x0008,
+ // Block 0x9, offset 0x240
+ 0x240: 0x0008, 0x241: 0x0008, 0x242: 0x0018, 0x243: 0x0018, 0x244: 0x0018, 0x245: 0x0018,
+ 0x246: 0x0008, 0x247: 0x0008, 0x248: 0x0008, 0x249: 0x0008, 0x24a: 0x0008, 0x24b: 0x0008,
+ 0x24c: 0x0008, 0x24d: 0x0008, 0x24e: 0x0008, 0x24f: 0x0008, 0x250: 0x0008, 0x251: 0x0008,
+ 0x252: 0x0018, 0x253: 0x0018, 0x254: 0x0018, 0x255: 0x0018, 0x256: 0x0018, 0x257: 0x0018,
+ 0x258: 0x029a, 0x259: 0x02ba, 0x25a: 0x02da, 0x25b: 0x02fa, 0x25c: 0x031a, 0x25d: 0x033a,
+ 0x25e: 0x0018, 0x25f: 0x0018, 0x260: 0x03ad, 0x261: 0x0359, 0x262: 0x01d9, 0x263: 0x0369,
+ 0x264: 0x03c5, 0x265: 0x0018, 0x266: 0x0018, 0x267: 0x0018, 0x268: 0x0018, 0x269: 0x0018,
+ 0x26a: 0x0018, 0x26b: 0x0018, 0x26c: 0x0008, 0x26d: 0x0018, 0x26e: 0x0008, 0x26f: 0x0018,
+ 0x270: 0x0018, 0x271: 0x0018, 0x272: 0x0018, 0x273: 0x0018, 0x274: 0x0018, 0x275: 0x0018,
+ 0x276: 0x0018, 0x277: 0x0018, 0x278: 0x0018, 0x279: 0x0018, 0x27a: 0x0018, 0x27b: 0x0018,
+ 0x27c: 0x0018, 0x27d: 0x0018, 0x27e: 0x0018, 0x27f: 0x0018,
+ // Block 0xa, offset 0x280
+ 0x280: 0x03dd, 0x281: 0x03dd, 0x282: 0x3308, 0x283: 0x03f5, 0x284: 0x0379, 0x285: 0x040d,
+ 0x286: 0x3308, 0x287: 0x3308, 0x288: 0x3308, 0x289: 0x3308, 0x28a: 0x3308, 0x28b: 0x3308,
+ 0x28c: 0x3308, 0x28d: 0x3308, 0x28e: 0x3308, 0x28f: 0x33c0, 0x290: 0x3308, 0x291: 0x3308,
+ 0x292: 0x3308, 0x293: 0x3308, 0x294: 0x3308, 0x295: 0x3308, 0x296: 0x3308, 0x297: 0x3308,
+ 0x298: 0x3308, 0x299: 0x3308, 0x29a: 0x3308, 0x29b: 0x3308, 0x29c: 0x3308, 0x29d: 0x3308,
+ 0x29e: 0x3308, 0x29f: 0x3308, 0x2a0: 0x3308, 0x2a1: 0x3308, 0x2a2: 0x3308, 0x2a3: 0x3308,
+ 0x2a4: 0x3308, 0x2a5: 0x3308, 0x2a6: 0x3308, 0x2a7: 0x3308, 0x2a8: 0x3308, 0x2a9: 0x3308,
+ 0x2aa: 0x3308, 0x2ab: 0x3308, 0x2ac: 0x3308, 0x2ad: 0x3308, 0x2ae: 0x3308, 0x2af: 0x3308,
+ 0x2b0: 0xe00d, 0x2b1: 0x0008, 0x2b2: 0xe00d, 0x2b3: 0x0008, 0x2b4: 0x0425, 0x2b5: 0x0008,
+ 0x2b6: 0xe00d, 0x2b7: 0x0008, 0x2b8: 0x0040, 0x2b9: 0x0040, 0x2ba: 0x03a2, 0x2bb: 0x0008,
+ 0x2bc: 0x0008, 0x2bd: 0x0008, 0x2be: 0x03c2, 0x2bf: 0x043d,
+ // Block 0xb, offset 0x2c0
+ 0x2c0: 0x0040, 0x2c1: 0x0040, 0x2c2: 0x0040, 0x2c3: 0x0040, 0x2c4: 0x008a, 0x2c5: 0x03d2,
+ 0x2c6: 0xe155, 0x2c7: 0x0455, 0x2c8: 0xe12d, 0x2c9: 0xe13d, 0x2ca: 0xe12d, 0x2cb: 0x0040,
+ 0x2cc: 0x03dd, 0x2cd: 0x0040, 0x2ce: 0x046d, 0x2cf: 0x0485, 0x2d0: 0x0008, 0x2d1: 0xe105,
+ 0x2d2: 0xe105, 0x2d3: 0xe105, 0x2d4: 0xe105, 0x2d5: 0xe105, 0x2d6: 0xe105, 0x2d7: 0xe105,
+ 0x2d8: 0xe105, 0x2d9: 0xe105, 0x2da: 0xe105, 0x2db: 0xe105, 0x2dc: 0xe105, 0x2dd: 0xe105,
+ 0x2de: 0xe105, 0x2df: 0xe105, 0x2e0: 0x049d, 0x2e1: 0x049d, 0x2e2: 0x0040, 0x2e3: 0x049d,
+ 0x2e4: 0x049d, 0x2e5: 0x049d, 0x2e6: 0x049d, 0x2e7: 0x049d, 0x2e8: 0x049d, 0x2e9: 0x049d,
+ 0x2ea: 0x049d, 0x2eb: 0x049d, 0x2ec: 0x0008, 0x2ed: 0x0008, 0x2ee: 0x0008, 0x2ef: 0x0008,
+ 0x2f0: 0x0008, 0x2f1: 0x0008, 0x2f2: 0x0008, 0x2f3: 0x0008, 0x2f4: 0x0008, 0x2f5: 0x0008,
+ 0x2f6: 0x0008, 0x2f7: 0x0008, 0x2f8: 0x0008, 0x2f9: 0x0008, 0x2fa: 0x0008, 0x2fb: 0x0008,
+ 0x2fc: 0x0008, 0x2fd: 0x0008, 0x2fe: 0x0008, 0x2ff: 0x0008,
+ // Block 0xc, offset 0x300
+ 0x300: 0x0008, 0x301: 0x0008, 0x302: 0xe00f, 0x303: 0x0008, 0x304: 0x0008, 0x305: 0x0008,
+ 0x306: 0x0008, 0x307: 0x0008, 0x308: 0x0008, 0x309: 0x0008, 0x30a: 0x0008, 0x30b: 0x0008,
+ 0x30c: 0x0008, 0x30d: 0x0008, 0x30e: 0x0008, 0x30f: 0xe0c5, 0x310: 0x04b5, 0x311: 0x04cd,
+ 0x312: 0xe0bd, 0x313: 0xe0f5, 0x314: 0xe0fd, 0x315: 0xe09d, 0x316: 0xe0b5, 0x317: 0x0008,
+ 0x318: 0xe00d, 0x319: 0x0008, 0x31a: 0xe00d, 0x31b: 0x0008, 0x31c: 0xe00d, 0x31d: 0x0008,
+ 0x31e: 0xe00d, 0x31f: 0x0008, 0x320: 0xe00d, 0x321: 0x0008, 0x322: 0xe00d, 0x323: 0x0008,
+ 0x324: 0xe00d, 0x325: 0x0008, 0x326: 0xe00d, 0x327: 0x0008, 0x328: 0xe00d, 0x329: 0x0008,
+ 0x32a: 0xe00d, 0x32b: 0x0008, 0x32c: 0xe00d, 0x32d: 0x0008, 0x32e: 0xe00d, 0x32f: 0x0008,
+ 0x330: 0x04e5, 0x331: 0xe185, 0x332: 0xe18d, 0x333: 0x0008, 0x334: 0x04fd, 0x335: 0x03dd,
+ 0x336: 0x0018, 0x337: 0xe07d, 0x338: 0x0008, 0x339: 0xe1d5, 0x33a: 0xe00d, 0x33b: 0x0008,
+ 0x33c: 0x0008, 0x33d: 0x0515, 0x33e: 0x052d, 0x33f: 0x052d,
+ // Block 0xd, offset 0x340
+ 0x340: 0x0008, 0x341: 0x0008, 0x342: 0x0008, 0x343: 0x0008, 0x344: 0x0008, 0x345: 0x0008,
+ 0x346: 0x0008, 0x347: 0x0008, 0x348: 0x0008, 0x349: 0x0008, 0x34a: 0x0008, 0x34b: 0x0008,
+ 0x34c: 0x0008, 0x34d: 0x0008, 0x34e: 0x0008, 0x34f: 0x0008, 0x350: 0x0008, 0x351: 0x0008,
+ 0x352: 0x0008, 0x353: 0x0008, 0x354: 0x0008, 0x355: 0x0008, 0x356: 0x0008, 0x357: 0x0008,
+ 0x358: 0x0008, 0x359: 0x0008, 0x35a: 0x0008, 0x35b: 0x0008, 0x35c: 0x0008, 0x35d: 0x0008,
+ 0x35e: 0x0008, 0x35f: 0x0008, 0x360: 0xe00d, 0x361: 0x0008, 0x362: 0xe00d, 0x363: 0x0008,
+ 0x364: 0xe00d, 0x365: 0x0008, 0x366: 0xe00d, 0x367: 0x0008, 0x368: 0xe00d, 0x369: 0x0008,
+ 0x36a: 0xe00d, 0x36b: 0x0008, 0x36c: 0xe00d, 0x36d: 0x0008, 0x36e: 0xe00d, 0x36f: 0x0008,
+ 0x370: 0xe00d, 0x371: 0x0008, 0x372: 0xe00d, 0x373: 0x0008, 0x374: 0xe00d, 0x375: 0x0008,
+ 0x376: 0xe00d, 0x377: 0x0008, 0x378: 0xe00d, 0x379: 0x0008, 0x37a: 0xe00d, 0x37b: 0x0008,
+ 0x37c: 0xe00d, 0x37d: 0x0008, 0x37e: 0xe00d, 0x37f: 0x0008,
+ // Block 0xe, offset 0x380
+ 0x380: 0xe00d, 0x381: 0x0008, 0x382: 0x0018, 0x383: 0x3308, 0x384: 0x3308, 0x385: 0x3308,
+ 0x386: 0x3308, 0x387: 0x3308, 0x388: 0x3318, 0x389: 0x3318, 0x38a: 0xe00d, 0x38b: 0x0008,
+ 0x38c: 0xe00d, 0x38d: 0x0008, 0x38e: 0xe00d, 0x38f: 0x0008, 0x390: 0xe00d, 0x391: 0x0008,
+ 0x392: 0xe00d, 0x393: 0x0008, 0x394: 0xe00d, 0x395: 0x0008, 0x396: 0xe00d, 0x397: 0x0008,
+ 0x398: 0xe00d, 0x399: 0x0008, 0x39a: 0xe00d, 0x39b: 0x0008, 0x39c: 0xe00d, 0x39d: 0x0008,
+ 0x39e: 0xe00d, 0x39f: 0x0008, 0x3a0: 0xe00d, 0x3a1: 0x0008, 0x3a2: 0xe00d, 0x3a3: 0x0008,
+ 0x3a4: 0xe00d, 0x3a5: 0x0008, 0x3a6: 0xe00d, 0x3a7: 0x0008, 0x3a8: 0xe00d, 0x3a9: 0x0008,
+ 0x3aa: 0xe00d, 0x3ab: 0x0008, 0x3ac: 0xe00d, 0x3ad: 0x0008, 0x3ae: 0xe00d, 0x3af: 0x0008,
+ 0x3b0: 0xe00d, 0x3b1: 0x0008, 0x3b2: 0xe00d, 0x3b3: 0x0008, 0x3b4: 0xe00d, 0x3b5: 0x0008,
+ 0x3b6: 0xe00d, 0x3b7: 0x0008, 0x3b8: 0xe00d, 0x3b9: 0x0008, 0x3ba: 0xe00d, 0x3bb: 0x0008,
+ 0x3bc: 0xe00d, 0x3bd: 0x0008, 0x3be: 0xe00d, 0x3bf: 0x0008,
+ // Block 0xf, offset 0x3c0
+ 0x3c0: 0x0040, 0x3c1: 0xe01d, 0x3c2: 0x0008, 0x3c3: 0xe03d, 0x3c4: 0x0008, 0x3c5: 0xe01d,
+ 0x3c6: 0x0008, 0x3c7: 0xe07d, 0x3c8: 0x0008, 0x3c9: 0xe01d, 0x3ca: 0x0008, 0x3cb: 0xe03d,
+ 0x3cc: 0x0008, 0x3cd: 0xe01d, 0x3ce: 0x0008, 0x3cf: 0x0008, 0x3d0: 0xe00d, 0x3d1: 0x0008,
+ 0x3d2: 0xe00d, 0x3d3: 0x0008, 0x3d4: 0xe00d, 0x3d5: 0x0008, 0x3d6: 0xe00d, 0x3d7: 0x0008,
+ 0x3d8: 0xe00d, 0x3d9: 0x0008, 0x3da: 0xe00d, 0x3db: 0x0008, 0x3dc: 0xe00d, 0x3dd: 0x0008,
+ 0x3de: 0xe00d, 0x3df: 0x0008, 0x3e0: 0xe00d, 0x3e1: 0x0008, 0x3e2: 0xe00d, 0x3e3: 0x0008,
+ 0x3e4: 0xe00d, 0x3e5: 0x0008, 0x3e6: 0xe00d, 0x3e7: 0x0008, 0x3e8: 0xe00d, 0x3e9: 0x0008,
+ 0x3ea: 0xe00d, 0x3eb: 0x0008, 0x3ec: 0xe00d, 0x3ed: 0x0008, 0x3ee: 0xe00d, 0x3ef: 0x0008,
+ 0x3f0: 0xe00d, 0x3f1: 0x0008, 0x3f2: 0xe00d, 0x3f3: 0x0008, 0x3f4: 0xe00d, 0x3f5: 0x0008,
+ 0x3f6: 0xe00d, 0x3f7: 0x0008, 0x3f8: 0xe00d, 0x3f9: 0x0008, 0x3fa: 0xe00d, 0x3fb: 0x0008,
+ 0x3fc: 0xe00d, 0x3fd: 0x0008, 0x3fe: 0xe00d, 0x3ff: 0x0008,
+ // Block 0x10, offset 0x400
+ 0x400: 0xe00d, 0x401: 0x0008, 0x402: 0xe00d, 0x403: 0x0008, 0x404: 0xe00d, 0x405: 0x0008,
+ 0x406: 0xe00d, 0x407: 0x0008, 0x408: 0xe00d, 0x409: 0x0008, 0x40a: 0xe00d, 0x40b: 0x0008,
+ 0x40c: 0xe00d, 0x40d: 0x0008, 0x40e: 0xe00d, 0x40f: 0x0008, 0x410: 0xe00d, 0x411: 0x0008,
+ 0x412: 0xe00d, 0x413: 0x0008, 0x414: 0xe00d, 0x415: 0x0008, 0x416: 0xe00d, 0x417: 0x0008,
+ 0x418: 0xe00d, 0x419: 0x0008, 0x41a: 0xe00d, 0x41b: 0x0008, 0x41c: 0xe00d, 0x41d: 0x0008,
+ 0x41e: 0xe00d, 0x41f: 0x0008, 0x420: 0xe00d, 0x421: 0x0008, 0x422: 0xe00d, 0x423: 0x0008,
+ 0x424: 0xe00d, 0x425: 0x0008, 0x426: 0xe00d, 0x427: 0x0008, 0x428: 0xe00d, 0x429: 0x0008,
+ 0x42a: 0xe00d, 0x42b: 0x0008, 0x42c: 0xe00d, 0x42d: 0x0008, 0x42e: 0xe00d, 0x42f: 0x0008,
+ 0x430: 0x0040, 0x431: 0x03f5, 0x432: 0x03f5, 0x433: 0x03f5, 0x434: 0x03f5, 0x435: 0x03f5,
+ 0x436: 0x03f5, 0x437: 0x03f5, 0x438: 0x03f5, 0x439: 0x03f5, 0x43a: 0x03f5, 0x43b: 0x03f5,
+ 0x43c: 0x03f5, 0x43d: 0x03f5, 0x43e: 0x03f5, 0x43f: 0x03f5,
+ // Block 0x11, offset 0x440
+ 0x440: 0x0840, 0x441: 0x0840, 0x442: 0x0840, 0x443: 0x0840, 0x444: 0x0840, 0x445: 0x0840,
+ 0x446: 0x0018, 0x447: 0x0018, 0x448: 0x0818, 0x449: 0x0018, 0x44a: 0x0018, 0x44b: 0x0818,
+ 0x44c: 0x0018, 0x44d: 0x0818, 0x44e: 0x0018, 0x44f: 0x0018, 0x450: 0x3308, 0x451: 0x3308,
+ 0x452: 0x3308, 0x453: 0x3308, 0x454: 0x3308, 0x455: 0x3308, 0x456: 0x3308, 0x457: 0x3308,
+ 0x458: 0x3308, 0x459: 0x3308, 0x45a: 0x3308, 0x45b: 0x0818, 0x45c: 0x0b40, 0x45d: 0x0040,
+ 0x45e: 0x0818, 0x45f: 0x0818, 0x460: 0x0a08, 0x461: 0x0808, 0x462: 0x0c08, 0x463: 0x0c08,
+ 0x464: 0x0c08, 0x465: 0x0c08, 0x466: 0x0a08, 0x467: 0x0c08, 0x468: 0x0a08, 0x469: 0x0c08,
+ 0x46a: 0x0a08, 0x46b: 0x0a08, 0x46c: 0x0a08, 0x46d: 0x0a08, 0x46e: 0x0a08, 0x46f: 0x0c08,
+ 0x470: 0x0c08, 0x471: 0x0c08, 0x472: 0x0c08, 0x473: 0x0a08, 0x474: 0x0a08, 0x475: 0x0a08,
+ 0x476: 0x0a08, 0x477: 0x0a08, 0x478: 0x0a08, 0x479: 0x0a08, 0x47a: 0x0a08, 0x47b: 0x0a08,
+ 0x47c: 0x0a08, 0x47d: 0x0a08, 0x47e: 0x0a08, 0x47f: 0x0a08,
+ // Block 0x12, offset 0x480
+ 0x480: 0x0818, 0x481: 0x0a08, 0x482: 0x0a08, 0x483: 0x0a08, 0x484: 0x0a08, 0x485: 0x0a08,
+ 0x486: 0x0a08, 0x487: 0x0a08, 0x488: 0x0c08, 0x489: 0x0a08, 0x48a: 0x0a08, 0x48b: 0x3308,
+ 0x48c: 0x3308, 0x48d: 0x3308, 0x48e: 0x3308, 0x48f: 0x3308, 0x490: 0x3308, 0x491: 0x3308,
+ 0x492: 0x3308, 0x493: 0x3308, 0x494: 0x3308, 0x495: 0x3308, 0x496: 0x3308, 0x497: 0x3308,
+ 0x498: 0x3308, 0x499: 0x3308, 0x49a: 0x3308, 0x49b: 0x3308, 0x49c: 0x3308, 0x49d: 0x3308,
+ 0x49e: 0x3308, 0x49f: 0x3308, 0x4a0: 0x0808, 0x4a1: 0x0808, 0x4a2: 0x0808, 0x4a3: 0x0808,
+ 0x4a4: 0x0808, 0x4a5: 0x0808, 0x4a6: 0x0808, 0x4a7: 0x0808, 0x4a8: 0x0808, 0x4a9: 0x0808,
+ 0x4aa: 0x0018, 0x4ab: 0x0818, 0x4ac: 0x0818, 0x4ad: 0x0818, 0x4ae: 0x0a08, 0x4af: 0x0a08,
+ 0x4b0: 0x3308, 0x4b1: 0x0c08, 0x4b2: 0x0c08, 0x4b3: 0x0c08, 0x4b4: 0x0808, 0x4b5: 0x0429,
+ 0x4b6: 0x0451, 0x4b7: 0x0479, 0x4b8: 0x04a1, 0x4b9: 0x0a08, 0x4ba: 0x0a08, 0x4bb: 0x0a08,
+ 0x4bc: 0x0a08, 0x4bd: 0x0a08, 0x4be: 0x0a08, 0x4bf: 0x0a08,
+ // Block 0x13, offset 0x4c0
+ 0x4c0: 0x0c08, 0x4c1: 0x0a08, 0x4c2: 0x0a08, 0x4c3: 0x0c08, 0x4c4: 0x0c08, 0x4c5: 0x0c08,
+ 0x4c6: 0x0c08, 0x4c7: 0x0c08, 0x4c8: 0x0c08, 0x4c9: 0x0c08, 0x4ca: 0x0c08, 0x4cb: 0x0c08,
+ 0x4cc: 0x0a08, 0x4cd: 0x0c08, 0x4ce: 0x0a08, 0x4cf: 0x0c08, 0x4d0: 0x0a08, 0x4d1: 0x0a08,
+ 0x4d2: 0x0c08, 0x4d3: 0x0c08, 0x4d4: 0x0818, 0x4d5: 0x0c08, 0x4d6: 0x3308, 0x4d7: 0x3308,
+ 0x4d8: 0x3308, 0x4d9: 0x3308, 0x4da: 0x3308, 0x4db: 0x3308, 0x4dc: 0x3308, 0x4dd: 0x0840,
+ 0x4de: 0x0018, 0x4df: 0x3308, 0x4e0: 0x3308, 0x4e1: 0x3308, 0x4e2: 0x3308, 0x4e3: 0x3308,
+ 0x4e4: 0x3308, 0x4e5: 0x0808, 0x4e6: 0x0808, 0x4e7: 0x3308, 0x4e8: 0x3308, 0x4e9: 0x0018,
+ 0x4ea: 0x3308, 0x4eb: 0x3308, 0x4ec: 0x3308, 0x4ed: 0x3308, 0x4ee: 0x0c08, 0x4ef: 0x0c08,
+ 0x4f0: 0x0008, 0x4f1: 0x0008, 0x4f2: 0x0008, 0x4f3: 0x0008, 0x4f4: 0x0008, 0x4f5: 0x0008,
+ 0x4f6: 0x0008, 0x4f7: 0x0008, 0x4f8: 0x0008, 0x4f9: 0x0008, 0x4fa: 0x0a08, 0x4fb: 0x0a08,
+ 0x4fc: 0x0a08, 0x4fd: 0x0808, 0x4fe: 0x0808, 0x4ff: 0x0a08,
+ // Block 0x14, offset 0x500
+ 0x500: 0x0818, 0x501: 0x0818, 0x502: 0x0818, 0x503: 0x0818, 0x504: 0x0818, 0x505: 0x0818,
+ 0x506: 0x0818, 0x507: 0x0818, 0x508: 0x0818, 0x509: 0x0818, 0x50a: 0x0818, 0x50b: 0x0818,
+ 0x50c: 0x0818, 0x50d: 0x0818, 0x50e: 0x0040, 0x50f: 0x0b40, 0x510: 0x0c08, 0x511: 0x3308,
+ 0x512: 0x0a08, 0x513: 0x0a08, 0x514: 0x0a08, 0x515: 0x0c08, 0x516: 0x0c08, 0x517: 0x0c08,
+ 0x518: 0x0c08, 0x519: 0x0c08, 0x51a: 0x0a08, 0x51b: 0x0a08, 0x51c: 0x0a08, 0x51d: 0x0a08,
+ 0x51e: 0x0c08, 0x51f: 0x0a08, 0x520: 0x0a08, 0x521: 0x0a08, 0x522: 0x0a08, 0x523: 0x0a08,
+ 0x524: 0x0a08, 0x525: 0x0a08, 0x526: 0x0a08, 0x527: 0x0a08, 0x528: 0x0c08, 0x529: 0x0a08,
+ 0x52a: 0x0c08, 0x52b: 0x0a08, 0x52c: 0x0c08, 0x52d: 0x0a08, 0x52e: 0x0a08, 0x52f: 0x0c08,
+ 0x530: 0x3308, 0x531: 0x3308, 0x532: 0x3308, 0x533: 0x3308, 0x534: 0x3308, 0x535: 0x3308,
+ 0x536: 0x3308, 0x537: 0x3308, 0x538: 0x3308, 0x539: 0x3308, 0x53a: 0x3308, 0x53b: 0x3308,
+ 0x53c: 0x3308, 0x53d: 0x3308, 0x53e: 0x3308, 0x53f: 0x3308,
+ // Block 0x15, offset 0x540
+ 0x540: 0x0c08, 0x541: 0x0a08, 0x542: 0x0a08, 0x543: 0x0a08, 0x544: 0x0a08, 0x545: 0x0a08,
+ 0x546: 0x0c08, 0x547: 0x0c08, 0x548: 0x0a08, 0x549: 0x0c08, 0x54a: 0x0a08, 0x54b: 0x0a08,
+ 0x54c: 0x0a08, 0x54d: 0x0a08, 0x54e: 0x0a08, 0x54f: 0x0a08, 0x550: 0x0a08, 0x551: 0x0a08,
+ 0x552: 0x0a08, 0x553: 0x0a08, 0x554: 0x0c08, 0x555: 0x0a08, 0x556: 0x0c08, 0x557: 0x0c08,
+ 0x558: 0x0c08, 0x559: 0x3308, 0x55a: 0x3308, 0x55b: 0x3308, 0x55c: 0x0040, 0x55d: 0x0040,
+ 0x55e: 0x0818, 0x55f: 0x0040, 0x560: 0x0a08, 0x561: 0x0808, 0x562: 0x0a08, 0x563: 0x0a08,
+ 0x564: 0x0a08, 0x565: 0x0a08, 0x566: 0x0808, 0x567: 0x0c08, 0x568: 0x0a08, 0x569: 0x0c08,
+ 0x56a: 0x0c08, 0x56b: 0x0040, 0x56c: 0x0040, 0x56d: 0x0040, 0x56e: 0x0040, 0x56f: 0x0040,
+ 0x570: 0x0040, 0x571: 0x0040, 0x572: 0x0040, 0x573: 0x0040, 0x574: 0x0040, 0x575: 0x0040,
+ 0x576: 0x0040, 0x577: 0x0040, 0x578: 0x0040, 0x579: 0x0040, 0x57a: 0x0040, 0x57b: 0x0040,
+ 0x57c: 0x0040, 0x57d: 0x0040, 0x57e: 0x0040, 0x57f: 0x0040,
+ // Block 0x16, offset 0x580
+ 0x580: 0x3008, 0x581: 0x3308, 0x582: 0x3308, 0x583: 0x3308, 0x584: 0x3308, 0x585: 0x3308,
+ 0x586: 0x3308, 0x587: 0x3308, 0x588: 0x3308, 0x589: 0x3008, 0x58a: 0x3008, 0x58b: 0x3008,
+ 0x58c: 0x3008, 0x58d: 0x3b08, 0x58e: 0x3008, 0x58f: 0x3008, 0x590: 0x0008, 0x591: 0x3308,
+ 0x592: 0x3308, 0x593: 0x3308, 0x594: 0x3308, 0x595: 0x3308, 0x596: 0x3308, 0x597: 0x3308,
+ 0x598: 0x04c9, 0x599: 0x0501, 0x59a: 0x0539, 0x59b: 0x0571, 0x59c: 0x05a9, 0x59d: 0x05e1,
+ 0x59e: 0x0619, 0x59f: 0x0651, 0x5a0: 0x0008, 0x5a1: 0x0008, 0x5a2: 0x3308, 0x5a3: 0x3308,
+ 0x5a4: 0x0018, 0x5a5: 0x0018, 0x5a6: 0x0008, 0x5a7: 0x0008, 0x5a8: 0x0008, 0x5a9: 0x0008,
+ 0x5aa: 0x0008, 0x5ab: 0x0008, 0x5ac: 0x0008, 0x5ad: 0x0008, 0x5ae: 0x0008, 0x5af: 0x0008,
+ 0x5b0: 0x0018, 0x5b1: 0x0008, 0x5b2: 0x0008, 0x5b3: 0x0008, 0x5b4: 0x0008, 0x5b5: 0x0008,
+ 0x5b6: 0x0008, 0x5b7: 0x0008, 0x5b8: 0x0008, 0x5b9: 0x0008, 0x5ba: 0x0008, 0x5bb: 0x0008,
+ 0x5bc: 0x0008, 0x5bd: 0x0008, 0x5be: 0x0008, 0x5bf: 0x0008,
+ // Block 0x17, offset 0x5c0
+ 0x5c0: 0x0008, 0x5c1: 0x3308, 0x5c2: 0x3008, 0x5c3: 0x3008, 0x5c4: 0x0040, 0x5c5: 0x0008,
+ 0x5c6: 0x0008, 0x5c7: 0x0008, 0x5c8: 0x0008, 0x5c9: 0x0008, 0x5ca: 0x0008, 0x5cb: 0x0008,
+ 0x5cc: 0x0008, 0x5cd: 0x0040, 0x5ce: 0x0040, 0x5cf: 0x0008, 0x5d0: 0x0008, 0x5d1: 0x0040,
+ 0x5d2: 0x0040, 0x5d3: 0x0008, 0x5d4: 0x0008, 0x5d5: 0x0008, 0x5d6: 0x0008, 0x5d7: 0x0008,
+ 0x5d8: 0x0008, 0x5d9: 0x0008, 0x5da: 0x0008, 0x5db: 0x0008, 0x5dc: 0x0008, 0x5dd: 0x0008,
+ 0x5de: 0x0008, 0x5df: 0x0008, 0x5e0: 0x0008, 0x5e1: 0x0008, 0x5e2: 0x0008, 0x5e3: 0x0008,
+ 0x5e4: 0x0008, 0x5e5: 0x0008, 0x5e6: 0x0008, 0x5e7: 0x0008, 0x5e8: 0x0008, 0x5e9: 0x0040,
+ 0x5ea: 0x0008, 0x5eb: 0x0008, 0x5ec: 0x0008, 0x5ed: 0x0008, 0x5ee: 0x0008, 0x5ef: 0x0008,
+ 0x5f0: 0x0008, 0x5f1: 0x0040, 0x5f2: 0x0008, 0x5f3: 0x0040, 0x5f4: 0x0040, 0x5f5: 0x0040,
+ 0x5f6: 0x0008, 0x5f7: 0x0008, 0x5f8: 0x0008, 0x5f9: 0x0008, 0x5fa: 0x0040, 0x5fb: 0x0040,
+ 0x5fc: 0x3308, 0x5fd: 0x0008, 0x5fe: 0x3008, 0x5ff: 0x3008,
+ // Block 0x18, offset 0x600
+ 0x600: 0x3008, 0x601: 0x3308, 0x602: 0x3308, 0x603: 0x3308, 0x604: 0x3308, 0x605: 0x0040,
+ 0x606: 0x0040, 0x607: 0x3008, 0x608: 0x3008, 0x609: 0x0040, 0x60a: 0x0040, 0x60b: 0x3008,
+ 0x60c: 0x3008, 0x60d: 0x3b08, 0x60e: 0x0008, 0x60f: 0x0040, 0x610: 0x0040, 0x611: 0x0040,
+ 0x612: 0x0040, 0x613: 0x0040, 0x614: 0x0040, 0x615: 0x0040, 0x616: 0x0040, 0x617: 0x3008,
+ 0x618: 0x0040, 0x619: 0x0040, 0x61a: 0x0040, 0x61b: 0x0040, 0x61c: 0x0689, 0x61d: 0x06c1,
+ 0x61e: 0x0040, 0x61f: 0x06f9, 0x620: 0x0008, 0x621: 0x0008, 0x622: 0x3308, 0x623: 0x3308,
+ 0x624: 0x0040, 0x625: 0x0040, 0x626: 0x0008, 0x627: 0x0008, 0x628: 0x0008, 0x629: 0x0008,
+ 0x62a: 0x0008, 0x62b: 0x0008, 0x62c: 0x0008, 0x62d: 0x0008, 0x62e: 0x0008, 0x62f: 0x0008,
+ 0x630: 0x0008, 0x631: 0x0008, 0x632: 0x0018, 0x633: 0x0018, 0x634: 0x0018, 0x635: 0x0018,
+ 0x636: 0x0018, 0x637: 0x0018, 0x638: 0x0018, 0x639: 0x0018, 0x63a: 0x0018, 0x63b: 0x0018,
+ 0x63c: 0x0008, 0x63d: 0x0018, 0x63e: 0x3308, 0x63f: 0x0040,
+ // Block 0x19, offset 0x640
+ 0x640: 0x0040, 0x641: 0x3308, 0x642: 0x3308, 0x643: 0x3008, 0x644: 0x0040, 0x645: 0x0008,
+ 0x646: 0x0008, 0x647: 0x0008, 0x648: 0x0008, 0x649: 0x0008, 0x64a: 0x0008, 0x64b: 0x0040,
+ 0x64c: 0x0040, 0x64d: 0x0040, 0x64e: 0x0040, 0x64f: 0x0008, 0x650: 0x0008, 0x651: 0x0040,
+ 0x652: 0x0040, 0x653: 0x0008, 0x654: 0x0008, 0x655: 0x0008, 0x656: 0x0008, 0x657: 0x0008,
+ 0x658: 0x0008, 0x659: 0x0008, 0x65a: 0x0008, 0x65b: 0x0008, 0x65c: 0x0008, 0x65d: 0x0008,
+ 0x65e: 0x0008, 0x65f: 0x0008, 0x660: 0x0008, 0x661: 0x0008, 0x662: 0x0008, 0x663: 0x0008,
+ 0x664: 0x0008, 0x665: 0x0008, 0x666: 0x0008, 0x667: 0x0008, 0x668: 0x0008, 0x669: 0x0040,
+ 0x66a: 0x0008, 0x66b: 0x0008, 0x66c: 0x0008, 0x66d: 0x0008, 0x66e: 0x0008, 0x66f: 0x0008,
+ 0x670: 0x0008, 0x671: 0x0040, 0x672: 0x0008, 0x673: 0x0731, 0x674: 0x0040, 0x675: 0x0008,
+ 0x676: 0x0769, 0x677: 0x0040, 0x678: 0x0008, 0x679: 0x0008, 0x67a: 0x0040, 0x67b: 0x0040,
+ 0x67c: 0x3308, 0x67d: 0x0040, 0x67e: 0x3008, 0x67f: 0x3008,
+ // Block 0x1a, offset 0x680
+ 0x680: 0x3008, 0x681: 0x3308, 0x682: 0x3308, 0x683: 0x0040, 0x684: 0x0040, 0x685: 0x0040,
+ 0x686: 0x0040, 0x687: 0x3308, 0x688: 0x3308, 0x689: 0x0040, 0x68a: 0x0040, 0x68b: 0x3308,
+ 0x68c: 0x3308, 0x68d: 0x3b08, 0x68e: 0x0040, 0x68f: 0x0040, 0x690: 0x0040, 0x691: 0x3308,
+ 0x692: 0x0040, 0x693: 0x0040, 0x694: 0x0040, 0x695: 0x0040, 0x696: 0x0040, 0x697: 0x0040,
+ 0x698: 0x0040, 0x699: 0x07a1, 0x69a: 0x07d9, 0x69b: 0x0811, 0x69c: 0x0008, 0x69d: 0x0040,
+ 0x69e: 0x0849, 0x69f: 0x0040, 0x6a0: 0x0040, 0x6a1: 0x0040, 0x6a2: 0x0040, 0x6a3: 0x0040,
+ 0x6a4: 0x0040, 0x6a5: 0x0040, 0x6a6: 0x0008, 0x6a7: 0x0008, 0x6a8: 0x0008, 0x6a9: 0x0008,
+ 0x6aa: 0x0008, 0x6ab: 0x0008, 0x6ac: 0x0008, 0x6ad: 0x0008, 0x6ae: 0x0008, 0x6af: 0x0008,
+ 0x6b0: 0x3308, 0x6b1: 0x3308, 0x6b2: 0x0008, 0x6b3: 0x0008, 0x6b4: 0x0008, 0x6b5: 0x3308,
+ 0x6b6: 0x0018, 0x6b7: 0x0040, 0x6b8: 0x0040, 0x6b9: 0x0040, 0x6ba: 0x0040, 0x6bb: 0x0040,
+ 0x6bc: 0x0040, 0x6bd: 0x0040, 0x6be: 0x0040, 0x6bf: 0x0040,
+ // Block 0x1b, offset 0x6c0
+ 0x6c0: 0x0040, 0x6c1: 0x3308, 0x6c2: 0x3308, 0x6c3: 0x3008, 0x6c4: 0x0040, 0x6c5: 0x0008,
+ 0x6c6: 0x0008, 0x6c7: 0x0008, 0x6c8: 0x0008, 0x6c9: 0x0008, 0x6ca: 0x0008, 0x6cb: 0x0008,
+ 0x6cc: 0x0008, 0x6cd: 0x0008, 0x6ce: 0x0040, 0x6cf: 0x0008, 0x6d0: 0x0008, 0x6d1: 0x0008,
+ 0x6d2: 0x0040, 0x6d3: 0x0008, 0x6d4: 0x0008, 0x6d5: 0x0008, 0x6d6: 0x0008, 0x6d7: 0x0008,
+ 0x6d8: 0x0008, 0x6d9: 0x0008, 0x6da: 0x0008, 0x6db: 0x0008, 0x6dc: 0x0008, 0x6dd: 0x0008,
+ 0x6de: 0x0008, 0x6df: 0x0008, 0x6e0: 0x0008, 0x6e1: 0x0008, 0x6e2: 0x0008, 0x6e3: 0x0008,
+ 0x6e4: 0x0008, 0x6e5: 0x0008, 0x6e6: 0x0008, 0x6e7: 0x0008, 0x6e8: 0x0008, 0x6e9: 0x0040,
+ 0x6ea: 0x0008, 0x6eb: 0x0008, 0x6ec: 0x0008, 0x6ed: 0x0008, 0x6ee: 0x0008, 0x6ef: 0x0008,
+ 0x6f0: 0x0008, 0x6f1: 0x0040, 0x6f2: 0x0008, 0x6f3: 0x0008, 0x6f4: 0x0040, 0x6f5: 0x0008,
+ 0x6f6: 0x0008, 0x6f7: 0x0008, 0x6f8: 0x0008, 0x6f9: 0x0008, 0x6fa: 0x0040, 0x6fb: 0x0040,
+ 0x6fc: 0x3308, 0x6fd: 0x0008, 0x6fe: 0x3008, 0x6ff: 0x3008,
+ // Block 0x1c, offset 0x700
+ 0x700: 0x3008, 0x701: 0x3308, 0x702: 0x3308, 0x703: 0x3308, 0x704: 0x3308, 0x705: 0x3308,
+ 0x706: 0x0040, 0x707: 0x3308, 0x708: 0x3308, 0x709: 0x3008, 0x70a: 0x0040, 0x70b: 0x3008,
+ 0x70c: 0x3008, 0x70d: 0x3b08, 0x70e: 0x0040, 0x70f: 0x0040, 0x710: 0x0008, 0x711: 0x0040,
+ 0x712: 0x0040, 0x713: 0x0040, 0x714: 0x0040, 0x715: 0x0040, 0x716: 0x0040, 0x717: 0x0040,
+ 0x718: 0x0040, 0x719: 0x0040, 0x71a: 0x0040, 0x71b: 0x0040, 0x71c: 0x0040, 0x71d: 0x0040,
+ 0x71e: 0x0040, 0x71f: 0x0040, 0x720: 0x0008, 0x721: 0x0008, 0x722: 0x3308, 0x723: 0x3308,
+ 0x724: 0x0040, 0x725: 0x0040, 0x726: 0x0008, 0x727: 0x0008, 0x728: 0x0008, 0x729: 0x0008,
+ 0x72a: 0x0008, 0x72b: 0x0008, 0x72c: 0x0008, 0x72d: 0x0008, 0x72e: 0x0008, 0x72f: 0x0008,
+ 0x730: 0x0018, 0x731: 0x0018, 0x732: 0x0040, 0x733: 0x0040, 0x734: 0x0040, 0x735: 0x0040,
+ 0x736: 0x0040, 0x737: 0x0040, 0x738: 0x0040, 0x739: 0x0008, 0x73a: 0x3308, 0x73b: 0x3308,
+ 0x73c: 0x3308, 0x73d: 0x3308, 0x73e: 0x3308, 0x73f: 0x3308,
+ // Block 0x1d, offset 0x740
+ 0x740: 0x0040, 0x741: 0x3308, 0x742: 0x3008, 0x743: 0x3008, 0x744: 0x0040, 0x745: 0x0008,
+ 0x746: 0x0008, 0x747: 0x0008, 0x748: 0x0008, 0x749: 0x0008, 0x74a: 0x0008, 0x74b: 0x0008,
+ 0x74c: 0x0008, 0x74d: 0x0040, 0x74e: 0x0040, 0x74f: 0x0008, 0x750: 0x0008, 0x751: 0x0040,
+ 0x752: 0x0040, 0x753: 0x0008, 0x754: 0x0008, 0x755: 0x0008, 0x756: 0x0008, 0x757: 0x0008,
+ 0x758: 0x0008, 0x759: 0x0008, 0x75a: 0x0008, 0x75b: 0x0008, 0x75c: 0x0008, 0x75d: 0x0008,
+ 0x75e: 0x0008, 0x75f: 0x0008, 0x760: 0x0008, 0x761: 0x0008, 0x762: 0x0008, 0x763: 0x0008,
+ 0x764: 0x0008, 0x765: 0x0008, 0x766: 0x0008, 0x767: 0x0008, 0x768: 0x0008, 0x769: 0x0040,
+ 0x76a: 0x0008, 0x76b: 0x0008, 0x76c: 0x0008, 0x76d: 0x0008, 0x76e: 0x0008, 0x76f: 0x0008,
+ 0x770: 0x0008, 0x771: 0x0040, 0x772: 0x0008, 0x773: 0x0008, 0x774: 0x0040, 0x775: 0x0008,
+ 0x776: 0x0008, 0x777: 0x0008, 0x778: 0x0008, 0x779: 0x0008, 0x77a: 0x0040, 0x77b: 0x0040,
+ 0x77c: 0x3308, 0x77d: 0x0008, 0x77e: 0x3008, 0x77f: 0x3308,
+ // Block 0x1e, offset 0x780
+ 0x780: 0x3008, 0x781: 0x3308, 0x782: 0x3308, 0x783: 0x3308, 0x784: 0x3308, 0x785: 0x0040,
+ 0x786: 0x0040, 0x787: 0x3008, 0x788: 0x3008, 0x789: 0x0040, 0x78a: 0x0040, 0x78b: 0x3008,
+ 0x78c: 0x3008, 0x78d: 0x3b08, 0x78e: 0x0040, 0x78f: 0x0040, 0x790: 0x0040, 0x791: 0x0040,
+ 0x792: 0x0040, 0x793: 0x0040, 0x794: 0x0040, 0x795: 0x3308, 0x796: 0x3308, 0x797: 0x3008,
+ 0x798: 0x0040, 0x799: 0x0040, 0x79a: 0x0040, 0x79b: 0x0040, 0x79c: 0x0881, 0x79d: 0x08b9,
+ 0x79e: 0x0040, 0x79f: 0x0008, 0x7a0: 0x0008, 0x7a1: 0x0008, 0x7a2: 0x3308, 0x7a3: 0x3308,
+ 0x7a4: 0x0040, 0x7a5: 0x0040, 0x7a6: 0x0008, 0x7a7: 0x0008, 0x7a8: 0x0008, 0x7a9: 0x0008,
+ 0x7aa: 0x0008, 0x7ab: 0x0008, 0x7ac: 0x0008, 0x7ad: 0x0008, 0x7ae: 0x0008, 0x7af: 0x0008,
+ 0x7b0: 0x0018, 0x7b1: 0x0008, 0x7b2: 0x0018, 0x7b3: 0x0018, 0x7b4: 0x0018, 0x7b5: 0x0018,
+ 0x7b6: 0x0018, 0x7b7: 0x0018, 0x7b8: 0x0040, 0x7b9: 0x0040, 0x7ba: 0x0040, 0x7bb: 0x0040,
+ 0x7bc: 0x0040, 0x7bd: 0x0040, 0x7be: 0x0040, 0x7bf: 0x0040,
+ // Block 0x1f, offset 0x7c0
+ 0x7c0: 0x0040, 0x7c1: 0x0040, 0x7c2: 0x3308, 0x7c3: 0x0008, 0x7c4: 0x0040, 0x7c5: 0x0008,
+ 0x7c6: 0x0008, 0x7c7: 0x0008, 0x7c8: 0x0008, 0x7c9: 0x0008, 0x7ca: 0x0008, 0x7cb: 0x0040,
+ 0x7cc: 0x0040, 0x7cd: 0x0040, 0x7ce: 0x0008, 0x7cf: 0x0008, 0x7d0: 0x0008, 0x7d1: 0x0040,
+ 0x7d2: 0x0008, 0x7d3: 0x0008, 0x7d4: 0x0008, 0x7d5: 0x0008, 0x7d6: 0x0040, 0x7d7: 0x0040,
+ 0x7d8: 0x0040, 0x7d9: 0x0008, 0x7da: 0x0008, 0x7db: 0x0040, 0x7dc: 0x0008, 0x7dd: 0x0040,
+ 0x7de: 0x0008, 0x7df: 0x0008, 0x7e0: 0x0040, 0x7e1: 0x0040, 0x7e2: 0x0040, 0x7e3: 0x0008,
+ 0x7e4: 0x0008, 0x7e5: 0x0040, 0x7e6: 0x0040, 0x7e7: 0x0040, 0x7e8: 0x0008, 0x7e9: 0x0008,
+ 0x7ea: 0x0008, 0x7eb: 0x0040, 0x7ec: 0x0040, 0x7ed: 0x0040, 0x7ee: 0x0008, 0x7ef: 0x0008,
+ 0x7f0: 0x0008, 0x7f1: 0x0008, 0x7f2: 0x0008, 0x7f3: 0x0008, 0x7f4: 0x0008, 0x7f5: 0x0008,
+ 0x7f6: 0x0008, 0x7f7: 0x0008, 0x7f8: 0x0008, 0x7f9: 0x0008, 0x7fa: 0x0040, 0x7fb: 0x0040,
+ 0x7fc: 0x0040, 0x7fd: 0x0040, 0x7fe: 0x3008, 0x7ff: 0x3008,
+ // Block 0x20, offset 0x800
+ 0x800: 0x3308, 0x801: 0x3008, 0x802: 0x3008, 0x803: 0x3008, 0x804: 0x3008, 0x805: 0x0040,
+ 0x806: 0x3308, 0x807: 0x3308, 0x808: 0x3308, 0x809: 0x0040, 0x80a: 0x3308, 0x80b: 0x3308,
+ 0x80c: 0x3308, 0x80d: 0x3b08, 0x80e: 0x0040, 0x80f: 0x0040, 0x810: 0x0040, 0x811: 0x0040,
+ 0x812: 0x0040, 0x813: 0x0040, 0x814: 0x0040, 0x815: 0x3308, 0x816: 0x3308, 0x817: 0x0040,
+ 0x818: 0x0008, 0x819: 0x0008, 0x81a: 0x0008, 0x81b: 0x0040, 0x81c: 0x0040, 0x81d: 0x0040,
+ 0x81e: 0x0040, 0x81f: 0x0040, 0x820: 0x0008, 0x821: 0x0008, 0x822: 0x3308, 0x823: 0x3308,
+ 0x824: 0x0040, 0x825: 0x0040, 0x826: 0x0008, 0x827: 0x0008, 0x828: 0x0008, 0x829: 0x0008,
+ 0x82a: 0x0008, 0x82b: 0x0008, 0x82c: 0x0008, 0x82d: 0x0008, 0x82e: 0x0008, 0x82f: 0x0008,
+ 0x830: 0x0040, 0x831: 0x0040, 0x832: 0x0040, 0x833: 0x0040, 0x834: 0x0040, 0x835: 0x0040,
+ 0x836: 0x0040, 0x837: 0x0018, 0x838: 0x0018, 0x839: 0x0018, 0x83a: 0x0018, 0x83b: 0x0018,
+ 0x83c: 0x0018, 0x83d: 0x0018, 0x83e: 0x0018, 0x83f: 0x0018,
+ // Block 0x21, offset 0x840
+ 0x840: 0x0008, 0x841: 0x3308, 0x842: 0x3008, 0x843: 0x3008, 0x844: 0x0018, 0x845: 0x0008,
+ 0x846: 0x0008, 0x847: 0x0008, 0x848: 0x0008, 0x849: 0x0008, 0x84a: 0x0008, 0x84b: 0x0008,
+ 0x84c: 0x0008, 0x84d: 0x0040, 0x84e: 0x0008, 0x84f: 0x0008, 0x850: 0x0008, 0x851: 0x0040,
+ 0x852: 0x0008, 0x853: 0x0008, 0x854: 0x0008, 0x855: 0x0008, 0x856: 0x0008, 0x857: 0x0008,
+ 0x858: 0x0008, 0x859: 0x0008, 0x85a: 0x0008, 0x85b: 0x0008, 0x85c: 0x0008, 0x85d: 0x0008,
+ 0x85e: 0x0008, 0x85f: 0x0008, 0x860: 0x0008, 0x861: 0x0008, 0x862: 0x0008, 0x863: 0x0008,
+ 0x864: 0x0008, 0x865: 0x0008, 0x866: 0x0008, 0x867: 0x0008, 0x868: 0x0008, 0x869: 0x0040,
+ 0x86a: 0x0008, 0x86b: 0x0008, 0x86c: 0x0008, 0x86d: 0x0008, 0x86e: 0x0008, 0x86f: 0x0008,
+ 0x870: 0x0008, 0x871: 0x0008, 0x872: 0x0008, 0x873: 0x0008, 0x874: 0x0040, 0x875: 0x0008,
+ 0x876: 0x0008, 0x877: 0x0008, 0x878: 0x0008, 0x879: 0x0008, 0x87a: 0x0040, 0x87b: 0x0040,
+ 0x87c: 0x3308, 0x87d: 0x0008, 0x87e: 0x3008, 0x87f: 0x3308,
+ // Block 0x22, offset 0x880
+ 0x880: 0x3008, 0x881: 0x3008, 0x882: 0x3008, 0x883: 0x3008, 0x884: 0x3008, 0x885: 0x0040,
+ 0x886: 0x3308, 0x887: 0x3008, 0x888: 0x3008, 0x889: 0x0040, 0x88a: 0x3008, 0x88b: 0x3008,
+ 0x88c: 0x3308, 0x88d: 0x3b08, 0x88e: 0x0040, 0x88f: 0x0040, 0x890: 0x0040, 0x891: 0x0040,
+ 0x892: 0x0040, 0x893: 0x0040, 0x894: 0x0040, 0x895: 0x3008, 0x896: 0x3008, 0x897: 0x0040,
+ 0x898: 0x0040, 0x899: 0x0040, 0x89a: 0x0040, 0x89b: 0x0040, 0x89c: 0x0040, 0x89d: 0x0040,
+ 0x89e: 0x0008, 0x89f: 0x0040, 0x8a0: 0x0008, 0x8a1: 0x0008, 0x8a2: 0x3308, 0x8a3: 0x3308,
+ 0x8a4: 0x0040, 0x8a5: 0x0040, 0x8a6: 0x0008, 0x8a7: 0x0008, 0x8a8: 0x0008, 0x8a9: 0x0008,
+ 0x8aa: 0x0008, 0x8ab: 0x0008, 0x8ac: 0x0008, 0x8ad: 0x0008, 0x8ae: 0x0008, 0x8af: 0x0008,
+ 0x8b0: 0x0040, 0x8b1: 0x0008, 0x8b2: 0x0008, 0x8b3: 0x0040, 0x8b4: 0x0040, 0x8b5: 0x0040,
+ 0x8b6: 0x0040, 0x8b7: 0x0040, 0x8b8: 0x0040, 0x8b9: 0x0040, 0x8ba: 0x0040, 0x8bb: 0x0040,
+ 0x8bc: 0x0040, 0x8bd: 0x0040, 0x8be: 0x0040, 0x8bf: 0x0040,
+ // Block 0x23, offset 0x8c0
+ 0x8c0: 0x3008, 0x8c1: 0x3308, 0x8c2: 0x3308, 0x8c3: 0x3308, 0x8c4: 0x3308, 0x8c5: 0x0040,
+ 0x8c6: 0x3008, 0x8c7: 0x3008, 0x8c8: 0x3008, 0x8c9: 0x0040, 0x8ca: 0x3008, 0x8cb: 0x3008,
+ 0x8cc: 0x3008, 0x8cd: 0x3b08, 0x8ce: 0x0008, 0x8cf: 0x0018, 0x8d0: 0x0040, 0x8d1: 0x0040,
+ 0x8d2: 0x0040, 0x8d3: 0x0040, 0x8d4: 0x0008, 0x8d5: 0x0008, 0x8d6: 0x0008, 0x8d7: 0x3008,
+ 0x8d8: 0x0018, 0x8d9: 0x0018, 0x8da: 0x0018, 0x8db: 0x0018, 0x8dc: 0x0018, 0x8dd: 0x0018,
+ 0x8de: 0x0018, 0x8df: 0x0008, 0x8e0: 0x0008, 0x8e1: 0x0008, 0x8e2: 0x3308, 0x8e3: 0x3308,
+ 0x8e4: 0x0040, 0x8e5: 0x0040, 0x8e6: 0x0008, 0x8e7: 0x0008, 0x8e8: 0x0008, 0x8e9: 0x0008,
+ 0x8ea: 0x0008, 0x8eb: 0x0008, 0x8ec: 0x0008, 0x8ed: 0x0008, 0x8ee: 0x0008, 0x8ef: 0x0008,
+ 0x8f0: 0x0018, 0x8f1: 0x0018, 0x8f2: 0x0018, 0x8f3: 0x0018, 0x8f4: 0x0018, 0x8f5: 0x0018,
+ 0x8f6: 0x0018, 0x8f7: 0x0018, 0x8f8: 0x0018, 0x8f9: 0x0018, 0x8fa: 0x0008, 0x8fb: 0x0008,
+ 0x8fc: 0x0008, 0x8fd: 0x0008, 0x8fe: 0x0008, 0x8ff: 0x0008,
+ // Block 0x24, offset 0x900
+ 0x900: 0x0040, 0x901: 0x0008, 0x902: 0x0008, 0x903: 0x0040, 0x904: 0x0008, 0x905: 0x0040,
+ 0x906: 0x0008, 0x907: 0x0008, 0x908: 0x0008, 0x909: 0x0008, 0x90a: 0x0008, 0x90b: 0x0040,
+ 0x90c: 0x0008, 0x90d: 0x0008, 0x90e: 0x0008, 0x90f: 0x0008, 0x910: 0x0008, 0x911: 0x0008,
+ 0x912: 0x0008, 0x913: 0x0008, 0x914: 0x0008, 0x915: 0x0008, 0x916: 0x0008, 0x917: 0x0008,
+ 0x918: 0x0008, 0x919: 0x0008, 0x91a: 0x0008, 0x91b: 0x0008, 0x91c: 0x0008, 0x91d: 0x0008,
+ 0x91e: 0x0008, 0x91f: 0x0008, 0x920: 0x0008, 0x921: 0x0008, 0x922: 0x0008, 0x923: 0x0008,
+ 0x924: 0x0040, 0x925: 0x0008, 0x926: 0x0040, 0x927: 0x0008, 0x928: 0x0008, 0x929: 0x0008,
+ 0x92a: 0x0008, 0x92b: 0x0008, 0x92c: 0x0008, 0x92d: 0x0008, 0x92e: 0x0008, 0x92f: 0x0008,
+ 0x930: 0x0008, 0x931: 0x3308, 0x932: 0x0008, 0x933: 0x0929, 0x934: 0x3308, 0x935: 0x3308,
+ 0x936: 0x3308, 0x937: 0x3308, 0x938: 0x3308, 0x939: 0x3308, 0x93a: 0x3b08, 0x93b: 0x3308,
+ 0x93c: 0x3308, 0x93d: 0x0008, 0x93e: 0x0040, 0x93f: 0x0040,
+ // Block 0x25, offset 0x940
+ 0x940: 0x0008, 0x941: 0x0008, 0x942: 0x0008, 0x943: 0x09d1, 0x944: 0x0008, 0x945: 0x0008,
+ 0x946: 0x0008, 0x947: 0x0008, 0x948: 0x0040, 0x949: 0x0008, 0x94a: 0x0008, 0x94b: 0x0008,
+ 0x94c: 0x0008, 0x94d: 0x0a09, 0x94e: 0x0008, 0x94f: 0x0008, 0x950: 0x0008, 0x951: 0x0008,
+ 0x952: 0x0a41, 0x953: 0x0008, 0x954: 0x0008, 0x955: 0x0008, 0x956: 0x0008, 0x957: 0x0a79,
+ 0x958: 0x0008, 0x959: 0x0008, 0x95a: 0x0008, 0x95b: 0x0008, 0x95c: 0x0ab1, 0x95d: 0x0008,
+ 0x95e: 0x0008, 0x95f: 0x0008, 0x960: 0x0008, 0x961: 0x0008, 0x962: 0x0008, 0x963: 0x0008,
+ 0x964: 0x0008, 0x965: 0x0008, 0x966: 0x0008, 0x967: 0x0008, 0x968: 0x0008, 0x969: 0x0ae9,
+ 0x96a: 0x0008, 0x96b: 0x0008, 0x96c: 0x0008, 0x96d: 0x0040, 0x96e: 0x0040, 0x96f: 0x0040,
+ 0x970: 0x0040, 0x971: 0x3308, 0x972: 0x3308, 0x973: 0x0b21, 0x974: 0x3308, 0x975: 0x0b59,
+ 0x976: 0x0b91, 0x977: 0x0bc9, 0x978: 0x0c19, 0x979: 0x0c51, 0x97a: 0x3308, 0x97b: 0x3308,
+ 0x97c: 0x3308, 0x97d: 0x3308, 0x97e: 0x3308, 0x97f: 0x3008,
+ // Block 0x26, offset 0x980
+ 0x980: 0x3308, 0x981: 0x0ca1, 0x982: 0x3308, 0x983: 0x3308, 0x984: 0x3b08, 0x985: 0x0018,
+ 0x986: 0x3308, 0x987: 0x3308, 0x988: 0x0008, 0x989: 0x0008, 0x98a: 0x0008, 0x98b: 0x0008,
+ 0x98c: 0x0008, 0x98d: 0x3308, 0x98e: 0x3308, 0x98f: 0x3308, 0x990: 0x3308, 0x991: 0x3308,
+ 0x992: 0x3308, 0x993: 0x0cd9, 0x994: 0x3308, 0x995: 0x3308, 0x996: 0x3308, 0x997: 0x3308,
+ 0x998: 0x0040, 0x999: 0x3308, 0x99a: 0x3308, 0x99b: 0x3308, 0x99c: 0x3308, 0x99d: 0x0d11,
+ 0x99e: 0x3308, 0x99f: 0x3308, 0x9a0: 0x3308, 0x9a1: 0x3308, 0x9a2: 0x0d49, 0x9a3: 0x3308,
+ 0x9a4: 0x3308, 0x9a5: 0x3308, 0x9a6: 0x3308, 0x9a7: 0x0d81, 0x9a8: 0x3308, 0x9a9: 0x3308,
+ 0x9aa: 0x3308, 0x9ab: 0x3308, 0x9ac: 0x0db9, 0x9ad: 0x3308, 0x9ae: 0x3308, 0x9af: 0x3308,
+ 0x9b0: 0x3308, 0x9b1: 0x3308, 0x9b2: 0x3308, 0x9b3: 0x3308, 0x9b4: 0x3308, 0x9b5: 0x3308,
+ 0x9b6: 0x3308, 0x9b7: 0x3308, 0x9b8: 0x3308, 0x9b9: 0x0df1, 0x9ba: 0x3308, 0x9bb: 0x3308,
+ 0x9bc: 0x3308, 0x9bd: 0x0040, 0x9be: 0x0018, 0x9bf: 0x0018,
+ // Block 0x27, offset 0x9c0
+ 0x9c0: 0x0008, 0x9c1: 0x0008, 0x9c2: 0x0008, 0x9c3: 0x0008, 0x9c4: 0x0008, 0x9c5: 0x0008,
+ 0x9c6: 0x0008, 0x9c7: 0x0008, 0x9c8: 0x0008, 0x9c9: 0x0008, 0x9ca: 0x0008, 0x9cb: 0x0008,
+ 0x9cc: 0x0008, 0x9cd: 0x0008, 0x9ce: 0x0008, 0x9cf: 0x0008, 0x9d0: 0x0008, 0x9d1: 0x0008,
+ 0x9d2: 0x0008, 0x9d3: 0x0008, 0x9d4: 0x0008, 0x9d5: 0x0008, 0x9d6: 0x0008, 0x9d7: 0x0008,
+ 0x9d8: 0x0008, 0x9d9: 0x0008, 0x9da: 0x0008, 0x9db: 0x0008, 0x9dc: 0x0008, 0x9dd: 0x0008,
+ 0x9de: 0x0008, 0x9df: 0x0008, 0x9e0: 0x0008, 0x9e1: 0x0008, 0x9e2: 0x0008, 0x9e3: 0x0008,
+ 0x9e4: 0x0008, 0x9e5: 0x0008, 0x9e6: 0x0008, 0x9e7: 0x0008, 0x9e8: 0x0008, 0x9e9: 0x0008,
+ 0x9ea: 0x0008, 0x9eb: 0x0008, 0x9ec: 0x0039, 0x9ed: 0x0ed1, 0x9ee: 0x0ee9, 0x9ef: 0x0008,
+ 0x9f0: 0x0ef9, 0x9f1: 0x0f09, 0x9f2: 0x0f19, 0x9f3: 0x0f31, 0x9f4: 0x0249, 0x9f5: 0x0f41,
+ 0x9f6: 0x0259, 0x9f7: 0x0f51, 0x9f8: 0x0359, 0x9f9: 0x0f61, 0x9fa: 0x0f71, 0x9fb: 0x0008,
+ 0x9fc: 0x00d9, 0x9fd: 0x0f81, 0x9fe: 0x0f99, 0x9ff: 0x0269,
+ // Block 0x28, offset 0xa00
+ 0xa00: 0x0fa9, 0xa01: 0x0fb9, 0xa02: 0x0279, 0xa03: 0x0039, 0xa04: 0x0fc9, 0xa05: 0x0fe1,
+ 0xa06: 0x05b5, 0xa07: 0x0ee9, 0xa08: 0x0ef9, 0xa09: 0x0f09, 0xa0a: 0x0ff9, 0xa0b: 0x1011,
+ 0xa0c: 0x1029, 0xa0d: 0x0f31, 0xa0e: 0x0008, 0xa0f: 0x0f51, 0xa10: 0x0f61, 0xa11: 0x1041,
+ 0xa12: 0x00d9, 0xa13: 0x1059, 0xa14: 0x05cd, 0xa15: 0x05cd, 0xa16: 0x0f99, 0xa17: 0x0fa9,
+ 0xa18: 0x0fb9, 0xa19: 0x05b5, 0xa1a: 0x1071, 0xa1b: 0x1089, 0xa1c: 0x05e5, 0xa1d: 0x1099,
+ 0xa1e: 0x10b1, 0xa1f: 0x10c9, 0xa20: 0x10e1, 0xa21: 0x10f9, 0xa22: 0x0f41, 0xa23: 0x0269,
+ 0xa24: 0x0fb9, 0xa25: 0x1089, 0xa26: 0x1099, 0xa27: 0x10b1, 0xa28: 0x1111, 0xa29: 0x10e1,
+ 0xa2a: 0x10f9, 0xa2b: 0x0008, 0xa2c: 0x0008, 0xa2d: 0x0008, 0xa2e: 0x0008, 0xa2f: 0x0008,
+ 0xa30: 0x0008, 0xa31: 0x0008, 0xa32: 0x0008, 0xa33: 0x0008, 0xa34: 0x0008, 0xa35: 0x0008,
+ 0xa36: 0x0008, 0xa37: 0x0008, 0xa38: 0x1129, 0xa39: 0x0008, 0xa3a: 0x0008, 0xa3b: 0x0008,
+ 0xa3c: 0x0008, 0xa3d: 0x0008, 0xa3e: 0x0008, 0xa3f: 0x0008,
+ // Block 0x29, offset 0xa40
+ 0xa40: 0x0008, 0xa41: 0x0008, 0xa42: 0x0008, 0xa43: 0x0008, 0xa44: 0x0008, 0xa45: 0x0008,
+ 0xa46: 0x0008, 0xa47: 0x0008, 0xa48: 0x0008, 0xa49: 0x0008, 0xa4a: 0x0008, 0xa4b: 0x0008,
+ 0xa4c: 0x0008, 0xa4d: 0x0008, 0xa4e: 0x0008, 0xa4f: 0x0008, 0xa50: 0x0008, 0xa51: 0x0008,
+ 0xa52: 0x0008, 0xa53: 0x0008, 0xa54: 0x0008, 0xa55: 0x0008, 0xa56: 0x0008, 0xa57: 0x0008,
+ 0xa58: 0x0008, 0xa59: 0x0008, 0xa5a: 0x0008, 0xa5b: 0x1141, 0xa5c: 0x1159, 0xa5d: 0x1169,
+ 0xa5e: 0x1181, 0xa5f: 0x1029, 0xa60: 0x1199, 0xa61: 0x11a9, 0xa62: 0x11c1, 0xa63: 0x11d9,
+ 0xa64: 0x11f1, 0xa65: 0x1209, 0xa66: 0x1221, 0xa67: 0x05fd, 0xa68: 0x1239, 0xa69: 0x1251,
+ 0xa6a: 0xe17d, 0xa6b: 0x1269, 0xa6c: 0x1281, 0xa6d: 0x1299, 0xa6e: 0x12b1, 0xa6f: 0x12c9,
+ 0xa70: 0x12e1, 0xa71: 0x12f9, 0xa72: 0x1311, 0xa73: 0x1329, 0xa74: 0x1341, 0xa75: 0x1359,
+ 0xa76: 0x1371, 0xa77: 0x1389, 0xa78: 0x0615, 0xa79: 0x13a1, 0xa7a: 0x13b9, 0xa7b: 0x13d1,
+ 0xa7c: 0x13e1, 0xa7d: 0x13f9, 0xa7e: 0x1411, 0xa7f: 0x1429,
+ // Block 0x2a, offset 0xa80
+ 0xa80: 0xe00d, 0xa81: 0x0008, 0xa82: 0xe00d, 0xa83: 0x0008, 0xa84: 0xe00d, 0xa85: 0x0008,
+ 0xa86: 0xe00d, 0xa87: 0x0008, 0xa88: 0xe00d, 0xa89: 0x0008, 0xa8a: 0xe00d, 0xa8b: 0x0008,
+ 0xa8c: 0xe00d, 0xa8d: 0x0008, 0xa8e: 0xe00d, 0xa8f: 0x0008, 0xa90: 0xe00d, 0xa91: 0x0008,
+ 0xa92: 0xe00d, 0xa93: 0x0008, 0xa94: 0xe00d, 0xa95: 0x0008, 0xa96: 0xe00d, 0xa97: 0x0008,
+ 0xa98: 0xe00d, 0xa99: 0x0008, 0xa9a: 0xe00d, 0xa9b: 0x0008, 0xa9c: 0xe00d, 0xa9d: 0x0008,
+ 0xa9e: 0xe00d, 0xa9f: 0x0008, 0xaa0: 0xe00d, 0xaa1: 0x0008, 0xaa2: 0xe00d, 0xaa3: 0x0008,
+ 0xaa4: 0xe00d, 0xaa5: 0x0008, 0xaa6: 0xe00d, 0xaa7: 0x0008, 0xaa8: 0xe00d, 0xaa9: 0x0008,
+ 0xaaa: 0xe00d, 0xaab: 0x0008, 0xaac: 0xe00d, 0xaad: 0x0008, 0xaae: 0xe00d, 0xaaf: 0x0008,
+ 0xab0: 0xe00d, 0xab1: 0x0008, 0xab2: 0xe00d, 0xab3: 0x0008, 0xab4: 0xe00d, 0xab5: 0x0008,
+ 0xab6: 0xe00d, 0xab7: 0x0008, 0xab8: 0xe00d, 0xab9: 0x0008, 0xaba: 0xe00d, 0xabb: 0x0008,
+ 0xabc: 0xe00d, 0xabd: 0x0008, 0xabe: 0xe00d, 0xabf: 0x0008,
+ // Block 0x2b, offset 0xac0
+ 0xac0: 0xe00d, 0xac1: 0x0008, 0xac2: 0xe00d, 0xac3: 0x0008, 0xac4: 0xe00d, 0xac5: 0x0008,
+ 0xac6: 0xe00d, 0xac7: 0x0008, 0xac8: 0xe00d, 0xac9: 0x0008, 0xaca: 0xe00d, 0xacb: 0x0008,
+ 0xacc: 0xe00d, 0xacd: 0x0008, 0xace: 0xe00d, 0xacf: 0x0008, 0xad0: 0xe00d, 0xad1: 0x0008,
+ 0xad2: 0xe00d, 0xad3: 0x0008, 0xad4: 0xe00d, 0xad5: 0x0008, 0xad6: 0x0008, 0xad7: 0x0008,
+ 0xad8: 0x0008, 0xad9: 0x0008, 0xada: 0x062d, 0xadb: 0x064d, 0xadc: 0x0008, 0xadd: 0x0008,
+ 0xade: 0x1441, 0xadf: 0x0008, 0xae0: 0xe00d, 0xae1: 0x0008, 0xae2: 0xe00d, 0xae3: 0x0008,
+ 0xae4: 0xe00d, 0xae5: 0x0008, 0xae6: 0xe00d, 0xae7: 0x0008, 0xae8: 0xe00d, 0xae9: 0x0008,
+ 0xaea: 0xe00d, 0xaeb: 0x0008, 0xaec: 0xe00d, 0xaed: 0x0008, 0xaee: 0xe00d, 0xaef: 0x0008,
+ 0xaf0: 0xe00d, 0xaf1: 0x0008, 0xaf2: 0xe00d, 0xaf3: 0x0008, 0xaf4: 0xe00d, 0xaf5: 0x0008,
+ 0xaf6: 0xe00d, 0xaf7: 0x0008, 0xaf8: 0xe00d, 0xaf9: 0x0008, 0xafa: 0xe00d, 0xafb: 0x0008,
+ 0xafc: 0xe00d, 0xafd: 0x0008, 0xafe: 0xe00d, 0xaff: 0x0008,
+ // Block 0x2c, offset 0xb00
+ 0xb00: 0x0008, 0xb01: 0x0008, 0xb02: 0x0008, 0xb03: 0x0008, 0xb04: 0x0008, 0xb05: 0x0008,
+ 0xb06: 0x0040, 0xb07: 0x0040, 0xb08: 0xe045, 0xb09: 0xe045, 0xb0a: 0xe045, 0xb0b: 0xe045,
+ 0xb0c: 0xe045, 0xb0d: 0xe045, 0xb0e: 0x0040, 0xb0f: 0x0040, 0xb10: 0x0008, 0xb11: 0x0008,
+ 0xb12: 0x0008, 0xb13: 0x0008, 0xb14: 0x0008, 0xb15: 0x0008, 0xb16: 0x0008, 0xb17: 0x0008,
+ 0xb18: 0x0040, 0xb19: 0xe045, 0xb1a: 0x0040, 0xb1b: 0xe045, 0xb1c: 0x0040, 0xb1d: 0xe045,
+ 0xb1e: 0x0040, 0xb1f: 0xe045, 0xb20: 0x0008, 0xb21: 0x0008, 0xb22: 0x0008, 0xb23: 0x0008,
+ 0xb24: 0x0008, 0xb25: 0x0008, 0xb26: 0x0008, 0xb27: 0x0008, 0xb28: 0xe045, 0xb29: 0xe045,
+ 0xb2a: 0xe045, 0xb2b: 0xe045, 0xb2c: 0xe045, 0xb2d: 0xe045, 0xb2e: 0xe045, 0xb2f: 0xe045,
+ 0xb30: 0x0008, 0xb31: 0x1459, 0xb32: 0x0008, 0xb33: 0x1471, 0xb34: 0x0008, 0xb35: 0x1489,
+ 0xb36: 0x0008, 0xb37: 0x14a1, 0xb38: 0x0008, 0xb39: 0x14b9, 0xb3a: 0x0008, 0xb3b: 0x14d1,
+ 0xb3c: 0x0008, 0xb3d: 0x14e9, 0xb3e: 0x0040, 0xb3f: 0x0040,
+ // Block 0x2d, offset 0xb40
+ 0xb40: 0x1501, 0xb41: 0x1531, 0xb42: 0x1561, 0xb43: 0x1591, 0xb44: 0x15c1, 0xb45: 0x15f1,
+ 0xb46: 0x1621, 0xb47: 0x1651, 0xb48: 0x1501, 0xb49: 0x1531, 0xb4a: 0x1561, 0xb4b: 0x1591,
+ 0xb4c: 0x15c1, 0xb4d: 0x15f1, 0xb4e: 0x1621, 0xb4f: 0x1651, 0xb50: 0x1681, 0xb51: 0x16b1,
+ 0xb52: 0x16e1, 0xb53: 0x1711, 0xb54: 0x1741, 0xb55: 0x1771, 0xb56: 0x17a1, 0xb57: 0x17d1,
+ 0xb58: 0x1681, 0xb59: 0x16b1, 0xb5a: 0x16e1, 0xb5b: 0x1711, 0xb5c: 0x1741, 0xb5d: 0x1771,
+ 0xb5e: 0x17a1, 0xb5f: 0x17d1, 0xb60: 0x1801, 0xb61: 0x1831, 0xb62: 0x1861, 0xb63: 0x1891,
+ 0xb64: 0x18c1, 0xb65: 0x18f1, 0xb66: 0x1921, 0xb67: 0x1951, 0xb68: 0x1801, 0xb69: 0x1831,
+ 0xb6a: 0x1861, 0xb6b: 0x1891, 0xb6c: 0x18c1, 0xb6d: 0x18f1, 0xb6e: 0x1921, 0xb6f: 0x1951,
+ 0xb70: 0x0008, 0xb71: 0x0008, 0xb72: 0x1981, 0xb73: 0x19b1, 0xb74: 0x19d9, 0xb75: 0x0040,
+ 0xb76: 0x0008, 0xb77: 0x1a01, 0xb78: 0xe045, 0xb79: 0xe045, 0xb7a: 0x0665, 0xb7b: 0x1459,
+ 0xb7c: 0x19b1, 0xb7d: 0x067e, 0xb7e: 0x1a31, 0xb7f: 0x069e,
+ // Block 0x2e, offset 0xb80
+ 0xb80: 0x06be, 0xb81: 0x1a4a, 0xb82: 0x1a79, 0xb83: 0x1aa9, 0xb84: 0x1ad1, 0xb85: 0x0040,
+ 0xb86: 0x0008, 0xb87: 0x1af9, 0xb88: 0x06dd, 0xb89: 0x1471, 0xb8a: 0x06f5, 0xb8b: 0x1489,
+ 0xb8c: 0x1aa9, 0xb8d: 0x1b2a, 0xb8e: 0x1b5a, 0xb8f: 0x1b8a, 0xb90: 0x0008, 0xb91: 0x0008,
+ 0xb92: 0x0008, 0xb93: 0x1bb9, 0xb94: 0x0040, 0xb95: 0x0040, 0xb96: 0x0008, 0xb97: 0x0008,
+ 0xb98: 0xe045, 0xb99: 0xe045, 0xb9a: 0x070d, 0xb9b: 0x14a1, 0xb9c: 0x0040, 0xb9d: 0x1bd2,
+ 0xb9e: 0x1c02, 0xb9f: 0x1c32, 0xba0: 0x0008, 0xba1: 0x0008, 0xba2: 0x0008, 0xba3: 0x1c61,
+ 0xba4: 0x0008, 0xba5: 0x0008, 0xba6: 0x0008, 0xba7: 0x0008, 0xba8: 0xe045, 0xba9: 0xe045,
+ 0xbaa: 0x0725, 0xbab: 0x14d1, 0xbac: 0xe04d, 0xbad: 0x1c7a, 0xbae: 0x03d2, 0xbaf: 0x1caa,
+ 0xbb0: 0x0040, 0xbb1: 0x0040, 0xbb2: 0x1cb9, 0xbb3: 0x1ce9, 0xbb4: 0x1d11, 0xbb5: 0x0040,
+ 0xbb6: 0x0008, 0xbb7: 0x1d39, 0xbb8: 0x073d, 0xbb9: 0x14b9, 0xbba: 0x0515, 0xbbb: 0x14e9,
+ 0xbbc: 0x1ce9, 0xbbd: 0x0756, 0xbbe: 0x0776, 0xbbf: 0x0040,
+ // Block 0x2f, offset 0xbc0
+ 0xbc0: 0x000a, 0xbc1: 0x000a, 0xbc2: 0x000a, 0xbc3: 0x000a, 0xbc4: 0x000a, 0xbc5: 0x000a,
+ 0xbc6: 0x000a, 0xbc7: 0x000a, 0xbc8: 0x000a, 0xbc9: 0x000a, 0xbca: 0x000a, 0xbcb: 0x03c0,
+ 0xbcc: 0x0003, 0xbcd: 0x0003, 0xbce: 0x0340, 0xbcf: 0x0b40, 0xbd0: 0x0018, 0xbd1: 0xe00d,
+ 0xbd2: 0x0018, 0xbd3: 0x0018, 0xbd4: 0x0018, 0xbd5: 0x0018, 0xbd6: 0x0018, 0xbd7: 0x0796,
+ 0xbd8: 0x0018, 0xbd9: 0x0018, 0xbda: 0x0018, 0xbdb: 0x0018, 0xbdc: 0x0018, 0xbdd: 0x0018,
+ 0xbde: 0x0018, 0xbdf: 0x0018, 0xbe0: 0x0018, 0xbe1: 0x0018, 0xbe2: 0x0018, 0xbe3: 0x0018,
+ 0xbe4: 0x0040, 0xbe5: 0x0040, 0xbe6: 0x0040, 0xbe7: 0x0018, 0xbe8: 0x0040, 0xbe9: 0x0040,
+ 0xbea: 0x0340, 0xbeb: 0x0340, 0xbec: 0x0340, 0xbed: 0x0340, 0xbee: 0x0340, 0xbef: 0x000a,
+ 0xbf0: 0x0018, 0xbf1: 0x0018, 0xbf2: 0x0018, 0xbf3: 0x1d69, 0xbf4: 0x1da1, 0xbf5: 0x0018,
+ 0xbf6: 0x1df1, 0xbf7: 0x1e29, 0xbf8: 0x0018, 0xbf9: 0x0018, 0xbfa: 0x0018, 0xbfb: 0x0018,
+ 0xbfc: 0x1e7a, 0xbfd: 0x0018, 0xbfe: 0x07b6, 0xbff: 0x0018,
+ // Block 0x30, offset 0xc00
+ 0xc00: 0x0018, 0xc01: 0x0018, 0xc02: 0x0018, 0xc03: 0x0018, 0xc04: 0x0018, 0xc05: 0x0018,
+ 0xc06: 0x0018, 0xc07: 0x1e92, 0xc08: 0x1eaa, 0xc09: 0x1ec2, 0xc0a: 0x0018, 0xc0b: 0x0018,
+ 0xc0c: 0x0018, 0xc0d: 0x0018, 0xc0e: 0x0018, 0xc0f: 0x0018, 0xc10: 0x0018, 0xc11: 0x0018,
+ 0xc12: 0x0018, 0xc13: 0x0018, 0xc14: 0x0018, 0xc15: 0x0018, 0xc16: 0x0018, 0xc17: 0x1ed9,
+ 0xc18: 0x0018, 0xc19: 0x0018, 0xc1a: 0x0018, 0xc1b: 0x0018, 0xc1c: 0x0018, 0xc1d: 0x0018,
+ 0xc1e: 0x0018, 0xc1f: 0x000a, 0xc20: 0x03c0, 0xc21: 0x0340, 0xc22: 0x0340, 0xc23: 0x0340,
+ 0xc24: 0x03c0, 0xc25: 0x0040, 0xc26: 0x0040, 0xc27: 0x0040, 0xc28: 0x0040, 0xc29: 0x0040,
+ 0xc2a: 0x0340, 0xc2b: 0x0340, 0xc2c: 0x0340, 0xc2d: 0x0340, 0xc2e: 0x0340, 0xc2f: 0x0340,
+ 0xc30: 0x1f41, 0xc31: 0x0f41, 0xc32: 0x0040, 0xc33: 0x0040, 0xc34: 0x1f51, 0xc35: 0x1f61,
+ 0xc36: 0x1f71, 0xc37: 0x1f81, 0xc38: 0x1f91, 0xc39: 0x1fa1, 0xc3a: 0x1fb2, 0xc3b: 0x07d5,
+ 0xc3c: 0x1fc2, 0xc3d: 0x1fd2, 0xc3e: 0x1fe2, 0xc3f: 0x0f71,
+ // Block 0x31, offset 0xc40
+ 0xc40: 0x1f41, 0xc41: 0x00c9, 0xc42: 0x0069, 0xc43: 0x0079, 0xc44: 0x1f51, 0xc45: 0x1f61,
+ 0xc46: 0x1f71, 0xc47: 0x1f81, 0xc48: 0x1f91, 0xc49: 0x1fa1, 0xc4a: 0x1fb2, 0xc4b: 0x07ed,
+ 0xc4c: 0x1fc2, 0xc4d: 0x1fd2, 0xc4e: 0x1fe2, 0xc4f: 0x0040, 0xc50: 0x0039, 0xc51: 0x0f09,
+ 0xc52: 0x00d9, 0xc53: 0x0369, 0xc54: 0x0ff9, 0xc55: 0x0249, 0xc56: 0x0f51, 0xc57: 0x0359,
+ 0xc58: 0x0f61, 0xc59: 0x0f71, 0xc5a: 0x0f99, 0xc5b: 0x01d9, 0xc5c: 0x0fa9, 0xc5d: 0x0040,
+ 0xc5e: 0x0040, 0xc5f: 0x0040, 0xc60: 0x0018, 0xc61: 0x0018, 0xc62: 0x0018, 0xc63: 0x0018,
+ 0xc64: 0x0018, 0xc65: 0x0018, 0xc66: 0x0018, 0xc67: 0x0018, 0xc68: 0x1ff1, 0xc69: 0x0018,
+ 0xc6a: 0x0018, 0xc6b: 0x0018, 0xc6c: 0x0018, 0xc6d: 0x0018, 0xc6e: 0x0018, 0xc6f: 0x0018,
+ 0xc70: 0x0018, 0xc71: 0x0018, 0xc72: 0x0018, 0xc73: 0x0018, 0xc74: 0x0018, 0xc75: 0x0018,
+ 0xc76: 0x0018, 0xc77: 0x0018, 0xc78: 0x0018, 0xc79: 0x0018, 0xc7a: 0x0018, 0xc7b: 0x0018,
+ 0xc7c: 0x0018, 0xc7d: 0x0018, 0xc7e: 0x0018, 0xc7f: 0x0018,
+ // Block 0x32, offset 0xc80
+ 0xc80: 0x0806, 0xc81: 0x0826, 0xc82: 0x1159, 0xc83: 0x0845, 0xc84: 0x0018, 0xc85: 0x0866,
+ 0xc86: 0x0886, 0xc87: 0x1011, 0xc88: 0x0018, 0xc89: 0x08a5, 0xc8a: 0x0f31, 0xc8b: 0x0249,
+ 0xc8c: 0x0249, 0xc8d: 0x0249, 0xc8e: 0x0249, 0xc8f: 0x2009, 0xc90: 0x0f41, 0xc91: 0x0f41,
+ 0xc92: 0x0359, 0xc93: 0x0359, 0xc94: 0x0018, 0xc95: 0x0f71, 0xc96: 0x2021, 0xc97: 0x0018,
+ 0xc98: 0x0018, 0xc99: 0x0f99, 0xc9a: 0x2039, 0xc9b: 0x0269, 0xc9c: 0x0269, 0xc9d: 0x0269,
+ 0xc9e: 0x0018, 0xc9f: 0x0018, 0xca0: 0x2049, 0xca1: 0x08c5, 0xca2: 0x2061, 0xca3: 0x0018,
+ 0xca4: 0x13d1, 0xca5: 0x0018, 0xca6: 0x2079, 0xca7: 0x0018, 0xca8: 0x13d1, 0xca9: 0x0018,
+ 0xcaa: 0x0f51, 0xcab: 0x2091, 0xcac: 0x0ee9, 0xcad: 0x1159, 0xcae: 0x0018, 0xcaf: 0x0f09,
+ 0xcb0: 0x0f09, 0xcb1: 0x1199, 0xcb2: 0x0040, 0xcb3: 0x0f61, 0xcb4: 0x00d9, 0xcb5: 0x20a9,
+ 0xcb6: 0x20c1, 0xcb7: 0x20d9, 0xcb8: 0x20f1, 0xcb9: 0x0f41, 0xcba: 0x0018, 0xcbb: 0x08e5,
+ 0xcbc: 0x2109, 0xcbd: 0x10b1, 0xcbe: 0x10b1, 0xcbf: 0x2109,
+ // Block 0x33, offset 0xcc0
+ 0xcc0: 0x0905, 0xcc1: 0x0018, 0xcc2: 0x0018, 0xcc3: 0x0018, 0xcc4: 0x0018, 0xcc5: 0x0ef9,
+ 0xcc6: 0x0ef9, 0xcc7: 0x0f09, 0xcc8: 0x0f41, 0xcc9: 0x0259, 0xcca: 0x0018, 0xccb: 0x0018,
+ 0xccc: 0x0018, 0xccd: 0x0018, 0xcce: 0x0008, 0xccf: 0x0018, 0xcd0: 0x2121, 0xcd1: 0x2151,
+ 0xcd2: 0x2181, 0xcd3: 0x21b9, 0xcd4: 0x21e9, 0xcd5: 0x2219, 0xcd6: 0x2249, 0xcd7: 0x2279,
+ 0xcd8: 0x22a9, 0xcd9: 0x22d9, 0xcda: 0x2309, 0xcdb: 0x2339, 0xcdc: 0x2369, 0xcdd: 0x2399,
+ 0xcde: 0x23c9, 0xcdf: 0x23f9, 0xce0: 0x0f41, 0xce1: 0x2421, 0xce2: 0x091d, 0xce3: 0x2439,
+ 0xce4: 0x1089, 0xce5: 0x2451, 0xce6: 0x093d, 0xce7: 0x2469, 0xce8: 0x2491, 0xce9: 0x0369,
+ 0xcea: 0x24a9, 0xceb: 0x095d, 0xcec: 0x0359, 0xced: 0x1159, 0xcee: 0x0ef9, 0xcef: 0x0f61,
+ 0xcf0: 0x0f41, 0xcf1: 0x2421, 0xcf2: 0x097d, 0xcf3: 0x2439, 0xcf4: 0x1089, 0xcf5: 0x2451,
+ 0xcf6: 0x099d, 0xcf7: 0x2469, 0xcf8: 0x2491, 0xcf9: 0x0369, 0xcfa: 0x24a9, 0xcfb: 0x09bd,
+ 0xcfc: 0x0359, 0xcfd: 0x1159, 0xcfe: 0x0ef9, 0xcff: 0x0f61,
+ // Block 0x34, offset 0xd00
+ 0xd00: 0x0018, 0xd01: 0x0018, 0xd02: 0x0018, 0xd03: 0x0018, 0xd04: 0x0018, 0xd05: 0x0018,
+ 0xd06: 0x0018, 0xd07: 0x0018, 0xd08: 0x0018, 0xd09: 0x0018, 0xd0a: 0x0018, 0xd0b: 0x0040,
+ 0xd0c: 0x0040, 0xd0d: 0x0040, 0xd0e: 0x0040, 0xd0f: 0x0040, 0xd10: 0x0040, 0xd11: 0x0040,
+ 0xd12: 0x0040, 0xd13: 0x0040, 0xd14: 0x0040, 0xd15: 0x0040, 0xd16: 0x0040, 0xd17: 0x0040,
+ 0xd18: 0x0040, 0xd19: 0x0040, 0xd1a: 0x0040, 0xd1b: 0x0040, 0xd1c: 0x0040, 0xd1d: 0x0040,
+ 0xd1e: 0x0040, 0xd1f: 0x0040, 0xd20: 0x00c9, 0xd21: 0x0069, 0xd22: 0x0079, 0xd23: 0x1f51,
+ 0xd24: 0x1f61, 0xd25: 0x1f71, 0xd26: 0x1f81, 0xd27: 0x1f91, 0xd28: 0x1fa1, 0xd29: 0x2601,
+ 0xd2a: 0x2619, 0xd2b: 0x2631, 0xd2c: 0x2649, 0xd2d: 0x2661, 0xd2e: 0x2679, 0xd2f: 0x2691,
+ 0xd30: 0x26a9, 0xd31: 0x26c1, 0xd32: 0x26d9, 0xd33: 0x26f1, 0xd34: 0x0a1e, 0xd35: 0x0a3e,
+ 0xd36: 0x0a5e, 0xd37: 0x0a7e, 0xd38: 0x0a9e, 0xd39: 0x0abe, 0xd3a: 0x0ade, 0xd3b: 0x0afe,
+ 0xd3c: 0x0b1e, 0xd3d: 0x270a, 0xd3e: 0x2732, 0xd3f: 0x275a,
+ // Block 0x35, offset 0xd40
+ 0xd40: 0x2782, 0xd41: 0x27aa, 0xd42: 0x27d2, 0xd43: 0x27fa, 0xd44: 0x2822, 0xd45: 0x284a,
+ 0xd46: 0x2872, 0xd47: 0x289a, 0xd48: 0x0040, 0xd49: 0x0040, 0xd4a: 0x0040, 0xd4b: 0x0040,
+ 0xd4c: 0x0040, 0xd4d: 0x0040, 0xd4e: 0x0040, 0xd4f: 0x0040, 0xd50: 0x0040, 0xd51: 0x0040,
+ 0xd52: 0x0040, 0xd53: 0x0040, 0xd54: 0x0040, 0xd55: 0x0040, 0xd56: 0x0040, 0xd57: 0x0040,
+ 0xd58: 0x0040, 0xd59: 0x0040, 0xd5a: 0x0040, 0xd5b: 0x0040, 0xd5c: 0x0b3e, 0xd5d: 0x0b5e,
+ 0xd5e: 0x0b7e, 0xd5f: 0x0b9e, 0xd60: 0x0bbe, 0xd61: 0x0bde, 0xd62: 0x0bfe, 0xd63: 0x0c1e,
+ 0xd64: 0x0c3e, 0xd65: 0x0c5e, 0xd66: 0x0c7e, 0xd67: 0x0c9e, 0xd68: 0x0cbe, 0xd69: 0x0cde,
+ 0xd6a: 0x0cfe, 0xd6b: 0x0d1e, 0xd6c: 0x0d3e, 0xd6d: 0x0d5e, 0xd6e: 0x0d7e, 0xd6f: 0x0d9e,
+ 0xd70: 0x0dbe, 0xd71: 0x0dde, 0xd72: 0x0dfe, 0xd73: 0x0e1e, 0xd74: 0x0e3e, 0xd75: 0x0e5e,
+ 0xd76: 0x0039, 0xd77: 0x0ee9, 0xd78: 0x1159, 0xd79: 0x0ef9, 0xd7a: 0x0f09, 0xd7b: 0x1199,
+ 0xd7c: 0x0f31, 0xd7d: 0x0249, 0xd7e: 0x0f41, 0xd7f: 0x0259,
+ // Block 0x36, offset 0xd80
+ 0xd80: 0x0f51, 0xd81: 0x0359, 0xd82: 0x0f61, 0xd83: 0x0f71, 0xd84: 0x00d9, 0xd85: 0x0f99,
+ 0xd86: 0x2039, 0xd87: 0x0269, 0xd88: 0x01d9, 0xd89: 0x0fa9, 0xd8a: 0x0fb9, 0xd8b: 0x1089,
+ 0xd8c: 0x0279, 0xd8d: 0x0369, 0xd8e: 0x0289, 0xd8f: 0x13d1, 0xd90: 0x0039, 0xd91: 0x0ee9,
+ 0xd92: 0x1159, 0xd93: 0x0ef9, 0xd94: 0x0f09, 0xd95: 0x1199, 0xd96: 0x0f31, 0xd97: 0x0249,
+ 0xd98: 0x0f41, 0xd99: 0x0259, 0xd9a: 0x0f51, 0xd9b: 0x0359, 0xd9c: 0x0f61, 0xd9d: 0x0f71,
+ 0xd9e: 0x00d9, 0xd9f: 0x0f99, 0xda0: 0x2039, 0xda1: 0x0269, 0xda2: 0x01d9, 0xda3: 0x0fa9,
+ 0xda4: 0x0fb9, 0xda5: 0x1089, 0xda6: 0x0279, 0xda7: 0x0369, 0xda8: 0x0289, 0xda9: 0x13d1,
+ 0xdaa: 0x1f41, 0xdab: 0x0018, 0xdac: 0x0018, 0xdad: 0x0018, 0xdae: 0x0018, 0xdaf: 0x0018,
+ 0xdb0: 0x0018, 0xdb1: 0x0018, 0xdb2: 0x0018, 0xdb3: 0x0018, 0xdb4: 0x0018, 0xdb5: 0x0018,
+ 0xdb6: 0x0018, 0xdb7: 0x0018, 0xdb8: 0x0018, 0xdb9: 0x0018, 0xdba: 0x0018, 0xdbb: 0x0018,
+ 0xdbc: 0x0018, 0xdbd: 0x0018, 0xdbe: 0x0018, 0xdbf: 0x0018,
+ // Block 0x37, offset 0xdc0
+ 0xdc0: 0x0008, 0xdc1: 0x0008, 0xdc2: 0x0008, 0xdc3: 0x0008, 0xdc4: 0x0008, 0xdc5: 0x0008,
+ 0xdc6: 0x0008, 0xdc7: 0x0008, 0xdc8: 0x0008, 0xdc9: 0x0008, 0xdca: 0x0008, 0xdcb: 0x0008,
+ 0xdcc: 0x0008, 0xdcd: 0x0008, 0xdce: 0x0008, 0xdcf: 0x0008, 0xdd0: 0x0008, 0xdd1: 0x0008,
+ 0xdd2: 0x0008, 0xdd3: 0x0008, 0xdd4: 0x0008, 0xdd5: 0x0008, 0xdd6: 0x0008, 0xdd7: 0x0008,
+ 0xdd8: 0x0008, 0xdd9: 0x0008, 0xdda: 0x0008, 0xddb: 0x0008, 0xddc: 0x0008, 0xddd: 0x0008,
+ 0xdde: 0x0008, 0xddf: 0x0040, 0xde0: 0xe00d, 0xde1: 0x0008, 0xde2: 0x2971, 0xde3: 0x0ed5,
+ 0xde4: 0x2989, 0xde5: 0x0008, 0xde6: 0x0008, 0xde7: 0xe07d, 0xde8: 0x0008, 0xde9: 0xe01d,
+ 0xdea: 0x0008, 0xdeb: 0xe03d, 0xdec: 0x0008, 0xded: 0x0fe1, 0xdee: 0x1281, 0xdef: 0x0fc9,
+ 0xdf0: 0x1141, 0xdf1: 0x0008, 0xdf2: 0xe00d, 0xdf3: 0x0008, 0xdf4: 0x0008, 0xdf5: 0xe01d,
+ 0xdf6: 0x0008, 0xdf7: 0x0008, 0xdf8: 0x0008, 0xdf9: 0x0008, 0xdfa: 0x0008, 0xdfb: 0x0008,
+ 0xdfc: 0x0259, 0xdfd: 0x1089, 0xdfe: 0x29a1, 0xdff: 0x29b9,
+ // Block 0x38, offset 0xe00
+ 0xe00: 0xe00d, 0xe01: 0x0008, 0xe02: 0xe00d, 0xe03: 0x0008, 0xe04: 0xe00d, 0xe05: 0x0008,
+ 0xe06: 0xe00d, 0xe07: 0x0008, 0xe08: 0xe00d, 0xe09: 0x0008, 0xe0a: 0xe00d, 0xe0b: 0x0008,
+ 0xe0c: 0xe00d, 0xe0d: 0x0008, 0xe0e: 0xe00d, 0xe0f: 0x0008, 0xe10: 0xe00d, 0xe11: 0x0008,
+ 0xe12: 0xe00d, 0xe13: 0x0008, 0xe14: 0xe00d, 0xe15: 0x0008, 0xe16: 0xe00d, 0xe17: 0x0008,
+ 0xe18: 0xe00d, 0xe19: 0x0008, 0xe1a: 0xe00d, 0xe1b: 0x0008, 0xe1c: 0xe00d, 0xe1d: 0x0008,
+ 0xe1e: 0xe00d, 0xe1f: 0x0008, 0xe20: 0xe00d, 0xe21: 0x0008, 0xe22: 0xe00d, 0xe23: 0x0008,
+ 0xe24: 0x0008, 0xe25: 0x0018, 0xe26: 0x0018, 0xe27: 0x0018, 0xe28: 0x0018, 0xe29: 0x0018,
+ 0xe2a: 0x0018, 0xe2b: 0xe03d, 0xe2c: 0x0008, 0xe2d: 0xe01d, 0xe2e: 0x0008, 0xe2f: 0x3308,
+ 0xe30: 0x3308, 0xe31: 0x3308, 0xe32: 0xe00d, 0xe33: 0x0008, 0xe34: 0x0040, 0xe35: 0x0040,
+ 0xe36: 0x0040, 0xe37: 0x0040, 0xe38: 0x0040, 0xe39: 0x0018, 0xe3a: 0x0018, 0xe3b: 0x0018,
+ 0xe3c: 0x0018, 0xe3d: 0x0018, 0xe3e: 0x0018, 0xe3f: 0x0018,
+ // Block 0x39, offset 0xe40
+ 0xe40: 0x2715, 0xe41: 0x2735, 0xe42: 0x2755, 0xe43: 0x2775, 0xe44: 0x2795, 0xe45: 0x27b5,
+ 0xe46: 0x27d5, 0xe47: 0x27f5, 0xe48: 0x2815, 0xe49: 0x2835, 0xe4a: 0x2855, 0xe4b: 0x2875,
+ 0xe4c: 0x2895, 0xe4d: 0x28b5, 0xe4e: 0x28d5, 0xe4f: 0x28f5, 0xe50: 0x2915, 0xe51: 0x2935,
+ 0xe52: 0x2955, 0xe53: 0x2975, 0xe54: 0x2995, 0xe55: 0x29b5, 0xe56: 0x0040, 0xe57: 0x0040,
+ 0xe58: 0x0040, 0xe59: 0x0040, 0xe5a: 0x0040, 0xe5b: 0x0040, 0xe5c: 0x0040, 0xe5d: 0x0040,
+ 0xe5e: 0x0040, 0xe5f: 0x0040, 0xe60: 0x0040, 0xe61: 0x0040, 0xe62: 0x0040, 0xe63: 0x0040,
+ 0xe64: 0x0040, 0xe65: 0x0040, 0xe66: 0x0040, 0xe67: 0x0040, 0xe68: 0x0040, 0xe69: 0x0040,
+ 0xe6a: 0x0040, 0xe6b: 0x0040, 0xe6c: 0x0040, 0xe6d: 0x0040, 0xe6e: 0x0040, 0xe6f: 0x0040,
+ 0xe70: 0x0040, 0xe71: 0x0040, 0xe72: 0x0040, 0xe73: 0x0040, 0xe74: 0x0040, 0xe75: 0x0040,
+ 0xe76: 0x0040, 0xe77: 0x0040, 0xe78: 0x0040, 0xe79: 0x0040, 0xe7a: 0x0040, 0xe7b: 0x0040,
+ 0xe7c: 0x0040, 0xe7d: 0x0040, 0xe7e: 0x0040, 0xe7f: 0x0040,
+ // Block 0x3a, offset 0xe80
+ 0xe80: 0x000a, 0xe81: 0x0018, 0xe82: 0x29d1, 0xe83: 0x0018, 0xe84: 0x0018, 0xe85: 0x0008,
+ 0xe86: 0x0008, 0xe87: 0x0008, 0xe88: 0x0018, 0xe89: 0x0018, 0xe8a: 0x0018, 0xe8b: 0x0018,
+ 0xe8c: 0x0018, 0xe8d: 0x0018, 0xe8e: 0x0018, 0xe8f: 0x0018, 0xe90: 0x0018, 0xe91: 0x0018,
+ 0xe92: 0x0018, 0xe93: 0x0018, 0xe94: 0x0018, 0xe95: 0x0018, 0xe96: 0x0018, 0xe97: 0x0018,
+ 0xe98: 0x0018, 0xe99: 0x0018, 0xe9a: 0x0018, 0xe9b: 0x0018, 0xe9c: 0x0018, 0xe9d: 0x0018,
+ 0xe9e: 0x0018, 0xe9f: 0x0018, 0xea0: 0x0018, 0xea1: 0x0018, 0xea2: 0x0018, 0xea3: 0x0018,
+ 0xea4: 0x0018, 0xea5: 0x0018, 0xea6: 0x0018, 0xea7: 0x0018, 0xea8: 0x0018, 0xea9: 0x0018,
+ 0xeaa: 0x3308, 0xeab: 0x3308, 0xeac: 0x3308, 0xead: 0x3308, 0xeae: 0x3018, 0xeaf: 0x3018,
+ 0xeb0: 0x0018, 0xeb1: 0x0018, 0xeb2: 0x0018, 0xeb3: 0x0018, 0xeb4: 0x0018, 0xeb5: 0x0018,
+ 0xeb6: 0xe125, 0xeb7: 0x0018, 0xeb8: 0x29d5, 0xeb9: 0x29f5, 0xeba: 0x2a15, 0xebb: 0x0018,
+ 0xebc: 0x0008, 0xebd: 0x0018, 0xebe: 0x0018, 0xebf: 0x0018,
+ // Block 0x3b, offset 0xec0
+ 0xec0: 0x2b55, 0xec1: 0x2b75, 0xec2: 0x2b95, 0xec3: 0x2bb5, 0xec4: 0x2bd5, 0xec5: 0x2bf5,
+ 0xec6: 0x2bf5, 0xec7: 0x2bf5, 0xec8: 0x2c15, 0xec9: 0x2c15, 0xeca: 0x2c15, 0xecb: 0x2c15,
+ 0xecc: 0x2c35, 0xecd: 0x2c35, 0xece: 0x2c35, 0xecf: 0x2c55, 0xed0: 0x2c75, 0xed1: 0x2c75,
+ 0xed2: 0x2a95, 0xed3: 0x2a95, 0xed4: 0x2c75, 0xed5: 0x2c75, 0xed6: 0x2c95, 0xed7: 0x2c95,
+ 0xed8: 0x2c75, 0xed9: 0x2c75, 0xeda: 0x2a95, 0xedb: 0x2a95, 0xedc: 0x2c75, 0xedd: 0x2c75,
+ 0xede: 0x2c55, 0xedf: 0x2c55, 0xee0: 0x2cb5, 0xee1: 0x2cb5, 0xee2: 0x2cd5, 0xee3: 0x2cd5,
+ 0xee4: 0x0040, 0xee5: 0x2cf5, 0xee6: 0x2d15, 0xee7: 0x2d35, 0xee8: 0x2d35, 0xee9: 0x2d55,
+ 0xeea: 0x2d75, 0xeeb: 0x2d95, 0xeec: 0x2db5, 0xeed: 0x2dd5, 0xeee: 0x2df5, 0xeef: 0x2e15,
+ 0xef0: 0x2e35, 0xef1: 0x2e55, 0xef2: 0x2e55, 0xef3: 0x2e75, 0xef4: 0x2e95, 0xef5: 0x2e95,
+ 0xef6: 0x2eb5, 0xef7: 0x2ed5, 0xef8: 0x2e75, 0xef9: 0x2ef5, 0xefa: 0x2f15, 0xefb: 0x2ef5,
+ 0xefc: 0x2e75, 0xefd: 0x2f35, 0xefe: 0x2f55, 0xeff: 0x2f75,
+ // Block 0x3c, offset 0xf00
+ 0xf00: 0x2f95, 0xf01: 0x2fb5, 0xf02: 0x2d15, 0xf03: 0x2cf5, 0xf04: 0x2fd5, 0xf05: 0x2ff5,
+ 0xf06: 0x3015, 0xf07: 0x3035, 0xf08: 0x3055, 0xf09: 0x3075, 0xf0a: 0x3095, 0xf0b: 0x30b5,
+ 0xf0c: 0x30d5, 0xf0d: 0x30f5, 0xf0e: 0x3115, 0xf0f: 0x0040, 0xf10: 0x0018, 0xf11: 0x0018,
+ 0xf12: 0x3135, 0xf13: 0x3155, 0xf14: 0x3175, 0xf15: 0x3195, 0xf16: 0x31b5, 0xf17: 0x31d5,
+ 0xf18: 0x31f5, 0xf19: 0x3215, 0xf1a: 0x3235, 0xf1b: 0x3255, 0xf1c: 0x3175, 0xf1d: 0x3275,
+ 0xf1e: 0x3295, 0xf1f: 0x32b5, 0xf20: 0x0008, 0xf21: 0x0008, 0xf22: 0x0008, 0xf23: 0x0008,
+ 0xf24: 0x0008, 0xf25: 0x0008, 0xf26: 0x0008, 0xf27: 0x0008, 0xf28: 0x0008, 0xf29: 0x0008,
+ 0xf2a: 0x0008, 0xf2b: 0x0008, 0xf2c: 0x0008, 0xf2d: 0x0008, 0xf2e: 0x0008, 0xf2f: 0x0008,
+ 0xf30: 0x0008, 0xf31: 0x0008, 0xf32: 0x0008, 0xf33: 0x0008, 0xf34: 0x0008, 0xf35: 0x0008,
+ 0xf36: 0x0008, 0xf37: 0x0008, 0xf38: 0x0008, 0xf39: 0x0008, 0xf3a: 0x0008, 0xf3b: 0x0008,
+ 0xf3c: 0x0008, 0xf3d: 0x0008, 0xf3e: 0x0008, 0xf3f: 0x0008,
+ // Block 0x3d, offset 0xf40
+ 0xf40: 0x36a2, 0xf41: 0x36d2, 0xf42: 0x3702, 0xf43: 0x3732, 0xf44: 0x32d5, 0xf45: 0x32f5,
+ 0xf46: 0x3315, 0xf47: 0x3335, 0xf48: 0x0018, 0xf49: 0x0018, 0xf4a: 0x0018, 0xf4b: 0x0018,
+ 0xf4c: 0x0018, 0xf4d: 0x0018, 0xf4e: 0x0018, 0xf4f: 0x0018, 0xf50: 0x3355, 0xf51: 0x3761,
+ 0xf52: 0x3779, 0xf53: 0x3791, 0xf54: 0x37a9, 0xf55: 0x37c1, 0xf56: 0x37d9, 0xf57: 0x37f1,
+ 0xf58: 0x3809, 0xf59: 0x3821, 0xf5a: 0x3839, 0xf5b: 0x3851, 0xf5c: 0x3869, 0xf5d: 0x3881,
+ 0xf5e: 0x3899, 0xf5f: 0x38b1, 0xf60: 0x3375, 0xf61: 0x3395, 0xf62: 0x33b5, 0xf63: 0x33d5,
+ 0xf64: 0x33f5, 0xf65: 0x33f5, 0xf66: 0x3415, 0xf67: 0x3435, 0xf68: 0x3455, 0xf69: 0x3475,
+ 0xf6a: 0x3495, 0xf6b: 0x34b5, 0xf6c: 0x34d5, 0xf6d: 0x34f5, 0xf6e: 0x3515, 0xf6f: 0x3535,
+ 0xf70: 0x3555, 0xf71: 0x3575, 0xf72: 0x3595, 0xf73: 0x35b5, 0xf74: 0x35d5, 0xf75: 0x35f5,
+ 0xf76: 0x3615, 0xf77: 0x3635, 0xf78: 0x3655, 0xf79: 0x3675, 0xf7a: 0x3695, 0xf7b: 0x36b5,
+ 0xf7c: 0x38c9, 0xf7d: 0x3901, 0xf7e: 0x36d5, 0xf7f: 0x0018,
+ // Block 0x3e, offset 0xf80
+ 0xf80: 0x36f5, 0xf81: 0x3715, 0xf82: 0x3735, 0xf83: 0x3755, 0xf84: 0x3775, 0xf85: 0x3795,
+ 0xf86: 0x37b5, 0xf87: 0x37d5, 0xf88: 0x37f5, 0xf89: 0x3815, 0xf8a: 0x3835, 0xf8b: 0x3855,
+ 0xf8c: 0x3875, 0xf8d: 0x3895, 0xf8e: 0x38b5, 0xf8f: 0x38d5, 0xf90: 0x38f5, 0xf91: 0x3915,
+ 0xf92: 0x3935, 0xf93: 0x3955, 0xf94: 0x3975, 0xf95: 0x3995, 0xf96: 0x39b5, 0xf97: 0x39d5,
+ 0xf98: 0x39f5, 0xf99: 0x3a15, 0xf9a: 0x3a35, 0xf9b: 0x3a55, 0xf9c: 0x3a75, 0xf9d: 0x3a95,
+ 0xf9e: 0x3ab5, 0xf9f: 0x3ad5, 0xfa0: 0x3af5, 0xfa1: 0x3b15, 0xfa2: 0x3b35, 0xfa3: 0x3b55,
+ 0xfa4: 0x3b75, 0xfa5: 0x3b95, 0xfa6: 0x1295, 0xfa7: 0x3bb5, 0xfa8: 0x3bd5, 0xfa9: 0x3bf5,
+ 0xfaa: 0x3c15, 0xfab: 0x3c35, 0xfac: 0x3c55, 0xfad: 0x3c75, 0xfae: 0x23b5, 0xfaf: 0x3c95,
+ 0xfb0: 0x3cb5, 0xfb1: 0x3939, 0xfb2: 0x3951, 0xfb3: 0x3969, 0xfb4: 0x3981, 0xfb5: 0x3999,
+ 0xfb6: 0x39b1, 0xfb7: 0x39c9, 0xfb8: 0x39e1, 0xfb9: 0x39f9, 0xfba: 0x3a11, 0xfbb: 0x3a29,
+ 0xfbc: 0x3a41, 0xfbd: 0x3a59, 0xfbe: 0x3a71, 0xfbf: 0x3a89,
+ // Block 0x3f, offset 0xfc0
+ 0xfc0: 0x3aa1, 0xfc1: 0x3ac9, 0xfc2: 0x3af1, 0xfc3: 0x3b19, 0xfc4: 0x3b41, 0xfc5: 0x3b69,
+ 0xfc6: 0x3b91, 0xfc7: 0x3bb9, 0xfc8: 0x3be1, 0xfc9: 0x3c09, 0xfca: 0x3c39, 0xfcb: 0x3c69,
+ 0xfcc: 0x3c99, 0xfcd: 0x3cd5, 0xfce: 0x3cb1, 0xfcf: 0x3cf5, 0xfd0: 0x3d15, 0xfd1: 0x3d2d,
+ 0xfd2: 0x3d45, 0xfd3: 0x3d5d, 0xfd4: 0x3d75, 0xfd5: 0x3d75, 0xfd6: 0x3d5d, 0xfd7: 0x3d8d,
+ 0xfd8: 0x07d5, 0xfd9: 0x3da5, 0xfda: 0x3dbd, 0xfdb: 0x3dd5, 0xfdc: 0x3ded, 0xfdd: 0x3e05,
+ 0xfde: 0x3e1d, 0xfdf: 0x3e35, 0xfe0: 0x3e4d, 0xfe1: 0x3e65, 0xfe2: 0x3e7d, 0xfe3: 0x3e95,
+ 0xfe4: 0x3ead, 0xfe5: 0x3ead, 0xfe6: 0x3ec5, 0xfe7: 0x3ec5, 0xfe8: 0x3edd, 0xfe9: 0x3edd,
+ 0xfea: 0x3ef5, 0xfeb: 0x3f0d, 0xfec: 0x3f25, 0xfed: 0x3f3d, 0xfee: 0x3f55, 0xfef: 0x3f55,
+ 0xff0: 0x3f6d, 0xff1: 0x3f6d, 0xff2: 0x3f6d, 0xff3: 0x3f85, 0xff4: 0x3f9d, 0xff5: 0x3fb5,
+ 0xff6: 0x3fcd, 0xff7: 0x3fb5, 0xff8: 0x3fe5, 0xff9: 0x3ffd, 0xffa: 0x3f85, 0xffb: 0x4015,
+ 0xffc: 0x402d, 0xffd: 0x402d, 0xffe: 0x402d, 0xfff: 0x3cc9,
+ // Block 0x40, offset 0x1000
+ 0x1000: 0x3d01, 0x1001: 0x3d69, 0x1002: 0x3dd1, 0x1003: 0x3e39, 0x1004: 0x3e89, 0x1005: 0x3ef1,
+ 0x1006: 0x3f41, 0x1007: 0x3f91, 0x1008: 0x4011, 0x1009: 0x4079, 0x100a: 0x40c9, 0x100b: 0x4119,
+ 0x100c: 0x4169, 0x100d: 0x41d1, 0x100e: 0x4239, 0x100f: 0x4289, 0x1010: 0x42d9, 0x1011: 0x4311,
+ 0x1012: 0x4361, 0x1013: 0x43c9, 0x1014: 0x4431, 0x1015: 0x4469, 0x1016: 0x44e9, 0x1017: 0x4581,
+ 0x1018: 0x4601, 0x1019: 0x4651, 0x101a: 0x46d1, 0x101b: 0x4751, 0x101c: 0x47b9, 0x101d: 0x4809,
+ 0x101e: 0x4859, 0x101f: 0x48a9, 0x1020: 0x4911, 0x1021: 0x4991, 0x1022: 0x49f9, 0x1023: 0x4a49,
+ 0x1024: 0x4a99, 0x1025: 0x4ae9, 0x1026: 0x4b21, 0x1027: 0x4b59, 0x1028: 0x4b91, 0x1029: 0x4bc9,
+ 0x102a: 0x4c19, 0x102b: 0x4c69, 0x102c: 0x4ce9, 0x102d: 0x4d39, 0x102e: 0x4da1, 0x102f: 0x4e21,
+ 0x1030: 0x4e71, 0x1031: 0x4ea9, 0x1032: 0x4ee1, 0x1033: 0x4f61, 0x1034: 0x4fc9, 0x1035: 0x5049,
+ 0x1036: 0x5099, 0x1037: 0x5119, 0x1038: 0x5151, 0x1039: 0x51a1, 0x103a: 0x51f1, 0x103b: 0x5241,
+ 0x103c: 0x5291, 0x103d: 0x52e1, 0x103e: 0x5349, 0x103f: 0x5399,
+ // Block 0x41, offset 0x1040
+ 0x1040: 0x53d1, 0x1041: 0x5421, 0x1042: 0x5471, 0x1043: 0x54c1, 0x1044: 0x5529, 0x1045: 0x5579,
+ 0x1046: 0x55c9, 0x1047: 0x5619, 0x1048: 0x5699, 0x1049: 0x5701, 0x104a: 0x5739, 0x104b: 0x57b9,
+ 0x104c: 0x57f1, 0x104d: 0x5859, 0x104e: 0x58c1, 0x104f: 0x5911, 0x1050: 0x5961, 0x1051: 0x59b1,
+ 0x1052: 0x5a19, 0x1053: 0x5a51, 0x1054: 0x5aa1, 0x1055: 0x5b09, 0x1056: 0x5b41, 0x1057: 0x5bc1,
+ 0x1058: 0x5c11, 0x1059: 0x5c39, 0x105a: 0x5c61, 0x105b: 0x5c89, 0x105c: 0x5cb1, 0x105d: 0x5cd9,
+ 0x105e: 0x5d01, 0x105f: 0x5d29, 0x1060: 0x5d51, 0x1061: 0x5d79, 0x1062: 0x5da1, 0x1063: 0x5dd1,
+ 0x1064: 0x5e01, 0x1065: 0x5e31, 0x1066: 0x5e61, 0x1067: 0x5e91, 0x1068: 0x5ec1, 0x1069: 0x5ef1,
+ 0x106a: 0x5f21, 0x106b: 0x5f51, 0x106c: 0x5f81, 0x106d: 0x5fb1, 0x106e: 0x5fe1, 0x106f: 0x6011,
+ 0x1070: 0x6041, 0x1071: 0x4045, 0x1072: 0x6071, 0x1073: 0x6089, 0x1074: 0x4065, 0x1075: 0x60a1,
+ 0x1076: 0x60b9, 0x1077: 0x60d1, 0x1078: 0x4085, 0x1079: 0x4085, 0x107a: 0x60e9, 0x107b: 0x6101,
+ 0x107c: 0x6139, 0x107d: 0x6171, 0x107e: 0x61a9, 0x107f: 0x61e1,
+ // Block 0x42, offset 0x1080
+ 0x1080: 0x6249, 0x1081: 0x6261, 0x1082: 0x40a5, 0x1083: 0x6279, 0x1084: 0x6291, 0x1085: 0x62a9,
+ 0x1086: 0x62c1, 0x1087: 0x62d9, 0x1088: 0x40c5, 0x1089: 0x62f1, 0x108a: 0x6319, 0x108b: 0x6331,
+ 0x108c: 0x40e5, 0x108d: 0x40e5, 0x108e: 0x6349, 0x108f: 0x6361, 0x1090: 0x6379, 0x1091: 0x4105,
+ 0x1092: 0x4125, 0x1093: 0x4145, 0x1094: 0x4165, 0x1095: 0x4185, 0x1096: 0x6391, 0x1097: 0x63a9,
+ 0x1098: 0x63c1, 0x1099: 0x63d9, 0x109a: 0x63f1, 0x109b: 0x41a5, 0x109c: 0x6409, 0x109d: 0x6421,
+ 0x109e: 0x6439, 0x109f: 0x41c5, 0x10a0: 0x41e5, 0x10a1: 0x6451, 0x10a2: 0x4205, 0x10a3: 0x4225,
+ 0x10a4: 0x4245, 0x10a5: 0x6469, 0x10a6: 0x4265, 0x10a7: 0x6481, 0x10a8: 0x64b1, 0x10a9: 0x6249,
+ 0x10aa: 0x4285, 0x10ab: 0x42a5, 0x10ac: 0x42c5, 0x10ad: 0x42e5, 0x10ae: 0x64e9, 0x10af: 0x6529,
+ 0x10b0: 0x6571, 0x10b1: 0x6589, 0x10b2: 0x4305, 0x10b3: 0x65a1, 0x10b4: 0x65b9, 0x10b5: 0x65d1,
+ 0x10b6: 0x4325, 0x10b7: 0x65e9, 0x10b8: 0x6601, 0x10b9: 0x65e9, 0x10ba: 0x6619, 0x10bb: 0x6631,
+ 0x10bc: 0x4345, 0x10bd: 0x6649, 0x10be: 0x6661, 0x10bf: 0x6649,
+ // Block 0x43, offset 0x10c0
+ 0x10c0: 0x4365, 0x10c1: 0x4385, 0x10c2: 0x0040, 0x10c3: 0x6679, 0x10c4: 0x6691, 0x10c5: 0x66a9,
+ 0x10c6: 0x66c1, 0x10c7: 0x0040, 0x10c8: 0x66f9, 0x10c9: 0x6711, 0x10ca: 0x6729, 0x10cb: 0x6741,
+ 0x10cc: 0x6759, 0x10cd: 0x6771, 0x10ce: 0x6439, 0x10cf: 0x6789, 0x10d0: 0x67a1, 0x10d1: 0x67b9,
+ 0x10d2: 0x43a5, 0x10d3: 0x67d1, 0x10d4: 0x62c1, 0x10d5: 0x43c5, 0x10d6: 0x43e5, 0x10d7: 0x67e9,
+ 0x10d8: 0x0040, 0x10d9: 0x4405, 0x10da: 0x6801, 0x10db: 0x6819, 0x10dc: 0x6831, 0x10dd: 0x6849,
+ 0x10de: 0x6861, 0x10df: 0x6891, 0x10e0: 0x68c1, 0x10e1: 0x68e9, 0x10e2: 0x6911, 0x10e3: 0x6939,
+ 0x10e4: 0x6961, 0x10e5: 0x6989, 0x10e6: 0x69b1, 0x10e7: 0x69d9, 0x10e8: 0x6a01, 0x10e9: 0x6a29,
+ 0x10ea: 0x6a59, 0x10eb: 0x6a89, 0x10ec: 0x6ab9, 0x10ed: 0x6ae9, 0x10ee: 0x6b19, 0x10ef: 0x6b49,
+ 0x10f0: 0x6b79, 0x10f1: 0x6ba9, 0x10f2: 0x6bd9, 0x10f3: 0x6c09, 0x10f4: 0x6c39, 0x10f5: 0x6c69,
+ 0x10f6: 0x6c99, 0x10f7: 0x6cc9, 0x10f8: 0x6cf9, 0x10f9: 0x6d29, 0x10fa: 0x6d59, 0x10fb: 0x6d89,
+ 0x10fc: 0x6db9, 0x10fd: 0x6de9, 0x10fe: 0x6e19, 0x10ff: 0x4425,
+ // Block 0x44, offset 0x1100
+ 0x1100: 0xe00d, 0x1101: 0x0008, 0x1102: 0xe00d, 0x1103: 0x0008, 0x1104: 0xe00d, 0x1105: 0x0008,
+ 0x1106: 0xe00d, 0x1107: 0x0008, 0x1108: 0xe00d, 0x1109: 0x0008, 0x110a: 0xe00d, 0x110b: 0x0008,
+ 0x110c: 0xe00d, 0x110d: 0x0008, 0x110e: 0xe00d, 0x110f: 0x0008, 0x1110: 0xe00d, 0x1111: 0x0008,
+ 0x1112: 0xe00d, 0x1113: 0x0008, 0x1114: 0xe00d, 0x1115: 0x0008, 0x1116: 0xe00d, 0x1117: 0x0008,
+ 0x1118: 0xe00d, 0x1119: 0x0008, 0x111a: 0xe00d, 0x111b: 0x0008, 0x111c: 0xe00d, 0x111d: 0x0008,
+ 0x111e: 0xe00d, 0x111f: 0x0008, 0x1120: 0xe00d, 0x1121: 0x0008, 0x1122: 0xe00d, 0x1123: 0x0008,
+ 0x1124: 0xe00d, 0x1125: 0x0008, 0x1126: 0xe00d, 0x1127: 0x0008, 0x1128: 0xe00d, 0x1129: 0x0008,
+ 0x112a: 0xe00d, 0x112b: 0x0008, 0x112c: 0xe00d, 0x112d: 0x0008, 0x112e: 0x0008, 0x112f: 0x3308,
+ 0x1130: 0x3318, 0x1131: 0x3318, 0x1132: 0x3318, 0x1133: 0x0018, 0x1134: 0x3308, 0x1135: 0x3308,
+ 0x1136: 0x3308, 0x1137: 0x3308, 0x1138: 0x3308, 0x1139: 0x3308, 0x113a: 0x3308, 0x113b: 0x3308,
+ 0x113c: 0x3308, 0x113d: 0x3308, 0x113e: 0x0018, 0x113f: 0x0008,
+ // Block 0x45, offset 0x1140
+ 0x1140: 0xe00d, 0x1141: 0x0008, 0x1142: 0xe00d, 0x1143: 0x0008, 0x1144: 0xe00d, 0x1145: 0x0008,
+ 0x1146: 0xe00d, 0x1147: 0x0008, 0x1148: 0xe00d, 0x1149: 0x0008, 0x114a: 0xe00d, 0x114b: 0x0008,
+ 0x114c: 0xe00d, 0x114d: 0x0008, 0x114e: 0xe00d, 0x114f: 0x0008, 0x1150: 0xe00d, 0x1151: 0x0008,
+ 0x1152: 0xe00d, 0x1153: 0x0008, 0x1154: 0xe00d, 0x1155: 0x0008, 0x1156: 0xe00d, 0x1157: 0x0008,
+ 0x1158: 0xe00d, 0x1159: 0x0008, 0x115a: 0xe00d, 0x115b: 0x0008, 0x115c: 0x0ea1, 0x115d: 0x6e49,
+ 0x115e: 0x3308, 0x115f: 0x3308, 0x1160: 0x0008, 0x1161: 0x0008, 0x1162: 0x0008, 0x1163: 0x0008,
+ 0x1164: 0x0008, 0x1165: 0x0008, 0x1166: 0x0008, 0x1167: 0x0008, 0x1168: 0x0008, 0x1169: 0x0008,
+ 0x116a: 0x0008, 0x116b: 0x0008, 0x116c: 0x0008, 0x116d: 0x0008, 0x116e: 0x0008, 0x116f: 0x0008,
+ 0x1170: 0x0008, 0x1171: 0x0008, 0x1172: 0x0008, 0x1173: 0x0008, 0x1174: 0x0008, 0x1175: 0x0008,
+ 0x1176: 0x0008, 0x1177: 0x0008, 0x1178: 0x0008, 0x1179: 0x0008, 0x117a: 0x0008, 0x117b: 0x0008,
+ 0x117c: 0x0008, 0x117d: 0x0008, 0x117e: 0x0008, 0x117f: 0x0008,
+ // Block 0x46, offset 0x1180
+ 0x1180: 0x0018, 0x1181: 0x0018, 0x1182: 0x0018, 0x1183: 0x0018, 0x1184: 0x0018, 0x1185: 0x0018,
+ 0x1186: 0x0018, 0x1187: 0x0018, 0x1188: 0x0018, 0x1189: 0x0018, 0x118a: 0x0018, 0x118b: 0x0018,
+ 0x118c: 0x0018, 0x118d: 0x0018, 0x118e: 0x0018, 0x118f: 0x0018, 0x1190: 0x0018, 0x1191: 0x0018,
+ 0x1192: 0x0018, 0x1193: 0x0018, 0x1194: 0x0018, 0x1195: 0x0018, 0x1196: 0x0018, 0x1197: 0x0008,
+ 0x1198: 0x0008, 0x1199: 0x0008, 0x119a: 0x0008, 0x119b: 0x0008, 0x119c: 0x0008, 0x119d: 0x0008,
+ 0x119e: 0x0008, 0x119f: 0x0008, 0x11a0: 0x0018, 0x11a1: 0x0018, 0x11a2: 0xe00d, 0x11a3: 0x0008,
+ 0x11a4: 0xe00d, 0x11a5: 0x0008, 0x11a6: 0xe00d, 0x11a7: 0x0008, 0x11a8: 0xe00d, 0x11a9: 0x0008,
+ 0x11aa: 0xe00d, 0x11ab: 0x0008, 0x11ac: 0xe00d, 0x11ad: 0x0008, 0x11ae: 0xe00d, 0x11af: 0x0008,
+ 0x11b0: 0x0008, 0x11b1: 0x0008, 0x11b2: 0xe00d, 0x11b3: 0x0008, 0x11b4: 0xe00d, 0x11b5: 0x0008,
+ 0x11b6: 0xe00d, 0x11b7: 0x0008, 0x11b8: 0xe00d, 0x11b9: 0x0008, 0x11ba: 0xe00d, 0x11bb: 0x0008,
+ 0x11bc: 0xe00d, 0x11bd: 0x0008, 0x11be: 0xe00d, 0x11bf: 0x0008,
+ // Block 0x47, offset 0x11c0
+ 0x11c0: 0xe00d, 0x11c1: 0x0008, 0x11c2: 0xe00d, 0x11c3: 0x0008, 0x11c4: 0xe00d, 0x11c5: 0x0008,
+ 0x11c6: 0xe00d, 0x11c7: 0x0008, 0x11c8: 0xe00d, 0x11c9: 0x0008, 0x11ca: 0xe00d, 0x11cb: 0x0008,
+ 0x11cc: 0xe00d, 0x11cd: 0x0008, 0x11ce: 0xe00d, 0x11cf: 0x0008, 0x11d0: 0xe00d, 0x11d1: 0x0008,
+ 0x11d2: 0xe00d, 0x11d3: 0x0008, 0x11d4: 0xe00d, 0x11d5: 0x0008, 0x11d6: 0xe00d, 0x11d7: 0x0008,
+ 0x11d8: 0xe00d, 0x11d9: 0x0008, 0x11da: 0xe00d, 0x11db: 0x0008, 0x11dc: 0xe00d, 0x11dd: 0x0008,
+ 0x11de: 0xe00d, 0x11df: 0x0008, 0x11e0: 0xe00d, 0x11e1: 0x0008, 0x11e2: 0xe00d, 0x11e3: 0x0008,
+ 0x11e4: 0xe00d, 0x11e5: 0x0008, 0x11e6: 0xe00d, 0x11e7: 0x0008, 0x11e8: 0xe00d, 0x11e9: 0x0008,
+ 0x11ea: 0xe00d, 0x11eb: 0x0008, 0x11ec: 0xe00d, 0x11ed: 0x0008, 0x11ee: 0xe00d, 0x11ef: 0x0008,
+ 0x11f0: 0xe0fd, 0x11f1: 0x0008, 0x11f2: 0x0008, 0x11f3: 0x0008, 0x11f4: 0x0008, 0x11f5: 0x0008,
+ 0x11f6: 0x0008, 0x11f7: 0x0008, 0x11f8: 0x0008, 0x11f9: 0xe01d, 0x11fa: 0x0008, 0x11fb: 0xe03d,
+ 0x11fc: 0x0008, 0x11fd: 0x4445, 0x11fe: 0xe00d, 0x11ff: 0x0008,
+ // Block 0x48, offset 0x1200
+ 0x1200: 0xe00d, 0x1201: 0x0008, 0x1202: 0xe00d, 0x1203: 0x0008, 0x1204: 0xe00d, 0x1205: 0x0008,
+ 0x1206: 0xe00d, 0x1207: 0x0008, 0x1208: 0x0008, 0x1209: 0x0018, 0x120a: 0x0018, 0x120b: 0xe03d,
+ 0x120c: 0x0008, 0x120d: 0x11d9, 0x120e: 0x0008, 0x120f: 0x0008, 0x1210: 0xe00d, 0x1211: 0x0008,
+ 0x1212: 0xe00d, 0x1213: 0x0008, 0x1214: 0x0008, 0x1215: 0x0008, 0x1216: 0xe00d, 0x1217: 0x0008,
+ 0x1218: 0xe00d, 0x1219: 0x0008, 0x121a: 0xe00d, 0x121b: 0x0008, 0x121c: 0xe00d, 0x121d: 0x0008,
+ 0x121e: 0xe00d, 0x121f: 0x0008, 0x1220: 0xe00d, 0x1221: 0x0008, 0x1222: 0xe00d, 0x1223: 0x0008,
+ 0x1224: 0xe00d, 0x1225: 0x0008, 0x1226: 0xe00d, 0x1227: 0x0008, 0x1228: 0xe00d, 0x1229: 0x0008,
+ 0x122a: 0x6e61, 0x122b: 0x1029, 0x122c: 0x11c1, 0x122d: 0x6e79, 0x122e: 0x1221, 0x122f: 0x0008,
+ 0x1230: 0x6e91, 0x1231: 0x6ea9, 0x1232: 0x1239, 0x1233: 0x4465, 0x1234: 0xe00d, 0x1235: 0x0008,
+ 0x1236: 0xe00d, 0x1237: 0x0008, 0x1238: 0xe00d, 0x1239: 0x0008, 0x123a: 0xe00d, 0x123b: 0x0008,
+ 0x123c: 0xe00d, 0x123d: 0x0008, 0x123e: 0xe00d, 0x123f: 0x0008,
+ // Block 0x49, offset 0x1240
+ 0x1240: 0x650d, 0x1241: 0x652d, 0x1242: 0x654d, 0x1243: 0x656d, 0x1244: 0x658d, 0x1245: 0x65ad,
+ 0x1246: 0x65cd, 0x1247: 0x65ed, 0x1248: 0x660d, 0x1249: 0x662d, 0x124a: 0x664d, 0x124b: 0x666d,
+ 0x124c: 0x668d, 0x124d: 0x66ad, 0x124e: 0x0008, 0x124f: 0x0008, 0x1250: 0x66cd, 0x1251: 0x0008,
+ 0x1252: 0x66ed, 0x1253: 0x0008, 0x1254: 0x0008, 0x1255: 0x670d, 0x1256: 0x672d, 0x1257: 0x674d,
+ 0x1258: 0x676d, 0x1259: 0x678d, 0x125a: 0x67ad, 0x125b: 0x67cd, 0x125c: 0x67ed, 0x125d: 0x680d,
+ 0x125e: 0x682d, 0x125f: 0x0008, 0x1260: 0x684d, 0x1261: 0x0008, 0x1262: 0x686d, 0x1263: 0x0008,
+ 0x1264: 0x0008, 0x1265: 0x688d, 0x1266: 0x68ad, 0x1267: 0x0008, 0x1268: 0x0008, 0x1269: 0x0008,
+ 0x126a: 0x68cd, 0x126b: 0x68ed, 0x126c: 0x690d, 0x126d: 0x692d, 0x126e: 0x694d, 0x126f: 0x696d,
+ 0x1270: 0x698d, 0x1271: 0x69ad, 0x1272: 0x69cd, 0x1273: 0x69ed, 0x1274: 0x6a0d, 0x1275: 0x6a2d,
+ 0x1276: 0x6a4d, 0x1277: 0x6a6d, 0x1278: 0x6a8d, 0x1279: 0x6aad, 0x127a: 0x6acd, 0x127b: 0x6aed,
+ 0x127c: 0x6b0d, 0x127d: 0x6b2d, 0x127e: 0x6b4d, 0x127f: 0x6b6d,
+ // Block 0x4a, offset 0x1280
+ 0x1280: 0x7acd, 0x1281: 0x7aed, 0x1282: 0x7b0d, 0x1283: 0x7b2d, 0x1284: 0x7b4d, 0x1285: 0x7b6d,
+ 0x1286: 0x7b8d, 0x1287: 0x7bad, 0x1288: 0x7bcd, 0x1289: 0x7bed, 0x128a: 0x7c0d, 0x128b: 0x7c2d,
+ 0x128c: 0x7c4d, 0x128d: 0x7c6d, 0x128e: 0x7c8d, 0x128f: 0x6f19, 0x1290: 0x6f41, 0x1291: 0x6f69,
+ 0x1292: 0x7cad, 0x1293: 0x7ccd, 0x1294: 0x7ced, 0x1295: 0x6f91, 0x1296: 0x6fb9, 0x1297: 0x6fe1,
+ 0x1298: 0x7d0d, 0x1299: 0x7d2d, 0x129a: 0x0040, 0x129b: 0x0040, 0x129c: 0x0040, 0x129d: 0x0040,
+ 0x129e: 0x0040, 0x129f: 0x0040, 0x12a0: 0x0040, 0x12a1: 0x0040, 0x12a2: 0x0040, 0x12a3: 0x0040,
+ 0x12a4: 0x0040, 0x12a5: 0x0040, 0x12a6: 0x0040, 0x12a7: 0x0040, 0x12a8: 0x0040, 0x12a9: 0x0040,
+ 0x12aa: 0x0040, 0x12ab: 0x0040, 0x12ac: 0x0040, 0x12ad: 0x0040, 0x12ae: 0x0040, 0x12af: 0x0040,
+ 0x12b0: 0x0040, 0x12b1: 0x0040, 0x12b2: 0x0040, 0x12b3: 0x0040, 0x12b4: 0x0040, 0x12b5: 0x0040,
+ 0x12b6: 0x0040, 0x12b7: 0x0040, 0x12b8: 0x0040, 0x12b9: 0x0040, 0x12ba: 0x0040, 0x12bb: 0x0040,
+ 0x12bc: 0x0040, 0x12bd: 0x0040, 0x12be: 0x0040, 0x12bf: 0x0040,
+ // Block 0x4b, offset 0x12c0
+ 0x12c0: 0x7009, 0x12c1: 0x7021, 0x12c2: 0x7039, 0x12c3: 0x7d4d, 0x12c4: 0x7d6d, 0x12c5: 0x7051,
+ 0x12c6: 0x7051, 0x12c7: 0x0040, 0x12c8: 0x0040, 0x12c9: 0x0040, 0x12ca: 0x0040, 0x12cb: 0x0040,
+ 0x12cc: 0x0040, 0x12cd: 0x0040, 0x12ce: 0x0040, 0x12cf: 0x0040, 0x12d0: 0x0040, 0x12d1: 0x0040,
+ 0x12d2: 0x0040, 0x12d3: 0x7069, 0x12d4: 0x7091, 0x12d5: 0x70b9, 0x12d6: 0x70e1, 0x12d7: 0x7109,
+ 0x12d8: 0x0040, 0x12d9: 0x0040, 0x12da: 0x0040, 0x12db: 0x0040, 0x12dc: 0x0040, 0x12dd: 0x7131,
+ 0x12de: 0x3308, 0x12df: 0x7159, 0x12e0: 0x7181, 0x12e1: 0x20a9, 0x12e2: 0x20f1, 0x12e3: 0x7199,
+ 0x12e4: 0x71b1, 0x12e5: 0x71c9, 0x12e6: 0x71e1, 0x12e7: 0x71f9, 0x12e8: 0x7211, 0x12e9: 0x1fb2,
+ 0x12ea: 0x7229, 0x12eb: 0x7251, 0x12ec: 0x7279, 0x12ed: 0x72b1, 0x12ee: 0x72e9, 0x12ef: 0x7311,
+ 0x12f0: 0x7339, 0x12f1: 0x7361, 0x12f2: 0x7389, 0x12f3: 0x73b1, 0x12f4: 0x73d9, 0x12f5: 0x7401,
+ 0x12f6: 0x7429, 0x12f7: 0x0040, 0x12f8: 0x7451, 0x12f9: 0x7479, 0x12fa: 0x74a1, 0x12fb: 0x74c9,
+ 0x12fc: 0x74f1, 0x12fd: 0x0040, 0x12fe: 0x7519, 0x12ff: 0x0040,
+ // Block 0x4c, offset 0x1300
+ 0x1300: 0x7541, 0x1301: 0x7569, 0x1302: 0x0040, 0x1303: 0x7591, 0x1304: 0x75b9, 0x1305: 0x0040,
+ 0x1306: 0x75e1, 0x1307: 0x7609, 0x1308: 0x7631, 0x1309: 0x7659, 0x130a: 0x7681, 0x130b: 0x76a9,
+ 0x130c: 0x76d1, 0x130d: 0x76f9, 0x130e: 0x7721, 0x130f: 0x7749, 0x1310: 0x7771, 0x1311: 0x7771,
+ 0x1312: 0x7789, 0x1313: 0x7789, 0x1314: 0x7789, 0x1315: 0x7789, 0x1316: 0x77a1, 0x1317: 0x77a1,
+ 0x1318: 0x77a1, 0x1319: 0x77a1, 0x131a: 0x77b9, 0x131b: 0x77b9, 0x131c: 0x77b9, 0x131d: 0x77b9,
+ 0x131e: 0x77d1, 0x131f: 0x77d1, 0x1320: 0x77d1, 0x1321: 0x77d1, 0x1322: 0x77e9, 0x1323: 0x77e9,
+ 0x1324: 0x77e9, 0x1325: 0x77e9, 0x1326: 0x7801, 0x1327: 0x7801, 0x1328: 0x7801, 0x1329: 0x7801,
+ 0x132a: 0x7819, 0x132b: 0x7819, 0x132c: 0x7819, 0x132d: 0x7819, 0x132e: 0x7831, 0x132f: 0x7831,
+ 0x1330: 0x7831, 0x1331: 0x7831, 0x1332: 0x7849, 0x1333: 0x7849, 0x1334: 0x7849, 0x1335: 0x7849,
+ 0x1336: 0x7861, 0x1337: 0x7861, 0x1338: 0x7861, 0x1339: 0x7861, 0x133a: 0x7879, 0x133b: 0x7879,
+ 0x133c: 0x7879, 0x133d: 0x7879, 0x133e: 0x7891, 0x133f: 0x7891,
+ // Block 0x4d, offset 0x1340
+ 0x1340: 0x7891, 0x1341: 0x7891, 0x1342: 0x78a9, 0x1343: 0x78a9, 0x1344: 0x78c1, 0x1345: 0x78c1,
+ 0x1346: 0x78d9, 0x1347: 0x78d9, 0x1348: 0x78f1, 0x1349: 0x78f1, 0x134a: 0x7909, 0x134b: 0x7909,
+ 0x134c: 0x7921, 0x134d: 0x7921, 0x134e: 0x7939, 0x134f: 0x7939, 0x1350: 0x7939, 0x1351: 0x7939,
+ 0x1352: 0x7951, 0x1353: 0x7951, 0x1354: 0x7951, 0x1355: 0x7951, 0x1356: 0x7969, 0x1357: 0x7969,
+ 0x1358: 0x7969, 0x1359: 0x7969, 0x135a: 0x7981, 0x135b: 0x7981, 0x135c: 0x7981, 0x135d: 0x7981,
+ 0x135e: 0x7999, 0x135f: 0x7999, 0x1360: 0x79b1, 0x1361: 0x79b1, 0x1362: 0x79b1, 0x1363: 0x79b1,
+ 0x1364: 0x79c9, 0x1365: 0x79c9, 0x1366: 0x79e1, 0x1367: 0x79e1, 0x1368: 0x79e1, 0x1369: 0x79e1,
+ 0x136a: 0x79f9, 0x136b: 0x79f9, 0x136c: 0x79f9, 0x136d: 0x79f9, 0x136e: 0x7a11, 0x136f: 0x7a11,
+ 0x1370: 0x7a29, 0x1371: 0x7a29, 0x1372: 0x0818, 0x1373: 0x0818, 0x1374: 0x0818, 0x1375: 0x0818,
+ 0x1376: 0x0818, 0x1377: 0x0818, 0x1378: 0x0818, 0x1379: 0x0818, 0x137a: 0x0818, 0x137b: 0x0818,
+ 0x137c: 0x0818, 0x137d: 0x0818, 0x137e: 0x0818, 0x137f: 0x0818,
+ // Block 0x4e, offset 0x1380
+ 0x1380: 0x0818, 0x1381: 0x0818, 0x1382: 0x0040, 0x1383: 0x0040, 0x1384: 0x0040, 0x1385: 0x0040,
+ 0x1386: 0x0040, 0x1387: 0x0040, 0x1388: 0x0040, 0x1389: 0x0040, 0x138a: 0x0040, 0x138b: 0x0040,
+ 0x138c: 0x0040, 0x138d: 0x0040, 0x138e: 0x0040, 0x138f: 0x0040, 0x1390: 0x0040, 0x1391: 0x0040,
+ 0x1392: 0x0040, 0x1393: 0x7a41, 0x1394: 0x7a41, 0x1395: 0x7a41, 0x1396: 0x7a41, 0x1397: 0x7a59,
+ 0x1398: 0x7a59, 0x1399: 0x7a71, 0x139a: 0x7a71, 0x139b: 0x7a89, 0x139c: 0x7a89, 0x139d: 0x0479,
+ 0x139e: 0x7aa1, 0x139f: 0x7aa1, 0x13a0: 0x7ab9, 0x13a1: 0x7ab9, 0x13a2: 0x7ad1, 0x13a3: 0x7ad1,
+ 0x13a4: 0x7ae9, 0x13a5: 0x7ae9, 0x13a6: 0x7ae9, 0x13a7: 0x7ae9, 0x13a8: 0x7b01, 0x13a9: 0x7b01,
+ 0x13aa: 0x7b19, 0x13ab: 0x7b19, 0x13ac: 0x7b41, 0x13ad: 0x7b41, 0x13ae: 0x7b69, 0x13af: 0x7b69,
+ 0x13b0: 0x7b91, 0x13b1: 0x7b91, 0x13b2: 0x7bb9, 0x13b3: 0x7bb9, 0x13b4: 0x7be1, 0x13b5: 0x7be1,
+ 0x13b6: 0x7c09, 0x13b7: 0x7c09, 0x13b8: 0x7c09, 0x13b9: 0x7c31, 0x13ba: 0x7c31, 0x13bb: 0x7c31,
+ 0x13bc: 0x7c59, 0x13bd: 0x7c59, 0x13be: 0x7c59, 0x13bf: 0x7c59,
+ // Block 0x4f, offset 0x13c0
+ 0x13c0: 0x8649, 0x13c1: 0x8671, 0x13c2: 0x8699, 0x13c3: 0x86c1, 0x13c4: 0x86e9, 0x13c5: 0x8711,
+ 0x13c6: 0x8739, 0x13c7: 0x8761, 0x13c8: 0x8789, 0x13c9: 0x87b1, 0x13ca: 0x87d9, 0x13cb: 0x8801,
+ 0x13cc: 0x8829, 0x13cd: 0x8851, 0x13ce: 0x8879, 0x13cf: 0x88a1, 0x13d0: 0x88c9, 0x13d1: 0x88f1,
+ 0x13d2: 0x8919, 0x13d3: 0x8941, 0x13d4: 0x8969, 0x13d5: 0x8991, 0x13d6: 0x89b9, 0x13d7: 0x89e1,
+ 0x13d8: 0x8a09, 0x13d9: 0x8a31, 0x13da: 0x8a59, 0x13db: 0x8a81, 0x13dc: 0x8aa9, 0x13dd: 0x8ad1,
+ 0x13de: 0x8afa, 0x13df: 0x8b2a, 0x13e0: 0x8b5a, 0x13e1: 0x8b8a, 0x13e2: 0x8bba, 0x13e3: 0x8bea,
+ 0x13e4: 0x8c19, 0x13e5: 0x8c41, 0x13e6: 0x7cc1, 0x13e7: 0x8c69, 0x13e8: 0x7c31, 0x13e9: 0x7ce9,
+ 0x13ea: 0x8c91, 0x13eb: 0x8cb9, 0x13ec: 0x7d89, 0x13ed: 0x8ce1, 0x13ee: 0x7db1, 0x13ef: 0x7dd9,
+ 0x13f0: 0x8d09, 0x13f1: 0x8d31, 0x13f2: 0x7e79, 0x13f3: 0x8d59, 0x13f4: 0x7ea1, 0x13f5: 0x7ec9,
+ 0x13f6: 0x8d81, 0x13f7: 0x8da9, 0x13f8: 0x7f19, 0x13f9: 0x8dd1, 0x13fa: 0x7f41, 0x13fb: 0x7f69,
+ 0x13fc: 0x83f1, 0x13fd: 0x8419, 0x13fe: 0x8491, 0x13ff: 0x84b9,
+ // Block 0x50, offset 0x1400
+ 0x1400: 0x84e1, 0x1401: 0x8581, 0x1402: 0x85a9, 0x1403: 0x85d1, 0x1404: 0x85f9, 0x1405: 0x8699,
+ 0x1406: 0x86c1, 0x1407: 0x86e9, 0x1408: 0x8df9, 0x1409: 0x8789, 0x140a: 0x8e21, 0x140b: 0x8e49,
+ 0x140c: 0x8879, 0x140d: 0x8e71, 0x140e: 0x88a1, 0x140f: 0x88c9, 0x1410: 0x8ad1, 0x1411: 0x8e99,
+ 0x1412: 0x8ec1, 0x1413: 0x8a09, 0x1414: 0x8ee9, 0x1415: 0x8a31, 0x1416: 0x8a59, 0x1417: 0x7c71,
+ 0x1418: 0x7c99, 0x1419: 0x8f11, 0x141a: 0x7cc1, 0x141b: 0x8f39, 0x141c: 0x7d11, 0x141d: 0x7d39,
+ 0x141e: 0x7d61, 0x141f: 0x7d89, 0x1420: 0x8f61, 0x1421: 0x7e01, 0x1422: 0x7e29, 0x1423: 0x7e51,
+ 0x1424: 0x7e79, 0x1425: 0x8f89, 0x1426: 0x7f19, 0x1427: 0x7f91, 0x1428: 0x7fb9, 0x1429: 0x7fe1,
+ 0x142a: 0x8009, 0x142b: 0x8031, 0x142c: 0x8081, 0x142d: 0x80a9, 0x142e: 0x80d1, 0x142f: 0x80f9,
+ 0x1430: 0x8121, 0x1431: 0x8149, 0x1432: 0x8fb1, 0x1433: 0x8171, 0x1434: 0x8199, 0x1435: 0x81c1,
+ 0x1436: 0x81e9, 0x1437: 0x8211, 0x1438: 0x8239, 0x1439: 0x8289, 0x143a: 0x82b1, 0x143b: 0x82d9,
+ 0x143c: 0x8301, 0x143d: 0x8329, 0x143e: 0x8351, 0x143f: 0x8379,
+ // Block 0x51, offset 0x1440
+ 0x1440: 0x83a1, 0x1441: 0x83c9, 0x1442: 0x8441, 0x1443: 0x8469, 0x1444: 0x8509, 0x1445: 0x8531,
+ 0x1446: 0x8559, 0x1447: 0x8581, 0x1448: 0x85a9, 0x1449: 0x8621, 0x144a: 0x8649, 0x144b: 0x8671,
+ 0x144c: 0x8699, 0x144d: 0x8fd9, 0x144e: 0x8711, 0x144f: 0x8739, 0x1450: 0x8761, 0x1451: 0x8789,
+ 0x1452: 0x8801, 0x1453: 0x8829, 0x1454: 0x8851, 0x1455: 0x8879, 0x1456: 0x9001, 0x1457: 0x88f1,
+ 0x1458: 0x8919, 0x1459: 0x9029, 0x145a: 0x8991, 0x145b: 0x89b9, 0x145c: 0x89e1, 0x145d: 0x8a09,
+ 0x145e: 0x9051, 0x145f: 0x7cc1, 0x1460: 0x8f39, 0x1461: 0x7d89, 0x1462: 0x8f61, 0x1463: 0x7e79,
+ 0x1464: 0x8f89, 0x1465: 0x7f19, 0x1466: 0x9079, 0x1467: 0x8121, 0x1468: 0x90a1, 0x1469: 0x90c9,
+ 0x146a: 0x90f1, 0x146b: 0x8581, 0x146c: 0x85a9, 0x146d: 0x8699, 0x146e: 0x8879, 0x146f: 0x9001,
+ 0x1470: 0x8a09, 0x1471: 0x9051, 0x1472: 0x9119, 0x1473: 0x9151, 0x1474: 0x9189, 0x1475: 0x91c1,
+ 0x1476: 0x91e9, 0x1477: 0x9211, 0x1478: 0x9239, 0x1479: 0x9261, 0x147a: 0x9289, 0x147b: 0x92b1,
+ 0x147c: 0x92d9, 0x147d: 0x9301, 0x147e: 0x9329, 0x147f: 0x9351,
+ // Block 0x52, offset 0x1480
+ 0x1480: 0x9379, 0x1481: 0x93a1, 0x1482: 0x93c9, 0x1483: 0x93f1, 0x1484: 0x9419, 0x1485: 0x9441,
+ 0x1486: 0x9469, 0x1487: 0x9491, 0x1488: 0x94b9, 0x1489: 0x94e1, 0x148a: 0x9509, 0x148b: 0x9531,
+ 0x148c: 0x90c9, 0x148d: 0x9559, 0x148e: 0x9581, 0x148f: 0x95a9, 0x1490: 0x95d1, 0x1491: 0x91c1,
+ 0x1492: 0x91e9, 0x1493: 0x9211, 0x1494: 0x9239, 0x1495: 0x9261, 0x1496: 0x9289, 0x1497: 0x92b1,
+ 0x1498: 0x92d9, 0x1499: 0x9301, 0x149a: 0x9329, 0x149b: 0x9351, 0x149c: 0x9379, 0x149d: 0x93a1,
+ 0x149e: 0x93c9, 0x149f: 0x93f1, 0x14a0: 0x9419, 0x14a1: 0x9441, 0x14a2: 0x9469, 0x14a3: 0x9491,
+ 0x14a4: 0x94b9, 0x14a5: 0x94e1, 0x14a6: 0x9509, 0x14a7: 0x9531, 0x14a8: 0x90c9, 0x14a9: 0x9559,
+ 0x14aa: 0x9581, 0x14ab: 0x95a9, 0x14ac: 0x95d1, 0x14ad: 0x94e1, 0x14ae: 0x9509, 0x14af: 0x9531,
+ 0x14b0: 0x90c9, 0x14b1: 0x90a1, 0x14b2: 0x90f1, 0x14b3: 0x8261, 0x14b4: 0x80a9, 0x14b5: 0x80d1,
+ 0x14b6: 0x80f9, 0x14b7: 0x94e1, 0x14b8: 0x9509, 0x14b9: 0x9531, 0x14ba: 0x8261, 0x14bb: 0x8289,
+ 0x14bc: 0x95f9, 0x14bd: 0x95f9, 0x14be: 0x0018, 0x14bf: 0x0018,
+ // Block 0x53, offset 0x14c0
+ 0x14c0: 0x0040, 0x14c1: 0x0040, 0x14c2: 0x0040, 0x14c3: 0x0040, 0x14c4: 0x0040, 0x14c5: 0x0040,
+ 0x14c6: 0x0040, 0x14c7: 0x0040, 0x14c8: 0x0040, 0x14c9: 0x0040, 0x14ca: 0x0040, 0x14cb: 0x0040,
+ 0x14cc: 0x0040, 0x14cd: 0x0040, 0x14ce: 0x0040, 0x14cf: 0x0040, 0x14d0: 0x9621, 0x14d1: 0x9659,
+ 0x14d2: 0x9659, 0x14d3: 0x9691, 0x14d4: 0x96c9, 0x14d5: 0x9701, 0x14d6: 0x9739, 0x14d7: 0x9771,
+ 0x14d8: 0x97a9, 0x14d9: 0x97a9, 0x14da: 0x97e1, 0x14db: 0x9819, 0x14dc: 0x9851, 0x14dd: 0x9889,
+ 0x14de: 0x98c1, 0x14df: 0x98f9, 0x14e0: 0x98f9, 0x14e1: 0x9931, 0x14e2: 0x9969, 0x14e3: 0x9969,
+ 0x14e4: 0x99a1, 0x14e5: 0x99a1, 0x14e6: 0x99d9, 0x14e7: 0x9a11, 0x14e8: 0x9a11, 0x14e9: 0x9a49,
+ 0x14ea: 0x9a81, 0x14eb: 0x9a81, 0x14ec: 0x9ab9, 0x14ed: 0x9ab9, 0x14ee: 0x9af1, 0x14ef: 0x9b29,
+ 0x14f0: 0x9b29, 0x14f1: 0x9b61, 0x14f2: 0x9b61, 0x14f3: 0x9b99, 0x14f4: 0x9bd1, 0x14f5: 0x9c09,
+ 0x14f6: 0x9c41, 0x14f7: 0x9c41, 0x14f8: 0x9c79, 0x14f9: 0x9cb1, 0x14fa: 0x9ce9, 0x14fb: 0x9d21,
+ 0x14fc: 0x9d59, 0x14fd: 0x9d59, 0x14fe: 0x9d91, 0x14ff: 0x9dc9,
+ // Block 0x54, offset 0x1500
+ 0x1500: 0xa999, 0x1501: 0xa9d1, 0x1502: 0xaa09, 0x1503: 0xa8f1, 0x1504: 0x9c09, 0x1505: 0x99d9,
+ 0x1506: 0xaa41, 0x1507: 0xaa79, 0x1508: 0x0040, 0x1509: 0x0040, 0x150a: 0x0040, 0x150b: 0x0040,
+ 0x150c: 0x0040, 0x150d: 0x0040, 0x150e: 0x0040, 0x150f: 0x0040, 0x1510: 0x0040, 0x1511: 0x0040,
+ 0x1512: 0x0040, 0x1513: 0x0040, 0x1514: 0x0040, 0x1515: 0x0040, 0x1516: 0x0040, 0x1517: 0x0040,
+ 0x1518: 0x0040, 0x1519: 0x0040, 0x151a: 0x0040, 0x151b: 0x0040, 0x151c: 0x0040, 0x151d: 0x0040,
+ 0x151e: 0x0040, 0x151f: 0x0040, 0x1520: 0x0040, 0x1521: 0x0040, 0x1522: 0x0040, 0x1523: 0x0040,
+ 0x1524: 0x0040, 0x1525: 0x0040, 0x1526: 0x0040, 0x1527: 0x0040, 0x1528: 0x0040, 0x1529: 0x0040,
+ 0x152a: 0x0040, 0x152b: 0x0040, 0x152c: 0x0040, 0x152d: 0x0040, 0x152e: 0x0040, 0x152f: 0x0040,
+ 0x1530: 0xaab1, 0x1531: 0xaae9, 0x1532: 0xab21, 0x1533: 0xab69, 0x1534: 0xabb1, 0x1535: 0xabf9,
+ 0x1536: 0xac41, 0x1537: 0xac89, 0x1538: 0xacd1, 0x1539: 0xad19, 0x153a: 0xad52, 0x153b: 0xae62,
+ 0x153c: 0xaee1, 0x153d: 0x0018, 0x153e: 0x0040, 0x153f: 0x0040,
+ // Block 0x55, offset 0x1540
+ 0x1540: 0x33c0, 0x1541: 0x33c0, 0x1542: 0x33c0, 0x1543: 0x33c0, 0x1544: 0x33c0, 0x1545: 0x33c0,
+ 0x1546: 0x33c0, 0x1547: 0x33c0, 0x1548: 0x33c0, 0x1549: 0x33c0, 0x154a: 0x33c0, 0x154b: 0x33c0,
+ 0x154c: 0x33c0, 0x154d: 0x33c0, 0x154e: 0x33c0, 0x154f: 0x33c0, 0x1550: 0xaf2a, 0x1551: 0x7d8d,
+ 0x1552: 0x0040, 0x1553: 0xaf3a, 0x1554: 0x03c2, 0x1555: 0xaf4a, 0x1556: 0xaf5a, 0x1557: 0x7dad,
+ 0x1558: 0x7dcd, 0x1559: 0x0040, 0x155a: 0x0040, 0x155b: 0x0040, 0x155c: 0x0040, 0x155d: 0x0040,
+ 0x155e: 0x0040, 0x155f: 0x0040, 0x1560: 0x3308, 0x1561: 0x3308, 0x1562: 0x3308, 0x1563: 0x3308,
+ 0x1564: 0x3308, 0x1565: 0x3308, 0x1566: 0x3308, 0x1567: 0x3308, 0x1568: 0x3308, 0x1569: 0x3308,
+ 0x156a: 0x3308, 0x156b: 0x3308, 0x156c: 0x3308, 0x156d: 0x3308, 0x156e: 0x3308, 0x156f: 0x3308,
+ 0x1570: 0x0040, 0x1571: 0x7ded, 0x1572: 0x7e0d, 0x1573: 0xaf6a, 0x1574: 0xaf6a, 0x1575: 0x1fd2,
+ 0x1576: 0x1fe2, 0x1577: 0xaf7a, 0x1578: 0xaf8a, 0x1579: 0x7e2d, 0x157a: 0x7e4d, 0x157b: 0x7e6d,
+ 0x157c: 0x7e2d, 0x157d: 0x7e8d, 0x157e: 0x7ead, 0x157f: 0x7e8d,
+ // Block 0x56, offset 0x1580
+ 0x1580: 0x7ecd, 0x1581: 0x7eed, 0x1582: 0x7f0d, 0x1583: 0x7eed, 0x1584: 0x7f2d, 0x1585: 0x0018,
+ 0x1586: 0x0018, 0x1587: 0xaf9a, 0x1588: 0xafaa, 0x1589: 0x7f4e, 0x158a: 0x7f6e, 0x158b: 0x7f8e,
+ 0x158c: 0x7fae, 0x158d: 0xaf6a, 0x158e: 0xaf6a, 0x158f: 0xaf6a, 0x1590: 0xaf2a, 0x1591: 0x7fcd,
+ 0x1592: 0x0040, 0x1593: 0x0040, 0x1594: 0x03c2, 0x1595: 0xaf3a, 0x1596: 0xaf5a, 0x1597: 0xaf4a,
+ 0x1598: 0x7fed, 0x1599: 0x1fd2, 0x159a: 0x1fe2, 0x159b: 0xaf7a, 0x159c: 0xaf8a, 0x159d: 0x7ecd,
+ 0x159e: 0x7f2d, 0x159f: 0xafba, 0x15a0: 0xafca, 0x15a1: 0xafda, 0x15a2: 0x1fb2, 0x15a3: 0xafe9,
+ 0x15a4: 0xaffa, 0x15a5: 0xb00a, 0x15a6: 0x1fc2, 0x15a7: 0x0040, 0x15a8: 0xb01a, 0x15a9: 0xb02a,
+ 0x15aa: 0xb03a, 0x15ab: 0xb04a, 0x15ac: 0x0040, 0x15ad: 0x0040, 0x15ae: 0x0040, 0x15af: 0x0040,
+ 0x15b0: 0x800e, 0x15b1: 0xb059, 0x15b2: 0x802e, 0x15b3: 0x0808, 0x15b4: 0x804e, 0x15b5: 0x0040,
+ 0x15b6: 0x806e, 0x15b7: 0xb081, 0x15b8: 0x808e, 0x15b9: 0xb0a9, 0x15ba: 0x80ae, 0x15bb: 0xb0d1,
+ 0x15bc: 0x80ce, 0x15bd: 0xb0f9, 0x15be: 0x80ee, 0x15bf: 0xb121,
+ // Block 0x57, offset 0x15c0
+ 0x15c0: 0xb149, 0x15c1: 0xb161, 0x15c2: 0xb161, 0x15c3: 0xb179, 0x15c4: 0xb179, 0x15c5: 0xb191,
+ 0x15c6: 0xb191, 0x15c7: 0xb1a9, 0x15c8: 0xb1a9, 0x15c9: 0xb1c1, 0x15ca: 0xb1c1, 0x15cb: 0xb1c1,
+ 0x15cc: 0xb1c1, 0x15cd: 0xb1d9, 0x15ce: 0xb1d9, 0x15cf: 0xb1f1, 0x15d0: 0xb1f1, 0x15d1: 0xb1f1,
+ 0x15d2: 0xb1f1, 0x15d3: 0xb209, 0x15d4: 0xb209, 0x15d5: 0xb221, 0x15d6: 0xb221, 0x15d7: 0xb221,
+ 0x15d8: 0xb221, 0x15d9: 0xb239, 0x15da: 0xb239, 0x15db: 0xb239, 0x15dc: 0xb239, 0x15dd: 0xb251,
+ 0x15de: 0xb251, 0x15df: 0xb251, 0x15e0: 0xb251, 0x15e1: 0xb269, 0x15e2: 0xb269, 0x15e3: 0xb269,
+ 0x15e4: 0xb269, 0x15e5: 0xb281, 0x15e6: 0xb281, 0x15e7: 0xb281, 0x15e8: 0xb281, 0x15e9: 0xb299,
+ 0x15ea: 0xb299, 0x15eb: 0xb2b1, 0x15ec: 0xb2b1, 0x15ed: 0xb2c9, 0x15ee: 0xb2c9, 0x15ef: 0xb2e1,
+ 0x15f0: 0xb2e1, 0x15f1: 0xb2f9, 0x15f2: 0xb2f9, 0x15f3: 0xb2f9, 0x15f4: 0xb2f9, 0x15f5: 0xb311,
+ 0x15f6: 0xb311, 0x15f7: 0xb311, 0x15f8: 0xb311, 0x15f9: 0xb329, 0x15fa: 0xb329, 0x15fb: 0xb329,
+ 0x15fc: 0xb329, 0x15fd: 0xb341, 0x15fe: 0xb341, 0x15ff: 0xb341,
+ // Block 0x58, offset 0x1600
+ 0x1600: 0xb341, 0x1601: 0xb359, 0x1602: 0xb359, 0x1603: 0xb359, 0x1604: 0xb359, 0x1605: 0xb371,
+ 0x1606: 0xb371, 0x1607: 0xb371, 0x1608: 0xb371, 0x1609: 0xb389, 0x160a: 0xb389, 0x160b: 0xb389,
+ 0x160c: 0xb389, 0x160d: 0xb3a1, 0x160e: 0xb3a1, 0x160f: 0xb3a1, 0x1610: 0xb3a1, 0x1611: 0xb3b9,
+ 0x1612: 0xb3b9, 0x1613: 0xb3b9, 0x1614: 0xb3b9, 0x1615: 0xb3d1, 0x1616: 0xb3d1, 0x1617: 0xb3d1,
+ 0x1618: 0xb3d1, 0x1619: 0xb3e9, 0x161a: 0xb3e9, 0x161b: 0xb3e9, 0x161c: 0xb3e9, 0x161d: 0xb401,
+ 0x161e: 0xb401, 0x161f: 0xb401, 0x1620: 0xb401, 0x1621: 0xb419, 0x1622: 0xb419, 0x1623: 0xb419,
+ 0x1624: 0xb419, 0x1625: 0xb431, 0x1626: 0xb431, 0x1627: 0xb431, 0x1628: 0xb431, 0x1629: 0xb449,
+ 0x162a: 0xb449, 0x162b: 0xb449, 0x162c: 0xb449, 0x162d: 0xb461, 0x162e: 0xb461, 0x162f: 0x7b01,
+ 0x1630: 0x7b01, 0x1631: 0xb479, 0x1632: 0xb479, 0x1633: 0xb479, 0x1634: 0xb479, 0x1635: 0xb491,
+ 0x1636: 0xb491, 0x1637: 0xb4b9, 0x1638: 0xb4b9, 0x1639: 0xb4e1, 0x163a: 0xb4e1, 0x163b: 0xb509,
+ 0x163c: 0xb509, 0x163d: 0x0040, 0x163e: 0x0040, 0x163f: 0x03c0,
+ // Block 0x59, offset 0x1640
+ 0x1640: 0x0040, 0x1641: 0xaf4a, 0x1642: 0xb532, 0x1643: 0xafba, 0x1644: 0xb02a, 0x1645: 0xb03a,
+ 0x1646: 0xafca, 0x1647: 0xb542, 0x1648: 0x1fd2, 0x1649: 0x1fe2, 0x164a: 0xafda, 0x164b: 0x1fb2,
+ 0x164c: 0xaf2a, 0x164d: 0xafe9, 0x164e: 0x29d1, 0x164f: 0xb552, 0x1650: 0x1f41, 0x1651: 0x00c9,
+ 0x1652: 0x0069, 0x1653: 0x0079, 0x1654: 0x1f51, 0x1655: 0x1f61, 0x1656: 0x1f71, 0x1657: 0x1f81,
+ 0x1658: 0x1f91, 0x1659: 0x1fa1, 0x165a: 0xaf3a, 0x165b: 0x03c2, 0x165c: 0xaffa, 0x165d: 0x1fc2,
+ 0x165e: 0xb00a, 0x165f: 0xaf5a, 0x1660: 0xb04a, 0x1661: 0x0039, 0x1662: 0x0ee9, 0x1663: 0x1159,
+ 0x1664: 0x0ef9, 0x1665: 0x0f09, 0x1666: 0x1199, 0x1667: 0x0f31, 0x1668: 0x0249, 0x1669: 0x0f41,
+ 0x166a: 0x0259, 0x166b: 0x0f51, 0x166c: 0x0359, 0x166d: 0x0f61, 0x166e: 0x0f71, 0x166f: 0x00d9,
+ 0x1670: 0x0f99, 0x1671: 0x2039, 0x1672: 0x0269, 0x1673: 0x01d9, 0x1674: 0x0fa9, 0x1675: 0x0fb9,
+ 0x1676: 0x1089, 0x1677: 0x0279, 0x1678: 0x0369, 0x1679: 0x0289, 0x167a: 0x13d1, 0x167b: 0xaf9a,
+ 0x167c: 0xb01a, 0x167d: 0xafaa, 0x167e: 0xb562, 0x167f: 0xaf6a,
+ // Block 0x5a, offset 0x1680
+ 0x1680: 0x1caa, 0x1681: 0x0039, 0x1682: 0x0ee9, 0x1683: 0x1159, 0x1684: 0x0ef9, 0x1685: 0x0f09,
+ 0x1686: 0x1199, 0x1687: 0x0f31, 0x1688: 0x0249, 0x1689: 0x0f41, 0x168a: 0x0259, 0x168b: 0x0f51,
+ 0x168c: 0x0359, 0x168d: 0x0f61, 0x168e: 0x0f71, 0x168f: 0x00d9, 0x1690: 0x0f99, 0x1691: 0x2039,
+ 0x1692: 0x0269, 0x1693: 0x01d9, 0x1694: 0x0fa9, 0x1695: 0x0fb9, 0x1696: 0x1089, 0x1697: 0x0279,
+ 0x1698: 0x0369, 0x1699: 0x0289, 0x169a: 0x13d1, 0x169b: 0xaf7a, 0x169c: 0xb572, 0x169d: 0xaf8a,
+ 0x169e: 0xb582, 0x169f: 0x810d, 0x16a0: 0x812d, 0x16a1: 0x29d1, 0x16a2: 0x814d, 0x16a3: 0x814d,
+ 0x16a4: 0x816d, 0x16a5: 0x818d, 0x16a6: 0x81ad, 0x16a7: 0x81cd, 0x16a8: 0x81ed, 0x16a9: 0x820d,
+ 0x16aa: 0x822d, 0x16ab: 0x824d, 0x16ac: 0x826d, 0x16ad: 0x828d, 0x16ae: 0x82ad, 0x16af: 0x82cd,
+ 0x16b0: 0x82ed, 0x16b1: 0x830d, 0x16b2: 0x832d, 0x16b3: 0x834d, 0x16b4: 0x836d, 0x16b5: 0x838d,
+ 0x16b6: 0x83ad, 0x16b7: 0x83cd, 0x16b8: 0x83ed, 0x16b9: 0x840d, 0x16ba: 0x842d, 0x16bb: 0x844d,
+ 0x16bc: 0x81ed, 0x16bd: 0x846d, 0x16be: 0x848d, 0x16bf: 0x824d,
+ // Block 0x5b, offset 0x16c0
+ 0x16c0: 0x84ad, 0x16c1: 0x84cd, 0x16c2: 0x84ed, 0x16c3: 0x850d, 0x16c4: 0x852d, 0x16c5: 0x854d,
+ 0x16c6: 0x856d, 0x16c7: 0x858d, 0x16c8: 0x850d, 0x16c9: 0x85ad, 0x16ca: 0x850d, 0x16cb: 0x85cd,
+ 0x16cc: 0x85cd, 0x16cd: 0x85ed, 0x16ce: 0x85ed, 0x16cf: 0x860d, 0x16d0: 0x854d, 0x16d1: 0x862d,
+ 0x16d2: 0x864d, 0x16d3: 0x862d, 0x16d4: 0x866d, 0x16d5: 0x864d, 0x16d6: 0x868d, 0x16d7: 0x868d,
+ 0x16d8: 0x86ad, 0x16d9: 0x86ad, 0x16da: 0x86cd, 0x16db: 0x86cd, 0x16dc: 0x864d, 0x16dd: 0x814d,
+ 0x16de: 0x86ed, 0x16df: 0x870d, 0x16e0: 0x0040, 0x16e1: 0x872d, 0x16e2: 0x874d, 0x16e3: 0x876d,
+ 0x16e4: 0x878d, 0x16e5: 0x876d, 0x16e6: 0x87ad, 0x16e7: 0x87cd, 0x16e8: 0x87ed, 0x16e9: 0x87ed,
+ 0x16ea: 0x880d, 0x16eb: 0x880d, 0x16ec: 0x882d, 0x16ed: 0x882d, 0x16ee: 0x880d, 0x16ef: 0x880d,
+ 0x16f0: 0x884d, 0x16f1: 0x886d, 0x16f2: 0x888d, 0x16f3: 0x88ad, 0x16f4: 0x88cd, 0x16f5: 0x88ed,
+ 0x16f6: 0x88ed, 0x16f7: 0x88ed, 0x16f8: 0x890d, 0x16f9: 0x890d, 0x16fa: 0x890d, 0x16fb: 0x890d,
+ 0x16fc: 0x87ed, 0x16fd: 0x87ed, 0x16fe: 0x87ed, 0x16ff: 0x0040,
+ // Block 0x5c, offset 0x1700
+ 0x1700: 0x0040, 0x1701: 0x0040, 0x1702: 0x874d, 0x1703: 0x872d, 0x1704: 0x892d, 0x1705: 0x872d,
+ 0x1706: 0x874d, 0x1707: 0x872d, 0x1708: 0x0040, 0x1709: 0x0040, 0x170a: 0x894d, 0x170b: 0x874d,
+ 0x170c: 0x896d, 0x170d: 0x892d, 0x170e: 0x896d, 0x170f: 0x874d, 0x1710: 0x0040, 0x1711: 0x0040,
+ 0x1712: 0x898d, 0x1713: 0x89ad, 0x1714: 0x88ad, 0x1715: 0x896d, 0x1716: 0x892d, 0x1717: 0x896d,
+ 0x1718: 0x0040, 0x1719: 0x0040, 0x171a: 0x89cd, 0x171b: 0x89ed, 0x171c: 0x89cd, 0x171d: 0x0040,
+ 0x171e: 0x0040, 0x171f: 0x0040, 0x1720: 0xb591, 0x1721: 0xb5a9, 0x1722: 0xb5c1, 0x1723: 0x8a0e,
+ 0x1724: 0xb5d9, 0x1725: 0xb5f1, 0x1726: 0x8a2d, 0x1727: 0x0040, 0x1728: 0x8a4d, 0x1729: 0x8a6d,
+ 0x172a: 0x8a8d, 0x172b: 0x8a6d, 0x172c: 0x8aad, 0x172d: 0x8acd, 0x172e: 0x8aed, 0x172f: 0x0040,
+ 0x1730: 0x0040, 0x1731: 0x0040, 0x1732: 0x0040, 0x1733: 0x0040, 0x1734: 0x0040, 0x1735: 0x0040,
+ 0x1736: 0x0040, 0x1737: 0x0040, 0x1738: 0x0040, 0x1739: 0x0340, 0x173a: 0x0340, 0x173b: 0x0340,
+ 0x173c: 0x0040, 0x173d: 0x0040, 0x173e: 0x0040, 0x173f: 0x0040,
+ // Block 0x5d, offset 0x1740
+ 0x1740: 0x0a08, 0x1741: 0x0a08, 0x1742: 0x0a08, 0x1743: 0x0a08, 0x1744: 0x0a08, 0x1745: 0x0c08,
+ 0x1746: 0x0808, 0x1747: 0x0c08, 0x1748: 0x0818, 0x1749: 0x0c08, 0x174a: 0x0c08, 0x174b: 0x0808,
+ 0x174c: 0x0808, 0x174d: 0x0908, 0x174e: 0x0c08, 0x174f: 0x0c08, 0x1750: 0x0c08, 0x1751: 0x0c08,
+ 0x1752: 0x0c08, 0x1753: 0x0a08, 0x1754: 0x0a08, 0x1755: 0x0a08, 0x1756: 0x0a08, 0x1757: 0x0908,
+ 0x1758: 0x0a08, 0x1759: 0x0a08, 0x175a: 0x0a08, 0x175b: 0x0a08, 0x175c: 0x0a08, 0x175d: 0x0c08,
+ 0x175e: 0x0a08, 0x175f: 0x0a08, 0x1760: 0x0a08, 0x1761: 0x0c08, 0x1762: 0x0808, 0x1763: 0x0808,
+ 0x1764: 0x0c08, 0x1765: 0x3308, 0x1766: 0x3308, 0x1767: 0x0040, 0x1768: 0x0040, 0x1769: 0x0040,
+ 0x176a: 0x0040, 0x176b: 0x0a18, 0x176c: 0x0a18, 0x176d: 0x0a18, 0x176e: 0x0a18, 0x176f: 0x0c18,
+ 0x1770: 0x0818, 0x1771: 0x0818, 0x1772: 0x0818, 0x1773: 0x0818, 0x1774: 0x0818, 0x1775: 0x0818,
+ 0x1776: 0x0818, 0x1777: 0x0040, 0x1778: 0x0040, 0x1779: 0x0040, 0x177a: 0x0040, 0x177b: 0x0040,
+ 0x177c: 0x0040, 0x177d: 0x0040, 0x177e: 0x0040, 0x177f: 0x0040,
+ // Block 0x5e, offset 0x1780
+ 0x1780: 0x0a08, 0x1781: 0x0c08, 0x1782: 0x0a08, 0x1783: 0x0c08, 0x1784: 0x0c08, 0x1785: 0x0c08,
+ 0x1786: 0x0a08, 0x1787: 0x0a08, 0x1788: 0x0a08, 0x1789: 0x0c08, 0x178a: 0x0a08, 0x178b: 0x0a08,
+ 0x178c: 0x0c08, 0x178d: 0x0a08, 0x178e: 0x0c08, 0x178f: 0x0c08, 0x1790: 0x0a08, 0x1791: 0x0c08,
+ 0x1792: 0x0040, 0x1793: 0x0040, 0x1794: 0x0040, 0x1795: 0x0040, 0x1796: 0x0040, 0x1797: 0x0040,
+ 0x1798: 0x0040, 0x1799: 0x0818, 0x179a: 0x0818, 0x179b: 0x0818, 0x179c: 0x0818, 0x179d: 0x0040,
+ 0x179e: 0x0040, 0x179f: 0x0040, 0x17a0: 0x0040, 0x17a1: 0x0040, 0x17a2: 0x0040, 0x17a3: 0x0040,
+ 0x17a4: 0x0040, 0x17a5: 0x0040, 0x17a6: 0x0040, 0x17a7: 0x0040, 0x17a8: 0x0040, 0x17a9: 0x0c18,
+ 0x17aa: 0x0c18, 0x17ab: 0x0c18, 0x17ac: 0x0c18, 0x17ad: 0x0a18, 0x17ae: 0x0a18, 0x17af: 0x0818,
+ 0x17b0: 0x0040, 0x17b1: 0x0040, 0x17b2: 0x0040, 0x17b3: 0x0040, 0x17b4: 0x0040, 0x17b5: 0x0040,
+ 0x17b6: 0x0040, 0x17b7: 0x0040, 0x17b8: 0x0040, 0x17b9: 0x0040, 0x17ba: 0x0040, 0x17bb: 0x0040,
+ 0x17bc: 0x0040, 0x17bd: 0x0040, 0x17be: 0x0040, 0x17bf: 0x0040,
+ // Block 0x5f, offset 0x17c0
+ 0x17c0: 0x3308, 0x17c1: 0x3308, 0x17c2: 0x3008, 0x17c3: 0x3008, 0x17c4: 0x0040, 0x17c5: 0x0008,
+ 0x17c6: 0x0008, 0x17c7: 0x0008, 0x17c8: 0x0008, 0x17c9: 0x0008, 0x17ca: 0x0008, 0x17cb: 0x0008,
+ 0x17cc: 0x0008, 0x17cd: 0x0040, 0x17ce: 0x0040, 0x17cf: 0x0008, 0x17d0: 0x0008, 0x17d1: 0x0040,
+ 0x17d2: 0x0040, 0x17d3: 0x0008, 0x17d4: 0x0008, 0x17d5: 0x0008, 0x17d6: 0x0008, 0x17d7: 0x0008,
+ 0x17d8: 0x0008, 0x17d9: 0x0008, 0x17da: 0x0008, 0x17db: 0x0008, 0x17dc: 0x0008, 0x17dd: 0x0008,
+ 0x17de: 0x0008, 0x17df: 0x0008, 0x17e0: 0x0008, 0x17e1: 0x0008, 0x17e2: 0x0008, 0x17e3: 0x0008,
+ 0x17e4: 0x0008, 0x17e5: 0x0008, 0x17e6: 0x0008, 0x17e7: 0x0008, 0x17e8: 0x0008, 0x17e9: 0x0040,
+ 0x17ea: 0x0008, 0x17eb: 0x0008, 0x17ec: 0x0008, 0x17ed: 0x0008, 0x17ee: 0x0008, 0x17ef: 0x0008,
+ 0x17f0: 0x0008, 0x17f1: 0x0040, 0x17f2: 0x0008, 0x17f3: 0x0008, 0x17f4: 0x0040, 0x17f5: 0x0008,
+ 0x17f6: 0x0008, 0x17f7: 0x0008, 0x17f8: 0x0008, 0x17f9: 0x0008, 0x17fa: 0x0040, 0x17fb: 0x3308,
+ 0x17fc: 0x3308, 0x17fd: 0x0008, 0x17fe: 0x3008, 0x17ff: 0x3008,
+ // Block 0x60, offset 0x1800
+ 0x1800: 0x3308, 0x1801: 0x3008, 0x1802: 0x3008, 0x1803: 0x3008, 0x1804: 0x3008, 0x1805: 0x0040,
+ 0x1806: 0x0040, 0x1807: 0x3008, 0x1808: 0x3008, 0x1809: 0x0040, 0x180a: 0x0040, 0x180b: 0x3008,
+ 0x180c: 0x3008, 0x180d: 0x3808, 0x180e: 0x0040, 0x180f: 0x0040, 0x1810: 0x0008, 0x1811: 0x0040,
+ 0x1812: 0x0040, 0x1813: 0x0040, 0x1814: 0x0040, 0x1815: 0x0040, 0x1816: 0x0040, 0x1817: 0x3008,
+ 0x1818: 0x0040, 0x1819: 0x0040, 0x181a: 0x0040, 0x181b: 0x0040, 0x181c: 0x0040, 0x181d: 0x0008,
+ 0x181e: 0x0008, 0x181f: 0x0008, 0x1820: 0x0008, 0x1821: 0x0008, 0x1822: 0x3008, 0x1823: 0x3008,
+ 0x1824: 0x0040, 0x1825: 0x0040, 0x1826: 0x3308, 0x1827: 0x3308, 0x1828: 0x3308, 0x1829: 0x3308,
+ 0x182a: 0x3308, 0x182b: 0x3308, 0x182c: 0x3308, 0x182d: 0x0040, 0x182e: 0x0040, 0x182f: 0x0040,
+ 0x1830: 0x3308, 0x1831: 0x3308, 0x1832: 0x3308, 0x1833: 0x3308, 0x1834: 0x3308, 0x1835: 0x0040,
+ 0x1836: 0x0040, 0x1837: 0x0040, 0x1838: 0x0040, 0x1839: 0x0040, 0x183a: 0x0040, 0x183b: 0x0040,
+ 0x183c: 0x0040, 0x183d: 0x0040, 0x183e: 0x0040, 0x183f: 0x0040,
+ // Block 0x61, offset 0x1840
+ 0x1840: 0x0008, 0x1841: 0x0008, 0x1842: 0x0008, 0x1843: 0x0008, 0x1844: 0x0008, 0x1845: 0x0008,
+ 0x1846: 0x0008, 0x1847: 0x0040, 0x1848: 0x0040, 0x1849: 0x0008, 0x184a: 0x0040, 0x184b: 0x0040,
+ 0x184c: 0x0008, 0x184d: 0x0008, 0x184e: 0x0008, 0x184f: 0x0008, 0x1850: 0x0008, 0x1851: 0x0008,
+ 0x1852: 0x0008, 0x1853: 0x0008, 0x1854: 0x0040, 0x1855: 0x0008, 0x1856: 0x0008, 0x1857: 0x0040,
+ 0x1858: 0x0008, 0x1859: 0x0008, 0x185a: 0x0008, 0x185b: 0x0008, 0x185c: 0x0008, 0x185d: 0x0008,
+ 0x185e: 0x0008, 0x185f: 0x0008, 0x1860: 0x0008, 0x1861: 0x0008, 0x1862: 0x0008, 0x1863: 0x0008,
+ 0x1864: 0x0008, 0x1865: 0x0008, 0x1866: 0x0008, 0x1867: 0x0008, 0x1868: 0x0008, 0x1869: 0x0008,
+ 0x186a: 0x0008, 0x186b: 0x0008, 0x186c: 0x0008, 0x186d: 0x0008, 0x186e: 0x0008, 0x186f: 0x0008,
+ 0x1870: 0x3008, 0x1871: 0x3008, 0x1872: 0x3008, 0x1873: 0x3008, 0x1874: 0x3008, 0x1875: 0x3008,
+ 0x1876: 0x0040, 0x1877: 0x3008, 0x1878: 0x3008, 0x1879: 0x0040, 0x187a: 0x0040, 0x187b: 0x3308,
+ 0x187c: 0x3308, 0x187d: 0x3808, 0x187e: 0x3b08, 0x187f: 0x0008,
+ // Block 0x62, offset 0x1880
+ 0x1880: 0x0039, 0x1881: 0x0ee9, 0x1882: 0x1159, 0x1883: 0x0ef9, 0x1884: 0x0f09, 0x1885: 0x1199,
+ 0x1886: 0x0f31, 0x1887: 0x0249, 0x1888: 0x0f41, 0x1889: 0x0259, 0x188a: 0x0f51, 0x188b: 0x0359,
+ 0x188c: 0x0f61, 0x188d: 0x0f71, 0x188e: 0x00d9, 0x188f: 0x0f99, 0x1890: 0x2039, 0x1891: 0x0269,
+ 0x1892: 0x01d9, 0x1893: 0x0fa9, 0x1894: 0x0fb9, 0x1895: 0x1089, 0x1896: 0x0279, 0x1897: 0x0369,
+ 0x1898: 0x0289, 0x1899: 0x13d1, 0x189a: 0x0039, 0x189b: 0x0ee9, 0x189c: 0x1159, 0x189d: 0x0ef9,
+ 0x189e: 0x0f09, 0x189f: 0x1199, 0x18a0: 0x0f31, 0x18a1: 0x0249, 0x18a2: 0x0f41, 0x18a3: 0x0259,
+ 0x18a4: 0x0f51, 0x18a5: 0x0359, 0x18a6: 0x0f61, 0x18a7: 0x0f71, 0x18a8: 0x00d9, 0x18a9: 0x0f99,
+ 0x18aa: 0x2039, 0x18ab: 0x0269, 0x18ac: 0x01d9, 0x18ad: 0x0fa9, 0x18ae: 0x0fb9, 0x18af: 0x1089,
+ 0x18b0: 0x0279, 0x18b1: 0x0369, 0x18b2: 0x0289, 0x18b3: 0x13d1, 0x18b4: 0x0039, 0x18b5: 0x0ee9,
+ 0x18b6: 0x1159, 0x18b7: 0x0ef9, 0x18b8: 0x0f09, 0x18b9: 0x1199, 0x18ba: 0x0f31, 0x18bb: 0x0249,
+ 0x18bc: 0x0f41, 0x18bd: 0x0259, 0x18be: 0x0f51, 0x18bf: 0x0359,
+ // Block 0x63, offset 0x18c0
+ 0x18c0: 0x0f61, 0x18c1: 0x0f71, 0x18c2: 0x00d9, 0x18c3: 0x0f99, 0x18c4: 0x2039, 0x18c5: 0x0269,
+ 0x18c6: 0x01d9, 0x18c7: 0x0fa9, 0x18c8: 0x0fb9, 0x18c9: 0x1089, 0x18ca: 0x0279, 0x18cb: 0x0369,
+ 0x18cc: 0x0289, 0x18cd: 0x13d1, 0x18ce: 0x0039, 0x18cf: 0x0ee9, 0x18d0: 0x1159, 0x18d1: 0x0ef9,
+ 0x18d2: 0x0f09, 0x18d3: 0x1199, 0x18d4: 0x0f31, 0x18d5: 0x0040, 0x18d6: 0x0f41, 0x18d7: 0x0259,
+ 0x18d8: 0x0f51, 0x18d9: 0x0359, 0x18da: 0x0f61, 0x18db: 0x0f71, 0x18dc: 0x00d9, 0x18dd: 0x0f99,
+ 0x18de: 0x2039, 0x18df: 0x0269, 0x18e0: 0x01d9, 0x18e1: 0x0fa9, 0x18e2: 0x0fb9, 0x18e3: 0x1089,
+ 0x18e4: 0x0279, 0x18e5: 0x0369, 0x18e6: 0x0289, 0x18e7: 0x13d1, 0x18e8: 0x0039, 0x18e9: 0x0ee9,
+ 0x18ea: 0x1159, 0x18eb: 0x0ef9, 0x18ec: 0x0f09, 0x18ed: 0x1199, 0x18ee: 0x0f31, 0x18ef: 0x0249,
+ 0x18f0: 0x0f41, 0x18f1: 0x0259, 0x18f2: 0x0f51, 0x18f3: 0x0359, 0x18f4: 0x0f61, 0x18f5: 0x0f71,
+ 0x18f6: 0x00d9, 0x18f7: 0x0f99, 0x18f8: 0x2039, 0x18f9: 0x0269, 0x18fa: 0x01d9, 0x18fb: 0x0fa9,
+ 0x18fc: 0x0fb9, 0x18fd: 0x1089, 0x18fe: 0x0279, 0x18ff: 0x0369,
+ // Block 0x64, offset 0x1900
+ 0x1900: 0x0289, 0x1901: 0x13d1, 0x1902: 0x0039, 0x1903: 0x0ee9, 0x1904: 0x1159, 0x1905: 0x0ef9,
+ 0x1906: 0x0f09, 0x1907: 0x1199, 0x1908: 0x0f31, 0x1909: 0x0249, 0x190a: 0x0f41, 0x190b: 0x0259,
+ 0x190c: 0x0f51, 0x190d: 0x0359, 0x190e: 0x0f61, 0x190f: 0x0f71, 0x1910: 0x00d9, 0x1911: 0x0f99,
+ 0x1912: 0x2039, 0x1913: 0x0269, 0x1914: 0x01d9, 0x1915: 0x0fa9, 0x1916: 0x0fb9, 0x1917: 0x1089,
+ 0x1918: 0x0279, 0x1919: 0x0369, 0x191a: 0x0289, 0x191b: 0x13d1, 0x191c: 0x0039, 0x191d: 0x0040,
+ 0x191e: 0x1159, 0x191f: 0x0ef9, 0x1920: 0x0040, 0x1921: 0x0040, 0x1922: 0x0f31, 0x1923: 0x0040,
+ 0x1924: 0x0040, 0x1925: 0x0259, 0x1926: 0x0f51, 0x1927: 0x0040, 0x1928: 0x0040, 0x1929: 0x0f71,
+ 0x192a: 0x00d9, 0x192b: 0x0f99, 0x192c: 0x2039, 0x192d: 0x0040, 0x192e: 0x01d9, 0x192f: 0x0fa9,
+ 0x1930: 0x0fb9, 0x1931: 0x1089, 0x1932: 0x0279, 0x1933: 0x0369, 0x1934: 0x0289, 0x1935: 0x13d1,
+ 0x1936: 0x0039, 0x1937: 0x0ee9, 0x1938: 0x1159, 0x1939: 0x0ef9, 0x193a: 0x0040, 0x193b: 0x1199,
+ 0x193c: 0x0040, 0x193d: 0x0249, 0x193e: 0x0f41, 0x193f: 0x0259,
+ // Block 0x65, offset 0x1940
+ 0x1940: 0x0f51, 0x1941: 0x0359, 0x1942: 0x0f61, 0x1943: 0x0f71, 0x1944: 0x0040, 0x1945: 0x0f99,
+ 0x1946: 0x2039, 0x1947: 0x0269, 0x1948: 0x01d9, 0x1949: 0x0fa9, 0x194a: 0x0fb9, 0x194b: 0x1089,
+ 0x194c: 0x0279, 0x194d: 0x0369, 0x194e: 0x0289, 0x194f: 0x13d1, 0x1950: 0x0039, 0x1951: 0x0ee9,
+ 0x1952: 0x1159, 0x1953: 0x0ef9, 0x1954: 0x0f09, 0x1955: 0x1199, 0x1956: 0x0f31, 0x1957: 0x0249,
+ 0x1958: 0x0f41, 0x1959: 0x0259, 0x195a: 0x0f51, 0x195b: 0x0359, 0x195c: 0x0f61, 0x195d: 0x0f71,
+ 0x195e: 0x00d9, 0x195f: 0x0f99, 0x1960: 0x2039, 0x1961: 0x0269, 0x1962: 0x01d9, 0x1963: 0x0fa9,
+ 0x1964: 0x0fb9, 0x1965: 0x1089, 0x1966: 0x0279, 0x1967: 0x0369, 0x1968: 0x0289, 0x1969: 0x13d1,
+ 0x196a: 0x0039, 0x196b: 0x0ee9, 0x196c: 0x1159, 0x196d: 0x0ef9, 0x196e: 0x0f09, 0x196f: 0x1199,
+ 0x1970: 0x0f31, 0x1971: 0x0249, 0x1972: 0x0f41, 0x1973: 0x0259, 0x1974: 0x0f51, 0x1975: 0x0359,
+ 0x1976: 0x0f61, 0x1977: 0x0f71, 0x1978: 0x00d9, 0x1979: 0x0f99, 0x197a: 0x2039, 0x197b: 0x0269,
+ 0x197c: 0x01d9, 0x197d: 0x0fa9, 0x197e: 0x0fb9, 0x197f: 0x1089,
+ // Block 0x66, offset 0x1980
+ 0x1980: 0x0279, 0x1981: 0x0369, 0x1982: 0x0289, 0x1983: 0x13d1, 0x1984: 0x0039, 0x1985: 0x0ee9,
+ 0x1986: 0x0040, 0x1987: 0x0ef9, 0x1988: 0x0f09, 0x1989: 0x1199, 0x198a: 0x0f31, 0x198b: 0x0040,
+ 0x198c: 0x0040, 0x198d: 0x0259, 0x198e: 0x0f51, 0x198f: 0x0359, 0x1990: 0x0f61, 0x1991: 0x0f71,
+ 0x1992: 0x00d9, 0x1993: 0x0f99, 0x1994: 0x2039, 0x1995: 0x0040, 0x1996: 0x01d9, 0x1997: 0x0fa9,
+ 0x1998: 0x0fb9, 0x1999: 0x1089, 0x199a: 0x0279, 0x199b: 0x0369, 0x199c: 0x0289, 0x199d: 0x0040,
+ 0x199e: 0x0039, 0x199f: 0x0ee9, 0x19a0: 0x1159, 0x19a1: 0x0ef9, 0x19a2: 0x0f09, 0x19a3: 0x1199,
+ 0x19a4: 0x0f31, 0x19a5: 0x0249, 0x19a6: 0x0f41, 0x19a7: 0x0259, 0x19a8: 0x0f51, 0x19a9: 0x0359,
+ 0x19aa: 0x0f61, 0x19ab: 0x0f71, 0x19ac: 0x00d9, 0x19ad: 0x0f99, 0x19ae: 0x2039, 0x19af: 0x0269,
+ 0x19b0: 0x01d9, 0x19b1: 0x0fa9, 0x19b2: 0x0fb9, 0x19b3: 0x1089, 0x19b4: 0x0279, 0x19b5: 0x0369,
+ 0x19b6: 0x0289, 0x19b7: 0x13d1, 0x19b8: 0x0039, 0x19b9: 0x0ee9, 0x19ba: 0x0040, 0x19bb: 0x0ef9,
+ 0x19bc: 0x0f09, 0x19bd: 0x1199, 0x19be: 0x0f31, 0x19bf: 0x0040,
+ // Block 0x67, offset 0x19c0
+ 0x19c0: 0x0f41, 0x19c1: 0x0259, 0x19c2: 0x0f51, 0x19c3: 0x0359, 0x19c4: 0x0f61, 0x19c5: 0x0040,
+ 0x19c6: 0x00d9, 0x19c7: 0x0040, 0x19c8: 0x0040, 0x19c9: 0x0040, 0x19ca: 0x01d9, 0x19cb: 0x0fa9,
+ 0x19cc: 0x0fb9, 0x19cd: 0x1089, 0x19ce: 0x0279, 0x19cf: 0x0369, 0x19d0: 0x0289, 0x19d1: 0x0040,
+ 0x19d2: 0x0039, 0x19d3: 0x0ee9, 0x19d4: 0x1159, 0x19d5: 0x0ef9, 0x19d6: 0x0f09, 0x19d7: 0x1199,
+ 0x19d8: 0x0f31, 0x19d9: 0x0249, 0x19da: 0x0f41, 0x19db: 0x0259, 0x19dc: 0x0f51, 0x19dd: 0x0359,
+ 0x19de: 0x0f61, 0x19df: 0x0f71, 0x19e0: 0x00d9, 0x19e1: 0x0f99, 0x19e2: 0x2039, 0x19e3: 0x0269,
+ 0x19e4: 0x01d9, 0x19e5: 0x0fa9, 0x19e6: 0x0fb9, 0x19e7: 0x1089, 0x19e8: 0x0279, 0x19e9: 0x0369,
+ 0x19ea: 0x0289, 0x19eb: 0x13d1, 0x19ec: 0x0039, 0x19ed: 0x0ee9, 0x19ee: 0x1159, 0x19ef: 0x0ef9,
+ 0x19f0: 0x0f09, 0x19f1: 0x1199, 0x19f2: 0x0f31, 0x19f3: 0x0249, 0x19f4: 0x0f41, 0x19f5: 0x0259,
+ 0x19f6: 0x0f51, 0x19f7: 0x0359, 0x19f8: 0x0f61, 0x19f9: 0x0f71, 0x19fa: 0x00d9, 0x19fb: 0x0f99,
+ 0x19fc: 0x2039, 0x19fd: 0x0269, 0x19fe: 0x01d9, 0x19ff: 0x0fa9,
+ // Block 0x68, offset 0x1a00
+ 0x1a00: 0x0fb9, 0x1a01: 0x1089, 0x1a02: 0x0279, 0x1a03: 0x0369, 0x1a04: 0x0289, 0x1a05: 0x13d1,
+ 0x1a06: 0x0039, 0x1a07: 0x0ee9, 0x1a08: 0x1159, 0x1a09: 0x0ef9, 0x1a0a: 0x0f09, 0x1a0b: 0x1199,
+ 0x1a0c: 0x0f31, 0x1a0d: 0x0249, 0x1a0e: 0x0f41, 0x1a0f: 0x0259, 0x1a10: 0x0f51, 0x1a11: 0x0359,
+ 0x1a12: 0x0f61, 0x1a13: 0x0f71, 0x1a14: 0x00d9, 0x1a15: 0x0f99, 0x1a16: 0x2039, 0x1a17: 0x0269,
+ 0x1a18: 0x01d9, 0x1a19: 0x0fa9, 0x1a1a: 0x0fb9, 0x1a1b: 0x1089, 0x1a1c: 0x0279, 0x1a1d: 0x0369,
+ 0x1a1e: 0x0289, 0x1a1f: 0x13d1, 0x1a20: 0x0039, 0x1a21: 0x0ee9, 0x1a22: 0x1159, 0x1a23: 0x0ef9,
+ 0x1a24: 0x0f09, 0x1a25: 0x1199, 0x1a26: 0x0f31, 0x1a27: 0x0249, 0x1a28: 0x0f41, 0x1a29: 0x0259,
+ 0x1a2a: 0x0f51, 0x1a2b: 0x0359, 0x1a2c: 0x0f61, 0x1a2d: 0x0f71, 0x1a2e: 0x00d9, 0x1a2f: 0x0f99,
+ 0x1a30: 0x2039, 0x1a31: 0x0269, 0x1a32: 0x01d9, 0x1a33: 0x0fa9, 0x1a34: 0x0fb9, 0x1a35: 0x1089,
+ 0x1a36: 0x0279, 0x1a37: 0x0369, 0x1a38: 0x0289, 0x1a39: 0x13d1, 0x1a3a: 0x0039, 0x1a3b: 0x0ee9,
+ 0x1a3c: 0x1159, 0x1a3d: 0x0ef9, 0x1a3e: 0x0f09, 0x1a3f: 0x1199,
+ // Block 0x69, offset 0x1a40
+ 0x1a40: 0x0f31, 0x1a41: 0x0249, 0x1a42: 0x0f41, 0x1a43: 0x0259, 0x1a44: 0x0f51, 0x1a45: 0x0359,
+ 0x1a46: 0x0f61, 0x1a47: 0x0f71, 0x1a48: 0x00d9, 0x1a49: 0x0f99, 0x1a4a: 0x2039, 0x1a4b: 0x0269,
+ 0x1a4c: 0x01d9, 0x1a4d: 0x0fa9, 0x1a4e: 0x0fb9, 0x1a4f: 0x1089, 0x1a50: 0x0279, 0x1a51: 0x0369,
+ 0x1a52: 0x0289, 0x1a53: 0x13d1, 0x1a54: 0x0039, 0x1a55: 0x0ee9, 0x1a56: 0x1159, 0x1a57: 0x0ef9,
+ 0x1a58: 0x0f09, 0x1a59: 0x1199, 0x1a5a: 0x0f31, 0x1a5b: 0x0249, 0x1a5c: 0x0f41, 0x1a5d: 0x0259,
+ 0x1a5e: 0x0f51, 0x1a5f: 0x0359, 0x1a60: 0x0f61, 0x1a61: 0x0f71, 0x1a62: 0x00d9, 0x1a63: 0x0f99,
+ 0x1a64: 0x2039, 0x1a65: 0x0269, 0x1a66: 0x01d9, 0x1a67: 0x0fa9, 0x1a68: 0x0fb9, 0x1a69: 0x1089,
+ 0x1a6a: 0x0279, 0x1a6b: 0x0369, 0x1a6c: 0x0289, 0x1a6d: 0x13d1, 0x1a6e: 0x0039, 0x1a6f: 0x0ee9,
+ 0x1a70: 0x1159, 0x1a71: 0x0ef9, 0x1a72: 0x0f09, 0x1a73: 0x1199, 0x1a74: 0x0f31, 0x1a75: 0x0249,
+ 0x1a76: 0x0f41, 0x1a77: 0x0259, 0x1a78: 0x0f51, 0x1a79: 0x0359, 0x1a7a: 0x0f61, 0x1a7b: 0x0f71,
+ 0x1a7c: 0x00d9, 0x1a7d: 0x0f99, 0x1a7e: 0x2039, 0x1a7f: 0x0269,
+ // Block 0x6a, offset 0x1a80
+ 0x1a80: 0x01d9, 0x1a81: 0x0fa9, 0x1a82: 0x0fb9, 0x1a83: 0x1089, 0x1a84: 0x0279, 0x1a85: 0x0369,
+ 0x1a86: 0x0289, 0x1a87: 0x13d1, 0x1a88: 0x0039, 0x1a89: 0x0ee9, 0x1a8a: 0x1159, 0x1a8b: 0x0ef9,
+ 0x1a8c: 0x0f09, 0x1a8d: 0x1199, 0x1a8e: 0x0f31, 0x1a8f: 0x0249, 0x1a90: 0x0f41, 0x1a91: 0x0259,
+ 0x1a92: 0x0f51, 0x1a93: 0x0359, 0x1a94: 0x0f61, 0x1a95: 0x0f71, 0x1a96: 0x00d9, 0x1a97: 0x0f99,
+ 0x1a98: 0x2039, 0x1a99: 0x0269, 0x1a9a: 0x01d9, 0x1a9b: 0x0fa9, 0x1a9c: 0x0fb9, 0x1a9d: 0x1089,
+ 0x1a9e: 0x0279, 0x1a9f: 0x0369, 0x1aa0: 0x0289, 0x1aa1: 0x13d1, 0x1aa2: 0x0039, 0x1aa3: 0x0ee9,
+ 0x1aa4: 0x1159, 0x1aa5: 0x0ef9, 0x1aa6: 0x0f09, 0x1aa7: 0x1199, 0x1aa8: 0x0f31, 0x1aa9: 0x0249,
+ 0x1aaa: 0x0f41, 0x1aab: 0x0259, 0x1aac: 0x0f51, 0x1aad: 0x0359, 0x1aae: 0x0f61, 0x1aaf: 0x0f71,
+ 0x1ab0: 0x00d9, 0x1ab1: 0x0f99, 0x1ab2: 0x2039, 0x1ab3: 0x0269, 0x1ab4: 0x01d9, 0x1ab5: 0x0fa9,
+ 0x1ab6: 0x0fb9, 0x1ab7: 0x1089, 0x1ab8: 0x0279, 0x1ab9: 0x0369, 0x1aba: 0x0289, 0x1abb: 0x13d1,
+ 0x1abc: 0x0039, 0x1abd: 0x0ee9, 0x1abe: 0x1159, 0x1abf: 0x0ef9,
+ // Block 0x6b, offset 0x1ac0
+ 0x1ac0: 0x0f09, 0x1ac1: 0x1199, 0x1ac2: 0x0f31, 0x1ac3: 0x0249, 0x1ac4: 0x0f41, 0x1ac5: 0x0259,
+ 0x1ac6: 0x0f51, 0x1ac7: 0x0359, 0x1ac8: 0x0f61, 0x1ac9: 0x0f71, 0x1aca: 0x00d9, 0x1acb: 0x0f99,
+ 0x1acc: 0x2039, 0x1acd: 0x0269, 0x1ace: 0x01d9, 0x1acf: 0x0fa9, 0x1ad0: 0x0fb9, 0x1ad1: 0x1089,
+ 0x1ad2: 0x0279, 0x1ad3: 0x0369, 0x1ad4: 0x0289, 0x1ad5: 0x13d1, 0x1ad6: 0x0039, 0x1ad7: 0x0ee9,
+ 0x1ad8: 0x1159, 0x1ad9: 0x0ef9, 0x1ada: 0x0f09, 0x1adb: 0x1199, 0x1adc: 0x0f31, 0x1add: 0x0249,
+ 0x1ade: 0x0f41, 0x1adf: 0x0259, 0x1ae0: 0x0f51, 0x1ae1: 0x0359, 0x1ae2: 0x0f61, 0x1ae3: 0x0f71,
+ 0x1ae4: 0x00d9, 0x1ae5: 0x0f99, 0x1ae6: 0x2039, 0x1ae7: 0x0269, 0x1ae8: 0x01d9, 0x1ae9: 0x0fa9,
+ 0x1aea: 0x0fb9, 0x1aeb: 0x1089, 0x1aec: 0x0279, 0x1aed: 0x0369, 0x1aee: 0x0289, 0x1aef: 0x13d1,
+ 0x1af0: 0x0039, 0x1af1: 0x0ee9, 0x1af2: 0x1159, 0x1af3: 0x0ef9, 0x1af4: 0x0f09, 0x1af5: 0x1199,
+ 0x1af6: 0x0f31, 0x1af7: 0x0249, 0x1af8: 0x0f41, 0x1af9: 0x0259, 0x1afa: 0x0f51, 0x1afb: 0x0359,
+ 0x1afc: 0x0f61, 0x1afd: 0x0f71, 0x1afe: 0x00d9, 0x1aff: 0x0f99,
+ // Block 0x6c, offset 0x1b00
+ 0x1b00: 0x2039, 0x1b01: 0x0269, 0x1b02: 0x01d9, 0x1b03: 0x0fa9, 0x1b04: 0x0fb9, 0x1b05: 0x1089,
+ 0x1b06: 0x0279, 0x1b07: 0x0369, 0x1b08: 0x0289, 0x1b09: 0x13d1, 0x1b0a: 0x0039, 0x1b0b: 0x0ee9,
+ 0x1b0c: 0x1159, 0x1b0d: 0x0ef9, 0x1b0e: 0x0f09, 0x1b0f: 0x1199, 0x1b10: 0x0f31, 0x1b11: 0x0249,
+ 0x1b12: 0x0f41, 0x1b13: 0x0259, 0x1b14: 0x0f51, 0x1b15: 0x0359, 0x1b16: 0x0f61, 0x1b17: 0x0f71,
+ 0x1b18: 0x00d9, 0x1b19: 0x0f99, 0x1b1a: 0x2039, 0x1b1b: 0x0269, 0x1b1c: 0x01d9, 0x1b1d: 0x0fa9,
+ 0x1b1e: 0x0fb9, 0x1b1f: 0x1089, 0x1b20: 0x0279, 0x1b21: 0x0369, 0x1b22: 0x0289, 0x1b23: 0x13d1,
+ 0x1b24: 0xbad1, 0x1b25: 0xbae9, 0x1b26: 0x0040, 0x1b27: 0x0040, 0x1b28: 0xbb01, 0x1b29: 0x1099,
+ 0x1b2a: 0x10b1, 0x1b2b: 0x10c9, 0x1b2c: 0xbb19, 0x1b2d: 0xbb31, 0x1b2e: 0xbb49, 0x1b2f: 0x1429,
+ 0x1b30: 0x1a31, 0x1b31: 0xbb61, 0x1b32: 0xbb79, 0x1b33: 0xbb91, 0x1b34: 0xbba9, 0x1b35: 0xbbc1,
+ 0x1b36: 0xbbd9, 0x1b37: 0x2109, 0x1b38: 0x1111, 0x1b39: 0x1429, 0x1b3a: 0xbbf1, 0x1b3b: 0xbc09,
+ 0x1b3c: 0xbc21, 0x1b3d: 0x10e1, 0x1b3e: 0x10f9, 0x1b3f: 0xbc39,
+ // Block 0x6d, offset 0x1b40
+ 0x1b40: 0x2079, 0x1b41: 0xbc51, 0x1b42: 0xbb01, 0x1b43: 0x1099, 0x1b44: 0x10b1, 0x1b45: 0x10c9,
+ 0x1b46: 0xbb19, 0x1b47: 0xbb31, 0x1b48: 0xbb49, 0x1b49: 0x1429, 0x1b4a: 0x1a31, 0x1b4b: 0xbb61,
+ 0x1b4c: 0xbb79, 0x1b4d: 0xbb91, 0x1b4e: 0xbba9, 0x1b4f: 0xbbc1, 0x1b50: 0xbbd9, 0x1b51: 0x2109,
+ 0x1b52: 0x1111, 0x1b53: 0xbbf1, 0x1b54: 0xbbf1, 0x1b55: 0xbc09, 0x1b56: 0xbc21, 0x1b57: 0x10e1,
+ 0x1b58: 0x10f9, 0x1b59: 0xbc39, 0x1b5a: 0x2079, 0x1b5b: 0xbc71, 0x1b5c: 0xbb19, 0x1b5d: 0x1429,
+ 0x1b5e: 0xbb61, 0x1b5f: 0x10e1, 0x1b60: 0x1111, 0x1b61: 0x2109, 0x1b62: 0xbb01, 0x1b63: 0x1099,
+ 0x1b64: 0x10b1, 0x1b65: 0x10c9, 0x1b66: 0xbb19, 0x1b67: 0xbb31, 0x1b68: 0xbb49, 0x1b69: 0x1429,
+ 0x1b6a: 0x1a31, 0x1b6b: 0xbb61, 0x1b6c: 0xbb79, 0x1b6d: 0xbb91, 0x1b6e: 0xbba9, 0x1b6f: 0xbbc1,
+ 0x1b70: 0xbbd9, 0x1b71: 0x2109, 0x1b72: 0x1111, 0x1b73: 0x1429, 0x1b74: 0xbbf1, 0x1b75: 0xbc09,
+ 0x1b76: 0xbc21, 0x1b77: 0x10e1, 0x1b78: 0x10f9, 0x1b79: 0xbc39, 0x1b7a: 0x2079, 0x1b7b: 0xbc51,
+ 0x1b7c: 0xbb01, 0x1b7d: 0x1099, 0x1b7e: 0x10b1, 0x1b7f: 0x10c9,
+ // Block 0x6e, offset 0x1b80
+ 0x1b80: 0xbb19, 0x1b81: 0xbb31, 0x1b82: 0xbb49, 0x1b83: 0x1429, 0x1b84: 0x1a31, 0x1b85: 0xbb61,
+ 0x1b86: 0xbb79, 0x1b87: 0xbb91, 0x1b88: 0xbba9, 0x1b89: 0xbbc1, 0x1b8a: 0xbbd9, 0x1b8b: 0x2109,
+ 0x1b8c: 0x1111, 0x1b8d: 0xbbf1, 0x1b8e: 0xbbf1, 0x1b8f: 0xbc09, 0x1b90: 0xbc21, 0x1b91: 0x10e1,
+ 0x1b92: 0x10f9, 0x1b93: 0xbc39, 0x1b94: 0x2079, 0x1b95: 0xbc71, 0x1b96: 0xbb19, 0x1b97: 0x1429,
+ 0x1b98: 0xbb61, 0x1b99: 0x10e1, 0x1b9a: 0x1111, 0x1b9b: 0x2109, 0x1b9c: 0xbb01, 0x1b9d: 0x1099,
+ 0x1b9e: 0x10b1, 0x1b9f: 0x10c9, 0x1ba0: 0xbb19, 0x1ba1: 0xbb31, 0x1ba2: 0xbb49, 0x1ba3: 0x1429,
+ 0x1ba4: 0x1a31, 0x1ba5: 0xbb61, 0x1ba6: 0xbb79, 0x1ba7: 0xbb91, 0x1ba8: 0xbba9, 0x1ba9: 0xbbc1,
+ 0x1baa: 0xbbd9, 0x1bab: 0x2109, 0x1bac: 0x1111, 0x1bad: 0x1429, 0x1bae: 0xbbf1, 0x1baf: 0xbc09,
+ 0x1bb0: 0xbc21, 0x1bb1: 0x10e1, 0x1bb2: 0x10f9, 0x1bb3: 0xbc39, 0x1bb4: 0x2079, 0x1bb5: 0xbc51,
+ 0x1bb6: 0xbb01, 0x1bb7: 0x1099, 0x1bb8: 0x10b1, 0x1bb9: 0x10c9, 0x1bba: 0xbb19, 0x1bbb: 0xbb31,
+ 0x1bbc: 0xbb49, 0x1bbd: 0x1429, 0x1bbe: 0x1a31, 0x1bbf: 0xbb61,
+ // Block 0x6f, offset 0x1bc0
+ 0x1bc0: 0xbb79, 0x1bc1: 0xbb91, 0x1bc2: 0xbba9, 0x1bc3: 0xbbc1, 0x1bc4: 0xbbd9, 0x1bc5: 0x2109,
+ 0x1bc6: 0x1111, 0x1bc7: 0xbbf1, 0x1bc8: 0xbbf1, 0x1bc9: 0xbc09, 0x1bca: 0xbc21, 0x1bcb: 0x10e1,
+ 0x1bcc: 0x10f9, 0x1bcd: 0xbc39, 0x1bce: 0x2079, 0x1bcf: 0xbc71, 0x1bd0: 0xbb19, 0x1bd1: 0x1429,
+ 0x1bd2: 0xbb61, 0x1bd3: 0x10e1, 0x1bd4: 0x1111, 0x1bd5: 0x2109, 0x1bd6: 0xbb01, 0x1bd7: 0x1099,
+ 0x1bd8: 0x10b1, 0x1bd9: 0x10c9, 0x1bda: 0xbb19, 0x1bdb: 0xbb31, 0x1bdc: 0xbb49, 0x1bdd: 0x1429,
+ 0x1bde: 0x1a31, 0x1bdf: 0xbb61, 0x1be0: 0xbb79, 0x1be1: 0xbb91, 0x1be2: 0xbba9, 0x1be3: 0xbbc1,
+ 0x1be4: 0xbbd9, 0x1be5: 0x2109, 0x1be6: 0x1111, 0x1be7: 0x1429, 0x1be8: 0xbbf1, 0x1be9: 0xbc09,
+ 0x1bea: 0xbc21, 0x1beb: 0x10e1, 0x1bec: 0x10f9, 0x1bed: 0xbc39, 0x1bee: 0x2079, 0x1bef: 0xbc51,
+ 0x1bf0: 0xbb01, 0x1bf1: 0x1099, 0x1bf2: 0x10b1, 0x1bf3: 0x10c9, 0x1bf4: 0xbb19, 0x1bf5: 0xbb31,
+ 0x1bf6: 0xbb49, 0x1bf7: 0x1429, 0x1bf8: 0x1a31, 0x1bf9: 0xbb61, 0x1bfa: 0xbb79, 0x1bfb: 0xbb91,
+ 0x1bfc: 0xbba9, 0x1bfd: 0xbbc1, 0x1bfe: 0xbbd9, 0x1bff: 0x2109,
+ // Block 0x70, offset 0x1c00
+ 0x1c00: 0x1111, 0x1c01: 0xbbf1, 0x1c02: 0xbbf1, 0x1c03: 0xbc09, 0x1c04: 0xbc21, 0x1c05: 0x10e1,
+ 0x1c06: 0x10f9, 0x1c07: 0xbc39, 0x1c08: 0x2079, 0x1c09: 0xbc71, 0x1c0a: 0xbb19, 0x1c0b: 0x1429,
+ 0x1c0c: 0xbb61, 0x1c0d: 0x10e1, 0x1c0e: 0x1111, 0x1c0f: 0x2109, 0x1c10: 0xbb01, 0x1c11: 0x1099,
+ 0x1c12: 0x10b1, 0x1c13: 0x10c9, 0x1c14: 0xbb19, 0x1c15: 0xbb31, 0x1c16: 0xbb49, 0x1c17: 0x1429,
+ 0x1c18: 0x1a31, 0x1c19: 0xbb61, 0x1c1a: 0xbb79, 0x1c1b: 0xbb91, 0x1c1c: 0xbba9, 0x1c1d: 0xbbc1,
+ 0x1c1e: 0xbbd9, 0x1c1f: 0x2109, 0x1c20: 0x1111, 0x1c21: 0x1429, 0x1c22: 0xbbf1, 0x1c23: 0xbc09,
+ 0x1c24: 0xbc21, 0x1c25: 0x10e1, 0x1c26: 0x10f9, 0x1c27: 0xbc39, 0x1c28: 0x2079, 0x1c29: 0xbc51,
+ 0x1c2a: 0xbb01, 0x1c2b: 0x1099, 0x1c2c: 0x10b1, 0x1c2d: 0x10c9, 0x1c2e: 0xbb19, 0x1c2f: 0xbb31,
+ 0x1c30: 0xbb49, 0x1c31: 0x1429, 0x1c32: 0x1a31, 0x1c33: 0xbb61, 0x1c34: 0xbb79, 0x1c35: 0xbb91,
+ 0x1c36: 0xbba9, 0x1c37: 0xbbc1, 0x1c38: 0xbbd9, 0x1c39: 0x2109, 0x1c3a: 0x1111, 0x1c3b: 0xbbf1,
+ 0x1c3c: 0xbbf1, 0x1c3d: 0xbc09, 0x1c3e: 0xbc21, 0x1c3f: 0x10e1,
+ // Block 0x71, offset 0x1c40
+ 0x1c40: 0x10f9, 0x1c41: 0xbc39, 0x1c42: 0x2079, 0x1c43: 0xbc71, 0x1c44: 0xbb19, 0x1c45: 0x1429,
+ 0x1c46: 0xbb61, 0x1c47: 0x10e1, 0x1c48: 0x1111, 0x1c49: 0x2109, 0x1c4a: 0xbc91, 0x1c4b: 0xbc91,
+ 0x1c4c: 0x0040, 0x1c4d: 0x0040, 0x1c4e: 0x1f41, 0x1c4f: 0x00c9, 0x1c50: 0x0069, 0x1c51: 0x0079,
+ 0x1c52: 0x1f51, 0x1c53: 0x1f61, 0x1c54: 0x1f71, 0x1c55: 0x1f81, 0x1c56: 0x1f91, 0x1c57: 0x1fa1,
+ 0x1c58: 0x1f41, 0x1c59: 0x00c9, 0x1c5a: 0x0069, 0x1c5b: 0x0079, 0x1c5c: 0x1f51, 0x1c5d: 0x1f61,
+ 0x1c5e: 0x1f71, 0x1c5f: 0x1f81, 0x1c60: 0x1f91, 0x1c61: 0x1fa1, 0x1c62: 0x1f41, 0x1c63: 0x00c9,
+ 0x1c64: 0x0069, 0x1c65: 0x0079, 0x1c66: 0x1f51, 0x1c67: 0x1f61, 0x1c68: 0x1f71, 0x1c69: 0x1f81,
+ 0x1c6a: 0x1f91, 0x1c6b: 0x1fa1, 0x1c6c: 0x1f41, 0x1c6d: 0x00c9, 0x1c6e: 0x0069, 0x1c6f: 0x0079,
+ 0x1c70: 0x1f51, 0x1c71: 0x1f61, 0x1c72: 0x1f71, 0x1c73: 0x1f81, 0x1c74: 0x1f91, 0x1c75: 0x1fa1,
+ 0x1c76: 0x1f41, 0x1c77: 0x00c9, 0x1c78: 0x0069, 0x1c79: 0x0079, 0x1c7a: 0x1f51, 0x1c7b: 0x1f61,
+ 0x1c7c: 0x1f71, 0x1c7d: 0x1f81, 0x1c7e: 0x1f91, 0x1c7f: 0x1fa1,
+ // Block 0x72, offset 0x1c80
+ 0x1c80: 0xe115, 0x1c81: 0xe115, 0x1c82: 0xe135, 0x1c83: 0xe135, 0x1c84: 0xe115, 0x1c85: 0xe115,
+ 0x1c86: 0xe175, 0x1c87: 0xe175, 0x1c88: 0xe115, 0x1c89: 0xe115, 0x1c8a: 0xe135, 0x1c8b: 0xe135,
+ 0x1c8c: 0xe115, 0x1c8d: 0xe115, 0x1c8e: 0xe1f5, 0x1c8f: 0xe1f5, 0x1c90: 0xe115, 0x1c91: 0xe115,
+ 0x1c92: 0xe135, 0x1c93: 0xe135, 0x1c94: 0xe115, 0x1c95: 0xe115, 0x1c96: 0xe175, 0x1c97: 0xe175,
+ 0x1c98: 0xe115, 0x1c99: 0xe115, 0x1c9a: 0xe135, 0x1c9b: 0xe135, 0x1c9c: 0xe115, 0x1c9d: 0xe115,
+ 0x1c9e: 0x8b3d, 0x1c9f: 0x8b3d, 0x1ca0: 0x04b5, 0x1ca1: 0x04b5, 0x1ca2: 0x0a08, 0x1ca3: 0x0a08,
+ 0x1ca4: 0x0a08, 0x1ca5: 0x0a08, 0x1ca6: 0x0a08, 0x1ca7: 0x0a08, 0x1ca8: 0x0a08, 0x1ca9: 0x0a08,
+ 0x1caa: 0x0a08, 0x1cab: 0x0a08, 0x1cac: 0x0a08, 0x1cad: 0x0a08, 0x1cae: 0x0a08, 0x1caf: 0x0a08,
+ 0x1cb0: 0x0a08, 0x1cb1: 0x0a08, 0x1cb2: 0x0a08, 0x1cb3: 0x0a08, 0x1cb4: 0x0a08, 0x1cb5: 0x0a08,
+ 0x1cb6: 0x0a08, 0x1cb7: 0x0a08, 0x1cb8: 0x0a08, 0x1cb9: 0x0a08, 0x1cba: 0x0a08, 0x1cbb: 0x0a08,
+ 0x1cbc: 0x0a08, 0x1cbd: 0x0a08, 0x1cbe: 0x0a08, 0x1cbf: 0x0a08,
+ // Block 0x73, offset 0x1cc0
+ 0x1cc0: 0xb1d9, 0x1cc1: 0xb1f1, 0x1cc2: 0xb251, 0x1cc3: 0xb299, 0x1cc4: 0x0040, 0x1cc5: 0xb461,
+ 0x1cc6: 0xb2e1, 0x1cc7: 0xb269, 0x1cc8: 0xb359, 0x1cc9: 0xb479, 0x1cca: 0xb3e9, 0x1ccb: 0xb401,
+ 0x1ccc: 0xb419, 0x1ccd: 0xb431, 0x1cce: 0xb2f9, 0x1ccf: 0xb389, 0x1cd0: 0xb3b9, 0x1cd1: 0xb329,
+ 0x1cd2: 0xb3d1, 0x1cd3: 0xb2c9, 0x1cd4: 0xb311, 0x1cd5: 0xb221, 0x1cd6: 0xb239, 0x1cd7: 0xb281,
+ 0x1cd8: 0xb2b1, 0x1cd9: 0xb341, 0x1cda: 0xb371, 0x1cdb: 0xb3a1, 0x1cdc: 0xbca9, 0x1cdd: 0x7999,
+ 0x1cde: 0xbcc1, 0x1cdf: 0xbcd9, 0x1ce0: 0x0040, 0x1ce1: 0xb1f1, 0x1ce2: 0xb251, 0x1ce3: 0x0040,
+ 0x1ce4: 0xb449, 0x1ce5: 0x0040, 0x1ce6: 0x0040, 0x1ce7: 0xb269, 0x1ce8: 0x0040, 0x1ce9: 0xb479,
+ 0x1cea: 0xb3e9, 0x1ceb: 0xb401, 0x1cec: 0xb419, 0x1ced: 0xb431, 0x1cee: 0xb2f9, 0x1cef: 0xb389,
+ 0x1cf0: 0xb3b9, 0x1cf1: 0xb329, 0x1cf2: 0xb3d1, 0x1cf3: 0x0040, 0x1cf4: 0xb311, 0x1cf5: 0xb221,
+ 0x1cf6: 0xb239, 0x1cf7: 0xb281, 0x1cf8: 0x0040, 0x1cf9: 0xb341, 0x1cfa: 0x0040, 0x1cfb: 0xb3a1,
+ 0x1cfc: 0x0040, 0x1cfd: 0x0040, 0x1cfe: 0x0040, 0x1cff: 0x0040,
+ // Block 0x74, offset 0x1d00
+ 0x1d00: 0x0040, 0x1d01: 0x0040, 0x1d02: 0xb251, 0x1d03: 0x0040, 0x1d04: 0x0040, 0x1d05: 0x0040,
+ 0x1d06: 0x0040, 0x1d07: 0xb269, 0x1d08: 0x0040, 0x1d09: 0xb479, 0x1d0a: 0x0040, 0x1d0b: 0xb401,
+ 0x1d0c: 0x0040, 0x1d0d: 0xb431, 0x1d0e: 0xb2f9, 0x1d0f: 0xb389, 0x1d10: 0x0040, 0x1d11: 0xb329,
+ 0x1d12: 0xb3d1, 0x1d13: 0x0040, 0x1d14: 0xb311, 0x1d15: 0x0040, 0x1d16: 0x0040, 0x1d17: 0xb281,
+ 0x1d18: 0x0040, 0x1d19: 0xb341, 0x1d1a: 0x0040, 0x1d1b: 0xb3a1, 0x1d1c: 0x0040, 0x1d1d: 0x7999,
+ 0x1d1e: 0x0040, 0x1d1f: 0xbcd9, 0x1d20: 0x0040, 0x1d21: 0xb1f1, 0x1d22: 0xb251, 0x1d23: 0x0040,
+ 0x1d24: 0xb449, 0x1d25: 0x0040, 0x1d26: 0x0040, 0x1d27: 0xb269, 0x1d28: 0xb359, 0x1d29: 0xb479,
+ 0x1d2a: 0xb3e9, 0x1d2b: 0x0040, 0x1d2c: 0xb419, 0x1d2d: 0xb431, 0x1d2e: 0xb2f9, 0x1d2f: 0xb389,
+ 0x1d30: 0xb3b9, 0x1d31: 0xb329, 0x1d32: 0xb3d1, 0x1d33: 0x0040, 0x1d34: 0xb311, 0x1d35: 0xb221,
+ 0x1d36: 0xb239, 0x1d37: 0xb281, 0x1d38: 0x0040, 0x1d39: 0xb341, 0x1d3a: 0xb371, 0x1d3b: 0xb3a1,
+ 0x1d3c: 0xbca9, 0x1d3d: 0x0040, 0x1d3e: 0xbcc1, 0x1d3f: 0x0040,
+ // Block 0x75, offset 0x1d40
+ 0x1d40: 0xb1d9, 0x1d41: 0xb1f1, 0x1d42: 0xb251, 0x1d43: 0xb299, 0x1d44: 0xb449, 0x1d45: 0xb461,
+ 0x1d46: 0xb2e1, 0x1d47: 0xb269, 0x1d48: 0xb359, 0x1d49: 0xb479, 0x1d4a: 0x0040, 0x1d4b: 0xb401,
+ 0x1d4c: 0xb419, 0x1d4d: 0xb431, 0x1d4e: 0xb2f9, 0x1d4f: 0xb389, 0x1d50: 0xb3b9, 0x1d51: 0xb329,
+ 0x1d52: 0xb3d1, 0x1d53: 0xb2c9, 0x1d54: 0xb311, 0x1d55: 0xb221, 0x1d56: 0xb239, 0x1d57: 0xb281,
+ 0x1d58: 0xb2b1, 0x1d59: 0xb341, 0x1d5a: 0xb371, 0x1d5b: 0xb3a1, 0x1d5c: 0x0040, 0x1d5d: 0x0040,
+ 0x1d5e: 0x0040, 0x1d5f: 0x0040, 0x1d60: 0x0040, 0x1d61: 0xb1f1, 0x1d62: 0xb251, 0x1d63: 0xb299,
+ 0x1d64: 0x0040, 0x1d65: 0xb461, 0x1d66: 0xb2e1, 0x1d67: 0xb269, 0x1d68: 0xb359, 0x1d69: 0xb479,
+ 0x1d6a: 0x0040, 0x1d6b: 0xb401, 0x1d6c: 0xb419, 0x1d6d: 0xb431, 0x1d6e: 0xb2f9, 0x1d6f: 0xb389,
+ 0x1d70: 0xb3b9, 0x1d71: 0xb329, 0x1d72: 0xb3d1, 0x1d73: 0xb2c9, 0x1d74: 0xb311, 0x1d75: 0xb221,
+ 0x1d76: 0xb239, 0x1d77: 0xb281, 0x1d78: 0xb2b1, 0x1d79: 0xb341, 0x1d7a: 0xb371, 0x1d7b: 0xb3a1,
+ 0x1d7c: 0x0040, 0x1d7d: 0x0040, 0x1d7e: 0x0040, 0x1d7f: 0x0040,
+ // Block 0x76, offset 0x1d80
+ 0x1d80: 0x0040, 0x1d81: 0xbcf2, 0x1d82: 0xbd0a, 0x1d83: 0xbd22, 0x1d84: 0xbd3a, 0x1d85: 0xbd52,
+ 0x1d86: 0xbd6a, 0x1d87: 0xbd82, 0x1d88: 0xbd9a, 0x1d89: 0xbdb2, 0x1d8a: 0xbdca, 0x1d8b: 0x0018,
+ 0x1d8c: 0x0018, 0x1d8d: 0x0018, 0x1d8e: 0x0018, 0x1d8f: 0x0018, 0x1d90: 0xbde2, 0x1d91: 0xbe02,
+ 0x1d92: 0xbe22, 0x1d93: 0xbe42, 0x1d94: 0xbe62, 0x1d95: 0xbe82, 0x1d96: 0xbea2, 0x1d97: 0xbec2,
+ 0x1d98: 0xbee2, 0x1d99: 0xbf02, 0x1d9a: 0xbf22, 0x1d9b: 0xbf42, 0x1d9c: 0xbf62, 0x1d9d: 0xbf82,
+ 0x1d9e: 0xbfa2, 0x1d9f: 0xbfc2, 0x1da0: 0xbfe2, 0x1da1: 0xc002, 0x1da2: 0xc022, 0x1da3: 0xc042,
+ 0x1da4: 0xc062, 0x1da5: 0xc082, 0x1da6: 0xc0a2, 0x1da7: 0xc0c2, 0x1da8: 0xc0e2, 0x1da9: 0xc102,
+ 0x1daa: 0xc121, 0x1dab: 0x1159, 0x1dac: 0x0269, 0x1dad: 0x66a9, 0x1dae: 0xc161, 0x1daf: 0x0018,
+ 0x1db0: 0x0039, 0x1db1: 0x0ee9, 0x1db2: 0x1159, 0x1db3: 0x0ef9, 0x1db4: 0x0f09, 0x1db5: 0x1199,
+ 0x1db6: 0x0f31, 0x1db7: 0x0249, 0x1db8: 0x0f41, 0x1db9: 0x0259, 0x1dba: 0x0f51, 0x1dbb: 0x0359,
+ 0x1dbc: 0x0f61, 0x1dbd: 0x0f71, 0x1dbe: 0x00d9, 0x1dbf: 0x0f99,
+ // Block 0x77, offset 0x1dc0
+ 0x1dc0: 0x2039, 0x1dc1: 0x0269, 0x1dc2: 0x01d9, 0x1dc3: 0x0fa9, 0x1dc4: 0x0fb9, 0x1dc5: 0x1089,
+ 0x1dc6: 0x0279, 0x1dc7: 0x0369, 0x1dc8: 0x0289, 0x1dc9: 0x13d1, 0x1dca: 0xc179, 0x1dcb: 0x65e9,
+ 0x1dcc: 0xc191, 0x1dcd: 0x1441, 0x1dce: 0xc1a9, 0x1dcf: 0xc1c9, 0x1dd0: 0x0018, 0x1dd1: 0x0018,
+ 0x1dd2: 0x0018, 0x1dd3: 0x0018, 0x1dd4: 0x0018, 0x1dd5: 0x0018, 0x1dd6: 0x0018, 0x1dd7: 0x0018,
+ 0x1dd8: 0x0018, 0x1dd9: 0x0018, 0x1dda: 0x0018, 0x1ddb: 0x0018, 0x1ddc: 0x0018, 0x1ddd: 0x0018,
+ 0x1dde: 0x0018, 0x1ddf: 0x0018, 0x1de0: 0x0018, 0x1de1: 0x0018, 0x1de2: 0x0018, 0x1de3: 0x0018,
+ 0x1de4: 0x0018, 0x1de5: 0x0018, 0x1de6: 0x0018, 0x1de7: 0x0018, 0x1de8: 0x0018, 0x1de9: 0x0018,
+ 0x1dea: 0xc1e1, 0x1deb: 0xc1f9, 0x1dec: 0xc211, 0x1ded: 0x0018, 0x1dee: 0x0018, 0x1def: 0x0018,
+ 0x1df0: 0x0018, 0x1df1: 0x0018, 0x1df2: 0x0018, 0x1df3: 0x0018, 0x1df4: 0x0018, 0x1df5: 0x0018,
+ 0x1df6: 0x0018, 0x1df7: 0x0018, 0x1df8: 0x0018, 0x1df9: 0x0018, 0x1dfa: 0x0018, 0x1dfb: 0x0018,
+ 0x1dfc: 0x0018, 0x1dfd: 0x0018, 0x1dfe: 0x0018, 0x1dff: 0x0018,
+ // Block 0x78, offset 0x1e00
+ 0x1e00: 0xc241, 0x1e01: 0xc279, 0x1e02: 0xc2b1, 0x1e03: 0x0040, 0x1e04: 0x0040, 0x1e05: 0x0040,
+ 0x1e06: 0x0040, 0x1e07: 0x0040, 0x1e08: 0x0040, 0x1e09: 0x0040, 0x1e0a: 0x0040, 0x1e0b: 0x0040,
+ 0x1e0c: 0x0040, 0x1e0d: 0x0040, 0x1e0e: 0x0040, 0x1e0f: 0x0040, 0x1e10: 0xc2d1, 0x1e11: 0xc2f1,
+ 0x1e12: 0xc311, 0x1e13: 0xc331, 0x1e14: 0xc351, 0x1e15: 0xc371, 0x1e16: 0xc391, 0x1e17: 0xc3b1,
+ 0x1e18: 0xc3d1, 0x1e19: 0xc3f1, 0x1e1a: 0xc411, 0x1e1b: 0xc431, 0x1e1c: 0xc451, 0x1e1d: 0xc471,
+ 0x1e1e: 0xc491, 0x1e1f: 0xc4b1, 0x1e20: 0xc4d1, 0x1e21: 0xc4f1, 0x1e22: 0xc511, 0x1e23: 0xc531,
+ 0x1e24: 0xc551, 0x1e25: 0xc571, 0x1e26: 0xc591, 0x1e27: 0xc5b1, 0x1e28: 0xc5d1, 0x1e29: 0xc5f1,
+ 0x1e2a: 0xc611, 0x1e2b: 0xc631, 0x1e2c: 0xc651, 0x1e2d: 0xc671, 0x1e2e: 0xc691, 0x1e2f: 0xc6b1,
+ 0x1e30: 0xc6d1, 0x1e31: 0xc6f1, 0x1e32: 0xc711, 0x1e33: 0xc731, 0x1e34: 0xc751, 0x1e35: 0xc771,
+ 0x1e36: 0xc791, 0x1e37: 0xc7b1, 0x1e38: 0xc7d1, 0x1e39: 0xc7f1, 0x1e3a: 0xc811, 0x1e3b: 0xc831,
+ 0x1e3c: 0x0040, 0x1e3d: 0x0040, 0x1e3e: 0x0040, 0x1e3f: 0x0040,
+ // Block 0x79, offset 0x1e40
+ 0x1e40: 0xcb61, 0x1e41: 0xcb81, 0x1e42: 0xcba1, 0x1e43: 0x8b55, 0x1e44: 0xcbc1, 0x1e45: 0xcbe1,
+ 0x1e46: 0xcc01, 0x1e47: 0xcc21, 0x1e48: 0xcc41, 0x1e49: 0xcc61, 0x1e4a: 0xcc81, 0x1e4b: 0xcca1,
+ 0x1e4c: 0xccc1, 0x1e4d: 0x8b75, 0x1e4e: 0xcce1, 0x1e4f: 0xcd01, 0x1e50: 0xcd21, 0x1e51: 0xcd41,
+ 0x1e52: 0x8b95, 0x1e53: 0xcd61, 0x1e54: 0xcd81, 0x1e55: 0xc491, 0x1e56: 0x8bb5, 0x1e57: 0xcda1,
+ 0x1e58: 0xcdc1, 0x1e59: 0xcde1, 0x1e5a: 0xce01, 0x1e5b: 0xce21, 0x1e5c: 0x8bd5, 0x1e5d: 0xce41,
+ 0x1e5e: 0xce61, 0x1e5f: 0xce81, 0x1e60: 0xcea1, 0x1e61: 0xcec1, 0x1e62: 0xc7f1, 0x1e63: 0xcee1,
+ 0x1e64: 0xcf01, 0x1e65: 0xcf21, 0x1e66: 0xcf41, 0x1e67: 0xcf61, 0x1e68: 0xcf81, 0x1e69: 0xcfa1,
+ 0x1e6a: 0xcfc1, 0x1e6b: 0xcfe1, 0x1e6c: 0xd001, 0x1e6d: 0xd021, 0x1e6e: 0xd041, 0x1e6f: 0xd061,
+ 0x1e70: 0xd081, 0x1e71: 0xd0a1, 0x1e72: 0xd0a1, 0x1e73: 0xd0a1, 0x1e74: 0x8bf5, 0x1e75: 0xd0c1,
+ 0x1e76: 0xd0e1, 0x1e77: 0xd101, 0x1e78: 0x8c15, 0x1e79: 0xd121, 0x1e7a: 0xd141, 0x1e7b: 0xd161,
+ 0x1e7c: 0xd181, 0x1e7d: 0xd1a1, 0x1e7e: 0xd1c1, 0x1e7f: 0xd1e1,
+ // Block 0x7a, offset 0x1e80
+ 0x1e80: 0xd201, 0x1e81: 0xd221, 0x1e82: 0xd241, 0x1e83: 0xd261, 0x1e84: 0xd281, 0x1e85: 0xd2a1,
+ 0x1e86: 0xd2a1, 0x1e87: 0xd2c1, 0x1e88: 0xd2e1, 0x1e89: 0xd301, 0x1e8a: 0xd321, 0x1e8b: 0xd341,
+ 0x1e8c: 0xd361, 0x1e8d: 0xd381, 0x1e8e: 0xd3a1, 0x1e8f: 0xd3c1, 0x1e90: 0xd3e1, 0x1e91: 0xd401,
+ 0x1e92: 0xd421, 0x1e93: 0xd441, 0x1e94: 0xd461, 0x1e95: 0xd481, 0x1e96: 0xd4a1, 0x1e97: 0xd4c1,
+ 0x1e98: 0xd4e1, 0x1e99: 0x8c35, 0x1e9a: 0xd501, 0x1e9b: 0xd521, 0x1e9c: 0xd541, 0x1e9d: 0xc371,
+ 0x1e9e: 0xd561, 0x1e9f: 0xd581, 0x1ea0: 0x8c55, 0x1ea1: 0x8c75, 0x1ea2: 0xd5a1, 0x1ea3: 0xd5c1,
+ 0x1ea4: 0xd5e1, 0x1ea5: 0xd601, 0x1ea6: 0xd621, 0x1ea7: 0xd641, 0x1ea8: 0x2040, 0x1ea9: 0xd661,
+ 0x1eaa: 0xd681, 0x1eab: 0xd681, 0x1eac: 0x8c95, 0x1ead: 0xd6a1, 0x1eae: 0xd6c1, 0x1eaf: 0xd6e1,
+ 0x1eb0: 0xd701, 0x1eb1: 0x8cb5, 0x1eb2: 0xd721, 0x1eb3: 0xd741, 0x1eb4: 0x2040, 0x1eb5: 0xd761,
+ 0x1eb6: 0xd781, 0x1eb7: 0xd7a1, 0x1eb8: 0xd7c1, 0x1eb9: 0xd7e1, 0x1eba: 0xd801, 0x1ebb: 0x8cd5,
+ 0x1ebc: 0xd821, 0x1ebd: 0x8cf5, 0x1ebe: 0xd841, 0x1ebf: 0xd861,
+ // Block 0x7b, offset 0x1ec0
+ 0x1ec0: 0xd881, 0x1ec1: 0xd8a1, 0x1ec2: 0xd8c1, 0x1ec3: 0xd8e1, 0x1ec4: 0xd901, 0x1ec5: 0xd921,
+ 0x1ec6: 0xd941, 0x1ec7: 0xd961, 0x1ec8: 0xd981, 0x1ec9: 0x8d15, 0x1eca: 0xd9a1, 0x1ecb: 0xd9c1,
+ 0x1ecc: 0xd9e1, 0x1ecd: 0xda01, 0x1ece: 0xda21, 0x1ecf: 0x8d35, 0x1ed0: 0xda41, 0x1ed1: 0x8d55,
+ 0x1ed2: 0x8d75, 0x1ed3: 0xda61, 0x1ed4: 0xda81, 0x1ed5: 0xda81, 0x1ed6: 0xdaa1, 0x1ed7: 0x8d95,
+ 0x1ed8: 0x8db5, 0x1ed9: 0xdac1, 0x1eda: 0xdae1, 0x1edb: 0xdb01, 0x1edc: 0xdb21, 0x1edd: 0xdb41,
+ 0x1ede: 0xdb61, 0x1edf: 0xdb81, 0x1ee0: 0xdba1, 0x1ee1: 0xdbc1, 0x1ee2: 0xdbe1, 0x1ee3: 0xdc01,
+ 0x1ee4: 0x8dd5, 0x1ee5: 0xdc21, 0x1ee6: 0xdc41, 0x1ee7: 0xdc61, 0x1ee8: 0xdc81, 0x1ee9: 0xdc61,
+ 0x1eea: 0xdca1, 0x1eeb: 0xdcc1, 0x1eec: 0xdce1, 0x1eed: 0xdd01, 0x1eee: 0xdd21, 0x1eef: 0xdd41,
+ 0x1ef0: 0xdd61, 0x1ef1: 0xdd81, 0x1ef2: 0xdda1, 0x1ef3: 0xddc1, 0x1ef4: 0xdde1, 0x1ef5: 0xde01,
+ 0x1ef6: 0xde21, 0x1ef7: 0xde41, 0x1ef8: 0x8df5, 0x1ef9: 0xde61, 0x1efa: 0xde81, 0x1efb: 0xdea1,
+ 0x1efc: 0xdec1, 0x1efd: 0xdee1, 0x1efe: 0x8e15, 0x1eff: 0xdf01,
+ // Block 0x7c, offset 0x1f00
+ 0x1f00: 0xe601, 0x1f01: 0xe621, 0x1f02: 0xe641, 0x1f03: 0xe661, 0x1f04: 0xe681, 0x1f05: 0xe6a1,
+ 0x1f06: 0x8f35, 0x1f07: 0xe6c1, 0x1f08: 0xe6e1, 0x1f09: 0xe701, 0x1f0a: 0xe721, 0x1f0b: 0xe741,
+ 0x1f0c: 0xe761, 0x1f0d: 0x8f55, 0x1f0e: 0xe781, 0x1f0f: 0xe7a1, 0x1f10: 0x8f75, 0x1f11: 0x8f95,
+ 0x1f12: 0xe7c1, 0x1f13: 0xe7e1, 0x1f14: 0xe801, 0x1f15: 0xe821, 0x1f16: 0xe841, 0x1f17: 0xe861,
+ 0x1f18: 0xe881, 0x1f19: 0xe8a1, 0x1f1a: 0xe8c1, 0x1f1b: 0x8fb5, 0x1f1c: 0xe8e1, 0x1f1d: 0x8fd5,
+ 0x1f1e: 0xe901, 0x1f1f: 0x2040, 0x1f20: 0xe921, 0x1f21: 0xe941, 0x1f22: 0xe961, 0x1f23: 0x8ff5,
+ 0x1f24: 0xe981, 0x1f25: 0xe9a1, 0x1f26: 0x9015, 0x1f27: 0x9035, 0x1f28: 0xe9c1, 0x1f29: 0xe9e1,
+ 0x1f2a: 0xea01, 0x1f2b: 0xea21, 0x1f2c: 0xea41, 0x1f2d: 0xea41, 0x1f2e: 0xea61, 0x1f2f: 0xea81,
+ 0x1f30: 0xeaa1, 0x1f31: 0xeac1, 0x1f32: 0xeae1, 0x1f33: 0xeb01, 0x1f34: 0xeb21, 0x1f35: 0x9055,
+ 0x1f36: 0xeb41, 0x1f37: 0x9075, 0x1f38: 0xeb61, 0x1f39: 0x9095, 0x1f3a: 0xeb81, 0x1f3b: 0x90b5,
+ 0x1f3c: 0x90d5, 0x1f3d: 0x90f5, 0x1f3e: 0xeba1, 0x1f3f: 0xebc1,
+ // Block 0x7d, offset 0x1f40
+ 0x1f40: 0xebe1, 0x1f41: 0x9115, 0x1f42: 0x9135, 0x1f43: 0x9155, 0x1f44: 0x9175, 0x1f45: 0xec01,
+ 0x1f46: 0xec21, 0x1f47: 0xec21, 0x1f48: 0xec41, 0x1f49: 0xec61, 0x1f4a: 0xec81, 0x1f4b: 0xeca1,
+ 0x1f4c: 0xecc1, 0x1f4d: 0x9195, 0x1f4e: 0xece1, 0x1f4f: 0xed01, 0x1f50: 0xed21, 0x1f51: 0xed41,
+ 0x1f52: 0x91b5, 0x1f53: 0xed61, 0x1f54: 0x91d5, 0x1f55: 0x91f5, 0x1f56: 0xed81, 0x1f57: 0xeda1,
+ 0x1f58: 0xedc1, 0x1f59: 0xede1, 0x1f5a: 0xee01, 0x1f5b: 0xee21, 0x1f5c: 0x9215, 0x1f5d: 0x9235,
+ 0x1f5e: 0x9255, 0x1f5f: 0x2040, 0x1f60: 0xee41, 0x1f61: 0x9275, 0x1f62: 0xee61, 0x1f63: 0xee81,
+ 0x1f64: 0xeea1, 0x1f65: 0x9295, 0x1f66: 0xeec1, 0x1f67: 0xeee1, 0x1f68: 0xef01, 0x1f69: 0xef21,
+ 0x1f6a: 0xef41, 0x1f6b: 0x92b5, 0x1f6c: 0xef61, 0x1f6d: 0xef81, 0x1f6e: 0xefa1, 0x1f6f: 0xefc1,
+ 0x1f70: 0xefe1, 0x1f71: 0xf001, 0x1f72: 0x92d5, 0x1f73: 0x92f5, 0x1f74: 0xf021, 0x1f75: 0x9315,
+ 0x1f76: 0xf041, 0x1f77: 0x9335, 0x1f78: 0xf061, 0x1f79: 0xf081, 0x1f7a: 0xf0a1, 0x1f7b: 0x9355,
+ 0x1f7c: 0x9375, 0x1f7d: 0xf0c1, 0x1f7e: 0x9395, 0x1f7f: 0xf0e1,
+ // Block 0x7e, offset 0x1f80
+ 0x1f80: 0xf721, 0x1f81: 0xf741, 0x1f82: 0xf761, 0x1f83: 0xf781, 0x1f84: 0xf7a1, 0x1f85: 0x9555,
+ 0x1f86: 0xf7c1, 0x1f87: 0xf7e1, 0x1f88: 0xf801, 0x1f89: 0xf821, 0x1f8a: 0xf841, 0x1f8b: 0x9575,
+ 0x1f8c: 0x9595, 0x1f8d: 0xf861, 0x1f8e: 0xf881, 0x1f8f: 0xf8a1, 0x1f90: 0xf8c1, 0x1f91: 0xf8e1,
+ 0x1f92: 0xf901, 0x1f93: 0x95b5, 0x1f94: 0xf921, 0x1f95: 0xf941, 0x1f96: 0xf961, 0x1f97: 0xf981,
+ 0x1f98: 0x95d5, 0x1f99: 0x95f5, 0x1f9a: 0xf9a1, 0x1f9b: 0xf9c1, 0x1f9c: 0xf9e1, 0x1f9d: 0x9615,
+ 0x1f9e: 0xfa01, 0x1f9f: 0xfa21, 0x1fa0: 0x684d, 0x1fa1: 0x9635, 0x1fa2: 0xfa41, 0x1fa3: 0xfa61,
+ 0x1fa4: 0xfa81, 0x1fa5: 0x9655, 0x1fa6: 0xfaa1, 0x1fa7: 0xfac1, 0x1fa8: 0xfae1, 0x1fa9: 0xfb01,
+ 0x1faa: 0xfb21, 0x1fab: 0xfb41, 0x1fac: 0xfb61, 0x1fad: 0x9675, 0x1fae: 0xfb81, 0x1faf: 0xfba1,
+ 0x1fb0: 0xfbc1, 0x1fb1: 0x9695, 0x1fb2: 0xfbe1, 0x1fb3: 0xfc01, 0x1fb4: 0xfc21, 0x1fb5: 0xfc41,
+ 0x1fb6: 0x7b6d, 0x1fb7: 0x96b5, 0x1fb8: 0xfc61, 0x1fb9: 0xfc81, 0x1fba: 0xfca1, 0x1fbb: 0x96d5,
+ 0x1fbc: 0xfcc1, 0x1fbd: 0x96f5, 0x1fbe: 0xfce1, 0x1fbf: 0xfce1,
+ // Block 0x7f, offset 0x1fc0
+ 0x1fc0: 0xfd01, 0x1fc1: 0x9715, 0x1fc2: 0xfd21, 0x1fc3: 0xfd41, 0x1fc4: 0xfd61, 0x1fc5: 0xfd81,
+ 0x1fc6: 0xfda1, 0x1fc7: 0xfdc1, 0x1fc8: 0xfde1, 0x1fc9: 0x9735, 0x1fca: 0xfe01, 0x1fcb: 0xfe21,
+ 0x1fcc: 0xfe41, 0x1fcd: 0xfe61, 0x1fce: 0xfe81, 0x1fcf: 0xfea1, 0x1fd0: 0x9755, 0x1fd1: 0xfec1,
+ 0x1fd2: 0x9775, 0x1fd3: 0x9795, 0x1fd4: 0x97b5, 0x1fd5: 0xfee1, 0x1fd6: 0xff01, 0x1fd7: 0xff21,
+ 0x1fd8: 0xff41, 0x1fd9: 0xff61, 0x1fda: 0xff81, 0x1fdb: 0xffa1, 0x1fdc: 0xffc1, 0x1fdd: 0x97d5,
+ 0x1fde: 0x0040, 0x1fdf: 0x0040, 0x1fe0: 0x0040, 0x1fe1: 0x0040, 0x1fe2: 0x0040, 0x1fe3: 0x0040,
+ 0x1fe4: 0x0040, 0x1fe5: 0x0040, 0x1fe6: 0x0040, 0x1fe7: 0x0040, 0x1fe8: 0x0040, 0x1fe9: 0x0040,
+ 0x1fea: 0x0040, 0x1feb: 0x0040, 0x1fec: 0x0040, 0x1fed: 0x0040, 0x1fee: 0x0040, 0x1fef: 0x0040,
+ 0x1ff0: 0x0040, 0x1ff1: 0x0040, 0x1ff2: 0x0040, 0x1ff3: 0x0040, 0x1ff4: 0x0040, 0x1ff5: 0x0040,
+ 0x1ff6: 0x0040, 0x1ff7: 0x0040, 0x1ff8: 0x0040, 0x1ff9: 0x0040, 0x1ffa: 0x0040, 0x1ffb: 0x0040,
+ 0x1ffc: 0x0040, 0x1ffd: 0x0040, 0x1ffe: 0x0040, 0x1fff: 0x0040,
+}
+
+// idnaIndex: 37 blocks, 2368 entries, 4736 bytes
+// Block 0 is the zero block.
+var idnaIndex = [2368]uint16{
+ // Block 0x0, offset 0x0
+ // Block 0x1, offset 0x40
+ // Block 0x2, offset 0x80
+ // Block 0x3, offset 0xc0
+ 0xc2: 0x01, 0xc3: 0x7e, 0xc4: 0x02, 0xc5: 0x03, 0xc6: 0x04, 0xc7: 0x05,
+ 0xc8: 0x06, 0xc9: 0x7f, 0xca: 0x80, 0xcb: 0x07, 0xcc: 0x81, 0xcd: 0x08, 0xce: 0x09, 0xcf: 0x0a,
+ 0xd0: 0x82, 0xd1: 0x0b, 0xd2: 0x0c, 0xd3: 0x0d, 0xd4: 0x0e, 0xd5: 0x83, 0xd6: 0x84, 0xd7: 0x85,
+ 0xd8: 0x0f, 0xd9: 0x10, 0xda: 0x86, 0xdb: 0x11, 0xdc: 0x12, 0xdd: 0x87, 0xde: 0x88, 0xdf: 0x89,
+ 0xe0: 0x02, 0xe1: 0x03, 0xe2: 0x04, 0xe3: 0x05, 0xe4: 0x06, 0xe5: 0x07, 0xe6: 0x07, 0xe7: 0x07,
+ 0xe8: 0x07, 0xe9: 0x08, 0xea: 0x09, 0xeb: 0x07, 0xec: 0x07, 0xed: 0x0a, 0xee: 0x0b, 0xef: 0x0c,
+ 0xf0: 0x1e, 0xf1: 0x1f, 0xf2: 0x1f, 0xf3: 0x21, 0xf4: 0x22,
+ // Block 0x4, offset 0x100
+ 0x120: 0x8a, 0x121: 0x13, 0x122: 0x8b, 0x123: 0x8c, 0x124: 0x8d, 0x125: 0x14, 0x126: 0x15, 0x127: 0x16,
+ 0x128: 0x17, 0x129: 0x18, 0x12a: 0x19, 0x12b: 0x1a, 0x12c: 0x1b, 0x12d: 0x1c, 0x12e: 0x1d, 0x12f: 0x8e,
+ 0x130: 0x8f, 0x131: 0x1e, 0x132: 0x1f, 0x133: 0x20, 0x134: 0x90, 0x135: 0x21, 0x136: 0x91, 0x137: 0x92,
+ 0x138: 0x93, 0x139: 0x94, 0x13a: 0x22, 0x13b: 0x95, 0x13c: 0x96, 0x13d: 0x23, 0x13e: 0x24, 0x13f: 0x97,
+ // Block 0x5, offset 0x140
+ 0x140: 0x98, 0x141: 0x99, 0x142: 0x9a, 0x143: 0x9b, 0x144: 0x9c, 0x145: 0x9d, 0x146: 0x9e, 0x147: 0x9f,
+ 0x148: 0xa0, 0x149: 0xa1, 0x14a: 0xa2, 0x14b: 0xa3, 0x14c: 0xa4, 0x14d: 0xa5, 0x14e: 0xa6, 0x14f: 0xa7,
+ 0x150: 0xa8, 0x151: 0xa0, 0x152: 0xa0, 0x153: 0xa0, 0x154: 0xa0, 0x155: 0xa0, 0x156: 0xa0, 0x157: 0xa0,
+ 0x158: 0xa0, 0x159: 0xa9, 0x15a: 0xaa, 0x15b: 0xab, 0x15c: 0xac, 0x15d: 0xad, 0x15e: 0xae, 0x15f: 0xaf,
+ 0x160: 0xb0, 0x161: 0xb1, 0x162: 0xb2, 0x163: 0xb3, 0x164: 0xb4, 0x165: 0xb5, 0x166: 0xb6, 0x167: 0xb7,
+ 0x168: 0xb8, 0x169: 0xb9, 0x16a: 0xba, 0x16b: 0xbb, 0x16c: 0xbc, 0x16d: 0xbd, 0x16e: 0xbe, 0x16f: 0xbf,
+ 0x170: 0xc0, 0x171: 0xc1, 0x172: 0xc2, 0x173: 0xc3, 0x174: 0x25, 0x175: 0x26, 0x176: 0x27, 0x177: 0xc4,
+ 0x178: 0x28, 0x179: 0x28, 0x17a: 0x29, 0x17b: 0x28, 0x17c: 0xc5, 0x17d: 0x2a, 0x17e: 0x2b, 0x17f: 0x2c,
+ // Block 0x6, offset 0x180
+ 0x180: 0x2d, 0x181: 0x2e, 0x182: 0x2f, 0x183: 0xc6, 0x184: 0x30, 0x185: 0x31, 0x186: 0xc7, 0x187: 0x9c,
+ 0x188: 0xc8, 0x189: 0xc9, 0x18a: 0x9c, 0x18b: 0x9c, 0x18c: 0xca, 0x18d: 0x9c, 0x18e: 0x9c, 0x18f: 0x9c,
+ 0x190: 0xcb, 0x191: 0x32, 0x192: 0x33, 0x193: 0x34, 0x194: 0x9c, 0x195: 0x9c, 0x196: 0x9c, 0x197: 0x9c,
+ 0x198: 0x9c, 0x199: 0x9c, 0x19a: 0x9c, 0x19b: 0x9c, 0x19c: 0x9c, 0x19d: 0x9c, 0x19e: 0x9c, 0x19f: 0x9c,
+ 0x1a0: 0x9c, 0x1a1: 0x9c, 0x1a2: 0x9c, 0x1a3: 0x9c, 0x1a4: 0x9c, 0x1a5: 0x9c, 0x1a6: 0x9c, 0x1a7: 0x9c,
+ 0x1a8: 0xcc, 0x1a9: 0xcd, 0x1aa: 0x9c, 0x1ab: 0xce, 0x1ac: 0x9c, 0x1ad: 0xcf, 0x1ae: 0xd0, 0x1af: 0x9c,
+ 0x1b0: 0xd1, 0x1b1: 0x35, 0x1b2: 0x28, 0x1b3: 0x36, 0x1b4: 0xd2, 0x1b5: 0xd3, 0x1b6: 0xd4, 0x1b7: 0xd5,
+ 0x1b8: 0xd6, 0x1b9: 0xd7, 0x1ba: 0xd8, 0x1bb: 0xd9, 0x1bc: 0xda, 0x1bd: 0xdb, 0x1be: 0xdc, 0x1bf: 0x37,
+ // Block 0x7, offset 0x1c0
+ 0x1c0: 0x38, 0x1c1: 0xdd, 0x1c2: 0xde, 0x1c3: 0xdf, 0x1c4: 0xe0, 0x1c5: 0x39, 0x1c6: 0x3a, 0x1c7: 0xe1,
+ 0x1c8: 0xe2, 0x1c9: 0x3b, 0x1ca: 0x3c, 0x1cb: 0x3d, 0x1cc: 0x3e, 0x1cd: 0x3f, 0x1ce: 0x40, 0x1cf: 0x41,
+ 0x1d0: 0xa0, 0x1d1: 0xa0, 0x1d2: 0xa0, 0x1d3: 0xa0, 0x1d4: 0xa0, 0x1d5: 0xa0, 0x1d6: 0xa0, 0x1d7: 0xa0,
+ 0x1d8: 0xa0, 0x1d9: 0xa0, 0x1da: 0xa0, 0x1db: 0xa0, 0x1dc: 0xa0, 0x1dd: 0xa0, 0x1de: 0xa0, 0x1df: 0xa0,
+ 0x1e0: 0xa0, 0x1e1: 0xa0, 0x1e2: 0xa0, 0x1e3: 0xa0, 0x1e4: 0xa0, 0x1e5: 0xa0, 0x1e6: 0xa0, 0x1e7: 0xa0,
+ 0x1e8: 0xa0, 0x1e9: 0xa0, 0x1ea: 0xa0, 0x1eb: 0xa0, 0x1ec: 0xa0, 0x1ed: 0xa0, 0x1ee: 0xa0, 0x1ef: 0xa0,
+ 0x1f0: 0xa0, 0x1f1: 0xa0, 0x1f2: 0xa0, 0x1f3: 0xa0, 0x1f4: 0xa0, 0x1f5: 0xa0, 0x1f6: 0xa0, 0x1f7: 0xa0,
+ 0x1f8: 0xa0, 0x1f9: 0xa0, 0x1fa: 0xa0, 0x1fb: 0xa0, 0x1fc: 0xa0, 0x1fd: 0xa0, 0x1fe: 0xa0, 0x1ff: 0xa0,
+ // Block 0x8, offset 0x200
+ 0x200: 0xa0, 0x201: 0xa0, 0x202: 0xa0, 0x203: 0xa0, 0x204: 0xa0, 0x205: 0xa0, 0x206: 0xa0, 0x207: 0xa0,
+ 0x208: 0xa0, 0x209: 0xa0, 0x20a: 0xa0, 0x20b: 0xa0, 0x20c: 0xa0, 0x20d: 0xa0, 0x20e: 0xa0, 0x20f: 0xa0,
+ 0x210: 0xa0, 0x211: 0xa0, 0x212: 0xa0, 0x213: 0xa0, 0x214: 0xa0, 0x215: 0xa0, 0x216: 0xa0, 0x217: 0xa0,
+ 0x218: 0xa0, 0x219: 0xa0, 0x21a: 0xa0, 0x21b: 0xa0, 0x21c: 0xa0, 0x21d: 0xa0, 0x21e: 0xa0, 0x21f: 0xa0,
+ 0x220: 0xa0, 0x221: 0xa0, 0x222: 0xa0, 0x223: 0xa0, 0x224: 0xa0, 0x225: 0xa0, 0x226: 0xa0, 0x227: 0xa0,
+ 0x228: 0xa0, 0x229: 0xa0, 0x22a: 0xa0, 0x22b: 0xa0, 0x22c: 0xa0, 0x22d: 0xa0, 0x22e: 0xa0, 0x22f: 0xa0,
+ 0x230: 0xa0, 0x231: 0xa0, 0x232: 0xa0, 0x233: 0xa0, 0x234: 0xa0, 0x235: 0xa0, 0x236: 0xa0, 0x237: 0x9c,
+ 0x238: 0xa0, 0x239: 0xa0, 0x23a: 0xa0, 0x23b: 0xa0, 0x23c: 0xa0, 0x23d: 0xa0, 0x23e: 0xa0, 0x23f: 0xa0,
+ // Block 0x9, offset 0x240
+ 0x240: 0xa0, 0x241: 0xa0, 0x242: 0xa0, 0x243: 0xa0, 0x244: 0xa0, 0x245: 0xa0, 0x246: 0xa0, 0x247: 0xa0,
+ 0x248: 0xa0, 0x249: 0xa0, 0x24a: 0xa0, 0x24b: 0xa0, 0x24c: 0xa0, 0x24d: 0xa0, 0x24e: 0xa0, 0x24f: 0xa0,
+ 0x250: 0xa0, 0x251: 0xa0, 0x252: 0xa0, 0x253: 0xa0, 0x254: 0xa0, 0x255: 0xa0, 0x256: 0xa0, 0x257: 0xa0,
+ 0x258: 0xa0, 0x259: 0xa0, 0x25a: 0xa0, 0x25b: 0xa0, 0x25c: 0xa0, 0x25d: 0xa0, 0x25e: 0xa0, 0x25f: 0xa0,
+ 0x260: 0xa0, 0x261: 0xa0, 0x262: 0xa0, 0x263: 0xa0, 0x264: 0xa0, 0x265: 0xa0, 0x266: 0xa0, 0x267: 0xa0,
+ 0x268: 0xa0, 0x269: 0xa0, 0x26a: 0xa0, 0x26b: 0xa0, 0x26c: 0xa0, 0x26d: 0xa0, 0x26e: 0xa0, 0x26f: 0xa0,
+ 0x270: 0xa0, 0x271: 0xa0, 0x272: 0xa0, 0x273: 0xa0, 0x274: 0xa0, 0x275: 0xa0, 0x276: 0xa0, 0x277: 0xa0,
+ 0x278: 0xa0, 0x279: 0xa0, 0x27a: 0xa0, 0x27b: 0xa0, 0x27c: 0xa0, 0x27d: 0xa0, 0x27e: 0xa0, 0x27f: 0xa0,
+ // Block 0xa, offset 0x280
+ 0x280: 0xa0, 0x281: 0xa0, 0x282: 0xa0, 0x283: 0xa0, 0x284: 0xa0, 0x285: 0xa0, 0x286: 0xa0, 0x287: 0xa0,
+ 0x288: 0xa0, 0x289: 0xa0, 0x28a: 0xa0, 0x28b: 0xa0, 0x28c: 0xa0, 0x28d: 0xa0, 0x28e: 0xa0, 0x28f: 0xa0,
+ 0x290: 0xa0, 0x291: 0xa0, 0x292: 0xa0, 0x293: 0xa0, 0x294: 0xa0, 0x295: 0xa0, 0x296: 0xa0, 0x297: 0xa0,
+ 0x298: 0xa0, 0x299: 0xa0, 0x29a: 0xa0, 0x29b: 0xa0, 0x29c: 0xa0, 0x29d: 0xa0, 0x29e: 0xa0, 0x29f: 0xa0,
+ 0x2a0: 0xa0, 0x2a1: 0xa0, 0x2a2: 0xa0, 0x2a3: 0xa0, 0x2a4: 0xa0, 0x2a5: 0xa0, 0x2a6: 0xa0, 0x2a7: 0xa0,
+ 0x2a8: 0xa0, 0x2a9: 0xa0, 0x2aa: 0xa0, 0x2ab: 0xa0, 0x2ac: 0xa0, 0x2ad: 0xa0, 0x2ae: 0xa0, 0x2af: 0xa0,
+ 0x2b0: 0xa0, 0x2b1: 0xa0, 0x2b2: 0xa0, 0x2b3: 0xa0, 0x2b4: 0xa0, 0x2b5: 0xa0, 0x2b6: 0xa0, 0x2b7: 0xa0,
+ 0x2b8: 0xa0, 0x2b9: 0xa0, 0x2ba: 0xa0, 0x2bb: 0xa0, 0x2bc: 0xa0, 0x2bd: 0xa0, 0x2be: 0xa0, 0x2bf: 0xe3,
+ // Block 0xb, offset 0x2c0
+ 0x2c0: 0xa0, 0x2c1: 0xa0, 0x2c2: 0xa0, 0x2c3: 0xa0, 0x2c4: 0xa0, 0x2c5: 0xa0, 0x2c6: 0xa0, 0x2c7: 0xa0,
+ 0x2c8: 0xa0, 0x2c9: 0xa0, 0x2ca: 0xa0, 0x2cb: 0xa0, 0x2cc: 0xa0, 0x2cd: 0xa0, 0x2ce: 0xa0, 0x2cf: 0xa0,
+ 0x2d0: 0xa0, 0x2d1: 0xa0, 0x2d2: 0xe4, 0x2d3: 0xe5, 0x2d4: 0xa0, 0x2d5: 0xa0, 0x2d6: 0xa0, 0x2d7: 0xa0,
+ 0x2d8: 0xe6, 0x2d9: 0x42, 0x2da: 0x43, 0x2db: 0xe7, 0x2dc: 0x44, 0x2dd: 0x45, 0x2de: 0x46, 0x2df: 0xe8,
+ 0x2e0: 0xe9, 0x2e1: 0xea, 0x2e2: 0xeb, 0x2e3: 0xec, 0x2e4: 0xed, 0x2e5: 0xee, 0x2e6: 0xef, 0x2e7: 0xf0,
+ 0x2e8: 0xf1, 0x2e9: 0xf2, 0x2ea: 0xf3, 0x2eb: 0xf4, 0x2ec: 0xf5, 0x2ed: 0xf6, 0x2ee: 0xf7, 0x2ef: 0xf8,
+ 0x2f0: 0xa0, 0x2f1: 0xa0, 0x2f2: 0xa0, 0x2f3: 0xa0, 0x2f4: 0xa0, 0x2f5: 0xa0, 0x2f6: 0xa0, 0x2f7: 0xa0,
+ 0x2f8: 0xa0, 0x2f9: 0xa0, 0x2fa: 0xa0, 0x2fb: 0xa0, 0x2fc: 0xa0, 0x2fd: 0xa0, 0x2fe: 0xa0, 0x2ff: 0xa0,
+ // Block 0xc, offset 0x300
+ 0x300: 0xa0, 0x301: 0xa0, 0x302: 0xa0, 0x303: 0xa0, 0x304: 0xa0, 0x305: 0xa0, 0x306: 0xa0, 0x307: 0xa0,
+ 0x308: 0xa0, 0x309: 0xa0, 0x30a: 0xa0, 0x30b: 0xa0, 0x30c: 0xa0, 0x30d: 0xa0, 0x30e: 0xa0, 0x30f: 0xa0,
+ 0x310: 0xa0, 0x311: 0xa0, 0x312: 0xa0, 0x313: 0xa0, 0x314: 0xa0, 0x315: 0xa0, 0x316: 0xa0, 0x317: 0xa0,
+ 0x318: 0xa0, 0x319: 0xa0, 0x31a: 0xa0, 0x31b: 0xa0, 0x31c: 0xa0, 0x31d: 0xa0, 0x31e: 0xf9, 0x31f: 0xfa,
+ // Block 0xd, offset 0x340
+ 0x340: 0xfb, 0x341: 0xfb, 0x342: 0xfb, 0x343: 0xfb, 0x344: 0xfb, 0x345: 0xfb, 0x346: 0xfb, 0x347: 0xfb,
+ 0x348: 0xfb, 0x349: 0xfb, 0x34a: 0xfb, 0x34b: 0xfb, 0x34c: 0xfb, 0x34d: 0xfb, 0x34e: 0xfb, 0x34f: 0xfb,
+ 0x350: 0xfb, 0x351: 0xfb, 0x352: 0xfb, 0x353: 0xfb, 0x354: 0xfb, 0x355: 0xfb, 0x356: 0xfb, 0x357: 0xfb,
+ 0x358: 0xfb, 0x359: 0xfb, 0x35a: 0xfb, 0x35b: 0xfb, 0x35c: 0xfb, 0x35d: 0xfb, 0x35e: 0xfb, 0x35f: 0xfb,
+ 0x360: 0xfb, 0x361: 0xfb, 0x362: 0xfb, 0x363: 0xfb, 0x364: 0xfb, 0x365: 0xfb, 0x366: 0xfb, 0x367: 0xfb,
+ 0x368: 0xfb, 0x369: 0xfb, 0x36a: 0xfb, 0x36b: 0xfb, 0x36c: 0xfb, 0x36d: 0xfb, 0x36e: 0xfb, 0x36f: 0xfb,
+ 0x370: 0xfb, 0x371: 0xfb, 0x372: 0xfb, 0x373: 0xfb, 0x374: 0xfb, 0x375: 0xfb, 0x376: 0xfb, 0x377: 0xfb,
+ 0x378: 0xfb, 0x379: 0xfb, 0x37a: 0xfb, 0x37b: 0xfb, 0x37c: 0xfb, 0x37d: 0xfb, 0x37e: 0xfb, 0x37f: 0xfb,
+ // Block 0xe, offset 0x380
+ 0x380: 0xfb, 0x381: 0xfb, 0x382: 0xfb, 0x383: 0xfb, 0x384: 0xfb, 0x385: 0xfb, 0x386: 0xfb, 0x387: 0xfb,
+ 0x388: 0xfb, 0x389: 0xfb, 0x38a: 0xfb, 0x38b: 0xfb, 0x38c: 0xfb, 0x38d: 0xfb, 0x38e: 0xfb, 0x38f: 0xfb,
+ 0x390: 0xfb, 0x391: 0xfb, 0x392: 0xfb, 0x393: 0xfb, 0x394: 0xfb, 0x395: 0xfb, 0x396: 0xfb, 0x397: 0xfb,
+ 0x398: 0xfb, 0x399: 0xfb, 0x39a: 0xfb, 0x39b: 0xfb, 0x39c: 0xfb, 0x39d: 0xfb, 0x39e: 0xfb, 0x39f: 0xfb,
+ 0x3a0: 0xfb, 0x3a1: 0xfb, 0x3a2: 0xfb, 0x3a3: 0xfb, 0x3a4: 0xfc, 0x3a5: 0xfd, 0x3a6: 0xfe, 0x3a7: 0xff,
+ 0x3a8: 0x47, 0x3a9: 0x100, 0x3aa: 0x101, 0x3ab: 0x48, 0x3ac: 0x49, 0x3ad: 0x4a, 0x3ae: 0x4b, 0x3af: 0x4c,
+ 0x3b0: 0x102, 0x3b1: 0x4d, 0x3b2: 0x4e, 0x3b3: 0x4f, 0x3b4: 0x50, 0x3b5: 0x51, 0x3b6: 0x103, 0x3b7: 0x52,
+ 0x3b8: 0x53, 0x3b9: 0x54, 0x3ba: 0x55, 0x3bb: 0x56, 0x3bc: 0x57, 0x3bd: 0x58, 0x3be: 0x59, 0x3bf: 0x5a,
+ // Block 0xf, offset 0x3c0
+ 0x3c0: 0x104, 0x3c1: 0x105, 0x3c2: 0xa0, 0x3c3: 0x106, 0x3c4: 0x107, 0x3c5: 0x9c, 0x3c6: 0x108, 0x3c7: 0x109,
+ 0x3c8: 0xfb, 0x3c9: 0xfb, 0x3ca: 0x10a, 0x3cb: 0x10b, 0x3cc: 0x10c, 0x3cd: 0x10d, 0x3ce: 0x10e, 0x3cf: 0x10f,
+ 0x3d0: 0x110, 0x3d1: 0xa0, 0x3d2: 0x111, 0x3d3: 0x112, 0x3d4: 0x113, 0x3d5: 0x114, 0x3d6: 0xfb, 0x3d7: 0xfb,
+ 0x3d8: 0xa0, 0x3d9: 0xa0, 0x3da: 0xa0, 0x3db: 0xa0, 0x3dc: 0x115, 0x3dd: 0x116, 0x3de: 0xfb, 0x3df: 0xfb,
+ 0x3e0: 0x117, 0x3e1: 0x118, 0x3e2: 0x119, 0x3e3: 0x11a, 0x3e4: 0x11b, 0x3e5: 0xfb, 0x3e6: 0x11c, 0x3e7: 0x11d,
+ 0x3e8: 0x11e, 0x3e9: 0x11f, 0x3ea: 0x120, 0x3eb: 0x5b, 0x3ec: 0x121, 0x3ed: 0x122, 0x3ee: 0x5c, 0x3ef: 0xfb,
+ 0x3f0: 0x123, 0x3f1: 0x124, 0x3f2: 0x125, 0x3f3: 0x126, 0x3f4: 0x127, 0x3f5: 0xfb, 0x3f6: 0xfb, 0x3f7: 0xfb,
+ 0x3f8: 0xfb, 0x3f9: 0x128, 0x3fa: 0x129, 0x3fb: 0xfb, 0x3fc: 0x12a, 0x3fd: 0x12b, 0x3fe: 0x12c, 0x3ff: 0x12d,
+ // Block 0x10, offset 0x400
+ 0x400: 0x12e, 0x401: 0x12f, 0x402: 0x130, 0x403: 0x131, 0x404: 0x132, 0x405: 0x133, 0x406: 0x134, 0x407: 0x135,
+ 0x408: 0x136, 0x409: 0xfb, 0x40a: 0x137, 0x40b: 0x138, 0x40c: 0x5d, 0x40d: 0x5e, 0x40e: 0xfb, 0x40f: 0xfb,
+ 0x410: 0x139, 0x411: 0x13a, 0x412: 0x13b, 0x413: 0x13c, 0x414: 0xfb, 0x415: 0xfb, 0x416: 0x13d, 0x417: 0x13e,
+ 0x418: 0x13f, 0x419: 0x140, 0x41a: 0x141, 0x41b: 0x142, 0x41c: 0x143, 0x41d: 0xfb, 0x41e: 0xfb, 0x41f: 0xfb,
+ 0x420: 0x144, 0x421: 0xfb, 0x422: 0x145, 0x423: 0x146, 0x424: 0x5f, 0x425: 0x147, 0x426: 0x148, 0x427: 0x149,
+ 0x428: 0x14a, 0x429: 0x14b, 0x42a: 0x14c, 0x42b: 0x14d, 0x42c: 0xfb, 0x42d: 0xfb, 0x42e: 0xfb, 0x42f: 0xfb,
+ 0x430: 0x14e, 0x431: 0x14f, 0x432: 0x150, 0x433: 0xfb, 0x434: 0x151, 0x435: 0x152, 0x436: 0x153, 0x437: 0xfb,
+ 0x438: 0xfb, 0x439: 0xfb, 0x43a: 0xfb, 0x43b: 0x154, 0x43c: 0xfb, 0x43d: 0xfb, 0x43e: 0x155, 0x43f: 0x156,
+ // Block 0x11, offset 0x440
+ 0x440: 0xa0, 0x441: 0xa0, 0x442: 0xa0, 0x443: 0xa0, 0x444: 0xa0, 0x445: 0xa0, 0x446: 0xa0, 0x447: 0xa0,
+ 0x448: 0xa0, 0x449: 0xa0, 0x44a: 0xa0, 0x44b: 0xa0, 0x44c: 0xa0, 0x44d: 0xa0, 0x44e: 0x157, 0x44f: 0xfb,
+ 0x450: 0x9c, 0x451: 0x158, 0x452: 0xa0, 0x453: 0xa0, 0x454: 0xa0, 0x455: 0x159, 0x456: 0xfb, 0x457: 0xfb,
+ 0x458: 0xfb, 0x459: 0xfb, 0x45a: 0xfb, 0x45b: 0xfb, 0x45c: 0xfb, 0x45d: 0xfb, 0x45e: 0xfb, 0x45f: 0xfb,
+ 0x460: 0xfb, 0x461: 0xfb, 0x462: 0xfb, 0x463: 0xfb, 0x464: 0xfb, 0x465: 0xfb, 0x466: 0xfb, 0x467: 0xfb,
+ 0x468: 0xfb, 0x469: 0xfb, 0x46a: 0xfb, 0x46b: 0xfb, 0x46c: 0xfb, 0x46d: 0xfb, 0x46e: 0xfb, 0x46f: 0xfb,
+ 0x470: 0xfb, 0x471: 0xfb, 0x472: 0xfb, 0x473: 0xfb, 0x474: 0xfb, 0x475: 0xfb, 0x476: 0xfb, 0x477: 0xfb,
+ 0x478: 0xfb, 0x479: 0xfb, 0x47a: 0xfb, 0x47b: 0xfb, 0x47c: 0xfb, 0x47d: 0xfb, 0x47e: 0xfb, 0x47f: 0xfb,
+ // Block 0x12, offset 0x480
+ 0x480: 0xa0, 0x481: 0xa0, 0x482: 0xa0, 0x483: 0xa0, 0x484: 0xa0, 0x485: 0xa0, 0x486: 0xa0, 0x487: 0xa0,
+ 0x488: 0xa0, 0x489: 0xa0, 0x48a: 0xa0, 0x48b: 0xa0, 0x48c: 0xa0, 0x48d: 0xa0, 0x48e: 0xa0, 0x48f: 0xa0,
+ 0x490: 0x15a, 0x491: 0xfb, 0x492: 0xfb, 0x493: 0xfb, 0x494: 0xfb, 0x495: 0xfb, 0x496: 0xfb, 0x497: 0xfb,
+ 0x498: 0xfb, 0x499: 0xfb, 0x49a: 0xfb, 0x49b: 0xfb, 0x49c: 0xfb, 0x49d: 0xfb, 0x49e: 0xfb, 0x49f: 0xfb,
+ 0x4a0: 0xfb, 0x4a1: 0xfb, 0x4a2: 0xfb, 0x4a3: 0xfb, 0x4a4: 0xfb, 0x4a5: 0xfb, 0x4a6: 0xfb, 0x4a7: 0xfb,
+ 0x4a8: 0xfb, 0x4a9: 0xfb, 0x4aa: 0xfb, 0x4ab: 0xfb, 0x4ac: 0xfb, 0x4ad: 0xfb, 0x4ae: 0xfb, 0x4af: 0xfb,
+ 0x4b0: 0xfb, 0x4b1: 0xfb, 0x4b2: 0xfb, 0x4b3: 0xfb, 0x4b4: 0xfb, 0x4b5: 0xfb, 0x4b6: 0xfb, 0x4b7: 0xfb,
+ 0x4b8: 0xfb, 0x4b9: 0xfb, 0x4ba: 0xfb, 0x4bb: 0xfb, 0x4bc: 0xfb, 0x4bd: 0xfb, 0x4be: 0xfb, 0x4bf: 0xfb,
+ // Block 0x13, offset 0x4c0
+ 0x4c0: 0xfb, 0x4c1: 0xfb, 0x4c2: 0xfb, 0x4c3: 0xfb, 0x4c4: 0xfb, 0x4c5: 0xfb, 0x4c6: 0xfb, 0x4c7: 0xfb,
+ 0x4c8: 0xfb, 0x4c9: 0xfb, 0x4ca: 0xfb, 0x4cb: 0xfb, 0x4cc: 0xfb, 0x4cd: 0xfb, 0x4ce: 0xfb, 0x4cf: 0xfb,
+ 0x4d0: 0xa0, 0x4d1: 0xa0, 0x4d2: 0xa0, 0x4d3: 0xa0, 0x4d4: 0xa0, 0x4d5: 0xa0, 0x4d6: 0xa0, 0x4d7: 0xa0,
+ 0x4d8: 0xa0, 0x4d9: 0x15b, 0x4da: 0xfb, 0x4db: 0xfb, 0x4dc: 0xfb, 0x4dd: 0xfb, 0x4de: 0xfb, 0x4df: 0xfb,
+ 0x4e0: 0xfb, 0x4e1: 0xfb, 0x4e2: 0xfb, 0x4e3: 0xfb, 0x4e4: 0xfb, 0x4e5: 0xfb, 0x4e6: 0xfb, 0x4e7: 0xfb,
+ 0x4e8: 0xfb, 0x4e9: 0xfb, 0x4ea: 0xfb, 0x4eb: 0xfb, 0x4ec: 0xfb, 0x4ed: 0xfb, 0x4ee: 0xfb, 0x4ef: 0xfb,
+ 0x4f0: 0xfb, 0x4f1: 0xfb, 0x4f2: 0xfb, 0x4f3: 0xfb, 0x4f4: 0xfb, 0x4f5: 0xfb, 0x4f6: 0xfb, 0x4f7: 0xfb,
+ 0x4f8: 0xfb, 0x4f9: 0xfb, 0x4fa: 0xfb, 0x4fb: 0xfb, 0x4fc: 0xfb, 0x4fd: 0xfb, 0x4fe: 0xfb, 0x4ff: 0xfb,
+ // Block 0x14, offset 0x500
+ 0x500: 0xfb, 0x501: 0xfb, 0x502: 0xfb, 0x503: 0xfb, 0x504: 0xfb, 0x505: 0xfb, 0x506: 0xfb, 0x507: 0xfb,
+ 0x508: 0xfb, 0x509: 0xfb, 0x50a: 0xfb, 0x50b: 0xfb, 0x50c: 0xfb, 0x50d: 0xfb, 0x50e: 0xfb, 0x50f: 0xfb,
+ 0x510: 0xfb, 0x511: 0xfb, 0x512: 0xfb, 0x513: 0xfb, 0x514: 0xfb, 0x515: 0xfb, 0x516: 0xfb, 0x517: 0xfb,
+ 0x518: 0xfb, 0x519: 0xfb, 0x51a: 0xfb, 0x51b: 0xfb, 0x51c: 0xfb, 0x51d: 0xfb, 0x51e: 0xfb, 0x51f: 0xfb,
+ 0x520: 0xa0, 0x521: 0xa0, 0x522: 0xa0, 0x523: 0xa0, 0x524: 0xa0, 0x525: 0xa0, 0x526: 0xa0, 0x527: 0xa0,
+ 0x528: 0x14d, 0x529: 0x15c, 0x52a: 0xfb, 0x52b: 0x15d, 0x52c: 0x15e, 0x52d: 0x15f, 0x52e: 0x160, 0x52f: 0xfb,
+ 0x530: 0xfb, 0x531: 0xfb, 0x532: 0xfb, 0x533: 0xfb, 0x534: 0xfb, 0x535: 0xfb, 0x536: 0xfb, 0x537: 0xfb,
+ 0x538: 0xfb, 0x539: 0x161, 0x53a: 0x162, 0x53b: 0xfb, 0x53c: 0xa0, 0x53d: 0x163, 0x53e: 0x164, 0x53f: 0x165,
+ // Block 0x15, offset 0x540
+ 0x540: 0xa0, 0x541: 0xa0, 0x542: 0xa0, 0x543: 0xa0, 0x544: 0xa0, 0x545: 0xa0, 0x546: 0xa0, 0x547: 0xa0,
+ 0x548: 0xa0, 0x549: 0xa0, 0x54a: 0xa0, 0x54b: 0xa0, 0x54c: 0xa0, 0x54d: 0xa0, 0x54e: 0xa0, 0x54f: 0xa0,
+ 0x550: 0xa0, 0x551: 0xa0, 0x552: 0xa0, 0x553: 0xa0, 0x554: 0xa0, 0x555: 0xa0, 0x556: 0xa0, 0x557: 0xa0,
+ 0x558: 0xa0, 0x559: 0xa0, 0x55a: 0xa0, 0x55b: 0xa0, 0x55c: 0xa0, 0x55d: 0xa0, 0x55e: 0xa0, 0x55f: 0x166,
+ 0x560: 0xa0, 0x561: 0xa0, 0x562: 0xa0, 0x563: 0xa0, 0x564: 0xa0, 0x565: 0xa0, 0x566: 0xa0, 0x567: 0xa0,
+ 0x568: 0xa0, 0x569: 0xa0, 0x56a: 0xa0, 0x56b: 0xa0, 0x56c: 0xa0, 0x56d: 0xa0, 0x56e: 0xa0, 0x56f: 0xa0,
+ 0x570: 0xa0, 0x571: 0xa0, 0x572: 0xa0, 0x573: 0x167, 0x574: 0x168, 0x575: 0xfb, 0x576: 0xfb, 0x577: 0xfb,
+ 0x578: 0xfb, 0x579: 0xfb, 0x57a: 0xfb, 0x57b: 0xfb, 0x57c: 0xfb, 0x57d: 0xfb, 0x57e: 0xfb, 0x57f: 0xfb,
+ // Block 0x16, offset 0x580
+ 0x580: 0xa0, 0x581: 0xa0, 0x582: 0xa0, 0x583: 0xa0, 0x584: 0x169, 0x585: 0x16a, 0x586: 0xa0, 0x587: 0xa0,
+ 0x588: 0xa0, 0x589: 0xa0, 0x58a: 0xa0, 0x58b: 0x16b, 0x58c: 0xfb, 0x58d: 0xfb, 0x58e: 0xfb, 0x58f: 0xfb,
+ 0x590: 0xfb, 0x591: 0xfb, 0x592: 0xfb, 0x593: 0xfb, 0x594: 0xfb, 0x595: 0xfb, 0x596: 0xfb, 0x597: 0xfb,
+ 0x598: 0xfb, 0x599: 0xfb, 0x59a: 0xfb, 0x59b: 0xfb, 0x59c: 0xfb, 0x59d: 0xfb, 0x59e: 0xfb, 0x59f: 0xfb,
+ 0x5a0: 0xfb, 0x5a1: 0xfb, 0x5a2: 0xfb, 0x5a3: 0xfb, 0x5a4: 0xfb, 0x5a5: 0xfb, 0x5a6: 0xfb, 0x5a7: 0xfb,
+ 0x5a8: 0xfb, 0x5a9: 0xfb, 0x5aa: 0xfb, 0x5ab: 0xfb, 0x5ac: 0xfb, 0x5ad: 0xfb, 0x5ae: 0xfb, 0x5af: 0xfb,
+ 0x5b0: 0xa0, 0x5b1: 0x16c, 0x5b2: 0x16d, 0x5b3: 0xfb, 0x5b4: 0xfb, 0x5b5: 0xfb, 0x5b6: 0xfb, 0x5b7: 0xfb,
+ 0x5b8: 0xfb, 0x5b9: 0xfb, 0x5ba: 0xfb, 0x5bb: 0xfb, 0x5bc: 0xfb, 0x5bd: 0xfb, 0x5be: 0xfb, 0x5bf: 0xfb,
+ // Block 0x17, offset 0x5c0
+ 0x5c0: 0x9c, 0x5c1: 0x9c, 0x5c2: 0x9c, 0x5c3: 0x16e, 0x5c4: 0x16f, 0x5c5: 0x170, 0x5c6: 0x171, 0x5c7: 0x172,
+ 0x5c8: 0x9c, 0x5c9: 0x173, 0x5ca: 0xfb, 0x5cb: 0x174, 0x5cc: 0x9c, 0x5cd: 0x175, 0x5ce: 0xfb, 0x5cf: 0xfb,
+ 0x5d0: 0x60, 0x5d1: 0x61, 0x5d2: 0x62, 0x5d3: 0x63, 0x5d4: 0x64, 0x5d5: 0x65, 0x5d6: 0x66, 0x5d7: 0x67,
+ 0x5d8: 0x68, 0x5d9: 0x69, 0x5da: 0x6a, 0x5db: 0x6b, 0x5dc: 0x6c, 0x5dd: 0x6d, 0x5de: 0x6e, 0x5df: 0x6f,
+ 0x5e0: 0x9c, 0x5e1: 0x9c, 0x5e2: 0x9c, 0x5e3: 0x9c, 0x5e4: 0x9c, 0x5e5: 0x9c, 0x5e6: 0x9c, 0x5e7: 0x9c,
+ 0x5e8: 0x176, 0x5e9: 0x177, 0x5ea: 0x178, 0x5eb: 0xfb, 0x5ec: 0xfb, 0x5ed: 0xfb, 0x5ee: 0xfb, 0x5ef: 0xfb,
+ 0x5f0: 0xfb, 0x5f1: 0xfb, 0x5f2: 0xfb, 0x5f3: 0xfb, 0x5f4: 0xfb, 0x5f5: 0xfb, 0x5f6: 0xfb, 0x5f7: 0xfb,
+ 0x5f8: 0xfb, 0x5f9: 0xfb, 0x5fa: 0xfb, 0x5fb: 0xfb, 0x5fc: 0xfb, 0x5fd: 0xfb, 0x5fe: 0xfb, 0x5ff: 0xfb,
+ // Block 0x18, offset 0x600
+ 0x600: 0x179, 0x601: 0xfb, 0x602: 0xfb, 0x603: 0xfb, 0x604: 0x17a, 0x605: 0x17b, 0x606: 0xfb, 0x607: 0xfb,
+ 0x608: 0xfb, 0x609: 0xfb, 0x60a: 0xfb, 0x60b: 0x17c, 0x60c: 0xfb, 0x60d: 0xfb, 0x60e: 0xfb, 0x60f: 0xfb,
+ 0x610: 0xfb, 0x611: 0xfb, 0x612: 0xfb, 0x613: 0xfb, 0x614: 0xfb, 0x615: 0xfb, 0x616: 0xfb, 0x617: 0xfb,
+ 0x618: 0xfb, 0x619: 0xfb, 0x61a: 0xfb, 0x61b: 0xfb, 0x61c: 0xfb, 0x61d: 0xfb, 0x61e: 0xfb, 0x61f: 0xfb,
+ 0x620: 0x123, 0x621: 0x123, 0x622: 0x123, 0x623: 0x17d, 0x624: 0x70, 0x625: 0x17e, 0x626: 0xfb, 0x627: 0xfb,
+ 0x628: 0xfb, 0x629: 0xfb, 0x62a: 0xfb, 0x62b: 0xfb, 0x62c: 0xfb, 0x62d: 0xfb, 0x62e: 0xfb, 0x62f: 0xfb,
+ 0x630: 0xfb, 0x631: 0x17f, 0x632: 0x180, 0x633: 0xfb, 0x634: 0x181, 0x635: 0xfb, 0x636: 0xfb, 0x637: 0xfb,
+ 0x638: 0x71, 0x639: 0x72, 0x63a: 0x73, 0x63b: 0x182, 0x63c: 0xfb, 0x63d: 0xfb, 0x63e: 0xfb, 0x63f: 0xfb,
+ // Block 0x19, offset 0x640
+ 0x640: 0x183, 0x641: 0x9c, 0x642: 0x184, 0x643: 0x185, 0x644: 0x74, 0x645: 0x75, 0x646: 0x186, 0x647: 0x187,
+ 0x648: 0x76, 0x649: 0x188, 0x64a: 0xfb, 0x64b: 0xfb, 0x64c: 0x9c, 0x64d: 0x9c, 0x64e: 0x9c, 0x64f: 0x9c,
+ 0x650: 0x9c, 0x651: 0x9c, 0x652: 0x9c, 0x653: 0x9c, 0x654: 0x9c, 0x655: 0x9c, 0x656: 0x9c, 0x657: 0x9c,
+ 0x658: 0x9c, 0x659: 0x9c, 0x65a: 0x9c, 0x65b: 0x189, 0x65c: 0x9c, 0x65d: 0x18a, 0x65e: 0x9c, 0x65f: 0x18b,
+ 0x660: 0x18c, 0x661: 0x18d, 0x662: 0x18e, 0x663: 0xfb, 0x664: 0x9c, 0x665: 0x18f, 0x666: 0x9c, 0x667: 0x190,
+ 0x668: 0x9c, 0x669: 0x191, 0x66a: 0x192, 0x66b: 0x193, 0x66c: 0x9c, 0x66d: 0x9c, 0x66e: 0x194, 0x66f: 0x195,
+ 0x670: 0xfb, 0x671: 0xfb, 0x672: 0xfb, 0x673: 0xfb, 0x674: 0xfb, 0x675: 0xfb, 0x676: 0xfb, 0x677: 0xfb,
+ 0x678: 0xfb, 0x679: 0xfb, 0x67a: 0xfb, 0x67b: 0xfb, 0x67c: 0xfb, 0x67d: 0xfb, 0x67e: 0xfb, 0x67f: 0xfb,
+ // Block 0x1a, offset 0x680
+ 0x680: 0xa0, 0x681: 0xa0, 0x682: 0xa0, 0x683: 0xa0, 0x684: 0xa0, 0x685: 0xa0, 0x686: 0xa0, 0x687: 0xa0,
+ 0x688: 0xa0, 0x689: 0xa0, 0x68a: 0xa0, 0x68b: 0xa0, 0x68c: 0xa0, 0x68d: 0xa0, 0x68e: 0xa0, 0x68f: 0xa0,
+ 0x690: 0xa0, 0x691: 0xa0, 0x692: 0xa0, 0x693: 0xa0, 0x694: 0xa0, 0x695: 0xa0, 0x696: 0xa0, 0x697: 0xa0,
+ 0x698: 0xa0, 0x699: 0xa0, 0x69a: 0xa0, 0x69b: 0x196, 0x69c: 0xa0, 0x69d: 0xa0, 0x69e: 0xa0, 0x69f: 0xa0,
+ 0x6a0: 0xa0, 0x6a1: 0xa0, 0x6a2: 0xa0, 0x6a3: 0xa0, 0x6a4: 0xa0, 0x6a5: 0xa0, 0x6a6: 0xa0, 0x6a7: 0xa0,
+ 0x6a8: 0xa0, 0x6a9: 0xa0, 0x6aa: 0xa0, 0x6ab: 0xa0, 0x6ac: 0xa0, 0x6ad: 0xa0, 0x6ae: 0xa0, 0x6af: 0xa0,
+ 0x6b0: 0xa0, 0x6b1: 0xa0, 0x6b2: 0xa0, 0x6b3: 0xa0, 0x6b4: 0xa0, 0x6b5: 0xa0, 0x6b6: 0xa0, 0x6b7: 0xa0,
+ 0x6b8: 0xa0, 0x6b9: 0xa0, 0x6ba: 0xa0, 0x6bb: 0xa0, 0x6bc: 0xa0, 0x6bd: 0xa0, 0x6be: 0xa0, 0x6bf: 0xa0,
+ // Block 0x1b, offset 0x6c0
+ 0x6c0: 0xa0, 0x6c1: 0xa0, 0x6c2: 0xa0, 0x6c3: 0xa0, 0x6c4: 0xa0, 0x6c5: 0xa0, 0x6c6: 0xa0, 0x6c7: 0xa0,
+ 0x6c8: 0xa0, 0x6c9: 0xa0, 0x6ca: 0xa0, 0x6cb: 0xa0, 0x6cc: 0xa0, 0x6cd: 0xa0, 0x6ce: 0xa0, 0x6cf: 0xa0,
+ 0x6d0: 0xa0, 0x6d1: 0xa0, 0x6d2: 0xa0, 0x6d3: 0xa0, 0x6d4: 0xa0, 0x6d5: 0xa0, 0x6d6: 0xa0, 0x6d7: 0xa0,
+ 0x6d8: 0xa0, 0x6d9: 0xa0, 0x6da: 0xa0, 0x6db: 0xa0, 0x6dc: 0x197, 0x6dd: 0xa0, 0x6de: 0xa0, 0x6df: 0xa0,
+ 0x6e0: 0x198, 0x6e1: 0xa0, 0x6e2: 0xa0, 0x6e3: 0xa0, 0x6e4: 0xa0, 0x6e5: 0xa0, 0x6e6: 0xa0, 0x6e7: 0xa0,
+ 0x6e8: 0xa0, 0x6e9: 0xa0, 0x6ea: 0xa0, 0x6eb: 0xa0, 0x6ec: 0xa0, 0x6ed: 0xa0, 0x6ee: 0xa0, 0x6ef: 0xa0,
+ 0x6f0: 0xa0, 0x6f1: 0xa0, 0x6f2: 0xa0, 0x6f3: 0xa0, 0x6f4: 0xa0, 0x6f5: 0xa0, 0x6f6: 0xa0, 0x6f7: 0xa0,
+ 0x6f8: 0xa0, 0x6f9: 0xa0, 0x6fa: 0xa0, 0x6fb: 0xa0, 0x6fc: 0xa0, 0x6fd: 0xa0, 0x6fe: 0xa0, 0x6ff: 0xa0,
+ // Block 0x1c, offset 0x700
+ 0x700: 0xa0, 0x701: 0xa0, 0x702: 0xa0, 0x703: 0xa0, 0x704: 0xa0, 0x705: 0xa0, 0x706: 0xa0, 0x707: 0xa0,
+ 0x708: 0xa0, 0x709: 0xa0, 0x70a: 0xa0, 0x70b: 0xa0, 0x70c: 0xa0, 0x70d: 0xa0, 0x70e: 0xa0, 0x70f: 0xa0,
+ 0x710: 0xa0, 0x711: 0xa0, 0x712: 0xa0, 0x713: 0xa0, 0x714: 0xa0, 0x715: 0xa0, 0x716: 0xa0, 0x717: 0xa0,
+ 0x718: 0xa0, 0x719: 0xa0, 0x71a: 0xa0, 0x71b: 0xa0, 0x71c: 0xa0, 0x71d: 0xa0, 0x71e: 0xa0, 0x71f: 0xa0,
+ 0x720: 0xa0, 0x721: 0xa0, 0x722: 0xa0, 0x723: 0xa0, 0x724: 0xa0, 0x725: 0xa0, 0x726: 0xa0, 0x727: 0xa0,
+ 0x728: 0xa0, 0x729: 0xa0, 0x72a: 0xa0, 0x72b: 0xa0, 0x72c: 0xa0, 0x72d: 0xa0, 0x72e: 0xa0, 0x72f: 0xa0,
+ 0x730: 0xa0, 0x731: 0xa0, 0x732: 0xa0, 0x733: 0xa0, 0x734: 0xa0, 0x735: 0xa0, 0x736: 0xa0, 0x737: 0xa0,
+ 0x738: 0xa0, 0x739: 0xa0, 0x73a: 0x199, 0x73b: 0xa0, 0x73c: 0xa0, 0x73d: 0xa0, 0x73e: 0xa0, 0x73f: 0xa0,
+ // Block 0x1d, offset 0x740
+ 0x740: 0xa0, 0x741: 0xa0, 0x742: 0xa0, 0x743: 0xa0, 0x744: 0xa0, 0x745: 0xa0, 0x746: 0xa0, 0x747: 0xa0,
+ 0x748: 0xa0, 0x749: 0xa0, 0x74a: 0xa0, 0x74b: 0xa0, 0x74c: 0xa0, 0x74d: 0xa0, 0x74e: 0xa0, 0x74f: 0xa0,
+ 0x750: 0xa0, 0x751: 0xa0, 0x752: 0xa0, 0x753: 0xa0, 0x754: 0xa0, 0x755: 0xa0, 0x756: 0xa0, 0x757: 0xa0,
+ 0x758: 0xa0, 0x759: 0xa0, 0x75a: 0xa0, 0x75b: 0xa0, 0x75c: 0xa0, 0x75d: 0xa0, 0x75e: 0xa0, 0x75f: 0xa0,
+ 0x760: 0xa0, 0x761: 0xa0, 0x762: 0xa0, 0x763: 0xa0, 0x764: 0xa0, 0x765: 0xa0, 0x766: 0xa0, 0x767: 0xa0,
+ 0x768: 0xa0, 0x769: 0xa0, 0x76a: 0xa0, 0x76b: 0xa0, 0x76c: 0xa0, 0x76d: 0xa0, 0x76e: 0xa0, 0x76f: 0x19a,
+ 0x770: 0xfb, 0x771: 0xfb, 0x772: 0xfb, 0x773: 0xfb, 0x774: 0xfb, 0x775: 0xfb, 0x776: 0xfb, 0x777: 0xfb,
+ 0x778: 0xfb, 0x779: 0xfb, 0x77a: 0xfb, 0x77b: 0xfb, 0x77c: 0xfb, 0x77d: 0xfb, 0x77e: 0xfb, 0x77f: 0xfb,
+ // Block 0x1e, offset 0x780
+ 0x780: 0xfb, 0x781: 0xfb, 0x782: 0xfb, 0x783: 0xfb, 0x784: 0xfb, 0x785: 0xfb, 0x786: 0xfb, 0x787: 0xfb,
+ 0x788: 0xfb, 0x789: 0xfb, 0x78a: 0xfb, 0x78b: 0xfb, 0x78c: 0xfb, 0x78d: 0xfb, 0x78e: 0xfb, 0x78f: 0xfb,
+ 0x790: 0xfb, 0x791: 0xfb, 0x792: 0xfb, 0x793: 0xfb, 0x794: 0xfb, 0x795: 0xfb, 0x796: 0xfb, 0x797: 0xfb,
+ 0x798: 0xfb, 0x799: 0xfb, 0x79a: 0xfb, 0x79b: 0xfb, 0x79c: 0xfb, 0x79d: 0xfb, 0x79e: 0xfb, 0x79f: 0xfb,
+ 0x7a0: 0x77, 0x7a1: 0x78, 0x7a2: 0x79, 0x7a3: 0x19b, 0x7a4: 0x7a, 0x7a5: 0x7b, 0x7a6: 0x19c, 0x7a7: 0x7c,
+ 0x7a8: 0x7d, 0x7a9: 0xfb, 0x7aa: 0xfb, 0x7ab: 0xfb, 0x7ac: 0xfb, 0x7ad: 0xfb, 0x7ae: 0xfb, 0x7af: 0xfb,
+ 0x7b0: 0xfb, 0x7b1: 0xfb, 0x7b2: 0xfb, 0x7b3: 0xfb, 0x7b4: 0xfb, 0x7b5: 0xfb, 0x7b6: 0xfb, 0x7b7: 0xfb,
+ 0x7b8: 0xfb, 0x7b9: 0xfb, 0x7ba: 0xfb, 0x7bb: 0xfb, 0x7bc: 0xfb, 0x7bd: 0xfb, 0x7be: 0xfb, 0x7bf: 0xfb,
+ // Block 0x1f, offset 0x7c0
+ 0x7c0: 0xa0, 0x7c1: 0xa0, 0x7c2: 0xa0, 0x7c3: 0xa0, 0x7c4: 0xa0, 0x7c5: 0xa0, 0x7c6: 0xa0, 0x7c7: 0xa0,
+ 0x7c8: 0xa0, 0x7c9: 0xa0, 0x7ca: 0xa0, 0x7cb: 0xa0, 0x7cc: 0xa0, 0x7cd: 0x19d, 0x7ce: 0xfb, 0x7cf: 0xfb,
+ 0x7d0: 0xfb, 0x7d1: 0xfb, 0x7d2: 0xfb, 0x7d3: 0xfb, 0x7d4: 0xfb, 0x7d5: 0xfb, 0x7d6: 0xfb, 0x7d7: 0xfb,
+ 0x7d8: 0xfb, 0x7d9: 0xfb, 0x7da: 0xfb, 0x7db: 0xfb, 0x7dc: 0xfb, 0x7dd: 0xfb, 0x7de: 0xfb, 0x7df: 0xfb,
+ 0x7e0: 0xfb, 0x7e1: 0xfb, 0x7e2: 0xfb, 0x7e3: 0xfb, 0x7e4: 0xfb, 0x7e5: 0xfb, 0x7e6: 0xfb, 0x7e7: 0xfb,
+ 0x7e8: 0xfb, 0x7e9: 0xfb, 0x7ea: 0xfb, 0x7eb: 0xfb, 0x7ec: 0xfb, 0x7ed: 0xfb, 0x7ee: 0xfb, 0x7ef: 0xfb,
+ 0x7f0: 0xfb, 0x7f1: 0xfb, 0x7f2: 0xfb, 0x7f3: 0xfb, 0x7f4: 0xfb, 0x7f5: 0xfb, 0x7f6: 0xfb, 0x7f7: 0xfb,
+ 0x7f8: 0xfb, 0x7f9: 0xfb, 0x7fa: 0xfb, 0x7fb: 0xfb, 0x7fc: 0xfb, 0x7fd: 0xfb, 0x7fe: 0xfb, 0x7ff: 0xfb,
+ // Block 0x20, offset 0x800
+ 0x810: 0x0d, 0x811: 0x0e, 0x812: 0x0f, 0x813: 0x10, 0x814: 0x11, 0x815: 0x0b, 0x816: 0x12, 0x817: 0x07,
+ 0x818: 0x13, 0x819: 0x0b, 0x81a: 0x0b, 0x81b: 0x14, 0x81c: 0x0b, 0x81d: 0x15, 0x81e: 0x16, 0x81f: 0x17,
+ 0x820: 0x07, 0x821: 0x07, 0x822: 0x07, 0x823: 0x07, 0x824: 0x07, 0x825: 0x07, 0x826: 0x07, 0x827: 0x07,
+ 0x828: 0x07, 0x829: 0x07, 0x82a: 0x18, 0x82b: 0x19, 0x82c: 0x1a, 0x82d: 0x07, 0x82e: 0x1b, 0x82f: 0x1c,
+ 0x830: 0x07, 0x831: 0x1d, 0x832: 0x0b, 0x833: 0x0b, 0x834: 0x0b, 0x835: 0x0b, 0x836: 0x0b, 0x837: 0x0b,
+ 0x838: 0x0b, 0x839: 0x0b, 0x83a: 0x0b, 0x83b: 0x0b, 0x83c: 0x0b, 0x83d: 0x0b, 0x83e: 0x0b, 0x83f: 0x0b,
+ // Block 0x21, offset 0x840
+ 0x840: 0x0b, 0x841: 0x0b, 0x842: 0x0b, 0x843: 0x0b, 0x844: 0x0b, 0x845: 0x0b, 0x846: 0x0b, 0x847: 0x0b,
+ 0x848: 0x0b, 0x849: 0x0b, 0x84a: 0x0b, 0x84b: 0x0b, 0x84c: 0x0b, 0x84d: 0x0b, 0x84e: 0x0b, 0x84f: 0x0b,
+ 0x850: 0x0b, 0x851: 0x0b, 0x852: 0x0b, 0x853: 0x0b, 0x854: 0x0b, 0x855: 0x0b, 0x856: 0x0b, 0x857: 0x0b,
+ 0x858: 0x0b, 0x859: 0x0b, 0x85a: 0x0b, 0x85b: 0x0b, 0x85c: 0x0b, 0x85d: 0x0b, 0x85e: 0x0b, 0x85f: 0x0b,
+ 0x860: 0x0b, 0x861: 0x0b, 0x862: 0x0b, 0x863: 0x0b, 0x864: 0x0b, 0x865: 0x0b, 0x866: 0x0b, 0x867: 0x0b,
+ 0x868: 0x0b, 0x869: 0x0b, 0x86a: 0x0b, 0x86b: 0x0b, 0x86c: 0x0b, 0x86d: 0x0b, 0x86e: 0x0b, 0x86f: 0x0b,
+ 0x870: 0x0b, 0x871: 0x0b, 0x872: 0x0b, 0x873: 0x0b, 0x874: 0x0b, 0x875: 0x0b, 0x876: 0x0b, 0x877: 0x0b,
+ 0x878: 0x0b, 0x879: 0x0b, 0x87a: 0x0b, 0x87b: 0x0b, 0x87c: 0x0b, 0x87d: 0x0b, 0x87e: 0x0b, 0x87f: 0x0b,
+ // Block 0x22, offset 0x880
+ 0x880: 0x19e, 0x881: 0x19f, 0x882: 0xfb, 0x883: 0xfb, 0x884: 0x1a0, 0x885: 0x1a0, 0x886: 0x1a0, 0x887: 0x1a1,
+ 0x888: 0xfb, 0x889: 0xfb, 0x88a: 0xfb, 0x88b: 0xfb, 0x88c: 0xfb, 0x88d: 0xfb, 0x88e: 0xfb, 0x88f: 0xfb,
+ 0x890: 0xfb, 0x891: 0xfb, 0x892: 0xfb, 0x893: 0xfb, 0x894: 0xfb, 0x895: 0xfb, 0x896: 0xfb, 0x897: 0xfb,
+ 0x898: 0xfb, 0x899: 0xfb, 0x89a: 0xfb, 0x89b: 0xfb, 0x89c: 0xfb, 0x89d: 0xfb, 0x89e: 0xfb, 0x89f: 0xfb,
+ 0x8a0: 0xfb, 0x8a1: 0xfb, 0x8a2: 0xfb, 0x8a3: 0xfb, 0x8a4: 0xfb, 0x8a5: 0xfb, 0x8a6: 0xfb, 0x8a7: 0xfb,
+ 0x8a8: 0xfb, 0x8a9: 0xfb, 0x8aa: 0xfb, 0x8ab: 0xfb, 0x8ac: 0xfb, 0x8ad: 0xfb, 0x8ae: 0xfb, 0x8af: 0xfb,
+ 0x8b0: 0xfb, 0x8b1: 0xfb, 0x8b2: 0xfb, 0x8b3: 0xfb, 0x8b4: 0xfb, 0x8b5: 0xfb, 0x8b6: 0xfb, 0x8b7: 0xfb,
+ 0x8b8: 0xfb, 0x8b9: 0xfb, 0x8ba: 0xfb, 0x8bb: 0xfb, 0x8bc: 0xfb, 0x8bd: 0xfb, 0x8be: 0xfb, 0x8bf: 0xfb,
+ // Block 0x23, offset 0x8c0
+ 0x8c0: 0x0b, 0x8c1: 0x0b, 0x8c2: 0x0b, 0x8c3: 0x0b, 0x8c4: 0x0b, 0x8c5: 0x0b, 0x8c6: 0x0b, 0x8c7: 0x0b,
+ 0x8c8: 0x0b, 0x8c9: 0x0b, 0x8ca: 0x0b, 0x8cb: 0x0b, 0x8cc: 0x0b, 0x8cd: 0x0b, 0x8ce: 0x0b, 0x8cf: 0x0b,
+ 0x8d0: 0x0b, 0x8d1: 0x0b, 0x8d2: 0x0b, 0x8d3: 0x0b, 0x8d4: 0x0b, 0x8d5: 0x0b, 0x8d6: 0x0b, 0x8d7: 0x0b,
+ 0x8d8: 0x0b, 0x8d9: 0x0b, 0x8da: 0x0b, 0x8db: 0x0b, 0x8dc: 0x0b, 0x8dd: 0x0b, 0x8de: 0x0b, 0x8df: 0x0b,
+ 0x8e0: 0x20, 0x8e1: 0x0b, 0x8e2: 0x0b, 0x8e3: 0x0b, 0x8e4: 0x0b, 0x8e5: 0x0b, 0x8e6: 0x0b, 0x8e7: 0x0b,
+ 0x8e8: 0x0b, 0x8e9: 0x0b, 0x8ea: 0x0b, 0x8eb: 0x0b, 0x8ec: 0x0b, 0x8ed: 0x0b, 0x8ee: 0x0b, 0x8ef: 0x0b,
+ 0x8f0: 0x0b, 0x8f1: 0x0b, 0x8f2: 0x0b, 0x8f3: 0x0b, 0x8f4: 0x0b, 0x8f5: 0x0b, 0x8f6: 0x0b, 0x8f7: 0x0b,
+ 0x8f8: 0x0b, 0x8f9: 0x0b, 0x8fa: 0x0b, 0x8fb: 0x0b, 0x8fc: 0x0b, 0x8fd: 0x0b, 0x8fe: 0x0b, 0x8ff: 0x0b,
+ // Block 0x24, offset 0x900
+ 0x900: 0x0b, 0x901: 0x0b, 0x902: 0x0b, 0x903: 0x0b, 0x904: 0x0b, 0x905: 0x0b, 0x906: 0x0b, 0x907: 0x0b,
+ 0x908: 0x0b, 0x909: 0x0b, 0x90a: 0x0b, 0x90b: 0x0b, 0x90c: 0x0b, 0x90d: 0x0b, 0x90e: 0x0b, 0x90f: 0x0b,
+}
+
+// idnaSparseOffset: 292 entries, 584 bytes
+var idnaSparseOffset = []uint16{0x0, 0x8, 0x19, 0x25, 0x27, 0x2c, 0x33, 0x3e, 0x4a, 0x4e, 0x5d, 0x62, 0x6c, 0x78, 0x85, 0x8b, 0x94, 0xa4, 0xb2, 0xbd, 0xca, 0xdb, 0xe5, 0xec, 0xf9, 0x10a, 0x111, 0x11c, 0x12b, 0x139, 0x143, 0x145, 0x14a, 0x14d, 0x150, 0x152, 0x15e, 0x169, 0x171, 0x177, 0x17d, 0x182, 0x187, 0x18a, 0x18e, 0x194, 0x199, 0x1a5, 0x1af, 0x1b5, 0x1c6, 0x1d0, 0x1d3, 0x1db, 0x1de, 0x1eb, 0x1f3, 0x1f7, 0x1fe, 0x206, 0x216, 0x222, 0x225, 0x22f, 0x23b, 0x247, 0x253, 0x25b, 0x260, 0x26d, 0x27e, 0x282, 0x28d, 0x291, 0x29a, 0x2a2, 0x2a8, 0x2ad, 0x2b0, 0x2b4, 0x2ba, 0x2be, 0x2c2, 0x2c6, 0x2cc, 0x2d4, 0x2db, 0x2e6, 0x2f0, 0x2f4, 0x2f7, 0x2fd, 0x301, 0x303, 0x306, 0x308, 0x30b, 0x315, 0x318, 0x327, 0x32b, 0x330, 0x333, 0x337, 0x33c, 0x341, 0x347, 0x358, 0x368, 0x36e, 0x372, 0x381, 0x386, 0x38e, 0x398, 0x3a3, 0x3ab, 0x3bc, 0x3c5, 0x3d5, 0x3e2, 0x3ee, 0x3f3, 0x400, 0x404, 0x409, 0x40b, 0x40d, 0x411, 0x413, 0x417, 0x420, 0x426, 0x42a, 0x43a, 0x444, 0x449, 0x44c, 0x452, 0x459, 0x45e, 0x462, 0x468, 0x46d, 0x476, 0x47b, 0x481, 0x488, 0x48f, 0x496, 0x49a, 0x49f, 0x4a2, 0x4a7, 0x4b3, 0x4b9, 0x4be, 0x4c5, 0x4cd, 0x4d2, 0x4d6, 0x4e6, 0x4ed, 0x4f1, 0x4f5, 0x4fc, 0x4fe, 0x501, 0x504, 0x508, 0x511, 0x515, 0x51d, 0x525, 0x52d, 0x539, 0x545, 0x54b, 0x554, 0x560, 0x567, 0x570, 0x57b, 0x582, 0x591, 0x59e, 0x5ab, 0x5b4, 0x5b8, 0x5c7, 0x5cf, 0x5da, 0x5e3, 0x5e9, 0x5f1, 0x5fa, 0x605, 0x608, 0x614, 0x61d, 0x620, 0x625, 0x62e, 0x633, 0x640, 0x64b, 0x654, 0x65e, 0x661, 0x66b, 0x674, 0x680, 0x68d, 0x69a, 0x6a8, 0x6af, 0x6b3, 0x6b7, 0x6ba, 0x6bf, 0x6c2, 0x6c7, 0x6ca, 0x6d1, 0x6d8, 0x6dc, 0x6e7, 0x6ea, 0x6ed, 0x6f0, 0x6f6, 0x6fc, 0x705, 0x708, 0x70b, 0x70e, 0x711, 0x718, 0x71b, 0x720, 0x72a, 0x72d, 0x731, 0x740, 0x74c, 0x750, 0x755, 0x759, 0x75e, 0x762, 0x767, 0x770, 0x77b, 0x781, 0x787, 0x78d, 0x793, 0x79c, 0x79f, 0x7a2, 0x7a6, 0x7aa, 0x7ae, 0x7b4, 0x7ba, 0x7bf, 0x7c2, 0x7d2, 0x7d9, 0x7dc, 0x7e1, 0x7e5, 0x7eb, 0x7f2, 0x7f6, 0x7fa, 0x803, 0x80a, 0x80f, 0x813, 0x821, 0x824, 0x827, 0x82b, 0x82f, 0x832, 0x842, 0x853, 0x856, 0x85b, 0x85d, 0x85f}
+
+// idnaSparseValues: 2146 entries, 8584 bytes
+var idnaSparseValues = [2146]valueRange{
+ // Block 0x0, offset 0x0
+ {value: 0x0000, lo: 0x07},
+ {value: 0xe105, lo: 0x80, hi: 0x96},
+ {value: 0x0018, lo: 0x97, hi: 0x97},
+ {value: 0xe105, lo: 0x98, hi: 0x9e},
+ {value: 0x001f, lo: 0x9f, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xb7},
+ {value: 0x0008, lo: 0xb8, hi: 0xbf},
+ // Block 0x1, offset 0x8
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0xe01d, lo: 0x81, hi: 0x81},
+ {value: 0x0008, lo: 0x82, hi: 0x82},
+ {value: 0x0335, lo: 0x83, hi: 0x83},
+ {value: 0x034d, lo: 0x84, hi: 0x84},
+ {value: 0x0365, lo: 0x85, hi: 0x85},
+ {value: 0xe00d, lo: 0x86, hi: 0x86},
+ {value: 0x0008, lo: 0x87, hi: 0x87},
+ {value: 0xe00d, lo: 0x88, hi: 0x88},
+ {value: 0x0008, lo: 0x89, hi: 0x89},
+ {value: 0xe00d, lo: 0x8a, hi: 0x8a},
+ {value: 0x0008, lo: 0x8b, hi: 0x8b},
+ {value: 0xe00d, lo: 0x8c, hi: 0x8c},
+ {value: 0x0008, lo: 0x8d, hi: 0x8d},
+ {value: 0xe00d, lo: 0x8e, hi: 0x8e},
+ {value: 0x0008, lo: 0x8f, hi: 0xbf},
+ // Block 0x2, offset 0x19
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0xaf},
+ {value: 0x0249, lo: 0xb0, hi: 0xb0},
+ {value: 0x037d, lo: 0xb1, hi: 0xb1},
+ {value: 0x0259, lo: 0xb2, hi: 0xb2},
+ {value: 0x0269, lo: 0xb3, hi: 0xb3},
+ {value: 0x034d, lo: 0xb4, hi: 0xb4},
+ {value: 0x0395, lo: 0xb5, hi: 0xb5},
+ {value: 0xe1bd, lo: 0xb6, hi: 0xb6},
+ {value: 0x0279, lo: 0xb7, hi: 0xb7},
+ {value: 0x0289, lo: 0xb8, hi: 0xb8},
+ {value: 0x0008, lo: 0xb9, hi: 0xbf},
+ // Block 0x3, offset 0x25
+ {value: 0x0000, lo: 0x01},
+ {value: 0x3308, lo: 0x80, hi: 0xbf},
+ // Block 0x4, offset 0x27
+ {value: 0x0000, lo: 0x04},
+ {value: 0x03f5, lo: 0x80, hi: 0x8f},
+ {value: 0xe105, lo: 0x90, hi: 0x9f},
+ {value: 0x049d, lo: 0xa0, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x5, offset 0x2c
+ {value: 0x0000, lo: 0x06},
+ {value: 0xe185, lo: 0x80, hi: 0x8f},
+ {value: 0x0545, lo: 0x90, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x98},
+ {value: 0x0008, lo: 0x99, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x6, offset 0x33
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0401, lo: 0x87, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x88},
+ {value: 0x0018, lo: 0x89, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0x90},
+ {value: 0x3308, lo: 0x91, hi: 0xbd},
+ {value: 0x0818, lo: 0xbe, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0x7, offset 0x3e
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0818, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x82},
+ {value: 0x0818, lo: 0x83, hi: 0x83},
+ {value: 0x3308, lo: 0x84, hi: 0x85},
+ {value: 0x0818, lo: 0x86, hi: 0x86},
+ {value: 0x3308, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0808, lo: 0x90, hi: 0xaa},
+ {value: 0x0040, lo: 0xab, hi: 0xae},
+ {value: 0x0808, lo: 0xaf, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0x8, offset 0x4a
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0a08, lo: 0x80, hi: 0x87},
+ {value: 0x0c08, lo: 0x88, hi: 0x99},
+ {value: 0x0a08, lo: 0x9a, hi: 0xbf},
+ // Block 0x9, offset 0x4e
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x3308, lo: 0x80, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0x8c},
+ {value: 0x0c08, lo: 0x8d, hi: 0x8d},
+ {value: 0x0a08, lo: 0x8e, hi: 0x98},
+ {value: 0x0c08, lo: 0x99, hi: 0x9b},
+ {value: 0x0a08, lo: 0x9c, hi: 0xaa},
+ {value: 0x0c08, lo: 0xab, hi: 0xac},
+ {value: 0x0a08, lo: 0xad, hi: 0xb0},
+ {value: 0x0c08, lo: 0xb1, hi: 0xb1},
+ {value: 0x0a08, lo: 0xb2, hi: 0xb2},
+ {value: 0x0c08, lo: 0xb3, hi: 0xb4},
+ {value: 0x0a08, lo: 0xb5, hi: 0xb7},
+ {value: 0x0c08, lo: 0xb8, hi: 0xb9},
+ {value: 0x0a08, lo: 0xba, hi: 0xbf},
+ // Block 0xa, offset 0x5d
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0808, lo: 0x80, hi: 0xa5},
+ {value: 0x3308, lo: 0xa6, hi: 0xb0},
+ {value: 0x0808, lo: 0xb1, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbf},
+ // Block 0xb, offset 0x62
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0808, lo: 0x80, hi: 0x89},
+ {value: 0x0a08, lo: 0x8a, hi: 0xaa},
+ {value: 0x3308, lo: 0xab, hi: 0xb3},
+ {value: 0x0808, lo: 0xb4, hi: 0xb5},
+ {value: 0x0018, lo: 0xb6, hi: 0xb9},
+ {value: 0x0818, lo: 0xba, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbc},
+ {value: 0x3308, lo: 0xbd, hi: 0xbd},
+ {value: 0x0818, lo: 0xbe, hi: 0xbf},
+ // Block 0xc, offset 0x6c
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0808, lo: 0x80, hi: 0x95},
+ {value: 0x3308, lo: 0x96, hi: 0x99},
+ {value: 0x0808, lo: 0x9a, hi: 0x9a},
+ {value: 0x3308, lo: 0x9b, hi: 0xa3},
+ {value: 0x0808, lo: 0xa4, hi: 0xa4},
+ {value: 0x3308, lo: 0xa5, hi: 0xa7},
+ {value: 0x0808, lo: 0xa8, hi: 0xa8},
+ {value: 0x3308, lo: 0xa9, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0818, lo: 0xb0, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0xd, offset 0x78
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0a08, lo: 0xa0, hi: 0xa9},
+ {value: 0x0c08, lo: 0xaa, hi: 0xac},
+ {value: 0x0808, lo: 0xad, hi: 0xad},
+ {value: 0x0c08, lo: 0xae, hi: 0xae},
+ {value: 0x0a08, lo: 0xaf, hi: 0xb0},
+ {value: 0x0c08, lo: 0xb1, hi: 0xb2},
+ {value: 0x0a08, lo: 0xb3, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xb5},
+ {value: 0x0a08, lo: 0xb6, hi: 0xb8},
+ {value: 0x0c08, lo: 0xb9, hi: 0xb9},
+ {value: 0x0a08, lo: 0xba, hi: 0xbf},
+ // Block 0xe, offset 0x85
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0a08, lo: 0x80, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x92},
+ {value: 0x3308, lo: 0x93, hi: 0xa1},
+ {value: 0x0840, lo: 0xa2, hi: 0xa2},
+ {value: 0x3308, lo: 0xa3, hi: 0xbf},
+ // Block 0xf, offset 0x8b
+ {value: 0x0000, lo: 0x08},
+ {value: 0x3308, lo: 0x80, hi: 0x82},
+ {value: 0x3008, lo: 0x83, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0xb9},
+ {value: 0x3308, lo: 0xba, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbf},
+ // Block 0x10, offset 0x94
+ {value: 0x0000, lo: 0x0f},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x3008, lo: 0x81, hi: 0x82},
+ {value: 0x0040, lo: 0x83, hi: 0x85},
+ {value: 0x3008, lo: 0x86, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x3008, lo: 0x8a, hi: 0x8c},
+ {value: 0x3b08, lo: 0x8d, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x96},
+ {value: 0x3008, lo: 0x97, hi: 0x97},
+ {value: 0x0040, lo: 0x98, hi: 0xa5},
+ {value: 0x0008, lo: 0xa6, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbf},
+ // Block 0x11, offset 0xa4
+ {value: 0x0000, lo: 0x0d},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x3008, lo: 0x81, hi: 0x83},
+ {value: 0x3308, lo: 0x84, hi: 0x84},
+ {value: 0x0008, lo: 0x85, hi: 0x8c},
+ {value: 0x0040, lo: 0x8d, hi: 0x8d},
+ {value: 0x0008, lo: 0x8e, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x91},
+ {value: 0x0008, lo: 0x92, hi: 0xa8},
+ {value: 0x0040, lo: 0xa9, hi: 0xa9},
+ {value: 0x0008, lo: 0xaa, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbd},
+ {value: 0x3308, lo: 0xbe, hi: 0xbf},
+ // Block 0x12, offset 0xb2
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x3308, lo: 0x80, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x8c},
+ {value: 0x0040, lo: 0x8d, hi: 0x8d},
+ {value: 0x0008, lo: 0x8e, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x91},
+ {value: 0x0008, lo: 0x92, hi: 0xba},
+ {value: 0x3b08, lo: 0xbb, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbf},
+ // Block 0x13, offset 0xbd
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x83},
+ {value: 0x0040, lo: 0x84, hi: 0x84},
+ {value: 0x0008, lo: 0x85, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x99},
+ {value: 0x0008, lo: 0x9a, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xb2},
+ {value: 0x0008, lo: 0xb3, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbf},
+ // Block 0x14, offset 0xca
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x89},
+ {value: 0x3b08, lo: 0x8a, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0x8e},
+ {value: 0x3008, lo: 0x8f, hi: 0x91},
+ {value: 0x3308, lo: 0x92, hi: 0x94},
+ {value: 0x0040, lo: 0x95, hi: 0x95},
+ {value: 0x3308, lo: 0x96, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x97},
+ {value: 0x3008, lo: 0x98, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xa5},
+ {value: 0x0008, lo: 0xa6, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xb1},
+ {value: 0x3008, lo: 0xb2, hi: 0xb3},
+ {value: 0x0018, lo: 0xb4, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0x15, offset 0xdb
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0xb0},
+ {value: 0x3308, lo: 0xb1, hi: 0xb1},
+ {value: 0x0008, lo: 0xb2, hi: 0xb2},
+ {value: 0x08f1, lo: 0xb3, hi: 0xb3},
+ {value: 0x3308, lo: 0xb4, hi: 0xb9},
+ {value: 0x3b08, lo: 0xba, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbe},
+ {value: 0x0018, lo: 0xbf, hi: 0xbf},
+ // Block 0x16, offset 0xe5
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x3308, lo: 0x87, hi: 0x8e},
+ {value: 0x0018, lo: 0x8f, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0x9b},
+ {value: 0x0040, lo: 0x9c, hi: 0xbf},
+ // Block 0x17, offset 0xec
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x84},
+ {value: 0x0040, lo: 0x85, hi: 0x85},
+ {value: 0x0008, lo: 0x86, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x87},
+ {value: 0x3308, lo: 0x88, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9b},
+ {value: 0x0961, lo: 0x9c, hi: 0x9c},
+ {value: 0x0999, lo: 0x9d, hi: 0x9d},
+ {value: 0x0008, lo: 0x9e, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xbf},
+ // Block 0x18, offset 0xf9
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x8a},
+ {value: 0x0008, lo: 0x8b, hi: 0x8b},
+ {value: 0xe03d, lo: 0x8c, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0x97},
+ {value: 0x3308, lo: 0x98, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa9},
+ {value: 0x0018, lo: 0xaa, hi: 0xb4},
+ {value: 0x3308, lo: 0xb5, hi: 0xb5},
+ {value: 0x0018, lo: 0xb6, hi: 0xb6},
+ {value: 0x3308, lo: 0xb7, hi: 0xb7},
+ {value: 0x0018, lo: 0xb8, hi: 0xb8},
+ {value: 0x3308, lo: 0xb9, hi: 0xb9},
+ {value: 0x0018, lo: 0xba, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbf},
+ // Block 0x19, offset 0x10a
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x85},
+ {value: 0x3308, lo: 0x86, hi: 0x86},
+ {value: 0x0018, lo: 0x87, hi: 0x8c},
+ {value: 0x0040, lo: 0x8d, hi: 0x8d},
+ {value: 0x0018, lo: 0x8e, hi: 0x9a},
+ {value: 0x0040, lo: 0x9b, hi: 0xbf},
+ // Block 0x1a, offset 0x111
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0xaa},
+ {value: 0x3008, lo: 0xab, hi: 0xac},
+ {value: 0x3308, lo: 0xad, hi: 0xb0},
+ {value: 0x3008, lo: 0xb1, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb7},
+ {value: 0x3008, lo: 0xb8, hi: 0xb8},
+ {value: 0x3b08, lo: 0xb9, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbc},
+ {value: 0x3308, lo: 0xbd, hi: 0xbe},
+ {value: 0x0008, lo: 0xbf, hi: 0xbf},
+ // Block 0x1b, offset 0x11c
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0018, lo: 0x8a, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x95},
+ {value: 0x3008, lo: 0x96, hi: 0x97},
+ {value: 0x3308, lo: 0x98, hi: 0x99},
+ {value: 0x0008, lo: 0x9a, hi: 0x9d},
+ {value: 0x3308, lo: 0x9e, hi: 0xa0},
+ {value: 0x0008, lo: 0xa1, hi: 0xa1},
+ {value: 0x3008, lo: 0xa2, hi: 0xa4},
+ {value: 0x0008, lo: 0xa5, hi: 0xa6},
+ {value: 0x3008, lo: 0xa7, hi: 0xad},
+ {value: 0x0008, lo: 0xae, hi: 0xb0},
+ {value: 0x3308, lo: 0xb1, hi: 0xb4},
+ {value: 0x0008, lo: 0xb5, hi: 0xbf},
+ // Block 0x1c, offset 0x12b
+ {value: 0x0000, lo: 0x0d},
+ {value: 0x0008, lo: 0x80, hi: 0x81},
+ {value: 0x3308, lo: 0x82, hi: 0x82},
+ {value: 0x3008, lo: 0x83, hi: 0x84},
+ {value: 0x3308, lo: 0x85, hi: 0x86},
+ {value: 0x3008, lo: 0x87, hi: 0x8c},
+ {value: 0x3308, lo: 0x8d, hi: 0x8d},
+ {value: 0x0008, lo: 0x8e, hi: 0x8e},
+ {value: 0x3008, lo: 0x8f, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x3008, lo: 0x9a, hi: 0x9c},
+ {value: 0x3308, lo: 0x9d, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xbf},
+ // Block 0x1d, offset 0x139
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0040, lo: 0x80, hi: 0x86},
+ {value: 0x055d, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8c},
+ {value: 0x055d, lo: 0x8d, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xba},
+ {value: 0x0018, lo: 0xbb, hi: 0xbb},
+ {value: 0xe105, lo: 0xbc, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbf},
+ // Block 0x1e, offset 0x143
+ {value: 0x0000, lo: 0x01},
+ {value: 0x0018, lo: 0x80, hi: 0xbf},
+ // Block 0x1f, offset 0x145
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0xa0},
+ {value: 0x2018, lo: 0xa1, hi: 0xb5},
+ {value: 0x0018, lo: 0xb6, hi: 0xbf},
+ // Block 0x20, offset 0x14a
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0xa7},
+ {value: 0x2018, lo: 0xa8, hi: 0xbf},
+ // Block 0x21, offset 0x14d
+ {value: 0x0000, lo: 0x02},
+ {value: 0x2018, lo: 0x80, hi: 0x82},
+ {value: 0x0018, lo: 0x83, hi: 0xbf},
+ // Block 0x22, offset 0x150
+ {value: 0x0000, lo: 0x01},
+ {value: 0x0008, lo: 0x80, hi: 0xbf},
+ // Block 0x23, offset 0x152
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x0008, lo: 0x8a, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0x98},
+ {value: 0x0040, lo: 0x99, hi: 0x99},
+ {value: 0x0008, lo: 0x9a, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x24, offset 0x15e
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x0008, lo: 0x8a, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xb0},
+ {value: 0x0040, lo: 0xb1, hi: 0xb1},
+ {value: 0x0008, lo: 0xb2, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb7},
+ {value: 0x0008, lo: 0xb8, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0x25, offset 0x169
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x0040, lo: 0x81, hi: 0x81},
+ {value: 0x0008, lo: 0x82, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0xbf},
+ // Block 0x26, offset 0x171
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x91},
+ {value: 0x0008, lo: 0x92, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0xbf},
+ // Block 0x27, offset 0x177
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x9a},
+ {value: 0x0040, lo: 0x9b, hi: 0x9c},
+ {value: 0x3308, lo: 0x9d, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0x28, offset 0x17d
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x29, offset 0x182
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb7},
+ {value: 0xe045, lo: 0xb8, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbf},
+ // Block 0x2a, offset 0x187
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0xbf},
+ // Block 0x2b, offset 0x18a
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xac},
+ {value: 0x0018, lo: 0xad, hi: 0xae},
+ {value: 0x0008, lo: 0xaf, hi: 0xbf},
+ // Block 0x2c, offset 0x18e
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0x9a},
+ {value: 0x0018, lo: 0x9b, hi: 0x9c},
+ {value: 0x0040, lo: 0x9d, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x2d, offset 0x194
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xaa},
+ {value: 0x0018, lo: 0xab, hi: 0xb0},
+ {value: 0x0008, lo: 0xb1, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0x2e, offset 0x199
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x8c},
+ {value: 0x0040, lo: 0x8d, hi: 0x8d},
+ {value: 0x0008, lo: 0x8e, hi: 0x91},
+ {value: 0x3308, lo: 0x92, hi: 0x93},
+ {value: 0x3b08, lo: 0x94, hi: 0x94},
+ {value: 0x0040, lo: 0x95, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb3},
+ {value: 0x3b08, lo: 0xb4, hi: 0xb4},
+ {value: 0x0018, lo: 0xb5, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0x2f, offset 0x1a5
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x91},
+ {value: 0x3308, lo: 0x92, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xad},
+ {value: 0x0008, lo: 0xae, hi: 0xb0},
+ {value: 0x0040, lo: 0xb1, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xbf},
+ // Block 0x30, offset 0x1af
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0xb3},
+ {value: 0x3340, lo: 0xb4, hi: 0xb5},
+ {value: 0x3008, lo: 0xb6, hi: 0xb6},
+ {value: 0x3308, lo: 0xb7, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbf},
+ // Block 0x31, offset 0x1b5
+ {value: 0x0000, lo: 0x10},
+ {value: 0x3008, lo: 0x80, hi: 0x85},
+ {value: 0x3308, lo: 0x86, hi: 0x86},
+ {value: 0x3008, lo: 0x87, hi: 0x88},
+ {value: 0x3308, lo: 0x89, hi: 0x91},
+ {value: 0x3b08, lo: 0x92, hi: 0x92},
+ {value: 0x3308, lo: 0x93, hi: 0x93},
+ {value: 0x0018, lo: 0x94, hi: 0x96},
+ {value: 0x0008, lo: 0x97, hi: 0x97},
+ {value: 0x0018, lo: 0x98, hi: 0x9b},
+ {value: 0x0008, lo: 0x9c, hi: 0x9c},
+ {value: 0x3308, lo: 0x9d, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0x32, offset 0x1c6
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0018, lo: 0x80, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x86},
+ {value: 0x0218, lo: 0x87, hi: 0x87},
+ {value: 0x0018, lo: 0x88, hi: 0x8a},
+ {value: 0x33c0, lo: 0x8b, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0208, lo: 0xa0, hi: 0xbf},
+ // Block 0x33, offset 0x1d0
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0208, lo: 0x80, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0x34, offset 0x1d3
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0x84},
+ {value: 0x3308, lo: 0x85, hi: 0x86},
+ {value: 0x0208, lo: 0x87, hi: 0xa8},
+ {value: 0x3308, lo: 0xa9, hi: 0xa9},
+ {value: 0x0208, lo: 0xaa, hi: 0xaa},
+ {value: 0x0040, lo: 0xab, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x35, offset 0x1db
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xbf},
+ // Block 0x36, offset 0x1de
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0x9f},
+ {value: 0x3308, lo: 0xa0, hi: 0xa2},
+ {value: 0x3008, lo: 0xa3, hi: 0xa6},
+ {value: 0x3308, lo: 0xa7, hi: 0xa8},
+ {value: 0x3008, lo: 0xa9, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xaf},
+ {value: 0x3008, lo: 0xb0, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb2},
+ {value: 0x3008, lo: 0xb3, hi: 0xb8},
+ {value: 0x3308, lo: 0xb9, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0x37, offset 0x1eb
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0018, lo: 0x80, hi: 0x80},
+ {value: 0x0040, lo: 0x81, hi: 0x83},
+ {value: 0x0018, lo: 0x84, hi: 0x85},
+ {value: 0x0008, lo: 0x86, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0x38, offset 0x1f3
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x39, offset 0x1f7
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0028, lo: 0x9a, hi: 0x9a},
+ {value: 0x0040, lo: 0x9b, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0xbf},
+ // Block 0x3a, offset 0x1fe
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0x96},
+ {value: 0x3308, lo: 0x97, hi: 0x98},
+ {value: 0x3008, lo: 0x99, hi: 0x9a},
+ {value: 0x3308, lo: 0x9b, hi: 0x9b},
+ {value: 0x0040, lo: 0x9c, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x3b, offset 0x206
+ {value: 0x0000, lo: 0x0f},
+ {value: 0x0008, lo: 0x80, hi: 0x94},
+ {value: 0x3008, lo: 0x95, hi: 0x95},
+ {value: 0x3308, lo: 0x96, hi: 0x96},
+ {value: 0x3008, lo: 0x97, hi: 0x97},
+ {value: 0x3308, lo: 0x98, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0x9f},
+ {value: 0x3b08, lo: 0xa0, hi: 0xa0},
+ {value: 0x3008, lo: 0xa1, hi: 0xa1},
+ {value: 0x3308, lo: 0xa2, hi: 0xa2},
+ {value: 0x3008, lo: 0xa3, hi: 0xa4},
+ {value: 0x3308, lo: 0xa5, hi: 0xac},
+ {value: 0x3008, lo: 0xad, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0x3c, offset 0x216
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xa6},
+ {value: 0x0008, lo: 0xa7, hi: 0xa7},
+ {value: 0x0018, lo: 0xa8, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xbd},
+ {value: 0x3318, lo: 0xbe, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0x3d, offset 0x222
+ {value: 0x0000, lo: 0x02},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x0040, lo: 0x81, hi: 0xbf},
+ // Block 0x3e, offset 0x225
+ {value: 0x0000, lo: 0x09},
+ {value: 0x3308, lo: 0x80, hi: 0x83},
+ {value: 0x3008, lo: 0x84, hi: 0x84},
+ {value: 0x0008, lo: 0x85, hi: 0xb3},
+ {value: 0x3308, lo: 0xb4, hi: 0xb4},
+ {value: 0x3008, lo: 0xb5, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbc},
+ {value: 0x3008, lo: 0xbd, hi: 0xbf},
+ // Block 0x3f, offset 0x22f
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x3008, lo: 0x80, hi: 0x81},
+ {value: 0x3308, lo: 0x82, hi: 0x82},
+ {value: 0x3008, lo: 0x83, hi: 0x83},
+ {value: 0x3808, lo: 0x84, hi: 0x84},
+ {value: 0x0008, lo: 0x85, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0xaa},
+ {value: 0x3308, lo: 0xab, hi: 0xb3},
+ {value: 0x0018, lo: 0xb4, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0x40, offset 0x23b
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x3308, lo: 0x80, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0xa0},
+ {value: 0x3008, lo: 0xa1, hi: 0xa1},
+ {value: 0x3308, lo: 0xa2, hi: 0xa5},
+ {value: 0x3008, lo: 0xa6, hi: 0xa7},
+ {value: 0x3308, lo: 0xa8, hi: 0xa9},
+ {value: 0x3808, lo: 0xaa, hi: 0xaa},
+ {value: 0x3b08, lo: 0xab, hi: 0xab},
+ {value: 0x3308, lo: 0xac, hi: 0xad},
+ {value: 0x0008, lo: 0xae, hi: 0xbf},
+ // Block 0x41, offset 0x247
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0xa5},
+ {value: 0x3308, lo: 0xa6, hi: 0xa6},
+ {value: 0x3008, lo: 0xa7, hi: 0xa7},
+ {value: 0x3308, lo: 0xa8, hi: 0xa9},
+ {value: 0x3008, lo: 0xaa, hi: 0xac},
+ {value: 0x3308, lo: 0xad, hi: 0xad},
+ {value: 0x3008, lo: 0xae, hi: 0xae},
+ {value: 0x3308, lo: 0xaf, hi: 0xb1},
+ {value: 0x3808, lo: 0xb2, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xbb},
+ {value: 0x0018, lo: 0xbc, hi: 0xbf},
+ // Block 0x42, offset 0x253
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0xa3},
+ {value: 0x3008, lo: 0xa4, hi: 0xab},
+ {value: 0x3308, lo: 0xac, hi: 0xb3},
+ {value: 0x3008, lo: 0xb4, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xba},
+ {value: 0x0018, lo: 0xbb, hi: 0xbf},
+ // Block 0x43, offset 0x25b
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0x8c},
+ {value: 0x0008, lo: 0x8d, hi: 0xbd},
+ {value: 0x0018, lo: 0xbe, hi: 0xbf},
+ // Block 0x44, offset 0x260
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0e29, lo: 0x80, hi: 0x80},
+ {value: 0x0e41, lo: 0x81, hi: 0x81},
+ {value: 0x0e59, lo: 0x82, hi: 0x82},
+ {value: 0x0e71, lo: 0x83, hi: 0x83},
+ {value: 0x0e89, lo: 0x84, hi: 0x85},
+ {value: 0x0ea1, lo: 0x86, hi: 0x86},
+ {value: 0x0eb9, lo: 0x87, hi: 0x87},
+ {value: 0x057d, lo: 0x88, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x8f},
+ {value: 0x059d, lo: 0x90, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbc},
+ {value: 0x059d, lo: 0xbd, hi: 0xbf},
+ // Block 0x45, offset 0x26d
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0018, lo: 0x80, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x3308, lo: 0x90, hi: 0x92},
+ {value: 0x0018, lo: 0x93, hi: 0x93},
+ {value: 0x3308, lo: 0x94, hi: 0xa0},
+ {value: 0x3008, lo: 0xa1, hi: 0xa1},
+ {value: 0x3308, lo: 0xa2, hi: 0xa8},
+ {value: 0x0008, lo: 0xa9, hi: 0xac},
+ {value: 0x3308, lo: 0xad, hi: 0xad},
+ {value: 0x0008, lo: 0xae, hi: 0xb3},
+ {value: 0x3308, lo: 0xb4, hi: 0xb4},
+ {value: 0x0008, lo: 0xb5, hi: 0xb6},
+ {value: 0x3008, lo: 0xb7, hi: 0xb7},
+ {value: 0x3308, lo: 0xb8, hi: 0xb9},
+ {value: 0x0008, lo: 0xba, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbf},
+ // Block 0x46, offset 0x27e
+ {value: 0x0000, lo: 0x03},
+ {value: 0x3308, lo: 0x80, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xba},
+ {value: 0x3308, lo: 0xbb, hi: 0xbf},
+ // Block 0x47, offset 0x282
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x87},
+ {value: 0xe045, lo: 0x88, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x97},
+ {value: 0xe045, lo: 0x98, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa7},
+ {value: 0xe045, lo: 0xa8, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb7},
+ {value: 0xe045, lo: 0xb8, hi: 0xbf},
+ // Block 0x48, offset 0x28d
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0x8f},
+ {value: 0x3318, lo: 0x90, hi: 0xb0},
+ {value: 0x0040, lo: 0xb1, hi: 0xbf},
+ // Block 0x49, offset 0x291
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0018, lo: 0x80, hi: 0x82},
+ {value: 0x0040, lo: 0x83, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x84},
+ {value: 0x0018, lo: 0x85, hi: 0x88},
+ {value: 0x24c1, lo: 0x89, hi: 0x89},
+ {value: 0x0018, lo: 0x8a, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xbf},
+ // Block 0x4a, offset 0x29a
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0018, lo: 0x80, hi: 0xab},
+ {value: 0x24f1, lo: 0xac, hi: 0xac},
+ {value: 0x2529, lo: 0xad, hi: 0xad},
+ {value: 0x0018, lo: 0xae, hi: 0xae},
+ {value: 0x2579, lo: 0xaf, hi: 0xaf},
+ {value: 0x25b1, lo: 0xb0, hi: 0xb0},
+ {value: 0x0018, lo: 0xb1, hi: 0xbf},
+ // Block 0x4b, offset 0x2a2
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0x9f},
+ {value: 0x0080, lo: 0xa0, hi: 0xa0},
+ {value: 0x0018, lo: 0xa1, hi: 0xad},
+ {value: 0x0080, lo: 0xae, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xbf},
+ // Block 0x4c, offset 0x2a8
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0xa8},
+ {value: 0x09dd, lo: 0xa9, hi: 0xa9},
+ {value: 0x09fd, lo: 0xaa, hi: 0xaa},
+ {value: 0x0018, lo: 0xab, hi: 0xbf},
+ // Block 0x4d, offset 0x2ad
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0xa6},
+ {value: 0x0040, lo: 0xa7, hi: 0xbf},
+ // Block 0x4e, offset 0x2b0
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x8b},
+ {value: 0x28c1, lo: 0x8c, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0xbf},
+ // Block 0x4f, offset 0x2b4
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0xb3},
+ {value: 0x0e7e, lo: 0xb4, hi: 0xb4},
+ {value: 0x292a, lo: 0xb5, hi: 0xb5},
+ {value: 0x0e9e, lo: 0xb6, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xbf},
+ // Block 0x50, offset 0x2ba
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x9b},
+ {value: 0x2941, lo: 0x9c, hi: 0x9c},
+ {value: 0x0018, lo: 0x9d, hi: 0xbf},
+ // Block 0x51, offset 0x2be
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xb5},
+ {value: 0x0018, lo: 0xb6, hi: 0xbf},
+ // Block 0x52, offset 0x2c2
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x96},
+ {value: 0x0018, lo: 0x97, hi: 0xbf},
+ // Block 0x53, offset 0x2c6
+ {value: 0x0000, lo: 0x05},
+ {value: 0xe185, lo: 0x80, hi: 0x8f},
+ {value: 0x03f5, lo: 0x90, hi: 0x9f},
+ {value: 0x0ebd, lo: 0xa0, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x54, offset 0x2cc
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0xa5},
+ {value: 0x0040, lo: 0xa6, hi: 0xa6},
+ {value: 0x0008, lo: 0xa7, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xac},
+ {value: 0x0008, lo: 0xad, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x55, offset 0x2d4
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0008, lo: 0x80, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xae},
+ {value: 0xe075, lo: 0xaf, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb0},
+ {value: 0x0040, lo: 0xb1, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0x56, offset 0x2db
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa6},
+ {value: 0x0040, lo: 0xa7, hi: 0xa7},
+ {value: 0x0008, lo: 0xa8, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xb7},
+ {value: 0x0008, lo: 0xb8, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0x57, offset 0x2e6
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x8e},
+ {value: 0x0040, lo: 0x8f, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0x9f},
+ {value: 0x3308, lo: 0xa0, hi: 0xbf},
+ // Block 0x58, offset 0x2f0
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xae},
+ {value: 0x0008, lo: 0xaf, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xbf},
+ // Block 0x59, offset 0x2f4
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0x92},
+ {value: 0x0040, lo: 0x93, hi: 0xbf},
+ // Block 0x5a, offset 0x2f7
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9a},
+ {value: 0x0018, lo: 0x9b, hi: 0x9e},
+ {value: 0x0ef5, lo: 0x9f, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xbf},
+ // Block 0x5b, offset 0x2fd
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xb2},
+ {value: 0x0f15, lo: 0xb3, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xbf},
+ // Block 0x5c, offset 0x301
+ {value: 0x0020, lo: 0x01},
+ {value: 0x0f35, lo: 0x80, hi: 0xbf},
+ // Block 0x5d, offset 0x303
+ {value: 0x0020, lo: 0x02},
+ {value: 0x1735, lo: 0x80, hi: 0x8f},
+ {value: 0x1915, lo: 0x90, hi: 0xbf},
+ // Block 0x5e, offset 0x306
+ {value: 0x0020, lo: 0x01},
+ {value: 0x1f15, lo: 0x80, hi: 0xbf},
+ // Block 0x5f, offset 0x308
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0xbf},
+ // Block 0x60, offset 0x30b
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x98},
+ {value: 0x3308, lo: 0x99, hi: 0x9a},
+ {value: 0x29e2, lo: 0x9b, hi: 0x9b},
+ {value: 0x2a0a, lo: 0x9c, hi: 0x9c},
+ {value: 0x0008, lo: 0x9d, hi: 0x9e},
+ {value: 0x2a31, lo: 0x9f, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xa0},
+ {value: 0x0008, lo: 0xa1, hi: 0xbf},
+ // Block 0x61, offset 0x315
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xbe},
+ {value: 0x2a69, lo: 0xbf, hi: 0xbf},
+ // Block 0x62, offset 0x318
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x0040, lo: 0x80, hi: 0x84},
+ {value: 0x0008, lo: 0x85, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xb0},
+ {value: 0x2a35, lo: 0xb1, hi: 0xb1},
+ {value: 0x2a55, lo: 0xb2, hi: 0xb2},
+ {value: 0x2a75, lo: 0xb3, hi: 0xb3},
+ {value: 0x2a95, lo: 0xb4, hi: 0xb4},
+ {value: 0x2a75, lo: 0xb5, hi: 0xb5},
+ {value: 0x2ab5, lo: 0xb6, hi: 0xb6},
+ {value: 0x2ad5, lo: 0xb7, hi: 0xb7},
+ {value: 0x2af5, lo: 0xb8, hi: 0xb9},
+ {value: 0x2b15, lo: 0xba, hi: 0xbb},
+ {value: 0x2b35, lo: 0xbc, hi: 0xbd},
+ {value: 0x2b15, lo: 0xbe, hi: 0xbf},
+ // Block 0x63, offset 0x327
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xa3},
+ {value: 0x0040, lo: 0xa4, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x64, offset 0x32b
+ {value: 0x0030, lo: 0x04},
+ {value: 0x2aa2, lo: 0x80, hi: 0x9d},
+ {value: 0x305a, lo: 0x9e, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0x9f},
+ {value: 0x30a2, lo: 0xa0, hi: 0xbf},
+ // Block 0x65, offset 0x330
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0x66, offset 0x333
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0x8c},
+ {value: 0x0040, lo: 0x8d, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xbf},
+ // Block 0x67, offset 0x337
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xbd},
+ {value: 0x0018, lo: 0xbe, hi: 0xbf},
+ // Block 0x68, offset 0x33c
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xbf},
+ // Block 0x69, offset 0x341
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0xa5},
+ {value: 0x0018, lo: 0xa6, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb1},
+ {value: 0x0018, lo: 0xb2, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xbf},
+ // Block 0x6a, offset 0x347
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0040, lo: 0x80, hi: 0x81},
+ {value: 0xe00d, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0x83},
+ {value: 0x03f5, lo: 0x84, hi: 0x84},
+ {value: 0x1329, lo: 0x85, hi: 0x85},
+ {value: 0x447d, lo: 0x86, hi: 0x86},
+ {value: 0xe07d, lo: 0x87, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x88},
+ {value: 0xe01d, lo: 0x89, hi: 0x89},
+ {value: 0x0008, lo: 0x8a, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0xb4},
+ {value: 0xe01d, lo: 0xb5, hi: 0xb5},
+ {value: 0x0008, lo: 0xb6, hi: 0xb7},
+ {value: 0x2009, lo: 0xb8, hi: 0xb8},
+ {value: 0x6ec1, lo: 0xb9, hi: 0xb9},
+ {value: 0x0008, lo: 0xba, hi: 0xbf},
+ // Block 0x6b, offset 0x358
+ {value: 0x0000, lo: 0x0f},
+ {value: 0x0008, lo: 0x80, hi: 0x81},
+ {value: 0x3308, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0x85},
+ {value: 0x3b08, lo: 0x86, hi: 0x86},
+ {value: 0x0008, lo: 0x87, hi: 0x8a},
+ {value: 0x3308, lo: 0x8b, hi: 0x8b},
+ {value: 0x0008, lo: 0x8c, hi: 0xa2},
+ {value: 0x3008, lo: 0xa3, hi: 0xa4},
+ {value: 0x3308, lo: 0xa5, hi: 0xa6},
+ {value: 0x3008, lo: 0xa7, hi: 0xa7},
+ {value: 0x0018, lo: 0xa8, hi: 0xab},
+ {value: 0x3b08, lo: 0xac, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0x6c, offset 0x368
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0208, lo: 0x80, hi: 0xb1},
+ {value: 0x0108, lo: 0xb2, hi: 0xb2},
+ {value: 0x0008, lo: 0xb3, hi: 0xb3},
+ {value: 0x0018, lo: 0xb4, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xbf},
+ // Block 0x6d, offset 0x36e
+ {value: 0x0000, lo: 0x03},
+ {value: 0x3008, lo: 0x80, hi: 0x81},
+ {value: 0x0008, lo: 0x82, hi: 0xb3},
+ {value: 0x3008, lo: 0xb4, hi: 0xbf},
+ // Block 0x6e, offset 0x372
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x3008, lo: 0x80, hi: 0x83},
+ {value: 0x3b08, lo: 0x84, hi: 0x84},
+ {value: 0x3308, lo: 0x85, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x8d},
+ {value: 0x0018, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x3308, lo: 0xa0, hi: 0xb1},
+ {value: 0x0008, lo: 0xb2, hi: 0xb7},
+ {value: 0x0018, lo: 0xb8, hi: 0xba},
+ {value: 0x0008, lo: 0xbb, hi: 0xbb},
+ {value: 0x0018, lo: 0xbc, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0x6f, offset 0x381
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xa5},
+ {value: 0x3308, lo: 0xa6, hi: 0xad},
+ {value: 0x0018, lo: 0xae, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x70, offset 0x386
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x3308, lo: 0x87, hi: 0x91},
+ {value: 0x3008, lo: 0x92, hi: 0x92},
+ {value: 0x3808, lo: 0x93, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x9e},
+ {value: 0x0018, lo: 0x9f, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0x71, offset 0x38e
+ {value: 0x0000, lo: 0x09},
+ {value: 0x3308, lo: 0x80, hi: 0x82},
+ {value: 0x3008, lo: 0x83, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb3},
+ {value: 0x3008, lo: 0xb4, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xb9},
+ {value: 0x3008, lo: 0xba, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbf},
+ // Block 0x72, offset 0x398
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x3808, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8e},
+ {value: 0x0008, lo: 0x8f, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa4},
+ {value: 0x3308, lo: 0xa5, hi: 0xa5},
+ {value: 0x0008, lo: 0xa6, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0x73, offset 0x3a3
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0xa8},
+ {value: 0x3308, lo: 0xa9, hi: 0xae},
+ {value: 0x3008, lo: 0xaf, hi: 0xb0},
+ {value: 0x3308, lo: 0xb1, hi: 0xb2},
+ {value: 0x3008, lo: 0xb3, hi: 0xb4},
+ {value: 0x3308, lo: 0xb5, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0x74, offset 0x3ab
+ {value: 0x0000, lo: 0x10},
+ {value: 0x0008, lo: 0x80, hi: 0x82},
+ {value: 0x3308, lo: 0x83, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x8b},
+ {value: 0x3308, lo: 0x8c, hi: 0x8c},
+ {value: 0x3008, lo: 0x8d, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9b},
+ {value: 0x0018, lo: 0x9c, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xb9},
+ {value: 0x0008, lo: 0xba, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbc},
+ {value: 0x3008, lo: 0xbd, hi: 0xbd},
+ {value: 0x0008, lo: 0xbe, hi: 0xbf},
+ // Block 0x75, offset 0x3bc
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb0},
+ {value: 0x0008, lo: 0xb1, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb4},
+ {value: 0x0008, lo: 0xb5, hi: 0xb6},
+ {value: 0x3308, lo: 0xb7, hi: 0xb8},
+ {value: 0x0008, lo: 0xb9, hi: 0xbd},
+ {value: 0x3308, lo: 0xbe, hi: 0xbf},
+ // Block 0x76, offset 0x3c5
+ {value: 0x0000, lo: 0x0f},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x81},
+ {value: 0x0008, lo: 0x82, hi: 0x82},
+ {value: 0x0040, lo: 0x83, hi: 0x9a},
+ {value: 0x0008, lo: 0x9b, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xaa},
+ {value: 0x3008, lo: 0xab, hi: 0xab},
+ {value: 0x3308, lo: 0xac, hi: 0xad},
+ {value: 0x3008, lo: 0xae, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb1},
+ {value: 0x0008, lo: 0xb2, hi: 0xb4},
+ {value: 0x3008, lo: 0xb5, hi: 0xb5},
+ {value: 0x3b08, lo: 0xb6, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0x77, offset 0x3d5
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x88},
+ {value: 0x0008, lo: 0x89, hi: 0x8e},
+ {value: 0x0040, lo: 0x8f, hi: 0x90},
+ {value: 0x0008, lo: 0x91, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa6},
+ {value: 0x0040, lo: 0xa7, hi: 0xa7},
+ {value: 0x0008, lo: 0xa8, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x78, offset 0x3e2
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x9a},
+ {value: 0x0018, lo: 0x9b, hi: 0x9b},
+ {value: 0x449d, lo: 0x9c, hi: 0x9c},
+ {value: 0x44b5, lo: 0x9d, hi: 0x9d},
+ {value: 0x2971, lo: 0x9e, hi: 0x9e},
+ {value: 0xe06d, lo: 0x9f, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa8},
+ {value: 0x6ed9, lo: 0xa9, hi: 0xa9},
+ {value: 0x0018, lo: 0xaa, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xaf},
+ {value: 0x44cd, lo: 0xb0, hi: 0xbf},
+ // Block 0x79, offset 0x3ee
+ {value: 0x0000, lo: 0x04},
+ {value: 0x44ed, lo: 0x80, hi: 0x8f},
+ {value: 0x450d, lo: 0x90, hi: 0x9f},
+ {value: 0x452d, lo: 0xa0, hi: 0xaf},
+ {value: 0x450d, lo: 0xb0, hi: 0xbf},
+ // Block 0x7a, offset 0x3f3
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0xa2},
+ {value: 0x3008, lo: 0xa3, hi: 0xa4},
+ {value: 0x3308, lo: 0xa5, hi: 0xa5},
+ {value: 0x3008, lo: 0xa6, hi: 0xa7},
+ {value: 0x3308, lo: 0xa8, hi: 0xa8},
+ {value: 0x3008, lo: 0xa9, hi: 0xaa},
+ {value: 0x0018, lo: 0xab, hi: 0xab},
+ {value: 0x3008, lo: 0xac, hi: 0xac},
+ {value: 0x3b08, lo: 0xad, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0x7b, offset 0x400
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xa3},
+ {value: 0x0040, lo: 0xa4, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xbf},
+ // Block 0x7c, offset 0x404
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x8a},
+ {value: 0x0018, lo: 0x8b, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0x7d, offset 0x409
+ {value: 0x0000, lo: 0x01},
+ {value: 0x0040, lo: 0x80, hi: 0xbf},
+ // Block 0x7e, offset 0x40b
+ {value: 0x0020, lo: 0x01},
+ {value: 0x454d, lo: 0x80, hi: 0xbf},
+ // Block 0x7f, offset 0x40d
+ {value: 0x0020, lo: 0x03},
+ {value: 0x4d4d, lo: 0x80, hi: 0x94},
+ {value: 0x4b0d, lo: 0x95, hi: 0x95},
+ {value: 0x4fed, lo: 0x96, hi: 0xbf},
+ // Block 0x80, offset 0x411
+ {value: 0x0020, lo: 0x01},
+ {value: 0x552d, lo: 0x80, hi: 0xbf},
+ // Block 0x81, offset 0x413
+ {value: 0x0020, lo: 0x03},
+ {value: 0x5d2d, lo: 0x80, hi: 0x84},
+ {value: 0x568d, lo: 0x85, hi: 0x85},
+ {value: 0x5dcd, lo: 0x86, hi: 0xbf},
+ // Block 0x82, offset 0x417
+ {value: 0x0020, lo: 0x08},
+ {value: 0x6b8d, lo: 0x80, hi: 0x8f},
+ {value: 0x6d4d, lo: 0x90, hi: 0x90},
+ {value: 0x6d8d, lo: 0x91, hi: 0xab},
+ {value: 0x6ef1, lo: 0xac, hi: 0xac},
+ {value: 0x70ed, lo: 0xad, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x710d, lo: 0xb0, hi: 0xbf},
+ // Block 0x83, offset 0x420
+ {value: 0x0020, lo: 0x05},
+ {value: 0x730d, lo: 0x80, hi: 0xad},
+ {value: 0x656d, lo: 0xae, hi: 0xae},
+ {value: 0x78cd, lo: 0xaf, hi: 0xb5},
+ {value: 0x6f8d, lo: 0xb6, hi: 0xb6},
+ {value: 0x79ad, lo: 0xb7, hi: 0xbf},
+ // Block 0x84, offset 0x426
+ {value: 0x0028, lo: 0x03},
+ {value: 0x7c71, lo: 0x80, hi: 0x82},
+ {value: 0x7c31, lo: 0x83, hi: 0x83},
+ {value: 0x7ce9, lo: 0x84, hi: 0xbf},
+ // Block 0x85, offset 0x42a
+ {value: 0x0038, lo: 0x0f},
+ {value: 0x9e01, lo: 0x80, hi: 0x83},
+ {value: 0x9ea9, lo: 0x84, hi: 0x85},
+ {value: 0x9ee1, lo: 0x86, hi: 0x87},
+ {value: 0x9f19, lo: 0x88, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x91},
+ {value: 0xa0d9, lo: 0x92, hi: 0x97},
+ {value: 0xa1f1, lo: 0x98, hi: 0x9c},
+ {value: 0xa2d1, lo: 0x9d, hi: 0xb3},
+ {value: 0x9d91, lo: 0xb4, hi: 0xb4},
+ {value: 0x9e01, lo: 0xb5, hi: 0xb5},
+ {value: 0xa7d9, lo: 0xb6, hi: 0xbb},
+ {value: 0xa8b9, lo: 0xbc, hi: 0xbc},
+ {value: 0xa849, lo: 0xbd, hi: 0xbd},
+ {value: 0xa929, lo: 0xbe, hi: 0xbf},
+ // Block 0x86, offset 0x43a
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8c},
+ {value: 0x0008, lo: 0x8d, hi: 0xa6},
+ {value: 0x0040, lo: 0xa7, hi: 0xa7},
+ {value: 0x0008, lo: 0xa8, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbb},
+ {value: 0x0008, lo: 0xbc, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbe},
+ {value: 0x0008, lo: 0xbf, hi: 0xbf},
+ // Block 0x87, offset 0x444
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0xbf},
+ // Block 0x88, offset 0x449
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbf},
+ // Block 0x89, offset 0x44c
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0x82},
+ {value: 0x0040, lo: 0x83, hi: 0x86},
+ {value: 0x0018, lo: 0x87, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xbf},
+ // Block 0x8a, offset 0x452
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x8e},
+ {value: 0x0040, lo: 0x8f, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0x9c},
+ {value: 0x0040, lo: 0x9d, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xa0},
+ {value: 0x0040, lo: 0xa1, hi: 0xbf},
+ // Block 0x8b, offset 0x459
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0040, lo: 0x80, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xbc},
+ {value: 0x3308, lo: 0xbd, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbf},
+ // Block 0x8c, offset 0x45e
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0x9c},
+ {value: 0x0040, lo: 0x9d, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x8d, offset 0x462
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x90},
+ {value: 0x0040, lo: 0x91, hi: 0x9f},
+ {value: 0x3308, lo: 0xa0, hi: 0xa0},
+ {value: 0x0018, lo: 0xa1, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0x8e, offset 0x468
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xa3},
+ {value: 0x0040, lo: 0xa4, hi: 0xac},
+ {value: 0x0008, lo: 0xad, hi: 0xbf},
+ // Block 0x8f, offset 0x46d
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x81},
+ {value: 0x0008, lo: 0x82, hi: 0x89},
+ {value: 0x0018, lo: 0x8a, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbf},
+ // Block 0x90, offset 0x476
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9e},
+ {value: 0x0018, lo: 0x9f, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x91, offset 0x47b
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x83},
+ {value: 0x0040, lo: 0x84, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0xbf},
+ // Block 0x92, offset 0x481
+ {value: 0x0000, lo: 0x06},
+ {value: 0xe145, lo: 0x80, hi: 0x87},
+ {value: 0xe1c5, lo: 0x88, hi: 0x8f},
+ {value: 0xe145, lo: 0x90, hi: 0x97},
+ {value: 0x8b0d, lo: 0x98, hi: 0x9f},
+ {value: 0x8b25, lo: 0xa0, hi: 0xa7},
+ {value: 0x0008, lo: 0xa8, hi: 0xbf},
+ // Block 0x93, offset 0x488
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0008, lo: 0x80, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xaf},
+ {value: 0x8b25, lo: 0xb0, hi: 0xb7},
+ {value: 0x8b0d, lo: 0xb8, hi: 0xbf},
+ // Block 0x94, offset 0x48f
+ {value: 0x0000, lo: 0x06},
+ {value: 0xe145, lo: 0x80, hi: 0x87},
+ {value: 0xe1c5, lo: 0x88, hi: 0x8f},
+ {value: 0xe145, lo: 0x90, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0x95, offset 0x496
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x96, offset 0x49a
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xa3},
+ {value: 0x0040, lo: 0xa4, hi: 0xae},
+ {value: 0x0018, lo: 0xaf, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbf},
+ // Block 0x97, offset 0x49f
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0x98, offset 0x4a2
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xbf},
+ // Block 0x99, offset 0x4a7
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0808, lo: 0x80, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x87},
+ {value: 0x0808, lo: 0x88, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x0808, lo: 0x8a, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb6},
+ {value: 0x0808, lo: 0xb7, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbb},
+ {value: 0x0808, lo: 0xbc, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbe},
+ {value: 0x0808, lo: 0xbf, hi: 0xbf},
+ // Block 0x9a, offset 0x4b3
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0808, lo: 0x80, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x96},
+ {value: 0x0818, lo: 0x97, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xb6},
+ {value: 0x0818, lo: 0xb7, hi: 0xbf},
+ // Block 0x9b, offset 0x4b9
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0808, lo: 0x80, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0xa6},
+ {value: 0x0818, lo: 0xa7, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbf},
+ // Block 0x9c, offset 0x4be
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xb2},
+ {value: 0x0040, lo: 0xb3, hi: 0xb3},
+ {value: 0x0808, lo: 0xb4, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xba},
+ {value: 0x0818, lo: 0xbb, hi: 0xbf},
+ // Block 0x9d, offset 0x4c5
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0808, lo: 0x80, hi: 0x95},
+ {value: 0x0818, lo: 0x96, hi: 0x9b},
+ {value: 0x0040, lo: 0x9c, hi: 0x9e},
+ {value: 0x0018, lo: 0x9f, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbe},
+ {value: 0x0818, lo: 0xbf, hi: 0xbf},
+ // Block 0x9e, offset 0x4cd
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0808, lo: 0x80, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xbb},
+ {value: 0x0818, lo: 0xbc, hi: 0xbd},
+ {value: 0x0808, lo: 0xbe, hi: 0xbf},
+ // Block 0x9f, offset 0x4d2
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0818, lo: 0x80, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0x91},
+ {value: 0x0818, lo: 0x92, hi: 0xbf},
+ // Block 0xa0, offset 0x4d6
+ {value: 0x0000, lo: 0x0f},
+ {value: 0x0808, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x83},
+ {value: 0x0040, lo: 0x84, hi: 0x84},
+ {value: 0x3308, lo: 0x85, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x8b},
+ {value: 0x3308, lo: 0x8c, hi: 0x8f},
+ {value: 0x0808, lo: 0x90, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x94},
+ {value: 0x0808, lo: 0x95, hi: 0x97},
+ {value: 0x0040, lo: 0x98, hi: 0x98},
+ {value: 0x0808, lo: 0x99, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb7},
+ {value: 0x3308, lo: 0xb8, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0xa1, offset 0x4e6
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0818, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x8f},
+ {value: 0x0818, lo: 0x90, hi: 0x98},
+ {value: 0x0040, lo: 0x99, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xbc},
+ {value: 0x0818, lo: 0xbd, hi: 0xbf},
+ // Block 0xa2, offset 0x4ed
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0808, lo: 0x80, hi: 0x9c},
+ {value: 0x0818, lo: 0x9d, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xbf},
+ // Block 0xa3, offset 0x4f1
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0808, lo: 0x80, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb8},
+ {value: 0x0018, lo: 0xb9, hi: 0xbf},
+ // Block 0xa4, offset 0x4f5
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0808, lo: 0x80, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0x97},
+ {value: 0x0818, lo: 0x98, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xb2},
+ {value: 0x0040, lo: 0xb3, hi: 0xb7},
+ {value: 0x0818, lo: 0xb8, hi: 0xbf},
+ // Block 0xa5, offset 0x4fc
+ {value: 0x0000, lo: 0x01},
+ {value: 0x0808, lo: 0x80, hi: 0xbf},
+ // Block 0xa6, offset 0x4fe
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0808, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0xbf},
+ // Block 0xa7, offset 0x501
+ {value: 0x0000, lo: 0x02},
+ {value: 0x03dd, lo: 0x80, hi: 0xb2},
+ {value: 0x0040, lo: 0xb3, hi: 0xbf},
+ // Block 0xa8, offset 0x504
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0808, lo: 0x80, hi: 0xb2},
+ {value: 0x0040, lo: 0xb3, hi: 0xb9},
+ {value: 0x0818, lo: 0xba, hi: 0xbf},
+ // Block 0xa9, offset 0x508
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0908, lo: 0x80, hi: 0x80},
+ {value: 0x0a08, lo: 0x81, hi: 0xa1},
+ {value: 0x0c08, lo: 0xa2, hi: 0xa2},
+ {value: 0x0a08, lo: 0xa3, hi: 0xa3},
+ {value: 0x3308, lo: 0xa4, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xaf},
+ {value: 0x0808, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0xaa, offset 0x511
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0818, lo: 0xa0, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0xab, offset 0x515
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0808, lo: 0x80, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xaa},
+ {value: 0x3308, lo: 0xab, hi: 0xac},
+ {value: 0x0818, lo: 0xad, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0808, lo: 0xb0, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbf},
+ // Block 0xac, offset 0x51d
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0808, lo: 0x80, hi: 0x9c},
+ {value: 0x0818, lo: 0x9d, hi: 0xa6},
+ {value: 0x0808, lo: 0xa7, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xaf},
+ {value: 0x0a08, lo: 0xb0, hi: 0xb2},
+ {value: 0x0c08, lo: 0xb3, hi: 0xb3},
+ {value: 0x0a08, lo: 0xb4, hi: 0xbf},
+ // Block 0xad, offset 0x525
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0a08, lo: 0x80, hi: 0x84},
+ {value: 0x0808, lo: 0x85, hi: 0x85},
+ {value: 0x3308, lo: 0x86, hi: 0x90},
+ {value: 0x0a18, lo: 0x91, hi: 0x93},
+ {value: 0x0c18, lo: 0x94, hi: 0x94},
+ {value: 0x0818, lo: 0x95, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0xbf},
+ // Block 0xae, offset 0x52d
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0040, lo: 0x80, hi: 0xaf},
+ {value: 0x0a08, lo: 0xb0, hi: 0xb0},
+ {value: 0x0808, lo: 0xb1, hi: 0xb1},
+ {value: 0x0a08, lo: 0xb2, hi: 0xb3},
+ {value: 0x0c08, lo: 0xb4, hi: 0xb6},
+ {value: 0x0808, lo: 0xb7, hi: 0xb7},
+ {value: 0x0a08, lo: 0xb8, hi: 0xb8},
+ {value: 0x0c08, lo: 0xb9, hi: 0xba},
+ {value: 0x0a08, lo: 0xbb, hi: 0xbc},
+ {value: 0x0c08, lo: 0xbd, hi: 0xbd},
+ {value: 0x0a08, lo: 0xbe, hi: 0xbf},
+ // Block 0xaf, offset 0x539
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0808, lo: 0x80, hi: 0x80},
+ {value: 0x0a08, lo: 0x81, hi: 0x81},
+ {value: 0x0c08, lo: 0x82, hi: 0x83},
+ {value: 0x0a08, lo: 0x84, hi: 0x84},
+ {value: 0x0818, lo: 0x85, hi: 0x88},
+ {value: 0x0c18, lo: 0x89, hi: 0x89},
+ {value: 0x0a18, lo: 0x8a, hi: 0x8a},
+ {value: 0x0918, lo: 0x8b, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x9f},
+ {value: 0x0808, lo: 0xa0, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0xb0, offset 0x545
+ {value: 0x0000, lo: 0x05},
+ {value: 0x3008, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0xb7},
+ {value: 0x3308, lo: 0xb8, hi: 0xbf},
+ // Block 0xb1, offset 0x54b
+ {value: 0x0000, lo: 0x08},
+ {value: 0x3308, lo: 0x80, hi: 0x85},
+ {value: 0x3b08, lo: 0x86, hi: 0x86},
+ {value: 0x0018, lo: 0x87, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x91},
+ {value: 0x0018, lo: 0x92, hi: 0xa5},
+ {value: 0x0008, lo: 0xa6, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0xb2, offset 0x554
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x3308, lo: 0x80, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0xaf},
+ {value: 0x3008, lo: 0xb0, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb6},
+ {value: 0x3008, lo: 0xb7, hi: 0xb8},
+ {value: 0x3b08, lo: 0xb9, hi: 0xb9},
+ {value: 0x3308, lo: 0xba, hi: 0xba},
+ {value: 0x0018, lo: 0xbb, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbd},
+ {value: 0x0018, lo: 0xbe, hi: 0xbf},
+ // Block 0xb3, offset 0x560
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x81},
+ {value: 0x0040, lo: 0x82, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xa8},
+ {value: 0x0040, lo: 0xa9, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0xb4, offset 0x567
+ {value: 0x0000, lo: 0x08},
+ {value: 0x3308, lo: 0x80, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0xa6},
+ {value: 0x3308, lo: 0xa7, hi: 0xab},
+ {value: 0x3008, lo: 0xac, hi: 0xac},
+ {value: 0x3308, lo: 0xad, hi: 0xb2},
+ {value: 0x3b08, lo: 0xb3, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xb5},
+ {value: 0x0008, lo: 0xb6, hi: 0xbf},
+ // Block 0xb5, offset 0x570
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0018, lo: 0x80, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x84},
+ {value: 0x3008, lo: 0x85, hi: 0x86},
+ {value: 0x0008, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb3},
+ {value: 0x0018, lo: 0xb4, hi: 0xb5},
+ {value: 0x0008, lo: 0xb6, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0xb6, offset 0x57b
+ {value: 0x0000, lo: 0x06},
+ {value: 0x3308, lo: 0x80, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x82},
+ {value: 0x0008, lo: 0x83, hi: 0xb2},
+ {value: 0x3008, lo: 0xb3, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xbe},
+ {value: 0x3008, lo: 0xbf, hi: 0xbf},
+ // Block 0xb7, offset 0x582
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x3808, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0x84},
+ {value: 0x0018, lo: 0x85, hi: 0x88},
+ {value: 0x3308, lo: 0x89, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0x8d},
+ {value: 0x3008, lo: 0x8e, hi: 0x8e},
+ {value: 0x3308, lo: 0x8f, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x9a},
+ {value: 0x0018, lo: 0x9b, hi: 0x9b},
+ {value: 0x0008, lo: 0x9c, hi: 0x9c},
+ {value: 0x0018, lo: 0x9d, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xa0},
+ {value: 0x0018, lo: 0xa1, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0xb8, offset 0x591
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x91},
+ {value: 0x0040, lo: 0x92, hi: 0x92},
+ {value: 0x0008, lo: 0x93, hi: 0xab},
+ {value: 0x3008, lo: 0xac, hi: 0xae},
+ {value: 0x3308, lo: 0xaf, hi: 0xb1},
+ {value: 0x3008, lo: 0xb2, hi: 0xb3},
+ {value: 0x3308, lo: 0xb4, hi: 0xb4},
+ {value: 0x3808, lo: 0xb5, hi: 0xb5},
+ {value: 0x3308, lo: 0xb6, hi: 0xb7},
+ {value: 0x0018, lo: 0xb8, hi: 0xbd},
+ {value: 0x3308, lo: 0xbe, hi: 0xbe},
+ {value: 0x0040, lo: 0xbf, hi: 0xbf},
+ // Block 0xb9, offset 0x59e
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x0008, lo: 0x8a, hi: 0x8d},
+ {value: 0x0040, lo: 0x8e, hi: 0x8e},
+ {value: 0x0008, lo: 0x8f, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9e},
+ {value: 0x0008, lo: 0x9f, hi: 0xa8},
+ {value: 0x0018, lo: 0xa9, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0xba, offset 0x5ab
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0x9e},
+ {value: 0x3308, lo: 0x9f, hi: 0x9f},
+ {value: 0x3008, lo: 0xa0, hi: 0xa2},
+ {value: 0x3308, lo: 0xa3, hi: 0xa9},
+ {value: 0x3b08, lo: 0xaa, hi: 0xaa},
+ {value: 0x0040, lo: 0xab, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0xbb, offset 0x5b4
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xb4},
+ {value: 0x3008, lo: 0xb5, hi: 0xb7},
+ {value: 0x3308, lo: 0xb8, hi: 0xbf},
+ // Block 0xbc, offset 0x5b8
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x3008, lo: 0x80, hi: 0x81},
+ {value: 0x3b08, lo: 0x82, hi: 0x82},
+ {value: 0x3308, lo: 0x83, hi: 0x84},
+ {value: 0x3008, lo: 0x85, hi: 0x85},
+ {value: 0x3308, lo: 0x86, hi: 0x86},
+ {value: 0x0008, lo: 0x87, hi: 0x8a},
+ {value: 0x0018, lo: 0x8b, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0x9b},
+ {value: 0x0040, lo: 0x9c, hi: 0x9c},
+ {value: 0x0018, lo: 0x9d, hi: 0x9d},
+ {value: 0x3308, lo: 0x9e, hi: 0x9e},
+ {value: 0x0008, lo: 0x9f, hi: 0xa1},
+ {value: 0x0040, lo: 0xa2, hi: 0xbf},
+ // Block 0xbd, offset 0x5c7
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0xaf},
+ {value: 0x3008, lo: 0xb0, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb8},
+ {value: 0x3008, lo: 0xb9, hi: 0xb9},
+ {value: 0x3308, lo: 0xba, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0xbe, offset 0x5cf
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x3008, lo: 0x81, hi: 0x81},
+ {value: 0x3b08, lo: 0x82, hi: 0x82},
+ {value: 0x3308, lo: 0x83, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x85},
+ {value: 0x0018, lo: 0x86, hi: 0x86},
+ {value: 0x0008, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0xbf},
+ // Block 0xbf, offset 0x5da
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0xae},
+ {value: 0x3008, lo: 0xaf, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xb7},
+ {value: 0x3008, lo: 0xb8, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0xc0, offset 0x5e3
+ {value: 0x0000, lo: 0x05},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0x9b},
+ {value: 0x3308, lo: 0x9c, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0xbf},
+ // Block 0xc1, offset 0x5e9
+ {value: 0x0000, lo: 0x07},
+ {value: 0x0008, lo: 0x80, hi: 0xaf},
+ {value: 0x3008, lo: 0xb0, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xba},
+ {value: 0x3008, lo: 0xbb, hi: 0xbc},
+ {value: 0x3308, lo: 0xbd, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0xc2, offset 0x5f1
+ {value: 0x0000, lo: 0x08},
+ {value: 0x3308, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x83},
+ {value: 0x0008, lo: 0x84, hi: 0x84},
+ {value: 0x0040, lo: 0x85, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xbf},
+ // Block 0xc3, offset 0x5fa
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0xaa},
+ {value: 0x3308, lo: 0xab, hi: 0xab},
+ {value: 0x3008, lo: 0xac, hi: 0xac},
+ {value: 0x3308, lo: 0xad, hi: 0xad},
+ {value: 0x3008, lo: 0xae, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb5},
+ {value: 0x3808, lo: 0xb6, hi: 0xb6},
+ {value: 0x3308, lo: 0xb7, hi: 0xb7},
+ {value: 0x0008, lo: 0xb8, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0xc4, offset 0x605
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0xbf},
+ // Block 0xc5, offset 0x608
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x9a},
+ {value: 0x0040, lo: 0x9b, hi: 0x9c},
+ {value: 0x3308, lo: 0x9d, hi: 0x9f},
+ {value: 0x3008, lo: 0xa0, hi: 0xa1},
+ {value: 0x3308, lo: 0xa2, hi: 0xa5},
+ {value: 0x3008, lo: 0xa6, hi: 0xa6},
+ {value: 0x3308, lo: 0xa7, hi: 0xaa},
+ {value: 0x3b08, lo: 0xab, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb9},
+ {value: 0x0018, lo: 0xba, hi: 0xbf},
+ // Block 0xc6, offset 0x614
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0xab},
+ {value: 0x3008, lo: 0xac, hi: 0xae},
+ {value: 0x3308, lo: 0xaf, hi: 0xb7},
+ {value: 0x3008, lo: 0xb8, hi: 0xb8},
+ {value: 0x3b08, lo: 0xb9, hi: 0xb9},
+ {value: 0x3308, lo: 0xba, hi: 0xba},
+ {value: 0x0018, lo: 0xbb, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0xc7, offset 0x61d
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x049d, lo: 0xa0, hi: 0xbf},
+ // Block 0xc8, offset 0x620
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xa9},
+ {value: 0x0018, lo: 0xaa, hi: 0xb2},
+ {value: 0x0040, lo: 0xb3, hi: 0xbe},
+ {value: 0x0008, lo: 0xbf, hi: 0xbf},
+ // Block 0xc9, offset 0x625
+ {value: 0x0000, lo: 0x08},
+ {value: 0x3008, lo: 0x80, hi: 0x80},
+ {value: 0x0008, lo: 0x81, hi: 0x81},
+ {value: 0x3008, lo: 0x82, hi: 0x82},
+ {value: 0x3308, lo: 0x83, hi: 0x83},
+ {value: 0x0018, lo: 0x84, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0xbf},
+ // Block 0xca, offset 0x62e
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xa9},
+ {value: 0x0008, lo: 0xaa, hi: 0xbf},
+ // Block 0xcb, offset 0x633
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x90},
+ {value: 0x3008, lo: 0x91, hi: 0x93},
+ {value: 0x3308, lo: 0x94, hi: 0x97},
+ {value: 0x0040, lo: 0x98, hi: 0x99},
+ {value: 0x3308, lo: 0x9a, hi: 0x9b},
+ {value: 0x3008, lo: 0x9c, hi: 0x9f},
+ {value: 0x3b08, lo: 0xa0, hi: 0xa0},
+ {value: 0x0008, lo: 0xa1, hi: 0xa1},
+ {value: 0x0018, lo: 0xa2, hi: 0xa2},
+ {value: 0x0008, lo: 0xa3, hi: 0xa3},
+ {value: 0x3008, lo: 0xa4, hi: 0xa4},
+ {value: 0x0040, lo: 0xa5, hi: 0xbf},
+ // Block 0xcc, offset 0x640
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x3308, lo: 0x81, hi: 0x8a},
+ {value: 0x0008, lo: 0x8b, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb3},
+ {value: 0x3b08, lo: 0xb4, hi: 0xb4},
+ {value: 0x3308, lo: 0xb5, hi: 0xb8},
+ {value: 0x3008, lo: 0xb9, hi: 0xb9},
+ {value: 0x0008, lo: 0xba, hi: 0xba},
+ {value: 0x3308, lo: 0xbb, hi: 0xbe},
+ {value: 0x0018, lo: 0xbf, hi: 0xbf},
+ // Block 0xcd, offset 0x64b
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0018, lo: 0x80, hi: 0x86},
+ {value: 0x3b08, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x90},
+ {value: 0x3308, lo: 0x91, hi: 0x96},
+ {value: 0x3008, lo: 0x97, hi: 0x98},
+ {value: 0x3308, lo: 0x99, hi: 0x9b},
+ {value: 0x0008, lo: 0x9c, hi: 0xbf},
+ // Block 0xce, offset 0x654
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x3308, lo: 0x8a, hi: 0x96},
+ {value: 0x3008, lo: 0x97, hi: 0x97},
+ {value: 0x3308, lo: 0x98, hi: 0x98},
+ {value: 0x3b08, lo: 0x99, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0x9c},
+ {value: 0x0008, lo: 0x9d, hi: 0x9d},
+ {value: 0x0018, lo: 0x9e, hi: 0xa2},
+ {value: 0x0040, lo: 0xa3, hi: 0xbf},
+ // Block 0xcf, offset 0x65e
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0xd0, offset 0x661
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x89},
+ {value: 0x0008, lo: 0x8a, hi: 0xae},
+ {value: 0x3008, lo: 0xaf, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xb7},
+ {value: 0x3308, lo: 0xb8, hi: 0xbd},
+ {value: 0x3008, lo: 0xbe, hi: 0xbe},
+ {value: 0x3b08, lo: 0xbf, hi: 0xbf},
+ // Block 0xd1, offset 0x66b
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0008, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0018, lo: 0x9a, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb1},
+ {value: 0x0008, lo: 0xb2, hi: 0xbf},
+ // Block 0xd2, offset 0x674
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x0008, lo: 0x80, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0x91},
+ {value: 0x3308, lo: 0x92, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xa8},
+ {value: 0x3008, lo: 0xa9, hi: 0xa9},
+ {value: 0x3308, lo: 0xaa, hi: 0xb0},
+ {value: 0x3008, lo: 0xb1, hi: 0xb1},
+ {value: 0x3308, lo: 0xb2, hi: 0xb3},
+ {value: 0x3008, lo: 0xb4, hi: 0xb4},
+ {value: 0x3308, lo: 0xb5, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0xd3, offset 0x680
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x87},
+ {value: 0x0008, lo: 0x88, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0x8a},
+ {value: 0x0008, lo: 0x8b, hi: 0xb0},
+ {value: 0x3308, lo: 0xb1, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xb9},
+ {value: 0x3308, lo: 0xba, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbb},
+ {value: 0x3308, lo: 0xbc, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbe},
+ {value: 0x3308, lo: 0xbf, hi: 0xbf},
+ // Block 0xd4, offset 0x68d
+ {value: 0x0000, lo: 0x0c},
+ {value: 0x3308, lo: 0x80, hi: 0x83},
+ {value: 0x3b08, lo: 0x84, hi: 0x85},
+ {value: 0x0008, lo: 0x86, hi: 0x86},
+ {value: 0x3308, lo: 0x87, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa5},
+ {value: 0x0040, lo: 0xa6, hi: 0xa6},
+ {value: 0x0008, lo: 0xa7, hi: 0xa8},
+ {value: 0x0040, lo: 0xa9, hi: 0xa9},
+ {value: 0x0008, lo: 0xaa, hi: 0xbf},
+ // Block 0xd5, offset 0x69a
+ {value: 0x0000, lo: 0x0d},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x3008, lo: 0x8a, hi: 0x8e},
+ {value: 0x0040, lo: 0x8f, hi: 0x8f},
+ {value: 0x3308, lo: 0x90, hi: 0x91},
+ {value: 0x0040, lo: 0x92, hi: 0x92},
+ {value: 0x3008, lo: 0x93, hi: 0x94},
+ {value: 0x3308, lo: 0x95, hi: 0x95},
+ {value: 0x3008, lo: 0x96, hi: 0x96},
+ {value: 0x3b08, lo: 0x97, hi: 0x97},
+ {value: 0x0008, lo: 0x98, hi: 0x98},
+ {value: 0x0040, lo: 0x99, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xbf},
+ // Block 0xd6, offset 0x6a8
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xb2},
+ {value: 0x3308, lo: 0xb3, hi: 0xb4},
+ {value: 0x3008, lo: 0xb5, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0xd7, offset 0x6af
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb0},
+ {value: 0x0040, lo: 0xb1, hi: 0xbf},
+ // Block 0xd8, offset 0x6b3
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbe},
+ {value: 0x0018, lo: 0xbf, hi: 0xbf},
+ // Block 0xd9, offset 0x6b7
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0xbf},
+ // Block 0xda, offset 0x6ba
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0xdb, offset 0x6bf
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x83},
+ {value: 0x0040, lo: 0x84, hi: 0xbf},
+ // Block 0xdc, offset 0x6c2
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xaf},
+ {value: 0x0340, lo: 0xb0, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0xdd, offset 0x6c7
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0xbf},
+ // Block 0xde, offset 0x6ca
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0008, lo: 0x80, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa9},
+ {value: 0x0040, lo: 0xaa, hi: 0xad},
+ {value: 0x0018, lo: 0xae, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbf},
+ // Block 0xdf, offset 0x6d1
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0040, lo: 0x80, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb4},
+ {value: 0x0018, lo: 0xb5, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xbf},
+ // Block 0xe0, offset 0x6d8
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xbf},
+ // Block 0xe1, offset 0x6dc
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x0008, lo: 0x80, hi: 0x83},
+ {value: 0x0018, lo: 0x84, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9a},
+ {value: 0x0018, lo: 0x9b, hi: 0xa1},
+ {value: 0x0040, lo: 0xa2, hi: 0xa2},
+ {value: 0x0008, lo: 0xa3, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xbc},
+ {value: 0x0008, lo: 0xbd, hi: 0xbf},
+ // Block 0xe2, offset 0x6e7
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0xbf},
+ // Block 0xe3, offset 0x6ea
+ {value: 0x0000, lo: 0x02},
+ {value: 0xe105, lo: 0x80, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0xe4, offset 0x6ed
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0x9a},
+ {value: 0x0040, lo: 0x9b, hi: 0xbf},
+ // Block 0xe5, offset 0x6f0
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0x8e},
+ {value: 0x3308, lo: 0x8f, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x90},
+ {value: 0x3008, lo: 0x91, hi: 0xbf},
+ // Block 0xe6, offset 0x6f6
+ {value: 0x0000, lo: 0x05},
+ {value: 0x3008, lo: 0x80, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8e},
+ {value: 0x3308, lo: 0x8f, hi: 0x92},
+ {value: 0x0008, lo: 0x93, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xbf},
+ // Block 0xe7, offset 0x6fc
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xa1},
+ {value: 0x0018, lo: 0xa2, hi: 0xa2},
+ {value: 0x0008, lo: 0xa3, hi: 0xa3},
+ {value: 0x3308, lo: 0xa4, hi: 0xa4},
+ {value: 0x0040, lo: 0xa5, hi: 0xaf},
+ {value: 0x3008, lo: 0xb0, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbf},
+ // Block 0xe8, offset 0x705
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xb7},
+ {value: 0x0040, lo: 0xb8, hi: 0xbf},
+ // Block 0xe9, offset 0x708
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x95},
+ {value: 0x0040, lo: 0x96, hi: 0xbf},
+ // Block 0xea, offset 0x70b
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0xbf},
+ // Block 0xeb, offset 0x70e
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x9e},
+ {value: 0x0040, lo: 0x9f, hi: 0xbf},
+ // Block 0xec, offset 0x711
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0040, lo: 0x80, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x92},
+ {value: 0x0040, lo: 0x93, hi: 0xa3},
+ {value: 0x0008, lo: 0xa4, hi: 0xa7},
+ {value: 0x0040, lo: 0xa8, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0xed, offset 0x718
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xbb},
+ {value: 0x0040, lo: 0xbc, hi: 0xbf},
+ // Block 0xee, offset 0x71b
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0008, lo: 0x80, hi: 0xaa},
+ {value: 0x0040, lo: 0xab, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0xef, offset 0x720
+ {value: 0x0000, lo: 0x09},
+ {value: 0x0008, lo: 0x80, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x8f},
+ {value: 0x0008, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9b},
+ {value: 0x0018, lo: 0x9c, hi: 0x9c},
+ {value: 0x3308, lo: 0x9d, hi: 0x9e},
+ {value: 0x0018, lo: 0x9f, hi: 0x9f},
+ {value: 0x03c0, lo: 0xa0, hi: 0xa3},
+ {value: 0x0040, lo: 0xa4, hi: 0xbf},
+ // Block 0xf0, offset 0x72a
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xbf},
+ // Block 0xf1, offset 0x72d
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xa6},
+ {value: 0x0040, lo: 0xa7, hi: 0xa8},
+ {value: 0x0018, lo: 0xa9, hi: 0xbf},
+ // Block 0xf2, offset 0x731
+ {value: 0x0000, lo: 0x0e},
+ {value: 0x0018, lo: 0x80, hi: 0x9d},
+ {value: 0xb609, lo: 0x9e, hi: 0x9e},
+ {value: 0xb651, lo: 0x9f, hi: 0x9f},
+ {value: 0xb699, lo: 0xa0, hi: 0xa0},
+ {value: 0xb701, lo: 0xa1, hi: 0xa1},
+ {value: 0xb769, lo: 0xa2, hi: 0xa2},
+ {value: 0xb7d1, lo: 0xa3, hi: 0xa3},
+ {value: 0xb839, lo: 0xa4, hi: 0xa4},
+ {value: 0x3018, lo: 0xa5, hi: 0xa6},
+ {value: 0x3318, lo: 0xa7, hi: 0xa9},
+ {value: 0x0018, lo: 0xaa, hi: 0xac},
+ {value: 0x3018, lo: 0xad, hi: 0xb2},
+ {value: 0x0340, lo: 0xb3, hi: 0xba},
+ {value: 0x3318, lo: 0xbb, hi: 0xbf},
+ // Block 0xf3, offset 0x740
+ {value: 0x0000, lo: 0x0b},
+ {value: 0x3318, lo: 0x80, hi: 0x82},
+ {value: 0x0018, lo: 0x83, hi: 0x84},
+ {value: 0x3318, lo: 0x85, hi: 0x8b},
+ {value: 0x0018, lo: 0x8c, hi: 0xa9},
+ {value: 0x3318, lo: 0xaa, hi: 0xad},
+ {value: 0x0018, lo: 0xae, hi: 0xba},
+ {value: 0xb8a1, lo: 0xbb, hi: 0xbb},
+ {value: 0xb8e9, lo: 0xbc, hi: 0xbc},
+ {value: 0xb931, lo: 0xbd, hi: 0xbd},
+ {value: 0xb999, lo: 0xbe, hi: 0xbe},
+ {value: 0xba01, lo: 0xbf, hi: 0xbf},
+ // Block 0xf4, offset 0x74c
+ {value: 0x0000, lo: 0x03},
+ {value: 0xba69, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0xa8},
+ {value: 0x0040, lo: 0xa9, hi: 0xbf},
+ // Block 0xf5, offset 0x750
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x81},
+ {value: 0x3318, lo: 0x82, hi: 0x84},
+ {value: 0x0018, lo: 0x85, hi: 0x85},
+ {value: 0x0040, lo: 0x86, hi: 0xbf},
+ // Block 0xf6, offset 0x755
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xbf},
+ // Block 0xf7, offset 0x759
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xbf},
+ // Block 0xf8, offset 0x75e
+ {value: 0x0000, lo: 0x03},
+ {value: 0x3308, lo: 0x80, hi: 0xb6},
+ {value: 0x0018, lo: 0xb7, hi: 0xba},
+ {value: 0x3308, lo: 0xbb, hi: 0xbf},
+ // Block 0xf9, offset 0x762
+ {value: 0x0000, lo: 0x04},
+ {value: 0x3308, lo: 0x80, hi: 0xac},
+ {value: 0x0018, lo: 0xad, hi: 0xb4},
+ {value: 0x3308, lo: 0xb5, hi: 0xb5},
+ {value: 0x0018, lo: 0xb6, hi: 0xbf},
+ // Block 0xfa, offset 0x767
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0018, lo: 0x80, hi: 0x83},
+ {value: 0x3308, lo: 0x84, hi: 0x84},
+ {value: 0x0018, lo: 0x85, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x9a},
+ {value: 0x3308, lo: 0x9b, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xa0},
+ {value: 0x3308, lo: 0xa1, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbf},
+ // Block 0xfb, offset 0x770
+ {value: 0x0000, lo: 0x0a},
+ {value: 0x3308, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x87},
+ {value: 0x3308, lo: 0x88, hi: 0x98},
+ {value: 0x0040, lo: 0x99, hi: 0x9a},
+ {value: 0x3308, lo: 0x9b, hi: 0xa1},
+ {value: 0x0040, lo: 0xa2, hi: 0xa2},
+ {value: 0x3308, lo: 0xa3, hi: 0xa4},
+ {value: 0x0040, lo: 0xa5, hi: 0xa5},
+ {value: 0x3308, lo: 0xa6, hi: 0xaa},
+ {value: 0x0040, lo: 0xab, hi: 0xbf},
+ // Block 0xfc, offset 0x77b
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xaf},
+ {value: 0x3308, lo: 0xb0, hi: 0xb6},
+ {value: 0x0008, lo: 0xb7, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbf},
+ // Block 0xfd, offset 0x781
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0x89},
+ {value: 0x0040, lo: 0x8a, hi: 0x8d},
+ {value: 0x0008, lo: 0x8e, hi: 0x8e},
+ {value: 0x0018, lo: 0x8f, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0xbf},
+ // Block 0xfe, offset 0x787
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0008, lo: 0x80, hi: 0xab},
+ {value: 0x3308, lo: 0xac, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbe},
+ {value: 0x0018, lo: 0xbf, hi: 0xbf},
+ // Block 0xff, offset 0x78d
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0808, lo: 0x80, hi: 0x84},
+ {value: 0x0040, lo: 0x85, hi: 0x86},
+ {value: 0x0818, lo: 0x87, hi: 0x8f},
+ {value: 0x3308, lo: 0x90, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0xbf},
+ // Block 0x100, offset 0x793
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0a08, lo: 0x80, hi: 0x83},
+ {value: 0x3308, lo: 0x84, hi: 0x8a},
+ {value: 0x0b08, lo: 0x8b, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8f},
+ {value: 0x0808, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9d},
+ {value: 0x0818, lo: 0x9e, hi: 0x9f},
+ {value: 0x0040, lo: 0xa0, hi: 0xbf},
+ // Block 0x101, offset 0x79c
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0040, lo: 0x80, hi: 0xb0},
+ {value: 0x0818, lo: 0xb1, hi: 0xbf},
+ // Block 0x102, offset 0x79f
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0818, lo: 0x80, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0x103, offset 0x7a2
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0818, lo: 0x81, hi: 0xbd},
+ {value: 0x0040, lo: 0xbe, hi: 0xbf},
+ // Block 0x104, offset 0x7a6
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0040, lo: 0x80, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbf},
+ // Block 0x105, offset 0x7aa
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xbf},
+ // Block 0x106, offset 0x7ae
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xae},
+ {value: 0x0040, lo: 0xaf, hi: 0xb0},
+ {value: 0x0018, lo: 0xb1, hi: 0xbf},
+ // Block 0x107, offset 0x7b4
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0018, lo: 0x81, hi: 0x8f},
+ {value: 0x0040, lo: 0x90, hi: 0x90},
+ {value: 0x0018, lo: 0x91, hi: 0xb5},
+ {value: 0x0040, lo: 0xb6, hi: 0xbf},
+ // Block 0x108, offset 0x7ba
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x8f},
+ {value: 0xc229, lo: 0x90, hi: 0x90},
+ {value: 0x0018, lo: 0x91, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xbf},
+ // Block 0x109, offset 0x7bf
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0040, lo: 0x80, hi: 0xa5},
+ {value: 0x0018, lo: 0xa6, hi: 0xbf},
+ // Block 0x10a, offset 0x7c2
+ {value: 0x0000, lo: 0x0f},
+ {value: 0xc851, lo: 0x80, hi: 0x80},
+ {value: 0xc8a1, lo: 0x81, hi: 0x81},
+ {value: 0xc8f1, lo: 0x82, hi: 0x82},
+ {value: 0xc941, lo: 0x83, hi: 0x83},
+ {value: 0xc991, lo: 0x84, hi: 0x84},
+ {value: 0xc9e1, lo: 0x85, hi: 0x85},
+ {value: 0xca31, lo: 0x86, hi: 0x86},
+ {value: 0xca81, lo: 0x87, hi: 0x87},
+ {value: 0xcad1, lo: 0x88, hi: 0x88},
+ {value: 0x0040, lo: 0x89, hi: 0x8f},
+ {value: 0xcb21, lo: 0x90, hi: 0x90},
+ {value: 0xcb41, lo: 0x91, hi: 0x91},
+ {value: 0x0040, lo: 0x92, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xa5},
+ {value: 0x0040, lo: 0xa6, hi: 0xbf},
+ // Block 0x10b, offset 0x7d2
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x97},
+ {value: 0x0040, lo: 0x98, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xac},
+ {value: 0x0040, lo: 0xad, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xbc},
+ {value: 0x0040, lo: 0xbd, hi: 0xbf},
+ // Block 0x10c, offset 0x7d9
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0018, lo: 0x80, hi: 0xb3},
+ {value: 0x0040, lo: 0xb4, hi: 0xbf},
+ // Block 0x10d, offset 0x7dc
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x98},
+ {value: 0x0040, lo: 0x99, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xab},
+ {value: 0x0040, lo: 0xac, hi: 0xbf},
+ // Block 0x10e, offset 0x7e1
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xbf},
+ // Block 0x10f, offset 0x7e5
+ {value: 0x0000, lo: 0x05},
+ {value: 0x0018, lo: 0x80, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0x99},
+ {value: 0x0040, lo: 0x9a, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xbf},
+ // Block 0x110, offset 0x7eb
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x87},
+ {value: 0x0040, lo: 0x88, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb1},
+ {value: 0x0040, lo: 0xb2, hi: 0xbf},
+ // Block 0x111, offset 0x7f2
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0xb8},
+ {value: 0x0040, lo: 0xb9, hi: 0xb9},
+ {value: 0x0018, lo: 0xba, hi: 0xbf},
+ // Block 0x112, offset 0x7f6
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x8b},
+ {value: 0x0040, lo: 0x8c, hi: 0x8c},
+ {value: 0x0018, lo: 0x8d, hi: 0xbf},
+ // Block 0x113, offset 0x7fa
+ {value: 0x0000, lo: 0x08},
+ {value: 0x0018, lo: 0x80, hi: 0x93},
+ {value: 0x0040, lo: 0x94, hi: 0x9f},
+ {value: 0x0018, lo: 0xa0, hi: 0xad},
+ {value: 0x0040, lo: 0xae, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xb7},
+ {value: 0x0018, lo: 0xb8, hi: 0xba},
+ {value: 0x0040, lo: 0xbb, hi: 0xbf},
+ // Block 0x114, offset 0x803
+ {value: 0x0000, lo: 0x06},
+ {value: 0x0018, lo: 0x80, hi: 0x86},
+ {value: 0x0040, lo: 0x87, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0xa8},
+ {value: 0x0040, lo: 0xa9, hi: 0xaf},
+ {value: 0x0018, lo: 0xb0, hi: 0xb6},
+ {value: 0x0040, lo: 0xb7, hi: 0xbf},
+ // Block 0x115, offset 0x80a
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0018, lo: 0x80, hi: 0x82},
+ {value: 0x0040, lo: 0x83, hi: 0x8f},
+ {value: 0x0018, lo: 0x90, hi: 0x96},
+ {value: 0x0040, lo: 0x97, hi: 0xbf},
+ // Block 0x116, offset 0x80f
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0018, lo: 0x80, hi: 0x92},
+ {value: 0x0040, lo: 0x93, hi: 0x93},
+ {value: 0x0018, lo: 0x94, hi: 0xbf},
+ // Block 0x117, offset 0x813
+ {value: 0x0000, lo: 0x0d},
+ {value: 0x0018, lo: 0x80, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0xaf},
+ {value: 0x1f41, lo: 0xb0, hi: 0xb0},
+ {value: 0x00c9, lo: 0xb1, hi: 0xb1},
+ {value: 0x0069, lo: 0xb2, hi: 0xb2},
+ {value: 0x0079, lo: 0xb3, hi: 0xb3},
+ {value: 0x1f51, lo: 0xb4, hi: 0xb4},
+ {value: 0x1f61, lo: 0xb5, hi: 0xb5},
+ {value: 0x1f71, lo: 0xb6, hi: 0xb6},
+ {value: 0x1f81, lo: 0xb7, hi: 0xb7},
+ {value: 0x1f91, lo: 0xb8, hi: 0xb8},
+ {value: 0x1fa1, lo: 0xb9, hi: 0xb9},
+ {value: 0x0040, lo: 0xba, hi: 0xbf},
+ // Block 0x118, offset 0x821
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0xbf},
+ // Block 0x119, offset 0x824
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xb4},
+ {value: 0x0040, lo: 0xb5, hi: 0xbf},
+ // Block 0x11a, offset 0x827
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0x9d},
+ {value: 0x0040, lo: 0x9e, hi: 0x9f},
+ {value: 0x0008, lo: 0xa0, hi: 0xbf},
+ // Block 0x11b, offset 0x82b
+ {value: 0x0000, lo: 0x03},
+ {value: 0x0008, lo: 0x80, hi: 0xa1},
+ {value: 0x0040, lo: 0xa2, hi: 0xaf},
+ {value: 0x0008, lo: 0xb0, hi: 0xbf},
+ // Block 0x11c, offset 0x82f
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0xa0},
+ {value: 0x0040, lo: 0xa1, hi: 0xbf},
+ // Block 0x11d, offset 0x832
+ {value: 0x0020, lo: 0x0f},
+ {value: 0xdf21, lo: 0x80, hi: 0x89},
+ {value: 0x8e35, lo: 0x8a, hi: 0x8a},
+ {value: 0xe061, lo: 0x8b, hi: 0x9c},
+ {value: 0x8e55, lo: 0x9d, hi: 0x9d},
+ {value: 0xe2a1, lo: 0x9e, hi: 0xa2},
+ {value: 0x8e75, lo: 0xa3, hi: 0xa3},
+ {value: 0xe341, lo: 0xa4, hi: 0xab},
+ {value: 0x7f0d, lo: 0xac, hi: 0xac},
+ {value: 0xe441, lo: 0xad, hi: 0xaf},
+ {value: 0x8e95, lo: 0xb0, hi: 0xb0},
+ {value: 0xe4a1, lo: 0xb1, hi: 0xb6},
+ {value: 0x8eb5, lo: 0xb7, hi: 0xb9},
+ {value: 0xe561, lo: 0xba, hi: 0xba},
+ {value: 0x8f15, lo: 0xbb, hi: 0xbb},
+ {value: 0xe581, lo: 0xbc, hi: 0xbf},
+ // Block 0x11e, offset 0x842
+ {value: 0x0020, lo: 0x10},
+ {value: 0x93b5, lo: 0x80, hi: 0x80},
+ {value: 0xf101, lo: 0x81, hi: 0x86},
+ {value: 0x93d5, lo: 0x87, hi: 0x8a},
+ {value: 0xda61, lo: 0x8b, hi: 0x8b},
+ {value: 0xf1c1, lo: 0x8c, hi: 0x96},
+ {value: 0x9455, lo: 0x97, hi: 0x97},
+ {value: 0xf321, lo: 0x98, hi: 0xa3},
+ {value: 0x9475, lo: 0xa4, hi: 0xa6},
+ {value: 0xf4a1, lo: 0xa7, hi: 0xaa},
+ {value: 0x94d5, lo: 0xab, hi: 0xab},
+ {value: 0xf521, lo: 0xac, hi: 0xac},
+ {value: 0x94f5, lo: 0xad, hi: 0xad},
+ {value: 0xf541, lo: 0xae, hi: 0xaf},
+ {value: 0x9515, lo: 0xb0, hi: 0xb1},
+ {value: 0xf581, lo: 0xb2, hi: 0xbe},
+ {value: 0x2040, lo: 0xbf, hi: 0xbf},
+ // Block 0x11f, offset 0x853
+ {value: 0x0000, lo: 0x02},
+ {value: 0x0008, lo: 0x80, hi: 0x8a},
+ {value: 0x0040, lo: 0x8b, hi: 0xbf},
+ // Block 0x120, offset 0x856
+ {value: 0x0000, lo: 0x04},
+ {value: 0x0040, lo: 0x80, hi: 0x80},
+ {value: 0x0340, lo: 0x81, hi: 0x81},
+ {value: 0x0040, lo: 0x82, hi: 0x9f},
+ {value: 0x0340, lo: 0xa0, hi: 0xbf},
+ // Block 0x121, offset 0x85b
+ {value: 0x0000, lo: 0x01},
+ {value: 0x0340, lo: 0x80, hi: 0xbf},
+ // Block 0x122, offset 0x85d
+ {value: 0x0000, lo: 0x01},
+ {value: 0x33c0, lo: 0x80, hi: 0xbf},
+ // Block 0x123, offset 0x85f
+ {value: 0x0000, lo: 0x02},
+ {value: 0x33c0, lo: 0x80, hi: 0xaf},
+ {value: 0x0040, lo: 0xb0, hi: 0xbf},
+}
+
+// Total table size 43370 bytes (42KiB); checksum: EBD909C0
diff --git a/vendor/golang.org/x/net/idna/tables9.0.0.go b/vendor/golang.org/x/net/idna/tables9.0.0.go
index 8b65fa16..4074b533 100644
--- a/vendor/golang.org/x/net/idna/tables9.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables9.0.0.go
@@ -1,5 +1,6 @@
// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+//go:build !go1.10
// +build !go1.10
package idna
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr.go b/vendor/golang.org/x/net/internal/socket/cmsghdr.go
index 0a73e277..4bdaaaf1 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
index 14dbb3ad..0d30e0a0 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
// +build aix darwin dragonfly freebsd netbsd openbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
index bac66811..623cf30f 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_32bit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm || mips || mipsle || 386) && linux
// +build arm mips mipsle 386
// +build linux
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
index 27be0efa..1ba43101 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_linux_64bit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm64 || amd64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && linux
// +build arm64 amd64 ppc64 ppc64le mips64 mips64le riscv64 s390x
// +build linux
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
index 7dedd430..d3dbe1b8 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_solaris_64bit.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build amd64
-// +build solaris
+//go:build amd64 && solaris
+// +build amd64,solaris
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
index e581011b..1d9f2ed6 100644
--- a/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_stub.go
@@ -2,13 +2,24 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!zos
package socket
-type cmsghdr struct{}
+func controlHeaderLen() int {
+ return 0
+}
-const sizeofCmsghdr = 0
+func controlMessageLen(dataLen int) int {
+ return 0
+}
+
+func controlMessageSpace(dataLen int) int {
+ return 0
+}
+
+type cmsghdr struct{}
func (h *cmsghdr) len() int { return 0 }
func (h *cmsghdr) lvl() int { return 0 }
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go
new file mode 100644
index 00000000..aa1b0620
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_unix.go
@@ -0,0 +1,22 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+
+package socket
+
+import "golang.org/x/sys/unix"
+
+func controlHeaderLen() int {
+ return unix.CmsgLen(0)
+}
+
+func controlMessageLen(dataLen int) int {
+ return unix.CmsgLen(dataLen)
+}
+
+func controlMessageSpace(dataLen int) int {
+ return unix.CmsgSpace(dataLen)
+}
diff --git a/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go b/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go
new file mode 100644
index 00000000..98be146b
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/cmsghdr_zos_s390x.go
@@ -0,0 +1,25 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+import "syscall"
+
+func (h *cmsghdr) set(l, lvl, typ int) {
+ h.Len = int32(l)
+ h.Level = int32(lvl)
+ h.Type = int32(typ)
+}
+
+func controlHeaderLen() int {
+ return syscall.CmsgLen(0)
+}
+
+func controlMessageLen(dataLen int) int {
+ return syscall.CmsgLen(dataLen)
+}
+
+func controlMessageSpace(dataLen int) int {
+ return syscall.CmsgSpace(dataLen)
+}
diff --git a/vendor/golang.org/x/net/internal/socket/error_unix.go b/vendor/golang.org/x/net/internal/socket/error_unix.go
index f14872d3..78f41290 100644
--- a/vendor/golang.org/x/net/internal/socket/error_unix.go
+++ b/vendor/golang.org/x/net/internal/socket/error_unix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/iovec_32bit.go b/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
index 05d6082d..1f42d034 100644
--- a/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
+++ b/vendor/golang.org/x/net/internal/socket/iovec_32bit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm || mips || mipsle || 386) && (darwin || dragonfly || freebsd || linux || netbsd || openbsd)
// +build arm mips mipsle 386
// +build darwin dragonfly freebsd linux netbsd openbsd
diff --git a/vendor/golang.org/x/net/internal/socket/iovec_64bit.go b/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
index dfeda752..3dc5def2 100644
--- a/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/iovec_64bit.go
@@ -2,8 +2,9 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm64 || amd64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || zos)
// +build arm64 amd64 ppc64 ppc64le mips64 mips64le riscv64 s390x
-// +build aix darwin dragonfly freebsd linux netbsd openbsd
+// +build aix darwin dragonfly freebsd linux netbsd openbsd zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go b/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
index 8d17a40c..f7da2bc4 100644
--- a/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/iovec_solaris_64bit.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build amd64
-// +build solaris
+//go:build amd64 && solaris
+// +build amd64,solaris
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/iovec_stub.go b/vendor/golang.org/x/net/internal/socket/iovec_stub.go
index a746e90e..14caf524 100644
--- a/vendor/golang.org/x/net/internal/socket/iovec_stub.go
+++ b/vendor/golang.org/x/net/internal/socket/iovec_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go b/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
index 1a7f2792..113e773c 100644
--- a/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
+++ b/vendor/golang.org/x/net/internal/socket/mmsghdr_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !aix && !linux && !netbsd
// +build !aix,!linux,!netbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go b/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
index f1100683..5025a0f7 100644
--- a/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
+++ b/vendor/golang.org/x/net/internal/socket/mmsghdr_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || linux || netbsd
// +build aix linux netbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go b/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
index 77f44c1f..25f6847f 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
// +build aix darwin dragonfly freebsd netbsd openbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go b/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
index c5562dd6..5b8e00f1 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_bsdvar.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd
// +build aix darwin dragonfly freebsd netbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go b/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
index a7a5987c..2e09e266 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_linux_32bit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm || mips || mipsle || 386) && linux
// +build arm mips mipsle 386
// +build linux
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go b/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
index e731833a..c9c592dd 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_linux_64bit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (arm64 || amd64 || ppc64 || ppc64le || mips64 || mips64le || riscv64 || s390x) && linux
// +build arm64 amd64 ppc64 ppc64le mips64 mips64le riscv64 s390x
// +build linux
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go b/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
index 6465b207..3098f5d7 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_solaris_64bit.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build amd64
-// +build solaris
+//go:build amd64 && solaris
+// +build amd64,solaris
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_stub.go b/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
index 873490a7..eb79151f 100644
--- a/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go b/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go
new file mode 100644
index 00000000..324e9ee7
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/msghdr_zos_s390x.go
@@ -0,0 +1,36 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build s390x && zos
+// +build s390x,zos
+
+package socket
+
+import "unsafe"
+
+func (h *msghdr) pack(vs []iovec, bs [][]byte, oob []byte, sa []byte) {
+ for i := range vs {
+ vs[i].set(bs[i])
+ }
+ if len(vs) > 0 {
+ h.Iov = &vs[0]
+ h.Iovlen = int32(len(vs))
+ }
+ if len(oob) > 0 {
+ h.Control = (*byte)(unsafe.Pointer(&oob[0]))
+ h.Controllen = uint32(len(oob))
+ }
+ if sa != nil {
+ h.Name = (*byte)(unsafe.Pointer(&sa[0]))
+ h.Namelen = uint32(len(sa))
+ }
+}
+
+func (h *msghdr) controllen() int {
+ return int(h.Controllen)
+}
+
+func (h *msghdr) flags() int {
+ return int(h.Flags)
+}
diff --git a/vendor/golang.org/x/net/internal/socket/norace.go b/vendor/golang.org/x/net/internal/socket/norace.go
index 9519ffbb..de0ad420 100644
--- a/vendor/golang.org/x/net/internal/socket/norace.go
+++ b/vendor/golang.org/x/net/internal/socket/norace.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !race
// +build !race
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/race.go b/vendor/golang.org/x/net/internal/socket/race.go
index df60c62f..f0a28a62 100644
--- a/vendor/golang.org/x/net/internal/socket/race.go
+++ b/vendor/golang.org/x/net/internal/socket/race.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build race
// +build race
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/rawconn.go b/vendor/golang.org/x/net/internal/socket/rawconn.go
index b07b8900..87e81071 100644
--- a/vendor/golang.org/x/net/internal/socket/rawconn.go
+++ b/vendor/golang.org/x/net/internal/socket/rawconn.go
@@ -17,18 +17,45 @@ type Conn struct {
c syscall.RawConn
}
+// tcpConn is an interface implemented by net.TCPConn.
+// It can be used for interface assertions to check if a net.Conn is a TCP connection.
+type tcpConn interface {
+ SyscallConn() (syscall.RawConn, error)
+ SetLinger(int) error
+}
+
+var _ tcpConn = (*net.TCPConn)(nil)
+
+// udpConn is an interface implemented by net.UDPConn.
+// It can be used for interface assertions to check if a net.Conn is a UDP connection.
+type udpConn interface {
+ SyscallConn() (syscall.RawConn, error)
+ ReadMsgUDP(b, oob []byte) (n, oobn, flags int, addr *net.UDPAddr, err error)
+}
+
+var _ udpConn = (*net.UDPConn)(nil)
+
+// ipConn is an interface implemented by net.IPConn.
+// It can be used for interface assertions to check if a net.Conn is an IP connection.
+type ipConn interface {
+ SyscallConn() (syscall.RawConn, error)
+ ReadMsgIP(b, oob []byte) (n, oobn, flags int, addr *net.IPAddr, err error)
+}
+
+var _ ipConn = (*net.IPConn)(nil)
+
// NewConn returns a new raw connection.
func NewConn(c net.Conn) (*Conn, error) {
var err error
var cc Conn
switch c := c.(type) {
- case *net.TCPConn:
+ case tcpConn:
cc.network = "tcp"
cc.c, err = c.SyscallConn()
- case *net.UDPConn:
+ case udpConn:
cc.network = "udp"
cc.c, err = c.SyscallConn()
- case *net.IPConn:
+ case ipConn:
cc.network = "ip"
cc.c, err = c.SyscallConn()
default:
diff --git a/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go b/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
index d01fc4c7..5d90de11 100644
--- a/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
+++ b/vendor/golang.org/x/net/internal/socket/rawconn_mmsg.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/rawconn_msg.go b/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
index d5ae3f8e..dfed9a8d 100644
--- a/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
+++ b/vendor/golang.org/x/net/internal/socket/rawconn_msg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows zos
package socket
@@ -24,7 +25,7 @@ func (c *Conn) recvMsg(m *Message, flags int) error {
var n int
fn := func(s uintptr) bool {
n, operr = recvmsg(s, &h, flags)
- if operr == syscall.EAGAIN {
+ if operr == syscall.EAGAIN || operr == syscall.EWOULDBLOCK {
return false
}
return true
@@ -61,7 +62,7 @@ func (c *Conn) sendMsg(m *Message, flags int) error {
var n int
fn := func(s uintptr) bool {
n, operr = sendmsg(s, &h, flags)
- if operr == syscall.EAGAIN {
+ if operr == syscall.EAGAIN || operr == syscall.EWOULDBLOCK {
return false
}
return true
diff --git a/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go b/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
index fe5bb942..02f32855 100644
--- a/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
+++ b/vendor/golang.org/x/net/internal/socket/rawconn_nommsg.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux
// +build !linux
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go b/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
index b8cea6fe..dd785877 100644
--- a/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
+++ b/vendor/golang.org/x/net/internal/socket/rawconn_nomsg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/socket.go b/vendor/golang.org/x/net/internal/socket/socket.go
index 23571b8d..dba47bf1 100644
--- a/vendor/golang.org/x/net/internal/socket/socket.go
+++ b/vendor/golang.org/x/net/internal/socket/socket.go
@@ -90,17 +90,9 @@ func (o *Option) SetInt(c *Conn, v int) error {
return o.set(c, b)
}
-func controlHeaderLen() int {
- return roundup(sizeofCmsghdr)
-}
-
-func controlMessageLen(dataLen int) int {
- return roundup(sizeofCmsghdr) + dataLen
-}
-
// ControlMessageSpace returns the whole length of control message.
func ControlMessageSpace(dataLen int) int {
- return roundup(sizeofCmsghdr) + roundup(dataLen)
+ return controlMessageSpace(dataLen)
}
// A ControlMessage represents the head message in a stream of control
diff --git a/vendor/golang.org/x/net/internal/socket/sys.go b/vendor/golang.org/x/net/internal/socket/sys.go
index ee492ba8..4a26af18 100644
--- a/vendor/golang.org/x/net/internal/socket/sys.go
+++ b/vendor/golang.org/x/net/internal/socket/sys.go
@@ -9,13 +9,8 @@ import (
"unsafe"
)
-var (
- // NativeEndian is the machine native endian implementation of
- // ByteOrder.
- NativeEndian binary.ByteOrder
-
- kernelAlign int
-)
+// NativeEndian is the machine native endian implementation of ByteOrder.
+var NativeEndian binary.ByteOrder
func init() {
i := uint32(1)
@@ -25,9 +20,4 @@ func init() {
} else {
NativeEndian = binary.BigEndian
}
- kernelAlign = probeProtocolStack()
-}
-
-func roundup(l int) int {
- return (l + kernelAlign - 1) &^ (kernelAlign - 1)
}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_bsd.go b/vendor/golang.org/x/net/internal/socket/sys_bsd.go
index d432835b..b6cd7708 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_bsd.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || openbsd
// +build aix darwin dragonfly freebsd openbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_bsdvar.go b/vendor/golang.org/x/net/internal/socket/sys_bsdvar.go
deleted file mode 100644
index b4f41b55..00000000
--- a/vendor/golang.org/x/net/internal/socket/sys_bsdvar.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build aix freebsd netbsd openbsd
-
-package socket
-
-import (
- "runtime"
- "unsafe"
-)
-
-func probeProtocolStack() int {
- if (runtime.GOOS == "netbsd" || runtime.GOOS == "openbsd") && runtime.GOARCH == "arm" {
- return 8
- }
- if runtime.GOOS == "aix" {
- return 1
- }
- var p uintptr
- return int(unsafe.Sizeof(p))
-}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_const_unix.go b/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
index 43797d6e..f077b2f1 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_const_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_const_zos.go b/vendor/golang.org/x/net/internal/socket/sys_const_zos.go
new file mode 100644
index 00000000..30486295
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/sys_const_zos.go
@@ -0,0 +1,18 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos
+// +build zos
+
+package socket
+
+import "syscall"
+
+const (
+ sysAF_UNSPEC = syscall.AF_UNSPEC
+ sysAF_INET = syscall.AF_INET
+ sysAF_INET6 = syscall.AF_INET6
+
+ sysSOCK_RAW = syscall.SOCK_RAW
+)
diff --git a/vendor/golang.org/x/net/internal/socket/sys_darwin.go b/vendor/golang.org/x/net/internal/socket/sys_darwin.go
deleted file mode 100644
index b17d223b..00000000
--- a/vendor/golang.org/x/net/internal/socket/sys_darwin.go
+++ /dev/null
@@ -1,7 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package socket
-
-func probeProtocolStack() int { return 4 }
diff --git a/vendor/golang.org/x/net/internal/socket/sys_dragonfly.go b/vendor/golang.org/x/net/internal/socket/sys_dragonfly.go
deleted file mode 100644
index ed0448fe..00000000
--- a/vendor/golang.org/x/net/internal/socket/sys_dragonfly.go
+++ /dev/null
@@ -1,32 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package socket
-
-import (
- "sync"
- "syscall"
- "unsafe"
-)
-
-// See version list in https://github.com/DragonFlyBSD/DragonFlyBSD/blob/master/sys/sys/param.h
-var (
- osreldateOnce sync.Once
- osreldate uint32
-)
-
-// First __DragonFly_version after September 2019 ABI changes
-// http://lists.dragonflybsd.org/pipermail/users/2019-September/358280.html
-const _dragonflyABIChangeVersion = 500705
-
-func probeProtocolStack() int {
- osreldateOnce.Do(func() { osreldate, _ = syscall.SysctlUint32("kern.osreldate") })
- var p uintptr
- if int(unsafe.Sizeof(p)) == 8 && osreldate >= _dragonflyABIChangeVersion {
- return int(unsafe.Sizeof(p))
- }
- // 64-bit Dragonfly before the September 2019 ABI changes still requires
- // 32-bit aligned access to network subsystem.
- return 4
-}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linkname.go b/vendor/golang.org/x/net/internal/socket/sys_linkname.go
index 61c3f38a..21734af4 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linkname.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linkname.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || (go1.12 && darwin)
// +build aix go1.12,darwin
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux.go b/vendor/golang.org/x/net/internal/socket/sys_linux.go
index 1559521e..76f5b8ae 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && !s390x && !386
// +build linux,!s390x,!386
package socket
@@ -11,11 +12,6 @@ import (
"unsafe"
)
-func probeProtocolStack() int {
- var p uintptr
- return int(unsafe.Sizeof(p))
-}
-
func recvmmsg(s uintptr, hs []mmsghdr, flags int) (int, error) {
n, _, errno := syscall.Syscall6(sysRECVMMSG, s, uintptr(unsafe.Pointer(&hs[0])), uintptr(len(hs)), uintptr(flags), 0, 0)
return int(n), errnoErr(errno)
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux_386.go b/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
index 235b2cc0..65121532 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux_386.go
@@ -9,8 +9,6 @@ import (
"unsafe"
)
-func probeProtocolStack() int { return 4 }
-
const (
sysSETSOCKOPT = 0xe
sysGETSOCKOPT = 0xf
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go b/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
index 64f69f1d..5b128fbb 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux_riscv64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build riscv64
// +build riscv64
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go b/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
index 327979ef..65121532 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_linux_s390x.go
@@ -9,8 +9,6 @@ import (
"unsafe"
)
-func probeProtocolStack() int { return 8 }
-
const (
sysSETSOCKOPT = 0xe
sysGETSOCKOPT = 0xf
diff --git a/vendor/golang.org/x/net/internal/socket/sys_posix.go b/vendor/golang.org/x/net/internal/socket/sys_posix.go
index 22eae809..25ded217 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_posix.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_posix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows zos
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_solaris.go b/vendor/golang.org/x/net/internal/socket/sys_solaris.go
index 66b55478..e79ca951 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_solaris.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_solaris.go
@@ -5,21 +5,10 @@
package socket
import (
- "runtime"
"syscall"
"unsafe"
)
-func probeProtocolStack() int {
- switch runtime.GOARCH {
- case "amd64":
- return 4
- default:
- var p uintptr
- return int(unsafe.Sizeof(p))
- }
-}
-
//go:cgo_import_dynamic libc___xnet_getsockopt __xnet_getsockopt "libsocket.so"
//go:cgo_import_dynamic libc_setsockopt setsockopt "libsocket.so"
//go:cgo_import_dynamic libc___xnet_recvmsg __xnet_recvmsg "libsocket.so"
diff --git a/vendor/golang.org/x/net/internal/socket/sys_stub.go b/vendor/golang.org/x/net/internal/socket/sys_stub.go
index 0f617426..dc7bb389 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_stub.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_stub.go
@@ -2,15 +2,12 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package socket
-import (
- "net"
- "runtime"
- "unsafe"
-)
+import "net"
const (
sysAF_UNSPEC = 0x0
@@ -20,16 +17,6 @@ const (
sysSOCK_RAW = 0x3
)
-func probeProtocolStack() int {
- switch runtime.GOARCH {
- case "amd64p32", "mips64p32":
- return 4
- default:
- var p uintptr
- return int(unsafe.Sizeof(p))
- }
-}
-
func marshalInetAddr(ip net.IP, port int, zone string) []byte {
return nil
}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_unix.go b/vendor/golang.org/x/net/internal/socket/sys_unix.go
index 0eb71283..c98ebae5 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_unix.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build dragonfly || freebsd || (linux && !s390x && !386) || netbsd || openbsd
// +build dragonfly freebsd linux,!s390x,!386 netbsd openbsd
package socket
diff --git a/vendor/golang.org/x/net/internal/socket/sys_go1_11_darwin.go b/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
similarity index 52%
rename from vendor/golang.org/x/net/internal/socket/sys_go1_11_darwin.go
rename to vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
index 02d2b3cc..1e38b922 100644
--- a/vendor/golang.org/x/net/internal/socket/sys_go1_11_darwin.go
+++ b/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.go
@@ -1,9 +1,7 @@
-// Copyright 2018 The Go Authors. All rights reserved.
+// Copyright 2020 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !go1.12
-
package socket
import (
@@ -11,23 +9,30 @@ import (
"unsafe"
)
+func syscall_syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err syscall.Errno)
+func syscall_syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err syscall.Errno)
+
+func probeProtocolStack() int {
+ return 4 // sizeof(int) on GOOS=zos GOARCH=s390x
+}
+
func getsockopt(s uintptr, level, name int, b []byte) (int, error) {
l := uint32(len(b))
- _, _, errno := syscall.Syscall6(syscall.SYS_GETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
+ _, _, errno := syscall_syscall6(syscall.SYS_GETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(unsafe.Pointer(&l)), 0)
return int(l), errnoErr(errno)
}
func setsockopt(s uintptr, level, name int, b []byte) error {
- _, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
+ _, _, errno := syscall_syscall6(syscall.SYS_SETSOCKOPT, s, uintptr(level), uintptr(name), uintptr(unsafe.Pointer(&b[0])), uintptr(len(b)), 0)
return errnoErr(errno)
}
func recvmsg(s uintptr, h *msghdr, flags int) (int, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_RECVMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
+ n, _, errno := syscall_syscall(syscall.SYS___RECVMSG_A, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
return int(n), errnoErr(errno)
}
func sendmsg(s uintptr, h *msghdr, flags int) (int, error) {
- n, _, errno := syscall.Syscall(syscall.SYS_SENDMSG, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
+ n, _, errno := syscall_syscall(syscall.SYS___SENDMSG_A, s, uintptr(unsafe.Pointer(h)), uintptr(flags))
return int(n), errnoErr(errno)
}
diff --git a/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s b/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s
new file mode 100644
index 00000000..60d5839c
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/sys_zos_s390x.s
@@ -0,0 +1,11 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+TEXT ·syscall_syscall(SB),NOSPLIT,$0
+ JMP syscall·_syscall(SB)
+
+TEXT ·syscall_syscall6(SB),NOSPLIT,$0
+ JMP syscall·_syscall6(SB)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go b/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
index e740c8f0..79f3bdd5 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_aix_ppc64.go
@@ -2,6 +2,7 @@
// cgo -godefs defs_aix.go
// Added for go1.11 compatibility
+//go:build aix
// +build aix
package socket
@@ -51,9 +52,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go
index 083bda51..150f980f 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_386.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
index 55c6c9f5..a686c952 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_amd64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go
index 083bda51..150f980f 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
index 55c6c9f5..a686c952 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_darwin_arm64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
index 8b7d161d..d45c197e 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_dragonfly_amd64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
index 3e71ff57..ffec860e 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_386.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
index 238d90de..aa701ab6 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_amd64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
index 3e71ff57..ffec860e 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
index 238d90de..aa701ab6 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_freebsd_arm64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
index d33025b7..0c847bee 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_386.go
@@ -45,9 +45,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
index b20d2167..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_amd64.go
@@ -48,9 +48,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x38
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
index 1bb10a42..0c847bee 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm.go
@@ -48,8 +48,6 @@ const (
sizeofIovec = 0x8
sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_arm64.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
index 1bb10a42..0c847bee 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips.go
@@ -48,8 +48,6 @@ const (
sizeofIovec = 0x8
sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mips64le.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
index 1bb10a42..0c847bee 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_mipsle.go
@@ -48,8 +48,6 @@ const (
sizeofIovec = 0x8
sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_ppc64le.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
index f12a1d76..12ec2e42 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_riscv64.go
@@ -1,6 +1,7 @@
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs defs_linux.go
+//go:build riscv64
// +build riscv64
package socket
@@ -52,8 +53,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go b/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
index 7f6e8a7f..15e2aeca 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_linux_s390x.go
@@ -51,8 +51,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x38
- sizeofCmsghdr = 0x10
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
index 7e258cec..6b72d24d 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_386.go
@@ -50,8 +50,6 @@ const (
sizeofIovec = 0x8
sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
index b3f9c0d7..9aaa4ab1 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_amd64.go
@@ -53,8 +53,6 @@ const (
sizeofIovec = 0x10
sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
index 7e258cec..6b72d24d 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm.go
@@ -50,8 +50,6 @@ const (
sizeofIovec = 0x8
sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
-
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
index da26ef01..9aaa4ab1 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_netbsd_arm64.go
@@ -50,9 +50,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
index 73655a14..3ec8d42f 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_386.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
index 0a4de80f..ea0ee008 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_amd64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
index 73655a14..3ec8d42f 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm.go
@@ -42,9 +42,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x8
- sizeofMsghdr = 0x1c
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x8
+ sizeofMsghdr = 0x1c
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
index 0a4de80f..ea0ee008 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_arm64.go
@@ -44,9 +44,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go
new file mode 100644
index 00000000..01128324
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_mips64.go
@@ -0,0 +1,50 @@
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs defs_openbsd.go
+
+package socket
+
+type iovec struct {
+ Base *byte
+ Len uint64
+}
+
+type msghdr struct {
+ Name *byte
+ Namelen uint32
+ Iov *iovec
+ Iovlen uint32
+ Control *byte
+ Controllen uint32
+ Flags int32
+}
+
+type cmsghdr struct {
+ Len uint32
+ Level int32
+ Type int32
+}
+
+type sockaddrInet struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Addr [4]byte /* in_addr */
+ Zero [8]int8
+}
+
+type sockaddrInet6 struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Flowinfo uint32
+ Addr [16]byte /* in6_addr */
+ Scope_id uint32
+}
+
+const (
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
+
+ sizeofSockaddrInet = 0x10
+ sizeofSockaddrInet6 = 0x1c
+)
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go b/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
index 353cd5fb..48b2b591 100644
--- a/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
+++ b/vendor/golang.org/x/net/internal/socket/zsys_solaris_amd64.go
@@ -43,9 +43,8 @@ type sockaddrInet6 struct {
}
const (
- sizeofIovec = 0x10
- sizeofMsghdr = 0x30
- sizeofCmsghdr = 0xc
+ sizeofIovec = 0x10
+ sizeofMsghdr = 0x30
sizeofSockaddrInet = 0x10
sizeofSockaddrInet6 = 0x20
diff --git a/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go b/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go
new file mode 100644
index 00000000..514ca375
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socket/zsys_zos_s390x.go
@@ -0,0 +1,32 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socket
+
+type iovec struct {
+ Base *byte
+ Len uint64
+}
+
+type msghdr struct {
+ Name *byte
+ Iov *iovec
+ Control *byte
+ Flags int32
+ Namelen uint32
+ Iovlen int32
+ Controllen uint32
+}
+
+type cmsghdr struct {
+ Len int32
+ Level int32
+ Type int32
+}
+
+const (
+ sizeofCmsghdr = 12
+ sizeofSockaddrInet = 16
+ sizeofSockaddrInet6 = 28
+)
diff --git a/vendor/golang.org/x/net/ipv4/control_bsd.go b/vendor/golang.org/x/net/ipv4/control_bsd.go
index 69c4f553..6fef740f 100644
--- a/vendor/golang.org/x/net/ipv4/control_bsd.go
+++ b/vendor/golang.org/x/net/ipv4/control_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
// +build aix darwin dragonfly freebsd netbsd openbsd
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/control_pktinfo.go b/vendor/golang.org/x/net/ipv4/control_pktinfo.go
index 425338f3..0e748dbd 100644
--- a/vendor/golang.org/x/net/ipv4/control_pktinfo.go
+++ b/vendor/golang.org/x/net/ipv4/control_pktinfo.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin || linux || solaris
// +build darwin linux solaris
package ipv4
@@ -12,11 +13,13 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
m := socket.ControlMessage(b)
- m.MarshalHeader(iana.ProtocolIP, sysIP_PKTINFO, sizeofInetPktinfo)
+ m.MarshalHeader(iana.ProtocolIP, unix.IP_PKTINFO, sizeofInetPktinfo)
if cm != nil {
pi := (*inetPktinfo)(unsafe.Pointer(&m.Data(sizeofInetPktinfo)[0]))
if ip := cm.Src.To4(); ip != nil {
diff --git a/vendor/golang.org/x/net/ipv4/control_stub.go b/vendor/golang.org/x/net/ipv4/control_stub.go
index a0c049d6..f27322c3 100644
--- a/vendor/golang.org/x/net/ipv4/control_stub.go
+++ b/vendor/golang.org/x/net/ipv4/control_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/control_unix.go b/vendor/golang.org/x/net/ipv4/control_unix.go
index b27fa490..edce30f1 100644
--- a/vendor/golang.org/x/net/ipv4/control_unix.go
+++ b/vendor/golang.org/x/net/ipv4/control_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/control_zos.go b/vendor/golang.org/x/net/ipv4/control_zos.go
new file mode 100644
index 00000000..de11c42e
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv4/control_zos.go
@@ -0,0 +1,88 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+ "net"
+ "unsafe"
+
+ "golang.org/x/net/internal/iana"
+ "golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
+)
+
+func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
+ m := socket.ControlMessage(b)
+ m.MarshalHeader(iana.ProtocolIP, unix.IP_PKTINFO, sizeofInetPktinfo)
+ if cm != nil {
+ pi := (*inetPktinfo)(unsafe.Pointer(&m.Data(sizeofInetPktinfo)[0]))
+ if ip := cm.Src.To4(); ip != nil {
+ copy(pi.Addr[:], ip)
+ }
+ if cm.IfIndex > 0 {
+ pi.setIfindex(cm.IfIndex)
+ }
+ }
+ return m.Next(sizeofInetPktinfo)
+}
+
+func parsePacketInfo(cm *ControlMessage, b []byte) {
+ pi := (*inetPktinfo)(unsafe.Pointer(&b[0]))
+ cm.IfIndex = int(pi.Ifindex)
+ if len(cm.Dst) < net.IPv4len {
+ cm.Dst = make(net.IP, net.IPv4len)
+ }
+ copy(cm.Dst, pi.Addr[:])
+}
+
+func setControlMessage(c *socket.Conn, opt *rawOpt, cf ControlFlags, on bool) error {
+ opt.Lock()
+ defer opt.Unlock()
+ if so, ok := sockOpts[ssoReceiveTTL]; ok && cf&FlagTTL != 0 {
+ if err := so.SetInt(c, boolint(on)); err != nil {
+ return err
+ }
+ if on {
+ opt.set(FlagTTL)
+ } else {
+ opt.clear(FlagTTL)
+ }
+ }
+ if so, ok := sockOpts[ssoPacketInfo]; ok {
+ if cf&(FlagSrc|FlagDst|FlagInterface) != 0 {
+ if err := so.SetInt(c, boolint(on)); err != nil {
+ return err
+ }
+ if on {
+ opt.set(cf & (FlagSrc | FlagDst | FlagInterface))
+ } else {
+ opt.clear(cf & (FlagSrc | FlagDst | FlagInterface))
+ }
+ }
+ } else {
+ if so, ok := sockOpts[ssoReceiveDst]; ok && cf&FlagDst != 0 {
+ if err := so.SetInt(c, boolint(on)); err != nil {
+ return err
+ }
+ if on {
+ opt.set(FlagDst)
+ } else {
+ opt.clear(FlagDst)
+ }
+ }
+ if so, ok := sockOpts[ssoReceiveInterface]; ok && cf&FlagInterface != 0 {
+ if err := so.SetInt(c, boolint(on)); err != nil {
+ return err
+ }
+ if on {
+ opt.set(FlagInterface)
+ } else {
+ opt.clear(FlagInterface)
+ }
+ }
+ }
+ return nil
+}
diff --git a/vendor/golang.org/x/net/ipv4/header.go b/vendor/golang.org/x/net/ipv4/header.go
index c271ca46..a00a3eaf 100644
--- a/vendor/golang.org/x/net/ipv4/header.go
+++ b/vendor/golang.org/x/net/ipv4/header.go
@@ -67,7 +67,7 @@ func (h *Header) Marshal() ([]byte, error) {
b[1] = byte(h.TOS)
flagsAndFragOff := (h.FragOff & 0x1fff) | int(h.Flags<<13)
switch runtime.GOOS {
- case "darwin", "dragonfly", "netbsd":
+ case "darwin", "ios", "dragonfly", "netbsd":
socket.NativeEndian.PutUint16(b[2:4], uint16(h.TotalLen))
socket.NativeEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
case "freebsd":
@@ -126,7 +126,7 @@ func (h *Header) Parse(b []byte) error {
h.Src = net.IPv4(b[12], b[13], b[14], b[15])
h.Dst = net.IPv4(b[16], b[17], b[18], b[19])
switch runtime.GOOS {
- case "darwin", "dragonfly", "netbsd":
+ case "darwin", "ios", "dragonfly", "netbsd":
h.TotalLen = int(socket.NativeEndian.Uint16(b[2:4])) + hdrlen
h.FragOff = int(socket.NativeEndian.Uint16(b[6:8]))
case "freebsd":
diff --git a/vendor/golang.org/x/net/ipv4/icmp_stub.go b/vendor/golang.org/x/net/ipv4/icmp_stub.go
index 21bb29ab..cd4ee6e1 100644
--- a/vendor/golang.org/x/net/ipv4/icmp_stub.go
+++ b/vendor/golang.org/x/net/ipv4/icmp_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux
// +build !linux
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/payload_cmsg.go b/vendor/golang.org/x/net/ipv4/payload_cmsg.go
index e7614661..1bb370e2 100644
--- a/vendor/golang.org/x/net/ipv4/payload_cmsg.go
+++ b/vendor/golang.org/x/net/ipv4/payload_cmsg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/payload_nocmsg.go b/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
index 1116256f..53f0794e 100644
--- a/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
+++ b/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_posix.go b/vendor/golang.org/x/net/ipv4/sockopt_posix.go
index dea64519..eb07c1c0 100644
--- a/vendor/golang.org/x/net/ipv4/sockopt_posix.go
+++ b/vendor/golang.org/x/net/ipv4/sockopt_posix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_stub.go b/vendor/golang.org/x/net/ipv4/sockopt_stub.go
index 37d4806b..cf036893 100644
--- a/vendor/golang.org/x/net/ipv4/sockopt_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sockopt_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_aix.go b/vendor/golang.org/x/net/ipv4/sys_aix.go
index 3d1201e6..7b65dd6e 100644
--- a/vendor/golang.org/x/net/ipv4/sys_aix.go
+++ b/vendor/golang.org/x/net/ipv4/sys_aix.go
@@ -3,6 +3,7 @@
// license that can be found in the LICENSE file.
// Added for go1.11 compatibility
+//go:build aix
// +build aix
package ipv4
@@ -13,26 +14,28 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
- ctlDst: {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
- ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+ ctlDst: {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+ ctlInterface: {unix.IP_RECVINTERFACE, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 1}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVDSTADDR, Len: 4}},
- ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVIF, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+ ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVINTERFACE, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_asmreq.go b/vendor/golang.org/x/net/ipv4/sys_asmreq.go
index 76d670ac..22322b38 100644
--- a/vendor/golang.org/x/net/ipv4/sys_asmreq.go
+++ b/vendor/golang.org/x/net/ipv4/sys_asmreq.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd || solaris || windows
// +build aix darwin dragonfly freebsd netbsd openbsd solaris windows
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go b/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
index 6dc339ce..fde64014 100644
--- a/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sys_asmreq_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !aix && !darwin && !dragonfly && !freebsd && !netbsd && !openbsd && !solaris && !windows
// +build !aix,!darwin,!dragonfly,!freebsd,!netbsd,!openbsd,!solaris,!windows
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_asmreqn.go b/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
index 1f24f69f..fbfe4af6 100644
--- a/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
+++ b/vendor/golang.org/x/net/ipv4/sys_asmreqn.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin || freebsd || linux
// +build darwin freebsd linux
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go b/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
index 48ef5562..dcb15f25 100644
--- a/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sys_asmreqn_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !darwin && !freebsd && !linux
// +build !darwin,!freebsd,!linux
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_bpf.go b/vendor/golang.org/x/net/ipv4/sys_bpf.go
index 5c03dce3..fb11e324 100644
--- a/vendor/golang.org/x/net/ipv4/sys_bpf.go
+++ b/vendor/golang.org/x/net/ipv4/sys_bpf.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go b/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
index 5c986427..fc53a0d3 100644
--- a/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sys_bpf_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux
// +build !linux
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_bsd.go b/vendor/golang.org/x/net/ipv4/sys_bsd.go
index 58256dd9..e8299b41 100644
--- a/vendor/golang.org/x/net/ipv4/sys_bsd.go
+++ b/vendor/golang.org/x/net/ipv4/sys_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build netbsd || openbsd
// +build netbsd openbsd
package ipv4
@@ -12,26 +13,28 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
- ctlDst: {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
- ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+ ctlDst: {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+ ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 1}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVDSTADDR, Len: 4}},
- ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVIF, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+ ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_darwin.go b/vendor/golang.org/x/net/ipv4/sys_darwin.go
index ac213c73..f6bf8edd 100644
--- a/vendor/golang.org/x/net/ipv4/sys_darwin.go
+++ b/vendor/golang.org/x/net/ipv4/sys_darwin.go
@@ -11,34 +11,36 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
- ctlDst: {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
- ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
- ctlPacketInfo: {sysIP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+ ctlDst: {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+ ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+ ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVDSTADDR, Len: 4}},
- ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVIF, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoStripHeader: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_STRIPHDR, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVPKTINFO, Len: 4}},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+ ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoStripHeader: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_STRIPHDR, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_dragonfly.go b/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
index 859764f3..f34925c0 100644
--- a/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
+++ b/vendor/golang.org/x/net/ipv4/sys_dragonfly.go
@@ -10,26 +10,28 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
- ctlDst: {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
- ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+ ctlDst: {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+ ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVDSTADDR, Len: 4}},
- ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVIF, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+ ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_freebsd.go b/vendor/golang.org/x/net/ipv4/sys_freebsd.go
index 482873d9..cba90630 100644
--- a/vendor/golang.org/x/net/ipv4/sys_freebsd.go
+++ b/vendor/golang.org/x/net/ipv4/sys_freebsd.go
@@ -13,38 +13,40 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
- ctlDst: {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
- ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
+ ctlTTL: {unix.IP_RECVTTL, 1, marshalTTL, parseTTL},
+ ctlDst: {unix.IP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
+ ctlInterface: {unix.IP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVDSTADDR, Len: 4}},
- ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVIF, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoReceiveDst: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVDSTADDR, Len: 4}},
+ ssoReceiveInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVIF, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
}
)
func init() {
freebsdVersion, _ = syscall.SysctlUint32("kern.osreldate")
if freebsdVersion >= 1000000 {
- sockOpts[ssoMulticastInterface] = &sockOpt{Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn}
+ sockOpts[ssoMulticastInterface] = &sockOpt{Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn}
}
if runtime.GOOS == "freebsd" && runtime.GOARCH == "386" {
archs, _ := syscall.Sysctl("kern.supported_archs")
diff --git a/vendor/golang.org/x/net/ipv4/sys_linux.go b/vendor/golang.org/x/net/ipv4/sys_linux.go
index cf755c7f..a0631ac9 100644
--- a/vendor/golang.org/x/net/ipv4/sys_linux.go
+++ b/vendor/golang.org/x/net/ipv4/sys_linux.go
@@ -11,31 +11,32 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
"golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_TTL, 1, marshalTTL, parseTTL},
- ctlPacketInfo: {sysIP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlTTL: {unix.IP_TTL, 1, marshalTTL, parseTTL},
+ ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_PKTINFO, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolReserved, Name: sysICMP_FILTER, Len: sizeofICMPFilter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: sizeofIPMreqn}, typ: ssoTypeIPMreqn},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_PKTINFO, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolReserved, Name: unix.ICMP_FILTER, Len: sizeofICMPFilter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
ssoAttachFilter: {Option: socket.Option{Level: unix.SOL_SOCKET, Name: unix.SO_ATTACH_FILTER, Len: unix.SizeofSockFprog}},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_solaris.go b/vendor/golang.org/x/net/ipv4/sys_solaris.go
index 832fef1e..b79b6958 100644
--- a/vendor/golang.org/x/net/ipv4/sys_solaris.go
+++ b/vendor/golang.org/x/net/ipv4/sys_solaris.go
@@ -11,29 +11,31 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTTL: {sysIP_RECVTTL, 4, marshalTTL, parseTTL},
- ctlPacketInfo: {sysIP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlTTL: {unix.IP_RECVTTL, 4, marshalTTL, parseTTL},
+ ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
}
sockOpts = map[int]sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 1}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 1}},
- ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVTTL, Len: 4}},
- ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_RECVPKTINFO, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+ ssoReceiveTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVTTL, Len: 4}},
+ ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
}
)
diff --git a/vendor/golang.org/x/net/ipv4/sys_ssmreq.go b/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
index eeced7f3..6a4e7abf 100644
--- a/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
+++ b/vendor/golang.org/x/net/ipv4/sys_ssmreq.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin || freebsd || linux || solaris
// +build darwin freebsd linux solaris
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go b/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
index c0921674..157159fd 100644
--- a/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sys_ssmreq_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !darwin && !freebsd && !linux && !solaris
// +build !darwin,!freebsd,!linux,!solaris
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_stub.go b/vendor/golang.org/x/net/ipv4/sys_stub.go
index b9c85b33..d5508516 100644
--- a/vendor/golang.org/x/net/ipv4/sys_stub.go
+++ b/vendor/golang.org/x/net/ipv4/sys_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv4
diff --git a/vendor/golang.org/x/net/ipv4/sys_windows.go b/vendor/golang.org/x/net/ipv4/sys_windows.go
index b0913d53..c5e95063 100644
--- a/vendor/golang.org/x/net/ipv4/sys_windows.go
+++ b/vendor/golang.org/x/net/ipv4/sys_windows.go
@@ -7,34 +7,15 @@ package ipv4
import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/windows"
)
const (
- // See ws2tcpip.h.
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_DONTFRAGMENT = 0xe
- sysIP_ADD_SOURCE_MEMBERSHIP = 0xf
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x10
- sysIP_PKTINFO = 0x13
-
- sizeofInetPktinfo = 0x8
sizeofIPMreq = 0x8
sizeofIPMreqSource = 0xc
)
-type inetPktinfo struct {
- Addr [4]byte
- Ifindex int32
-}
-
type ipMreq struct {
Multiaddr [4]byte
Interface [4]byte
@@ -51,17 +32,13 @@ var (
ctlOpts = [ctlMax]ctlOpt{}
sockOpts = map[int]*sockOpt{
- ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TOS, Len: 4}},
- ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_TTL, Len: 4}},
- ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_TTL, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_IF, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_MULTICAST_LOOP, Len: 4}},
- ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_HDRINCL, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: sysIP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoTOS: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_TOS, Len: 4}},
+ ssoTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_TTL, Len: 4}},
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_TTL, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_MULTICAST_LOOP, Len: 4}},
+ ssoHeaderPrepend: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_HDRINCL, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_ADD_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: windows.IP_DROP_MEMBERSHIP, Len: sizeofIPMreq}, typ: ssoTypeIPMreq},
}
)
-
-func (pi *inetPktinfo) setIfindex(i int) {
- pi.Ifindex = int32(i)
-}
diff --git a/vendor/golang.org/x/net/ipv4/sys_zos.go b/vendor/golang.org/x/net/ipv4/sys_zos.go
new file mode 100644
index 00000000..be206409
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv4/sys_zos.go
@@ -0,0 +1,57 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv4
+
+import (
+ "net"
+ "syscall"
+ "unsafe"
+
+ "golang.org/x/net/internal/iana"
+ "golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
+)
+
+var (
+ ctlOpts = [ctlMax]ctlOpt{
+ ctlPacketInfo: {unix.IP_PKTINFO, sizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
+ }
+
+ sockOpts = map[int]*sockOpt{
+ ssoMulticastTTL: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_TTL, Len: 1}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_IF, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_MULTICAST_LOOP, Len: 1}},
+ ssoPacketInfo: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.IP_RECVPKTINFO, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIP, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ }
+)
+
+func (pi *inetPktinfo) setIfindex(i int) {
+ pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+ sa := (*sockaddrInet4)(unsafe.Pointer(&gr.Group))
+ sa.Family = syscall.AF_INET
+ sa.Len = sizeofSockaddrInet4
+ copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+ sa := (*sockaddrInet4)(unsafe.Pointer(&gsr.Group))
+ sa.Family = syscall.AF_INET
+ sa.Len = sizeofSockaddrInet4
+ copy(sa.Addr[:], grp)
+ sa = (*sockaddrInet4)(unsafe.Pointer(&gsr.Source))
+ sa.Family = syscall.AF_INET
+ sa.Len = sizeofSockaddrInet4
+ copy(sa.Addr[:], src)
+}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go b/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
index c741d5c8..42a81863 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_aix_ppc64.go
@@ -2,28 +2,16 @@
// cgo -godefs defs_aix.go
// Added for go1.11 compatibility
+//go:build aix
// +build aix
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x20
sysIP_RECVTTL = 0x22
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
-
sizeofIPMreq = 0x8
)
diff --git a/vendor/golang.org/x/net/ipv4/zsys_darwin.go b/vendor/golang.org/x/net/ipv4/zsys_darwin.go
index e05a251b..d14b8717 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_darwin.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_darwin.go
@@ -4,38 +4,9 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
- sysIP_STRIPHDR = 0x17
sysIP_RECVTTL = 0x18
- sysIP_BOUND_IF = 0x19
- sysIP_PKTINFO = 0x1a
- sysIP_RECVPKTINFO = 0x1a
-
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_MULTICAST_VIF = 0xe
- sysIP_MULTICAST_IFINDEX = 0x42
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x46
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
- sysIP_BLOCK_SOURCE = 0x48
- sysIP_UNBLOCK_SOURCE = 0x49
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
index 6d65e9fc..9631421d 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
@@ -4,24 +4,10 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
sysIP_RECVTTL = 0x41
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_MULTICAST_VIF = 0xe
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
-
sizeofIPMreq = 0x8
)
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
index 136e2b8f..9a0e3283 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
@@ -4,39 +4,9 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_SENDSRCADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
- sysIP_ONESBCAST = 0x17
- sysIP_BINDANY = 0x18
sysIP_RECVTTL = 0x41
- sysIP_MINTTL = 0x42
- sysIP_DONTFRAG = 0x43
- sysIP_RECVTOS = 0x44
-
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_MULTICAST_VIF = 0xe
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x46
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
- sysIP_BLOCK_SOURCE = 0x48
- sysIP_UNBLOCK_SOURCE = 0x49
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
index 4f730f19..143623bb 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
@@ -4,39 +4,9 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_SENDSRCADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
- sysIP_ONESBCAST = 0x17
- sysIP_BINDANY = 0x18
sysIP_RECVTTL = 0x41
- sysIP_MINTTL = 0x42
- sysIP_DONTFRAG = 0x43
- sysIP_RECVTOS = 0x44
-
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_MULTICAST_VIF = 0xe
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x46
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
- sysIP_BLOCK_SOURCE = 0x48
- sysIP_UNBLOCK_SOURCE = 0x49
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
index 4f730f19..143623bb 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
@@ -4,39 +4,9 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_SENDSRCADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
- sysIP_ONESBCAST = 0x17
- sysIP_BINDANY = 0x18
sysIP_RECVTTL = 0x41
- sysIP_MINTTL = 0x42
- sysIP_DONTFRAG = 0x43
- sysIP_RECVTOS = 0x44
-
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_MULTICAST_VIF = 0xe
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x46
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
- sysIP_BLOCK_SOURCE = 0x48
- sysIP_UNBLOCK_SOURCE = 0x49
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
index ecebf327..1be70237 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm64.go
@@ -4,39 +4,9 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_SENDSRCADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
- sysIP_ONESBCAST = 0x17
- sysIP_BINDANY = 0x18
sysIP_RECVTTL = 0x41
- sysIP_MINTTL = 0x42
- sysIP_DONTFRAG = 0x43
- sysIP_RECVTOS = 0x44
-
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
- sysIP_MULTICAST_VIF = 0xe
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x46
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
- sysIP_BLOCK_SOURCE = 0x48
- sysIP_UNBLOCK_SOURCE = 0x49
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go b/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
index 1c7fdfa1..8c5795ea 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
index 1c7fdfa1..8c5795ea 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
index 1c7fdfa1..8c5795ea 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
index 1c7fdfa1..8c5795ea 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_mipsle.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
index 3c5ea547..2c9e7e3c 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
index e626134a..b31766a0 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_riscv64.go
@@ -1,61 +1,13 @@
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs defs_linux.go
+//go:build riscv64
// +build riscv64
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go b/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
index a04e7851..7b40aa1b 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_linux_s390x.go
@@ -4,56 +4,7 @@
package ipv4
const (
- sysIP_TOS = 0x1
- sysIP_TTL = 0x2
- sysIP_HDRINCL = 0x3
- sysIP_OPTIONS = 0x4
- sysIP_ROUTER_ALERT = 0x5
- sysIP_RECVOPTS = 0x6
- sysIP_RETOPTS = 0x7
- sysIP_PKTINFO = 0x8
- sysIP_PKTOPTIONS = 0x9
- sysIP_MTU_DISCOVER = 0xa
- sysIP_RECVERR = 0xb
- sysIP_RECVTTL = 0xc
- sysIP_RECVTOS = 0xd
- sysIP_MTU = 0xe
- sysIP_FREEBIND = 0xf
- sysIP_TRANSPARENT = 0x13
- sysIP_RECVRETOPTS = 0x7
- sysIP_ORIGDSTADDR = 0x14
- sysIP_RECVORIGDSTADDR = 0x14
- sysIP_MINTTL = 0x15
- sysIP_NODEFRAG = 0x16
- sysIP_UNICAST_IF = 0x32
-
- sysIP_MULTICAST_IF = 0x20
- sysIP_MULTICAST_TTL = 0x21
- sysIP_MULTICAST_LOOP = 0x22
- sysIP_ADD_MEMBERSHIP = 0x23
- sysIP_DROP_MEMBERSHIP = 0x24
- sysIP_UNBLOCK_SOURCE = 0x25
- sysIP_BLOCK_SOURCE = 0x26
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x27
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
- sysIP_MSFILTER = 0x29
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIP_MULTICAST_ALL = 0x31
-
- sysICMP_FILTER = 0x1
-
- sysSO_EE_ORIGIN_NONE = 0x0
- sysSO_EE_ORIGIN_LOCAL = 0x1
- sysSO_EE_ORIGIN_ICMP = 0x2
- sysSO_EE_ORIGIN_ICMP6 = 0x3
- sysSO_EE_ORIGIN_TXSTATUS = 0x4
- sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
+ sysIP_RECVTTL = 0xc
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet = 0x10
diff --git a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go b/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
index 8cfc648a..df99ef69 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
@@ -4,23 +4,10 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x14
sysIP_RECVTTL = 0x17
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
-
sizeofIPMreq = 0x8
)
diff --git a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go b/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
index 37629cb0..9052a9bd 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
@@ -4,23 +4,10 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x1e
sysIP_RECVTTL = 0x1f
- sysIP_MULTICAST_IF = 0x9
- sysIP_MULTICAST_TTL = 0xa
- sysIP_MULTICAST_LOOP = 0xb
- sysIP_ADD_MEMBERSHIP = 0xc
- sysIP_DROP_MEMBERSHIP = 0xd
-
sizeofIPMreq = 0x8
)
diff --git a/vendor/golang.org/x/net/ipv4/zsys_solaris.go b/vendor/golang.org/x/net/ipv4/zsys_solaris.go
index cb80a308..1cdc45c2 100644
--- a/vendor/golang.org/x/net/ipv4/zsys_solaris.go
+++ b/vendor/golang.org/x/net/ipv4/zsys_solaris.go
@@ -4,49 +4,10 @@
package ipv4
const (
- sysIP_OPTIONS = 0x1
- sysIP_HDRINCL = 0x2
- sysIP_TOS = 0x3
- sysIP_TTL = 0x4
- sysIP_RECVOPTS = 0x5
- sysIP_RECVRETOPTS = 0x6
sysIP_RECVDSTADDR = 0x7
- sysIP_RETOPTS = 0x8
sysIP_RECVIF = 0x9
- sysIP_RECVSLLA = 0xa
sysIP_RECVTTL = 0xb
- sysIP_MULTICAST_IF = 0x10
- sysIP_MULTICAST_TTL = 0x11
- sysIP_MULTICAST_LOOP = 0x12
- sysIP_ADD_MEMBERSHIP = 0x13
- sysIP_DROP_MEMBERSHIP = 0x14
- sysIP_BLOCK_SOURCE = 0x15
- sysIP_UNBLOCK_SOURCE = 0x16
- sysIP_ADD_SOURCE_MEMBERSHIP = 0x17
- sysIP_DROP_SOURCE_MEMBERSHIP = 0x18
- sysIP_NEXTHOP = 0x19
-
- sysIP_PKTINFO = 0x1a
- sysIP_RECVPKTINFO = 0x1a
- sysIP_DONTFRAG = 0x1b
-
- sysIP_BOUND_IF = 0x41
- sysIP_UNSPEC_SRC = 0x42
- sysIP_BROADCAST_TTL = 0x43
- sysIP_DHCPINIT_IF = 0x45
-
- sysIP_REUSEADDR = 0x104
- sysIP_DONTROUTE = 0x105
- sysIP_BROADCAST = 0x106
-
- sysMCAST_JOIN_GROUP = 0x29
- sysMCAST_LEAVE_GROUP = 0x2a
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_JOIN_SOURCE_GROUP = 0x2d
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2e
-
sizeofSockaddrStorage = 0x100
sizeofSockaddrInet = 0x10
sizeofInetPktinfo = 0xc
diff --git a/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go b/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go
new file mode 100644
index 00000000..692abf68
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv4/zsys_zos_s390x.go
@@ -0,0 +1,56 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Hand edited based on zerrors_zos_s390x.go
+// TODO(Bill O'Farrell): auto-generate.
+
+package ipv4
+
+const (
+ sizeofIPMreq = 8
+ sizeofSockaddrInet4 = 16
+ sizeofSockaddrStorage = 128
+ sizeofGroupReq = 136
+ sizeofGroupSourceReq = 264
+ sizeofInetPktinfo = 8
+)
+
+type sockaddrInet4 struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Addr [4]byte
+ Zero [8]uint8
+}
+
+type inetPktinfo struct {
+ Addr [4]byte
+ Ifindex uint32
+}
+
+type sockaddrStorage struct {
+ Len uint8
+ Family byte
+ ss_pad1 [6]byte
+ ss_align int64
+ ss_pad2 [112]byte
+}
+
+type groupReq struct {
+ Interface uint32
+ reserved uint32
+ Group sockaddrStorage
+}
+
+type groupSourceReq struct {
+ Interface uint32
+ reserved uint32
+ Group sockaddrStorage
+ Source sockaddrStorage
+}
+
+type ipMreq struct {
+ Multiaddr [4]byte /* in_addr */
+ Interface [4]byte /* in_addr */
+}
diff --git a/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go b/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
index 9fd9eb15..2733ddbe 100644
--- a/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
+++ b/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin
// +build darwin
package ipv6
@@ -11,11 +12,13 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
func marshal2292HopLimit(b []byte, cm *ControlMessage) []byte {
m := socket.ControlMessage(b)
- m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_2292HOPLIMIT, 4)
+ m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292HOPLIMIT, 4)
if cm != nil {
socket.NativeEndian.PutUint32(m.Data(4), uint32(cm.HopLimit))
}
@@ -24,7 +27,7 @@ func marshal2292HopLimit(b []byte, cm *ControlMessage) []byte {
func marshal2292PacketInfo(b []byte, cm *ControlMessage) []byte {
m := socket.ControlMessage(b)
- m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_2292PKTINFO, sizeofInet6Pktinfo)
+ m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292PKTINFO, sizeofInet6Pktinfo)
if cm != nil {
pi := (*inet6Pktinfo)(unsafe.Pointer(&m.Data(sizeofInet6Pktinfo)[0]))
if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
@@ -39,7 +42,7 @@ func marshal2292PacketInfo(b []byte, cm *ControlMessage) []byte {
func marshal2292NextHop(b []byte, cm *ControlMessage) []byte {
m := socket.ControlMessage(b)
- m.MarshalHeader(iana.ProtocolIPv6, sysIPV6_2292NEXTHOP, sizeofSockaddrInet6)
+ m.MarshalHeader(iana.ProtocolIPv6, unix.IPV6_2292NEXTHOP, sizeofSockaddrInet6)
if cm != nil {
sa := (*sockaddrInet6)(unsafe.Pointer(&m.Data(sizeofSockaddrInet6)[0]))
sa.setSockaddr(cm.NextHop, cm.IfIndex)
diff --git a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go b/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
index 8c221b59..24221941 100644
--- a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
+++ b/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/control_stub.go b/vendor/golang.org/x/net/ipv6/control_stub.go
index 1d773cbc..b7e8643f 100644
--- a/vendor/golang.org/x/net/ipv6/control_stub.go
+++ b/vendor/golang.org/x/net/ipv6/control_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/control_unix.go b/vendor/golang.org/x/net/ipv6/control_unix.go
index 0971a008..63e475db 100644
--- a/vendor/golang.org/x/net/ipv6/control_unix.go
+++ b/vendor/golang.org/x/net/ipv6/control_unix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/icmp_bsd.go b/vendor/golang.org/x/net/ipv6/icmp_bsd.go
index b03025cd..120bf877 100644
--- a/vendor/golang.org/x/net/ipv6/icmp_bsd.go
+++ b/vendor/golang.org/x/net/ipv6/icmp_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || netbsd || openbsd
// +build aix darwin dragonfly freebsd netbsd openbsd
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/icmp_stub.go b/vendor/golang.org/x/net/ipv6/icmp_stub.go
index 370e51ac..d60136a9 100644
--- a/vendor/golang.org/x/net/ipv6/icmp_stub.go
+++ b/vendor/golang.org/x/net/ipv6/icmp_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/icmp_zos.go b/vendor/golang.org/x/net/ipv6/icmp_zos.go
new file mode 100644
index 00000000..ddf8f093
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv6/icmp_zos.go
@@ -0,0 +1,29 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+func (f *icmpv6Filter) accept(typ ICMPType) {
+ f.Filt[typ>>5] |= 1 << (uint32(typ) & 31)
+
+}
+
+func (f *icmpv6Filter) block(typ ICMPType) {
+ f.Filt[typ>>5] &^= 1 << (uint32(typ) & 31)
+
+}
+
+func (f *icmpv6Filter) setAll(block bool) {
+ for i := range f.Filt {
+ if block {
+ f.Filt[i] = 0
+ } else {
+ f.Filt[i] = 1<<32 - 1
+ }
+ }
+}
+
+func (f *icmpv6Filter) willBlock(typ ICMPType) bool {
+ return f.Filt[typ>>5]&(1<<(uint32(typ)&31)) == 0
+}
diff --git a/vendor/golang.org/x/net/ipv6/payload_cmsg.go b/vendor/golang.org/x/net/ipv6/payload_cmsg.go
index 284a0427..b0692e43 100644
--- a/vendor/golang.org/x/net/ipv6/payload_cmsg.go
+++ b/vendor/golang.org/x/net/ipv6/payload_cmsg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/payload_nocmsg.go b/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
index c5a4c967..cd0ff508 100644
--- a/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
+++ b/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_posix.go b/vendor/golang.org/x/net/ipv6/sockopt_posix.go
index 824c623c..37c62871 100644
--- a/vendor/golang.org/x/net/ipv6/sockopt_posix.go
+++ b/vendor/golang.org/x/net/ipv6/sockopt_posix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_stub.go b/vendor/golang.org/x/net/ipv6/sockopt_stub.go
index 0a87a93b..32fd8664 100644
--- a/vendor/golang.org/x/net/ipv6/sockopt_stub.go
+++ b/vendor/golang.org/x/net/ipv6/sockopt_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_aix.go b/vendor/golang.org/x/net/ipv6/sys_aix.go
index bce7091f..a47182af 100644
--- a/vendor/golang.org/x/net/ipv6/sys_aix.go
+++ b/vendor/golang.org/x/net/ipv6/sys_aix.go
@@ -3,6 +3,7 @@
// license that can be found in the LICENSE file.
// Added for go1.11 compatibility
+//go:build aix
// +build aix
package ipv6
@@ -14,32 +15,34 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
- ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
- ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
- ctlNextHop: {sysIPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
- ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+ ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlNextHop: {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+ ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
}
sockOpts = map[int]*sockOpt{
- ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
- ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
- ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
- ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
- ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
- ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+ ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_asmreq.go b/vendor/golang.org/x/net/ipv6/sys_asmreq.go
index 8c3934c3..6ff9950d 100644
--- a/vendor/golang.org/x/net/ipv6/sys_asmreq.go
+++ b/vendor/golang.org/x/net/ipv6/sys_asmreq.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || windows
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris windows
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go b/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
index 87ae4818..485290cb 100644
--- a/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
+++ b/vendor/golang.org/x/net/ipv6/sys_asmreq_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows
// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_bpf.go b/vendor/golang.org/x/net/ipv6/sys_bpf.go
index 90ef4dfa..b5661fb8 100644
--- a/vendor/golang.org/x/net/ipv6/sys_bpf.go
+++ b/vendor/golang.org/x/net/ipv6/sys_bpf.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go b/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
index eb9f8316..cb006618 100644
--- a/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
+++ b/vendor/golang.org/x/net/ipv6/sys_bpf_stub.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux
// +build !linux
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_bsd.go b/vendor/golang.org/x/net/ipv6/sys_bsd.go
index e416eaa1..bde41a6c 100644
--- a/vendor/golang.org/x/net/ipv6/sys_bsd.go
+++ b/vendor/golang.org/x/net/ipv6/sys_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build dragonfly || netbsd || openbsd
// +build dragonfly netbsd openbsd
package ipv6
@@ -12,32 +13,34 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
- ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
- ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
- ctlNextHop: {sysIPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
- ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+ ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlNextHop: {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+ ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
}
sockOpts = map[int]*sockOpt{
- ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
- ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
- ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
- ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
- ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
- ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+ ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_darwin.go b/vendor/golang.org/x/net/ipv6/sys_darwin.go
index 12cc5cb2..b80ec806 100644
--- a/vendor/golang.org/x/net/ipv6/sys_darwin.go
+++ b/vendor/golang.org/x/net/ipv6/sys_darwin.go
@@ -11,36 +11,38 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
- ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
- ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
- ctlNextHop: {sysIPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
- ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+ ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlNextHop: {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+ ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
}
sockOpts = map[int]*sockOpt{
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
- ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
- ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
- ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
- ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
- ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
- ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+ ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_freebsd.go b/vendor/golang.org/x/net/ipv6/sys_freebsd.go
index 85a9f5d0..6282cf97 100644
--- a/vendor/golang.org/x/net/ipv6/sys_freebsd.go
+++ b/vendor/golang.org/x/net/ipv6/sys_freebsd.go
@@ -13,36 +13,38 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
- ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
- ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
- ctlNextHop: {sysIPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
- ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+ ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlNextHop: {unix.IPV6_NEXTHOP, sizeofSockaddrInet6, marshalNextHop, parseNextHop},
+ ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
}
sockOpts = map[int]sockOpt{
- ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
- ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
- ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
- ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
- ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
- ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+ ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMP6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_linux.go b/vendor/golang.org/x/net/ipv6/sys_linux.go
index 96e8093a..82e21210 100644
--- a/vendor/golang.org/x/net/ipv6/sys_linux.go
+++ b/vendor/golang.org/x/net/ipv6/sys_linux.go
@@ -11,36 +11,37 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
"golang.org/x/sys/unix"
)
var (
ctlOpts = [ctlMax]ctlOpt{
- ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
- ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
- ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
- ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ ctlTrafficClass: {unix.IPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
+ ctlHopLimit: {unix.IPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {unix.IPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlPathMTU: {unix.IPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
}
sockOpts = map[int]*sockOpt{
- ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
- ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
- ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
- ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
- ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
- ssoChecksum: {Option: socket.Option{Level: iana.ProtocolReserved, Name: sysIPV6_CHECKSUM, Len: 4}},
- ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMPV6_FILTER, Len: sizeofICMPv6Filter}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
- ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
- ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_TCLASS, Len: 4}},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_RECVPATHMTU, Len: 4}},
+ ssoPathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.IPV6_PATHMTU, Len: sizeofIPv6Mtuinfo}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolReserved, Name: unix.IPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: unix.ICMPV6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: unix.MCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
ssoAttachFilter: {Option: socket.Option{Level: unix.SOL_SOCKET, Name: unix.SO_ATTACH_FILTER, Len: unix.SizeofSockFprog}},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_ssmreq.go b/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
index 9b52e978..023488a4 100644
--- a/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
+++ b/vendor/golang.org/x/net/ipv6/sys_ssmreq.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin freebsd linux solaris
+//go:build aix || darwin || freebsd || linux || solaris || zos
+// +build aix darwin freebsd linux solaris zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go b/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
index d5bc1108..acdf2e5c 100644
--- a/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
+++ b/vendor/golang.org/x/net/ipv6/sys_ssmreq_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!freebsd,!linux,!solaris
+//go:build !aix && !darwin && !freebsd && !linux && !solaris && !zos
+// +build !aix,!darwin,!freebsd,!linux,!solaris,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_stub.go b/vendor/golang.org/x/net/ipv6/sys_stub.go
index 4f252d09..5807bba3 100644
--- a/vendor/golang.org/x/net/ipv6/sys_stub.go
+++ b/vendor/golang.org/x/net/ipv6/sys_stub.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows
+//go:build !aix && !darwin && !dragonfly && !freebsd && !linux && !netbsd && !openbsd && !solaris && !windows && !zos
+// +build !aix,!darwin,!dragonfly,!freebsd,!linux,!netbsd,!openbsd,!solaris,!windows,!zos
package ipv6
diff --git a/vendor/golang.org/x/net/ipv6/sys_windows.go b/vendor/golang.org/x/net/ipv6/sys_windows.go
index fc36b018..fda8a299 100644
--- a/vendor/golang.org/x/net/ipv6/sys_windows.go
+++ b/vendor/golang.org/x/net/ipv6/sys_windows.go
@@ -10,18 +10,11 @@ import (
"golang.org/x/net/internal/iana"
"golang.org/x/net/internal/socket"
+
+ "golang.org/x/sys/windows"
)
const (
- // See ws2tcpip.h.
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PKTINFO = 0x13
-
sizeofSockaddrInet6 = 0x1c
sizeofIPv6Mreq = 0x14
@@ -55,12 +48,12 @@ var (
ctlOpts = [ctlMax]ctlOpt{}
sockOpts = map[int]*sockOpt{
- ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
- ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
- ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
- ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
- ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
- ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_MULTICAST_LOOP, Len: 4}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_JOIN_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: windows.IPV6_LEAVE_GROUP, Len: sizeofIPv6Mreq}, typ: ssoTypeIPMreq},
}
)
diff --git a/vendor/golang.org/x/net/ipv6/sys_zos.go b/vendor/golang.org/x/net/ipv6/sys_zos.go
new file mode 100644
index 00000000..d4567f90
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv6/sys_zos.go
@@ -0,0 +1,70 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package ipv6
+
+import (
+ "net"
+ "syscall"
+ "unsafe"
+
+ "golang.org/x/net/internal/iana"
+ "golang.org/x/net/internal/socket"
+)
+
+var (
+ ctlOpts = [ctlMax]ctlOpt{
+ ctlHopLimit: {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
+ ctlPacketInfo: {sysIPV6_PKTINFO, sizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
+ ctlPathMTU: {sysIPV6_PATHMTU, sizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
+ }
+
+ sockOpts = map[int]*sockOpt{
+ ssoTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_TCLASS, Len: 4}},
+ ssoHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_UNICAST_HOPS, Len: 4}},
+ ssoMulticastInterface: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_IF, Len: 4}},
+ ssoMulticastHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_HOPS, Len: 4}},
+ ssoMulticastLoopback: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_MULTICAST_LOOP, Len: 4}},
+ ssoReceiveTrafficClass: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVTCLASS, Len: 4}},
+ ssoReceiveHopLimit: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVHOPLIMIT, Len: 4}},
+ ssoReceivePacketInfo: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPKTINFO, Len: 4}},
+ ssoReceivePathMTU: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_RECVPATHMTU, Len: 4}},
+ ssoChecksum: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysIPV6_CHECKSUM, Len: 4}},
+ ssoICMPFilter: {Option: socket.Option{Level: iana.ProtocolIPv6ICMP, Name: sysICMP6_FILTER, Len: sizeofICMPv6Filter}},
+ ssoJoinGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoLeaveGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_GROUP, Len: sizeofGroupReq}, typ: ssoTypeGroupReq},
+ ssoJoinSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_JOIN_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoLeaveSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_LEAVE_SOURCE_GROUP, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoBlockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_BLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ ssoUnblockSourceGroup: {Option: socket.Option{Level: iana.ProtocolIPv6, Name: sysMCAST_UNBLOCK_SOURCE, Len: sizeofGroupSourceReq}, typ: ssoTypeGroupSourceReq},
+ }
+)
+
+func (sa *sockaddrInet6) setSockaddr(ip net.IP, i int) {
+ sa.Family = syscall.AF_INET6
+ copy(sa.Addr[:], ip)
+ sa.Scope_id = uint32(i)
+}
+
+func (pi *inet6Pktinfo) setIfindex(i int) {
+ pi.Ifindex = uint32(i)
+}
+
+func (gr *groupReq) setGroup(grp net.IP) {
+ sa := (*sockaddrInet6)(unsafe.Pointer(&gr.Group))
+ sa.Family = syscall.AF_INET6
+ sa.Len = sizeofSockaddrInet6
+ copy(sa.Addr[:], grp)
+}
+
+func (gsr *groupSourceReq) setSourceGroup(grp, src net.IP) {
+ sa := (*sockaddrInet6)(unsafe.Pointer(&gsr.Group))
+ sa.Family = syscall.AF_INET6
+ sa.Len = sizeofSockaddrInet6
+ copy(sa.Addr[:], grp)
+ sa = (*sockaddrInet6)(unsafe.Pointer(&gsr.Source))
+ sa.Family = syscall.AF_INET6
+ sa.Len = sizeofSockaddrInet6
+ copy(sa.Addr[:], src)
+}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go b/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
index bf44e338..869f4b2b 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_aix_ppc64.go
@@ -2,45 +2,17 @@
// cgo -godefs defs_aix.go
// Added for go1.11 compatibility
+//go:build aix
// +build aix
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysICMP6_FILTER = 0x26
-
- sysIPV6_CHECKSUM = 0x27
- sysIPV6_V6ONLY = 0x25
-
- sysIPV6_RTHDRDSTOPTS = 0x37
-
- sysIPV6_RECVPKTINFO = 0x23
- sysIPV6_RECVHOPLIMIT = 0x29
- sysIPV6_RECVRTHDR = 0x33
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_RECVDSTOPTS = 0x38
-
- sysIPV6_USE_MIN_MTU = 0x2c
- sysIPV6_RECVPATHMTU = 0x2f
- sysIPV6_PATHMTU = 0x2e
-
+ sysIPV6_PATHMTU = 0x2e
sysIPV6_PKTINFO = 0x21
sysIPV6_HOPLIMIT = 0x28
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x34
- sysIPV6_DSTOPTS = 0x36
- sysIPV6_RTHDR = 0x32
-
- sysIPV6_RECVTCLASS = 0x2a
-
sysIPV6_TCLASS = 0x2b
- sysIPV6_DONTFRAG = 0x2d
sizeofSockaddrStorage = 0x508
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_darwin.go b/vendor/golang.org/x/net/ipv6/zsys_darwin.go
index 555744af..a1211729 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_darwin.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_darwin.go
@@ -4,72 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
-
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
- sysIPV6_2292PKTINFO = 0x13
- sysIPV6_2292HOPLIMIT = 0x14
- sysIPV6_2292NEXTHOP = 0x15
- sysIPV6_2292HOPOPTS = 0x16
- sysIPV6_2292DSTOPTS = 0x17
- sysIPV6_2292RTHDR = 0x18
-
- sysIPV6_2292PKTOPTIONS = 0x19
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RECVTCLASS = 0x23
- sysIPV6_TCLASS = 0x24
-
- sysIPV6_RTHDRDSTOPTS = 0x39
-
- sysIPV6_RECVPKTINFO = 0x3d
-
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_TCLASS = 0x24
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_MSFILTER = 0x4a
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
-
- sysIPV6_BOUND_IF = 0x7d
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
index cf3cc102..512db656 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
@@ -4,51 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrInet6 = 0x1c
sizeofInet6Pktinfo = 0x14
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
index 73f31b26..46a62b88 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
@@ -4,63 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_BINDANY = 0x40
-
- sysIPV6_MSFILTER = 0x4a
-
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
index 490ce7cf..e475f511 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
@@ -4,63 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_BINDANY = 0x40
-
- sysIPV6_MSFILTER = 0x4a
-
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
index 490ce7cf..e475f511 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
@@ -4,63 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_BINDANY = 0x40
-
- sysIPV6_MSFILTER = 0x4a
-
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
index 47e99ac9..edaf7f15 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm64.go
@@ -4,63 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PREFER_TEMPADDR = 0x3f
-
- sysIPV6_BINDANY = 0x40
-
- sysIPV6_MSFILTER = 0x4a
-
- sysMCAST_JOIN_GROUP = 0x50
- sysMCAST_LEAVE_GROUP = 0x51
- sysMCAST_JOIN_SOURCE_GROUP = 0x52
- sysMCAST_LEAVE_SOURCE_GROUP = 0x53
- sysMCAST_BLOCK_SOURCE = 0x54
- sysMCAST_UNBLOCK_SOURCE = 0x55
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go b/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
index bde4a8f8..bb579ea1 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
index bde4a8f8..bb579ea1 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
index bde4a8f8..bb579ea1 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
index bde4a8f8..bb579ea1 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_mipsle.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
index 66fd2361..5486c244 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
index 6083ddce..283973e6 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_riscv64.go
@@ -1,90 +1,17 @@
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
// cgo -godefs defs_linux.go
+//go:build riscv64
// +build riscv64
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go b/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
index 992ac9ec..9500f7d5 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_linux_s390x.go
@@ -4,85 +4,11 @@
package ipv6
const (
- sysIPV6_ADDRFORM = 0x1
- sysIPV6_2292PKTINFO = 0x2
- sysIPV6_2292HOPOPTS = 0x3
- sysIPV6_2292DSTOPTS = 0x4
- sysIPV6_2292RTHDR = 0x5
- sysIPV6_2292PKTOPTIONS = 0x6
- sysIPV6_CHECKSUM = 0x7
- sysIPV6_2292HOPLIMIT = 0x8
- sysIPV6_NEXTHOP = 0x9
- sysIPV6_FLOWINFO = 0xb
-
- sysIPV6_UNICAST_HOPS = 0x10
- sysIPV6_MULTICAST_IF = 0x11
- sysIPV6_MULTICAST_HOPS = 0x12
- sysIPV6_MULTICAST_LOOP = 0x13
- sysIPV6_ADD_MEMBERSHIP = 0x14
- sysIPV6_DROP_MEMBERSHIP = 0x15
- sysMCAST_JOIN_GROUP = 0x2a
- sysMCAST_LEAVE_GROUP = 0x2d
- sysMCAST_JOIN_SOURCE_GROUP = 0x2e
- sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
- sysMCAST_BLOCK_SOURCE = 0x2b
- sysMCAST_UNBLOCK_SOURCE = 0x2c
- sysMCAST_MSFILTER = 0x30
- sysIPV6_ROUTER_ALERT = 0x16
- sysIPV6_MTU_DISCOVER = 0x17
- sysIPV6_MTU = 0x18
- sysIPV6_RECVERR = 0x19
- sysIPV6_V6ONLY = 0x1a
- sysIPV6_JOIN_ANYCAST = 0x1b
- sysIPV6_LEAVE_ANYCAST = 0x1c
-
- sysIPV6_FLOWLABEL_MGR = 0x20
- sysIPV6_FLOWINFO_SEND = 0x21
-
- sysIPV6_IPSEC_POLICY = 0x22
- sysIPV6_XFRM_POLICY = 0x23
-
- sysIPV6_RECVPKTINFO = 0x31
- sysIPV6_PKTINFO = 0x32
- sysIPV6_RECVHOPLIMIT = 0x33
- sysIPV6_HOPLIMIT = 0x34
- sysIPV6_RECVHOPOPTS = 0x35
- sysIPV6_HOPOPTS = 0x36
- sysIPV6_RTHDRDSTOPTS = 0x37
- sysIPV6_RECVRTHDR = 0x38
- sysIPV6_RTHDR = 0x39
- sysIPV6_RECVDSTOPTS = 0x3a
- sysIPV6_DSTOPTS = 0x3b
- sysIPV6_RECVPATHMTU = 0x3c
- sysIPV6_PATHMTU = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_RECVTCLASS = 0x42
- sysIPV6_TCLASS = 0x43
-
- sysIPV6_ADDR_PREFERENCES = 0x48
-
- sysIPV6_PREFER_SRC_TMP = 0x1
- sysIPV6_PREFER_SRC_PUBLIC = 0x2
- sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
- sysIPV6_PREFER_SRC_COA = 0x4
- sysIPV6_PREFER_SRC_HOME = 0x400
- sysIPV6_PREFER_SRC_CGA = 0x8
- sysIPV6_PREFER_SRC_NONCGA = 0x800
-
- sysIPV6_MINHOPCOUNT = 0x49
-
- sysIPV6_ORIGDSTADDR = 0x4a
- sysIPV6_RECVORIGDSTADDR = 0x4a
- sysIPV6_TRANSPARENT = 0x4b
- sysIPV6_UNICAST_IF = 0x4c
-
- sysICMPV6_FILTER = 0x1
-
- sysICMPV6_FILTER_BLOCK = 0x1
- sysICMPV6_FILTER_PASS = 0x2
- sysICMPV6_FILTER_BLOCKOTHERS = 0x3
- sysICMPV6_FILTER_PASSONLY = 0x4
+ sysIPV6_NEXTHOP = 0x9
+ sysIPV6_PKTINFO = 0x32
+ sysIPV6_HOPLIMIT = 0x34
+ sysIPV6_PATHMTU = 0x3d
+ sysIPV6_TCLASS = 0x43
sizeofKernelSockaddrStorage = 0x80
sizeofSockaddrInet6 = 0x1c
diff --git a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go b/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
index e39571e0..524c97fb 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
@@ -4,47 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_IPSEC_POLICY = 0x1c
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_RECVTCLASS = 0x39
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrInet6 = 0x1c
sizeofInet6Pktinfo = 0x14
diff --git a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go b/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
index cc1899a6..5e7bdedc 100644
--- a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
+++ b/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
@@ -4,56 +4,11 @@
package ipv6
const (
- sysIPV6_UNICAST_HOPS = 0x4
- sysIPV6_MULTICAST_IF = 0x9
- sysIPV6_MULTICAST_HOPS = 0xa
- sysIPV6_MULTICAST_LOOP = 0xb
- sysIPV6_JOIN_GROUP = 0xc
- sysIPV6_LEAVE_GROUP = 0xd
- sysIPV6_PORTRANGE = 0xe
- sysICMP6_FILTER = 0x12
-
- sysIPV6_CHECKSUM = 0x1a
- sysIPV6_V6ONLY = 0x1b
-
- sysIPV6_RTHDRDSTOPTS = 0x23
-
- sysIPV6_RECVPKTINFO = 0x24
- sysIPV6_RECVHOPLIMIT = 0x25
- sysIPV6_RECVRTHDR = 0x26
- sysIPV6_RECVHOPOPTS = 0x27
- sysIPV6_RECVDSTOPTS = 0x28
-
- sysIPV6_USE_MIN_MTU = 0x2a
- sysIPV6_RECVPATHMTU = 0x2b
-
- sysIPV6_PATHMTU = 0x2c
-
+ sysIPV6_PATHMTU = 0x2c
sysIPV6_PKTINFO = 0x2e
sysIPV6_HOPLIMIT = 0x2f
sysIPV6_NEXTHOP = 0x30
- sysIPV6_HOPOPTS = 0x31
- sysIPV6_DSTOPTS = 0x32
- sysIPV6_RTHDR = 0x33
-
- sysIPV6_AUTH_LEVEL = 0x35
- sysIPV6_ESP_TRANS_LEVEL = 0x36
- sysIPV6_ESP_NETWORK_LEVEL = 0x37
- sysIPSEC6_OUTSA = 0x38
- sysIPV6_RECVTCLASS = 0x39
-
- sysIPV6_AUTOFLOWLABEL = 0x3b
- sysIPV6_IPCOMP_LEVEL = 0x3c
-
sysIPV6_TCLASS = 0x3d
- sysIPV6_DONTFRAG = 0x3e
- sysIPV6_PIPEX = 0x3f
-
- sysIPV6_RTABLE = 0x1021
-
- sysIPV6_PORTRANGE_DEFAULT = 0x0
- sysIPV6_PORTRANGE_HIGH = 0x1
- sysIPV6_PORTRANGE_LOW = 0x2
sizeofSockaddrInet6 = 0x1c
sizeofInet6Pktinfo = 0x14
diff --git a/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go b/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go
new file mode 100644
index 00000000..3f980691
--- /dev/null
+++ b/vendor/golang.org/x/net/ipv6/zsys_zos_s390x.go
@@ -0,0 +1,106 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Hand edited based on zerrors_zos_s390x.go
+// TODO(Bill O'Farrell): auto-generate.
+
+package ipv6
+
+const (
+ sysIPV6_ADDR_PREFERENCES = 32
+ sysIPV6_CHECKSUM = 19
+ sysIPV6_DONTFRAG = 29
+ sysIPV6_DSTOPTS = 23
+ sysIPV6_HOPLIMIT = 11
+ sysIPV6_HOPOPTS = 22
+ sysIPV6_JOIN_GROUP = 5
+ sysIPV6_LEAVE_GROUP = 6
+ sysIPV6_MULTICAST_HOPS = 9
+ sysIPV6_MULTICAST_IF = 7
+ sysIPV6_MULTICAST_LOOP = 4
+ sysIPV6_NEXTHOP = 20
+ sysIPV6_PATHMTU = 12
+ sysIPV6_PKTINFO = 13
+ sysIPV6_PREFER_SRC_CGA = 0x10
+ sysIPV6_PREFER_SRC_COA = 0x02
+ sysIPV6_PREFER_SRC_HOME = 0x01
+ sysIPV6_PREFER_SRC_NONCGA = 0x20
+ sysIPV6_PREFER_SRC_PUBLIC = 0x08
+ sysIPV6_PREFER_SRC_TMP = 0x04
+ sysIPV6_RECVDSTOPTS = 28
+ sysIPV6_RECVHOPLIMIT = 14
+ sysIPV6_RECVHOPOPTS = 26
+ sysIPV6_RECVPATHMTU = 16
+ sysIPV6_RECVPKTINFO = 15
+ sysIPV6_RECVRTHDR = 25
+ sysIPV6_RECVTCLASS = 31
+ sysIPV6_RTHDR = 21
+ sysIPV6_RTHDRDSTOPTS = 24
+ sysIPV6_RTHDR_TYPE_0 = 0
+ sysIPV6_TCLASS = 30
+ sysIPV6_UNICAST_HOPS = 3
+ sysIPV6_USE_MIN_MTU = 18
+ sysIPV6_V6ONLY = 10
+
+ sysMCAST_JOIN_GROUP = 40
+ sysMCAST_LEAVE_GROUP = 41
+ sysMCAST_JOIN_SOURCE_GROUP = 42
+ sysMCAST_LEAVE_SOURCE_GROUP = 43
+ sysMCAST_BLOCK_SOURCE = 44
+ sysMCAST_UNBLOCK_SOURCE = 45
+
+ sysICMP6_FILTER = 0x1
+
+ sizeofSockaddrStorage = 128
+ sizeofICMPv6Filter = 32
+ sizeofInet6Pktinfo = 20
+ sizeofIPv6Mtuinfo = 32
+ sizeofSockaddrInet6 = 28
+ sizeofGroupReq = 136
+ sizeofGroupSourceReq = 264
+)
+
+type sockaddrStorage struct {
+ Len uint8
+ Family byte
+ ss_pad1 [6]byte
+ ss_align int64
+ ss_pad2 [112]byte
+}
+
+type sockaddrInet6 struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Flowinfo uint32
+ Addr [16]byte
+ Scope_id uint32
+}
+
+type inet6Pktinfo struct {
+ Addr [16]byte
+ Ifindex uint32
+}
+
+type ipv6Mtuinfo struct {
+ Addr sockaddrInet6
+ Mtu uint32
+}
+
+type groupReq struct {
+ Interface uint32
+ reserved uint32
+ Group sockaddrStorage
+}
+
+type groupSourceReq struct {
+ Interface uint32
+ reserved uint32
+ Group sockaddrStorage
+ Source sockaddrStorage
+}
+
+type icmpv6Filter struct {
+ Filt [8]uint32
+}
diff --git a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
index 6b4027b3..db9171c2 100644
--- a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
+++ b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/cpu/cpu_aix.go b/vendor/golang.org/x/sys/cpu/cpu_aix.go
index 464a209c..28b52164 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_aix.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_aix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix
// +build aix
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
index cfc08c97..c61f95a0 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
index 7f7f272a..ccf542a7 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
index 75a95566..0af2f248 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
index 4adb89cf..3298a87e 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (386 || amd64 || amd64p32) && gc
// +build 386 amd64 amd64p32
// +build gc
@@ -14,3 +15,7 @@ func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32)
// xgetbv with ecx = 0 is implemented in cpu_x86.s for gc compiler
// and in cpu_gccgo.c for gccgo.
func xgetbv() (eax, edx uint32)
+
+// darwinSupportsAVX512 is implemented in cpu_x86.s for gc compiler
+// and in cpu_gccgo_x86.go for gccgo.
+func darwinSupportsAVX512() bool
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
index 53ca8d65..2aff3189 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gccgo
// +build gccgo
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
index aa986f77..4bfbda61 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gccgo
// +build gccgo
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
index ba49b91b..863d415a 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (386 || amd64 || amd64p32) && gccgo
// +build 386 amd64 amd64p32
// +build gccgo
@@ -24,3 +25,9 @@ func xgetbv() (eax, edx uint32) {
gccgoXgetbv(&a, &d)
return a, d
}
+
+// gccgo doesn't build on Darwin, per:
+// https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/gcc.rb#L76
+func darwinSupportsAVX512() bool {
+ return false
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux.go b/vendor/golang.org/x/sys/cpu/cpu_linux.go
index 6fc874f7..159a686f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !386 && !amd64 && !amd64p32 && !arm64
// +build !386,!amd64,!amd64p32,!arm64
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
index 5a418900..6000db4c 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (mips64 || mips64le)
// +build linux
// +build mips64 mips64le
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
index 42b5d33c..f4992b1a 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x
// +build linux,!arm,!arm64,!mips64,!mips64le,!ppc64,!ppc64le,!s390x
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
index 99f8a639..021356d6 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (ppc64 || ppc64le)
// +build linux
// +build ppc64 ppc64le
diff --git a/vendor/golang.org/x/sys/cpu/cpu_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
index 57b5b677..f4063c66 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build mips64 || mips64le
// +build mips64 mips64le
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_mipsx.go b/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
index cfc1946b..07c4e36d 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build mips || mipsle
// +build mips mipsle
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
index b412efc1..d7b4fb4c 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux && arm
// +build !linux,arm
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
index 16c1c409..f8c484f5 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build !linux,!netbsd
-// +build arm64
+//go:build !linux && !netbsd && arm64
+// +build !linux,!netbsd,arm64
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
index f49fad67..0dafe964 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !linux && (mips64 || mips64le)
// +build !linux
// +build mips64 mips64le
diff --git a/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
index d28d675b..4e8acd16 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build ppc64 || ppc64le
// +build ppc64 ppc64le
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
index 8b08de34..bd6c128a 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build riscv64
// +build riscv64
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.s b/vendor/golang.org/x/sys/cpu/cpu_s390x.s
index 964946df..96f81e20 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_s390x.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/cpu/cpu_wasm.go b/vendor/golang.org/x/sys/cpu/cpu_wasm.go
index 5382f2a2..7747d888 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_wasm.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_wasm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build wasm
// +build wasm
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index 48d42933..54ca4667 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build 386 || amd64 || amd64p32
// +build 386 amd64 amd64p32
package cpu
@@ -86,8 +87,14 @@ func archInit() {
// Check if XMM and YMM registers have OS support.
osSupportsAVX = isSet(1, eax) && isSet(2, eax)
- // Check if OPMASK and ZMM registers have OS support.
- osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
+ if runtime.GOOS == "darwin" {
+ // Check darwin commpage for AVX512 support. Necessary because:
+ // https://github.com/apple/darwin-xnu/blob/0a798f6738bc1db01281fc08ae024145e84df927/osfmk/i386/fpu.c#L175-L201
+ osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
+ } else {
+ // Check if OPMASK and ZMM registers have OS support.
+ osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
+ }
}
X86.HasAVX = isSet(28, ecx1) && osSupportsAVX
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s
index 2f557a58..b748ba52 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (386 || amd64 || amd64p32) && gc
// +build 386 amd64 amd64p32
// +build gc
@@ -25,3 +26,27 @@ TEXT ·xgetbv(SB),NOSPLIT,$0-8
MOVL AX, eax+0(FP)
MOVL DX, edx+4(FP)
RET
+
+// func darwinSupportsAVX512() bool
+TEXT ·darwinSupportsAVX512(SB), NOSPLIT, $0-1
+ MOVB $0, ret+0(FP) // default to false
+#ifdef GOOS_darwin // return if not darwin
+#ifdef GOARCH_amd64 // return if not amd64
+// These values from:
+// https://github.com/apple/darwin-xnu/blob/xnu-4570.1.46/osfmk/i386/cpu_capabilities.h
+#define commpage64_base_address 0x00007fffffe00000
+#define commpage64_cpu_capabilities64 (commpage64_base_address+0x010)
+#define commpage64_version (commpage64_base_address+0x01E)
+#define hasAVX512F 0x0000004000000000
+ MOVQ $commpage64_version, BX
+ CMPW (BX), $13 // cpu_capabilities64 undefined in versions < 13
+ JL no_avx512
+ MOVQ $commpage64_cpu_capabilities64, BX
+ MOVQ $hasAVX512F, CX
+ TESTQ (BX), CX
+ JZ no_avx512
+ MOVB $1, ret+0(FP)
+no_avx512:
+#endif
+#endif
+ RET
diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go b/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
index 76fbe40b..a864f24d 100644
--- a/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
+++ b/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
@@ -8,8 +8,8 @@
// Morever, this file will be used during the building of
// gccgo's libgo and thus must not used a CGo method.
-// +build aix
-// +build gccgo
+//go:build aix && gccgo
+// +build aix,gccgo
package cpu
diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
index 5b427d67..904be42f 100644
--- a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
+++ b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
@@ -6,8 +6,8 @@
// system call on AIX without depending on x/sys/unix.
// (See golang.org/issue/32102)
-// +build aix,ppc64
-// +build gc
+//go:build aix && ppc64 && gc
+// +build aix,ppc64,gc
package cpu
diff --git a/vendor/golang.org/x/sys/unix/aliases.go b/vendor/golang.org/x/sys/unix/aliases.go
index 951fce4d..abc89c10 100644
--- a/vendor/golang.org/x/sys/unix/aliases.go
+++ b/vendor/golang.org/x/sys/unix/aliases.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) && go1.9
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
// +build go1.9
package unix
diff --git a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
index 6b4027b3..db9171c2 100644
--- a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s b/vendor/golang.org/x/sys/unix/asm_bsd_386.s
similarity index 70%
rename from vendor/golang.org/x/sys/unix/asm_freebsd_386.s
rename to vendor/golang.org/x/sys/unix/asm_bsd_386.s
index 49f0ac23..7f29275f 100644
--- a/vendor/golang.org/x/sys/unix/asm_freebsd_386.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_386.s
@@ -1,14 +1,14 @@
-// Copyright 2009 The Go Authors. All rights reserved.
+// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin || freebsd || netbsd || openbsd) && gc
+// +build darwin freebsd netbsd openbsd
// +build gc
#include "textflag.h"
-//
-// System call support for 386, FreeBSD
-//
+// System call support for 386 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
@@ -22,7 +22,7 @@ TEXT ·Syscall6(SB),NOSPLIT,$0-40
TEXT ·Syscall9(SB),NOSPLIT,$0-52
JMP syscall·Syscall9(SB)
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
+TEXT ·RawSyscall(SB),NOSPLIT,$0-28
JMP syscall·RawSyscall(SB)
TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
similarity index 72%
rename from vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s
rename to vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
index e57367c1..2b99c349 100644
--- a/vendor/golang.org/x/sys/unix/asm_netbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
@@ -1,14 +1,14 @@
-// Copyright 2009 The Go Authors. All rights reserved.
+// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin || dragonfly || freebsd || netbsd || openbsd) && gc
+// +build darwin dragonfly freebsd netbsd openbsd
// +build gc
#include "textflag.h"
-//
-// System call support for AMD64, NetBSD
-//
+// System call support for AMD64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_bsd_arm.s
similarity index 74%
rename from vendor/golang.org/x/sys/unix/asm_netbsd_arm.s
rename to vendor/golang.org/x/sys/unix/asm_bsd_arm.s
index d7da175e..98ebfad9 100644
--- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_arm.s
@@ -1,14 +1,14 @@
-// Copyright 2013 The Go Authors. All rights reserved.
+// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin || freebsd || netbsd || openbsd) && gc
+// +build darwin freebsd netbsd openbsd
// +build gc
#include "textflag.h"
-//
-// System call support for ARM, NetBSD
-//
+// System call support for ARM BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s b/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
similarity index 75%
rename from vendor/golang.org/x/sys/unix/asm_darwin_amd64.s
rename to vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
index f2397fde..fe36a739 100644
--- a/vendor/golang.org/x/sys/unix/asm_darwin_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
@@ -1,14 +1,14 @@
-// Copyright 2009 The Go Authors. All rights reserved.
+// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin || freebsd || netbsd || openbsd) && gc
+// +build darwin freebsd netbsd openbsd
// +build gc
#include "textflag.h"
-//
-// System call support for AMD64, Darwin
-//
+// System call support for ARM64 BSD
// Just jump to package syscall's implementation for all these functions.
// The runtime may know about them.
diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_386.s b/vendor/golang.org/x/sys/unix/asm_darwin_386.s
deleted file mode 100644
index 8a06b87d..00000000
--- a/vendor/golang.org/x/sys/unix/asm_darwin_386.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for 386, Darwin
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm.s
deleted file mode 100644
index c9e6b6fc..00000000
--- a/vendor/golang.org/x/sys/unix/asm_darwin_arm.s
+++ /dev/null
@@ -1,30 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-// +build arm,darwin
-
-#include "textflag.h"
-
-//
-// System call support for ARM, Darwin
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- B syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- B syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- B syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- B syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- B syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s b/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s
deleted file mode 100644
index 89843f8f..00000000
--- a/vendor/golang.org/x/sys/unix/asm_darwin_arm64.s
+++ /dev/null
@@ -1,30 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-// +build arm64,darwin
-
-#include "textflag.h"
-
-//
-// System call support for AMD64, Darwin
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- B syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- B syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- B syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- B syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- B syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s b/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s
deleted file mode 100644
index 27674e1c..00000000
--- a/vendor/golang.org/x/sys/unix/asm_dragonfly_amd64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for AMD64, DragonFly
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s
deleted file mode 100644
index f2dfc57b..00000000
--- a/vendor/golang.org/x/sys/unix/asm_freebsd_amd64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for AMD64, FreeBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s
deleted file mode 100644
index 6d740db2..00000000
--- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for ARM, FreeBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- B syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- B syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- B syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- B syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- B syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s
deleted file mode 100644
index a8f5a29b..00000000
--- a/vendor/golang.org/x/sys/unix/asm_freebsd_arm64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for ARM64, FreeBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_386.s b/vendor/golang.org/x/sys/unix/asm_linux_386.s
index 0655ecbf..8fd101d0 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_386.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_386.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
index bc3fb6ac..7ed38e43 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm.s b/vendor/golang.org/x/sys/unix/asm_linux_arm.s
index 55b13c7b..8ef1d514 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_arm.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_arm.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
index 22a83d8e..98ae0276 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && arm64 && gc
// +build linux
// +build arm64
// +build gc
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
index dc222b90..21231d2c 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (mips64 || mips64le) && gc
// +build linux
// +build mips64 mips64le
// +build gc
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
index d333f13c..6783b26c 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (mips || mipsle) && gc
// +build linux
// +build mips mipsle
// +build gc
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
index 459a629c..19d49893 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (ppc64 || ppc64le) && gc
// +build linux
// +build ppc64 ppc64le
// +build gc
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
index 04d38497..e42eb81d 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
@@ -2,7 +2,9 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build riscv64,gc
+//go:build riscv64 && gc
+// +build riscv64
+// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
index cc303989..c46aab33 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
@@ -2,8 +2,9 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build s390x
+//go:build linux && s390x && gc
// +build linux
+// +build s390x
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s b/vendor/golang.org/x/sys/unix/asm_netbsd_386.s
deleted file mode 100644
index ae7b498d..00000000
--- a/vendor/golang.org/x/sys/unix/asm_netbsd_386.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for 386, NetBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s
deleted file mode 100644
index e7cbe190..00000000
--- a/vendor/golang.org/x/sys/unix/asm_netbsd_arm64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for ARM64, NetBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- B syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- B syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- B syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- B syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- B syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s b/vendor/golang.org/x/sys/unix/asm_openbsd_386.s
deleted file mode 100644
index 2f00b031..00000000
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_386.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for 386, OpenBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s
deleted file mode 100644
index 07632c99..00000000
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_amd64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for AMD64, OpenBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s
deleted file mode 100644
index 73e99732..00000000
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for ARM, OpenBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-28
- B syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-40
- B syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-52
- B syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-28
- B syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-40
- B syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s
deleted file mode 100644
index c47302aa..00000000
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_arm64.s
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build gc
-
-#include "textflag.h"
-
-//
-// System call support for arm64, OpenBSD
-//
-
-// Just jump to package syscall's implementation for all these functions.
-// The runtime may know about them.
-
-TEXT ·Syscall(SB),NOSPLIT,$0-56
- JMP syscall·Syscall(SB)
-
-TEXT ·Syscall6(SB),NOSPLIT,$0-80
- JMP syscall·Syscall6(SB)
-
-TEXT ·Syscall9(SB),NOSPLIT,$0-104
- JMP syscall·Syscall9(SB)
-
-TEXT ·RawSyscall(SB),NOSPLIT,$0-56
- JMP syscall·RawSyscall(SB)
-
-TEXT ·RawSyscall6(SB),NOSPLIT,$0-80
- JMP syscall·RawSyscall6(SB)
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
index 47c93fcb..5e7a1169 100644
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
index 1f2c755a..f8c5394c 100644
--- a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gc
// +build gc
#include "textflag.h"
diff --git a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
new file mode 100644
index 00000000..3b54e185
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
@@ -0,0 +1,426 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x && gc
+// +build zos
+// +build s390x
+// +build gc
+
+#include "textflag.h"
+
+#define PSALAA 1208(R0)
+#define GTAB64(x) 80(x)
+#define LCA64(x) 88(x)
+#define CAA(x) 8(x)
+#define EDCHPXV(x) 1016(x) // in the CAA
+#define SAVSTACK_ASYNC(x) 336(x) // in the LCA
+
+// SS_*, where x=SAVSTACK_ASYNC
+#define SS_LE(x) 0(x)
+#define SS_GO(x) 8(x)
+#define SS_ERRNO(x) 16(x)
+#define SS_ERRNOJR(x) 20(x)
+
+#define LE_CALL BYTE $0x0D; BYTE $0x76; // BL R7, R6
+
+TEXT ·clearErrno(SB),NOSPLIT,$0-0
+ BL addrerrno<>(SB)
+ MOVD $0, 0(R3)
+ RET
+
+// Returns the address of errno in R3.
+TEXT addrerrno<>(SB),NOSPLIT|NOFRAME,$0-0
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get __errno FuncDesc.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ ADD $(0x156*16), R9
+ LMG 0(R9), R5, R6
+
+ // Switch to saved LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Call __errno function.
+ LE_CALL
+ NOPH
+
+ // Switch back to Go stack.
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+ RET
+
+TEXT ·syscall_syscall(SB),NOSPLIT,$0-56
+ BL runtime·entersyscall(SB)
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+32(FP)
+ MOVD R0, r2+40(FP)
+ MOVD R0, err+48(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL addrerrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+48(FP)
+done:
+ BL runtime·exitsyscall(SB)
+ RET
+
+TEXT ·syscall_rawsyscall(SB),NOSPLIT,$0-56
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+32(FP)
+ MOVD R0, r2+40(FP)
+ MOVD R0, err+48(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL addrerrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+48(FP)
+done:
+ RET
+
+TEXT ·syscall_syscall6(SB),NOSPLIT,$0-80
+ BL runtime·entersyscall(SB)
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Fill in parameter list.
+ MOVD a4+32(FP), R12
+ MOVD R12, (2176+24)(R4)
+ MOVD a5+40(FP), R12
+ MOVD R12, (2176+32)(R4)
+ MOVD a6+48(FP), R12
+ MOVD R12, (2176+40)(R4)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+56(FP)
+ MOVD R0, r2+64(FP)
+ MOVD R0, err+72(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL addrerrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+72(FP)
+done:
+ BL runtime·exitsyscall(SB)
+ RET
+
+TEXT ·syscall_rawsyscall6(SB),NOSPLIT,$0-80
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Fill in parameter list.
+ MOVD a4+32(FP), R12
+ MOVD R12, (2176+24)(R4)
+ MOVD a5+40(FP), R12
+ MOVD R12, (2176+32)(R4)
+ MOVD a6+48(FP), R12
+ MOVD R12, (2176+40)(R4)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+56(FP)
+ MOVD R0, r2+64(FP)
+ MOVD R0, err+72(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL ·rrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+72(FP)
+done:
+ RET
+
+TEXT ·syscall_syscall9(SB),NOSPLIT,$0
+ BL runtime·entersyscall(SB)
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Fill in parameter list.
+ MOVD a4+32(FP), R12
+ MOVD R12, (2176+24)(R4)
+ MOVD a5+40(FP), R12
+ MOVD R12, (2176+32)(R4)
+ MOVD a6+48(FP), R12
+ MOVD R12, (2176+40)(R4)
+ MOVD a7+56(FP), R12
+ MOVD R12, (2176+48)(R4)
+ MOVD a8+64(FP), R12
+ MOVD R12, (2176+56)(R4)
+ MOVD a9+72(FP), R12
+ MOVD R12, (2176+64)(R4)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+80(FP)
+ MOVD R0, r2+88(FP)
+ MOVD R0, err+96(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL addrerrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+96(FP)
+done:
+ BL runtime·exitsyscall(SB)
+ RET
+
+TEXT ·syscall_rawsyscall9(SB),NOSPLIT,$0
+ MOVD a1+8(FP), R1
+ MOVD a2+16(FP), R2
+ MOVD a3+24(FP), R3
+
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get function.
+ MOVD CAA(R8), R9
+ MOVD EDCHPXV(R9), R9
+ MOVD trap+0(FP), R5
+ SLD $4, R5
+ ADD R5, R9
+ LMG 0(R9), R5, R6
+
+ // Restore LE stack.
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R4
+ MOVD $0, 0(R9)
+
+ // Fill in parameter list.
+ MOVD a4+32(FP), R12
+ MOVD R12, (2176+24)(R4)
+ MOVD a5+40(FP), R12
+ MOVD R12, (2176+32)(R4)
+ MOVD a6+48(FP), R12
+ MOVD R12, (2176+40)(R4)
+ MOVD a7+56(FP), R12
+ MOVD R12, (2176+48)(R4)
+ MOVD a8+64(FP), R12
+ MOVD R12, (2176+56)(R4)
+ MOVD a9+72(FP), R12
+ MOVD R12, (2176+64)(R4)
+
+ // Call function.
+ LE_CALL
+ NOPH
+ XOR R0, R0 // Restore R0 to $0.
+ MOVD R4, 0(R9) // Save stack pointer.
+
+ MOVD R3, r1+80(FP)
+ MOVD R0, r2+88(FP)
+ MOVD R0, err+96(FP)
+ MOVW R3, R4
+ CMP R4, $-1
+ BNE done
+ BL addrerrno<>(SB)
+ MOVWZ 0(R3), R3
+ MOVD R3, err+96(FP)
+done:
+ RET
+
+// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
+TEXT ·svcCall(SB),NOSPLIT,$0
+ BL runtime·save_g(SB) // Save g and stack pointer
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD R15, 0(R9)
+
+ MOVD argv+8(FP), R1 // Move function arguments into registers
+ MOVD dsa+16(FP), g
+ MOVD fnptr+0(FP), R15
+
+ BYTE $0x0D // Branch to function
+ BYTE $0xEF
+
+ BL runtime·load_g(SB) // Restore g and stack pointer
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+ MOVD SAVSTACK_ASYNC(R8), R9
+ MOVD 0(R9), R15
+
+ RET
+
+// func svcLoad(name *byte) unsafe.Pointer
+TEXT ·svcLoad(SB),NOSPLIT,$0
+ MOVD R15, R2 // Save go stack pointer
+ MOVD name+0(FP), R0 // Move SVC args into registers
+ MOVD $0x80000000, R1
+ MOVD $0, R15
+ BYTE $0x0A // SVC 08 LOAD
+ BYTE $0x08
+ MOVW R15, R3 // Save return code from SVC
+ MOVD R2, R15 // Restore go stack pointer
+ CMP R3, $0 // Check SVC return code
+ BNE error
+
+ MOVD $-2, R3 // Reset last bit of entry point to zero
+ AND R0, R3
+ MOVD R3, addr+8(FP) // Return entry point returned by SVC
+ CMP R0, R3 // Check if last bit of entry point was set
+ BNE done
+
+ MOVD R15, R2 // Save go stack pointer
+ MOVD $0, R15 // Move SVC args into registers (entry point still in r0 from SVC 08)
+ BYTE $0x0A // SVC 09 DELETE
+ BYTE $0x09
+ MOVD R2, R15 // Restore go stack pointer
+
+error:
+ MOVD $0, addr+8(FP) // Return 0 on failure
+done:
+ XOR R0, R0 // Reset r0 to 0
+ RET
+
+// func svcUnload(name *byte, fnptr unsafe.Pointer) int64
+TEXT ·svcUnload(SB),NOSPLIT,$0
+ MOVD R15, R2 // Save go stack pointer
+ MOVD name+0(FP), R0 // Move SVC args into registers
+ MOVD addr+8(FP), R15
+ BYTE $0x0A // SVC 09
+ BYTE $0x09
+ XOR R0, R0 // Reset r0 to 0
+ MOVD R15, R1 // Save SVC return code
+ MOVD R2, R15 // Restore go stack pointer
+ MOVD R1, rc+0(FP) // Return SVC return code
+ RET
+
+// func gettid() uint64
+TEXT ·gettid(SB), NOSPLIT, $0
+ // Get library control area (LCA).
+ MOVW PSALAA, R8
+ MOVD LCA64(R8), R8
+
+ // Get CEECAATHDID
+ MOVD CAA(R8), R9
+ MOVD 0x3D0(R9), R9
+ MOVD R9, ret+0(FP)
+
+ RET
diff --git a/vendor/golang.org/x/sys/unix/cap_freebsd.go b/vendor/golang.org/x/sys/unix/cap_freebsd.go
index df520487..0b7c6adb 100644
--- a/vendor/golang.org/x/sys/unix/cap_freebsd.go
+++ b/vendor/golang.org/x/sys/unix/cap_freebsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build freebsd
// +build freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/constants.go b/vendor/golang.org/x/sys/unix/constants.go
index 3a6ac648..394a3965 100644
--- a/vendor/golang.org/x/sys/unix/constants.go
+++ b/vendor/golang.org/x/sys/unix/constants.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package unix
diff --git a/vendor/golang.org/x/sys/unix/dev_aix_ppc.go b/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
index 5e5fb451..65a99850 100644
--- a/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix
-// +build ppc
+//go:build aix && ppc
+// +build aix,ppc
// Functions to access/create device major and minor numbers matching the
// encoding used by AIX.
diff --git a/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go b/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
index 8b401244..8fc08ad0 100644
--- a/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix
-// +build ppc64
+//go:build aix && ppc64
+// +build aix,ppc64
// Functions to access/create device major and minor numbers matching the
// encoding used AIX.
diff --git a/vendor/golang.org/x/sys/unix/dev_zos.go b/vendor/golang.org/x/sys/unix/dev_zos.go
new file mode 100644
index 00000000..a388e59a
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/dev_zos.go
@@ -0,0 +1,29 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+// Functions to access/create device major and minor numbers matching the
+// encoding used by z/OS.
+//
+// The information below is extracted and adapted from macros.
+
+package unix
+
+// Major returns the major component of a z/OS device number.
+func Major(dev uint64) uint32 {
+ return uint32((dev >> 16) & 0x0000FFFF)
+}
+
+// Minor returns the minor component of a z/OS device number.
+func Minor(dev uint64) uint32 {
+ return uint32(dev & 0x0000FFFF)
+}
+
+// Mkdev returns a z/OS device number generated from the given major and minor
+// components.
+func Mkdev(major, minor uint32) uint64 {
+ return (uint64(major) << 16) | uint64(minor)
+}
diff --git a/vendor/golang.org/x/sys/unix/dirent.go b/vendor/golang.org/x/sys/unix/dirent.go
index 304016b6..e74e5eaa 100644
--- a/vendor/golang.org/x/sys/unix/dirent.go
+++ b/vendor/golang.org/x/sys/unix/dirent.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/endian_big.go b/vendor/golang.org/x/sys/unix/endian_big.go
index 86781eac..a5202655 100644
--- a/vendor/golang.org/x/sys/unix/endian_big.go
+++ b/vendor/golang.org/x/sys/unix/endian_big.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//
+//go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64
// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/endian_little.go b/vendor/golang.org/x/sys/unix/endian_little.go
index 8822d854..4362f47e 100644
--- a/vendor/golang.org/x/sys/unix/endian_little.go
+++ b/vendor/golang.org/x/sys/unix/endian_little.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
//
+//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh
// +build 386 amd64 amd64p32 alpha arm arm64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh
package unix
diff --git a/vendor/golang.org/x/sys/unix/env_unix.go b/vendor/golang.org/x/sys/unix/env_unix.go
index 84178b0a..29ccc4d1 100644
--- a/vendor/golang.org/x/sys/unix/env_unix.go
+++ b/vendor/golang.org/x/sys/unix/env_unix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
// Unix environment variables.
diff --git a/vendor/golang.org/x/sys/unix/epoll_zos.go b/vendor/golang.org/x/sys/unix/epoll_zos.go
new file mode 100644
index 00000000..cedaf7e0
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/epoll_zos.go
@@ -0,0 +1,221 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+import (
+ "sync"
+)
+
+// This file simulates epoll on z/OS using poll.
+
+// Analogous to epoll_event on Linux.
+// TODO(neeilan): Pad is because the Linux kernel expects a 96-bit struct. We never pass this to the kernel; remove?
+type EpollEvent struct {
+ Events uint32
+ Fd int32
+ Pad int32
+}
+
+const (
+ EPOLLERR = 0x8
+ EPOLLHUP = 0x10
+ EPOLLIN = 0x1
+ EPOLLMSG = 0x400
+ EPOLLOUT = 0x4
+ EPOLLPRI = 0x2
+ EPOLLRDBAND = 0x80
+ EPOLLRDNORM = 0x40
+ EPOLLWRBAND = 0x200
+ EPOLLWRNORM = 0x100
+ EPOLL_CTL_ADD = 0x1
+ EPOLL_CTL_DEL = 0x2
+ EPOLL_CTL_MOD = 0x3
+ // The following constants are part of the epoll API, but represent
+ // currently unsupported functionality on z/OS.
+ // EPOLL_CLOEXEC = 0x80000
+ // EPOLLET = 0x80000000
+ // EPOLLONESHOT = 0x40000000
+ // EPOLLRDHUP = 0x2000 // Typically used with edge-triggered notis
+ // EPOLLEXCLUSIVE = 0x10000000 // Exclusive wake-up mode
+ // EPOLLWAKEUP = 0x20000000 // Relies on Linux's BLOCK_SUSPEND capability
+)
+
+// TODO(neeilan): We can eliminate these epToPoll / pToEpoll calls by using identical mask values for POLL/EPOLL
+// constants where possible The lower 16 bits of epoll events (uint32) can fit any system poll event (int16).
+
+// epToPollEvt converts epoll event field to poll equivalent.
+// In epoll, Events is a 32-bit field, while poll uses 16 bits.
+func epToPollEvt(events uint32) int16 {
+ var ep2p = map[uint32]int16{
+ EPOLLIN: POLLIN,
+ EPOLLOUT: POLLOUT,
+ EPOLLHUP: POLLHUP,
+ EPOLLPRI: POLLPRI,
+ EPOLLERR: POLLERR,
+ }
+
+ var pollEvts int16 = 0
+ for epEvt, pEvt := range ep2p {
+ if (events & epEvt) != 0 {
+ pollEvts |= pEvt
+ }
+ }
+
+ return pollEvts
+}
+
+// pToEpollEvt converts 16 bit poll event bitfields to 32-bit epoll event fields.
+func pToEpollEvt(revents int16) uint32 {
+ var p2ep = map[int16]uint32{
+ POLLIN: EPOLLIN,
+ POLLOUT: EPOLLOUT,
+ POLLHUP: EPOLLHUP,
+ POLLPRI: EPOLLPRI,
+ POLLERR: EPOLLERR,
+ }
+
+ var epollEvts uint32 = 0
+ for pEvt, epEvt := range p2ep {
+ if (revents & pEvt) != 0 {
+ epollEvts |= epEvt
+ }
+ }
+
+ return epollEvts
+}
+
+// Per-process epoll implementation.
+type epollImpl struct {
+ mu sync.Mutex
+ epfd2ep map[int]*eventPoll
+ nextEpfd int
+}
+
+// eventPoll holds a set of file descriptors being watched by the process. A process can have multiple epoll instances.
+// On Linux, this is an in-kernel data structure accessed through a fd.
+type eventPoll struct {
+ mu sync.Mutex
+ fds map[int]*EpollEvent
+}
+
+// epoll impl for this process.
+var impl epollImpl = epollImpl{
+ epfd2ep: make(map[int]*eventPoll),
+ nextEpfd: 0,
+}
+
+func (e *epollImpl) epollcreate(size int) (epfd int, err error) {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ epfd = e.nextEpfd
+ e.nextEpfd++
+
+ e.epfd2ep[epfd] = &eventPoll{
+ fds: make(map[int]*EpollEvent),
+ }
+ return epfd, nil
+}
+
+func (e *epollImpl) epollcreate1(flag int) (fd int, err error) {
+ return e.epollcreate(4)
+}
+
+func (e *epollImpl) epollctl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+
+ ep, ok := e.epfd2ep[epfd]
+ if !ok {
+
+ return EBADF
+ }
+
+ switch op {
+ case EPOLL_CTL_ADD:
+ // TODO(neeilan): When we make epfds and fds disjoint, detect epoll
+ // loops here (instances watching each other) and return ELOOP.
+ if _, ok := ep.fds[fd]; ok {
+ return EEXIST
+ }
+ ep.fds[fd] = event
+ case EPOLL_CTL_MOD:
+ if _, ok := ep.fds[fd]; !ok {
+ return ENOENT
+ }
+ ep.fds[fd] = event
+ case EPOLL_CTL_DEL:
+ if _, ok := ep.fds[fd]; !ok {
+ return ENOENT
+ }
+ delete(ep.fds, fd)
+
+ }
+ return nil
+}
+
+// Must be called while holding ep.mu
+func (ep *eventPoll) getFds() []int {
+ fds := make([]int, len(ep.fds))
+ for fd := range ep.fds {
+ fds = append(fds, fd)
+ }
+ return fds
+}
+
+func (e *epollImpl) epollwait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+ e.mu.Lock() // in [rare] case of concurrent epollcreate + epollwait
+ ep, ok := e.epfd2ep[epfd]
+
+ if !ok {
+ e.mu.Unlock()
+ return 0, EBADF
+ }
+
+ pollfds := make([]PollFd, 4)
+ for fd, epollevt := range ep.fds {
+ pollfds = append(pollfds, PollFd{Fd: int32(fd), Events: epToPollEvt(epollevt.Events)})
+ }
+ e.mu.Unlock()
+
+ n, err = Poll(pollfds, msec)
+ if err != nil {
+ return n, err
+ }
+
+ i := 0
+ for _, pFd := range pollfds {
+ if pFd.Revents != 0 {
+ events[i] = EpollEvent{Fd: pFd.Fd, Events: pToEpollEvt(pFd.Revents)}
+ i++
+ }
+
+ if i == n {
+ break
+ }
+ }
+
+ return n, nil
+}
+
+func EpollCreate(size int) (fd int, err error) {
+ return impl.epollcreate(size)
+}
+
+func EpollCreate1(flag int) (fd int, err error) {
+ return impl.epollcreate1(flag)
+}
+
+func EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+ return impl.epollctl(epfd, op, fd, event)
+}
+
+// Because EpollWait mutates events, the caller is expected to coordinate
+// concurrent access if calling with the same epfd from multiple goroutines.
+func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+ return impl.epollwait(epfd, events, msec)
+}
diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go
index 4dc53486..e9b99125 100644
--- a/vendor/golang.org/x/sys/unix/fcntl.go
+++ b/vendor/golang.org/x/sys/unix/fcntl.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build dragonfly || freebsd || linux || netbsd || openbsd
// +build dragonfly freebsd linux netbsd openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
index 8db48e5e..29d44808 100644
--- a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
+++ b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build linux,386 linux,arm linux,mips linux,mipsle
+//go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc)
+// +build linux,386 linux,arm linux,mips linux,mipsle linux,ppc
package unix
diff --git a/vendor/golang.org/x/sys/unix/fdset.go b/vendor/golang.org/x/sys/unix/fdset.go
index b27be0a0..a8068f94 100644
--- a/vendor/golang.org/x/sys/unix/fdset.go
+++ b/vendor/golang.org/x/sys/unix/fdset.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package unix
diff --git a/vendor/golang.org/x/sys/unix/fstatfs_zos.go b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
new file mode 100644
index 00000000..e377cc9f
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
@@ -0,0 +1,164 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+import (
+ "unsafe"
+)
+
+// This file simulates fstatfs on z/OS using fstatvfs and w_getmntent.
+
+func Fstatfs(fd int, stat *Statfs_t) (err error) {
+ var stat_v Statvfs_t
+ err = Fstatvfs(fd, &stat_v)
+ if err == nil {
+ // populate stat
+ stat.Type = 0
+ stat.Bsize = stat_v.Bsize
+ stat.Blocks = stat_v.Blocks
+ stat.Bfree = stat_v.Bfree
+ stat.Bavail = stat_v.Bavail
+ stat.Files = stat_v.Files
+ stat.Ffree = stat_v.Ffree
+ stat.Fsid = stat_v.Fsid
+ stat.Namelen = stat_v.Namemax
+ stat.Frsize = stat_v.Frsize
+ stat.Flags = stat_v.Flag
+ for passn := 0; passn < 5; passn++ {
+ switch passn {
+ case 0:
+ err = tryGetmntent64(stat)
+ break
+ case 1:
+ err = tryGetmntent128(stat)
+ break
+ case 2:
+ err = tryGetmntent256(stat)
+ break
+ case 3:
+ err = tryGetmntent512(stat)
+ break
+ case 4:
+ err = tryGetmntent1024(stat)
+ break
+ default:
+ break
+ }
+ //proceed to return if: err is nil (found), err is nonnil but not ERANGE (another error occurred)
+ if err == nil || err != nil && err != ERANGE {
+ break
+ }
+ }
+ }
+ return err
+}
+
+func tryGetmntent64(stat *Statfs_t) (err error) {
+ var mnt_ent_buffer struct {
+ header W_Mnth
+ filesys_info [64]W_Mntent
+ }
+ var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+ fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+ if err != nil {
+ return err
+ }
+ err = ERANGE //return ERANGE if no match is found in this batch
+ for i := 0; i < fs_count; i++ {
+ if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+ stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+ err = nil
+ break
+ }
+ }
+ return err
+}
+
+func tryGetmntent128(stat *Statfs_t) (err error) {
+ var mnt_ent_buffer struct {
+ header W_Mnth
+ filesys_info [128]W_Mntent
+ }
+ var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+ fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+ if err != nil {
+ return err
+ }
+ err = ERANGE //return ERANGE if no match is found in this batch
+ for i := 0; i < fs_count; i++ {
+ if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+ stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+ err = nil
+ break
+ }
+ }
+ return err
+}
+
+func tryGetmntent256(stat *Statfs_t) (err error) {
+ var mnt_ent_buffer struct {
+ header W_Mnth
+ filesys_info [256]W_Mntent
+ }
+ var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+ fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+ if err != nil {
+ return err
+ }
+ err = ERANGE //return ERANGE if no match is found in this batch
+ for i := 0; i < fs_count; i++ {
+ if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+ stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+ err = nil
+ break
+ }
+ }
+ return err
+}
+
+func tryGetmntent512(stat *Statfs_t) (err error) {
+ var mnt_ent_buffer struct {
+ header W_Mnth
+ filesys_info [512]W_Mntent
+ }
+ var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+ fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+ if err != nil {
+ return err
+ }
+ err = ERANGE //return ERANGE if no match is found in this batch
+ for i := 0; i < fs_count; i++ {
+ if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+ stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+ err = nil
+ break
+ }
+ }
+ return err
+}
+
+func tryGetmntent1024(stat *Statfs_t) (err error) {
+ var mnt_ent_buffer struct {
+ header W_Mnth
+ filesys_info [1024]W_Mntent
+ }
+ var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+ fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+ if err != nil {
+ return err
+ }
+ err = ERANGE //return ERANGE if no match is found in this batch
+ for i := 0; i < fs_count; i++ {
+ if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+ stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+ err = nil
+ break
+ }
+ }
+ return err
+}
diff --git a/vendor/golang.org/x/sys/unix/gccgo.go b/vendor/golang.org/x/sys/unix/gccgo.go
index 86032c11..0dee2322 100644
--- a/vendor/golang.org/x/sys/unix/gccgo.go
+++ b/vendor/golang.org/x/sys/unix/gccgo.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build gccgo
-// +build !aix
+//go:build gccgo && !aix
+// +build gccgo,!aix
package unix
diff --git a/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go b/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
index 251a977a..e60e49a3 100644
--- a/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build gccgo && linux && amd64
// +build gccgo,linux,amd64
package unix
diff --git a/vendor/golang.org/x/sys/unix/ioctl.go b/vendor/golang.org/x/sys/unix/ioctl.go
index 56416786..6c7ad052 100644
--- a/vendor/golang.org/x/sys/unix/ioctl.go
+++ b/vendor/golang.org/x/sys/unix/ioctl.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
new file mode 100644
index 00000000..48773f73
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -0,0 +1,196 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package unix
+
+import (
+ "runtime"
+ "unsafe"
+)
+
+// IoctlRetInt performs an ioctl operation specified by req on a device
+// associated with opened file descriptor fd, and returns a non-negative
+// integer that is returned by the ioctl syscall.
+func IoctlRetInt(fd int, req uint) (int, error) {
+ ret, _, err := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), 0)
+ if err != 0 {
+ return 0, err
+ }
+ return int(ret), nil
+}
+
+func IoctlGetUint32(fd int, req uint) (uint32, error) {
+ var value uint32
+ err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
+ return value, err
+}
+
+func IoctlGetRTCTime(fd int) (*RTCTime, error) {
+ var value RTCTime
+ err := ioctl(fd, RTC_RD_TIME, uintptr(unsafe.Pointer(&value)))
+ return &value, err
+}
+
+func IoctlSetRTCTime(fd int, value *RTCTime) error {
+ err := ioctl(fd, RTC_SET_TIME, uintptr(unsafe.Pointer(value)))
+ runtime.KeepAlive(value)
+ return err
+}
+
+func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) {
+ var value RTCWkAlrm
+ err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value)))
+ return &value, err
+}
+
+func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error {
+ err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value)))
+ runtime.KeepAlive(value)
+ return err
+}
+
+type ifreqEthtool struct {
+ name [IFNAMSIZ]byte
+ data unsafe.Pointer
+}
+
+// IoctlGetEthtoolDrvinfo fetches ethtool driver information for the network
+// device specified by ifname.
+func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
+ // Leave room for terminating NULL byte.
+ if len(ifname) >= IFNAMSIZ {
+ return nil, EINVAL
+ }
+
+ value := EthtoolDrvinfo{
+ Cmd: ETHTOOL_GDRVINFO,
+ }
+ ifreq := ifreqEthtool{
+ data: unsafe.Pointer(&value),
+ }
+ copy(ifreq.name[:], ifname)
+ err := ioctl(fd, SIOCETHTOOL, uintptr(unsafe.Pointer(&ifreq)))
+ runtime.KeepAlive(ifreq)
+ return &value, err
+}
+
+// IoctlGetWatchdogInfo fetches information about a watchdog device from the
+// Linux watchdog API. For more information, see:
+// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
+func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) {
+ var value WatchdogInfo
+ err := ioctl(fd, WDIOC_GETSUPPORT, uintptr(unsafe.Pointer(&value)))
+ return &value, err
+}
+
+// IoctlWatchdogKeepalive issues a keepalive ioctl to a watchdog device. For
+// more information, see:
+// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
+func IoctlWatchdogKeepalive(fd int) error {
+ return ioctl(fd, WDIOC_KEEPALIVE, 0)
+}
+
+// IoctlFileCloneRange performs an FICLONERANGE ioctl operation to clone the
+// range of data conveyed in value to the file associated with the file
+// descriptor destFd. See the ioctl_ficlonerange(2) man page for details.
+func IoctlFileCloneRange(destFd int, value *FileCloneRange) error {
+ err := ioctl(destFd, FICLONERANGE, uintptr(unsafe.Pointer(value)))
+ runtime.KeepAlive(value)
+ return err
+}
+
+// IoctlFileClone performs an FICLONE ioctl operation to clone the entire file
+// associated with the file description srcFd to the file associated with the
+// file descriptor destFd. See the ioctl_ficlone(2) man page for details.
+func IoctlFileClone(destFd, srcFd int) error {
+ return ioctl(destFd, FICLONE, uintptr(srcFd))
+}
+
+type FileDedupeRange struct {
+ Src_offset uint64
+ Src_length uint64
+ Reserved1 uint16
+ Reserved2 uint32
+ Info []FileDedupeRangeInfo
+}
+
+type FileDedupeRangeInfo struct {
+ Dest_fd int64
+ Dest_offset uint64
+ Bytes_deduped uint64
+ Status int32
+ Reserved uint32
+}
+
+// IoctlFileDedupeRange performs an FIDEDUPERANGE ioctl operation to share the
+// range of data conveyed in value from the file associated with the file
+// descriptor srcFd to the value.Info destinations. See the
+// ioctl_fideduperange(2) man page for details.
+func IoctlFileDedupeRange(srcFd int, value *FileDedupeRange) error {
+ buf := make([]byte, SizeofRawFileDedupeRange+
+ len(value.Info)*SizeofRawFileDedupeRangeInfo)
+ rawrange := (*RawFileDedupeRange)(unsafe.Pointer(&buf[0]))
+ rawrange.Src_offset = value.Src_offset
+ rawrange.Src_length = value.Src_length
+ rawrange.Dest_count = uint16(len(value.Info))
+ rawrange.Reserved1 = value.Reserved1
+ rawrange.Reserved2 = value.Reserved2
+
+ for i := range value.Info {
+ rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer(
+ uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) +
+ uintptr(i*SizeofRawFileDedupeRangeInfo)))
+ rawinfo.Dest_fd = value.Info[i].Dest_fd
+ rawinfo.Dest_offset = value.Info[i].Dest_offset
+ rawinfo.Bytes_deduped = value.Info[i].Bytes_deduped
+ rawinfo.Status = value.Info[i].Status
+ rawinfo.Reserved = value.Info[i].Reserved
+ }
+
+ err := ioctl(srcFd, FIDEDUPERANGE, uintptr(unsafe.Pointer(&buf[0])))
+
+ // Output
+ for i := range value.Info {
+ rawinfo := (*RawFileDedupeRangeInfo)(unsafe.Pointer(
+ uintptr(unsafe.Pointer(&buf[0])) + uintptr(SizeofRawFileDedupeRange) +
+ uintptr(i*SizeofRawFileDedupeRangeInfo)))
+ value.Info[i].Dest_fd = rawinfo.Dest_fd
+ value.Info[i].Dest_offset = rawinfo.Dest_offset
+ value.Info[i].Bytes_deduped = rawinfo.Bytes_deduped
+ value.Info[i].Status = rawinfo.Status
+ value.Info[i].Reserved = rawinfo.Reserved
+ }
+
+ return err
+}
+
+func IoctlHIDGetDesc(fd int, value *HIDRawReportDescriptor) error {
+ err := ioctl(fd, HIDIOCGRDESC, uintptr(unsafe.Pointer(value)))
+ runtime.KeepAlive(value)
+ return err
+}
+
+func IoctlHIDGetRawInfo(fd int) (*HIDRawDevInfo, error) {
+ var value HIDRawDevInfo
+ err := ioctl(fd, HIDIOCGRAWINFO, uintptr(unsafe.Pointer(&value)))
+ return &value, err
+}
+
+func IoctlHIDGetRawName(fd int) (string, error) {
+ var value [_HIDIOCGRAWNAME_LEN]byte
+ err := ioctl(fd, _HIDIOCGRAWNAME, uintptr(unsafe.Pointer(&value[0])))
+ return ByteSliceToString(value[:]), err
+}
+
+func IoctlHIDGetRawPhys(fd int) (string, error) {
+ var value [_HIDIOCGRAWPHYS_LEN]byte
+ err := ioctl(fd, _HIDIOCGRAWPHYS, uintptr(unsafe.Pointer(&value[0])))
+ return ByteSliceToString(value[:]), err
+}
+
+func IoctlHIDGetRawUniq(fd int) (string, error) {
+ var value [_HIDIOCGRAWUNIQ_LEN]byte
+ err := ioctl(fd, _HIDIOCGRAWUNIQ, uintptr(unsafe.Pointer(&value[0])))
+ return ByteSliceToString(value[:]), err
+}
diff --git a/vendor/golang.org/x/sys/unix/ioctl_zos.go b/vendor/golang.org/x/sys/unix/ioctl_zos.go
new file mode 100644
index 00000000..5384e7d9
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ioctl_zos.go
@@ -0,0 +1,74 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+import (
+ "runtime"
+ "unsafe"
+)
+
+// ioctl itself should not be exposed directly, but additional get/set
+// functions for specific types are permissible.
+
+// IoctlSetInt performs an ioctl operation which sets an integer value
+// on fd, using the specified request number.
+func IoctlSetInt(fd int, req uint, value int) error {
+ return ioctl(fd, req, uintptr(value))
+}
+
+// IoctlSetWinsize performs an ioctl on fd with a *Winsize argument.
+//
+// To change fd's window size, the req argument should be TIOCSWINSZ.
+func IoctlSetWinsize(fd int, req uint, value *Winsize) error {
+ // TODO: if we get the chance, remove the req parameter and
+ // hardcode TIOCSWINSZ.
+ err := ioctl(fd, req, uintptr(unsafe.Pointer(value)))
+ runtime.KeepAlive(value)
+ return err
+}
+
+// IoctlSetTermios performs an ioctl on fd with a *Termios.
+//
+// The req value is expected to be TCSETS, TCSETSW, or TCSETSF
+func IoctlSetTermios(fd int, req uint, value *Termios) error {
+ if (req != TCSETS) && (req != TCSETSW) && (req != TCSETSF) {
+ return ENOSYS
+ }
+ err := Tcsetattr(fd, int(req), value)
+ runtime.KeepAlive(value)
+ return err
+}
+
+// IoctlGetInt performs an ioctl operation which gets an integer value
+// from fd, using the specified request number.
+//
+// A few ioctl requests use the return value as an output parameter;
+// for those, IoctlRetInt should be used instead of this function.
+func IoctlGetInt(fd int, req uint) (int, error) {
+ var value int
+ err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
+ return value, err
+}
+
+func IoctlGetWinsize(fd int, req uint) (*Winsize, error) {
+ var value Winsize
+ err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
+ return &value, err
+}
+
+// IoctlGetTermios performs an ioctl on fd with a *Termios.
+//
+// The req value is expected to be TCGETS
+func IoctlGetTermios(fd int, req uint) (*Termios, error) {
+ var value Termios
+ if req != TCGETS {
+ return &value, ENOSYS
+ }
+ err := Tcgetattr(fd, &value)
+ return &value, err
+}
diff --git a/vendor/golang.org/x/sys/unix/mkall.sh b/vendor/golang.org/x/sys/unix/mkall.sh
index d257fac5..396aadf8 100644
--- a/vendor/golang.org/x/sys/unix/mkall.sh
+++ b/vendor/golang.org/x/sys/unix/mkall.sh
@@ -70,23 +70,11 @@ aix_ppc64)
mksyscall="go run mksyscall_aix_ppc64.go -aix"
mktypes="GOARCH=$GOARCH go tool cgo -godefs"
;;
-darwin_386)
- mkerrors="$mkerrors -m32"
- mksyscall="go run mksyscall.go -l32"
- mktypes="GOARCH=$GOARCH go tool cgo -godefs"
- mkasm="go run mkasm_darwin.go"
- ;;
darwin_amd64)
mkerrors="$mkerrors -m64"
mktypes="GOARCH=$GOARCH go tool cgo -godefs"
mkasm="go run mkasm_darwin.go"
;;
-darwin_arm)
- mkerrors="$mkerrors"
- mksyscall="go run mksyscall.go -l32"
- mktypes="GOARCH=$GOARCH go tool cgo -godefs"
- mkasm="go run mkasm_darwin.go"
- ;;
darwin_arm64)
mkerrors="$mkerrors -m64"
mktypes="GOARCH=$GOARCH go tool cgo -godefs"
@@ -199,7 +187,7 @@ illumos_amd64)
mksyscall="go run mksyscall_solaris.go"
mkerrors=
mksysnum=
- mktypes=
+ mktypes="GOARCH=$GOARCH go tool cgo -godefs"
;;
*)
echo 'unrecognized $GOOS_$GOARCH: ' "$GOOSARCH" 1>&2
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index b8313e98..007358af 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -56,6 +56,7 @@ includes_Darwin='
#define _DARWIN_C_SOURCE
#define KERNEL
#define _DARWIN_USE_64_BIT_INODE
+#define __APPLE_USE_RFC_3542
#include
#include
#include
@@ -65,6 +66,7 @@ includes_Darwin='
#include
#include
#include
+#include
#include
#include
#include
@@ -114,6 +116,7 @@ includes_FreeBSD='
#include
#include
#include
+#include
#include
#include
#include
@@ -213,6 +216,8 @@ struct ltchars {
#include
#include
#include
+#include
+#include
#include
#include
#include
@@ -223,6 +228,7 @@ struct ltchars {
#include
#include
#include
+#include
#include
#include
#include
@@ -299,6 +305,17 @@ struct ltchars {
// Including linux/l2tp.h here causes conflicts between linux/in.h
// and netinet/in.h included via net/route.h above.
#define IPPROTO_L2TP 115
+
+// Copied from linux/hid.h.
+// Keep in sync with the size of the referenced fields.
+#define _HIDIOCGRAWNAME_LEN 128 // sizeof_field(struct hid_device, name)
+#define _HIDIOCGRAWPHYS_LEN 64 // sizeof_field(struct hid_device, phys)
+#define _HIDIOCGRAWUNIQ_LEN 64 // sizeof_field(struct hid_device, uniq)
+
+#define _HIDIOCGRAWNAME HIDIOCGRAWNAME(_HIDIOCGRAWNAME_LEN)
+#define _HIDIOCGRAWPHYS HIDIOCGRAWPHYS(_HIDIOCGRAWPHYS_LEN)
+#define _HIDIOCGRAWUNIQ HIDIOCGRAWUNIQ(_HIDIOCGRAWUNIQ_LEN)
+
'
includes_NetBSD='
@@ -388,10 +405,11 @@ includes_SunOS='
#include
#include
#include
+#include
#include
-#include
#include
#include
+#include
'
@@ -446,6 +464,8 @@ ccflags="$@"
$2 !~ /^EPROC_/ &&
$2 !~ /^EQUIV_/ &&
$2 !~ /^EXPR_/ &&
+ $2 !~ /^EVIOC/ &&
+ $2 !~ /^EV_/ &&
$2 ~ /^E[A-Z0-9_]+$/ ||
$2 ~ /^B[0-9_]+$/ ||
$2 ~ /^(OLD|NEW)DEV$/ ||
@@ -480,10 +500,10 @@ ccflags="$@"
$2 ~ /^LOCK_(SH|EX|NB|UN)$/ ||
$2 ~ /^LO_(KEY|NAME)_SIZE$/ ||
$2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ ||
- $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|ICMP6|TCP|MCAST|EVFILT|NOTE|EV|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR)_/ ||
+ $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL)_/ ||
$2 ~ /^TP_STATUS_/ ||
$2 ~ /^FALLOC_/ ||
- $2 == "ICMPV6_FILTER" ||
+ $2 ~ /^ICMPV?6?_(FILTER|SEC)/ ||
$2 == "SOMAXCONN" ||
$2 == "NAME_MAX" ||
$2 == "IFNAMSIZ" ||
@@ -570,6 +590,9 @@ ccflags="$@"
$2 ~ /^W[A-Z0-9]+$/ ||
$2 ~/^PPPIOC/ ||
$2 ~ /^FAN_|FANOTIFY_/ ||
+ $2 == "HID_MAX_DESCRIPTOR_SIZE" ||
+ $2 ~ /^_?HIDIOC/ ||
+ $2 ~ /^BUS_(USB|HIL|BLUETOOTH|VIRTUAL)$/ ||
$2 ~ /^BLK[A-Z]*(GET$|SET$|BUF$|PART$|SIZE)/ {printf("\t%s = C.%s\n", $2, $2)}
$2 ~ /^__WCOREFLAG$/ {next}
$2 ~ /^__W[A-Z0-9]+$/ {printf("\t%s = C.%s\n", substr($2,3), $2)}
@@ -607,6 +630,7 @@ echo '#include ' | $CC -x c - -E -dM $ccflags |
echo '// mkerrors.sh' "$@"
echo '// Code generated by the command above; see README.md. DO NOT EDIT.'
echo
+echo "//go:build ${GOARCH} && ${GOOS}"
echo "// +build ${GOARCH},${GOOS}"
echo
go tool cgo -godefs -- "$@" _const.go >_error.out
diff --git a/vendor/golang.org/x/sys/unix/pagesize_unix.go b/vendor/golang.org/x/sys/unix/pagesize_unix.go
index bc2f3629..53f1b4c5 100644
--- a/vendor/golang.org/x/sys/unix/pagesize_unix.go
+++ b/vendor/golang.org/x/sys/unix/pagesize_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
// For Unix, get the pagesize from the runtime.
diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
index fc568b54..463c3eff 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_darwin.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin && !ios
// +build darwin,!ios
package unix
diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go
index 183441c9..ed0509a0 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_ios.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build ios
// +build ios
package unix
diff --git a/vendor/golang.org/x/sys/unix/race.go b/vendor/golang.org/x/sys/unix/race.go
index 61712b51..6f6c5fec 100644
--- a/vendor/golang.org/x/sys/unix/race.go
+++ b/vendor/golang.org/x/sys/unix/race.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin && race) || (linux && race) || (freebsd && race)
// +build darwin,race linux,race freebsd,race
package unix
diff --git a/vendor/golang.org/x/sys/unix/race0.go b/vendor/golang.org/x/sys/unix/race0.go
index ad026678..706e1322 100644
--- a/vendor/golang.org/x/sys/unix/race0.go
+++ b/vendor/golang.org/x/sys/unix/race0.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin,!race linux,!race freebsd,!race netbsd openbsd solaris dragonfly
+//go:build aix || (darwin && !race) || (linux && !race) || (freebsd && !race) || netbsd || openbsd || solaris || dragonfly || zos
+// +build aix darwin,!race linux,!race freebsd,!race netbsd openbsd solaris dragonfly zos
package unix
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdents.go b/vendor/golang.org/x/sys/unix/readdirent_getdents.go
index 3a90aa6d..4d625756 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdents.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdents.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || dragonfly || freebsd || linux || netbsd || openbsd
// +build aix dragonfly freebsd linux netbsd openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
index 5fdae40b..2a4ba47c 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin
// +build darwin
package unix
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_unix.go b/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
index 003916ed..453a942c 100644
--- a/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
// Socket control messages
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go b/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
index 57a0021d..0840fe4a 100644
--- a/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin freebsd linux netbsd openbsd solaris zos
package unix
@@ -36,6 +37,10 @@ func cmsgAlignOf(salen int) int {
if runtime.GOOS == "netbsd" && runtime.GOARCH == "arm64" {
salign = 16
}
+ case "zos":
+ // z/OS socket macros use [32-bit] sizeof(int) alignment,
+ // not pointer width.
+ salign = SizeofInt
}
return (salen + salign - 1) & ^(salign - 1)
diff --git a/vendor/golang.org/x/sys/unix/str.go b/vendor/golang.org/x/sys/unix/str.go
index 17fb6986..8ba89ed8 100644
--- a/vendor/golang.org/x/sys/unix/str.go
+++ b/vendor/golang.org/x/sys/unix/str.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall.go b/vendor/golang.org/x/sys/unix/syscall.go
index ab75ef9c..649fa874 100644
--- a/vendor/golang.org/x/sys/unix/syscall.go
+++ b/vendor/golang.org/x/sys/unix/syscall.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
// Package unix contains an interface to the low-level operating system
// primitives. OS details vary depending on the underlying system, and
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index 44081538..d8efb715 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix
// +build aix
// Aix system calls.
@@ -251,7 +252,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
}
}
- bytes := (*[10000]byte)(unsafe.Pointer(&pp.Path[0]))[0:n]
+ bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n]
sa.Name = string(bytes)
return sa, nil
@@ -419,8 +420,8 @@ func (w WaitStatus) TrapCause() int { return -1 }
//sys Mknod(path string, mode uint32, dev int) (err error)
//sys Mknodat(dirfd int, path string, mode uint32, dev int) (err error)
//sys Nanosleep(time *Timespec, leftover *Timespec) (err error)
-//sys Open(path string, mode int, perm uint32) (fd int, err error) = open64
-//sys Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error)
+//sys Open(path string, mode int, perm uint32) (fd int, err error) = open64
+//sys Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error)
//sys read(fd int, p []byte) (n int, err error)
//sys Readlink(path string, buf []byte) (n int, err error)
//sys Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error)
@@ -439,8 +440,8 @@ func (w WaitStatus) TrapCause() int { return -1 }
//sysnb Times(tms *Tms) (ticks uintptr, err error)
//sysnb Umask(mask int) (oldmask int)
//sysnb Uname(buf *Utsname) (err error)
-//sys Unlink(path string) (err error)
-//sys Unlinkat(dirfd int, path string, flags int) (err error)
+//sys Unlink(path string) (err error)
+//sys Unlinkat(dirfd int, path string, flags int) (err error)
//sys Ustat(dev int, ubuf *Ustat_t) (err error)
//sys write(fd int, p []byte) (n int, err error)
//sys readlen(fd int, p *byte, np int) (n int, err error) = read
@@ -514,7 +515,7 @@ func Munmap(b []byte) (err error) {
//sys Munlock(b []byte) (err error)
//sys Munlockall() (err error)
-//sysnb pipe(p *[2]_C_int) (err error)
+//sysnb pipe(p *[2]_C_int) (err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
index b3c8e330..e92a0be1 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix
-// +build ppc
+//go:build aix && ppc
+// +build aix,ppc
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
index 9a6e0241..16eed170 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix
-// +build ppc64
+//go:build aix && ppc64
+// +build aix,ppc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go
index bc634a28..95ac3946 100644
--- a/vendor/golang.org/x/sys/unix/syscall_bsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin || dragonfly || freebsd || netbsd || openbsd
// +build darwin dragonfly freebsd netbsd openbsd
// BSD system call wrappers shared by *BSD based systems
@@ -318,7 +319,7 @@ func Getsockname(fd int) (sa Sockaddr, err error) {
return anyToSockaddr(fd, &rsa)
}
-//sysnb socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
+//sysnb socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
// GetsockoptString returns the string value of the socket option opt for the
// socket associated with fd at the given socket level.
@@ -332,8 +333,8 @@ func GetsockoptString(fd, level, opt int) (string, error) {
return string(buf[:vallen-1]), nil
}
-//sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error)
-//sys sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error)
+//sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error)
+//sys sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error)
//sys recvmsg(s int, msg *Msghdr, flags int) (n int, err error)
func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) {
@@ -626,7 +627,7 @@ func Futimes(fd int, tv []Timeval) error {
return futimes(fd, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
}
-//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
+//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
func Poll(fds []PollFd, timeout int) (n int, err error) {
if len(fds) == 0 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go b/vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
index b31ef035..b0098607 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.1_12.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin && go1.12 && !go1.13
// +build darwin,go1.12,!go1.13
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
index ee852f1a..1596426b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.1_13.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin && go1.13
// +build darwin,go1.13
package unix
@@ -16,7 +17,7 @@ import (
//sys readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno)
func fdopendir(fd int) (dir uintptr, err error) {
- r0, _, e1 := syscall_syscallPtr(funcPC(libc_fdopendir_trampoline), uintptr(fd), 0, 0)
+ r0, _, e1 := syscall_syscallPtr(libc_fdopendir_trampoline_addr, uintptr(fd), 0, 0)
dir = uintptr(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -24,7 +25,7 @@ func fdopendir(fd int) (dir uintptr, err error) {
return
}
-func libc_fdopendir_trampoline()
+var libc_fdopendir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fdopendir fdopendir "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 16f9c226..9945e5f9 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -119,7 +119,7 @@ type attrList struct {
Forkattr uint32
}
-//sysnb pipe(p *[2]int32) (err error)
+//sysnb pipe(p *[2]int32) (err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -272,7 +272,7 @@ func setattrlistTimes(path string, times []Timespec, flags int) error {
options)
}
-//sys setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error)
+//sys setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error)
func utimensat(dirfd int, path string, times *[2]Timespec, flags int) error {
// Darwin doesn't support SYS_UTIMENSAT
@@ -320,7 +320,7 @@ func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error {
return err
}
-//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL
+//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL
func Uname(uname *Utsname) error {
mib := []_C_int{CTL_KERN, KERN_OSTYPE}
@@ -378,6 +378,26 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
return
}
+func GetsockoptIPMreqn(fd, level, opt int) (*IPMreqn, error) {
+ var value IPMreqn
+ vallen := _Socklen(SizeofIPMreqn)
+ errno := getsockopt(fd, level, opt, unsafe.Pointer(&value), &vallen)
+ return &value, errno
+}
+
+func SetsockoptIPMreqn(fd, level, opt int, mreq *IPMreqn) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(mreq), unsafe.Sizeof(*mreq))
+}
+
+// GetsockoptXucred is a getsockopt wrapper that returns an Xucred struct.
+// The usual level and opt are SOL_LOCAL and LOCAL_PEERCRED, respectively.
+func GetsockoptXucred(fd, level, opt int) (*Xucred, error) {
+ x := new(Xucred)
+ vallen := _Socklen(SizeofXucred)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(x), &vallen)
+ return x, err
+}
+
//sys sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error)
/*
@@ -472,8 +492,8 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Unlinkat(dirfd int, path string, flags int) (err error)
//sys Unmount(path string, flags int) (err error)
//sys write(fd int, p []byte) (n int, err error)
-//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
-//sys munmap(addr uintptr, length uintptr) (err error)
+//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
+//sys munmap(addr uintptr, length uintptr) (err error)
//sys readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
//sys writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go b/vendor/golang.org/x/sys/unix/syscall_darwin_386.go
deleted file mode 100644
index ee065fcf..00000000
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_386.go
+++ /dev/null
@@ -1,50 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build 386,darwin
-
-package unix
-
-import "syscall"
-
-func setTimespec(sec, nsec int64) Timespec {
- return Timespec{Sec: int32(sec), Nsec: int32(nsec)}
-}
-
-func setTimeval(sec, usec int64) Timeval {
- return Timeval{Sec: int32(sec), Usec: int32(usec)}
-}
-
-func SetKevent(k *Kevent_t, fd, mode, flags int) {
- k.Ident = uint32(fd)
- k.Filter = int16(mode)
- k.Flags = uint16(flags)
-}
-
-func (iov *Iovec) SetLen(length int) {
- iov.Len = uint32(length)
-}
-
-func (msghdr *Msghdr) SetControllen(length int) {
- msghdr.Controllen = uint32(length)
-}
-
-func (msghdr *Msghdr) SetIovlen(length int) {
- msghdr.Iovlen = int32(length)
-}
-
-func (cmsg *Cmsghdr) SetLen(length int) {
- cmsg.Len = uint32(length)
-}
-
-func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno)
-
-//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
-//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
-//sys Fstatfs(fd int, stat *Statfs_t) (err error) = SYS_FSTATFS64
-//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
-//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
-//sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace
-//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
-//sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
index 7a1f64a7..b37310ce 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && darwin
// +build amd64,darwin
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go
deleted file mode 100644
index d30735c5..00000000
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm.go
+++ /dev/null
@@ -1,51 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package unix
-
-import "syscall"
-
-func ptrace1(request int, pid int, addr uintptr, data uintptr) error {
- return ENOTSUP
-}
-
-func setTimespec(sec, nsec int64) Timespec {
- return Timespec{Sec: int32(sec), Nsec: int32(nsec)}
-}
-
-func setTimeval(sec, usec int64) Timeval {
- return Timeval{Sec: int32(sec), Usec: int32(usec)}
-}
-
-func SetKevent(k *Kevent_t, fd, mode, flags int) {
- k.Ident = uint32(fd)
- k.Filter = int16(mode)
- k.Flags = uint16(flags)
-}
-
-func (iov *Iovec) SetLen(length int) {
- iov.Len = uint32(length)
-}
-
-func (msghdr *Msghdr) SetControllen(length int) {
- msghdr.Controllen = uint32(length)
-}
-
-func (msghdr *Msghdr) SetIovlen(length int) {
- msghdr.Iovlen = int32(length)
-}
-
-func (cmsg *Cmsghdr) SetLen(length int) {
- cmsg.Len = uint32(length)
-}
-
-func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) // sic
-
-//sys Fstat(fd int, stat *Stat_t) (err error)
-//sys Fstatat(fd int, path string, stat *Stat_t, flags int) (err error)
-//sys Fstatfs(fd int, stat *Statfs_t) (err error)
-//sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT
-//sys Lstat(path string, stat *Stat_t) (err error)
-//sys Stat(path string, stat *Stat_t) (err error)
-//sys Statfs(path string, stat *Statfs_t) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
index 9f85fd40..d51ec996 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm64 && darwin
// +build arm64,darwin
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
index f34c86c8..53c96641 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
@@ -2,11 +2,12 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build darwin && go1.12
// +build darwin,go1.12
package unix
-import "unsafe"
+import _ "unsafe"
// Implemented in the runtime package (runtime/sys_darwin.go)
func syscall_syscall(fn, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
@@ -24,10 +25,3 @@ func syscall_syscallPtr(fn, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
//go:linkname syscall_rawSyscall syscall.rawSyscall
//go:linkname syscall_rawSyscall6 syscall.rawSyscall6
//go:linkname syscall_syscallPtr syscall.syscallPtr
-
-// Find the entry point for f. See comments in runtime/proc.go for the
-// function of the same name.
-//go:nosplit
-func funcPC(f func()) uintptr {
- return **(**uintptr)(unsafe.Pointer(&f))
-}
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
index a4f2944a..5af108a5 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
@@ -95,7 +95,7 @@ func direntNamlen(buf []byte) (uint64, bool) {
return readInt(buf, unsafe.Offsetof(Dirent{}.Namlen), unsafe.Sizeof(Dirent{}.Namlen))
}
-//sysnb pipe() (r int, w int, err error)
+//sysnb pipe() (r int, w int, err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -105,16 +105,16 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (r int, w int, err error)
-func Pipe2(p []int, flags int) error {
+func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
return EINVAL
}
var pp [2]_C_int
- err := pipe2(&pp, flags)
- p[0] = int(pp[0])
- p[1] = int(pp[1])
+ // pipe2 on dragonfly takes an fds array as an argument, but still
+ // returns the file descriptors.
+ p[0], p[1], err = pipe2(&pp, flags)
return err
}
@@ -170,7 +170,7 @@ func setattrlistTimes(path string, times []Timespec, flags int) error {
//sys ioctl(fd int, req uint, arg uintptr) (err error)
-//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
+//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
func sysctlUname(mib []_C_int, old *byte, oldlen *uintptr) error {
err := sysctl(mib, old, oldlen, nil, 0)
@@ -337,8 +337,8 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Unlinkat(dirfd int, path string, flags int) (err error)
//sys Unmount(path string, flags int) (err error)
//sys write(fd int, p []byte) (n int, err error)
-//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
-//sys munmap(addr uintptr, length uintptr) (err error)
+//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
+//sys munmap(addr uintptr, length uintptr) (err error)
//sys readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
//sys writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
//sys accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
index a6b4830a..4e2d3212 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && dragonfly
// +build amd64,dragonfly
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
index acc00c2e..18c392cf 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
@@ -126,6 +126,15 @@ func SetsockoptIPMreqn(fd, level, opt int, mreq *IPMreqn) (err error) {
return setsockopt(fd, level, opt, unsafe.Pointer(mreq), unsafe.Sizeof(*mreq))
}
+// GetsockoptXucred is a getsockopt wrapper that returns an Xucred struct.
+// The usual level and opt are SOL_LOCAL and LOCAL_PEERCRED, respectively.
+func GetsockoptXucred(fd, level, opt int) (*Xucred, error) {
+ x := new(Xucred)
+ vallen := _Socklen(SizeofXucred)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(x), &vallen)
+ return x, err
+}
+
func Accept4(fd, flags int) (nfd int, sa Sockaddr, err error) {
var rsa RawSockaddrAny
var len _Socklen = SizeofSockaddrAny
@@ -188,9 +197,9 @@ func setattrlistTimes(path string, times []Timespec, flags int) error {
return ENOSYS
}
-//sys ioctl(fd int, req uint, arg uintptr) (err error)
+//sys ioctl(fd int, req uint, arg uintptr) (err error)
-//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
+//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
func Uname(uname *Utsname) error {
mib := []_C_int{CTL_KERN, KERN_OSTYPE}
@@ -665,8 +674,8 @@ func PtraceSingleStep(pid int) (err error) {
//sys Unlinkat(dirfd int, path string, flags int) (err error)
//sys Unmount(path string, flags int) (err error)
//sys write(fd int, p []byte) (n int, err error)
-//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
-//sys munmap(addr uintptr, length uintptr) (err error)
+//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
+//sys munmap(addr uintptr, length uintptr) (err error)
//sys readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
//sys writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
//sys accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
index 72a506dd..342fc32b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build 386 && freebsd
// +build 386,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
index d5e376ac..a32d5aa4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && freebsd
// +build amd64,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
index 4ea45bce..1e36d39a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm && freebsd
// +build arm,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
index aa5326db..a09a1537 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm64 && freebsd
// +build arm64,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_illumos.go b/vendor/golang.org/x/sys/unix/syscall_illumos.go
index 7a2d4120..8c535768 100644
--- a/vendor/golang.org/x/sys/unix/syscall_illumos.go
+++ b/vendor/golang.org/x/sys/unix/syscall_illumos.go
@@ -1,14 +1,19 @@
-// Copyright 2009 The Go Authors. All rights reserved.
+// Copyright 2021 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// illumos system calls not present on Solaris.
+//go:build amd64 && illumos
// +build amd64,illumos
package unix
-import "unsafe"
+import (
+ "fmt"
+ "runtime"
+ "unsafe"
+)
func bytes2iovec(bs [][]byte) []Iovec {
iovecs := make([]Iovec, len(bs))
@@ -75,3 +80,99 @@ func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) {
}
return
}
+
+//sys putmsg(fd int, clptr *strbuf, dataptr *strbuf, flags int) (err error)
+
+func Putmsg(fd int, cl []byte, data []byte, flags int) (err error) {
+ var clp, datap *strbuf
+ if len(cl) > 0 {
+ clp = &strbuf{
+ Len: int32(len(cl)),
+ Buf: (*int8)(unsafe.Pointer(&cl[0])),
+ }
+ }
+ if len(data) > 0 {
+ datap = &strbuf{
+ Len: int32(len(data)),
+ Buf: (*int8)(unsafe.Pointer(&data[0])),
+ }
+ }
+ return putmsg(fd, clp, datap, flags)
+}
+
+//sys getmsg(fd int, clptr *strbuf, dataptr *strbuf, flags *int) (err error)
+
+func Getmsg(fd int, cl []byte, data []byte) (retCl []byte, retData []byte, flags int, err error) {
+ var clp, datap *strbuf
+ if len(cl) > 0 {
+ clp = &strbuf{
+ Maxlen: int32(len(cl)),
+ Buf: (*int8)(unsafe.Pointer(&cl[0])),
+ }
+ }
+ if len(data) > 0 {
+ datap = &strbuf{
+ Maxlen: int32(len(data)),
+ Buf: (*int8)(unsafe.Pointer(&data[0])),
+ }
+ }
+
+ if err = getmsg(fd, clp, datap, &flags); err != nil {
+ return nil, nil, 0, err
+ }
+
+ if len(cl) > 0 {
+ retCl = cl[:clp.Len]
+ }
+ if len(data) > 0 {
+ retData = data[:datap.Len]
+ }
+ return retCl, retData, flags, nil
+}
+
+func IoctlSetIntRetInt(fd int, req uint, arg int) (int, error) {
+ return ioctlRet(fd, req, uintptr(arg))
+}
+
+func IoctlSetString(fd int, req uint, val string) error {
+ bs := make([]byte, len(val)+1)
+ copy(bs[:len(bs)-1], val)
+ err := ioctl(fd, req, uintptr(unsafe.Pointer(&bs[0])))
+ runtime.KeepAlive(&bs[0])
+ return err
+}
+
+// Lifreq Helpers
+
+func (l *Lifreq) SetName(name string) error {
+ if len(name) >= len(l.Name) {
+ return fmt.Errorf("name cannot be more than %d characters", len(l.Name)-1)
+ }
+ for i := range name {
+ l.Name[i] = int8(name[i])
+ }
+ return nil
+}
+
+func (l *Lifreq) SetLifruInt(d int) {
+ *(*int)(unsafe.Pointer(&l.Lifru[0])) = d
+}
+
+func (l *Lifreq) GetLifruInt() int {
+ return *(*int)(unsafe.Pointer(&l.Lifru[0]))
+}
+
+func IoctlLifreq(fd int, req uint, l *Lifreq) error {
+ return ioctl(fd, req, uintptr(unsafe.Pointer(l)))
+}
+
+// Strioctl Helpers
+
+func (s *Strioctl) SetInt(i int) {
+ s.Len = int32(unsafe.Sizeof(i))
+ s.Dp = (*int8)(unsafe.Pointer(&i))
+}
+
+func IoctlSetStrioctlRetInt(fd int, req uint, s *Strioctl) (int, error) {
+ return ioctlRet(fd, req, uintptr(unsafe.Pointer(s)))
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 28be1306..2dd7c8e3 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -70,88 +70,7 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
// ioctl itself should not be exposed directly, but additional get/set
// functions for specific types are permissible.
-
-// IoctlRetInt performs an ioctl operation specified by req on a device
-// associated with opened file descriptor fd, and returns a non-negative
-// integer that is returned by the ioctl syscall.
-func IoctlRetInt(fd int, req uint) (int, error) {
- ret, _, err := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), 0)
- if err != 0 {
- return 0, err
- }
- return int(ret), nil
-}
-
-func IoctlSetRTCTime(fd int, value *RTCTime) error {
- err := ioctl(fd, RTC_SET_TIME, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
-}
-
-func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error {
- err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
-}
-
-func IoctlGetUint32(fd int, req uint) (uint32, error) {
- var value uint32
- err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
- return value, err
-}
-
-func IoctlGetRTCTime(fd int) (*RTCTime, error) {
- var value RTCTime
- err := ioctl(fd, RTC_RD_TIME, uintptr(unsafe.Pointer(&value)))
- return &value, err
-}
-
-// IoctlGetWatchdogInfo fetches information about a watchdog device from the
-// Linux watchdog API. For more information, see:
-// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
-func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) {
- var value WatchdogInfo
- err := ioctl(fd, WDIOC_GETSUPPORT, uintptr(unsafe.Pointer(&value)))
- return &value, err
-}
-
-func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) {
- var value RTCWkAlrm
- err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value)))
- return &value, err
-}
-
-// IoctlFileCloneRange performs an FICLONERANGE ioctl operation to clone the
-// range of data conveyed in value to the file associated with the file
-// descriptor destFd. See the ioctl_ficlonerange(2) man page for details.
-func IoctlFileCloneRange(destFd int, value *FileCloneRange) error {
- err := ioctl(destFd, FICLONERANGE, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
-}
-
-// IoctlFileClone performs an FICLONE ioctl operation to clone the entire file
-// associated with the file description srcFd to the file associated with the
-// file descriptor destFd. See the ioctl_ficlone(2) man page for details.
-func IoctlFileClone(destFd, srcFd int) error {
- return ioctl(destFd, FICLONE, uintptr(srcFd))
-}
-
-// IoctlFileDedupeRange performs an FIDEDUPERANGE ioctl operation to share the
-// range of data conveyed in value with the file associated with the file
-// descriptor destFd. See the ioctl_fideduperange(2) man page for details.
-func IoctlFileDedupeRange(destFd int, value *FileDedupeRange) error {
- err := ioctl(destFd, FIDEDUPERANGE, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
-}
-
-// IoctlWatchdogKeepalive issues a keepalive ioctl to a watchdog device. For
-// more information, see:
-// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
-func IoctlWatchdogKeepalive(fd int) error {
- return ioctl(fd, WDIOC_KEEPALIVE, 0)
-}
+// These are defined in ioctl.go and ioctl_linux.go.
//sys Linkat(olddirfd int, oldpath string, newdirfd int, newpath string, flags int) (err error)
@@ -778,16 +697,19 @@ type SockaddrVM struct {
// CID and Port specify a context ID and port address for a VM socket.
// Guests have a unique CID, and hosts may have a well-known CID of:
// - VMADDR_CID_HYPERVISOR: refers to the hypervisor process.
+ // - VMADDR_CID_LOCAL: refers to local communication (loopback).
// - VMADDR_CID_HOST: refers to other processes on the host.
- CID uint32
- Port uint32
- raw RawSockaddrVM
+ CID uint32
+ Port uint32
+ Flags uint8
+ raw RawSockaddrVM
}
func (sa *SockaddrVM) sockaddr() (unsafe.Pointer, _Socklen, error) {
sa.raw.Family = AF_VSOCK
sa.raw.Port = sa.Port
sa.raw.Cid = sa.CID
+ sa.raw.Flags = sa.Flags
return unsafe.Pointer(&sa.raw), SizeofSockaddrVM, nil
}
@@ -1092,8 +1014,9 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
case AF_VSOCK:
pp := (*RawSockaddrVM)(unsafe.Pointer(rsa))
sa := &SockaddrVM{
- CID: pp.Cid,
- Port: pp.Port,
+ CID: pp.Cid,
+ Port: pp.Port,
+ Flags: pp.Flags,
}
return sa, nil
case AF_BLUETOOTH:
@@ -1228,7 +1151,11 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) {
func Accept(fd int) (nfd int, sa Sockaddr, err error) {
var rsa RawSockaddrAny
var len _Socklen = SizeofSockaddrAny
- nfd, err = accept(fd, &rsa, &len)
+ // Try accept4 first for Android, then try accept for kernel older than 2.6.28
+ nfd, err = accept4(fd, &rsa, &len, 0)
+ if err == ENOSYS {
+ nfd, err = accept(fd, &rsa, &len)
+ }
if err != nil {
return
}
@@ -1482,8 +1409,8 @@ func KeyctlRestrictKeyring(ringid int, keyType string, restriction string) error
return keyctlRestrictKeyringByType(KEYCTL_RESTRICT_KEYRING, ringid, keyType, restriction)
}
-//sys keyctlRestrictKeyringByType(cmd int, arg2 int, keyType string, restriction string) (err error) = SYS_KEYCTL
-//sys keyctlRestrictKeyring(cmd int, arg2 int) (err error) = SYS_KEYCTL
+//sys keyctlRestrictKeyringByType(cmd int, arg2 int, keyType string, restriction string) (err error) = SYS_KEYCTL
+//sys keyctlRestrictKeyring(cmd int, arg2 int) (err error) = SYS_KEYCTL
func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) {
var msg Msghdr
@@ -1798,6 +1725,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys ClockGettime(clockid int32, time *Timespec) (err error)
//sys ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error)
//sys Close(fd int) (err error)
+//sys CloseRange(first uint, last uint, flags uint) (err error)
//sys CopyFileRange(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error)
//sys DeleteModule(name string, flags int) (err error)
//sys Dup(oldfd int) (fd int, err error)
@@ -1860,8 +1788,8 @@ func Getpgrp() (pid int) {
//sys Nanosleep(time *Timespec, leftover *Timespec) (err error)
//sys PerfEventOpen(attr *PerfEventAttr, pid int, cpu int, groupFd int, flags int) (fd int, err error)
//sys PivotRoot(newroot string, putold string) (err error) = SYS_PIVOT_ROOT
-//sysnb prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT64
-//sys Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error)
+//sysnb prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT64
+//sys Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error)
//sys Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) = SYS_PSELECT6
//sys read(fd int, p []byte) (n int, err error)
//sys Removexattr(path string, attr string) (err error)
@@ -1934,9 +1862,9 @@ func Signalfd(fd int, sigmask *Sigset_t, flags int) (newfd int, err error) {
//sys Syncfs(fd int) (err error)
//sysnb Sysinfo(info *Sysinfo_t) (err error)
//sys Tee(rfd int, wfd int, len int, flags int) (n int64, err error)
-//sysnb TimerfdCreate(clockid int, flags int) (fd int, err error)
-//sysnb TimerfdGettime(fd int, currValue *ItimerSpec) (err error)
-//sysnb TimerfdSettime(fd int, flags int, newValue *ItimerSpec, oldValue *ItimerSpec) (err error)
+//sysnb TimerfdCreate(clockid int, flags int) (fd int, err error)
+//sysnb TimerfdGettime(fd int, currValue *ItimerSpec) (err error)
+//sysnb TimerfdSettime(fd int, flags int, newValue *ItimerSpec, oldValue *ItimerSpec) (err error)
//sysnb Tgkill(tgid int, tid int, sig syscall.Signal) (err error)
//sysnb Times(tms *Tms) (ticks uintptr, err error)
//sysnb Umask(mask int) (oldmask int)
@@ -2196,8 +2124,8 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
return EACCES
}
-//sys nameToHandleAt(dirFD int, pathname string, fh *fileHandle, mountID *_C_int, flags int) (err error) = SYS_NAME_TO_HANDLE_AT
-//sys openByHandleAt(mountFD int, fh *fileHandle, flags int) (fd int, err error) = SYS_OPEN_BY_HANDLE_AT
+//sys nameToHandleAt(dirFD int, pathname string, fh *fileHandle, mountID *_C_int, flags int) (err error) = SYS_NAME_TO_HANDLE_AT
+//sys openByHandleAt(mountFD int, fh *fileHandle, flags int) (fd int, err error) = SYS_OPEN_BY_HANDLE_AT
// fileHandle is the argument to nameToHandleAt and openByHandleAt. We
// originally tried to generate it via unix/linux/types.go with "type
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
index c97c2ee5..7b52e5d8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build 386 && linux
// +build 386,linux
package unix
@@ -31,7 +32,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
@@ -98,7 +99,7 @@ type rlimit32 struct {
Max uint32
}
-//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_GETRLIMIT
+//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_GETRLIMIT
const rlimInf32 = ^uint32(0)
const rlimInf64 = ^uint64(0)
@@ -129,7 +130,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
return
}
-//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
+//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
err = prlimit(0, resource, rlim, nil)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
index 72efe86e..28b76411 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && linux
// +build amd64,linux
package unix
@@ -138,7 +139,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
index baa771f8..8b0f0f3a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
@@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build amd64,linux
-// +build gc
+//go:build amd64 && linux && gc
+// +build amd64,linux,gc
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
index 496837b1..68877728 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm && linux
// +build arm,linux
package unix
@@ -35,7 +36,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
@@ -129,8 +130,8 @@ func Utime(path string, buf *Utimbuf) error {
//sys utimes(path string, times *[2]Timeval) (err error)
-//sys Pread(fd int, p []byte, offset int64) (n int, err error) = SYS_PREAD64
-//sys Pwrite(fd int, p []byte, offset int64) (n int, err error) = SYS_PWRITE64
+//sys Pread(fd int, p []byte, offset int64) (n int, err error) = SYS_PREAD64
+//sys Pwrite(fd int, p []byte, offset int64) (n int, err error) = SYS_PWRITE64
//sys Truncate(path string, length int64) (err error) = SYS_TRUNCATE64
//sys Ftruncate(fd int, length int64) (err error) = SYS_FTRUNCATE64
@@ -177,7 +178,7 @@ type rlimit32 struct {
Max uint32
}
-//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_UGETRLIMIT
+//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_UGETRLIMIT
const rlimInf32 = ^uint32(0)
const rlimInf64 = ^uint64(0)
@@ -208,7 +209,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
return
}
-//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
+//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
err = prlimit(0, resource, rlim, nil)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index c6de6b91..7ed70347 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm64 && linux
// +build arm64,linux
package unix
@@ -155,7 +156,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
index 9edf3961..2b1168d7 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && gc
// +build linux,gc
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
index 90e33d8c..9843fb48 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && gc && 386
// +build linux,gc,386
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
index 1a97baae..a6008fcc 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm && gc && linux
// +build arm,gc,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
index 308eb7ae..7740af24 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && gccgo && 386
// +build linux,gccgo,386
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
index aa7fc9e1..e16a1229 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && gccgo && arm
// +build linux,gccgo,arm
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
index f0287476..06dec06f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (mips64 || mips64le)
// +build linux
// +build mips64 mips64le
@@ -104,7 +105,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
index c1132811..8f0d0a5b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (mips || mipsle)
// +build linux
// +build mips mipsle
@@ -112,7 +113,7 @@ func setTimeval(sec, usec int64) Timeval {
return Timeval{Sec: int32(sec), Usec: int32(usec)}
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
@@ -125,7 +126,7 @@ func Pipe2(p []int, flags int) (err error) {
return
}
-//sysnb pipe() (p1 int, p2 int, err error)
+//sysnb pipe() (p1 int, p2 int, err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -153,7 +154,7 @@ type rlimit32 struct {
Max uint32
}
-//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_GETRLIMIT
+//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_GETRLIMIT
func Getrlimit(resource int, rlim *Rlimit) (err error) {
err = prlimit(0, resource, nil, rlim)
@@ -181,7 +182,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
return
}
-//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
+//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
err = prlimit(0, resource, rlim, nil)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
new file mode 100644
index 00000000..7e65e088
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
@@ -0,0 +1,272 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux && ppc
+// +build linux
+// +build ppc
+
+package unix
+
+import (
+ "syscall"
+ "unsafe"
+)
+
+//sys dup2(oldfd int, newfd int) (err error)
+//sysnb EpollCreate(size int) (fd int, err error)
+//sys EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error)
+//sys Fchown(fd int, uid int, gid int) (err error)
+//sys Fstat(fd int, stat *Stat_t) (err error) = SYS_FSTAT64
+//sys Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) = SYS_FSTATAT64
+//sys Ftruncate(fd int, length int64) (err error) = SYS_FTRUNCATE64
+//sysnb Getegid() (egid int)
+//sysnb Geteuid() (euid int)
+//sysnb Getgid() (gid int)
+//sysnb Getuid() (uid int)
+//sysnb InotifyInit() (fd int, err error)
+//sys Ioperm(from int, num int, on int) (err error)
+//sys Iopl(level int) (err error)
+//sys Lchown(path string, uid int, gid int) (err error)
+//sys Listen(s int, n int) (err error)
+//sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
+//sys Pause() (err error)
+//sys Pread(fd int, p []byte, offset int64) (n int, err error) = SYS_PREAD64
+//sys Pwrite(fd int, p []byte, offset int64) (n int, err error) = SYS_PWRITE64
+//sys Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error)
+//sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) = SYS__NEWSELECT
+//sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) = SYS_SENDFILE64
+//sys setfsgid(gid int) (prev int, err error)
+//sys setfsuid(uid int) (prev int, err error)
+//sysnb Setregid(rgid int, egid int) (err error)
+//sysnb Setresgid(rgid int, egid int, sgid int) (err error)
+//sysnb Setresuid(ruid int, euid int, suid int) (err error)
+//sysnb Setreuid(ruid int, euid int) (err error)
+//sys Shutdown(fd int, how int) (err error)
+//sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error)
+//sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
+//sys Truncate(path string, length int64) (err error) = SYS_TRUNCATE64
+//sys Ustat(dev int, ubuf *Ustat_t) (err error)
+//sys accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error)
+//sys accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error)
+//sys bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error)
+//sys connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error)
+//sysnb getgroups(n int, list *_Gid_t) (nn int, err error)
+//sysnb setgroups(n int, list *_Gid_t) (err error)
+//sys getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error)
+//sys setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error)
+//sysnb socket(domain int, typ int, proto int) (fd int, err error)
+//sysnb socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
+//sysnb getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error)
+//sysnb getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error)
+//sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error)
+//sys sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error)
+//sys recvmsg(s int, msg *Msghdr, flags int) (n int, err error)
+//sys sendmsg(s int, msg *Msghdr, flags int) (n int, err error)
+
+//sys futimesat(dirfd int, path string, times *[2]Timeval) (err error)
+//sysnb Gettimeofday(tv *Timeval) (err error)
+//sysnb Time(t *Time_t) (tt Time_t, err error)
+//sys Utime(path string, buf *Utimbuf) (err error)
+//sys utimes(path string, times *[2]Timeval) (err error)
+
+func Fadvise(fd int, offset int64, length int64, advice int) (err error) {
+ _, _, e1 := Syscall6(SYS_FADVISE64_64, uintptr(fd), uintptr(advice), uintptr(offset>>32), uintptr(offset), uintptr(length>>32), uintptr(length))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func seek(fd int, offset int64, whence int) (int64, syscall.Errno) {
+ var newoffset int64
+ offsetLow := uint32(offset & 0xffffffff)
+ offsetHigh := uint32((offset >> 32) & 0xffffffff)
+ _, _, err := Syscall6(SYS__LLSEEK, uintptr(fd), uintptr(offsetHigh), uintptr(offsetLow), uintptr(unsafe.Pointer(&newoffset)), uintptr(whence), 0)
+ return newoffset, err
+}
+
+func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
+ newoffset, errno := seek(fd, offset, whence)
+ if errno != 0 {
+ return 0, errno
+ }
+ return newoffset, nil
+}
+
+func Fstatfs(fd int, buf *Statfs_t) (err error) {
+ _, _, e := Syscall(SYS_FSTATFS64, uintptr(fd), unsafe.Sizeof(*buf), uintptr(unsafe.Pointer(buf)))
+ if e != 0 {
+ err = e
+ }
+ return
+}
+
+func Statfs(path string, buf *Statfs_t) (err error) {
+ pathp, err := BytePtrFromString(path)
+ if err != nil {
+ return err
+ }
+ _, _, e := Syscall(SYS_STATFS64, uintptr(unsafe.Pointer(pathp)), unsafe.Sizeof(*buf), uintptr(unsafe.Pointer(buf)))
+ if e != 0 {
+ err = e
+ }
+ return
+}
+
+//sys mmap2(addr uintptr, length uintptr, prot int, flags int, fd int, pageOffset uintptr) (xaddr uintptr, err error)
+
+func mmap(addr uintptr, length uintptr, prot int, flags int, fd int, offset int64) (xaddr uintptr, err error) {
+ page := uintptr(offset / 4096)
+ if offset != int64(page)*4096 {
+ return 0, EINVAL
+ }
+ return mmap2(addr, length, prot, flags, fd, page)
+}
+
+func setTimespec(sec, nsec int64) Timespec {
+ return Timespec{Sec: int32(sec), Nsec: int32(nsec)}
+}
+
+func setTimeval(sec, usec int64) Timeval {
+ return Timeval{Sec: int32(sec), Usec: int32(usec)}
+}
+
+type rlimit32 struct {
+ Cur uint32
+ Max uint32
+}
+
+//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_UGETRLIMIT
+
+const rlimInf32 = ^uint32(0)
+const rlimInf64 = ^uint64(0)
+
+func Getrlimit(resource int, rlim *Rlimit) (err error) {
+ err = prlimit(0, resource, nil, rlim)
+ if err != ENOSYS {
+ return err
+ }
+
+ rl := rlimit32{}
+ err = getrlimit(resource, &rl)
+ if err != nil {
+ return
+ }
+
+ if rl.Cur == rlimInf32 {
+ rlim.Cur = rlimInf64
+ } else {
+ rlim.Cur = uint64(rl.Cur)
+ }
+
+ if rl.Max == rlimInf32 {
+ rlim.Max = rlimInf64
+ } else {
+ rlim.Max = uint64(rl.Max)
+ }
+ return
+}
+
+//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
+
+func Setrlimit(resource int, rlim *Rlimit) (err error) {
+ err = prlimit(0, resource, rlim, nil)
+ if err != ENOSYS {
+ return err
+ }
+
+ rl := rlimit32{}
+ if rlim.Cur == rlimInf64 {
+ rl.Cur = rlimInf32
+ } else if rlim.Cur < uint64(rlimInf32) {
+ rl.Cur = uint32(rlim.Cur)
+ } else {
+ return EINVAL
+ }
+ if rlim.Max == rlimInf64 {
+ rl.Max = rlimInf32
+ } else if rlim.Max < uint64(rlimInf32) {
+ rl.Max = uint32(rlim.Max)
+ } else {
+ return EINVAL
+ }
+
+ return setrlimit(resource, &rl)
+}
+
+func (r *PtraceRegs) PC() uint32 { return r.Nip }
+
+func (r *PtraceRegs) SetPC(pc uint32) { r.Nip = pc }
+
+func (iov *Iovec) SetLen(length int) {
+ iov.Len = uint32(length)
+}
+
+func (msghdr *Msghdr) SetControllen(length int) {
+ msghdr.Controllen = uint32(length)
+}
+
+func (msghdr *Msghdr) SetIovlen(length int) {
+ msghdr.Iovlen = uint32(length)
+}
+
+func (cmsg *Cmsghdr) SetLen(length int) {
+ cmsg.Len = uint32(length)
+}
+
+//sysnb pipe(p *[2]_C_int) (err error)
+
+func Pipe(p []int) (err error) {
+ if len(p) != 2 {
+ return EINVAL
+ }
+ var pp [2]_C_int
+ err = pipe(&pp)
+ p[0] = int(pp[0])
+ p[1] = int(pp[1])
+ return
+}
+
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+
+func Pipe2(p []int, flags int) (err error) {
+ if len(p) != 2 {
+ return EINVAL
+ }
+ var pp [2]_C_int
+ err = pipe2(&pp, flags)
+ p[0] = int(pp[0])
+ p[1] = int(pp[1])
+ return
+}
+
+//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
+
+func Poll(fds []PollFd, timeout int) (n int, err error) {
+ if len(fds) == 0 {
+ return poll(nil, 0, timeout)
+ }
+ return poll(&fds[0], len(fds), timeout)
+}
+
+//sys syncFileRange2(fd int, flags int, off int64, n int64) (err error) = SYS_SYNC_FILE_RANGE2
+
+func SyncFileRange(fd int, off int64, n int64, flags int) error {
+ // The sync_file_range and sync_file_range2 syscalls differ only in the
+ // order of their arguments.
+ return syncFileRange2(fd, flags, off, n)
+}
+
+//sys kexecFileLoad(kernelFd int, initrdFd int, cmdlineLen int, cmdline string, flags int) (err error)
+
+func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error {
+ cmdlineLen := len(cmdline)
+ if cmdlineLen > 0 {
+ // Account for the additional NULL byte added by
+ // BytePtrFromString in kexecFileLoad. The kexec_file_load
+ // syscall expects a NULL-terminated string.
+ cmdlineLen++
+ }
+ return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
index 34937440..0b1f0d6d 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (ppc64 || ppc64le)
// +build linux
// +build ppc64 ppc64le
@@ -99,7 +100,7 @@ func (cmsg *Cmsghdr) SetLen(length int) {
cmsg.Len = uint64(length)
}
-//sysnb pipe(p *[2]_C_int) (err error)
+//sysnb pipe(p *[2]_C_int) (err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -112,7 +113,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
index b0b15055..ce9bcd31 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build riscv64 && linux
// +build riscv64,linux
package unix
@@ -154,7 +155,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
index 2363f749..a1e45694 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build s390x && linux
// +build s390x,linux
package unix
@@ -76,7 +77,7 @@ func setTimeval(sec, usec int64) Timeval {
return Timeval{Sec: sec, Usec: usec}
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -249,7 +250,7 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen
}
func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) error {
- args := [4]uintptr{uintptr(s), uintptr(level), uintptr(name), uintptr(val)}
+ args := [5]uintptr{uintptr(s), uintptr(level), uintptr(name), uintptr(val), vallen}
_, _, err := Syscall(SYS_SOCKETCALL, netSetSockOpt, uintptr(unsafe.Pointer(&args)), 0)
if err != 0 {
return err
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
index d389f151..49055a3c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build sparc64 && linux
// +build sparc64,linux
package unix
@@ -115,7 +116,7 @@ func (cmsg *Cmsghdr) SetLen(length int) {
cmsg.Len = uint64(length)
}
-//sysnb pipe(p *[2]_C_int) (err error)
+//sysnb pipe(p *[2]_C_int) (err error)
func Pipe(p []int) (err error) {
if len(p) != 2 {
@@ -128,7 +129,7 @@ func Pipe(p []int) (err error) {
return
}
-//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
func Pipe2(p []int, flags int) (err error) {
if len(p) != 2 {
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
index 1e6843b4..853d5f0f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
@@ -110,7 +110,8 @@ func direntNamlen(buf []byte) (uint64, bool) {
return readInt(buf, unsafe.Offsetof(Dirent{}.Namlen), unsafe.Sizeof(Dirent{}.Namlen))
}
-//sysnb pipe() (fd1 int, fd2 int, err error)
+//sysnb pipe() (fd1 int, fd2 int, err error)
+
func Pipe(p []int) (err error) {
if len(p) != 2 {
return EINVAL
@@ -119,7 +120,21 @@ func Pipe(p []int) (err error) {
return
}
-//sys Getdents(fd int, buf []byte) (n int, err error)
+//sysnb pipe2(p *[2]_C_int, flags int) (err error)
+
+func Pipe2(p []int, flags int) error {
+ if len(p) != 2 {
+ return EINVAL
+ }
+ var pp [2]_C_int
+ err := pipe2(&pp, flags)
+ p[0] = int(pp[0])
+ p[1] = int(pp[1])
+ return err
+}
+
+//sys Getdents(fd int, buf []byte) (n int, err error)
+
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
n, err = Getdents(fd, buf)
if err != nil || basep == nil {
@@ -159,7 +174,7 @@ func setattrlistTimes(path string, times []Timespec, flags int) error {
//sys ioctl(fd int, req uint, arg uintptr) (err error)
-//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
+//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
func IoctlGetPtmget(fd int, req uint) (*Ptmget, error) {
var value Ptmget
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
index 24da8b52..5199d282 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build 386 && netbsd
// +build 386,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
index 25a0ac82..70a9c52e 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && netbsd
// +build amd64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
index 21591ecd..3eb5942f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm && netbsd
// +build arm,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
index 80474963..fc6ccfd8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm64 && netbsd
// +build arm64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index 6a50b50b..22b55038 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -92,7 +92,7 @@ func Pipe2(p []int, flags int) error {
return err
}
-//sys Getdents(fd int, buf []byte) (n int, err error)
+//sys Getdents(fd int, buf []byte) (n int, err error)
func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
n, err = Getdents(fd, buf)
if err != nil || basep == nil {
@@ -154,7 +154,7 @@ func setattrlistTimes(path string, times []Timespec, flags int) error {
//sys ioctl(fd int, req uint, arg uintptr) (err error)
-//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
+//sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
//sys ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
index 42b5a0e5..6baabcdc 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build 386 && openbsd
// +build 386,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
index 6ea4b488..bab25360 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && openbsd
// +build amd64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
index 1c3d26fa..8eed3c4d 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm && openbsd
// +build arm,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
index a8c458cb..483dde99 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build arm64 && openbsd
// +build arm64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index 184786ed..77fcde7c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -565,7 +565,12 @@ func Minor(dev uint64) uint32 {
* Expose the ioctl function
*/
-//sys ioctl(fd int, req uint, arg uintptr) (err error)
+//sys ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) = libc.ioctl
+
+func ioctl(fd int, req uint, arg uintptr) (err error) {
+ _, err = ioctlRet(fd, req, arg)
+ return err
+}
func IoctlSetTermio(fd int, req uint, value *Termio) error {
err := ioctl(fd, req, uintptr(unsafe.Pointer(value)))
@@ -579,7 +584,7 @@ func IoctlGetTermio(fd int, req uint) (*Termio, error) {
return &value, err
}
-//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
+//sys poll(fds *PollFd, nfds int, timeout int) (n int, err error)
func Poll(fds []PollFd, timeout int) (n int, err error) {
if len(fds) == 0 {
@@ -682,6 +687,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
//sys Statvfs(path string, vfsstat *Statvfs_t) (err error)
//sys Symlink(path string, link string) (err error)
//sys Sync() (err error)
+//sys Sysconf(which int) (n int64, err error)
//sysnb Times(tms *Tms) (ticks uintptr, err error)
//sys Truncate(path string, length int64) (err error)
//sys Fsync(fd int) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
index b22a34d7..0bd25ef8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build amd64 && solaris
// +build amd64,solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index 400ba9fb..a7618ceb 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
index 87bd161c..5898e9a5 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
@@ -2,8 +2,11 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build (darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris) && gc && !ppc64le && !ppc64
// +build darwin dragonfly freebsd linux netbsd openbsd solaris
-// +build gc,!ppc64le,!ppc64
+// +build gc
+// +build !ppc64le
+// +build !ppc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
index d36216c3..f6f707ac 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux && (ppc64le || ppc64) && gc
// +build linux
// +build ppc64le ppc64
// +build gc
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
new file mode 100644
index 00000000..1ffd8bfc
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -0,0 +1,1829 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+import (
+ "bytes"
+ "runtime"
+ "sort"
+ "sync"
+ "syscall"
+ "unsafe"
+)
+
+const (
+ O_CLOEXEC = 0 // Dummy value (not supported).
+ AF_LOCAL = AF_UNIX // AF_LOCAL is an alias for AF_UNIX
+)
+
+func syscall_syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
+
+func copyStat(stat *Stat_t, statLE *Stat_LE_t) {
+ stat.Dev = uint64(statLE.Dev)
+ stat.Ino = uint64(statLE.Ino)
+ stat.Nlink = uint64(statLE.Nlink)
+ stat.Mode = uint32(statLE.Mode)
+ stat.Uid = uint32(statLE.Uid)
+ stat.Gid = uint32(statLE.Gid)
+ stat.Rdev = uint64(statLE.Rdev)
+ stat.Size = statLE.Size
+ stat.Atim.Sec = int64(statLE.Atim)
+ stat.Atim.Nsec = 0 //zos doesn't return nanoseconds
+ stat.Mtim.Sec = int64(statLE.Mtim)
+ stat.Mtim.Nsec = 0 //zos doesn't return nanoseconds
+ stat.Ctim.Sec = int64(statLE.Ctim)
+ stat.Ctim.Nsec = 0 //zos doesn't return nanoseconds
+ stat.Blksize = int64(statLE.Blksize)
+ stat.Blocks = statLE.Blocks
+}
+
+func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
+func svcLoad(name *byte) unsafe.Pointer
+func svcUnload(name *byte, fnptr unsafe.Pointer) int64
+
+func (d *Dirent) NameString() string {
+ if d == nil {
+ return ""
+ }
+ return string(d.Name[:d.Namlen])
+}
+
+func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
+ if sa.Port < 0 || sa.Port > 0xFFFF {
+ return nil, 0, EINVAL
+ }
+ sa.raw.Len = SizeofSockaddrInet4
+ sa.raw.Family = AF_INET
+ p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
+ p[0] = byte(sa.Port >> 8)
+ p[1] = byte(sa.Port)
+ for i := 0; i < len(sa.Addr); i++ {
+ sa.raw.Addr[i] = sa.Addr[i]
+ }
+ return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
+}
+
+func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
+ if sa.Port < 0 || sa.Port > 0xFFFF {
+ return nil, 0, EINVAL
+ }
+ sa.raw.Len = SizeofSockaddrInet6
+ sa.raw.Family = AF_INET6
+ p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
+ p[0] = byte(sa.Port >> 8)
+ p[1] = byte(sa.Port)
+ sa.raw.Scope_id = sa.ZoneId
+ for i := 0; i < len(sa.Addr); i++ {
+ sa.raw.Addr[i] = sa.Addr[i]
+ }
+ return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
+}
+
+func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) {
+ name := sa.Name
+ n := len(name)
+ if n >= len(sa.raw.Path) || n == 0 {
+ return nil, 0, EINVAL
+ }
+ sa.raw.Len = byte(3 + n) // 2 for Family, Len; 1 for NUL
+ sa.raw.Family = AF_UNIX
+ for i := 0; i < n; i++ {
+ sa.raw.Path[i] = int8(name[i])
+ }
+ return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
+}
+
+func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
+ // TODO(neeilan): Implement use of first param (fd)
+ switch rsa.Addr.Family {
+ case AF_UNIX:
+ pp := (*RawSockaddrUnix)(unsafe.Pointer(rsa))
+ sa := new(SockaddrUnix)
+ // For z/OS, only replace NUL with @ when the
+ // length is not zero.
+ if pp.Len != 0 && pp.Path[0] == 0 {
+ // "Abstract" Unix domain socket.
+ // Rewrite leading NUL as @ for textual display.
+ // (This is the standard convention.)
+ // Not friendly to overwrite in place,
+ // but the callers below don't care.
+ pp.Path[0] = '@'
+ }
+
+ // Assume path ends at NUL.
+ //
+ // For z/OS, the length of the name is a field
+ // in the structure. To be on the safe side, we
+ // will still scan the name for a NUL but only
+ // to the length provided in the structure.
+ //
+ // This is not technically the Linux semantics for
+ // abstract Unix domain sockets--they are supposed
+ // to be uninterpreted fixed-size binary blobs--but
+ // everyone uses this convention.
+ n := 0
+ for n < int(pp.Len) && pp.Path[n] != 0 {
+ n++
+ }
+ bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n]
+ sa.Name = string(bytes)
+ return sa, nil
+
+ case AF_INET:
+ pp := (*RawSockaddrInet4)(unsafe.Pointer(rsa))
+ sa := new(SockaddrInet4)
+ p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+ sa.Port = int(p[0])<<8 + int(p[1])
+ for i := 0; i < len(sa.Addr); i++ {
+ sa.Addr[i] = pp.Addr[i]
+ }
+ return sa, nil
+
+ case AF_INET6:
+ pp := (*RawSockaddrInet6)(unsafe.Pointer(rsa))
+ sa := new(SockaddrInet6)
+ p := (*[2]byte)(unsafe.Pointer(&pp.Port))
+ sa.Port = int(p[0])<<8 + int(p[1])
+ sa.ZoneId = pp.Scope_id
+ for i := 0; i < len(sa.Addr); i++ {
+ sa.Addr[i] = pp.Addr[i]
+ }
+ return sa, nil
+ }
+ return nil, EAFNOSUPPORT
+}
+
+func Accept(fd int) (nfd int, sa Sockaddr, err error) {
+ var rsa RawSockaddrAny
+ var len _Socklen = SizeofSockaddrAny
+ nfd, err = accept(fd, &rsa, &len)
+ if err != nil {
+ return
+ }
+ // TODO(neeilan): Remove 0 in call
+ sa, err = anyToSockaddr(0, &rsa)
+ if err != nil {
+ Close(nfd)
+ nfd = 0
+ }
+ return
+}
+
+func (iov *Iovec) SetLen(length int) {
+ iov.Len = uint64(length)
+}
+
+func (msghdr *Msghdr) SetControllen(length int) {
+ msghdr.Controllen = int32(length)
+}
+
+func (cmsg *Cmsghdr) SetLen(length int) {
+ cmsg.Len = int32(length)
+}
+
+//sys fcntl(fd int, cmd int, arg int) (val int, err error)
+//sys read(fd int, p []byte) (n int, err error)
+//sys readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
+//sys write(fd int, p []byte) (n int, err error)
+
+//sys accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) = SYS___ACCEPT_A
+//sys bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___BIND_A
+//sys connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___CONNECT_A
+//sysnb getgroups(n int, list *_Gid_t) (nn int, err error)
+//sysnb setgroups(n int, list *_Gid_t) (err error)
+//sys getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error)
+//sys setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error)
+//sysnb socket(domain int, typ int, proto int) (fd int, err error)
+//sysnb socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
+//sysnb getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETPEERNAME_A
+//sysnb getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETSOCKNAME_A
+//sys recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) = SYS___RECVFROM_A
+//sys sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) = SYS___SENDTO_A
+//sys recvmsg(s int, msg *Msghdr, flags int) (n int, err error) = SYS___RECVMSG_A
+//sys sendmsg(s int, msg *Msghdr, flags int) (n int, err error) = SYS___SENDMSG_A
+//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) = SYS_MMAP
+//sys munmap(addr uintptr, length uintptr) (err error) = SYS_MUNMAP
+//sys ioctl(fd int, req uint, arg uintptr) (err error) = SYS_IOCTL
+
+//sys Access(path string, mode uint32) (err error) = SYS___ACCESS_A
+//sys Chdir(path string) (err error) = SYS___CHDIR_A
+//sys Chown(path string, uid int, gid int) (err error) = SYS___CHOWN_A
+//sys Chmod(path string, mode uint32) (err error) = SYS___CHMOD_A
+//sys Creat(path string, mode uint32) (fd int, err error) = SYS___CREAT_A
+//sys Dup(oldfd int) (fd int, err error)
+//sys Dup2(oldfd int, newfd int) (err error)
+//sys Errno2() (er2 int) = SYS___ERRNO2
+//sys Err2ad() (eadd *int) = SYS___ERR2AD
+//sys Exit(code int)
+//sys Fchdir(fd int) (err error)
+//sys Fchmod(fd int, mode uint32) (err error)
+//sys Fchown(fd int, uid int, gid int) (err error)
+//sys FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) = SYS_FCNTL
+//sys fstat(fd int, stat *Stat_LE_t) (err error)
+
+func Fstat(fd int, stat *Stat_t) (err error) {
+ var statLE Stat_LE_t
+ err = fstat(fd, &statLE)
+ copyStat(stat, &statLE)
+ return
+}
+
+//sys Fstatvfs(fd int, stat *Statvfs_t) (err error) = SYS_FSTATVFS
+//sys Fsync(fd int) (err error)
+//sys Ftruncate(fd int, length int64) (err error)
+//sys Getpagesize() (pgsize int) = SYS_GETPAGESIZE
+//sys Mprotect(b []byte, prot int) (err error) = SYS_MPROTECT
+//sys Msync(b []byte, flags int) (err error) = SYS_MSYNC
+//sys Poll(fds []PollFd, timeout int) (n int, err error) = SYS_POLL
+//sys Times(tms *Tms) (ticks uintptr, err error) = SYS_TIMES
+//sys W_Getmntent(buff *byte, size int) (lastsys int, err error) = SYS_W_GETMNTENT
+//sys W_Getmntent_A(buff *byte, size int) (lastsys int, err error) = SYS___W_GETMNTENT_A
+
+//sys mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) = SYS___MOUNT_A
+//sys unmount(filesystem string, mtm int) (err error) = SYS___UMOUNT_A
+//sys Chroot(path string) (err error) = SYS___CHROOT_A
+//sys Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) = SYS_SELECT
+//sysnb Uname(buf *Utsname) (err error) = SYS___UNAME_A
+
+func Ptsname(fd int) (name string, err error) {
+ r0, _, e1 := syscall_syscall(SYS___PTSNAME_A, uintptr(fd), 0, 0)
+ name = u2s(unsafe.Pointer(r0))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func u2s(cstr unsafe.Pointer) string {
+ str := (*[1024]uint8)(cstr)
+ i := 0
+ for str[i] != 0 {
+ i++
+ }
+ return string(str[:i])
+}
+
+func Close(fd int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
+ for i := 0; e1 == EAGAIN && i < 10; i++ {
+ _, _, _ = syscall_syscall(SYS_USLEEP, uintptr(10), 0, 0)
+ _, _, e1 = syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
+ }
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var mapper = &mmapper{
+ active: make(map[*byte][]byte),
+ mmap: mmap,
+ munmap: munmap,
+}
+
+// Dummy function: there are no semantics for Madvise on z/OS
+func Madvise(b []byte, advice int) (err error) {
+ return
+}
+
+func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
+ return mapper.Mmap(fd, offset, length, prot, flags)
+}
+
+func Munmap(b []byte) (err error) {
+ return mapper.Munmap(b)
+}
+
+//sys Gethostname(buf []byte) (err error) = SYS___GETHOSTNAME_A
+//sysnb Getegid() (egid int)
+//sysnb Geteuid() (uid int)
+//sysnb Getgid() (gid int)
+//sysnb Getpid() (pid int)
+//sysnb Getpgid(pid int) (pgid int, err error) = SYS_GETPGID
+
+func Getpgrp() (pid int) {
+ pid, _ = Getpgid(0)
+ return
+}
+
+//sysnb Getppid() (pid int)
+//sys Getpriority(which int, who int) (prio int, err error)
+//sysnb Getrlimit(resource int, rlim *Rlimit) (err error) = SYS_GETRLIMIT
+
+//sysnb getrusage(who int, rusage *rusage_zos) (err error) = SYS_GETRUSAGE
+
+func Getrusage(who int, rusage *Rusage) (err error) {
+ var ruz rusage_zos
+ err = getrusage(who, &ruz)
+ //Only the first two fields of Rusage are set
+ rusage.Utime.Sec = ruz.Utime.Sec
+ rusage.Utime.Usec = int64(ruz.Utime.Usec)
+ rusage.Stime.Sec = ruz.Stime.Sec
+ rusage.Stime.Usec = int64(ruz.Stime.Usec)
+ return
+}
+
+//sysnb Getsid(pid int) (sid int, err error) = SYS_GETSID
+//sysnb Getuid() (uid int)
+//sysnb Kill(pid int, sig Signal) (err error)
+//sys Lchown(path string, uid int, gid int) (err error) = SYS___LCHOWN_A
+//sys Link(path string, link string) (err error) = SYS___LINK_A
+//sys Listen(s int, n int) (err error)
+//sys lstat(path string, stat *Stat_LE_t) (err error) = SYS___LSTAT_A
+
+func Lstat(path string, stat *Stat_t) (err error) {
+ var statLE Stat_LE_t
+ err = lstat(path, &statLE)
+ copyStat(stat, &statLE)
+ return
+}
+
+//sys Mkdir(path string, mode uint32) (err error) = SYS___MKDIR_A
+//sys Mkfifo(path string, mode uint32) (err error) = SYS___MKFIFO_A
+//sys Mknod(path string, mode uint32, dev int) (err error) = SYS___MKNOD_A
+//sys Pread(fd int, p []byte, offset int64) (n int, err error)
+//sys Pwrite(fd int, p []byte, offset int64) (n int, err error)
+//sys Readlink(path string, buf []byte) (n int, err error) = SYS___READLINK_A
+//sys Rename(from string, to string) (err error) = SYS___RENAME_A
+//sys Rmdir(path string) (err error) = SYS___RMDIR_A
+//sys Seek(fd int, offset int64, whence int) (off int64, err error) = SYS_LSEEK
+//sys Setpriority(which int, who int, prio int) (err error)
+//sysnb Setpgid(pid int, pgid int) (err error) = SYS_SETPGID
+//sysnb Setrlimit(resource int, lim *Rlimit) (err error)
+//sysnb Setregid(rgid int, egid int) (err error) = SYS_SETREGID
+//sysnb Setreuid(ruid int, euid int) (err error) = SYS_SETREUID
+//sysnb Setsid() (pid int, err error) = SYS_SETSID
+//sys Setuid(uid int) (err error) = SYS_SETUID
+//sys Setgid(uid int) (err error) = SYS_SETGID
+//sys Shutdown(fd int, how int) (err error)
+//sys stat(path string, statLE *Stat_LE_t) (err error) = SYS___STAT_A
+
+func Stat(path string, sta *Stat_t) (err error) {
+ var statLE Stat_LE_t
+ err = stat(path, &statLE)
+ copyStat(sta, &statLE)
+ return
+}
+
+//sys Symlink(path string, link string) (err error) = SYS___SYMLINK_A
+//sys Sync() = SYS_SYNC
+//sys Truncate(path string, length int64) (err error) = SYS___TRUNCATE_A
+//sys Tcgetattr(fildes int, termptr *Termios) (err error) = SYS_TCGETATTR
+//sys Tcsetattr(fildes int, when int, termptr *Termios) (err error) = SYS_TCSETATTR
+//sys Umask(mask int) (oldmask int)
+//sys Unlink(path string) (err error) = SYS___UNLINK_A
+//sys Utime(path string, utim *Utimbuf) (err error) = SYS___UTIME_A
+
+//sys open(path string, mode int, perm uint32) (fd int, err error) = SYS___OPEN_A
+
+func Open(path string, mode int, perm uint32) (fd int, err error) {
+ return open(path, mode, perm)
+}
+
+func Mkfifoat(dirfd int, path string, mode uint32) (err error) {
+ wd, err := Getwd()
+ if err != nil {
+ return err
+ }
+
+ if err := Fchdir(dirfd); err != nil {
+ return err
+ }
+ defer Chdir(wd)
+
+ return Mkfifo(path, mode)
+}
+
+//sys remove(path string) (err error)
+
+func Remove(path string) error {
+ return remove(path)
+}
+
+const ImplementsGetwd = true
+
+func Getcwd(buf []byte) (n int, err error) {
+ var p unsafe.Pointer
+ if len(buf) > 0 {
+ p = unsafe.Pointer(&buf[0])
+ } else {
+ p = unsafe.Pointer(&_zero)
+ }
+ _, _, e := syscall_syscall(SYS___GETCWD_A, uintptr(p), uintptr(len(buf)), 0)
+ n = clen(buf) + 1
+ if e != 0 {
+ err = errnoErr(e)
+ }
+ return
+}
+
+func Getwd() (wd string, err error) {
+ var buf [PathMax]byte
+ n, err := Getcwd(buf[0:])
+ if err != nil {
+ return "", err
+ }
+ // Getcwd returns the number of bytes written to buf, including the NUL.
+ if n < 1 || n > len(buf) || buf[n-1] != 0 {
+ return "", EINVAL
+ }
+ return string(buf[0 : n-1]), nil
+}
+
+func Getgroups() (gids []int, err error) {
+ n, err := getgroups(0, nil)
+ if err != nil {
+ return nil, err
+ }
+ if n == 0 {
+ return nil, nil
+ }
+
+ // Sanity check group count. Max is 1<<16 on Linux.
+ if n < 0 || n > 1<<20 {
+ return nil, EINVAL
+ }
+
+ a := make([]_Gid_t, n)
+ n, err = getgroups(n, &a[0])
+ if err != nil {
+ return nil, err
+ }
+ gids = make([]int, n)
+ for i, v := range a[0:n] {
+ gids[i] = int(v)
+ }
+ return
+}
+
+func Setgroups(gids []int) (err error) {
+ if len(gids) == 0 {
+ return setgroups(0, nil)
+ }
+
+ a := make([]_Gid_t, len(gids))
+ for i, v := range gids {
+ a[i] = _Gid_t(v)
+ }
+ return setgroups(len(a), &a[0])
+}
+
+func gettid() uint64
+
+func Gettid() (tid int) {
+ return int(gettid())
+}
+
+type WaitStatus uint32
+
+// Wait status is 7 bits at bottom, either 0 (exited),
+// 0x7F (stopped), or a signal number that caused an exit.
+// The 0x80 bit is whether there was a core dump.
+// An extra number (exit code, signal causing a stop)
+// is in the high bits. At least that's the idea.
+// There are various irregularities. For example, the
+// "continued" status is 0xFFFF, distinguishing itself
+// from stopped via the core dump bit.
+
+const (
+ mask = 0x7F
+ core = 0x80
+ exited = 0x00
+ stopped = 0x7F
+ shift = 8
+)
+
+func (w WaitStatus) Exited() bool { return w&mask == exited }
+
+func (w WaitStatus) Signaled() bool { return w&mask != stopped && w&mask != exited }
+
+func (w WaitStatus) Stopped() bool { return w&0xFF == stopped }
+
+func (w WaitStatus) Continued() bool { return w == 0xFFFF }
+
+func (w WaitStatus) CoreDump() bool { return w.Signaled() && w&core != 0 }
+
+func (w WaitStatus) ExitStatus() int {
+ if !w.Exited() {
+ return -1
+ }
+ return int(w>>shift) & 0xFF
+}
+
+func (w WaitStatus) Signal() Signal {
+ if !w.Signaled() {
+ return -1
+ }
+ return Signal(w & mask)
+}
+
+func (w WaitStatus) StopSignal() Signal {
+ if !w.Stopped() {
+ return -1
+ }
+ return Signal(w>>shift) & 0xFF
+}
+
+func (w WaitStatus) TrapCause() int { return -1 }
+
+//sys waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error)
+
+func Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
+ // TODO(mundaym): z/OS doesn't have wait4. I don't think getrusage does what we want.
+ // At the moment rusage will not be touched.
+ var status _C_int
+ wpid, err = waitpid(pid, &status, options)
+ if wstatus != nil {
+ *wstatus = WaitStatus(status)
+ }
+ return
+}
+
+//sysnb gettimeofday(tv *timeval_zos) (err error)
+
+func Gettimeofday(tv *Timeval) (err error) {
+ var tvz timeval_zos
+ err = gettimeofday(&tvz)
+ tv.Sec = tvz.Sec
+ tv.Usec = int64(tvz.Usec)
+ return
+}
+
+func Time(t *Time_t) (tt Time_t, err error) {
+ var tv Timeval
+ err = Gettimeofday(&tv)
+ if err != nil {
+ return 0, err
+ }
+ if t != nil {
+ *t = Time_t(tv.Sec)
+ }
+ return Time_t(tv.Sec), nil
+}
+
+func setTimespec(sec, nsec int64) Timespec {
+ return Timespec{Sec: sec, Nsec: nsec}
+}
+
+func setTimeval(sec, usec int64) Timeval { //fix
+ return Timeval{Sec: sec, Usec: usec}
+}
+
+//sysnb pipe(p *[2]_C_int) (err error)
+
+func Pipe(p []int) (err error) {
+ if len(p) != 2 {
+ return EINVAL
+ }
+ var pp [2]_C_int
+ err = pipe(&pp)
+ p[0] = int(pp[0])
+ p[1] = int(pp[1])
+ return
+}
+
+//sys utimes(path string, timeval *[2]Timeval) (err error) = SYS___UTIMES_A
+
+func Utimes(path string, tv []Timeval) (err error) {
+ if len(tv) != 2 {
+ return EINVAL
+ }
+ return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
+}
+
+func UtimesNano(path string, ts []Timespec) error {
+ if len(ts) != 2 {
+ return EINVAL
+ }
+ // Not as efficient as it could be because Timespec and
+ // Timeval have different types in the different OSes
+ tv := [2]Timeval{
+ NsecToTimeval(TimespecToNsec(ts[0])),
+ NsecToTimeval(TimespecToNsec(ts[1])),
+ }
+ return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
+}
+
+func Getsockname(fd int) (sa Sockaddr, err error) {
+ var rsa RawSockaddrAny
+ var len _Socklen = SizeofSockaddrAny
+ if err = getsockname(fd, &rsa, &len); err != nil {
+ return
+ }
+ // TODO(neeilan) : Remove this 0 ( added to get sys/unix compiling on z/OS )
+ return anyToSockaddr(0, &rsa)
+}
+
+const (
+ // identifier constants
+ nwmHeaderIdentifier = 0xd5e6d4c8
+ nwmFilterIdentifier = 0xd5e6d4c6
+ nwmTCPConnIdentifier = 0xd5e6d4c3
+ nwmRecHeaderIdentifier = 0xd5e6d4d9
+ nwmIPStatsIdentifier = 0xd5e6d4c9d7e2e340
+ nwmIPGStatsIdentifier = 0xd5e6d4c9d7c7e2e3
+ nwmTCPStatsIdentifier = 0xd5e6d4e3c3d7e2e3
+ nwmUDPStatsIdentifier = 0xd5e6d4e4c4d7e2e3
+ nwmICMPGStatsEntry = 0xd5e6d4c9c3d4d7c7
+ nwmICMPTStatsEntry = 0xd5e6d4c9c3d4d7e3
+
+ // nwmHeader constants
+ nwmVersion1 = 1
+ nwmVersion2 = 2
+ nwmCurrentVer = 2
+
+ nwmTCPConnType = 1
+ nwmGlobalStatsType = 14
+
+ // nwmFilter constants
+ nwmFilterLclAddrMask = 0x20000000 // Local address
+ nwmFilterSrcAddrMask = 0x20000000 // Source address
+ nwmFilterLclPortMask = 0x10000000 // Local port
+ nwmFilterSrcPortMask = 0x10000000 // Source port
+
+ // nwmConnEntry constants
+ nwmTCPStateClosed = 1
+ nwmTCPStateListen = 2
+ nwmTCPStateSynSent = 3
+ nwmTCPStateSynRcvd = 4
+ nwmTCPStateEstab = 5
+ nwmTCPStateFinWait1 = 6
+ nwmTCPStateFinWait2 = 7
+ nwmTCPStateClosWait = 8
+ nwmTCPStateLastAck = 9
+ nwmTCPStateClosing = 10
+ nwmTCPStateTimeWait = 11
+ nwmTCPStateDeletTCB = 12
+
+ // Existing constants on linux
+ BPF_TCP_CLOSE = 1
+ BPF_TCP_LISTEN = 2
+ BPF_TCP_SYN_SENT = 3
+ BPF_TCP_SYN_RECV = 4
+ BPF_TCP_ESTABLISHED = 5
+ BPF_TCP_FIN_WAIT1 = 6
+ BPF_TCP_FIN_WAIT2 = 7
+ BPF_TCP_CLOSE_WAIT = 8
+ BPF_TCP_LAST_ACK = 9
+ BPF_TCP_CLOSING = 10
+ BPF_TCP_TIME_WAIT = 11
+ BPF_TCP_NEW_SYN_RECV = -1
+ BPF_TCP_MAX_STATES = -2
+)
+
+type nwmTriplet struct {
+ offset uint32
+ length uint32
+ number uint32
+}
+
+type nwmQuadruplet struct {
+ offset uint32
+ length uint32
+ number uint32
+ match uint32
+}
+
+type nwmHeader struct {
+ ident uint32
+ length uint32
+ version uint16
+ nwmType uint16
+ bytesNeeded uint32
+ options uint32
+ _ [16]byte
+ inputDesc nwmTriplet
+ outputDesc nwmQuadruplet
+}
+
+type nwmFilter struct {
+ ident uint32
+ flags uint32
+ resourceName [8]byte
+ resourceId uint32
+ listenerId uint32
+ local [28]byte // union of sockaddr4 and sockaddr6
+ remote [28]byte // union of sockaddr4 and sockaddr6
+ _ uint16
+ _ uint16
+ asid uint16
+ _ [2]byte
+ tnLuName [8]byte
+ tnMonGrp uint32
+ tnAppl [8]byte
+ applData [40]byte
+ nInterface [16]byte
+ dVipa [16]byte
+ dVipaPfx uint16
+ dVipaPort uint16
+ dVipaFamily byte
+ _ [3]byte
+ destXCF [16]byte
+ destXCFPfx uint16
+ destXCFFamily byte
+ _ [1]byte
+ targIP [16]byte
+ targIPPfx uint16
+ targIPFamily byte
+ _ [1]byte
+ _ [20]byte
+}
+
+type nwmRecHeader struct {
+ ident uint32
+ length uint32
+ number byte
+ _ [3]byte
+}
+
+type nwmTCPStatsEntry struct {
+ ident uint64
+ currEstab uint32
+ activeOpened uint32
+ passiveOpened uint32
+ connClosed uint32
+ estabResets uint32
+ attemptFails uint32
+ passiveDrops uint32
+ timeWaitReused uint32
+ inSegs uint64
+ predictAck uint32
+ predictData uint32
+ inDupAck uint32
+ inBadSum uint32
+ inBadLen uint32
+ inShort uint32
+ inDiscOldTime uint32
+ inAllBeforeWin uint32
+ inSomeBeforeWin uint32
+ inAllAfterWin uint32
+ inSomeAfterWin uint32
+ inOutOfOrder uint32
+ inAfterClose uint32
+ inWinProbes uint32
+ inWinUpdates uint32
+ outWinUpdates uint32
+ outSegs uint64
+ outDelayAcks uint32
+ outRsts uint32
+ retransSegs uint32
+ retransTimeouts uint32
+ retransDrops uint32
+ pmtuRetrans uint32
+ pmtuErrors uint32
+ outWinProbes uint32
+ probeDrops uint32
+ keepAliveProbes uint32
+ keepAliveDrops uint32
+ finwait2Drops uint32
+ acceptCount uint64
+ inBulkQSegs uint64
+ inDiscards uint64
+ connFloods uint32
+ connStalls uint32
+ cfgEphemDef uint16
+ ephemInUse uint16
+ ephemHiWater uint16
+ flags byte
+ _ [1]byte
+ ephemExhaust uint32
+ smcRCurrEstabLnks uint32
+ smcRLnkActTimeOut uint32
+ smcRActLnkOpened uint32
+ smcRPasLnkOpened uint32
+ smcRLnksClosed uint32
+ smcRCurrEstab uint32
+ smcRActiveOpened uint32
+ smcRPassiveOpened uint32
+ smcRConnClosed uint32
+ smcRInSegs uint64
+ smcROutSegs uint64
+ smcRInRsts uint32
+ smcROutRsts uint32
+ smcDCurrEstabLnks uint32
+ smcDActLnkOpened uint32
+ smcDPasLnkOpened uint32
+ smcDLnksClosed uint32
+ smcDCurrEstab uint32
+ smcDActiveOpened uint32
+ smcDPassiveOpened uint32
+ smcDConnClosed uint32
+ smcDInSegs uint64
+ smcDOutSegs uint64
+ smcDInRsts uint32
+ smcDOutRsts uint32
+}
+
+type nwmConnEntry struct {
+ ident uint32
+ local [28]byte // union of sockaddr4 and sockaddr6
+ remote [28]byte // union of sockaddr4 and sockaddr6
+ startTime [8]byte // uint64, changed to prevent padding from being inserted
+ lastActivity [8]byte // uint64
+ bytesIn [8]byte // uint64
+ bytesOut [8]byte // uint64
+ inSegs [8]byte // uint64
+ outSegs [8]byte // uint64
+ state uint16
+ activeOpen byte
+ flag01 byte
+ outBuffered uint32
+ inBuffered uint32
+ maxSndWnd uint32
+ reXmtCount uint32
+ congestionWnd uint32
+ ssThresh uint32
+ roundTripTime uint32
+ roundTripVar uint32
+ sendMSS uint32
+ sndWnd uint32
+ rcvBufSize uint32
+ sndBufSize uint32
+ outOfOrderCount uint32
+ lcl0WindowCount uint32
+ rmt0WindowCount uint32
+ dupacks uint32
+ flag02 byte
+ sockOpt6Cont byte
+ asid uint16
+ resourceName [8]byte
+ resourceId uint32
+ subtask uint32
+ sockOpt byte
+ sockOpt6 byte
+ clusterConnFlag byte
+ proto byte
+ targetAppl [8]byte
+ luName [8]byte
+ clientUserId [8]byte
+ logMode [8]byte
+ timeStamp uint32
+ timeStampAge uint32
+ serverResourceId uint32
+ intfName [16]byte
+ ttlsStatPol byte
+ ttlsStatConn byte
+ ttlsSSLProt uint16
+ ttlsNegCiph [2]byte
+ ttlsSecType byte
+ ttlsFIPS140Mode byte
+ ttlsUserID [8]byte
+ applData [40]byte
+ inOldestTime [8]byte // uint64
+ outOldestTime [8]byte // uint64
+ tcpTrustedPartner byte
+ _ [3]byte
+ bulkDataIntfName [16]byte
+ ttlsNegCiph4 [4]byte
+ smcReason uint32
+ lclSMCLinkId uint32
+ rmtSMCLinkId uint32
+ smcStatus byte
+ smcFlags byte
+ _ [2]byte
+ rcvWnd uint32
+ lclSMCBufSz uint32
+ rmtSMCBufSz uint32
+ ttlsSessID [32]byte
+ ttlsSessIDLen int16
+ _ [1]byte
+ smcDStatus byte
+ smcDReason uint32
+}
+
+var svcNameTable [][]byte = [][]byte{
+ []byte("\xc5\xe9\xc2\xd5\xd4\xc9\xc6\xf4"), // svc_EZBNMIF4
+}
+
+const (
+ svc_EZBNMIF4 = 0
+)
+
+func GetsockoptTCPInfo(fd, level, opt int) (*TCPInfo, error) {
+ jobname := []byte("\x5c\x40\x40\x40\x40\x40\x40\x40") // "*"
+ responseBuffer := [4096]byte{0}
+ var bufferAlet, reasonCode uint32 = 0, 0
+ var bufferLen, returnValue, returnCode int32 = 4096, 0, 0
+
+ dsa := [18]uint64{0}
+ var argv [7]unsafe.Pointer
+ argv[0] = unsafe.Pointer(&jobname[0])
+ argv[1] = unsafe.Pointer(&responseBuffer[0])
+ argv[2] = unsafe.Pointer(&bufferAlet)
+ argv[3] = unsafe.Pointer(&bufferLen)
+ argv[4] = unsafe.Pointer(&returnValue)
+ argv[5] = unsafe.Pointer(&returnCode)
+ argv[6] = unsafe.Pointer(&reasonCode)
+
+ request := (*struct {
+ header nwmHeader
+ filter nwmFilter
+ })(unsafe.Pointer(&responseBuffer[0]))
+
+ EZBNMIF4 := svcLoad(&svcNameTable[svc_EZBNMIF4][0])
+ if EZBNMIF4 == nil {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // GetGlobalStats EZBNMIF4 call
+ request.header.ident = nwmHeaderIdentifier
+ request.header.length = uint32(unsafe.Sizeof(request.header))
+ request.header.version = nwmCurrentVer
+ request.header.nwmType = nwmGlobalStatsType
+ request.header.options = 0x80000000
+
+ svcCall(EZBNMIF4, &argv[0], &dsa[0])
+
+ // outputDesc field is filled by EZBNMIF4 on success
+ if returnCode != 0 || request.header.outputDesc.offset == 0 {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // Check that EZBNMIF4 returned a nwmRecHeader
+ recHeader := (*nwmRecHeader)(unsafe.Pointer(&responseBuffer[request.header.outputDesc.offset]))
+ if recHeader.ident != nwmRecHeaderIdentifier {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // Parse nwmTriplets to get offsets of returned entries
+ var sections []*uint64
+ var sectionDesc *nwmTriplet = (*nwmTriplet)(unsafe.Pointer(&responseBuffer[0]))
+ for i := uint32(0); i < uint32(recHeader.number); i++ {
+ offset := request.header.outputDesc.offset + uint32(unsafe.Sizeof(*recHeader)) + i*uint32(unsafe.Sizeof(*sectionDesc))
+ sectionDesc = (*nwmTriplet)(unsafe.Pointer(&responseBuffer[offset]))
+ for j := uint32(0); j < sectionDesc.number; j++ {
+ offset = request.header.outputDesc.offset + sectionDesc.offset + j*sectionDesc.length
+ sections = append(sections, (*uint64)(unsafe.Pointer(&responseBuffer[offset])))
+ }
+ }
+
+ // Find nwmTCPStatsEntry in returned entries
+ var tcpStats *nwmTCPStatsEntry = nil
+ for _, ptr := range sections {
+ switch *ptr {
+ case nwmTCPStatsIdentifier:
+ if tcpStats != nil {
+ return nil, errnoErr(EINVAL)
+ }
+ tcpStats = (*nwmTCPStatsEntry)(unsafe.Pointer(ptr))
+ case nwmIPStatsIdentifier:
+ case nwmIPGStatsIdentifier:
+ case nwmUDPStatsIdentifier:
+ case nwmICMPGStatsEntry:
+ case nwmICMPTStatsEntry:
+ default:
+ return nil, errnoErr(EINVAL)
+ }
+ }
+ if tcpStats == nil {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // GetConnectionDetail EZBNMIF4 call
+ responseBuffer = [4096]byte{0}
+ dsa = [18]uint64{0}
+ bufferAlet, reasonCode = 0, 0
+ bufferLen, returnValue, returnCode = 4096, 0, 0
+ nameptr := (*uint32)(unsafe.Pointer(uintptr(0x21c))) // Get jobname of current process
+ nameptr = (*uint32)(unsafe.Pointer(uintptr(*nameptr + 12)))
+ argv[0] = unsafe.Pointer(uintptr(*nameptr))
+
+ request.header.ident = nwmHeaderIdentifier
+ request.header.length = uint32(unsafe.Sizeof(request.header))
+ request.header.version = nwmCurrentVer
+ request.header.nwmType = nwmTCPConnType
+ request.header.options = 0x80000000
+
+ request.filter.ident = nwmFilterIdentifier
+
+ var localSockaddr RawSockaddrAny
+ socklen := _Socklen(SizeofSockaddrAny)
+ err := getsockname(fd, &localSockaddr, &socklen)
+ if err != nil {
+ return nil, errnoErr(EINVAL)
+ }
+ if localSockaddr.Addr.Family == AF_INET {
+ localSockaddr := (*RawSockaddrInet4)(unsafe.Pointer(&localSockaddr.Addr))
+ localSockFilter := (*RawSockaddrInet4)(unsafe.Pointer(&request.filter.local[0]))
+ localSockFilter.Family = AF_INET
+ var i int
+ for i = 0; i < 4; i++ {
+ if localSockaddr.Addr[i] != 0 {
+ break
+ }
+ }
+ if i != 4 {
+ request.filter.flags |= nwmFilterLclAddrMask
+ for i = 0; i < 4; i++ {
+ localSockFilter.Addr[i] = localSockaddr.Addr[i]
+ }
+ }
+ if localSockaddr.Port != 0 {
+ request.filter.flags |= nwmFilterLclPortMask
+ localSockFilter.Port = localSockaddr.Port
+ }
+ } else if localSockaddr.Addr.Family == AF_INET6 {
+ localSockaddr := (*RawSockaddrInet6)(unsafe.Pointer(&localSockaddr.Addr))
+ localSockFilter := (*RawSockaddrInet6)(unsafe.Pointer(&request.filter.local[0]))
+ localSockFilter.Family = AF_INET6
+ var i int
+ for i = 0; i < 16; i++ {
+ if localSockaddr.Addr[i] != 0 {
+ break
+ }
+ }
+ if i != 16 {
+ request.filter.flags |= nwmFilterLclAddrMask
+ for i = 0; i < 16; i++ {
+ localSockFilter.Addr[i] = localSockaddr.Addr[i]
+ }
+ }
+ if localSockaddr.Port != 0 {
+ request.filter.flags |= nwmFilterLclPortMask
+ localSockFilter.Port = localSockaddr.Port
+ }
+ }
+
+ svcCall(EZBNMIF4, &argv[0], &dsa[0])
+
+ // outputDesc field is filled by EZBNMIF4 on success
+ if returnCode != 0 || request.header.outputDesc.offset == 0 {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // Check that EZBNMIF4 returned a nwmConnEntry
+ conn := (*nwmConnEntry)(unsafe.Pointer(&responseBuffer[request.header.outputDesc.offset]))
+ if conn.ident != nwmTCPConnIdentifier {
+ return nil, errnoErr(EINVAL)
+ }
+
+ // Copy data from the returned data structures into tcpInfo
+ // Stats from nwmConnEntry are specific to that connection.
+ // Stats from nwmTCPStatsEntry are global (to the interface?)
+ // Fields may not be an exact match. Some fields have no equivalent.
+ var tcpinfo TCPInfo
+ tcpinfo.State = uint8(conn.state)
+ tcpinfo.Ca_state = 0 // dummy
+ tcpinfo.Retransmits = uint8(tcpStats.retransSegs)
+ tcpinfo.Probes = uint8(tcpStats.outWinProbes)
+ tcpinfo.Backoff = 0 // dummy
+ tcpinfo.Options = 0 // dummy
+ tcpinfo.Rto = tcpStats.retransTimeouts
+ tcpinfo.Ato = tcpStats.outDelayAcks
+ tcpinfo.Snd_mss = conn.sendMSS
+ tcpinfo.Rcv_mss = conn.sendMSS // dummy
+ tcpinfo.Unacked = 0 // dummy
+ tcpinfo.Sacked = 0 // dummy
+ tcpinfo.Lost = 0 // dummy
+ tcpinfo.Retrans = conn.reXmtCount
+ tcpinfo.Fackets = 0 // dummy
+ tcpinfo.Last_data_sent = uint32(*(*uint64)(unsafe.Pointer(&conn.lastActivity[0])))
+ tcpinfo.Last_ack_sent = uint32(*(*uint64)(unsafe.Pointer(&conn.outOldestTime[0])))
+ tcpinfo.Last_data_recv = uint32(*(*uint64)(unsafe.Pointer(&conn.inOldestTime[0])))
+ tcpinfo.Last_ack_recv = uint32(*(*uint64)(unsafe.Pointer(&conn.inOldestTime[0])))
+ tcpinfo.Pmtu = conn.sendMSS // dummy, NWMIfRouteMtu is a candidate
+ tcpinfo.Rcv_ssthresh = conn.ssThresh
+ tcpinfo.Rtt = conn.roundTripTime
+ tcpinfo.Rttvar = conn.roundTripVar
+ tcpinfo.Snd_ssthresh = conn.ssThresh // dummy
+ tcpinfo.Snd_cwnd = conn.congestionWnd
+ tcpinfo.Advmss = conn.sendMSS // dummy
+ tcpinfo.Reordering = 0 // dummy
+ tcpinfo.Rcv_rtt = conn.roundTripTime // dummy
+ tcpinfo.Rcv_space = conn.sendMSS // dummy
+ tcpinfo.Total_retrans = conn.reXmtCount
+
+ svcUnload(&svcNameTable[svc_EZBNMIF4][0], EZBNMIF4)
+
+ return &tcpinfo, nil
+}
+
+// GetsockoptString returns the string value of the socket option opt for the
+// socket associated with fd at the given socket level.
+func GetsockoptString(fd, level, opt int) (string, error) {
+ buf := make([]byte, 256)
+ vallen := _Socklen(len(buf))
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&buf[0]), &vallen)
+ if err != nil {
+ return "", err
+ }
+
+ return string(buf[:vallen-1]), nil
+}
+
+func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) {
+ var msg Msghdr
+ var rsa RawSockaddrAny
+ msg.Name = (*byte)(unsafe.Pointer(&rsa))
+ msg.Namelen = SizeofSockaddrAny
+ var iov Iovec
+ if len(p) > 0 {
+ iov.Base = (*byte)(unsafe.Pointer(&p[0]))
+ iov.SetLen(len(p))
+ }
+ var dummy byte
+ if len(oob) > 0 {
+ // receive at least one normal byte
+ if len(p) == 0 {
+ iov.Base = &dummy
+ iov.SetLen(1)
+ }
+ msg.Control = (*byte)(unsafe.Pointer(&oob[0]))
+ msg.SetControllen(len(oob))
+ }
+ msg.Iov = &iov
+ msg.Iovlen = 1
+ if n, err = recvmsg(fd, &msg, flags); err != nil {
+ return
+ }
+ oobn = int(msg.Controllen)
+ recvflags = int(msg.Flags)
+ // source address is only specified if the socket is unconnected
+ if rsa.Addr.Family != AF_UNSPEC {
+ // TODO(neeilan): Remove 0 arg added to get this compiling on z/OS
+ from, err = anyToSockaddr(0, &rsa)
+ }
+ return
+}
+
+func Sendmsg(fd int, p, oob []byte, to Sockaddr, flags int) (err error) {
+ _, err = SendmsgN(fd, p, oob, to, flags)
+ return
+}
+
+func SendmsgN(fd int, p, oob []byte, to Sockaddr, flags int) (n int, err error) {
+ var ptr unsafe.Pointer
+ var salen _Socklen
+ if to != nil {
+ var err error
+ ptr, salen, err = to.sockaddr()
+ if err != nil {
+ return 0, err
+ }
+ }
+ var msg Msghdr
+ msg.Name = (*byte)(unsafe.Pointer(ptr))
+ msg.Namelen = int32(salen)
+ var iov Iovec
+ if len(p) > 0 {
+ iov.Base = (*byte)(unsafe.Pointer(&p[0]))
+ iov.SetLen(len(p))
+ }
+ var dummy byte
+ if len(oob) > 0 {
+ // send at least one normal byte
+ if len(p) == 0 {
+ iov.Base = &dummy
+ iov.SetLen(1)
+ }
+ msg.Control = (*byte)(unsafe.Pointer(&oob[0]))
+ msg.SetControllen(len(oob))
+ }
+ msg.Iov = &iov
+ msg.Iovlen = 1
+ if n, err = sendmsg(fd, &msg, flags); err != nil {
+ return 0, err
+ }
+ if len(oob) > 0 && len(p) == 0 {
+ n = 0
+ }
+ return n, nil
+}
+
+func Opendir(name string) (uintptr, error) {
+ p, err := BytePtrFromString(name)
+ if err != nil {
+ return 0, err
+ }
+ dir, _, e := syscall_syscall(SYS___OPENDIR_A, uintptr(unsafe.Pointer(p)), 0, 0)
+ runtime.KeepAlive(unsafe.Pointer(p))
+ if e != 0 {
+ err = errnoErr(e)
+ }
+ return dir, err
+}
+
+// clearsyscall.Errno resets the errno value to 0.
+func clearErrno()
+
+func Readdir(dir uintptr) (*Dirent, error) {
+ var ent Dirent
+ var res uintptr
+ // __readdir_r_a returns errno at the end of the directory stream, rather than 0.
+ // Therefore to avoid false positives we clear errno before calling it.
+
+ // TODO(neeilan): Commented this out to get sys/unix compiling on z/OS. Uncomment and fix. Error: "undefined: clearsyscall"
+ //clearsyscall.Errno() // TODO(mundaym): check pre-emption rules.
+
+ e, _, _ := syscall_syscall(SYS___READDIR_R_A, dir, uintptr(unsafe.Pointer(&ent)), uintptr(unsafe.Pointer(&res)))
+ var err error
+ if e != 0 {
+ err = errnoErr(Errno(e))
+ }
+ if res == 0 {
+ return nil, err
+ }
+ return &ent, err
+}
+
+func Closedir(dir uintptr) error {
+ _, _, e := syscall_syscall(SYS_CLOSEDIR, dir, 0, 0)
+ if e != 0 {
+ return errnoErr(e)
+ }
+ return nil
+}
+
+func Seekdir(dir uintptr, pos int) {
+ _, _, _ = syscall_syscall(SYS_SEEKDIR, dir, uintptr(pos), 0)
+}
+
+func Telldir(dir uintptr) (int, error) {
+ p, _, e := syscall_syscall(SYS_TELLDIR, dir, 0, 0)
+ pos := int(p)
+ if pos == -1 {
+ return pos, errnoErr(e)
+ }
+ return pos, nil
+}
+
+// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command.
+func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
+ // struct flock is packed on z/OS. We can't emulate that in Go so
+ // instead we pack it here.
+ var flock [24]byte
+ *(*int16)(unsafe.Pointer(&flock[0])) = lk.Type
+ *(*int16)(unsafe.Pointer(&flock[2])) = lk.Whence
+ *(*int64)(unsafe.Pointer(&flock[4])) = lk.Start
+ *(*int64)(unsafe.Pointer(&flock[12])) = lk.Len
+ *(*int32)(unsafe.Pointer(&flock[20])) = lk.Pid
+ _, _, errno := syscall_syscall(SYS_FCNTL, fd, uintptr(cmd), uintptr(unsafe.Pointer(&flock)))
+ lk.Type = *(*int16)(unsafe.Pointer(&flock[0]))
+ lk.Whence = *(*int16)(unsafe.Pointer(&flock[2]))
+ lk.Start = *(*int64)(unsafe.Pointer(&flock[4]))
+ lk.Len = *(*int64)(unsafe.Pointer(&flock[12]))
+ lk.Pid = *(*int32)(unsafe.Pointer(&flock[20]))
+ if errno == 0 {
+ return nil
+ }
+ return errno
+}
+
+func Flock(fd int, how int) error {
+
+ var flock_type int16
+ var fcntl_cmd int
+
+ switch how {
+ case LOCK_SH | LOCK_NB:
+ flock_type = F_RDLCK
+ fcntl_cmd = F_SETLK
+ case LOCK_EX | LOCK_NB:
+ flock_type = F_WRLCK
+ fcntl_cmd = F_SETLK
+ case LOCK_EX:
+ flock_type = F_WRLCK
+ fcntl_cmd = F_SETLKW
+ case LOCK_UN:
+ flock_type = F_UNLCK
+ fcntl_cmd = F_SETLKW
+ default:
+ }
+
+ flock := Flock_t{
+ Type: int16(flock_type),
+ Whence: int16(0),
+ Start: int64(0),
+ Len: int64(0),
+ Pid: int32(Getppid()),
+ }
+
+ err := FcntlFlock(uintptr(fd), fcntl_cmd, &flock)
+ return err
+}
+
+func Mlock(b []byte) (err error) {
+ _, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func Mlock2(b []byte, flags int) (err error) {
+ _, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func Mlockall(flags int) (err error) {
+ _, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func Munlock(b []byte) (err error) {
+ _, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func Munlockall() (err error) {
+ _, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+func ClockGettime(clockid int32, ts *Timespec) error {
+
+ var ticks_per_sec uint32 = 100 //TODO(kenan): value is currently hardcoded; need sysconf() call otherwise
+ var nsec_per_sec int64 = 1000000000
+
+ if ts == nil {
+ return EFAULT
+ }
+ if clockid == CLOCK_REALTIME || clockid == CLOCK_MONOTONIC {
+ var nanotime int64 = runtime.Nanotime1()
+ ts.Sec = nanotime / nsec_per_sec
+ ts.Nsec = nanotime % nsec_per_sec
+ } else if clockid == CLOCK_PROCESS_CPUTIME_ID || clockid == CLOCK_THREAD_CPUTIME_ID {
+ var tm Tms
+ _, err := Times(&tm)
+ if err != nil {
+ return EFAULT
+ }
+ ts.Sec = int64(tm.Utime / ticks_per_sec)
+ ts.Nsec = int64(tm.Utime) * nsec_per_sec / int64(ticks_per_sec)
+ } else {
+ return EINVAL
+ }
+ return nil
+}
+
+func Statfs(path string, stat *Statfs_t) (err error) {
+ fd, err := open(path, O_RDONLY, 0)
+ defer Close(fd)
+ if err != nil {
+ return err
+ }
+ return Fstatfs(fd, stat)
+}
+
+var (
+ Stdin = 0
+ Stdout = 1
+ Stderr = 2
+)
+
+// Do the interface allocations only once for common
+// Errno values.
+var (
+ errEAGAIN error = syscall.EAGAIN
+ errEINVAL error = syscall.EINVAL
+ errENOENT error = syscall.ENOENT
+)
+
+var (
+ signalNameMapOnce sync.Once
+ signalNameMap map[string]syscall.Signal
+)
+
+// errnoErr returns common boxed Errno values, to prevent
+// allocations at runtime.
+func errnoErr(e Errno) error {
+ switch e {
+ case 0:
+ return nil
+ case EAGAIN:
+ return errEAGAIN
+ case EINVAL:
+ return errEINVAL
+ case ENOENT:
+ return errENOENT
+ }
+ return e
+}
+
+// ErrnoName returns the error name for error number e.
+func ErrnoName(e Errno) string {
+ i := sort.Search(len(errorList), func(i int) bool {
+ return errorList[i].num >= e
+ })
+ if i < len(errorList) && errorList[i].num == e {
+ return errorList[i].name
+ }
+ return ""
+}
+
+// SignalName returns the signal name for signal number s.
+func SignalName(s syscall.Signal) string {
+ i := sort.Search(len(signalList), func(i int) bool {
+ return signalList[i].num >= s
+ })
+ if i < len(signalList) && signalList[i].num == s {
+ return signalList[i].name
+ }
+ return ""
+}
+
+// SignalNum returns the syscall.Signal for signal named s,
+// or 0 if a signal with such name is not found.
+// The signal name should start with "SIG".
+func SignalNum(s string) syscall.Signal {
+ signalNameMapOnce.Do(func() {
+ signalNameMap = make(map[string]syscall.Signal, len(signalList))
+ for _, signal := range signalList {
+ signalNameMap[signal.name] = signal.num
+ }
+ })
+ return signalNameMap[s]
+}
+
+// clen returns the index of the first NULL byte in n or len(n) if n contains no NULL byte.
+func clen(n []byte) int {
+ i := bytes.IndexByte(n, 0)
+ if i == -1 {
+ i = len(n)
+ }
+ return i
+}
+
+// Mmap manager, for use by operating system-specific implementations.
+
+type mmapper struct {
+ sync.Mutex
+ active map[*byte][]byte // active mappings; key is last byte in mapping
+ mmap func(addr, length uintptr, prot, flags, fd int, offset int64) (uintptr, error)
+ munmap func(addr uintptr, length uintptr) error
+}
+
+func (m *mmapper) Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
+ if length <= 0 {
+ return nil, EINVAL
+ }
+
+ // Map the requested memory.
+ addr, errno := m.mmap(0, uintptr(length), prot, flags, fd, offset)
+ if errno != nil {
+ return nil, errno
+ }
+
+ // Slice memory layout
+ var sl = struct {
+ addr uintptr
+ len int
+ cap int
+ }{addr, length, length}
+
+ // Use unsafe to turn sl into a []byte.
+ b := *(*[]byte)(unsafe.Pointer(&sl))
+
+ // Register mapping in m and return it.
+ p := &b[cap(b)-1]
+ m.Lock()
+ defer m.Unlock()
+ m.active[p] = b
+ return b, nil
+}
+
+func (m *mmapper) Munmap(data []byte) (err error) {
+ if len(data) == 0 || len(data) != cap(data) {
+ return EINVAL
+ }
+
+ // Find the base of the mapping.
+ p := &data[cap(data)-1]
+ m.Lock()
+ defer m.Unlock()
+ b := m.active[p]
+ if b == nil || &b[0] != &data[0] {
+ return EINVAL
+ }
+
+ // Unmap the memory and update m.
+ if errno := m.munmap(uintptr(unsafe.Pointer(&b[0])), uintptr(len(b))); errno != nil {
+ return errno
+ }
+ delete(m.active, p)
+ return nil
+}
+
+func Read(fd int, p []byte) (n int, err error) {
+ n, err = read(fd, p)
+ if raceenabled {
+ if n > 0 {
+ raceWriteRange(unsafe.Pointer(&p[0]), n)
+ }
+ if err == nil {
+ raceAcquire(unsafe.Pointer(&ioSync))
+ }
+ }
+ return
+}
+
+func Write(fd int, p []byte) (n int, err error) {
+ if raceenabled {
+ raceReleaseMerge(unsafe.Pointer(&ioSync))
+ }
+ n, err = write(fd, p)
+ if raceenabled && n > 0 {
+ raceReadRange(unsafe.Pointer(&p[0]), n)
+ }
+ return
+}
+
+// For testing: clients can set this flag to force
+// creation of IPv6 sockets to return EAFNOSUPPORT.
+var SocketDisableIPv6 bool
+
+// Sockaddr represents a socket address.
+type Sockaddr interface {
+ sockaddr() (ptr unsafe.Pointer, len _Socklen, err error) // lowercase; only we can define Sockaddrs
+}
+
+// SockaddrInet4 implements the Sockaddr interface for AF_INET type sockets.
+type SockaddrInet4 struct {
+ Port int
+ Addr [4]byte
+ raw RawSockaddrInet4
+}
+
+// SockaddrInet6 implements the Sockaddr interface for AF_INET6 type sockets.
+type SockaddrInet6 struct {
+ Port int
+ ZoneId uint32
+ Addr [16]byte
+ raw RawSockaddrInet6
+}
+
+// SockaddrUnix implements the Sockaddr interface for AF_UNIX type sockets.
+type SockaddrUnix struct {
+ Name string
+ raw RawSockaddrUnix
+}
+
+func Bind(fd int, sa Sockaddr) (err error) {
+ ptr, n, err := sa.sockaddr()
+ if err != nil {
+ return err
+ }
+ return bind(fd, ptr, n)
+}
+
+func Connect(fd int, sa Sockaddr) (err error) {
+ ptr, n, err := sa.sockaddr()
+ if err != nil {
+ return err
+ }
+ return connect(fd, ptr, n)
+}
+
+func Getpeername(fd int) (sa Sockaddr, err error) {
+ var rsa RawSockaddrAny
+ var len _Socklen = SizeofSockaddrAny
+ if err = getpeername(fd, &rsa, &len); err != nil {
+ return
+ }
+ return anyToSockaddr(fd, &rsa)
+}
+
+func GetsockoptByte(fd, level, opt int) (value byte, err error) {
+ var n byte
+ vallen := _Socklen(1)
+ err = getsockopt(fd, level, opt, unsafe.Pointer(&n), &vallen)
+ return n, err
+}
+
+func GetsockoptInt(fd, level, opt int) (value int, err error) {
+ var n int32
+ vallen := _Socklen(4)
+ err = getsockopt(fd, level, opt, unsafe.Pointer(&n), &vallen)
+ return int(n), err
+}
+
+func GetsockoptInet4Addr(fd, level, opt int) (value [4]byte, err error) {
+ vallen := _Socklen(4)
+ err = getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
+ return value, err
+}
+
+func GetsockoptIPMreq(fd, level, opt int) (*IPMreq, error) {
+ var value IPMreq
+ vallen := _Socklen(SizeofIPMreq)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&value), &vallen)
+ return &value, err
+}
+
+func GetsockoptIPv6Mreq(fd, level, opt int) (*IPv6Mreq, error) {
+ var value IPv6Mreq
+ vallen := _Socklen(SizeofIPv6Mreq)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&value), &vallen)
+ return &value, err
+}
+
+func GetsockoptIPv6MTUInfo(fd, level, opt int) (*IPv6MTUInfo, error) {
+ var value IPv6MTUInfo
+ vallen := _Socklen(SizeofIPv6MTUInfo)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&value), &vallen)
+ return &value, err
+}
+
+func GetsockoptICMPv6Filter(fd, level, opt int) (*ICMPv6Filter, error) {
+ var value ICMPv6Filter
+ vallen := _Socklen(SizeofICMPv6Filter)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&value), &vallen)
+ return &value, err
+}
+
+func GetsockoptLinger(fd, level, opt int) (*Linger, error) {
+ var linger Linger
+ vallen := _Socklen(SizeofLinger)
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&linger), &vallen)
+ return &linger, err
+}
+
+func GetsockoptTimeval(fd, level, opt int) (*Timeval, error) {
+ var tv Timeval
+ vallen := _Socklen(unsafe.Sizeof(tv))
+ err := getsockopt(fd, level, opt, unsafe.Pointer(&tv), &vallen)
+ return &tv, err
+}
+
+func GetsockoptUint64(fd, level, opt int) (value uint64, err error) {
+ var n uint64
+ vallen := _Socklen(8)
+ err = getsockopt(fd, level, opt, unsafe.Pointer(&n), &vallen)
+ return n, err
+}
+
+func Recvfrom(fd int, p []byte, flags int) (n int, from Sockaddr, err error) {
+ var rsa RawSockaddrAny
+ var len _Socklen = SizeofSockaddrAny
+ if n, err = recvfrom(fd, p, flags, &rsa, &len); err != nil {
+ return
+ }
+ if rsa.Addr.Family != AF_UNSPEC {
+ from, err = anyToSockaddr(fd, &rsa)
+ }
+ return
+}
+
+func Sendto(fd int, p []byte, flags int, to Sockaddr) (err error) {
+ ptr, n, err := to.sockaddr()
+ if err != nil {
+ return err
+ }
+ return sendto(fd, p, flags, ptr, n)
+}
+
+func SetsockoptByte(fd, level, opt int, value byte) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(&value), 1)
+}
+
+func SetsockoptInt(fd, level, opt int, value int) (err error) {
+ var n = int32(value)
+ return setsockopt(fd, level, opt, unsafe.Pointer(&n), 4)
+}
+
+func SetsockoptInet4Addr(fd, level, opt int, value [4]byte) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(&value[0]), 4)
+}
+
+func SetsockoptIPMreq(fd, level, opt int, mreq *IPMreq) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(mreq), SizeofIPMreq)
+}
+
+func SetsockoptIPv6Mreq(fd, level, opt int, mreq *IPv6Mreq) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(mreq), SizeofIPv6Mreq)
+}
+
+func SetsockoptICMPv6Filter(fd, level, opt int, filter *ICMPv6Filter) error {
+ return setsockopt(fd, level, opt, unsafe.Pointer(filter), SizeofICMPv6Filter)
+}
+
+func SetsockoptLinger(fd, level, opt int, l *Linger) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(l), SizeofLinger)
+}
+
+func SetsockoptString(fd, level, opt int, s string) (err error) {
+ var p unsafe.Pointer
+ if len(s) > 0 {
+ p = unsafe.Pointer(&[]byte(s)[0])
+ }
+ return setsockopt(fd, level, opt, p, uintptr(len(s)))
+}
+
+func SetsockoptTimeval(fd, level, opt int, tv *Timeval) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(tv), unsafe.Sizeof(*tv))
+}
+
+func SetsockoptUint64(fd, level, opt int, value uint64) (err error) {
+ return setsockopt(fd, level, opt, unsafe.Pointer(&value), 8)
+}
+
+func Socket(domain, typ, proto int) (fd int, err error) {
+ if domain == AF_INET6 && SocketDisableIPv6 {
+ return -1, EAFNOSUPPORT
+ }
+ fd, err = socket(domain, typ, proto)
+ return
+}
+
+func Socketpair(domain, typ, proto int) (fd [2]int, err error) {
+ var fdx [2]int32
+ err = socketpair(domain, typ, proto, &fdx)
+ if err == nil {
+ fd[0] = int(fdx[0])
+ fd[1] = int(fdx[1])
+ }
+ return
+}
+
+var ioSync int64
+
+func CloseOnExec(fd int) { fcntl(fd, F_SETFD, FD_CLOEXEC) }
+
+func SetNonblock(fd int, nonblocking bool) (err error) {
+ flag, err := fcntl(fd, F_GETFL, 0)
+ if err != nil {
+ return err
+ }
+ if nonblocking {
+ flag |= O_NONBLOCK
+ } else {
+ flag &= ^O_NONBLOCK
+ }
+ _, err = fcntl(fd, F_SETFL, flag)
+ return err
+}
+
+// Exec calls execve(2), which replaces the calling executable in the process
+// tree. argv0 should be the full path to an executable ("/bin/ls") and the
+// executable name should also be the first argument in argv (["ls", "-l"]).
+// envv are the environment variables that should be passed to the new
+// process (["USER=go", "PWD=/tmp"]).
+func Exec(argv0 string, argv []string, envv []string) error {
+ return syscall.Exec(argv0, argv, envv)
+}
+
+func Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+ if needspace := 8 - len(fstype); needspace <= 0 {
+ fstype = fstype[:8]
+ } else {
+ fstype += " "[:needspace]
+ }
+ return mount_LE(target, source, fstype, uint32(flags), int32(len(data)), data)
+}
+
+func Unmount(name string, mtm int) (err error) {
+ // mountpoint is always a full path and starts with a '/'
+ // check if input string is not a mountpoint but a filesystem name
+ if name[0] != '/' {
+ return unmount(name, mtm)
+ }
+ // treat name as mountpoint
+ b2s := func(arr []byte) string {
+ nulli := bytes.IndexByte(arr, 0)
+ if nulli == -1 {
+ return string(arr)
+ } else {
+ return string(arr[:nulli])
+ }
+ }
+ var buffer struct {
+ header W_Mnth
+ fsinfo [64]W_Mntent
+ }
+ fsCount, err := W_Getmntent_A((*byte)(unsafe.Pointer(&buffer)), int(unsafe.Sizeof(buffer)))
+ if err != nil {
+ return err
+ }
+ if fsCount == 0 {
+ return EINVAL
+ }
+ for i := 0; i < fsCount; i++ {
+ if b2s(buffer.fsinfo[i].Mountpoint[:]) == name {
+ err = unmount(b2s(buffer.fsinfo[i].Fsname[:]), mtm)
+ break
+ }
+ }
+ return err
+}
diff --git a/vendor/golang.org/x/sys/unix/timestruct.go b/vendor/golang.org/x/sys/unix/timestruct.go
index 10360429..3d893040 100644
--- a/vendor/golang.org/x/sys/unix/timestruct.go
+++ b/vendor/golang.org/x/sys/unix/timestruct.go
@@ -2,7 +2,8 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
package unix
diff --git a/vendor/golang.org/x/sys/unix/xattr_bsd.go b/vendor/golang.org/x/sys/unix/xattr_bsd.go
index 30c1d71f..25df1e37 100644
--- a/vendor/golang.org/x/sys/unix/xattr_bsd.go
+++ b/vendor/golang.org/x/sys/unix/xattr_bsd.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build freebsd || netbsd
// +build freebsd netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
index 104994bc..ca9799b7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
@@ -1,6 +1,7 @@
// mkerrors.sh -maix32
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc && aix
// +build ppc,aix
// Created by cgo -godefs - DO NOT EDIT
diff --git a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
index 4fc8d306..200c8c26 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -maix64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64 && aix
// +build ppc64,aix
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go
deleted file mode 100644
index ec376f51..00000000
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_386.go
+++ /dev/null
@@ -1,1788 +0,0 @@
-// mkerrors.sh -m32
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build 386,darwin
-
-// Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- -m32 _const.go
-
-package unix
-
-import "syscall"
-
-const (
- AF_APPLETALK = 0x10
- AF_CCITT = 0xa
- AF_CHAOS = 0x5
- AF_CNT = 0x15
- AF_COIP = 0x14
- AF_DATAKIT = 0x9
- AF_DECnet = 0xc
- AF_DLI = 0xd
- AF_E164 = 0x1c
- AF_ECMA = 0x8
- AF_HYLINK = 0xf
- AF_IEEE80211 = 0x25
- AF_IMPLINK = 0x3
- AF_INET = 0x2
- AF_INET6 = 0x1e
- AF_IPX = 0x17
- AF_ISDN = 0x1c
- AF_ISO = 0x7
- AF_LAT = 0xe
- AF_LINK = 0x12
- AF_LOCAL = 0x1
- AF_MAX = 0x28
- AF_NATM = 0x1f
- AF_NDRV = 0x1b
- AF_NETBIOS = 0x21
- AF_NS = 0x6
- AF_OSI = 0x7
- AF_PPP = 0x22
- AF_PUP = 0x4
- AF_RESERVED_36 = 0x24
- AF_ROUTE = 0x11
- AF_SIP = 0x18
- AF_SNA = 0xb
- AF_SYSTEM = 0x20
- AF_SYS_CONTROL = 0x2
- AF_UNIX = 0x1
- AF_UNSPEC = 0x0
- AF_UTUN = 0x26
- ALTWERASE = 0x200
- ATTR_BIT_MAP_COUNT = 0x5
- ATTR_CMN_ACCESSMASK = 0x20000
- ATTR_CMN_ACCTIME = 0x1000
- ATTR_CMN_ADDEDTIME = 0x10000000
- ATTR_CMN_BKUPTIME = 0x2000
- ATTR_CMN_CHGTIME = 0x800
- ATTR_CMN_CRTIME = 0x200
- ATTR_CMN_DATA_PROTECT_FLAGS = 0x40000000
- ATTR_CMN_DEVID = 0x2
- ATTR_CMN_DOCUMENT_ID = 0x100000
- ATTR_CMN_ERROR = 0x20000000
- ATTR_CMN_EXTENDED_SECURITY = 0x400000
- ATTR_CMN_FILEID = 0x2000000
- ATTR_CMN_FLAGS = 0x40000
- ATTR_CMN_FNDRINFO = 0x4000
- ATTR_CMN_FSID = 0x4
- ATTR_CMN_FULLPATH = 0x8000000
- ATTR_CMN_GEN_COUNT = 0x80000
- ATTR_CMN_GRPID = 0x10000
- ATTR_CMN_GRPUUID = 0x1000000
- ATTR_CMN_MODTIME = 0x400
- ATTR_CMN_NAME = 0x1
- ATTR_CMN_NAMEDATTRCOUNT = 0x80000
- ATTR_CMN_NAMEDATTRLIST = 0x100000
- ATTR_CMN_OBJID = 0x20
- ATTR_CMN_OBJPERMANENTID = 0x40
- ATTR_CMN_OBJTAG = 0x10
- ATTR_CMN_OBJTYPE = 0x8
- ATTR_CMN_OWNERID = 0x8000
- ATTR_CMN_PARENTID = 0x4000000
- ATTR_CMN_PAROBJID = 0x80
- ATTR_CMN_RETURNED_ATTRS = 0x80000000
- ATTR_CMN_SCRIPT = 0x100
- ATTR_CMN_SETMASK = 0x41c7ff00
- ATTR_CMN_USERACCESS = 0x200000
- ATTR_CMN_UUID = 0x800000
- ATTR_CMN_VALIDMASK = 0xffffffff
- ATTR_CMN_VOLSETMASK = 0x6700
- ATTR_FILE_ALLOCSIZE = 0x4
- ATTR_FILE_CLUMPSIZE = 0x10
- ATTR_FILE_DATAALLOCSIZE = 0x400
- ATTR_FILE_DATAEXTENTS = 0x800
- ATTR_FILE_DATALENGTH = 0x200
- ATTR_FILE_DEVTYPE = 0x20
- ATTR_FILE_FILETYPE = 0x40
- ATTR_FILE_FORKCOUNT = 0x80
- ATTR_FILE_FORKLIST = 0x100
- ATTR_FILE_IOBLOCKSIZE = 0x8
- ATTR_FILE_LINKCOUNT = 0x1
- ATTR_FILE_RSRCALLOCSIZE = 0x2000
- ATTR_FILE_RSRCEXTENTS = 0x4000
- ATTR_FILE_RSRCLENGTH = 0x1000
- ATTR_FILE_SETMASK = 0x20
- ATTR_FILE_TOTALSIZE = 0x2
- ATTR_FILE_VALIDMASK = 0x37ff
- ATTR_VOL_ALLOCATIONCLUMP = 0x40
- ATTR_VOL_ATTRIBUTES = 0x40000000
- ATTR_VOL_CAPABILITIES = 0x20000
- ATTR_VOL_DIRCOUNT = 0x400
- ATTR_VOL_ENCODINGSUSED = 0x10000
- ATTR_VOL_FILECOUNT = 0x200
- ATTR_VOL_FSTYPE = 0x1
- ATTR_VOL_INFO = 0x80000000
- ATTR_VOL_IOBLOCKSIZE = 0x80
- ATTR_VOL_MAXOBJCOUNT = 0x800
- ATTR_VOL_MINALLOCATION = 0x20
- ATTR_VOL_MOUNTEDDEVICE = 0x8000
- ATTR_VOL_MOUNTFLAGS = 0x4000
- ATTR_VOL_MOUNTPOINT = 0x1000
- ATTR_VOL_NAME = 0x2000
- ATTR_VOL_OBJCOUNT = 0x100
- ATTR_VOL_QUOTA_SIZE = 0x10000000
- ATTR_VOL_RESERVED_SIZE = 0x20000000
- ATTR_VOL_SETMASK = 0x80002000
- ATTR_VOL_SIGNATURE = 0x2
- ATTR_VOL_SIZE = 0x4
- ATTR_VOL_SPACEAVAIL = 0x10
- ATTR_VOL_SPACEFREE = 0x8
- ATTR_VOL_UUID = 0x40000
- ATTR_VOL_VALIDMASK = 0xf007ffff
- B0 = 0x0
- B110 = 0x6e
- B115200 = 0x1c200
- B1200 = 0x4b0
- B134 = 0x86
- B14400 = 0x3840
- B150 = 0x96
- B1800 = 0x708
- B19200 = 0x4b00
- B200 = 0xc8
- B230400 = 0x38400
- B2400 = 0x960
- B28800 = 0x7080
- B300 = 0x12c
- B38400 = 0x9600
- B4800 = 0x12c0
- B50 = 0x32
- B57600 = 0xe100
- B600 = 0x258
- B7200 = 0x1c20
- B75 = 0x4b
- B76800 = 0x12c00
- B9600 = 0x2580
- BIOCFLUSH = 0x20004268
- BIOCGBLEN = 0x40044266
- BIOCGDLT = 0x4004426a
- BIOCGDLTLIST = 0xc00c4279
- BIOCGETIF = 0x4020426b
- BIOCGHDRCMPLT = 0x40044274
- BIOCGRSIG = 0x40044272
- BIOCGRTIMEOUT = 0x4008426e
- BIOCGSEESENT = 0x40044276
- BIOCGSTATS = 0x4008426f
- BIOCIMMEDIATE = 0x80044270
- BIOCPROMISC = 0x20004269
- BIOCSBLEN = 0xc0044266
- BIOCSDLT = 0x80044278
- BIOCSETF = 0x80084267
- BIOCSETFNR = 0x8008427e
- BIOCSETIF = 0x8020426c
- BIOCSHDRCMPLT = 0x80044275
- BIOCSRSIG = 0x80044273
- BIOCSRTIMEOUT = 0x8008426d
- BIOCSSEESENT = 0x80044277
- BIOCVERSION = 0x40044271
- BPF_A = 0x10
- BPF_ABS = 0x20
- BPF_ADD = 0x0
- BPF_ALIGNMENT = 0x4
- BPF_ALU = 0x4
- BPF_AND = 0x50
- BPF_B = 0x10
- BPF_DIV = 0x30
- BPF_H = 0x8
- BPF_IMM = 0x0
- BPF_IND = 0x40
- BPF_JA = 0x0
- BPF_JEQ = 0x10
- BPF_JGE = 0x30
- BPF_JGT = 0x20
- BPF_JMP = 0x5
- BPF_JSET = 0x40
- BPF_K = 0x0
- BPF_LD = 0x0
- BPF_LDX = 0x1
- BPF_LEN = 0x80
- BPF_LSH = 0x60
- BPF_MAJOR_VERSION = 0x1
- BPF_MAXBUFSIZE = 0x80000
- BPF_MAXINSNS = 0x200
- BPF_MEM = 0x60
- BPF_MEMWORDS = 0x10
- BPF_MINBUFSIZE = 0x20
- BPF_MINOR_VERSION = 0x1
- BPF_MISC = 0x7
- BPF_MSH = 0xa0
- BPF_MUL = 0x20
- BPF_NEG = 0x80
- BPF_OR = 0x40
- BPF_RELEASE = 0x30bb6
- BPF_RET = 0x6
- BPF_RSH = 0x70
- BPF_ST = 0x2
- BPF_STX = 0x3
- BPF_SUB = 0x10
- BPF_TAX = 0x0
- BPF_TXA = 0x80
- BPF_W = 0x0
- BPF_X = 0x8
- BRKINT = 0x2
- BS0 = 0x0
- BS1 = 0x8000
- BSDLY = 0x8000
- CFLUSH = 0xf
- CLOCAL = 0x8000
- CLOCK_MONOTONIC = 0x6
- CLOCK_MONOTONIC_RAW = 0x4
- CLOCK_MONOTONIC_RAW_APPROX = 0x5
- CLOCK_PROCESS_CPUTIME_ID = 0xc
- CLOCK_REALTIME = 0x0
- CLOCK_THREAD_CPUTIME_ID = 0x10
- CLOCK_UPTIME_RAW = 0x8
- CLOCK_UPTIME_RAW_APPROX = 0x9
- CLONE_NOFOLLOW = 0x1
- CLONE_NOOWNERCOPY = 0x2
- CR0 = 0x0
- CR1 = 0x1000
- CR2 = 0x2000
- CR3 = 0x3000
- CRDLY = 0x3000
- CREAD = 0x800
- CRTSCTS = 0x30000
- CS5 = 0x0
- CS6 = 0x100
- CS7 = 0x200
- CS8 = 0x300
- CSIZE = 0x300
- CSTART = 0x11
- CSTATUS = 0x14
- CSTOP = 0x13
- CSTOPB = 0x400
- CSUSP = 0x1a
- CTLIOCGINFO = 0xc0644e03
- CTL_HW = 0x6
- CTL_KERN = 0x1
- CTL_MAXNAME = 0xc
- CTL_NET = 0x4
- DLT_A429 = 0xb8
- DLT_A653_ICM = 0xb9
- DLT_AIRONET_HEADER = 0x78
- DLT_AOS = 0xde
- DLT_APPLE_IP_OVER_IEEE1394 = 0x8a
- DLT_ARCNET = 0x7
- DLT_ARCNET_LINUX = 0x81
- DLT_ATM_CLIP = 0x13
- DLT_ATM_RFC1483 = 0xb
- DLT_AURORA = 0x7e
- DLT_AX25 = 0x3
- DLT_AX25_KISS = 0xca
- DLT_BACNET_MS_TP = 0xa5
- DLT_BLUETOOTH_HCI_H4 = 0xbb
- DLT_BLUETOOTH_HCI_H4_WITH_PHDR = 0xc9
- DLT_CAN20B = 0xbe
- DLT_CAN_SOCKETCAN = 0xe3
- DLT_CHAOS = 0x5
- DLT_CHDLC = 0x68
- DLT_CISCO_IOS = 0x76
- DLT_C_HDLC = 0x68
- DLT_C_HDLC_WITH_DIR = 0xcd
- DLT_DBUS = 0xe7
- DLT_DECT = 0xdd
- DLT_DOCSIS = 0x8f
- DLT_DVB_CI = 0xeb
- DLT_ECONET = 0x73
- DLT_EN10MB = 0x1
- DLT_EN3MB = 0x2
- DLT_ENC = 0x6d
- DLT_ERF = 0xc5
- DLT_ERF_ETH = 0xaf
- DLT_ERF_POS = 0xb0
- DLT_FC_2 = 0xe0
- DLT_FC_2_WITH_FRAME_DELIMS = 0xe1
- DLT_FDDI = 0xa
- DLT_FLEXRAY = 0xd2
- DLT_FRELAY = 0x6b
- DLT_FRELAY_WITH_DIR = 0xce
- DLT_GCOM_SERIAL = 0xad
- DLT_GCOM_T1E1 = 0xac
- DLT_GPF_F = 0xab
- DLT_GPF_T = 0xaa
- DLT_GPRS_LLC = 0xa9
- DLT_GSMTAP_ABIS = 0xda
- DLT_GSMTAP_UM = 0xd9
- DLT_HHDLC = 0x79
- DLT_IBM_SN = 0x92
- DLT_IBM_SP = 0x91
- DLT_IEEE802 = 0x6
- DLT_IEEE802_11 = 0x69
- DLT_IEEE802_11_RADIO = 0x7f
- DLT_IEEE802_11_RADIO_AVS = 0xa3
- DLT_IEEE802_15_4 = 0xc3
- DLT_IEEE802_15_4_LINUX = 0xbf
- DLT_IEEE802_15_4_NOFCS = 0xe6
- DLT_IEEE802_15_4_NONASK_PHY = 0xd7
- DLT_IEEE802_16_MAC_CPS = 0xbc
- DLT_IEEE802_16_MAC_CPS_RADIO = 0xc1
- DLT_IPFILTER = 0x74
- DLT_IPMB = 0xc7
- DLT_IPMB_LINUX = 0xd1
- DLT_IPNET = 0xe2
- DLT_IPOIB = 0xf2
- DLT_IPV4 = 0xe4
- DLT_IPV6 = 0xe5
- DLT_IP_OVER_FC = 0x7a
- DLT_JUNIPER_ATM1 = 0x89
- DLT_JUNIPER_ATM2 = 0x87
- DLT_JUNIPER_ATM_CEMIC = 0xee
- DLT_JUNIPER_CHDLC = 0xb5
- DLT_JUNIPER_ES = 0x84
- DLT_JUNIPER_ETHER = 0xb2
- DLT_JUNIPER_FIBRECHANNEL = 0xea
- DLT_JUNIPER_FRELAY = 0xb4
- DLT_JUNIPER_GGSN = 0x85
- DLT_JUNIPER_ISM = 0xc2
- DLT_JUNIPER_MFR = 0x86
- DLT_JUNIPER_MLFR = 0x83
- DLT_JUNIPER_MLPPP = 0x82
- DLT_JUNIPER_MONITOR = 0xa4
- DLT_JUNIPER_PIC_PEER = 0xae
- DLT_JUNIPER_PPP = 0xb3
- DLT_JUNIPER_PPPOE = 0xa7
- DLT_JUNIPER_PPPOE_ATM = 0xa8
- DLT_JUNIPER_SERVICES = 0x88
- DLT_JUNIPER_SRX_E2E = 0xe9
- DLT_JUNIPER_ST = 0xc8
- DLT_JUNIPER_VP = 0xb7
- DLT_JUNIPER_VS = 0xe8
- DLT_LAPB_WITH_DIR = 0xcf
- DLT_LAPD = 0xcb
- DLT_LIN = 0xd4
- DLT_LINUX_EVDEV = 0xd8
- DLT_LINUX_IRDA = 0x90
- DLT_LINUX_LAPD = 0xb1
- DLT_LINUX_PPP_WITHDIRECTION = 0xa6
- DLT_LINUX_SLL = 0x71
- DLT_LOOP = 0x6c
- DLT_LTALK = 0x72
- DLT_MATCHING_MAX = 0xf5
- DLT_MATCHING_MIN = 0x68
- DLT_MFR = 0xb6
- DLT_MOST = 0xd3
- DLT_MPEG_2_TS = 0xf3
- DLT_MPLS = 0xdb
- DLT_MTP2 = 0x8c
- DLT_MTP2_WITH_PHDR = 0x8b
- DLT_MTP3 = 0x8d
- DLT_MUX27010 = 0xec
- DLT_NETANALYZER = 0xf0
- DLT_NETANALYZER_TRANSPARENT = 0xf1
- DLT_NFC_LLCP = 0xf5
- DLT_NFLOG = 0xef
- DLT_NG40 = 0xf4
- DLT_NULL = 0x0
- DLT_PCI_EXP = 0x7d
- DLT_PFLOG = 0x75
- DLT_PFSYNC = 0x12
- DLT_PPI = 0xc0
- DLT_PPP = 0x9
- DLT_PPP_BSDOS = 0x10
- DLT_PPP_ETHER = 0x33
- DLT_PPP_PPPD = 0xa6
- DLT_PPP_SERIAL = 0x32
- DLT_PPP_WITH_DIR = 0xcc
- DLT_PPP_WITH_DIRECTION = 0xa6
- DLT_PRISM_HEADER = 0x77
- DLT_PRONET = 0x4
- DLT_RAIF1 = 0xc6
- DLT_RAW = 0xc
- DLT_RIO = 0x7c
- DLT_SCCP = 0x8e
- DLT_SITA = 0xc4
- DLT_SLIP = 0x8
- DLT_SLIP_BSDOS = 0xf
- DLT_STANAG_5066_D_PDU = 0xed
- DLT_SUNATM = 0x7b
- DLT_SYMANTEC_FIREWALL = 0x63
- DLT_TZSP = 0x80
- DLT_USB = 0xba
- DLT_USB_LINUX = 0xbd
- DLT_USB_LINUX_MMAPPED = 0xdc
- DLT_USER0 = 0x93
- DLT_USER1 = 0x94
- DLT_USER10 = 0x9d
- DLT_USER11 = 0x9e
- DLT_USER12 = 0x9f
- DLT_USER13 = 0xa0
- DLT_USER14 = 0xa1
- DLT_USER15 = 0xa2
- DLT_USER2 = 0x95
- DLT_USER3 = 0x96
- DLT_USER4 = 0x97
- DLT_USER5 = 0x98
- DLT_USER6 = 0x99
- DLT_USER7 = 0x9a
- DLT_USER8 = 0x9b
- DLT_USER9 = 0x9c
- DLT_WIHART = 0xdf
- DLT_X2E_SERIAL = 0xd5
- DLT_X2E_XORAYA = 0xd6
- DT_BLK = 0x6
- DT_CHR = 0x2
- DT_DIR = 0x4
- DT_FIFO = 0x1
- DT_LNK = 0xa
- DT_REG = 0x8
- DT_SOCK = 0xc
- DT_UNKNOWN = 0x0
- DT_WHT = 0xe
- ECHO = 0x8
- ECHOCTL = 0x40
- ECHOE = 0x2
- ECHOK = 0x4
- ECHOKE = 0x1
- ECHONL = 0x10
- ECHOPRT = 0x20
- EVFILT_AIO = -0x3
- EVFILT_EXCEPT = -0xf
- EVFILT_FS = -0x9
- EVFILT_MACHPORT = -0x8
- EVFILT_PROC = -0x5
- EVFILT_READ = -0x1
- EVFILT_SIGNAL = -0x6
- EVFILT_SYSCOUNT = 0xf
- EVFILT_THREADMARKER = 0xf
- EVFILT_TIMER = -0x7
- EVFILT_USER = -0xa
- EVFILT_VM = -0xc
- EVFILT_VNODE = -0x4
- EVFILT_WRITE = -0x2
- EV_ADD = 0x1
- EV_CLEAR = 0x20
- EV_DELETE = 0x2
- EV_DISABLE = 0x8
- EV_DISPATCH = 0x80
- EV_DISPATCH2 = 0x180
- EV_ENABLE = 0x4
- EV_EOF = 0x8000
- EV_ERROR = 0x4000
- EV_FLAG0 = 0x1000
- EV_FLAG1 = 0x2000
- EV_ONESHOT = 0x10
- EV_OOBAND = 0x2000
- EV_POLL = 0x1000
- EV_RECEIPT = 0x40
- EV_SYSFLAGS = 0xf000
- EV_UDATA_SPECIFIC = 0x100
- EV_VANISHED = 0x200
- EXTA = 0x4b00
- EXTB = 0x9600
- EXTPROC = 0x800
- FD_CLOEXEC = 0x1
- FD_SETSIZE = 0x400
- FF0 = 0x0
- FF1 = 0x4000
- FFDLY = 0x4000
- FLUSHO = 0x800000
- FSOPT_ATTR_CMN_EXTENDED = 0x20
- FSOPT_NOFOLLOW = 0x1
- FSOPT_NOINMEMUPDATE = 0x2
- FSOPT_PACK_INVAL_ATTRS = 0x8
- FSOPT_REPORT_FULLSIZE = 0x4
- F_ADDFILESIGS = 0x3d
- F_ADDFILESIGS_FOR_DYLD_SIM = 0x53
- F_ADDFILESIGS_RETURN = 0x61
- F_ADDSIGS = 0x3b
- F_ALLOCATEALL = 0x4
- F_ALLOCATECONTIG = 0x2
- F_BARRIERFSYNC = 0x55
- F_CHECK_LV = 0x62
- F_CHKCLEAN = 0x29
- F_DUPFD = 0x0
- F_DUPFD_CLOEXEC = 0x43
- F_FINDSIGS = 0x4e
- F_FLUSH_DATA = 0x28
- F_FREEZE_FS = 0x35
- F_FULLFSYNC = 0x33
- F_GETCODEDIR = 0x48
- F_GETFD = 0x1
- F_GETFL = 0x3
- F_GETLK = 0x7
- F_GETLKPID = 0x42
- F_GETNOSIGPIPE = 0x4a
- F_GETOWN = 0x5
- F_GETPATH = 0x32
- F_GETPATH_MTMINFO = 0x47
- F_GETPROTECTIONCLASS = 0x3f
- F_GETPROTECTIONLEVEL = 0x4d
- F_GLOBAL_NOCACHE = 0x37
- F_LOG2PHYS = 0x31
- F_LOG2PHYS_EXT = 0x41
- F_NOCACHE = 0x30
- F_NODIRECT = 0x3e
- F_OK = 0x0
- F_PATHPKG_CHECK = 0x34
- F_PEOFPOSMODE = 0x3
- F_PREALLOCATE = 0x2a
- F_PUNCHHOLE = 0x63
- F_RDADVISE = 0x2c
- F_RDAHEAD = 0x2d
- F_RDLCK = 0x1
- F_SETBACKINGSTORE = 0x46
- F_SETFD = 0x2
- F_SETFL = 0x4
- F_SETLK = 0x8
- F_SETLKW = 0x9
- F_SETLKWTIMEOUT = 0xa
- F_SETNOSIGPIPE = 0x49
- F_SETOWN = 0x6
- F_SETPROTECTIONCLASS = 0x40
- F_SETSIZE = 0x2b
- F_SINGLE_WRITER = 0x4c
- F_THAW_FS = 0x36
- F_TRANSCODEKEY = 0x4b
- F_TRIM_ACTIVE_FILE = 0x64
- F_UNLCK = 0x2
- F_VOLPOSMODE = 0x4
- F_WRLCK = 0x3
- HUPCL = 0x4000
- HW_MACHINE = 0x1
- ICANON = 0x100
- ICMP6_FILTER = 0x12
- ICRNL = 0x100
- IEXTEN = 0x400
- IFF_ALLMULTI = 0x200
- IFF_ALTPHYS = 0x4000
- IFF_BROADCAST = 0x2
- IFF_DEBUG = 0x4
- IFF_LINK0 = 0x1000
- IFF_LINK1 = 0x2000
- IFF_LINK2 = 0x4000
- IFF_LOOPBACK = 0x8
- IFF_MULTICAST = 0x8000
- IFF_NOARP = 0x80
- IFF_NOTRAILERS = 0x20
- IFF_OACTIVE = 0x400
- IFF_POINTOPOINT = 0x10
- IFF_PROMISC = 0x100
- IFF_RUNNING = 0x40
- IFF_SIMPLEX = 0x800
- IFF_UP = 0x1
- IFNAMSIZ = 0x10
- IFT_1822 = 0x2
- IFT_AAL5 = 0x31
- IFT_ARCNET = 0x23
- IFT_ARCNETPLUS = 0x24
- IFT_ATM = 0x25
- IFT_BRIDGE = 0xd1
- IFT_CARP = 0xf8
- IFT_CELLULAR = 0xff
- IFT_CEPT = 0x13
- IFT_DS3 = 0x1e
- IFT_ENC = 0xf4
- IFT_EON = 0x19
- IFT_ETHER = 0x6
- IFT_FAITH = 0x38
- IFT_FDDI = 0xf
- IFT_FRELAY = 0x20
- IFT_FRELAYDCE = 0x2c
- IFT_GIF = 0x37
- IFT_HDH1822 = 0x3
- IFT_HIPPI = 0x2f
- IFT_HSSI = 0x2e
- IFT_HY = 0xe
- IFT_IEEE1394 = 0x90
- IFT_IEEE8023ADLAG = 0x88
- IFT_ISDNBASIC = 0x14
- IFT_ISDNPRIMARY = 0x15
- IFT_ISO88022LLC = 0x29
- IFT_ISO88023 = 0x7
- IFT_ISO88024 = 0x8
- IFT_ISO88025 = 0x9
- IFT_ISO88026 = 0xa
- IFT_L2VLAN = 0x87
- IFT_LAPB = 0x10
- IFT_LOCALTALK = 0x2a
- IFT_LOOP = 0x18
- IFT_MIOX25 = 0x26
- IFT_MODEM = 0x30
- IFT_NSIP = 0x1b
- IFT_OTHER = 0x1
- IFT_P10 = 0xc
- IFT_P80 = 0xd
- IFT_PARA = 0x22
- IFT_PDP = 0xff
- IFT_PFLOG = 0xf5
- IFT_PFSYNC = 0xf6
- IFT_PKTAP = 0xfe
- IFT_PPP = 0x17
- IFT_PROPMUX = 0x36
- IFT_PROPVIRTUAL = 0x35
- IFT_PTPSERIAL = 0x16
- IFT_RS232 = 0x21
- IFT_SDLC = 0x11
- IFT_SIP = 0x1f
- IFT_SLIP = 0x1c
- IFT_SMDSDXI = 0x2b
- IFT_SMDSICIP = 0x34
- IFT_SONET = 0x27
- IFT_SONETPATH = 0x32
- IFT_SONETVT = 0x33
- IFT_STARLAN = 0xb
- IFT_STF = 0x39
- IFT_T1 = 0x12
- IFT_ULTRA = 0x1d
- IFT_V35 = 0x2d
- IFT_X25 = 0x5
- IFT_X25DDN = 0x4
- IFT_X25PLE = 0x28
- IFT_XETHER = 0x1a
- IGNBRK = 0x1
- IGNCR = 0x80
- IGNPAR = 0x4
- IMAXBEL = 0x2000
- INLCR = 0x40
- INPCK = 0x10
- IN_CLASSA_HOST = 0xffffff
- IN_CLASSA_MAX = 0x80
- IN_CLASSA_NET = 0xff000000
- IN_CLASSA_NSHIFT = 0x18
- IN_CLASSB_HOST = 0xffff
- IN_CLASSB_MAX = 0x10000
- IN_CLASSB_NET = 0xffff0000
- IN_CLASSB_NSHIFT = 0x10
- IN_CLASSC_HOST = 0xff
- IN_CLASSC_NET = 0xffffff00
- IN_CLASSC_NSHIFT = 0x8
- IN_CLASSD_HOST = 0xfffffff
- IN_CLASSD_NET = 0xf0000000
- IN_CLASSD_NSHIFT = 0x1c
- IN_LINKLOCALNETNUM = 0xa9fe0000
- IN_LOOPBACKNET = 0x7f
- IPPROTO_3PC = 0x22
- IPPROTO_ADFS = 0x44
- IPPROTO_AH = 0x33
- IPPROTO_AHIP = 0x3d
- IPPROTO_APES = 0x63
- IPPROTO_ARGUS = 0xd
- IPPROTO_AX25 = 0x5d
- IPPROTO_BHA = 0x31
- IPPROTO_BLT = 0x1e
- IPPROTO_BRSATMON = 0x4c
- IPPROTO_CFTP = 0x3e
- IPPROTO_CHAOS = 0x10
- IPPROTO_CMTP = 0x26
- IPPROTO_CPHB = 0x49
- IPPROTO_CPNX = 0x48
- IPPROTO_DDP = 0x25
- IPPROTO_DGP = 0x56
- IPPROTO_DIVERT = 0xfe
- IPPROTO_DONE = 0x101
- IPPROTO_DSTOPTS = 0x3c
- IPPROTO_EGP = 0x8
- IPPROTO_EMCON = 0xe
- IPPROTO_ENCAP = 0x62
- IPPROTO_EON = 0x50
- IPPROTO_ESP = 0x32
- IPPROTO_ETHERIP = 0x61
- IPPROTO_FRAGMENT = 0x2c
- IPPROTO_GGP = 0x3
- IPPROTO_GMTP = 0x64
- IPPROTO_GRE = 0x2f
- IPPROTO_HELLO = 0x3f
- IPPROTO_HMP = 0x14
- IPPROTO_HOPOPTS = 0x0
- IPPROTO_ICMP = 0x1
- IPPROTO_ICMPV6 = 0x3a
- IPPROTO_IDP = 0x16
- IPPROTO_IDPR = 0x23
- IPPROTO_IDRP = 0x2d
- IPPROTO_IGMP = 0x2
- IPPROTO_IGP = 0x55
- IPPROTO_IGRP = 0x58
- IPPROTO_IL = 0x28
- IPPROTO_INLSP = 0x34
- IPPROTO_INP = 0x20
- IPPROTO_IP = 0x0
- IPPROTO_IPCOMP = 0x6c
- IPPROTO_IPCV = 0x47
- IPPROTO_IPEIP = 0x5e
- IPPROTO_IPIP = 0x4
- IPPROTO_IPPC = 0x43
- IPPROTO_IPV4 = 0x4
- IPPROTO_IPV6 = 0x29
- IPPROTO_IRTP = 0x1c
- IPPROTO_KRYPTOLAN = 0x41
- IPPROTO_LARP = 0x5b
- IPPROTO_LEAF1 = 0x19
- IPPROTO_LEAF2 = 0x1a
- IPPROTO_MAX = 0x100
- IPPROTO_MAXID = 0x34
- IPPROTO_MEAS = 0x13
- IPPROTO_MHRP = 0x30
- IPPROTO_MICP = 0x5f
- IPPROTO_MTP = 0x5c
- IPPROTO_MUX = 0x12
- IPPROTO_ND = 0x4d
- IPPROTO_NHRP = 0x36
- IPPROTO_NONE = 0x3b
- IPPROTO_NSP = 0x1f
- IPPROTO_NVPII = 0xb
- IPPROTO_OSPFIGP = 0x59
- IPPROTO_PGM = 0x71
- IPPROTO_PIGP = 0x9
- IPPROTO_PIM = 0x67
- IPPROTO_PRM = 0x15
- IPPROTO_PUP = 0xc
- IPPROTO_PVP = 0x4b
- IPPROTO_RAW = 0xff
- IPPROTO_RCCMON = 0xa
- IPPROTO_RDP = 0x1b
- IPPROTO_ROUTING = 0x2b
- IPPROTO_RSVP = 0x2e
- IPPROTO_RVD = 0x42
- IPPROTO_SATEXPAK = 0x40
- IPPROTO_SATMON = 0x45
- IPPROTO_SCCSP = 0x60
- IPPROTO_SCTP = 0x84
- IPPROTO_SDRP = 0x2a
- IPPROTO_SEP = 0x21
- IPPROTO_SRPC = 0x5a
- IPPROTO_ST = 0x7
- IPPROTO_SVMTP = 0x52
- IPPROTO_SWIPE = 0x35
- IPPROTO_TCF = 0x57
- IPPROTO_TCP = 0x6
- IPPROTO_TP = 0x1d
- IPPROTO_TPXX = 0x27
- IPPROTO_TRUNK1 = 0x17
- IPPROTO_TRUNK2 = 0x18
- IPPROTO_TTP = 0x54
- IPPROTO_UDP = 0x11
- IPPROTO_VINES = 0x53
- IPPROTO_VISA = 0x46
- IPPROTO_VMTP = 0x51
- IPPROTO_WBEXPAK = 0x4f
- IPPROTO_WBMON = 0x4e
- IPPROTO_WSN = 0x4a
- IPPROTO_XNET = 0xf
- IPPROTO_XTP = 0x24
- IPV6_2292DSTOPTS = 0x17
- IPV6_2292HOPLIMIT = 0x14
- IPV6_2292HOPOPTS = 0x16
- IPV6_2292NEXTHOP = 0x15
- IPV6_2292PKTINFO = 0x13
- IPV6_2292PKTOPTIONS = 0x19
- IPV6_2292RTHDR = 0x18
- IPV6_BINDV6ONLY = 0x1b
- IPV6_BOUND_IF = 0x7d
- IPV6_CHECKSUM = 0x1a
- IPV6_DEFAULT_MULTICAST_HOPS = 0x1
- IPV6_DEFAULT_MULTICAST_LOOP = 0x1
- IPV6_DEFHLIM = 0x40
- IPV6_FAITH = 0x1d
- IPV6_FLOWINFO_MASK = 0xffffff0f
- IPV6_FLOWLABEL_MASK = 0xffff0f00
- IPV6_FLOW_ECN_MASK = 0x300
- IPV6_FRAGTTL = 0x3c
- IPV6_FW_ADD = 0x1e
- IPV6_FW_DEL = 0x1f
- IPV6_FW_FLUSH = 0x20
- IPV6_FW_GET = 0x22
- IPV6_FW_ZERO = 0x21
- IPV6_HLIMDEC = 0x1
- IPV6_IPSEC_POLICY = 0x1c
- IPV6_JOIN_GROUP = 0xc
- IPV6_LEAVE_GROUP = 0xd
- IPV6_MAXHLIM = 0xff
- IPV6_MAXOPTHDR = 0x800
- IPV6_MAXPACKET = 0xffff
- IPV6_MAX_GROUP_SRC_FILTER = 0x200
- IPV6_MAX_MEMBERSHIPS = 0xfff
- IPV6_MAX_SOCK_SRC_FILTER = 0x80
- IPV6_MIN_MEMBERSHIPS = 0x1f
- IPV6_MMTU = 0x500
- IPV6_MULTICAST_HOPS = 0xa
- IPV6_MULTICAST_IF = 0x9
- IPV6_MULTICAST_LOOP = 0xb
- IPV6_PORTRANGE = 0xe
- IPV6_PORTRANGE_DEFAULT = 0x0
- IPV6_PORTRANGE_HIGH = 0x1
- IPV6_PORTRANGE_LOW = 0x2
- IPV6_RECVTCLASS = 0x23
- IPV6_RTHDR_LOOSE = 0x0
- IPV6_RTHDR_STRICT = 0x1
- IPV6_RTHDR_TYPE_0 = 0x0
- IPV6_SOCKOPT_RESERVED1 = 0x3
- IPV6_TCLASS = 0x24
- IPV6_UNICAST_HOPS = 0x4
- IPV6_V6ONLY = 0x1b
- IPV6_VERSION = 0x60
- IPV6_VERSION_MASK = 0xf0
- IP_ADD_MEMBERSHIP = 0xc
- IP_ADD_SOURCE_MEMBERSHIP = 0x46
- IP_BLOCK_SOURCE = 0x48
- IP_BOUND_IF = 0x19
- IP_DEFAULT_MULTICAST_LOOP = 0x1
- IP_DEFAULT_MULTICAST_TTL = 0x1
- IP_DF = 0x4000
- IP_DROP_MEMBERSHIP = 0xd
- IP_DROP_SOURCE_MEMBERSHIP = 0x47
- IP_DUMMYNET_CONFIGURE = 0x3c
- IP_DUMMYNET_DEL = 0x3d
- IP_DUMMYNET_FLUSH = 0x3e
- IP_DUMMYNET_GET = 0x40
- IP_FAITH = 0x16
- IP_FW_ADD = 0x28
- IP_FW_DEL = 0x29
- IP_FW_FLUSH = 0x2a
- IP_FW_GET = 0x2c
- IP_FW_RESETLOG = 0x2d
- IP_FW_ZERO = 0x2b
- IP_HDRINCL = 0x2
- IP_IPSEC_POLICY = 0x15
- IP_MAXPACKET = 0xffff
- IP_MAX_GROUP_SRC_FILTER = 0x200
- IP_MAX_MEMBERSHIPS = 0xfff
- IP_MAX_SOCK_MUTE_FILTER = 0x80
- IP_MAX_SOCK_SRC_FILTER = 0x80
- IP_MF = 0x2000
- IP_MIN_MEMBERSHIPS = 0x1f
- IP_MSFILTER = 0x4a
- IP_MSS = 0x240
- IP_MULTICAST_IF = 0x9
- IP_MULTICAST_IFINDEX = 0x42
- IP_MULTICAST_LOOP = 0xb
- IP_MULTICAST_TTL = 0xa
- IP_MULTICAST_VIF = 0xe
- IP_NAT__XXX = 0x37
- IP_OFFMASK = 0x1fff
- IP_OLD_FW_ADD = 0x32
- IP_OLD_FW_DEL = 0x33
- IP_OLD_FW_FLUSH = 0x34
- IP_OLD_FW_GET = 0x36
- IP_OLD_FW_RESETLOG = 0x38
- IP_OLD_FW_ZERO = 0x35
- IP_OPTIONS = 0x1
- IP_PKTINFO = 0x1a
- IP_PORTRANGE = 0x13
- IP_PORTRANGE_DEFAULT = 0x0
- IP_PORTRANGE_HIGH = 0x1
- IP_PORTRANGE_LOW = 0x2
- IP_RECVDSTADDR = 0x7
- IP_RECVIF = 0x14
- IP_RECVOPTS = 0x5
- IP_RECVPKTINFO = 0x1a
- IP_RECVRETOPTS = 0x6
- IP_RECVTOS = 0x1b
- IP_RECVTTL = 0x18
- IP_RETOPTS = 0x8
- IP_RF = 0x8000
- IP_RSVP_OFF = 0x10
- IP_RSVP_ON = 0xf
- IP_RSVP_VIF_OFF = 0x12
- IP_RSVP_VIF_ON = 0x11
- IP_STRIPHDR = 0x17
- IP_TOS = 0x3
- IP_TRAFFIC_MGT_BACKGROUND = 0x41
- IP_TTL = 0x4
- IP_UNBLOCK_SOURCE = 0x49
- ISIG = 0x80
- ISTRIP = 0x20
- IUTF8 = 0x4000
- IXANY = 0x800
- IXOFF = 0x400
- IXON = 0x200
- KERN_HOSTNAME = 0xa
- KERN_OSRELEASE = 0x2
- KERN_OSTYPE = 0x1
- KERN_VERSION = 0x4
- LOCK_EX = 0x2
- LOCK_NB = 0x4
- LOCK_SH = 0x1
- LOCK_UN = 0x8
- MADV_CAN_REUSE = 0x9
- MADV_DONTNEED = 0x4
- MADV_FREE = 0x5
- MADV_FREE_REUSABLE = 0x7
- MADV_FREE_REUSE = 0x8
- MADV_NORMAL = 0x0
- MADV_PAGEOUT = 0xa
- MADV_RANDOM = 0x1
- MADV_SEQUENTIAL = 0x2
- MADV_WILLNEED = 0x3
- MADV_ZERO_WIRED_PAGES = 0x6
- MAP_ANON = 0x1000
- MAP_ANONYMOUS = 0x1000
- MAP_COPY = 0x2
- MAP_FILE = 0x0
- MAP_FIXED = 0x10
- MAP_HASSEMAPHORE = 0x200
- MAP_JIT = 0x800
- MAP_NOCACHE = 0x400
- MAP_NOEXTEND = 0x100
- MAP_NORESERVE = 0x40
- MAP_PRIVATE = 0x2
- MAP_RENAME = 0x20
- MAP_RESERVED0080 = 0x80
- MAP_RESILIENT_CODESIGN = 0x2000
- MAP_RESILIENT_MEDIA = 0x4000
- MAP_SHARED = 0x1
- MCL_CURRENT = 0x1
- MCL_FUTURE = 0x2
- MNT_ASYNC = 0x40
- MNT_AUTOMOUNTED = 0x400000
- MNT_CMDFLAGS = 0xf0000
- MNT_CPROTECT = 0x80
- MNT_DEFWRITE = 0x2000000
- MNT_DONTBROWSE = 0x100000
- MNT_DOVOLFS = 0x8000
- MNT_DWAIT = 0x4
- MNT_EXPORTED = 0x100
- MNT_FORCE = 0x80000
- MNT_IGNORE_OWNERSHIP = 0x200000
- MNT_JOURNALED = 0x800000
- MNT_LOCAL = 0x1000
- MNT_MULTILABEL = 0x4000000
- MNT_NOATIME = 0x10000000
- MNT_NOBLOCK = 0x20000
- MNT_NODEV = 0x10
- MNT_NOEXEC = 0x4
- MNT_NOSUID = 0x8
- MNT_NOUSERXATTR = 0x1000000
- MNT_NOWAIT = 0x2
- MNT_QUARANTINE = 0x400
- MNT_QUOTA = 0x2000
- MNT_RDONLY = 0x1
- MNT_RELOAD = 0x40000
- MNT_ROOTFS = 0x4000
- MNT_SYNCHRONOUS = 0x2
- MNT_UNION = 0x20
- MNT_UNKNOWNPERMISSIONS = 0x200000
- MNT_UPDATE = 0x10000
- MNT_VISFLAGMASK = 0x17f0f5ff
- MNT_WAIT = 0x1
- MSG_CTRUNC = 0x20
- MSG_DONTROUTE = 0x4
- MSG_DONTWAIT = 0x80
- MSG_EOF = 0x100
- MSG_EOR = 0x8
- MSG_FLUSH = 0x400
- MSG_HAVEMORE = 0x2000
- MSG_HOLD = 0x800
- MSG_NEEDSA = 0x10000
- MSG_OOB = 0x1
- MSG_PEEK = 0x2
- MSG_RCVMORE = 0x4000
- MSG_SEND = 0x1000
- MSG_TRUNC = 0x10
- MSG_WAITALL = 0x40
- MSG_WAITSTREAM = 0x200
- MS_ASYNC = 0x1
- MS_DEACTIVATE = 0x8
- MS_INVALIDATE = 0x2
- MS_KILLPAGES = 0x4
- MS_SYNC = 0x10
- NAME_MAX = 0xff
- NET_RT_DUMP = 0x1
- NET_RT_DUMP2 = 0x7
- NET_RT_FLAGS = 0x2
- NET_RT_IFLIST = 0x3
- NET_RT_IFLIST2 = 0x6
- NET_RT_MAXID = 0xa
- NET_RT_STAT = 0x4
- NET_RT_TRASH = 0x5
- NFDBITS = 0x20
- NL0 = 0x0
- NL1 = 0x100
- NL2 = 0x200
- NL3 = 0x300
- NLDLY = 0x300
- NOFLSH = 0x80000000
- NOKERNINFO = 0x2000000
- NOTE_ABSOLUTE = 0x8
- NOTE_ATTRIB = 0x8
- NOTE_BACKGROUND = 0x40
- NOTE_CHILD = 0x4
- NOTE_CRITICAL = 0x20
- NOTE_DELETE = 0x1
- NOTE_EXEC = 0x20000000
- NOTE_EXIT = 0x80000000
- NOTE_EXITSTATUS = 0x4000000
- NOTE_EXIT_CSERROR = 0x40000
- NOTE_EXIT_DECRYPTFAIL = 0x10000
- NOTE_EXIT_DETAIL = 0x2000000
- NOTE_EXIT_DETAIL_MASK = 0x70000
- NOTE_EXIT_MEMORY = 0x20000
- NOTE_EXIT_REPARENTED = 0x80000
- NOTE_EXTEND = 0x4
- NOTE_FFAND = 0x40000000
- NOTE_FFCOPY = 0xc0000000
- NOTE_FFCTRLMASK = 0xc0000000
- NOTE_FFLAGSMASK = 0xffffff
- NOTE_FFNOP = 0x0
- NOTE_FFOR = 0x80000000
- NOTE_FORK = 0x40000000
- NOTE_FUNLOCK = 0x100
- NOTE_LEEWAY = 0x10
- NOTE_LINK = 0x10
- NOTE_LOWAT = 0x1
- NOTE_MACH_CONTINUOUS_TIME = 0x80
- NOTE_NONE = 0x80
- NOTE_NSECONDS = 0x4
- NOTE_OOB = 0x2
- NOTE_PCTRLMASK = -0x100000
- NOTE_PDATAMASK = 0xfffff
- NOTE_REAP = 0x10000000
- NOTE_RENAME = 0x20
- NOTE_REVOKE = 0x40
- NOTE_SECONDS = 0x1
- NOTE_SIGNAL = 0x8000000
- NOTE_TRACK = 0x1
- NOTE_TRACKERR = 0x2
- NOTE_TRIGGER = 0x1000000
- NOTE_USECONDS = 0x2
- NOTE_VM_ERROR = 0x10000000
- NOTE_VM_PRESSURE = 0x80000000
- NOTE_VM_PRESSURE_SUDDEN_TERMINATE = 0x20000000
- NOTE_VM_PRESSURE_TERMINATE = 0x40000000
- NOTE_WRITE = 0x2
- OCRNL = 0x10
- OFDEL = 0x20000
- OFILL = 0x80
- ONLCR = 0x2
- ONLRET = 0x40
- ONOCR = 0x20
- ONOEOT = 0x8
- OPOST = 0x1
- OXTABS = 0x4
- O_ACCMODE = 0x3
- O_ALERT = 0x20000000
- O_APPEND = 0x8
- O_ASYNC = 0x40
- O_CLOEXEC = 0x1000000
- O_CREAT = 0x200
- O_DIRECTORY = 0x100000
- O_DP_GETRAWENCRYPTED = 0x1
- O_DP_GETRAWUNENCRYPTED = 0x2
- O_DSYNC = 0x400000
- O_EVTONLY = 0x8000
- O_EXCL = 0x800
- O_EXLOCK = 0x20
- O_FSYNC = 0x80
- O_NDELAY = 0x4
- O_NOCTTY = 0x20000
- O_NOFOLLOW = 0x100
- O_NONBLOCK = 0x4
- O_POPUP = 0x80000000
- O_RDONLY = 0x0
- O_RDWR = 0x2
- O_SHLOCK = 0x10
- O_SYMLINK = 0x200000
- O_SYNC = 0x80
- O_TRUNC = 0x400
- O_WRONLY = 0x1
- PARENB = 0x1000
- PARMRK = 0x8
- PARODD = 0x2000
- PENDIN = 0x20000000
- PRIO_PGRP = 0x1
- PRIO_PROCESS = 0x0
- PRIO_USER = 0x2
- PROT_EXEC = 0x4
- PROT_NONE = 0x0
- PROT_READ = 0x1
- PROT_WRITE = 0x2
- PT_ATTACH = 0xa
- PT_ATTACHEXC = 0xe
- PT_CONTINUE = 0x7
- PT_DENY_ATTACH = 0x1f
- PT_DETACH = 0xb
- PT_FIRSTMACH = 0x20
- PT_FORCEQUOTA = 0x1e
- PT_KILL = 0x8
- PT_READ_D = 0x2
- PT_READ_I = 0x1
- PT_READ_U = 0x3
- PT_SIGEXC = 0xc
- PT_STEP = 0x9
- PT_THUPDATE = 0xd
- PT_TRACE_ME = 0x0
- PT_WRITE_D = 0x5
- PT_WRITE_I = 0x4
- PT_WRITE_U = 0x6
- RLIMIT_AS = 0x5
- RLIMIT_CORE = 0x4
- RLIMIT_CPU = 0x0
- RLIMIT_CPU_USAGE_MONITOR = 0x2
- RLIMIT_DATA = 0x2
- RLIMIT_FSIZE = 0x1
- RLIMIT_MEMLOCK = 0x6
- RLIMIT_NOFILE = 0x8
- RLIMIT_NPROC = 0x7
- RLIMIT_RSS = 0x5
- RLIMIT_STACK = 0x3
- RLIM_INFINITY = 0x7fffffffffffffff
- RTAX_AUTHOR = 0x6
- RTAX_BRD = 0x7
- RTAX_DST = 0x0
- RTAX_GATEWAY = 0x1
- RTAX_GENMASK = 0x3
- RTAX_IFA = 0x5
- RTAX_IFP = 0x4
- RTAX_MAX = 0x8
- RTAX_NETMASK = 0x2
- RTA_AUTHOR = 0x40
- RTA_BRD = 0x80
- RTA_DST = 0x1
- RTA_GATEWAY = 0x2
- RTA_GENMASK = 0x8
- RTA_IFA = 0x20
- RTA_IFP = 0x10
- RTA_NETMASK = 0x4
- RTF_BLACKHOLE = 0x1000
- RTF_BROADCAST = 0x400000
- RTF_CLONING = 0x100
- RTF_CONDEMNED = 0x2000000
- RTF_DELCLONE = 0x80
- RTF_DONE = 0x40
- RTF_DYNAMIC = 0x10
- RTF_GATEWAY = 0x2
- RTF_HOST = 0x4
- RTF_IFREF = 0x4000000
- RTF_IFSCOPE = 0x1000000
- RTF_LLINFO = 0x400
- RTF_LOCAL = 0x200000
- RTF_MODIFIED = 0x20
- RTF_MULTICAST = 0x800000
- RTF_NOIFREF = 0x2000
- RTF_PINNED = 0x100000
- RTF_PRCLONING = 0x10000
- RTF_PROTO1 = 0x8000
- RTF_PROTO2 = 0x4000
- RTF_PROTO3 = 0x40000
- RTF_PROXY = 0x8000000
- RTF_REJECT = 0x8
- RTF_ROUTER = 0x10000000
- RTF_STATIC = 0x800
- RTF_UP = 0x1
- RTF_WASCLONED = 0x20000
- RTF_XRESOLVE = 0x200
- RTM_ADD = 0x1
- RTM_CHANGE = 0x3
- RTM_DELADDR = 0xd
- RTM_DELETE = 0x2
- RTM_DELMADDR = 0x10
- RTM_GET = 0x4
- RTM_GET2 = 0x14
- RTM_IFINFO = 0xe
- RTM_IFINFO2 = 0x12
- RTM_LOCK = 0x8
- RTM_LOSING = 0x5
- RTM_MISS = 0x7
- RTM_NEWADDR = 0xc
- RTM_NEWMADDR = 0xf
- RTM_NEWMADDR2 = 0x13
- RTM_OLDADD = 0x9
- RTM_OLDDEL = 0xa
- RTM_REDIRECT = 0x6
- RTM_RESOLVE = 0xb
- RTM_RTTUNIT = 0xf4240
- RTM_VERSION = 0x5
- RTV_EXPIRE = 0x4
- RTV_HOPCOUNT = 0x2
- RTV_MTU = 0x1
- RTV_RPIPE = 0x8
- RTV_RTT = 0x40
- RTV_RTTVAR = 0x80
- RTV_SPIPE = 0x10
- RTV_SSTHRESH = 0x20
- RUSAGE_CHILDREN = -0x1
- RUSAGE_SELF = 0x0
- SCM_CREDS = 0x3
- SCM_RIGHTS = 0x1
- SCM_TIMESTAMP = 0x2
- SCM_TIMESTAMP_MONOTONIC = 0x4
- SHUT_RD = 0x0
- SHUT_RDWR = 0x2
- SHUT_WR = 0x1
- SIOCADDMULTI = 0x80206931
- SIOCAIFADDR = 0x8040691a
- SIOCARPIPLL = 0xc0206928
- SIOCATMARK = 0x40047307
- SIOCAUTOADDR = 0xc0206926
- SIOCAUTONETMASK = 0x80206927
- SIOCDELMULTI = 0x80206932
- SIOCDIFADDR = 0x80206919
- SIOCDIFPHYADDR = 0x80206941
- SIOCGDRVSPEC = 0xc01c697b
- SIOCGETVLAN = 0xc020697f
- SIOCGHIWAT = 0x40047301
- SIOCGIFADDR = 0xc0206921
- SIOCGIFALTMTU = 0xc0206948
- SIOCGIFASYNCMAP = 0xc020697c
- SIOCGIFBOND = 0xc0206947
- SIOCGIFBRDADDR = 0xc0206923
- SIOCGIFCAP = 0xc020695b
- SIOCGIFCONF = 0xc0086924
- SIOCGIFDEVMTU = 0xc0206944
- SIOCGIFDSTADDR = 0xc0206922
- SIOCGIFFLAGS = 0xc0206911
- SIOCGIFGENERIC = 0xc020693a
- SIOCGIFKPI = 0xc0206987
- SIOCGIFMAC = 0xc0206982
- SIOCGIFMEDIA = 0xc0286938
- SIOCGIFMETRIC = 0xc0206917
- SIOCGIFMTU = 0xc0206933
- SIOCGIFNETMASK = 0xc0206925
- SIOCGIFPDSTADDR = 0xc0206940
- SIOCGIFPHYS = 0xc0206935
- SIOCGIFPSRCADDR = 0xc020693f
- SIOCGIFSTATUS = 0xc331693d
- SIOCGIFVLAN = 0xc020697f
- SIOCGIFWAKEFLAGS = 0xc0206988
- SIOCGLOWAT = 0x40047303
- SIOCGPGRP = 0x40047309
- SIOCIFCREATE = 0xc0206978
- SIOCIFCREATE2 = 0xc020697a
- SIOCIFDESTROY = 0x80206979
- SIOCIFGCLONERS = 0xc00c6981
- SIOCRSLVMULTI = 0xc008693b
- SIOCSDRVSPEC = 0x801c697b
- SIOCSETVLAN = 0x8020697e
- SIOCSHIWAT = 0x80047300
- SIOCSIFADDR = 0x8020690c
- SIOCSIFALTMTU = 0x80206945
- SIOCSIFASYNCMAP = 0x8020697d
- SIOCSIFBOND = 0x80206946
- SIOCSIFBRDADDR = 0x80206913
- SIOCSIFCAP = 0x8020695a
- SIOCSIFDSTADDR = 0x8020690e
- SIOCSIFFLAGS = 0x80206910
- SIOCSIFGENERIC = 0x80206939
- SIOCSIFKPI = 0x80206986
- SIOCSIFLLADDR = 0x8020693c
- SIOCSIFMAC = 0x80206983
- SIOCSIFMEDIA = 0xc0206937
- SIOCSIFMETRIC = 0x80206918
- SIOCSIFMTU = 0x80206934
- SIOCSIFNETMASK = 0x80206916
- SIOCSIFPHYADDR = 0x8040693e
- SIOCSIFPHYS = 0x80206936
- SIOCSIFVLAN = 0x8020697e
- SIOCSLOWAT = 0x80047302
- SIOCSPGRP = 0x80047308
- SOCK_DGRAM = 0x2
- SOCK_MAXADDRLEN = 0xff
- SOCK_RAW = 0x3
- SOCK_RDM = 0x4
- SOCK_SEQPACKET = 0x5
- SOCK_STREAM = 0x1
- SOL_SOCKET = 0xffff
- SOMAXCONN = 0x80
- SO_ACCEPTCONN = 0x2
- SO_BROADCAST = 0x20
- SO_DEBUG = 0x1
- SO_DONTROUTE = 0x10
- SO_DONTTRUNC = 0x2000
- SO_ERROR = 0x1007
- SO_KEEPALIVE = 0x8
- SO_LABEL = 0x1010
- SO_LINGER = 0x80
- SO_LINGER_SEC = 0x1080
- SO_NETSVC_MARKING_LEVEL = 0x1119
- SO_NET_SERVICE_TYPE = 0x1116
- SO_NKE = 0x1021
- SO_NOADDRERR = 0x1023
- SO_NOSIGPIPE = 0x1022
- SO_NOTIFYCONFLICT = 0x1026
- SO_NP_EXTENSIONS = 0x1083
- SO_NREAD = 0x1020
- SO_NUMRCVPKT = 0x1112
- SO_NWRITE = 0x1024
- SO_OOBINLINE = 0x100
- SO_PEERLABEL = 0x1011
- SO_RANDOMPORT = 0x1082
- SO_RCVBUF = 0x1002
- SO_RCVLOWAT = 0x1004
- SO_RCVTIMEO = 0x1006
- SO_REUSEADDR = 0x4
- SO_REUSEPORT = 0x200
- SO_REUSESHAREUID = 0x1025
- SO_SNDBUF = 0x1001
- SO_SNDLOWAT = 0x1003
- SO_SNDTIMEO = 0x1005
- SO_TIMESTAMP = 0x400
- SO_TIMESTAMP_MONOTONIC = 0x800
- SO_TYPE = 0x1008
- SO_UPCALLCLOSEWAIT = 0x1027
- SO_USELOOPBACK = 0x40
- SO_WANTMORE = 0x4000
- SO_WANTOOBFLAG = 0x8000
- S_IEXEC = 0x40
- S_IFBLK = 0x6000
- S_IFCHR = 0x2000
- S_IFDIR = 0x4000
- S_IFIFO = 0x1000
- S_IFLNK = 0xa000
- S_IFMT = 0xf000
- S_IFREG = 0x8000
- S_IFSOCK = 0xc000
- S_IFWHT = 0xe000
- S_IREAD = 0x100
- S_IRGRP = 0x20
- S_IROTH = 0x4
- S_IRUSR = 0x100
- S_IRWXG = 0x38
- S_IRWXO = 0x7
- S_IRWXU = 0x1c0
- S_ISGID = 0x400
- S_ISTXT = 0x200
- S_ISUID = 0x800
- S_ISVTX = 0x200
- S_IWGRP = 0x10
- S_IWOTH = 0x2
- S_IWRITE = 0x80
- S_IWUSR = 0x80
- S_IXGRP = 0x8
- S_IXOTH = 0x1
- S_IXUSR = 0x40
- TAB0 = 0x0
- TAB1 = 0x400
- TAB2 = 0x800
- TAB3 = 0x4
- TABDLY = 0xc04
- TCIFLUSH = 0x1
- TCIOFF = 0x3
- TCIOFLUSH = 0x3
- TCION = 0x4
- TCOFLUSH = 0x2
- TCOOFF = 0x1
- TCOON = 0x2
- TCP_CONNECTIONTIMEOUT = 0x20
- TCP_CONNECTION_INFO = 0x106
- TCP_ENABLE_ECN = 0x104
- TCP_FASTOPEN = 0x105
- TCP_KEEPALIVE = 0x10
- TCP_KEEPCNT = 0x102
- TCP_KEEPINTVL = 0x101
- TCP_MAXHLEN = 0x3c
- TCP_MAXOLEN = 0x28
- TCP_MAXSEG = 0x2
- TCP_MAXWIN = 0xffff
- TCP_MAX_SACK = 0x4
- TCP_MAX_WINSHIFT = 0xe
- TCP_MINMSS = 0xd8
- TCP_MSS = 0x200
- TCP_NODELAY = 0x1
- TCP_NOOPT = 0x8
- TCP_NOPUSH = 0x4
- TCP_NOTSENT_LOWAT = 0x201
- TCP_RXT_CONNDROPTIME = 0x80
- TCP_RXT_FINDROP = 0x100
- TCP_SENDMOREACKS = 0x103
- TCSAFLUSH = 0x2
- TIOCCBRK = 0x2000747a
- TIOCCDTR = 0x20007478
- TIOCCONS = 0x80047462
- TIOCDCDTIMESTAMP = 0x40087458
- TIOCDRAIN = 0x2000745e
- TIOCDSIMICROCODE = 0x20007455
- TIOCEXCL = 0x2000740d
- TIOCEXT = 0x80047460
- TIOCFLUSH = 0x80047410
- TIOCGDRAINWAIT = 0x40047456
- TIOCGETA = 0x402c7413
- TIOCGETD = 0x4004741a
- TIOCGPGRP = 0x40047477
- TIOCGWINSZ = 0x40087468
- TIOCIXOFF = 0x20007480
- TIOCIXON = 0x20007481
- TIOCMBIC = 0x8004746b
- TIOCMBIS = 0x8004746c
- TIOCMGDTRWAIT = 0x4004745a
- TIOCMGET = 0x4004746a
- TIOCMODG = 0x40047403
- TIOCMODS = 0x80047404
- TIOCMSDTRWAIT = 0x8004745b
- TIOCMSET = 0x8004746d
- TIOCM_CAR = 0x40
- TIOCM_CD = 0x40
- TIOCM_CTS = 0x20
- TIOCM_DSR = 0x100
- TIOCM_DTR = 0x2
- TIOCM_LE = 0x1
- TIOCM_RI = 0x80
- TIOCM_RNG = 0x80
- TIOCM_RTS = 0x4
- TIOCM_SR = 0x10
- TIOCM_ST = 0x8
- TIOCNOTTY = 0x20007471
- TIOCNXCL = 0x2000740e
- TIOCOUTQ = 0x40047473
- TIOCPKT = 0x80047470
- TIOCPKT_DATA = 0x0
- TIOCPKT_DOSTOP = 0x20
- TIOCPKT_FLUSHREAD = 0x1
- TIOCPKT_FLUSHWRITE = 0x2
- TIOCPKT_IOCTL = 0x40
- TIOCPKT_NOSTOP = 0x10
- TIOCPKT_START = 0x8
- TIOCPKT_STOP = 0x4
- TIOCPTYGNAME = 0x40807453
- TIOCPTYGRANT = 0x20007454
- TIOCPTYUNLK = 0x20007452
- TIOCREMOTE = 0x80047469
- TIOCSBRK = 0x2000747b
- TIOCSCONS = 0x20007463
- TIOCSCTTY = 0x20007461
- TIOCSDRAINWAIT = 0x80047457
- TIOCSDTR = 0x20007479
- TIOCSETA = 0x802c7414
- TIOCSETAF = 0x802c7416
- TIOCSETAW = 0x802c7415
- TIOCSETD = 0x8004741b
- TIOCSIG = 0x2000745f
- TIOCSPGRP = 0x80047476
- TIOCSTART = 0x2000746e
- TIOCSTAT = 0x20007465
- TIOCSTI = 0x80017472
- TIOCSTOP = 0x2000746f
- TIOCSWINSZ = 0x80087467
- TIOCTIMESTAMP = 0x40087459
- TIOCUCNTL = 0x80047466
- TOSTOP = 0x400000
- VDISCARD = 0xf
- VDSUSP = 0xb
- VEOF = 0x0
- VEOL = 0x1
- VEOL2 = 0x2
- VERASE = 0x3
- VINTR = 0x8
- VKILL = 0x5
- VLNEXT = 0xe
- VMIN = 0x10
- VM_LOADAVG = 0x2
- VM_MACHFACTOR = 0x4
- VM_MAXID = 0x6
- VM_METER = 0x1
- VM_SWAPUSAGE = 0x5
- VQUIT = 0x9
- VREPRINT = 0x6
- VSTART = 0xc
- VSTATUS = 0x12
- VSTOP = 0xd
- VSUSP = 0xa
- VT0 = 0x0
- VT1 = 0x10000
- VTDLY = 0x10000
- VTIME = 0x11
- VWERASE = 0x4
- WCONTINUED = 0x10
- WCOREFLAG = 0x80
- WEXITED = 0x4
- WNOHANG = 0x1
- WNOWAIT = 0x20
- WORDSIZE = 0x20
- WSTOPPED = 0x8
- WUNTRACED = 0x2
- XATTR_CREATE = 0x2
- XATTR_NODEFAULT = 0x10
- XATTR_NOFOLLOW = 0x1
- XATTR_NOSECURITY = 0x8
- XATTR_REPLACE = 0x4
- XATTR_SHOWCOMPRESSION = 0x20
-)
-
-// Errors
-const (
- E2BIG = syscall.Errno(0x7)
- EACCES = syscall.Errno(0xd)
- EADDRINUSE = syscall.Errno(0x30)
- EADDRNOTAVAIL = syscall.Errno(0x31)
- EAFNOSUPPORT = syscall.Errno(0x2f)
- EAGAIN = syscall.Errno(0x23)
- EALREADY = syscall.Errno(0x25)
- EAUTH = syscall.Errno(0x50)
- EBADARCH = syscall.Errno(0x56)
- EBADEXEC = syscall.Errno(0x55)
- EBADF = syscall.Errno(0x9)
- EBADMACHO = syscall.Errno(0x58)
- EBADMSG = syscall.Errno(0x5e)
- EBADRPC = syscall.Errno(0x48)
- EBUSY = syscall.Errno(0x10)
- ECANCELED = syscall.Errno(0x59)
- ECHILD = syscall.Errno(0xa)
- ECONNABORTED = syscall.Errno(0x35)
- ECONNREFUSED = syscall.Errno(0x3d)
- ECONNRESET = syscall.Errno(0x36)
- EDEADLK = syscall.Errno(0xb)
- EDESTADDRREQ = syscall.Errno(0x27)
- EDEVERR = syscall.Errno(0x53)
- EDOM = syscall.Errno(0x21)
- EDQUOT = syscall.Errno(0x45)
- EEXIST = syscall.Errno(0x11)
- EFAULT = syscall.Errno(0xe)
- EFBIG = syscall.Errno(0x1b)
- EFTYPE = syscall.Errno(0x4f)
- EHOSTDOWN = syscall.Errno(0x40)
- EHOSTUNREACH = syscall.Errno(0x41)
- EIDRM = syscall.Errno(0x5a)
- EILSEQ = syscall.Errno(0x5c)
- EINPROGRESS = syscall.Errno(0x24)
- EINTR = syscall.Errno(0x4)
- EINVAL = syscall.Errno(0x16)
- EIO = syscall.Errno(0x5)
- EISCONN = syscall.Errno(0x38)
- EISDIR = syscall.Errno(0x15)
- ELAST = syscall.Errno(0x6a)
- ELOOP = syscall.Errno(0x3e)
- EMFILE = syscall.Errno(0x18)
- EMLINK = syscall.Errno(0x1f)
- EMSGSIZE = syscall.Errno(0x28)
- EMULTIHOP = syscall.Errno(0x5f)
- ENAMETOOLONG = syscall.Errno(0x3f)
- ENEEDAUTH = syscall.Errno(0x51)
- ENETDOWN = syscall.Errno(0x32)
- ENETRESET = syscall.Errno(0x34)
- ENETUNREACH = syscall.Errno(0x33)
- ENFILE = syscall.Errno(0x17)
- ENOATTR = syscall.Errno(0x5d)
- ENOBUFS = syscall.Errno(0x37)
- ENODATA = syscall.Errno(0x60)
- ENODEV = syscall.Errno(0x13)
- ENOENT = syscall.Errno(0x2)
- ENOEXEC = syscall.Errno(0x8)
- ENOLCK = syscall.Errno(0x4d)
- ENOLINK = syscall.Errno(0x61)
- ENOMEM = syscall.Errno(0xc)
- ENOMSG = syscall.Errno(0x5b)
- ENOPOLICY = syscall.Errno(0x67)
- ENOPROTOOPT = syscall.Errno(0x2a)
- ENOSPC = syscall.Errno(0x1c)
- ENOSR = syscall.Errno(0x62)
- ENOSTR = syscall.Errno(0x63)
- ENOSYS = syscall.Errno(0x4e)
- ENOTBLK = syscall.Errno(0xf)
- ENOTCONN = syscall.Errno(0x39)
- ENOTDIR = syscall.Errno(0x14)
- ENOTEMPTY = syscall.Errno(0x42)
- ENOTRECOVERABLE = syscall.Errno(0x68)
- ENOTSOCK = syscall.Errno(0x26)
- ENOTSUP = syscall.Errno(0x2d)
- ENOTTY = syscall.Errno(0x19)
- ENXIO = syscall.Errno(0x6)
- EOPNOTSUPP = syscall.Errno(0x66)
- EOVERFLOW = syscall.Errno(0x54)
- EOWNERDEAD = syscall.Errno(0x69)
- EPERM = syscall.Errno(0x1)
- EPFNOSUPPORT = syscall.Errno(0x2e)
- EPIPE = syscall.Errno(0x20)
- EPROCLIM = syscall.Errno(0x43)
- EPROCUNAVAIL = syscall.Errno(0x4c)
- EPROGMISMATCH = syscall.Errno(0x4b)
- EPROGUNAVAIL = syscall.Errno(0x4a)
- EPROTO = syscall.Errno(0x64)
- EPROTONOSUPPORT = syscall.Errno(0x2b)
- EPROTOTYPE = syscall.Errno(0x29)
- EPWROFF = syscall.Errno(0x52)
- EQFULL = syscall.Errno(0x6a)
- ERANGE = syscall.Errno(0x22)
- EREMOTE = syscall.Errno(0x47)
- EROFS = syscall.Errno(0x1e)
- ERPCMISMATCH = syscall.Errno(0x49)
- ESHLIBVERS = syscall.Errno(0x57)
- ESHUTDOWN = syscall.Errno(0x3a)
- ESOCKTNOSUPPORT = syscall.Errno(0x2c)
- ESPIPE = syscall.Errno(0x1d)
- ESRCH = syscall.Errno(0x3)
- ESTALE = syscall.Errno(0x46)
- ETIME = syscall.Errno(0x65)
- ETIMEDOUT = syscall.Errno(0x3c)
- ETOOMANYREFS = syscall.Errno(0x3b)
- ETXTBSY = syscall.Errno(0x1a)
- EUSERS = syscall.Errno(0x44)
- EWOULDBLOCK = syscall.Errno(0x23)
- EXDEV = syscall.Errno(0x12)
-)
-
-// Signals
-const (
- SIGABRT = syscall.Signal(0x6)
- SIGALRM = syscall.Signal(0xe)
- SIGBUS = syscall.Signal(0xa)
- SIGCHLD = syscall.Signal(0x14)
- SIGCONT = syscall.Signal(0x13)
- SIGEMT = syscall.Signal(0x7)
- SIGFPE = syscall.Signal(0x8)
- SIGHUP = syscall.Signal(0x1)
- SIGILL = syscall.Signal(0x4)
- SIGINFO = syscall.Signal(0x1d)
- SIGINT = syscall.Signal(0x2)
- SIGIO = syscall.Signal(0x17)
- SIGIOT = syscall.Signal(0x6)
- SIGKILL = syscall.Signal(0x9)
- SIGPIPE = syscall.Signal(0xd)
- SIGPROF = syscall.Signal(0x1b)
- SIGQUIT = syscall.Signal(0x3)
- SIGSEGV = syscall.Signal(0xb)
- SIGSTOP = syscall.Signal(0x11)
- SIGSYS = syscall.Signal(0xc)
- SIGTERM = syscall.Signal(0xf)
- SIGTRAP = syscall.Signal(0x5)
- SIGTSTP = syscall.Signal(0x12)
- SIGTTIN = syscall.Signal(0x15)
- SIGTTOU = syscall.Signal(0x16)
- SIGURG = syscall.Signal(0x10)
- SIGUSR1 = syscall.Signal(0x1e)
- SIGUSR2 = syscall.Signal(0x1f)
- SIGVTALRM = syscall.Signal(0x1a)
- SIGWINCH = syscall.Signal(0x1c)
- SIGXCPU = syscall.Signal(0x18)
- SIGXFSZ = syscall.Signal(0x19)
-)
-
-// Error table
-var errorList = [...]struct {
- num syscall.Errno
- name string
- desc string
-}{
- {1, "EPERM", "operation not permitted"},
- {2, "ENOENT", "no such file or directory"},
- {3, "ESRCH", "no such process"},
- {4, "EINTR", "interrupted system call"},
- {5, "EIO", "input/output error"},
- {6, "ENXIO", "device not configured"},
- {7, "E2BIG", "argument list too long"},
- {8, "ENOEXEC", "exec format error"},
- {9, "EBADF", "bad file descriptor"},
- {10, "ECHILD", "no child processes"},
- {11, "EDEADLK", "resource deadlock avoided"},
- {12, "ENOMEM", "cannot allocate memory"},
- {13, "EACCES", "permission denied"},
- {14, "EFAULT", "bad address"},
- {15, "ENOTBLK", "block device required"},
- {16, "EBUSY", "resource busy"},
- {17, "EEXIST", "file exists"},
- {18, "EXDEV", "cross-device link"},
- {19, "ENODEV", "operation not supported by device"},
- {20, "ENOTDIR", "not a directory"},
- {21, "EISDIR", "is a directory"},
- {22, "EINVAL", "invalid argument"},
- {23, "ENFILE", "too many open files in system"},
- {24, "EMFILE", "too many open files"},
- {25, "ENOTTY", "inappropriate ioctl for device"},
- {26, "ETXTBSY", "text file busy"},
- {27, "EFBIG", "file too large"},
- {28, "ENOSPC", "no space left on device"},
- {29, "ESPIPE", "illegal seek"},
- {30, "EROFS", "read-only file system"},
- {31, "EMLINK", "too many links"},
- {32, "EPIPE", "broken pipe"},
- {33, "EDOM", "numerical argument out of domain"},
- {34, "ERANGE", "result too large"},
- {35, "EAGAIN", "resource temporarily unavailable"},
- {36, "EINPROGRESS", "operation now in progress"},
- {37, "EALREADY", "operation already in progress"},
- {38, "ENOTSOCK", "socket operation on non-socket"},
- {39, "EDESTADDRREQ", "destination address required"},
- {40, "EMSGSIZE", "message too long"},
- {41, "EPROTOTYPE", "protocol wrong type for socket"},
- {42, "ENOPROTOOPT", "protocol not available"},
- {43, "EPROTONOSUPPORT", "protocol not supported"},
- {44, "ESOCKTNOSUPPORT", "socket type not supported"},
- {45, "ENOTSUP", "operation not supported"},
- {46, "EPFNOSUPPORT", "protocol family not supported"},
- {47, "EAFNOSUPPORT", "address family not supported by protocol family"},
- {48, "EADDRINUSE", "address already in use"},
- {49, "EADDRNOTAVAIL", "can't assign requested address"},
- {50, "ENETDOWN", "network is down"},
- {51, "ENETUNREACH", "network is unreachable"},
- {52, "ENETRESET", "network dropped connection on reset"},
- {53, "ECONNABORTED", "software caused connection abort"},
- {54, "ECONNRESET", "connection reset by peer"},
- {55, "ENOBUFS", "no buffer space available"},
- {56, "EISCONN", "socket is already connected"},
- {57, "ENOTCONN", "socket is not connected"},
- {58, "ESHUTDOWN", "can't send after socket shutdown"},
- {59, "ETOOMANYREFS", "too many references: can't splice"},
- {60, "ETIMEDOUT", "operation timed out"},
- {61, "ECONNREFUSED", "connection refused"},
- {62, "ELOOP", "too many levels of symbolic links"},
- {63, "ENAMETOOLONG", "file name too long"},
- {64, "EHOSTDOWN", "host is down"},
- {65, "EHOSTUNREACH", "no route to host"},
- {66, "ENOTEMPTY", "directory not empty"},
- {67, "EPROCLIM", "too many processes"},
- {68, "EUSERS", "too many users"},
- {69, "EDQUOT", "disc quota exceeded"},
- {70, "ESTALE", "stale NFS file handle"},
- {71, "EREMOTE", "too many levels of remote in path"},
- {72, "EBADRPC", "RPC struct is bad"},
- {73, "ERPCMISMATCH", "RPC version wrong"},
- {74, "EPROGUNAVAIL", "RPC prog. not avail"},
- {75, "EPROGMISMATCH", "program version wrong"},
- {76, "EPROCUNAVAIL", "bad procedure for program"},
- {77, "ENOLCK", "no locks available"},
- {78, "ENOSYS", "function not implemented"},
- {79, "EFTYPE", "inappropriate file type or format"},
- {80, "EAUTH", "authentication error"},
- {81, "ENEEDAUTH", "need authenticator"},
- {82, "EPWROFF", "device power is off"},
- {83, "EDEVERR", "device error"},
- {84, "EOVERFLOW", "value too large to be stored in data type"},
- {85, "EBADEXEC", "bad executable (or shared library)"},
- {86, "EBADARCH", "bad CPU type in executable"},
- {87, "ESHLIBVERS", "shared library version mismatch"},
- {88, "EBADMACHO", "malformed Mach-o file"},
- {89, "ECANCELED", "operation canceled"},
- {90, "EIDRM", "identifier removed"},
- {91, "ENOMSG", "no message of desired type"},
- {92, "EILSEQ", "illegal byte sequence"},
- {93, "ENOATTR", "attribute not found"},
- {94, "EBADMSG", "bad message"},
- {95, "EMULTIHOP", "EMULTIHOP (Reserved)"},
- {96, "ENODATA", "no message available on STREAM"},
- {97, "ENOLINK", "ENOLINK (Reserved)"},
- {98, "ENOSR", "no STREAM resources"},
- {99, "ENOSTR", "not a STREAM"},
- {100, "EPROTO", "protocol error"},
- {101, "ETIME", "STREAM ioctl timeout"},
- {102, "EOPNOTSUPP", "operation not supported on socket"},
- {103, "ENOPOLICY", "policy not found"},
- {104, "ENOTRECOVERABLE", "state not recoverable"},
- {105, "EOWNERDEAD", "previous owner died"},
- {106, "EQFULL", "interface output queue is full"},
-}
-
-// Signal table
-var signalList = [...]struct {
- num syscall.Signal
- name string
- desc string
-}{
- {1, "SIGHUP", "hangup"},
- {2, "SIGINT", "interrupt"},
- {3, "SIGQUIT", "quit"},
- {4, "SIGILL", "illegal instruction"},
- {5, "SIGTRAP", "trace/BPT trap"},
- {6, "SIGABRT", "abort trap"},
- {7, "SIGEMT", "EMT trap"},
- {8, "SIGFPE", "floating point exception"},
- {9, "SIGKILL", "killed"},
- {10, "SIGBUS", "bus error"},
- {11, "SIGSEGV", "segmentation fault"},
- {12, "SIGSYS", "bad system call"},
- {13, "SIGPIPE", "broken pipe"},
- {14, "SIGALRM", "alarm clock"},
- {15, "SIGTERM", "terminated"},
- {16, "SIGURG", "urgent I/O condition"},
- {17, "SIGSTOP", "suspended (signal)"},
- {18, "SIGTSTP", "suspended"},
- {19, "SIGCONT", "continued"},
- {20, "SIGCHLD", "child exited"},
- {21, "SIGTTIN", "stopped (tty input)"},
- {22, "SIGTTOU", "stopped (tty output)"},
- {23, "SIGIO", "I/O possible"},
- {24, "SIGXCPU", "cputime limit exceeded"},
- {25, "SIGXFSZ", "filesize limit exceeded"},
- {26, "SIGVTALRM", "virtual timer expired"},
- {27, "SIGPROF", "profiling timer expired"},
- {28, "SIGWINCH", "window size changes"},
- {29, "SIGINFO", "information request"},
- {30, "SIGUSR1", "user defined signal 1"},
- {31, "SIGUSR2", "user defined signal 2"},
-}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
index fea5dfaa..991996b6 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && darwin
// +build amd64,darwin
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -32,7 +33,7 @@ const (
AF_LAT = 0xe
AF_LINK = 0x12
AF_LOCAL = 0x1
- AF_MAX = 0x28
+ AF_MAX = 0x29
AF_NATM = 0x1f
AF_NDRV = 0x1b
AF_NETBIOS = 0x21
@@ -49,6 +50,7 @@ const (
AF_UNIX = 0x1
AF_UNSPEC = 0x0
AF_UTUN = 0x26
+ AF_VSOCK = 0x28
ALTWERASE = 0x200
ATTR_BIT_MAP_COUNT = 0x5
ATTR_CMN_ACCESSMASK = 0x20000
@@ -83,7 +85,7 @@ const (
ATTR_CMN_PAROBJID = 0x80
ATTR_CMN_RETURNED_ATTRS = 0x80000000
ATTR_CMN_SCRIPT = 0x100
- ATTR_CMN_SETMASK = 0x41c7ff00
+ ATTR_CMN_SETMASK = 0x51c7ff00
ATTR_CMN_USERACCESS = 0x200000
ATTR_CMN_UUID = 0x800000
ATTR_CMN_VALIDMASK = 0xffffffff
@@ -357,7 +359,7 @@ const (
DLT_LINUX_SLL = 0x71
DLT_LOOP = 0x6c
DLT_LTALK = 0x72
- DLT_MATCHING_MAX = 0xf5
+ DLT_MATCHING_MAX = 0x10a
DLT_MATCHING_MIN = 0x68
DLT_MFR = 0xb6
DLT_MOST = 0xd3
@@ -398,6 +400,7 @@ const (
DLT_SYMANTEC_FIREWALL = 0x63
DLT_TZSP = 0x80
DLT_USB = 0xba
+ DLT_USB_DARWIN = 0x10a
DLT_USB_LINUX = 0xbd
DLT_USB_LINUX_MMAPPED = 0xdc
DLT_USER0 = 0x93
@@ -442,8 +445,8 @@ const (
EVFILT_PROC = -0x5
EVFILT_READ = -0x1
EVFILT_SIGNAL = -0x6
- EVFILT_SYSCOUNT = 0xf
- EVFILT_THREADMARKER = 0xf
+ EVFILT_SYSCOUNT = 0x11
+ EVFILT_THREADMARKER = 0x11
EVFILT_TIMER = -0x7
EVFILT_USER = -0xa
EVFILT_VM = -0xc
@@ -481,9 +484,12 @@ const (
FSOPT_NOINMEMUPDATE = 0x2
FSOPT_PACK_INVAL_ATTRS = 0x8
FSOPT_REPORT_FULLSIZE = 0x4
+ FSOPT_RETURN_REALDEV = 0x200
F_ADDFILESIGS = 0x3d
F_ADDFILESIGS_FOR_DYLD_SIM = 0x53
+ F_ADDFILESIGS_INFO = 0x67
F_ADDFILESIGS_RETURN = 0x61
+ F_ADDFILESUPPL = 0x68
F_ADDSIGS = 0x3b
F_ALLOCATEALL = 0x4
F_ALLOCATECONTIG = 0x2
@@ -505,8 +511,10 @@ const (
F_GETOWN = 0x5
F_GETPATH = 0x32
F_GETPATH_MTMINFO = 0x47
+ F_GETPATH_NOFIRMLINK = 0x66
F_GETPROTECTIONCLASS = 0x3f
F_GETPROTECTIONLEVEL = 0x4d
+ F_GETSIGSINFO = 0x69
F_GLOBAL_NOCACHE = 0x37
F_LOG2PHYS = 0x31
F_LOG2PHYS_EXT = 0x41
@@ -531,6 +539,7 @@ const (
F_SETPROTECTIONCLASS = 0x40
F_SETSIZE = 0x2b
F_SINGLE_WRITER = 0x4c
+ F_SPECULATIVE_READ = 0x65
F_THAW_FS = 0x36
F_TRANSCODEKEY = 0x4b
F_TRIM_ACTIVE_FILE = 0x64
@@ -562,6 +571,7 @@ const (
IFF_UP = 0x1
IFNAMSIZ = 0x10
IFT_1822 = 0x2
+ IFT_6LOWPAN = 0x40
IFT_AAL5 = 0x31
IFT_ARCNET = 0x23
IFT_ARCNETPLUS = 0x24
@@ -766,16 +776,28 @@ const (
IPV6_2292PKTINFO = 0x13
IPV6_2292PKTOPTIONS = 0x19
IPV6_2292RTHDR = 0x18
+ IPV6_3542DSTOPTS = 0x32
+ IPV6_3542HOPLIMIT = 0x2f
+ IPV6_3542HOPOPTS = 0x31
+ IPV6_3542NEXTHOP = 0x30
+ IPV6_3542PKTINFO = 0x2e
+ IPV6_3542RTHDR = 0x33
+ IPV6_ADDR_MC_FLAGS_PREFIX = 0x20
+ IPV6_ADDR_MC_FLAGS_TRANSIENT = 0x10
+ IPV6_ADDR_MC_FLAGS_UNICAST_BASED = 0x30
+ IPV6_AUTOFLOWLABEL = 0x3b
IPV6_BINDV6ONLY = 0x1b
IPV6_BOUND_IF = 0x7d
IPV6_CHECKSUM = 0x1a
IPV6_DEFAULT_MULTICAST_HOPS = 0x1
IPV6_DEFAULT_MULTICAST_LOOP = 0x1
IPV6_DEFHLIM = 0x40
+ IPV6_DONTFRAG = 0x3e
+ IPV6_DSTOPTS = 0x32
IPV6_FAITH = 0x1d
IPV6_FLOWINFO_MASK = 0xffffff0f
IPV6_FLOWLABEL_MASK = 0xffff0f00
- IPV6_FLOW_ECN_MASK = 0x300
+ IPV6_FLOW_ECN_MASK = 0x3000
IPV6_FRAGTTL = 0x3c
IPV6_FW_ADD = 0x1e
IPV6_FW_DEL = 0x1f
@@ -783,6 +805,8 @@ const (
IPV6_FW_GET = 0x22
IPV6_FW_ZERO = 0x21
IPV6_HLIMDEC = 0x1
+ IPV6_HOPLIMIT = 0x2f
+ IPV6_HOPOPTS = 0x31
IPV6_IPSEC_POLICY = 0x1c
IPV6_JOIN_GROUP = 0xc
IPV6_LEAVE_GROUP = 0xd
@@ -794,20 +818,34 @@ const (
IPV6_MAX_SOCK_SRC_FILTER = 0x80
IPV6_MIN_MEMBERSHIPS = 0x1f
IPV6_MMTU = 0x500
+ IPV6_MSFILTER = 0x4a
IPV6_MULTICAST_HOPS = 0xa
IPV6_MULTICAST_IF = 0x9
IPV6_MULTICAST_LOOP = 0xb
+ IPV6_NEXTHOP = 0x30
+ IPV6_PATHMTU = 0x2c
+ IPV6_PKTINFO = 0x2e
IPV6_PORTRANGE = 0xe
IPV6_PORTRANGE_DEFAULT = 0x0
IPV6_PORTRANGE_HIGH = 0x1
IPV6_PORTRANGE_LOW = 0x2
+ IPV6_PREFER_TEMPADDR = 0x3f
+ IPV6_RECVDSTOPTS = 0x28
+ IPV6_RECVHOPLIMIT = 0x25
+ IPV6_RECVHOPOPTS = 0x27
+ IPV6_RECVPATHMTU = 0x2b
+ IPV6_RECVPKTINFO = 0x3d
+ IPV6_RECVRTHDR = 0x26
IPV6_RECVTCLASS = 0x23
+ IPV6_RTHDR = 0x33
+ IPV6_RTHDRDSTOPTS = 0x39
IPV6_RTHDR_LOOSE = 0x0
IPV6_RTHDR_STRICT = 0x1
IPV6_RTHDR_TYPE_0 = 0x0
IPV6_SOCKOPT_RESERVED1 = 0x3
IPV6_TCLASS = 0x24
IPV6_UNICAST_HOPS = 0x4
+ IPV6_USE_MIN_MTU = 0x2a
IPV6_V6ONLY = 0x1b
IPV6_VERSION = 0x60
IPV6_VERSION_MASK = 0xf0
@@ -818,6 +856,7 @@ const (
IP_DEFAULT_MULTICAST_LOOP = 0x1
IP_DEFAULT_MULTICAST_TTL = 0x1
IP_DF = 0x4000
+ IP_DONTFRAG = 0x1c
IP_DROP_MEMBERSHIP = 0xd
IP_DROP_SOURCE_MEMBERSHIP = 0x47
IP_DUMMYNET_CONFIGURE = 0x3c
@@ -889,6 +928,12 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_PEERCRED = 0x1
+ LOCAL_PEEREPID = 0x3
+ LOCAL_PEEREUUID = 0x5
+ LOCAL_PEERPID = 0x2
+ LOCAL_PEERTOKEN = 0x6
+ LOCAL_PEERUUID = 0x4
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -904,6 +949,7 @@ const (
MADV_SEQUENTIAL = 0x2
MADV_WILLNEED = 0x3
MADV_ZERO_WIRED_PAGES = 0x6
+ MAP_32BIT = 0x8000
MAP_ANON = 0x1000
MAP_ANONYMOUS = 0x1000
MAP_COPY = 0x2
@@ -920,6 +966,17 @@ const (
MAP_RESILIENT_CODESIGN = 0x2000
MAP_RESILIENT_MEDIA = 0x4000
MAP_SHARED = 0x1
+ MAP_TRANSLATED_ALLOW_EXECUTE = 0x20000
+ MAP_UNIX03 = 0x40000
+ MCAST_BLOCK_SOURCE = 0x54
+ MCAST_EXCLUDE = 0x2
+ MCAST_INCLUDE = 0x1
+ MCAST_JOIN_GROUP = 0x50
+ MCAST_JOIN_SOURCE_GROUP = 0x52
+ MCAST_LEAVE_GROUP = 0x51
+ MCAST_LEAVE_SOURCE_GROUP = 0x53
+ MCAST_UNBLOCK_SOURCE = 0x55
+ MCAST_UNDEFINED = 0x0
MCL_CURRENT = 0x1
MCL_FUTURE = 0x2
MNT_ASYNC = 0x40
@@ -931,6 +988,7 @@ const (
MNT_DOVOLFS = 0x8000
MNT_DWAIT = 0x4
MNT_EXPORTED = 0x100
+ MNT_EXT_ROOT_DATA_VOL = 0x1
MNT_FORCE = 0x80000
MNT_IGNORE_OWNERSHIP = 0x200000
MNT_JOURNALED = 0x800000
@@ -947,12 +1005,15 @@ const (
MNT_QUOTA = 0x2000
MNT_RDONLY = 0x1
MNT_RELOAD = 0x40000
+ MNT_REMOVABLE = 0x200
MNT_ROOTFS = 0x4000
+ MNT_SNAPSHOT = 0x40000000
+ MNT_STRICTATIME = 0x80000000
MNT_SYNCHRONOUS = 0x2
MNT_UNION = 0x20
MNT_UNKNOWNPERMISSIONS = 0x200000
MNT_UPDATE = 0x10000
- MNT_VISFLAGMASK = 0x17f0f5ff
+ MNT_VISFLAGMASK = 0xd7f0f7ff
MNT_WAIT = 0x1
MSG_CTRUNC = 0x20
MSG_DONTROUTE = 0x4
@@ -963,6 +1024,7 @@ const (
MSG_HAVEMORE = 0x2000
MSG_HOLD = 0x800
MSG_NEEDSA = 0x10000
+ MSG_NOSIGNAL = 0x80000
MSG_OOB = 0x1
MSG_PEEK = 0x2
MSG_RCVMORE = 0x4000
@@ -979,9 +1041,10 @@ const (
NET_RT_DUMP = 0x1
NET_RT_DUMP2 = 0x7
NET_RT_FLAGS = 0x2
+ NET_RT_FLAGS_PRIV = 0xa
NET_RT_IFLIST = 0x3
NET_RT_IFLIST2 = 0x6
- NET_RT_MAXID = 0xa
+ NET_RT_MAXID = 0xb
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
@@ -1019,6 +1082,7 @@ const (
NOTE_LEEWAY = 0x10
NOTE_LINK = 0x10
NOTE_LOWAT = 0x1
+ NOTE_MACHTIME = 0x100
NOTE_MACH_CONTINUOUS_TIME = 0x80
NOTE_NONE = 0x80
NOTE_NSECONDS = 0x4
@@ -1065,6 +1129,7 @@ const (
O_NDELAY = 0x4
O_NOCTTY = 0x20000
O_NOFOLLOW = 0x100
+ O_NOFOLLOW_ANY = 0x20000000
O_NONBLOCK = 0x4
O_POPUP = 0x80000000
O_RDONLY = 0x0
@@ -1136,6 +1201,7 @@ const (
RTF_BROADCAST = 0x400000
RTF_CLONING = 0x100
RTF_CONDEMNED = 0x2000000
+ RTF_DEAD = 0x20000000
RTF_DELCLONE = 0x80
RTF_DONE = 0x40
RTF_DYNAMIC = 0x10
@@ -1143,6 +1209,7 @@ const (
RTF_HOST = 0x4
RTF_IFREF = 0x4000000
RTF_IFSCOPE = 0x1000000
+ RTF_LLDATA = 0x400
RTF_LLINFO = 0x400
RTF_LOCAL = 0x200000
RTF_MODIFIED = 0x20
@@ -1210,6 +1277,7 @@ const (
SIOCGDRVSPEC = 0xc028697b
SIOCGETVLAN = 0xc020697f
SIOCGHIWAT = 0x40047301
+ SIOCGIF6LOWPAN = 0xc02069c5
SIOCGIFADDR = 0xc0206921
SIOCGIFALTMTU = 0xc0206948
SIOCGIFASYNCMAP = 0xc020697c
@@ -1220,6 +1288,7 @@ const (
SIOCGIFDEVMTU = 0xc0206944
SIOCGIFDSTADDR = 0xc0206922
SIOCGIFFLAGS = 0xc0206911
+ SIOCGIFFUNCTIONALTYPE = 0xc02069ad
SIOCGIFGENERIC = 0xc020693a
SIOCGIFKPI = 0xc0206987
SIOCGIFMAC = 0xc0206982
@@ -1233,6 +1302,7 @@ const (
SIOCGIFSTATUS = 0xc331693d
SIOCGIFVLAN = 0xc020697f
SIOCGIFWAKEFLAGS = 0xc0206988
+ SIOCGIFXMEDIA = 0xc02c6948
SIOCGLOWAT = 0x40047303
SIOCGPGRP = 0x40047309
SIOCIFCREATE = 0xc0206978
@@ -1243,6 +1313,7 @@ const (
SIOCSDRVSPEC = 0x8028697b
SIOCSETVLAN = 0x8020697e
SIOCSHIWAT = 0x80047300
+ SIOCSIF6LOWPAN = 0x802069c4
SIOCSIFADDR = 0x8020690c
SIOCSIFALTMTU = 0x80206945
SIOCSIFASYNCMAP = 0x8020697d
@@ -1270,6 +1341,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go
deleted file mode 100644
index 03feefbf..00000000
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm.go
+++ /dev/null
@@ -1,1788 +0,0 @@
-// mkerrors.sh
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build arm,darwin
-
-// Code generated by cmd/cgo -godefs; DO NOT EDIT.
-// cgo -godefs -- _const.go
-
-package unix
-
-import "syscall"
-
-const (
- AF_APPLETALK = 0x10
- AF_CCITT = 0xa
- AF_CHAOS = 0x5
- AF_CNT = 0x15
- AF_COIP = 0x14
- AF_DATAKIT = 0x9
- AF_DECnet = 0xc
- AF_DLI = 0xd
- AF_E164 = 0x1c
- AF_ECMA = 0x8
- AF_HYLINK = 0xf
- AF_IEEE80211 = 0x25
- AF_IMPLINK = 0x3
- AF_INET = 0x2
- AF_INET6 = 0x1e
- AF_IPX = 0x17
- AF_ISDN = 0x1c
- AF_ISO = 0x7
- AF_LAT = 0xe
- AF_LINK = 0x12
- AF_LOCAL = 0x1
- AF_MAX = 0x28
- AF_NATM = 0x1f
- AF_NDRV = 0x1b
- AF_NETBIOS = 0x21
- AF_NS = 0x6
- AF_OSI = 0x7
- AF_PPP = 0x22
- AF_PUP = 0x4
- AF_RESERVED_36 = 0x24
- AF_ROUTE = 0x11
- AF_SIP = 0x18
- AF_SNA = 0xb
- AF_SYSTEM = 0x20
- AF_SYS_CONTROL = 0x2
- AF_UNIX = 0x1
- AF_UNSPEC = 0x0
- AF_UTUN = 0x26
- ALTWERASE = 0x200
- ATTR_BIT_MAP_COUNT = 0x5
- ATTR_CMN_ACCESSMASK = 0x20000
- ATTR_CMN_ACCTIME = 0x1000
- ATTR_CMN_ADDEDTIME = 0x10000000
- ATTR_CMN_BKUPTIME = 0x2000
- ATTR_CMN_CHGTIME = 0x800
- ATTR_CMN_CRTIME = 0x200
- ATTR_CMN_DATA_PROTECT_FLAGS = 0x40000000
- ATTR_CMN_DEVID = 0x2
- ATTR_CMN_DOCUMENT_ID = 0x100000
- ATTR_CMN_ERROR = 0x20000000
- ATTR_CMN_EXTENDED_SECURITY = 0x400000
- ATTR_CMN_FILEID = 0x2000000
- ATTR_CMN_FLAGS = 0x40000
- ATTR_CMN_FNDRINFO = 0x4000
- ATTR_CMN_FSID = 0x4
- ATTR_CMN_FULLPATH = 0x8000000
- ATTR_CMN_GEN_COUNT = 0x80000
- ATTR_CMN_GRPID = 0x10000
- ATTR_CMN_GRPUUID = 0x1000000
- ATTR_CMN_MODTIME = 0x400
- ATTR_CMN_NAME = 0x1
- ATTR_CMN_NAMEDATTRCOUNT = 0x80000
- ATTR_CMN_NAMEDATTRLIST = 0x100000
- ATTR_CMN_OBJID = 0x20
- ATTR_CMN_OBJPERMANENTID = 0x40
- ATTR_CMN_OBJTAG = 0x10
- ATTR_CMN_OBJTYPE = 0x8
- ATTR_CMN_OWNERID = 0x8000
- ATTR_CMN_PARENTID = 0x4000000
- ATTR_CMN_PAROBJID = 0x80
- ATTR_CMN_RETURNED_ATTRS = 0x80000000
- ATTR_CMN_SCRIPT = 0x100
- ATTR_CMN_SETMASK = 0x41c7ff00
- ATTR_CMN_USERACCESS = 0x200000
- ATTR_CMN_UUID = 0x800000
- ATTR_CMN_VALIDMASK = 0xffffffff
- ATTR_CMN_VOLSETMASK = 0x6700
- ATTR_FILE_ALLOCSIZE = 0x4
- ATTR_FILE_CLUMPSIZE = 0x10
- ATTR_FILE_DATAALLOCSIZE = 0x400
- ATTR_FILE_DATAEXTENTS = 0x800
- ATTR_FILE_DATALENGTH = 0x200
- ATTR_FILE_DEVTYPE = 0x20
- ATTR_FILE_FILETYPE = 0x40
- ATTR_FILE_FORKCOUNT = 0x80
- ATTR_FILE_FORKLIST = 0x100
- ATTR_FILE_IOBLOCKSIZE = 0x8
- ATTR_FILE_LINKCOUNT = 0x1
- ATTR_FILE_RSRCALLOCSIZE = 0x2000
- ATTR_FILE_RSRCEXTENTS = 0x4000
- ATTR_FILE_RSRCLENGTH = 0x1000
- ATTR_FILE_SETMASK = 0x20
- ATTR_FILE_TOTALSIZE = 0x2
- ATTR_FILE_VALIDMASK = 0x37ff
- ATTR_VOL_ALLOCATIONCLUMP = 0x40
- ATTR_VOL_ATTRIBUTES = 0x40000000
- ATTR_VOL_CAPABILITIES = 0x20000
- ATTR_VOL_DIRCOUNT = 0x400
- ATTR_VOL_ENCODINGSUSED = 0x10000
- ATTR_VOL_FILECOUNT = 0x200
- ATTR_VOL_FSTYPE = 0x1
- ATTR_VOL_INFO = 0x80000000
- ATTR_VOL_IOBLOCKSIZE = 0x80
- ATTR_VOL_MAXOBJCOUNT = 0x800
- ATTR_VOL_MINALLOCATION = 0x20
- ATTR_VOL_MOUNTEDDEVICE = 0x8000
- ATTR_VOL_MOUNTFLAGS = 0x4000
- ATTR_VOL_MOUNTPOINT = 0x1000
- ATTR_VOL_NAME = 0x2000
- ATTR_VOL_OBJCOUNT = 0x100
- ATTR_VOL_QUOTA_SIZE = 0x10000000
- ATTR_VOL_RESERVED_SIZE = 0x20000000
- ATTR_VOL_SETMASK = 0x80002000
- ATTR_VOL_SIGNATURE = 0x2
- ATTR_VOL_SIZE = 0x4
- ATTR_VOL_SPACEAVAIL = 0x10
- ATTR_VOL_SPACEFREE = 0x8
- ATTR_VOL_UUID = 0x40000
- ATTR_VOL_VALIDMASK = 0xf007ffff
- B0 = 0x0
- B110 = 0x6e
- B115200 = 0x1c200
- B1200 = 0x4b0
- B134 = 0x86
- B14400 = 0x3840
- B150 = 0x96
- B1800 = 0x708
- B19200 = 0x4b00
- B200 = 0xc8
- B230400 = 0x38400
- B2400 = 0x960
- B28800 = 0x7080
- B300 = 0x12c
- B38400 = 0x9600
- B4800 = 0x12c0
- B50 = 0x32
- B57600 = 0xe100
- B600 = 0x258
- B7200 = 0x1c20
- B75 = 0x4b
- B76800 = 0x12c00
- B9600 = 0x2580
- BIOCFLUSH = 0x20004268
- BIOCGBLEN = 0x40044266
- BIOCGDLT = 0x4004426a
- BIOCGDLTLIST = 0xc00c4279
- BIOCGETIF = 0x4020426b
- BIOCGHDRCMPLT = 0x40044274
- BIOCGRSIG = 0x40044272
- BIOCGRTIMEOUT = 0x4010426e
- BIOCGSEESENT = 0x40044276
- BIOCGSTATS = 0x4008426f
- BIOCIMMEDIATE = 0x80044270
- BIOCPROMISC = 0x20004269
- BIOCSBLEN = 0xc0044266
- BIOCSDLT = 0x80044278
- BIOCSETF = 0x80104267
- BIOCSETFNR = 0x8010427e
- BIOCSETIF = 0x8020426c
- BIOCSHDRCMPLT = 0x80044275
- BIOCSRSIG = 0x80044273
- BIOCSRTIMEOUT = 0x8010426d
- BIOCSSEESENT = 0x80044277
- BIOCVERSION = 0x40044271
- BPF_A = 0x10
- BPF_ABS = 0x20
- BPF_ADD = 0x0
- BPF_ALIGNMENT = 0x4
- BPF_ALU = 0x4
- BPF_AND = 0x50
- BPF_B = 0x10
- BPF_DIV = 0x30
- BPF_H = 0x8
- BPF_IMM = 0x0
- BPF_IND = 0x40
- BPF_JA = 0x0
- BPF_JEQ = 0x10
- BPF_JGE = 0x30
- BPF_JGT = 0x20
- BPF_JMP = 0x5
- BPF_JSET = 0x40
- BPF_K = 0x0
- BPF_LD = 0x0
- BPF_LDX = 0x1
- BPF_LEN = 0x80
- BPF_LSH = 0x60
- BPF_MAJOR_VERSION = 0x1
- BPF_MAXBUFSIZE = 0x80000
- BPF_MAXINSNS = 0x200
- BPF_MEM = 0x60
- BPF_MEMWORDS = 0x10
- BPF_MINBUFSIZE = 0x20
- BPF_MINOR_VERSION = 0x1
- BPF_MISC = 0x7
- BPF_MSH = 0xa0
- BPF_MUL = 0x20
- BPF_NEG = 0x80
- BPF_OR = 0x40
- BPF_RELEASE = 0x30bb6
- BPF_RET = 0x6
- BPF_RSH = 0x70
- BPF_ST = 0x2
- BPF_STX = 0x3
- BPF_SUB = 0x10
- BPF_TAX = 0x0
- BPF_TXA = 0x80
- BPF_W = 0x0
- BPF_X = 0x8
- BRKINT = 0x2
- BS0 = 0x0
- BS1 = 0x8000
- BSDLY = 0x8000
- CFLUSH = 0xf
- CLOCAL = 0x8000
- CLOCK_MONOTONIC = 0x6
- CLOCK_MONOTONIC_RAW = 0x4
- CLOCK_MONOTONIC_RAW_APPROX = 0x5
- CLOCK_PROCESS_CPUTIME_ID = 0xc
- CLOCK_REALTIME = 0x0
- CLOCK_THREAD_CPUTIME_ID = 0x10
- CLOCK_UPTIME_RAW = 0x8
- CLOCK_UPTIME_RAW_APPROX = 0x9
- CLONE_NOFOLLOW = 0x1
- CLONE_NOOWNERCOPY = 0x2
- CR0 = 0x0
- CR1 = 0x1000
- CR2 = 0x2000
- CR3 = 0x3000
- CRDLY = 0x3000
- CREAD = 0x800
- CRTSCTS = 0x30000
- CS5 = 0x0
- CS6 = 0x100
- CS7 = 0x200
- CS8 = 0x300
- CSIZE = 0x300
- CSTART = 0x11
- CSTATUS = 0x14
- CSTOP = 0x13
- CSTOPB = 0x400
- CSUSP = 0x1a
- CTLIOCGINFO = 0xc0644e03
- CTL_HW = 0x6
- CTL_KERN = 0x1
- CTL_MAXNAME = 0xc
- CTL_NET = 0x4
- DLT_A429 = 0xb8
- DLT_A653_ICM = 0xb9
- DLT_AIRONET_HEADER = 0x78
- DLT_AOS = 0xde
- DLT_APPLE_IP_OVER_IEEE1394 = 0x8a
- DLT_ARCNET = 0x7
- DLT_ARCNET_LINUX = 0x81
- DLT_ATM_CLIP = 0x13
- DLT_ATM_RFC1483 = 0xb
- DLT_AURORA = 0x7e
- DLT_AX25 = 0x3
- DLT_AX25_KISS = 0xca
- DLT_BACNET_MS_TP = 0xa5
- DLT_BLUETOOTH_HCI_H4 = 0xbb
- DLT_BLUETOOTH_HCI_H4_WITH_PHDR = 0xc9
- DLT_CAN20B = 0xbe
- DLT_CAN_SOCKETCAN = 0xe3
- DLT_CHAOS = 0x5
- DLT_CHDLC = 0x68
- DLT_CISCO_IOS = 0x76
- DLT_C_HDLC = 0x68
- DLT_C_HDLC_WITH_DIR = 0xcd
- DLT_DBUS = 0xe7
- DLT_DECT = 0xdd
- DLT_DOCSIS = 0x8f
- DLT_DVB_CI = 0xeb
- DLT_ECONET = 0x73
- DLT_EN10MB = 0x1
- DLT_EN3MB = 0x2
- DLT_ENC = 0x6d
- DLT_ERF = 0xc5
- DLT_ERF_ETH = 0xaf
- DLT_ERF_POS = 0xb0
- DLT_FC_2 = 0xe0
- DLT_FC_2_WITH_FRAME_DELIMS = 0xe1
- DLT_FDDI = 0xa
- DLT_FLEXRAY = 0xd2
- DLT_FRELAY = 0x6b
- DLT_FRELAY_WITH_DIR = 0xce
- DLT_GCOM_SERIAL = 0xad
- DLT_GCOM_T1E1 = 0xac
- DLT_GPF_F = 0xab
- DLT_GPF_T = 0xaa
- DLT_GPRS_LLC = 0xa9
- DLT_GSMTAP_ABIS = 0xda
- DLT_GSMTAP_UM = 0xd9
- DLT_HHDLC = 0x79
- DLT_IBM_SN = 0x92
- DLT_IBM_SP = 0x91
- DLT_IEEE802 = 0x6
- DLT_IEEE802_11 = 0x69
- DLT_IEEE802_11_RADIO = 0x7f
- DLT_IEEE802_11_RADIO_AVS = 0xa3
- DLT_IEEE802_15_4 = 0xc3
- DLT_IEEE802_15_4_LINUX = 0xbf
- DLT_IEEE802_15_4_NOFCS = 0xe6
- DLT_IEEE802_15_4_NONASK_PHY = 0xd7
- DLT_IEEE802_16_MAC_CPS = 0xbc
- DLT_IEEE802_16_MAC_CPS_RADIO = 0xc1
- DLT_IPFILTER = 0x74
- DLT_IPMB = 0xc7
- DLT_IPMB_LINUX = 0xd1
- DLT_IPNET = 0xe2
- DLT_IPOIB = 0xf2
- DLT_IPV4 = 0xe4
- DLT_IPV6 = 0xe5
- DLT_IP_OVER_FC = 0x7a
- DLT_JUNIPER_ATM1 = 0x89
- DLT_JUNIPER_ATM2 = 0x87
- DLT_JUNIPER_ATM_CEMIC = 0xee
- DLT_JUNIPER_CHDLC = 0xb5
- DLT_JUNIPER_ES = 0x84
- DLT_JUNIPER_ETHER = 0xb2
- DLT_JUNIPER_FIBRECHANNEL = 0xea
- DLT_JUNIPER_FRELAY = 0xb4
- DLT_JUNIPER_GGSN = 0x85
- DLT_JUNIPER_ISM = 0xc2
- DLT_JUNIPER_MFR = 0x86
- DLT_JUNIPER_MLFR = 0x83
- DLT_JUNIPER_MLPPP = 0x82
- DLT_JUNIPER_MONITOR = 0xa4
- DLT_JUNIPER_PIC_PEER = 0xae
- DLT_JUNIPER_PPP = 0xb3
- DLT_JUNIPER_PPPOE = 0xa7
- DLT_JUNIPER_PPPOE_ATM = 0xa8
- DLT_JUNIPER_SERVICES = 0x88
- DLT_JUNIPER_SRX_E2E = 0xe9
- DLT_JUNIPER_ST = 0xc8
- DLT_JUNIPER_VP = 0xb7
- DLT_JUNIPER_VS = 0xe8
- DLT_LAPB_WITH_DIR = 0xcf
- DLT_LAPD = 0xcb
- DLT_LIN = 0xd4
- DLT_LINUX_EVDEV = 0xd8
- DLT_LINUX_IRDA = 0x90
- DLT_LINUX_LAPD = 0xb1
- DLT_LINUX_PPP_WITHDIRECTION = 0xa6
- DLT_LINUX_SLL = 0x71
- DLT_LOOP = 0x6c
- DLT_LTALK = 0x72
- DLT_MATCHING_MAX = 0xf5
- DLT_MATCHING_MIN = 0x68
- DLT_MFR = 0xb6
- DLT_MOST = 0xd3
- DLT_MPEG_2_TS = 0xf3
- DLT_MPLS = 0xdb
- DLT_MTP2 = 0x8c
- DLT_MTP2_WITH_PHDR = 0x8b
- DLT_MTP3 = 0x8d
- DLT_MUX27010 = 0xec
- DLT_NETANALYZER = 0xf0
- DLT_NETANALYZER_TRANSPARENT = 0xf1
- DLT_NFC_LLCP = 0xf5
- DLT_NFLOG = 0xef
- DLT_NG40 = 0xf4
- DLT_NULL = 0x0
- DLT_PCI_EXP = 0x7d
- DLT_PFLOG = 0x75
- DLT_PFSYNC = 0x12
- DLT_PPI = 0xc0
- DLT_PPP = 0x9
- DLT_PPP_BSDOS = 0x10
- DLT_PPP_ETHER = 0x33
- DLT_PPP_PPPD = 0xa6
- DLT_PPP_SERIAL = 0x32
- DLT_PPP_WITH_DIR = 0xcc
- DLT_PPP_WITH_DIRECTION = 0xa6
- DLT_PRISM_HEADER = 0x77
- DLT_PRONET = 0x4
- DLT_RAIF1 = 0xc6
- DLT_RAW = 0xc
- DLT_RIO = 0x7c
- DLT_SCCP = 0x8e
- DLT_SITA = 0xc4
- DLT_SLIP = 0x8
- DLT_SLIP_BSDOS = 0xf
- DLT_STANAG_5066_D_PDU = 0xed
- DLT_SUNATM = 0x7b
- DLT_SYMANTEC_FIREWALL = 0x63
- DLT_TZSP = 0x80
- DLT_USB = 0xba
- DLT_USB_LINUX = 0xbd
- DLT_USB_LINUX_MMAPPED = 0xdc
- DLT_USER0 = 0x93
- DLT_USER1 = 0x94
- DLT_USER10 = 0x9d
- DLT_USER11 = 0x9e
- DLT_USER12 = 0x9f
- DLT_USER13 = 0xa0
- DLT_USER14 = 0xa1
- DLT_USER15 = 0xa2
- DLT_USER2 = 0x95
- DLT_USER3 = 0x96
- DLT_USER4 = 0x97
- DLT_USER5 = 0x98
- DLT_USER6 = 0x99
- DLT_USER7 = 0x9a
- DLT_USER8 = 0x9b
- DLT_USER9 = 0x9c
- DLT_WIHART = 0xdf
- DLT_X2E_SERIAL = 0xd5
- DLT_X2E_XORAYA = 0xd6
- DT_BLK = 0x6
- DT_CHR = 0x2
- DT_DIR = 0x4
- DT_FIFO = 0x1
- DT_LNK = 0xa
- DT_REG = 0x8
- DT_SOCK = 0xc
- DT_UNKNOWN = 0x0
- DT_WHT = 0xe
- ECHO = 0x8
- ECHOCTL = 0x40
- ECHOE = 0x2
- ECHOK = 0x4
- ECHOKE = 0x1
- ECHONL = 0x10
- ECHOPRT = 0x20
- EVFILT_AIO = -0x3
- EVFILT_EXCEPT = -0xf
- EVFILT_FS = -0x9
- EVFILT_MACHPORT = -0x8
- EVFILT_PROC = -0x5
- EVFILT_READ = -0x1
- EVFILT_SIGNAL = -0x6
- EVFILT_SYSCOUNT = 0xf
- EVFILT_THREADMARKER = 0xf
- EVFILT_TIMER = -0x7
- EVFILT_USER = -0xa
- EVFILT_VM = -0xc
- EVFILT_VNODE = -0x4
- EVFILT_WRITE = -0x2
- EV_ADD = 0x1
- EV_CLEAR = 0x20
- EV_DELETE = 0x2
- EV_DISABLE = 0x8
- EV_DISPATCH = 0x80
- EV_DISPATCH2 = 0x180
- EV_ENABLE = 0x4
- EV_EOF = 0x8000
- EV_ERROR = 0x4000
- EV_FLAG0 = 0x1000
- EV_FLAG1 = 0x2000
- EV_ONESHOT = 0x10
- EV_OOBAND = 0x2000
- EV_POLL = 0x1000
- EV_RECEIPT = 0x40
- EV_SYSFLAGS = 0xf000
- EV_UDATA_SPECIFIC = 0x100
- EV_VANISHED = 0x200
- EXTA = 0x4b00
- EXTB = 0x9600
- EXTPROC = 0x800
- FD_CLOEXEC = 0x1
- FD_SETSIZE = 0x400
- FF0 = 0x0
- FF1 = 0x4000
- FFDLY = 0x4000
- FLUSHO = 0x800000
- FSOPT_ATTR_CMN_EXTENDED = 0x20
- FSOPT_NOFOLLOW = 0x1
- FSOPT_NOINMEMUPDATE = 0x2
- FSOPT_PACK_INVAL_ATTRS = 0x8
- FSOPT_REPORT_FULLSIZE = 0x4
- F_ADDFILESIGS = 0x3d
- F_ADDFILESIGS_FOR_DYLD_SIM = 0x53
- F_ADDFILESIGS_RETURN = 0x61
- F_ADDSIGS = 0x3b
- F_ALLOCATEALL = 0x4
- F_ALLOCATECONTIG = 0x2
- F_BARRIERFSYNC = 0x55
- F_CHECK_LV = 0x62
- F_CHKCLEAN = 0x29
- F_DUPFD = 0x0
- F_DUPFD_CLOEXEC = 0x43
- F_FINDSIGS = 0x4e
- F_FLUSH_DATA = 0x28
- F_FREEZE_FS = 0x35
- F_FULLFSYNC = 0x33
- F_GETCODEDIR = 0x48
- F_GETFD = 0x1
- F_GETFL = 0x3
- F_GETLK = 0x7
- F_GETLKPID = 0x42
- F_GETNOSIGPIPE = 0x4a
- F_GETOWN = 0x5
- F_GETPATH = 0x32
- F_GETPATH_MTMINFO = 0x47
- F_GETPROTECTIONCLASS = 0x3f
- F_GETPROTECTIONLEVEL = 0x4d
- F_GLOBAL_NOCACHE = 0x37
- F_LOG2PHYS = 0x31
- F_LOG2PHYS_EXT = 0x41
- F_NOCACHE = 0x30
- F_NODIRECT = 0x3e
- F_OK = 0x0
- F_PATHPKG_CHECK = 0x34
- F_PEOFPOSMODE = 0x3
- F_PREALLOCATE = 0x2a
- F_PUNCHHOLE = 0x63
- F_RDADVISE = 0x2c
- F_RDAHEAD = 0x2d
- F_RDLCK = 0x1
- F_SETBACKINGSTORE = 0x46
- F_SETFD = 0x2
- F_SETFL = 0x4
- F_SETLK = 0x8
- F_SETLKW = 0x9
- F_SETLKWTIMEOUT = 0xa
- F_SETNOSIGPIPE = 0x49
- F_SETOWN = 0x6
- F_SETPROTECTIONCLASS = 0x40
- F_SETSIZE = 0x2b
- F_SINGLE_WRITER = 0x4c
- F_THAW_FS = 0x36
- F_TRANSCODEKEY = 0x4b
- F_TRIM_ACTIVE_FILE = 0x64
- F_UNLCK = 0x2
- F_VOLPOSMODE = 0x4
- F_WRLCK = 0x3
- HUPCL = 0x4000
- HW_MACHINE = 0x1
- ICANON = 0x100
- ICMP6_FILTER = 0x12
- ICRNL = 0x100
- IEXTEN = 0x400
- IFF_ALLMULTI = 0x200
- IFF_ALTPHYS = 0x4000
- IFF_BROADCAST = 0x2
- IFF_DEBUG = 0x4
- IFF_LINK0 = 0x1000
- IFF_LINK1 = 0x2000
- IFF_LINK2 = 0x4000
- IFF_LOOPBACK = 0x8
- IFF_MULTICAST = 0x8000
- IFF_NOARP = 0x80
- IFF_NOTRAILERS = 0x20
- IFF_OACTIVE = 0x400
- IFF_POINTOPOINT = 0x10
- IFF_PROMISC = 0x100
- IFF_RUNNING = 0x40
- IFF_SIMPLEX = 0x800
- IFF_UP = 0x1
- IFNAMSIZ = 0x10
- IFT_1822 = 0x2
- IFT_AAL5 = 0x31
- IFT_ARCNET = 0x23
- IFT_ARCNETPLUS = 0x24
- IFT_ATM = 0x25
- IFT_BRIDGE = 0xd1
- IFT_CARP = 0xf8
- IFT_CELLULAR = 0xff
- IFT_CEPT = 0x13
- IFT_DS3 = 0x1e
- IFT_ENC = 0xf4
- IFT_EON = 0x19
- IFT_ETHER = 0x6
- IFT_FAITH = 0x38
- IFT_FDDI = 0xf
- IFT_FRELAY = 0x20
- IFT_FRELAYDCE = 0x2c
- IFT_GIF = 0x37
- IFT_HDH1822 = 0x3
- IFT_HIPPI = 0x2f
- IFT_HSSI = 0x2e
- IFT_HY = 0xe
- IFT_IEEE1394 = 0x90
- IFT_IEEE8023ADLAG = 0x88
- IFT_ISDNBASIC = 0x14
- IFT_ISDNPRIMARY = 0x15
- IFT_ISO88022LLC = 0x29
- IFT_ISO88023 = 0x7
- IFT_ISO88024 = 0x8
- IFT_ISO88025 = 0x9
- IFT_ISO88026 = 0xa
- IFT_L2VLAN = 0x87
- IFT_LAPB = 0x10
- IFT_LOCALTALK = 0x2a
- IFT_LOOP = 0x18
- IFT_MIOX25 = 0x26
- IFT_MODEM = 0x30
- IFT_NSIP = 0x1b
- IFT_OTHER = 0x1
- IFT_P10 = 0xc
- IFT_P80 = 0xd
- IFT_PARA = 0x22
- IFT_PDP = 0xff
- IFT_PFLOG = 0xf5
- IFT_PFSYNC = 0xf6
- IFT_PKTAP = 0xfe
- IFT_PPP = 0x17
- IFT_PROPMUX = 0x36
- IFT_PROPVIRTUAL = 0x35
- IFT_PTPSERIAL = 0x16
- IFT_RS232 = 0x21
- IFT_SDLC = 0x11
- IFT_SIP = 0x1f
- IFT_SLIP = 0x1c
- IFT_SMDSDXI = 0x2b
- IFT_SMDSICIP = 0x34
- IFT_SONET = 0x27
- IFT_SONETPATH = 0x32
- IFT_SONETVT = 0x33
- IFT_STARLAN = 0xb
- IFT_STF = 0x39
- IFT_T1 = 0x12
- IFT_ULTRA = 0x1d
- IFT_V35 = 0x2d
- IFT_X25 = 0x5
- IFT_X25DDN = 0x4
- IFT_X25PLE = 0x28
- IFT_XETHER = 0x1a
- IGNBRK = 0x1
- IGNCR = 0x80
- IGNPAR = 0x4
- IMAXBEL = 0x2000
- INLCR = 0x40
- INPCK = 0x10
- IN_CLASSA_HOST = 0xffffff
- IN_CLASSA_MAX = 0x80
- IN_CLASSA_NET = 0xff000000
- IN_CLASSA_NSHIFT = 0x18
- IN_CLASSB_HOST = 0xffff
- IN_CLASSB_MAX = 0x10000
- IN_CLASSB_NET = 0xffff0000
- IN_CLASSB_NSHIFT = 0x10
- IN_CLASSC_HOST = 0xff
- IN_CLASSC_NET = 0xffffff00
- IN_CLASSC_NSHIFT = 0x8
- IN_CLASSD_HOST = 0xfffffff
- IN_CLASSD_NET = 0xf0000000
- IN_CLASSD_NSHIFT = 0x1c
- IN_LINKLOCALNETNUM = 0xa9fe0000
- IN_LOOPBACKNET = 0x7f
- IPPROTO_3PC = 0x22
- IPPROTO_ADFS = 0x44
- IPPROTO_AH = 0x33
- IPPROTO_AHIP = 0x3d
- IPPROTO_APES = 0x63
- IPPROTO_ARGUS = 0xd
- IPPROTO_AX25 = 0x5d
- IPPROTO_BHA = 0x31
- IPPROTO_BLT = 0x1e
- IPPROTO_BRSATMON = 0x4c
- IPPROTO_CFTP = 0x3e
- IPPROTO_CHAOS = 0x10
- IPPROTO_CMTP = 0x26
- IPPROTO_CPHB = 0x49
- IPPROTO_CPNX = 0x48
- IPPROTO_DDP = 0x25
- IPPROTO_DGP = 0x56
- IPPROTO_DIVERT = 0xfe
- IPPROTO_DONE = 0x101
- IPPROTO_DSTOPTS = 0x3c
- IPPROTO_EGP = 0x8
- IPPROTO_EMCON = 0xe
- IPPROTO_ENCAP = 0x62
- IPPROTO_EON = 0x50
- IPPROTO_ESP = 0x32
- IPPROTO_ETHERIP = 0x61
- IPPROTO_FRAGMENT = 0x2c
- IPPROTO_GGP = 0x3
- IPPROTO_GMTP = 0x64
- IPPROTO_GRE = 0x2f
- IPPROTO_HELLO = 0x3f
- IPPROTO_HMP = 0x14
- IPPROTO_HOPOPTS = 0x0
- IPPROTO_ICMP = 0x1
- IPPROTO_ICMPV6 = 0x3a
- IPPROTO_IDP = 0x16
- IPPROTO_IDPR = 0x23
- IPPROTO_IDRP = 0x2d
- IPPROTO_IGMP = 0x2
- IPPROTO_IGP = 0x55
- IPPROTO_IGRP = 0x58
- IPPROTO_IL = 0x28
- IPPROTO_INLSP = 0x34
- IPPROTO_INP = 0x20
- IPPROTO_IP = 0x0
- IPPROTO_IPCOMP = 0x6c
- IPPROTO_IPCV = 0x47
- IPPROTO_IPEIP = 0x5e
- IPPROTO_IPIP = 0x4
- IPPROTO_IPPC = 0x43
- IPPROTO_IPV4 = 0x4
- IPPROTO_IPV6 = 0x29
- IPPROTO_IRTP = 0x1c
- IPPROTO_KRYPTOLAN = 0x41
- IPPROTO_LARP = 0x5b
- IPPROTO_LEAF1 = 0x19
- IPPROTO_LEAF2 = 0x1a
- IPPROTO_MAX = 0x100
- IPPROTO_MAXID = 0x34
- IPPROTO_MEAS = 0x13
- IPPROTO_MHRP = 0x30
- IPPROTO_MICP = 0x5f
- IPPROTO_MTP = 0x5c
- IPPROTO_MUX = 0x12
- IPPROTO_ND = 0x4d
- IPPROTO_NHRP = 0x36
- IPPROTO_NONE = 0x3b
- IPPROTO_NSP = 0x1f
- IPPROTO_NVPII = 0xb
- IPPROTO_OSPFIGP = 0x59
- IPPROTO_PGM = 0x71
- IPPROTO_PIGP = 0x9
- IPPROTO_PIM = 0x67
- IPPROTO_PRM = 0x15
- IPPROTO_PUP = 0xc
- IPPROTO_PVP = 0x4b
- IPPROTO_RAW = 0xff
- IPPROTO_RCCMON = 0xa
- IPPROTO_RDP = 0x1b
- IPPROTO_ROUTING = 0x2b
- IPPROTO_RSVP = 0x2e
- IPPROTO_RVD = 0x42
- IPPROTO_SATEXPAK = 0x40
- IPPROTO_SATMON = 0x45
- IPPROTO_SCCSP = 0x60
- IPPROTO_SCTP = 0x84
- IPPROTO_SDRP = 0x2a
- IPPROTO_SEP = 0x21
- IPPROTO_SRPC = 0x5a
- IPPROTO_ST = 0x7
- IPPROTO_SVMTP = 0x52
- IPPROTO_SWIPE = 0x35
- IPPROTO_TCF = 0x57
- IPPROTO_TCP = 0x6
- IPPROTO_TP = 0x1d
- IPPROTO_TPXX = 0x27
- IPPROTO_TRUNK1 = 0x17
- IPPROTO_TRUNK2 = 0x18
- IPPROTO_TTP = 0x54
- IPPROTO_UDP = 0x11
- IPPROTO_VINES = 0x53
- IPPROTO_VISA = 0x46
- IPPROTO_VMTP = 0x51
- IPPROTO_WBEXPAK = 0x4f
- IPPROTO_WBMON = 0x4e
- IPPROTO_WSN = 0x4a
- IPPROTO_XNET = 0xf
- IPPROTO_XTP = 0x24
- IPV6_2292DSTOPTS = 0x17
- IPV6_2292HOPLIMIT = 0x14
- IPV6_2292HOPOPTS = 0x16
- IPV6_2292NEXTHOP = 0x15
- IPV6_2292PKTINFO = 0x13
- IPV6_2292PKTOPTIONS = 0x19
- IPV6_2292RTHDR = 0x18
- IPV6_BINDV6ONLY = 0x1b
- IPV6_BOUND_IF = 0x7d
- IPV6_CHECKSUM = 0x1a
- IPV6_DEFAULT_MULTICAST_HOPS = 0x1
- IPV6_DEFAULT_MULTICAST_LOOP = 0x1
- IPV6_DEFHLIM = 0x40
- IPV6_FAITH = 0x1d
- IPV6_FLOWINFO_MASK = 0xffffff0f
- IPV6_FLOWLABEL_MASK = 0xffff0f00
- IPV6_FLOW_ECN_MASK = 0x300
- IPV6_FRAGTTL = 0x3c
- IPV6_FW_ADD = 0x1e
- IPV6_FW_DEL = 0x1f
- IPV6_FW_FLUSH = 0x20
- IPV6_FW_GET = 0x22
- IPV6_FW_ZERO = 0x21
- IPV6_HLIMDEC = 0x1
- IPV6_IPSEC_POLICY = 0x1c
- IPV6_JOIN_GROUP = 0xc
- IPV6_LEAVE_GROUP = 0xd
- IPV6_MAXHLIM = 0xff
- IPV6_MAXOPTHDR = 0x800
- IPV6_MAXPACKET = 0xffff
- IPV6_MAX_GROUP_SRC_FILTER = 0x200
- IPV6_MAX_MEMBERSHIPS = 0xfff
- IPV6_MAX_SOCK_SRC_FILTER = 0x80
- IPV6_MIN_MEMBERSHIPS = 0x1f
- IPV6_MMTU = 0x500
- IPV6_MULTICAST_HOPS = 0xa
- IPV6_MULTICAST_IF = 0x9
- IPV6_MULTICAST_LOOP = 0xb
- IPV6_PORTRANGE = 0xe
- IPV6_PORTRANGE_DEFAULT = 0x0
- IPV6_PORTRANGE_HIGH = 0x1
- IPV6_PORTRANGE_LOW = 0x2
- IPV6_RECVTCLASS = 0x23
- IPV6_RTHDR_LOOSE = 0x0
- IPV6_RTHDR_STRICT = 0x1
- IPV6_RTHDR_TYPE_0 = 0x0
- IPV6_SOCKOPT_RESERVED1 = 0x3
- IPV6_TCLASS = 0x24
- IPV6_UNICAST_HOPS = 0x4
- IPV6_V6ONLY = 0x1b
- IPV6_VERSION = 0x60
- IPV6_VERSION_MASK = 0xf0
- IP_ADD_MEMBERSHIP = 0xc
- IP_ADD_SOURCE_MEMBERSHIP = 0x46
- IP_BLOCK_SOURCE = 0x48
- IP_BOUND_IF = 0x19
- IP_DEFAULT_MULTICAST_LOOP = 0x1
- IP_DEFAULT_MULTICAST_TTL = 0x1
- IP_DF = 0x4000
- IP_DROP_MEMBERSHIP = 0xd
- IP_DROP_SOURCE_MEMBERSHIP = 0x47
- IP_DUMMYNET_CONFIGURE = 0x3c
- IP_DUMMYNET_DEL = 0x3d
- IP_DUMMYNET_FLUSH = 0x3e
- IP_DUMMYNET_GET = 0x40
- IP_FAITH = 0x16
- IP_FW_ADD = 0x28
- IP_FW_DEL = 0x29
- IP_FW_FLUSH = 0x2a
- IP_FW_GET = 0x2c
- IP_FW_RESETLOG = 0x2d
- IP_FW_ZERO = 0x2b
- IP_HDRINCL = 0x2
- IP_IPSEC_POLICY = 0x15
- IP_MAXPACKET = 0xffff
- IP_MAX_GROUP_SRC_FILTER = 0x200
- IP_MAX_MEMBERSHIPS = 0xfff
- IP_MAX_SOCK_MUTE_FILTER = 0x80
- IP_MAX_SOCK_SRC_FILTER = 0x80
- IP_MF = 0x2000
- IP_MIN_MEMBERSHIPS = 0x1f
- IP_MSFILTER = 0x4a
- IP_MSS = 0x240
- IP_MULTICAST_IF = 0x9
- IP_MULTICAST_IFINDEX = 0x42
- IP_MULTICAST_LOOP = 0xb
- IP_MULTICAST_TTL = 0xa
- IP_MULTICAST_VIF = 0xe
- IP_NAT__XXX = 0x37
- IP_OFFMASK = 0x1fff
- IP_OLD_FW_ADD = 0x32
- IP_OLD_FW_DEL = 0x33
- IP_OLD_FW_FLUSH = 0x34
- IP_OLD_FW_GET = 0x36
- IP_OLD_FW_RESETLOG = 0x38
- IP_OLD_FW_ZERO = 0x35
- IP_OPTIONS = 0x1
- IP_PKTINFO = 0x1a
- IP_PORTRANGE = 0x13
- IP_PORTRANGE_DEFAULT = 0x0
- IP_PORTRANGE_HIGH = 0x1
- IP_PORTRANGE_LOW = 0x2
- IP_RECVDSTADDR = 0x7
- IP_RECVIF = 0x14
- IP_RECVOPTS = 0x5
- IP_RECVPKTINFO = 0x1a
- IP_RECVRETOPTS = 0x6
- IP_RECVTOS = 0x1b
- IP_RECVTTL = 0x18
- IP_RETOPTS = 0x8
- IP_RF = 0x8000
- IP_RSVP_OFF = 0x10
- IP_RSVP_ON = 0xf
- IP_RSVP_VIF_OFF = 0x12
- IP_RSVP_VIF_ON = 0x11
- IP_STRIPHDR = 0x17
- IP_TOS = 0x3
- IP_TRAFFIC_MGT_BACKGROUND = 0x41
- IP_TTL = 0x4
- IP_UNBLOCK_SOURCE = 0x49
- ISIG = 0x80
- ISTRIP = 0x20
- IUTF8 = 0x4000
- IXANY = 0x800
- IXOFF = 0x400
- IXON = 0x200
- KERN_HOSTNAME = 0xa
- KERN_OSRELEASE = 0x2
- KERN_OSTYPE = 0x1
- KERN_VERSION = 0x4
- LOCK_EX = 0x2
- LOCK_NB = 0x4
- LOCK_SH = 0x1
- LOCK_UN = 0x8
- MADV_CAN_REUSE = 0x9
- MADV_DONTNEED = 0x4
- MADV_FREE = 0x5
- MADV_FREE_REUSABLE = 0x7
- MADV_FREE_REUSE = 0x8
- MADV_NORMAL = 0x0
- MADV_PAGEOUT = 0xa
- MADV_RANDOM = 0x1
- MADV_SEQUENTIAL = 0x2
- MADV_WILLNEED = 0x3
- MADV_ZERO_WIRED_PAGES = 0x6
- MAP_ANON = 0x1000
- MAP_ANONYMOUS = 0x1000
- MAP_COPY = 0x2
- MAP_FILE = 0x0
- MAP_FIXED = 0x10
- MAP_HASSEMAPHORE = 0x200
- MAP_JIT = 0x800
- MAP_NOCACHE = 0x400
- MAP_NOEXTEND = 0x100
- MAP_NORESERVE = 0x40
- MAP_PRIVATE = 0x2
- MAP_RENAME = 0x20
- MAP_RESERVED0080 = 0x80
- MAP_RESILIENT_CODESIGN = 0x2000
- MAP_RESILIENT_MEDIA = 0x4000
- MAP_SHARED = 0x1
- MCL_CURRENT = 0x1
- MCL_FUTURE = 0x2
- MNT_ASYNC = 0x40
- MNT_AUTOMOUNTED = 0x400000
- MNT_CMDFLAGS = 0xf0000
- MNT_CPROTECT = 0x80
- MNT_DEFWRITE = 0x2000000
- MNT_DONTBROWSE = 0x100000
- MNT_DOVOLFS = 0x8000
- MNT_DWAIT = 0x4
- MNT_EXPORTED = 0x100
- MNT_FORCE = 0x80000
- MNT_IGNORE_OWNERSHIP = 0x200000
- MNT_JOURNALED = 0x800000
- MNT_LOCAL = 0x1000
- MNT_MULTILABEL = 0x4000000
- MNT_NOATIME = 0x10000000
- MNT_NOBLOCK = 0x20000
- MNT_NODEV = 0x10
- MNT_NOEXEC = 0x4
- MNT_NOSUID = 0x8
- MNT_NOUSERXATTR = 0x1000000
- MNT_NOWAIT = 0x2
- MNT_QUARANTINE = 0x400
- MNT_QUOTA = 0x2000
- MNT_RDONLY = 0x1
- MNT_RELOAD = 0x40000
- MNT_ROOTFS = 0x4000
- MNT_SYNCHRONOUS = 0x2
- MNT_UNION = 0x20
- MNT_UNKNOWNPERMISSIONS = 0x200000
- MNT_UPDATE = 0x10000
- MNT_VISFLAGMASK = 0x17f0f5ff
- MNT_WAIT = 0x1
- MSG_CTRUNC = 0x20
- MSG_DONTROUTE = 0x4
- MSG_DONTWAIT = 0x80
- MSG_EOF = 0x100
- MSG_EOR = 0x8
- MSG_FLUSH = 0x400
- MSG_HAVEMORE = 0x2000
- MSG_HOLD = 0x800
- MSG_NEEDSA = 0x10000
- MSG_OOB = 0x1
- MSG_PEEK = 0x2
- MSG_RCVMORE = 0x4000
- MSG_SEND = 0x1000
- MSG_TRUNC = 0x10
- MSG_WAITALL = 0x40
- MSG_WAITSTREAM = 0x200
- MS_ASYNC = 0x1
- MS_DEACTIVATE = 0x8
- MS_INVALIDATE = 0x2
- MS_KILLPAGES = 0x4
- MS_SYNC = 0x10
- NAME_MAX = 0xff
- NET_RT_DUMP = 0x1
- NET_RT_DUMP2 = 0x7
- NET_RT_FLAGS = 0x2
- NET_RT_IFLIST = 0x3
- NET_RT_IFLIST2 = 0x6
- NET_RT_MAXID = 0xa
- NET_RT_STAT = 0x4
- NET_RT_TRASH = 0x5
- NFDBITS = 0x20
- NL0 = 0x0
- NL1 = 0x100
- NL2 = 0x200
- NL3 = 0x300
- NLDLY = 0x300
- NOFLSH = 0x80000000
- NOKERNINFO = 0x2000000
- NOTE_ABSOLUTE = 0x8
- NOTE_ATTRIB = 0x8
- NOTE_BACKGROUND = 0x40
- NOTE_CHILD = 0x4
- NOTE_CRITICAL = 0x20
- NOTE_DELETE = 0x1
- NOTE_EXEC = 0x20000000
- NOTE_EXIT = 0x80000000
- NOTE_EXITSTATUS = 0x4000000
- NOTE_EXIT_CSERROR = 0x40000
- NOTE_EXIT_DECRYPTFAIL = 0x10000
- NOTE_EXIT_DETAIL = 0x2000000
- NOTE_EXIT_DETAIL_MASK = 0x70000
- NOTE_EXIT_MEMORY = 0x20000
- NOTE_EXIT_REPARENTED = 0x80000
- NOTE_EXTEND = 0x4
- NOTE_FFAND = 0x40000000
- NOTE_FFCOPY = 0xc0000000
- NOTE_FFCTRLMASK = 0xc0000000
- NOTE_FFLAGSMASK = 0xffffff
- NOTE_FFNOP = 0x0
- NOTE_FFOR = 0x80000000
- NOTE_FORK = 0x40000000
- NOTE_FUNLOCK = 0x100
- NOTE_LEEWAY = 0x10
- NOTE_LINK = 0x10
- NOTE_LOWAT = 0x1
- NOTE_MACH_CONTINUOUS_TIME = 0x80
- NOTE_NONE = 0x80
- NOTE_NSECONDS = 0x4
- NOTE_OOB = 0x2
- NOTE_PCTRLMASK = -0x100000
- NOTE_PDATAMASK = 0xfffff
- NOTE_REAP = 0x10000000
- NOTE_RENAME = 0x20
- NOTE_REVOKE = 0x40
- NOTE_SECONDS = 0x1
- NOTE_SIGNAL = 0x8000000
- NOTE_TRACK = 0x1
- NOTE_TRACKERR = 0x2
- NOTE_TRIGGER = 0x1000000
- NOTE_USECONDS = 0x2
- NOTE_VM_ERROR = 0x10000000
- NOTE_VM_PRESSURE = 0x80000000
- NOTE_VM_PRESSURE_SUDDEN_TERMINATE = 0x20000000
- NOTE_VM_PRESSURE_TERMINATE = 0x40000000
- NOTE_WRITE = 0x2
- OCRNL = 0x10
- OFDEL = 0x20000
- OFILL = 0x80
- ONLCR = 0x2
- ONLRET = 0x40
- ONOCR = 0x20
- ONOEOT = 0x8
- OPOST = 0x1
- OXTABS = 0x4
- O_ACCMODE = 0x3
- O_ALERT = 0x20000000
- O_APPEND = 0x8
- O_ASYNC = 0x40
- O_CLOEXEC = 0x1000000
- O_CREAT = 0x200
- O_DIRECTORY = 0x100000
- O_DP_GETRAWENCRYPTED = 0x1
- O_DP_GETRAWUNENCRYPTED = 0x2
- O_DSYNC = 0x400000
- O_EVTONLY = 0x8000
- O_EXCL = 0x800
- O_EXLOCK = 0x20
- O_FSYNC = 0x80
- O_NDELAY = 0x4
- O_NOCTTY = 0x20000
- O_NOFOLLOW = 0x100
- O_NONBLOCK = 0x4
- O_POPUP = 0x80000000
- O_RDONLY = 0x0
- O_RDWR = 0x2
- O_SHLOCK = 0x10
- O_SYMLINK = 0x200000
- O_SYNC = 0x80
- O_TRUNC = 0x400
- O_WRONLY = 0x1
- PARENB = 0x1000
- PARMRK = 0x8
- PARODD = 0x2000
- PENDIN = 0x20000000
- PRIO_PGRP = 0x1
- PRIO_PROCESS = 0x0
- PRIO_USER = 0x2
- PROT_EXEC = 0x4
- PROT_NONE = 0x0
- PROT_READ = 0x1
- PROT_WRITE = 0x2
- PT_ATTACH = 0xa
- PT_ATTACHEXC = 0xe
- PT_CONTINUE = 0x7
- PT_DENY_ATTACH = 0x1f
- PT_DETACH = 0xb
- PT_FIRSTMACH = 0x20
- PT_FORCEQUOTA = 0x1e
- PT_KILL = 0x8
- PT_READ_D = 0x2
- PT_READ_I = 0x1
- PT_READ_U = 0x3
- PT_SIGEXC = 0xc
- PT_STEP = 0x9
- PT_THUPDATE = 0xd
- PT_TRACE_ME = 0x0
- PT_WRITE_D = 0x5
- PT_WRITE_I = 0x4
- PT_WRITE_U = 0x6
- RLIMIT_AS = 0x5
- RLIMIT_CORE = 0x4
- RLIMIT_CPU = 0x0
- RLIMIT_CPU_USAGE_MONITOR = 0x2
- RLIMIT_DATA = 0x2
- RLIMIT_FSIZE = 0x1
- RLIMIT_MEMLOCK = 0x6
- RLIMIT_NOFILE = 0x8
- RLIMIT_NPROC = 0x7
- RLIMIT_RSS = 0x5
- RLIMIT_STACK = 0x3
- RLIM_INFINITY = 0x7fffffffffffffff
- RTAX_AUTHOR = 0x6
- RTAX_BRD = 0x7
- RTAX_DST = 0x0
- RTAX_GATEWAY = 0x1
- RTAX_GENMASK = 0x3
- RTAX_IFA = 0x5
- RTAX_IFP = 0x4
- RTAX_MAX = 0x8
- RTAX_NETMASK = 0x2
- RTA_AUTHOR = 0x40
- RTA_BRD = 0x80
- RTA_DST = 0x1
- RTA_GATEWAY = 0x2
- RTA_GENMASK = 0x8
- RTA_IFA = 0x20
- RTA_IFP = 0x10
- RTA_NETMASK = 0x4
- RTF_BLACKHOLE = 0x1000
- RTF_BROADCAST = 0x400000
- RTF_CLONING = 0x100
- RTF_CONDEMNED = 0x2000000
- RTF_DELCLONE = 0x80
- RTF_DONE = 0x40
- RTF_DYNAMIC = 0x10
- RTF_GATEWAY = 0x2
- RTF_HOST = 0x4
- RTF_IFREF = 0x4000000
- RTF_IFSCOPE = 0x1000000
- RTF_LLINFO = 0x400
- RTF_LOCAL = 0x200000
- RTF_MODIFIED = 0x20
- RTF_MULTICAST = 0x800000
- RTF_NOIFREF = 0x2000
- RTF_PINNED = 0x100000
- RTF_PRCLONING = 0x10000
- RTF_PROTO1 = 0x8000
- RTF_PROTO2 = 0x4000
- RTF_PROTO3 = 0x40000
- RTF_PROXY = 0x8000000
- RTF_REJECT = 0x8
- RTF_ROUTER = 0x10000000
- RTF_STATIC = 0x800
- RTF_UP = 0x1
- RTF_WASCLONED = 0x20000
- RTF_XRESOLVE = 0x200
- RTM_ADD = 0x1
- RTM_CHANGE = 0x3
- RTM_DELADDR = 0xd
- RTM_DELETE = 0x2
- RTM_DELMADDR = 0x10
- RTM_GET = 0x4
- RTM_GET2 = 0x14
- RTM_IFINFO = 0xe
- RTM_IFINFO2 = 0x12
- RTM_LOCK = 0x8
- RTM_LOSING = 0x5
- RTM_MISS = 0x7
- RTM_NEWADDR = 0xc
- RTM_NEWMADDR = 0xf
- RTM_NEWMADDR2 = 0x13
- RTM_OLDADD = 0x9
- RTM_OLDDEL = 0xa
- RTM_REDIRECT = 0x6
- RTM_RESOLVE = 0xb
- RTM_RTTUNIT = 0xf4240
- RTM_VERSION = 0x5
- RTV_EXPIRE = 0x4
- RTV_HOPCOUNT = 0x2
- RTV_MTU = 0x1
- RTV_RPIPE = 0x8
- RTV_RTT = 0x40
- RTV_RTTVAR = 0x80
- RTV_SPIPE = 0x10
- RTV_SSTHRESH = 0x20
- RUSAGE_CHILDREN = -0x1
- RUSAGE_SELF = 0x0
- SCM_CREDS = 0x3
- SCM_RIGHTS = 0x1
- SCM_TIMESTAMP = 0x2
- SCM_TIMESTAMP_MONOTONIC = 0x4
- SHUT_RD = 0x0
- SHUT_RDWR = 0x2
- SHUT_WR = 0x1
- SIOCADDMULTI = 0x80206931
- SIOCAIFADDR = 0x8040691a
- SIOCARPIPLL = 0xc0206928
- SIOCATMARK = 0x40047307
- SIOCAUTOADDR = 0xc0206926
- SIOCAUTONETMASK = 0x80206927
- SIOCDELMULTI = 0x80206932
- SIOCDIFADDR = 0x80206919
- SIOCDIFPHYADDR = 0x80206941
- SIOCGDRVSPEC = 0xc028697b
- SIOCGETVLAN = 0xc020697f
- SIOCGHIWAT = 0x40047301
- SIOCGIFADDR = 0xc0206921
- SIOCGIFALTMTU = 0xc0206948
- SIOCGIFASYNCMAP = 0xc020697c
- SIOCGIFBOND = 0xc0206947
- SIOCGIFBRDADDR = 0xc0206923
- SIOCGIFCAP = 0xc020695b
- SIOCGIFCONF = 0xc00c6924
- SIOCGIFDEVMTU = 0xc0206944
- SIOCGIFDSTADDR = 0xc0206922
- SIOCGIFFLAGS = 0xc0206911
- SIOCGIFGENERIC = 0xc020693a
- SIOCGIFKPI = 0xc0206987
- SIOCGIFMAC = 0xc0206982
- SIOCGIFMEDIA = 0xc02c6938
- SIOCGIFMETRIC = 0xc0206917
- SIOCGIFMTU = 0xc0206933
- SIOCGIFNETMASK = 0xc0206925
- SIOCGIFPDSTADDR = 0xc0206940
- SIOCGIFPHYS = 0xc0206935
- SIOCGIFPSRCADDR = 0xc020693f
- SIOCGIFSTATUS = 0xc331693d
- SIOCGIFVLAN = 0xc020697f
- SIOCGIFWAKEFLAGS = 0xc0206988
- SIOCGLOWAT = 0x40047303
- SIOCGPGRP = 0x40047309
- SIOCIFCREATE = 0xc0206978
- SIOCIFCREATE2 = 0xc020697a
- SIOCIFDESTROY = 0x80206979
- SIOCIFGCLONERS = 0xc0106981
- SIOCRSLVMULTI = 0xc010693b
- SIOCSDRVSPEC = 0x8028697b
- SIOCSETVLAN = 0x8020697e
- SIOCSHIWAT = 0x80047300
- SIOCSIFADDR = 0x8020690c
- SIOCSIFALTMTU = 0x80206945
- SIOCSIFASYNCMAP = 0x8020697d
- SIOCSIFBOND = 0x80206946
- SIOCSIFBRDADDR = 0x80206913
- SIOCSIFCAP = 0x8020695a
- SIOCSIFDSTADDR = 0x8020690e
- SIOCSIFFLAGS = 0x80206910
- SIOCSIFGENERIC = 0x80206939
- SIOCSIFKPI = 0x80206986
- SIOCSIFLLADDR = 0x8020693c
- SIOCSIFMAC = 0x80206983
- SIOCSIFMEDIA = 0xc0206937
- SIOCSIFMETRIC = 0x80206918
- SIOCSIFMTU = 0x80206934
- SIOCSIFNETMASK = 0x80206916
- SIOCSIFPHYADDR = 0x8040693e
- SIOCSIFPHYS = 0x80206936
- SIOCSIFVLAN = 0x8020697e
- SIOCSLOWAT = 0x80047302
- SIOCSPGRP = 0x80047308
- SOCK_DGRAM = 0x2
- SOCK_MAXADDRLEN = 0xff
- SOCK_RAW = 0x3
- SOCK_RDM = 0x4
- SOCK_SEQPACKET = 0x5
- SOCK_STREAM = 0x1
- SOL_SOCKET = 0xffff
- SOMAXCONN = 0x80
- SO_ACCEPTCONN = 0x2
- SO_BROADCAST = 0x20
- SO_DEBUG = 0x1
- SO_DONTROUTE = 0x10
- SO_DONTTRUNC = 0x2000
- SO_ERROR = 0x1007
- SO_KEEPALIVE = 0x8
- SO_LABEL = 0x1010
- SO_LINGER = 0x80
- SO_LINGER_SEC = 0x1080
- SO_NETSVC_MARKING_LEVEL = 0x1119
- SO_NET_SERVICE_TYPE = 0x1116
- SO_NKE = 0x1021
- SO_NOADDRERR = 0x1023
- SO_NOSIGPIPE = 0x1022
- SO_NOTIFYCONFLICT = 0x1026
- SO_NP_EXTENSIONS = 0x1083
- SO_NREAD = 0x1020
- SO_NUMRCVPKT = 0x1112
- SO_NWRITE = 0x1024
- SO_OOBINLINE = 0x100
- SO_PEERLABEL = 0x1011
- SO_RANDOMPORT = 0x1082
- SO_RCVBUF = 0x1002
- SO_RCVLOWAT = 0x1004
- SO_RCVTIMEO = 0x1006
- SO_REUSEADDR = 0x4
- SO_REUSEPORT = 0x200
- SO_REUSESHAREUID = 0x1025
- SO_SNDBUF = 0x1001
- SO_SNDLOWAT = 0x1003
- SO_SNDTIMEO = 0x1005
- SO_TIMESTAMP = 0x400
- SO_TIMESTAMP_MONOTONIC = 0x800
- SO_TYPE = 0x1008
- SO_UPCALLCLOSEWAIT = 0x1027
- SO_USELOOPBACK = 0x40
- SO_WANTMORE = 0x4000
- SO_WANTOOBFLAG = 0x8000
- S_IEXEC = 0x40
- S_IFBLK = 0x6000
- S_IFCHR = 0x2000
- S_IFDIR = 0x4000
- S_IFIFO = 0x1000
- S_IFLNK = 0xa000
- S_IFMT = 0xf000
- S_IFREG = 0x8000
- S_IFSOCK = 0xc000
- S_IFWHT = 0xe000
- S_IREAD = 0x100
- S_IRGRP = 0x20
- S_IROTH = 0x4
- S_IRUSR = 0x100
- S_IRWXG = 0x38
- S_IRWXO = 0x7
- S_IRWXU = 0x1c0
- S_ISGID = 0x400
- S_ISTXT = 0x200
- S_ISUID = 0x800
- S_ISVTX = 0x200
- S_IWGRP = 0x10
- S_IWOTH = 0x2
- S_IWRITE = 0x80
- S_IWUSR = 0x80
- S_IXGRP = 0x8
- S_IXOTH = 0x1
- S_IXUSR = 0x40
- TAB0 = 0x0
- TAB1 = 0x400
- TAB2 = 0x800
- TAB3 = 0x4
- TABDLY = 0xc04
- TCIFLUSH = 0x1
- TCIOFF = 0x3
- TCIOFLUSH = 0x3
- TCION = 0x4
- TCOFLUSH = 0x2
- TCOOFF = 0x1
- TCOON = 0x2
- TCP_CONNECTIONTIMEOUT = 0x20
- TCP_CONNECTION_INFO = 0x106
- TCP_ENABLE_ECN = 0x104
- TCP_FASTOPEN = 0x105
- TCP_KEEPALIVE = 0x10
- TCP_KEEPCNT = 0x102
- TCP_KEEPINTVL = 0x101
- TCP_MAXHLEN = 0x3c
- TCP_MAXOLEN = 0x28
- TCP_MAXSEG = 0x2
- TCP_MAXWIN = 0xffff
- TCP_MAX_SACK = 0x4
- TCP_MAX_WINSHIFT = 0xe
- TCP_MINMSS = 0xd8
- TCP_MSS = 0x200
- TCP_NODELAY = 0x1
- TCP_NOOPT = 0x8
- TCP_NOPUSH = 0x4
- TCP_NOTSENT_LOWAT = 0x201
- TCP_RXT_CONNDROPTIME = 0x80
- TCP_RXT_FINDROP = 0x100
- TCP_SENDMOREACKS = 0x103
- TCSAFLUSH = 0x2
- TIOCCBRK = 0x2000747a
- TIOCCDTR = 0x20007478
- TIOCCONS = 0x80047462
- TIOCDCDTIMESTAMP = 0x40107458
- TIOCDRAIN = 0x2000745e
- TIOCDSIMICROCODE = 0x20007455
- TIOCEXCL = 0x2000740d
- TIOCEXT = 0x80047460
- TIOCFLUSH = 0x80047410
- TIOCGDRAINWAIT = 0x40047456
- TIOCGETA = 0x40487413
- TIOCGETD = 0x4004741a
- TIOCGPGRP = 0x40047477
- TIOCGWINSZ = 0x40087468
- TIOCIXOFF = 0x20007480
- TIOCIXON = 0x20007481
- TIOCMBIC = 0x8004746b
- TIOCMBIS = 0x8004746c
- TIOCMGDTRWAIT = 0x4004745a
- TIOCMGET = 0x4004746a
- TIOCMODG = 0x40047403
- TIOCMODS = 0x80047404
- TIOCMSDTRWAIT = 0x8004745b
- TIOCMSET = 0x8004746d
- TIOCM_CAR = 0x40
- TIOCM_CD = 0x40
- TIOCM_CTS = 0x20
- TIOCM_DSR = 0x100
- TIOCM_DTR = 0x2
- TIOCM_LE = 0x1
- TIOCM_RI = 0x80
- TIOCM_RNG = 0x80
- TIOCM_RTS = 0x4
- TIOCM_SR = 0x10
- TIOCM_ST = 0x8
- TIOCNOTTY = 0x20007471
- TIOCNXCL = 0x2000740e
- TIOCOUTQ = 0x40047473
- TIOCPKT = 0x80047470
- TIOCPKT_DATA = 0x0
- TIOCPKT_DOSTOP = 0x20
- TIOCPKT_FLUSHREAD = 0x1
- TIOCPKT_FLUSHWRITE = 0x2
- TIOCPKT_IOCTL = 0x40
- TIOCPKT_NOSTOP = 0x10
- TIOCPKT_START = 0x8
- TIOCPKT_STOP = 0x4
- TIOCPTYGNAME = 0x40807453
- TIOCPTYGRANT = 0x20007454
- TIOCPTYUNLK = 0x20007452
- TIOCREMOTE = 0x80047469
- TIOCSBRK = 0x2000747b
- TIOCSCONS = 0x20007463
- TIOCSCTTY = 0x20007461
- TIOCSDRAINWAIT = 0x80047457
- TIOCSDTR = 0x20007479
- TIOCSETA = 0x80487414
- TIOCSETAF = 0x80487416
- TIOCSETAW = 0x80487415
- TIOCSETD = 0x8004741b
- TIOCSIG = 0x2000745f
- TIOCSPGRP = 0x80047476
- TIOCSTART = 0x2000746e
- TIOCSTAT = 0x20007465
- TIOCSTI = 0x80017472
- TIOCSTOP = 0x2000746f
- TIOCSWINSZ = 0x80087467
- TIOCTIMESTAMP = 0x40107459
- TIOCUCNTL = 0x80047466
- TOSTOP = 0x400000
- VDISCARD = 0xf
- VDSUSP = 0xb
- VEOF = 0x0
- VEOL = 0x1
- VEOL2 = 0x2
- VERASE = 0x3
- VINTR = 0x8
- VKILL = 0x5
- VLNEXT = 0xe
- VMIN = 0x10
- VM_LOADAVG = 0x2
- VM_MACHFACTOR = 0x4
- VM_MAXID = 0x6
- VM_METER = 0x1
- VM_SWAPUSAGE = 0x5
- VQUIT = 0x9
- VREPRINT = 0x6
- VSTART = 0xc
- VSTATUS = 0x12
- VSTOP = 0xd
- VSUSP = 0xa
- VT0 = 0x0
- VT1 = 0x10000
- VTDLY = 0x10000
- VTIME = 0x11
- VWERASE = 0x4
- WCONTINUED = 0x10
- WCOREFLAG = 0x80
- WEXITED = 0x4
- WNOHANG = 0x1
- WNOWAIT = 0x20
- WORDSIZE = 0x40
- WSTOPPED = 0x8
- WUNTRACED = 0x2
- XATTR_CREATE = 0x2
- XATTR_NODEFAULT = 0x10
- XATTR_NOFOLLOW = 0x1
- XATTR_NOSECURITY = 0x8
- XATTR_REPLACE = 0x4
- XATTR_SHOWCOMPRESSION = 0x20
-)
-
-// Errors
-const (
- E2BIG = syscall.Errno(0x7)
- EACCES = syscall.Errno(0xd)
- EADDRINUSE = syscall.Errno(0x30)
- EADDRNOTAVAIL = syscall.Errno(0x31)
- EAFNOSUPPORT = syscall.Errno(0x2f)
- EAGAIN = syscall.Errno(0x23)
- EALREADY = syscall.Errno(0x25)
- EAUTH = syscall.Errno(0x50)
- EBADARCH = syscall.Errno(0x56)
- EBADEXEC = syscall.Errno(0x55)
- EBADF = syscall.Errno(0x9)
- EBADMACHO = syscall.Errno(0x58)
- EBADMSG = syscall.Errno(0x5e)
- EBADRPC = syscall.Errno(0x48)
- EBUSY = syscall.Errno(0x10)
- ECANCELED = syscall.Errno(0x59)
- ECHILD = syscall.Errno(0xa)
- ECONNABORTED = syscall.Errno(0x35)
- ECONNREFUSED = syscall.Errno(0x3d)
- ECONNRESET = syscall.Errno(0x36)
- EDEADLK = syscall.Errno(0xb)
- EDESTADDRREQ = syscall.Errno(0x27)
- EDEVERR = syscall.Errno(0x53)
- EDOM = syscall.Errno(0x21)
- EDQUOT = syscall.Errno(0x45)
- EEXIST = syscall.Errno(0x11)
- EFAULT = syscall.Errno(0xe)
- EFBIG = syscall.Errno(0x1b)
- EFTYPE = syscall.Errno(0x4f)
- EHOSTDOWN = syscall.Errno(0x40)
- EHOSTUNREACH = syscall.Errno(0x41)
- EIDRM = syscall.Errno(0x5a)
- EILSEQ = syscall.Errno(0x5c)
- EINPROGRESS = syscall.Errno(0x24)
- EINTR = syscall.Errno(0x4)
- EINVAL = syscall.Errno(0x16)
- EIO = syscall.Errno(0x5)
- EISCONN = syscall.Errno(0x38)
- EISDIR = syscall.Errno(0x15)
- ELAST = syscall.Errno(0x6a)
- ELOOP = syscall.Errno(0x3e)
- EMFILE = syscall.Errno(0x18)
- EMLINK = syscall.Errno(0x1f)
- EMSGSIZE = syscall.Errno(0x28)
- EMULTIHOP = syscall.Errno(0x5f)
- ENAMETOOLONG = syscall.Errno(0x3f)
- ENEEDAUTH = syscall.Errno(0x51)
- ENETDOWN = syscall.Errno(0x32)
- ENETRESET = syscall.Errno(0x34)
- ENETUNREACH = syscall.Errno(0x33)
- ENFILE = syscall.Errno(0x17)
- ENOATTR = syscall.Errno(0x5d)
- ENOBUFS = syscall.Errno(0x37)
- ENODATA = syscall.Errno(0x60)
- ENODEV = syscall.Errno(0x13)
- ENOENT = syscall.Errno(0x2)
- ENOEXEC = syscall.Errno(0x8)
- ENOLCK = syscall.Errno(0x4d)
- ENOLINK = syscall.Errno(0x61)
- ENOMEM = syscall.Errno(0xc)
- ENOMSG = syscall.Errno(0x5b)
- ENOPOLICY = syscall.Errno(0x67)
- ENOPROTOOPT = syscall.Errno(0x2a)
- ENOSPC = syscall.Errno(0x1c)
- ENOSR = syscall.Errno(0x62)
- ENOSTR = syscall.Errno(0x63)
- ENOSYS = syscall.Errno(0x4e)
- ENOTBLK = syscall.Errno(0xf)
- ENOTCONN = syscall.Errno(0x39)
- ENOTDIR = syscall.Errno(0x14)
- ENOTEMPTY = syscall.Errno(0x42)
- ENOTRECOVERABLE = syscall.Errno(0x68)
- ENOTSOCK = syscall.Errno(0x26)
- ENOTSUP = syscall.Errno(0x2d)
- ENOTTY = syscall.Errno(0x19)
- ENXIO = syscall.Errno(0x6)
- EOPNOTSUPP = syscall.Errno(0x66)
- EOVERFLOW = syscall.Errno(0x54)
- EOWNERDEAD = syscall.Errno(0x69)
- EPERM = syscall.Errno(0x1)
- EPFNOSUPPORT = syscall.Errno(0x2e)
- EPIPE = syscall.Errno(0x20)
- EPROCLIM = syscall.Errno(0x43)
- EPROCUNAVAIL = syscall.Errno(0x4c)
- EPROGMISMATCH = syscall.Errno(0x4b)
- EPROGUNAVAIL = syscall.Errno(0x4a)
- EPROTO = syscall.Errno(0x64)
- EPROTONOSUPPORT = syscall.Errno(0x2b)
- EPROTOTYPE = syscall.Errno(0x29)
- EPWROFF = syscall.Errno(0x52)
- EQFULL = syscall.Errno(0x6a)
- ERANGE = syscall.Errno(0x22)
- EREMOTE = syscall.Errno(0x47)
- EROFS = syscall.Errno(0x1e)
- ERPCMISMATCH = syscall.Errno(0x49)
- ESHLIBVERS = syscall.Errno(0x57)
- ESHUTDOWN = syscall.Errno(0x3a)
- ESOCKTNOSUPPORT = syscall.Errno(0x2c)
- ESPIPE = syscall.Errno(0x1d)
- ESRCH = syscall.Errno(0x3)
- ESTALE = syscall.Errno(0x46)
- ETIME = syscall.Errno(0x65)
- ETIMEDOUT = syscall.Errno(0x3c)
- ETOOMANYREFS = syscall.Errno(0x3b)
- ETXTBSY = syscall.Errno(0x1a)
- EUSERS = syscall.Errno(0x44)
- EWOULDBLOCK = syscall.Errno(0x23)
- EXDEV = syscall.Errno(0x12)
-)
-
-// Signals
-const (
- SIGABRT = syscall.Signal(0x6)
- SIGALRM = syscall.Signal(0xe)
- SIGBUS = syscall.Signal(0xa)
- SIGCHLD = syscall.Signal(0x14)
- SIGCONT = syscall.Signal(0x13)
- SIGEMT = syscall.Signal(0x7)
- SIGFPE = syscall.Signal(0x8)
- SIGHUP = syscall.Signal(0x1)
- SIGILL = syscall.Signal(0x4)
- SIGINFO = syscall.Signal(0x1d)
- SIGINT = syscall.Signal(0x2)
- SIGIO = syscall.Signal(0x17)
- SIGIOT = syscall.Signal(0x6)
- SIGKILL = syscall.Signal(0x9)
- SIGPIPE = syscall.Signal(0xd)
- SIGPROF = syscall.Signal(0x1b)
- SIGQUIT = syscall.Signal(0x3)
- SIGSEGV = syscall.Signal(0xb)
- SIGSTOP = syscall.Signal(0x11)
- SIGSYS = syscall.Signal(0xc)
- SIGTERM = syscall.Signal(0xf)
- SIGTRAP = syscall.Signal(0x5)
- SIGTSTP = syscall.Signal(0x12)
- SIGTTIN = syscall.Signal(0x15)
- SIGTTOU = syscall.Signal(0x16)
- SIGURG = syscall.Signal(0x10)
- SIGUSR1 = syscall.Signal(0x1e)
- SIGUSR2 = syscall.Signal(0x1f)
- SIGVTALRM = syscall.Signal(0x1a)
- SIGWINCH = syscall.Signal(0x1c)
- SIGXCPU = syscall.Signal(0x18)
- SIGXFSZ = syscall.Signal(0x19)
-)
-
-// Error table
-var errorList = [...]struct {
- num syscall.Errno
- name string
- desc string
-}{
- {1, "EPERM", "operation not permitted"},
- {2, "ENOENT", "no such file or directory"},
- {3, "ESRCH", "no such process"},
- {4, "EINTR", "interrupted system call"},
- {5, "EIO", "input/output error"},
- {6, "ENXIO", "device not configured"},
- {7, "E2BIG", "argument list too long"},
- {8, "ENOEXEC", "exec format error"},
- {9, "EBADF", "bad file descriptor"},
- {10, "ECHILD", "no child processes"},
- {11, "EDEADLK", "resource deadlock avoided"},
- {12, "ENOMEM", "cannot allocate memory"},
- {13, "EACCES", "permission denied"},
- {14, "EFAULT", "bad address"},
- {15, "ENOTBLK", "block device required"},
- {16, "EBUSY", "resource busy"},
- {17, "EEXIST", "file exists"},
- {18, "EXDEV", "cross-device link"},
- {19, "ENODEV", "operation not supported by device"},
- {20, "ENOTDIR", "not a directory"},
- {21, "EISDIR", "is a directory"},
- {22, "EINVAL", "invalid argument"},
- {23, "ENFILE", "too many open files in system"},
- {24, "EMFILE", "too many open files"},
- {25, "ENOTTY", "inappropriate ioctl for device"},
- {26, "ETXTBSY", "text file busy"},
- {27, "EFBIG", "file too large"},
- {28, "ENOSPC", "no space left on device"},
- {29, "ESPIPE", "illegal seek"},
- {30, "EROFS", "read-only file system"},
- {31, "EMLINK", "too many links"},
- {32, "EPIPE", "broken pipe"},
- {33, "EDOM", "numerical argument out of domain"},
- {34, "ERANGE", "result too large"},
- {35, "EAGAIN", "resource temporarily unavailable"},
- {36, "EINPROGRESS", "operation now in progress"},
- {37, "EALREADY", "operation already in progress"},
- {38, "ENOTSOCK", "socket operation on non-socket"},
- {39, "EDESTADDRREQ", "destination address required"},
- {40, "EMSGSIZE", "message too long"},
- {41, "EPROTOTYPE", "protocol wrong type for socket"},
- {42, "ENOPROTOOPT", "protocol not available"},
- {43, "EPROTONOSUPPORT", "protocol not supported"},
- {44, "ESOCKTNOSUPPORT", "socket type not supported"},
- {45, "ENOTSUP", "operation not supported"},
- {46, "EPFNOSUPPORT", "protocol family not supported"},
- {47, "EAFNOSUPPORT", "address family not supported by protocol family"},
- {48, "EADDRINUSE", "address already in use"},
- {49, "EADDRNOTAVAIL", "can't assign requested address"},
- {50, "ENETDOWN", "network is down"},
- {51, "ENETUNREACH", "network is unreachable"},
- {52, "ENETRESET", "network dropped connection on reset"},
- {53, "ECONNABORTED", "software caused connection abort"},
- {54, "ECONNRESET", "connection reset by peer"},
- {55, "ENOBUFS", "no buffer space available"},
- {56, "EISCONN", "socket is already connected"},
- {57, "ENOTCONN", "socket is not connected"},
- {58, "ESHUTDOWN", "can't send after socket shutdown"},
- {59, "ETOOMANYREFS", "too many references: can't splice"},
- {60, "ETIMEDOUT", "operation timed out"},
- {61, "ECONNREFUSED", "connection refused"},
- {62, "ELOOP", "too many levels of symbolic links"},
- {63, "ENAMETOOLONG", "file name too long"},
- {64, "EHOSTDOWN", "host is down"},
- {65, "EHOSTUNREACH", "no route to host"},
- {66, "ENOTEMPTY", "directory not empty"},
- {67, "EPROCLIM", "too many processes"},
- {68, "EUSERS", "too many users"},
- {69, "EDQUOT", "disc quota exceeded"},
- {70, "ESTALE", "stale NFS file handle"},
- {71, "EREMOTE", "too many levels of remote in path"},
- {72, "EBADRPC", "RPC struct is bad"},
- {73, "ERPCMISMATCH", "RPC version wrong"},
- {74, "EPROGUNAVAIL", "RPC prog. not avail"},
- {75, "EPROGMISMATCH", "program version wrong"},
- {76, "EPROCUNAVAIL", "bad procedure for program"},
- {77, "ENOLCK", "no locks available"},
- {78, "ENOSYS", "function not implemented"},
- {79, "EFTYPE", "inappropriate file type or format"},
- {80, "EAUTH", "authentication error"},
- {81, "ENEEDAUTH", "need authenticator"},
- {82, "EPWROFF", "device power is off"},
- {83, "EDEVERR", "device error"},
- {84, "EOVERFLOW", "value too large to be stored in data type"},
- {85, "EBADEXEC", "bad executable (or shared library)"},
- {86, "EBADARCH", "bad CPU type in executable"},
- {87, "ESHLIBVERS", "shared library version mismatch"},
- {88, "EBADMACHO", "malformed Mach-o file"},
- {89, "ECANCELED", "operation canceled"},
- {90, "EIDRM", "identifier removed"},
- {91, "ENOMSG", "no message of desired type"},
- {92, "EILSEQ", "illegal byte sequence"},
- {93, "ENOATTR", "attribute not found"},
- {94, "EBADMSG", "bad message"},
- {95, "EMULTIHOP", "EMULTIHOP (Reserved)"},
- {96, "ENODATA", "no message available on STREAM"},
- {97, "ENOLINK", "ENOLINK (Reserved)"},
- {98, "ENOSR", "no STREAM resources"},
- {99, "ENOSTR", "not a STREAM"},
- {100, "EPROTO", "protocol error"},
- {101, "ETIME", "STREAM ioctl timeout"},
- {102, "EOPNOTSUPP", "operation not supported on socket"},
- {103, "ENOPOLICY", "policy not found"},
- {104, "ENOTRECOVERABLE", "state not recoverable"},
- {105, "EOWNERDEAD", "previous owner died"},
- {106, "EQFULL", "interface output queue is full"},
-}
-
-// Signal table
-var signalList = [...]struct {
- num syscall.Signal
- name string
- desc string
-}{
- {1, "SIGHUP", "hangup"},
- {2, "SIGINT", "interrupt"},
- {3, "SIGQUIT", "quit"},
- {4, "SIGILL", "illegal instruction"},
- {5, "SIGTRAP", "trace/BPT trap"},
- {6, "SIGABRT", "abort trap"},
- {7, "SIGEMT", "EMT trap"},
- {8, "SIGFPE", "floating point exception"},
- {9, "SIGKILL", "killed"},
- {10, "SIGBUS", "bus error"},
- {11, "SIGSEGV", "segmentation fault"},
- {12, "SIGSYS", "bad system call"},
- {13, "SIGPIPE", "broken pipe"},
- {14, "SIGALRM", "alarm clock"},
- {15, "SIGTERM", "terminated"},
- {16, "SIGURG", "urgent I/O condition"},
- {17, "SIGSTOP", "suspended (signal)"},
- {18, "SIGTSTP", "suspended"},
- {19, "SIGCONT", "continued"},
- {20, "SIGCHLD", "child exited"},
- {21, "SIGTTIN", "stopped (tty input)"},
- {22, "SIGTTOU", "stopped (tty output)"},
- {23, "SIGIO", "I/O possible"},
- {24, "SIGXCPU", "cputime limit exceeded"},
- {25, "SIGXFSZ", "filesize limit exceeded"},
- {26, "SIGVTALRM", "virtual timer expired"},
- {27, "SIGPROF", "profiling timer expired"},
- {28, "SIGWINCH", "window size changes"},
- {29, "SIGINFO", "information request"},
- {30, "SIGUSR1", "user defined signal 1"},
- {31, "SIGUSR2", "user defined signal 2"},
-}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
index b40fb1f6..e644eaf5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && darwin
// +build arm64,darwin
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -32,7 +33,7 @@ const (
AF_LAT = 0xe
AF_LINK = 0x12
AF_LOCAL = 0x1
- AF_MAX = 0x28
+ AF_MAX = 0x29
AF_NATM = 0x1f
AF_NDRV = 0x1b
AF_NETBIOS = 0x21
@@ -49,6 +50,7 @@ const (
AF_UNIX = 0x1
AF_UNSPEC = 0x0
AF_UTUN = 0x26
+ AF_VSOCK = 0x28
ALTWERASE = 0x200
ATTR_BIT_MAP_COUNT = 0x5
ATTR_CMN_ACCESSMASK = 0x20000
@@ -83,7 +85,7 @@ const (
ATTR_CMN_PAROBJID = 0x80
ATTR_CMN_RETURNED_ATTRS = 0x80000000
ATTR_CMN_SCRIPT = 0x100
- ATTR_CMN_SETMASK = 0x41c7ff00
+ ATTR_CMN_SETMASK = 0x51c7ff00
ATTR_CMN_USERACCESS = 0x200000
ATTR_CMN_UUID = 0x800000
ATTR_CMN_VALIDMASK = 0xffffffff
@@ -357,7 +359,7 @@ const (
DLT_LINUX_SLL = 0x71
DLT_LOOP = 0x6c
DLT_LTALK = 0x72
- DLT_MATCHING_MAX = 0xf5
+ DLT_MATCHING_MAX = 0x10a
DLT_MATCHING_MIN = 0x68
DLT_MFR = 0xb6
DLT_MOST = 0xd3
@@ -398,6 +400,7 @@ const (
DLT_SYMANTEC_FIREWALL = 0x63
DLT_TZSP = 0x80
DLT_USB = 0xba
+ DLT_USB_DARWIN = 0x10a
DLT_USB_LINUX = 0xbd
DLT_USB_LINUX_MMAPPED = 0xdc
DLT_USER0 = 0x93
@@ -442,8 +445,8 @@ const (
EVFILT_PROC = -0x5
EVFILT_READ = -0x1
EVFILT_SIGNAL = -0x6
- EVFILT_SYSCOUNT = 0xf
- EVFILT_THREADMARKER = 0xf
+ EVFILT_SYSCOUNT = 0x11
+ EVFILT_THREADMARKER = 0x11
EVFILT_TIMER = -0x7
EVFILT_USER = -0xa
EVFILT_VM = -0xc
@@ -481,9 +484,12 @@ const (
FSOPT_NOINMEMUPDATE = 0x2
FSOPT_PACK_INVAL_ATTRS = 0x8
FSOPT_REPORT_FULLSIZE = 0x4
+ FSOPT_RETURN_REALDEV = 0x200
F_ADDFILESIGS = 0x3d
F_ADDFILESIGS_FOR_DYLD_SIM = 0x53
+ F_ADDFILESIGS_INFO = 0x67
F_ADDFILESIGS_RETURN = 0x61
+ F_ADDFILESUPPL = 0x68
F_ADDSIGS = 0x3b
F_ALLOCATEALL = 0x4
F_ALLOCATECONTIG = 0x2
@@ -505,8 +511,10 @@ const (
F_GETOWN = 0x5
F_GETPATH = 0x32
F_GETPATH_MTMINFO = 0x47
+ F_GETPATH_NOFIRMLINK = 0x66
F_GETPROTECTIONCLASS = 0x3f
F_GETPROTECTIONLEVEL = 0x4d
+ F_GETSIGSINFO = 0x69
F_GLOBAL_NOCACHE = 0x37
F_LOG2PHYS = 0x31
F_LOG2PHYS_EXT = 0x41
@@ -531,6 +539,7 @@ const (
F_SETPROTECTIONCLASS = 0x40
F_SETSIZE = 0x2b
F_SINGLE_WRITER = 0x4c
+ F_SPECULATIVE_READ = 0x65
F_THAW_FS = 0x36
F_TRANSCODEKEY = 0x4b
F_TRIM_ACTIVE_FILE = 0x64
@@ -562,6 +571,7 @@ const (
IFF_UP = 0x1
IFNAMSIZ = 0x10
IFT_1822 = 0x2
+ IFT_6LOWPAN = 0x40
IFT_AAL5 = 0x31
IFT_ARCNET = 0x23
IFT_ARCNETPLUS = 0x24
@@ -766,16 +776,28 @@ const (
IPV6_2292PKTINFO = 0x13
IPV6_2292PKTOPTIONS = 0x19
IPV6_2292RTHDR = 0x18
+ IPV6_3542DSTOPTS = 0x32
+ IPV6_3542HOPLIMIT = 0x2f
+ IPV6_3542HOPOPTS = 0x31
+ IPV6_3542NEXTHOP = 0x30
+ IPV6_3542PKTINFO = 0x2e
+ IPV6_3542RTHDR = 0x33
+ IPV6_ADDR_MC_FLAGS_PREFIX = 0x20
+ IPV6_ADDR_MC_FLAGS_TRANSIENT = 0x10
+ IPV6_ADDR_MC_FLAGS_UNICAST_BASED = 0x30
+ IPV6_AUTOFLOWLABEL = 0x3b
IPV6_BINDV6ONLY = 0x1b
IPV6_BOUND_IF = 0x7d
IPV6_CHECKSUM = 0x1a
IPV6_DEFAULT_MULTICAST_HOPS = 0x1
IPV6_DEFAULT_MULTICAST_LOOP = 0x1
IPV6_DEFHLIM = 0x40
+ IPV6_DONTFRAG = 0x3e
+ IPV6_DSTOPTS = 0x32
IPV6_FAITH = 0x1d
IPV6_FLOWINFO_MASK = 0xffffff0f
IPV6_FLOWLABEL_MASK = 0xffff0f00
- IPV6_FLOW_ECN_MASK = 0x300
+ IPV6_FLOW_ECN_MASK = 0x3000
IPV6_FRAGTTL = 0x3c
IPV6_FW_ADD = 0x1e
IPV6_FW_DEL = 0x1f
@@ -783,6 +805,8 @@ const (
IPV6_FW_GET = 0x22
IPV6_FW_ZERO = 0x21
IPV6_HLIMDEC = 0x1
+ IPV6_HOPLIMIT = 0x2f
+ IPV6_HOPOPTS = 0x31
IPV6_IPSEC_POLICY = 0x1c
IPV6_JOIN_GROUP = 0xc
IPV6_LEAVE_GROUP = 0xd
@@ -794,20 +818,34 @@ const (
IPV6_MAX_SOCK_SRC_FILTER = 0x80
IPV6_MIN_MEMBERSHIPS = 0x1f
IPV6_MMTU = 0x500
+ IPV6_MSFILTER = 0x4a
IPV6_MULTICAST_HOPS = 0xa
IPV6_MULTICAST_IF = 0x9
IPV6_MULTICAST_LOOP = 0xb
+ IPV6_NEXTHOP = 0x30
+ IPV6_PATHMTU = 0x2c
+ IPV6_PKTINFO = 0x2e
IPV6_PORTRANGE = 0xe
IPV6_PORTRANGE_DEFAULT = 0x0
IPV6_PORTRANGE_HIGH = 0x1
IPV6_PORTRANGE_LOW = 0x2
+ IPV6_PREFER_TEMPADDR = 0x3f
+ IPV6_RECVDSTOPTS = 0x28
+ IPV6_RECVHOPLIMIT = 0x25
+ IPV6_RECVHOPOPTS = 0x27
+ IPV6_RECVPATHMTU = 0x2b
+ IPV6_RECVPKTINFO = 0x3d
+ IPV6_RECVRTHDR = 0x26
IPV6_RECVTCLASS = 0x23
+ IPV6_RTHDR = 0x33
+ IPV6_RTHDRDSTOPTS = 0x39
IPV6_RTHDR_LOOSE = 0x0
IPV6_RTHDR_STRICT = 0x1
IPV6_RTHDR_TYPE_0 = 0x0
IPV6_SOCKOPT_RESERVED1 = 0x3
IPV6_TCLASS = 0x24
IPV6_UNICAST_HOPS = 0x4
+ IPV6_USE_MIN_MTU = 0x2a
IPV6_V6ONLY = 0x1b
IPV6_VERSION = 0x60
IPV6_VERSION_MASK = 0xf0
@@ -818,6 +856,7 @@ const (
IP_DEFAULT_MULTICAST_LOOP = 0x1
IP_DEFAULT_MULTICAST_TTL = 0x1
IP_DF = 0x4000
+ IP_DONTFRAG = 0x1c
IP_DROP_MEMBERSHIP = 0xd
IP_DROP_SOURCE_MEMBERSHIP = 0x47
IP_DUMMYNET_CONFIGURE = 0x3c
@@ -889,6 +928,12 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_PEERCRED = 0x1
+ LOCAL_PEEREPID = 0x3
+ LOCAL_PEEREUUID = 0x5
+ LOCAL_PEERPID = 0x2
+ LOCAL_PEERTOKEN = 0x6
+ LOCAL_PEERUUID = 0x4
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -904,6 +949,7 @@ const (
MADV_SEQUENTIAL = 0x2
MADV_WILLNEED = 0x3
MADV_ZERO_WIRED_PAGES = 0x6
+ MAP_32BIT = 0x8000
MAP_ANON = 0x1000
MAP_ANONYMOUS = 0x1000
MAP_COPY = 0x2
@@ -920,6 +966,17 @@ const (
MAP_RESILIENT_CODESIGN = 0x2000
MAP_RESILIENT_MEDIA = 0x4000
MAP_SHARED = 0x1
+ MAP_TRANSLATED_ALLOW_EXECUTE = 0x20000
+ MAP_UNIX03 = 0x40000
+ MCAST_BLOCK_SOURCE = 0x54
+ MCAST_EXCLUDE = 0x2
+ MCAST_INCLUDE = 0x1
+ MCAST_JOIN_GROUP = 0x50
+ MCAST_JOIN_SOURCE_GROUP = 0x52
+ MCAST_LEAVE_GROUP = 0x51
+ MCAST_LEAVE_SOURCE_GROUP = 0x53
+ MCAST_UNBLOCK_SOURCE = 0x55
+ MCAST_UNDEFINED = 0x0
MCL_CURRENT = 0x1
MCL_FUTURE = 0x2
MNT_ASYNC = 0x40
@@ -931,6 +988,7 @@ const (
MNT_DOVOLFS = 0x8000
MNT_DWAIT = 0x4
MNT_EXPORTED = 0x100
+ MNT_EXT_ROOT_DATA_VOL = 0x1
MNT_FORCE = 0x80000
MNT_IGNORE_OWNERSHIP = 0x200000
MNT_JOURNALED = 0x800000
@@ -947,12 +1005,15 @@ const (
MNT_QUOTA = 0x2000
MNT_RDONLY = 0x1
MNT_RELOAD = 0x40000
+ MNT_REMOVABLE = 0x200
MNT_ROOTFS = 0x4000
+ MNT_SNAPSHOT = 0x40000000
+ MNT_STRICTATIME = 0x80000000
MNT_SYNCHRONOUS = 0x2
MNT_UNION = 0x20
MNT_UNKNOWNPERMISSIONS = 0x200000
MNT_UPDATE = 0x10000
- MNT_VISFLAGMASK = 0x17f0f5ff
+ MNT_VISFLAGMASK = 0xd7f0f7ff
MNT_WAIT = 0x1
MSG_CTRUNC = 0x20
MSG_DONTROUTE = 0x4
@@ -963,6 +1024,7 @@ const (
MSG_HAVEMORE = 0x2000
MSG_HOLD = 0x800
MSG_NEEDSA = 0x10000
+ MSG_NOSIGNAL = 0x80000
MSG_OOB = 0x1
MSG_PEEK = 0x2
MSG_RCVMORE = 0x4000
@@ -979,9 +1041,10 @@ const (
NET_RT_DUMP = 0x1
NET_RT_DUMP2 = 0x7
NET_RT_FLAGS = 0x2
+ NET_RT_FLAGS_PRIV = 0xa
NET_RT_IFLIST = 0x3
NET_RT_IFLIST2 = 0x6
- NET_RT_MAXID = 0xa
+ NET_RT_MAXID = 0xb
NET_RT_STAT = 0x4
NET_RT_TRASH = 0x5
NFDBITS = 0x20
@@ -1019,6 +1082,7 @@ const (
NOTE_LEEWAY = 0x10
NOTE_LINK = 0x10
NOTE_LOWAT = 0x1
+ NOTE_MACHTIME = 0x100
NOTE_MACH_CONTINUOUS_TIME = 0x80
NOTE_NONE = 0x80
NOTE_NSECONDS = 0x4
@@ -1065,6 +1129,7 @@ const (
O_NDELAY = 0x4
O_NOCTTY = 0x20000
O_NOFOLLOW = 0x100
+ O_NOFOLLOW_ANY = 0x20000000
O_NONBLOCK = 0x4
O_POPUP = 0x80000000
O_RDONLY = 0x0
@@ -1136,6 +1201,7 @@ const (
RTF_BROADCAST = 0x400000
RTF_CLONING = 0x100
RTF_CONDEMNED = 0x2000000
+ RTF_DEAD = 0x20000000
RTF_DELCLONE = 0x80
RTF_DONE = 0x40
RTF_DYNAMIC = 0x10
@@ -1143,6 +1209,7 @@ const (
RTF_HOST = 0x4
RTF_IFREF = 0x4000000
RTF_IFSCOPE = 0x1000000
+ RTF_LLDATA = 0x400
RTF_LLINFO = 0x400
RTF_LOCAL = 0x200000
RTF_MODIFIED = 0x20
@@ -1210,6 +1277,7 @@ const (
SIOCGDRVSPEC = 0xc028697b
SIOCGETVLAN = 0xc020697f
SIOCGHIWAT = 0x40047301
+ SIOCGIF6LOWPAN = 0xc02069c5
SIOCGIFADDR = 0xc0206921
SIOCGIFALTMTU = 0xc0206948
SIOCGIFASYNCMAP = 0xc020697c
@@ -1220,6 +1288,7 @@ const (
SIOCGIFDEVMTU = 0xc0206944
SIOCGIFDSTADDR = 0xc0206922
SIOCGIFFLAGS = 0xc0206911
+ SIOCGIFFUNCTIONALTYPE = 0xc02069ad
SIOCGIFGENERIC = 0xc020693a
SIOCGIFKPI = 0xc0206987
SIOCGIFMAC = 0xc0206982
@@ -1233,6 +1302,7 @@ const (
SIOCGIFSTATUS = 0xc331693d
SIOCGIFVLAN = 0xc020697f
SIOCGIFWAKEFLAGS = 0xc0206988
+ SIOCGIFXMEDIA = 0xc02c6948
SIOCGLOWAT = 0x40047303
SIOCGPGRP = 0x40047309
SIOCIFCREATE = 0xc0206978
@@ -1243,6 +1313,7 @@ const (
SIOCSDRVSPEC = 0x8028697b
SIOCSETVLAN = 0x8020697e
SIOCSHIWAT = 0x80047300
+ SIOCSIF6LOWPAN = 0x802069c4
SIOCSIFADDR = 0x8020690c
SIOCSIFALTMTU = 0x80206945
SIOCSIFASYNCMAP = 0x8020697d
@@ -1270,6 +1341,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
index f5e91b7a..17bba0e4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && dragonfly
// +build amd64,dragonfly
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
index 3689c808..9c7c5e16 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m32
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && freebsd
// +build 386,freebsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -997,6 +998,11 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_CONNWAIT = 0x4
+ LOCAL_CREDS = 0x2
+ LOCAL_CREDS_PERSISTENT = 0x3
+ LOCAL_PEERCRED = 0x1
+ LOCAL_VENDOR = 0x80000000
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -1375,6 +1381,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
index b8f7c3c9..b265abb2 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && freebsd
// +build amd64,freebsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -997,6 +998,11 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_CONNWAIT = 0x4
+ LOCAL_CREDS = 0x2
+ LOCAL_CREDS_PERSISTENT = 0x3
+ LOCAL_PEERCRED = 0x1
+ LOCAL_VENDOR = 0x80000000
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -1376,6 +1382,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
index be14bb1a..3df99f28 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
@@ -1,6 +1,7 @@
// mkerrors.sh
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && freebsd
// +build arm,freebsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -980,6 +981,11 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_CONNWAIT = 0x4
+ LOCAL_CREDS = 0x2
+ LOCAL_CREDS_PERSISTENT = 0x3
+ LOCAL_PEERCRED = 0x1
+ LOCAL_VENDOR = 0x80000000
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -1016,6 +1022,15 @@ const (
MAP_RESERVED0100 = 0x100
MAP_SHARED = 0x1
MAP_STACK = 0x400
+ MCAST_BLOCK_SOURCE = 0x54
+ MCAST_EXCLUDE = 0x2
+ MCAST_INCLUDE = 0x1
+ MCAST_JOIN_GROUP = 0x50
+ MCAST_JOIN_SOURCE_GROUP = 0x52
+ MCAST_LEAVE_GROUP = 0x51
+ MCAST_LEAVE_SOURCE_GROUP = 0x53
+ MCAST_UNBLOCK_SOURCE = 0x55
+ MCAST_UNDEFINED = 0x0
MCL_CURRENT = 0x1
MCL_FUTURE = 0x2
MNT_ACLS = 0x8000000
@@ -1341,6 +1356,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
index 7ce9c008..218d3990 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && freebsd
// +build arm64,freebsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -997,6 +998,11 @@ const (
KERN_OSRELEASE = 0x2
KERN_OSTYPE = 0x1
KERN_VERSION = 0x4
+ LOCAL_CONNWAIT = 0x4
+ LOCAL_CREDS = 0x2
+ LOCAL_CREDS_PERSISTENT = 0x3
+ LOCAL_PEERCRED = 0x1
+ LOCAL_VENDOR = 0x80000000
LOCK_EX = 0x2
LOCK_NB = 0x4
LOCK_SH = 0x1
@@ -1376,6 +1382,7 @@ const (
SOCK_RDM = 0x4
SOCK_SEQPACKET = 0x5
SOCK_STREAM = 0x1
+ SOL_LOCAL = 0x0
SOL_SOCKET = 0xffff
SOMAXCONN = 0x80
SO_ACCEPTCONN = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index b3463a8b..47572aaa 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -1,5 +1,6 @@
// Code generated by mkmerge.go; DO NOT EDIT.
+//go:build linux
// +build linux
package unix
@@ -165,13 +166,16 @@ const (
BPF_ALU64 = 0x7
BPF_AND = 0x50
BPF_ARSH = 0xc0
+ BPF_ATOMIC = 0xc0
BPF_B = 0x10
BPF_BUILD_ID_SIZE = 0x14
BPF_CALL = 0x80
+ BPF_CMPXCHG = 0xf1
BPF_DIV = 0x30
BPF_DW = 0x18
BPF_END = 0xd0
BPF_EXIT = 0x90
+ BPF_FETCH = 0x1
BPF_FROM_BE = 0x8
BPF_FROM_LE = 0x0
BPF_FS_MAGIC = 0xcafe4a11
@@ -239,11 +243,16 @@ const (
BPF_W = 0x0
BPF_X = 0x8
BPF_XADD = 0xc0
+ BPF_XCHG = 0xe1
BPF_XOR = 0xa0
BRKINT = 0x2
BS0 = 0x0
BTRFS_SUPER_MAGIC = 0x9123683e
BTRFS_TEST_MAGIC = 0x73727279
+ BUS_BLUETOOTH = 0x5
+ BUS_HIL = 0x4
+ BUS_USB = 0x3
+ BUS_VIRTUAL = 0x6
CAN_BCM = 0x2
CAN_EFF_FLAG = 0x80000000
CAN_EFF_ID_BITS = 0x1d
@@ -313,6 +322,7 @@ const (
CAN_J1939 = 0x7
CAN_MAX_DLC = 0x8
CAN_MAX_DLEN = 0x8
+ CAN_MAX_RAW_DLC = 0xf
CAN_MCNET = 0x5
CAN_MTU = 0x10
CAN_NPROTO = 0x8
@@ -484,9 +494,9 @@ const (
DM_UUID_FLAG = 0x4000
DM_UUID_LEN = 0x81
DM_VERSION = 0xc138fd00
- DM_VERSION_EXTRA = "-ioctl (2020-10-01)"
+ DM_VERSION_EXTRA = "-ioctl (2021-02-01)"
DM_VERSION_MAJOR = 0x4
- DM_VERSION_MINOR = 0x2b
+ DM_VERSION_MINOR = 0x2c
DM_VERSION_PATCHLEVEL = 0x0
DT_BLK = 0x6
DT_CHR = 0x2
@@ -664,6 +674,7 @@ const (
ETH_P_CAIF = 0xf7
ETH_P_CAN = 0xc
ETH_P_CANFD = 0xd
+ ETH_P_CFM = 0x8902
ETH_P_CONTROL = 0x16
ETH_P_CUST = 0x6006
ETH_P_DDCMP = 0x6
@@ -834,7 +845,6 @@ const (
FSCRYPT_POLICY_FLAGS_PAD_4 = 0x0
FSCRYPT_POLICY_FLAGS_PAD_8 = 0x1
FSCRYPT_POLICY_FLAGS_PAD_MASK = 0x3
- FSCRYPT_POLICY_FLAGS_VALID = 0x1f
FSCRYPT_POLICY_FLAG_DIRECT_KEY = 0x4
FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 = 0x10
FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64 = 0x8
@@ -854,6 +864,7 @@ const (
FS_IOC_GET_ENCRYPTION_KEY_STATUS = 0xc080661a
FS_IOC_GET_ENCRYPTION_POLICY_EX = 0xc0096616
FS_IOC_MEASURE_VERITY = 0xc0046686
+ FS_IOC_READ_VERITY_METADATA = 0xc0286687
FS_IOC_REMOVE_ENCRYPTION_KEY = 0xc0406618
FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS = 0xc0406619
FS_KEY_DESCRIPTOR_SIZE = 0x8
@@ -865,10 +876,13 @@ const (
FS_POLICY_FLAGS_PAD_4 = 0x0
FS_POLICY_FLAGS_PAD_8 = 0x1
FS_POLICY_FLAGS_PAD_MASK = 0x3
- FS_POLICY_FLAGS_VALID = 0x1f
+ FS_POLICY_FLAGS_VALID = 0x7
FS_VERITY_FL = 0x100000
FS_VERITY_HASH_ALG_SHA256 = 0x1
FS_VERITY_HASH_ALG_SHA512 = 0x2
+ FS_VERITY_METADATA_TYPE_DESCRIPTOR = 0x2
+ FS_VERITY_METADATA_TYPE_MERKLE_TREE = 0x1
+ FS_VERITY_METADATA_TYPE_SIGNATURE = 0x3
FUTEXFS_SUPER_MAGIC = 0xbad1dea
F_ADD_SEALS = 0x409
F_DUPFD = 0x0
@@ -962,11 +976,17 @@ const (
HDIO_SET_XFER = 0x306
HDIO_TRISTATE_HWIF = 0x31b
HDIO_UNREGISTER_HWIF = 0x32a
+ HID_MAX_DESCRIPTOR_SIZE = 0x1000
HOSTFS_SUPER_MAGIC = 0xc0ffee
HPFS_SUPER_MAGIC = 0xf995e849
HUGETLBFS_MAGIC = 0x958458f6
IBSHIFT = 0x10
ICMPV6_FILTER = 0x1
+ ICMPV6_FILTER_BLOCK = 0x1
+ ICMPV6_FILTER_BLOCKOTHERS = 0x3
+ ICMPV6_FILTER_PASS = 0x2
+ ICMPV6_FILTER_PASSONLY = 0x4
+ ICMP_FILTER = 0x1
ICRNL = 0x100
IFA_F_DADFAILED = 0x8
IFA_F_DEPRECATED = 0x20
@@ -1138,6 +1158,7 @@ const (
IPV6_PMTUDISC_WANT = 0x1
IPV6_RECVDSTOPTS = 0x3a
IPV6_RECVERR = 0x19
+ IPV6_RECVERR_RFC4884 = 0x1f
IPV6_RECVFRAGSIZE = 0x4d
IPV6_RECVHOPLIMIT = 0x33
IPV6_RECVHOPOPTS = 0x35
@@ -1202,6 +1223,7 @@ const (
IP_PMTUDISC_PROBE = 0x3
IP_PMTUDISC_WANT = 0x1
IP_RECVERR = 0xb
+ IP_RECVERR_RFC4884 = 0x1a
IP_RECVFRAGSIZE = 0x19
IP_RECVOPTS = 0x6
IP_RECVORIGDSTADDR = 0x14
@@ -1659,6 +1681,10 @@ const (
PERF_FLAG_PID_CGROUP = 0x4
PERF_MAX_CONTEXTS_PER_STACK = 0x8
PERF_MAX_STACK_DEPTH = 0x7f
+ PERF_MEM_BLK_ADDR = 0x4
+ PERF_MEM_BLK_DATA = 0x2
+ PERF_MEM_BLK_NA = 0x1
+ PERF_MEM_BLK_SHIFT = 0x28
PERF_MEM_LOCK_LOCKED = 0x2
PERF_MEM_LOCK_NA = 0x1
PERF_MEM_LOCK_SHIFT = 0x18
@@ -1722,12 +1748,14 @@ const (
PERF_RECORD_MISC_GUEST_USER = 0x5
PERF_RECORD_MISC_HYPERVISOR = 0x3
PERF_RECORD_MISC_KERNEL = 0x1
+ PERF_RECORD_MISC_MMAP_BUILD_ID = 0x4000
PERF_RECORD_MISC_MMAP_DATA = 0x2000
PERF_RECORD_MISC_PROC_MAP_PARSE_TIMEOUT = 0x1000
PERF_RECORD_MISC_SWITCH_OUT = 0x2000
PERF_RECORD_MISC_SWITCH_OUT_PREEMPT = 0x4000
PERF_RECORD_MISC_USER = 0x2
PERF_SAMPLE_BRANCH_PLM_ALL = 0x7
+ PERF_SAMPLE_WEIGHT_TYPE = 0x1004000
PIPEFS_MAGIC = 0x50495045
PPC_CMM_MAGIC = 0xc7571590
PPPIOCGNPMODE = 0xc008744c
@@ -1840,6 +1868,7 @@ const (
PR_SET_SECCOMP = 0x16
PR_SET_SECUREBITS = 0x1c
PR_SET_SPECULATION_CTRL = 0x35
+ PR_SET_SYSCALL_USER_DISPATCH = 0x3b
PR_SET_TAGGED_ADDR_CTRL = 0x37
PR_SET_THP_DISABLE = 0x29
PR_SET_TIMERSLACK = 0x1d
@@ -1859,6 +1888,8 @@ const (
PR_SVE_SET_VL_ONEXEC = 0x40000
PR_SVE_VL_INHERIT = 0x20000
PR_SVE_VL_LEN_MASK = 0xffff
+ PR_SYS_DISPATCH_OFF = 0x0
+ PR_SYS_DISPATCH_ON = 0x1
PR_TAGGED_ADDR_ENABLE = 0x1
PR_TASK_PERF_EVENTS_DISABLE = 0x1f
PR_TASK_PERF_EVENTS_ENABLE = 0x20
@@ -1978,6 +2009,10 @@ const (
RTCF_NAT = 0x800000
RTCF_VALVE = 0x200000
RTC_AF = 0x20
+ RTC_FEATURE_ALARM = 0x0
+ RTC_FEATURE_ALARM_RES_MINUTE = 0x1
+ RTC_FEATURE_CNT = 0x3
+ RTC_FEATURE_NEED_WEEK_DAY = 0x2
RTC_IRQF = 0x80
RTC_MAX_FREQ = 0x2000
RTC_PF = 0x40
@@ -2051,6 +2086,7 @@ const (
RTM_F_LOOKUP_TABLE = 0x1000
RTM_F_NOTIFY = 0x100
RTM_F_OFFLOAD = 0x4000
+ RTM_F_OFFLOAD_FAILED = 0x20000000
RTM_F_PREFIX = 0x800
RTM_F_TRAP = 0x8000
RTM_GETACTION = 0x32
@@ -2104,12 +2140,13 @@ const (
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
RTNH_ALIGNTO = 0x4
- RTNH_COMPARE_MASK = 0x19
+ RTNH_COMPARE_MASK = 0x59
RTNH_F_DEAD = 0x1
RTNH_F_LINKDOWN = 0x10
RTNH_F_OFFLOAD = 0x8
RTNH_F_ONLINK = 0x4
RTNH_F_PERVASIVE = 0x2
+ RTNH_F_TRAP = 0x40
RTNH_F_UNRESOLVED = 0x20
RTN_MAX = 0xb
RTPROT_BABEL = 0x2a
@@ -2580,6 +2617,7 @@ const (
VMADDR_CID_HOST = 0x2
VMADDR_CID_HYPERVISOR = 0x0
VMADDR_CID_LOCAL = 0x1
+ VMADDR_FLAG_TO_HOST = 0x1
VMADDR_PORT_ANY = 0xffffffff
VM_SOCKETS_INVALID_VERSION = 0xffffffff
VQUIT = 0x1
@@ -2727,6 +2765,9 @@ const (
Z3FOLD_MAGIC = 0x33
ZONEFS_MAGIC = 0x5a4f4653
ZSMALLOC_MAGIC = 0x58295829
+ _HIDIOCGRAWNAME_LEN = 0x80
+ _HIDIOCGRAWPHYS_LEN = 0x40
+ _HIDIOCGRAWUNIQ_LEN = 0x40
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 336e0b32..e91a1a95 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include -m32
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && linux
// +build 386,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -93,6 +94,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -165,6 +169,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -192,6 +197,7 @@ const (
PPPIOCSPASS = 0x40087447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffff
PTRACE_GETFPREGS = 0xe
@@ -268,6 +274,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -290,6 +297,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -481,6 +489,9 @@ const (
X86_FXSR_MAGIC = 0x0
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 961507e9..a9cbac64 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && linux
// +build amd64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -93,6 +94,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -165,6 +169,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -192,6 +197,7 @@ const (
PPPIOCSPASS = 0x40107447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_ARCH_PRCTL = 0x1e
@@ -269,6 +275,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -291,6 +298,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -481,6 +489,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index a65576db..d74f3c15 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && linux
// +build arm,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x40087447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffff
PTRACE_GETCRUNCHREGS = 0x19
@@ -275,6 +281,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -297,6 +304,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -487,6 +495,9 @@ const (
WORDSIZE = 0x20
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index cf075caa..e1538995 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include -fsigned-char
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && linux
// +build arm64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -95,6 +96,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -166,6 +170,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -193,8 +198,10 @@ const (
PPPIOCSPASS = 0x40107447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PROT_BTI = 0x10
+ PROT_MTE = 0x20
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_PEEKMTETAGS = 0x21
PTRACE_POKEMTETAGS = 0x22
@@ -264,6 +271,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -286,6 +294,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -477,6 +486,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index efe90dee..5e8e71ff 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips && linux
// +build mips,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x18
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x100
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x80087447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffff
PTRACE_GETFPREGS = 0xe
@@ -268,6 +274,7 @@ const (
SO_BROADCAST = 0x20
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -290,6 +297,7 @@ const (
SO_PEERCRED = 0x12
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1e
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x1028
SO_RCVBUF = 0x1002
SO_RCVBUFFORCE = 0x21
@@ -483,6 +491,9 @@ const (
WORDSIZE = 0x20
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 8b0e8911..e670ee14 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && linux
// +build mips64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x18
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x100
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x80107447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_GETFPREGS = 0xe
@@ -268,6 +274,7 @@ const (
SO_BROADCAST = 0x20
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -290,6 +297,7 @@ const (
SO_PEERCRED = 0x12
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1e
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x1028
SO_RCVBUF = 0x1002
SO_RCVBUFFORCE = 0x21
@@ -483,6 +491,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index e9430cd1..dd11eacb 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64le && linux
// +build mips64le,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x18
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x100
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x80107447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_GETFPREGS = 0xe
@@ -268,6 +274,7 @@ const (
SO_BROADCAST = 0x20
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -290,6 +297,7 @@ const (
SO_PEERCRED = 0x12
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1e
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x1028
SO_RCVBUF = 0x1002
SO_RCVBUFFORCE = 0x21
@@ -483,6 +491,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 61e4f5db..a0a5b22a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mipsle && linux
// +build mipsle,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x18
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x100
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x80087447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffff
PTRACE_GETFPREGS = 0xe
@@ -268,6 +274,7 @@ const (
SO_BROADCAST = 0x20
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -290,6 +297,7 @@ const (
SO_PEERCRED = 0x12
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1e
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x1028
SO_RCVBUF = 0x1002
SO_RCVBUFFORCE = 0x21
@@ -483,6 +491,9 @@ const (
WORDSIZE = 0x20
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
new file mode 100644
index 00000000..d9530e5f
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -0,0 +1,860 @@
+// mkerrors.sh -Wall -Werror -static -I/tmp/include
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build ppc && linux
+// +build ppc,linux
+
+// Code generated by cmd/cgo -godefs; DO NOT EDIT.
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/_const.go
+
+package unix
+
+import "syscall"
+
+const (
+ B1000000 = 0x17
+ B115200 = 0x11
+ B1152000 = 0x18
+ B1500000 = 0x19
+ B2000000 = 0x1a
+ B230400 = 0x12
+ B2500000 = 0x1b
+ B3000000 = 0x1c
+ B3500000 = 0x1d
+ B4000000 = 0x1e
+ B460800 = 0x13
+ B500000 = 0x14
+ B57600 = 0x10
+ B576000 = 0x15
+ B921600 = 0x16
+ BLKBSZGET = 0x40041270
+ BLKBSZSET = 0x80041271
+ BLKFLSBUF = 0x20001261
+ BLKFRAGET = 0x20001265
+ BLKFRASET = 0x20001264
+ BLKGETSIZE = 0x20001260
+ BLKGETSIZE64 = 0x40041272
+ BLKPBSZGET = 0x2000127b
+ BLKRAGET = 0x20001263
+ BLKRASET = 0x20001262
+ BLKROGET = 0x2000125e
+ BLKROSET = 0x2000125d
+ BLKRRPART = 0x2000125f
+ BLKSECTGET = 0x20001267
+ BLKSECTSET = 0x20001266
+ BLKSSZGET = 0x20001268
+ BOTHER = 0x1f
+ BS1 = 0x8000
+ BSDLY = 0x8000
+ CBAUD = 0xff
+ CBAUDEX = 0x0
+ CIBAUD = 0xff0000
+ CLOCAL = 0x8000
+ CR1 = 0x1000
+ CR2 = 0x2000
+ CR3 = 0x3000
+ CRDLY = 0x3000
+ CREAD = 0x800
+ CS6 = 0x100
+ CS7 = 0x200
+ CS8 = 0x300
+ CSIZE = 0x300
+ CSTOPB = 0x400
+ ECHOCTL = 0x40
+ ECHOE = 0x2
+ ECHOK = 0x4
+ ECHOKE = 0x1
+ ECHONL = 0x10
+ ECHOPRT = 0x20
+ EFD_CLOEXEC = 0x80000
+ EFD_NONBLOCK = 0x800
+ EPOLL_CLOEXEC = 0x80000
+ EXTPROC = 0x10000000
+ FF1 = 0x4000
+ FFDLY = 0x4000
+ FICLONE = 0x80049409
+ FICLONERANGE = 0x8020940d
+ FLUSHO = 0x800000
+ FS_IOC_ENABLE_VERITY = 0x80806685
+ FS_IOC_GETFLAGS = 0x40046601
+ FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
+ FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
+ FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
+ FS_IOC_SETFLAGS = 0x80046602
+ FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
+ F_GETLK = 0xc
+ F_GETLK64 = 0xc
+ F_GETOWN = 0x9
+ F_RDLCK = 0x0
+ F_SETLK = 0xd
+ F_SETLK64 = 0xd
+ F_SETLKW = 0xe
+ F_SETLKW64 = 0xe
+ F_SETOWN = 0x8
+ F_UNLCK = 0x2
+ F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
+ HUPCL = 0x4000
+ ICANON = 0x100
+ IEXTEN = 0x400
+ IN_CLOEXEC = 0x80000
+ IN_NONBLOCK = 0x800
+ IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9
+ ISIG = 0x80
+ IUCLC = 0x1000
+ IXOFF = 0x400
+ IXON = 0x200
+ MAP_ANON = 0x20
+ MAP_ANONYMOUS = 0x20
+ MAP_DENYWRITE = 0x800
+ MAP_EXECUTABLE = 0x1000
+ MAP_GROWSDOWN = 0x100
+ MAP_HUGETLB = 0x40000
+ MAP_LOCKED = 0x80
+ MAP_NONBLOCK = 0x10000
+ MAP_NORESERVE = 0x40
+ MAP_POPULATE = 0x8000
+ MAP_STACK = 0x20000
+ MAP_SYNC = 0x80000
+ MCL_CURRENT = 0x2000
+ MCL_FUTURE = 0x4000
+ MCL_ONFAULT = 0x8000
+ NFDBITS = 0x20
+ NL2 = 0x200
+ NL3 = 0x300
+ NLDLY = 0x300
+ NOFLSH = 0x80000000
+ NS_GET_NSTYPE = 0x2000b703
+ NS_GET_OWNER_UID = 0x2000b704
+ NS_GET_PARENT = 0x2000b702
+ NS_GET_USERNS = 0x2000b701
+ OLCUC = 0x4
+ ONLCR = 0x2
+ O_APPEND = 0x400
+ O_ASYNC = 0x2000
+ O_CLOEXEC = 0x80000
+ O_CREAT = 0x40
+ O_DIRECT = 0x20000
+ O_DIRECTORY = 0x4000
+ O_DSYNC = 0x1000
+ O_EXCL = 0x80
+ O_FSYNC = 0x101000
+ O_LARGEFILE = 0x10000
+ O_NDELAY = 0x800
+ O_NOATIME = 0x40000
+ O_NOCTTY = 0x100
+ O_NOFOLLOW = 0x8000
+ O_NONBLOCK = 0x800
+ O_PATH = 0x200000
+ O_RSYNC = 0x101000
+ O_SYNC = 0x101000
+ O_TMPFILE = 0x404000
+ O_TRUNC = 0x200
+ PARENB = 0x1000
+ PARODD = 0x2000
+ PENDIN = 0x20000000
+ PERF_EVENT_IOC_DISABLE = 0x20002401
+ PERF_EVENT_IOC_ENABLE = 0x20002400
+ PERF_EVENT_IOC_ID = 0x40042407
+ PERF_EVENT_IOC_MODIFY_ATTRIBUTES = 0x8004240b
+ PERF_EVENT_IOC_PAUSE_OUTPUT = 0x80042409
+ PERF_EVENT_IOC_PERIOD = 0x80082404
+ PERF_EVENT_IOC_QUERY_BPF = 0xc004240a
+ PERF_EVENT_IOC_REFRESH = 0x20002402
+ PERF_EVENT_IOC_RESET = 0x20002403
+ PERF_EVENT_IOC_SET_BPF = 0x80042408
+ PERF_EVENT_IOC_SET_FILTER = 0x80042406
+ PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
+ PPPIOCATTACH = 0x8004743d
+ PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
+ PPPIOCCONNECT = 0x8004743a
+ PPPIOCDETACH = 0x8004743c
+ PPPIOCDISCONN = 0x20007439
+ PPPIOCGASYNCMAP = 0x40047458
+ PPPIOCGCHAN = 0x40047437
+ PPPIOCGDEBUG = 0x40047441
+ PPPIOCGFLAGS = 0x4004745a
+ PPPIOCGIDLE = 0x4008743f
+ PPPIOCGIDLE32 = 0x4008743f
+ PPPIOCGIDLE64 = 0x4010743f
+ PPPIOCGL2TPSTATS = 0x40487436
+ PPPIOCGMRU = 0x40047453
+ PPPIOCGRASYNCMAP = 0x40047455
+ PPPIOCGUNIT = 0x40047456
+ PPPIOCGXASYNCMAP = 0x40207450
+ PPPIOCSACTIVE = 0x80087446
+ PPPIOCSASYNCMAP = 0x80047457
+ PPPIOCSCOMPRESS = 0x800c744d
+ PPPIOCSDEBUG = 0x80047440
+ PPPIOCSFLAGS = 0x80047459
+ PPPIOCSMAXCID = 0x80047451
+ PPPIOCSMRRU = 0x8004743b
+ PPPIOCSMRU = 0x80047452
+ PPPIOCSNPMODE = 0x8008744b
+ PPPIOCSPASS = 0x80087447
+ PPPIOCSRASYNCMAP = 0x80047454
+ PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
+ PPPIOCXFERUNIT = 0x2000744e
+ PROT_SAO = 0x10
+ PR_SET_PTRACER_ANY = 0xffffffff
+ PTRACE_GETEVRREGS = 0x14
+ PTRACE_GETFPREGS = 0xe
+ PTRACE_GETREGS64 = 0x16
+ PTRACE_GETVRREGS = 0x12
+ PTRACE_GETVSRREGS = 0x1b
+ PTRACE_GET_DEBUGREG = 0x19
+ PTRACE_SETEVRREGS = 0x15
+ PTRACE_SETFPREGS = 0xf
+ PTRACE_SETREGS64 = 0x17
+ PTRACE_SETVRREGS = 0x13
+ PTRACE_SETVSRREGS = 0x1c
+ PTRACE_SET_DEBUGREG = 0x1a
+ PTRACE_SINGLEBLOCK = 0x100
+ PTRACE_SYSEMU = 0x1d
+ PTRACE_SYSEMU_SINGLESTEP = 0x1e
+ PT_CCR = 0x26
+ PT_CTR = 0x23
+ PT_DAR = 0x29
+ PT_DSCR = 0x2c
+ PT_DSISR = 0x2a
+ PT_FPR0 = 0x30
+ PT_FPR31 = 0x6e
+ PT_FPSCR = 0x71
+ PT_LNK = 0x24
+ PT_MQ = 0x27
+ PT_MSR = 0x21
+ PT_NIP = 0x20
+ PT_ORIG_R3 = 0x22
+ PT_R0 = 0x0
+ PT_R1 = 0x1
+ PT_R10 = 0xa
+ PT_R11 = 0xb
+ PT_R12 = 0xc
+ PT_R13 = 0xd
+ PT_R14 = 0xe
+ PT_R15 = 0xf
+ PT_R16 = 0x10
+ PT_R17 = 0x11
+ PT_R18 = 0x12
+ PT_R19 = 0x13
+ PT_R2 = 0x2
+ PT_R20 = 0x14
+ PT_R21 = 0x15
+ PT_R22 = 0x16
+ PT_R23 = 0x17
+ PT_R24 = 0x18
+ PT_R25 = 0x19
+ PT_R26 = 0x1a
+ PT_R27 = 0x1b
+ PT_R28 = 0x1c
+ PT_R29 = 0x1d
+ PT_R3 = 0x3
+ PT_R30 = 0x1e
+ PT_R31 = 0x1f
+ PT_R4 = 0x4
+ PT_R5 = 0x5
+ PT_R6 = 0x6
+ PT_R7 = 0x7
+ PT_R8 = 0x8
+ PT_R9 = 0x9
+ PT_REGS_COUNT = 0x2c
+ PT_RESULT = 0x2b
+ PT_TRAP = 0x28
+ PT_XER = 0x25
+ RLIMIT_AS = 0x9
+ RLIMIT_MEMLOCK = 0x8
+ RLIMIT_NOFILE = 0x7
+ RLIMIT_NPROC = 0x6
+ RLIMIT_RSS = 0x5
+ RNDADDENTROPY = 0x80085203
+ RNDADDTOENTCNT = 0x80045201
+ RNDCLEARPOOL = 0x20005206
+ RNDGETENTCNT = 0x40045200
+ RNDGETPOOL = 0x40085202
+ RNDRESEEDCRNG = 0x20005207
+ RNDZAPENTCNT = 0x20005204
+ RTC_AIE_OFF = 0x20007002
+ RTC_AIE_ON = 0x20007001
+ RTC_ALM_READ = 0x40247008
+ RTC_ALM_SET = 0x80247007
+ RTC_EPOCH_READ = 0x4004700d
+ RTC_EPOCH_SET = 0x8004700e
+ RTC_IRQP_READ = 0x4004700b
+ RTC_IRQP_SET = 0x8004700c
+ RTC_PIE_OFF = 0x20007006
+ RTC_PIE_ON = 0x20007005
+ RTC_PLL_GET = 0x401c7011
+ RTC_PLL_SET = 0x801c7012
+ RTC_RD_TIME = 0x40247009
+ RTC_SET_TIME = 0x8024700a
+ RTC_UIE_OFF = 0x20007004
+ RTC_UIE_ON = 0x20007003
+ RTC_VL_CLR = 0x20007014
+ RTC_VL_READ = 0x40047013
+ RTC_WIE_OFF = 0x20007010
+ RTC_WIE_ON = 0x2000700f
+ RTC_WKALM_RD = 0x40287010
+ RTC_WKALM_SET = 0x8028700f
+ SCM_TIMESTAMPING = 0x25
+ SCM_TIMESTAMPING_OPT_STATS = 0x36
+ SCM_TIMESTAMPING_PKTINFO = 0x3a
+ SCM_TIMESTAMPNS = 0x23
+ SCM_TXTIME = 0x3d
+ SCM_WIFI_STATUS = 0x29
+ SFD_CLOEXEC = 0x80000
+ SFD_NONBLOCK = 0x800
+ SIOCATMARK = 0x8905
+ SIOCGPGRP = 0x8904
+ SIOCGSTAMPNS_NEW = 0x40108907
+ SIOCGSTAMP_NEW = 0x40108906
+ SIOCINQ = 0x4004667f
+ SIOCOUTQ = 0x40047473
+ SIOCSPGRP = 0x8902
+ SOCK_CLOEXEC = 0x80000
+ SOCK_DGRAM = 0x2
+ SOCK_NONBLOCK = 0x800
+ SOCK_STREAM = 0x1
+ SOL_SOCKET = 0x1
+ SO_ACCEPTCONN = 0x1e
+ SO_ATTACH_BPF = 0x32
+ SO_ATTACH_REUSEPORT_CBPF = 0x33
+ SO_ATTACH_REUSEPORT_EBPF = 0x34
+ SO_BINDTODEVICE = 0x19
+ SO_BINDTOIFINDEX = 0x3e
+ SO_BPF_EXTENSIONS = 0x30
+ SO_BROADCAST = 0x6
+ SO_BSDCOMPAT = 0xe
+ SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
+ SO_CNX_ADVICE = 0x35
+ SO_COOKIE = 0x39
+ SO_DETACH_REUSEPORT_BPF = 0x44
+ SO_DOMAIN = 0x27
+ SO_DONTROUTE = 0x5
+ SO_ERROR = 0x4
+ SO_INCOMING_CPU = 0x31
+ SO_INCOMING_NAPI_ID = 0x38
+ SO_KEEPALIVE = 0x9
+ SO_LINGER = 0xd
+ SO_LOCK_FILTER = 0x2c
+ SO_MARK = 0x24
+ SO_MAX_PACING_RATE = 0x2f
+ SO_MEMINFO = 0x37
+ SO_NOFCS = 0x2b
+ SO_OOBINLINE = 0xa
+ SO_PASSCRED = 0x14
+ SO_PASSSEC = 0x22
+ SO_PEEK_OFF = 0x2a
+ SO_PEERCRED = 0x15
+ SO_PEERGROUPS = 0x3b
+ SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
+ SO_PROTOCOL = 0x26
+ SO_RCVBUF = 0x8
+ SO_RCVBUFFORCE = 0x21
+ SO_RCVLOWAT = 0x10
+ SO_RCVTIMEO = 0x12
+ SO_RCVTIMEO_NEW = 0x42
+ SO_RCVTIMEO_OLD = 0x12
+ SO_REUSEADDR = 0x2
+ SO_REUSEPORT = 0xf
+ SO_RXQ_OVFL = 0x28
+ SO_SECURITY_AUTHENTICATION = 0x16
+ SO_SECURITY_ENCRYPTION_NETWORK = 0x18
+ SO_SECURITY_ENCRYPTION_TRANSPORT = 0x17
+ SO_SELECT_ERR_QUEUE = 0x2d
+ SO_SNDBUF = 0x7
+ SO_SNDBUFFORCE = 0x20
+ SO_SNDLOWAT = 0x11
+ SO_SNDTIMEO = 0x13
+ SO_SNDTIMEO_NEW = 0x43
+ SO_SNDTIMEO_OLD = 0x13
+ SO_TIMESTAMPING = 0x25
+ SO_TIMESTAMPING_NEW = 0x41
+ SO_TIMESTAMPING_OLD = 0x25
+ SO_TIMESTAMPNS = 0x23
+ SO_TIMESTAMPNS_NEW = 0x40
+ SO_TIMESTAMPNS_OLD = 0x23
+ SO_TIMESTAMP_NEW = 0x3f
+ SO_TXTIME = 0x3d
+ SO_TYPE = 0x3
+ SO_WIFI_STATUS = 0x29
+ SO_ZEROCOPY = 0x3c
+ TAB1 = 0x400
+ TAB2 = 0x800
+ TAB3 = 0xc00
+ TABDLY = 0xc00
+ TCFLSH = 0x2000741f
+ TCGETA = 0x40147417
+ TCGETS = 0x402c7413
+ TCSAFLUSH = 0x2
+ TCSBRK = 0x2000741d
+ TCSBRKP = 0x5425
+ TCSETA = 0x80147418
+ TCSETAF = 0x8014741c
+ TCSETAW = 0x80147419
+ TCSETS = 0x802c7414
+ TCSETSF = 0x802c7416
+ TCSETSW = 0x802c7415
+ TCXONC = 0x2000741e
+ TFD_CLOEXEC = 0x80000
+ TFD_NONBLOCK = 0x800
+ TIOCCBRK = 0x5428
+ TIOCCONS = 0x541d
+ TIOCEXCL = 0x540c
+ TIOCGDEV = 0x40045432
+ TIOCGETC = 0x40067412
+ TIOCGETD = 0x5424
+ TIOCGETP = 0x40067408
+ TIOCGEXCL = 0x40045440
+ TIOCGICOUNT = 0x545d
+ TIOCGISO7816 = 0x40285442
+ TIOCGLCKTRMIOS = 0x5456
+ TIOCGLTC = 0x40067474
+ TIOCGPGRP = 0x40047477
+ TIOCGPKT = 0x40045438
+ TIOCGPTLCK = 0x40045439
+ TIOCGPTN = 0x40045430
+ TIOCGPTPEER = 0x20005441
+ TIOCGRS485 = 0x542e
+ TIOCGSERIAL = 0x541e
+ TIOCGSID = 0x5429
+ TIOCGSOFTCAR = 0x5419
+ TIOCGWINSZ = 0x40087468
+ TIOCINQ = 0x4004667f
+ TIOCLINUX = 0x541c
+ TIOCMBIC = 0x5417
+ TIOCMBIS = 0x5416
+ TIOCMGET = 0x5415
+ TIOCMIWAIT = 0x545c
+ TIOCMSET = 0x5418
+ TIOCM_CAR = 0x40
+ TIOCM_CD = 0x40
+ TIOCM_CTS = 0x20
+ TIOCM_DSR = 0x100
+ TIOCM_LOOP = 0x8000
+ TIOCM_OUT1 = 0x2000
+ TIOCM_OUT2 = 0x4000
+ TIOCM_RI = 0x80
+ TIOCM_RNG = 0x80
+ TIOCM_SR = 0x10
+ TIOCM_ST = 0x8
+ TIOCNOTTY = 0x5422
+ TIOCNXCL = 0x540d
+ TIOCOUTQ = 0x40047473
+ TIOCPKT = 0x5420
+ TIOCSBRK = 0x5427
+ TIOCSCTTY = 0x540e
+ TIOCSERCONFIG = 0x5453
+ TIOCSERGETLSR = 0x5459
+ TIOCSERGETMULTI = 0x545a
+ TIOCSERGSTRUCT = 0x5458
+ TIOCSERGWILD = 0x5454
+ TIOCSERSETMULTI = 0x545b
+ TIOCSERSWILD = 0x5455
+ TIOCSER_TEMT = 0x1
+ TIOCSETC = 0x80067411
+ TIOCSETD = 0x5423
+ TIOCSETN = 0x8006740a
+ TIOCSETP = 0x80067409
+ TIOCSIG = 0x80045436
+ TIOCSISO7816 = 0xc0285443
+ TIOCSLCKTRMIOS = 0x5457
+ TIOCSLTC = 0x80067475
+ TIOCSPGRP = 0x80047476
+ TIOCSPTLCK = 0x80045431
+ TIOCSRS485 = 0x542f
+ TIOCSSERIAL = 0x541f
+ TIOCSSOFTCAR = 0x541a
+ TIOCSTART = 0x2000746e
+ TIOCSTI = 0x5412
+ TIOCSTOP = 0x2000746f
+ TIOCSWINSZ = 0x80087467
+ TIOCVHANGUP = 0x5437
+ TOSTOP = 0x400000
+ TUNATTACHFILTER = 0x800854d5
+ TUNDETACHFILTER = 0x800854d6
+ TUNGETDEVNETNS = 0x200054e3
+ TUNGETFEATURES = 0x400454cf
+ TUNGETFILTER = 0x400854db
+ TUNGETIFF = 0x400454d2
+ TUNGETSNDBUF = 0x400454d3
+ TUNGETVNETBE = 0x400454df
+ TUNGETVNETHDRSZ = 0x400454d7
+ TUNGETVNETLE = 0x400454dd
+ TUNSETCARRIER = 0x800454e2
+ TUNSETDEBUG = 0x800454c9
+ TUNSETFILTEREBPF = 0x400454e1
+ TUNSETGROUP = 0x800454ce
+ TUNSETIFF = 0x800454ca
+ TUNSETIFINDEX = 0x800454da
+ TUNSETLINK = 0x800454cd
+ TUNSETNOCSUM = 0x800454c8
+ TUNSETOFFLOAD = 0x800454d0
+ TUNSETOWNER = 0x800454cc
+ TUNSETPERSIST = 0x800454cb
+ TUNSETQUEUE = 0x800454d9
+ TUNSETSNDBUF = 0x800454d4
+ TUNSETSTEERINGEBPF = 0x400454e0
+ TUNSETTXFILTER = 0x800454d1
+ TUNSETVNETBE = 0x800454de
+ TUNSETVNETHDRSZ = 0x800454d8
+ TUNSETVNETLE = 0x800454dc
+ UBI_IOCATT = 0x80186f40
+ UBI_IOCDET = 0x80046f41
+ UBI_IOCEBCH = 0x80044f02
+ UBI_IOCEBER = 0x80044f01
+ UBI_IOCEBISMAP = 0x40044f05
+ UBI_IOCEBMAP = 0x80084f03
+ UBI_IOCEBUNMAP = 0x80044f04
+ UBI_IOCMKVOL = 0x80986f00
+ UBI_IOCRMVOL = 0x80046f01
+ UBI_IOCRNVOL = 0x91106f03
+ UBI_IOCRPEB = 0x80046f04
+ UBI_IOCRSVOL = 0x800c6f02
+ UBI_IOCSETVOLPROP = 0x80104f06
+ UBI_IOCSPEB = 0x80046f05
+ UBI_IOCVOLCRBLK = 0x80804f07
+ UBI_IOCVOLRMBLK = 0x20004f08
+ UBI_IOCVOLUP = 0x80084f00
+ VDISCARD = 0x10
+ VEOF = 0x4
+ VEOL = 0x6
+ VEOL2 = 0x8
+ VMIN = 0x5
+ VREPRINT = 0xb
+ VSTART = 0xd
+ VSTOP = 0xe
+ VSUSP = 0xc
+ VSWTC = 0x9
+ VT1 = 0x10000
+ VTDLY = 0x10000
+ VTIME = 0x7
+ VWERASE = 0xa
+ WDIOC_GETBOOTSTATUS = 0x40045702
+ WDIOC_GETPRETIMEOUT = 0x40045709
+ WDIOC_GETSTATUS = 0x40045701
+ WDIOC_GETSUPPORT = 0x40285700
+ WDIOC_GETTEMP = 0x40045703
+ WDIOC_GETTIMELEFT = 0x4004570a
+ WDIOC_GETTIMEOUT = 0x40045707
+ WDIOC_KEEPALIVE = 0x40045705
+ WDIOC_SETOPTIONS = 0x40045704
+ WORDSIZE = 0x20
+ XCASE = 0x4000
+ XTABS = 0xc00
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
+)
+
+// Errors
+const (
+ EADDRINUSE = syscall.Errno(0x62)
+ EADDRNOTAVAIL = syscall.Errno(0x63)
+ EADV = syscall.Errno(0x44)
+ EAFNOSUPPORT = syscall.Errno(0x61)
+ EALREADY = syscall.Errno(0x72)
+ EBADE = syscall.Errno(0x34)
+ EBADFD = syscall.Errno(0x4d)
+ EBADMSG = syscall.Errno(0x4a)
+ EBADR = syscall.Errno(0x35)
+ EBADRQC = syscall.Errno(0x38)
+ EBADSLT = syscall.Errno(0x39)
+ EBFONT = syscall.Errno(0x3b)
+ ECANCELED = syscall.Errno(0x7d)
+ ECHRNG = syscall.Errno(0x2c)
+ ECOMM = syscall.Errno(0x46)
+ ECONNABORTED = syscall.Errno(0x67)
+ ECONNREFUSED = syscall.Errno(0x6f)
+ ECONNRESET = syscall.Errno(0x68)
+ EDEADLK = syscall.Errno(0x23)
+ EDEADLOCK = syscall.Errno(0x3a)
+ EDESTADDRREQ = syscall.Errno(0x59)
+ EDOTDOT = syscall.Errno(0x49)
+ EDQUOT = syscall.Errno(0x7a)
+ EHOSTDOWN = syscall.Errno(0x70)
+ EHOSTUNREACH = syscall.Errno(0x71)
+ EHWPOISON = syscall.Errno(0x85)
+ EIDRM = syscall.Errno(0x2b)
+ EILSEQ = syscall.Errno(0x54)
+ EINPROGRESS = syscall.Errno(0x73)
+ EISCONN = syscall.Errno(0x6a)
+ EISNAM = syscall.Errno(0x78)
+ EKEYEXPIRED = syscall.Errno(0x7f)
+ EKEYREJECTED = syscall.Errno(0x81)
+ EKEYREVOKED = syscall.Errno(0x80)
+ EL2HLT = syscall.Errno(0x33)
+ EL2NSYNC = syscall.Errno(0x2d)
+ EL3HLT = syscall.Errno(0x2e)
+ EL3RST = syscall.Errno(0x2f)
+ ELIBACC = syscall.Errno(0x4f)
+ ELIBBAD = syscall.Errno(0x50)
+ ELIBEXEC = syscall.Errno(0x53)
+ ELIBMAX = syscall.Errno(0x52)
+ ELIBSCN = syscall.Errno(0x51)
+ ELNRNG = syscall.Errno(0x30)
+ ELOOP = syscall.Errno(0x28)
+ EMEDIUMTYPE = syscall.Errno(0x7c)
+ EMSGSIZE = syscall.Errno(0x5a)
+ EMULTIHOP = syscall.Errno(0x48)
+ ENAMETOOLONG = syscall.Errno(0x24)
+ ENAVAIL = syscall.Errno(0x77)
+ ENETDOWN = syscall.Errno(0x64)
+ ENETRESET = syscall.Errno(0x66)
+ ENETUNREACH = syscall.Errno(0x65)
+ ENOANO = syscall.Errno(0x37)
+ ENOBUFS = syscall.Errno(0x69)
+ ENOCSI = syscall.Errno(0x32)
+ ENODATA = syscall.Errno(0x3d)
+ ENOKEY = syscall.Errno(0x7e)
+ ENOLCK = syscall.Errno(0x25)
+ ENOLINK = syscall.Errno(0x43)
+ ENOMEDIUM = syscall.Errno(0x7b)
+ ENOMSG = syscall.Errno(0x2a)
+ ENONET = syscall.Errno(0x40)
+ ENOPKG = syscall.Errno(0x41)
+ ENOPROTOOPT = syscall.Errno(0x5c)
+ ENOSR = syscall.Errno(0x3f)
+ ENOSTR = syscall.Errno(0x3c)
+ ENOSYS = syscall.Errno(0x26)
+ ENOTCONN = syscall.Errno(0x6b)
+ ENOTEMPTY = syscall.Errno(0x27)
+ ENOTNAM = syscall.Errno(0x76)
+ ENOTRECOVERABLE = syscall.Errno(0x83)
+ ENOTSOCK = syscall.Errno(0x58)
+ ENOTSUP = syscall.Errno(0x5f)
+ ENOTUNIQ = syscall.Errno(0x4c)
+ EOPNOTSUPP = syscall.Errno(0x5f)
+ EOVERFLOW = syscall.Errno(0x4b)
+ EOWNERDEAD = syscall.Errno(0x82)
+ EPFNOSUPPORT = syscall.Errno(0x60)
+ EPROTO = syscall.Errno(0x47)
+ EPROTONOSUPPORT = syscall.Errno(0x5d)
+ EPROTOTYPE = syscall.Errno(0x5b)
+ EREMCHG = syscall.Errno(0x4e)
+ EREMOTE = syscall.Errno(0x42)
+ EREMOTEIO = syscall.Errno(0x79)
+ ERESTART = syscall.Errno(0x55)
+ ERFKILL = syscall.Errno(0x84)
+ ESHUTDOWN = syscall.Errno(0x6c)
+ ESOCKTNOSUPPORT = syscall.Errno(0x5e)
+ ESRMNT = syscall.Errno(0x45)
+ ESTALE = syscall.Errno(0x74)
+ ESTRPIPE = syscall.Errno(0x56)
+ ETIME = syscall.Errno(0x3e)
+ ETIMEDOUT = syscall.Errno(0x6e)
+ ETOOMANYREFS = syscall.Errno(0x6d)
+ EUCLEAN = syscall.Errno(0x75)
+ EUNATCH = syscall.Errno(0x31)
+ EUSERS = syscall.Errno(0x57)
+ EXFULL = syscall.Errno(0x36)
+)
+
+// Signals
+const (
+ SIGBUS = syscall.Signal(0x7)
+ SIGCHLD = syscall.Signal(0x11)
+ SIGCLD = syscall.Signal(0x11)
+ SIGCONT = syscall.Signal(0x12)
+ SIGIO = syscall.Signal(0x1d)
+ SIGPOLL = syscall.Signal(0x1d)
+ SIGPROF = syscall.Signal(0x1b)
+ SIGPWR = syscall.Signal(0x1e)
+ SIGSTKFLT = syscall.Signal(0x10)
+ SIGSTOP = syscall.Signal(0x13)
+ SIGSYS = syscall.Signal(0x1f)
+ SIGTSTP = syscall.Signal(0x14)
+ SIGTTIN = syscall.Signal(0x15)
+ SIGTTOU = syscall.Signal(0x16)
+ SIGURG = syscall.Signal(0x17)
+ SIGUSR1 = syscall.Signal(0xa)
+ SIGUSR2 = syscall.Signal(0xc)
+ SIGVTALRM = syscall.Signal(0x1a)
+ SIGWINCH = syscall.Signal(0x1c)
+ SIGXCPU = syscall.Signal(0x18)
+ SIGXFSZ = syscall.Signal(0x19)
+)
+
+// Error table
+var errorList = [...]struct {
+ num syscall.Errno
+ name string
+ desc string
+}{
+ {1, "EPERM", "operation not permitted"},
+ {2, "ENOENT", "no such file or directory"},
+ {3, "ESRCH", "no such process"},
+ {4, "EINTR", "interrupted system call"},
+ {5, "EIO", "input/output error"},
+ {6, "ENXIO", "no such device or address"},
+ {7, "E2BIG", "argument list too long"},
+ {8, "ENOEXEC", "exec format error"},
+ {9, "EBADF", "bad file descriptor"},
+ {10, "ECHILD", "no child processes"},
+ {11, "EAGAIN", "resource temporarily unavailable"},
+ {12, "ENOMEM", "cannot allocate memory"},
+ {13, "EACCES", "permission denied"},
+ {14, "EFAULT", "bad address"},
+ {15, "ENOTBLK", "block device required"},
+ {16, "EBUSY", "device or resource busy"},
+ {17, "EEXIST", "file exists"},
+ {18, "EXDEV", "invalid cross-device link"},
+ {19, "ENODEV", "no such device"},
+ {20, "ENOTDIR", "not a directory"},
+ {21, "EISDIR", "is a directory"},
+ {22, "EINVAL", "invalid argument"},
+ {23, "ENFILE", "too many open files in system"},
+ {24, "EMFILE", "too many open files"},
+ {25, "ENOTTY", "inappropriate ioctl for device"},
+ {26, "ETXTBSY", "text file busy"},
+ {27, "EFBIG", "file too large"},
+ {28, "ENOSPC", "no space left on device"},
+ {29, "ESPIPE", "illegal seek"},
+ {30, "EROFS", "read-only file system"},
+ {31, "EMLINK", "too many links"},
+ {32, "EPIPE", "broken pipe"},
+ {33, "EDOM", "numerical argument out of domain"},
+ {34, "ERANGE", "numerical result out of range"},
+ {35, "EDEADLK", "resource deadlock avoided"},
+ {36, "ENAMETOOLONG", "file name too long"},
+ {37, "ENOLCK", "no locks available"},
+ {38, "ENOSYS", "function not implemented"},
+ {39, "ENOTEMPTY", "directory not empty"},
+ {40, "ELOOP", "too many levels of symbolic links"},
+ {42, "ENOMSG", "no message of desired type"},
+ {43, "EIDRM", "identifier removed"},
+ {44, "ECHRNG", "channel number out of range"},
+ {45, "EL2NSYNC", "level 2 not synchronized"},
+ {46, "EL3HLT", "level 3 halted"},
+ {47, "EL3RST", "level 3 reset"},
+ {48, "ELNRNG", "link number out of range"},
+ {49, "EUNATCH", "protocol driver not attached"},
+ {50, "ENOCSI", "no CSI structure available"},
+ {51, "EL2HLT", "level 2 halted"},
+ {52, "EBADE", "invalid exchange"},
+ {53, "EBADR", "invalid request descriptor"},
+ {54, "EXFULL", "exchange full"},
+ {55, "ENOANO", "no anode"},
+ {56, "EBADRQC", "invalid request code"},
+ {57, "EBADSLT", "invalid slot"},
+ {58, "EDEADLOCK", "file locking deadlock error"},
+ {59, "EBFONT", "bad font file format"},
+ {60, "ENOSTR", "device not a stream"},
+ {61, "ENODATA", "no data available"},
+ {62, "ETIME", "timer expired"},
+ {63, "ENOSR", "out of streams resources"},
+ {64, "ENONET", "machine is not on the network"},
+ {65, "ENOPKG", "package not installed"},
+ {66, "EREMOTE", "object is remote"},
+ {67, "ENOLINK", "link has been severed"},
+ {68, "EADV", "advertise error"},
+ {69, "ESRMNT", "srmount error"},
+ {70, "ECOMM", "communication error on send"},
+ {71, "EPROTO", "protocol error"},
+ {72, "EMULTIHOP", "multihop attempted"},
+ {73, "EDOTDOT", "RFS specific error"},
+ {74, "EBADMSG", "bad message"},
+ {75, "EOVERFLOW", "value too large for defined data type"},
+ {76, "ENOTUNIQ", "name not unique on network"},
+ {77, "EBADFD", "file descriptor in bad state"},
+ {78, "EREMCHG", "remote address changed"},
+ {79, "ELIBACC", "can not access a needed shared library"},
+ {80, "ELIBBAD", "accessing a corrupted shared library"},
+ {81, "ELIBSCN", ".lib section in a.out corrupted"},
+ {82, "ELIBMAX", "attempting to link in too many shared libraries"},
+ {83, "ELIBEXEC", "cannot exec a shared library directly"},
+ {84, "EILSEQ", "invalid or incomplete multibyte or wide character"},
+ {85, "ERESTART", "interrupted system call should be restarted"},
+ {86, "ESTRPIPE", "streams pipe error"},
+ {87, "EUSERS", "too many users"},
+ {88, "ENOTSOCK", "socket operation on non-socket"},
+ {89, "EDESTADDRREQ", "destination address required"},
+ {90, "EMSGSIZE", "message too long"},
+ {91, "EPROTOTYPE", "protocol wrong type for socket"},
+ {92, "ENOPROTOOPT", "protocol not available"},
+ {93, "EPROTONOSUPPORT", "protocol not supported"},
+ {94, "ESOCKTNOSUPPORT", "socket type not supported"},
+ {95, "ENOTSUP", "operation not supported"},
+ {96, "EPFNOSUPPORT", "protocol family not supported"},
+ {97, "EAFNOSUPPORT", "address family not supported by protocol"},
+ {98, "EADDRINUSE", "address already in use"},
+ {99, "EADDRNOTAVAIL", "cannot assign requested address"},
+ {100, "ENETDOWN", "network is down"},
+ {101, "ENETUNREACH", "network is unreachable"},
+ {102, "ENETRESET", "network dropped connection on reset"},
+ {103, "ECONNABORTED", "software caused connection abort"},
+ {104, "ECONNRESET", "connection reset by peer"},
+ {105, "ENOBUFS", "no buffer space available"},
+ {106, "EISCONN", "transport endpoint is already connected"},
+ {107, "ENOTCONN", "transport endpoint is not connected"},
+ {108, "ESHUTDOWN", "cannot send after transport endpoint shutdown"},
+ {109, "ETOOMANYREFS", "too many references: cannot splice"},
+ {110, "ETIMEDOUT", "connection timed out"},
+ {111, "ECONNREFUSED", "connection refused"},
+ {112, "EHOSTDOWN", "host is down"},
+ {113, "EHOSTUNREACH", "no route to host"},
+ {114, "EALREADY", "operation already in progress"},
+ {115, "EINPROGRESS", "operation now in progress"},
+ {116, "ESTALE", "stale file handle"},
+ {117, "EUCLEAN", "structure needs cleaning"},
+ {118, "ENOTNAM", "not a XENIX named type file"},
+ {119, "ENAVAIL", "no XENIX semaphores available"},
+ {120, "EISNAM", "is a named type file"},
+ {121, "EREMOTEIO", "remote I/O error"},
+ {122, "EDQUOT", "disk quota exceeded"},
+ {123, "ENOMEDIUM", "no medium found"},
+ {124, "EMEDIUMTYPE", "wrong medium type"},
+ {125, "ECANCELED", "operation canceled"},
+ {126, "ENOKEY", "required key not available"},
+ {127, "EKEYEXPIRED", "key has expired"},
+ {128, "EKEYREVOKED", "key has been revoked"},
+ {129, "EKEYREJECTED", "key was rejected by service"},
+ {130, "EOWNERDEAD", "owner died"},
+ {131, "ENOTRECOVERABLE", "state not recoverable"},
+ {132, "ERFKILL", "operation not possible due to RF-kill"},
+ {133, "EHWPOISON", "memory page has hardware error"},
+}
+
+// Signal table
+var signalList = [...]struct {
+ num syscall.Signal
+ name string
+ desc string
+}{
+ {1, "SIGHUP", "hangup"},
+ {2, "SIGINT", "interrupt"},
+ {3, "SIGQUIT", "quit"},
+ {4, "SIGILL", "illegal instruction"},
+ {5, "SIGTRAP", "trace/breakpoint trap"},
+ {6, "SIGABRT", "aborted"},
+ {7, "SIGBUS", "bus error"},
+ {8, "SIGFPE", "floating point exception"},
+ {9, "SIGKILL", "killed"},
+ {10, "SIGUSR1", "user defined signal 1"},
+ {11, "SIGSEGV", "segmentation fault"},
+ {12, "SIGUSR2", "user defined signal 2"},
+ {13, "SIGPIPE", "broken pipe"},
+ {14, "SIGALRM", "alarm clock"},
+ {15, "SIGTERM", "terminated"},
+ {16, "SIGSTKFLT", "stack fault"},
+ {17, "SIGCHLD", "child exited"},
+ {18, "SIGCONT", "continued"},
+ {19, "SIGSTOP", "stopped (signal)"},
+ {20, "SIGTSTP", "stopped"},
+ {21, "SIGTTIN", "stopped (tty input)"},
+ {22, "SIGTTOU", "stopped (tty output)"},
+ {23, "SIGURG", "urgent I/O condition"},
+ {24, "SIGXCPU", "CPU time limit exceeded"},
+ {25, "SIGXFSZ", "file size limit exceeded"},
+ {26, "SIGVTALRM", "virtual timer expired"},
+ {27, "SIGPROF", "profiling timer expired"},
+ {28, "SIGWINCH", "window changed"},
+ {29, "SIGIO", "I/O possible"},
+ {30, "SIGPWR", "power failure"},
+ {31, "SIGSYS", "bad system call"},
+}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 973ad934..e60102f6 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64 && linux
// +build ppc64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x4000
ICANON = 0x100
IEXTEN = 0x400
@@ -165,6 +169,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -192,6 +197,7 @@ const (
PPPIOCSPASS = 0x80107447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PROT_SAO = 0x10
PR_SET_PTRACER_ANY = 0xffffffffffffffff
@@ -327,6 +333,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -349,6 +356,7 @@ const (
SO_PEERCRED = 0x15
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -543,6 +551,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4000
XTABS = 0xc00
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 70a7406b..838ff4ea 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64le && linux
// +build ppc64le,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x4000
ICANON = 0x100
IEXTEN = 0x400
@@ -165,6 +169,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -192,6 +197,7 @@ const (
PPPIOCSPASS = 0x80107447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PROT_SAO = 0x10
PR_SET_PTRACER_ANY = 0xffffffffffffffff
@@ -327,6 +333,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -349,6 +356,7 @@ const (
SO_PEERCRED = 0x15
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -543,6 +551,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4000
XTABS = 0xc00
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index b1bf7997..7cc98f09 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build riscv64 && linux
// +build riscv64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x40107447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
RLIMIT_AS = 0x9
@@ -256,6 +262,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -278,6 +285,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -468,6 +476,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 7053d10b..6d30e6fd 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include -fsigned-char
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build s390x && linux
// +build s390x,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -92,6 +93,9 @@ const (
F_SETOWN = 0x8
F_UNLCK = 0x2
F_WRLCK = 0x1
+ HIDIOCGRAWINFO = 0x80084803
+ HIDIOCGRDESC = 0x90044802
+ HIDIOCGRDESCSIZE = 0x80044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -163,6 +167,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x2405
PPPIOCATTACH = 0x4004743d
PPPIOCATTCHAN = 0x40047438
+ PPPIOCBRIDGECHAN = 0x40047435
PPPIOCCONNECT = 0x4004743a
PPPIOCDETACH = 0x4004743c
PPPIOCDISCONN = 0x7439
@@ -190,6 +195,7 @@ const (
PPPIOCSPASS = 0x40107447
PPPIOCSRASYNCMAP = 0x40047454
PPPIOCSXASYNCMAP = 0x4020744f
+ PPPIOCUNBRIDGECHAN = 0x7434
PPPIOCXFERUNIT = 0x744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_DISABLE_TE = 0x5010
@@ -206,6 +212,8 @@ const (
PTRACE_POKE_SYSTEM_CALL = 0x5008
PTRACE_PROT = 0x15
PTRACE_SINGLEBLOCK = 0xc
+ PTRACE_SYSEMU = 0x1f
+ PTRACE_SYSEMU_SINGLESTEP = 0x20
PTRACE_TE_ABORT_RAND = 0x5011
PT_ACR0 = 0x90
PT_ACR1 = 0x94
@@ -329,6 +337,7 @@ const (
SO_BROADCAST = 0x6
SO_BSDCOMPAT = 0xe
SO_BUSY_POLL = 0x2e
+ SO_BUSY_POLL_BUDGET = 0x46
SO_CNX_ADVICE = 0x35
SO_COOKIE = 0x39
SO_DETACH_REUSEPORT_BPF = 0x44
@@ -351,6 +360,7 @@ const (
SO_PEERCRED = 0x11
SO_PEERGROUPS = 0x3b
SO_PEERSEC = 0x1f
+ SO_PREFER_BUSY_POLL = 0x45
SO_PROTOCOL = 0x26
SO_RCVBUF = 0x8
SO_RCVBUFFORCE = 0x21
@@ -541,6 +551,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x80804804
+ _HIDIOCGRAWPHYS = 0x80404805
+ _HIDIOCGRAWUNIQ = 0x80404808
)
// Errors
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 137cfe79..d5e2dc94 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -Wall -Werror -static -I/tmp/include
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build sparc64 && linux
// +build sparc64,linux
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -96,6 +97,9 @@ const (
F_SETOWN = 0x6
F_UNLCK = 0x3
F_WRLCK = 0x2
+ HIDIOCGRAWINFO = 0x40084803
+ HIDIOCGRDESC = 0x50044802
+ HIDIOCGRDESCSIZE = 0x40044801
HUPCL = 0x400
ICANON = 0x2
IEXTEN = 0x8000
@@ -168,6 +172,7 @@ const (
PERF_EVENT_IOC_SET_OUTPUT = 0x20002405
PPPIOCATTACH = 0x8004743d
PPPIOCATTCHAN = 0x80047438
+ PPPIOCBRIDGECHAN = 0x80047435
PPPIOCCONNECT = 0x8004743a
PPPIOCDETACH = 0x8004743c
PPPIOCDISCONN = 0x20007439
@@ -195,6 +200,7 @@ const (
PPPIOCSPASS = 0x80107447
PPPIOCSRASYNCMAP = 0x80047454
PPPIOCSXASYNCMAP = 0x8020744f
+ PPPIOCUNBRIDGECHAN = 0x20007434
PPPIOCXFERUNIT = 0x2000744e
PR_SET_PTRACER_ANY = 0xffffffffffffffff
PTRACE_GETFPAREGS = 0x14
@@ -322,6 +328,7 @@ const (
SO_BROADCAST = 0x20
SO_BSDCOMPAT = 0x400
SO_BUSY_POLL = 0x30
+ SO_BUSY_POLL_BUDGET = 0x49
SO_CNX_ADVICE = 0x37
SO_COOKIE = 0x3b
SO_DETACH_REUSEPORT_BPF = 0x47
@@ -344,6 +351,7 @@ const (
SO_PEERCRED = 0x40
SO_PEERGROUPS = 0x3d
SO_PEERSEC = 0x1e
+ SO_PREFER_BUSY_POLL = 0x48
SO_PROTOCOL = 0x1028
SO_RCVBUF = 0x1002
SO_RCVBUFFORCE = 0x100b
@@ -531,6 +539,9 @@ const (
WORDSIZE = 0x40
XCASE = 0x4
XTABS = 0x1800
+ _HIDIOCGRAWNAME = 0x40804804
+ _HIDIOCGRAWPHYS = 0x40404805
+ _HIDIOCGRAWUNIQ = 0x40404808
__TIOCFLUSH = 0x80047410
)
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
index 20f3a579..72f7420d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m32
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && netbsd
// +build 386,netbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
index 90b8fcd2..8d4eb0c0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && netbsd
// +build amd64,netbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
index c5c03993..9eef9749 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
@@ -1,6 +1,7 @@
// mkerrors.sh -marm
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && netbsd
// +build arm,netbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
index 14dd3c1d..3b62ba19 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && netbsd
// +build arm64,netbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
index c865a10d..593cc0fe 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m32
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && openbsd
// +build 386,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
index 9db6b2fb..25cb6094 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && openbsd
// +build amd64,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
index 7072526a..a4e4c223 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
@@ -1,6 +1,7 @@
// mkerrors.sh
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && openbsd
// +build arm,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
index ac5efbe5..90de7dfc 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && openbsd
// +build arm64,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
index a74639a4..f1154ff5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && openbsd
// +build mips64,openbsd
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
diff --git a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
index 5312c36c..1afee6a0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
@@ -1,6 +1,7 @@
// mkerrors.sh -m64
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && solaris
// +build amd64,solaris
// Code generated by cmd/cgo -godefs; DO NOT EDIT.
@@ -365,6 +366,7 @@ const (
HUPCL = 0x400
IBSHIFT = 0x10
ICANON = 0x2
+ ICMP6_FILTER = 0x1
ICRNL = 0x100
IEXTEN = 0x8000
IFF_ADDRCONF = 0x80000
@@ -611,6 +613,7 @@ const (
IP_RECVPKTINFO = 0x1a
IP_RECVRETOPTS = 0x6
IP_RECVSLLA = 0xa
+ IP_RECVTOS = 0xc
IP_RECVTTL = 0xb
IP_RETOPTS = 0x8
IP_REUSEADDR = 0x104
@@ -703,6 +706,7 @@ const (
O_APPEND = 0x8
O_CLOEXEC = 0x800000
O_CREAT = 0x100
+ O_DIRECT = 0x2000000
O_DIRECTORY = 0x1000000
O_DSYNC = 0x40
O_EXCL = 0x400
diff --git a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
new file mode 100644
index 00000000..fc7d0506
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
@@ -0,0 +1,860 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+// Hand edited based on zerrors_linux_s390x.go
+// TODO: auto-generate.
+
+package unix
+
+const (
+ BRKINT = 0x0001
+ CLOCK_MONOTONIC = 0x1
+ CLOCK_PROCESS_CPUTIME_ID = 0x2
+ CLOCK_REALTIME = 0x0
+ CLOCK_THREAD_CPUTIME_ID = 0x3
+ CS8 = 0x0030
+ CSIZE = 0x0030
+ ECHO = 0x00000008
+ ECHONL = 0x00000001
+ FD_CLOEXEC = 0x01
+ FD_CLOFORK = 0x02
+ FNDELAY = 0x04
+ F_CLOSFD = 9
+ F_CONTROL_CVT = 13
+ F_DUPFD = 0
+ F_DUPFD2 = 8
+ F_GETFD = 1
+ F_GETFL = 259
+ F_GETLK = 5
+ F_GETOWN = 10
+ F_OK = 0x0
+ F_RDLCK = 1
+ F_SETFD = 2
+ F_SETFL = 4
+ F_SETLK = 6
+ F_SETLKW = 7
+ F_SETOWN = 11
+ F_SETTAG = 12
+ F_UNLCK = 3
+ F_WRLCK = 2
+ FSTYPE_ZFS = 0xe9 //"Z"
+ FSTYPE_HFS = 0xc8 //"H"
+ FSTYPE_NFS = 0xd5 //"N"
+ FSTYPE_TFS = 0xe3 //"T"
+ FSTYPE_AUTOMOUNT = 0xc1 //"A"
+ IP6F_MORE_FRAG = 0x0001
+ IP6F_OFF_MASK = 0xfff8
+ IP6F_RESERVED_MASK = 0x0006
+ IP6OPT_JUMBO = 0xc2
+ IP6OPT_JUMBO_LEN = 6
+ IP6OPT_MUTABLE = 0x20
+ IP6OPT_NSAP_ADDR = 0xc3
+ IP6OPT_PAD1 = 0x00
+ IP6OPT_PADN = 0x01
+ IP6OPT_ROUTER_ALERT = 0x05
+ IP6OPT_TUNNEL_LIMIT = 0x04
+ IP6OPT_TYPE_DISCARD = 0x40
+ IP6OPT_TYPE_FORCEICMP = 0x80
+ IP6OPT_TYPE_ICMP = 0xc0
+ IP6OPT_TYPE_SKIP = 0x00
+ IP6_ALERT_AN = 0x0002
+ IP6_ALERT_MLD = 0x0000
+ IP6_ALERT_RSVP = 0x0001
+ IPPORT_RESERVED = 1024
+ IPPORT_USERRESERVED = 5000
+ IPPROTO_AH = 51
+ SOL_AH = 51
+ IPPROTO_DSTOPTS = 60
+ SOL_DSTOPTS = 60
+ IPPROTO_EGP = 8
+ SOL_EGP = 8
+ IPPROTO_ESP = 50
+ SOL_ESP = 50
+ IPPROTO_FRAGMENT = 44
+ SOL_FRAGMENT = 44
+ IPPROTO_GGP = 2
+ SOL_GGP = 2
+ IPPROTO_HOPOPTS = 0
+ SOL_HOPOPTS = 0
+ IPPROTO_ICMP = 1
+ SOL_ICMP = 1
+ IPPROTO_ICMPV6 = 58
+ SOL_ICMPV6 = 58
+ IPPROTO_IDP = 22
+ SOL_IDP = 22
+ IPPROTO_IP = 0
+ SOL_IP = 0
+ IPPROTO_IPV6 = 41
+ SOL_IPV6 = 41
+ IPPROTO_MAX = 256
+ SOL_MAX = 256
+ IPPROTO_NONE = 59
+ SOL_NONE = 59
+ IPPROTO_PUP = 12
+ SOL_PUP = 12
+ IPPROTO_RAW = 255
+ SOL_RAW = 255
+ IPPROTO_ROUTING = 43
+ SOL_ROUTING = 43
+ IPPROTO_TCP = 6
+ SOL_TCP = 6
+ IPPROTO_UDP = 17
+ SOL_UDP = 17
+ IPV6_ADDR_PREFERENCES = 32
+ IPV6_CHECKSUM = 19
+ IPV6_DONTFRAG = 29
+ IPV6_DSTOPTS = 23
+ IPV6_HOPLIMIT = 11
+ IPV6_HOPOPTS = 22
+ IPV6_JOIN_GROUP = 5
+ IPV6_LEAVE_GROUP = 6
+ IPV6_MULTICAST_HOPS = 9
+ IPV6_MULTICAST_IF = 7
+ IPV6_MULTICAST_LOOP = 4
+ IPV6_NEXTHOP = 20
+ IPV6_PATHMTU = 12
+ IPV6_PKTINFO = 13
+ IPV6_PREFER_SRC_CGA = 0x10
+ IPV6_PREFER_SRC_COA = 0x02
+ IPV6_PREFER_SRC_HOME = 0x01
+ IPV6_PREFER_SRC_NONCGA = 0x20
+ IPV6_PREFER_SRC_PUBLIC = 0x08
+ IPV6_PREFER_SRC_TMP = 0x04
+ IPV6_RECVDSTOPTS = 28
+ IPV6_RECVHOPLIMIT = 14
+ IPV6_RECVHOPOPTS = 26
+ IPV6_RECVPATHMTU = 16
+ IPV6_RECVPKTINFO = 15
+ IPV6_RECVRTHDR = 25
+ IPV6_RECVTCLASS = 31
+ IPV6_RTHDR = 21
+ IPV6_RTHDRDSTOPTS = 24
+ IPV6_RTHDR_TYPE_0 = 0
+ IPV6_TCLASS = 30
+ IPV6_UNICAST_HOPS = 3
+ IPV6_USE_MIN_MTU = 18
+ IPV6_V6ONLY = 10
+ IP_ADD_MEMBERSHIP = 5
+ IP_ADD_SOURCE_MEMBERSHIP = 12
+ IP_BLOCK_SOURCE = 10
+ IP_DEFAULT_MULTICAST_LOOP = 1
+ IP_DEFAULT_MULTICAST_TTL = 1
+ IP_DROP_MEMBERSHIP = 6
+ IP_DROP_SOURCE_MEMBERSHIP = 13
+ IP_MAX_MEMBERSHIPS = 20
+ IP_MULTICAST_IF = 7
+ IP_MULTICAST_LOOP = 4
+ IP_MULTICAST_TTL = 3
+ IP_OPTIONS = 1
+ IP_PKTINFO = 101
+ IP_RECVPKTINFO = 102
+ IP_TOS = 2
+ IP_TTL = 3
+ IP_UNBLOCK_SOURCE = 11
+ ICANON = 0x0010
+ ICMP6_FILTER = 0x26
+ ICRNL = 0x0002
+ IEXTEN = 0x0020
+ IGNBRK = 0x0004
+ IGNCR = 0x0008
+ INLCR = 0x0020
+ ISIG = 0x0040
+ ISTRIP = 0x0080
+ IXON = 0x0200
+ IXOFF = 0x0100
+ LOCK_SH = 0x1 // Not exist on zOS
+ LOCK_EX = 0x2 // Not exist on zOS
+ LOCK_NB = 0x4 // Not exist on zOS
+ LOCK_UN = 0x8 // Not exist on zOS
+ POLLIN = 0x0003
+ POLLOUT = 0x0004
+ POLLPRI = 0x0010
+ POLLERR = 0x0020
+ POLLHUP = 0x0040
+ POLLNVAL = 0x0080
+ PROT_READ = 0x1 // mmap - page can be read
+ PROT_WRITE = 0x2 // page can be written
+ PROT_NONE = 0x4 // can't be accessed
+ PROT_EXEC = 0x8 // can be executed
+ MAP_PRIVATE = 0x1 // changes are private
+ MAP_SHARED = 0x2 // changes are shared
+ MAP_FIXED = 0x4 // place exactly
+ MCAST_JOIN_GROUP = 40
+ MCAST_LEAVE_GROUP = 41
+ MCAST_JOIN_SOURCE_GROUP = 42
+ MCAST_LEAVE_SOURCE_GROUP = 43
+ MCAST_BLOCK_SOURCE = 44
+ MCAST_UNBLOCK_SOURCE = 45
+ MS_SYNC = 0x1 // msync - synchronous writes
+ MS_ASYNC = 0x2 // asynchronous writes
+ MS_INVALIDATE = 0x4 // invalidate mappings
+ MTM_RDONLY = 0x80000000
+ MTM_RDWR = 0x40000000
+ MTM_UMOUNT = 0x10000000
+ MTM_IMMED = 0x08000000
+ MTM_FORCE = 0x04000000
+ MTM_DRAIN = 0x02000000
+ MTM_RESET = 0x01000000
+ MTM_SAMEMODE = 0x00100000
+ MTM_UNQSEFORCE = 0x00040000
+ MTM_NOSUID = 0x00000400
+ MTM_SYNCHONLY = 0x00000200
+ MTM_REMOUNT = 0x00000100
+ MTM_NOSECURITY = 0x00000080
+ NFDBITS = 0x20
+ O_ACCMODE = 0x03
+ O_APPEND = 0x08
+ O_ASYNCSIG = 0x0200
+ O_CREAT = 0x80
+ O_EXCL = 0x40
+ O_GETFL = 0x0F
+ O_LARGEFILE = 0x0400
+ O_NONBLOCK = 0x04
+ O_RDONLY = 0x02
+ O_RDWR = 0x03
+ O_SYNC = 0x0100
+ O_TRUNC = 0x10
+ O_WRONLY = 0x01
+ O_NOCTTY = 0x20
+ OPOST = 0x0001
+ ONLCR = 0x0004
+ PARENB = 0x0200
+ PARMRK = 0x0400
+ QUERYCVT = 3
+ RUSAGE_CHILDREN = -0x1
+ RUSAGE_SELF = 0x0 // RUSAGE_THREAD unsupported on z/OS
+ SEEK_CUR = 1
+ SEEK_END = 2
+ SEEK_SET = 0
+ SETAUTOCVTALL = 5
+ SETAUTOCVTON = 2
+ SETCVTALL = 4
+ SETCVTOFF = 0
+ SETCVTON = 1
+ AF_APPLETALK = 16
+ AF_CCITT = 10
+ AF_CHAOS = 5
+ AF_DATAKIT = 9
+ AF_DLI = 13
+ AF_ECMA = 8
+ AF_HYLINK = 15
+ AF_IMPLINK = 3
+ AF_INET = 2
+ AF_INET6 = 19
+ AF_INTF = 20
+ AF_IUCV = 17
+ AF_LAT = 14
+ AF_LINK = 18
+ AF_MAX = 30
+ AF_NBS = 7
+ AF_NDD = 23
+ AF_NETWARE = 22
+ AF_NS = 6
+ AF_PUP = 4
+ AF_RIF = 21
+ AF_ROUTE = 20
+ AF_SNA = 11
+ AF_UNIX = 1
+ AF_UNSPEC = 0
+ IBMTCP_IMAGE = 1
+ MSG_ACK_EXPECTED = 0x10
+ MSG_ACK_GEN = 0x40
+ MSG_ACK_TIMEOUT = 0x20
+ MSG_CONNTERM = 0x80
+ MSG_CTRUNC = 0x20
+ MSG_DONTROUTE = 0x4
+ MSG_EOF = 0x8000
+ MSG_EOR = 0x8
+ MSG_MAXIOVLEN = 16
+ MSG_NONBLOCK = 0x4000
+ MSG_OOB = 0x1
+ MSG_PEEK = 0x2
+ MSG_TRUNC = 0x10
+ MSG_WAITALL = 0x40
+ PRIO_PROCESS = 1
+ PRIO_PGRP = 2
+ PRIO_USER = 3
+ RLIMIT_CPU = 0
+ RLIMIT_FSIZE = 1
+ RLIMIT_DATA = 2
+ RLIMIT_STACK = 3
+ RLIMIT_CORE = 4
+ RLIMIT_AS = 5
+ RLIMIT_NOFILE = 6
+ RLIMIT_MEMLIMIT = 7
+ RLIM_INFINITY = 2147483647
+ SCM_RIGHTS = 0x01
+ SF_CLOSE = 0x00000002
+ SF_REUSE = 0x00000001
+ SHUT_RD = 0
+ SHUT_RDWR = 2
+ SHUT_WR = 1
+ SOCK_CONN_DGRAM = 6
+ SOCK_DGRAM = 2
+ SOCK_RAW = 3
+ SOCK_RDM = 4
+ SOCK_SEQPACKET = 5
+ SOCK_STREAM = 1
+ SOL_SOCKET = 0xffff
+ SOMAXCONN = 10
+ SO_ACCEPTCONN = 0x0002
+ SO_ACCEPTECONNABORTED = 0x0006
+ SO_ACKNOW = 0x7700
+ SO_BROADCAST = 0x0020
+ SO_BULKMODE = 0x8000
+ SO_CKSUMRECV = 0x0800
+ SO_CLOSE = 0x01
+ SO_CLUSTERCONNTYPE = 0x00004001
+ SO_CLUSTERCONNTYPE_INTERNAL = 8
+ SO_CLUSTERCONNTYPE_NOCONN = 0
+ SO_CLUSTERCONNTYPE_NONE = 1
+ SO_CLUSTERCONNTYPE_SAME_CLUSTER = 2
+ SO_CLUSTERCONNTYPE_SAME_IMAGE = 4
+ SO_DEBUG = 0x0001
+ SO_DONTROUTE = 0x0010
+ SO_ERROR = 0x1007
+ SO_IGNOREINCOMINGPUSH = 0x1
+ SO_IGNORESOURCEVIPA = 0x0002
+ SO_KEEPALIVE = 0x0008
+ SO_LINGER = 0x0080
+ SO_NONBLOCKLOCAL = 0x8001
+ SO_NOREUSEADDR = 0x1000
+ SO_OOBINLINE = 0x0100
+ SO_OPTACK = 0x8004
+ SO_OPTMSS = 0x8003
+ SO_RCVBUF = 0x1002
+ SO_RCVLOWAT = 0x1004
+ SO_RCVTIMEO = 0x1006
+ SO_REUSEADDR = 0x0004
+ SO_REUSEPORT = 0x0200
+ SO_SECINFO = 0x00004002
+ SO_SET = 0x0200
+ SO_SNDBUF = 0x1001
+ SO_SNDLOWAT = 0x1003
+ SO_SNDTIMEO = 0x1005
+ SO_TYPE = 0x1008
+ SO_UNSET = 0x0400
+ SO_USELOOPBACK = 0x0040
+ SO_USE_IFBUFS = 0x0400
+ S_ISUID = 0x0800
+ S_ISGID = 0x0400
+ S_ISVTX = 0x0200
+ S_IRUSR = 0x0100
+ S_IWUSR = 0x0080
+ S_IXUSR = 0x0040
+ S_IRWXU = 0x01C0
+ S_IRGRP = 0x0020
+ S_IWGRP = 0x0010
+ S_IXGRP = 0x0008
+ S_IRWXG = 0x0038
+ S_IROTH = 0x0004
+ S_IWOTH = 0x0002
+ S_IXOTH = 0x0001
+ S_IRWXO = 0x0007
+ S_IREAD = S_IRUSR
+ S_IWRITE = S_IWUSR
+ S_IEXEC = S_IXUSR
+ S_IFDIR = 0x01000000
+ S_IFCHR = 0x02000000
+ S_IFREG = 0x03000000
+ S_IFFIFO = 0x04000000
+ S_IFIFO = 0x04000000
+ S_IFLNK = 0x05000000
+ S_IFBLK = 0x06000000
+ S_IFSOCK = 0x07000000
+ S_IFVMEXTL = 0xFE000000
+ S_IFVMEXTL_EXEC = 0x00010000
+ S_IFVMEXTL_DATA = 0x00020000
+ S_IFVMEXTL_MEL = 0x00030000
+ S_IFEXTL = 0x00000001
+ S_IFPROGCTL = 0x00000002
+ S_IFAPFCTL = 0x00000004
+ S_IFNOSHARE = 0x00000008
+ S_IFSHARELIB = 0x00000010
+ S_IFMT = 0xFF000000
+ S_IFMST = 0x00FF0000
+ TCP_KEEPALIVE = 0x8
+ TCP_NODELAY = 0x1
+ TCP_INFO = 0xb
+ TCP_USER_TIMEOUT = 0x1
+ TIOCGWINSZ = 0x4008a368
+ TIOCSWINSZ = 0x8008a367
+ TIOCSBRK = 0x2000a77b
+ TIOCCBRK = 0x2000a77a
+ TIOCSTI = 0x8001a772
+ TIOCGPGRP = 0x4004a777 // _IOR(167, 119, int)
+ TCSANOW = 0
+ TCSETS = 0 // equivalent to TCSANOW for tcsetattr
+ TCSADRAIN = 1
+ TCSETSW = 1 // equivalent to TCSADRAIN for tcsetattr
+ TCSAFLUSH = 2
+ TCSETSF = 2 // equivalent to TCSAFLUSH for tcsetattr
+ TCGETS = 3 // not defined in ioctl.h -- zos golang only
+ TCIFLUSH = 0
+ TCOFLUSH = 1
+ TCIOFLUSH = 2
+ TCOOFF = 0
+ TCOON = 1
+ TCIOFF = 2
+ TCION = 3
+ TIOCSPGRP = 0x8004a776
+ TIOCNOTTY = 0x2000a771
+ TIOCEXCL = 0x2000a70d
+ TIOCNXCL = 0x2000a70e
+ TIOCGETD = 0x4004a700
+ TIOCSETD = 0x8004a701
+ TIOCPKT = 0x8004a770
+ TIOCSTOP = 0x2000a76f
+ TIOCSTART = 0x2000a76e
+ TIOCUCNTL = 0x8004a766
+ TIOCREMOTE = 0x8004a769
+ TIOCMGET = 0x4004a76a
+ TIOCMSET = 0x8004a76d
+ TIOCMBIC = 0x8004a76b
+ TIOCMBIS = 0x8004a76c
+ VINTR = 0
+ VQUIT = 1
+ VERASE = 2
+ VKILL = 3
+ VEOF = 4
+ VEOL = 5
+ VMIN = 6
+ VSTART = 7
+ VSTOP = 8
+ VSUSP = 9
+ VTIME = 10
+ WCONTINUED = 0x4
+ WNOHANG = 0x1
+ WUNTRACED = 0x2
+ _BPX_SWAP = 1
+ _BPX_NONSWAP = 2
+ MCL_CURRENT = 1 // for Linux compatibility -- no zos semantics
+ MCL_FUTURE = 2 // for Linux compatibility -- no zos semantics
+ MCL_ONFAULT = 3 // for Linux compatibility -- no zos semantics
+ MADV_NORMAL = 0 // for Linux compatibility -- no zos semantics
+ MADV_RANDOM = 1 // for Linux compatibility -- no zos semantics
+ MADV_SEQUENTIAL = 2 // for Linux compatibility -- no zos semantics
+ MADV_WILLNEED = 3 // for Linux compatibility -- no zos semantics
+ MADV_REMOVE = 4 // for Linux compatibility -- no zos semantics
+ MADV_DONTFORK = 5 // for Linux compatibility -- no zos semantics
+ MADV_DOFORK = 6 // for Linux compatibility -- no zos semantics
+ MADV_HWPOISON = 7 // for Linux compatibility -- no zos semantics
+ MADV_MERGEABLE = 8 // for Linux compatibility -- no zos semantics
+ MADV_UNMERGEABLE = 9 // for Linux compatibility -- no zos semantics
+ MADV_SOFT_OFFLINE = 10 // for Linux compatibility -- no zos semantics
+ MADV_HUGEPAGE = 11 // for Linux compatibility -- no zos semantics
+ MADV_NOHUGEPAGE = 12 // for Linux compatibility -- no zos semantics
+ MADV_DONTDUMP = 13 // for Linux compatibility -- no zos semantics
+ MADV_DODUMP = 14 // for Linux compatibility -- no zos semantics
+ MADV_FREE = 15 // for Linux compatibility -- no zos semantics
+ MADV_WIPEONFORK = 16 // for Linux compatibility -- no zos semantics
+ MADV_KEEPONFORK = 17 // for Linux compatibility -- no zos semantics
+ AT_SYMLINK_NOFOLLOW = 1 // for Unix compatibility -- no zos semantics
+ AT_FDCWD = 2 // for Unix compatibility -- no zos semantics
+)
+
+const (
+ EDOM = Errno(1)
+ ERANGE = Errno(2)
+ EACCES = Errno(111)
+ EAGAIN = Errno(112)
+ EBADF = Errno(113)
+ EBUSY = Errno(114)
+ ECHILD = Errno(115)
+ EDEADLK = Errno(116)
+ EEXIST = Errno(117)
+ EFAULT = Errno(118)
+ EFBIG = Errno(119)
+ EINTR = Errno(120)
+ EINVAL = Errno(121)
+ EIO = Errno(122)
+ EISDIR = Errno(123)
+ EMFILE = Errno(124)
+ EMLINK = Errno(125)
+ ENAMETOOLONG = Errno(126)
+ ENFILE = Errno(127)
+ ENODEV = Errno(128)
+ ENOENT = Errno(129)
+ ENOEXEC = Errno(130)
+ ENOLCK = Errno(131)
+ ENOMEM = Errno(132)
+ ENOSPC = Errno(133)
+ ENOSYS = Errno(134)
+ ENOTDIR = Errno(135)
+ ENOTEMPTY = Errno(136)
+ ENOTTY = Errno(137)
+ ENXIO = Errno(138)
+ EPERM = Errno(139)
+ EPIPE = Errno(140)
+ EROFS = Errno(141)
+ ESPIPE = Errno(142)
+ ESRCH = Errno(143)
+ EXDEV = Errno(144)
+ E2BIG = Errno(145)
+ ELOOP = Errno(146)
+ EILSEQ = Errno(147)
+ ENODATA = Errno(148)
+ EOVERFLOW = Errno(149)
+ EMVSNOTUP = Errno(150)
+ ECMSSTORAGE = Errno(151)
+ EMVSDYNALC = Errno(151)
+ EMVSCVAF = Errno(152)
+ EMVSCATLG = Errno(153)
+ ECMSINITIAL = Errno(156)
+ EMVSINITIAL = Errno(156)
+ ECMSERR = Errno(157)
+ EMVSERR = Errno(157)
+ EMVSPARM = Errno(158)
+ ECMSPFSFILE = Errno(159)
+ EMVSPFSFILE = Errno(159)
+ EMVSBADCHAR = Errno(160)
+ ECMSPFSPERM = Errno(162)
+ EMVSPFSPERM = Errno(162)
+ EMVSSAFEXTRERR = Errno(163)
+ EMVSSAF2ERR = Errno(164)
+ EMVSTODNOTSET = Errno(165)
+ EMVSPATHOPTS = Errno(166)
+ EMVSNORTL = Errno(167)
+ EMVSEXPIRE = Errno(168)
+ EMVSPASSWORD = Errno(169)
+ EMVSWLMERROR = Errno(170)
+ EMVSCPLERROR = Errno(171)
+ EMVSARMERROR = Errno(172)
+ ELENOFORK = Errno(200)
+ ELEMSGERR = Errno(201)
+ EFPMASKINV = Errno(202)
+ EFPMODEINV = Errno(203)
+ EBUFLEN = Errno(227)
+ EEXTLINK = Errno(228)
+ ENODD = Errno(229)
+ ECMSESMERR = Errno(230)
+ ECPERR = Errno(231)
+ ELEMULTITHREAD = Errno(232)
+ ELEFENCE = Errno(244)
+ EBADDATA = Errno(245)
+ EUNKNOWN = Errno(246)
+ ENOTSUP = Errno(247)
+ EBADNAME = Errno(248)
+ ENOTSAFE = Errno(249)
+ ELEMULTITHREADFORK = Errno(257)
+ ECUNNOENV = Errno(258)
+ ECUNNOCONV = Errno(259)
+ ECUNNOTALIGNED = Errno(260)
+ ECUNERR = Errno(262)
+ EIBMBADCALL = Errno(1000)
+ EIBMBADPARM = Errno(1001)
+ EIBMSOCKOUTOFRANGE = Errno(1002)
+ EIBMSOCKINUSE = Errno(1003)
+ EIBMIUCVERR = Errno(1004)
+ EOFFLOADboxERROR = Errno(1005)
+ EOFFLOADboxRESTART = Errno(1006)
+ EOFFLOADboxDOWN = Errno(1007)
+ EIBMCONFLICT = Errno(1008)
+ EIBMCANCELLED = Errno(1009)
+ EIBMBADTCPNAME = Errno(1011)
+ ENOTBLK = Errno(1100)
+ ETXTBSY = Errno(1101)
+ EWOULDBLOCK = Errno(1102)
+ EINPROGRESS = Errno(1103)
+ EALREADY = Errno(1104)
+ ENOTSOCK = Errno(1105)
+ EDESTADDRREQ = Errno(1106)
+ EMSGSIZE = Errno(1107)
+ EPROTOTYPE = Errno(1108)
+ ENOPROTOOPT = Errno(1109)
+ EPROTONOSUPPORT = Errno(1110)
+ ESOCKTNOSUPPORT = Errno(1111)
+ EOPNOTSUPP = Errno(1112)
+ EPFNOSUPPORT = Errno(1113)
+ EAFNOSUPPORT = Errno(1114)
+ EADDRINUSE = Errno(1115)
+ EADDRNOTAVAIL = Errno(1116)
+ ENETDOWN = Errno(1117)
+ ENETUNREACH = Errno(1118)
+ ENETRESET = Errno(1119)
+ ECONNABORTED = Errno(1120)
+ ECONNRESET = Errno(1121)
+ ENOBUFS = Errno(1122)
+ EISCONN = Errno(1123)
+ ENOTCONN = Errno(1124)
+ ESHUTDOWN = Errno(1125)
+ ETOOMANYREFS = Errno(1126)
+ ETIMEDOUT = Errno(1127)
+ ECONNREFUSED = Errno(1128)
+ EHOSTDOWN = Errno(1129)
+ EHOSTUNREACH = Errno(1130)
+ EPROCLIM = Errno(1131)
+ EUSERS = Errno(1132)
+ EDQUOT = Errno(1133)
+ ESTALE = Errno(1134)
+ EREMOTE = Errno(1135)
+ ENOSTR = Errno(1136)
+ ETIME = Errno(1137)
+ ENOSR = Errno(1138)
+ ENOMSG = Errno(1139)
+ EBADMSG = Errno(1140)
+ EIDRM = Errno(1141)
+ ENONET = Errno(1142)
+ ERREMOTE = Errno(1143)
+ ENOLINK = Errno(1144)
+ EADV = Errno(1145)
+ ESRMNT = Errno(1146)
+ ECOMM = Errno(1147)
+ EPROTO = Errno(1148)
+ EMULTIHOP = Errno(1149)
+ EDOTDOT = Errno(1150)
+ EREMCHG = Errno(1151)
+ ECANCELED = Errno(1152)
+ EINTRNODATA = Errno(1159)
+ ENOREUSE = Errno(1160)
+ ENOMOVE = Errno(1161)
+)
+
+// Signals
+const (
+ SIGHUP = Signal(1)
+ SIGINT = Signal(2)
+ SIGABRT = Signal(3)
+ SIGILL = Signal(4)
+ SIGPOLL = Signal(5)
+ SIGURG = Signal(6)
+ SIGSTOP = Signal(7)
+ SIGFPE = Signal(8)
+ SIGKILL = Signal(9)
+ SIGBUS = Signal(10)
+ SIGSEGV = Signal(11)
+ SIGSYS = Signal(12)
+ SIGPIPE = Signal(13)
+ SIGALRM = Signal(14)
+ SIGTERM = Signal(15)
+ SIGUSR1 = Signal(16)
+ SIGUSR2 = Signal(17)
+ SIGABND = Signal(18)
+ SIGCONT = Signal(19)
+ SIGCHLD = Signal(20)
+ SIGTTIN = Signal(21)
+ SIGTTOU = Signal(22)
+ SIGIO = Signal(23)
+ SIGQUIT = Signal(24)
+ SIGTSTP = Signal(25)
+ SIGTRAP = Signal(26)
+ SIGIOERR = Signal(27)
+ SIGWINCH = Signal(28)
+ SIGXCPU = Signal(29)
+ SIGXFSZ = Signal(30)
+ SIGVTALRM = Signal(31)
+ SIGPROF = Signal(32)
+ SIGDANGER = Signal(33)
+ SIGTHSTOP = Signal(34)
+ SIGTHCONT = Signal(35)
+ SIGTRACE = Signal(37)
+ SIGDCE = Signal(38)
+ SIGDUMP = Signal(39)
+)
+
+// Error table
+var errorList = [...]struct {
+ num Errno
+ name string
+ desc string
+}{
+ {1, "EDC5001I", "A domain error occurred."},
+ {2, "EDC5002I", "A range error occurred."},
+ {111, "EDC5111I", "Permission denied."},
+ {112, "EDC5112I", "Resource temporarily unavailable."},
+ {113, "EDC5113I", "Bad file descriptor."},
+ {114, "EDC5114I", "Resource busy."},
+ {115, "EDC5115I", "No child processes."},
+ {116, "EDC5116I", "Resource deadlock avoided."},
+ {117, "EDC5117I", "File exists."},
+ {118, "EDC5118I", "Incorrect address."},
+ {119, "EDC5119I", "File too large."},
+ {120, "EDC5120I", "Interrupted function call."},
+ {121, "EDC5121I", "Invalid argument."},
+ {122, "EDC5122I", "Input/output error."},
+ {123, "EDC5123I", "Is a directory."},
+ {124, "EDC5124I", "Too many open files."},
+ {125, "EDC5125I", "Too many links."},
+ {126, "EDC5126I", "Filename too long."},
+ {127, "EDC5127I", "Too many open files in system."},
+ {128, "EDC5128I", "No such device."},
+ {129, "EDC5129I", "No such file or directory."},
+ {130, "EDC5130I", "Exec format error."},
+ {131, "EDC5131I", "No locks available."},
+ {132, "EDC5132I", "Not enough memory."},
+ {133, "EDC5133I", "No space left on device."},
+ {134, "EDC5134I", "Function not implemented."},
+ {135, "EDC5135I", "Not a directory."},
+ {136, "EDC5136I", "Directory not empty."},
+ {137, "EDC5137I", "Inappropriate I/O control operation."},
+ {138, "EDC5138I", "No such device or address."},
+ {139, "EDC5139I", "Operation not permitted."},
+ {140, "EDC5140I", "Broken pipe."},
+ {141, "EDC5141I", "Read-only file system."},
+ {142, "EDC5142I", "Invalid seek."},
+ {143, "EDC5143I", "No such process."},
+ {144, "EDC5144I", "Improper link."},
+ {145, "EDC5145I", "The parameter list is too long, or the message to receive was too large for the buffer."},
+ {146, "EDC5146I", "Too many levels of symbolic links."},
+ {147, "EDC5147I", "Illegal byte sequence."},
+ {148, "", ""},
+ {149, "EDC5149I", "Value Overflow Error."},
+ {150, "EDC5150I", "UNIX System Services is not active."},
+ {151, "EDC5151I", "Dynamic allocation error."},
+ {152, "EDC5152I", "Common VTOC access facility (CVAF) error."},
+ {153, "EDC5153I", "Catalog obtain error."},
+ {156, "EDC5156I", "Process initialization error."},
+ {157, "EDC5157I", "An internal error has occurred."},
+ {158, "EDC5158I", "Bad parameters were passed to the service."},
+ {159, "EDC5159I", "The Physical File System encountered a permanent file error."},
+ {160, "EDC5160I", "Bad character in environment variable name."},
+ {162, "EDC5162I", "The Physical File System encountered a system error."},
+ {163, "EDC5163I", "SAF/RACF extract error."},
+ {164, "EDC5164I", "SAF/RACF error."},
+ {165, "EDC5165I", "System TOD clock not set."},
+ {166, "EDC5166I", "Access mode argument on function call conflicts with PATHOPTS parameter on JCL DD statement."},
+ {167, "EDC5167I", "Access to the UNIX System Services version of the C RTL is denied."},
+ {168, "EDC5168I", "Password has expired."},
+ {169, "EDC5169I", "Password is invalid."},
+ {170, "EDC5170I", "An error was encountered with WLM."},
+ {171, "EDC5171I", "An error was encountered with CPL."},
+ {172, "EDC5172I", "An error was encountered with Application Response Measurement (ARM) component."},
+ {200, "EDC5200I", "The application contains a Language Environment member language that cannot tolerate a fork()."},
+ {201, "EDC5201I", "The Language Environment message file was not found in the hierarchical file system."},
+ {202, "EDC5202E", "DLL facilities are not supported under SPC environment."},
+ {203, "EDC5203E", "DLL facilities are not supported under POSIX environment."},
+ {227, "EDC5227I", "Buffer is not long enough to contain a path definition"},
+ {228, "EDC5228I", "The file referred to is an external link"},
+ {229, "EDC5229I", "No path definition for ddname in effect"},
+ {230, "EDC5230I", "ESM error."},
+ {231, "EDC5231I", "CP or the external security manager had an error"},
+ {232, "EDC5232I", "The function failed because it was invoked from a multithread environment."},
+ {244, "EDC5244I", "The program, module or DLL is not supported in this environment."},
+ {245, "EDC5245I", "Data is not valid."},
+ {246, "EDC5246I", "Unknown system state."},
+ {247, "EDC5247I", "Operation not supported."},
+ {248, "EDC5248I", "The object name specified is not correct."},
+ {249, "EDC5249I", "The function is not allowed."},
+ {257, "EDC5257I", "Function cannot be called in the child process of a fork() from a multithreaded process until exec() is called."},
+ {258, "EDC5258I", "A CUN_RS_NO_UNI_ENV error was issued by Unicode Services."},
+ {259, "EDC5259I", "A CUN_RS_NO_CONVERSION error was issued by Unicode Services."},
+ {260, "EDC5260I", "A CUN_RS_TABLE_NOT_ALIGNED error was issued by Unicode Services."},
+ {262, "EDC5262I", "An iconv() function encountered an unexpected error while using Unicode Services."},
+ {1000, "EDC8000I", "A bad socket-call constant was found in the IUCV header."},
+ {1001, "EDC8001I", "An error was found in the IUCV header."},
+ {1002, "EDC8002I", "A socket descriptor is out of range."},
+ {1003, "EDC8003I", "A socket descriptor is in use."},
+ {1004, "EDC8004I", "Request failed because of an IUCV error."},
+ {1005, "EDC8005I", "Offload box error."},
+ {1006, "EDC8006I", "Offload box restarted."},
+ {1007, "EDC8007I", "Offload box down."},
+ {1008, "EDC8008I", "Already a conflicting call outstanding on socket."},
+ {1009, "EDC8009I", "Request cancelled using a SOCKcallCANCEL request."},
+ {1011, "EDC8011I", "A name of a PFS was specified that either is not configured or is not a Sockets PFS."},
+ {1100, "EDC8100I", "Block device required."},
+ {1101, "EDC8101I", "Text file busy."},
+ {1102, "EDC8102I", "Operation would block."},
+ {1103, "EDC8103I", "Operation now in progress."},
+ {1104, "EDC8104I", "Connection already in progress."},
+ {1105, "EDC8105I", "Socket operation on non-socket."},
+ {1106, "EDC8106I", "Destination address required."},
+ {1107, "EDC8107I", "Message too long."},
+ {1108, "EDC8108I", "Protocol wrong type for socket."},
+ {1109, "EDC8109I", "Protocol not available."},
+ {1110, "EDC8110I", "Protocol not supported."},
+ {1111, "EDC8111I", "Socket type not supported."},
+ {1112, "EDC8112I", "Operation not supported on socket."},
+ {1113, "EDC8113I", "Protocol family not supported."},
+ {1114, "EDC8114I", "Address family not supported."},
+ {1115, "EDC8115I", "Address already in use."},
+ {1116, "EDC8116I", "Address not available."},
+ {1117, "EDC8117I", "Network is down."},
+ {1118, "EDC8118I", "Network is unreachable."},
+ {1119, "EDC8119I", "Network dropped connection on reset."},
+ {1120, "EDC8120I", "Connection ended abnormally."},
+ {1121, "EDC8121I", "Connection reset."},
+ {1122, "EDC8122I", "No buffer space available."},
+ {1123, "EDC8123I", "Socket already connected."},
+ {1124, "EDC8124I", "Socket not connected."},
+ {1125, "EDC8125I", "Can't send after socket shutdown."},
+ {1126, "EDC8126I", "Too many references; can't splice."},
+ {1127, "EDC8127I", "Connection timed out."},
+ {1128, "EDC8128I", "Connection refused."},
+ {1129, "EDC8129I", "Host is not available."},
+ {1130, "EDC8130I", "Host cannot be reached."},
+ {1131, "EDC8131I", "Too many processes."},
+ {1132, "EDC8132I", "Too many users."},
+ {1133, "EDC8133I", "Disk quota exceeded."},
+ {1134, "EDC8134I", "Stale file handle."},
+ {1135, "", ""},
+ {1136, "EDC8136I", "File is not a STREAM."},
+ {1137, "EDC8137I", "STREAMS ioctl() timeout."},
+ {1138, "EDC8138I", "No STREAMS resources."},
+ {1139, "EDC8139I", "The message identified by set_id and msg_id is not in the message catalog."},
+ {1140, "EDC8140I", "Bad message."},
+ {1141, "EDC8141I", "Identifier removed."},
+ {1142, "", ""},
+ {1143, "", ""},
+ {1144, "EDC8144I", "The link has been severed."},
+ {1145, "", ""},
+ {1146, "", ""},
+ {1147, "", ""},
+ {1148, "EDC8148I", "Protocol error."},
+ {1149, "EDC8149I", "Multihop not allowed."},
+ {1150, "", ""},
+ {1151, "", ""},
+ {1152, "EDC8152I", "The asynchronous I/O request has been canceled."},
+ {1159, "EDC8159I", "Function call was interrupted before any data was received."},
+ {1160, "EDC8160I", "Socket reuse is not supported."},
+ {1161, "EDC8161I", "The file system cannot currently be moved."},
+}
+
+// Signal table
+var signalList = [...]struct {
+ num Signal
+ name string
+ desc string
+}{
+ {1, "SIGHUP", "hangup"},
+ {2, "SIGINT", "interrupt"},
+ {3, "SIGABT", "aborted"},
+ {4, "SIGILL", "illegal instruction"},
+ {5, "SIGPOLL", "pollable event"},
+ {6, "SIGURG", "urgent I/O condition"},
+ {7, "SIGSTOP", "stop process"},
+ {8, "SIGFPE", "floating point exception"},
+ {9, "SIGKILL", "killed"},
+ {10, "SIGBUS", "bus error"},
+ {11, "SIGSEGV", "segmentation fault"},
+ {12, "SIGSYS", "bad argument to routine"},
+ {13, "SIGPIPE", "broken pipe"},
+ {14, "SIGALRM", "alarm clock"},
+ {15, "SIGTERM", "terminated"},
+ {16, "SIGUSR1", "user defined signal 1"},
+ {17, "SIGUSR2", "user defined signal 2"},
+ {18, "SIGABND", "abend"},
+ {19, "SIGCONT", "continued"},
+ {20, "SIGCHLD", "child exited"},
+ {21, "SIGTTIN", "stopped (tty input)"},
+ {22, "SIGTTOU", "stopped (tty output)"},
+ {23, "SIGIO", "I/O possible"},
+ {24, "SIGQUIT", "quit"},
+ {25, "SIGTSTP", "stopped"},
+ {26, "SIGTRAP", "trace/breakpoint trap"},
+ {27, "SIGIOER", "I/O error"},
+ {28, "SIGWINCH", "window changed"},
+ {29, "SIGXCPU", "CPU time limit exceeded"},
+ {30, "SIGXFSZ", "file size limit exceeded"},
+ {31, "SIGVTALRM", "virtual timer expired"},
+ {32, "SIGPROF", "profiling timer expired"},
+ {33, "SIGDANGER", "danger"},
+ {34, "SIGTHSTOP", "stop thread"},
+ {35, "SIGTHCONT", "continue thread"},
+ {37, "SIGTRACE", "trace"},
+ {38, "", "DCE"},
+ {39, "SIGDUMP", "dump"},
+}
diff --git a/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go b/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
index 89c5920e..bd001a6e 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
@@ -1,5 +1,6 @@
// Code generated by linux/mkall.go generatePtracePair("arm", "arm64"). DO NOT EDIT.
+//go:build linux && (arm || arm64)
// +build linux
// +build arm arm64
diff --git a/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go b/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
index 24b841ee..c34d0639 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
@@ -1,5 +1,6 @@
// Code generated by linux/mkall.go generatePtracePair("mips", "mips64"). DO NOT EDIT.
+//go:build linux && (mips || mips64)
// +build linux
// +build mips mips64
diff --git a/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go b/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
index 47b04895..3ccf0c0c 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
@@ -1,5 +1,6 @@
// Code generated by linux/mkall.go generatePtracePair("mipsle", "mips64le"). DO NOT EDIT.
+//go:build linux && (mipsle || mips64le)
// +build linux
// +build mipsle mips64le
diff --git a/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go b/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
index ea5d9cb5..7d658570 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
@@ -1,5 +1,6 @@
// Code generated by linux/mkall.go generatePtracePair("386", "amd64"). DO NOT EDIT.
+//go:build linux && (386 || amd64)
// +build linux
// +build 386 amd64
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
index ed657ff1..91a23cc7 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
@@ -1,6 +1,7 @@
// go run mksyscall_aix_ppc.go -aix -tags aix,ppc syscall_aix.go syscall_aix_ppc.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build aix && ppc
// +build aix,ppc
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
index 664b293b..33c2609b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
@@ -1,6 +1,7 @@
// go run mksyscall_aix_ppc64.go -aix -tags aix,ppc64 syscall_aix.go syscall_aix_ppc64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build aix && ppc64
// +build aix,ppc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
index 0550da06..8b737fa9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
@@ -1,8 +1,8 @@
// go run mksyscall_aix_ppc64.go -aix -tags aix,ppc64 syscall_aix.go syscall_aix_ppc64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
-// +build aix,ppc64
-// +build gc
+//go:build aix && ppc64 && gc
+// +build aix,ppc64,gc
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
index cde4dbc5..3c260917 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
@@ -1,8 +1,8 @@
// go run mksyscall_aix_ppc64.go -aix -tags aix,ppc64 syscall_aix.go syscall_aix_ppc64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
-// +build aix,ppc64
-// +build gccgo
+//go:build aix && ppc64 && gccgo
+// +build aix,ppc64,gccgo
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go
deleted file mode 100644
index c8c142c5..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.go
+++ /dev/null
@@ -1,39 +0,0 @@
-// go run mksyscall.go -l32 -tags darwin,386,go1.13 syscall_darwin.1_13.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build darwin,386,go1.13
-
-package unix
-
-import (
- "syscall"
- "unsafe"
-)
-
-var _ syscall.Errno
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func closedir(dir uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_closedir_trampoline()
-
-//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
- r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
- res = Errno(r0)
- return
-}
-
-func libc_readdir_r_trampoline()
-
-//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.s
deleted file mode 100644
index 00da1ebf..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.1_13.s
+++ /dev/null
@@ -1,12 +0,0 @@
-// go run mkasm_darwin.go 386
-// Code generated by the command above; DO NOT EDIT.
-
-// +build go1.13
-
-#include "textflag.h"
-TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fdopendir(SB)
-TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_closedir(SB)
-TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readdir_r(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go
deleted file mode 100644
index 38771834..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.go
+++ /dev/null
@@ -1,2430 +0,0 @@
-// go run mksyscall.go -l32 -tags darwin,386,go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_386.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build darwin,386,go1.12
-
-package unix
-
-import (
- "syscall"
- "unsafe"
-)
-
-var _ syscall.Errno
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getgroups_trampoline()
-
-//go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setgroups(ngid int, gid *_Gid_t) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setgroups_trampoline()
-
-//go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_wait4_trampoline), uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
- wpid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_wait4_trampoline()
-
-//go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_accept_trampoline), uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_accept_trampoline()
-
-//go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_bind_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_bind_trampoline()
-
-//go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_connect_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_connect_trampoline()
-
-//go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func socket(domain int, typ int, proto int) (fd int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_socket_trampoline), uintptr(domain), uintptr(typ), uintptr(proto))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_socket_trampoline()
-
-//go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_getsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsockopt_trampoline()
-
-//go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setsockopt_trampoline()
-
-//go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getpeername_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpeername_trampoline()
-
-//go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getsockname_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsockname_trampoline()
-
-//go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Shutdown(s int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_shutdown_trampoline), uintptr(s), uintptr(how), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_shutdown_trampoline()
-
-//go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall6(funcPC(libc_socketpair_trampoline), uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_socketpair_trampoline()
-
-//go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_recvfrom_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_recvfrom_trampoline()
-
-//go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) {
- var _p0 unsafe.Pointer
- if len(buf) > 0 {
- _p0 = unsafe.Pointer(&buf[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_sendto_trampoline), uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendto_trampoline()
-
-//go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_recvmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_recvmsg_trampoline()
-
-//go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_sendmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendmsg_trampoline()
-
-//go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, nevent int, timeout *Timespec) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_kevent_trampoline), uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kevent_trampoline()
-
-//go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func utimes(path string, timeval *[2]Timeval) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_utimes_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_utimes_trampoline()
-
-//go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func futimes(fd int, timeval *[2]Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_futimes_trampoline), uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_futimes_trampoline()
-
-//go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_poll_trampoline), uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_poll_trampoline()
-
-//go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Madvise(b []byte, behav int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_madvise_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(behav))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_madvise_trampoline()
-
-//go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mlock(b []byte) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mlock_trampoline()
-
-//go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mlockall(flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_mlockall_trampoline), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mlockall_trampoline()
-
-//go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mprotect(b []byte, prot int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mprotect_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(prot))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mprotect_trampoline()
-
-//go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Msync(b []byte, flags int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_msync_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_msync_trampoline()
-
-//go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Munlock(b []byte) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_munlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munlock_trampoline()
-
-//go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Munlockall() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munlockall_trampoline), 0, 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munlockall_trampoline()
-
-//go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func pipe(p *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pipe_trampoline()
-
-//go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getxattr(path string, attr string, dest *byte, size int, position uint32, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_getxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getxattr_trampoline()
-
-//go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_fgetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fgetxattr_trampoline()
-
-//go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setxattr(path string, attr string, data *byte, size int, position uint32, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_setxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setxattr_trampoline()
-
-//go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fsetxattr(fd int, attr string, data *byte, size int, position uint32, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fsetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fsetxattr_trampoline()
-
-//go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func removexattr(path string, attr string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_removexattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_removexattr_trampoline()
-
-//go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fremovexattr(fd int, attr string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_fremovexattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fremovexattr_trampoline()
-
-//go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func listxattr(path string, dest *byte, size int, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_listxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_listxattr_trampoline()
-
-//go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_flistxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_flistxattr_trampoline()
-
-//go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setattrlist_trampoline), uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setattrlist_trampoline()
-
-//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fcntl(fd int, cmd int, arg int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fcntl_trampoline), uintptr(fd), uintptr(cmd), uintptr(arg))
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fcntl_trampoline()
-
-//go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func kill(pid int, signum int, posix int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_kill_trampoline), uintptr(pid), uintptr(signum), uintptr(posix))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kill_trampoline()
-
-//go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func ioctl(fd int, req uint, arg uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ioctl_trampoline), uintptr(fd), uintptr(req), uintptr(arg))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_ioctl_trampoline()
-
-//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
- var _p0 unsafe.Pointer
- if len(mib) > 0 {
- _p0 = unsafe.Pointer(&mib[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_sysctl_trampoline), uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sysctl_trampoline()
-
-//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
- _, _, e1 := syscall_syscall9(funcPC(libc_sendfile_trampoline), uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(offset>>32), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendfile_trampoline()
-
-//go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Access(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_access_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_access_trampoline()
-
-//go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Adjtime(delta *Timeval, olddelta *Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_adjtime_trampoline), uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_adjtime_trampoline()
-
-//go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chdir(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chdir_trampoline()
-
-//go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chflags(path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chflags_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chflags_trampoline()
-
-//go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chmod(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chmod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chmod_trampoline()
-
-//go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chown(path string, uid int, gid int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chown_trampoline()
-
-//go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chroot(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chroot_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chroot_trampoline()
-
-//go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func ClockGettime(clockid int32, time *Timespec) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_clock_gettime_trampoline), uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clock_gettime_trampoline()
-
-//go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Close(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_close_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_close_trampoline()
-
-//go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Clonefile(src string, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(src)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_clonefile_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clonefile_trampoline()
-
-//go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(src)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_clonefileat_trampoline), uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clonefileat_trampoline()
-
-//go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Dup(fd int) (nfd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_dup_trampoline), uintptr(fd), 0, 0)
- nfd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_dup_trampoline()
-
-//go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Dup2(from int, to int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_dup2_trampoline), uintptr(from), uintptr(to), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_dup2_trampoline()
-
-//go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Exchangedata(path1 string, path2 string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path1)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(path2)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_exchangedata_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_exchangedata_trampoline()
-
-//go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Exit(code int) {
- syscall_syscall(funcPC(libc_exit_trampoline), uintptr(code), 0, 0)
- return
-}
-
-func libc_exit_trampoline()
-
-//go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_faccessat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_faccessat_trampoline()
-
-//go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchdir(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchdir_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchdir_trampoline()
-
-//go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchflags(fd int, flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchflags_trampoline), uintptr(fd), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchflags_trampoline()
-
-//go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchmod(fd int, mode uint32) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchmod_trampoline), uintptr(fd), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchmod_trampoline()
-
-//go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fchmodat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchmodat_trampoline()
-
-//go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchown(fd int, uid int, gid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchown_trampoline), uintptr(fd), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchown_trampoline()
-
-//go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fchownat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchownat_trampoline()
-
-//go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fclonefileat_trampoline), uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fclonefileat_trampoline()
-
-//go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Flock(fd int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_flock_trampoline), uintptr(fd), uintptr(how), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_flock_trampoline()
-
-//go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fpathconf(fd int, name int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fpathconf_trampoline), uintptr(fd), uintptr(name), 0)
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fpathconf_trampoline()
-
-//go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fsync(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fsync_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fsync_trampoline()
-
-//go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Ftruncate(fd int, length int64) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ftruncate_trampoline), uintptr(fd), uintptr(length), uintptr(length>>32))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_ftruncate_trampoline()
-
-//go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getcwd(buf []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(buf) > 0 {
- _p0 = unsafe.Pointer(&buf[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_getcwd_trampoline), uintptr(_p0), uintptr(len(buf)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getcwd_trampoline()
-
-//go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getdtablesize() (size int) {
- r0, _, _ := syscall_syscall(funcPC(libc_getdtablesize_trampoline), 0, 0, 0)
- size = int(r0)
- return
-}
-
-func libc_getdtablesize_trampoline()
-
-//go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getegid() (egid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getegid_trampoline), 0, 0, 0)
- egid = int(r0)
- return
-}
-
-func libc_getegid_trampoline()
-
-//go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Geteuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_geteuid_trampoline), 0, 0, 0)
- uid = int(r0)
- return
-}
-
-func libc_geteuid_trampoline()
-
-//go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getgid() (gid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getgid_trampoline), 0, 0, 0)
- gid = int(r0)
- return
-}
-
-func libc_getgid_trampoline()
-
-//go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpgid(pid int) (pgid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getpgid_trampoline), uintptr(pid), 0, 0)
- pgid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpgid_trampoline()
-
-//go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpgrp() (pgrp int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpgrp_trampoline), 0, 0, 0)
- pgrp = int(r0)
- return
-}
-
-func libc_getpgrp_trampoline()
-
-//go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpid() (pid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpid_trampoline), 0, 0, 0)
- pid = int(r0)
- return
-}
-
-func libc_getpid_trampoline()
-
-//go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getppid() (ppid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getppid_trampoline), 0, 0, 0)
- ppid = int(r0)
- return
-}
-
-func libc_getppid_trampoline()
-
-//go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpriority(which int, who int) (prio int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getpriority_trampoline), uintptr(which), uintptr(who), 0)
- prio = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpriority_trampoline()
-
-//go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getrlimit_trampoline()
-
-//go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getrusage(who int, rusage *Rusage) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrusage_trampoline), uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getrusage_trampoline()
-
-//go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getsid(pid int) (sid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getsid_trampoline), uintptr(pid), 0, 0)
- sid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsid_trampoline()
-
-//go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Gettimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_gettimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_gettimeofday_trampoline()
-
-//go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getuid_trampoline), 0, 0, 0)
- uid = int(r0)
- return
-}
-
-func libc_getuid_trampoline()
-
-//go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Issetugid() (tainted bool) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_issetugid_trampoline), 0, 0, 0)
- tainted = bool(r0 != 0)
- return
-}
-
-func libc_issetugid_trampoline()
-
-//go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Kqueue() (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_kqueue_trampoline), 0, 0, 0)
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kqueue_trampoline()
-
-//go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Lchown(path string, uid int, gid int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_lchown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lchown_trampoline()
-
-//go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Link(path string, link string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_link_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_link_trampoline()
-
-//go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_linkat_trampoline), uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_linkat_trampoline()
-
-//go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Listen(s int, backlog int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_listen_trampoline), uintptr(s), uintptr(backlog), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_listen_trampoline()
-
-//go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkdir(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkdir_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkdir_trampoline()
-
-//go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkdirat(dirfd int, path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkdirat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkdirat_trampoline()
-
-//go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkfifo(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkfifo_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkfifo_trampoline()
-
-//go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mknod(path string, mode uint32, dev int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mknod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mknod_trampoline()
-
-//go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Open(path string, mode int, perm uint32) (fd int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_open_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_open_trampoline()
-
-//go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_openat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_openat_trampoline()
-
-//go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pathconf(path string, name int) (val int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_pathconf_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pathconf_trampoline()
-
-//go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pread(fd int, p []byte, offset int64) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_pread_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), uintptr(offset>>32), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pread_trampoline()
-
-//go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_pwrite_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), uintptr(offset>>32), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pwrite_trampoline()
-
-//go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func read(fd int, p []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_read_trampoline()
-
-//go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Readlink(path string, buf []byte) (n int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 unsafe.Pointer
- if len(buf) > 0 {
- _p1 = unsafe.Pointer(&buf[0])
- } else {
- _p1 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_readlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_readlink_trampoline()
-
-//go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 unsafe.Pointer
- if len(buf) > 0 {
- _p1 = unsafe.Pointer(&buf[0])
- } else {
- _p1 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_readlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_readlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Rename(from string, to string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(from)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(to)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_rename_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_rename_trampoline()
-
-//go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Renameat(fromfd int, from string, tofd int, to string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(from)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(to)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_renameat_trampoline), uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_renameat_trampoline()
-
-//go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Revoke(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_revoke_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_revoke_trampoline()
-
-//go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Rmdir(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_rmdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_rmdir_trampoline()
-
-//go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
- r0, r1, e1 := syscall_syscall6(funcPC(libc_lseek_trampoline), uintptr(fd), uintptr(offset), uintptr(offset>>32), uintptr(whence), 0, 0)
- newoffset = int64(int64(r1)<<32 | int64(r0))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lseek_trampoline()
-
-//go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_select_trampoline()
-
-//go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setegid(egid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setegid_trampoline), uintptr(egid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setegid_trampoline()
-
-//go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Seteuid(euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_seteuid_trampoline), uintptr(euid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_seteuid_trampoline()
-
-//go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setgid(gid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgid_trampoline), uintptr(gid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setgid_trampoline()
-
-//go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setlogin(name string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(name)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_setlogin_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setlogin_trampoline()
-
-//go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setpgid(pid int, pgid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setpgid_trampoline), uintptr(pid), uintptr(pgid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setpgid_trampoline()
-
-//go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setpriority(which int, who int, prio int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setpriority_trampoline), uintptr(which), uintptr(who), uintptr(prio))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setpriority_trampoline()
-
-//go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setprivexec(flag int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setprivexec_trampoline), uintptr(flag), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setprivexec_trampoline()
-
-//go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setregid(rgid int, egid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setregid_trampoline), uintptr(rgid), uintptr(egid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setregid_trampoline()
-
-//go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setreuid(ruid int, euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setreuid_trampoline), uintptr(ruid), uintptr(euid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setreuid_trampoline()
-
-//go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setrlimit_trampoline()
-
-//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setsid() (pid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_setsid_trampoline), 0, 0, 0)
- pid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setsid_trampoline()
-
-//go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Settimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_settimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_settimeofday_trampoline()
-
-//go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setuid(uid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setuid_trampoline), uintptr(uid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setuid_trampoline()
-
-//go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Symlink(path string, link string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_symlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_symlink_trampoline()
-
-//go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(oldpath)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(newpath)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_symlinkat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_symlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Sync() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_sync_trampoline), 0, 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sync_trampoline()
-
-//go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Truncate(path string, length int64) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_truncate_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(length), uintptr(length>>32))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_truncate_trampoline()
-
-//go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Umask(newmask int) (oldmask int) {
- r0, _, _ := syscall_syscall(funcPC(libc_umask_trampoline), uintptr(newmask), 0, 0)
- oldmask = int(r0)
- return
-}
-
-func libc_umask_trampoline()
-
-//go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Undelete(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_undelete_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_undelete_trampoline()
-
-//go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unlink(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unlink_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unlink_trampoline()
-
-//go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unlinkat(dirfd int, path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unmount(path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unmount_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unmount_trampoline()
-
-//go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func write(fd int, p []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_write_trampoline()
-
-//go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
- r0, _, e1 := syscall_syscall9(funcPC(libc_mmap_trampoline), uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos), uintptr(pos>>32), 0, 0)
- ret = uintptr(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mmap_trampoline()
-
-//go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func munmap(addr uintptr, length uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munmap_trampoline), uintptr(addr), uintptr(length), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munmap_trampoline()
-
-//go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstat(fd int, stat *Stat_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstat64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstat64_trampoline()
-
-//go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fstatat64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstatat64_trampoline()
-
-//go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstatfs(fd int, stat *Statfs_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstatfs64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstatfs64_trampoline()
-
-//go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat64_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getfsstat64_trampoline()
-
-//go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Lstat(path string, stat *Stat_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_lstat64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lstat64_trampoline()
-
-//go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_ptrace_trampoline()
-
-//go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Stat(path string, stat *Stat_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_stat64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_stat64_trampoline()
-
-//go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Statfs(path string, stat *Statfs_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_statfs64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_statfs64_trampoline()
-
-//go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.s
deleted file mode 100644
index 1c53979a..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_386.s
+++ /dev/null
@@ -1,290 +0,0 @@
-// go run mkasm_darwin.go 386
-// Code generated by the command above; DO NOT EDIT.
-
-// +build go1.12
-
-#include "textflag.h"
-TEXT ·libc_getgroups_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getgroups(SB)
-TEXT ·libc_setgroups_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setgroups(SB)
-TEXT ·libc_wait4_trampoline(SB),NOSPLIT,$0-0
- JMP libc_wait4(SB)
-TEXT ·libc_accept_trampoline(SB),NOSPLIT,$0-0
- JMP libc_accept(SB)
-TEXT ·libc_bind_trampoline(SB),NOSPLIT,$0-0
- JMP libc_bind(SB)
-TEXT ·libc_connect_trampoline(SB),NOSPLIT,$0-0
- JMP libc_connect(SB)
-TEXT ·libc_socket_trampoline(SB),NOSPLIT,$0-0
- JMP libc_socket(SB)
-TEXT ·libc_getsockopt_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsockopt(SB)
-TEXT ·libc_setsockopt_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setsockopt(SB)
-TEXT ·libc_getpeername_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpeername(SB)
-TEXT ·libc_getsockname_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsockname(SB)
-TEXT ·libc_shutdown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_shutdown(SB)
-TEXT ·libc_socketpair_trampoline(SB),NOSPLIT,$0-0
- JMP libc_socketpair(SB)
-TEXT ·libc_recvfrom_trampoline(SB),NOSPLIT,$0-0
- JMP libc_recvfrom(SB)
-TEXT ·libc_sendto_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendto(SB)
-TEXT ·libc_recvmsg_trampoline(SB),NOSPLIT,$0-0
- JMP libc_recvmsg(SB)
-TEXT ·libc_sendmsg_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendmsg(SB)
-TEXT ·libc_kevent_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kevent(SB)
-TEXT ·libc_utimes_trampoline(SB),NOSPLIT,$0-0
- JMP libc_utimes(SB)
-TEXT ·libc_futimes_trampoline(SB),NOSPLIT,$0-0
- JMP libc_futimes(SB)
-TEXT ·libc_poll_trampoline(SB),NOSPLIT,$0-0
- JMP libc_poll(SB)
-TEXT ·libc_madvise_trampoline(SB),NOSPLIT,$0-0
- JMP libc_madvise(SB)
-TEXT ·libc_mlock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mlock(SB)
-TEXT ·libc_mlockall_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mlockall(SB)
-TEXT ·libc_mprotect_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mprotect(SB)
-TEXT ·libc_msync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_msync(SB)
-TEXT ·libc_munlock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munlock(SB)
-TEXT ·libc_munlockall_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munlockall(SB)
-TEXT ·libc_pipe_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pipe(SB)
-TEXT ·libc_getxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getxattr(SB)
-TEXT ·libc_fgetxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fgetxattr(SB)
-TEXT ·libc_setxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setxattr(SB)
-TEXT ·libc_fsetxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fsetxattr(SB)
-TEXT ·libc_removexattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_removexattr(SB)
-TEXT ·libc_fremovexattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fremovexattr(SB)
-TEXT ·libc_listxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_listxattr(SB)
-TEXT ·libc_flistxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_flistxattr(SB)
-TEXT ·libc_setattrlist_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setattrlist(SB)
-TEXT ·libc_fcntl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fcntl(SB)
-TEXT ·libc_kill_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kill(SB)
-TEXT ·libc_ioctl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_ioctl(SB)
-TEXT ·libc_sysctl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sysctl(SB)
-TEXT ·libc_sendfile_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendfile(SB)
-TEXT ·libc_access_trampoline(SB),NOSPLIT,$0-0
- JMP libc_access(SB)
-TEXT ·libc_adjtime_trampoline(SB),NOSPLIT,$0-0
- JMP libc_adjtime(SB)
-TEXT ·libc_chdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chdir(SB)
-TEXT ·libc_chflags_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chflags(SB)
-TEXT ·libc_chmod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chmod(SB)
-TEXT ·libc_chown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chown(SB)
-TEXT ·libc_chroot_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chroot(SB)
-TEXT ·libc_clock_gettime_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clock_gettime(SB)
-TEXT ·libc_close_trampoline(SB),NOSPLIT,$0-0
- JMP libc_close(SB)
-TEXT ·libc_clonefile_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clonefile(SB)
-TEXT ·libc_clonefileat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clonefileat(SB)
-TEXT ·libc_dup_trampoline(SB),NOSPLIT,$0-0
- JMP libc_dup(SB)
-TEXT ·libc_dup2_trampoline(SB),NOSPLIT,$0-0
- JMP libc_dup2(SB)
-TEXT ·libc_exchangedata_trampoline(SB),NOSPLIT,$0-0
- JMP libc_exchangedata(SB)
-TEXT ·libc_exit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_exit(SB)
-TEXT ·libc_faccessat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_faccessat(SB)
-TEXT ·libc_fchdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchdir(SB)
-TEXT ·libc_fchflags_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchflags(SB)
-TEXT ·libc_fchmod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchmod(SB)
-TEXT ·libc_fchmodat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchmodat(SB)
-TEXT ·libc_fchown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchown(SB)
-TEXT ·libc_fchownat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchownat(SB)
-TEXT ·libc_fclonefileat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fclonefileat(SB)
-TEXT ·libc_flock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_flock(SB)
-TEXT ·libc_fpathconf_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fpathconf(SB)
-TEXT ·libc_fsync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fsync(SB)
-TEXT ·libc_ftruncate_trampoline(SB),NOSPLIT,$0-0
- JMP libc_ftruncate(SB)
-TEXT ·libc_getcwd_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getcwd(SB)
-TEXT ·libc_getdtablesize_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getdtablesize(SB)
-TEXT ·libc_getegid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getegid(SB)
-TEXT ·libc_geteuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_geteuid(SB)
-TEXT ·libc_getgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getgid(SB)
-TEXT ·libc_getpgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpgid(SB)
-TEXT ·libc_getpgrp_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpgrp(SB)
-TEXT ·libc_getpid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpid(SB)
-TEXT ·libc_getppid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getppid(SB)
-TEXT ·libc_getpriority_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpriority(SB)
-TEXT ·libc_getrlimit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getrlimit(SB)
-TEXT ·libc_getrusage_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getrusage(SB)
-TEXT ·libc_getsid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsid(SB)
-TEXT ·libc_gettimeofday_trampoline(SB),NOSPLIT,$0-0
- JMP libc_gettimeofday(SB)
-TEXT ·libc_getuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getuid(SB)
-TEXT ·libc_issetugid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_issetugid(SB)
-TEXT ·libc_kqueue_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kqueue(SB)
-TEXT ·libc_lchown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lchown(SB)
-TEXT ·libc_link_trampoline(SB),NOSPLIT,$0-0
- JMP libc_link(SB)
-TEXT ·libc_linkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_linkat(SB)
-TEXT ·libc_listen_trampoline(SB),NOSPLIT,$0-0
- JMP libc_listen(SB)
-TEXT ·libc_mkdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkdir(SB)
-TEXT ·libc_mkdirat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkdirat(SB)
-TEXT ·libc_mkfifo_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkfifo(SB)
-TEXT ·libc_mknod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mknod(SB)
-TEXT ·libc_open_trampoline(SB),NOSPLIT,$0-0
- JMP libc_open(SB)
-TEXT ·libc_openat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_openat(SB)
-TEXT ·libc_pathconf_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pathconf(SB)
-TEXT ·libc_pread_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pread(SB)
-TEXT ·libc_pwrite_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pwrite(SB)
-TEXT ·libc_read_trampoline(SB),NOSPLIT,$0-0
- JMP libc_read(SB)
-TEXT ·libc_readlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readlink(SB)
-TEXT ·libc_readlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readlinkat(SB)
-TEXT ·libc_rename_trampoline(SB),NOSPLIT,$0-0
- JMP libc_rename(SB)
-TEXT ·libc_renameat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_renameat(SB)
-TEXT ·libc_revoke_trampoline(SB),NOSPLIT,$0-0
- JMP libc_revoke(SB)
-TEXT ·libc_rmdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_rmdir(SB)
-TEXT ·libc_lseek_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lseek(SB)
-TEXT ·libc_select_trampoline(SB),NOSPLIT,$0-0
- JMP libc_select(SB)
-TEXT ·libc_setegid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setegid(SB)
-TEXT ·libc_seteuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_seteuid(SB)
-TEXT ·libc_setgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setgid(SB)
-TEXT ·libc_setlogin_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setlogin(SB)
-TEXT ·libc_setpgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setpgid(SB)
-TEXT ·libc_setpriority_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setpriority(SB)
-TEXT ·libc_setprivexec_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setprivexec(SB)
-TEXT ·libc_setregid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setregid(SB)
-TEXT ·libc_setreuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setreuid(SB)
-TEXT ·libc_setrlimit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setrlimit(SB)
-TEXT ·libc_setsid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setsid(SB)
-TEXT ·libc_settimeofday_trampoline(SB),NOSPLIT,$0-0
- JMP libc_settimeofday(SB)
-TEXT ·libc_setuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setuid(SB)
-TEXT ·libc_symlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_symlink(SB)
-TEXT ·libc_symlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_symlinkat(SB)
-TEXT ·libc_sync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sync(SB)
-TEXT ·libc_truncate_trampoline(SB),NOSPLIT,$0-0
- JMP libc_truncate(SB)
-TEXT ·libc_umask_trampoline(SB),NOSPLIT,$0-0
- JMP libc_umask(SB)
-TEXT ·libc_undelete_trampoline(SB),NOSPLIT,$0-0
- JMP libc_undelete(SB)
-TEXT ·libc_unlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unlink(SB)
-TEXT ·libc_unlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unlinkat(SB)
-TEXT ·libc_unmount_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unmount(SB)
-TEXT ·libc_write_trampoline(SB),NOSPLIT,$0-0
- JMP libc_write(SB)
-TEXT ·libc_mmap_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mmap(SB)
-TEXT ·libc_munmap_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munmap(SB)
-TEXT ·libc_fstat64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstat64(SB)
-TEXT ·libc_fstatat64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstatat64(SB)
-TEXT ·libc_fstatfs64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstatfs64(SB)
-TEXT ·libc_getfsstat64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getfsstat64(SB)
-TEXT ·libc_lstat64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lstat64(SB)
-TEXT ·libc_ptrace_trampoline(SB),NOSPLIT,$0-0
- JMP libc_ptrace(SB)
-TEXT ·libc_stat64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_stat64(SB)
-TEXT ·libc_statfs64_trampoline(SB),NOSPLIT,$0-0
- JMP libc_statfs64(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go
index 88826236..a06eb093 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags darwin,amd64,go1.13 syscall_darwin.1_13.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build darwin && amd64 && go1.13
// +build darwin,amd64,go1.13
package unix
@@ -15,25 +16,25 @@ var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func closedir(dir uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
+ _, _, e1 := syscall_syscall(libc_closedir_trampoline_addr, uintptr(dir), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_closedir_trampoline()
+var libc_closedir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
- r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
+ r0, _, _ := syscall_syscall(libc_readdir_r_trampoline_addr, uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
res = Errno(r0)
return
}
-func libc_readdir_r_trampoline()
+var libc_readdir_r_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.s
index d671e831..d6c3e25c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.1_13.s
@@ -1,12 +1,25 @@
// go run mkasm_darwin.go amd64
// Code generated by the command above; DO NOT EDIT.
+//go:build go1.13
// +build go1.13
#include "textflag.h"
-TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
+
+TEXT libc_fdopendir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fdopendir(SB)
-TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fdopendir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fdopendir_trampoline_addr(SB)/8, $libc_fdopendir_trampoline<>(SB)
+
+TEXT libc_closedir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_closedir(SB)
-TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_closedir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_closedir_trampoline_addr(SB)/8, $libc_closedir_trampoline<>(SB)
+
+TEXT libc_readdir_r_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readdir_r(SB)
+
+GLOBL ·libc_readdir_r_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readdir_r_trampoline_addr(SB)/8, $libc_readdir_r_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
index 508e5639..d4efe8d4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags darwin,amd64,go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build darwin && amd64 && go1.12
// +build darwin,amd64,go1.12
package unix
@@ -15,7 +16,7 @@ var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getgroups_trampoline_addr, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -23,28 +24,28 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
return
}
-func libc_getgroups_trampoline()
+var libc_getgroups_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setgroups(ngid int, gid *_Gid_t) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setgroups_trampoline_addr, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setgroups_trampoline()
+var libc_setgroups_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_wait4_trampoline), uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_wait4_trampoline_addr, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
wpid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -52,14 +53,14 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err
return
}
-func libc_wait4_trampoline()
+var libc_wait4_trampoline_addr uintptr
//go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_accept_trampoline), uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ r0, _, e1 := syscall_syscall(libc_accept_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -67,42 +68,42 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
return
}
-func libc_accept_trampoline()
+var libc_accept_trampoline_addr uintptr
//go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_bind_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
+ _, _, e1 := syscall_syscall(libc_bind_trampoline_addr, uintptr(s), uintptr(addr), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_bind_trampoline()
+var libc_bind_trampoline_addr uintptr
//go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_connect_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
+ _, _, e1 := syscall_syscall(libc_connect_trampoline_addr, uintptr(s), uintptr(addr), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_connect_trampoline()
+var libc_connect_trampoline_addr uintptr
//go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func socket(domain int, typ int, proto int) (fd int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_socket_trampoline), uintptr(domain), uintptr(typ), uintptr(proto))
+ r0, _, e1 := syscall_rawSyscall(libc_socket_trampoline_addr, uintptr(domain), uintptr(typ), uintptr(proto))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -110,91 +111,91 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
return
}
-func libc_socket_trampoline()
+var libc_socket_trampoline_addr uintptr
//go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_getsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
+ _, _, e1 := syscall_syscall6(libc_getsockopt_trampoline_addr, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getsockopt_trampoline()
+var libc_getsockopt_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
+ _, _, e1 := syscall_syscall6(libc_setsockopt_trampoline_addr, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setsockopt_trampoline()
+var libc_setsockopt_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getpeername_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ _, _, e1 := syscall_rawSyscall(libc_getpeername_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getpeername_trampoline()
+var libc_getpeername_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getsockname_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ _, _, e1 := syscall_rawSyscall(libc_getsockname_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getsockname_trampoline()
+var libc_getsockname_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Shutdown(s int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_shutdown_trampoline), uintptr(s), uintptr(how), 0)
+ _, _, e1 := syscall_syscall(libc_shutdown_trampoline_addr, uintptr(s), uintptr(how), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_shutdown_trampoline()
+var libc_shutdown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall6(funcPC(libc_socketpair_trampoline), uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
+ _, _, e1 := syscall_rawSyscall6(libc_socketpair_trampoline_addr, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_socketpair_trampoline()
+var libc_socketpair_trampoline_addr uintptr
//go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib"
@@ -207,7 +208,7 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_recvfrom_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+ r0, _, e1 := syscall_syscall6(libc_recvfrom_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -215,7 +216,7 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
return
}
-func libc_recvfrom_trampoline()
+var libc_recvfrom_trampoline_addr uintptr
//go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib"
@@ -228,21 +229,21 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall6(funcPC(libc_sendto_trampoline), uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+ _, _, e1 := syscall_syscall6(libc_sendto_trampoline_addr, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sendto_trampoline()
+var libc_sendto_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_recvmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_recvmsg_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -250,14 +251,14 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
return
}
-func libc_recvmsg_trampoline()
+var libc_recvmsg_trampoline_addr uintptr
//go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_sendmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_sendmsg_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -265,14 +266,14 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
return
}
-func libc_sendmsg_trampoline()
+var libc_sendmsg_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, nevent int, timeout *Timespec) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_kevent_trampoline), uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
+ r0, _, e1 := syscall_syscall6(libc_kevent_trampoline_addr, uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -280,7 +281,7 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne
return
}
-func libc_kevent_trampoline()
+var libc_kevent_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib"
@@ -292,35 +293,35 @@ func utimes(path string, timeval *[2]Timeval) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_utimes_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
+ _, _, e1 := syscall_syscall(libc_utimes_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_utimes_trampoline()
+var libc_utimes_trampoline_addr uintptr
//go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func futimes(fd int, timeval *[2]Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_futimes_trampoline), uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
+ _, _, e1 := syscall_syscall(libc_futimes_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_futimes_trampoline()
+var libc_futimes_trampoline_addr uintptr
//go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_poll_trampoline), uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
+ r0, _, e1 := syscall_syscall(libc_poll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -328,7 +329,7 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
return
}
-func libc_poll_trampoline()
+var libc_poll_trampoline_addr uintptr
//go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib"
@@ -341,14 +342,14 @@ func Madvise(b []byte, behav int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_madvise_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(behav))
+ _, _, e1 := syscall_syscall(libc_madvise_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(behav))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_madvise_trampoline()
+var libc_madvise_trampoline_addr uintptr
//go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib"
@@ -361,28 +362,28 @@ func Mlock(b []byte) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_mlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
+ _, _, e1 := syscall_syscall(libc_mlock_trampoline_addr, uintptr(_p0), uintptr(len(b)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mlock_trampoline()
+var libc_mlock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Mlockall(flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_mlockall_trampoline), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall(libc_mlockall_trampoline_addr, uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mlockall_trampoline()
+var libc_mlockall_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib"
@@ -395,14 +396,14 @@ func Mprotect(b []byte, prot int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_mprotect_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(prot))
+ _, _, e1 := syscall_syscall(libc_mprotect_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(prot))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mprotect_trampoline()
+var libc_mprotect_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib"
@@ -415,14 +416,14 @@ func Msync(b []byte, flags int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_msync_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_msync_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_msync_trampoline()
+var libc_msync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib"
@@ -435,42 +436,42 @@ func Munlock(b []byte) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_munlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
+ _, _, e1 := syscall_syscall(libc_munlock_trampoline_addr, uintptr(_p0), uintptr(len(b)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munlock_trampoline()
+var libc_munlock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Munlockall() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munlockall_trampoline), 0, 0, 0)
+ _, _, e1 := syscall_syscall(libc_munlockall_trampoline_addr, 0, 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munlockall_trampoline()
+var libc_munlockall_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func pipe(p *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_pipe_trampoline_addr, uintptr(unsafe.Pointer(p)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_pipe_trampoline()
+var libc_pipe_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib"
@@ -487,7 +488,7 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_getxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
+ r0, _, e1 := syscall_syscall6(libc_getxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -495,7 +496,7 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o
return
}
-func libc_getxattr_trampoline()
+var libc_getxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib"
@@ -507,7 +508,7 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_fgetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
+ r0, _, e1 := syscall_syscall6(libc_fgetxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -515,7 +516,7 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio
return
}
-func libc_fgetxattr_trampoline()
+var libc_fgetxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib"
@@ -532,14 +533,14 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_setxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
+ _, _, e1 := syscall_syscall6(libc_setxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setxattr_trampoline()
+var libc_setxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib"
@@ -551,14 +552,14 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fsetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
+ _, _, e1 := syscall_syscall6(libc_fsetxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fsetxattr_trampoline()
+var libc_fsetxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib"
@@ -575,14 +576,14 @@ func removexattr(path string, attr string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_removexattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_removexattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_removexattr_trampoline()
+var libc_removexattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib"
@@ -594,14 +595,14 @@ func fremovexattr(fd int, attr string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_fremovexattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_fremovexattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fremovexattr_trampoline()
+var libc_fremovexattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib"
@@ -613,7 +614,7 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_listxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_listxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -621,14 +622,14 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro
return
}
-func libc_listxattr_trampoline()
+var libc_listxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_flistxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_flistxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -636,28 +637,28 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
return
}
-func libc_flistxattr_trampoline()
+var libc_flistxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setattrlist_trampoline), uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
+ _, _, e1 := syscall_syscall6(libc_setattrlist_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setattrlist_trampoline()
+var libc_setattrlist_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func fcntl(fd int, cmd int, arg int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fcntl_trampoline), uintptr(fd), uintptr(cmd), uintptr(arg))
+ r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -665,35 +666,35 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
return
}
-func libc_fcntl_trampoline()
+var libc_fcntl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func kill(pid int, signum int, posix int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_kill_trampoline), uintptr(pid), uintptr(signum), uintptr(posix))
+ _, _, e1 := syscall_syscall(libc_kill_trampoline_addr, uintptr(pid), uintptr(signum), uintptr(posix))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_kill_trampoline()
+var libc_kill_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ioctl(fd int, req uint, arg uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ioctl_trampoline), uintptr(fd), uintptr(req), uintptr(arg))
+ _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ioctl_trampoline()
+var libc_ioctl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
@@ -706,28 +707,28 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr)
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall6(funcPC(libc_sysctl_trampoline), uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
+ _, _, e1 := syscall_syscall6(libc_sysctl_trampoline_addr, uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sysctl_trampoline()
+var libc_sysctl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_sendfile_trampoline), uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
+ _, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sendfile_trampoline()
+var libc_sendfile_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib"
@@ -739,28 +740,28 @@ func Access(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_access_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_access_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_access_trampoline()
+var libc_access_trampoline_addr uintptr
//go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Adjtime(delta *Timeval, olddelta *Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_adjtime_trampoline), uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
+ _, _, e1 := syscall_syscall(libc_adjtime_trampoline_addr, uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_adjtime_trampoline()
+var libc_adjtime_trampoline_addr uintptr
//go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib"
@@ -772,14 +773,14 @@ func Chdir(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_chdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chdir_trampoline()
+var libc_chdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib"
@@ -791,14 +792,14 @@ func Chflags(path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chflags_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_chflags_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chflags_trampoline()
+var libc_chflags_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib"
@@ -810,14 +811,14 @@ func Chmod(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chmod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_chmod_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chmod_trampoline()
+var libc_chmod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib"
@@ -829,14 +830,14 @@ func Chown(path string, uid int, gid int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_chown_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chown_trampoline()
+var libc_chown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib"
@@ -848,42 +849,42 @@ func Chroot(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chroot_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_chroot_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chroot_trampoline()
+var libc_chroot_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ClockGettime(clockid int32, time *Timespec) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_clock_gettime_trampoline), uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
+ _, _, e1 := syscall_syscall(libc_clock_gettime_trampoline_addr, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clock_gettime_trampoline()
+var libc_clock_gettime_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Close(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_close_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_close_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_close_trampoline()
+var libc_close_trampoline_addr uintptr
//go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib"
@@ -900,14 +901,14 @@ func Clonefile(src string, dst string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_clonefile_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_clonefile_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clonefile_trampoline()
+var libc_clonefile_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib"
@@ -924,21 +925,21 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int)
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_clonefileat_trampoline), uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_clonefileat_trampoline_addr, uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clonefileat_trampoline()
+var libc_clonefileat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Dup(fd int) (nfd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_dup_trampoline), uintptr(fd), 0, 0)
+ r0, _, e1 := syscall_syscall(libc_dup_trampoline_addr, uintptr(fd), 0, 0)
nfd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -946,21 +947,21 @@ func Dup(fd int) (nfd int, err error) {
return
}
-func libc_dup_trampoline()
+var libc_dup_trampoline_addr uintptr
//go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Dup2(from int, to int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_dup2_trampoline), uintptr(from), uintptr(to), 0)
+ _, _, e1 := syscall_syscall(libc_dup2_trampoline_addr, uintptr(from), uintptr(to), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_dup2_trampoline()
+var libc_dup2_trampoline_addr uintptr
//go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib"
@@ -977,25 +978,25 @@ func Exchangedata(path1 string, path2 string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_exchangedata_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_exchangedata_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_exchangedata_trampoline()
+var libc_exchangedata_trampoline_addr uintptr
//go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Exit(code int) {
- syscall_syscall(funcPC(libc_exit_trampoline), uintptr(code), 0, 0)
+ syscall_syscall(libc_exit_trampoline_addr, uintptr(code), 0, 0)
return
}
-func libc_exit_trampoline()
+var libc_exit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib"
@@ -1007,56 +1008,56 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_faccessat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_faccessat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_faccessat_trampoline()
+var libc_faccessat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchdir(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchdir_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_fchdir_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchdir_trampoline()
+var libc_fchdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchflags(fd int, flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchflags_trampoline), uintptr(fd), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_fchflags_trampoline_addr, uintptr(fd), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchflags_trampoline()
+var libc_fchflags_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchmod(fd int, mode uint32) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchmod_trampoline), uintptr(fd), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_fchmod_trampoline_addr, uintptr(fd), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchmod_trampoline()
+var libc_fchmod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib"
@@ -1068,28 +1069,28 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fchmodat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fchmodat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchmodat_trampoline()
+var libc_fchmodat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchown(fd int, uid int, gid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchown_trampoline), uintptr(fd), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_fchown_trampoline_addr, uintptr(fd), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchown_trampoline()
+var libc_fchown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib"
@@ -1101,14 +1102,14 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fchownat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_fchownat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchownat_trampoline()
+var libc_fchownat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib"
@@ -1120,35 +1121,35 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error)
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fclonefileat_trampoline), uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fclonefileat_trampoline_addr, uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fclonefileat_trampoline()
+var libc_fclonefileat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Flock(fd int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_flock_trampoline), uintptr(fd), uintptr(how), 0)
+ _, _, e1 := syscall_syscall(libc_flock_trampoline_addr, uintptr(fd), uintptr(how), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_flock_trampoline()
+var libc_flock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fpathconf(fd int, name int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fpathconf_trampoline), uintptr(fd), uintptr(name), 0)
+ r0, _, e1 := syscall_syscall(libc_fpathconf_trampoline_addr, uintptr(fd), uintptr(name), 0)
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1156,35 +1157,35 @@ func Fpathconf(fd int, name int) (val int, err error) {
return
}
-func libc_fpathconf_trampoline()
+var libc_fpathconf_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fsync(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fsync_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_fsync_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fsync_trampoline()
+var libc_fsync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Ftruncate(fd int, length int64) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ftruncate_trampoline), uintptr(fd), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_ftruncate_trampoline_addr, uintptr(fd), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ftruncate_trampoline()
+var libc_ftruncate_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib"
@@ -1197,7 +1198,7 @@ func Getcwd(buf []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_getcwd_trampoline), uintptr(_p0), uintptr(len(buf)), 0)
+ r0, _, e1 := syscall_syscall(libc_getcwd_trampoline_addr, uintptr(_p0), uintptr(len(buf)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1205,62 +1206,62 @@ func Getcwd(buf []byte) (n int, err error) {
return
}
-func libc_getcwd_trampoline()
+var libc_getcwd_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdtablesize() (size int) {
- r0, _, _ := syscall_syscall(funcPC(libc_getdtablesize_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_syscall(libc_getdtablesize_trampoline_addr, 0, 0, 0)
size = int(r0)
return
}
-func libc_getdtablesize_trampoline()
+var libc_getdtablesize_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getegid() (egid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getegid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getegid_trampoline_addr, 0, 0, 0)
egid = int(r0)
return
}
-func libc_getegid_trampoline()
+var libc_getegid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Geteuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_geteuid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_geteuid_trampoline_addr, 0, 0, 0)
uid = int(r0)
return
}
-func libc_geteuid_trampoline()
+var libc_geteuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getgid() (gid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getgid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getgid_trampoline_addr, 0, 0, 0)
gid = int(r0)
return
}
-func libc_getgid_trampoline()
+var libc_getgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpgid(pid int) (pgid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getpgid_trampoline), uintptr(pid), 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getpgid_trampoline_addr, uintptr(pid), 0, 0)
pgid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1268,50 +1269,50 @@ func Getpgid(pid int) (pgid int, err error) {
return
}
-func libc_getpgid_trampoline()
+var libc_getpgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpgrp() (pgrp int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpgrp_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getpgrp_trampoline_addr, 0, 0, 0)
pgrp = int(r0)
return
}
-func libc_getpgrp_trampoline()
+var libc_getpgrp_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpid() (pid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getpid_trampoline_addr, 0, 0, 0)
pid = int(r0)
return
}
-func libc_getpid_trampoline()
+var libc_getpid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getppid() (ppid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getppid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getppid_trampoline_addr, 0, 0, 0)
ppid = int(r0)
return
}
-func libc_getppid_trampoline()
+var libc_getppid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpriority(which int, who int) (prio int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getpriority_trampoline), uintptr(which), uintptr(who), 0)
+ r0, _, e1 := syscall_syscall(libc_getpriority_trampoline_addr, uintptr(which), uintptr(who), 0)
prio = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1319,42 +1320,42 @@ func Getpriority(which int, who int) (prio int, err error) {
return
}
-func libc_getpriority_trampoline()
+var libc_getpriority_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_getrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getrlimit_trampoline()
+var libc_getrlimit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getrusage(who int, rusage *Rusage) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrusage_trampoline), uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_getrusage_trampoline_addr, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getrusage_trampoline()
+var libc_getrusage_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getsid(pid int) (sid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getsid_trampoline), uintptr(pid), 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getsid_trampoline_addr, uintptr(pid), 0, 0)
sid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1362,52 +1363,52 @@ func Getsid(pid int) (sid int, err error) {
return
}
-func libc_getsid_trampoline()
+var libc_getsid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Gettimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_gettimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_gettimeofday_trampoline_addr, uintptr(unsafe.Pointer(tp)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_gettimeofday_trampoline()
+var libc_gettimeofday_trampoline_addr uintptr
//go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getuid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getuid_trampoline_addr, 0, 0, 0)
uid = int(r0)
return
}
-func libc_getuid_trampoline()
+var libc_getuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Issetugid() (tainted bool) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_issetugid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_issetugid_trampoline_addr, 0, 0, 0)
tainted = bool(r0 != 0)
return
}
-func libc_issetugid_trampoline()
+var libc_issetugid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Kqueue() (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_kqueue_trampoline), 0, 0, 0)
+ r0, _, e1 := syscall_syscall(libc_kqueue_trampoline_addr, 0, 0, 0)
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1415,7 +1416,7 @@ func Kqueue() (fd int, err error) {
return
}
-func libc_kqueue_trampoline()
+var libc_kqueue_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib"
@@ -1427,14 +1428,14 @@ func Lchown(path string, uid int, gid int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_lchown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_lchown_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_lchown_trampoline()
+var libc_lchown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib"
@@ -1451,14 +1452,14 @@ func Link(path string, link string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_link_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_link_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_link_trampoline()
+var libc_link_trampoline_addr uintptr
//go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib"
@@ -1475,28 +1476,28 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_linkat_trampoline), uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_linkat_trampoline_addr, uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_linkat_trampoline()
+var libc_linkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Listen(s int, backlog int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_listen_trampoline), uintptr(s), uintptr(backlog), 0)
+ _, _, e1 := syscall_syscall(libc_listen_trampoline_addr, uintptr(s), uintptr(backlog), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_listen_trampoline()
+var libc_listen_trampoline_addr uintptr
//go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib"
@@ -1508,14 +1509,14 @@ func Mkdir(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkdir_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_mkdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkdir_trampoline()
+var libc_mkdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib"
@@ -1527,14 +1528,14 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkdirat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+ _, _, e1 := syscall_syscall(libc_mkdirat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkdirat_trampoline()
+var libc_mkdirat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib"
@@ -1546,14 +1547,14 @@ func Mkfifo(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkfifo_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_mkfifo_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkfifo_trampoline()
+var libc_mkfifo_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib"
@@ -1565,14 +1566,14 @@ func Mknod(path string, mode uint32, dev int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mknod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+ _, _, e1 := syscall_syscall(libc_mknod_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mknod_trampoline()
+var libc_mknod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib"
@@ -1584,7 +1585,7 @@ func Open(path string, mode int, perm uint32) (fd int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall(funcPC(libc_open_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
+ r0, _, e1 := syscall_syscall(libc_open_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1592,7 +1593,7 @@ func Open(path string, mode int, perm uint32) (fd int, err error) {
return
}
-func libc_open_trampoline()
+var libc_open_trampoline_addr uintptr
//go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib"
@@ -1604,7 +1605,7 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_openat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_openat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1612,7 +1613,7 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
return
}
-func libc_openat_trampoline()
+var libc_openat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib"
@@ -1624,7 +1625,7 @@ func Pathconf(path string, name int) (val int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall(funcPC(libc_pathconf_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
+ r0, _, e1 := syscall_syscall(libc_pathconf_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1632,7 +1633,7 @@ func Pathconf(path string, name int) (val int, err error) {
return
}
-func libc_pathconf_trampoline()
+var libc_pathconf_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib"
@@ -1645,7 +1646,7 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_pread_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_pread_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1653,7 +1654,7 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) {
return
}
-func libc_pread_trampoline()
+var libc_pread_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib"
@@ -1666,7 +1667,7 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_pwrite_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_pwrite_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1674,7 +1675,7 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
return
}
-func libc_pwrite_trampoline()
+var libc_pwrite_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib"
@@ -1687,7 +1688,7 @@ func read(fd int, p []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1695,7 +1696,7 @@ func read(fd int, p []byte) (n int, err error) {
return
}
-func libc_read_trampoline()
+var libc_read_trampoline_addr uintptr
//go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib"
@@ -1713,7 +1714,7 @@ func Readlink(path string, buf []byte) (n int, err error) {
} else {
_p1 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_readlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
+ r0, _, e1 := syscall_syscall(libc_readlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1721,7 +1722,7 @@ func Readlink(path string, buf []byte) (n int, err error) {
return
}
-func libc_readlink_trampoline()
+var libc_readlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib"
@@ -1739,7 +1740,7 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
} else {
_p1 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_readlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_readlinkat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1747,7 +1748,7 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
return
}
-func libc_readlinkat_trampoline()
+var libc_readlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib"
@@ -1764,14 +1765,14 @@ func Rename(from string, to string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_rename_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_rename_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_rename_trampoline()
+var libc_rename_trampoline_addr uintptr
//go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib"
@@ -1788,14 +1789,14 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_renameat_trampoline), uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_renameat_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_renameat_trampoline()
+var libc_renameat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib"
@@ -1807,14 +1808,14 @@ func Revoke(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_revoke_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_revoke_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_revoke_trampoline()
+var libc_revoke_trampoline_addr uintptr
//go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib"
@@ -1826,21 +1827,21 @@ func Rmdir(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_rmdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_rmdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_rmdir_trampoline()
+var libc_rmdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_lseek_trampoline), uintptr(fd), uintptr(offset), uintptr(whence))
+ r0, _, e1 := syscall_syscall(libc_lseek_trampoline_addr, uintptr(fd), uintptr(offset), uintptr(whence))
newoffset = int64(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1848,14 +1849,14 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
return
}
-func libc_lseek_trampoline()
+var libc_lseek_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+ r0, _, e1 := syscall_syscall6(libc_select_trampoline_addr, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1863,49 +1864,49 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
return
}
-func libc_select_trampoline()
+var libc_select_trampoline_addr uintptr
//go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setegid(egid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setegid_trampoline), uintptr(egid), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setegid_trampoline_addr, uintptr(egid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setegid_trampoline()
+var libc_setegid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Seteuid(euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_seteuid_trampoline), uintptr(euid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_seteuid_trampoline_addr, uintptr(euid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_seteuid_trampoline()
+var libc_seteuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setgid(gid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgid_trampoline), uintptr(gid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_setgid_trampoline_addr, uintptr(gid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setgid_trampoline()
+var libc_setgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib"
@@ -1917,105 +1918,105 @@ func Setlogin(name string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_setlogin_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setlogin_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setlogin_trampoline()
+var libc_setlogin_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setpgid(pid int, pgid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setpgid_trampoline), uintptr(pid), uintptr(pgid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setpgid_trampoline_addr, uintptr(pid), uintptr(pgid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setpgid_trampoline()
+var libc_setpgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setpriority(which int, who int, prio int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setpriority_trampoline), uintptr(which), uintptr(who), uintptr(prio))
+ _, _, e1 := syscall_syscall(libc_setpriority_trampoline_addr, uintptr(which), uintptr(who), uintptr(prio))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setpriority_trampoline()
+var libc_setpriority_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setprivexec(flag int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setprivexec_trampoline), uintptr(flag), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setprivexec_trampoline_addr, uintptr(flag), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setprivexec_trampoline()
+var libc_setprivexec_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setregid(rgid int, egid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setregid_trampoline), uintptr(rgid), uintptr(egid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setregid_trampoline_addr, uintptr(rgid), uintptr(egid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setregid_trampoline()
+var libc_setregid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setreuid(ruid int, euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setreuid_trampoline), uintptr(ruid), uintptr(euid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setreuid_trampoline_addr, uintptr(ruid), uintptr(euid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setreuid_trampoline()
+var libc_setreuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setrlimit_trampoline()
+var libc_setrlimit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setsid() (pid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_setsid_trampoline), 0, 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_setsid_trampoline_addr, 0, 0, 0)
pid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2023,35 +2024,35 @@ func Setsid() (pid int, err error) {
return
}
-func libc_setsid_trampoline()
+var libc_setsid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Settimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_settimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_settimeofday_trampoline_addr, uintptr(unsafe.Pointer(tp)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_settimeofday_trampoline()
+var libc_settimeofday_trampoline_addr uintptr
//go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setuid(uid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setuid_trampoline), uintptr(uid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_setuid_trampoline_addr, uintptr(uid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setuid_trampoline()
+var libc_setuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib"
@@ -2068,14 +2069,14 @@ func Symlink(path string, link string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_symlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_symlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_symlink_trampoline()
+var libc_symlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib"
@@ -2092,28 +2093,28 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_symlinkat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
+ _, _, e1 := syscall_syscall(libc_symlinkat_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_symlinkat_trampoline()
+var libc_symlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Sync() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_sync_trampoline), 0, 0, 0)
+ _, _, e1 := syscall_syscall(libc_sync_trampoline_addr, 0, 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sync_trampoline()
+var libc_sync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib"
@@ -2125,26 +2126,26 @@ func Truncate(path string, length int64) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_truncate_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_truncate_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_truncate_trampoline()
+var libc_truncate_trampoline_addr uintptr
//go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Umask(newmask int) (oldmask int) {
- r0, _, _ := syscall_syscall(funcPC(libc_umask_trampoline), uintptr(newmask), 0, 0)
+ r0, _, _ := syscall_syscall(libc_umask_trampoline_addr, uintptr(newmask), 0, 0)
oldmask = int(r0)
return
}
-func libc_umask_trampoline()
+var libc_umask_trampoline_addr uintptr
//go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib"
@@ -2156,14 +2157,14 @@ func Undelete(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_undelete_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_undelete_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_undelete_trampoline()
+var libc_undelete_trampoline_addr uintptr
//go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib"
@@ -2175,14 +2176,14 @@ func Unlink(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unlink_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_unlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unlink_trampoline()
+var libc_unlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib"
@@ -2194,14 +2195,14 @@ func Unlinkat(dirfd int, path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_unlinkat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unlinkat_trampoline()
+var libc_unlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib"
@@ -2213,14 +2214,14 @@ func Unmount(path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unmount_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_unmount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unmount_trampoline()
+var libc_unmount_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib"
@@ -2233,7 +2234,7 @@ func write(fd int, p []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2241,14 +2242,14 @@ func write(fd int, p []byte) (n int, err error) {
return
}
-func libc_write_trampoline()
+var libc_write_trampoline_addr uintptr
//go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_mmap_trampoline), uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
+ r0, _, e1 := syscall_syscall6(libc_mmap_trampoline_addr, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
ret = uintptr(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2256,28 +2257,28 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
return
}
-func libc_mmap_trampoline()
+var libc_mmap_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func munmap(addr uintptr, length uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munmap_trampoline), uintptr(addr), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_munmap_trampoline_addr, uintptr(addr), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munmap_trampoline()
+var libc_munmap_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
+ r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2288,7 +2289,7 @@ func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
+ r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2299,14 +2300,14 @@ func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fstat(fd int, stat *Stat_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstat64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_fstat64_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstat64_trampoline()
+var libc_fstat64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstat64 fstat64 "/usr/lib/libSystem.B.dylib"
@@ -2318,35 +2319,35 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fstatat64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fstatat64_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstatat64_trampoline()
+var libc_fstatat64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstatat64 fstatat64 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fstatfs(fd int, stat *Statfs_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstatfs64_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_fstatfs64_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstatfs64_trampoline()
+var libc_fstatfs64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstatfs64 fstatfs64 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat64_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_getfsstat64_trampoline_addr, uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2354,7 +2355,7 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
return
}
-func libc_getfsstat64_trampoline()
+var libc_getfsstat64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getfsstat64 getfsstat64 "/usr/lib/libSystem.B.dylib"
@@ -2366,28 +2367,28 @@ func Lstat(path string, stat *Stat_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_lstat64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_lstat64_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_lstat64_trampoline()
+var libc_lstat64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lstat64 lstat64 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_ptrace_trampoline_addr, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ptrace_trampoline()
+var libc_ptrace_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib"
@@ -2399,14 +2400,14 @@ func Stat(path string, stat *Stat_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_stat64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_stat64_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_stat64_trampoline()
+var libc_stat64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_stat64 stat64 "/usr/lib/libSystem.B.dylib"
@@ -2418,13 +2419,13 @@ func Statfs(path string, stat *Statfs_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_statfs64_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_statfs64_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_statfs64_trampoline()
+var libc_statfs64_trampoline_addr uintptr
//go:cgo_import_dynamic libc_statfs64 statfs64 "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
index c77bd6e2..bc169c2a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
@@ -1,290 +1,859 @@
// go run mkasm_darwin.go amd64
// Code generated by the command above; DO NOT EDIT.
+//go:build go1.12
// +build go1.12
#include "textflag.h"
-TEXT ·libc_getgroups_trampoline(SB),NOSPLIT,$0-0
+
+TEXT libc_getgroups_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getgroups(SB)
-TEXT ·libc_setgroups_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getgroups_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getgroups_trampoline_addr(SB)/8, $libc_getgroups_trampoline<>(SB)
+
+TEXT libc_setgroups_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setgroups(SB)
-TEXT ·libc_wait4_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setgroups_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setgroups_trampoline_addr(SB)/8, $libc_setgroups_trampoline<>(SB)
+
+TEXT libc_wait4_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_wait4(SB)
-TEXT ·libc_accept_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_wait4_trampoline_addr(SB), RODATA, $8
+DATA ·libc_wait4_trampoline_addr(SB)/8, $libc_wait4_trampoline<>(SB)
+
+TEXT libc_accept_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_accept(SB)
-TEXT ·libc_bind_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_accept_trampoline_addr(SB), RODATA, $8
+DATA ·libc_accept_trampoline_addr(SB)/8, $libc_accept_trampoline<>(SB)
+
+TEXT libc_bind_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_bind(SB)
-TEXT ·libc_connect_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_bind_trampoline_addr(SB), RODATA, $8
+DATA ·libc_bind_trampoline_addr(SB)/8, $libc_bind_trampoline<>(SB)
+
+TEXT libc_connect_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_connect(SB)
-TEXT ·libc_socket_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_connect_trampoline_addr(SB), RODATA, $8
+DATA ·libc_connect_trampoline_addr(SB)/8, $libc_connect_trampoline<>(SB)
+
+TEXT libc_socket_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_socket(SB)
-TEXT ·libc_getsockopt_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_socket_trampoline_addr(SB), RODATA, $8
+DATA ·libc_socket_trampoline_addr(SB)/8, $libc_socket_trampoline<>(SB)
+
+TEXT libc_getsockopt_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsockopt(SB)
-TEXT ·libc_setsockopt_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsockopt_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsockopt_trampoline_addr(SB)/8, $libc_getsockopt_trampoline<>(SB)
+
+TEXT libc_setsockopt_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setsockopt(SB)
-TEXT ·libc_getpeername_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setsockopt_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setsockopt_trampoline_addr(SB)/8, $libc_setsockopt_trampoline<>(SB)
+
+TEXT libc_getpeername_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpeername(SB)
-TEXT ·libc_getsockname_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpeername_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpeername_trampoline_addr(SB)/8, $libc_getpeername_trampoline<>(SB)
+
+TEXT libc_getsockname_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsockname(SB)
-TEXT ·libc_shutdown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsockname_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsockname_trampoline_addr(SB)/8, $libc_getsockname_trampoline<>(SB)
+
+TEXT libc_shutdown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_shutdown(SB)
-TEXT ·libc_socketpair_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_shutdown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_shutdown_trampoline_addr(SB)/8, $libc_shutdown_trampoline<>(SB)
+
+TEXT libc_socketpair_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_socketpair(SB)
-TEXT ·libc_recvfrom_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_socketpair_trampoline_addr(SB), RODATA, $8
+DATA ·libc_socketpair_trampoline_addr(SB)/8, $libc_socketpair_trampoline<>(SB)
+
+TEXT libc_recvfrom_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_recvfrom(SB)
-TEXT ·libc_sendto_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_recvfrom_trampoline_addr(SB), RODATA, $8
+DATA ·libc_recvfrom_trampoline_addr(SB)/8, $libc_recvfrom_trampoline<>(SB)
+
+TEXT libc_sendto_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendto(SB)
-TEXT ·libc_recvmsg_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendto_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendto_trampoline_addr(SB)/8, $libc_sendto_trampoline<>(SB)
+
+TEXT libc_recvmsg_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_recvmsg(SB)
-TEXT ·libc_sendmsg_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_recvmsg_trampoline_addr(SB), RODATA, $8
+DATA ·libc_recvmsg_trampoline_addr(SB)/8, $libc_recvmsg_trampoline<>(SB)
+
+TEXT libc_sendmsg_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendmsg(SB)
-TEXT ·libc_kevent_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendmsg_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendmsg_trampoline_addr(SB)/8, $libc_sendmsg_trampoline<>(SB)
+
+TEXT libc_kevent_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kevent(SB)
-TEXT ·libc_utimes_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kevent_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kevent_trampoline_addr(SB)/8, $libc_kevent_trampoline<>(SB)
+
+TEXT libc_utimes_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_utimes(SB)
-TEXT ·libc_futimes_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_utimes_trampoline_addr(SB), RODATA, $8
+DATA ·libc_utimes_trampoline_addr(SB)/8, $libc_utimes_trampoline<>(SB)
+
+TEXT libc_futimes_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_futimes(SB)
-TEXT ·libc_poll_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_futimes_trampoline_addr(SB), RODATA, $8
+DATA ·libc_futimes_trampoline_addr(SB)/8, $libc_futimes_trampoline<>(SB)
+
+TEXT libc_poll_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_poll(SB)
-TEXT ·libc_madvise_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_poll_trampoline_addr(SB), RODATA, $8
+DATA ·libc_poll_trampoline_addr(SB)/8, $libc_poll_trampoline<>(SB)
+
+TEXT libc_madvise_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_madvise(SB)
-TEXT ·libc_mlock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_madvise_trampoline_addr(SB), RODATA, $8
+DATA ·libc_madvise_trampoline_addr(SB)/8, $libc_madvise_trampoline<>(SB)
+
+TEXT libc_mlock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mlock(SB)
-TEXT ·libc_mlockall_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mlock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mlock_trampoline_addr(SB)/8, $libc_mlock_trampoline<>(SB)
+
+TEXT libc_mlockall_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mlockall(SB)
-TEXT ·libc_mprotect_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mlockall_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mlockall_trampoline_addr(SB)/8, $libc_mlockall_trampoline<>(SB)
+
+TEXT libc_mprotect_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mprotect(SB)
-TEXT ·libc_msync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mprotect_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mprotect_trampoline_addr(SB)/8, $libc_mprotect_trampoline<>(SB)
+
+TEXT libc_msync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_msync(SB)
-TEXT ·libc_munlock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_msync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_msync_trampoline_addr(SB)/8, $libc_msync_trampoline<>(SB)
+
+TEXT libc_munlock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munlock(SB)
-TEXT ·libc_munlockall_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munlock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munlock_trampoline_addr(SB)/8, $libc_munlock_trampoline<>(SB)
+
+TEXT libc_munlockall_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munlockall(SB)
-TEXT ·libc_pipe_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munlockall_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munlockall_trampoline_addr(SB)/8, $libc_munlockall_trampoline<>(SB)
+
+TEXT libc_pipe_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pipe(SB)
-TEXT ·libc_getxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pipe_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pipe_trampoline_addr(SB)/8, $libc_pipe_trampoline<>(SB)
+
+TEXT libc_getxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getxattr(SB)
-TEXT ·libc_fgetxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getxattr_trampoline_addr(SB)/8, $libc_getxattr_trampoline<>(SB)
+
+TEXT libc_fgetxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fgetxattr(SB)
-TEXT ·libc_setxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fgetxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fgetxattr_trampoline_addr(SB)/8, $libc_fgetxattr_trampoline<>(SB)
+
+TEXT libc_setxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setxattr(SB)
-TEXT ·libc_fsetxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setxattr_trampoline_addr(SB)/8, $libc_setxattr_trampoline<>(SB)
+
+TEXT libc_fsetxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fsetxattr(SB)
-TEXT ·libc_removexattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fsetxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fsetxattr_trampoline_addr(SB)/8, $libc_fsetxattr_trampoline<>(SB)
+
+TEXT libc_removexattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_removexattr(SB)
-TEXT ·libc_fremovexattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_removexattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_removexattr_trampoline_addr(SB)/8, $libc_removexattr_trampoline<>(SB)
+
+TEXT libc_fremovexattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fremovexattr(SB)
-TEXT ·libc_listxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fremovexattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fremovexattr_trampoline_addr(SB)/8, $libc_fremovexattr_trampoline<>(SB)
+
+TEXT libc_listxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_listxattr(SB)
-TEXT ·libc_flistxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_listxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_listxattr_trampoline_addr(SB)/8, $libc_listxattr_trampoline<>(SB)
+
+TEXT libc_flistxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_flistxattr(SB)
-TEXT ·libc_setattrlist_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_flistxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_flistxattr_trampoline_addr(SB)/8, $libc_flistxattr_trampoline<>(SB)
+
+TEXT libc_setattrlist_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setattrlist(SB)
-TEXT ·libc_fcntl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setattrlist_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB)
+
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fcntl(SB)
-TEXT ·libc_kill_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
+TEXT libc_kill_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kill(SB)
-TEXT ·libc_ioctl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kill_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kill_trampoline_addr(SB)/8, $libc_kill_trampoline<>(SB)
+
+TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ioctl(SB)
-TEXT ·libc_sysctl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ioctl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
+
+TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sysctl(SB)
-TEXT ·libc_sendfile_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
+
+TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendfile(SB)
-TEXT ·libc_access_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendfile_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendfile_trampoline_addr(SB)/8, $libc_sendfile_trampoline<>(SB)
+
+TEXT libc_access_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_access(SB)
-TEXT ·libc_adjtime_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_access_trampoline_addr(SB), RODATA, $8
+DATA ·libc_access_trampoline_addr(SB)/8, $libc_access_trampoline<>(SB)
+
+TEXT libc_adjtime_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_adjtime(SB)
-TEXT ·libc_chdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_adjtime_trampoline_addr(SB), RODATA, $8
+DATA ·libc_adjtime_trampoline_addr(SB)/8, $libc_adjtime_trampoline<>(SB)
+
+TEXT libc_chdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chdir(SB)
-TEXT ·libc_chflags_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chdir_trampoline_addr(SB)/8, $libc_chdir_trampoline<>(SB)
+
+TEXT libc_chflags_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chflags(SB)
-TEXT ·libc_chmod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chflags_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chflags_trampoline_addr(SB)/8, $libc_chflags_trampoline<>(SB)
+
+TEXT libc_chmod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chmod(SB)
-TEXT ·libc_chown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chmod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chmod_trampoline_addr(SB)/8, $libc_chmod_trampoline<>(SB)
+
+TEXT libc_chown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chown(SB)
-TEXT ·libc_chroot_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chown_trampoline_addr(SB)/8, $libc_chown_trampoline<>(SB)
+
+TEXT libc_chroot_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chroot(SB)
-TEXT ·libc_clock_gettime_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chroot_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chroot_trampoline_addr(SB)/8, $libc_chroot_trampoline<>(SB)
+
+TEXT libc_clock_gettime_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clock_gettime(SB)
-TEXT ·libc_close_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clock_gettime_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clock_gettime_trampoline_addr(SB)/8, $libc_clock_gettime_trampoline<>(SB)
+
+TEXT libc_close_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_close(SB)
-TEXT ·libc_clonefile_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_close_trampoline_addr(SB), RODATA, $8
+DATA ·libc_close_trampoline_addr(SB)/8, $libc_close_trampoline<>(SB)
+
+TEXT libc_clonefile_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clonefile(SB)
-TEXT ·libc_clonefileat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clonefile_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clonefile_trampoline_addr(SB)/8, $libc_clonefile_trampoline<>(SB)
+
+TEXT libc_clonefileat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clonefileat(SB)
-TEXT ·libc_dup_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clonefileat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clonefileat_trampoline_addr(SB)/8, $libc_clonefileat_trampoline<>(SB)
+
+TEXT libc_dup_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_dup(SB)
-TEXT ·libc_dup2_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_dup_trampoline_addr(SB), RODATA, $8
+DATA ·libc_dup_trampoline_addr(SB)/8, $libc_dup_trampoline<>(SB)
+
+TEXT libc_dup2_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_dup2(SB)
-TEXT ·libc_exchangedata_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_dup2_trampoline_addr(SB), RODATA, $8
+DATA ·libc_dup2_trampoline_addr(SB)/8, $libc_dup2_trampoline<>(SB)
+
+TEXT libc_exchangedata_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_exchangedata(SB)
-TEXT ·libc_exit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_exchangedata_trampoline_addr(SB), RODATA, $8
+DATA ·libc_exchangedata_trampoline_addr(SB)/8, $libc_exchangedata_trampoline<>(SB)
+
+TEXT libc_exit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_exit(SB)
-TEXT ·libc_faccessat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_exit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_exit_trampoline_addr(SB)/8, $libc_exit_trampoline<>(SB)
+
+TEXT libc_faccessat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_faccessat(SB)
-TEXT ·libc_fchdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_faccessat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_faccessat_trampoline_addr(SB)/8, $libc_faccessat_trampoline<>(SB)
+
+TEXT libc_fchdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchdir(SB)
-TEXT ·libc_fchflags_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchdir_trampoline_addr(SB)/8, $libc_fchdir_trampoline<>(SB)
+
+TEXT libc_fchflags_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchflags(SB)
-TEXT ·libc_fchmod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchflags_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchflags_trampoline_addr(SB)/8, $libc_fchflags_trampoline<>(SB)
+
+TEXT libc_fchmod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchmod(SB)
-TEXT ·libc_fchmodat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchmod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchmod_trampoline_addr(SB)/8, $libc_fchmod_trampoline<>(SB)
+
+TEXT libc_fchmodat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchmodat(SB)
-TEXT ·libc_fchown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchmodat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchmodat_trampoline_addr(SB)/8, $libc_fchmodat_trampoline<>(SB)
+
+TEXT libc_fchown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchown(SB)
-TEXT ·libc_fchownat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchown_trampoline_addr(SB)/8, $libc_fchown_trampoline<>(SB)
+
+TEXT libc_fchownat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchownat(SB)
-TEXT ·libc_fclonefileat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchownat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchownat_trampoline_addr(SB)/8, $libc_fchownat_trampoline<>(SB)
+
+TEXT libc_fclonefileat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fclonefileat(SB)
-TEXT ·libc_flock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fclonefileat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fclonefileat_trampoline_addr(SB)/8, $libc_fclonefileat_trampoline<>(SB)
+
+TEXT libc_flock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_flock(SB)
-TEXT ·libc_fpathconf_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_flock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_flock_trampoline_addr(SB)/8, $libc_flock_trampoline<>(SB)
+
+TEXT libc_fpathconf_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fpathconf(SB)
-TEXT ·libc_fsync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fpathconf_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fpathconf_trampoline_addr(SB)/8, $libc_fpathconf_trampoline<>(SB)
+
+TEXT libc_fsync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fsync(SB)
-TEXT ·libc_ftruncate_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fsync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fsync_trampoline_addr(SB)/8, $libc_fsync_trampoline<>(SB)
+
+TEXT libc_ftruncate_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ftruncate(SB)
-TEXT ·libc_getcwd_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ftruncate_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ftruncate_trampoline_addr(SB)/8, $libc_ftruncate_trampoline<>(SB)
+
+TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getcwd(SB)
-TEXT ·libc_getdtablesize_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getcwd_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
+
+TEXT libc_getdtablesize_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getdtablesize(SB)
-TEXT ·libc_getegid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getdtablesize_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getdtablesize_trampoline_addr(SB)/8, $libc_getdtablesize_trampoline<>(SB)
+
+TEXT libc_getegid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getegid(SB)
-TEXT ·libc_geteuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getegid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getegid_trampoline_addr(SB)/8, $libc_getegid_trampoline<>(SB)
+
+TEXT libc_geteuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_geteuid(SB)
-TEXT ·libc_getgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_geteuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_geteuid_trampoline_addr(SB)/8, $libc_geteuid_trampoline<>(SB)
+
+TEXT libc_getgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getgid(SB)
-TEXT ·libc_getpgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getgid_trampoline_addr(SB)/8, $libc_getgid_trampoline<>(SB)
+
+TEXT libc_getpgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpgid(SB)
-TEXT ·libc_getpgrp_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpgid_trampoline_addr(SB)/8, $libc_getpgid_trampoline<>(SB)
+
+TEXT libc_getpgrp_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpgrp(SB)
-TEXT ·libc_getpid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpgrp_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpgrp_trampoline_addr(SB)/8, $libc_getpgrp_trampoline<>(SB)
+
+TEXT libc_getpid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpid(SB)
-TEXT ·libc_getppid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpid_trampoline_addr(SB)/8, $libc_getpid_trampoline<>(SB)
+
+TEXT libc_getppid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getppid(SB)
-TEXT ·libc_getpriority_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getppid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getppid_trampoline_addr(SB)/8, $libc_getppid_trampoline<>(SB)
+
+TEXT libc_getpriority_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpriority(SB)
-TEXT ·libc_getrlimit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpriority_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpriority_trampoline_addr(SB)/8, $libc_getpriority_trampoline<>(SB)
+
+TEXT libc_getrlimit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getrlimit(SB)
-TEXT ·libc_getrusage_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getrlimit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getrlimit_trampoline_addr(SB)/8, $libc_getrlimit_trampoline<>(SB)
+
+TEXT libc_getrusage_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getrusage(SB)
-TEXT ·libc_getsid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getrusage_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getrusage_trampoline_addr(SB)/8, $libc_getrusage_trampoline<>(SB)
+
+TEXT libc_getsid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsid(SB)
-TEXT ·libc_gettimeofday_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsid_trampoline_addr(SB)/8, $libc_getsid_trampoline<>(SB)
+
+TEXT libc_gettimeofday_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_gettimeofday(SB)
-TEXT ·libc_getuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_gettimeofday_trampoline_addr(SB), RODATA, $8
+DATA ·libc_gettimeofday_trampoline_addr(SB)/8, $libc_gettimeofday_trampoline<>(SB)
+
+TEXT libc_getuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getuid(SB)
-TEXT ·libc_issetugid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getuid_trampoline_addr(SB)/8, $libc_getuid_trampoline<>(SB)
+
+TEXT libc_issetugid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_issetugid(SB)
-TEXT ·libc_kqueue_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_issetugid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_issetugid_trampoline_addr(SB)/8, $libc_issetugid_trampoline<>(SB)
+
+TEXT libc_kqueue_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kqueue(SB)
-TEXT ·libc_lchown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kqueue_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kqueue_trampoline_addr(SB)/8, $libc_kqueue_trampoline<>(SB)
+
+TEXT libc_lchown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lchown(SB)
-TEXT ·libc_link_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lchown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lchown_trampoline_addr(SB)/8, $libc_lchown_trampoline<>(SB)
+
+TEXT libc_link_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_link(SB)
-TEXT ·libc_linkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_link_trampoline_addr(SB), RODATA, $8
+DATA ·libc_link_trampoline_addr(SB)/8, $libc_link_trampoline<>(SB)
+
+TEXT libc_linkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_linkat(SB)
-TEXT ·libc_listen_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_linkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_linkat_trampoline_addr(SB)/8, $libc_linkat_trampoline<>(SB)
+
+TEXT libc_listen_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_listen(SB)
-TEXT ·libc_mkdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_listen_trampoline_addr(SB), RODATA, $8
+DATA ·libc_listen_trampoline_addr(SB)/8, $libc_listen_trampoline<>(SB)
+
+TEXT libc_mkdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkdir(SB)
-TEXT ·libc_mkdirat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkdir_trampoline_addr(SB)/8, $libc_mkdir_trampoline<>(SB)
+
+TEXT libc_mkdirat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkdirat(SB)
-TEXT ·libc_mkfifo_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkdirat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkdirat_trampoline_addr(SB)/8, $libc_mkdirat_trampoline<>(SB)
+
+TEXT libc_mkfifo_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkfifo(SB)
-TEXT ·libc_mknod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkfifo_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkfifo_trampoline_addr(SB)/8, $libc_mkfifo_trampoline<>(SB)
+
+TEXT libc_mknod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mknod(SB)
-TEXT ·libc_open_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mknod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mknod_trampoline_addr(SB)/8, $libc_mknod_trampoline<>(SB)
+
+TEXT libc_open_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_open(SB)
-TEXT ·libc_openat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_open_trampoline_addr(SB), RODATA, $8
+DATA ·libc_open_trampoline_addr(SB)/8, $libc_open_trampoline<>(SB)
+
+TEXT libc_openat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_openat(SB)
-TEXT ·libc_pathconf_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_openat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_openat_trampoline_addr(SB)/8, $libc_openat_trampoline<>(SB)
+
+TEXT libc_pathconf_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pathconf(SB)
-TEXT ·libc_pread_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pathconf_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pathconf_trampoline_addr(SB)/8, $libc_pathconf_trampoline<>(SB)
+
+TEXT libc_pread_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pread(SB)
-TEXT ·libc_pwrite_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pread_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pread_trampoline_addr(SB)/8, $libc_pread_trampoline<>(SB)
+
+TEXT libc_pwrite_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pwrite(SB)
-TEXT ·libc_read_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pwrite_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pwrite_trampoline_addr(SB)/8, $libc_pwrite_trampoline<>(SB)
+
+TEXT libc_read_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_read(SB)
-TEXT ·libc_readlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_read_trampoline_addr(SB), RODATA, $8
+DATA ·libc_read_trampoline_addr(SB)/8, $libc_read_trampoline<>(SB)
+
+TEXT libc_readlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readlink(SB)
-TEXT ·libc_readlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_readlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readlink_trampoline_addr(SB)/8, $libc_readlink_trampoline<>(SB)
+
+TEXT libc_readlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readlinkat(SB)
-TEXT ·libc_rename_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_readlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readlinkat_trampoline_addr(SB)/8, $libc_readlinkat_trampoline<>(SB)
+
+TEXT libc_rename_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_rename(SB)
-TEXT ·libc_renameat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_rename_trampoline_addr(SB), RODATA, $8
+DATA ·libc_rename_trampoline_addr(SB)/8, $libc_rename_trampoline<>(SB)
+
+TEXT libc_renameat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_renameat(SB)
-TEXT ·libc_revoke_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_renameat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_renameat_trampoline_addr(SB)/8, $libc_renameat_trampoline<>(SB)
+
+TEXT libc_revoke_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_revoke(SB)
-TEXT ·libc_rmdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_revoke_trampoline_addr(SB), RODATA, $8
+DATA ·libc_revoke_trampoline_addr(SB)/8, $libc_revoke_trampoline<>(SB)
+
+TEXT libc_rmdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_rmdir(SB)
-TEXT ·libc_lseek_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_rmdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_rmdir_trampoline_addr(SB)/8, $libc_rmdir_trampoline<>(SB)
+
+TEXT libc_lseek_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lseek(SB)
-TEXT ·libc_select_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lseek_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lseek_trampoline_addr(SB)/8, $libc_lseek_trampoline<>(SB)
+
+TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_select(SB)
-TEXT ·libc_setegid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_select_trampoline_addr(SB), RODATA, $8
+DATA ·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB)
+
+TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setegid(SB)
-TEXT ·libc_seteuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setegid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setegid_trampoline_addr(SB)/8, $libc_setegid_trampoline<>(SB)
+
+TEXT libc_seteuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_seteuid(SB)
-TEXT ·libc_setgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_seteuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_seteuid_trampoline_addr(SB)/8, $libc_seteuid_trampoline<>(SB)
+
+TEXT libc_setgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setgid(SB)
-TEXT ·libc_setlogin_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setgid_trampoline_addr(SB)/8, $libc_setgid_trampoline<>(SB)
+
+TEXT libc_setlogin_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setlogin(SB)
-TEXT ·libc_setpgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setlogin_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setlogin_trampoline_addr(SB)/8, $libc_setlogin_trampoline<>(SB)
+
+TEXT libc_setpgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setpgid(SB)
-TEXT ·libc_setpriority_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setpgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setpgid_trampoline_addr(SB)/8, $libc_setpgid_trampoline<>(SB)
+
+TEXT libc_setpriority_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setpriority(SB)
-TEXT ·libc_setprivexec_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setpriority_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setpriority_trampoline_addr(SB)/8, $libc_setpriority_trampoline<>(SB)
+
+TEXT libc_setprivexec_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setprivexec(SB)
-TEXT ·libc_setregid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setprivexec_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setprivexec_trampoline_addr(SB)/8, $libc_setprivexec_trampoline<>(SB)
+
+TEXT libc_setregid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setregid(SB)
-TEXT ·libc_setreuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setregid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setregid_trampoline_addr(SB)/8, $libc_setregid_trampoline<>(SB)
+
+TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setreuid(SB)
-TEXT ·libc_setrlimit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setreuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB)
+
+TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setrlimit(SB)
-TEXT ·libc_setsid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB)
+
+TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setsid(SB)
-TEXT ·libc_settimeofday_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setsid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setsid_trampoline_addr(SB)/8, $libc_setsid_trampoline<>(SB)
+
+TEXT libc_settimeofday_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_settimeofday(SB)
-TEXT ·libc_setuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_settimeofday_trampoline_addr(SB), RODATA, $8
+DATA ·libc_settimeofday_trampoline_addr(SB)/8, $libc_settimeofday_trampoline<>(SB)
+
+TEXT libc_setuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setuid(SB)
-TEXT ·libc_symlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setuid_trampoline_addr(SB)/8, $libc_setuid_trampoline<>(SB)
+
+TEXT libc_symlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_symlink(SB)
-TEXT ·libc_symlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_symlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_symlink_trampoline_addr(SB)/8, $libc_symlink_trampoline<>(SB)
+
+TEXT libc_symlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_symlinkat(SB)
-TEXT ·libc_sync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_symlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_symlinkat_trampoline_addr(SB)/8, $libc_symlinkat_trampoline<>(SB)
+
+TEXT libc_sync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sync(SB)
-TEXT ·libc_truncate_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sync_trampoline_addr(SB)/8, $libc_sync_trampoline<>(SB)
+
+TEXT libc_truncate_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_truncate(SB)
-TEXT ·libc_umask_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_truncate_trampoline_addr(SB), RODATA, $8
+DATA ·libc_truncate_trampoline_addr(SB)/8, $libc_truncate_trampoline<>(SB)
+
+TEXT libc_umask_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_umask(SB)
-TEXT ·libc_undelete_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_umask_trampoline_addr(SB), RODATA, $8
+DATA ·libc_umask_trampoline_addr(SB)/8, $libc_umask_trampoline<>(SB)
+
+TEXT libc_undelete_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_undelete(SB)
-TEXT ·libc_unlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_undelete_trampoline_addr(SB), RODATA, $8
+DATA ·libc_undelete_trampoline_addr(SB)/8, $libc_undelete_trampoline<>(SB)
+
+TEXT libc_unlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unlink(SB)
-TEXT ·libc_unlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unlink_trampoline_addr(SB)/8, $libc_unlink_trampoline<>(SB)
+
+TEXT libc_unlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unlinkat(SB)
-TEXT ·libc_unmount_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unlinkat_trampoline_addr(SB)/8, $libc_unlinkat_trampoline<>(SB)
+
+TEXT libc_unmount_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unmount(SB)
-TEXT ·libc_write_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unmount_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unmount_trampoline_addr(SB)/8, $libc_unmount_trampoline<>(SB)
+
+TEXT libc_write_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_write(SB)
-TEXT ·libc_mmap_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_write_trampoline_addr(SB), RODATA, $8
+DATA ·libc_write_trampoline_addr(SB)/8, $libc_write_trampoline<>(SB)
+
+TEXT libc_mmap_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mmap(SB)
-TEXT ·libc_munmap_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mmap_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mmap_trampoline_addr(SB)/8, $libc_mmap_trampoline<>(SB)
+
+TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munmap(SB)
-TEXT ·libc_fstat64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
+
+TEXT libc_fstat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstat64(SB)
-TEXT ·libc_fstatat64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstat64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstat64_trampoline_addr(SB)/8, $libc_fstat64_trampoline<>(SB)
+
+TEXT libc_fstatat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstatat64(SB)
-TEXT ·libc_fstatfs64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstatat64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstatat64_trampoline_addr(SB)/8, $libc_fstatat64_trampoline<>(SB)
+
+TEXT libc_fstatfs64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstatfs64(SB)
-TEXT ·libc_getfsstat64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstatfs64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstatfs64_trampoline_addr(SB)/8, $libc_fstatfs64_trampoline<>(SB)
+
+TEXT libc_getfsstat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getfsstat64(SB)
-TEXT ·libc_lstat64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getfsstat64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getfsstat64_trampoline_addr(SB)/8, $libc_getfsstat64_trampoline<>(SB)
+
+TEXT libc_lstat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lstat64(SB)
-TEXT ·libc_ptrace_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lstat64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lstat64_trampoline_addr(SB)/8, $libc_lstat64_trampoline<>(SB)
+
+TEXT libc_ptrace_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ptrace(SB)
-TEXT ·libc_stat64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ptrace_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ptrace_trampoline_addr(SB)/8, $libc_ptrace_trampoline<>(SB)
+
+TEXT libc_stat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_stat64(SB)
-TEXT ·libc_statfs64_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_stat64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_stat64_trampoline_addr(SB)/8, $libc_stat64_trampoline<>(SB)
+
+TEXT libc_statfs64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_statfs64(SB)
+
+GLOBL ·libc_statfs64_trampoline_addr(SB), RODATA, $8
+DATA ·libc_statfs64_trampoline_addr(SB)/8, $libc_statfs64_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go
deleted file mode 100644
index de4738ff..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.go
+++ /dev/null
@@ -1,39 +0,0 @@
-// go run mksyscall.go -l32 -tags darwin,arm,go1.13 syscall_darwin.1_13.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build darwin,arm,go1.13
-
-package unix
-
-import (
- "syscall"
- "unsafe"
-)
-
-var _ syscall.Errno
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func closedir(dir uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_closedir_trampoline()
-
-//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
- r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
- res = Errno(r0)
- return
-}
-
-func libc_readdir_r_trampoline()
-
-//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.s
deleted file mode 100644
index 488e5570..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.1_13.s
+++ /dev/null
@@ -1,12 +0,0 @@
-// go run mkasm_darwin.go arm
-// Code generated by the command above; DO NOT EDIT.
-
-// +build go1.13
-
-#include "textflag.h"
-TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fdopendir(SB)
-TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_closedir(SB)
-TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readdir_r(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go
deleted file mode 100644
index c0c771f4..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.go
+++ /dev/null
@@ -1,2416 +0,0 @@
-// go run mksyscall.go -l32 -tags darwin,arm,go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_arm.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build darwin,arm,go1.12
-
-package unix
-
-import (
- "syscall"
- "unsafe"
-)
-
-var _ syscall.Errno
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getgroups_trampoline()
-
-//go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setgroups(ngid int, gid *_Gid_t) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setgroups_trampoline()
-
-//go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_wait4_trampoline), uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
- wpid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_wait4_trampoline()
-
-//go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_accept_trampoline), uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_accept_trampoline()
-
-//go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_bind_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_bind_trampoline()
-
-//go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_connect_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_connect_trampoline()
-
-//go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func socket(domain int, typ int, proto int) (fd int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_socket_trampoline), uintptr(domain), uintptr(typ), uintptr(proto))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_socket_trampoline()
-
-//go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_getsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsockopt_trampoline()
-
-//go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setsockopt_trampoline()
-
-//go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getpeername_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpeername_trampoline()
-
-//go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getsockname_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsockname_trampoline()
-
-//go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Shutdown(s int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_shutdown_trampoline), uintptr(s), uintptr(how), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_shutdown_trampoline()
-
-//go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall6(funcPC(libc_socketpair_trampoline), uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_socketpair_trampoline()
-
-//go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_recvfrom_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_recvfrom_trampoline()
-
-//go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) {
- var _p0 unsafe.Pointer
- if len(buf) > 0 {
- _p0 = unsafe.Pointer(&buf[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_sendto_trampoline), uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendto_trampoline()
-
-//go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_recvmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_recvmsg_trampoline()
-
-//go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_sendmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendmsg_trampoline()
-
-//go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, nevent int, timeout *Timespec) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_kevent_trampoline), uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kevent_trampoline()
-
-//go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func utimes(path string, timeval *[2]Timeval) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_utimes_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_utimes_trampoline()
-
-//go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func futimes(fd int, timeval *[2]Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_futimes_trampoline), uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_futimes_trampoline()
-
-//go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_poll_trampoline), uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_poll_trampoline()
-
-//go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Madvise(b []byte, behav int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_madvise_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(behav))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_madvise_trampoline()
-
-//go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mlock(b []byte) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mlock_trampoline()
-
-//go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mlockall(flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_mlockall_trampoline), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mlockall_trampoline()
-
-//go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mprotect(b []byte, prot int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mprotect_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(prot))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mprotect_trampoline()
-
-//go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Msync(b []byte, flags int) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_msync_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_msync_trampoline()
-
-//go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Munlock(b []byte) (err error) {
- var _p0 unsafe.Pointer
- if len(b) > 0 {
- _p0 = unsafe.Pointer(&b[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall(funcPC(libc_munlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munlock_trampoline()
-
-//go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Munlockall() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munlockall_trampoline), 0, 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munlockall_trampoline()
-
-//go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func pipe(p *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pipe_trampoline()
-
-//go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getxattr(path string, attr string, dest *byte, size int, position uint32, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_getxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getxattr_trampoline()
-
-//go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_fgetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fgetxattr_trampoline()
-
-//go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setxattr(path string, attr string, data *byte, size int, position uint32, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_setxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setxattr_trampoline()
-
-//go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fsetxattr(fd int, attr string, data *byte, size int, position uint32, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fsetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fsetxattr_trampoline()
-
-//go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func removexattr(path string, attr string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_removexattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_removexattr_trampoline()
-
-//go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fremovexattr(fd int, attr string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(attr)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_fremovexattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fremovexattr_trampoline()
-
-//go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func listxattr(path string, dest *byte, size int, options int) (sz int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_listxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_listxattr_trampoline()
-
-//go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_flistxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
- sz = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_flistxattr_trampoline()
-
-//go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setattrlist_trampoline), uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setattrlist_trampoline()
-
-//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fcntl(fd int, cmd int, arg int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fcntl_trampoline), uintptr(fd), uintptr(cmd), uintptr(arg))
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fcntl_trampoline()
-
-//go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func kill(pid int, signum int, posix int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_kill_trampoline), uintptr(pid), uintptr(signum), uintptr(posix))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kill_trampoline()
-
-//go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func ioctl(fd int, req uint, arg uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ioctl_trampoline), uintptr(fd), uintptr(req), uintptr(arg))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_ioctl_trampoline()
-
-//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
- var _p0 unsafe.Pointer
- if len(mib) > 0 {
- _p0 = unsafe.Pointer(&mib[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_sysctl_trampoline), uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sysctl_trampoline()
-
-//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
- _, _, e1 := syscall_syscall9(funcPC(libc_sendfile_trampoline), uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(offset>>32), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sendfile_trampoline()
-
-//go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Access(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_access_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_access_trampoline()
-
-//go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Adjtime(delta *Timeval, olddelta *Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_adjtime_trampoline), uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_adjtime_trampoline()
-
-//go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chdir(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chdir_trampoline()
-
-//go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chflags(path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chflags_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chflags_trampoline()
-
-//go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chmod(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chmod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chmod_trampoline()
-
-//go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chown(path string, uid int, gid int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chown_trampoline()
-
-//go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chroot(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_chroot_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_chroot_trampoline()
-
-//go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func ClockGettime(clockid int32, time *Timespec) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_clock_gettime_trampoline), uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clock_gettime_trampoline()
-
-//go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Close(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_close_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_close_trampoline()
-
-//go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Clonefile(src string, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(src)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_clonefile_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clonefile_trampoline()
-
-//go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(src)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_clonefileat_trampoline), uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_clonefileat_trampoline()
-
-//go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Dup(fd int) (nfd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_dup_trampoline), uintptr(fd), 0, 0)
- nfd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_dup_trampoline()
-
-//go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Dup2(from int, to int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_dup2_trampoline), uintptr(from), uintptr(to), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_dup2_trampoline()
-
-//go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Exchangedata(path1 string, path2 string, options int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path1)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(path2)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_exchangedata_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_exchangedata_trampoline()
-
-//go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Exit(code int) {
- syscall_syscall(funcPC(libc_exit_trampoline), uintptr(code), 0, 0)
- return
-}
-
-func libc_exit_trampoline()
-
-//go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_faccessat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_faccessat_trampoline()
-
-//go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchdir(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchdir_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchdir_trampoline()
-
-//go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchflags(fd int, flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchflags_trampoline), uintptr(fd), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchflags_trampoline()
-
-//go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchmod(fd int, mode uint32) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchmod_trampoline), uintptr(fd), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchmod_trampoline()
-
-//go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fchmodat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchmodat_trampoline()
-
-//go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchown(fd int, uid int, gid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchown_trampoline), uintptr(fd), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchown_trampoline()
-
-//go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fchownat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fchownat_trampoline()
-
-//go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(dst)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fclonefileat_trampoline), uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fclonefileat_trampoline()
-
-//go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Flock(fd int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_flock_trampoline), uintptr(fd), uintptr(how), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_flock_trampoline()
-
-//go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fpathconf(fd int, name int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fpathconf_trampoline), uintptr(fd), uintptr(name), 0)
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fpathconf_trampoline()
-
-//go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fsync(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fsync_trampoline), uintptr(fd), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fsync_trampoline()
-
-//go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Ftruncate(fd int, length int64) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ftruncate_trampoline), uintptr(fd), uintptr(length), uintptr(length>>32))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_ftruncate_trampoline()
-
-//go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getcwd(buf []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(buf) > 0 {
- _p0 = unsafe.Pointer(&buf[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_getcwd_trampoline), uintptr(_p0), uintptr(len(buf)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getcwd_trampoline()
-
-//go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getdtablesize() (size int) {
- r0, _, _ := syscall_syscall(funcPC(libc_getdtablesize_trampoline), 0, 0, 0)
- size = int(r0)
- return
-}
-
-func libc_getdtablesize_trampoline()
-
-//go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getegid() (egid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getegid_trampoline), 0, 0, 0)
- egid = int(r0)
- return
-}
-
-func libc_getegid_trampoline()
-
-//go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Geteuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_geteuid_trampoline), 0, 0, 0)
- uid = int(r0)
- return
-}
-
-func libc_geteuid_trampoline()
-
-//go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getgid() (gid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getgid_trampoline), 0, 0, 0)
- gid = int(r0)
- return
-}
-
-func libc_getgid_trampoline()
-
-//go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpgid(pid int) (pgid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getpgid_trampoline), uintptr(pid), 0, 0)
- pgid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpgid_trampoline()
-
-//go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpgrp() (pgrp int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpgrp_trampoline), 0, 0, 0)
- pgrp = int(r0)
- return
-}
-
-func libc_getpgrp_trampoline()
-
-//go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpid() (pid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpid_trampoline), 0, 0, 0)
- pid = int(r0)
- return
-}
-
-func libc_getpid_trampoline()
-
-//go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getppid() (ppid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getppid_trampoline), 0, 0, 0)
- ppid = int(r0)
- return
-}
-
-func libc_getppid_trampoline()
-
-//go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpriority(which int, who int) (prio int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getpriority_trampoline), uintptr(which), uintptr(who), 0)
- prio = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getpriority_trampoline()
-
-//go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getrlimit_trampoline()
-
-//go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getrusage(who int, rusage *Rusage) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrusage_trampoline), uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getrusage_trampoline()
-
-//go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getsid(pid int) (sid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getsid_trampoline), uintptr(pid), 0, 0)
- sid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getsid_trampoline()
-
-//go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Gettimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_gettimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_gettimeofday_trampoline()
-
-//go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getuid_trampoline), 0, 0, 0)
- uid = int(r0)
- return
-}
-
-func libc_getuid_trampoline()
-
-//go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Issetugid() (tainted bool) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_issetugid_trampoline), 0, 0, 0)
- tainted = bool(r0 != 0)
- return
-}
-
-func libc_issetugid_trampoline()
-
-//go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Kqueue() (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_kqueue_trampoline), 0, 0, 0)
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_kqueue_trampoline()
-
-//go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Lchown(path string, uid int, gid int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_lchown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lchown_trampoline()
-
-//go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Link(path string, link string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_link_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_link_trampoline()
-
-//go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_linkat_trampoline), uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_linkat_trampoline()
-
-//go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Listen(s int, backlog int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_listen_trampoline), uintptr(s), uintptr(backlog), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_listen_trampoline()
-
-//go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkdir(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkdir_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkdir_trampoline()
-
-//go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkdirat(dirfd int, path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkdirat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkdirat_trampoline()
-
-//go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkfifo(path string, mode uint32) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mkfifo_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mkfifo_trampoline()
-
-//go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mknod(path string, mode uint32, dev int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_mknod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mknod_trampoline()
-
-//go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Open(path string, mode int, perm uint32) (fd int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_open_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_open_trampoline()
-
-//go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_openat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
- fd = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_openat_trampoline()
-
-//go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pathconf(path string, name int) (val int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_pathconf_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
- val = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pathconf_trampoline()
-
-//go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pread(fd int, p []byte, offset int64) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_pread_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), uintptr(offset>>32), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pread_trampoline()
-
-//go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_pwrite_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), uintptr(offset>>32), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_pwrite_trampoline()
-
-//go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func read(fd int, p []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_read_trampoline()
-
-//go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Readlink(path string, buf []byte) (n int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 unsafe.Pointer
- if len(buf) > 0 {
- _p1 = unsafe.Pointer(&buf[0])
- } else {
- _p1 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_readlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_readlink_trampoline()
-
-//go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 unsafe.Pointer
- if len(buf) > 0 {
- _p1 = unsafe.Pointer(&buf[0])
- } else {
- _p1 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall6(funcPC(libc_readlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_readlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Rename(from string, to string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(from)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(to)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_rename_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_rename_trampoline()
-
-//go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Renameat(fromfd int, from string, tofd int, to string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(from)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(to)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_renameat_trampoline), uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_renameat_trampoline()
-
-//go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Revoke(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_revoke_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_revoke_trampoline()
-
-//go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Rmdir(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_rmdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_rmdir_trampoline()
-
-//go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
- r0, r1, e1 := syscall_syscall6(funcPC(libc_lseek_trampoline), uintptr(fd), uintptr(offset), uintptr(offset>>32), uintptr(whence), 0, 0)
- newoffset = int64(int64(r1)<<32 | int64(r0))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lseek_trampoline()
-
-//go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_select_trampoline()
-
-//go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setegid(egid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setegid_trampoline), uintptr(egid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setegid_trampoline()
-
-//go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Seteuid(euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_seteuid_trampoline), uintptr(euid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_seteuid_trampoline()
-
-//go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setgid(gid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgid_trampoline), uintptr(gid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setgid_trampoline()
-
-//go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setlogin(name string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(name)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_setlogin_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setlogin_trampoline()
-
-//go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setpgid(pid int, pgid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setpgid_trampoline), uintptr(pid), uintptr(pgid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setpgid_trampoline()
-
-//go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setpriority(which int, who int, prio int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setpriority_trampoline), uintptr(which), uintptr(who), uintptr(prio))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setpriority_trampoline()
-
-//go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setprivexec(flag int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setprivexec_trampoline), uintptr(flag), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setprivexec_trampoline()
-
-//go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setregid(rgid int, egid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setregid_trampoline), uintptr(rgid), uintptr(egid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setregid_trampoline()
-
-//go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setreuid(ruid int, euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setreuid_trampoline), uintptr(ruid), uintptr(euid), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setreuid_trampoline()
-
-//go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setrlimit_trampoline()
-
-//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setsid() (pid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_setsid_trampoline), 0, 0, 0)
- pid = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setsid_trampoline()
-
-//go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Settimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_settimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_settimeofday_trampoline()
-
-//go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Setuid(uid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setuid_trampoline), uintptr(uid), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_setuid_trampoline()
-
-//go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Symlink(path string, link string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(link)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_symlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_symlink_trampoline()
-
-//go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(oldpath)
- if err != nil {
- return
- }
- var _p1 *byte
- _p1, err = BytePtrFromString(newpath)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_symlinkat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_symlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Sync() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_sync_trampoline), 0, 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_sync_trampoline()
-
-//go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Truncate(path string, length int64) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_truncate_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(length), uintptr(length>>32))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_truncate_trampoline()
-
-//go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Umask(newmask int) (oldmask int) {
- r0, _, _ := syscall_syscall(funcPC(libc_umask_trampoline), uintptr(newmask), 0, 0)
- oldmask = int(r0)
- return
-}
-
-func libc_umask_trampoline()
-
-//go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Undelete(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_undelete_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_undelete_trampoline()
-
-//go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unlink(path string) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unlink_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unlink_trampoline()
-
-//go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unlinkat(dirfd int, path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unlinkat_trampoline()
-
-//go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unmount(path string, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_unmount_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_unmount_trampoline()
-
-//go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func write(fd int, p []byte) (n int, err error) {
- var _p0 unsafe.Pointer
- if len(p) > 0 {
- _p0 = unsafe.Pointer(&p[0])
- } else {
- _p0 = unsafe.Pointer(&_zero)
- }
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_write_trampoline()
-
-//go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
- r0, _, e1 := syscall_syscall9(funcPC(libc_mmap_trampoline), uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos), uintptr(pos>>32), 0, 0)
- ret = uintptr(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_mmap_trampoline()
-
-//go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func munmap(addr uintptr, length uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munmap_trampoline), uintptr(addr), uintptr(length), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_munmap_trampoline()
-
-//go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstat(fd int, stat *Stat_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstat_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstat_trampoline()
-
-//go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall6(funcPC(libc_fstatat_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstatat_trampoline()
-
-//go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstatfs(fd int, stat *Statfs_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstatfs_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_fstatfs_trampoline()
-
-//go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
- n = int(r0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_getfsstat_trampoline()
-
-//go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Lstat(path string, stat *Stat_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_lstat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_lstat_trampoline()
-
-//go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Stat(path string, stat *Stat_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_stat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_stat_trampoline()
-
-//go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Statfs(path string, stat *Statfs_t) (err error) {
- var _p0 *byte
- _p0, err = BytePtrFromString(path)
- if err != nil {
- return
- }
- _, _, e1 := syscall_syscall(funcPC(libc_statfs_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
- if e1 != 0 {
- err = errnoErr(e1)
- }
- return
-}
-
-func libc_statfs_trampoline()
-
-//go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.s
deleted file mode 100644
index 5eec5f1d..00000000
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm.s
+++ /dev/null
@@ -1,288 +0,0 @@
-// go run mkasm_darwin.go arm
-// Code generated by the command above; DO NOT EDIT.
-
-// +build go1.12
-
-#include "textflag.h"
-TEXT ·libc_getgroups_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getgroups(SB)
-TEXT ·libc_setgroups_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setgroups(SB)
-TEXT ·libc_wait4_trampoline(SB),NOSPLIT,$0-0
- JMP libc_wait4(SB)
-TEXT ·libc_accept_trampoline(SB),NOSPLIT,$0-0
- JMP libc_accept(SB)
-TEXT ·libc_bind_trampoline(SB),NOSPLIT,$0-0
- JMP libc_bind(SB)
-TEXT ·libc_connect_trampoline(SB),NOSPLIT,$0-0
- JMP libc_connect(SB)
-TEXT ·libc_socket_trampoline(SB),NOSPLIT,$0-0
- JMP libc_socket(SB)
-TEXT ·libc_getsockopt_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsockopt(SB)
-TEXT ·libc_setsockopt_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setsockopt(SB)
-TEXT ·libc_getpeername_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpeername(SB)
-TEXT ·libc_getsockname_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsockname(SB)
-TEXT ·libc_shutdown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_shutdown(SB)
-TEXT ·libc_socketpair_trampoline(SB),NOSPLIT,$0-0
- JMP libc_socketpair(SB)
-TEXT ·libc_recvfrom_trampoline(SB),NOSPLIT,$0-0
- JMP libc_recvfrom(SB)
-TEXT ·libc_sendto_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendto(SB)
-TEXT ·libc_recvmsg_trampoline(SB),NOSPLIT,$0-0
- JMP libc_recvmsg(SB)
-TEXT ·libc_sendmsg_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendmsg(SB)
-TEXT ·libc_kevent_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kevent(SB)
-TEXT ·libc_utimes_trampoline(SB),NOSPLIT,$0-0
- JMP libc_utimes(SB)
-TEXT ·libc_futimes_trampoline(SB),NOSPLIT,$0-0
- JMP libc_futimes(SB)
-TEXT ·libc_poll_trampoline(SB),NOSPLIT,$0-0
- JMP libc_poll(SB)
-TEXT ·libc_madvise_trampoline(SB),NOSPLIT,$0-0
- JMP libc_madvise(SB)
-TEXT ·libc_mlock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mlock(SB)
-TEXT ·libc_mlockall_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mlockall(SB)
-TEXT ·libc_mprotect_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mprotect(SB)
-TEXT ·libc_msync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_msync(SB)
-TEXT ·libc_munlock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munlock(SB)
-TEXT ·libc_munlockall_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munlockall(SB)
-TEXT ·libc_pipe_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pipe(SB)
-TEXT ·libc_getxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getxattr(SB)
-TEXT ·libc_fgetxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fgetxattr(SB)
-TEXT ·libc_setxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setxattr(SB)
-TEXT ·libc_fsetxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fsetxattr(SB)
-TEXT ·libc_removexattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_removexattr(SB)
-TEXT ·libc_fremovexattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fremovexattr(SB)
-TEXT ·libc_listxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_listxattr(SB)
-TEXT ·libc_flistxattr_trampoline(SB),NOSPLIT,$0-0
- JMP libc_flistxattr(SB)
-TEXT ·libc_setattrlist_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setattrlist(SB)
-TEXT ·libc_fcntl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fcntl(SB)
-TEXT ·libc_kill_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kill(SB)
-TEXT ·libc_ioctl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_ioctl(SB)
-TEXT ·libc_sysctl_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sysctl(SB)
-TEXT ·libc_sendfile_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sendfile(SB)
-TEXT ·libc_access_trampoline(SB),NOSPLIT,$0-0
- JMP libc_access(SB)
-TEXT ·libc_adjtime_trampoline(SB),NOSPLIT,$0-0
- JMP libc_adjtime(SB)
-TEXT ·libc_chdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chdir(SB)
-TEXT ·libc_chflags_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chflags(SB)
-TEXT ·libc_chmod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chmod(SB)
-TEXT ·libc_chown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chown(SB)
-TEXT ·libc_chroot_trampoline(SB),NOSPLIT,$0-0
- JMP libc_chroot(SB)
-TEXT ·libc_clock_gettime_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clock_gettime(SB)
-TEXT ·libc_close_trampoline(SB),NOSPLIT,$0-0
- JMP libc_close(SB)
-TEXT ·libc_clonefile_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clonefile(SB)
-TEXT ·libc_clonefileat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_clonefileat(SB)
-TEXT ·libc_dup_trampoline(SB),NOSPLIT,$0-0
- JMP libc_dup(SB)
-TEXT ·libc_dup2_trampoline(SB),NOSPLIT,$0-0
- JMP libc_dup2(SB)
-TEXT ·libc_exchangedata_trampoline(SB),NOSPLIT,$0-0
- JMP libc_exchangedata(SB)
-TEXT ·libc_exit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_exit(SB)
-TEXT ·libc_faccessat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_faccessat(SB)
-TEXT ·libc_fchdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchdir(SB)
-TEXT ·libc_fchflags_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchflags(SB)
-TEXT ·libc_fchmod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchmod(SB)
-TEXT ·libc_fchmodat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchmodat(SB)
-TEXT ·libc_fchown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchown(SB)
-TEXT ·libc_fchownat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fchownat(SB)
-TEXT ·libc_fclonefileat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fclonefileat(SB)
-TEXT ·libc_flock_trampoline(SB),NOSPLIT,$0-0
- JMP libc_flock(SB)
-TEXT ·libc_fpathconf_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fpathconf(SB)
-TEXT ·libc_fsync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fsync(SB)
-TEXT ·libc_ftruncate_trampoline(SB),NOSPLIT,$0-0
- JMP libc_ftruncate(SB)
-TEXT ·libc_getcwd_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getcwd(SB)
-TEXT ·libc_getdtablesize_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getdtablesize(SB)
-TEXT ·libc_getegid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getegid(SB)
-TEXT ·libc_geteuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_geteuid(SB)
-TEXT ·libc_getgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getgid(SB)
-TEXT ·libc_getpgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpgid(SB)
-TEXT ·libc_getpgrp_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpgrp(SB)
-TEXT ·libc_getpid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpid(SB)
-TEXT ·libc_getppid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getppid(SB)
-TEXT ·libc_getpriority_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getpriority(SB)
-TEXT ·libc_getrlimit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getrlimit(SB)
-TEXT ·libc_getrusage_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getrusage(SB)
-TEXT ·libc_getsid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getsid(SB)
-TEXT ·libc_gettimeofday_trampoline(SB),NOSPLIT,$0-0
- JMP libc_gettimeofday(SB)
-TEXT ·libc_getuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getuid(SB)
-TEXT ·libc_issetugid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_issetugid(SB)
-TEXT ·libc_kqueue_trampoline(SB),NOSPLIT,$0-0
- JMP libc_kqueue(SB)
-TEXT ·libc_lchown_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lchown(SB)
-TEXT ·libc_link_trampoline(SB),NOSPLIT,$0-0
- JMP libc_link(SB)
-TEXT ·libc_linkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_linkat(SB)
-TEXT ·libc_listen_trampoline(SB),NOSPLIT,$0-0
- JMP libc_listen(SB)
-TEXT ·libc_mkdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkdir(SB)
-TEXT ·libc_mkdirat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkdirat(SB)
-TEXT ·libc_mkfifo_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mkfifo(SB)
-TEXT ·libc_mknod_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mknod(SB)
-TEXT ·libc_open_trampoline(SB),NOSPLIT,$0-0
- JMP libc_open(SB)
-TEXT ·libc_openat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_openat(SB)
-TEXT ·libc_pathconf_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pathconf(SB)
-TEXT ·libc_pread_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pread(SB)
-TEXT ·libc_pwrite_trampoline(SB),NOSPLIT,$0-0
- JMP libc_pwrite(SB)
-TEXT ·libc_read_trampoline(SB),NOSPLIT,$0-0
- JMP libc_read(SB)
-TEXT ·libc_readlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readlink(SB)
-TEXT ·libc_readlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_readlinkat(SB)
-TEXT ·libc_rename_trampoline(SB),NOSPLIT,$0-0
- JMP libc_rename(SB)
-TEXT ·libc_renameat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_renameat(SB)
-TEXT ·libc_revoke_trampoline(SB),NOSPLIT,$0-0
- JMP libc_revoke(SB)
-TEXT ·libc_rmdir_trampoline(SB),NOSPLIT,$0-0
- JMP libc_rmdir(SB)
-TEXT ·libc_lseek_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lseek(SB)
-TEXT ·libc_select_trampoline(SB),NOSPLIT,$0-0
- JMP libc_select(SB)
-TEXT ·libc_setegid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setegid(SB)
-TEXT ·libc_seteuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_seteuid(SB)
-TEXT ·libc_setgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setgid(SB)
-TEXT ·libc_setlogin_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setlogin(SB)
-TEXT ·libc_setpgid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setpgid(SB)
-TEXT ·libc_setpriority_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setpriority(SB)
-TEXT ·libc_setprivexec_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setprivexec(SB)
-TEXT ·libc_setregid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setregid(SB)
-TEXT ·libc_setreuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setreuid(SB)
-TEXT ·libc_setrlimit_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setrlimit(SB)
-TEXT ·libc_setsid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setsid(SB)
-TEXT ·libc_settimeofday_trampoline(SB),NOSPLIT,$0-0
- JMP libc_settimeofday(SB)
-TEXT ·libc_setuid_trampoline(SB),NOSPLIT,$0-0
- JMP libc_setuid(SB)
-TEXT ·libc_symlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_symlink(SB)
-TEXT ·libc_symlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_symlinkat(SB)
-TEXT ·libc_sync_trampoline(SB),NOSPLIT,$0-0
- JMP libc_sync(SB)
-TEXT ·libc_truncate_trampoline(SB),NOSPLIT,$0-0
- JMP libc_truncate(SB)
-TEXT ·libc_umask_trampoline(SB),NOSPLIT,$0-0
- JMP libc_umask(SB)
-TEXT ·libc_undelete_trampoline(SB),NOSPLIT,$0-0
- JMP libc_undelete(SB)
-TEXT ·libc_unlink_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unlink(SB)
-TEXT ·libc_unlinkat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unlinkat(SB)
-TEXT ·libc_unmount_trampoline(SB),NOSPLIT,$0-0
- JMP libc_unmount(SB)
-TEXT ·libc_write_trampoline(SB),NOSPLIT,$0-0
- JMP libc_write(SB)
-TEXT ·libc_mmap_trampoline(SB),NOSPLIT,$0-0
- JMP libc_mmap(SB)
-TEXT ·libc_munmap_trampoline(SB),NOSPLIT,$0-0
- JMP libc_munmap(SB)
-TEXT ·libc_fstat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstat(SB)
-TEXT ·libc_fstatat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstatat(SB)
-TEXT ·libc_fstatfs_trampoline(SB),NOSPLIT,$0-0
- JMP libc_fstatfs(SB)
-TEXT ·libc_getfsstat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_getfsstat(SB)
-TEXT ·libc_lstat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_lstat(SB)
-TEXT ·libc_stat_trampoline(SB),NOSPLIT,$0-0
- JMP libc_stat(SB)
-TEXT ·libc_statfs_trampoline(SB),NOSPLIT,$0-0
- JMP libc_statfs(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go
index 870eb37a..cec595d5 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags darwin,arm64,go1.13 syscall_darwin.1_13.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build darwin && arm64 && go1.13
// +build darwin,arm64,go1.13
package unix
@@ -15,25 +16,25 @@ var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func closedir(dir uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_closedir_trampoline), uintptr(dir), 0, 0)
+ _, _, e1 := syscall_syscall(libc_closedir_trampoline_addr, uintptr(dir), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_closedir_trampoline()
+var libc_closedir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_closedir closedir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readdir_r(dir uintptr, entry *Dirent, result **Dirent) (res Errno) {
- r0, _, _ := syscall_syscall(funcPC(libc_readdir_r_trampoline), uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
+ r0, _, _ := syscall_syscall(libc_readdir_r_trampoline_addr, uintptr(dir), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
res = Errno(r0)
return
}
-func libc_readdir_r_trampoline()
+var libc_readdir_r_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readdir_r readdir_r "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.s
index b29dabb0..35798972 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.1_13.s
@@ -1,12 +1,25 @@
// go run mkasm_darwin.go arm64
// Code generated by the command above; DO NOT EDIT.
+//go:build go1.13
// +build go1.13
#include "textflag.h"
-TEXT ·libc_fdopendir_trampoline(SB),NOSPLIT,$0-0
+
+TEXT libc_fdopendir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fdopendir(SB)
-TEXT ·libc_closedir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fdopendir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fdopendir_trampoline_addr(SB)/8, $libc_fdopendir_trampoline<>(SB)
+
+TEXT libc_closedir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_closedir(SB)
-TEXT ·libc_readdir_r_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_closedir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_closedir_trampoline_addr(SB)/8, $libc_closedir_trampoline<>(SB)
+
+TEXT libc_readdir_r_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readdir_r(SB)
+
+GLOBL ·libc_readdir_r_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readdir_r_trampoline_addr(SB)/8, $libc_readdir_r_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
index 9b01a79c..f2ee2bd3 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags darwin,arm64,go1.12 syscall_bsd.go syscall_darwin.go syscall_darwin_arm64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build darwin && arm64 && go1.12
// +build darwin,arm64,go1.12
package unix
@@ -15,7 +16,7 @@ var _ syscall.Errno
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getgroups_trampoline_addr, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -23,28 +24,28 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
return
}
-func libc_getgroups_trampoline()
+var libc_getgroups_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getgroups getgroups "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setgroups(ngid int, gid *_Gid_t) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgroups_trampoline), uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setgroups_trampoline_addr, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setgroups_trampoline()
+var libc_setgroups_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setgroups setgroups "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_wait4_trampoline), uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_wait4_trampoline_addr, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
wpid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -52,14 +53,14 @@ func wait4(pid int, wstatus *_C_int, options int, rusage *Rusage) (wpid int, err
return
}
-func libc_wait4_trampoline()
+var libc_wait4_trampoline_addr uintptr
//go:cgo_import_dynamic libc_wait4 wait4 "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_accept_trampoline), uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ r0, _, e1 := syscall_syscall(libc_accept_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -67,42 +68,42 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
return
}
-func libc_accept_trampoline()
+var libc_accept_trampoline_addr uintptr
//go:cgo_import_dynamic libc_accept accept "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_bind_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
+ _, _, e1 := syscall_syscall(libc_bind_trampoline_addr, uintptr(s), uintptr(addr), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_bind_trampoline()
+var libc_bind_trampoline_addr uintptr
//go:cgo_import_dynamic libc_bind bind "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_connect_trampoline), uintptr(s), uintptr(addr), uintptr(addrlen))
+ _, _, e1 := syscall_syscall(libc_connect_trampoline_addr, uintptr(s), uintptr(addr), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_connect_trampoline()
+var libc_connect_trampoline_addr uintptr
//go:cgo_import_dynamic libc_connect connect "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func socket(domain int, typ int, proto int) (fd int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_socket_trampoline), uintptr(domain), uintptr(typ), uintptr(proto))
+ r0, _, e1 := syscall_rawSyscall(libc_socket_trampoline_addr, uintptr(domain), uintptr(typ), uintptr(proto))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -110,91 +111,91 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
return
}
-func libc_socket_trampoline()
+var libc_socket_trampoline_addr uintptr
//go:cgo_import_dynamic libc_socket socket "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_getsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
+ _, _, e1 := syscall_syscall6(libc_getsockopt_trampoline_addr, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getsockopt_trampoline()
+var libc_getsockopt_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsockopt getsockopt "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setsockopt_trampoline), uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
+ _, _, e1 := syscall_syscall6(libc_setsockopt_trampoline_addr, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setsockopt_trampoline()
+var libc_setsockopt_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setsockopt setsockopt "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getpeername_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ _, _, e1 := syscall_rawSyscall(libc_getpeername_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getpeername_trampoline()
+var libc_getpeername_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpeername getpeername "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getsockname_trampoline), uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ _, _, e1 := syscall_rawSyscall(libc_getsockname_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getsockname_trampoline()
+var libc_getsockname_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsockname getsockname "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Shutdown(s int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_shutdown_trampoline), uintptr(s), uintptr(how), 0)
+ _, _, e1 := syscall_syscall(libc_shutdown_trampoline_addr, uintptr(s), uintptr(how), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_shutdown_trampoline()
+var libc_shutdown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_shutdown shutdown "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall6(funcPC(libc_socketpair_trampoline), uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
+ _, _, e1 := syscall_rawSyscall6(libc_socketpair_trampoline_addr, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_socketpair_trampoline()
+var libc_socketpair_trampoline_addr uintptr
//go:cgo_import_dynamic libc_socketpair socketpair "/usr/lib/libSystem.B.dylib"
@@ -207,7 +208,7 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_recvfrom_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+ r0, _, e1 := syscall_syscall6(libc_recvfrom_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -215,7 +216,7 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
return
}
-func libc_recvfrom_trampoline()
+var libc_recvfrom_trampoline_addr uintptr
//go:cgo_import_dynamic libc_recvfrom recvfrom "/usr/lib/libSystem.B.dylib"
@@ -228,21 +229,21 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall6(funcPC(libc_sendto_trampoline), uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+ _, _, e1 := syscall_syscall6(libc_sendto_trampoline_addr, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sendto_trampoline()
+var libc_sendto_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendto sendto "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_recvmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_recvmsg_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -250,14 +251,14 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
return
}
-func libc_recvmsg_trampoline()
+var libc_recvmsg_trampoline_addr uintptr
//go:cgo_import_dynamic libc_recvmsg recvmsg "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_sendmsg_trampoline), uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_sendmsg_trampoline_addr, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -265,14 +266,14 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
return
}
-func libc_sendmsg_trampoline()
+var libc_sendmsg_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendmsg sendmsg "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, nevent int, timeout *Timespec) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_kevent_trampoline), uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
+ r0, _, e1 := syscall_syscall6(libc_kevent_trampoline_addr, uintptr(kq), uintptr(change), uintptr(nchange), uintptr(event), uintptr(nevent), uintptr(unsafe.Pointer(timeout)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -280,7 +281,7 @@ func kevent(kq int, change unsafe.Pointer, nchange int, event unsafe.Pointer, ne
return
}
-func libc_kevent_trampoline()
+var libc_kevent_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kevent kevent "/usr/lib/libSystem.B.dylib"
@@ -292,35 +293,35 @@ func utimes(path string, timeval *[2]Timeval) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_utimes_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
+ _, _, e1 := syscall_syscall(libc_utimes_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_utimes_trampoline()
+var libc_utimes_trampoline_addr uintptr
//go:cgo_import_dynamic libc_utimes utimes "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func futimes(fd int, timeval *[2]Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_futimes_trampoline), uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
+ _, _, e1 := syscall_syscall(libc_futimes_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(timeval)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_futimes_trampoline()
+var libc_futimes_trampoline_addr uintptr
//go:cgo_import_dynamic libc_futimes futimes "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_poll_trampoline), uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
+ r0, _, e1 := syscall_syscall(libc_poll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -328,7 +329,7 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
return
}
-func libc_poll_trampoline()
+var libc_poll_trampoline_addr uintptr
//go:cgo_import_dynamic libc_poll poll "/usr/lib/libSystem.B.dylib"
@@ -341,14 +342,14 @@ func Madvise(b []byte, behav int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_madvise_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(behav))
+ _, _, e1 := syscall_syscall(libc_madvise_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(behav))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_madvise_trampoline()
+var libc_madvise_trampoline_addr uintptr
//go:cgo_import_dynamic libc_madvise madvise "/usr/lib/libSystem.B.dylib"
@@ -361,28 +362,28 @@ func Mlock(b []byte) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_mlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
+ _, _, e1 := syscall_syscall(libc_mlock_trampoline_addr, uintptr(_p0), uintptr(len(b)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mlock_trampoline()
+var libc_mlock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mlock mlock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Mlockall(flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_mlockall_trampoline), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall(libc_mlockall_trampoline_addr, uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mlockall_trampoline()
+var libc_mlockall_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mlockall mlockall "/usr/lib/libSystem.B.dylib"
@@ -395,14 +396,14 @@ func Mprotect(b []byte, prot int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_mprotect_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(prot))
+ _, _, e1 := syscall_syscall(libc_mprotect_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(prot))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mprotect_trampoline()
+var libc_mprotect_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mprotect mprotect "/usr/lib/libSystem.B.dylib"
@@ -415,14 +416,14 @@ func Msync(b []byte, flags int) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_msync_trampoline), uintptr(_p0), uintptr(len(b)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_msync_trampoline_addr, uintptr(_p0), uintptr(len(b)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_msync_trampoline()
+var libc_msync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_msync msync "/usr/lib/libSystem.B.dylib"
@@ -435,42 +436,42 @@ func Munlock(b []byte) (err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall(funcPC(libc_munlock_trampoline), uintptr(_p0), uintptr(len(b)), 0)
+ _, _, e1 := syscall_syscall(libc_munlock_trampoline_addr, uintptr(_p0), uintptr(len(b)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munlock_trampoline()
+var libc_munlock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munlock munlock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Munlockall() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munlockall_trampoline), 0, 0, 0)
+ _, _, e1 := syscall_syscall(libc_munlockall_trampoline_addr, 0, 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munlockall_trampoline()
+var libc_munlockall_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munlockall munlockall "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func pipe(p *[2]int32) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_pipe_trampoline), uintptr(unsafe.Pointer(p)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_pipe_trampoline_addr, uintptr(unsafe.Pointer(p)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_pipe_trampoline()
+var libc_pipe_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pipe pipe "/usr/lib/libSystem.B.dylib"
@@ -487,7 +488,7 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_getxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
+ r0, _, e1 := syscall_syscall6(libc_getxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -495,7 +496,7 @@ func getxattr(path string, attr string, dest *byte, size int, position uint32, o
return
}
-func libc_getxattr_trampoline()
+var libc_getxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getxattr getxattr "/usr/lib/libSystem.B.dylib"
@@ -507,7 +508,7 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_fgetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
+ r0, _, e1 := syscall_syscall6(libc_fgetxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(position), uintptr(options))
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -515,7 +516,7 @@ func fgetxattr(fd int, attr string, dest *byte, size int, position uint32, optio
return
}
-func libc_fgetxattr_trampoline()
+var libc_fgetxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fgetxattr fgetxattr "/usr/lib/libSystem.B.dylib"
@@ -532,14 +533,14 @@ func setxattr(path string, attr string, data *byte, size int, position uint32, o
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_setxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
+ _, _, e1 := syscall_syscall6(libc_setxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setxattr_trampoline()
+var libc_setxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setxattr setxattr "/usr/lib/libSystem.B.dylib"
@@ -551,14 +552,14 @@ func fsetxattr(fd int, attr string, data *byte, size int, position uint32, optio
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fsetxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
+ _, _, e1 := syscall_syscall6(libc_fsetxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(data)), uintptr(size), uintptr(position), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fsetxattr_trampoline()
+var libc_fsetxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fsetxattr fsetxattr "/usr/lib/libSystem.B.dylib"
@@ -575,14 +576,14 @@ func removexattr(path string, attr string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_removexattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_removexattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_removexattr_trampoline()
+var libc_removexattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_removexattr removexattr "/usr/lib/libSystem.B.dylib"
@@ -594,14 +595,14 @@ func fremovexattr(fd int, attr string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_fremovexattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_fremovexattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fremovexattr_trampoline()
+var libc_fremovexattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fremovexattr fremovexattr "/usr/lib/libSystem.B.dylib"
@@ -613,7 +614,7 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_listxattr_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_listxattr_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -621,14 +622,14 @@ func listxattr(path string, dest *byte, size int, options int) (sz int, err erro
return
}
-func libc_listxattr_trampoline()
+var libc_listxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_listxattr listxattr "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_flistxattr_trampoline), uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_flistxattr_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(dest)), uintptr(size), uintptr(options), 0, 0)
sz = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -636,28 +637,28 @@ func flistxattr(fd int, dest *byte, size int, options int) (sz int, err error) {
return
}
-func libc_flistxattr_trampoline()
+var libc_flistxattr_trampoline_addr uintptr
//go:cgo_import_dynamic libc_flistxattr flistxattr "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func setattrlist(path *byte, list unsafe.Pointer, buf unsafe.Pointer, size uintptr, options int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_setattrlist_trampoline), uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
+ _, _, e1 := syscall_syscall6(libc_setattrlist_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(list), uintptr(buf), uintptr(size), uintptr(options), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setattrlist_trampoline()
+var libc_setattrlist_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func fcntl(fd int, cmd int, arg int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fcntl_trampoline), uintptr(fd), uintptr(cmd), uintptr(arg))
+ r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -665,35 +666,35 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
return
}
-func libc_fcntl_trampoline()
+var libc_fcntl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fcntl fcntl "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func kill(pid int, signum int, posix int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_kill_trampoline), uintptr(pid), uintptr(signum), uintptr(posix))
+ _, _, e1 := syscall_syscall(libc_kill_trampoline_addr, uintptr(pid), uintptr(signum), uintptr(posix))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_kill_trampoline()
+var libc_kill_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kill kill "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ioctl(fd int, req uint, arg uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ioctl_trampoline), uintptr(fd), uintptr(req), uintptr(arg))
+ _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ioctl_trampoline()
+var libc_ioctl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
@@ -706,28 +707,28 @@ func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr)
} else {
_p0 = unsafe.Pointer(&_zero)
}
- _, _, e1 := syscall_syscall6(funcPC(libc_sysctl_trampoline), uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
+ _, _, e1 := syscall_syscall6(libc_sysctl_trampoline_addr, uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sysctl_trampoline()
+var libc_sysctl_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_sendfile_trampoline), uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
+ _, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sendfile_trampoline()
+var libc_sendfile_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sendfile sendfile "/usr/lib/libSystem.B.dylib"
@@ -739,28 +740,28 @@ func Access(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_access_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_access_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_access_trampoline()
+var libc_access_trampoline_addr uintptr
//go:cgo_import_dynamic libc_access access "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Adjtime(delta *Timeval, olddelta *Timeval) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_adjtime_trampoline), uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
+ _, _, e1 := syscall_syscall(libc_adjtime_trampoline_addr, uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_adjtime_trampoline()
+var libc_adjtime_trampoline_addr uintptr
//go:cgo_import_dynamic libc_adjtime adjtime "/usr/lib/libSystem.B.dylib"
@@ -772,14 +773,14 @@ func Chdir(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_chdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chdir_trampoline()
+var libc_chdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chdir chdir "/usr/lib/libSystem.B.dylib"
@@ -791,14 +792,14 @@ func Chflags(path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chflags_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_chflags_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chflags_trampoline()
+var libc_chflags_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chflags chflags "/usr/lib/libSystem.B.dylib"
@@ -810,14 +811,14 @@ func Chmod(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chmod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_chmod_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chmod_trampoline()
+var libc_chmod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chmod chmod "/usr/lib/libSystem.B.dylib"
@@ -829,14 +830,14 @@ func Chown(path string, uid int, gid int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_chown_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chown_trampoline()
+var libc_chown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chown chown "/usr/lib/libSystem.B.dylib"
@@ -848,42 +849,42 @@ func Chroot(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_chroot_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_chroot_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_chroot_trampoline()
+var libc_chroot_trampoline_addr uintptr
//go:cgo_import_dynamic libc_chroot chroot "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ClockGettime(clockid int32, time *Timespec) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_clock_gettime_trampoline), uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
+ _, _, e1 := syscall_syscall(libc_clock_gettime_trampoline_addr, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clock_gettime_trampoline()
+var libc_clock_gettime_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clock_gettime clock_gettime "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Close(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_close_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_close_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_close_trampoline()
+var libc_close_trampoline_addr uintptr
//go:cgo_import_dynamic libc_close close "/usr/lib/libSystem.B.dylib"
@@ -900,14 +901,14 @@ func Clonefile(src string, dst string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_clonefile_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_clonefile_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clonefile_trampoline()
+var libc_clonefile_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clonefile clonefile "/usr/lib/libSystem.B.dylib"
@@ -924,21 +925,21 @@ func Clonefileat(srcDirfd int, src string, dstDirfd int, dst string, flags int)
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_clonefileat_trampoline), uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_clonefileat_trampoline_addr, uintptr(srcDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_clonefileat_trampoline()
+var libc_clonefileat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_clonefileat clonefileat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Dup(fd int) (nfd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_dup_trampoline), uintptr(fd), 0, 0)
+ r0, _, e1 := syscall_syscall(libc_dup_trampoline_addr, uintptr(fd), 0, 0)
nfd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -946,21 +947,21 @@ func Dup(fd int) (nfd int, err error) {
return
}
-func libc_dup_trampoline()
+var libc_dup_trampoline_addr uintptr
//go:cgo_import_dynamic libc_dup dup "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Dup2(from int, to int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_dup2_trampoline), uintptr(from), uintptr(to), 0)
+ _, _, e1 := syscall_syscall(libc_dup2_trampoline_addr, uintptr(from), uintptr(to), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_dup2_trampoline()
+var libc_dup2_trampoline_addr uintptr
//go:cgo_import_dynamic libc_dup2 dup2 "/usr/lib/libSystem.B.dylib"
@@ -977,25 +978,25 @@ func Exchangedata(path1 string, path2 string, options int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_exchangedata_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
+ _, _, e1 := syscall_syscall(libc_exchangedata_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(options))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_exchangedata_trampoline()
+var libc_exchangedata_trampoline_addr uintptr
//go:cgo_import_dynamic libc_exchangedata exchangedata "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Exit(code int) {
- syscall_syscall(funcPC(libc_exit_trampoline), uintptr(code), 0, 0)
+ syscall_syscall(libc_exit_trampoline_addr, uintptr(code), 0, 0)
return
}
-func libc_exit_trampoline()
+var libc_exit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_exit exit "/usr/lib/libSystem.B.dylib"
@@ -1007,56 +1008,56 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_faccessat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_faccessat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_faccessat_trampoline()
+var libc_faccessat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_faccessat faccessat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchdir(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchdir_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_fchdir_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchdir_trampoline()
+var libc_fchdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchdir fchdir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchflags(fd int, flags int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchflags_trampoline), uintptr(fd), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_fchflags_trampoline_addr, uintptr(fd), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchflags_trampoline()
+var libc_fchflags_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchflags fchflags "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchmod(fd int, mode uint32) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchmod_trampoline), uintptr(fd), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_fchmod_trampoline_addr, uintptr(fd), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchmod_trampoline()
+var libc_fchmod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchmod fchmod "/usr/lib/libSystem.B.dylib"
@@ -1068,28 +1069,28 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fchmodat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fchmodat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchmodat_trampoline()
+var libc_fchmodat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchmodat fchmodat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fchown(fd int, uid int, gid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fchown_trampoline), uintptr(fd), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_fchown_trampoline_addr, uintptr(fd), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchown_trampoline()
+var libc_fchown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchown fchown "/usr/lib/libSystem.B.dylib"
@@ -1101,14 +1102,14 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fchownat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_fchownat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fchownat_trampoline()
+var libc_fchownat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fchownat fchownat "/usr/lib/libSystem.B.dylib"
@@ -1120,35 +1121,35 @@ func Fclonefileat(srcDirfd int, dstDirfd int, dst string, flags int) (err error)
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fclonefileat_trampoline), uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fclonefileat_trampoline_addr, uintptr(srcDirfd), uintptr(dstDirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fclonefileat_trampoline()
+var libc_fclonefileat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fclonefileat fclonefileat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Flock(fd int, how int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_flock_trampoline), uintptr(fd), uintptr(how), 0)
+ _, _, e1 := syscall_syscall(libc_flock_trampoline_addr, uintptr(fd), uintptr(how), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_flock_trampoline()
+var libc_flock_trampoline_addr uintptr
//go:cgo_import_dynamic libc_flock flock "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fpathconf(fd int, name int) (val int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_fpathconf_trampoline), uintptr(fd), uintptr(name), 0)
+ r0, _, e1 := syscall_syscall(libc_fpathconf_trampoline_addr, uintptr(fd), uintptr(name), 0)
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1156,35 +1157,35 @@ func Fpathconf(fd int, name int) (val int, err error) {
return
}
-func libc_fpathconf_trampoline()
+var libc_fpathconf_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fpathconf fpathconf "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fsync(fd int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fsync_trampoline), uintptr(fd), 0, 0)
+ _, _, e1 := syscall_syscall(libc_fsync_trampoline_addr, uintptr(fd), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fsync_trampoline()
+var libc_fsync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fsync fsync "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Ftruncate(fd int, length int64) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_ftruncate_trampoline), uintptr(fd), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_ftruncate_trampoline_addr, uintptr(fd), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ftruncate_trampoline()
+var libc_ftruncate_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ftruncate ftruncate "/usr/lib/libSystem.B.dylib"
@@ -1197,7 +1198,7 @@ func Getcwd(buf []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_getcwd_trampoline), uintptr(_p0), uintptr(len(buf)), 0)
+ r0, _, e1 := syscall_syscall(libc_getcwd_trampoline_addr, uintptr(_p0), uintptr(len(buf)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1205,62 +1206,62 @@ func Getcwd(buf []byte) (n int, err error) {
return
}
-func libc_getcwd_trampoline()
+var libc_getcwd_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getcwd getcwd "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getdtablesize() (size int) {
- r0, _, _ := syscall_syscall(funcPC(libc_getdtablesize_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_syscall(libc_getdtablesize_trampoline_addr, 0, 0, 0)
size = int(r0)
return
}
-func libc_getdtablesize_trampoline()
+var libc_getdtablesize_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getdtablesize getdtablesize "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getegid() (egid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getegid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getegid_trampoline_addr, 0, 0, 0)
egid = int(r0)
return
}
-func libc_getegid_trampoline()
+var libc_getegid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getegid getegid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Geteuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_geteuid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_geteuid_trampoline_addr, 0, 0, 0)
uid = int(r0)
return
}
-func libc_geteuid_trampoline()
+var libc_geteuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_geteuid geteuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getgid() (gid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getgid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getgid_trampoline_addr, 0, 0, 0)
gid = int(r0)
return
}
-func libc_getgid_trampoline()
+var libc_getgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getgid getgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpgid(pid int) (pgid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getpgid_trampoline), uintptr(pid), 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getpgid_trampoline_addr, uintptr(pid), 0, 0)
pgid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1268,50 +1269,50 @@ func Getpgid(pid int) (pgid int, err error) {
return
}
-func libc_getpgid_trampoline()
+var libc_getpgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpgid getpgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpgrp() (pgrp int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpgrp_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getpgrp_trampoline_addr, 0, 0, 0)
pgrp = int(r0)
return
}
-func libc_getpgrp_trampoline()
+var libc_getpgrp_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpgrp getpgrp "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpid() (pid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getpid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getpid_trampoline_addr, 0, 0, 0)
pid = int(r0)
return
}
-func libc_getpid_trampoline()
+var libc_getpid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpid getpid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getppid() (ppid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getppid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getppid_trampoline_addr, 0, 0, 0)
ppid = int(r0)
return
}
-func libc_getppid_trampoline()
+var libc_getppid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getppid getppid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getpriority(which int, who int) (prio int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getpriority_trampoline), uintptr(which), uintptr(who), 0)
+ r0, _, e1 := syscall_syscall(libc_getpriority_trampoline_addr, uintptr(which), uintptr(who), 0)
prio = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1319,42 +1320,42 @@ func Getpriority(which int, who int) (prio int, err error) {
return
}
-func libc_getpriority_trampoline()
+var libc_getpriority_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getpriority getpriority "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_getrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getrlimit_trampoline()
+var libc_getrlimit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getrlimit getrlimit "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getrusage(who int, rusage *Rusage) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_getrusage_trampoline), uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_getrusage_trampoline_addr, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_getrusage_trampoline()
+var libc_getrusage_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getrusage getrusage "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getsid(pid int) (sid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_getsid_trampoline), uintptr(pid), 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_getsid_trampoline_addr, uintptr(pid), 0, 0)
sid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1362,52 +1363,52 @@ func Getsid(pid int) (sid int, err error) {
return
}
-func libc_getsid_trampoline()
+var libc_getsid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getsid getsid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Gettimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_gettimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_gettimeofday_trampoline_addr, uintptr(unsafe.Pointer(tp)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_gettimeofday_trampoline()
+var libc_gettimeofday_trampoline_addr uintptr
//go:cgo_import_dynamic libc_gettimeofday gettimeofday "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Getuid() (uid int) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_getuid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_getuid_trampoline_addr, 0, 0, 0)
uid = int(r0)
return
}
-func libc_getuid_trampoline()
+var libc_getuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getuid getuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Issetugid() (tainted bool) {
- r0, _, _ := syscall_rawSyscall(funcPC(libc_issetugid_trampoline), 0, 0, 0)
+ r0, _, _ := syscall_rawSyscall(libc_issetugid_trampoline_addr, 0, 0, 0)
tainted = bool(r0 != 0)
return
}
-func libc_issetugid_trampoline()
+var libc_issetugid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_issetugid issetugid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Kqueue() (fd int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_kqueue_trampoline), 0, 0, 0)
+ r0, _, e1 := syscall_syscall(libc_kqueue_trampoline_addr, 0, 0, 0)
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1415,7 +1416,7 @@ func Kqueue() (fd int, err error) {
return
}
-func libc_kqueue_trampoline()
+var libc_kqueue_trampoline_addr uintptr
//go:cgo_import_dynamic libc_kqueue kqueue "/usr/lib/libSystem.B.dylib"
@@ -1427,14 +1428,14 @@ func Lchown(path string, uid int, gid int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_lchown_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ _, _, e1 := syscall_syscall(libc_lchown_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_lchown_trampoline()
+var libc_lchown_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lchown lchown "/usr/lib/libSystem.B.dylib"
@@ -1451,14 +1452,14 @@ func Link(path string, link string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_link_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_link_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_link_trampoline()
+var libc_link_trampoline_addr uintptr
//go:cgo_import_dynamic libc_link link "/usr/lib/libSystem.B.dylib"
@@ -1475,28 +1476,28 @@ func Linkat(pathfd int, path string, linkfd int, link string, flags int) (err er
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_linkat_trampoline), uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall6(libc_linkat_trampoline_addr, uintptr(pathfd), uintptr(unsafe.Pointer(_p0)), uintptr(linkfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_linkat_trampoline()
+var libc_linkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_linkat linkat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Listen(s int, backlog int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_listen_trampoline), uintptr(s), uintptr(backlog), 0)
+ _, _, e1 := syscall_syscall(libc_listen_trampoline_addr, uintptr(s), uintptr(backlog), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_listen_trampoline()
+var libc_listen_trampoline_addr uintptr
//go:cgo_import_dynamic libc_listen listen "/usr/lib/libSystem.B.dylib"
@@ -1508,14 +1509,14 @@ func Mkdir(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkdir_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_mkdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkdir_trampoline()
+var libc_mkdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkdir mkdir "/usr/lib/libSystem.B.dylib"
@@ -1527,14 +1528,14 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkdirat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+ _, _, e1 := syscall_syscall(libc_mkdirat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkdirat_trampoline()
+var libc_mkdirat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkdirat mkdirat "/usr/lib/libSystem.B.dylib"
@@ -1546,14 +1547,14 @@ func Mkfifo(path string, mode uint32) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mkfifo_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ _, _, e1 := syscall_syscall(libc_mkfifo_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mkfifo_trampoline()
+var libc_mkfifo_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mkfifo mkfifo "/usr/lib/libSystem.B.dylib"
@@ -1565,14 +1566,14 @@ func Mknod(path string, mode uint32, dev int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_mknod_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+ _, _, e1 := syscall_syscall(libc_mknod_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_mknod_trampoline()
+var libc_mknod_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mknod mknod "/usr/lib/libSystem.B.dylib"
@@ -1584,7 +1585,7 @@ func Open(path string, mode int, perm uint32) (fd int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall(funcPC(libc_open_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
+ r0, _, e1 := syscall_syscall(libc_open_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1592,7 +1593,7 @@ func Open(path string, mode int, perm uint32) (fd int, err error) {
return
}
-func libc_open_trampoline()
+var libc_open_trampoline_addr uintptr
//go:cgo_import_dynamic libc_open open "/usr/lib/libSystem.B.dylib"
@@ -1604,7 +1605,7 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_openat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_openat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0)
fd = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1612,7 +1613,7 @@ func Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error) {
return
}
-func libc_openat_trampoline()
+var libc_openat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_openat openat "/usr/lib/libSystem.B.dylib"
@@ -1624,7 +1625,7 @@ func Pathconf(path string, name int) (val int, err error) {
if err != nil {
return
}
- r0, _, e1 := syscall_syscall(funcPC(libc_pathconf_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
+ r0, _, e1 := syscall_syscall(libc_pathconf_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(name), 0)
val = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1632,7 +1633,7 @@ func Pathconf(path string, name int) (val int, err error) {
return
}
-func libc_pathconf_trampoline()
+var libc_pathconf_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pathconf pathconf "/usr/lib/libSystem.B.dylib"
@@ -1645,7 +1646,7 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_pread_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_pread_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1653,7 +1654,7 @@ func Pread(fd int, p []byte, offset int64) (n int, err error) {
return
}
-func libc_pread_trampoline()
+var libc_pread_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pread pread "/usr/lib/libSystem.B.dylib"
@@ -1666,7 +1667,7 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_pwrite_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_pwrite_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1674,7 +1675,7 @@ func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
return
}
-func libc_pwrite_trampoline()
+var libc_pwrite_trampoline_addr uintptr
//go:cgo_import_dynamic libc_pwrite pwrite "/usr/lib/libSystem.B.dylib"
@@ -1687,7 +1688,7 @@ func read(fd int, p []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1695,7 +1696,7 @@ func read(fd int, p []byte) (n int, err error) {
return
}
-func libc_read_trampoline()
+var libc_read_trampoline_addr uintptr
//go:cgo_import_dynamic libc_read read "/usr/lib/libSystem.B.dylib"
@@ -1713,7 +1714,7 @@ func Readlink(path string, buf []byte) (n int, err error) {
} else {
_p1 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_readlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
+ r0, _, e1 := syscall_syscall(libc_readlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1721,7 +1722,7 @@ func Readlink(path string, buf []byte) (n int, err error) {
return
}
-func libc_readlink_trampoline()
+var libc_readlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readlink readlink "/usr/lib/libSystem.B.dylib"
@@ -1739,7 +1740,7 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
} else {
_p1 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall6(funcPC(libc_readlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
+ r0, _, e1 := syscall_syscall6(libc_readlinkat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)), 0, 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1747,7 +1748,7 @@ func Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
return
}
-func libc_readlinkat_trampoline()
+var libc_readlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_readlinkat readlinkat "/usr/lib/libSystem.B.dylib"
@@ -1764,14 +1765,14 @@ func Rename(from string, to string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_rename_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_rename_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_rename_trampoline()
+var libc_rename_trampoline_addr uintptr
//go:cgo_import_dynamic libc_rename rename "/usr/lib/libSystem.B.dylib"
@@ -1788,14 +1789,14 @@ func Renameat(fromfd int, from string, tofd int, to string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_renameat_trampoline), uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_renameat_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_renameat_trampoline()
+var libc_renameat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_renameat renameat "/usr/lib/libSystem.B.dylib"
@@ -1807,14 +1808,14 @@ func Revoke(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_revoke_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_revoke_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_revoke_trampoline()
+var libc_revoke_trampoline_addr uintptr
//go:cgo_import_dynamic libc_revoke revoke "/usr/lib/libSystem.B.dylib"
@@ -1826,21 +1827,21 @@ func Rmdir(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_rmdir_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_rmdir_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_rmdir_trampoline()
+var libc_rmdir_trampoline_addr uintptr
//go:cgo_import_dynamic libc_rmdir rmdir "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_lseek_trampoline), uintptr(fd), uintptr(offset), uintptr(whence))
+ r0, _, e1 := syscall_syscall(libc_lseek_trampoline_addr, uintptr(fd), uintptr(offset), uintptr(whence))
newoffset = int64(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1848,14 +1849,14 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
return
}
-func libc_lseek_trampoline()
+var libc_lseek_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lseek lseek "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_select_trampoline), uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+ r0, _, e1 := syscall_syscall6(libc_select_trampoline_addr, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -1863,49 +1864,49 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
return
}
-func libc_select_trampoline()
+var libc_select_trampoline_addr uintptr
//go:cgo_import_dynamic libc_select select "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setegid(egid int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setegid_trampoline), uintptr(egid), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setegid_trampoline_addr, uintptr(egid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setegid_trampoline()
+var libc_setegid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setegid setegid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Seteuid(euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_seteuid_trampoline), uintptr(euid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_seteuid_trampoline_addr, uintptr(euid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_seteuid_trampoline()
+var libc_seteuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_seteuid seteuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setgid(gid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setgid_trampoline), uintptr(gid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_setgid_trampoline_addr, uintptr(gid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setgid_trampoline()
+var libc_setgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setgid setgid "/usr/lib/libSystem.B.dylib"
@@ -1917,105 +1918,105 @@ func Setlogin(name string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_setlogin_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setlogin_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setlogin_trampoline()
+var libc_setlogin_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setlogin setlogin "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setpgid(pid int, pgid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setpgid_trampoline), uintptr(pid), uintptr(pgid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setpgid_trampoline_addr, uintptr(pid), uintptr(pgid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setpgid_trampoline()
+var libc_setpgid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setpgid setpgid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setpriority(which int, who int, prio int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setpriority_trampoline), uintptr(which), uintptr(who), uintptr(prio))
+ _, _, e1 := syscall_syscall(libc_setpriority_trampoline_addr, uintptr(which), uintptr(who), uintptr(prio))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setpriority_trampoline()
+var libc_setpriority_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setpriority setpriority "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setprivexec(flag int) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_setprivexec_trampoline), uintptr(flag), 0, 0)
+ _, _, e1 := syscall_syscall(libc_setprivexec_trampoline_addr, uintptr(flag), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setprivexec_trampoline()
+var libc_setprivexec_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setprivexec setprivexec "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setregid(rgid int, egid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setregid_trampoline), uintptr(rgid), uintptr(egid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setregid_trampoline_addr, uintptr(rgid), uintptr(egid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setregid_trampoline()
+var libc_setregid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setregid setregid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setreuid(ruid int, euid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setreuid_trampoline), uintptr(ruid), uintptr(euid), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setreuid_trampoline_addr, uintptr(ruid), uintptr(euid), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setreuid_trampoline()
+var libc_setreuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setreuid setreuid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setrlimit(which int, lim *Rlimit) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setrlimit_trampoline), uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
+ _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setrlimit_trampoline()
+var libc_setrlimit_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setsid() (pid int, err error) {
- r0, _, e1 := syscall_rawSyscall(funcPC(libc_setsid_trampoline), 0, 0, 0)
+ r0, _, e1 := syscall_rawSyscall(libc_setsid_trampoline_addr, 0, 0, 0)
pid = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2023,35 +2024,35 @@ func Setsid() (pid int, err error) {
return
}
-func libc_setsid_trampoline()
+var libc_setsid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setsid setsid "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Settimeofday(tp *Timeval) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_settimeofday_trampoline), uintptr(unsafe.Pointer(tp)), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_settimeofday_trampoline_addr, uintptr(unsafe.Pointer(tp)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_settimeofday_trampoline()
+var libc_settimeofday_trampoline_addr uintptr
//go:cgo_import_dynamic libc_settimeofday settimeofday "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Setuid(uid int) (err error) {
- _, _, e1 := syscall_rawSyscall(funcPC(libc_setuid_trampoline), uintptr(uid), 0, 0)
+ _, _, e1 := syscall_rawSyscall(libc_setuid_trampoline_addr, uintptr(uid), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_setuid_trampoline()
+var libc_setuid_trampoline_addr uintptr
//go:cgo_import_dynamic libc_setuid setuid "/usr/lib/libSystem.B.dylib"
@@ -2068,14 +2069,14 @@ func Symlink(path string, link string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_symlink_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ _, _, e1 := syscall_syscall(libc_symlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_symlink_trampoline()
+var libc_symlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_symlink symlink "/usr/lib/libSystem.B.dylib"
@@ -2092,28 +2093,28 @@ func Symlinkat(oldpath string, newdirfd int, newpath string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_symlinkat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
+ _, _, e1 := syscall_syscall(libc_symlinkat_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_symlinkat_trampoline()
+var libc_symlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_symlinkat symlinkat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Sync() (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_sync_trampoline), 0, 0, 0)
+ _, _, e1 := syscall_syscall(libc_sync_trampoline_addr, 0, 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_sync_trampoline()
+var libc_sync_trampoline_addr uintptr
//go:cgo_import_dynamic libc_sync sync "/usr/lib/libSystem.B.dylib"
@@ -2125,26 +2126,26 @@ func Truncate(path string, length int64) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_truncate_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_truncate_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_truncate_trampoline()
+var libc_truncate_trampoline_addr uintptr
//go:cgo_import_dynamic libc_truncate truncate "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Umask(newmask int) (oldmask int) {
- r0, _, _ := syscall_syscall(funcPC(libc_umask_trampoline), uintptr(newmask), 0, 0)
+ r0, _, _ := syscall_syscall(libc_umask_trampoline_addr, uintptr(newmask), 0, 0)
oldmask = int(r0)
return
}
-func libc_umask_trampoline()
+var libc_umask_trampoline_addr uintptr
//go:cgo_import_dynamic libc_umask umask "/usr/lib/libSystem.B.dylib"
@@ -2156,14 +2157,14 @@ func Undelete(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_undelete_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_undelete_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_undelete_trampoline()
+var libc_undelete_trampoline_addr uintptr
//go:cgo_import_dynamic libc_undelete undelete "/usr/lib/libSystem.B.dylib"
@@ -2175,14 +2176,14 @@ func Unlink(path string) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unlink_trampoline), uintptr(unsafe.Pointer(_p0)), 0, 0)
+ _, _, e1 := syscall_syscall(libc_unlink_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unlink_trampoline()
+var libc_unlink_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unlink unlink "/usr/lib/libSystem.B.dylib"
@@ -2194,14 +2195,14 @@ func Unlinkat(dirfd int, path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unlinkat_trampoline), uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
+ _, _, e1 := syscall_syscall(libc_unlinkat_trampoline_addr, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unlinkat_trampoline()
+var libc_unlinkat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unlinkat unlinkat "/usr/lib/libSystem.B.dylib"
@@ -2213,14 +2214,14 @@ func Unmount(path string, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_unmount_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
+ _, _, e1 := syscall_syscall(libc_unmount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_unmount_trampoline()
+var libc_unmount_trampoline_addr uintptr
//go:cgo_import_dynamic libc_unmount unmount "/usr/lib/libSystem.B.dylib"
@@ -2233,7 +2234,7 @@ func write(fd int, p []byte) (n int, err error) {
} else {
_p0 = unsafe.Pointer(&_zero)
}
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(_p0), uintptr(len(p)))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2241,14 +2242,14 @@ func write(fd int, p []byte) (n int, err error) {
return
}
-func libc_write_trampoline()
+var libc_write_trampoline_addr uintptr
//go:cgo_import_dynamic libc_write write "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
- r0, _, e1 := syscall_syscall6(funcPC(libc_mmap_trampoline), uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
+ r0, _, e1 := syscall_syscall6(libc_mmap_trampoline_addr, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
ret = uintptr(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2256,28 +2257,28 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
return
}
-func libc_mmap_trampoline()
+var libc_mmap_trampoline_addr uintptr
//go:cgo_import_dynamic libc_mmap mmap "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func munmap(addr uintptr, length uintptr) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_munmap_trampoline), uintptr(addr), uintptr(length), 0)
+ _, _, e1 := syscall_syscall(libc_munmap_trampoline_addr, uintptr(addr), uintptr(length), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_munmap_trampoline()
+var libc_munmap_trampoline_addr uintptr
//go:cgo_import_dynamic libc_munmap munmap "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_read_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
+ r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2288,7 +2289,7 @@ func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_write_trampoline), uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
+ r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2299,14 +2300,14 @@ func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fstat(fd int, stat *Stat_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstat_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_fstat_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstat_trampoline()
+var libc_fstat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstat fstat "/usr/lib/libSystem.B.dylib"
@@ -2318,35 +2319,35 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall6(funcPC(libc_fstatat_trampoline), uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_fstatat_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstatat_trampoline()
+var libc_fstatat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstatat fstatat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func Fstatfs(fd int, stat *Statfs_t) (err error) {
- _, _, e1 := syscall_syscall(funcPC(libc_fstatfs_trampoline), uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_fstatfs_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_fstatfs_trampoline()
+var libc_fstatfs_trampoline_addr uintptr
//go:cgo_import_dynamic libc_fstatfs fstatfs "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
- r0, _, e1 := syscall_syscall(funcPC(libc_getfsstat_trampoline), uintptr(buf), uintptr(size), uintptr(flags))
+ r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(buf), uintptr(size), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
@@ -2354,7 +2355,7 @@ func getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) {
return
}
-func libc_getfsstat_trampoline()
+var libc_getfsstat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_getfsstat getfsstat "/usr/lib/libSystem.B.dylib"
@@ -2366,28 +2367,28 @@ func Lstat(path string, stat *Stat_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_lstat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_lstat_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_lstat_trampoline()
+var libc_lstat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_lstat lstat "/usr/lib/libSystem.B.dylib"
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) {
- _, _, e1 := syscall_syscall6(funcPC(libc_ptrace_trampoline), uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
+ _, _, e1 := syscall_syscall6(libc_ptrace_trampoline_addr, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_ptrace_trampoline()
+var libc_ptrace_trampoline_addr uintptr
//go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib"
@@ -2399,14 +2400,14 @@ func Stat(path string, stat *Stat_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_stat_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_stat_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_stat_trampoline()
+var libc_stat_trampoline_addr uintptr
//go:cgo_import_dynamic libc_stat stat "/usr/lib/libSystem.B.dylib"
@@ -2418,13 +2419,13 @@ func Statfs(path string, stat *Statfs_t) (err error) {
if err != nil {
return
}
- _, _, e1 := syscall_syscall(funcPC(libc_statfs_trampoline), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ _, _, e1 := syscall_syscall(libc_statfs_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
-func libc_statfs_trampoline()
+var libc_statfs_trampoline_addr uintptr
//go:cgo_import_dynamic libc_statfs statfs "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
index 53c402bf..33e19776 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
@@ -1,290 +1,859 @@
// go run mkasm_darwin.go arm64
// Code generated by the command above; DO NOT EDIT.
+//go:build go1.12
// +build go1.12
#include "textflag.h"
-TEXT ·libc_getgroups_trampoline(SB),NOSPLIT,$0-0
+
+TEXT libc_getgroups_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getgroups(SB)
-TEXT ·libc_setgroups_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getgroups_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getgroups_trampoline_addr(SB)/8, $libc_getgroups_trampoline<>(SB)
+
+TEXT libc_setgroups_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setgroups(SB)
-TEXT ·libc_wait4_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setgroups_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setgroups_trampoline_addr(SB)/8, $libc_setgroups_trampoline<>(SB)
+
+TEXT libc_wait4_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_wait4(SB)
-TEXT ·libc_accept_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_wait4_trampoline_addr(SB), RODATA, $8
+DATA ·libc_wait4_trampoline_addr(SB)/8, $libc_wait4_trampoline<>(SB)
+
+TEXT libc_accept_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_accept(SB)
-TEXT ·libc_bind_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_accept_trampoline_addr(SB), RODATA, $8
+DATA ·libc_accept_trampoline_addr(SB)/8, $libc_accept_trampoline<>(SB)
+
+TEXT libc_bind_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_bind(SB)
-TEXT ·libc_connect_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_bind_trampoline_addr(SB), RODATA, $8
+DATA ·libc_bind_trampoline_addr(SB)/8, $libc_bind_trampoline<>(SB)
+
+TEXT libc_connect_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_connect(SB)
-TEXT ·libc_socket_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_connect_trampoline_addr(SB), RODATA, $8
+DATA ·libc_connect_trampoline_addr(SB)/8, $libc_connect_trampoline<>(SB)
+
+TEXT libc_socket_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_socket(SB)
-TEXT ·libc_getsockopt_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_socket_trampoline_addr(SB), RODATA, $8
+DATA ·libc_socket_trampoline_addr(SB)/8, $libc_socket_trampoline<>(SB)
+
+TEXT libc_getsockopt_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsockopt(SB)
-TEXT ·libc_setsockopt_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsockopt_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsockopt_trampoline_addr(SB)/8, $libc_getsockopt_trampoline<>(SB)
+
+TEXT libc_setsockopt_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setsockopt(SB)
-TEXT ·libc_getpeername_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setsockopt_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setsockopt_trampoline_addr(SB)/8, $libc_setsockopt_trampoline<>(SB)
+
+TEXT libc_getpeername_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpeername(SB)
-TEXT ·libc_getsockname_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpeername_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpeername_trampoline_addr(SB)/8, $libc_getpeername_trampoline<>(SB)
+
+TEXT libc_getsockname_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsockname(SB)
-TEXT ·libc_shutdown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsockname_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsockname_trampoline_addr(SB)/8, $libc_getsockname_trampoline<>(SB)
+
+TEXT libc_shutdown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_shutdown(SB)
-TEXT ·libc_socketpair_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_shutdown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_shutdown_trampoline_addr(SB)/8, $libc_shutdown_trampoline<>(SB)
+
+TEXT libc_socketpair_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_socketpair(SB)
-TEXT ·libc_recvfrom_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_socketpair_trampoline_addr(SB), RODATA, $8
+DATA ·libc_socketpair_trampoline_addr(SB)/8, $libc_socketpair_trampoline<>(SB)
+
+TEXT libc_recvfrom_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_recvfrom(SB)
-TEXT ·libc_sendto_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_recvfrom_trampoline_addr(SB), RODATA, $8
+DATA ·libc_recvfrom_trampoline_addr(SB)/8, $libc_recvfrom_trampoline<>(SB)
+
+TEXT libc_sendto_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendto(SB)
-TEXT ·libc_recvmsg_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendto_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendto_trampoline_addr(SB)/8, $libc_sendto_trampoline<>(SB)
+
+TEXT libc_recvmsg_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_recvmsg(SB)
-TEXT ·libc_sendmsg_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_recvmsg_trampoline_addr(SB), RODATA, $8
+DATA ·libc_recvmsg_trampoline_addr(SB)/8, $libc_recvmsg_trampoline<>(SB)
+
+TEXT libc_sendmsg_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendmsg(SB)
-TEXT ·libc_kevent_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendmsg_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendmsg_trampoline_addr(SB)/8, $libc_sendmsg_trampoline<>(SB)
+
+TEXT libc_kevent_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kevent(SB)
-TEXT ·libc_utimes_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kevent_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kevent_trampoline_addr(SB)/8, $libc_kevent_trampoline<>(SB)
+
+TEXT libc_utimes_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_utimes(SB)
-TEXT ·libc_futimes_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_utimes_trampoline_addr(SB), RODATA, $8
+DATA ·libc_utimes_trampoline_addr(SB)/8, $libc_utimes_trampoline<>(SB)
+
+TEXT libc_futimes_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_futimes(SB)
-TEXT ·libc_poll_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_futimes_trampoline_addr(SB), RODATA, $8
+DATA ·libc_futimes_trampoline_addr(SB)/8, $libc_futimes_trampoline<>(SB)
+
+TEXT libc_poll_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_poll(SB)
-TEXT ·libc_madvise_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_poll_trampoline_addr(SB), RODATA, $8
+DATA ·libc_poll_trampoline_addr(SB)/8, $libc_poll_trampoline<>(SB)
+
+TEXT libc_madvise_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_madvise(SB)
-TEXT ·libc_mlock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_madvise_trampoline_addr(SB), RODATA, $8
+DATA ·libc_madvise_trampoline_addr(SB)/8, $libc_madvise_trampoline<>(SB)
+
+TEXT libc_mlock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mlock(SB)
-TEXT ·libc_mlockall_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mlock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mlock_trampoline_addr(SB)/8, $libc_mlock_trampoline<>(SB)
+
+TEXT libc_mlockall_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mlockall(SB)
-TEXT ·libc_mprotect_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mlockall_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mlockall_trampoline_addr(SB)/8, $libc_mlockall_trampoline<>(SB)
+
+TEXT libc_mprotect_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mprotect(SB)
-TEXT ·libc_msync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mprotect_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mprotect_trampoline_addr(SB)/8, $libc_mprotect_trampoline<>(SB)
+
+TEXT libc_msync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_msync(SB)
-TEXT ·libc_munlock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_msync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_msync_trampoline_addr(SB)/8, $libc_msync_trampoline<>(SB)
+
+TEXT libc_munlock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munlock(SB)
-TEXT ·libc_munlockall_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munlock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munlock_trampoline_addr(SB)/8, $libc_munlock_trampoline<>(SB)
+
+TEXT libc_munlockall_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munlockall(SB)
-TEXT ·libc_pipe_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munlockall_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munlockall_trampoline_addr(SB)/8, $libc_munlockall_trampoline<>(SB)
+
+TEXT libc_pipe_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pipe(SB)
-TEXT ·libc_getxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pipe_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pipe_trampoline_addr(SB)/8, $libc_pipe_trampoline<>(SB)
+
+TEXT libc_getxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getxattr(SB)
-TEXT ·libc_fgetxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getxattr_trampoline_addr(SB)/8, $libc_getxattr_trampoline<>(SB)
+
+TEXT libc_fgetxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fgetxattr(SB)
-TEXT ·libc_setxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fgetxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fgetxattr_trampoline_addr(SB)/8, $libc_fgetxattr_trampoline<>(SB)
+
+TEXT libc_setxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setxattr(SB)
-TEXT ·libc_fsetxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setxattr_trampoline_addr(SB)/8, $libc_setxattr_trampoline<>(SB)
+
+TEXT libc_fsetxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fsetxattr(SB)
-TEXT ·libc_removexattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fsetxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fsetxattr_trampoline_addr(SB)/8, $libc_fsetxattr_trampoline<>(SB)
+
+TEXT libc_removexattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_removexattr(SB)
-TEXT ·libc_fremovexattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_removexattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_removexattr_trampoline_addr(SB)/8, $libc_removexattr_trampoline<>(SB)
+
+TEXT libc_fremovexattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fremovexattr(SB)
-TEXT ·libc_listxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fremovexattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fremovexattr_trampoline_addr(SB)/8, $libc_fremovexattr_trampoline<>(SB)
+
+TEXT libc_listxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_listxattr(SB)
-TEXT ·libc_flistxattr_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_listxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_listxattr_trampoline_addr(SB)/8, $libc_listxattr_trampoline<>(SB)
+
+TEXT libc_flistxattr_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_flistxattr(SB)
-TEXT ·libc_setattrlist_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_flistxattr_trampoline_addr(SB), RODATA, $8
+DATA ·libc_flistxattr_trampoline_addr(SB)/8, $libc_flistxattr_trampoline<>(SB)
+
+TEXT libc_setattrlist_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setattrlist(SB)
-TEXT ·libc_fcntl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setattrlist_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB)
+
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fcntl(SB)
-TEXT ·libc_kill_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
+TEXT libc_kill_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kill(SB)
-TEXT ·libc_ioctl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kill_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kill_trampoline_addr(SB)/8, $libc_kill_trampoline<>(SB)
+
+TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ioctl(SB)
-TEXT ·libc_sysctl_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ioctl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
+
+TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sysctl(SB)
-TEXT ·libc_sendfile_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sysctl_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
+
+TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sendfile(SB)
-TEXT ·libc_access_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sendfile_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sendfile_trampoline_addr(SB)/8, $libc_sendfile_trampoline<>(SB)
+
+TEXT libc_access_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_access(SB)
-TEXT ·libc_adjtime_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_access_trampoline_addr(SB), RODATA, $8
+DATA ·libc_access_trampoline_addr(SB)/8, $libc_access_trampoline<>(SB)
+
+TEXT libc_adjtime_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_adjtime(SB)
-TEXT ·libc_chdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_adjtime_trampoline_addr(SB), RODATA, $8
+DATA ·libc_adjtime_trampoline_addr(SB)/8, $libc_adjtime_trampoline<>(SB)
+
+TEXT libc_chdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chdir(SB)
-TEXT ·libc_chflags_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chdir_trampoline_addr(SB)/8, $libc_chdir_trampoline<>(SB)
+
+TEXT libc_chflags_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chflags(SB)
-TEXT ·libc_chmod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chflags_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chflags_trampoline_addr(SB)/8, $libc_chflags_trampoline<>(SB)
+
+TEXT libc_chmod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chmod(SB)
-TEXT ·libc_chown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chmod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chmod_trampoline_addr(SB)/8, $libc_chmod_trampoline<>(SB)
+
+TEXT libc_chown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chown(SB)
-TEXT ·libc_chroot_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chown_trampoline_addr(SB)/8, $libc_chown_trampoline<>(SB)
+
+TEXT libc_chroot_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_chroot(SB)
-TEXT ·libc_clock_gettime_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_chroot_trampoline_addr(SB), RODATA, $8
+DATA ·libc_chroot_trampoline_addr(SB)/8, $libc_chroot_trampoline<>(SB)
+
+TEXT libc_clock_gettime_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clock_gettime(SB)
-TEXT ·libc_close_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clock_gettime_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clock_gettime_trampoline_addr(SB)/8, $libc_clock_gettime_trampoline<>(SB)
+
+TEXT libc_close_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_close(SB)
-TEXT ·libc_clonefile_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_close_trampoline_addr(SB), RODATA, $8
+DATA ·libc_close_trampoline_addr(SB)/8, $libc_close_trampoline<>(SB)
+
+TEXT libc_clonefile_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clonefile(SB)
-TEXT ·libc_clonefileat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clonefile_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clonefile_trampoline_addr(SB)/8, $libc_clonefile_trampoline<>(SB)
+
+TEXT libc_clonefileat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_clonefileat(SB)
-TEXT ·libc_dup_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_clonefileat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_clonefileat_trampoline_addr(SB)/8, $libc_clonefileat_trampoline<>(SB)
+
+TEXT libc_dup_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_dup(SB)
-TEXT ·libc_dup2_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_dup_trampoline_addr(SB), RODATA, $8
+DATA ·libc_dup_trampoline_addr(SB)/8, $libc_dup_trampoline<>(SB)
+
+TEXT libc_dup2_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_dup2(SB)
-TEXT ·libc_exchangedata_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_dup2_trampoline_addr(SB), RODATA, $8
+DATA ·libc_dup2_trampoline_addr(SB)/8, $libc_dup2_trampoline<>(SB)
+
+TEXT libc_exchangedata_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_exchangedata(SB)
-TEXT ·libc_exit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_exchangedata_trampoline_addr(SB), RODATA, $8
+DATA ·libc_exchangedata_trampoline_addr(SB)/8, $libc_exchangedata_trampoline<>(SB)
+
+TEXT libc_exit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_exit(SB)
-TEXT ·libc_faccessat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_exit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_exit_trampoline_addr(SB)/8, $libc_exit_trampoline<>(SB)
+
+TEXT libc_faccessat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_faccessat(SB)
-TEXT ·libc_fchdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_faccessat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_faccessat_trampoline_addr(SB)/8, $libc_faccessat_trampoline<>(SB)
+
+TEXT libc_fchdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchdir(SB)
-TEXT ·libc_fchflags_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchdir_trampoline_addr(SB)/8, $libc_fchdir_trampoline<>(SB)
+
+TEXT libc_fchflags_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchflags(SB)
-TEXT ·libc_fchmod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchflags_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchflags_trampoline_addr(SB)/8, $libc_fchflags_trampoline<>(SB)
+
+TEXT libc_fchmod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchmod(SB)
-TEXT ·libc_fchmodat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchmod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchmod_trampoline_addr(SB)/8, $libc_fchmod_trampoline<>(SB)
+
+TEXT libc_fchmodat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchmodat(SB)
-TEXT ·libc_fchown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchmodat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchmodat_trampoline_addr(SB)/8, $libc_fchmodat_trampoline<>(SB)
+
+TEXT libc_fchown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchown(SB)
-TEXT ·libc_fchownat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchown_trampoline_addr(SB)/8, $libc_fchown_trampoline<>(SB)
+
+TEXT libc_fchownat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fchownat(SB)
-TEXT ·libc_fclonefileat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fchownat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fchownat_trampoline_addr(SB)/8, $libc_fchownat_trampoline<>(SB)
+
+TEXT libc_fclonefileat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fclonefileat(SB)
-TEXT ·libc_flock_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fclonefileat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fclonefileat_trampoline_addr(SB)/8, $libc_fclonefileat_trampoline<>(SB)
+
+TEXT libc_flock_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_flock(SB)
-TEXT ·libc_fpathconf_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_flock_trampoline_addr(SB), RODATA, $8
+DATA ·libc_flock_trampoline_addr(SB)/8, $libc_flock_trampoline<>(SB)
+
+TEXT libc_fpathconf_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fpathconf(SB)
-TEXT ·libc_fsync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fpathconf_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fpathconf_trampoline_addr(SB)/8, $libc_fpathconf_trampoline<>(SB)
+
+TEXT libc_fsync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fsync(SB)
-TEXT ·libc_ftruncate_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fsync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fsync_trampoline_addr(SB)/8, $libc_fsync_trampoline<>(SB)
+
+TEXT libc_ftruncate_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ftruncate(SB)
-TEXT ·libc_getcwd_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ftruncate_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ftruncate_trampoline_addr(SB)/8, $libc_ftruncate_trampoline<>(SB)
+
+TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getcwd(SB)
-TEXT ·libc_getdtablesize_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getcwd_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
+
+TEXT libc_getdtablesize_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getdtablesize(SB)
-TEXT ·libc_getegid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getdtablesize_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getdtablesize_trampoline_addr(SB)/8, $libc_getdtablesize_trampoline<>(SB)
+
+TEXT libc_getegid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getegid(SB)
-TEXT ·libc_geteuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getegid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getegid_trampoline_addr(SB)/8, $libc_getegid_trampoline<>(SB)
+
+TEXT libc_geteuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_geteuid(SB)
-TEXT ·libc_getgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_geteuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_geteuid_trampoline_addr(SB)/8, $libc_geteuid_trampoline<>(SB)
+
+TEXT libc_getgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getgid(SB)
-TEXT ·libc_getpgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getgid_trampoline_addr(SB)/8, $libc_getgid_trampoline<>(SB)
+
+TEXT libc_getpgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpgid(SB)
-TEXT ·libc_getpgrp_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpgid_trampoline_addr(SB)/8, $libc_getpgid_trampoline<>(SB)
+
+TEXT libc_getpgrp_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpgrp(SB)
-TEXT ·libc_getpid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpgrp_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpgrp_trampoline_addr(SB)/8, $libc_getpgrp_trampoline<>(SB)
+
+TEXT libc_getpid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpid(SB)
-TEXT ·libc_getppid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpid_trampoline_addr(SB)/8, $libc_getpid_trampoline<>(SB)
+
+TEXT libc_getppid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getppid(SB)
-TEXT ·libc_getpriority_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getppid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getppid_trampoline_addr(SB)/8, $libc_getppid_trampoline<>(SB)
+
+TEXT libc_getpriority_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getpriority(SB)
-TEXT ·libc_getrlimit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getpriority_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getpriority_trampoline_addr(SB)/8, $libc_getpriority_trampoline<>(SB)
+
+TEXT libc_getrlimit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getrlimit(SB)
-TEXT ·libc_getrusage_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getrlimit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getrlimit_trampoline_addr(SB)/8, $libc_getrlimit_trampoline<>(SB)
+
+TEXT libc_getrusage_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getrusage(SB)
-TEXT ·libc_getsid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getrusage_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getrusage_trampoline_addr(SB)/8, $libc_getrusage_trampoline<>(SB)
+
+TEXT libc_getsid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getsid(SB)
-TEXT ·libc_gettimeofday_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getsid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getsid_trampoline_addr(SB)/8, $libc_getsid_trampoline<>(SB)
+
+TEXT libc_gettimeofday_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_gettimeofday(SB)
-TEXT ·libc_getuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_gettimeofday_trampoline_addr(SB), RODATA, $8
+DATA ·libc_gettimeofday_trampoline_addr(SB)/8, $libc_gettimeofday_trampoline<>(SB)
+
+TEXT libc_getuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getuid(SB)
-TEXT ·libc_issetugid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getuid_trampoline_addr(SB)/8, $libc_getuid_trampoline<>(SB)
+
+TEXT libc_issetugid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_issetugid(SB)
-TEXT ·libc_kqueue_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_issetugid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_issetugid_trampoline_addr(SB)/8, $libc_issetugid_trampoline<>(SB)
+
+TEXT libc_kqueue_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_kqueue(SB)
-TEXT ·libc_lchown_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_kqueue_trampoline_addr(SB), RODATA, $8
+DATA ·libc_kqueue_trampoline_addr(SB)/8, $libc_kqueue_trampoline<>(SB)
+
+TEXT libc_lchown_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lchown(SB)
-TEXT ·libc_link_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lchown_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lchown_trampoline_addr(SB)/8, $libc_lchown_trampoline<>(SB)
+
+TEXT libc_link_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_link(SB)
-TEXT ·libc_linkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_link_trampoline_addr(SB), RODATA, $8
+DATA ·libc_link_trampoline_addr(SB)/8, $libc_link_trampoline<>(SB)
+
+TEXT libc_linkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_linkat(SB)
-TEXT ·libc_listen_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_linkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_linkat_trampoline_addr(SB)/8, $libc_linkat_trampoline<>(SB)
+
+TEXT libc_listen_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_listen(SB)
-TEXT ·libc_mkdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_listen_trampoline_addr(SB), RODATA, $8
+DATA ·libc_listen_trampoline_addr(SB)/8, $libc_listen_trampoline<>(SB)
+
+TEXT libc_mkdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkdir(SB)
-TEXT ·libc_mkdirat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkdir_trampoline_addr(SB)/8, $libc_mkdir_trampoline<>(SB)
+
+TEXT libc_mkdirat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkdirat(SB)
-TEXT ·libc_mkfifo_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkdirat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkdirat_trampoline_addr(SB)/8, $libc_mkdirat_trampoline<>(SB)
+
+TEXT libc_mkfifo_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mkfifo(SB)
-TEXT ·libc_mknod_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mkfifo_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mkfifo_trampoline_addr(SB)/8, $libc_mkfifo_trampoline<>(SB)
+
+TEXT libc_mknod_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mknod(SB)
-TEXT ·libc_open_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mknod_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mknod_trampoline_addr(SB)/8, $libc_mknod_trampoline<>(SB)
+
+TEXT libc_open_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_open(SB)
-TEXT ·libc_openat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_open_trampoline_addr(SB), RODATA, $8
+DATA ·libc_open_trampoline_addr(SB)/8, $libc_open_trampoline<>(SB)
+
+TEXT libc_openat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_openat(SB)
-TEXT ·libc_pathconf_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_openat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_openat_trampoline_addr(SB)/8, $libc_openat_trampoline<>(SB)
+
+TEXT libc_pathconf_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pathconf(SB)
-TEXT ·libc_pread_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pathconf_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pathconf_trampoline_addr(SB)/8, $libc_pathconf_trampoline<>(SB)
+
+TEXT libc_pread_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pread(SB)
-TEXT ·libc_pwrite_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pread_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pread_trampoline_addr(SB)/8, $libc_pread_trampoline<>(SB)
+
+TEXT libc_pwrite_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_pwrite(SB)
-TEXT ·libc_read_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_pwrite_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pwrite_trampoline_addr(SB)/8, $libc_pwrite_trampoline<>(SB)
+
+TEXT libc_read_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_read(SB)
-TEXT ·libc_readlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_read_trampoline_addr(SB), RODATA, $8
+DATA ·libc_read_trampoline_addr(SB)/8, $libc_read_trampoline<>(SB)
+
+TEXT libc_readlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readlink(SB)
-TEXT ·libc_readlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_readlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readlink_trampoline_addr(SB)/8, $libc_readlink_trampoline<>(SB)
+
+TEXT libc_readlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_readlinkat(SB)
-TEXT ·libc_rename_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_readlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readlinkat_trampoline_addr(SB)/8, $libc_readlinkat_trampoline<>(SB)
+
+TEXT libc_rename_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_rename(SB)
-TEXT ·libc_renameat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_rename_trampoline_addr(SB), RODATA, $8
+DATA ·libc_rename_trampoline_addr(SB)/8, $libc_rename_trampoline<>(SB)
+
+TEXT libc_renameat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_renameat(SB)
-TEXT ·libc_revoke_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_renameat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_renameat_trampoline_addr(SB)/8, $libc_renameat_trampoline<>(SB)
+
+TEXT libc_revoke_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_revoke(SB)
-TEXT ·libc_rmdir_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_revoke_trampoline_addr(SB), RODATA, $8
+DATA ·libc_revoke_trampoline_addr(SB)/8, $libc_revoke_trampoline<>(SB)
+
+TEXT libc_rmdir_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_rmdir(SB)
-TEXT ·libc_lseek_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_rmdir_trampoline_addr(SB), RODATA, $8
+DATA ·libc_rmdir_trampoline_addr(SB)/8, $libc_rmdir_trampoline<>(SB)
+
+TEXT libc_lseek_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lseek(SB)
-TEXT ·libc_select_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lseek_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lseek_trampoline_addr(SB)/8, $libc_lseek_trampoline<>(SB)
+
+TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_select(SB)
-TEXT ·libc_setegid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_select_trampoline_addr(SB), RODATA, $8
+DATA ·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB)
+
+TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setegid(SB)
-TEXT ·libc_seteuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setegid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setegid_trampoline_addr(SB)/8, $libc_setegid_trampoline<>(SB)
+
+TEXT libc_seteuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_seteuid(SB)
-TEXT ·libc_setgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_seteuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_seteuid_trampoline_addr(SB)/8, $libc_seteuid_trampoline<>(SB)
+
+TEXT libc_setgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setgid(SB)
-TEXT ·libc_setlogin_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setgid_trampoline_addr(SB)/8, $libc_setgid_trampoline<>(SB)
+
+TEXT libc_setlogin_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setlogin(SB)
-TEXT ·libc_setpgid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setlogin_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setlogin_trampoline_addr(SB)/8, $libc_setlogin_trampoline<>(SB)
+
+TEXT libc_setpgid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setpgid(SB)
-TEXT ·libc_setpriority_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setpgid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setpgid_trampoline_addr(SB)/8, $libc_setpgid_trampoline<>(SB)
+
+TEXT libc_setpriority_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setpriority(SB)
-TEXT ·libc_setprivexec_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setpriority_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setpriority_trampoline_addr(SB)/8, $libc_setpriority_trampoline<>(SB)
+
+TEXT libc_setprivexec_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setprivexec(SB)
-TEXT ·libc_setregid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setprivexec_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setprivexec_trampoline_addr(SB)/8, $libc_setprivexec_trampoline<>(SB)
+
+TEXT libc_setregid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setregid(SB)
-TEXT ·libc_setreuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setregid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setregid_trampoline_addr(SB)/8, $libc_setregid_trampoline<>(SB)
+
+TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setreuid(SB)
-TEXT ·libc_setrlimit_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setreuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB)
+
+TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setrlimit(SB)
-TEXT ·libc_setsid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB)
+
+TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setsid(SB)
-TEXT ·libc_settimeofday_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setsid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setsid_trampoline_addr(SB)/8, $libc_setsid_trampoline<>(SB)
+
+TEXT libc_settimeofday_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_settimeofday(SB)
-TEXT ·libc_setuid_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_settimeofday_trampoline_addr(SB), RODATA, $8
+DATA ·libc_settimeofday_trampoline_addr(SB)/8, $libc_settimeofday_trampoline<>(SB)
+
+TEXT libc_setuid_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_setuid(SB)
-TEXT ·libc_symlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_setuid_trampoline_addr(SB), RODATA, $8
+DATA ·libc_setuid_trampoline_addr(SB)/8, $libc_setuid_trampoline<>(SB)
+
+TEXT libc_symlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_symlink(SB)
-TEXT ·libc_symlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_symlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_symlink_trampoline_addr(SB)/8, $libc_symlink_trampoline<>(SB)
+
+TEXT libc_symlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_symlinkat(SB)
-TEXT ·libc_sync_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_symlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_symlinkat_trampoline_addr(SB)/8, $libc_symlinkat_trampoline<>(SB)
+
+TEXT libc_sync_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_sync(SB)
-TEXT ·libc_truncate_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_sync_trampoline_addr(SB), RODATA, $8
+DATA ·libc_sync_trampoline_addr(SB)/8, $libc_sync_trampoline<>(SB)
+
+TEXT libc_truncate_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_truncate(SB)
-TEXT ·libc_umask_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_truncate_trampoline_addr(SB), RODATA, $8
+DATA ·libc_truncate_trampoline_addr(SB)/8, $libc_truncate_trampoline<>(SB)
+
+TEXT libc_umask_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_umask(SB)
-TEXT ·libc_undelete_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_umask_trampoline_addr(SB), RODATA, $8
+DATA ·libc_umask_trampoline_addr(SB)/8, $libc_umask_trampoline<>(SB)
+
+TEXT libc_undelete_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_undelete(SB)
-TEXT ·libc_unlink_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_undelete_trampoline_addr(SB), RODATA, $8
+DATA ·libc_undelete_trampoline_addr(SB)/8, $libc_undelete_trampoline<>(SB)
+
+TEXT libc_unlink_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unlink(SB)
-TEXT ·libc_unlinkat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unlink_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unlink_trampoline_addr(SB)/8, $libc_unlink_trampoline<>(SB)
+
+TEXT libc_unlinkat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unlinkat(SB)
-TEXT ·libc_unmount_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unlinkat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unlinkat_trampoline_addr(SB)/8, $libc_unlinkat_trampoline<>(SB)
+
+TEXT libc_unmount_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_unmount(SB)
-TEXT ·libc_write_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_unmount_trampoline_addr(SB), RODATA, $8
+DATA ·libc_unmount_trampoline_addr(SB)/8, $libc_unmount_trampoline<>(SB)
+
+TEXT libc_write_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_write(SB)
-TEXT ·libc_mmap_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_write_trampoline_addr(SB), RODATA, $8
+DATA ·libc_write_trampoline_addr(SB)/8, $libc_write_trampoline<>(SB)
+
+TEXT libc_mmap_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_mmap(SB)
-TEXT ·libc_munmap_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_mmap_trampoline_addr(SB), RODATA, $8
+DATA ·libc_mmap_trampoline_addr(SB)/8, $libc_mmap_trampoline<>(SB)
+
+TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_munmap(SB)
-TEXT ·libc_fstat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8
+DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
+
+TEXT libc_fstat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstat(SB)
-TEXT ·libc_fstatat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstat_trampoline_addr(SB)/8, $libc_fstat_trampoline<>(SB)
+
+TEXT libc_fstatat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstatat(SB)
-TEXT ·libc_fstatfs_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstatat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstatat_trampoline_addr(SB)/8, $libc_fstatat_trampoline<>(SB)
+
+TEXT libc_fstatfs_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstatfs(SB)
-TEXT ·libc_getfsstat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_fstatfs_trampoline_addr(SB), RODATA, $8
+DATA ·libc_fstatfs_trampoline_addr(SB)/8, $libc_fstatfs_trampoline<>(SB)
+
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_getfsstat(SB)
-TEXT ·libc_lstat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
+TEXT libc_lstat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_lstat(SB)
-TEXT ·libc_ptrace_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_lstat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_lstat_trampoline_addr(SB)/8, $libc_lstat_trampoline<>(SB)
+
+TEXT libc_ptrace_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_ptrace(SB)
-TEXT ·libc_stat_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_ptrace_trampoline_addr(SB), RODATA, $8
+DATA ·libc_ptrace_trampoline_addr(SB)/8, $libc_ptrace_trampoline<>(SB)
+
+TEXT libc_stat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_stat(SB)
-TEXT ·libc_statfs_trampoline(SB),NOSPLIT,$0-0
+
+GLOBL ·libc_stat_trampoline_addr(SB), RODATA, $8
+DATA ·libc_stat_trampoline_addr(SB)/8, $libc_stat_trampoline<>(SB)
+
+TEXT libc_statfs_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_statfs(SB)
+
+GLOBL ·libc_statfs_trampoline_addr(SB), RODATA, $8
+DATA ·libc_statfs_trampoline_addr(SB)/8, $libc_statfs_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
index 1aaccd36..1b6eedfa 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -dragonfly -tags dragonfly,amd64 syscall_bsd.go syscall_dragonfly.go syscall_dragonfly_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build dragonfly && amd64
// +build dragonfly,amd64
package unix
@@ -362,8 +363,10 @@ func pipe() (r int, w int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-func pipe2(p *[2]_C_int, flags int) (err error) {
- _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+func pipe2(p *[2]_C_int, flags int) (r int, w int, err error) {
+ r0, r1, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+ r = int(r0)
+ w = int(r1)
if e1 != 0 {
err = errnoErr(e1)
}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
index 600f1d26..3e9bddb7 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -tags freebsd,386 syscall_bsd.go syscall_freebsd.go syscall_freebsd_386.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build freebsd && 386
// +build freebsd,386
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
index 064934b0..c72a462b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags freebsd,amd64 syscall_bsd.go syscall_freebsd.go syscall_freebsd_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build freebsd && amd64
// +build freebsd,amd64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
index 31d2c461..530d5df9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -arm -tags freebsd,arm syscall_bsd.go syscall_freebsd.go syscall_freebsd_arm.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build freebsd && arm
// +build freebsd,arm
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
index 4adaaa56..71e7df9e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags freebsd,arm64 syscall_bsd.go syscall_freebsd.go syscall_freebsd_arm64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build freebsd && arm64
// +build freebsd,arm64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
index 665dd9e4..af5cb064 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall_solaris.go -illumos -tags illumos,amd64 syscall_illumos.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build illumos && amd64
// +build illumos,amd64
package unix
@@ -14,19 +15,25 @@ import (
//go:cgo_import_dynamic libc_writev writev "libc.so"
//go:cgo_import_dynamic libc_pwritev pwritev "libc.so"
//go:cgo_import_dynamic libc_accept4 accept4 "libsocket.so"
+//go:cgo_import_dynamic libc_putmsg putmsg "libc.so"
+//go:cgo_import_dynamic libc_getmsg getmsg "libc.so"
//go:linkname procreadv libc_readv
//go:linkname procpreadv libc_preadv
//go:linkname procwritev libc_writev
//go:linkname procpwritev libc_pwritev
//go:linkname procaccept4 libc_accept4
+//go:linkname procputmsg libc_putmsg
+//go:linkname procgetmsg libc_getmsg
var (
procreadv,
procpreadv,
procwritev,
procpwritev,
- procaccept4 syscallFunc
+ procaccept4,
+ procputmsg,
+ procgetmsg syscallFunc
)
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
@@ -99,3 +106,23 @@ func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int,
}
return
}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func putmsg(fd int, clptr *strbuf, dataptr *strbuf, flags int) (err error) {
+ _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procputmsg)), 4, uintptr(fd), uintptr(unsafe.Pointer(clptr)), uintptr(unsafe.Pointer(dataptr)), uintptr(flags), 0, 0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getmsg(fd int, clptr *strbuf, dataptr *strbuf, flags *int) (err error) {
+ _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetmsg)), 4, uintptr(fd), uintptr(unsafe.Pointer(clptr)), uintptr(unsafe.Pointer(dataptr)), uintptr(unsafe.Pointer(flags)), 0, 0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 2fbbbe5a..7305cc91 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -1,5 +1,6 @@
// Code generated by mkmerge.go; DO NOT EDIT.
+//go:build linux
// +build linux
package unix
@@ -531,6 +532,16 @@ func Close(fd int) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func CloseRange(first uint, last uint, flags uint) (err error) {
+ _, _, e1 := Syscall(SYS_CLOSE_RANGE, uintptr(first), uintptr(last), uintptr(flags))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func CopyFileRange(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error) {
r0, _, e1 := Syscall6(SYS_COPY_FILE_RANGE, uintptr(rfd), uintptr(unsafe.Pointer(roff)), uintptr(wfd), uintptr(unsafe.Pointer(woff)), uintptr(len), uintptr(flags))
n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
index 19ebd3ff..e37096e4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -tags linux,386 syscall_linux.go syscall_linux_386.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && 386
// +build linux,386
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
index 5c562182..9919d848 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,amd64 syscall_linux.go syscall_linux_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && amd64
// +build linux,amd64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
index dc69d99c..076754d4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -arm -tags linux,arm syscall_linux.go syscall_linux_arm.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && arm
// +build linux,arm
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
index 1b897dee..e893f987 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,arm64 syscall_linux.go syscall_linux_arm64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && arm64
// +build linux,arm64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
index 49186843..4703cf3c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -b32 -arm -tags linux,mips syscall_linux.go syscall_linux_mipsx.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && mips
// +build linux,mips
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
index 9171d3bd..a134f9a4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,mips64 syscall_linux.go syscall_linux_mips64x.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && mips64
// +build linux,mips64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
index 82286f04..b1fff2d9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,mips64le syscall_linux.go syscall_linux_mips64x.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && mips64le
// +build linux,mips64le
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
index 15920621..d13d6da0 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -arm -tags linux,mipsle syscall_linux.go syscall_linux_mipsx.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && mipsle
// +build linux,mipsle
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go
new file mode 100644
index 00000000..927cf1a0
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go
@@ -0,0 +1,762 @@
+// go run mksyscall.go -b32 -tags linux,ppc syscall_linux.go syscall_linux_ppc.go
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build linux && ppc
+// +build linux,ppc
+
+package unix
+
+import (
+ "syscall"
+ "unsafe"
+)
+
+var _ syscall.Errno
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname *byte) (err error) {
+ _, _, e1 := Syscall6(SYS_FANOTIFY_MARK, uintptr(fd), uintptr(flags), uintptr(mask>>32), uintptr(mask), uintptr(dirFd), uintptr(unsafe.Pointer(pathname)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fallocate(fd int, mode uint32, off int64, len int64) (err error) {
+ _, _, e1 := Syscall6(SYS_FALLOCATE, uintptr(fd), uintptr(mode), uintptr(off>>32), uintptr(off), uintptr(len>>32), uintptr(len))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Tee(rfd int, wfd int, len int, flags int) (n int64, err error) {
+ r0, r1, e1 := Syscall6(SYS_TEE, uintptr(rfd), uintptr(wfd), uintptr(len), uintptr(flags), 0, 0)
+ n = int64(int64(r0)<<32 | int64(r1))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func dup2(oldfd int, newfd int) (err error) {
+ _, _, e1 := Syscall(SYS_DUP2, uintptr(oldfd), uintptr(newfd), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func EpollCreate(size int) (fd int, err error) {
+ r0, _, e1 := RawSyscall(SYS_EPOLL_CREATE, uintptr(size), 0, 0)
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(events) > 0 {
+ _p0 = unsafe.Pointer(&events[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := Syscall6(SYS_EPOLL_WAIT, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchown(fd int, uid int, gid int) (err error) {
+ _, _, e1 := Syscall(SYS_FCHOWN, uintptr(fd), uintptr(uid), uintptr(gid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fstat(fd int, stat *Stat_t) (err error) {
+ _, _, e1 := Syscall(SYS_FSTAT64, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall6(SYS_FSTATAT64, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Ftruncate(fd int, length int64) (err error) {
+ _, _, e1 := Syscall(SYS_FTRUNCATE64, uintptr(fd), uintptr(length>>32), uintptr(length))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getegid() (egid int) {
+ r0, _ := RawSyscallNoError(SYS_GETEGID, 0, 0, 0)
+ egid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Geteuid() (euid int) {
+ r0, _ := RawSyscallNoError(SYS_GETEUID, 0, 0, 0)
+ euid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getgid() (gid int) {
+ r0, _ := RawSyscallNoError(SYS_GETGID, 0, 0, 0)
+ gid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getuid() (uid int) {
+ r0, _ := RawSyscallNoError(SYS_GETUID, 0, 0, 0)
+ uid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func InotifyInit() (fd int, err error) {
+ r0, _, e1 := RawSyscall(SYS_INOTIFY_INIT, 0, 0, 0)
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Ioperm(from int, num int, on int) (err error) {
+ _, _, e1 := Syscall(SYS_IOPERM, uintptr(from), uintptr(num), uintptr(on))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Iopl(level int) (err error) {
+ _, _, e1 := Syscall(SYS_IOPL, uintptr(level), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Lchown(path string, uid int, gid int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_LCHOWN, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Listen(s int, n int) (err error) {
+ _, _, e1 := Syscall(SYS_LISTEN, uintptr(s), uintptr(n), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Lstat(path string, stat *Stat_t) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_LSTAT64, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pause() (err error) {
+ _, _, e1 := Syscall(SYS_PAUSE, 0, 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pread(fd int, p []byte, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := Syscall6(SYS_PREAD64, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset>>32), uintptr(offset), 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := Syscall6(SYS_PWRITE64, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset>>32), uintptr(offset), 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(oldpath)
+ if err != nil {
+ return
+ }
+ var _p1 *byte
+ _p1, err = BytePtrFromString(newpath)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall6(SYS_RENAMEAT, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) {
+ r0, _, e1 := Syscall6(SYS__NEWSELECT, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
+ r0, _, e1 := Syscall6(SYS_SENDFILE64, uintptr(outfd), uintptr(infd), uintptr(unsafe.Pointer(offset)), uintptr(count), 0, 0)
+ written = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setfsgid(gid int) (prev int, err error) {
+ r0, _, e1 := Syscall(SYS_SETFSGID, uintptr(gid), 0, 0)
+ prev = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setfsuid(uid int) (prev int, err error) {
+ r0, _, e1 := Syscall(SYS_SETFSUID, uintptr(uid), 0, 0)
+ prev = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setregid(rgid int, egid int) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setresgid(rgid int, egid int, sgid int) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETRESGID, uintptr(rgid), uintptr(egid), uintptr(sgid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setresuid(ruid int, euid int, suid int) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETRESUID, uintptr(ruid), uintptr(euid), uintptr(suid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setreuid(ruid int, euid int) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETREUID, uintptr(ruid), uintptr(euid), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Shutdown(fd int, how int) (err error) {
+ _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int, err error) {
+ r0, _, e1 := Syscall6(SYS_SPLICE, uintptr(rfd), uintptr(unsafe.Pointer(roff)), uintptr(wfd), uintptr(unsafe.Pointer(woff)), uintptr(len), uintptr(flags))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Stat(path string, stat *Stat_t) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_STAT64, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Truncate(path string, length int64) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_TRUNCATE64, uintptr(unsafe.Pointer(_p0)), uintptr(length>>32), uintptr(length))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Ustat(dev int, ubuf *Ustat_t) (err error) {
+ _, _, e1 := Syscall(SYS_USTAT, uintptr(dev), uintptr(unsafe.Pointer(ubuf)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
+ r0, _, e1 := Syscall(SYS_ACCEPT, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
+ r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
+ _, _, e1 := Syscall(SYS_BIND, uintptr(s), uintptr(addr), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
+ _, _, e1 := Syscall(SYS_CONNECT, uintptr(s), uintptr(addr), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getgroups(n int, list *_Gid_t) (nn int, err error) {
+ r0, _, e1 := RawSyscall(SYS_GETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+ nn = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setgroups(n int, list *_Gid_t) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
+ _, _, e1 := Syscall6(SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
+ _, _, e1 := Syscall6(SYS_SETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func socket(domain int, typ int, proto int) (fd int, err error) {
+ r0, _, e1 := RawSyscall(SYS_SOCKET, uintptr(domain), uintptr(typ), uintptr(proto))
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
+ _, _, e1 := RawSyscall6(SYS_SOCKETPAIR, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
+ _, _, e1 := RawSyscall(SYS_GETPEERNAME, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
+ _, _, e1 := RawSyscall(SYS_GETSOCKNAME, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := Syscall6(SYS_RECVFROM, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) {
+ var _p0 unsafe.Pointer
+ if len(buf) > 0 {
+ _p0 = unsafe.Pointer(&buf[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := Syscall6(SYS_SENDTO, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
+ r0, _, e1 := Syscall(SYS_RECVMSG, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
+ r0, _, e1 := Syscall(SYS_SENDMSG, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func futimesat(dirfd int, path string, times *[2]Timeval) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_FUTIMESAT, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Gettimeofday(tv *Timeval) (err error) {
+ _, _, e1 := RawSyscall(SYS_GETTIMEOFDAY, uintptr(unsafe.Pointer(tv)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Time(t *Time_t) (tt Time_t, err error) {
+ r0, _, e1 := RawSyscall(SYS_TIME, uintptr(unsafe.Pointer(t)), 0, 0)
+ tt = Time_t(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Utime(path string, buf *Utimbuf) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_UTIME, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(buf)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func utimes(path string, times *[2]Timeval) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall(SYS_UTIMES, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mmap2(addr uintptr, length uintptr, prot int, flags int, fd int, pageOffset uintptr) (xaddr uintptr, err error) {
+ r0, _, e1 := Syscall6(SYS_MMAP2, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flags), uintptr(fd), uintptr(pageOffset))
+ xaddr = uintptr(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getrlimit(resource int, rlim *rlimit32) (err error) {
+ _, _, e1 := RawSyscall(SYS_UGETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setrlimit(resource int, rlim *rlimit32) (err error) {
+ _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pipe(p *[2]_C_int) (err error) {
+ _, _, e1 := RawSyscall(SYS_PIPE, uintptr(unsafe.Pointer(p)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
+ r0, _, e1 := Syscall(SYS_POLL, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func syncFileRange2(fd int, flags int, off int64, n int64) (err error) {
+ _, _, e1 := Syscall6(SYS_SYNC_FILE_RANGE2, uintptr(fd), uintptr(flags), uintptr(off>>32), uintptr(off), uintptr(n>>32), uintptr(n))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func kexecFileLoad(kernelFd int, initrdFd int, cmdlineLen int, cmdline string, flags int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(cmdline)
+ if err != nil {
+ return
+ }
+ _, _, e1 := Syscall6(SYS_KEXEC_FILE_LOAD, uintptr(kernelFd), uintptr(initrdFd), uintptr(cmdlineLen), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
index 73a42e2c..da8ec039 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,ppc64 syscall_linux.go syscall_linux_ppc64x.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && ppc64
// +build linux,ppc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
index 6b855953..083f493b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,ppc64le syscall_linux.go syscall_linux_ppc64x.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && ppc64le
// +build linux,ppc64le
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
index b7613344..63b393b8 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,riscv64 syscall_linux.go syscall_linux_riscv64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && riscv64
// +build linux,riscv64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
index d7032ab1..bb347407 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,s390x syscall_linux.go syscall_linux_s390x.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && s390x
// +build linux,s390x
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
index bcbbdd90..8edc517e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -tags linux,sparc64 syscall_linux.go syscall_linux_sparc64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build linux && sparc64
// +build linux,sparc64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
index 3bbd9e39..4726ab30 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -netbsd -tags netbsd,386 syscall_bsd.go syscall_netbsd.go syscall_netbsd_386.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build netbsd && 386
// +build netbsd,386
package unix
@@ -362,6 +363,16 @@ func pipe() (fd1 int, fd2 int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func pipe2(p *[2]_C_int, flags int) (err error) {
+ _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Getdents(fd int, buf []byte) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
index d8cf5012..fe71456d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -netbsd -tags netbsd,amd64 syscall_bsd.go syscall_netbsd.go syscall_netbsd_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build netbsd && amd64
// +build netbsd,amd64
package unix
@@ -362,6 +363,16 @@ func pipe() (fd1 int, fd2 int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func pipe2(p *[2]_C_int, flags int) (err error) {
+ _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Getdents(fd int, buf []byte) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
index 1153fe69..0b5b2f01 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -netbsd -arm -tags netbsd,arm syscall_bsd.go syscall_netbsd.go syscall_netbsd_arm.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build netbsd && arm
// +build netbsd,arm
package unix
@@ -362,6 +363,16 @@ func pipe() (fd1 int, fd2 int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func pipe2(p *[2]_C_int, flags int) (err error) {
+ _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Getdents(fd int, buf []byte) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
index 24b4ebb4..bfca2864 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -netbsd -tags netbsd,arm64 syscall_bsd.go syscall_netbsd.go syscall_netbsd_arm64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build netbsd && arm64
// +build netbsd,arm64
package unix
@@ -362,6 +363,16 @@ func pipe() (fd1 int, fd2 int, err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func pipe2(p *[2]_C_int, flags int) (err error) {
+ _, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Getdents(fd int, buf []byte) (n int, err error) {
var _p0 unsafe.Pointer
if len(buf) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index b44b31ae..8f80f4ad 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -openbsd -tags openbsd,386 syscall_bsd.go syscall_openbsd.go syscall_openbsd_386.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build openbsd && 386
// +build openbsd,386
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index 67f93ee7..3a47aca7 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -openbsd -tags openbsd,amd64 syscall_bsd.go syscall_openbsd.go syscall_openbsd_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build openbsd && amd64
// +build openbsd,amd64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index d7c878b1..883a9b45 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -l32 -openbsd -arm -tags openbsd,arm syscall_bsd.go syscall_openbsd.go syscall_openbsd_arm.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build openbsd && arm
// +build openbsd,arm
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 8facd695..aac7fdc9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -openbsd -tags openbsd,arm64 syscall_bsd.go syscall_openbsd.go syscall_openbsd_arm64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build openbsd && arm64
// +build openbsd,arm64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index ec6bd5bb..87761874 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -1,6 +1,7 @@
// go run mksyscall.go -openbsd -tags openbsd,mips64 syscall_bsd.go syscall_openbsd.go syscall_openbsd_mips64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build openbsd && mips64
// +build openbsd,mips64
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
index 6dbb8371..4e18d5c9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
@@ -1,6 +1,7 @@
// go run mksyscall_solaris.go -tags solaris,amd64 syscall_solaris.go syscall_solaris_amd64.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build solaris && amd64
// +build solaris,amd64
package unix
@@ -115,6 +116,7 @@ import (
//go:cgo_import_dynamic libc_statvfs statvfs "libc.so"
//go:cgo_import_dynamic libc_symlink symlink "libc.so"
//go:cgo_import_dynamic libc_sync sync "libc.so"
+//go:cgo_import_dynamic libc_sysconf sysconf "libc.so"
//go:cgo_import_dynamic libc_times times "libc.so"
//go:cgo_import_dynamic libc_truncate truncate "libc.so"
//go:cgo_import_dynamic libc_fsync fsync "libc.so"
@@ -245,6 +247,7 @@ import (
//go:linkname procStatvfs libc_statvfs
//go:linkname procSymlink libc_symlink
//go:linkname procSync libc_sync
+//go:linkname procSysconf libc_sysconf
//go:linkname procTimes libc_times
//go:linkname procTruncate libc_truncate
//go:linkname procFsync libc_fsync
@@ -376,6 +379,7 @@ var (
procStatvfs,
procSymlink,
procSync,
+ procSysconf,
procTimes,
procTruncate,
procFsync,
@@ -615,8 +619,9 @@ func __minor(version int, dev uint64) (val uint) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-func ioctl(fd int, req uint, arg uintptr) (err error) {
- _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0)
+func ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0)
+ ret = int(r0)
if e1 != 0 {
err = e1
}
@@ -1687,6 +1692,17 @@ func Sync() (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func Sysconf(which int) (n int64, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSysconf)), 1, uintptr(which), 0, 0, 0, 0, 0)
+ n = int64(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Times(tms *Tms) (ticks uintptr, err error) {
r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procTimes)), 1, uintptr(unsafe.Pointer(tms)), 0, 0, 0, 0, 0)
ticks = uintptr(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
new file mode 100644
index 00000000..f2079457
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
@@ -0,0 +1,1255 @@
+// go run mksyscall.go -tags zos,s390x syscall_zos_s390x.go
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+import (
+ "unsafe"
+)
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntl(fd int, cmd int, arg int) (val int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
+ val = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func read(fd int, p []byte) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(SYS_READ, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func write(fd int, p []byte) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(SYS_WRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
+ r0, _, e1 := syscall_syscall(SYS___ACCEPT_A, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
+ _, _, e1 := syscall_syscall(SYS___BIND_A, uintptr(s), uintptr(addr), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
+ _, _, e1 := syscall_syscall(SYS___CONNECT_A, uintptr(s), uintptr(addr), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getgroups(n int, list *_Gid_t) (nn int, err error) {
+ r0, _, e1 := syscall_rawsyscall(SYS_GETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+ nn = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setgroups(n int, list *_Gid_t) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_SETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
+ _, _, e1 := syscall_syscall6(SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
+ _, _, e1 := syscall_syscall6(SYS_SETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func socket(domain int, typ int, proto int) (fd int, err error) {
+ r0, _, e1 := syscall_rawsyscall(SYS_SOCKET, uintptr(domain), uintptr(typ), uintptr(proto))
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
+ _, _, e1 := syscall_rawsyscall6(SYS_SOCKETPAIR, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS___GETPEERNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS___GETSOCKNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(SYS___RECVFROM_A, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) {
+ var _p0 unsafe.Pointer
+ if len(buf) > 0 {
+ _p0 = unsafe.Pointer(&buf[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := syscall_syscall6(SYS___SENDTO_A, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
+ r0, _, e1 := syscall_syscall(SYS___RECVMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
+ r0, _, e1 := syscall_syscall(SYS___SENDMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
+ r0, _, e1 := syscall_syscall6(SYS_MMAP, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
+ ret = uintptr(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func munmap(addr uintptr, length uintptr) (err error) {
+ _, _, e1 := syscall_syscall(SYS_MUNMAP, uintptr(addr), uintptr(length), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func ioctl(fd int, req uint, arg uintptr) (err error) {
+ _, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Access(path string, mode uint32) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___ACCESS_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Chdir(path string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___CHDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Chown(path string, uid int, gid int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___CHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Chmod(path string, mode uint32) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___CHMOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Creat(path string, mode uint32) (fd int, err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ r0, _, e1 := syscall_syscall(SYS___CREAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Dup(oldfd int) (fd int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_DUP, uintptr(oldfd), 0, 0)
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Dup2(oldfd int, newfd int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_DUP2, uintptr(oldfd), uintptr(newfd), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Errno2() (er2 int) {
+ uer2, _, _ := syscall_syscall(SYS___ERRNO2, 0, 0, 0)
+ er2 = int(uer2)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Err2ad() (eadd *int) {
+ ueadd, _, _ := syscall_syscall(SYS___ERR2AD, 0, 0, 0)
+ eadd = (*int)(unsafe.Pointer(ueadd))
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Exit(code int) {
+ syscall_syscall(SYS_EXIT, uintptr(code), 0, 0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchdir(fd int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FCHDIR, uintptr(fd), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchmod(fd int, mode uint32) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FCHMOD, uintptr(fd), uintptr(mode), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchown(fd int, uid int, gid int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FCHOWN, uintptr(fd), uintptr(uid), uintptr(gid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
+ retval = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fstat(fd int, stat *Stat_LE_t) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FSTAT, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fstatvfs(fd int, stat *Statvfs_t) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FSTATVFS, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fsync(fd int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FSYNC, uintptr(fd), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Ftruncate(fd int, length int64) (err error) {
+ _, _, e1 := syscall_syscall(SYS_FTRUNCATE, uintptr(fd), uintptr(length), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpagesize() (pgsize int) {
+ r0, _, _ := syscall_syscall(SYS_GETPAGESIZE, 0, 0, 0)
+ pgsize = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mprotect(b []byte, prot int) (err error) {
+ var _p0 unsafe.Pointer
+ if len(b) > 0 {
+ _p0 = unsafe.Pointer(&b[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := syscall_syscall(SYS_MPROTECT, uintptr(_p0), uintptr(len(b)), uintptr(prot))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Msync(b []byte, flags int) (err error) {
+ var _p0 unsafe.Pointer
+ if len(b) > 0 {
+ _p0 = unsafe.Pointer(&b[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := syscall_syscall(SYS_MSYNC, uintptr(_p0), uintptr(len(b)), uintptr(flags))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Poll(fds []PollFd, timeout int) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(fds) > 0 {
+ _p0 = unsafe.Pointer(&fds[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(SYS_POLL, uintptr(_p0), uintptr(len(fds)), uintptr(timeout))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Times(tms *Tms) (ticks uintptr, err error) {
+ r0, _, e1 := syscall_syscall(SYS_TIMES, uintptr(unsafe.Pointer(tms)), 0, 0)
+ ticks = uintptr(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func W_Getmntent(buff *byte, size int) (lastsys int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_W_GETMNTENT, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
+ lastsys = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func W_Getmntent_A(buff *byte, size int) (lastsys int, err error) {
+ r0, _, e1 := syscall_syscall(SYS___W_GETMNTENT_A, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
+ lastsys = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ var _p1 *byte
+ _p1, err = BytePtrFromString(filesystem)
+ if err != nil {
+ return
+ }
+ var _p2 *byte
+ _p2, err = BytePtrFromString(fstype)
+ if err != nil {
+ return
+ }
+ var _p3 *byte
+ _p3, err = BytePtrFromString(parm)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall6(SYS___MOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(mtm), uintptr(parmlen), uintptr(unsafe.Pointer(_p3)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unmount(filesystem string, mtm int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(filesystem)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___UMOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mtm), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Chroot(path string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___CHROOT_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Uname(buf *Utsname) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS___UNAME_A, uintptr(unsafe.Pointer(buf)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Gethostname(buf []byte) (err error) {
+ var _p0 unsafe.Pointer
+ if len(buf) > 0 {
+ _p0 = unsafe.Pointer(&buf[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ _, _, e1 := syscall_syscall(SYS___GETHOSTNAME_A, uintptr(_p0), uintptr(len(buf)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getegid() (egid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETEGID, 0, 0, 0)
+ egid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Geteuid() (uid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETEUID, 0, 0, 0)
+ uid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getgid() (gid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETGID, 0, 0, 0)
+ gid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpid() (pid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETPID, 0, 0, 0)
+ pid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpgid(pid int) (pgid int, err error) {
+ r0, _, e1 := syscall_rawsyscall(SYS_GETPGID, uintptr(pid), 0, 0)
+ pgid = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getppid() (pid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETPPID, 0, 0, 0)
+ pid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpriority(which int, who int) (prio int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_GETPRIORITY, uintptr(which), uintptr(who), 0)
+ prio = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getrlimit(resource int, rlim *Rlimit) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_GETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getrusage(who int, rusage *rusage_zos) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_GETRUSAGE, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getsid(pid int) (sid int, err error) {
+ r0, _, e1 := syscall_rawsyscall(SYS_GETSID, uintptr(pid), 0, 0)
+ sid = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getuid() (uid int) {
+ r0, _, _ := syscall_rawsyscall(SYS_GETUID, 0, 0, 0)
+ uid = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Kill(pid int, sig Signal) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_KILL, uintptr(pid), uintptr(sig), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Lchown(path string, uid int, gid int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___LCHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Link(path string, link string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ var _p1 *byte
+ _p1, err = BytePtrFromString(link)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___LINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Listen(s int, n int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_LISTEN, uintptr(s), uintptr(n), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func lstat(path string, stat *Stat_LE_t) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___LSTAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mkdir(path string, mode uint32) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___MKDIR_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mkfifo(path string, mode uint32) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___MKFIFO_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mknod(path string, mode uint32, dev int) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___MKNOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pread(fd int, p []byte, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(SYS_PREAD, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(p) > 0 {
+ _p0 = unsafe.Pointer(&p[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(SYS_PWRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Readlink(path string, buf []byte) (n int, err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ var _p1 unsafe.Pointer
+ if len(buf) > 0 {
+ _p1 = unsafe.Pointer(&buf[0])
+ } else {
+ _p1 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(SYS___READLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Rename(from string, to string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(from)
+ if err != nil {
+ return
+ }
+ var _p1 *byte
+ _p1, err = BytePtrFromString(to)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___RENAME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Rmdir(path string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___RMDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Seek(fd int, offset int64, whence int) (off int64, err error) {
+ r0, _, e1 := syscall_syscall(SYS_LSEEK, uintptr(fd), uintptr(offset), uintptr(whence))
+ off = int64(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setpriority(which int, who int, prio int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setpgid(pid int, pgid int) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_SETPGID, uintptr(pid), uintptr(pgid), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setrlimit(resource int, lim *Rlimit) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(lim)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setregid(rgid int, egid int) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setreuid(ruid int, euid int) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_SETREUID, uintptr(ruid), uintptr(euid), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setsid() (pid int, err error) {
+ r0, _, e1 := syscall_rawsyscall(SYS_SETSID, 0, 0, 0)
+ pid = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setuid(uid int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_SETUID, uintptr(uid), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Setgid(uid int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_SETGID, uintptr(uid), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Shutdown(fd int, how int) (err error) {
+ _, _, e1 := syscall_syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func stat(path string, statLE *Stat_LE_t) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___STAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(statLE)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Symlink(path string, link string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ var _p1 *byte
+ _p1, err = BytePtrFromString(link)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___SYMLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Sync() {
+ syscall_syscall(SYS_SYNC, 0, 0, 0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Truncate(path string, length int64) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___TRUNCATE_A, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Tcgetattr(fildes int, termptr *Termios) (err error) {
+ _, _, e1 := syscall_syscall(SYS_TCGETATTR, uintptr(fildes), uintptr(unsafe.Pointer(termptr)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Tcsetattr(fildes int, when int, termptr *Termios) (err error) {
+ _, _, e1 := syscall_syscall(SYS_TCSETATTR, uintptr(fildes), uintptr(when), uintptr(unsafe.Pointer(termptr)))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Umask(mask int) (oldmask int) {
+ r0, _, _ := syscall_syscall(SYS_UMASK, uintptr(mask), 0, 0)
+ oldmask = int(r0)
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Unlink(path string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___UNLINK_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Utime(path string, utim *Utimbuf) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___UTIME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(utim)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func open(path string, mode int, perm uint32) (fd int, err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ r0, _, e1 := syscall_syscall(SYS___OPEN_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
+ fd = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func remove(path string) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS_REMOVE, uintptr(unsafe.Pointer(_p0)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error) {
+ r0, _, e1 := syscall_syscall(SYS_WAITPID, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options))
+ wpid = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func gettimeofday(tv *timeval_zos) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_GETTIMEOFDAY, uintptr(unsafe.Pointer(tv)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pipe(p *[2]_C_int) (err error) {
+ _, _, e1 := syscall_rawsyscall(SYS_PIPE, uintptr(unsafe.Pointer(p)), 0, 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func utimes(path string, timeval *[2]Timeval) (err error) {
+ var _p0 *byte
+ _p0, err = BytePtrFromString(path)
+ if err != nil {
+ return
+ }
+ _, _, e1 := syscall_syscall(SYS___UTIMES_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) {
+ r0, _, e1 := syscall_syscall6(SYS_SELECT, uintptr(nmsgsfds), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+ ret = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
index 102f1ab4..9e9d0b2a 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
@@ -1,6 +1,7 @@
// go run mksysctl_openbsd.go
// Code generated by the command above; DO NOT EDIT.
+//go:build 386 && openbsd
// +build 386,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
index 4866fced..adecd096 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksysctl_openbsd.go
// Code generated by the command above; DO NOT EDIT.
+//go:build amd64 && openbsd
// +build amd64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
index d3801eb2..8ea52a4a 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
@@ -1,6 +1,7 @@
// go run mksysctl_openbsd.go
// Code generated by the command above; DO NOT EDIT.
+//go:build arm && openbsd
// +build arm,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
index ba4304fd..154b57ae 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksysctl_openbsd.go
// Code generated by the command above; DO NOT EDIT.
+//go:build arm64 && openbsd
// +build arm64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
index aca34b34..d96bb2ba 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
@@ -1,6 +1,7 @@
// go run mksysctl_openbsd.go
// Code generated by the command above; DO NOT EDIT.
+//go:build mips64 && openbsd
// +build mips64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go
deleted file mode 100644
index ad62324c..00000000
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_386.go
+++ /dev/null
@@ -1,437 +0,0 @@
-// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.13.sdk/usr/include/sys/syscall.h
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build 386,darwin
-
-package unix
-
-// Deprecated: Use libSystem wrappers instead of direct syscalls.
-const (
- SYS_SYSCALL = 0
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_WAIT4 = 7
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_CHDIR = 12
- SYS_FCHDIR = 13
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_CHOWN = 16
- SYS_GETFSSTAT = 18
- SYS_GETPID = 20
- SYS_SETUID = 23
- SYS_GETUID = 24
- SYS_GETEUID = 25
- SYS_PTRACE = 26
- SYS_RECVMSG = 27
- SYS_SENDMSG = 28
- SYS_RECVFROM = 29
- SYS_ACCEPT = 30
- SYS_GETPEERNAME = 31
- SYS_GETSOCKNAME = 32
- SYS_ACCESS = 33
- SYS_CHFLAGS = 34
- SYS_FCHFLAGS = 35
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_GETPPID = 39
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_GETEGID = 43
- SYS_SIGACTION = 46
- SYS_GETGID = 47
- SYS_SIGPROCMASK = 48
- SYS_GETLOGIN = 49
- SYS_SETLOGIN = 50
- SYS_ACCT = 51
- SYS_SIGPENDING = 52
- SYS_SIGALTSTACK = 53
- SYS_IOCTL = 54
- SYS_REBOOT = 55
- SYS_REVOKE = 56
- SYS_SYMLINK = 57
- SYS_READLINK = 58
- SYS_EXECVE = 59
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_MSYNC = 65
- SYS_VFORK = 66
- SYS_MUNMAP = 73
- SYS_MPROTECT = 74
- SYS_MADVISE = 75
- SYS_MINCORE = 78
- SYS_GETGROUPS = 79
- SYS_SETGROUPS = 80
- SYS_GETPGRP = 81
- SYS_SETPGID = 82
- SYS_SETITIMER = 83
- SYS_SWAPON = 85
- SYS_GETITIMER = 86
- SYS_GETDTABLESIZE = 89
- SYS_DUP2 = 90
- SYS_FCNTL = 92
- SYS_SELECT = 93
- SYS_FSYNC = 95
- SYS_SETPRIORITY = 96
- SYS_SOCKET = 97
- SYS_CONNECT = 98
- SYS_GETPRIORITY = 100
- SYS_BIND = 104
- SYS_SETSOCKOPT = 105
- SYS_LISTEN = 106
- SYS_SIGSUSPEND = 111
- SYS_GETTIMEOFDAY = 116
- SYS_GETRUSAGE = 117
- SYS_GETSOCKOPT = 118
- SYS_READV = 120
- SYS_WRITEV = 121
- SYS_SETTIMEOFDAY = 122
- SYS_FCHOWN = 123
- SYS_FCHMOD = 124
- SYS_SETREUID = 126
- SYS_SETREGID = 127
- SYS_RENAME = 128
- SYS_FLOCK = 131
- SYS_MKFIFO = 132
- SYS_SENDTO = 133
- SYS_SHUTDOWN = 134
- SYS_SOCKETPAIR = 135
- SYS_MKDIR = 136
- SYS_RMDIR = 137
- SYS_UTIMES = 138
- SYS_FUTIMES = 139
- SYS_ADJTIME = 140
- SYS_GETHOSTUUID = 142
- SYS_SETSID = 147
- SYS_GETPGID = 151
- SYS_SETPRIVEXEC = 152
- SYS_PREAD = 153
- SYS_PWRITE = 154
- SYS_NFSSVC = 155
- SYS_STATFS = 157
- SYS_FSTATFS = 158
- SYS_UNMOUNT = 159
- SYS_GETFH = 161
- SYS_QUOTACTL = 165
- SYS_MOUNT = 167
- SYS_CSOPS = 169
- SYS_CSOPS_AUDITTOKEN = 170
- SYS_WAITID = 173
- SYS_KDEBUG_TYPEFILTER = 177
- SYS_KDEBUG_TRACE_STRING = 178
- SYS_KDEBUG_TRACE64 = 179
- SYS_KDEBUG_TRACE = 180
- SYS_SETGID = 181
- SYS_SETEGID = 182
- SYS_SETEUID = 183
- SYS_SIGRETURN = 184
- SYS_THREAD_SELFCOUNTS = 186
- SYS_FDATASYNC = 187
- SYS_STAT = 188
- SYS_FSTAT = 189
- SYS_LSTAT = 190
- SYS_PATHCONF = 191
- SYS_FPATHCONF = 192
- SYS_GETRLIMIT = 194
- SYS_SETRLIMIT = 195
- SYS_GETDIRENTRIES = 196
- SYS_MMAP = 197
- SYS_LSEEK = 199
- SYS_TRUNCATE = 200
- SYS_FTRUNCATE = 201
- SYS_SYSCTL = 202
- SYS_MLOCK = 203
- SYS_MUNLOCK = 204
- SYS_UNDELETE = 205
- SYS_OPEN_DPROTECTED_NP = 216
- SYS_GETATTRLIST = 220
- SYS_SETATTRLIST = 221
- SYS_GETDIRENTRIESATTR = 222
- SYS_EXCHANGEDATA = 223
- SYS_SEARCHFS = 225
- SYS_DELETE = 226
- SYS_COPYFILE = 227
- SYS_FGETATTRLIST = 228
- SYS_FSETATTRLIST = 229
- SYS_POLL = 230
- SYS_WATCHEVENT = 231
- SYS_WAITEVENT = 232
- SYS_MODWATCH = 233
- SYS_GETXATTR = 234
- SYS_FGETXATTR = 235
- SYS_SETXATTR = 236
- SYS_FSETXATTR = 237
- SYS_REMOVEXATTR = 238
- SYS_FREMOVEXATTR = 239
- SYS_LISTXATTR = 240
- SYS_FLISTXATTR = 241
- SYS_FSCTL = 242
- SYS_INITGROUPS = 243
- SYS_POSIX_SPAWN = 244
- SYS_FFSCTL = 245
- SYS_NFSCLNT = 247
- SYS_FHOPEN = 248
- SYS_MINHERIT = 250
- SYS_SEMSYS = 251
- SYS_MSGSYS = 252
- SYS_SHMSYS = 253
- SYS_SEMCTL = 254
- SYS_SEMGET = 255
- SYS_SEMOP = 256
- SYS_MSGCTL = 258
- SYS_MSGGET = 259
- SYS_MSGSND = 260
- SYS_MSGRCV = 261
- SYS_SHMAT = 262
- SYS_SHMCTL = 263
- SYS_SHMDT = 264
- SYS_SHMGET = 265
- SYS_SHM_OPEN = 266
- SYS_SHM_UNLINK = 267
- SYS_SEM_OPEN = 268
- SYS_SEM_CLOSE = 269
- SYS_SEM_UNLINK = 270
- SYS_SEM_WAIT = 271
- SYS_SEM_TRYWAIT = 272
- SYS_SEM_POST = 273
- SYS_SYSCTLBYNAME = 274
- SYS_OPEN_EXTENDED = 277
- SYS_UMASK_EXTENDED = 278
- SYS_STAT_EXTENDED = 279
- SYS_LSTAT_EXTENDED = 280
- SYS_FSTAT_EXTENDED = 281
- SYS_CHMOD_EXTENDED = 282
- SYS_FCHMOD_EXTENDED = 283
- SYS_ACCESS_EXTENDED = 284
- SYS_SETTID = 285
- SYS_GETTID = 286
- SYS_SETSGROUPS = 287
- SYS_GETSGROUPS = 288
- SYS_SETWGROUPS = 289
- SYS_GETWGROUPS = 290
- SYS_MKFIFO_EXTENDED = 291
- SYS_MKDIR_EXTENDED = 292
- SYS_IDENTITYSVC = 293
- SYS_SHARED_REGION_CHECK_NP = 294
- SYS_VM_PRESSURE_MONITOR = 296
- SYS_PSYNCH_RW_LONGRDLOCK = 297
- SYS_PSYNCH_RW_YIELDWRLOCK = 298
- SYS_PSYNCH_RW_DOWNGRADE = 299
- SYS_PSYNCH_RW_UPGRADE = 300
- SYS_PSYNCH_MUTEXWAIT = 301
- SYS_PSYNCH_MUTEXDROP = 302
- SYS_PSYNCH_CVBROAD = 303
- SYS_PSYNCH_CVSIGNAL = 304
- SYS_PSYNCH_CVWAIT = 305
- SYS_PSYNCH_RW_RDLOCK = 306
- SYS_PSYNCH_RW_WRLOCK = 307
- SYS_PSYNCH_RW_UNLOCK = 308
- SYS_PSYNCH_RW_UNLOCK2 = 309
- SYS_GETSID = 310
- SYS_SETTID_WITH_PID = 311
- SYS_PSYNCH_CVCLRPREPOST = 312
- SYS_AIO_FSYNC = 313
- SYS_AIO_RETURN = 314
- SYS_AIO_SUSPEND = 315
- SYS_AIO_CANCEL = 316
- SYS_AIO_ERROR = 317
- SYS_AIO_READ = 318
- SYS_AIO_WRITE = 319
- SYS_LIO_LISTIO = 320
- SYS_IOPOLICYSYS = 322
- SYS_PROCESS_POLICY = 323
- SYS_MLOCKALL = 324
- SYS_MUNLOCKALL = 325
- SYS_ISSETUGID = 327
- SYS___PTHREAD_KILL = 328
- SYS___PTHREAD_SIGMASK = 329
- SYS___SIGWAIT = 330
- SYS___DISABLE_THREADSIGNAL = 331
- SYS___PTHREAD_MARKCANCEL = 332
- SYS___PTHREAD_CANCELED = 333
- SYS___SEMWAIT_SIGNAL = 334
- SYS_PROC_INFO = 336
- SYS_SENDFILE = 337
- SYS_STAT64 = 338
- SYS_FSTAT64 = 339
- SYS_LSTAT64 = 340
- SYS_STAT64_EXTENDED = 341
- SYS_LSTAT64_EXTENDED = 342
- SYS_FSTAT64_EXTENDED = 343
- SYS_GETDIRENTRIES64 = 344
- SYS_STATFS64 = 345
- SYS_FSTATFS64 = 346
- SYS_GETFSSTAT64 = 347
- SYS___PTHREAD_CHDIR = 348
- SYS___PTHREAD_FCHDIR = 349
- SYS_AUDIT = 350
- SYS_AUDITON = 351
- SYS_GETAUID = 353
- SYS_SETAUID = 354
- SYS_GETAUDIT_ADDR = 357
- SYS_SETAUDIT_ADDR = 358
- SYS_AUDITCTL = 359
- SYS_BSDTHREAD_CREATE = 360
- SYS_BSDTHREAD_TERMINATE = 361
- SYS_KQUEUE = 362
- SYS_KEVENT = 363
- SYS_LCHOWN = 364
- SYS_BSDTHREAD_REGISTER = 366
- SYS_WORKQ_OPEN = 367
- SYS_WORKQ_KERNRETURN = 368
- SYS_KEVENT64 = 369
- SYS___OLD_SEMWAIT_SIGNAL = 370
- SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371
- SYS_THREAD_SELFID = 372
- SYS_LEDGER = 373
- SYS_KEVENT_QOS = 374
- SYS_KEVENT_ID = 375
- SYS___MAC_EXECVE = 380
- SYS___MAC_SYSCALL = 381
- SYS___MAC_GET_FILE = 382
- SYS___MAC_SET_FILE = 383
- SYS___MAC_GET_LINK = 384
- SYS___MAC_SET_LINK = 385
- SYS___MAC_GET_PROC = 386
- SYS___MAC_SET_PROC = 387
- SYS___MAC_GET_FD = 388
- SYS___MAC_SET_FD = 389
- SYS___MAC_GET_PID = 390
- SYS_PSELECT = 394
- SYS_PSELECT_NOCANCEL = 395
- SYS_READ_NOCANCEL = 396
- SYS_WRITE_NOCANCEL = 397
- SYS_OPEN_NOCANCEL = 398
- SYS_CLOSE_NOCANCEL = 399
- SYS_WAIT4_NOCANCEL = 400
- SYS_RECVMSG_NOCANCEL = 401
- SYS_SENDMSG_NOCANCEL = 402
- SYS_RECVFROM_NOCANCEL = 403
- SYS_ACCEPT_NOCANCEL = 404
- SYS_MSYNC_NOCANCEL = 405
- SYS_FCNTL_NOCANCEL = 406
- SYS_SELECT_NOCANCEL = 407
- SYS_FSYNC_NOCANCEL = 408
- SYS_CONNECT_NOCANCEL = 409
- SYS_SIGSUSPEND_NOCANCEL = 410
- SYS_READV_NOCANCEL = 411
- SYS_WRITEV_NOCANCEL = 412
- SYS_SENDTO_NOCANCEL = 413
- SYS_PREAD_NOCANCEL = 414
- SYS_PWRITE_NOCANCEL = 415
- SYS_WAITID_NOCANCEL = 416
- SYS_POLL_NOCANCEL = 417
- SYS_MSGSND_NOCANCEL = 418
- SYS_MSGRCV_NOCANCEL = 419
- SYS_SEM_WAIT_NOCANCEL = 420
- SYS_AIO_SUSPEND_NOCANCEL = 421
- SYS___SIGWAIT_NOCANCEL = 422
- SYS___SEMWAIT_SIGNAL_NOCANCEL = 423
- SYS___MAC_MOUNT = 424
- SYS___MAC_GET_MOUNT = 425
- SYS___MAC_GETFSSTAT = 426
- SYS_FSGETPATH = 427
- SYS_AUDIT_SESSION_SELF = 428
- SYS_AUDIT_SESSION_JOIN = 429
- SYS_FILEPORT_MAKEPORT = 430
- SYS_FILEPORT_MAKEFD = 431
- SYS_AUDIT_SESSION_PORT = 432
- SYS_PID_SUSPEND = 433
- SYS_PID_RESUME = 434
- SYS_PID_HIBERNATE = 435
- SYS_PID_SHUTDOWN_SOCKETS = 436
- SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438
- SYS_KAS_INFO = 439
- SYS_MEMORYSTATUS_CONTROL = 440
- SYS_GUARDED_OPEN_NP = 441
- SYS_GUARDED_CLOSE_NP = 442
- SYS_GUARDED_KQUEUE_NP = 443
- SYS_CHANGE_FDGUARD_NP = 444
- SYS_USRCTL = 445
- SYS_PROC_RLIMIT_CONTROL = 446
- SYS_CONNECTX = 447
- SYS_DISCONNECTX = 448
- SYS_PEELOFF = 449
- SYS_SOCKET_DELEGATE = 450
- SYS_TELEMETRY = 451
- SYS_PROC_UUID_POLICY = 452
- SYS_MEMORYSTATUS_GET_LEVEL = 453
- SYS_SYSTEM_OVERRIDE = 454
- SYS_VFS_PURGE = 455
- SYS_SFI_CTL = 456
- SYS_SFI_PIDCTL = 457
- SYS_COALITION = 458
- SYS_COALITION_INFO = 459
- SYS_NECP_MATCH_POLICY = 460
- SYS_GETATTRLISTBULK = 461
- SYS_CLONEFILEAT = 462
- SYS_OPENAT = 463
- SYS_OPENAT_NOCANCEL = 464
- SYS_RENAMEAT = 465
- SYS_FACCESSAT = 466
- SYS_FCHMODAT = 467
- SYS_FCHOWNAT = 468
- SYS_FSTATAT = 469
- SYS_FSTATAT64 = 470
- SYS_LINKAT = 471
- SYS_UNLINKAT = 472
- SYS_READLINKAT = 473
- SYS_SYMLINKAT = 474
- SYS_MKDIRAT = 475
- SYS_GETATTRLISTAT = 476
- SYS_PROC_TRACE_LOG = 477
- SYS_BSDTHREAD_CTL = 478
- SYS_OPENBYID_NP = 479
- SYS_RECVMSG_X = 480
- SYS_SENDMSG_X = 481
- SYS_THREAD_SELFUSAGE = 482
- SYS_CSRCTL = 483
- SYS_GUARDED_OPEN_DPROTECTED_NP = 484
- SYS_GUARDED_WRITE_NP = 485
- SYS_GUARDED_PWRITE_NP = 486
- SYS_GUARDED_WRITEV_NP = 487
- SYS_RENAMEATX_NP = 488
- SYS_MREMAP_ENCRYPTED = 489
- SYS_NETAGENT_TRIGGER = 490
- SYS_STACK_SNAPSHOT_WITH_CONFIG = 491
- SYS_MICROSTACKSHOT = 492
- SYS_GRAB_PGO_DATA = 493
- SYS_PERSONA = 494
- SYS_WORK_INTERVAL_CTL = 499
- SYS_GETENTROPY = 500
- SYS_NECP_OPEN = 501
- SYS_NECP_CLIENT_ACTION = 502
- SYS___NEXUS_OPEN = 503
- SYS___NEXUS_REGISTER = 504
- SYS___NEXUS_DEREGISTER = 505
- SYS___NEXUS_CREATE = 506
- SYS___NEXUS_DESTROY = 507
- SYS___NEXUS_GET_OPT = 508
- SYS___NEXUS_SET_OPT = 509
- SYS___CHANNEL_OPEN = 510
- SYS___CHANNEL_GET_INFO = 511
- SYS___CHANNEL_SYNC = 512
- SYS___CHANNEL_GET_OPT = 513
- SYS___CHANNEL_SET_OPT = 514
- SYS_ULOCK_WAIT = 515
- SYS_ULOCK_WAKE = 516
- SYS_FCLONEFILEAT = 517
- SYS_FS_SNAPSHOT = 518
- SYS_TERMINATE_WITH_PAYLOAD = 520
- SYS_ABORT_WITH_PAYLOAD = 521
- SYS_NECP_SESSION_OPEN = 522
- SYS_NECP_SESSION_ACTION = 523
- SYS_SETATTRLISTAT = 524
- SYS_NET_QOS_GUIDELINE = 525
- SYS_FMOUNT = 526
- SYS_NTP_ADJTIME = 527
- SYS_NTP_GETTIME = 528
- SYS_OS_FAULT_WITH_PAYLOAD = 529
- SYS_MAXSYSCALL = 530
- SYS_INVALID = 63
-)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
index a2fc91d6..f8298ff9 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.sdk/usr/include/sys/syscall.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && darwin
// +build amd64,darwin
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go
deleted file mode 100644
index 20d7808a..00000000
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm.go
+++ /dev/null
@@ -1,437 +0,0 @@
-// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build arm,darwin
-
-package unix
-
-// Deprecated: Use libSystem wrappers instead of direct syscalls.
-const (
- SYS_SYSCALL = 0
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_WAIT4 = 7
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_CHDIR = 12
- SYS_FCHDIR = 13
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_CHOWN = 16
- SYS_GETFSSTAT = 18
- SYS_GETPID = 20
- SYS_SETUID = 23
- SYS_GETUID = 24
- SYS_GETEUID = 25
- SYS_PTRACE = 26
- SYS_RECVMSG = 27
- SYS_SENDMSG = 28
- SYS_RECVFROM = 29
- SYS_ACCEPT = 30
- SYS_GETPEERNAME = 31
- SYS_GETSOCKNAME = 32
- SYS_ACCESS = 33
- SYS_CHFLAGS = 34
- SYS_FCHFLAGS = 35
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_GETPPID = 39
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_GETEGID = 43
- SYS_SIGACTION = 46
- SYS_GETGID = 47
- SYS_SIGPROCMASK = 48
- SYS_GETLOGIN = 49
- SYS_SETLOGIN = 50
- SYS_ACCT = 51
- SYS_SIGPENDING = 52
- SYS_SIGALTSTACK = 53
- SYS_IOCTL = 54
- SYS_REBOOT = 55
- SYS_REVOKE = 56
- SYS_SYMLINK = 57
- SYS_READLINK = 58
- SYS_EXECVE = 59
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_MSYNC = 65
- SYS_VFORK = 66
- SYS_MUNMAP = 73
- SYS_MPROTECT = 74
- SYS_MADVISE = 75
- SYS_MINCORE = 78
- SYS_GETGROUPS = 79
- SYS_SETGROUPS = 80
- SYS_GETPGRP = 81
- SYS_SETPGID = 82
- SYS_SETITIMER = 83
- SYS_SWAPON = 85
- SYS_GETITIMER = 86
- SYS_GETDTABLESIZE = 89
- SYS_DUP2 = 90
- SYS_FCNTL = 92
- SYS_SELECT = 93
- SYS_FSYNC = 95
- SYS_SETPRIORITY = 96
- SYS_SOCKET = 97
- SYS_CONNECT = 98
- SYS_GETPRIORITY = 100
- SYS_BIND = 104
- SYS_SETSOCKOPT = 105
- SYS_LISTEN = 106
- SYS_SIGSUSPEND = 111
- SYS_GETTIMEOFDAY = 116
- SYS_GETRUSAGE = 117
- SYS_GETSOCKOPT = 118
- SYS_READV = 120
- SYS_WRITEV = 121
- SYS_SETTIMEOFDAY = 122
- SYS_FCHOWN = 123
- SYS_FCHMOD = 124
- SYS_SETREUID = 126
- SYS_SETREGID = 127
- SYS_RENAME = 128
- SYS_FLOCK = 131
- SYS_MKFIFO = 132
- SYS_SENDTO = 133
- SYS_SHUTDOWN = 134
- SYS_SOCKETPAIR = 135
- SYS_MKDIR = 136
- SYS_RMDIR = 137
- SYS_UTIMES = 138
- SYS_FUTIMES = 139
- SYS_ADJTIME = 140
- SYS_GETHOSTUUID = 142
- SYS_SETSID = 147
- SYS_GETPGID = 151
- SYS_SETPRIVEXEC = 152
- SYS_PREAD = 153
- SYS_PWRITE = 154
- SYS_NFSSVC = 155
- SYS_STATFS = 157
- SYS_FSTATFS = 158
- SYS_UNMOUNT = 159
- SYS_GETFH = 161
- SYS_QUOTACTL = 165
- SYS_MOUNT = 167
- SYS_CSOPS = 169
- SYS_CSOPS_AUDITTOKEN = 170
- SYS_WAITID = 173
- SYS_KDEBUG_TYPEFILTER = 177
- SYS_KDEBUG_TRACE_STRING = 178
- SYS_KDEBUG_TRACE64 = 179
- SYS_KDEBUG_TRACE = 180
- SYS_SETGID = 181
- SYS_SETEGID = 182
- SYS_SETEUID = 183
- SYS_SIGRETURN = 184
- SYS_THREAD_SELFCOUNTS = 186
- SYS_FDATASYNC = 187
- SYS_STAT = 188
- SYS_FSTAT = 189
- SYS_LSTAT = 190
- SYS_PATHCONF = 191
- SYS_FPATHCONF = 192
- SYS_GETRLIMIT = 194
- SYS_SETRLIMIT = 195
- SYS_GETDIRENTRIES = 196
- SYS_MMAP = 197
- SYS_LSEEK = 199
- SYS_TRUNCATE = 200
- SYS_FTRUNCATE = 201
- SYS_SYSCTL = 202
- SYS_MLOCK = 203
- SYS_MUNLOCK = 204
- SYS_UNDELETE = 205
- SYS_OPEN_DPROTECTED_NP = 216
- SYS_GETATTRLIST = 220
- SYS_SETATTRLIST = 221
- SYS_GETDIRENTRIESATTR = 222
- SYS_EXCHANGEDATA = 223
- SYS_SEARCHFS = 225
- SYS_DELETE = 226
- SYS_COPYFILE = 227
- SYS_FGETATTRLIST = 228
- SYS_FSETATTRLIST = 229
- SYS_POLL = 230
- SYS_WATCHEVENT = 231
- SYS_WAITEVENT = 232
- SYS_MODWATCH = 233
- SYS_GETXATTR = 234
- SYS_FGETXATTR = 235
- SYS_SETXATTR = 236
- SYS_FSETXATTR = 237
- SYS_REMOVEXATTR = 238
- SYS_FREMOVEXATTR = 239
- SYS_LISTXATTR = 240
- SYS_FLISTXATTR = 241
- SYS_FSCTL = 242
- SYS_INITGROUPS = 243
- SYS_POSIX_SPAWN = 244
- SYS_FFSCTL = 245
- SYS_NFSCLNT = 247
- SYS_FHOPEN = 248
- SYS_MINHERIT = 250
- SYS_SEMSYS = 251
- SYS_MSGSYS = 252
- SYS_SHMSYS = 253
- SYS_SEMCTL = 254
- SYS_SEMGET = 255
- SYS_SEMOP = 256
- SYS_MSGCTL = 258
- SYS_MSGGET = 259
- SYS_MSGSND = 260
- SYS_MSGRCV = 261
- SYS_SHMAT = 262
- SYS_SHMCTL = 263
- SYS_SHMDT = 264
- SYS_SHMGET = 265
- SYS_SHM_OPEN = 266
- SYS_SHM_UNLINK = 267
- SYS_SEM_OPEN = 268
- SYS_SEM_CLOSE = 269
- SYS_SEM_UNLINK = 270
- SYS_SEM_WAIT = 271
- SYS_SEM_TRYWAIT = 272
- SYS_SEM_POST = 273
- SYS_SYSCTLBYNAME = 274
- SYS_OPEN_EXTENDED = 277
- SYS_UMASK_EXTENDED = 278
- SYS_STAT_EXTENDED = 279
- SYS_LSTAT_EXTENDED = 280
- SYS_FSTAT_EXTENDED = 281
- SYS_CHMOD_EXTENDED = 282
- SYS_FCHMOD_EXTENDED = 283
- SYS_ACCESS_EXTENDED = 284
- SYS_SETTID = 285
- SYS_GETTID = 286
- SYS_SETSGROUPS = 287
- SYS_GETSGROUPS = 288
- SYS_SETWGROUPS = 289
- SYS_GETWGROUPS = 290
- SYS_MKFIFO_EXTENDED = 291
- SYS_MKDIR_EXTENDED = 292
- SYS_IDENTITYSVC = 293
- SYS_SHARED_REGION_CHECK_NP = 294
- SYS_VM_PRESSURE_MONITOR = 296
- SYS_PSYNCH_RW_LONGRDLOCK = 297
- SYS_PSYNCH_RW_YIELDWRLOCK = 298
- SYS_PSYNCH_RW_DOWNGRADE = 299
- SYS_PSYNCH_RW_UPGRADE = 300
- SYS_PSYNCH_MUTEXWAIT = 301
- SYS_PSYNCH_MUTEXDROP = 302
- SYS_PSYNCH_CVBROAD = 303
- SYS_PSYNCH_CVSIGNAL = 304
- SYS_PSYNCH_CVWAIT = 305
- SYS_PSYNCH_RW_RDLOCK = 306
- SYS_PSYNCH_RW_WRLOCK = 307
- SYS_PSYNCH_RW_UNLOCK = 308
- SYS_PSYNCH_RW_UNLOCK2 = 309
- SYS_GETSID = 310
- SYS_SETTID_WITH_PID = 311
- SYS_PSYNCH_CVCLRPREPOST = 312
- SYS_AIO_FSYNC = 313
- SYS_AIO_RETURN = 314
- SYS_AIO_SUSPEND = 315
- SYS_AIO_CANCEL = 316
- SYS_AIO_ERROR = 317
- SYS_AIO_READ = 318
- SYS_AIO_WRITE = 319
- SYS_LIO_LISTIO = 320
- SYS_IOPOLICYSYS = 322
- SYS_PROCESS_POLICY = 323
- SYS_MLOCKALL = 324
- SYS_MUNLOCKALL = 325
- SYS_ISSETUGID = 327
- SYS___PTHREAD_KILL = 328
- SYS___PTHREAD_SIGMASK = 329
- SYS___SIGWAIT = 330
- SYS___DISABLE_THREADSIGNAL = 331
- SYS___PTHREAD_MARKCANCEL = 332
- SYS___PTHREAD_CANCELED = 333
- SYS___SEMWAIT_SIGNAL = 334
- SYS_PROC_INFO = 336
- SYS_SENDFILE = 337
- SYS_STAT64 = 338
- SYS_FSTAT64 = 339
- SYS_LSTAT64 = 340
- SYS_STAT64_EXTENDED = 341
- SYS_LSTAT64_EXTENDED = 342
- SYS_FSTAT64_EXTENDED = 343
- SYS_GETDIRENTRIES64 = 344
- SYS_STATFS64 = 345
- SYS_FSTATFS64 = 346
- SYS_GETFSSTAT64 = 347
- SYS___PTHREAD_CHDIR = 348
- SYS___PTHREAD_FCHDIR = 349
- SYS_AUDIT = 350
- SYS_AUDITON = 351
- SYS_GETAUID = 353
- SYS_SETAUID = 354
- SYS_GETAUDIT_ADDR = 357
- SYS_SETAUDIT_ADDR = 358
- SYS_AUDITCTL = 359
- SYS_BSDTHREAD_CREATE = 360
- SYS_BSDTHREAD_TERMINATE = 361
- SYS_KQUEUE = 362
- SYS_KEVENT = 363
- SYS_LCHOWN = 364
- SYS_BSDTHREAD_REGISTER = 366
- SYS_WORKQ_OPEN = 367
- SYS_WORKQ_KERNRETURN = 368
- SYS_KEVENT64 = 369
- SYS___OLD_SEMWAIT_SIGNAL = 370
- SYS___OLD_SEMWAIT_SIGNAL_NOCANCEL = 371
- SYS_THREAD_SELFID = 372
- SYS_LEDGER = 373
- SYS_KEVENT_QOS = 374
- SYS_KEVENT_ID = 375
- SYS___MAC_EXECVE = 380
- SYS___MAC_SYSCALL = 381
- SYS___MAC_GET_FILE = 382
- SYS___MAC_SET_FILE = 383
- SYS___MAC_GET_LINK = 384
- SYS___MAC_SET_LINK = 385
- SYS___MAC_GET_PROC = 386
- SYS___MAC_SET_PROC = 387
- SYS___MAC_GET_FD = 388
- SYS___MAC_SET_FD = 389
- SYS___MAC_GET_PID = 390
- SYS_PSELECT = 394
- SYS_PSELECT_NOCANCEL = 395
- SYS_READ_NOCANCEL = 396
- SYS_WRITE_NOCANCEL = 397
- SYS_OPEN_NOCANCEL = 398
- SYS_CLOSE_NOCANCEL = 399
- SYS_WAIT4_NOCANCEL = 400
- SYS_RECVMSG_NOCANCEL = 401
- SYS_SENDMSG_NOCANCEL = 402
- SYS_RECVFROM_NOCANCEL = 403
- SYS_ACCEPT_NOCANCEL = 404
- SYS_MSYNC_NOCANCEL = 405
- SYS_FCNTL_NOCANCEL = 406
- SYS_SELECT_NOCANCEL = 407
- SYS_FSYNC_NOCANCEL = 408
- SYS_CONNECT_NOCANCEL = 409
- SYS_SIGSUSPEND_NOCANCEL = 410
- SYS_READV_NOCANCEL = 411
- SYS_WRITEV_NOCANCEL = 412
- SYS_SENDTO_NOCANCEL = 413
- SYS_PREAD_NOCANCEL = 414
- SYS_PWRITE_NOCANCEL = 415
- SYS_WAITID_NOCANCEL = 416
- SYS_POLL_NOCANCEL = 417
- SYS_MSGSND_NOCANCEL = 418
- SYS_MSGRCV_NOCANCEL = 419
- SYS_SEM_WAIT_NOCANCEL = 420
- SYS_AIO_SUSPEND_NOCANCEL = 421
- SYS___SIGWAIT_NOCANCEL = 422
- SYS___SEMWAIT_SIGNAL_NOCANCEL = 423
- SYS___MAC_MOUNT = 424
- SYS___MAC_GET_MOUNT = 425
- SYS___MAC_GETFSSTAT = 426
- SYS_FSGETPATH = 427
- SYS_AUDIT_SESSION_SELF = 428
- SYS_AUDIT_SESSION_JOIN = 429
- SYS_FILEPORT_MAKEPORT = 430
- SYS_FILEPORT_MAKEFD = 431
- SYS_AUDIT_SESSION_PORT = 432
- SYS_PID_SUSPEND = 433
- SYS_PID_RESUME = 434
- SYS_PID_HIBERNATE = 435
- SYS_PID_SHUTDOWN_SOCKETS = 436
- SYS_SHARED_REGION_MAP_AND_SLIDE_NP = 438
- SYS_KAS_INFO = 439
- SYS_MEMORYSTATUS_CONTROL = 440
- SYS_GUARDED_OPEN_NP = 441
- SYS_GUARDED_CLOSE_NP = 442
- SYS_GUARDED_KQUEUE_NP = 443
- SYS_CHANGE_FDGUARD_NP = 444
- SYS_USRCTL = 445
- SYS_PROC_RLIMIT_CONTROL = 446
- SYS_CONNECTX = 447
- SYS_DISCONNECTX = 448
- SYS_PEELOFF = 449
- SYS_SOCKET_DELEGATE = 450
- SYS_TELEMETRY = 451
- SYS_PROC_UUID_POLICY = 452
- SYS_MEMORYSTATUS_GET_LEVEL = 453
- SYS_SYSTEM_OVERRIDE = 454
- SYS_VFS_PURGE = 455
- SYS_SFI_CTL = 456
- SYS_SFI_PIDCTL = 457
- SYS_COALITION = 458
- SYS_COALITION_INFO = 459
- SYS_NECP_MATCH_POLICY = 460
- SYS_GETATTRLISTBULK = 461
- SYS_CLONEFILEAT = 462
- SYS_OPENAT = 463
- SYS_OPENAT_NOCANCEL = 464
- SYS_RENAMEAT = 465
- SYS_FACCESSAT = 466
- SYS_FCHMODAT = 467
- SYS_FCHOWNAT = 468
- SYS_FSTATAT = 469
- SYS_FSTATAT64 = 470
- SYS_LINKAT = 471
- SYS_UNLINKAT = 472
- SYS_READLINKAT = 473
- SYS_SYMLINKAT = 474
- SYS_MKDIRAT = 475
- SYS_GETATTRLISTAT = 476
- SYS_PROC_TRACE_LOG = 477
- SYS_BSDTHREAD_CTL = 478
- SYS_OPENBYID_NP = 479
- SYS_RECVMSG_X = 480
- SYS_SENDMSG_X = 481
- SYS_THREAD_SELFUSAGE = 482
- SYS_CSRCTL = 483
- SYS_GUARDED_OPEN_DPROTECTED_NP = 484
- SYS_GUARDED_WRITE_NP = 485
- SYS_GUARDED_PWRITE_NP = 486
- SYS_GUARDED_WRITEV_NP = 487
- SYS_RENAMEATX_NP = 488
- SYS_MREMAP_ENCRYPTED = 489
- SYS_NETAGENT_TRIGGER = 490
- SYS_STACK_SNAPSHOT_WITH_CONFIG = 491
- SYS_MICROSTACKSHOT = 492
- SYS_GRAB_PGO_DATA = 493
- SYS_PERSONA = 494
- SYS_WORK_INTERVAL_CTL = 499
- SYS_GETENTROPY = 500
- SYS_NECP_OPEN = 501
- SYS_NECP_CLIENT_ACTION = 502
- SYS___NEXUS_OPEN = 503
- SYS___NEXUS_REGISTER = 504
- SYS___NEXUS_DEREGISTER = 505
- SYS___NEXUS_CREATE = 506
- SYS___NEXUS_DESTROY = 507
- SYS___NEXUS_GET_OPT = 508
- SYS___NEXUS_SET_OPT = 509
- SYS___CHANNEL_OPEN = 510
- SYS___CHANNEL_GET_INFO = 511
- SYS___CHANNEL_SYNC = 512
- SYS___CHANNEL_GET_OPT = 513
- SYS___CHANNEL_SET_OPT = 514
- SYS_ULOCK_WAIT = 515
- SYS_ULOCK_WAKE = 516
- SYS_FCLONEFILEAT = 517
- SYS_FS_SNAPSHOT = 518
- SYS_TERMINATE_WITH_PAYLOAD = 520
- SYS_ABORT_WITH_PAYLOAD = 521
- SYS_NECP_SESSION_OPEN = 522
- SYS_NECP_SESSION_ACTION = 523
- SYS_SETATTRLISTAT = 524
- SYS_NET_QOS_GUIDELINE = 525
- SYS_FMOUNT = 526
- SYS_NTP_ADJTIME = 527
- SYS_NTP_GETTIME = 528
- SYS_OS_FAULT_WITH_PAYLOAD = 529
- SYS_MAXSYSCALL = 530
- SYS_INVALID = 63
-)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
index 527b9588..5eb433bb 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS11.1.sdk/usr/include/sys/syscall.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && darwin
// +build arm64,darwin
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
index 9912c6ee..703675c0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://gitweb.dragonflybsd.org/dragonfly.git/blob_plain/HEAD:/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && dragonfly
// +build amd64,dragonfly
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
index 9474974b..59d5dfc2 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://svn.freebsd.org/base/stable/11/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && freebsd
// +build 386,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
index 48a7beae..342d471d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://svn.freebsd.org/base/stable/11/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && freebsd
// +build amd64,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
index 4a6dfd4a..e2e3d72c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://svn.freebsd.org/base/stable/11/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && freebsd
// +build arm,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
index 3e51af8e..61ad5ca3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://svn.freebsd.org/base/stable/11/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && freebsd
// +build arm64,freebsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index f6742bde..fbc59b7f 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include -m32 /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && linux
// +build 386,linux
package unix
@@ -436,4 +437,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index f7e52557..04d16d77 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include -m64 /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && linux
// +build amd64,linux
package unix
@@ -358,4 +359,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 3f60977d..3b1c1051 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && linux
// +build arm,linux
package unix
@@ -400,4 +401,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index dbedf4cb..3198adcf 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include -fsigned-char /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && linux
// +build arm64,linux
package unix
@@ -303,4 +304,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index eeff7e1d..c877ec6e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips && linux
// +build mips,linux
package unix
@@ -421,4 +422,6 @@ const (
SYS_PIDFD_GETFD = 4438
SYS_FACCESSAT2 = 4439
SYS_PROCESS_MADVISE = 4440
+ SYS_EPOLL_PWAIT2 = 4441
+ SYS_MOUNT_SETATTR = 4442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 73cfa535..b5f29037 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && linux
// +build mips64,linux
package unix
@@ -351,4 +352,6 @@ const (
SYS_PIDFD_GETFD = 5438
SYS_FACCESSAT2 = 5439
SYS_PROCESS_MADVISE = 5440
+ SYS_EPOLL_PWAIT2 = 5441
+ SYS_MOUNT_SETATTR = 5442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index be74729e..46077689 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64le && linux
// +build mips64le,linux
package unix
@@ -351,4 +352,6 @@ const (
SYS_PIDFD_GETFD = 5438
SYS_FACCESSAT2 = 5439
SYS_PROCESS_MADVISE = 5440
+ SYS_EPOLL_PWAIT2 = 5441
+ SYS_MOUNT_SETATTR = 5442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 2a1047c8..80e6696b 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mipsle && linux
// +build mipsle,linux
package unix
@@ -421,4 +422,6 @@ const (
SYS_PIDFD_GETFD = 4438
SYS_FACCESSAT2 = 4439
SYS_PROCESS_MADVISE = 4440
+ SYS_EPOLL_PWAIT2 = 4441
+ SYS_MOUNT_SETATTR = 4442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
new file mode 100644
index 00000000..b9d697ff
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -0,0 +1,434 @@
+// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build ppc && linux
+// +build ppc,linux
+
+package unix
+
+const (
+ SYS_RESTART_SYSCALL = 0
+ SYS_EXIT = 1
+ SYS_FORK = 2
+ SYS_READ = 3
+ SYS_WRITE = 4
+ SYS_OPEN = 5
+ SYS_CLOSE = 6
+ SYS_WAITPID = 7
+ SYS_CREAT = 8
+ SYS_LINK = 9
+ SYS_UNLINK = 10
+ SYS_EXECVE = 11
+ SYS_CHDIR = 12
+ SYS_TIME = 13
+ SYS_MKNOD = 14
+ SYS_CHMOD = 15
+ SYS_LCHOWN = 16
+ SYS_BREAK = 17
+ SYS_OLDSTAT = 18
+ SYS_LSEEK = 19
+ SYS_GETPID = 20
+ SYS_MOUNT = 21
+ SYS_UMOUNT = 22
+ SYS_SETUID = 23
+ SYS_GETUID = 24
+ SYS_STIME = 25
+ SYS_PTRACE = 26
+ SYS_ALARM = 27
+ SYS_OLDFSTAT = 28
+ SYS_PAUSE = 29
+ SYS_UTIME = 30
+ SYS_STTY = 31
+ SYS_GTTY = 32
+ SYS_ACCESS = 33
+ SYS_NICE = 34
+ SYS_FTIME = 35
+ SYS_SYNC = 36
+ SYS_KILL = 37
+ SYS_RENAME = 38
+ SYS_MKDIR = 39
+ SYS_RMDIR = 40
+ SYS_DUP = 41
+ SYS_PIPE = 42
+ SYS_TIMES = 43
+ SYS_PROF = 44
+ SYS_BRK = 45
+ SYS_SETGID = 46
+ SYS_GETGID = 47
+ SYS_SIGNAL = 48
+ SYS_GETEUID = 49
+ SYS_GETEGID = 50
+ SYS_ACCT = 51
+ SYS_UMOUNT2 = 52
+ SYS_LOCK = 53
+ SYS_IOCTL = 54
+ SYS_FCNTL = 55
+ SYS_MPX = 56
+ SYS_SETPGID = 57
+ SYS_ULIMIT = 58
+ SYS_OLDOLDUNAME = 59
+ SYS_UMASK = 60
+ SYS_CHROOT = 61
+ SYS_USTAT = 62
+ SYS_DUP2 = 63
+ SYS_GETPPID = 64
+ SYS_GETPGRP = 65
+ SYS_SETSID = 66
+ SYS_SIGACTION = 67
+ SYS_SGETMASK = 68
+ SYS_SSETMASK = 69
+ SYS_SETREUID = 70
+ SYS_SETREGID = 71
+ SYS_SIGSUSPEND = 72
+ SYS_SIGPENDING = 73
+ SYS_SETHOSTNAME = 74
+ SYS_SETRLIMIT = 75
+ SYS_GETRLIMIT = 76
+ SYS_GETRUSAGE = 77
+ SYS_GETTIMEOFDAY = 78
+ SYS_SETTIMEOFDAY = 79
+ SYS_GETGROUPS = 80
+ SYS_SETGROUPS = 81
+ SYS_SELECT = 82
+ SYS_SYMLINK = 83
+ SYS_OLDLSTAT = 84
+ SYS_READLINK = 85
+ SYS_USELIB = 86
+ SYS_SWAPON = 87
+ SYS_REBOOT = 88
+ SYS_READDIR = 89
+ SYS_MMAP = 90
+ SYS_MUNMAP = 91
+ SYS_TRUNCATE = 92
+ SYS_FTRUNCATE = 93
+ SYS_FCHMOD = 94
+ SYS_FCHOWN = 95
+ SYS_GETPRIORITY = 96
+ SYS_SETPRIORITY = 97
+ SYS_PROFIL = 98
+ SYS_STATFS = 99
+ SYS_FSTATFS = 100
+ SYS_IOPERM = 101
+ SYS_SOCKETCALL = 102
+ SYS_SYSLOG = 103
+ SYS_SETITIMER = 104
+ SYS_GETITIMER = 105
+ SYS_STAT = 106
+ SYS_LSTAT = 107
+ SYS_FSTAT = 108
+ SYS_OLDUNAME = 109
+ SYS_IOPL = 110
+ SYS_VHANGUP = 111
+ SYS_IDLE = 112
+ SYS_VM86 = 113
+ SYS_WAIT4 = 114
+ SYS_SWAPOFF = 115
+ SYS_SYSINFO = 116
+ SYS_IPC = 117
+ SYS_FSYNC = 118
+ SYS_SIGRETURN = 119
+ SYS_CLONE = 120
+ SYS_SETDOMAINNAME = 121
+ SYS_UNAME = 122
+ SYS_MODIFY_LDT = 123
+ SYS_ADJTIMEX = 124
+ SYS_MPROTECT = 125
+ SYS_SIGPROCMASK = 126
+ SYS_CREATE_MODULE = 127
+ SYS_INIT_MODULE = 128
+ SYS_DELETE_MODULE = 129
+ SYS_GET_KERNEL_SYMS = 130
+ SYS_QUOTACTL = 131
+ SYS_GETPGID = 132
+ SYS_FCHDIR = 133
+ SYS_BDFLUSH = 134
+ SYS_SYSFS = 135
+ SYS_PERSONALITY = 136
+ SYS_AFS_SYSCALL = 137
+ SYS_SETFSUID = 138
+ SYS_SETFSGID = 139
+ SYS__LLSEEK = 140
+ SYS_GETDENTS = 141
+ SYS__NEWSELECT = 142
+ SYS_FLOCK = 143
+ SYS_MSYNC = 144
+ SYS_READV = 145
+ SYS_WRITEV = 146
+ SYS_GETSID = 147
+ SYS_FDATASYNC = 148
+ SYS__SYSCTL = 149
+ SYS_MLOCK = 150
+ SYS_MUNLOCK = 151
+ SYS_MLOCKALL = 152
+ SYS_MUNLOCKALL = 153
+ SYS_SCHED_SETPARAM = 154
+ SYS_SCHED_GETPARAM = 155
+ SYS_SCHED_SETSCHEDULER = 156
+ SYS_SCHED_GETSCHEDULER = 157
+ SYS_SCHED_YIELD = 158
+ SYS_SCHED_GET_PRIORITY_MAX = 159
+ SYS_SCHED_GET_PRIORITY_MIN = 160
+ SYS_SCHED_RR_GET_INTERVAL = 161
+ SYS_NANOSLEEP = 162
+ SYS_MREMAP = 163
+ SYS_SETRESUID = 164
+ SYS_GETRESUID = 165
+ SYS_QUERY_MODULE = 166
+ SYS_POLL = 167
+ SYS_NFSSERVCTL = 168
+ SYS_SETRESGID = 169
+ SYS_GETRESGID = 170
+ SYS_PRCTL = 171
+ SYS_RT_SIGRETURN = 172
+ SYS_RT_SIGACTION = 173
+ SYS_RT_SIGPROCMASK = 174
+ SYS_RT_SIGPENDING = 175
+ SYS_RT_SIGTIMEDWAIT = 176
+ SYS_RT_SIGQUEUEINFO = 177
+ SYS_RT_SIGSUSPEND = 178
+ SYS_PREAD64 = 179
+ SYS_PWRITE64 = 180
+ SYS_CHOWN = 181
+ SYS_GETCWD = 182
+ SYS_CAPGET = 183
+ SYS_CAPSET = 184
+ SYS_SIGALTSTACK = 185
+ SYS_SENDFILE = 186
+ SYS_GETPMSG = 187
+ SYS_PUTPMSG = 188
+ SYS_VFORK = 189
+ SYS_UGETRLIMIT = 190
+ SYS_READAHEAD = 191
+ SYS_MMAP2 = 192
+ SYS_TRUNCATE64 = 193
+ SYS_FTRUNCATE64 = 194
+ SYS_STAT64 = 195
+ SYS_LSTAT64 = 196
+ SYS_FSTAT64 = 197
+ SYS_PCICONFIG_READ = 198
+ SYS_PCICONFIG_WRITE = 199
+ SYS_PCICONFIG_IOBASE = 200
+ SYS_MULTIPLEXER = 201
+ SYS_GETDENTS64 = 202
+ SYS_PIVOT_ROOT = 203
+ SYS_FCNTL64 = 204
+ SYS_MADVISE = 205
+ SYS_MINCORE = 206
+ SYS_GETTID = 207
+ SYS_TKILL = 208
+ SYS_SETXATTR = 209
+ SYS_LSETXATTR = 210
+ SYS_FSETXATTR = 211
+ SYS_GETXATTR = 212
+ SYS_LGETXATTR = 213
+ SYS_FGETXATTR = 214
+ SYS_LISTXATTR = 215
+ SYS_LLISTXATTR = 216
+ SYS_FLISTXATTR = 217
+ SYS_REMOVEXATTR = 218
+ SYS_LREMOVEXATTR = 219
+ SYS_FREMOVEXATTR = 220
+ SYS_FUTEX = 221
+ SYS_SCHED_SETAFFINITY = 222
+ SYS_SCHED_GETAFFINITY = 223
+ SYS_TUXCALL = 225
+ SYS_SENDFILE64 = 226
+ SYS_IO_SETUP = 227
+ SYS_IO_DESTROY = 228
+ SYS_IO_GETEVENTS = 229
+ SYS_IO_SUBMIT = 230
+ SYS_IO_CANCEL = 231
+ SYS_SET_TID_ADDRESS = 232
+ SYS_FADVISE64 = 233
+ SYS_EXIT_GROUP = 234
+ SYS_LOOKUP_DCOOKIE = 235
+ SYS_EPOLL_CREATE = 236
+ SYS_EPOLL_CTL = 237
+ SYS_EPOLL_WAIT = 238
+ SYS_REMAP_FILE_PAGES = 239
+ SYS_TIMER_CREATE = 240
+ SYS_TIMER_SETTIME = 241
+ SYS_TIMER_GETTIME = 242
+ SYS_TIMER_GETOVERRUN = 243
+ SYS_TIMER_DELETE = 244
+ SYS_CLOCK_SETTIME = 245
+ SYS_CLOCK_GETTIME = 246
+ SYS_CLOCK_GETRES = 247
+ SYS_CLOCK_NANOSLEEP = 248
+ SYS_SWAPCONTEXT = 249
+ SYS_TGKILL = 250
+ SYS_UTIMES = 251
+ SYS_STATFS64 = 252
+ SYS_FSTATFS64 = 253
+ SYS_FADVISE64_64 = 254
+ SYS_RTAS = 255
+ SYS_SYS_DEBUG_SETCONTEXT = 256
+ SYS_MIGRATE_PAGES = 258
+ SYS_MBIND = 259
+ SYS_GET_MEMPOLICY = 260
+ SYS_SET_MEMPOLICY = 261
+ SYS_MQ_OPEN = 262
+ SYS_MQ_UNLINK = 263
+ SYS_MQ_TIMEDSEND = 264
+ SYS_MQ_TIMEDRECEIVE = 265
+ SYS_MQ_NOTIFY = 266
+ SYS_MQ_GETSETATTR = 267
+ SYS_KEXEC_LOAD = 268
+ SYS_ADD_KEY = 269
+ SYS_REQUEST_KEY = 270
+ SYS_KEYCTL = 271
+ SYS_WAITID = 272
+ SYS_IOPRIO_SET = 273
+ SYS_IOPRIO_GET = 274
+ SYS_INOTIFY_INIT = 275
+ SYS_INOTIFY_ADD_WATCH = 276
+ SYS_INOTIFY_RM_WATCH = 277
+ SYS_SPU_RUN = 278
+ SYS_SPU_CREATE = 279
+ SYS_PSELECT6 = 280
+ SYS_PPOLL = 281
+ SYS_UNSHARE = 282
+ SYS_SPLICE = 283
+ SYS_TEE = 284
+ SYS_VMSPLICE = 285
+ SYS_OPENAT = 286
+ SYS_MKDIRAT = 287
+ SYS_MKNODAT = 288
+ SYS_FCHOWNAT = 289
+ SYS_FUTIMESAT = 290
+ SYS_FSTATAT64 = 291
+ SYS_UNLINKAT = 292
+ SYS_RENAMEAT = 293
+ SYS_LINKAT = 294
+ SYS_SYMLINKAT = 295
+ SYS_READLINKAT = 296
+ SYS_FCHMODAT = 297
+ SYS_FACCESSAT = 298
+ SYS_GET_ROBUST_LIST = 299
+ SYS_SET_ROBUST_LIST = 300
+ SYS_MOVE_PAGES = 301
+ SYS_GETCPU = 302
+ SYS_EPOLL_PWAIT = 303
+ SYS_UTIMENSAT = 304
+ SYS_SIGNALFD = 305
+ SYS_TIMERFD_CREATE = 306
+ SYS_EVENTFD = 307
+ SYS_SYNC_FILE_RANGE2 = 308
+ SYS_FALLOCATE = 309
+ SYS_SUBPAGE_PROT = 310
+ SYS_TIMERFD_SETTIME = 311
+ SYS_TIMERFD_GETTIME = 312
+ SYS_SIGNALFD4 = 313
+ SYS_EVENTFD2 = 314
+ SYS_EPOLL_CREATE1 = 315
+ SYS_DUP3 = 316
+ SYS_PIPE2 = 317
+ SYS_INOTIFY_INIT1 = 318
+ SYS_PERF_EVENT_OPEN = 319
+ SYS_PREADV = 320
+ SYS_PWRITEV = 321
+ SYS_RT_TGSIGQUEUEINFO = 322
+ SYS_FANOTIFY_INIT = 323
+ SYS_FANOTIFY_MARK = 324
+ SYS_PRLIMIT64 = 325
+ SYS_SOCKET = 326
+ SYS_BIND = 327
+ SYS_CONNECT = 328
+ SYS_LISTEN = 329
+ SYS_ACCEPT = 330
+ SYS_GETSOCKNAME = 331
+ SYS_GETPEERNAME = 332
+ SYS_SOCKETPAIR = 333
+ SYS_SEND = 334
+ SYS_SENDTO = 335
+ SYS_RECV = 336
+ SYS_RECVFROM = 337
+ SYS_SHUTDOWN = 338
+ SYS_SETSOCKOPT = 339
+ SYS_GETSOCKOPT = 340
+ SYS_SENDMSG = 341
+ SYS_RECVMSG = 342
+ SYS_RECVMMSG = 343
+ SYS_ACCEPT4 = 344
+ SYS_NAME_TO_HANDLE_AT = 345
+ SYS_OPEN_BY_HANDLE_AT = 346
+ SYS_CLOCK_ADJTIME = 347
+ SYS_SYNCFS = 348
+ SYS_SENDMMSG = 349
+ SYS_SETNS = 350
+ SYS_PROCESS_VM_READV = 351
+ SYS_PROCESS_VM_WRITEV = 352
+ SYS_FINIT_MODULE = 353
+ SYS_KCMP = 354
+ SYS_SCHED_SETATTR = 355
+ SYS_SCHED_GETATTR = 356
+ SYS_RENAMEAT2 = 357
+ SYS_SECCOMP = 358
+ SYS_GETRANDOM = 359
+ SYS_MEMFD_CREATE = 360
+ SYS_BPF = 361
+ SYS_EXECVEAT = 362
+ SYS_SWITCH_ENDIAN = 363
+ SYS_USERFAULTFD = 364
+ SYS_MEMBARRIER = 365
+ SYS_MLOCK2 = 378
+ SYS_COPY_FILE_RANGE = 379
+ SYS_PREADV2 = 380
+ SYS_PWRITEV2 = 381
+ SYS_KEXEC_FILE_LOAD = 382
+ SYS_STATX = 383
+ SYS_PKEY_ALLOC = 384
+ SYS_PKEY_FREE = 385
+ SYS_PKEY_MPROTECT = 386
+ SYS_RSEQ = 387
+ SYS_IO_PGETEVENTS = 388
+ SYS_SEMGET = 393
+ SYS_SEMCTL = 394
+ SYS_SHMGET = 395
+ SYS_SHMCTL = 396
+ SYS_SHMAT = 397
+ SYS_SHMDT = 398
+ SYS_MSGGET = 399
+ SYS_MSGSND = 400
+ SYS_MSGRCV = 401
+ SYS_MSGCTL = 402
+ SYS_CLOCK_GETTIME64 = 403
+ SYS_CLOCK_SETTIME64 = 404
+ SYS_CLOCK_ADJTIME64 = 405
+ SYS_CLOCK_GETRES_TIME64 = 406
+ SYS_CLOCK_NANOSLEEP_TIME64 = 407
+ SYS_TIMER_GETTIME64 = 408
+ SYS_TIMER_SETTIME64 = 409
+ SYS_TIMERFD_GETTIME64 = 410
+ SYS_TIMERFD_SETTIME64 = 411
+ SYS_UTIMENSAT_TIME64 = 412
+ SYS_PSELECT6_TIME64 = 413
+ SYS_PPOLL_TIME64 = 414
+ SYS_IO_PGETEVENTS_TIME64 = 416
+ SYS_RECVMMSG_TIME64 = 417
+ SYS_MQ_TIMEDSEND_TIME64 = 418
+ SYS_MQ_TIMEDRECEIVE_TIME64 = 419
+ SYS_SEMTIMEDOP_TIME64 = 420
+ SYS_RT_SIGTIMEDWAIT_TIME64 = 421
+ SYS_FUTEX_TIME64 = 422
+ SYS_SCHED_RR_GET_INTERVAL_TIME64 = 423
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index 32707428..08edc54d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64 && linux
// +build ppc64,linux
package unix
@@ -400,4 +401,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index a58572f7..33b33b08 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64le && linux
// +build ppc64le,linux
package unix
@@ -400,4 +401,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 72a65b76..66c8a8e0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build riscv64 && linux
// +build riscv64,linux
package unix
@@ -302,4 +303,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 1fb9ae5d..aea5760c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include -fsigned-char /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build s390x && linux
// +build s390x,linux
package unix
@@ -365,4 +366,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 57636e09..488ca848 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -1,6 +1,7 @@
// go run linux/mksysnum.go -Wall -Werror -static -I/tmp/include /tmp/include/asm/unistd.h
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build sparc64 && linux
// +build sparc64,linux
package unix
@@ -379,4 +380,6 @@ const (
SYS_PIDFD_GETFD = 438
SYS_FACCESSAT2 = 439
SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
index e66a8c9d..3a6699eb 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
@@ -1,6 +1,7 @@
// go run mksysnum.go http://cvsweb.netbsd.org/bsdweb.cgi/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && netbsd
// +build 386,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
index 42c788f2..5677cd4f 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go http://cvsweb.netbsd.org/bsdweb.cgi/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && netbsd
// +build amd64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
index 0a075717..e784cb6d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
@@ -1,6 +1,7 @@
// go run mksysnum.go http://cvsweb.netbsd.org/bsdweb.cgi/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && netbsd
// +build arm,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
index 0291c093..bd4952ef 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go http://cvsweb.netbsd.org/bsdweb.cgi/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; DO NOT EDIT.
+//go:build arm64 && netbsd
// +build arm64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
index b0207d1c..817edbf9 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && openbsd
// +build 386,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
index f0dec6f0..ea453614 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && openbsd
// +build amd64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
index 33d1dc54..467971ee 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && openbsd
// +build arm,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
index fe2b689b..32eec5ed 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && openbsd
// +build arm64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
index 5c08d573..a37f7737 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
@@ -1,6 +1,7 @@
// go run mksysnum.go https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/sys/kern/syscalls.master
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && openbsd
// +build mips64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
new file mode 100644
index 00000000..073daad4
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
@@ -0,0 +1,2670 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+package unix
+
+// TODO: auto-generate.
+
+const (
+ SYS_ACOSD128 = 0xB80
+ SYS_ACOSD32 = 0xB7E
+ SYS_ACOSD64 = 0xB7F
+ SYS_ACOSHD128 = 0xB83
+ SYS_ACOSHD32 = 0xB81
+ SYS_ACOSHD64 = 0xB82
+ SYS_AIO_FSYNC = 0xC69
+ SYS_ASCTIME = 0x0AE
+ SYS_ASCTIME64 = 0xCD7
+ SYS_ASCTIME64_R = 0xCD8
+ SYS_ASIND128 = 0xB86
+ SYS_ASIND32 = 0xB84
+ SYS_ASIND64 = 0xB85
+ SYS_ASINHD128 = 0xB89
+ SYS_ASINHD32 = 0xB87
+ SYS_ASINHD64 = 0xB88
+ SYS_ATAN2D128 = 0xB8F
+ SYS_ATAN2D32 = 0xB8D
+ SYS_ATAN2D64 = 0xB8E
+ SYS_ATAND128 = 0xB8C
+ SYS_ATAND32 = 0xB8A
+ SYS_ATAND64 = 0xB8B
+ SYS_ATANHD128 = 0xB92
+ SYS_ATANHD32 = 0xB90
+ SYS_ATANHD64 = 0xB91
+ SYS_BIND2ADDRSEL = 0xD59
+ SYS_C16RTOMB = 0xD40
+ SYS_C32RTOMB = 0xD41
+ SYS_CBRTD128 = 0xB95
+ SYS_CBRTD32 = 0xB93
+ SYS_CBRTD64 = 0xB94
+ SYS_CEILD128 = 0xB98
+ SYS_CEILD32 = 0xB96
+ SYS_CEILD64 = 0xB97
+ SYS_CLEARENV = 0x0C9
+ SYS_CLEARERR_UNLOCKED = 0xCA1
+ SYS_CLOCK = 0x0AA
+ SYS_CLOGL = 0xA00
+ SYS_CLRMEMF = 0x0BD
+ SYS_CONJ = 0xA03
+ SYS_CONJF = 0xA06
+ SYS_CONJL = 0xA09
+ SYS_COPYSIGND128 = 0xB9E
+ SYS_COPYSIGND32 = 0xB9C
+ SYS_COPYSIGND64 = 0xB9D
+ SYS_COSD128 = 0xBA1
+ SYS_COSD32 = 0xB9F
+ SYS_COSD64 = 0xBA0
+ SYS_COSHD128 = 0xBA4
+ SYS_COSHD32 = 0xBA2
+ SYS_COSHD64 = 0xBA3
+ SYS_CPOW = 0xA0C
+ SYS_CPOWF = 0xA0F
+ SYS_CPOWL = 0xA12
+ SYS_CPROJ = 0xA15
+ SYS_CPROJF = 0xA18
+ SYS_CPROJL = 0xA1B
+ SYS_CREAL = 0xA1E
+ SYS_CREALF = 0xA21
+ SYS_CREALL = 0xA24
+ SYS_CSIN = 0xA27
+ SYS_CSINF = 0xA2A
+ SYS_CSINH = 0xA30
+ SYS_CSINHF = 0xA33
+ SYS_CSINHL = 0xA36
+ SYS_CSINL = 0xA2D
+ SYS_CSNAP = 0x0C5
+ SYS_CSQRT = 0xA39
+ SYS_CSQRTF = 0xA3C
+ SYS_CSQRTL = 0xA3F
+ SYS_CTAN = 0xA42
+ SYS_CTANF = 0xA45
+ SYS_CTANH = 0xA4B
+ SYS_CTANHF = 0xA4E
+ SYS_CTANHL = 0xA51
+ SYS_CTANL = 0xA48
+ SYS_CTIME = 0x0AB
+ SYS_CTIME64 = 0xCD9
+ SYS_CTIME64_R = 0xCDA
+ SYS_CTRACE = 0x0C6
+ SYS_DIFFTIME = 0x0A7
+ SYS_DIFFTIME64 = 0xCDB
+ SYS_DLADDR = 0xC82
+ SYS_DYNALLOC = 0x0C3
+ SYS_DYNFREE = 0x0C2
+ SYS_ERFCD128 = 0xBAA
+ SYS_ERFCD32 = 0xBA8
+ SYS_ERFCD64 = 0xBA9
+ SYS_ERFD128 = 0xBA7
+ SYS_ERFD32 = 0xBA5
+ SYS_ERFD64 = 0xBA6
+ SYS_EXP2D128 = 0xBB0
+ SYS_EXP2D32 = 0xBAE
+ SYS_EXP2D64 = 0xBAF
+ SYS_EXPD128 = 0xBAD
+ SYS_EXPD32 = 0xBAB
+ SYS_EXPD64 = 0xBAC
+ SYS_EXPM1D128 = 0xBB3
+ SYS_EXPM1D32 = 0xBB1
+ SYS_EXPM1D64 = 0xBB2
+ SYS_FABSD128 = 0xBB6
+ SYS_FABSD32 = 0xBB4
+ SYS_FABSD64 = 0xBB5
+ SYS_FDELREC_UNLOCKED = 0xCA2
+ SYS_FDIMD128 = 0xBB9
+ SYS_FDIMD32 = 0xBB7
+ SYS_FDIMD64 = 0xBB8
+ SYS_FDOPEN_UNLOCKED = 0xCFC
+ SYS_FECLEAREXCEPT = 0xAEA
+ SYS_FEGETENV = 0xAEB
+ SYS_FEGETEXCEPTFLAG = 0xAEC
+ SYS_FEGETROUND = 0xAED
+ SYS_FEHOLDEXCEPT = 0xAEE
+ SYS_FEOF_UNLOCKED = 0xCA3
+ SYS_FERAISEEXCEPT = 0xAEF
+ SYS_FERROR_UNLOCKED = 0xCA4
+ SYS_FESETENV = 0xAF0
+ SYS_FESETEXCEPTFLAG = 0xAF1
+ SYS_FESETROUND = 0xAF2
+ SYS_FETCHEP = 0x0BF
+ SYS_FETESTEXCEPT = 0xAF3
+ SYS_FEUPDATEENV = 0xAF4
+ SYS_FE_DEC_GETROUND = 0xBBA
+ SYS_FE_DEC_SETROUND = 0xBBB
+ SYS_FFLUSH_UNLOCKED = 0xCA5
+ SYS_FGETC_UNLOCKED = 0xC80
+ SYS_FGETPOS64 = 0xCEE
+ SYS_FGETPOS64_UNLOCKED = 0xCF4
+ SYS_FGETPOS_UNLOCKED = 0xCA6
+ SYS_FGETS_UNLOCKED = 0xC7C
+ SYS_FGETWC_UNLOCKED = 0xCA7
+ SYS_FGETWS_UNLOCKED = 0xCA8
+ SYS_FILENO_UNLOCKED = 0xCA9
+ SYS_FLDATA = 0x0C1
+ SYS_FLDATA_UNLOCKED = 0xCAA
+ SYS_FLOCATE_UNLOCKED = 0xCAB
+ SYS_FLOORD128 = 0xBBE
+ SYS_FLOORD32 = 0xBBC
+ SYS_FLOORD64 = 0xBBD
+ SYS_FMA = 0xA63
+ SYS_FMAD128 = 0xBC1
+ SYS_FMAD32 = 0xBBF
+ SYS_FMAD64 = 0xBC0
+ SYS_FMAF = 0xA66
+ SYS_FMAL = 0xA69
+ SYS_FMAX = 0xA6C
+ SYS_FMAXD128 = 0xBC4
+ SYS_FMAXD32 = 0xBC2
+ SYS_FMAXD64 = 0xBC3
+ SYS_FMAXF = 0xA6F
+ SYS_FMAXL = 0xA72
+ SYS_FMIN = 0xA75
+ SYS_FMIND128 = 0xBC7
+ SYS_FMIND32 = 0xBC5
+ SYS_FMIND64 = 0xBC6
+ SYS_FMINF = 0xA78
+ SYS_FMINL = 0xA7B
+ SYS_FMODD128 = 0xBCA
+ SYS_FMODD32 = 0xBC8
+ SYS_FMODD64 = 0xBC9
+ SYS_FOPEN64 = 0xD49
+ SYS_FOPEN64_UNLOCKED = 0xD4A
+ SYS_FOPEN_UNLOCKED = 0xCFA
+ SYS_FPRINTF_UNLOCKED = 0xCAC
+ SYS_FPUTC_UNLOCKED = 0xC81
+ SYS_FPUTS_UNLOCKED = 0xC7E
+ SYS_FPUTWC_UNLOCKED = 0xCAD
+ SYS_FPUTWS_UNLOCKED = 0xCAE
+ SYS_FREAD_NOUPDATE = 0xCEC
+ SYS_FREAD_NOUPDATE_UNLOCKED = 0xCED
+ SYS_FREAD_UNLOCKED = 0xC7B
+ SYS_FREEIFADDRS = 0xCE6
+ SYS_FREOPEN64 = 0xD4B
+ SYS_FREOPEN64_UNLOCKED = 0xD4C
+ SYS_FREOPEN_UNLOCKED = 0xCFB
+ SYS_FREXPD128 = 0xBCE
+ SYS_FREXPD32 = 0xBCC
+ SYS_FREXPD64 = 0xBCD
+ SYS_FSCANF_UNLOCKED = 0xCAF
+ SYS_FSEEK64 = 0xCEF
+ SYS_FSEEK64_UNLOCKED = 0xCF5
+ SYS_FSEEKO64 = 0xCF0
+ SYS_FSEEKO64_UNLOCKED = 0xCF6
+ SYS_FSEEKO_UNLOCKED = 0xCB1
+ SYS_FSEEK_UNLOCKED = 0xCB0
+ SYS_FSETPOS64 = 0xCF1
+ SYS_FSETPOS64_UNLOCKED = 0xCF7
+ SYS_FSETPOS_UNLOCKED = 0xCB3
+ SYS_FTELL64 = 0xCF2
+ SYS_FTELL64_UNLOCKED = 0xCF8
+ SYS_FTELLO64 = 0xCF3
+ SYS_FTELLO64_UNLOCKED = 0xCF9
+ SYS_FTELLO_UNLOCKED = 0xCB5
+ SYS_FTELL_UNLOCKED = 0xCB4
+ SYS_FUPDATE = 0x0B5
+ SYS_FUPDATE_UNLOCKED = 0xCB7
+ SYS_FWIDE_UNLOCKED = 0xCB8
+ SYS_FWPRINTF_UNLOCKED = 0xCB9
+ SYS_FWRITE_UNLOCKED = 0xC7A
+ SYS_FWSCANF_UNLOCKED = 0xCBA
+ SYS_GETDATE64 = 0xD4F
+ SYS_GETIFADDRS = 0xCE7
+ SYS_GETIPV4SOURCEFILTER = 0xC77
+ SYS_GETSOURCEFILTER = 0xC79
+ SYS_GETSYNTX = 0x0FD
+ SYS_GETS_UNLOCKED = 0xC7D
+ SYS_GETTIMEOFDAY64 = 0xD50
+ SYS_GETWCHAR_UNLOCKED = 0xCBC
+ SYS_GETWC_UNLOCKED = 0xCBB
+ SYS_GMTIME = 0x0B0
+ SYS_GMTIME64 = 0xCDC
+ SYS_GMTIME64_R = 0xCDD
+ SYS_HYPOTD128 = 0xBD1
+ SYS_HYPOTD32 = 0xBCF
+ SYS_HYPOTD64 = 0xBD0
+ SYS_ILOGBD128 = 0xBD4
+ SYS_ILOGBD32 = 0xBD2
+ SYS_ILOGBD64 = 0xBD3
+ SYS_ILOGBF = 0xA7E
+ SYS_ILOGBL = 0xA81
+ SYS_INET6_IS_SRCADDR = 0xD5A
+ SYS_ISBLANK = 0x0FE
+ SYS_ISWALNUM = 0x0FF
+ SYS_LDEXPD128 = 0xBD7
+ SYS_LDEXPD32 = 0xBD5
+ SYS_LDEXPD64 = 0xBD6
+ SYS_LGAMMAD128 = 0xBDA
+ SYS_LGAMMAD32 = 0xBD8
+ SYS_LGAMMAD64 = 0xBD9
+ SYS_LIO_LISTIO = 0xC6A
+ SYS_LLRINT = 0xA84
+ SYS_LLRINTD128 = 0xBDD
+ SYS_LLRINTD32 = 0xBDB
+ SYS_LLRINTD64 = 0xBDC
+ SYS_LLRINTF = 0xA87
+ SYS_LLRINTL = 0xA8A
+ SYS_LLROUND = 0xA8D
+ SYS_LLROUNDD128 = 0xBE0
+ SYS_LLROUNDD32 = 0xBDE
+ SYS_LLROUNDD64 = 0xBDF
+ SYS_LLROUNDF = 0xA90
+ SYS_LLROUNDL = 0xA93
+ SYS_LOCALTIM = 0x0B1
+ SYS_LOCALTIME = 0x0B1
+ SYS_LOCALTIME64 = 0xCDE
+ SYS_LOCALTIME64_R = 0xCDF
+ SYS_LOG10D128 = 0xBE6
+ SYS_LOG10D32 = 0xBE4
+ SYS_LOG10D64 = 0xBE5
+ SYS_LOG1PD128 = 0xBE9
+ SYS_LOG1PD32 = 0xBE7
+ SYS_LOG1PD64 = 0xBE8
+ SYS_LOG2D128 = 0xBEC
+ SYS_LOG2D32 = 0xBEA
+ SYS_LOG2D64 = 0xBEB
+ SYS_LOGBD128 = 0xBEF
+ SYS_LOGBD32 = 0xBED
+ SYS_LOGBD64 = 0xBEE
+ SYS_LOGBF = 0xA96
+ SYS_LOGBL = 0xA99
+ SYS_LOGD128 = 0xBE3
+ SYS_LOGD32 = 0xBE1
+ SYS_LOGD64 = 0xBE2
+ SYS_LRINT = 0xA9C
+ SYS_LRINTD128 = 0xBF2
+ SYS_LRINTD32 = 0xBF0
+ SYS_LRINTD64 = 0xBF1
+ SYS_LRINTF = 0xA9F
+ SYS_LRINTL = 0xAA2
+ SYS_LROUNDD128 = 0xBF5
+ SYS_LROUNDD32 = 0xBF3
+ SYS_LROUNDD64 = 0xBF4
+ SYS_LROUNDL = 0xAA5
+ SYS_MBLEN = 0x0AF
+ SYS_MBRTOC16 = 0xD42
+ SYS_MBRTOC32 = 0xD43
+ SYS_MEMSET = 0x0A3
+ SYS_MKTIME = 0x0AC
+ SYS_MKTIME64 = 0xCE0
+ SYS_MODFD128 = 0xBF8
+ SYS_MODFD32 = 0xBF6
+ SYS_MODFD64 = 0xBF7
+ SYS_NAN = 0xAA8
+ SYS_NAND128 = 0xBFB
+ SYS_NAND32 = 0xBF9
+ SYS_NAND64 = 0xBFA
+ SYS_NANF = 0xAAA
+ SYS_NANL = 0xAAC
+ SYS_NEARBYINT = 0xAAE
+ SYS_NEARBYINTD128 = 0xBFE
+ SYS_NEARBYINTD32 = 0xBFC
+ SYS_NEARBYINTD64 = 0xBFD
+ SYS_NEARBYINTF = 0xAB1
+ SYS_NEARBYINTL = 0xAB4
+ SYS_NEXTAFTERD128 = 0xC01
+ SYS_NEXTAFTERD32 = 0xBFF
+ SYS_NEXTAFTERD64 = 0xC00
+ SYS_NEXTAFTERF = 0xAB7
+ SYS_NEXTAFTERL = 0xABA
+ SYS_NEXTTOWARD = 0xABD
+ SYS_NEXTTOWARDD128 = 0xC04
+ SYS_NEXTTOWARDD32 = 0xC02
+ SYS_NEXTTOWARDD64 = 0xC03
+ SYS_NEXTTOWARDF = 0xAC0
+ SYS_NEXTTOWARDL = 0xAC3
+ SYS_NL_LANGINFO = 0x0FC
+ SYS_PERROR_UNLOCKED = 0xCBD
+ SYS_POSIX_FALLOCATE = 0xCE8
+ SYS_POSIX_MEMALIGN = 0xCE9
+ SYS_POSIX_OPENPT = 0xC66
+ SYS_POWD128 = 0xC07
+ SYS_POWD32 = 0xC05
+ SYS_POWD64 = 0xC06
+ SYS_PRINTF_UNLOCKED = 0xCBE
+ SYS_PSELECT = 0xC67
+ SYS_PTHREAD_ATTR_GETSTACK = 0xB3E
+ SYS_PTHREAD_ATTR_SETSTACK = 0xB3F
+ SYS_PTHREAD_SECURITY_APPLID_NP = 0xCE4
+ SYS_PUTS_UNLOCKED = 0xC7F
+ SYS_PUTWCHAR_UNLOCKED = 0xCC0
+ SYS_PUTWC_UNLOCKED = 0xCBF
+ SYS_QUANTEXPD128 = 0xD46
+ SYS_QUANTEXPD32 = 0xD44
+ SYS_QUANTEXPD64 = 0xD45
+ SYS_QUANTIZED128 = 0xC0A
+ SYS_QUANTIZED32 = 0xC08
+ SYS_QUANTIZED64 = 0xC09
+ SYS_REMAINDERD128 = 0xC0D
+ SYS_REMAINDERD32 = 0xC0B
+ SYS_REMAINDERD64 = 0xC0C
+ SYS_RESIZE_ALLOC = 0xCEB
+ SYS_REWIND_UNLOCKED = 0xCC1
+ SYS_RINTD128 = 0xC13
+ SYS_RINTD32 = 0xC11
+ SYS_RINTD64 = 0xC12
+ SYS_RINTF = 0xACB
+ SYS_RINTL = 0xACD
+ SYS_ROUND = 0xACF
+ SYS_ROUNDD128 = 0xC16
+ SYS_ROUNDD32 = 0xC14
+ SYS_ROUNDD64 = 0xC15
+ SYS_ROUNDF = 0xAD2
+ SYS_ROUNDL = 0xAD5
+ SYS_SAMEQUANTUMD128 = 0xC19
+ SYS_SAMEQUANTUMD32 = 0xC17
+ SYS_SAMEQUANTUMD64 = 0xC18
+ SYS_SCALBLN = 0xAD8
+ SYS_SCALBLND128 = 0xC1C
+ SYS_SCALBLND32 = 0xC1A
+ SYS_SCALBLND64 = 0xC1B
+ SYS_SCALBLNF = 0xADB
+ SYS_SCALBLNL = 0xADE
+ SYS_SCALBND128 = 0xC1F
+ SYS_SCALBND32 = 0xC1D
+ SYS_SCALBND64 = 0xC1E
+ SYS_SCALBNF = 0xAE3
+ SYS_SCALBNL = 0xAE6
+ SYS_SCANF_UNLOCKED = 0xCC2
+ SYS_SCHED_YIELD = 0xB32
+ SYS_SETENV = 0x0C8
+ SYS_SETIPV4SOURCEFILTER = 0xC76
+ SYS_SETSOURCEFILTER = 0xC78
+ SYS_SHM_OPEN = 0xC8C
+ SYS_SHM_UNLINK = 0xC8D
+ SYS_SIND128 = 0xC22
+ SYS_SIND32 = 0xC20
+ SYS_SIND64 = 0xC21
+ SYS_SINHD128 = 0xC25
+ SYS_SINHD32 = 0xC23
+ SYS_SINHD64 = 0xC24
+ SYS_SIZEOF_ALLOC = 0xCEA
+ SYS_SOCKATMARK = 0xC68
+ SYS_SQRTD128 = 0xC28
+ SYS_SQRTD32 = 0xC26
+ SYS_SQRTD64 = 0xC27
+ SYS_STRCHR = 0x0A0
+ SYS_STRCSPN = 0x0A1
+ SYS_STRERROR = 0x0A8
+ SYS_STRERROR_R = 0xB33
+ SYS_STRFTIME = 0x0B2
+ SYS_STRLEN = 0x0A9
+ SYS_STRPBRK = 0x0A2
+ SYS_STRSPN = 0x0A4
+ SYS_STRSTR = 0x0A5
+ SYS_STRTOD128 = 0xC2B
+ SYS_STRTOD32 = 0xC29
+ SYS_STRTOD64 = 0xC2A
+ SYS_STRTOK = 0x0A6
+ SYS_TAND128 = 0xC2E
+ SYS_TAND32 = 0xC2C
+ SYS_TAND64 = 0xC2D
+ SYS_TANHD128 = 0xC31
+ SYS_TANHD32 = 0xC2F
+ SYS_TANHD64 = 0xC30
+ SYS_TGAMMAD128 = 0xC34
+ SYS_TGAMMAD32 = 0xC32
+ SYS_TGAMMAD64 = 0xC33
+ SYS_TIME = 0x0AD
+ SYS_TIME64 = 0xCE1
+ SYS_TMPFILE64 = 0xD4D
+ SYS_TMPFILE64_UNLOCKED = 0xD4E
+ SYS_TMPFILE_UNLOCKED = 0xCFD
+ SYS_TRUNCD128 = 0xC40
+ SYS_TRUNCD32 = 0xC3E
+ SYS_TRUNCD64 = 0xC3F
+ SYS_UNGETC_UNLOCKED = 0xCC3
+ SYS_UNGETWC_UNLOCKED = 0xCC4
+ SYS_UNSETENV = 0xB34
+ SYS_VFPRINTF_UNLOCKED = 0xCC5
+ SYS_VFSCANF_UNLOCKED = 0xCC7
+ SYS_VFWPRINTF_UNLOCKED = 0xCC9
+ SYS_VFWSCANF_UNLOCKED = 0xCCB
+ SYS_VPRINTF_UNLOCKED = 0xCCD
+ SYS_VSCANF_UNLOCKED = 0xCCF
+ SYS_VWPRINTF_UNLOCKED = 0xCD1
+ SYS_VWSCANF_UNLOCKED = 0xCD3
+ SYS_WCSTOD128 = 0xC43
+ SYS_WCSTOD32 = 0xC41
+ SYS_WCSTOD64 = 0xC42
+ SYS_WPRINTF_UNLOCKED = 0xCD5
+ SYS_WSCANF_UNLOCKED = 0xCD6
+ SYS__FLUSHLBF = 0xD68
+ SYS__FLUSHLBF_UNLOCKED = 0xD6F
+ SYS___ACOSHF_H = 0xA54
+ SYS___ACOSHL_H = 0xA55
+ SYS___ASINHF_H = 0xA56
+ SYS___ASINHL_H = 0xA57
+ SYS___ATANPID128 = 0xC6D
+ SYS___ATANPID32 = 0xC6B
+ SYS___ATANPID64 = 0xC6C
+ SYS___CBRTF_H = 0xA58
+ SYS___CBRTL_H = 0xA59
+ SYS___CDUMP = 0x0C4
+ SYS___CLASS = 0xAFA
+ SYS___CLASS2 = 0xB99
+ SYS___CLASS2D128 = 0xC99
+ SYS___CLASS2D32 = 0xC97
+ SYS___CLASS2D64 = 0xC98
+ SYS___CLASS2F = 0xC91
+ SYS___CLASS2F_B = 0xC93
+ SYS___CLASS2F_H = 0xC94
+ SYS___CLASS2L = 0xC92
+ SYS___CLASS2L_B = 0xC95
+ SYS___CLASS2L_H = 0xC96
+ SYS___CLASS2_B = 0xB9A
+ SYS___CLASS2_H = 0xB9B
+ SYS___CLASS_B = 0xAFB
+ SYS___CLASS_H = 0xAFC
+ SYS___CLOGL_B = 0xA01
+ SYS___CLOGL_H = 0xA02
+ SYS___CLRENV = 0x0C9
+ SYS___CLRMF = 0x0BD
+ SYS___CODEPAGE_INFO = 0xC64
+ SYS___CONJF_B = 0xA07
+ SYS___CONJF_H = 0xA08
+ SYS___CONJL_B = 0xA0A
+ SYS___CONJL_H = 0xA0B
+ SYS___CONJ_B = 0xA04
+ SYS___CONJ_H = 0xA05
+ SYS___COPYSIGN_B = 0xA5A
+ SYS___COPYSIGN_H = 0xAF5
+ SYS___COSPID128 = 0xC70
+ SYS___COSPID32 = 0xC6E
+ SYS___COSPID64 = 0xC6F
+ SYS___CPOWF_B = 0xA10
+ SYS___CPOWF_H = 0xA11
+ SYS___CPOWL_B = 0xA13
+ SYS___CPOWL_H = 0xA14
+ SYS___CPOW_B = 0xA0D
+ SYS___CPOW_H = 0xA0E
+ SYS___CPROJF_B = 0xA19
+ SYS___CPROJF_H = 0xA1A
+ SYS___CPROJL_B = 0xA1C
+ SYS___CPROJL_H = 0xA1D
+ SYS___CPROJ_B = 0xA16
+ SYS___CPROJ_H = 0xA17
+ SYS___CREALF_B = 0xA22
+ SYS___CREALF_H = 0xA23
+ SYS___CREALL_B = 0xA25
+ SYS___CREALL_H = 0xA26
+ SYS___CREAL_B = 0xA1F
+ SYS___CREAL_H = 0xA20
+ SYS___CSINF_B = 0xA2B
+ SYS___CSINF_H = 0xA2C
+ SYS___CSINHF_B = 0xA34
+ SYS___CSINHF_H = 0xA35
+ SYS___CSINHL_B = 0xA37
+ SYS___CSINHL_H = 0xA38
+ SYS___CSINH_B = 0xA31
+ SYS___CSINH_H = 0xA32
+ SYS___CSINL_B = 0xA2E
+ SYS___CSINL_H = 0xA2F
+ SYS___CSIN_B = 0xA28
+ SYS___CSIN_H = 0xA29
+ SYS___CSNAP = 0x0C5
+ SYS___CSQRTF_B = 0xA3D
+ SYS___CSQRTF_H = 0xA3E
+ SYS___CSQRTL_B = 0xA40
+ SYS___CSQRTL_H = 0xA41
+ SYS___CSQRT_B = 0xA3A
+ SYS___CSQRT_H = 0xA3B
+ SYS___CTANF_B = 0xA46
+ SYS___CTANF_H = 0xA47
+ SYS___CTANHF_B = 0xA4F
+ SYS___CTANHF_H = 0xA50
+ SYS___CTANHL_B = 0xA52
+ SYS___CTANHL_H = 0xA53
+ SYS___CTANH_B = 0xA4C
+ SYS___CTANH_H = 0xA4D
+ SYS___CTANL_B = 0xA49
+ SYS___CTANL_H = 0xA4A
+ SYS___CTAN_B = 0xA43
+ SYS___CTAN_H = 0xA44
+ SYS___CTEST = 0x0C7
+ SYS___CTRACE = 0x0C6
+ SYS___D1TOP = 0xC9B
+ SYS___D2TOP = 0xC9C
+ SYS___D4TOP = 0xC9D
+ SYS___DYNALL = 0x0C3
+ SYS___DYNFRE = 0x0C2
+ SYS___EXP2F_H = 0xA5E
+ SYS___EXP2L_H = 0xA5F
+ SYS___EXP2_H = 0xA5D
+ SYS___EXPM1F_H = 0xA5B
+ SYS___EXPM1L_H = 0xA5C
+ SYS___FBUFSIZE = 0xD60
+ SYS___FLBF = 0xD62
+ SYS___FLDATA = 0x0C1
+ SYS___FMAF_B = 0xA67
+ SYS___FMAF_H = 0xA68
+ SYS___FMAL_B = 0xA6A
+ SYS___FMAL_H = 0xA6B
+ SYS___FMAXF_B = 0xA70
+ SYS___FMAXF_H = 0xA71
+ SYS___FMAXL_B = 0xA73
+ SYS___FMAXL_H = 0xA74
+ SYS___FMAX_B = 0xA6D
+ SYS___FMAX_H = 0xA6E
+ SYS___FMA_B = 0xA64
+ SYS___FMA_H = 0xA65
+ SYS___FMINF_B = 0xA79
+ SYS___FMINF_H = 0xA7A
+ SYS___FMINL_B = 0xA7C
+ SYS___FMINL_H = 0xA7D
+ SYS___FMIN_B = 0xA76
+ SYS___FMIN_H = 0xA77
+ SYS___FPENDING = 0xD61
+ SYS___FPENDING_UNLOCKED = 0xD6C
+ SYS___FPURGE = 0xD69
+ SYS___FPURGE_UNLOCKED = 0xD70
+ SYS___FP_CAST_D = 0xBCB
+ SYS___FREADABLE = 0xD63
+ SYS___FREADAHEAD = 0xD6A
+ SYS___FREADAHEAD_UNLOCKED = 0xD71
+ SYS___FREADING = 0xD65
+ SYS___FREADING_UNLOCKED = 0xD6D
+ SYS___FSEEK2 = 0xB3C
+ SYS___FSETERR = 0xD6B
+ SYS___FSETLOCKING = 0xD67
+ SYS___FTCHEP = 0x0BF
+ SYS___FTELL2 = 0xB3B
+ SYS___FUPDT = 0x0B5
+ SYS___FWRITABLE = 0xD64
+ SYS___FWRITING = 0xD66
+ SYS___FWRITING_UNLOCKED = 0xD6E
+ SYS___GETCB = 0x0B4
+ SYS___GETGRGID1 = 0xD5B
+ SYS___GETGRNAM1 = 0xD5C
+ SYS___GETTHENT = 0xCE5
+ SYS___GETTOD = 0xD3E
+ SYS___HYPOTF_H = 0xAF6
+ SYS___HYPOTL_H = 0xAF7
+ SYS___ILOGBF_B = 0xA7F
+ SYS___ILOGBF_H = 0xA80
+ SYS___ILOGBL_B = 0xA82
+ SYS___ILOGBL_H = 0xA83
+ SYS___ISBLANK_A = 0xB2E
+ SYS___ISBLNK = 0x0FE
+ SYS___ISWBLANK_A = 0xB2F
+ SYS___LE_CEEGTJS = 0xD72
+ SYS___LE_TRACEBACK = 0xB7A
+ SYS___LGAMMAL_H = 0xA62
+ SYS___LGAMMA_B_C99 = 0xB39
+ SYS___LGAMMA_H_C99 = 0xB38
+ SYS___LGAMMA_R_C99 = 0xB3A
+ SYS___LLRINTF_B = 0xA88
+ SYS___LLRINTF_H = 0xA89
+ SYS___LLRINTL_B = 0xA8B
+ SYS___LLRINTL_H = 0xA8C
+ SYS___LLRINT_B = 0xA85
+ SYS___LLRINT_H = 0xA86
+ SYS___LLROUNDF_B = 0xA91
+ SYS___LLROUNDF_H = 0xA92
+ SYS___LLROUNDL_B = 0xA94
+ SYS___LLROUNDL_H = 0xA95
+ SYS___LLROUND_B = 0xA8E
+ SYS___LLROUND_H = 0xA8F
+ SYS___LOCALE_CTL = 0xD47
+ SYS___LOG1PF_H = 0xA60
+ SYS___LOG1PL_H = 0xA61
+ SYS___LOGBF_B = 0xA97
+ SYS___LOGBF_H = 0xA98
+ SYS___LOGBL_B = 0xA9A
+ SYS___LOGBL_H = 0xA9B
+ SYS___LOGIN_APPLID = 0xCE2
+ SYS___LRINTF_B = 0xAA0
+ SYS___LRINTF_H = 0xAA1
+ SYS___LRINTL_B = 0xAA3
+ SYS___LRINTL_H = 0xAA4
+ SYS___LRINT_B = 0xA9D
+ SYS___LRINT_H = 0xA9E
+ SYS___LROUNDF_FIXUP = 0xB31
+ SYS___LROUNDL_B = 0xAA6
+ SYS___LROUNDL_H = 0xAA7
+ SYS___LROUND_FIXUP = 0xB30
+ SYS___MOSERVICES = 0xD3D
+ SYS___MUST_STAY_CLEAN = 0xB7C
+ SYS___NANF_B = 0xAAB
+ SYS___NANL_B = 0xAAD
+ SYS___NAN_B = 0xAA9
+ SYS___NEARBYINTF_B = 0xAB2
+ SYS___NEARBYINTF_H = 0xAB3
+ SYS___NEARBYINTL_B = 0xAB5
+ SYS___NEARBYINTL_H = 0xAB6
+ SYS___NEARBYINT_B = 0xAAF
+ SYS___NEARBYINT_H = 0xAB0
+ SYS___NEXTAFTERF_B = 0xAB8
+ SYS___NEXTAFTERF_H = 0xAB9
+ SYS___NEXTAFTERL_B = 0xABB
+ SYS___NEXTAFTERL_H = 0xABC
+ SYS___NEXTTOWARDF_B = 0xAC1
+ SYS___NEXTTOWARDF_H = 0xAC2
+ SYS___NEXTTOWARDL_B = 0xAC4
+ SYS___NEXTTOWARDL_H = 0xAC5
+ SYS___NEXTTOWARD_B = 0xABE
+ SYS___NEXTTOWARD_H = 0xABF
+ SYS___O_ENV = 0xB7D
+ SYS___PASSWD_APPLID = 0xCE3
+ SYS___PTOD1 = 0xC9E
+ SYS___PTOD2 = 0xC9F
+ SYS___PTOD4 = 0xCA0
+ SYS___REGCOMP_STD = 0x0EA
+ SYS___REMAINDERF_H = 0xAC6
+ SYS___REMAINDERL_H = 0xAC7
+ SYS___REMQUOD128 = 0xC10
+ SYS___REMQUOD32 = 0xC0E
+ SYS___REMQUOD64 = 0xC0F
+ SYS___REMQUOF_H = 0xAC9
+ SYS___REMQUOL_H = 0xACA
+ SYS___REMQUO_H = 0xAC8
+ SYS___RINTF_B = 0xACC
+ SYS___RINTL_B = 0xACE
+ SYS___ROUNDF_B = 0xAD3
+ SYS___ROUNDF_H = 0xAD4
+ SYS___ROUNDL_B = 0xAD6
+ SYS___ROUNDL_H = 0xAD7
+ SYS___ROUND_B = 0xAD0
+ SYS___ROUND_H = 0xAD1
+ SYS___SCALBLNF_B = 0xADC
+ SYS___SCALBLNF_H = 0xADD
+ SYS___SCALBLNL_B = 0xADF
+ SYS___SCALBLNL_H = 0xAE0
+ SYS___SCALBLN_B = 0xAD9
+ SYS___SCALBLN_H = 0xADA
+ SYS___SCALBNF_B = 0xAE4
+ SYS___SCALBNF_H = 0xAE5
+ SYS___SCALBNL_B = 0xAE7
+ SYS___SCALBNL_H = 0xAE8
+ SYS___SCALBN_B = 0xAE1
+ SYS___SCALBN_H = 0xAE2
+ SYS___SETENV = 0x0C8
+ SYS___SINPID128 = 0xC73
+ SYS___SINPID32 = 0xC71
+ SYS___SINPID64 = 0xC72
+ SYS___SMF_RECORD2 = 0xD48
+ SYS___STATIC_REINIT = 0xB3D
+ SYS___TGAMMAF_H_C99 = 0xB79
+ SYS___TGAMMAL_H = 0xAE9
+ SYS___TGAMMA_H_C99 = 0xB78
+ SYS___TOCSNAME2 = 0xC9A
+ SYS_CEIL = 0x01F
+ SYS_CHAUDIT = 0x1E0
+ SYS_EXP = 0x01A
+ SYS_FCHAUDIT = 0x1E1
+ SYS_FREXP = 0x01D
+ SYS_GETGROUPSBYNAME = 0x1E2
+ SYS_GETPWUID = 0x1A0
+ SYS_GETUID = 0x1A1
+ SYS_ISATTY = 0x1A3
+ SYS_KILL = 0x1A4
+ SYS_LDEXP = 0x01E
+ SYS_LINK = 0x1A5
+ SYS_LOG10 = 0x01C
+ SYS_LSEEK = 0x1A6
+ SYS_LSTAT = 0x1A7
+ SYS_MKDIR = 0x1A8
+ SYS_MKFIFO = 0x1A9
+ SYS_MKNOD = 0x1AA
+ SYS_MODF = 0x01B
+ SYS_MOUNT = 0x1AB
+ SYS_OPEN = 0x1AC
+ SYS_OPENDIR = 0x1AD
+ SYS_PATHCONF = 0x1AE
+ SYS_PAUSE = 0x1AF
+ SYS_PIPE = 0x1B0
+ SYS_PTHREAD_ATTR_DESTROY = 0x1E7
+ SYS_PTHREAD_ATTR_GETDETACHSTATE = 0x1EB
+ SYS_PTHREAD_ATTR_GETSTACKSIZE = 0x1E9
+ SYS_PTHREAD_ATTR_GETWEIGHT_NP = 0x1ED
+ SYS_PTHREAD_ATTR_INIT = 0x1E6
+ SYS_PTHREAD_ATTR_SETDETACHSTATE = 0x1EA
+ SYS_PTHREAD_ATTR_SETSTACKSIZE = 0x1E8
+ SYS_PTHREAD_ATTR_SETWEIGHT_NP = 0x1EC
+ SYS_PTHREAD_CANCEL = 0x1EE
+ SYS_PTHREAD_CLEANUP_POP = 0x1F0
+ SYS_PTHREAD_CLEANUP_PUSH = 0x1EF
+ SYS_PTHREAD_CONDATTR_DESTROY = 0x1F2
+ SYS_PTHREAD_CONDATTR_INIT = 0x1F1
+ SYS_PTHREAD_COND_BROADCAST = 0x1F6
+ SYS_PTHREAD_COND_DESTROY = 0x1F4
+ SYS_PTHREAD_COND_INIT = 0x1F3
+ SYS_PTHREAD_COND_SIGNAL = 0x1F5
+ SYS_PTHREAD_COND_TIMEDWAIT = 0x1F8
+ SYS_PTHREAD_COND_WAIT = 0x1F7
+ SYS_PTHREAD_CREATE = 0x1F9
+ SYS_PTHREAD_DETACH = 0x1FA
+ SYS_PTHREAD_EQUAL = 0x1FB
+ SYS_PTHREAD_EXIT = 0x1E4
+ SYS_PTHREAD_GETSPECIFIC = 0x1FC
+ SYS_PTHREAD_JOIN = 0x1FD
+ SYS_PTHREAD_KEY_CREATE = 0x1FE
+ SYS_PTHREAD_KILL = 0x1E5
+ SYS_PTHREAD_MUTEXATTR_INIT = 0x1FF
+ SYS_READ = 0x1B2
+ SYS_READDIR = 0x1B3
+ SYS_READLINK = 0x1B4
+ SYS_REWINDDIR = 0x1B5
+ SYS_RMDIR = 0x1B6
+ SYS_SETEGID = 0x1B7
+ SYS_SETEUID = 0x1B8
+ SYS_SETGID = 0x1B9
+ SYS_SETPGID = 0x1BA
+ SYS_SETSID = 0x1BB
+ SYS_SETUID = 0x1BC
+ SYS_SIGACTION = 0x1BD
+ SYS_SIGADDSET = 0x1BE
+ SYS_SIGDELSET = 0x1BF
+ SYS_SIGEMPTYSET = 0x1C0
+ SYS_SIGFILLSET = 0x1C1
+ SYS_SIGISMEMBER = 0x1C2
+ SYS_SIGLONGJMP = 0x1C3
+ SYS_SIGPENDING = 0x1C4
+ SYS_SIGPROCMASK = 0x1C5
+ SYS_SIGSETJMP = 0x1C6
+ SYS_SIGSUSPEND = 0x1C7
+ SYS_SIGWAIT = 0x1E3
+ SYS_SLEEP = 0x1C8
+ SYS_STAT = 0x1C9
+ SYS_SYMLINK = 0x1CB
+ SYS_SYSCONF = 0x1CC
+ SYS_TCDRAIN = 0x1CD
+ SYS_TCFLOW = 0x1CE
+ SYS_TCFLUSH = 0x1CF
+ SYS_TCGETATTR = 0x1D0
+ SYS_TCGETPGRP = 0x1D1
+ SYS_TCSENDBREAK = 0x1D2
+ SYS_TCSETATTR = 0x1D3
+ SYS_TCSETPGRP = 0x1D4
+ SYS_TIMES = 0x1D5
+ SYS_TTYNAME = 0x1D6
+ SYS_TZSET = 0x1D7
+ SYS_UMASK = 0x1D8
+ SYS_UMOUNT = 0x1D9
+ SYS_UNAME = 0x1DA
+ SYS_UNLINK = 0x1DB
+ SYS_UTIME = 0x1DC
+ SYS_WAIT = 0x1DD
+ SYS_WAITPID = 0x1DE
+ SYS_WRITE = 0x1DF
+ SYS_W_GETPSENT = 0x1B1
+ SYS_W_IOCTL = 0x1A2
+ SYS_W_STATFS = 0x1CA
+ SYS_A64L = 0x2EF
+ SYS_BCMP = 0x2B9
+ SYS_BCOPY = 0x2BA
+ SYS_BZERO = 0x2BB
+ SYS_CATCLOSE = 0x2B6
+ SYS_CATGETS = 0x2B7
+ SYS_CATOPEN = 0x2B8
+ SYS_CRYPT = 0x2AC
+ SYS_DBM_CLEARERR = 0x2F7
+ SYS_DBM_CLOSE = 0x2F8
+ SYS_DBM_DELETE = 0x2F9
+ SYS_DBM_ERROR = 0x2FA
+ SYS_DBM_FETCH = 0x2FB
+ SYS_DBM_FIRSTKEY = 0x2FC
+ SYS_DBM_NEXTKEY = 0x2FD
+ SYS_DBM_OPEN = 0x2FE
+ SYS_DBM_STORE = 0x2FF
+ SYS_DRAND48 = 0x2B2
+ SYS_ENCRYPT = 0x2AD
+ SYS_ENDUTXENT = 0x2E1
+ SYS_ERAND48 = 0x2B3
+ SYS_ERF = 0x02C
+ SYS_ERFC = 0x02D
+ SYS_FCHDIR = 0x2D9
+ SYS_FFS = 0x2BC
+ SYS_FMTMSG = 0x2E5
+ SYS_FSTATVFS = 0x2B4
+ SYS_FTIME = 0x2F5
+ SYS_GAMMA = 0x02E
+ SYS_GETDATE = 0x2A6
+ SYS_GETPAGESIZE = 0x2D8
+ SYS_GETTIMEOFDAY = 0x2F6
+ SYS_GETUTXENT = 0x2E0
+ SYS_GETUTXID = 0x2E2
+ SYS_GETUTXLINE = 0x2E3
+ SYS_HCREATE = 0x2C6
+ SYS_HDESTROY = 0x2C7
+ SYS_HSEARCH = 0x2C8
+ SYS_HYPOT = 0x02B
+ SYS_INDEX = 0x2BD
+ SYS_INITSTATE = 0x2C2
+ SYS_INSQUE = 0x2CF
+ SYS_ISASCII = 0x2ED
+ SYS_JRAND48 = 0x2E6
+ SYS_L64A = 0x2F0
+ SYS_LCONG48 = 0x2EA
+ SYS_LFIND = 0x2C9
+ SYS_LRAND48 = 0x2E7
+ SYS_LSEARCH = 0x2CA
+ SYS_MEMCCPY = 0x2D4
+ SYS_MRAND48 = 0x2E8
+ SYS_NRAND48 = 0x2E9
+ SYS_PCLOSE = 0x2D2
+ SYS_POPEN = 0x2D1
+ SYS_PUTUTXLINE = 0x2E4
+ SYS_RANDOM = 0x2C4
+ SYS_REMQUE = 0x2D0
+ SYS_RINDEX = 0x2BE
+ SYS_SEED48 = 0x2EC
+ SYS_SETKEY = 0x2AE
+ SYS_SETSTATE = 0x2C3
+ SYS_SETUTXENT = 0x2DF
+ SYS_SRAND48 = 0x2EB
+ SYS_SRANDOM = 0x2C5
+ SYS_STATVFS = 0x2B5
+ SYS_STRCASECMP = 0x2BF
+ SYS_STRDUP = 0x2C0
+ SYS_STRNCASECMP = 0x2C1
+ SYS_SWAB = 0x2D3
+ SYS_TDELETE = 0x2CB
+ SYS_TFIND = 0x2CC
+ SYS_TOASCII = 0x2EE
+ SYS_TSEARCH = 0x2CD
+ SYS_TWALK = 0x2CE
+ SYS_UALARM = 0x2F1
+ SYS_USLEEP = 0x2F2
+ SYS_WAIT3 = 0x2A7
+ SYS_WAITID = 0x2A8
+ SYS_Y1 = 0x02A
+ SYS___ATOE = 0x2DB
+ SYS___ATOE_L = 0x2DC
+ SYS___CATTRM = 0x2A9
+ SYS___CNVBLK = 0x2AF
+ SYS___CRYTRM = 0x2B0
+ SYS___DLGHT = 0x2A1
+ SYS___ECRTRM = 0x2B1
+ SYS___ETOA = 0x2DD
+ SYS___ETOA_L = 0x2DE
+ SYS___GDTRM = 0x2AA
+ SYS___OCLCK = 0x2DA
+ SYS___OPARGF = 0x2A2
+ SYS___OPERRF = 0x2A5
+ SYS___OPINDF = 0x2A4
+ SYS___OPOPTF = 0x2A3
+ SYS___RNDTRM = 0x2AB
+ SYS___SRCTRM = 0x2F4
+ SYS___TZONE = 0x2A0
+ SYS___UTXTRM = 0x2F3
+ SYS_ASIN = 0x03E
+ SYS_ISXDIGIT = 0x03B
+ SYS_SETLOCAL = 0x03A
+ SYS_SETLOCALE = 0x03A
+ SYS_SIN = 0x03F
+ SYS_TOLOWER = 0x03C
+ SYS_TOUPPER = 0x03D
+ SYS_ACCEPT_AND_RECV = 0x4F7
+ SYS_ATOL = 0x04E
+ SYS_CHECKSCH = 0x4BC
+ SYS_CHECKSCHENV = 0x4BC
+ SYS_CLEARERR = 0x04C
+ SYS_CONNECTS = 0x4B5
+ SYS_CONNECTSERVER = 0x4B5
+ SYS_CONNECTW = 0x4B4
+ SYS_CONNECTWORKMGR = 0x4B4
+ SYS_CONTINUE = 0x4B3
+ SYS_CONTINUEWORKUNIT = 0x4B3
+ SYS_COPYSIGN = 0x4C2
+ SYS_CREATEWO = 0x4B2
+ SYS_CREATEWORKUNIT = 0x4B2
+ SYS_DELETEWO = 0x4B9
+ SYS_DELETEWORKUNIT = 0x4B9
+ SYS_DISCONNE = 0x4B6
+ SYS_DISCONNECTSERVER = 0x4B6
+ SYS_FEOF = 0x04D
+ SYS_FERROR = 0x04A
+ SYS_FINITE = 0x4C8
+ SYS_GAMMA_R = 0x4E2
+ SYS_JOINWORK = 0x4B7
+ SYS_JOINWORKUNIT = 0x4B7
+ SYS_LEAVEWOR = 0x4B8
+ SYS_LEAVEWORKUNIT = 0x4B8
+ SYS_LGAMMA_R = 0x4EB
+ SYS_MATHERR = 0x4D0
+ SYS_PERROR = 0x04F
+ SYS_QUERYMET = 0x4BA
+ SYS_QUERYMETRICS = 0x4BA
+ SYS_QUERYSCH = 0x4BB
+ SYS_QUERYSCHENV = 0x4BB
+ SYS_REWIND = 0x04B
+ SYS_SCALBN = 0x4D4
+ SYS_SIGNIFIC = 0x4D5
+ SYS_SIGNIFICAND = 0x4D5
+ SYS___ACOSH_B = 0x4DA
+ SYS___ACOS_B = 0x4D9
+ SYS___ASINH_B = 0x4BE
+ SYS___ASIN_B = 0x4DB
+ SYS___ATAN2_B = 0x4DC
+ SYS___ATANH_B = 0x4DD
+ SYS___ATAN_B = 0x4BF
+ SYS___CBRT_B = 0x4C0
+ SYS___CEIL_B = 0x4C1
+ SYS___COSH_B = 0x4DE
+ SYS___COS_B = 0x4C3
+ SYS___DGHT = 0x4A8
+ SYS___ENVN = 0x4B0
+ SYS___ERFC_B = 0x4C5
+ SYS___ERF_B = 0x4C4
+ SYS___EXPM1_B = 0x4C6
+ SYS___EXP_B = 0x4DF
+ SYS___FABS_B = 0x4C7
+ SYS___FLOOR_B = 0x4C9
+ SYS___FMOD_B = 0x4E0
+ SYS___FP_SETMODE = 0x4F8
+ SYS___FREXP_B = 0x4CA
+ SYS___GAMMA_B = 0x4E1
+ SYS___GDRR = 0x4A1
+ SYS___HRRNO = 0x4A2
+ SYS___HYPOT_B = 0x4E3
+ SYS___ILOGB_B = 0x4CB
+ SYS___ISNAN_B = 0x4CC
+ SYS___J0_B = 0x4E4
+ SYS___J1_B = 0x4E6
+ SYS___JN_B = 0x4E8
+ SYS___LDEXP_B = 0x4CD
+ SYS___LGAMMA_B = 0x4EA
+ SYS___LOG10_B = 0x4ED
+ SYS___LOG1P_B = 0x4CE
+ SYS___LOGB_B = 0x4CF
+ SYS___LOGIN = 0x4F5
+ SYS___LOG_B = 0x4EC
+ SYS___MLOCKALL = 0x4B1
+ SYS___MODF_B = 0x4D1
+ SYS___NEXTAFTER_B = 0x4D2
+ SYS___OPENDIR2 = 0x4F3
+ SYS___OPEN_STAT = 0x4F6
+ SYS___OPND = 0x4A5
+ SYS___OPPT = 0x4A6
+ SYS___OPRG = 0x4A3
+ SYS___OPRR = 0x4A4
+ SYS___PID_AFFINITY = 0x4BD
+ SYS___POW_B = 0x4EE
+ SYS___READDIR2 = 0x4F4
+ SYS___REMAINDER_B = 0x4EF
+ SYS___RINT_B = 0x4D3
+ SYS___SCALB_B = 0x4F0
+ SYS___SIGACTIONSET = 0x4FB
+ SYS___SIGGM = 0x4A7
+ SYS___SINH_B = 0x4F1
+ SYS___SIN_B = 0x4D6
+ SYS___SQRT_B = 0x4F2
+ SYS___TANH_B = 0x4D8
+ SYS___TAN_B = 0x4D7
+ SYS___TRRNO = 0x4AF
+ SYS___TZNE = 0x4A9
+ SYS___TZZN = 0x4AA
+ SYS___UCREATE = 0x4FC
+ SYS___UFREE = 0x4FE
+ SYS___UHEAPREPORT = 0x4FF
+ SYS___UMALLOC = 0x4FD
+ SYS___Y0_B = 0x4E5
+ SYS___Y1_B = 0x4E7
+ SYS___YN_B = 0x4E9
+ SYS_ABORT = 0x05C
+ SYS_ASCTIME_R = 0x5E0
+ SYS_ATEXIT = 0x05D
+ SYS_CONNECTE = 0x5AE
+ SYS_CONNECTEXPORTIMPORT = 0x5AE
+ SYS_CTIME_R = 0x5E1
+ SYS_DN_COMP = 0x5DF
+ SYS_DN_EXPAND = 0x5DD
+ SYS_DN_SKIPNAME = 0x5DE
+ SYS_EXIT = 0x05A
+ SYS_EXPORTWO = 0x5A1
+ SYS_EXPORTWORKUNIT = 0x5A1
+ SYS_EXTRACTW = 0x5A5
+ SYS_EXTRACTWORKUNIT = 0x5A5
+ SYS_FSEEKO = 0x5C9
+ SYS_FTELLO = 0x5C8
+ SYS_GETGRGID_R = 0x5E7
+ SYS_GETGRNAM_R = 0x5E8
+ SYS_GETLOGIN_R = 0x5E9
+ SYS_GETPWNAM_R = 0x5EA
+ SYS_GETPWUID_R = 0x5EB
+ SYS_GMTIME_R = 0x5E2
+ SYS_IMPORTWO = 0x5A3
+ SYS_IMPORTWORKUNIT = 0x5A3
+ SYS_INET_NTOP = 0x5D3
+ SYS_INET_PTON = 0x5D4
+ SYS_LLABS = 0x5CE
+ SYS_LLDIV = 0x5CB
+ SYS_LOCALTIME_R = 0x5E3
+ SYS_PTHREAD_ATFORK = 0x5ED
+ SYS_PTHREAD_ATTR_GETDETACHSTATE_U98 = 0x5FB
+ SYS_PTHREAD_ATTR_GETGUARDSIZE = 0x5EE
+ SYS_PTHREAD_ATTR_GETSCHEDPARAM = 0x5F9
+ SYS_PTHREAD_ATTR_GETSTACKADDR = 0x5EF
+ SYS_PTHREAD_ATTR_SETDETACHSTATE_U98 = 0x5FC
+ SYS_PTHREAD_ATTR_SETGUARDSIZE = 0x5F0
+ SYS_PTHREAD_ATTR_SETSCHEDPARAM = 0x5FA
+ SYS_PTHREAD_ATTR_SETSTACKADDR = 0x5F1
+ SYS_PTHREAD_CONDATTR_GETPSHARED = 0x5F2
+ SYS_PTHREAD_CONDATTR_SETPSHARED = 0x5F3
+ SYS_PTHREAD_DETACH_U98 = 0x5FD
+ SYS_PTHREAD_GETCONCURRENCY = 0x5F4
+ SYS_PTHREAD_GETSPECIFIC_U98 = 0x5FE
+ SYS_PTHREAD_KEY_DELETE = 0x5F5
+ SYS_PTHREAD_SETCANCELSTATE = 0x5FF
+ SYS_PTHREAD_SETCONCURRENCY = 0x5F6
+ SYS_PTHREAD_SIGMASK = 0x5F7
+ SYS_QUERYENC = 0x5AD
+ SYS_QUERYWORKUNITCLASSIFICATION = 0x5AD
+ SYS_RAISE = 0x05E
+ SYS_RAND_R = 0x5E4
+ SYS_READDIR_R = 0x5E6
+ SYS_REALLOC = 0x05B
+ SYS_RES_INIT = 0x5D8
+ SYS_RES_MKQUERY = 0x5D7
+ SYS_RES_QUERY = 0x5D9
+ SYS_RES_QUERYDOMAIN = 0x5DC
+ SYS_RES_SEARCH = 0x5DA
+ SYS_RES_SEND = 0x5DB
+ SYS_SETJMP = 0x05F
+ SYS_SIGQUEUE = 0x5A9
+ SYS_STRTOK_R = 0x5E5
+ SYS_STRTOLL = 0x5B0
+ SYS_STRTOULL = 0x5B1
+ SYS_TTYNAME_R = 0x5EC
+ SYS_UNDOEXPO = 0x5A2
+ SYS_UNDOEXPORTWORKUNIT = 0x5A2
+ SYS_UNDOIMPO = 0x5A4
+ SYS_UNDOIMPORTWORKUNIT = 0x5A4
+ SYS_WCSTOLL = 0x5CC
+ SYS_WCSTOULL = 0x5CD
+ SYS___ABORT = 0x05C
+ SYS___CONSOLE2 = 0x5D2
+ SYS___CPL = 0x5A6
+ SYS___DISCARDDATA = 0x5F8
+ SYS___DSA_PREV = 0x5B2
+ SYS___EP_FIND = 0x5B3
+ SYS___FP_SWAPMODE = 0x5AF
+ SYS___GETUSERID = 0x5AB
+ SYS___GET_CPUID = 0x5B9
+ SYS___GET_SYSTEM_SETTINGS = 0x5BA
+ SYS___IPDOMAINNAME = 0x5AC
+ SYS___MAP_INIT = 0x5A7
+ SYS___MAP_SERVICE = 0x5A8
+ SYS___MOUNT = 0x5AA
+ SYS___MSGRCV_TIMED = 0x5B7
+ SYS___RES = 0x5D6
+ SYS___SEMOP_TIMED = 0x5B8
+ SYS___SERVER_THREADS_QUERY = 0x5B4
+ SYS_FPRINTF = 0x06D
+ SYS_FSCANF = 0x06A
+ SYS_PRINTF = 0x06F
+ SYS_SETBUF = 0x06B
+ SYS_SETVBUF = 0x06C
+ SYS_SSCANF = 0x06E
+ SYS___CATGETS_A = 0x6C0
+ SYS___CHAUDIT_A = 0x6F4
+ SYS___CHMOD_A = 0x6E8
+ SYS___COLLATE_INIT_A = 0x6AC
+ SYS___CREAT_A = 0x6F6
+ SYS___CTYPE_INIT_A = 0x6AF
+ SYS___DLLLOAD_A = 0x6DF
+ SYS___DLLQUERYFN_A = 0x6E0
+ SYS___DLLQUERYVAR_A = 0x6E1
+ SYS___E2A_L = 0x6E3
+ SYS___EXECLE_A = 0x6A0
+ SYS___EXECLP_A = 0x6A4
+ SYS___EXECVE_A = 0x6C1
+ SYS___EXECVP_A = 0x6C2
+ SYS___EXECV_A = 0x6B1
+ SYS___FPRINTF_A = 0x6FA
+ SYS___GETADDRINFO_A = 0x6BF
+ SYS___GETNAMEINFO_A = 0x6C4
+ SYS___GET_WCTYPE_STD_A = 0x6AE
+ SYS___ICONV_OPEN_A = 0x6DE
+ SYS___IF_INDEXTONAME_A = 0x6DC
+ SYS___IF_NAMETOINDEX_A = 0x6DB
+ SYS___ISWCTYPE_A = 0x6B0
+ SYS___IS_WCTYPE_STD_A = 0x6B2
+ SYS___LOCALECONV_A = 0x6B8
+ SYS___LOCALECONV_STD_A = 0x6B9
+ SYS___LOCALE_INIT_A = 0x6B7
+ SYS___LSTAT_A = 0x6EE
+ SYS___LSTAT_O_A = 0x6EF
+ SYS___MKDIR_A = 0x6E9
+ SYS___MKFIFO_A = 0x6EC
+ SYS___MKNOD_A = 0x6F0
+ SYS___MONETARY_INIT_A = 0x6BC
+ SYS___MOUNT_A = 0x6F1
+ SYS___NL_CSINFO_A = 0x6D6
+ SYS___NL_LANGINFO_A = 0x6BA
+ SYS___NL_LNAGINFO_STD_A = 0x6BB
+ SYS___NL_MONINFO_A = 0x6D7
+ SYS___NL_NUMINFO_A = 0x6D8
+ SYS___NL_RESPINFO_A = 0x6D9
+ SYS___NL_TIMINFO_A = 0x6DA
+ SYS___NUMERIC_INIT_A = 0x6C6
+ SYS___OPEN_A = 0x6F7
+ SYS___PRINTF_A = 0x6DD
+ SYS___RESP_INIT_A = 0x6C7
+ SYS___RPMATCH_A = 0x6C8
+ SYS___RPMATCH_C_A = 0x6C9
+ SYS___RPMATCH_STD_A = 0x6CA
+ SYS___SETLOCALE_A = 0x6F9
+ SYS___SPAWNP_A = 0x6C5
+ SYS___SPAWN_A = 0x6C3
+ SYS___SPRINTF_A = 0x6FB
+ SYS___STAT_A = 0x6EA
+ SYS___STAT_O_A = 0x6EB
+ SYS___STRCOLL_STD_A = 0x6A1
+ SYS___STRFMON_A = 0x6BD
+ SYS___STRFMON_STD_A = 0x6BE
+ SYS___STRFTIME_A = 0x6CC
+ SYS___STRFTIME_STD_A = 0x6CD
+ SYS___STRPTIME_A = 0x6CE
+ SYS___STRPTIME_STD_A = 0x6CF
+ SYS___STRXFRM_A = 0x6A2
+ SYS___STRXFRM_C_A = 0x6A3
+ SYS___STRXFRM_STD_A = 0x6A5
+ SYS___SYNTAX_INIT_A = 0x6D4
+ SYS___TIME_INIT_A = 0x6CB
+ SYS___TOD_INIT_A = 0x6D5
+ SYS___TOWLOWER_A = 0x6B3
+ SYS___TOWLOWER_STD_A = 0x6B4
+ SYS___TOWUPPER_A = 0x6B5
+ SYS___TOWUPPER_STD_A = 0x6B6
+ SYS___UMOUNT_A = 0x6F2
+ SYS___VFPRINTF_A = 0x6FC
+ SYS___VPRINTF_A = 0x6FD
+ SYS___VSPRINTF_A = 0x6FE
+ SYS___VSWPRINTF_A = 0x6FF
+ SYS___WCSCOLL_A = 0x6A6
+ SYS___WCSCOLL_C_A = 0x6A7
+ SYS___WCSCOLL_STD_A = 0x6A8
+ SYS___WCSFTIME_A = 0x6D0
+ SYS___WCSFTIME_STD_A = 0x6D1
+ SYS___WCSXFRM_A = 0x6A9
+ SYS___WCSXFRM_C_A = 0x6AA
+ SYS___WCSXFRM_STD_A = 0x6AB
+ SYS___WCTYPE_A = 0x6AD
+ SYS___W_GETMNTENT_A = 0x6F5
+ SYS_____CCSIDTYPE_A = 0x6E6
+ SYS_____CHATTR_A = 0x6E2
+ SYS_____CSNAMETYPE_A = 0x6E7
+ SYS_____OPEN_STAT_A = 0x6ED
+ SYS_____SPAWN2_A = 0x6D2
+ SYS_____SPAWNP2_A = 0x6D3
+ SYS_____TOCCSID_A = 0x6E4
+ SYS_____TOCSNAME_A = 0x6E5
+ SYS_ACL_FREE = 0x7FF
+ SYS_ACL_INIT = 0x7FE
+ SYS_FWIDE = 0x7DF
+ SYS_FWPRINTF = 0x7D1
+ SYS_FWRITE = 0x07E
+ SYS_FWSCANF = 0x7D5
+ SYS_GETCHAR = 0x07B
+ SYS_GETS = 0x07C
+ SYS_M_CREATE_LAYOUT = 0x7C9
+ SYS_M_DESTROY_LAYOUT = 0x7CA
+ SYS_M_GETVALUES_LAYOUT = 0x7CB
+ SYS_M_SETVALUES_LAYOUT = 0x7CC
+ SYS_M_TRANSFORM_LAYOUT = 0x7CD
+ SYS_M_WTRANSFORM_LAYOUT = 0x7CE
+ SYS_PREAD = 0x7C7
+ SYS_PUTC = 0x07D
+ SYS_PUTCHAR = 0x07A
+ SYS_PUTS = 0x07F
+ SYS_PWRITE = 0x7C8
+ SYS_TOWCTRAN = 0x7D8
+ SYS_TOWCTRANS = 0x7D8
+ SYS_UNATEXIT = 0x7B5
+ SYS_VFWPRINT = 0x7D3
+ SYS_VFWPRINTF = 0x7D3
+ SYS_VWPRINTF = 0x7D4
+ SYS_WCTRANS = 0x7D7
+ SYS_WPRINTF = 0x7D2
+ SYS_WSCANF = 0x7D6
+ SYS___ASCTIME_R_A = 0x7A1
+ SYS___BASENAME_A = 0x7DC
+ SYS___BTOWC_A = 0x7E4
+ SYS___CDUMP_A = 0x7B7
+ SYS___CEE3DMP_A = 0x7B6
+ SYS___CEILF_H = 0x7F4
+ SYS___CEILL_H = 0x7F5
+ SYS___CEIL_H = 0x7EA
+ SYS___CRYPT_A = 0x7BE
+ SYS___CSNAP_A = 0x7B8
+ SYS___CTEST_A = 0x7B9
+ SYS___CTIME_R_A = 0x7A2
+ SYS___CTRACE_A = 0x7BA
+ SYS___DBM_OPEN_A = 0x7E6
+ SYS___DIRNAME_A = 0x7DD
+ SYS___FABSF_H = 0x7FA
+ SYS___FABSL_H = 0x7FB
+ SYS___FABS_H = 0x7ED
+ SYS___FGETWC_A = 0x7AA
+ SYS___FGETWS_A = 0x7AD
+ SYS___FLOORF_H = 0x7F6
+ SYS___FLOORL_H = 0x7F7
+ SYS___FLOOR_H = 0x7EB
+ SYS___FPUTWC_A = 0x7A5
+ SYS___FPUTWS_A = 0x7A8
+ SYS___GETTIMEOFDAY_A = 0x7AE
+ SYS___GETWCHAR_A = 0x7AC
+ SYS___GETWC_A = 0x7AB
+ SYS___GLOB_A = 0x7DE
+ SYS___GMTIME_A = 0x7AF
+ SYS___GMTIME_R_A = 0x7B0
+ SYS___INET_PTON_A = 0x7BC
+ SYS___J0_H = 0x7EE
+ SYS___J1_H = 0x7EF
+ SYS___JN_H = 0x7F0
+ SYS___LOCALTIME_A = 0x7B1
+ SYS___LOCALTIME_R_A = 0x7B2
+ SYS___MALLOC24 = 0x7FC
+ SYS___MALLOC31 = 0x7FD
+ SYS___MKTIME_A = 0x7B3
+ SYS___MODFF_H = 0x7F8
+ SYS___MODFL_H = 0x7F9
+ SYS___MODF_H = 0x7EC
+ SYS___OPENDIR_A = 0x7C2
+ SYS___OSNAME = 0x7E0
+ SYS___PUTWCHAR_A = 0x7A7
+ SYS___PUTWC_A = 0x7A6
+ SYS___READDIR_A = 0x7C3
+ SYS___STRTOLL_A = 0x7A3
+ SYS___STRTOULL_A = 0x7A4
+ SYS___SYSLOG_A = 0x7BD
+ SYS___TZZNA = 0x7B4
+ SYS___UNGETWC_A = 0x7A9
+ SYS___UTIME_A = 0x7A0
+ SYS___VFPRINTF2_A = 0x7E7
+ SYS___VPRINTF2_A = 0x7E8
+ SYS___VSPRINTF2_A = 0x7E9
+ SYS___VSWPRNTF2_A = 0x7BB
+ SYS___WCSTOD_A = 0x7D9
+ SYS___WCSTOL_A = 0x7DA
+ SYS___WCSTOUL_A = 0x7DB
+ SYS___WCTOB_A = 0x7E5
+ SYS___Y0_H = 0x7F1
+ SYS___Y1_H = 0x7F2
+ SYS___YN_H = 0x7F3
+ SYS_____OPENDIR2_A = 0x7BF
+ SYS_____OSNAME_A = 0x7E1
+ SYS_____READDIR2_A = 0x7C0
+ SYS_DLCLOSE = 0x8DF
+ SYS_DLERROR = 0x8E0
+ SYS_DLOPEN = 0x8DD
+ SYS_DLSYM = 0x8DE
+ SYS_FLOCKFILE = 0x8D3
+ SYS_FTRYLOCKFILE = 0x8D4
+ SYS_FUNLOCKFILE = 0x8D5
+ SYS_GETCHAR_UNLOCKED = 0x8D7
+ SYS_GETC_UNLOCKED = 0x8D6
+ SYS_PUTCHAR_UNLOCKED = 0x8D9
+ SYS_PUTC_UNLOCKED = 0x8D8
+ SYS_SNPRINTF = 0x8DA
+ SYS_VSNPRINTF = 0x8DB
+ SYS_WCSCSPN = 0x08B
+ SYS_WCSLEN = 0x08C
+ SYS_WCSNCAT = 0x08D
+ SYS_WCSNCMP = 0x08A
+ SYS_WCSNCPY = 0x08F
+ SYS_WCSSPN = 0x08E
+ SYS___ABSF_H = 0x8E7
+ SYS___ABSL_H = 0x8E8
+ SYS___ABS_H = 0x8E6
+ SYS___ACOSF_H = 0x8EA
+ SYS___ACOSH_H = 0x8EC
+ SYS___ACOSL_H = 0x8EB
+ SYS___ACOS_H = 0x8E9
+ SYS___ASINF_H = 0x8EE
+ SYS___ASINH_H = 0x8F0
+ SYS___ASINL_H = 0x8EF
+ SYS___ASIN_H = 0x8ED
+ SYS___ATAN2F_H = 0x8F8
+ SYS___ATAN2L_H = 0x8F9
+ SYS___ATAN2_H = 0x8F7
+ SYS___ATANF_H = 0x8F2
+ SYS___ATANHF_H = 0x8F5
+ SYS___ATANHL_H = 0x8F6
+ SYS___ATANH_H = 0x8F4
+ SYS___ATANL_H = 0x8F3
+ SYS___ATAN_H = 0x8F1
+ SYS___CBRT_H = 0x8FA
+ SYS___COPYSIGNF_H = 0x8FB
+ SYS___COPYSIGNL_H = 0x8FC
+ SYS___COSF_H = 0x8FE
+ SYS___COSL_H = 0x8FF
+ SYS___COS_H = 0x8FD
+ SYS___DLERROR_A = 0x8D2
+ SYS___DLOPEN_A = 0x8D0
+ SYS___DLSYM_A = 0x8D1
+ SYS___GETUTXENT_A = 0x8C6
+ SYS___GETUTXID_A = 0x8C7
+ SYS___GETUTXLINE_A = 0x8C8
+ SYS___ITOA = 0x8AA
+ SYS___ITOA_A = 0x8B0
+ SYS___LE_CONDITION_TOKEN_BUILD = 0x8A5
+ SYS___LE_MSG_ADD_INSERT = 0x8A6
+ SYS___LE_MSG_GET = 0x8A7
+ SYS___LE_MSG_GET_AND_WRITE = 0x8A8
+ SYS___LE_MSG_WRITE = 0x8A9
+ SYS___LLTOA = 0x8AE
+ SYS___LLTOA_A = 0x8B4
+ SYS___LTOA = 0x8AC
+ SYS___LTOA_A = 0x8B2
+ SYS___PUTCHAR_UNLOCKED_A = 0x8CC
+ SYS___PUTC_UNLOCKED_A = 0x8CB
+ SYS___PUTUTXLINE_A = 0x8C9
+ SYS___RESET_EXCEPTION_HANDLER = 0x8E3
+ SYS___REXEC_A = 0x8C4
+ SYS___REXEC_AF_A = 0x8C5
+ SYS___SET_EXCEPTION_HANDLER = 0x8E2
+ SYS___SNPRINTF_A = 0x8CD
+ SYS___SUPERKILL = 0x8A4
+ SYS___TCGETATTR_A = 0x8A1
+ SYS___TCSETATTR_A = 0x8A2
+ SYS___ULLTOA = 0x8AF
+ SYS___ULLTOA_A = 0x8B5
+ SYS___ULTOA = 0x8AD
+ SYS___ULTOA_A = 0x8B3
+ SYS___UTOA = 0x8AB
+ SYS___UTOA_A = 0x8B1
+ SYS___VHM_EVENT = 0x8E4
+ SYS___VSNPRINTF_A = 0x8CE
+ SYS_____GETENV_A = 0x8C3
+ SYS_____UTMPXNAME_A = 0x8CA
+ SYS_CACOSH = 0x9A0
+ SYS_CACOSHF = 0x9A3
+ SYS_CACOSHL = 0x9A6
+ SYS_CARG = 0x9A9
+ SYS_CARGF = 0x9AC
+ SYS_CARGL = 0x9AF
+ SYS_CASIN = 0x9B2
+ SYS_CASINF = 0x9B5
+ SYS_CASINH = 0x9BB
+ SYS_CASINHF = 0x9BE
+ SYS_CASINHL = 0x9C1
+ SYS_CASINL = 0x9B8
+ SYS_CATAN = 0x9C4
+ SYS_CATANF = 0x9C7
+ SYS_CATANH = 0x9CD
+ SYS_CATANHF = 0x9D0
+ SYS_CATANHL = 0x9D3
+ SYS_CATANL = 0x9CA
+ SYS_CCOS = 0x9D6
+ SYS_CCOSF = 0x9D9
+ SYS_CCOSH = 0x9DF
+ SYS_CCOSHF = 0x9E2
+ SYS_CCOSHL = 0x9E5
+ SYS_CCOSL = 0x9DC
+ SYS_CEXP = 0x9E8
+ SYS_CEXPF = 0x9EB
+ SYS_CEXPL = 0x9EE
+ SYS_CIMAG = 0x9F1
+ SYS_CIMAGF = 0x9F4
+ SYS_CIMAGL = 0x9F7
+ SYS_CLOGF = 0x9FD
+ SYS_MEMCHR = 0x09B
+ SYS_MEMCMP = 0x09A
+ SYS_STRCOLL = 0x09C
+ SYS_STRNCMP = 0x09D
+ SYS_STRRCHR = 0x09F
+ SYS_STRXFRM = 0x09E
+ SYS___CACOSHF_B = 0x9A4
+ SYS___CACOSHF_H = 0x9A5
+ SYS___CACOSHL_B = 0x9A7
+ SYS___CACOSHL_H = 0x9A8
+ SYS___CACOSH_B = 0x9A1
+ SYS___CACOSH_H = 0x9A2
+ SYS___CARGF_B = 0x9AD
+ SYS___CARGF_H = 0x9AE
+ SYS___CARGL_B = 0x9B0
+ SYS___CARGL_H = 0x9B1
+ SYS___CARG_B = 0x9AA
+ SYS___CARG_H = 0x9AB
+ SYS___CASINF_B = 0x9B6
+ SYS___CASINF_H = 0x9B7
+ SYS___CASINHF_B = 0x9BF
+ SYS___CASINHF_H = 0x9C0
+ SYS___CASINHL_B = 0x9C2
+ SYS___CASINHL_H = 0x9C3
+ SYS___CASINH_B = 0x9BC
+ SYS___CASINH_H = 0x9BD
+ SYS___CASINL_B = 0x9B9
+ SYS___CASINL_H = 0x9BA
+ SYS___CASIN_B = 0x9B3
+ SYS___CASIN_H = 0x9B4
+ SYS___CATANF_B = 0x9C8
+ SYS___CATANF_H = 0x9C9
+ SYS___CATANHF_B = 0x9D1
+ SYS___CATANHF_H = 0x9D2
+ SYS___CATANHL_B = 0x9D4
+ SYS___CATANHL_H = 0x9D5
+ SYS___CATANH_B = 0x9CE
+ SYS___CATANH_H = 0x9CF
+ SYS___CATANL_B = 0x9CB
+ SYS___CATANL_H = 0x9CC
+ SYS___CATAN_B = 0x9C5
+ SYS___CATAN_H = 0x9C6
+ SYS___CCOSF_B = 0x9DA
+ SYS___CCOSF_H = 0x9DB
+ SYS___CCOSHF_B = 0x9E3
+ SYS___CCOSHF_H = 0x9E4
+ SYS___CCOSHL_B = 0x9E6
+ SYS___CCOSHL_H = 0x9E7
+ SYS___CCOSH_B = 0x9E0
+ SYS___CCOSH_H = 0x9E1
+ SYS___CCOSL_B = 0x9DD
+ SYS___CCOSL_H = 0x9DE
+ SYS___CCOS_B = 0x9D7
+ SYS___CCOS_H = 0x9D8
+ SYS___CEXPF_B = 0x9EC
+ SYS___CEXPF_H = 0x9ED
+ SYS___CEXPL_B = 0x9EF
+ SYS___CEXPL_H = 0x9F0
+ SYS___CEXP_B = 0x9E9
+ SYS___CEXP_H = 0x9EA
+ SYS___CIMAGF_B = 0x9F5
+ SYS___CIMAGF_H = 0x9F6
+ SYS___CIMAGL_B = 0x9F8
+ SYS___CIMAGL_H = 0x9F9
+ SYS___CIMAG_B = 0x9F2
+ SYS___CIMAG_H = 0x9F3
+ SYS___CLOG = 0x9FA
+ SYS___CLOGF_B = 0x9FE
+ SYS___CLOGF_H = 0x9FF
+ SYS___CLOG_B = 0x9FB
+ SYS___CLOG_H = 0x9FC
+ SYS_ISWCTYPE = 0x10C
+ SYS_ISWXDIGI = 0x10A
+ SYS_ISWXDIGIT = 0x10A
+ SYS_MBSINIT = 0x10F
+ SYS_TOWLOWER = 0x10D
+ SYS_TOWUPPER = 0x10E
+ SYS_WCTYPE = 0x10B
+ SYS_WCSSTR = 0x11B
+ SYS___RPMTCH = 0x11A
+ SYS_WCSTOD = 0x12E
+ SYS_WCSTOK = 0x12C
+ SYS_WCSTOL = 0x12D
+ SYS_WCSTOUL = 0x12F
+ SYS_FGETWC = 0x13C
+ SYS_FGETWS = 0x13D
+ SYS_FPUTWC = 0x13E
+ SYS_FPUTWS = 0x13F
+ SYS_REGERROR = 0x13B
+ SYS_REGFREE = 0x13A
+ SYS_COLLEQUIV = 0x14F
+ SYS_COLLTOSTR = 0x14E
+ SYS_ISMCCOLLEL = 0x14C
+ SYS_STRTOCOLL = 0x14D
+ SYS_DLLFREE = 0x16F
+ SYS_DLLQUERYFN = 0x16D
+ SYS_DLLQUERYVAR = 0x16E
+ SYS_GETMCCOLL = 0x16A
+ SYS_GETWMCCOLL = 0x16B
+ SYS___ERR2AD = 0x16C
+ SYS_CFSETOSPEED = 0x17A
+ SYS_CHDIR = 0x17B
+ SYS_CHMOD = 0x17C
+ SYS_CHOWN = 0x17D
+ SYS_CLOSE = 0x17E
+ SYS_CLOSEDIR = 0x17F
+ SYS_LOG = 0x017
+ SYS_COSH = 0x018
+ SYS_FCHMOD = 0x18A
+ SYS_FCHOWN = 0x18B
+ SYS_FCNTL = 0x18C
+ SYS_FILENO = 0x18D
+ SYS_FORK = 0x18E
+ SYS_FPATHCONF = 0x18F
+ SYS_GETLOGIN = 0x19A
+ SYS_GETPGRP = 0x19C
+ SYS_GETPID = 0x19D
+ SYS_GETPPID = 0x19E
+ SYS_GETPWNAM = 0x19F
+ SYS_TANH = 0x019
+ SYS_W_GETMNTENT = 0x19B
+ SYS_POW = 0x020
+ SYS_PTHREAD_SELF = 0x20A
+ SYS_PTHREAD_SETINTR = 0x20B
+ SYS_PTHREAD_SETINTRTYPE = 0x20C
+ SYS_PTHREAD_SETSPECIFIC = 0x20D
+ SYS_PTHREAD_TESTINTR = 0x20E
+ SYS_PTHREAD_YIELD = 0x20F
+ SYS_SQRT = 0x021
+ SYS_FLOOR = 0x022
+ SYS_J1 = 0x023
+ SYS_WCSPBRK = 0x23F
+ SYS_BSEARCH = 0x24C
+ SYS_FABS = 0x024
+ SYS_GETENV = 0x24A
+ SYS_LDIV = 0x24D
+ SYS_SYSTEM = 0x24B
+ SYS_FMOD = 0x025
+ SYS___RETHROW = 0x25F
+ SYS___THROW = 0x25E
+ SYS_J0 = 0x026
+ SYS_PUTENV = 0x26A
+ SYS___GETENV = 0x26F
+ SYS_SEMCTL = 0x27A
+ SYS_SEMGET = 0x27B
+ SYS_SEMOP = 0x27C
+ SYS_SHMAT = 0x27D
+ SYS_SHMCTL = 0x27E
+ SYS_SHMDT = 0x27F
+ SYS_YN = 0x027
+ SYS_JN = 0x028
+ SYS_SIGALTSTACK = 0x28A
+ SYS_SIGHOLD = 0x28B
+ SYS_SIGIGNORE = 0x28C
+ SYS_SIGINTERRUPT = 0x28D
+ SYS_SIGPAUSE = 0x28E
+ SYS_SIGRELSE = 0x28F
+ SYS_GETOPT = 0x29A
+ SYS_GETSUBOPT = 0x29D
+ SYS_LCHOWN = 0x29B
+ SYS_SETPGRP = 0x29E
+ SYS_TRUNCATE = 0x29C
+ SYS_Y0 = 0x029
+ SYS___GDERR = 0x29F
+ SYS_ISALPHA = 0x030
+ SYS_VFORK = 0x30F
+ SYS__LONGJMP = 0x30D
+ SYS__SETJMP = 0x30E
+ SYS_GLOB = 0x31A
+ SYS_GLOBFREE = 0x31B
+ SYS_ISALNUM = 0x031
+ SYS_PUTW = 0x31C
+ SYS_SEEKDIR = 0x31D
+ SYS_TELLDIR = 0x31E
+ SYS_TEMPNAM = 0x31F
+ SYS_GETTIMEOFDAY_R = 0x32E
+ SYS_ISLOWER = 0x032
+ SYS_LGAMMA = 0x32C
+ SYS_REMAINDER = 0x32A
+ SYS_SCALB = 0x32B
+ SYS_SYNC = 0x32F
+ SYS_TTYSLOT = 0x32D
+ SYS_ENDPROTOENT = 0x33A
+ SYS_ENDSERVENT = 0x33B
+ SYS_GETHOSTBYADDR = 0x33D
+ SYS_GETHOSTBYADDR_R = 0x33C
+ SYS_GETHOSTBYNAME = 0x33F
+ SYS_GETHOSTBYNAME_R = 0x33E
+ SYS_ISCNTRL = 0x033
+ SYS_GETSERVBYNAME = 0x34A
+ SYS_GETSERVBYPORT = 0x34B
+ SYS_GETSERVENT = 0x34C
+ SYS_GETSOCKNAME = 0x34D
+ SYS_GETSOCKOPT = 0x34E
+ SYS_INET_ADDR = 0x34F
+ SYS_ISDIGIT = 0x034
+ SYS_ISGRAPH = 0x035
+ SYS_SELECT = 0x35B
+ SYS_SELECTEX = 0x35C
+ SYS_SEND = 0x35D
+ SYS_SENDTO = 0x35F
+ SYS_CHROOT = 0x36A
+ SYS_ISNAN = 0x36D
+ SYS_ISUPPER = 0x036
+ SYS_ULIMIT = 0x36C
+ SYS_UTIMES = 0x36E
+ SYS_W_STATVFS = 0x36B
+ SYS___H_ERRNO = 0x36F
+ SYS_GRANTPT = 0x37A
+ SYS_ISPRINT = 0x037
+ SYS_TCGETSID = 0x37C
+ SYS_UNLOCKPT = 0x37B
+ SYS___TCGETCP = 0x37D
+ SYS___TCSETCP = 0x37E
+ SYS___TCSETTABLES = 0x37F
+ SYS_ISPUNCT = 0x038
+ SYS_NLIST = 0x38C
+ SYS___IPDBCS = 0x38D
+ SYS___IPDSPX = 0x38E
+ SYS___IPMSGC = 0x38F
+ SYS___STHOSTENT = 0x38B
+ SYS___STSERVENT = 0x38A
+ SYS_ISSPACE = 0x039
+ SYS_COS = 0x040
+ SYS_T_ALLOC = 0x40A
+ SYS_T_BIND = 0x40B
+ SYS_T_CLOSE = 0x40C
+ SYS_T_CONNECT = 0x40D
+ SYS_T_ERROR = 0x40E
+ SYS_T_FREE = 0x40F
+ SYS_TAN = 0x041
+ SYS_T_RCVREL = 0x41A
+ SYS_T_RCVUDATA = 0x41B
+ SYS_T_RCVUDERR = 0x41C
+ SYS_T_SND = 0x41D
+ SYS_T_SNDDIS = 0x41E
+ SYS_T_SNDREL = 0x41F
+ SYS_GETPMSG = 0x42A
+ SYS_ISASTREAM = 0x42B
+ SYS_PUTMSG = 0x42C
+ SYS_PUTPMSG = 0x42D
+ SYS_SINH = 0x042
+ SYS___ISPOSIXON = 0x42E
+ SYS___OPENMVSREL = 0x42F
+ SYS_ACOS = 0x043
+ SYS_ATAN = 0x044
+ SYS_ATAN2 = 0x045
+ SYS_FTELL = 0x046
+ SYS_FGETPOS = 0x047
+ SYS_SOCK_DEBUG = 0x47A
+ SYS_SOCK_DO_TESTSTOR = 0x47D
+ SYS_TAKESOCKET = 0x47E
+ SYS___SERVER_INIT = 0x47F
+ SYS_FSEEK = 0x048
+ SYS___IPHOST = 0x48B
+ SYS___IPNODE = 0x48C
+ SYS___SERVER_CLASSIFY_CREATE = 0x48D
+ SYS___SERVER_CLASSIFY_DESTROY = 0x48E
+ SYS___SERVER_CLASSIFY_RESET = 0x48F
+ SYS___SMF_RECORD = 0x48A
+ SYS_FSETPOS = 0x049
+ SYS___FNWSA = 0x49B
+ SYS___SPAWN2 = 0x49D
+ SYS___SPAWNP2 = 0x49E
+ SYS_ATOF = 0x050
+ SYS_PTHREAD_MUTEXATTR_GETPSHARED = 0x50A
+ SYS_PTHREAD_MUTEXATTR_SETPSHARED = 0x50B
+ SYS_PTHREAD_RWLOCK_DESTROY = 0x50C
+ SYS_PTHREAD_RWLOCK_INIT = 0x50D
+ SYS_PTHREAD_RWLOCK_RDLOCK = 0x50E
+ SYS_PTHREAD_RWLOCK_TRYRDLOCK = 0x50F
+ SYS_ATOI = 0x051
+ SYS___FP_CLASS = 0x51D
+ SYS___FP_CLR_FLAG = 0x51A
+ SYS___FP_FINITE = 0x51E
+ SYS___FP_ISNAN = 0x51F
+ SYS___FP_RAISE_XCP = 0x51C
+ SYS___FP_READ_FLAG = 0x51B
+ SYS_RAND = 0x052
+ SYS_SIGTIMEDWAIT = 0x52D
+ SYS_SIGWAITINFO = 0x52E
+ SYS___CHKBFP = 0x52F
+ SYS___FPC_RS = 0x52C
+ SYS___FPC_RW = 0x52A
+ SYS___FPC_SM = 0x52B
+ SYS_STRTOD = 0x053
+ SYS_STRTOL = 0x054
+ SYS_STRTOUL = 0x055
+ SYS_MALLOC = 0x056
+ SYS_SRAND = 0x057
+ SYS_CALLOC = 0x058
+ SYS_FREE = 0x059
+ SYS___OSENV = 0x59F
+ SYS___W_PIOCTL = 0x59E
+ SYS_LONGJMP = 0x060
+ SYS___FLOORF_B = 0x60A
+ SYS___FLOORL_B = 0x60B
+ SYS___FREXPF_B = 0x60C
+ SYS___FREXPL_B = 0x60D
+ SYS___LDEXPF_B = 0x60E
+ SYS___LDEXPL_B = 0x60F
+ SYS_SIGNAL = 0x061
+ SYS___ATAN2F_B = 0x61A
+ SYS___ATAN2L_B = 0x61B
+ SYS___COSHF_B = 0x61C
+ SYS___COSHL_B = 0x61D
+ SYS___EXPF_B = 0x61E
+ SYS___EXPL_B = 0x61F
+ SYS_TMPNAM = 0x062
+ SYS___ABSF_B = 0x62A
+ SYS___ABSL_B = 0x62C
+ SYS___ABS_B = 0x62B
+ SYS___FMODF_B = 0x62D
+ SYS___FMODL_B = 0x62E
+ SYS___MODFF_B = 0x62F
+ SYS_ATANL = 0x63A
+ SYS_CEILF = 0x63B
+ SYS_CEILL = 0x63C
+ SYS_COSF = 0x63D
+ SYS_COSHF = 0x63F
+ SYS_COSL = 0x63E
+ SYS_REMOVE = 0x063
+ SYS_POWL = 0x64A
+ SYS_RENAME = 0x064
+ SYS_SINF = 0x64B
+ SYS_SINHF = 0x64F
+ SYS_SINL = 0x64C
+ SYS_SQRTF = 0x64D
+ SYS_SQRTL = 0x64E
+ SYS_BTOWC = 0x65F
+ SYS_FREXPL = 0x65A
+ SYS_LDEXPF = 0x65B
+ SYS_LDEXPL = 0x65C
+ SYS_MODFF = 0x65D
+ SYS_MODFL = 0x65E
+ SYS_TMPFILE = 0x065
+ SYS_FREOPEN = 0x066
+ SYS___CHARMAP_INIT_A = 0x66E
+ SYS___GETHOSTBYADDR_R_A = 0x66C
+ SYS___GETHOSTBYNAME_A = 0x66A
+ SYS___GETHOSTBYNAME_R_A = 0x66D
+ SYS___MBLEN_A = 0x66F
+ SYS___RES_INIT_A = 0x66B
+ SYS_FCLOSE = 0x067
+ SYS___GETGRGID_R_A = 0x67D
+ SYS___WCSTOMBS_A = 0x67A
+ SYS___WCSTOMBS_STD_A = 0x67B
+ SYS___WCSWIDTH_A = 0x67C
+ SYS___WCSWIDTH_ASIA = 0x67F
+ SYS___WCSWIDTH_STD_A = 0x67E
+ SYS_FFLUSH = 0x068
+ SYS___GETLOGIN_R_A = 0x68E
+ SYS___GETPWNAM_R_A = 0x68C
+ SYS___GETPWUID_R_A = 0x68D
+ SYS___TTYNAME_R_A = 0x68F
+ SYS___WCWIDTH_ASIA = 0x68B
+ SYS___WCWIDTH_STD_A = 0x68A
+ SYS_FOPEN = 0x069
+ SYS___REGEXEC_A = 0x69A
+ SYS___REGEXEC_STD_A = 0x69B
+ SYS___REGFREE_A = 0x69C
+ SYS___REGFREE_STD_A = 0x69D
+ SYS___STRCOLL_A = 0x69E
+ SYS___STRCOLL_C_A = 0x69F
+ SYS_SCANF = 0x070
+ SYS___A64L_A = 0x70C
+ SYS___ECVT_A = 0x70D
+ SYS___FCVT_A = 0x70E
+ SYS___GCVT_A = 0x70F
+ SYS___STRTOUL_A = 0x70A
+ SYS_____AE_CORRESTBL_QUERY_A = 0x70B
+ SYS_SPRINTF = 0x071
+ SYS___ACCESS_A = 0x71F
+ SYS___CATOPEN_A = 0x71E
+ SYS___GETOPT_A = 0x71D
+ SYS___REALPATH_A = 0x71A
+ SYS___SETENV_A = 0x71B
+ SYS___SYSTEM_A = 0x71C
+ SYS_FGETC = 0x072
+ SYS___GAI_STRERROR_A = 0x72F
+ SYS___RMDIR_A = 0x72A
+ SYS___STATVFS_A = 0x72B
+ SYS___SYMLINK_A = 0x72C
+ SYS___TRUNCATE_A = 0x72D
+ SYS___UNLINK_A = 0x72E
+ SYS_VFPRINTF = 0x073
+ SYS___ISSPACE_A = 0x73A
+ SYS___ISUPPER_A = 0x73B
+ SYS___ISWALNUM_A = 0x73F
+ SYS___ISXDIGIT_A = 0x73C
+ SYS___TOLOWER_A = 0x73D
+ SYS___TOUPPER_A = 0x73E
+ SYS_VPRINTF = 0x074
+ SYS___CONFSTR_A = 0x74B
+ SYS___FDOPEN_A = 0x74E
+ SYS___FLDATA_A = 0x74F
+ SYS___FTOK_A = 0x74C
+ SYS___ISWXDIGIT_A = 0x74A
+ SYS___MKTEMP_A = 0x74D
+ SYS_VSPRINTF = 0x075
+ SYS___GETGRGID_A = 0x75A
+ SYS___GETGRNAM_A = 0x75B
+ SYS___GETGROUPSBYNAME_A = 0x75C
+ SYS___GETHOSTENT_A = 0x75D
+ SYS___GETHOSTNAME_A = 0x75E
+ SYS___GETLOGIN_A = 0x75F
+ SYS_GETC = 0x076
+ SYS___CREATEWORKUNIT_A = 0x76A
+ SYS___CTERMID_A = 0x76B
+ SYS___FMTMSG_A = 0x76C
+ SYS___INITGROUPS_A = 0x76D
+ SYS___MSGRCV_A = 0x76F
+ SYS_____LOGIN_A = 0x76E
+ SYS_FGETS = 0x077
+ SYS___STRCASECMP_A = 0x77B
+ SYS___STRNCASECMP_A = 0x77C
+ SYS___TTYNAME_A = 0x77D
+ SYS___UNAME_A = 0x77E
+ SYS___UTIMES_A = 0x77F
+ SYS_____SERVER_PWU_A = 0x77A
+ SYS_FPUTC = 0x078
+ SYS___CREAT_O_A = 0x78E
+ SYS___ENVNA = 0x78F
+ SYS___FREAD_A = 0x78A
+ SYS___FWRITE_A = 0x78B
+ SYS___ISASCII = 0x78D
+ SYS___OPEN_O_A = 0x78C
+ SYS_FPUTS = 0x079
+ SYS___ASCTIME_A = 0x79C
+ SYS___CTIME_A = 0x79D
+ SYS___GETDATE_A = 0x79E
+ SYS___GETSERVBYPORT_A = 0x79A
+ SYS___GETSERVENT_A = 0x79B
+ SYS___TZSET_A = 0x79F
+ SYS_ACL_FROM_TEXT = 0x80C
+ SYS_ACL_SET_FD = 0x80A
+ SYS_ACL_SET_FILE = 0x80B
+ SYS_ACL_SORT = 0x80E
+ SYS_ACL_TO_TEXT = 0x80D
+ SYS_UNGETC = 0x080
+ SYS___SHUTDOWN_REGISTRATION = 0x80F
+ SYS_FREAD = 0x081
+ SYS_FREEADDRINFO = 0x81A
+ SYS_GAI_STRERROR = 0x81B
+ SYS_REXEC_AF = 0x81C
+ SYS___DYNALLOC_A = 0x81F
+ SYS___POE = 0x81D
+ SYS_WCSTOMBS = 0x082
+ SYS___INET_ADDR_A = 0x82F
+ SYS___NLIST_A = 0x82A
+ SYS_____TCGETCP_A = 0x82B
+ SYS_____TCSETCP_A = 0x82C
+ SYS_____W_PIOCTL_A = 0x82E
+ SYS_MBTOWC = 0x083
+ SYS___CABEND = 0x83D
+ SYS___LE_CIB_GET = 0x83E
+ SYS___RECVMSG_A = 0x83B
+ SYS___SENDMSG_A = 0x83A
+ SYS___SET_LAA_FOR_JIT = 0x83F
+ SYS_____LCHATTR_A = 0x83C
+ SYS_WCTOMB = 0x084
+ SYS___CBRTL_B = 0x84A
+ SYS___COPYSIGNF_B = 0x84B
+ SYS___COPYSIGNL_B = 0x84C
+ SYS___COTANF_B = 0x84D
+ SYS___COTANL_B = 0x84F
+ SYS___COTAN_B = 0x84E
+ SYS_MBSTOWCS = 0x085
+ SYS___LOG1PL_B = 0x85A
+ SYS___LOG2F_B = 0x85B
+ SYS___LOG2L_B = 0x85D
+ SYS___LOG2_B = 0x85C
+ SYS___REMAINDERF_B = 0x85E
+ SYS___REMAINDERL_B = 0x85F
+ SYS_ACOSHF = 0x86E
+ SYS_ACOSHL = 0x86F
+ SYS_WCSCPY = 0x086
+ SYS___ERFCF_B = 0x86D
+ SYS___ERFF_B = 0x86C
+ SYS___LROUNDF_B = 0x86A
+ SYS___LROUND_B = 0x86B
+ SYS_COTANL = 0x87A
+ SYS_EXP2F = 0x87B
+ SYS_EXP2L = 0x87C
+ SYS_EXPM1F = 0x87D
+ SYS_EXPM1L = 0x87E
+ SYS_FDIMF = 0x87F
+ SYS_WCSCAT = 0x087
+ SYS___COTANL = 0x87A
+ SYS_REMAINDERF = 0x88A
+ SYS_REMAINDERL = 0x88B
+ SYS_REMAINDF = 0x88A
+ SYS_REMAINDL = 0x88B
+ SYS_REMQUO = 0x88D
+ SYS_REMQUOF = 0x88C
+ SYS_REMQUOL = 0x88E
+ SYS_TGAMMAF = 0x88F
+ SYS_WCSCHR = 0x088
+ SYS_ERFCF = 0x89B
+ SYS_ERFCL = 0x89C
+ SYS_ERFL = 0x89A
+ SYS_EXP2 = 0x89E
+ SYS_WCSCMP = 0x089
+ SYS___EXP2_B = 0x89D
+ SYS___FAR_JUMP = 0x89F
+ SYS_ABS = 0x090
+ SYS___ERFCL_H = 0x90A
+ SYS___EXPF_H = 0x90C
+ SYS___EXPL_H = 0x90D
+ SYS___EXPM1_H = 0x90E
+ SYS___EXP_H = 0x90B
+ SYS___FDIM_H = 0x90F
+ SYS_DIV = 0x091
+ SYS___LOG2F_H = 0x91F
+ SYS___LOG2_H = 0x91E
+ SYS___LOGB_H = 0x91D
+ SYS___LOGF_H = 0x91B
+ SYS___LOGL_H = 0x91C
+ SYS___LOG_H = 0x91A
+ SYS_LABS = 0x092
+ SYS___POWL_H = 0x92A
+ SYS___REMAINDER_H = 0x92B
+ SYS___RINT_H = 0x92C
+ SYS___SCALB_H = 0x92D
+ SYS___SINF_H = 0x92F
+ SYS___SIN_H = 0x92E
+ SYS_STRNCPY = 0x093
+ SYS___TANHF_H = 0x93B
+ SYS___TANHL_H = 0x93C
+ SYS___TANH_H = 0x93A
+ SYS___TGAMMAF_H = 0x93E
+ SYS___TGAMMA_H = 0x93D
+ SYS___TRUNC_H = 0x93F
+ SYS_MEMCPY = 0x094
+ SYS_VFWSCANF = 0x94A
+ SYS_VSWSCANF = 0x94E
+ SYS_VWSCANF = 0x94C
+ SYS_INET6_RTH_ADD = 0x95D
+ SYS_INET6_RTH_INIT = 0x95C
+ SYS_INET6_RTH_REVERSE = 0x95E
+ SYS_INET6_RTH_SEGMENTS = 0x95F
+ SYS_INET6_RTH_SPACE = 0x95B
+ SYS_MEMMOVE = 0x095
+ SYS_WCSTOLD = 0x95A
+ SYS_STRCPY = 0x096
+ SYS_STRCMP = 0x097
+ SYS_CABS = 0x98E
+ SYS_STRCAT = 0x098
+ SYS___CABS_B = 0x98F
+ SYS___POW_II = 0x98A
+ SYS___POW_II_B = 0x98B
+ SYS___POW_II_H = 0x98C
+ SYS_CACOSF = 0x99A
+ SYS_CACOSL = 0x99D
+ SYS_STRNCAT = 0x099
+ SYS___CACOSF_B = 0x99B
+ SYS___CACOSF_H = 0x99C
+ SYS___CACOSL_B = 0x99E
+ SYS___CACOSL_H = 0x99F
+ SYS_ISWALPHA = 0x100
+ SYS_ISWBLANK = 0x101
+ SYS___ISWBLK = 0x101
+ SYS_ISWCNTRL = 0x102
+ SYS_ISWDIGIT = 0x103
+ SYS_ISWGRAPH = 0x104
+ SYS_ISWLOWER = 0x105
+ SYS_ISWPRINT = 0x106
+ SYS_ISWPUNCT = 0x107
+ SYS_ISWSPACE = 0x108
+ SYS_ISWUPPER = 0x109
+ SYS_WCTOB = 0x110
+ SYS_MBRLEN = 0x111
+ SYS_MBRTOWC = 0x112
+ SYS_MBSRTOWC = 0x113
+ SYS_MBSRTOWCS = 0x113
+ SYS_WCRTOMB = 0x114
+ SYS_WCSRTOMB = 0x115
+ SYS_WCSRTOMBS = 0x115
+ SYS___CSID = 0x116
+ SYS___WCSID = 0x117
+ SYS_STRPTIME = 0x118
+ SYS___STRPTM = 0x118
+ SYS_STRFMON = 0x119
+ SYS_WCSCOLL = 0x130
+ SYS_WCSXFRM = 0x131
+ SYS_WCSWIDTH = 0x132
+ SYS_WCWIDTH = 0x133
+ SYS_WCSFTIME = 0x134
+ SYS_SWPRINTF = 0x135
+ SYS_VSWPRINT = 0x136
+ SYS_VSWPRINTF = 0x136
+ SYS_SWSCANF = 0x137
+ SYS_REGCOMP = 0x138
+ SYS_REGEXEC = 0x139
+ SYS_GETWC = 0x140
+ SYS_GETWCHAR = 0x141
+ SYS_PUTWC = 0x142
+ SYS_PUTWCHAR = 0x143
+ SYS_UNGETWC = 0x144
+ SYS_ICONV_OPEN = 0x145
+ SYS_ICONV = 0x146
+ SYS_ICONV_CLOSE = 0x147
+ SYS_COLLRANGE = 0x150
+ SYS_CCLASS = 0x151
+ SYS_COLLORDER = 0x152
+ SYS___DEMANGLE = 0x154
+ SYS_FDOPEN = 0x155
+ SYS___ERRNO = 0x156
+ SYS___ERRNO2 = 0x157
+ SYS___TERROR = 0x158
+ SYS_MAXCOLL = 0x169
+ SYS_DLLLOAD = 0x170
+ SYS__EXIT = 0x174
+ SYS_ACCESS = 0x175
+ SYS_ALARM = 0x176
+ SYS_CFGETISPEED = 0x177
+ SYS_CFGETOSPEED = 0x178
+ SYS_CFSETISPEED = 0x179
+ SYS_CREAT = 0x180
+ SYS_CTERMID = 0x181
+ SYS_DUP = 0x182
+ SYS_DUP2 = 0x183
+ SYS_EXECL = 0x184
+ SYS_EXECLE = 0x185
+ SYS_EXECLP = 0x186
+ SYS_EXECV = 0x187
+ SYS_EXECVE = 0x188
+ SYS_EXECVP = 0x189
+ SYS_FSTAT = 0x190
+ SYS_FSYNC = 0x191
+ SYS_FTRUNCATE = 0x192
+ SYS_GETCWD = 0x193
+ SYS_GETEGID = 0x194
+ SYS_GETEUID = 0x195
+ SYS_GETGID = 0x196
+ SYS_GETGRGID = 0x197
+ SYS_GETGRNAM = 0x198
+ SYS_GETGROUPS = 0x199
+ SYS_PTHREAD_MUTEXATTR_DESTROY = 0x200
+ SYS_PTHREAD_MUTEXATTR_SETKIND_NP = 0x201
+ SYS_PTHREAD_MUTEXATTR_GETKIND_NP = 0x202
+ SYS_PTHREAD_MUTEX_INIT = 0x203
+ SYS_PTHREAD_MUTEX_DESTROY = 0x204
+ SYS_PTHREAD_MUTEX_LOCK = 0x205
+ SYS_PTHREAD_MUTEX_TRYLOCK = 0x206
+ SYS_PTHREAD_MUTEX_UNLOCK = 0x207
+ SYS_PTHREAD_ONCE = 0x209
+ SYS_TW_OPEN = 0x210
+ SYS_TW_FCNTL = 0x211
+ SYS_PTHREAD_JOIN_D4_NP = 0x212
+ SYS_PTHREAD_CONDATTR_SETKIND_NP = 0x213
+ SYS_PTHREAD_CONDATTR_GETKIND_NP = 0x214
+ SYS_EXTLINK_NP = 0x215
+ SYS___PASSWD = 0x216
+ SYS_SETGROUPS = 0x217
+ SYS_INITGROUPS = 0x218
+ SYS_WCSRCHR = 0x240
+ SYS_SVC99 = 0x241
+ SYS___SVC99 = 0x241
+ SYS_WCSWCS = 0x242
+ SYS_LOCALECO = 0x243
+ SYS_LOCALECONV = 0x243
+ SYS___LIBREL = 0x244
+ SYS_RELEASE = 0x245
+ SYS___RLSE = 0x245
+ SYS_FLOCATE = 0x246
+ SYS___FLOCT = 0x246
+ SYS_FDELREC = 0x247
+ SYS___FDLREC = 0x247
+ SYS_FETCH = 0x248
+ SYS___FETCH = 0x248
+ SYS_QSORT = 0x249
+ SYS___CLEANUPCATCH = 0x260
+ SYS___CATCHMATCH = 0x261
+ SYS___CLEAN2UPCATCH = 0x262
+ SYS_GETPRIORITY = 0x270
+ SYS_NICE = 0x271
+ SYS_SETPRIORITY = 0x272
+ SYS_GETITIMER = 0x273
+ SYS_SETITIMER = 0x274
+ SYS_MSGCTL = 0x275
+ SYS_MSGGET = 0x276
+ SYS_MSGRCV = 0x277
+ SYS_MSGSND = 0x278
+ SYS_MSGXRCV = 0x279
+ SYS___MSGXR = 0x279
+ SYS_SHMGET = 0x280
+ SYS___GETIPC = 0x281
+ SYS_SETGRENT = 0x282
+ SYS_GETGRENT = 0x283
+ SYS_ENDGRENT = 0x284
+ SYS_SETPWENT = 0x285
+ SYS_GETPWENT = 0x286
+ SYS_ENDPWENT = 0x287
+ SYS_BSD_SIGNAL = 0x288
+ SYS_KILLPG = 0x289
+ SYS_SIGSET = 0x290
+ SYS_SIGSTACK = 0x291
+ SYS_GETRLIMIT = 0x292
+ SYS_SETRLIMIT = 0x293
+ SYS_GETRUSAGE = 0x294
+ SYS_MMAP = 0x295
+ SYS_MPROTECT = 0x296
+ SYS_MSYNC = 0x297
+ SYS_MUNMAP = 0x298
+ SYS_CONFSTR = 0x299
+ SYS___NDMTRM = 0x300
+ SYS_FTOK = 0x301
+ SYS_BASENAME = 0x302
+ SYS_DIRNAME = 0x303
+ SYS_GETDTABLESIZE = 0x304
+ SYS_MKSTEMP = 0x305
+ SYS_MKTEMP = 0x306
+ SYS_NFTW = 0x307
+ SYS_GETWD = 0x308
+ SYS_LOCKF = 0x309
+ SYS_WORDEXP = 0x310
+ SYS_WORDFREE = 0x311
+ SYS_GETPGID = 0x312
+ SYS_GETSID = 0x313
+ SYS___UTMPXNAME = 0x314
+ SYS_CUSERID = 0x315
+ SYS_GETPASS = 0x316
+ SYS_FNMATCH = 0x317
+ SYS_FTW = 0x318
+ SYS_GETW = 0x319
+ SYS_ACOSH = 0x320
+ SYS_ASINH = 0x321
+ SYS_ATANH = 0x322
+ SYS_CBRT = 0x323
+ SYS_EXPM1 = 0x324
+ SYS_ILOGB = 0x325
+ SYS_LOGB = 0x326
+ SYS_LOG1P = 0x327
+ SYS_NEXTAFTER = 0x328
+ SYS_RINT = 0x329
+ SYS_SPAWN = 0x330
+ SYS_SPAWNP = 0x331
+ SYS_GETLOGIN_UU = 0x332
+ SYS_ECVT = 0x333
+ SYS_FCVT = 0x334
+ SYS_GCVT = 0x335
+ SYS_ACCEPT = 0x336
+ SYS_BIND = 0x337
+ SYS_CONNECT = 0x338
+ SYS_ENDHOSTENT = 0x339
+ SYS_GETHOSTENT = 0x340
+ SYS_GETHOSTID = 0x341
+ SYS_GETHOSTNAME = 0x342
+ SYS_GETNETBYADDR = 0x343
+ SYS_GETNETBYNAME = 0x344
+ SYS_GETNETENT = 0x345
+ SYS_GETPEERNAME = 0x346
+ SYS_GETPROTOBYNAME = 0x347
+ SYS_GETPROTOBYNUMBER = 0x348
+ SYS_GETPROTOENT = 0x349
+ SYS_INET_LNAOF = 0x350
+ SYS_INET_MAKEADDR = 0x351
+ SYS_INET_NETOF = 0x352
+ SYS_INET_NETWORK = 0x353
+ SYS_INET_NTOA = 0x354
+ SYS_IOCTL = 0x355
+ SYS_LISTEN = 0x356
+ SYS_READV = 0x357
+ SYS_RECV = 0x358
+ SYS_RECVFROM = 0x359
+ SYS_SETHOSTENT = 0x360
+ SYS_SETNETENT = 0x361
+ SYS_SETPEER = 0x362
+ SYS_SETPROTOENT = 0x363
+ SYS_SETSERVENT = 0x364
+ SYS_SETSOCKOPT = 0x365
+ SYS_SHUTDOWN = 0x366
+ SYS_SOCKET = 0x367
+ SYS_SOCKETPAIR = 0x368
+ SYS_WRITEV = 0x369
+ SYS_ENDNETENT = 0x370
+ SYS_CLOSELOG = 0x371
+ SYS_OPENLOG = 0x372
+ SYS_SETLOGMASK = 0x373
+ SYS_SYSLOG = 0x374
+ SYS_PTSNAME = 0x375
+ SYS_SETREUID = 0x376
+ SYS_SETREGID = 0x377
+ SYS_REALPATH = 0x378
+ SYS___SIGNGAM = 0x379
+ SYS_POLL = 0x380
+ SYS_REXEC = 0x381
+ SYS___ISASCII2 = 0x382
+ SYS___TOASCII2 = 0x383
+ SYS_CHPRIORITY = 0x384
+ SYS_PTHREAD_ATTR_SETSYNCTYPE_NP = 0x385
+ SYS_PTHREAD_ATTR_GETSYNCTYPE_NP = 0x386
+ SYS_PTHREAD_SET_LIMIT_NP = 0x387
+ SYS___STNETENT = 0x388
+ SYS___STPROTOENT = 0x389
+ SYS___SELECT1 = 0x390
+ SYS_PTHREAD_SECURITY_NP = 0x391
+ SYS___CHECK_RESOURCE_AUTH_NP = 0x392
+ SYS___CONVERT_ID_NP = 0x393
+ SYS___OPENVMREL = 0x394
+ SYS_WMEMCHR = 0x395
+ SYS_WMEMCMP = 0x396
+ SYS_WMEMCPY = 0x397
+ SYS_WMEMMOVE = 0x398
+ SYS_WMEMSET = 0x399
+ SYS___FPUTWC = 0x400
+ SYS___PUTWC = 0x401
+ SYS___PWCHAR = 0x402
+ SYS___WCSFTM = 0x403
+ SYS___WCSTOK = 0x404
+ SYS___WCWDTH = 0x405
+ SYS_T_ACCEPT = 0x409
+ SYS_T_GETINFO = 0x410
+ SYS_T_GETPROTADDR = 0x411
+ SYS_T_GETSTATE = 0x412
+ SYS_T_LISTEN = 0x413
+ SYS_T_LOOK = 0x414
+ SYS_T_OPEN = 0x415
+ SYS_T_OPTMGMT = 0x416
+ SYS_T_RCV = 0x417
+ SYS_T_RCVCONNECT = 0x418
+ SYS_T_RCVDIS = 0x419
+ SYS_T_SNDUDATA = 0x420
+ SYS_T_STRERROR = 0x421
+ SYS_T_SYNC = 0x422
+ SYS_T_UNBIND = 0x423
+ SYS___T_ERRNO = 0x424
+ SYS___RECVMSG2 = 0x425
+ SYS___SENDMSG2 = 0x426
+ SYS_FATTACH = 0x427
+ SYS_FDETACH = 0x428
+ SYS_GETMSG = 0x429
+ SYS_GETCONTEXT = 0x430
+ SYS_SETCONTEXT = 0x431
+ SYS_MAKECONTEXT = 0x432
+ SYS_SWAPCONTEXT = 0x433
+ SYS_PTHREAD_GETSPECIFIC_D8_NP = 0x434
+ SYS_GETCLIENTID = 0x470
+ SYS___GETCLIENTID = 0x471
+ SYS_GETSTABLESIZE = 0x472
+ SYS_GETIBMOPT = 0x473
+ SYS_GETIBMSOCKOPT = 0x474
+ SYS_GIVESOCKET = 0x475
+ SYS_IBMSFLUSH = 0x476
+ SYS_MAXDESC = 0x477
+ SYS_SETIBMOPT = 0x478
+ SYS_SETIBMSOCKOPT = 0x479
+ SYS___SERVER_PWU = 0x480
+ SYS_PTHREAD_TAG_NP = 0x481
+ SYS___CONSOLE = 0x482
+ SYS___WSINIT = 0x483
+ SYS___IPTCPN = 0x489
+ SYS___SERVER_CLASSIFY = 0x490
+ SYS___HEAPRPT = 0x496
+ SYS___ISBFP = 0x500
+ SYS___FP_CAST = 0x501
+ SYS___CERTIFICATE = 0x502
+ SYS_SEND_FILE = 0x503
+ SYS_AIO_CANCEL = 0x504
+ SYS_AIO_ERROR = 0x505
+ SYS_AIO_READ = 0x506
+ SYS_AIO_RETURN = 0x507
+ SYS_AIO_SUSPEND = 0x508
+ SYS_AIO_WRITE = 0x509
+ SYS_PTHREAD_RWLOCK_TRYWRLOCK = 0x510
+ SYS_PTHREAD_RWLOCK_UNLOCK = 0x511
+ SYS_PTHREAD_RWLOCK_WRLOCK = 0x512
+ SYS_PTHREAD_RWLOCKATTR_GETPSHARED = 0x513
+ SYS_PTHREAD_RWLOCKATTR_SETPSHARED = 0x514
+ SYS_PTHREAD_RWLOCKATTR_INIT = 0x515
+ SYS_PTHREAD_RWLOCKATTR_DESTROY = 0x516
+ SYS___CTTBL = 0x517
+ SYS_PTHREAD_MUTEXATTR_SETTYPE = 0x518
+ SYS_PTHREAD_MUTEXATTR_GETTYPE = 0x519
+ SYS___FP_UNORDERED = 0x520
+ SYS___FP_READ_RND = 0x521
+ SYS___FP_READ_RND_B = 0x522
+ SYS___FP_SWAP_RND = 0x523
+ SYS___FP_SWAP_RND_B = 0x524
+ SYS___FP_LEVEL = 0x525
+ SYS___FP_BTOH = 0x526
+ SYS___FP_HTOB = 0x527
+ SYS___FPC_RD = 0x528
+ SYS___FPC_WR = 0x529
+ SYS_PTHREAD_SETCANCELTYPE = 0x600
+ SYS_PTHREAD_TESTCANCEL = 0x601
+ SYS___ATANF_B = 0x602
+ SYS___ATANL_B = 0x603
+ SYS___CEILF_B = 0x604
+ SYS___CEILL_B = 0x605
+ SYS___COSF_B = 0x606
+ SYS___COSL_B = 0x607
+ SYS___FABSF_B = 0x608
+ SYS___FABSL_B = 0x609
+ SYS___SINF_B = 0x610
+ SYS___SINL_B = 0x611
+ SYS___TANF_B = 0x612
+ SYS___TANL_B = 0x613
+ SYS___TANHF_B = 0x614
+ SYS___TANHL_B = 0x615
+ SYS___ACOSF_B = 0x616
+ SYS___ACOSL_B = 0x617
+ SYS___ASINF_B = 0x618
+ SYS___ASINL_B = 0x619
+ SYS___LOGF_B = 0x620
+ SYS___LOGL_B = 0x621
+ SYS___LOG10F_B = 0x622
+ SYS___LOG10L_B = 0x623
+ SYS___POWF_B = 0x624
+ SYS___POWL_B = 0x625
+ SYS___SINHF_B = 0x626
+ SYS___SINHL_B = 0x627
+ SYS___SQRTF_B = 0x628
+ SYS___SQRTL_B = 0x629
+ SYS___MODFL_B = 0x630
+ SYS_ABSF = 0x631
+ SYS_ABSL = 0x632
+ SYS_ACOSF = 0x633
+ SYS_ACOSL = 0x634
+ SYS_ASINF = 0x635
+ SYS_ASINL = 0x636
+ SYS_ATAN2F = 0x637
+ SYS_ATAN2L = 0x638
+ SYS_ATANF = 0x639
+ SYS_COSHL = 0x640
+ SYS_EXPF = 0x641
+ SYS_EXPL = 0x642
+ SYS_TANHF = 0x643
+ SYS_TANHL = 0x644
+ SYS_LOG10F = 0x645
+ SYS_LOG10L = 0x646
+ SYS_LOGF = 0x647
+ SYS_LOGL = 0x648
+ SYS_POWF = 0x649
+ SYS_SINHL = 0x650
+ SYS_TANF = 0x651
+ SYS_TANL = 0x652
+ SYS_FABSF = 0x653
+ SYS_FABSL = 0x654
+ SYS_FLOORF = 0x655
+ SYS_FLOORL = 0x656
+ SYS_FMODF = 0x657
+ SYS_FMODL = 0x658
+ SYS_FREXPF = 0x659
+ SYS___CHATTR = 0x660
+ SYS___FCHATTR = 0x661
+ SYS___TOCCSID = 0x662
+ SYS___CSNAMETYPE = 0x663
+ SYS___TOCSNAME = 0x664
+ SYS___CCSIDTYPE = 0x665
+ SYS___AE_CORRESTBL_QUERY = 0x666
+ SYS___AE_AUTOCONVERT_STATE = 0x667
+ SYS_DN_FIND = 0x668
+ SYS___GETHOSTBYADDR_A = 0x669
+ SYS___MBLEN_SB_A = 0x670
+ SYS___MBLEN_STD_A = 0x671
+ SYS___MBLEN_UTF = 0x672
+ SYS___MBSTOWCS_A = 0x673
+ SYS___MBSTOWCS_STD_A = 0x674
+ SYS___MBTOWC_A = 0x675
+ SYS___MBTOWC_ISO1 = 0x676
+ SYS___MBTOWC_SBCS = 0x677
+ SYS___MBTOWC_MBCS = 0x678
+ SYS___MBTOWC_UTF = 0x679
+ SYS___CSID_A = 0x680
+ SYS___CSID_STD_A = 0x681
+ SYS___WCSID_A = 0x682
+ SYS___WCSID_STD_A = 0x683
+ SYS___WCTOMB_A = 0x684
+ SYS___WCTOMB_ISO1 = 0x685
+ SYS___WCTOMB_STD_A = 0x686
+ SYS___WCTOMB_UTF = 0x687
+ SYS___WCWIDTH_A = 0x688
+ SYS___GETGRNAM_R_A = 0x689
+ SYS___READDIR_R_A = 0x690
+ SYS___E2A_S = 0x691
+ SYS___FNMATCH_A = 0x692
+ SYS___FNMATCH_C_A = 0x693
+ SYS___EXECL_A = 0x694
+ SYS___FNMATCH_STD_A = 0x695
+ SYS___REGCOMP_A = 0x696
+ SYS___REGCOMP_STD_A = 0x697
+ SYS___REGERROR_A = 0x698
+ SYS___REGERROR_STD_A = 0x699
+ SYS___SWPRINTF_A = 0x700
+ SYS___FSCANF_A = 0x701
+ SYS___SCANF_A = 0x702
+ SYS___SSCANF_A = 0x703
+ SYS___SWSCANF_A = 0x704
+ SYS___ATOF_A = 0x705
+ SYS___ATOI_A = 0x706
+ SYS___ATOL_A = 0x707
+ SYS___STRTOD_A = 0x708
+ SYS___STRTOL_A = 0x709
+ SYS___L64A_A = 0x710
+ SYS___STRERROR_A = 0x711
+ SYS___PERROR_A = 0x712
+ SYS___FETCH_A = 0x713
+ SYS___GETENV_A = 0x714
+ SYS___MKSTEMP_A = 0x717
+ SYS___PTSNAME_A = 0x718
+ SYS___PUTENV_A = 0x719
+ SYS___CHDIR_A = 0x720
+ SYS___CHOWN_A = 0x721
+ SYS___CHROOT_A = 0x722
+ SYS___GETCWD_A = 0x723
+ SYS___GETWD_A = 0x724
+ SYS___LCHOWN_A = 0x725
+ SYS___LINK_A = 0x726
+ SYS___PATHCONF_A = 0x727
+ SYS___IF_NAMEINDEX_A = 0x728
+ SYS___READLINK_A = 0x729
+ SYS___EXTLINK_NP_A = 0x730
+ SYS___ISALNUM_A = 0x731
+ SYS___ISALPHA_A = 0x732
+ SYS___A2E_S = 0x733
+ SYS___ISCNTRL_A = 0x734
+ SYS___ISDIGIT_A = 0x735
+ SYS___ISGRAPH_A = 0x736
+ SYS___ISLOWER_A = 0x737
+ SYS___ISPRINT_A = 0x738
+ SYS___ISPUNCT_A = 0x739
+ SYS___ISWALPHA_A = 0x740
+ SYS___A2E_L = 0x741
+ SYS___ISWCNTRL_A = 0x742
+ SYS___ISWDIGIT_A = 0x743
+ SYS___ISWGRAPH_A = 0x744
+ SYS___ISWLOWER_A = 0x745
+ SYS___ISWPRINT_A = 0x746
+ SYS___ISWPUNCT_A = 0x747
+ SYS___ISWSPACE_A = 0x748
+ SYS___ISWUPPER_A = 0x749
+ SYS___REMOVE_A = 0x750
+ SYS___RENAME_A = 0x751
+ SYS___TMPNAM_A = 0x752
+ SYS___FOPEN_A = 0x753
+ SYS___FREOPEN_A = 0x754
+ SYS___CUSERID_A = 0x755
+ SYS___POPEN_A = 0x756
+ SYS___TEMPNAM_A = 0x757
+ SYS___FTW_A = 0x758
+ SYS___GETGRENT_A = 0x759
+ SYS___INET_NTOP_A = 0x760
+ SYS___GETPASS_A = 0x761
+ SYS___GETPWENT_A = 0x762
+ SYS___GETPWNAM_A = 0x763
+ SYS___GETPWUID_A = 0x764
+ SYS_____CHECK_RESOURCE_AUTH_NP_A = 0x765
+ SYS___CHECKSCHENV_A = 0x766
+ SYS___CONNECTSERVER_A = 0x767
+ SYS___CONNECTWORKMGR_A = 0x768
+ SYS_____CONSOLE_A = 0x769
+ SYS___MSGSND_A = 0x770
+ SYS___MSGXRCV_A = 0x771
+ SYS___NFTW_A = 0x772
+ SYS_____PASSWD_A = 0x773
+ SYS___PTHREAD_SECURITY_NP_A = 0x774
+ SYS___QUERYMETRICS_A = 0x775
+ SYS___QUERYSCHENV = 0x776
+ SYS___READV_A = 0x777
+ SYS_____SERVER_CLASSIFY_A = 0x778
+ SYS_____SERVER_INIT_A = 0x779
+ SYS___W_GETPSENT_A = 0x780
+ SYS___WRITEV_A = 0x781
+ SYS___W_STATFS_A = 0x782
+ SYS___W_STATVFS_A = 0x783
+ SYS___FPUTC_A = 0x784
+ SYS___PUTCHAR_A = 0x785
+ SYS___PUTS_A = 0x786
+ SYS___FGETS_A = 0x787
+ SYS___GETS_A = 0x788
+ SYS___FPUTS_A = 0x789
+ SYS___PUTC_A = 0x790
+ SYS___AE_THREAD_SETMODE = 0x791
+ SYS___AE_THREAD_SWAPMODE = 0x792
+ SYS___GETNETBYADDR_A = 0x793
+ SYS___GETNETBYNAME_A = 0x794
+ SYS___GETNETENT_A = 0x795
+ SYS___GETPROTOBYNAME_A = 0x796
+ SYS___GETPROTOBYNUMBER_A = 0x797
+ SYS___GETPROTOENT_A = 0x798
+ SYS___GETSERVBYNAME_A = 0x799
+ SYS_ACL_FIRST_ENTRY = 0x800
+ SYS_ACL_GET_ENTRY = 0x801
+ SYS_ACL_VALID = 0x802
+ SYS_ACL_CREATE_ENTRY = 0x803
+ SYS_ACL_DELETE_ENTRY = 0x804
+ SYS_ACL_UPDATE_ENTRY = 0x805
+ SYS_ACL_DELETE_FD = 0x806
+ SYS_ACL_DELETE_FILE = 0x807
+ SYS_ACL_GET_FD = 0x808
+ SYS_ACL_GET_FILE = 0x809
+ SYS___ERFL_B = 0x810
+ SYS___ERFCL_B = 0x811
+ SYS___LGAMMAL_B = 0x812
+ SYS___SETHOOKEVENTS = 0x813
+ SYS_IF_NAMETOINDEX = 0x814
+ SYS_IF_INDEXTONAME = 0x815
+ SYS_IF_NAMEINDEX = 0x816
+ SYS_IF_FREENAMEINDEX = 0x817
+ SYS_GETADDRINFO = 0x818
+ SYS_GETNAMEINFO = 0x819
+ SYS___DYNFREE_A = 0x820
+ SYS___RES_QUERY_A = 0x821
+ SYS___RES_SEARCH_A = 0x822
+ SYS___RES_QUERYDOMAIN_A = 0x823
+ SYS___RES_MKQUERY_A = 0x824
+ SYS___RES_SEND_A = 0x825
+ SYS___DN_EXPAND_A = 0x826
+ SYS___DN_SKIPNAME_A = 0x827
+ SYS___DN_COMP_A = 0x828
+ SYS___DN_FIND_A = 0x829
+ SYS___INET_NTOA_A = 0x830
+ SYS___INET_NETWORK_A = 0x831
+ SYS___ACCEPT_A = 0x832
+ SYS___ACCEPT_AND_RECV_A = 0x833
+ SYS___BIND_A = 0x834
+ SYS___CONNECT_A = 0x835
+ SYS___GETPEERNAME_A = 0x836
+ SYS___GETSOCKNAME_A = 0x837
+ SYS___RECVFROM_A = 0x838
+ SYS___SENDTO_A = 0x839
+ SYS___LCHATTR = 0x840
+ SYS___WRITEDOWN = 0x841
+ SYS_PTHREAD_MUTEX_INIT2 = 0x842
+ SYS___ACOSHF_B = 0x843
+ SYS___ACOSHL_B = 0x844
+ SYS___ASINHF_B = 0x845
+ SYS___ASINHL_B = 0x846
+ SYS___ATANHF_B = 0x847
+ SYS___ATANHL_B = 0x848
+ SYS___CBRTF_B = 0x849
+ SYS___EXP2F_B = 0x850
+ SYS___EXP2L_B = 0x851
+ SYS___EXPM1F_B = 0x852
+ SYS___EXPM1L_B = 0x853
+ SYS___FDIMF_B = 0x854
+ SYS___FDIM_B = 0x855
+ SYS___FDIML_B = 0x856
+ SYS___HYPOTF_B = 0x857
+ SYS___HYPOTL_B = 0x858
+ SYS___LOG1PF_B = 0x859
+ SYS___REMQUOF_B = 0x860
+ SYS___REMQUO_B = 0x861
+ SYS___REMQUOL_B = 0x862
+ SYS___TGAMMAF_B = 0x863
+ SYS___TGAMMA_B = 0x864
+ SYS___TGAMMAL_B = 0x865
+ SYS___TRUNCF_B = 0x866
+ SYS___TRUNC_B = 0x867
+ SYS___TRUNCL_B = 0x868
+ SYS___LGAMMAF_B = 0x869
+ SYS_ASINHF = 0x870
+ SYS_ASINHL = 0x871
+ SYS_ATANHF = 0x872
+ SYS_ATANHL = 0x873
+ SYS_CBRTF = 0x874
+ SYS_CBRTL = 0x875
+ SYS_COPYSIGNF = 0x876
+ SYS_CPYSIGNF = 0x876
+ SYS_COPYSIGNL = 0x877
+ SYS_CPYSIGNL = 0x877
+ SYS_COTANF = 0x878
+ SYS___COTANF = 0x878
+ SYS_COTAN = 0x879
+ SYS___COTAN = 0x879
+ SYS_FDIM = 0x881
+ SYS_FDIML = 0x882
+ SYS_HYPOTF = 0x883
+ SYS_HYPOTL = 0x884
+ SYS_LOG1PF = 0x885
+ SYS_LOG1PL = 0x886
+ SYS_LOG2F = 0x887
+ SYS_LOG2 = 0x888
+ SYS_LOG2L = 0x889
+ SYS_TGAMMA = 0x890
+ SYS_TGAMMAL = 0x891
+ SYS_TRUNCF = 0x892
+ SYS_TRUNC = 0x893
+ SYS_TRUNCL = 0x894
+ SYS_LGAMMAF = 0x895
+ SYS_LGAMMAL = 0x896
+ SYS_LROUNDF = 0x897
+ SYS_LROUND = 0x898
+ SYS_ERFF = 0x899
+ SYS___COSHF_H = 0x900
+ SYS___COSHL_H = 0x901
+ SYS___COTAN_H = 0x902
+ SYS___COTANF_H = 0x903
+ SYS___COTANL_H = 0x904
+ SYS___ERF_H = 0x905
+ SYS___ERFF_H = 0x906
+ SYS___ERFL_H = 0x907
+ SYS___ERFC_H = 0x908
+ SYS___ERFCF_H = 0x909
+ SYS___FDIMF_H = 0x910
+ SYS___FDIML_H = 0x911
+ SYS___FMOD_H = 0x912
+ SYS___FMODF_H = 0x913
+ SYS___FMODL_H = 0x914
+ SYS___GAMMA_H = 0x915
+ SYS___HYPOT_H = 0x916
+ SYS___ILOGB_H = 0x917
+ SYS___LGAMMA_H = 0x918
+ SYS___LGAMMAF_H = 0x919
+ SYS___LOG2L_H = 0x920
+ SYS___LOG1P_H = 0x921
+ SYS___LOG10_H = 0x922
+ SYS___LOG10F_H = 0x923
+ SYS___LOG10L_H = 0x924
+ SYS___LROUND_H = 0x925
+ SYS___LROUNDF_H = 0x926
+ SYS___NEXTAFTER_H = 0x927
+ SYS___POW_H = 0x928
+ SYS___POWF_H = 0x929
+ SYS___SINL_H = 0x930
+ SYS___SINH_H = 0x931
+ SYS___SINHF_H = 0x932
+ SYS___SINHL_H = 0x933
+ SYS___SQRT_H = 0x934
+ SYS___SQRTF_H = 0x935
+ SYS___SQRTL_H = 0x936
+ SYS___TAN_H = 0x937
+ SYS___TANF_H = 0x938
+ SYS___TANL_H = 0x939
+ SYS___TRUNCF_H = 0x940
+ SYS___TRUNCL_H = 0x941
+ SYS___COSH_H = 0x942
+ SYS___LE_DEBUG_SET_RESUME_MCH = 0x943
+ SYS_VFSCANF = 0x944
+ SYS_VSCANF = 0x946
+ SYS_VSSCANF = 0x948
+ SYS_IMAXABS = 0x950
+ SYS_IMAXDIV = 0x951
+ SYS_STRTOIMAX = 0x952
+ SYS_STRTOUMAX = 0x953
+ SYS_WCSTOIMAX = 0x954
+ SYS_WCSTOUMAX = 0x955
+ SYS_ATOLL = 0x956
+ SYS_STRTOF = 0x957
+ SYS_STRTOLD = 0x958
+ SYS_WCSTOF = 0x959
+ SYS_INET6_RTH_GETADDR = 0x960
+ SYS_INET6_OPT_INIT = 0x961
+ SYS_INET6_OPT_APPEND = 0x962
+ SYS_INET6_OPT_FINISH = 0x963
+ SYS_INET6_OPT_SET_VAL = 0x964
+ SYS_INET6_OPT_NEXT = 0x965
+ SYS_INET6_OPT_FIND = 0x966
+ SYS_INET6_OPT_GET_VAL = 0x967
+ SYS___POW_I = 0x987
+ SYS___POW_I_B = 0x988
+ SYS___POW_I_H = 0x989
+ SYS___CABS_H = 0x990
+ SYS_CABSF = 0x991
+ SYS___CABSF_B = 0x992
+ SYS___CABSF_H = 0x993
+ SYS_CABSL = 0x994
+ SYS___CABSL_B = 0x995
+ SYS___CABSL_H = 0x996
+ SYS_CACOS = 0x997
+ SYS___CACOS_B = 0x998
+ SYS___CACOS_H = 0x999
+)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
index 295859c5..7a8161c1 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
@@ -1,6 +1,7 @@
// cgo -godefs types_aix.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc && aix
// +build ppc,aix
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
index a9ee0ffd..07ed733c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_aix.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64 && aix
// +build ppc64,aix
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go
deleted file mode 100644
index 725b4bee..00000000
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_386.go
+++ /dev/null
@@ -1,516 +0,0 @@
-// cgo -godefs types_darwin.go | go run mkpost.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build 386,darwin
-
-package unix
-
-const (
- SizeofPtr = 0x4
- SizeofShort = 0x2
- SizeofInt = 0x4
- SizeofLong = 0x4
- SizeofLongLong = 0x8
-)
-
-type (
- _C_short int16
- _C_int int32
- _C_long int32
- _C_long_long int64
-)
-
-type Timespec struct {
- Sec int32
- Nsec int32
-}
-
-type Timeval struct {
- Sec int32
- Usec int32
-}
-
-type Timeval32 struct{}
-
-type Rusage struct {
- Utime Timeval
- Stime Timeval
- Maxrss int32
- Ixrss int32
- Idrss int32
- Isrss int32
- Minflt int32
- Majflt int32
- Nswap int32
- Inblock int32
- Oublock int32
- Msgsnd int32
- Msgrcv int32
- Nsignals int32
- Nvcsw int32
- Nivcsw int32
-}
-
-type Rlimit struct {
- Cur uint64
- Max uint64
-}
-
-type _Gid_t uint32
-
-type Stat_t struct {
- Dev int32
- Mode uint16
- Nlink uint16
- Ino uint64
- Uid uint32
- Gid uint32
- Rdev int32
- Atim Timespec
- Mtim Timespec
- Ctim Timespec
- Btim Timespec
- Size int64
- Blocks int64
- Blksize int32
- Flags uint32
- Gen uint32
- Lspare int32
- Qspare [2]int64
-}
-
-type Statfs_t struct {
- Bsize uint32
- Iosize int32
- Blocks uint64
- Bfree uint64
- Bavail uint64
- Files uint64
- Ffree uint64
- Fsid Fsid
- Owner uint32
- Type uint32
- Flags uint32
- Fssubtype uint32
- Fstypename [16]byte
- Mntonname [1024]byte
- Mntfromname [1024]byte
- Reserved [8]uint32
-}
-
-type Flock_t struct {
- Start int64
- Len int64
- Pid int32
- Type int16
- Whence int16
-}
-
-type Fstore_t struct {
- Flags uint32
- Posmode int32
- Offset int64
- Length int64
- Bytesalloc int64
-}
-
-type Radvisory_t struct {
- Offset int64
- Count int32
-}
-
-type Fbootstraptransfer_t struct {
- Offset int64
- Length uint32
- Buffer *byte
-}
-
-type Log2phys_t struct {
- Flags uint32
- Contigbytes int64
- Devoffset int64
-}
-
-type Fsid struct {
- Val [2]int32
-}
-
-type Dirent struct {
- Ino uint64
- Seekoff uint64
- Reclen uint16
- Namlen uint16
- Type uint8
- Name [1024]int8
- _ [3]byte
-}
-
-const (
- PathMax = 0x400
-)
-
-type RawSockaddrInet4 struct {
- Len uint8
- Family uint8
- Port uint16
- Addr [4]byte /* in_addr */
- Zero [8]int8
-}
-
-type RawSockaddrInet6 struct {
- Len uint8
- Family uint8
- Port uint16
- Flowinfo uint32
- Addr [16]byte /* in6_addr */
- Scope_id uint32
-}
-
-type RawSockaddrUnix struct {
- Len uint8
- Family uint8
- Path [104]int8
-}
-
-type RawSockaddrDatalink struct {
- Len uint8
- Family uint8
- Index uint16
- Type uint8
- Nlen uint8
- Alen uint8
- Slen uint8
- Data [12]int8
-}
-
-type RawSockaddr struct {
- Len uint8
- Family uint8
- Data [14]int8
-}
-
-type RawSockaddrAny struct {
- Addr RawSockaddr
- Pad [92]int8
-}
-
-type RawSockaddrCtl struct {
- Sc_len uint8
- Sc_family uint8
- Ss_sysaddr uint16
- Sc_id uint32
- Sc_unit uint32
- Sc_reserved [5]uint32
-}
-
-type _Socklen uint32
-
-type Linger struct {
- Onoff int32
- Linger int32
-}
-
-type Iovec struct {
- Base *byte
- Len uint32
-}
-
-type IPMreq struct {
- Multiaddr [4]byte /* in_addr */
- Interface [4]byte /* in_addr */
-}
-
-type IPv6Mreq struct {
- Multiaddr [16]byte /* in6_addr */
- Interface uint32
-}
-
-type Msghdr struct {
- Name *byte
- Namelen uint32
- Iov *Iovec
- Iovlen int32
- Control *byte
- Controllen uint32
- Flags int32
-}
-
-type Cmsghdr struct {
- Len uint32
- Level int32
- Type int32
-}
-
-type Inet4Pktinfo struct {
- Ifindex uint32
- Spec_dst [4]byte /* in_addr */
- Addr [4]byte /* in_addr */
-}
-
-type Inet6Pktinfo struct {
- Addr [16]byte /* in6_addr */
- Ifindex uint32
-}
-
-type IPv6MTUInfo struct {
- Addr RawSockaddrInet6
- Mtu uint32
-}
-
-type ICMPv6Filter struct {
- Filt [8]uint32
-}
-
-const (
- SizeofSockaddrInet4 = 0x10
- SizeofSockaddrInet6 = 0x1c
- SizeofSockaddrAny = 0x6c
- SizeofSockaddrUnix = 0x6a
- SizeofSockaddrDatalink = 0x14
- SizeofSockaddrCtl = 0x20
- SizeofLinger = 0x8
- SizeofIovec = 0x8
- SizeofIPMreq = 0x8
- SizeofIPv6Mreq = 0x14
- SizeofMsghdr = 0x1c
- SizeofCmsghdr = 0xc
- SizeofInet4Pktinfo = 0xc
- SizeofInet6Pktinfo = 0x14
- SizeofIPv6MTUInfo = 0x20
- SizeofICMPv6Filter = 0x20
-)
-
-const (
- PTRACE_TRACEME = 0x0
- PTRACE_CONT = 0x7
- PTRACE_KILL = 0x8
-)
-
-type Kevent_t struct {
- Ident uint32
- Filter int16
- Flags uint16
- Fflags uint32
- Data int32
- Udata *byte
-}
-
-type FdSet struct {
- Bits [32]int32
-}
-
-const (
- SizeofIfMsghdr = 0x70
- SizeofIfData = 0x60
- SizeofIfaMsghdr = 0x14
- SizeofIfmaMsghdr = 0x10
- SizeofIfmaMsghdr2 = 0x14
- SizeofRtMsghdr = 0x5c
- SizeofRtMetrics = 0x38
-)
-
-type IfMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Data IfData
-}
-
-type IfData struct {
- Type uint8
- Typelen uint8
- Physical uint8
- Addrlen uint8
- Hdrlen uint8
- Recvquota uint8
- Xmitquota uint8
- Unused1 uint8
- Mtu uint32
- Metric uint32
- Baudrate uint32
- Ipackets uint32
- Ierrors uint32
- Opackets uint32
- Oerrors uint32
- Collisions uint32
- Ibytes uint32
- Obytes uint32
- Imcasts uint32
- Omcasts uint32
- Iqdrops uint32
- Noproto uint32
- Recvtiming uint32
- Xmittiming uint32
- Lastchange Timeval
- Unused2 uint32
- Hwassist uint32
- Reserved1 uint32
- Reserved2 uint32
-}
-
-type IfaMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Metric int32
-}
-
-type IfmaMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- _ [2]byte
-}
-
-type IfmaMsghdr2 struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Refcount int32
-}
-
-type RtMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Index uint16
- Flags int32
- Addrs int32
- Pid int32
- Seq int32
- Errno int32
- Use int32
- Inits uint32
- Rmx RtMetrics
-}
-
-type RtMetrics struct {
- Locks uint32
- Mtu uint32
- Hopcount uint32
- Expire int32
- Recvpipe uint32
- Sendpipe uint32
- Ssthresh uint32
- Rtt uint32
- Rttvar uint32
- Pksent uint32
- State uint32
- Filler [3]uint32
-}
-
-const (
- SizeofBpfVersion = 0x4
- SizeofBpfStat = 0x8
- SizeofBpfProgram = 0x8
- SizeofBpfInsn = 0x8
- SizeofBpfHdr = 0x14
-)
-
-type BpfVersion struct {
- Major uint16
- Minor uint16
-}
-
-type BpfStat struct {
- Recv uint32
- Drop uint32
-}
-
-type BpfProgram struct {
- Len uint32
- Insns *BpfInsn
-}
-
-type BpfInsn struct {
- Code uint16
- Jt uint8
- Jf uint8
- K uint32
-}
-
-type BpfHdr struct {
- Tstamp Timeval
- Caplen uint32
- Datalen uint32
- Hdrlen uint16
- _ [2]byte
-}
-
-type Termios struct {
- Iflag uint32
- Oflag uint32
- Cflag uint32
- Lflag uint32
- Cc [20]uint8
- Ispeed uint32
- Ospeed uint32
-}
-
-type Winsize struct {
- Row uint16
- Col uint16
- Xpixel uint16
- Ypixel uint16
-}
-
-const (
- AT_FDCWD = -0x2
- AT_REMOVEDIR = 0x80
- AT_SYMLINK_FOLLOW = 0x40
- AT_SYMLINK_NOFOLLOW = 0x20
-)
-
-type PollFd struct {
- Fd int32
- Events int16
- Revents int16
-}
-
-const (
- POLLERR = 0x8
- POLLHUP = 0x10
- POLLIN = 0x1
- POLLNVAL = 0x20
- POLLOUT = 0x4
- POLLPRI = 0x2
- POLLRDBAND = 0x80
- POLLRDNORM = 0x40
- POLLWRBAND = 0x100
- POLLWRNORM = 0x4
-)
-
-type Utsname struct {
- Sysname [256]byte
- Nodename [256]byte
- Release [256]byte
- Version [256]byte
- Machine [256]byte
-}
-
-const SizeofClockinfo = 0x14
-
-type Clockinfo struct {
- Hz int32
- Tick int32
- Tickadj int32
- Stathz int32
- Profhz int32
-}
-
-type CtlInfo struct {
- Id uint32
- Name [96]byte
-}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
index 080ffce3..2673e6c5 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_darwin.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && darwin
// +build amd64,darwin
package unix
@@ -210,6 +211,13 @@ type RawSockaddrCtl struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -225,6 +233,12 @@ type IPMreq struct {
Interface [4]byte /* in_addr */
}
+type IPMreqn struct {
+ Multiaddr [4]byte /* in_addr */
+ Address [4]byte /* in_addr */
+ Ifindex int32
+}
+
type IPv6Mreq struct {
Multiaddr [16]byte /* in6_addr */
Interface uint32
@@ -273,9 +287,11 @@ const (
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x14
SizeofSockaddrCtl = 0x20
+ SizeofXucred = 0x4c
SizeofLinger = 0x8
SizeofIovec = 0x10
SizeofIPMreq = 0x8
+ SizeofIPMreqn = 0xc
SizeofIPv6Mreq = 0x14
SizeofMsghdr = 0x30
SizeofCmsghdr = 0xc
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go
deleted file mode 100644
index f2a77bc4..00000000
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm.go
+++ /dev/null
@@ -1,516 +0,0 @@
-// cgo -godefs types_darwin.go | go run mkpost.go
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-// +build arm,darwin
-
-package unix
-
-const (
- SizeofPtr = 0x4
- SizeofShort = 0x2
- SizeofInt = 0x4
- SizeofLong = 0x4
- SizeofLongLong = 0x8
-)
-
-type (
- _C_short int16
- _C_int int32
- _C_long int32
- _C_long_long int64
-)
-
-type Timespec struct {
- Sec int32
- Nsec int32
-}
-
-type Timeval struct {
- Sec int32
- Usec int32
-}
-
-type Timeval32 struct{}
-
-type Rusage struct {
- Utime Timeval
- Stime Timeval
- Maxrss int32
- Ixrss int32
- Idrss int32
- Isrss int32
- Minflt int32
- Majflt int32
- Nswap int32
- Inblock int32
- Oublock int32
- Msgsnd int32
- Msgrcv int32
- Nsignals int32
- Nvcsw int32
- Nivcsw int32
-}
-
-type Rlimit struct {
- Cur uint64
- Max uint64
-}
-
-type _Gid_t uint32
-
-type Stat_t struct {
- Dev int32
- Mode uint16
- Nlink uint16
- Ino uint64
- Uid uint32
- Gid uint32
- Rdev int32
- Atim Timespec
- Mtim Timespec
- Ctim Timespec
- Btim Timespec
- Size int64
- Blocks int64
- Blksize int32
- Flags uint32
- Gen uint32
- Lspare int32
- Qspare [2]int64
-}
-
-type Statfs_t struct {
- Bsize uint32
- Iosize int32
- Blocks uint64
- Bfree uint64
- Bavail uint64
- Files uint64
- Ffree uint64
- Fsid Fsid
- Owner uint32
- Type uint32
- Flags uint32
- Fssubtype uint32
- Fstypename [16]byte
- Mntonname [1024]byte
- Mntfromname [1024]byte
- Reserved [8]uint32
-}
-
-type Flock_t struct {
- Start int64
- Len int64
- Pid int32
- Type int16
- Whence int16
-}
-
-type Fstore_t struct {
- Flags uint32
- Posmode int32
- Offset int64
- Length int64
- Bytesalloc int64
-}
-
-type Radvisory_t struct {
- Offset int64
- Count int32
-}
-
-type Fbootstraptransfer_t struct {
- Offset int64
- Length uint32
- Buffer *byte
-}
-
-type Log2phys_t struct {
- Flags uint32
- Contigbytes int64
- Devoffset int64
-}
-
-type Fsid struct {
- Val [2]int32
-}
-
-type Dirent struct {
- Ino uint64
- Seekoff uint64
- Reclen uint16
- Namlen uint16
- Type uint8
- Name [1024]int8
- _ [3]byte
-}
-
-const (
- PathMax = 0x400
-)
-
-type RawSockaddrInet4 struct {
- Len uint8
- Family uint8
- Port uint16
- Addr [4]byte /* in_addr */
- Zero [8]int8
-}
-
-type RawSockaddrInet6 struct {
- Len uint8
- Family uint8
- Port uint16
- Flowinfo uint32
- Addr [16]byte /* in6_addr */
- Scope_id uint32
-}
-
-type RawSockaddrUnix struct {
- Len uint8
- Family uint8
- Path [104]int8
-}
-
-type RawSockaddrDatalink struct {
- Len uint8
- Family uint8
- Index uint16
- Type uint8
- Nlen uint8
- Alen uint8
- Slen uint8
- Data [12]int8
-}
-
-type RawSockaddr struct {
- Len uint8
- Family uint8
- Data [14]int8
-}
-
-type RawSockaddrAny struct {
- Addr RawSockaddr
- Pad [92]int8
-}
-
-type RawSockaddrCtl struct {
- Sc_len uint8
- Sc_family uint8
- Ss_sysaddr uint16
- Sc_id uint32
- Sc_unit uint32
- Sc_reserved [5]uint32
-}
-
-type _Socklen uint32
-
-type Linger struct {
- Onoff int32
- Linger int32
-}
-
-type Iovec struct {
- Base *byte
- Len uint32
-}
-
-type IPMreq struct {
- Multiaddr [4]byte /* in_addr */
- Interface [4]byte /* in_addr */
-}
-
-type IPv6Mreq struct {
- Multiaddr [16]byte /* in6_addr */
- Interface uint32
-}
-
-type Msghdr struct {
- Name *byte
- Namelen uint32
- Iov *Iovec
- Iovlen int32
- Control *byte
- Controllen uint32
- Flags int32
-}
-
-type Cmsghdr struct {
- Len uint32
- Level int32
- Type int32
-}
-
-type Inet4Pktinfo struct {
- Ifindex uint32
- Spec_dst [4]byte /* in_addr */
- Addr [4]byte /* in_addr */
-}
-
-type Inet6Pktinfo struct {
- Addr [16]byte /* in6_addr */
- Ifindex uint32
-}
-
-type IPv6MTUInfo struct {
- Addr RawSockaddrInet6
- Mtu uint32
-}
-
-type ICMPv6Filter struct {
- Filt [8]uint32
-}
-
-const (
- SizeofSockaddrInet4 = 0x10
- SizeofSockaddrInet6 = 0x1c
- SizeofSockaddrAny = 0x6c
- SizeofSockaddrUnix = 0x6a
- SizeofSockaddrDatalink = 0x14
- SizeofSockaddrCtl = 0x20
- SizeofLinger = 0x8
- SizeofIovec = 0x8
- SizeofIPMreq = 0x8
- SizeofIPv6Mreq = 0x14
- SizeofMsghdr = 0x1c
- SizeofCmsghdr = 0xc
- SizeofInet4Pktinfo = 0xc
- SizeofInet6Pktinfo = 0x14
- SizeofIPv6MTUInfo = 0x20
- SizeofICMPv6Filter = 0x20
-)
-
-const (
- PTRACE_TRACEME = 0x0
- PTRACE_CONT = 0x7
- PTRACE_KILL = 0x8
-)
-
-type Kevent_t struct {
- Ident uint32
- Filter int16
- Flags uint16
- Fflags uint32
- Data int32
- Udata *byte
-}
-
-type FdSet struct {
- Bits [32]int32
-}
-
-const (
- SizeofIfMsghdr = 0x70
- SizeofIfData = 0x60
- SizeofIfaMsghdr = 0x14
- SizeofIfmaMsghdr = 0x10
- SizeofIfmaMsghdr2 = 0x14
- SizeofRtMsghdr = 0x5c
- SizeofRtMetrics = 0x38
-)
-
-type IfMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Data IfData
-}
-
-type IfData struct {
- Type uint8
- Typelen uint8
- Physical uint8
- Addrlen uint8
- Hdrlen uint8
- Recvquota uint8
- Xmitquota uint8
- Unused1 uint8
- Mtu uint32
- Metric uint32
- Baudrate uint32
- Ipackets uint32
- Ierrors uint32
- Opackets uint32
- Oerrors uint32
- Collisions uint32
- Ibytes uint32
- Obytes uint32
- Imcasts uint32
- Omcasts uint32
- Iqdrops uint32
- Noproto uint32
- Recvtiming uint32
- Xmittiming uint32
- Lastchange Timeval
- Unused2 uint32
- Hwassist uint32
- Reserved1 uint32
- Reserved2 uint32
-}
-
-type IfaMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Metric int32
-}
-
-type IfmaMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- _ [2]byte
-}
-
-type IfmaMsghdr2 struct {
- Msglen uint16
- Version uint8
- Type uint8
- Addrs int32
- Flags int32
- Index uint16
- Refcount int32
-}
-
-type RtMsghdr struct {
- Msglen uint16
- Version uint8
- Type uint8
- Index uint16
- Flags int32
- Addrs int32
- Pid int32
- Seq int32
- Errno int32
- Use int32
- Inits uint32
- Rmx RtMetrics
-}
-
-type RtMetrics struct {
- Locks uint32
- Mtu uint32
- Hopcount uint32
- Expire int32
- Recvpipe uint32
- Sendpipe uint32
- Ssthresh uint32
- Rtt uint32
- Rttvar uint32
- Pksent uint32
- State uint32
- Filler [3]uint32
-}
-
-const (
- SizeofBpfVersion = 0x4
- SizeofBpfStat = 0x8
- SizeofBpfProgram = 0x8
- SizeofBpfInsn = 0x8
- SizeofBpfHdr = 0x14
-)
-
-type BpfVersion struct {
- Major uint16
- Minor uint16
-}
-
-type BpfStat struct {
- Recv uint32
- Drop uint32
-}
-
-type BpfProgram struct {
- Len uint32
- Insns *BpfInsn
-}
-
-type BpfInsn struct {
- Code uint16
- Jt uint8
- Jf uint8
- K uint32
-}
-
-type BpfHdr struct {
- Tstamp Timeval
- Caplen uint32
- Datalen uint32
- Hdrlen uint16
- _ [2]byte
-}
-
-type Termios struct {
- Iflag uint32
- Oflag uint32
- Cflag uint32
- Lflag uint32
- Cc [20]uint8
- Ispeed uint32
- Ospeed uint32
-}
-
-type Winsize struct {
- Row uint16
- Col uint16
- Xpixel uint16
- Ypixel uint16
-}
-
-const (
- AT_FDCWD = -0x2
- AT_REMOVEDIR = 0x80
- AT_SYMLINK_FOLLOW = 0x40
- AT_SYMLINK_NOFOLLOW = 0x20
-)
-
-type PollFd struct {
- Fd int32
- Events int16
- Revents int16
-}
-
-const (
- POLLERR = 0x8
- POLLHUP = 0x10
- POLLIN = 0x1
- POLLNVAL = 0x20
- POLLOUT = 0x4
- POLLPRI = 0x2
- POLLRDBAND = 0x80
- POLLRDNORM = 0x40
- POLLWRBAND = 0x100
- POLLWRNORM = 0x4
-)
-
-type Utsname struct {
- Sysname [256]byte
- Nodename [256]byte
- Release [256]byte
- Version [256]byte
- Machine [256]byte
-}
-
-const SizeofClockinfo = 0x14
-
-type Clockinfo struct {
- Hz int32
- Tick int32
- Tickadj int32
- Stathz int32
- Profhz int32
-}
-
-type CtlInfo struct {
- Id uint32
- Name [96]byte
-}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
index c9492428..1465cbcf 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_darwin.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && darwin
// +build arm64,darwin
package unix
@@ -210,6 +211,13 @@ type RawSockaddrCtl struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -225,6 +233,12 @@ type IPMreq struct {
Interface [4]byte /* in_addr */
}
+type IPMreqn struct {
+ Multiaddr [4]byte /* in_addr */
+ Address [4]byte /* in_addr */
+ Ifindex int32
+}
+
type IPv6Mreq struct {
Multiaddr [16]byte /* in6_addr */
Interface uint32
@@ -273,9 +287,11 @@ const (
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x14
SizeofSockaddrCtl = 0x20
+ SizeofXucred = 0x4c
SizeofLinger = 0x8
SizeofIovec = 0x10
SizeofIPMreq = 0x8
+ SizeofIPMreqn = 0xc
SizeofIPv6Mreq = 0x14
SizeofMsghdr = 0x30
SizeofCmsghdr = 0xc
diff --git a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
index 85506a05..1d049d7a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_dragonfly.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && dragonfly
// +build amd64,dragonfly
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
index 3e9dad33..c51bc88f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
@@ -1,6 +1,7 @@
// cgo -godefs types_freebsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && freebsd
// +build 386,freebsd
package unix
@@ -250,6 +251,14 @@ type RawSockaddrAny struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+ _ *byte
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -312,6 +321,7 @@ const (
SizeofSockaddrAny = 0x6c
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x36
+ SizeofXucred = 0x50
SizeofLinger = 0x8
SizeofIovec = 0x8
SizeofIPMreq = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
index e00e6155..395b6918 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_freebsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && freebsd
// +build amd64,freebsd
package unix
@@ -246,6 +247,14 @@ type RawSockaddrAny struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+ _ *byte
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -308,6 +317,7 @@ const (
SizeofSockaddrAny = 0x6c
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x36
+ SizeofXucred = 0x58
SizeofLinger = 0x8
SizeofIovec = 0x10
SizeofIPMreq = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
index 5da13c87..d3f9d254 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -fsigned-char types_freebsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && freebsd
// +build arm,freebsd
package unix
@@ -248,6 +249,14 @@ type RawSockaddrAny struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+ _ *byte
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -310,6 +319,7 @@ const (
SizeofSockaddrAny = 0x6c
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x36
+ SizeofXucred = 0x50
SizeofLinger = 0x8
SizeofIovec = 0x8
SizeofIPMreq = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
index 995ecf9d..434d6e8e 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -fsigned-char types_freebsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && freebsd
// +build arm64,freebsd
package unix
@@ -246,6 +247,14 @@ type RawSockaddrAny struct {
type _Socklen uint32
+type Xucred struct {
+ Version uint32
+ Uid uint32
+ Ngroups int16
+ Groups [16]uint32
+ _ *byte
+}
+
type Linger struct {
Onoff int32
Linger int32
@@ -308,6 +317,7 @@ const (
SizeofSockaddrAny = 0x6c
SizeofSockaddrUnix = 0x6a
SizeofSockaddrDatalink = 0x36
+ SizeofXucred = 0x58
SizeofLinger = 0x8
SizeofIovec = 0x10
SizeofIPMreq = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_illumos_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_illumos_amd64.go
new file mode 100644
index 00000000..236f37ef
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ztypes_illumos_amd64.go
@@ -0,0 +1,40 @@
+// cgo -godefs types_illumos.go | go run mkpost.go
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build amd64 && illumos
+// +build amd64,illumos
+
+package unix
+
+const (
+ TUNNEWPPA = 0x540001
+ TUNSETPPA = 0x540002
+
+ I_STR = 0x5308
+ I_POP = 0x5303
+ I_PUSH = 0x5302
+ I_PLINK = 0x5316
+ I_PUNLINK = 0x5317
+
+ IF_UNITSEL = -0x7ffb8cca
+)
+
+type strbuf struct {
+ Maxlen int32
+ Len int32
+ Buf *int8
+}
+
+type Strioctl struct {
+ Cmd int32
+ Timout int32
+ Len int32
+ Dp *int8
+}
+
+type Lifreq struct {
+ Name [32]int8
+ Lifru1 [4]byte
+ Type uint32
+ Lifru [336]byte
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 9f3b1a4e..08732359 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -1,5 +1,6 @@
// Code generated by mkmerge.go; DO NOT EDIT.
+//go:build linux
// +build linux
package unix
@@ -83,7 +84,7 @@ type FileCloneRange struct {
Dest_offset uint64
}
-type FileDedupeRange struct {
+type RawFileDedupeRange struct {
Src_offset uint64
Src_length uint64
Dest_count uint16
@@ -91,6 +92,21 @@ type FileDedupeRange struct {
Reserved2 uint32
}
+type RawFileDedupeRangeInfo struct {
+ Dest_fd int64
+ Dest_offset uint64
+ Bytes_deduped uint64
+ Status int32
+ Reserved uint32
+}
+
+const (
+ SizeofRawFileDedupeRange = 0x18
+ SizeofRawFileDedupeRangeInfo = 0x20
+ FILE_DEDUPE_RANGE_SAME = 0x0
+ FILE_DEDUPE_RANGE_DIFFERS = 0x1
+)
+
type FscryptPolicy struct {
Version uint8
Contents_encryption_mode uint8
@@ -288,7 +304,8 @@ type RawSockaddrVM struct {
Reserved1 uint16
Port uint32
Cid uint32
- Zero [4]uint8
+ Flags uint8
+ Zero [3]uint8
}
type RawSockaddrXDP struct {
@@ -999,7 +1016,10 @@ const (
PERF_SAMPLE_PHYS_ADDR = 0x80000
PERF_SAMPLE_AUX = 0x100000
PERF_SAMPLE_CGROUP = 0x200000
- PERF_SAMPLE_MAX = 0x400000
+ PERF_SAMPLE_DATA_PAGE_SIZE = 0x400000
+ PERF_SAMPLE_CODE_PAGE_SIZE = 0x800000
+ PERF_SAMPLE_WEIGHT_STRUCT = 0x1000000
+ PERF_SAMPLE_MAX = 0x2000000
PERF_SAMPLE_BRANCH_USER_SHIFT = 0x0
PERF_SAMPLE_BRANCH_KERNEL_SHIFT = 0x1
PERF_SAMPLE_BRANCH_HV_SHIFT = 0x2
@@ -3109,7 +3129,8 @@ const (
DEVLINK_ATTR_REMOTE_RELOAD_STATS = 0xa1
DEVLINK_ATTR_RELOAD_ACTION_INFO = 0xa2
DEVLINK_ATTR_RELOAD_ACTION_STATS = 0xa3
- DEVLINK_ATTR_MAX = 0xa3
+ DEVLINK_ATTR_PORT_PCI_SF_NUMBER = 0xa4
+ DEVLINK_ATTR_MAX = 0xa4
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1
DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0
@@ -3123,7 +3144,9 @@ const (
DEVLINK_RESOURCE_UNIT_ENTRY = 0x0
DEVLINK_PORT_FUNCTION_ATTR_UNSPEC = 0x0
DEVLINK_PORT_FUNCTION_ATTR_HW_ADDR = 0x1
- DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x1
+ DEVLINK_PORT_FN_ATTR_STATE = 0x2
+ DEVLINK_PORT_FN_ATTR_OPSTATE = 0x3
+ DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x3
)
type FsverityDigest struct {
@@ -3492,7 +3515,8 @@ const (
ETHTOOL_A_LINKMODES_DUPLEX = 0x6
ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG = 0x7
ETHTOOL_A_LINKMODES_MASTER_SLAVE_STATE = 0x8
- ETHTOOL_A_LINKMODES_MAX = 0x8
+ ETHTOOL_A_LINKMODES_LANES = 0x9
+ ETHTOOL_A_LINKMODES_MAX = 0x9
ETHTOOL_A_LINKSTATE_UNSPEC = 0x0
ETHTOOL_A_LINKSTATE_HEADER = 0x1
ETHTOOL_A_LINKSTATE_LINK = 0x2
@@ -3680,3 +3704,41 @@ const (
ETHTOOL_A_TUNNEL_INFO_UDP_PORTS = 0x2
ETHTOOL_A_TUNNEL_INFO_MAX = 0x2
)
+
+type EthtoolDrvinfo struct {
+ Cmd uint32
+ Driver [32]byte
+ Version [32]byte
+ Fw_version [32]byte
+ Bus_info [32]byte
+ Erom_version [32]byte
+ Reserved2 [12]byte
+ N_priv_flags uint32
+ N_stats uint32
+ Testinfo_len uint32
+ Eedump_len uint32
+ Regdump_len uint32
+}
+
+type (
+ HIDRawReportDescriptor struct {
+ Size uint32
+ Value [4096]uint8
+ }
+ HIDRawDevInfo struct {
+ Bustype uint32
+ Vendor int16
+ Product int16
+ }
+)
+
+const (
+ CLOSE_RANGE_UNSHARE = 0x2
+ CLOSE_RANGE_CLOEXEC = 0x4
+)
+
+const (
+ NLMSGERR_ATTR_MSG = 0x1
+ NLMSGERR_ATTR_OFFS = 0x2
+ NLMSGERR_ATTR_COOKIE = 0x3
+)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index 088bd77e..4d4d283d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m32 /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && linux
// +build 386,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index 078d958e..8a2eed5e 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include -m64 /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && linux
// +build amd64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index 2d39122f..94b34add 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && linux
// +build arm,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index 304cbd04..2143de4d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && linux
// +build arm64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index 7d9d5700..a40216ee 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips && linux
// +build mips,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index a1eb2577..e834b069 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && linux
// +build mips64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index 2e5ce3b6..e31083b0 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64le && linux
// +build mips64le,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index bbaa1200..42811f7f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mipsle && linux
// +build mipsle,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
new file mode 100644
index 00000000..af7a7201
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -0,0 +1,627 @@
+// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build ppc && linux
+// +build ppc,linux
+
+package unix
+
+const (
+ SizeofPtr = 0x4
+ SizeofLong = 0x4
+)
+
+type (
+ _C_long int32
+)
+
+type Timespec struct {
+ Sec int32
+ Nsec int32
+}
+
+type Timeval struct {
+ Sec int32
+ Usec int32
+}
+
+type Timex struct {
+ Modes uint32
+ Offset int32
+ Freq int32
+ Maxerror int32
+ Esterror int32
+ Status int32
+ Constant int32
+ Precision int32
+ Tolerance int32
+ Time Timeval
+ Tick int32
+ Ppsfreq int32
+ Jitter int32
+ Shift int32
+ Stabil int32
+ Jitcnt int32
+ Calcnt int32
+ Errcnt int32
+ Stbcnt int32
+ Tai int32
+ _ [44]byte
+}
+
+type Time_t int32
+
+type Tms struct {
+ Utime int32
+ Stime int32
+ Cutime int32
+ Cstime int32
+}
+
+type Utimbuf struct {
+ Actime int32
+ Modtime int32
+}
+
+type Rusage struct {
+ Utime Timeval
+ Stime Timeval
+ Maxrss int32
+ Ixrss int32
+ Idrss int32
+ Isrss int32
+ Minflt int32
+ Majflt int32
+ Nswap int32
+ Inblock int32
+ Oublock int32
+ Msgsnd int32
+ Msgrcv int32
+ Nsignals int32
+ Nvcsw int32
+ Nivcsw int32
+}
+
+type Stat_t struct {
+ Dev uint64
+ Ino uint64
+ Mode uint32
+ Nlink uint32
+ Uid uint32
+ Gid uint32
+ Rdev uint64
+ _ uint16
+ _ [4]byte
+ Size int64
+ Blksize int32
+ _ [4]byte
+ Blocks int64
+ Atim Timespec
+ Mtim Timespec
+ Ctim Timespec
+ _ uint32
+ _ uint32
+}
+
+type Dirent struct {
+ Ino uint64
+ Off int64
+ Reclen uint16
+ Type uint8
+ Name [256]uint8
+ _ [5]byte
+}
+
+type Flock_t struct {
+ Type int16
+ Whence int16
+ _ [4]byte
+ Start int64
+ Len int64
+ Pid int32
+ _ [4]byte
+}
+
+type DmNameList struct {
+ Dev uint64
+ Next uint32
+ Name [0]byte
+ _ [4]byte
+}
+
+const (
+ FADV_DONTNEED = 0x4
+ FADV_NOREUSE = 0x5
+)
+
+type RawSockaddr struct {
+ Family uint16
+ Data [14]uint8
+}
+
+type RawSockaddrAny struct {
+ Addr RawSockaddr
+ Pad [96]uint8
+}
+
+type Iovec struct {
+ Base *byte
+ Len uint32
+}
+
+type Msghdr struct {
+ Name *byte
+ Namelen uint32
+ Iov *Iovec
+ Iovlen uint32
+ Control *byte
+ Controllen uint32
+ Flags int32
+}
+
+type Cmsghdr struct {
+ Len uint32
+ Level int32
+ Type int32
+}
+
+const (
+ SizeofIovec = 0x8
+ SizeofMsghdr = 0x1c
+ SizeofCmsghdr = 0xc
+)
+
+const (
+ SizeofSockFprog = 0x8
+)
+
+type PtraceRegs struct {
+ Gpr [32]uint32
+ Nip uint32
+ Msr uint32
+ Orig_gpr3 uint32
+ Ctr uint32
+ Link uint32
+ Xer uint32
+ Ccr uint32
+ Mq uint32
+ Trap uint32
+ Dar uint32
+ Dsisr uint32
+ Result uint32
+}
+
+type FdSet struct {
+ Bits [32]int32
+}
+
+type Sysinfo_t struct {
+ Uptime int32
+ Loads [3]uint32
+ Totalram uint32
+ Freeram uint32
+ Sharedram uint32
+ Bufferram uint32
+ Totalswap uint32
+ Freeswap uint32
+ Procs uint16
+ Pad uint16
+ Totalhigh uint32
+ Freehigh uint32
+ Unit uint32
+ _ [8]uint8
+}
+
+type Ustat_t struct {
+ Tfree int32
+ Tinode uint32
+ Fname [6]uint8
+ Fpack [6]uint8
+}
+
+type EpollEvent struct {
+ Events uint32
+ _ int32
+ Fd int32
+ Pad int32
+}
+
+const (
+ POLLRDHUP = 0x2000
+)
+
+type Sigset_t struct {
+ Val [32]uint32
+}
+
+const _C__NSIG = 0x41
+
+type Termios struct {
+ Iflag uint32
+ Oflag uint32
+ Cflag uint32
+ Lflag uint32
+ Cc [19]uint8
+ Line uint8
+ Ispeed uint32
+ Ospeed uint32
+}
+
+type Taskstats struct {
+ Version uint16
+ Ac_exitcode uint32
+ Ac_flag uint8
+ Ac_nice uint8
+ _ [4]byte
+ Cpu_count uint64
+ Cpu_delay_total uint64
+ Blkio_count uint64
+ Blkio_delay_total uint64
+ Swapin_count uint64
+ Swapin_delay_total uint64
+ Cpu_run_real_total uint64
+ Cpu_run_virtual_total uint64
+ Ac_comm [32]uint8
+ Ac_sched uint8
+ Ac_pad [3]uint8
+ _ [4]byte
+ Ac_uid uint32
+ Ac_gid uint32
+ Ac_pid uint32
+ Ac_ppid uint32
+ Ac_btime uint32
+ _ [4]byte
+ Ac_etime uint64
+ Ac_utime uint64
+ Ac_stime uint64
+ Ac_minflt uint64
+ Ac_majflt uint64
+ Coremem uint64
+ Virtmem uint64
+ Hiwater_rss uint64
+ Hiwater_vm uint64
+ Read_char uint64
+ Write_char uint64
+ Read_syscalls uint64
+ Write_syscalls uint64
+ Read_bytes uint64
+ Write_bytes uint64
+ Cancelled_write_bytes uint64
+ Nvcsw uint64
+ Nivcsw uint64
+ Ac_utimescaled uint64
+ Ac_stimescaled uint64
+ Cpu_scaled_run_real_total uint64
+ Freepages_count uint64
+ Freepages_delay_total uint64
+ Thrashing_count uint64
+ Thrashing_delay_total uint64
+ Ac_btime64 uint64
+}
+
+type cpuMask uint32
+
+const (
+ _NCPUBITS = 0x20
+)
+
+const (
+ CBitFieldMaskBit0 = 0x8000000000000000
+ CBitFieldMaskBit1 = 0x4000000000000000
+ CBitFieldMaskBit2 = 0x2000000000000000
+ CBitFieldMaskBit3 = 0x1000000000000000
+ CBitFieldMaskBit4 = 0x800000000000000
+ CBitFieldMaskBit5 = 0x400000000000000
+ CBitFieldMaskBit6 = 0x200000000000000
+ CBitFieldMaskBit7 = 0x100000000000000
+ CBitFieldMaskBit8 = 0x80000000000000
+ CBitFieldMaskBit9 = 0x40000000000000
+ CBitFieldMaskBit10 = 0x20000000000000
+ CBitFieldMaskBit11 = 0x10000000000000
+ CBitFieldMaskBit12 = 0x8000000000000
+ CBitFieldMaskBit13 = 0x4000000000000
+ CBitFieldMaskBit14 = 0x2000000000000
+ CBitFieldMaskBit15 = 0x1000000000000
+ CBitFieldMaskBit16 = 0x800000000000
+ CBitFieldMaskBit17 = 0x400000000000
+ CBitFieldMaskBit18 = 0x200000000000
+ CBitFieldMaskBit19 = 0x100000000000
+ CBitFieldMaskBit20 = 0x80000000000
+ CBitFieldMaskBit21 = 0x40000000000
+ CBitFieldMaskBit22 = 0x20000000000
+ CBitFieldMaskBit23 = 0x10000000000
+ CBitFieldMaskBit24 = 0x8000000000
+ CBitFieldMaskBit25 = 0x4000000000
+ CBitFieldMaskBit26 = 0x2000000000
+ CBitFieldMaskBit27 = 0x1000000000
+ CBitFieldMaskBit28 = 0x800000000
+ CBitFieldMaskBit29 = 0x400000000
+ CBitFieldMaskBit30 = 0x200000000
+ CBitFieldMaskBit31 = 0x100000000
+ CBitFieldMaskBit32 = 0x80000000
+ CBitFieldMaskBit33 = 0x40000000
+ CBitFieldMaskBit34 = 0x20000000
+ CBitFieldMaskBit35 = 0x10000000
+ CBitFieldMaskBit36 = 0x8000000
+ CBitFieldMaskBit37 = 0x4000000
+ CBitFieldMaskBit38 = 0x2000000
+ CBitFieldMaskBit39 = 0x1000000
+ CBitFieldMaskBit40 = 0x800000
+ CBitFieldMaskBit41 = 0x400000
+ CBitFieldMaskBit42 = 0x200000
+ CBitFieldMaskBit43 = 0x100000
+ CBitFieldMaskBit44 = 0x80000
+ CBitFieldMaskBit45 = 0x40000
+ CBitFieldMaskBit46 = 0x20000
+ CBitFieldMaskBit47 = 0x10000
+ CBitFieldMaskBit48 = 0x8000
+ CBitFieldMaskBit49 = 0x4000
+ CBitFieldMaskBit50 = 0x2000
+ CBitFieldMaskBit51 = 0x1000
+ CBitFieldMaskBit52 = 0x800
+ CBitFieldMaskBit53 = 0x400
+ CBitFieldMaskBit54 = 0x200
+ CBitFieldMaskBit55 = 0x100
+ CBitFieldMaskBit56 = 0x80
+ CBitFieldMaskBit57 = 0x40
+ CBitFieldMaskBit58 = 0x20
+ CBitFieldMaskBit59 = 0x10
+ CBitFieldMaskBit60 = 0x8
+ CBitFieldMaskBit61 = 0x4
+ CBitFieldMaskBit62 = 0x2
+ CBitFieldMaskBit63 = 0x1
+)
+
+type SockaddrStorage struct {
+ Family uint16
+ _ [122]uint8
+ _ uint32
+}
+
+type HDGeometry struct {
+ Heads uint8
+ Sectors uint8
+ Cylinders uint16
+ Start uint32
+}
+
+type Statfs_t struct {
+ Type int32
+ Bsize int32
+ Blocks uint64
+ Bfree uint64
+ Bavail uint64
+ Files uint64
+ Ffree uint64
+ Fsid Fsid
+ Namelen int32
+ Frsize int32
+ Flags int32
+ Spare [4]int32
+ _ [4]byte
+}
+
+type TpacketHdr struct {
+ Status uint32
+ Len uint32
+ Snaplen uint32
+ Mac uint16
+ Net uint16
+ Sec uint32
+ Usec uint32
+}
+
+const (
+ SizeofTpacketHdr = 0x18
+)
+
+type RTCPLLInfo struct {
+ Ctrl int32
+ Value int32
+ Max int32
+ Min int32
+ Posmult int32
+ Negmult int32
+ Clock int32
+}
+
+type BlkpgPartition struct {
+ Start int64
+ Length int64
+ Pno int32
+ Devname [64]uint8
+ Volname [64]uint8
+ _ [4]byte
+}
+
+const (
+ BLKPG = 0x20001269
+)
+
+type XDPUmemReg struct {
+ Addr uint64
+ Len uint64
+ Size uint32
+ Headroom uint32
+ Flags uint32
+ _ [4]byte
+}
+
+type CryptoUserAlg struct {
+ Name [64]uint8
+ Driver_name [64]uint8
+ Module_name [64]uint8
+ Type uint32
+ Mask uint32
+ Refcnt uint32
+ Flags uint32
+}
+
+type CryptoStatAEAD struct {
+ Type [64]uint8
+ Encrypt_cnt uint64
+ Encrypt_tlen uint64
+ Decrypt_cnt uint64
+ Decrypt_tlen uint64
+ Err_cnt uint64
+}
+
+type CryptoStatAKCipher struct {
+ Type [64]uint8
+ Encrypt_cnt uint64
+ Encrypt_tlen uint64
+ Decrypt_cnt uint64
+ Decrypt_tlen uint64
+ Verify_cnt uint64
+ Sign_cnt uint64
+ Err_cnt uint64
+}
+
+type CryptoStatCipher struct {
+ Type [64]uint8
+ Encrypt_cnt uint64
+ Encrypt_tlen uint64
+ Decrypt_cnt uint64
+ Decrypt_tlen uint64
+ Err_cnt uint64
+}
+
+type CryptoStatCompress struct {
+ Type [64]uint8
+ Compress_cnt uint64
+ Compress_tlen uint64
+ Decompress_cnt uint64
+ Decompress_tlen uint64
+ Err_cnt uint64
+}
+
+type CryptoStatHash struct {
+ Type [64]uint8
+ Hash_cnt uint64
+ Hash_tlen uint64
+ Err_cnt uint64
+}
+
+type CryptoStatKPP struct {
+ Type [64]uint8
+ Setsecret_cnt uint64
+ Generate_public_key_cnt uint64
+ Compute_shared_secret_cnt uint64
+ Err_cnt uint64
+}
+
+type CryptoStatRNG struct {
+ Type [64]uint8
+ Generate_cnt uint64
+ Generate_tlen uint64
+ Seed_cnt uint64
+ Err_cnt uint64
+}
+
+type CryptoStatLarval struct {
+ Type [64]uint8
+}
+
+type CryptoReportLarval struct {
+ Type [64]uint8
+}
+
+type CryptoReportHash struct {
+ Type [64]uint8
+ Blocksize uint32
+ Digestsize uint32
+}
+
+type CryptoReportCipher struct {
+ Type [64]uint8
+ Blocksize uint32
+ Min_keysize uint32
+ Max_keysize uint32
+}
+
+type CryptoReportBlkCipher struct {
+ Type [64]uint8
+ Geniv [64]uint8
+ Blocksize uint32
+ Min_keysize uint32
+ Max_keysize uint32
+ Ivsize uint32
+}
+
+type CryptoReportAEAD struct {
+ Type [64]uint8
+ Geniv [64]uint8
+ Blocksize uint32
+ Maxauthsize uint32
+ Ivsize uint32
+}
+
+type CryptoReportComp struct {
+ Type [64]uint8
+}
+
+type CryptoReportRNG struct {
+ Type [64]uint8
+ Seedsize uint32
+}
+
+type CryptoReportAKCipher struct {
+ Type [64]uint8
+}
+
+type CryptoReportKPP struct {
+ Type [64]uint8
+}
+
+type CryptoReportAcomp struct {
+ Type [64]uint8
+}
+
+type LoopInfo struct {
+ Number int32
+ Device uint32
+ Inode uint32
+ Rdevice uint32
+ Offset int32
+ Encrypt_type int32
+ Encrypt_key_size int32
+ Flags int32
+ Name [64]uint8
+ Encrypt_key [32]uint8
+ Init [2]uint32
+ Reserved [4]uint8
+}
+
+type TIPCSubscr struct {
+ Seq TIPCServiceRange
+ Timeout uint32
+ Filter uint32
+ Handle [8]uint8
+}
+
+type TIPCSIOCLNReq struct {
+ Peer uint32
+ Id uint32
+ Linkname [68]uint8
+}
+
+type TIPCSIOCNodeIDReq struct {
+ Peer uint32
+ Id [16]uint8
+}
+
+type PPSKInfo struct {
+ Assert_sequence uint32
+ Clear_sequence uint32
+ Assert_tu PPSKTime
+ Clear_tu PPSKTime
+ Current_mode int32
+ _ [4]byte
+}
+
+const (
+ PPS_GETPARAMS = 0x400470a1
+ PPS_SETPARAMS = 0x800470a2
+ PPS_GETCAP = 0x400470a3
+ PPS_FETCH = 0xc00470a4
+)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 0e6e8a77..2a3afbae 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64 && linux
// +build ppc64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index 7382f385..c0de30a6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build ppc64le && linux
// +build ppc64le,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index 28d55221..74faf2e9 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build riscv64 && linux
// +build riscv64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index a91a7a44..9a8f0c2c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include -fsigned-char /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build s390x && linux
// +build s390x,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index f824b235..72cdda75 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -Wall -Werror -static -I/tmp/include /build/linux/types.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build sparc64 && linux
// +build sparc64,linux
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
index 3f11f88e..b10e73ab 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
@@ -1,6 +1,7 @@
// cgo -godefs types_netbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && netbsd
// +build 386,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
index 0bed83af..28ed6d55 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_netbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && netbsd
// +build amd64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
index e4e3bf73..4ba196eb 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
@@ -1,6 +1,7 @@
// cgo -godefs types_netbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && netbsd
// +build arm,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
index efac861b..dd642bd9 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_netbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && netbsd
// +build arm64,netbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
index 80fa295f..1fdb0e5f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
@@ -1,6 +1,7 @@
// cgo -godefs types_openbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build 386 && openbsd
// +build 386,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
index 560dd6d0..e2fc93c7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_openbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && openbsd
// +build amd64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
index 0c1700fa..8d34b5a2 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -fsigned-char types_openbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm && openbsd
// +build arm,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
index 5b3e4663..ea8f1a0d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -fsigned-char types_openbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build arm64 && openbsd
// +build arm64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
index 62bff167..ec6e8bc3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
@@ -1,6 +1,7 @@
// cgo -godefs -- -fsigned-char types_openbsd.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build mips64 && openbsd
// +build mips64,openbsd
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
index ca512aff..85effef9 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
@@ -1,6 +1,7 @@
// cgo -godefs types_solaris.go | go run mkpost.go
// Code generated by the command above; see README.md. DO NOT EDIT.
+//go:build amd64 && solaris
// +build amd64,solaris
package unix
diff --git a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
new file mode 100644
index 00000000..4ab638cb
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
@@ -0,0 +1,406 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+// +build zos,s390x
+
+// Hand edited based on ztypes_linux_s390x.go
+// TODO: auto-generate.
+
+package unix
+
+const (
+ SizeofPtr = 0x8
+ SizeofShort = 0x2
+ SizeofInt = 0x4
+ SizeofLong = 0x8
+ SizeofLongLong = 0x8
+ PathMax = 0x1000
+)
+
+const (
+ SizeofSockaddrAny = 128
+ SizeofCmsghdr = 12
+ SizeofIPMreq = 8
+ SizeofIPv6Mreq = 20
+ SizeofICMPv6Filter = 32
+ SizeofIPv6MTUInfo = 32
+ SizeofLinger = 8
+ SizeofSockaddrInet4 = 16
+ SizeofSockaddrInet6 = 28
+ SizeofTCPInfo = 0x68
+)
+
+type (
+ _C_short int16
+ _C_int int32
+ _C_long int64
+ _C_long_long int64
+)
+
+type Timespec struct {
+ Sec int64
+ Nsec int64
+}
+
+type Timeval struct {
+ Sec int64
+ Usec int64
+}
+
+type timeval_zos struct { //correct (with padding and all)
+ Sec int64
+ _ [4]byte // pad
+ Usec int32
+}
+
+type Tms struct { //clock_t is 4-byte unsigned int in zos
+ Utime uint32
+ Stime uint32
+ Cutime uint32
+ Cstime uint32
+}
+
+type Time_t int64
+
+type Utimbuf struct {
+ Actime int64
+ Modtime int64
+}
+
+type Utsname struct {
+ Sysname [65]byte
+ Nodename [65]byte
+ Release [65]byte
+ Version [65]byte
+ Machine [65]byte
+ Domainname [65]byte
+}
+
+type RawSockaddrInet4 struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Addr [4]byte /* in_addr */
+ Zero [8]uint8
+}
+
+type RawSockaddrInet6 struct {
+ Len uint8
+ Family uint8
+ Port uint16
+ Flowinfo uint32
+ Addr [16]byte /* in6_addr */
+ Scope_id uint32
+}
+
+type RawSockaddrUnix struct {
+ Len uint8
+ Family uint8
+ Path [108]int8
+}
+
+type RawSockaddr struct {
+ Len uint8
+ Family uint8
+ Data [14]uint8
+}
+
+type RawSockaddrAny struct {
+ Addr RawSockaddr
+ _ [112]uint8 // pad
+}
+
+type _Socklen uint32
+
+type Linger struct {
+ Onoff int32
+ Linger int32
+}
+
+type Iovec struct {
+ Base *byte
+ Len uint64
+}
+
+type IPMreq struct {
+ Multiaddr [4]byte /* in_addr */
+ Interface [4]byte /* in_addr */
+}
+
+type IPv6Mreq struct {
+ Multiaddr [16]byte /* in6_addr */
+ Interface uint32
+}
+
+type Msghdr struct {
+ Name *byte
+ Iov *Iovec
+ Control *byte
+ Flags int32
+ Namelen int32
+ Iovlen int32
+ Controllen int32
+}
+
+type Cmsghdr struct {
+ Len int32
+ Level int32
+ Type int32
+}
+
+type Inet4Pktinfo struct {
+ Addr [4]byte /* in_addr */
+ Ifindex uint32
+}
+
+type Inet6Pktinfo struct {
+ Addr [16]byte /* in6_addr */
+ Ifindex uint32
+}
+
+type IPv6MTUInfo struct {
+ Addr RawSockaddrInet6
+ Mtu uint32
+}
+
+type ICMPv6Filter struct {
+ Data [8]uint32
+}
+
+type TCPInfo struct {
+ State uint8
+ Ca_state uint8
+ Retransmits uint8
+ Probes uint8
+ Backoff uint8
+ Options uint8
+ Rto uint32
+ Ato uint32
+ Snd_mss uint32
+ Rcv_mss uint32
+ Unacked uint32
+ Sacked uint32
+ Lost uint32
+ Retrans uint32
+ Fackets uint32
+ Last_data_sent uint32
+ Last_ack_sent uint32
+ Last_data_recv uint32
+ Last_ack_recv uint32
+ Pmtu uint32
+ Rcv_ssthresh uint32
+ Rtt uint32
+ Rttvar uint32
+ Snd_ssthresh uint32
+ Snd_cwnd uint32
+ Advmss uint32
+ Reordering uint32
+ Rcv_rtt uint32
+ Rcv_space uint32
+ Total_retrans uint32
+}
+
+type _Gid_t uint32
+
+type rusage_zos struct {
+ Utime timeval_zos
+ Stime timeval_zos
+}
+
+type Rusage struct {
+ Utime Timeval
+ Stime Timeval
+ Maxrss int64
+ Ixrss int64
+ Idrss int64
+ Isrss int64
+ Minflt int64
+ Majflt int64
+ Nswap int64
+ Inblock int64
+ Oublock int64
+ Msgsnd int64
+ Msgrcv int64
+ Nsignals int64
+ Nvcsw int64
+ Nivcsw int64
+}
+
+type Rlimit struct {
+ Cur uint64
+ Max uint64
+}
+
+// { int, short, short } in poll.h
+type PollFd struct {
+ Fd int32
+ Events int16
+ Revents int16
+}
+
+type Stat_t struct { //Linux Definition
+ Dev uint64
+ Ino uint64
+ Nlink uint64
+ Mode uint32
+ Uid uint32
+ Gid uint32
+ _ int32
+ Rdev uint64
+ Size int64
+ Atim Timespec
+ Mtim Timespec
+ Ctim Timespec
+ Blksize int64
+ Blocks int64
+ _ [3]int64
+}
+
+type Stat_LE_t struct {
+ _ [4]byte // eye catcher
+ Length uint16
+ Version uint16
+ Mode int32
+ Ino uint32
+ Dev uint32
+ Nlink int32
+ Uid int32
+ Gid int32
+ Size int64
+ Atim31 [4]byte
+ Mtim31 [4]byte
+ Ctim31 [4]byte
+ Rdev uint32
+ Auditoraudit uint32
+ Useraudit uint32
+ Blksize int32
+ Creatim31 [4]byte
+ AuditID [16]byte
+ _ [4]byte // rsrvd1
+ File_tag struct {
+ Ccsid uint16
+ Txtflag uint16 // aggregating Txflag:1 deferred:1 rsvflags:14
+ }
+ CharsetID [8]byte
+ Blocks int64
+ Genvalue uint32
+ Reftim31 [4]byte
+ Fid [8]byte
+ Filefmt byte
+ Fspflag2 byte
+ _ [2]byte // rsrvd2
+ Ctimemsec int32
+ Seclabel [8]byte
+ _ [4]byte // rsrvd3
+ _ [4]byte // rsrvd4
+ Atim Time_t
+ Mtim Time_t
+ Ctim Time_t
+ Creatim Time_t
+ Reftim Time_t
+ _ [24]byte // rsrvd5
+}
+
+type Statvfs_t struct {
+ ID [4]byte
+ Len int32
+ Bsize uint64
+ Blocks uint64
+ Usedspace uint64
+ Bavail uint64
+ Flag uint64
+ Maxfilesize int64
+ _ [16]byte
+ Frsize uint64
+ Bfree uint64
+ Files uint32
+ Ffree uint32
+ Favail uint32
+ Namemax31 uint32
+ Invarsec uint32
+ _ [4]byte
+ Fsid uint64
+ Namemax uint64
+}
+
+type Statfs_t struct {
+ Type uint32
+ Bsize uint64
+ Blocks uint64
+ Bfree uint64
+ Bavail uint64
+ Files uint32
+ Ffree uint32
+ Fsid uint64
+ Namelen uint64
+ Frsize uint64
+ Flags uint64
+}
+
+type Dirent struct {
+ Reclen uint16
+ Namlen uint16
+ Ino uint32
+ Extra uintptr
+ Name [256]byte
+}
+
+type FdSet struct {
+ Bits [64]int32
+}
+
+// This struct is packed on z/OS so it can't be used directly.
+type Flock_t struct {
+ Type int16
+ Whence int16
+ Start int64
+ Len int64
+ Pid int32
+}
+
+type Termios struct {
+ Cflag uint32
+ Iflag uint32
+ Lflag uint32
+ Oflag uint32
+ Cc [11]uint8
+}
+
+type Winsize struct {
+ Row uint16
+ Col uint16
+ Xpixel uint16
+ Ypixel uint16
+}
+
+type W_Mnth struct {
+ Hid [4]byte
+ Size int32
+ Cur1 int32 //32bit pointer
+ Cur2 int32 //^
+ Devno uint32
+ _ [4]byte
+}
+
+type W_Mntent struct {
+ Fstype uint32
+ Mode uint32
+ Dev uint32
+ Parentdev uint32
+ Rootino uint32
+ Status byte
+ Ddname [9]byte
+ Fstname [9]byte
+ Fsname [45]byte
+ Pathlen uint32
+ Mountpoint [1024]byte
+ Jobname [8]byte
+ PID int32
+ Parmoffset int32
+ Parmlen int16
+ Owner [8]byte
+ Quiesceowner [8]byte
+ _ [38]byte
+}
diff --git a/vendor/golang.org/x/sys/windows/empty.s b/vendor/golang.org/x/sys/windows/empty.s
index 69309e4d..fdbbbcd3 100644
--- a/vendor/golang.org/x/sys/windows/empty.s
+++ b/vendor/golang.org/x/sys/windows/empty.s
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build !go1.12
// +build !go1.12
// This file is here to allow bodyless functions with go:linkname for Go 1.11
diff --git a/vendor/golang.org/x/sys/windows/exec_windows.go b/vendor/golang.org/x/sys/windows/exec_windows.go
index 3606c3a8..9eb1fb63 100644
--- a/vendor/golang.org/x/sys/windows/exec_windows.go
+++ b/vendor/golang.org/x/sys/windows/exec_windows.go
@@ -6,6 +6,11 @@
package windows
+import (
+ errorspkg "errors"
+ "unsafe"
+)
+
// EscapeArg rewrites command line argument s as prescribed
// in http://msdn.microsoft.com/en-us/library/ms880421.
// This function returns "" (2 double quotes) if s is empty.
@@ -95,3 +100,33 @@ func FullPath(name string) (path string, err error) {
}
}
}
+
+// NewProcThreadAttributeList allocates a new ProcThreadAttributeList, with the requested maximum number of attributes.
+func NewProcThreadAttributeList(maxAttrCount uint32) (*ProcThreadAttributeList, error) {
+ var size uintptr
+ err := initializeProcThreadAttributeList(nil, maxAttrCount, 0, &size)
+ if err != ERROR_INSUFFICIENT_BUFFER {
+ if err == nil {
+ return nil, errorspkg.New("unable to query buffer size from InitializeProcThreadAttributeList")
+ }
+ return nil, err
+ }
+ const psize = unsafe.Sizeof(uintptr(0))
+ // size is guaranteed to be ≥1 by InitializeProcThreadAttributeList.
+ al := (*ProcThreadAttributeList)(unsafe.Pointer(&make([]unsafe.Pointer, (size+psize-1)/psize)[0]))
+ err = initializeProcThreadAttributeList(al, maxAttrCount, 0, &size)
+ if err != nil {
+ return nil, err
+ }
+ return al, err
+}
+
+// Update modifies the ProcThreadAttributeList using UpdateProcThreadAttribute.
+func (al *ProcThreadAttributeList) Update(attribute uintptr, flags uint32, value unsafe.Pointer, size uintptr, prevValue unsafe.Pointer, returnedSize *uintptr) error {
+ return updateProcThreadAttribute(al, flags, attribute, value, size, prevValue, returnedSize)
+}
+
+// Delete frees ProcThreadAttributeList's resources.
+func (al *ProcThreadAttributeList) Delete() {
+ deleteProcThreadAttributeList(al)
+}
diff --git a/vendor/golang.org/x/sys/windows/mkerrors.bash b/vendor/golang.org/x/sys/windows/mkerrors.bash
index 2163843a..58e0188f 100644
--- a/vendor/golang.org/x/sys/windows/mkerrors.bash
+++ b/vendor/golang.org/x/sys/windows/mkerrors.bash
@@ -9,6 +9,8 @@ shopt -s nullglob
winerror="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/shared/winerror.h | sort -Vr | head -n 1)"
[[ -n $winerror ]] || { echo "Unable to find winerror.h" >&2; exit 1; }
+ntstatus="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/shared/ntstatus.h | sort -Vr | head -n 1)"
+[[ -n $ntstatus ]] || { echo "Unable to find ntstatus.h" >&2; exit 1; }
declare -A errors
@@ -59,5 +61,10 @@ declare -A errors
echo "$key $vtype = $value"
done < "$winerror"
+ while read -r line; do
+ [[ $line =~ ^#define\ (STATUS_[^\s]+)\ +\(\(NTSTATUS\)((0x)?[0-9a-fA-F]+)L?\) ]] || continue
+ echo "${BASH_REMATCH[1]} NTStatus = ${BASH_REMATCH[2]}"
+ done < "$ntstatus"
+
echo ")"
} | gofmt > "zerrors_windows.go"
diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go
index 69eb462c..111c10d3 100644
--- a/vendor/golang.org/x/sys/windows/security_windows.go
+++ b/vendor/golang.org/x/sys/windows/security_windows.go
@@ -908,6 +908,19 @@ type SECURITY_DESCRIPTOR struct {
dacl *ACL
}
+type SECURITY_QUALITY_OF_SERVICE struct {
+ Length uint32
+ ImpersonationLevel uint32
+ ContextTrackingMode byte
+ EffectiveOnly byte
+}
+
+// Constants for the ContextTrackingMode field of SECURITY_QUALITY_OF_SERVICE.
+const (
+ SECURITY_STATIC_TRACKING = 0
+ SECURITY_DYNAMIC_TRACKING = 1
+)
+
type SecurityAttributes struct {
Length uint32
SecurityDescriptor *SECURITY_DESCRIPTOR
@@ -1321,7 +1334,11 @@ func (absoluteSD *SECURITY_DESCRIPTOR) ToSelfRelative() (selfRelativeSD *SECURIT
}
func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor() *SECURITY_DESCRIPTOR {
- sdLen := (int)(selfRelativeSD.Length())
+ sdLen := int(selfRelativeSD.Length())
+ const min = int(unsafe.Sizeof(SECURITY_DESCRIPTOR{}))
+ if sdLen < min {
+ sdLen = min
+ }
var src []byte
h := (*unsafeheader.Slice)(unsafe.Pointer(&src))
@@ -1329,7 +1346,15 @@ func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor()
h.Len = sdLen
h.Cap = sdLen
- dst := make([]byte, sdLen)
+ const psize = int(unsafe.Sizeof(uintptr(0)))
+
+ var dst []byte
+ h = (*unsafeheader.Slice)(unsafe.Pointer(&dst))
+ alloc := make([]uintptr, (sdLen+psize-1)/psize)
+ h.Data = (*unsafeheader.Slice)(unsafe.Pointer(&alloc)).Data
+ h.Len = sdLen
+ h.Cap = sdLen
+
copy(dst, src)
return (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&dst[0]))
}
diff --git a/vendor/golang.org/x/sys/windows/svc/mgr/service.go b/vendor/golang.org/x/sys/windows/svc/mgr/service.go
index aee2d3d2..7d735ca2 100644
--- a/vendor/golang.org/x/sys/windows/svc/mgr/service.go
+++ b/vendor/golang.org/x/sys/windows/svc/mgr/service.go
@@ -46,7 +46,7 @@ func (s *Service) Start(args ...string) error {
return windows.StartService(s.Handle, uint32(len(args)), p)
}
-// Control sends state change request c to the servce s.
+// Control sends state change request c to the service s.
func (s *Service) Control(c svc.Cmd) (svc.Status, error) {
var t windows.SERVICE_STATUS
err := windows.ControlService(s.Handle, uint32(c), &t)
diff --git a/vendor/golang.org/x/sys/windows/svc/security.go b/vendor/golang.org/x/sys/windows/svc/security.go
index da6df1d3..ef719c17 100644
--- a/vendor/golang.org/x/sys/windows/svc/security.go
+++ b/vendor/golang.org/x/sys/windows/svc/security.go
@@ -7,8 +7,8 @@
package svc
import (
- "errors"
- "syscall"
+ "path/filepath"
+ "strings"
"unsafe"
"golang.org/x/sys/windows"
@@ -64,94 +64,45 @@ func IsAnInteractiveSession() (bool, error) {
return false, nil
}
-var (
- ntdll = windows.NewLazySystemDLL("ntdll.dll")
- _NtQueryInformationProcess = ntdll.NewProc("NtQueryInformationProcess")
-
- kernel32 = windows.NewLazySystemDLL("kernel32.dll")
- _QueryFullProcessImageNameA = kernel32.NewProc("QueryFullProcessImageNameA")
-)
-
// IsWindowsService reports whether the process is currently executing
// as a Windows service.
func IsWindowsService() (bool, error) {
- // This code was copied from runtime.isWindowsService function.
-
// The below technique looks a bit hairy, but it's actually
// exactly what the .NET framework does for the similarly named function:
// https://github.com/dotnet/extensions/blob/f4066026ca06984b07e90e61a6390ac38152ba93/src/Hosting/WindowsServices/src/WindowsServiceHelpers.cs#L26-L31
// Specifically, it looks up whether the parent process has session ID zero
// and is called "services".
- const _CURRENT_PROCESS = ^uintptr(0)
- // pbi is a PROCESS_BASIC_INFORMATION struct, where we just care about
- // the 6th pointer inside of it, which contains the pid of the process
- // parent:
- // https://github.com/wine-mirror/wine/blob/42cb7d2ad1caba08de235e6319b9967296b5d554/include/winternl.h#L1294
- var pbi [6]uintptr
- var pbiLen uint32
- r0, _, _ := syscall.Syscall6(_NtQueryInformationProcess.Addr(), 5, _CURRENT_PROCESS, 0, uintptr(unsafe.Pointer(&pbi[0])), uintptr(unsafe.Sizeof(pbi)), uintptr(unsafe.Pointer(&pbiLen)), 0)
- if r0 != 0 {
- return false, errors.New("NtQueryInformationProcess failed: error=" + itoa(int(r0)))
- }
- var psid uint32
- err := windows.ProcessIdToSessionId(uint32(pbi[5]), &psid)
+
+ var pbi windows.PROCESS_BASIC_INFORMATION
+ pbiLen := uint32(unsafe.Sizeof(pbi))
+ err := windows.NtQueryInformationProcess(windows.CurrentProcess(), windows.ProcessBasicInformation, unsafe.Pointer(&pbi), pbiLen, &pbiLen)
if err != nil {
return false, err
}
- if psid != 0 {
- // parent session id should be 0 for service process
+ var psid uint32
+ err = windows.ProcessIdToSessionId(uint32(pbi.InheritedFromUniqueProcessId), &psid)
+ if err != nil || psid != 0 {
return false, nil
}
-
- pproc, err := windows.OpenProcess(windows.PROCESS_QUERY_LIMITED_INFORMATION, false, uint32(pbi[5]))
+ pproc, err := windows.OpenProcess(windows.PROCESS_QUERY_LIMITED_INFORMATION, false, uint32(pbi.InheritedFromUniqueProcessId))
if err != nil {
return false, err
}
defer windows.CloseHandle(pproc)
-
- // exeName gets the path to the executable image of the parent process
- var exeName [261]byte
- exeNameLen := uint32(len(exeName) - 1)
- r0, _, e0 := syscall.Syscall6(_QueryFullProcessImageNameA.Addr(), 4, uintptr(pproc), 0, uintptr(unsafe.Pointer(&exeName[0])), uintptr(unsafe.Pointer(&exeNameLen)), 0, 0)
- if r0 == 0 {
- if e0 != 0 {
- return false, e0
- } else {
- return false, syscall.EINVAL
- }
+ var exeNameBuf [261]uint16
+ exeNameLen := uint32(len(exeNameBuf) - 1)
+ err = windows.QueryFullProcessImageName(pproc, 0, &exeNameBuf[0], &exeNameLen)
+ if err != nil {
+ return false, err
}
- const (
- servicesLower = "services.exe"
- servicesUpper = "SERVICES.EXE"
- )
- i := int(exeNameLen) - 1
- j := len(servicesLower) - 1
- if i < j {
+ exeName := windows.UTF16ToString(exeNameBuf[:exeNameLen])
+ if !strings.EqualFold(filepath.Base(exeName), "services.exe") {
return false, nil
}
- for {
- if j == -1 {
- return i == -1 || exeName[i] == '\\', nil
- }
- if exeName[i] != servicesLower[j] && exeName[i] != servicesUpper[j] {
- return false, nil
- }
- i--
- j--
+ system32, err := windows.GetSystemDirectory()
+ if err != nil {
+ return false, err
}
-}
-
-func itoa(val int) string { // do it here rather than with fmt to avoid dependency
- if val < 0 {
- return "-" + itoa(-val)
- }
- var buf [32]byte // big enough for int64
- i := len(buf) - 1
- for val >= 10 {
- buf[i] = byte(val%10 + '0')
- i--
- val /= 10
- }
- buf[i] = byte(val + '0')
- return string(buf[i:])
+ targetExeName := filepath.Join(system32, "services.exe")
+ return strings.EqualFold(exeName, targetExeName), nil
}
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_386.s b/vendor/golang.org/x/sys/windows/svc/sys_windows_386.s
similarity index 98%
rename from vendor/golang.org/x/sys/windows/svc/sys_386.s
rename to vendor/golang.org/x/sys/windows/svc/sys_windows_386.s
index c8a583d7..1ed91413 100644
--- a/vendor/golang.org/x/sys/windows/svc/sys_386.s
+++ b/vendor/golang.org/x/sys/windows/svc/sys_windows_386.s
@@ -2,8 +2,6 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build windows
-
// func servicemain(argc uint32, argv **uint16)
TEXT ·servicemain(SB),7,$0
MOVL argc+0(FP), AX
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_amd64.s b/vendor/golang.org/x/sys/windows/svc/sys_windows_amd64.s
similarity index 98%
rename from vendor/golang.org/x/sys/windows/svc/sys_amd64.s
rename to vendor/golang.org/x/sys/windows/svc/sys_windows_amd64.s
index 3d4df0c3..1e5ef92b 100644
--- a/vendor/golang.org/x/sys/windows/svc/sys_amd64.s
+++ b/vendor/golang.org/x/sys/windows/svc/sys_windows_amd64.s
@@ -2,8 +2,6 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build windows
-
// func servicemain(argc uint32, argv **uint16)
TEXT ·servicemain(SB),7,$0
MOVQ SP, AX
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_arm.s b/vendor/golang.org/x/sys/windows/svc/sys_windows_arm.s
similarity index 82%
rename from vendor/golang.org/x/sys/windows/svc/sys_arm.s
rename to vendor/golang.org/x/sys/windows/svc/sys_windows_arm.s
index 33c692a8..360b86ed 100644
--- a/vendor/golang.org/x/sys/windows/svc/sys_arm.s
+++ b/vendor/golang.org/x/sys/windows/svc/sys_windows_arm.s
@@ -2,15 +2,13 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-// +build windows
-
#include "textflag.h"
// func servicemain(argc uint32, argv **uint16)
TEXT ·servicemain(SB),NOSPLIT|NOFRAME,$0
MOVM.DB.W [R4, R14], (R13) // push {r4, lr}
- MOVW R13, R4
- BIC $0x7, R13 // alignment for ABI
+ MOVW R13, R4
+ BIC $0x7, R13 // alignment for ABI
MOVW R0, ·sArgc(SB)
MOVW R1, ·sArgv(SB)
@@ -19,19 +17,19 @@ TEXT ·servicemain(SB),NOSPLIT|NOFRAME,$0
MOVW ·ctlHandlerExProc(SB), R1
MOVW $0, R2
MOVW ·cRegisterServiceCtrlHandlerExW(SB), R3
- BL (R3)
- CMP $0, R0
- BEQ exit
+ BL (R3)
+ CMP $0, R0
+ BEQ exit
MOVW R0, ·ssHandle(SB)
MOVW ·goWaitsH(SB), R0
MOVW ·cSetEvent(SB), R1
- BL (R1)
+ BL (R1)
MOVW ·cWaitsH(SB), R0
MOVW $-1, R1
MOVW ·cWaitForSingleObject(SB), R2
- BL (R2)
+ BL (R2)
exit:
MOVW R4, R13 // free extra stack space
diff --git a/vendor/golang.org/x/sys/windows/svc/sys_windows_arm64.s b/vendor/golang.org/x/sys/windows/svc/sys_windows_arm64.s
new file mode 100644
index 00000000..3ca540e6
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/svc/sys_windows_arm64.s
@@ -0,0 +1,31 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "textflag.h"
+
+// func servicemain(argc uint32, argv **uint16)
+TEXT ·servicemain(SB),NOSPLIT|NOFRAME,$0
+ MOVD R0, ·sArgc(SB)
+ MOVD R1, ·sArgv(SB)
+
+ MOVD ·sName(SB), R0
+ MOVD ·ctlHandlerExProc(SB), R1
+ MOVD $0, R2
+ MOVD ·cRegisterServiceCtrlHandlerExW(SB), R3
+ BL (R3)
+ CMP $0, R0
+ BEQ exit
+ MOVD R0, ·ssHandle(SB)
+
+ MOVD ·goWaitsH(SB), R0
+ MOVD ·cSetEvent(SB), R1
+ BL (R1)
+
+ MOVD ·cWaitsH(SB), R0
+ MOVD $-1, R1
+ MOVD ·cWaitForSingleObject(SB), R2
+ BL (R2)
+
+exit:
+ RET
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index d249919c..bb6aaf89 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -8,6 +8,8 @@ package windows
import (
errorspkg "errors"
+ "fmt"
+ "runtime"
"sync"
"syscall"
"time"
@@ -22,6 +24,7 @@ type HWND uintptr
const (
InvalidHandle = ^Handle(0)
+ InvalidHWND = ^HWND(0)
// Flags for DefineDosDevice.
DDD_EXACT_MATCH_ON_REMOVE = 0x00000004
@@ -64,9 +67,8 @@ const (
LOCKFILE_FAIL_IMMEDIATELY = 0x00000001
LOCKFILE_EXCLUSIVE_LOCK = 0x00000002
- // Return values of SleepEx and other APC functions
- STATUS_USER_APC = 0x000000C0
- WAIT_IO_COMPLETION = STATUS_USER_APC
+ // Return value of SleepEx and other APC functions
+ WAIT_IO_COMPLETION = 0x000000C0
)
// StringToUTF16 is deprecated. Use UTF16FromString instead.
@@ -179,6 +181,11 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys IsWow64Process(handle Handle, isWow64 *bool) (err error) = IsWow64Process
//sys IsWow64Process2(handle Handle, processMachine *uint16, nativeMachine *uint16) (err error) = IsWow64Process2?
//sys CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW
+//sys CreateNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *SecurityAttributes) (handle Handle, err error) [failretval==InvalidHandle] = CreateNamedPipeW
+//sys ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error)
+//sys GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error)
+//sys GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
+//sys SetNamedPipeHandleState(pipe Handle, state *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32) (err error) = SetNamedPipeHandleState
//sys ReadFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error)
//sys WriteFile(handle Handle, buf []byte, done *uint32, overlapped *Overlapped) (err error)
//sys GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error)
@@ -207,15 +214,18 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys GetSystemTimeAsFileTime(time *Filetime)
//sys GetSystemTimePreciseAsFileTime(time *Filetime)
//sys GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) [failretval==0xffffffff]
-//sys CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uint32, threadcnt uint32) (handle Handle, err error)
-//sys GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uint32, overlapped **Overlapped, timeout uint32) (err error)
-//sys PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uint32, overlapped *Overlapped) (err error)
+//sys CreateIoCompletionPort(filehandle Handle, cphandle Handle, key uintptr, threadcnt uint32) (handle Handle, err error)
+//sys GetQueuedCompletionStatus(cphandle Handle, qty *uint32, key *uintptr, overlapped **Overlapped, timeout uint32) (err error)
+//sys PostQueuedCompletionStatus(cphandle Handle, qty uint32, key uintptr, overlapped *Overlapped) (err error)
//sys CancelIo(s Handle) (err error)
//sys CancelIoEx(s Handle, o *Overlapped) (err error)
//sys CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityAttributes, threadSecurity *SecurityAttributes, inheritHandles bool, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *StartupInfo, outProcInfo *ProcessInformation) (err error) = CreateProcessW
+//sys initializeProcThreadAttributeList(attrlist *ProcThreadAttributeList, attrcount uint32, flags uint32, size *uintptr) (err error) = InitializeProcThreadAttributeList
+//sys deleteProcThreadAttributeList(attrlist *ProcThreadAttributeList) = DeleteProcThreadAttributeList
+//sys updateProcThreadAttribute(attrlist *ProcThreadAttributeList, flags uint32, attr uintptr, value unsafe.Pointer, size uintptr, prevvalue unsafe.Pointer, returnedsize *uintptr) (err error) = UpdateProcThreadAttribute
//sys OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error)
//sys ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW
-//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32) = user32.GetWindowThreadProcessId
+//sys GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) = user32.GetWindowThreadProcessId
//sys GetShellWindow() (shellWindow HWND) = user32.GetShellWindow
//sys MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW
//sys ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx
@@ -247,13 +257,14 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys GetCommandLine() (cmd *uint16) = kernel32.GetCommandLineW
//sys CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) [failretval==nil] = shell32.CommandLineToArgvW
//sys LocalFree(hmem Handle) (handle Handle, err error) [failretval!=0]
+//sys LocalAlloc(flags uint32, length uint32) (ptr uintptr, err error)
//sys SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error)
//sys FlushFileBuffers(handle Handle) (err error)
//sys GetFullPathName(path *uint16, buflen uint32, buf *uint16, fname **uint16) (n uint32, err error) = kernel32.GetFullPathNameW
//sys GetLongPathName(path *uint16, buf *uint16, buflen uint32) (n uint32, err error) = kernel32.GetLongPathNameW
//sys GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uint32, err error) = kernel32.GetShortPathNameW
//sys GetFinalPathNameByHandle(file Handle, filePath *uint16, filePathSize uint32, flags uint32) (n uint32, err error) = kernel32.GetFinalPathNameByHandleW
-//sys CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) = kernel32.CreateFileMappingW
+//sys CreateFileMapping(fhandle Handle, sa *SecurityAttributes, prot uint32, maxSizeHigh uint32, maxSizeLow uint32, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateFileMappingW
//sys MapViewOfFile(handle Handle, access uint32, offsetHigh uint32, offsetLow uint32, length uintptr) (addr uintptr, err error)
//sys UnmapViewOfFile(addr uintptr) (err error)
//sys FlushViewOfFile(addr uintptr, length uintptr) (err error)
@@ -264,19 +275,32 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys VirtualProtect(address uintptr, size uintptr, newprotect uint32, oldprotect *uint32) (err error) = kernel32.VirtualProtect
//sys TransmitFile(s Handle, handle Handle, bytesToWrite uint32, bytsPerSend uint32, overlapped *Overlapped, transmitFileBuf *TransmitFileBuffers, flags uint32) (err error) = mswsock.TransmitFile
//sys ReadDirectoryChanges(handle Handle, buf *byte, buflen uint32, watchSubTree bool, mask uint32, retlen *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) = kernel32.ReadDirectoryChangesW
+//sys FindFirstChangeNotification(path string, watchSubtree bool, notifyFilter uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.FindFirstChangeNotificationW
+//sys FindNextChangeNotification(handle Handle) (err error)
+//sys FindCloseChangeNotification(handle Handle) (err error)
//sys CertOpenSystemStore(hprov Handle, name *uint16) (store Handle, err error) = crypt32.CertOpenSystemStoreW
-//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore
+//sys CertOpenStore(storeProvider uintptr, msgAndCertEncodingType uint32, cryptProv uintptr, flags uint32, para uintptr) (handle Handle, err error) = crypt32.CertOpenStore
//sys CertEnumCertificatesInStore(store Handle, prevContext *CertContext) (context *CertContext, err error) [failretval==nil] = crypt32.CertEnumCertificatesInStore
-//sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore
+//sys CertAddCertificateContextToStore(store Handle, certContext *CertContext, addDisposition uint32, storeContext **CertContext) (err error) = crypt32.CertAddCertificateContextToStore
//sys CertCloseStore(store Handle, flags uint32) (err error) = crypt32.CertCloseStore
//sys CertDeleteCertificateFromStore(certContext *CertContext) (err error) = crypt32.CertDeleteCertificateFromStore
//sys CertDuplicateCertificateContext(certContext *CertContext) (dupContext *CertContext) = crypt32.CertDuplicateCertificateContext
-//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore
-//sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain
-//sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain
-//sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext
-//sys CertFreeCertificateContext(ctx *CertContext) (err error) = crypt32.CertFreeCertificateContext
-//sys CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) = crypt32.CertVerifyCertificateChainPolicy
+//sys PFXImportCertStore(pfx *CryptDataBlob, password *uint16, flags uint32) (store Handle, err error) = crypt32.PFXImportCertStore
+//sys CertGetCertificateChain(engine Handle, leaf *CertContext, time *Filetime, additionalStore Handle, para *CertChainPara, flags uint32, reserved uintptr, chainCtx **CertChainContext) (err error) = crypt32.CertGetCertificateChain
+//sys CertFreeCertificateChain(ctx *CertChainContext) = crypt32.CertFreeCertificateChain
+//sys CertCreateCertificateContext(certEncodingType uint32, certEncoded *byte, encodedLen uint32) (context *CertContext, err error) [failretval==nil] = crypt32.CertCreateCertificateContext
+//sys CertFreeCertificateContext(ctx *CertContext) (err error) = crypt32.CertFreeCertificateContext
+//sys CertVerifyCertificateChainPolicy(policyOID uintptr, chain *CertChainContext, para *CertChainPolicyPara, status *CertChainPolicyStatus) (err error) = crypt32.CertVerifyCertificateChainPolicy
+//sys CertGetNameString(certContext *CertContext, nameType uint32, flags uint32, typePara unsafe.Pointer, name *uint16, size uint32) (chars uint32) = crypt32.CertGetNameStringW
+//sys CertFindExtension(objId *byte, countExtensions uint32, extensions *CertExtension) (ret *CertExtension) = crypt32.CertFindExtension
+//sys CertFindCertificateInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevCertContext *CertContext) (cert *CertContext, err error) [failretval==nil] = crypt32.CertFindCertificateInStore
+//sys CertFindChainInStore(store Handle, certEncodingType uint32, findFlags uint32, findType uint32, findPara unsafe.Pointer, prevChainContext *CertChainContext) (certchain *CertChainContext, err error) [failretval==nil] = crypt32.CertFindChainInStore
+//sys CryptAcquireCertificatePrivateKey(cert *CertContext, flags uint32, parameters unsafe.Pointer, cryptProvOrNCryptKey *Handle, keySpec *uint32, callerFreeProvOrNCryptKey *bool) (err error) = crypt32.CryptAcquireCertificatePrivateKey
+//sys CryptQueryObject(objectType uint32, object unsafe.Pointer, expectedContentTypeFlags uint32, expectedFormatTypeFlags uint32, flags uint32, msgAndCertEncodingType *uint32, contentType *uint32, formatType *uint32, certStore *Handle, msg *Handle, context *unsafe.Pointer) (err error) = crypt32.CryptQueryObject
+//sys CryptDecodeObject(encodingType uint32, structType *byte, encodedBytes *byte, lenEncodedBytes uint32, flags uint32, decoded unsafe.Pointer, decodedLen *uint32) (err error) = crypt32.CryptDecodeObject
+//sys CryptProtectData(dataIn *DataBlob, name *uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptProtectData
+//sys CryptUnprotectData(dataIn *DataBlob, name **uint16, optionalEntropy *DataBlob, reserved uintptr, promptStruct *CryptProtectPromptStruct, flags uint32, dataOut *DataBlob) (err error) = crypt32.CryptUnprotectData
+//sys WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) = wintrust.WinVerifyTrustEx
//sys RegOpenKeyEx(key Handle, subkey *uint16, options uint32, desiredAccess uint32, result *Handle) (regerrno error) = advapi32.RegOpenKeyExW
//sys RegCloseKey(key Handle) (regerrno error) = advapi32.RegCloseKey
//sys RegQueryInfoKey(key Handle, class *uint16, classLen *uint32, reserved *uint32, subkeysLen *uint32, maxSubkeyLen *uint32, maxClassLen *uint32, valuesLen *uint32, maxValueNameLen *uint32, maxValueLen *uint32, saLen *uint32, lastWriteTime *Filetime) (regerrno error) = advapi32.RegQueryInfoKeyW
@@ -301,14 +325,14 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys CreateSymbolicLink(symlinkfilename *uint16, targetfilename *uint16, flags uint32) (err error) [failretval&0xff==0] = CreateSymbolicLinkW
//sys CreateHardLink(filename *uint16, existingfilename *uint16, reserved uintptr) (err error) [failretval&0xff==0] = CreateHardLinkW
//sys GetCurrentThreadId() (id uint32)
-//sys CreateEvent(eventAttrs *SecurityAttributes, manualReset uint32, initialState uint32, name *uint16) (handle Handle, err error) = kernel32.CreateEventW
-//sys CreateEventEx(eventAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) = kernel32.CreateEventExW
+//sys CreateEvent(eventAttrs *SecurityAttributes, manualReset uint32, initialState uint32, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateEventW
+//sys CreateEventEx(eventAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateEventExW
//sys OpenEvent(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) = kernel32.OpenEventW
//sys SetEvent(event Handle) (err error) = kernel32.SetEvent
//sys ResetEvent(event Handle) (err error) = kernel32.ResetEvent
//sys PulseEvent(event Handle) (err error) = kernel32.PulseEvent
-//sys CreateMutex(mutexAttrs *SecurityAttributes, initialOwner bool, name *uint16) (handle Handle, err error) = kernel32.CreateMutexW
-//sys CreateMutexEx(mutexAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) = kernel32.CreateMutexExW
+//sys CreateMutex(mutexAttrs *SecurityAttributes, initialOwner bool, name *uint16) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateMutexW
+//sys CreateMutexEx(mutexAttrs *SecurityAttributes, name *uint16, flags uint32, desiredAccess uint32) (handle Handle, err error) [failretval == 0 || e1 == ERROR_ALREADY_EXISTS] = kernel32.CreateMutexExW
//sys OpenMutex(desiredAccess uint32, inheritHandle bool, name *uint16) (handle Handle, err error) = kernel32.OpenMutexW
//sys ReleaseMutex(mutex Handle) (err error) = kernel32.ReleaseMutex
//sys SleepEx(milliseconds uint32, alertable bool) (ret uint32) = kernel32.SleepEx
@@ -323,10 +347,13 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys SetInformationJobObject(job Handle, JobObjectInformationClass uint32, JobObjectInformation uintptr, JobObjectInformationLength uint32) (ret int, err error)
//sys GenerateConsoleCtrlEvent(ctrlEvent uint32, processGroupID uint32) (err error)
//sys GetProcessId(process Handle) (id uint32, err error)
+//sys QueryFullProcessImageName(proc Handle, flags uint32, exeName *uint16, size *uint32) (err error) = kernel32.QueryFullProcessImageNameW
//sys OpenThread(desiredAccess uint32, inheritHandle bool, threadId uint32) (handle Handle, err error)
//sys SetProcessPriorityBoost(process Handle, disable bool) (err error) = kernel32.SetProcessPriorityBoost
//sys GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32)
//sys SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error)
+//sys GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
+//sys SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
// Volume Management Functions
//sys DefineDosDevice(flags uint32, deviceName *uint16, targetPath *uint16) (err error) = DefineDosDeviceW
@@ -356,16 +383,36 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys stringFromGUID2(rguid *GUID, lpsz *uint16, cchMax int32) (chars int32) = ole32.StringFromGUID2
//sys coCreateGuid(pguid *GUID) (ret error) = ole32.CoCreateGuid
//sys CoTaskMemFree(address unsafe.Pointer) = ole32.CoTaskMemFree
-//sys rtlGetVersion(info *OsVersionInfoEx) (ret error) = ntdll.RtlGetVersion
-//sys rtlGetNtVersionNumbers(majorVersion *uint32, minorVersion *uint32, buildNumber *uint32) = ntdll.RtlGetNtVersionNumbers
+//sys CoInitializeEx(reserved uintptr, coInit uint32) (ret error) = ole32.CoInitializeEx
+//sys CoUninitialize() = ole32.CoUninitialize
+//sys CoGetObject(name *uint16, bindOpts *BIND_OPTS3, guid *GUID, functionTable **uintptr) (ret error) = ole32.CoGetObject
//sys getProcessPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetProcessPreferredUILanguages
//sys getThreadPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetThreadPreferredUILanguages
//sys getUserPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetUserPreferredUILanguages
//sys getSystemPreferredUILanguages(flags uint32, numLanguages *uint32, buf *uint16, bufSize *uint32) (err error) = kernel32.GetSystemPreferredUILanguages
+//sys findResource(module Handle, name uintptr, resType uintptr) (resInfo Handle, err error) = kernel32.FindResourceW
+//sys SizeofResource(module Handle, resInfo Handle) (size uint32, err error) = kernel32.SizeofResource
+//sys LoadResource(module Handle, resInfo Handle) (resData Handle, err error) = kernel32.LoadResource
+//sys LockResource(resData Handle) (addr uintptr, err error) = kernel32.LockResource
// Process Status API (PSAPI)
//sys EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
+// NT Native APIs
+//sys rtlNtStatusToDosErrorNoTeb(ntstatus NTStatus) (ret syscall.Errno) = ntdll.RtlNtStatusToDosErrorNoTeb
+//sys rtlGetVersion(info *OsVersionInfoEx) (ntstatus error) = ntdll.RtlGetVersion
+//sys rtlGetNtVersionNumbers(majorVersion *uint32, minorVersion *uint32, buildNumber *uint32) = ntdll.RtlGetNtVersionNumbers
+//sys RtlGetCurrentPeb() (peb *PEB) = ntdll.RtlGetCurrentPeb
+//sys RtlInitUnicodeString(destinationString *NTUnicodeString, sourceString *uint16) = ntdll.RtlInitUnicodeString
+//sys RtlInitString(destinationString *NTString, sourceString *byte) = ntdll.RtlInitString
+//sys NtCreateFile(handle *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, allocationSize *int64, attributes uint32, share uint32, disposition uint32, options uint32, eabuffer uintptr, ealength uint32) (ntstatus error) = ntdll.NtCreateFile
+//sys NtCreateNamedPipeFile(pipe *Handle, access uint32, oa *OBJECT_ATTRIBUTES, iosb *IO_STATUS_BLOCK, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (ntstatus error) = ntdll.NtCreateNamedPipeFile
+//sys RtlDosPathNameToNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToNtPathName_U_WithStatus
+//sys RtlDosPathNameToRelativeNtPathName(dosName *uint16, ntName *NTUnicodeString, ntFileNamePart *uint16, relativeName *RTL_RELATIVE_NAME) (ntstatus error) = ntdll.RtlDosPathNameToRelativeNtPathName_U_WithStatus
+//sys RtlDefaultNpAcl(acl **ACL) (ntstatus error) = ntdll.RtlDefaultNpAcl
+//sys NtQueryInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32, retLen *uint32) (ntstatus error) = ntdll.NtQueryInformationProcess
+//sys NtSetInformationProcess(proc Handle, procInfoClass int32, procInfo unsafe.Pointer, procInfoLen uint32) (ntstatus error) = ntdll.NtSetInformationProcess
+
// syscall interface implementation for other packages
// GetCurrentProcess returns the handle for the current process.
@@ -759,6 +806,7 @@ const socket_error = uintptr(^uint32(0))
//sys WSASend(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSASend
//sys WSARecvFrom(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32, from *RawSockaddrAny, fromlen *int32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSARecvFrom
//sys WSASendTo(s Handle, bufs *WSABuf, bufcnt uint32, sent *uint32, flags uint32, to *RawSockaddrAny, tolen int32, overlapped *Overlapped, croutine *byte) (err error) [failretval==socket_error] = ws2_32.WSASendTo
+//sys WSASocket(af int32, typ int32, protocol int32, protoInfo *WSAProtocolInfo, group uint32, flags uint32) (handle Handle, err error) [failretval==InvalidHandle] = ws2_32.WSASocketW
//sys GetHostByName(name string) (h *Hostent, err error) [failretval==nil] = ws2_32.gethostbyname
//sys GetServByName(name string, proto string) (s *Servent, err error) [failretval==nil] = ws2_32.getservbyname
//sys Ntohs(netshort uint16) (u uint16) = ws2_32.ntohs
@@ -772,6 +820,7 @@ const socket_error = uintptr(^uint32(0))
//sys GetAdaptersInfo(ai *IpAdapterInfo, ol *uint32) (errcode error) = iphlpapi.GetAdaptersInfo
//sys SetFileCompletionNotificationModes(handle Handle, flags uint8) (err error) = kernel32.SetFileCompletionNotificationModes
//sys WSAEnumProtocols(protocols *int32, protocolBuffer *WSAProtocolInfo, bufferLength *uint32) (n int32, err error) [failretval==-1] = ws2_32.WSAEnumProtocolsW
+//sys WSAGetOverlappedResult(h Handle, o *Overlapped, bytes *uint32, wait bool, flags *uint32) (err error) = ws2_32.WSAGetOverlappedResult
//sys GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) = iphlpapi.GetAdaptersAddresses
//sys GetACP() (acp uint32) = kernel32.GetACP
//sys MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
@@ -1494,3 +1543,129 @@ func getUILanguages(flags uint32, f func(flags uint32, numLanguages *uint32, buf
func SetConsoleCursorPosition(console Handle, position Coord) error {
return setConsoleCursorPosition(console, *((*uint32)(unsafe.Pointer(&position))))
}
+
+func (s NTStatus) Errno() syscall.Errno {
+ return rtlNtStatusToDosErrorNoTeb(s)
+}
+
+func langID(pri, sub uint16) uint32 { return uint32(sub)<<10 | uint32(pri) }
+
+func (s NTStatus) Error() string {
+ b := make([]uint16, 300)
+ n, err := FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_FROM_HMODULE|FORMAT_MESSAGE_ARGUMENT_ARRAY, modntdll.Handle(), uint32(s), langID(LANG_ENGLISH, SUBLANG_ENGLISH_US), b, nil)
+ if err != nil {
+ return fmt.Sprintf("NTSTATUS 0x%08x", uint32(s))
+ }
+ // trim terminating \r and \n
+ for ; n > 0 && (b[n-1] == '\n' || b[n-1] == '\r'); n-- {
+ }
+ return string(utf16.Decode(b[:n]))
+}
+
+// NewNTUnicodeString returns a new NTUnicodeString structure for use with native
+// NT APIs that work over the NTUnicodeString type. Note that most Windows APIs
+// do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
+// the more common *uint16 string type.
+func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
+ var u NTUnicodeString
+ s16, err := UTF16PtrFromString(s)
+ if err != nil {
+ return nil, err
+ }
+ RtlInitUnicodeString(&u, s16)
+ return &u, nil
+}
+
+// Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
+func (s *NTUnicodeString) Slice() []uint16 {
+ var slice []uint16
+ hdr := (*unsafeheader.Slice)(unsafe.Pointer(&slice))
+ hdr.Data = unsafe.Pointer(s.Buffer)
+ hdr.Len = int(s.Length)
+ hdr.Cap = int(s.MaximumLength)
+ return slice
+}
+
+func (s *NTUnicodeString) String() string {
+ return UTF16ToString(s.Slice())
+}
+
+// NewNTString returns a new NTString structure for use with native
+// NT APIs that work over the NTString type. Note that most Windows APIs
+// do not use NTString, and instead UTF16PtrFromString should be used for
+// the more common *uint16 string type.
+func NewNTString(s string) (*NTString, error) {
+ var nts NTString
+ s8, err := BytePtrFromString(s)
+ if err != nil {
+ return nil, err
+ }
+ RtlInitString(&nts, s8)
+ return &nts, nil
+}
+
+// Slice returns a byte slice that aliases the data in the NTString.
+func (s *NTString) Slice() []byte {
+ var slice []byte
+ hdr := (*unsafeheader.Slice)(unsafe.Pointer(&slice))
+ hdr.Data = unsafe.Pointer(s.Buffer)
+ hdr.Len = int(s.Length)
+ hdr.Cap = int(s.MaximumLength)
+ return slice
+}
+
+func (s *NTString) String() string {
+ return ByteSliceToString(s.Slice())
+}
+
+// FindResource resolves a resource of the given name and resource type.
+func FindResource(module Handle, name, resType ResourceIDOrString) (Handle, error) {
+ var namePtr, resTypePtr uintptr
+ var name16, resType16 *uint16
+ var err error
+ resolvePtr := func(i interface{}, keep **uint16) (uintptr, error) {
+ switch v := i.(type) {
+ case string:
+ *keep, err = UTF16PtrFromString(v)
+ if err != nil {
+ return 0, err
+ }
+ return uintptr(unsafe.Pointer(*keep)), nil
+ case ResourceID:
+ return uintptr(v), nil
+ }
+ return 0, errorspkg.New("parameter must be a ResourceID or a string")
+ }
+ namePtr, err = resolvePtr(name, &name16)
+ if err != nil {
+ return 0, err
+ }
+ resTypePtr, err = resolvePtr(resType, &resType16)
+ if err != nil {
+ return 0, err
+ }
+ resInfo, err := findResource(module, namePtr, resTypePtr)
+ runtime.KeepAlive(name16)
+ runtime.KeepAlive(resType16)
+ return resInfo, err
+}
+
+func LoadResourceData(module, resInfo Handle) (data []byte, err error) {
+ size, err := SizeofResource(module, resInfo)
+ if err != nil {
+ return
+ }
+ resData, err := LoadResource(module, resInfo)
+ if err != nil {
+ return
+ }
+ ptr, err := LockResource(resData)
+ if err != nil {
+ return
+ }
+ h := (*unsafeheader.Slice)(unsafe.Pointer(&data))
+ h.Data = unsafe.Pointer(ptr)
+ h.Len = int(size)
+ h.Cap = int(size)
+ return
+}
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index b3bd0da4..23fe18ec 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -10,6 +10,10 @@ import (
"unsafe"
)
+// NTStatus corresponds with NTSTATUS, error values returned by ntdll.dll and
+// other native functions.
+type NTStatus uint32
+
const (
// Invented values to support what package os expects.
O_RDONLY = 0x00000
@@ -215,6 +219,18 @@ const (
INHERIT_PARENT_AFFINITY = 0x00010000
)
+const (
+ // attributes for ProcThreadAttributeList
+ PROC_THREAD_ATTRIBUTE_PARENT_PROCESS = 0x00020000
+ PROC_THREAD_ATTRIBUTE_HANDLE_LIST = 0x00020002
+ PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY = 0x00030003
+ PROC_THREAD_ATTRIBUTE_PREFERRED_NODE = 0x00020004
+ PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR = 0x00030005
+ PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 0x00020007
+ PROC_THREAD_ATTRIBUTE_UMS_THREAD = 0x00030006
+ PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL = 0x0002000b
+)
+
const (
// flags for CreateToolhelp32Snapshot
TH32CS_SNAPHEAPLIST = 0x01
@@ -227,7 +243,7 @@ const (
)
const (
- // filters for ReadDirectoryChangesW
+ // filters for ReadDirectoryChangesW and FindFirstChangeNotificationW
FILE_NOTIFY_CHANGE_FILE_NAME = 0x001
FILE_NOTIFY_CHANGE_DIR_NAME = 0x002
FILE_NOTIFY_CHANGE_ATTRIBUTES = 0x004
@@ -287,6 +303,23 @@ const (
PKCS12_NO_PERSIST_KEY = 0x00008000
PKCS12_INCLUDE_EXTENDED_PROPERTIES = 0x00000010
+ /* Flags for CryptAcquireCertificatePrivateKey */
+ CRYPT_ACQUIRE_CACHE_FLAG = 0x00000001
+ CRYPT_ACQUIRE_USE_PROV_INFO_FLAG = 0x00000002
+ CRYPT_ACQUIRE_COMPARE_KEY_FLAG = 0x00000004
+ CRYPT_ACQUIRE_NO_HEALING = 0x00000008
+ CRYPT_ACQUIRE_SILENT_FLAG = 0x00000040
+ CRYPT_ACQUIRE_WINDOW_HANDLE_FLAG = 0x00000080
+ CRYPT_ACQUIRE_NCRYPT_KEY_FLAGS_MASK = 0x00070000
+ CRYPT_ACQUIRE_ALLOW_NCRYPT_KEY_FLAG = 0x00010000
+ CRYPT_ACQUIRE_PREFER_NCRYPT_KEY_FLAG = 0x00020000
+ CRYPT_ACQUIRE_ONLY_NCRYPT_KEY_FLAG = 0x00040000
+
+ /* pdwKeySpec for CryptAcquireCertificatePrivateKey */
+ AT_KEYEXCHANGE = 1
+ AT_SIGNATURE = 2
+ CERT_NCRYPT_KEY_SPEC = 0xFFFFFFFF
+
/* Default usage match type is AND with value zero */
USAGE_MATCH_TYPE_AND = 0
USAGE_MATCH_TYPE_OR = 1
@@ -412,6 +445,89 @@ const (
CERT_TRUST_IS_CA_TRUSTED = 0x00004000
CERT_TRUST_IS_COMPLEX_CHAIN = 0x00010000
+ /* Certificate Information Flags */
+ CERT_INFO_VERSION_FLAG = 1
+ CERT_INFO_SERIAL_NUMBER_FLAG = 2
+ CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3
+ CERT_INFO_ISSUER_FLAG = 4
+ CERT_INFO_NOT_BEFORE_FLAG = 5
+ CERT_INFO_NOT_AFTER_FLAG = 6
+ CERT_INFO_SUBJECT_FLAG = 7
+ CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8
+ CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9
+ CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10
+ CERT_INFO_EXTENSION_FLAG = 11
+
+ /* dwFindType for CertFindCertificateInStore */
+ CERT_COMPARE_MASK = 0xFFFF
+ CERT_COMPARE_SHIFT = 16
+ CERT_COMPARE_ANY = 0
+ CERT_COMPARE_SHA1_HASH = 1
+ CERT_COMPARE_NAME = 2
+ CERT_COMPARE_ATTR = 3
+ CERT_COMPARE_MD5_HASH = 4
+ CERT_COMPARE_PROPERTY = 5
+ CERT_COMPARE_PUBLIC_KEY = 6
+ CERT_COMPARE_HASH = CERT_COMPARE_SHA1_HASH
+ CERT_COMPARE_NAME_STR_A = 7
+ CERT_COMPARE_NAME_STR_W = 8
+ CERT_COMPARE_KEY_SPEC = 9
+ CERT_COMPARE_ENHKEY_USAGE = 10
+ CERT_COMPARE_CTL_USAGE = CERT_COMPARE_ENHKEY_USAGE
+ CERT_COMPARE_SUBJECT_CERT = 11
+ CERT_COMPARE_ISSUER_OF = 12
+ CERT_COMPARE_EXISTING = 13
+ CERT_COMPARE_SIGNATURE_HASH = 14
+ CERT_COMPARE_KEY_IDENTIFIER = 15
+ CERT_COMPARE_CERT_ID = 16
+ CERT_COMPARE_CROSS_CERT_DIST_POINTS = 17
+ CERT_COMPARE_PUBKEY_MD5_HASH = 18
+ CERT_COMPARE_SUBJECT_INFO_ACCESS = 19
+ CERT_COMPARE_HASH_STR = 20
+ CERT_COMPARE_HAS_PRIVATE_KEY = 21
+ CERT_FIND_ANY = (CERT_COMPARE_ANY << CERT_COMPARE_SHIFT)
+ CERT_FIND_SHA1_HASH = (CERT_COMPARE_SHA1_HASH << CERT_COMPARE_SHIFT)
+ CERT_FIND_MD5_HASH = (CERT_COMPARE_MD5_HASH << CERT_COMPARE_SHIFT)
+ CERT_FIND_SIGNATURE_HASH = (CERT_COMPARE_SIGNATURE_HASH << CERT_COMPARE_SHIFT)
+ CERT_FIND_KEY_IDENTIFIER = (CERT_COMPARE_KEY_IDENTIFIER << CERT_COMPARE_SHIFT)
+ CERT_FIND_HASH = CERT_FIND_SHA1_HASH
+ CERT_FIND_PROPERTY = (CERT_COMPARE_PROPERTY << CERT_COMPARE_SHIFT)
+ CERT_FIND_PUBLIC_KEY = (CERT_COMPARE_PUBLIC_KEY << CERT_COMPARE_SHIFT)
+ CERT_FIND_SUBJECT_NAME = (CERT_COMPARE_NAME<