diff --git a/sdk_container/src/third_party/coreos-overlay/dev-lang/go/Manifest b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/Manifest index eddab03201..a398d29453 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-lang/go/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/Manifest @@ -1,5 +1,5 @@ DIST go1.10.8.src.tar.gz 18333813 BLAKE2B 69fd0e7c3e265162e48b2ed90c8f560071322a093e09ca926d3cb94f4f9b44548652066d0c2f44696f0da5e7342f3afa894b71116f9451a0b2438eb0e0df42df SHA512 c274b99e39b78dfdf6b6b1c4fd6a5a54bff1b3eba55a879413692586ac7f0d30772416dcb5f715213c650946ade649bd424981f77508d92510c717d1845e3ede -DIST go1.12.7.src.tar.gz 21976647 BLAKE2B bf0c723f1e02048d91844c7b8908500c83442a8ab7ceeaacdb37d7204f72d80331eab44de54f99411479be8e645b2626fb8a34df0cedbd75fa57c4e1d84d493a SHA512 f84c6b89dea9df21f0efa07564eb80baeee5bc2d68cced5fd645ebb32e9317e60b657afe011c81e7739d8a93e4b4dafa0b4f78431a009d36e05de55f89ed0fd6 +DIST go1.12.9.src.tar.gz 21979950 BLAKE2B dca7e3afcabd513c4b8193e93c0a1ed1a2326dccfce9b909d97b3731fffbe7e26712ab164645e06a316baa949b1e0b14a2fea8d23e6f90fd5b72afa0d15b432b SHA512 57041e7fb767f528aa9fc2592d205d3a7c120c73f92dc8d91f17f816e12aa6152c8421b333081800a5f50b1bb656f203a25faf8ed92c69a6ec164ce0a5619c13 DIST go1.6.3.src.tar.gz 12617426 BLAKE2B 4d51c4f848d29176282e61396ea8a6ae580e743cc4a21deb3b0fc1f417ed50ff33bec4f3712f4d0c89d33ce1ec34638d5fc1b356ff0b88a6cb290d5aae789d15 SHA512 43e9b01220788112a185500bd53f091e7a0023a790092f428e2f40fc1a334dd148558b99d2a1c871b8cc79ad7d2d87a092b93eee7b5a27c2ee675c494de35306 DIST go1.7.6.src.tar.gz 14173249 BLAKE2B 5202382c293213f02909c52c8057776abf1104bba3443db4956d9ab2aa37cfc0661eafb6f56d539384fd425c86aff4f6a756ecd09688d5be0086d761b2865b77 SHA512 b01846bfb17bf91a9c493c4d6c43bbe7e17270b9e8a229a2be4032b78ef9395f5512917ea9faab74a120c755bbd53bbd816b033caadcbb7679e91702b37f8c7f DIST go1.8.7.src.tar.gz 15359792 BLAKE2B b645964d99c0e04f56bd81db820b6cc07bbea608ec5497469a14e99ba42153bd1b2653b182ec27a76b9327eb386ccd5e901871bce62f2f719f35a96594969cbb SHA512 bbe78ab240ce66f0e7c0ba0d5c8915699db1538087cbcd22fa1566c62cb2e4658f467cbbde107f254e84e5744a1db578fc1a6f1784586937cba3d0942e2e6532 diff --git a/sdk_container/src/third_party/coreos-overlay/dev-lang/go/files/go-1.12-revert-url-parsing-change.patch b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/files/go-1.12-revert-url-parsing-change.patch new file mode 100644 index 0000000000..c51555fd9e --- /dev/null +++ b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/files/go-1.12-revert-url-parsing-change.patch @@ -0,0 +1,241 @@ +From 509793509fee8ada6d2d28cf0cd885a8f270bcf6 Mon Sep 17 00:00:00 2001 +From: Benjamin Gilbert +Date: Tue, 8 Oct 2019 20:43:53 -0400 +Subject: [PATCH] Revert "[release-branch.go1.12-security] net/url: make + Hostname and Port predictable for invalid Host values" + +This breaks rkt for docker:// URLs that don't specify a registry. + +This reverts commit 3226f2d492963d361af9dfc6714ef141ba606713. +--- + src/net/http/transport.go | 2 - + src/net/http/transport_test.go | 2 +- + src/net/url/url.go | 54 ++++++++++++------------ + src/net/url/url_test.go | 76 +++++++++++++++++----------------- + 4 files changed, 65 insertions(+), 69 deletions(-) + +diff --git a/src/net/http/transport.go b/src/net/http/transport.go +index e946760963..07920cfde3 100644 +--- a/src/net/http/transport.go ++++ b/src/net/http/transport.go +@@ -655,8 +655,6 @@ func resetProxyConfig() { + } + + func (t *Transport) connectMethodForRequest(treq *transportRequest) (cm connectMethod, err error) { +- // TODO: the validPort check is redundant after CL 189258, as url.URL.Port +- // only returns valid ports now. golang.org/issue/33600 + if port := treq.URL.Port(); !validPort(port) { + return cm, fmt.Errorf("invalid URL port %q", port) + } +diff --git a/src/net/http/transport_test.go b/src/net/http/transport_test.go +index 5c329543e2..f66e72a00f 100644 +--- a/src/net/http/transport_test.go ++++ b/src/net/http/transport_test.go +@@ -4163,7 +4163,7 @@ func TestTransportRejectsAlphaPort(t *testing.T) { + t.Fatalf("got %#v; want *url.Error", err) + } + got := ue.Err.Error() +- want := `invalid port ":123foo" after host` ++ want := `invalid URL port "123foo"` + if got != want { + t.Errorf("got error %q; want %q", got, want) + } +diff --git a/src/net/url/url.go b/src/net/url/url.go +index 337861f80d..64274a0a36 100644 +--- a/src/net/url/url.go ++++ b/src/net/url/url.go +@@ -655,11 +655,6 @@ func parseHost(host string) (string, error) { + } + return host1 + host2 + host3, nil + } +- } else if i := strings.LastIndex(host, ":"); i != -1 { +- colonPort := host[i:] +- if !validOptionalPort(colonPort) { +- return "", fmt.Errorf("invalid port %q after host", colonPort) +- } + } + + var err error +@@ -1058,39 +1053,44 @@ func (u *URL) RequestURI() string { + return result + } + +-// Hostname returns u.Host, stripping any valid port number if present. ++// Hostname returns u.Host, without any port number. + // +-// If the result is enclosed in square brackets, as literal IPv6 addresses are, +-// the square brackets are removed from the result. ++// If Host is an IPv6 literal with a port number, Hostname returns the ++// IPv6 literal without the square brackets. IPv6 literals may include ++// a zone identifier. + func (u *URL) Hostname() string { +- host, _ := splitHostPort(u.Host) +- return host ++ return stripPort(u.Host) + } + + // Port returns the port part of u.Host, without the leading colon. +-// +-// If u.Host doesn't contain a valid numeric port, Port returns an empty string. ++// If u.Host doesn't contain a port, Port returns an empty string. + func (u *URL) Port() string { +- _, port := splitHostPort(u.Host) +- return port ++ return portOnly(u.Host) + } + +-// splitHostPort separates host and port. If the port is not valid, it returns +-// the entire input as host, and it doesn't check the validity of the host. +-// Unlike net.SplitHostPort, but per RFC 3986, it requires ports to be numeric. +-func splitHostPort(hostport string) (host, port string) { +- host = hostport +- +- colon := strings.LastIndexByte(host, ':') +- if colon != -1 && validOptionalPort(host[colon:]) { +- host, port = host[:colon], host[colon+1:] ++func stripPort(hostport string) string { ++ colon := strings.IndexByte(hostport, ':') ++ if colon == -1 { ++ return hostport + } +- +- if strings.HasPrefix(host, "[") && strings.HasSuffix(host, "]") { +- host = host[1 : len(host)-1] ++ if i := strings.IndexByte(hostport, ']'); i != -1 { ++ return strings.TrimPrefix(hostport[:i], "[") + } ++ return hostport[:colon] ++} + +- return ++func portOnly(hostport string) string { ++ colon := strings.IndexByte(hostport, ':') ++ if colon == -1 { ++ return "" ++ } ++ if i := strings.Index(hostport, "]:"); i != -1 { ++ return hostport[i+len("]:"):] ++ } ++ if strings.Contains(hostport, "]") { ++ return "" ++ } ++ return hostport[colon+len(":"):] + } + + // Marshaling interface implementations. +diff --git a/src/net/url/url_test.go b/src/net/url/url_test.go +index b6f4623a52..c5fc90d515 100644 +--- a/src/net/url/url_test.go ++++ b/src/net/url/url_test.go +@@ -422,10 +422,10 @@ var urltests = []URLTest{ + }, + // worst case host, still round trips + { +- "scheme://!$&'()*+,;=hello!:1/path", ++ "scheme://!$&'()*+,;=hello!:port/path", + &URL{ + Scheme: "scheme", +- Host: "!$&'()*+,;=hello!:1", ++ Host: "!$&'()*+,;=hello!:port", + Path: "/path", + }, + "", +@@ -1420,13 +1420,11 @@ func TestParseErrors(t *testing.T) { + {"http://[::1]", false}, + {"http://[::1]:80", false}, + {"http://[::1]:namedport", true}, // rfc3986 3.2.3 +- {"http://x:namedport", true}, // rfc3986 3.2.3 + {"http://[::1]/", false}, + {"http://[::1]a", true}, + {"http://[::1]%23", true}, + {"http://[::1%25en0]", false}, // valid zone id + {"http://[::1]:", false}, // colon, but no port OK +- {"http://x:", false}, // colon, but no port OK + {"http://[::1]:%38%30", true}, // not allowed: % encoding only for non-ASCII + {"http://[::1%25%41]", false}, // RFC 6874 allows over-escaping in zone + {"http://[%10::1]", true}, // no %xx escapes in IP address +@@ -1618,46 +1616,46 @@ func TestURLErrorImplementsNetError(t *testing.T) { + } + } + +-func TestURLHostnameAndPort(t *testing.T) { ++func TestURLHostname(t *testing.T) { + tests := []struct { +- in string // URL.Host field +- host string +- port string ++ host string // URL.Host field ++ want string + }{ +- {"foo.com:80", "foo.com", "80"}, +- {"foo.com", "foo.com", ""}, +- {"foo.com:", "foo.com", ""}, +- {"FOO.COM", "FOO.COM", ""}, // no canonicalization +- {"1.2.3.4", "1.2.3.4", ""}, +- {"1.2.3.4:80", "1.2.3.4", "80"}, +- {"[1:2:3:4]", "1:2:3:4", ""}, +- {"[1:2:3:4]:80", "1:2:3:4", "80"}, +- {"[::1]:80", "::1", "80"}, +- {"[::1]", "::1", ""}, +- {"[::1]:", "::1", ""}, +- {"localhost", "localhost", ""}, +- {"localhost:443", "localhost", "443"}, +- {"some.super.long.domain.example.org:8080", "some.super.long.domain.example.org", "8080"}, +- {"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]:17000", "2001:0db8:85a3:0000:0000:8a2e:0370:7334", "17000"}, +- {"[2001:0db8:85a3:0000:0000:8a2e:0370:7334]", "2001:0db8:85a3:0000:0000:8a2e:0370:7334", ""}, +- +- // Ensure that even when not valid, Host is one of "Hostname", +- // "Hostname:Port", "[Hostname]" or "[Hostname]:Port". +- // See https://golang.org/issue/29098. +- {"[google.com]:80", "google.com", "80"}, +- {"google.com]:80", "google.com]", "80"}, +- {"google.com:80_invalid_port", "google.com:80_invalid_port", ""}, +- {"[::1]extra]:80", "::1]extra", "80"}, +- {"google.com]extra:extra", "google.com]extra:extra", ""}, ++ {"foo.com:80", "foo.com"}, ++ {"foo.com", "foo.com"}, ++ {"FOO.COM", "FOO.COM"}, // no canonicalization (yet?) ++ {"1.2.3.4", "1.2.3.4"}, ++ {"1.2.3.4:80", "1.2.3.4"}, ++ {"[1:2:3:4]", "1:2:3:4"}, ++ {"[1:2:3:4]:80", "1:2:3:4"}, ++ {"[::1]:80", "::1"}, + } + for _, tt := range tests { +- u := &URL{Host: tt.in} +- host, port := u.Hostname(), u.Port() +- if host != tt.host { +- t.Errorf("Hostname for Host %q = %q; want %q", tt.in, host, tt.host) ++ u := &URL{Host: tt.host} ++ got := u.Hostname() ++ if got != tt.want { ++ t.Errorf("Hostname for Host %q = %q; want %q", tt.host, got, tt.want) + } +- if port != tt.port { +- t.Errorf("Port for Host %q = %q; want %q", tt.in, port, tt.port) ++ } ++} ++ ++func TestURLPort(t *testing.T) { ++ tests := []struct { ++ host string // URL.Host field ++ want string ++ }{ ++ {"foo.com", ""}, ++ {"foo.com:80", "80"}, ++ {"1.2.3.4", ""}, ++ {"1.2.3.4:80", "80"}, ++ {"[1:2:3:4]", ""}, ++ {"[1:2:3:4]:80", "80"}, ++ } ++ for _, tt := range tests { ++ u := &URL{Host: tt.host} ++ got := u.Port() ++ if got != tt.want { ++ t.Errorf("Port for Host %q = %q; want %q", tt.host, got, tt.want) + } + } + } +-- +2.21.0 + diff --git a/sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.7.ebuild b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.9.ebuild similarity index 67% rename from sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.7.ebuild rename to sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.9.ebuild index ad9a86ce7d..1c8279bc14 100644 --- a/sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.7.ebuild +++ b/sdk_container/src/third_party/coreos-overlay/dev-lang/go/go-1.12.9.ebuild @@ -6,3 +6,7 @@ EAPI=6 inherit coreos-go-lang KEYWORDS="-* amd64 arm64" + +PATCHES=( + "${FILESDIR}/${PN}-1.12-revert-url-parsing-change.patch" +) diff --git a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.7 b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.9 similarity index 88% rename from sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.7 rename to sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.9 index a15d05ebb1..2e4d375cd2 100644 --- a/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.7 +++ b/sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/dev-lang/go-1.12.9 @@ -6,7 +6,7 @@ HOMEPAGE=http://www.golang.org KEYWORDS=-* amd64 arm64 LICENSE=BSD RDEPEND=app-eselect/eselect-go -SLOT=1.12/1.12.7 -SRC_URI=https://storage.googleapis.com/golang/go1.12.7.src.tar.gz +SLOT=1.12/1.12.9 +SRC_URI=https://storage.googleapis.com/golang/go1.12.9.src.tar.gz _eclasses_=coreos-go-lang 5983edbc8ebcd4ee0977c514df5904e2 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic a09389deba2c0a7108b581e02c7cecbf ltprune 2729691420b6deeda2a90b1f1183fb55 multilib 1d91b03d42ab6308b5f4f6b598ed110e preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs 8c7f9d80beedd16f2e5a7f612c609529 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf versionator 2352c3fc97241f6a02042773c8287748 -_md5_=56ed4de8e59389e15783b340121042de +_md5_=ee4704deb2829906d3d630d75a6f4580