This PR fixes the `TestTransportAbortClosesPipes()` test, which was calling `T.Fatal()` from inside a goroutine. `testing.T.Fatal()` is a convenience function that calls `testing.T.Log()` before `testing.T.FailNow()`.
From the godoc for `testing.T.FailNow()`:
> FailNow must be called from the goroutine running the test or benchmark function, not from other goroutines created during the test. Calling FailNow does not stop those other goroutines.
Change-Id: I34d13fc5a14be8b00bee7eae590781bb1ef3ae55
GitHub-Last-Rev: c3929733c5
GitHub-Pull-Request: golang/net#56
Reviewed-on: https://go-review.googlesource.com/c/net/+/203479
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
While in http/1.1 the `http.Transport.DisableKeepAlives` directive disallows re-usage of the connection, in http2 it's currently implemented as "close the connection as soon as possible" (when the connection is idle).
Fixesgolang/go#33260
Change-Id: I5c167029062168f53a2cd15b5fbd19c1589cf175
GitHub-Last-Rev: e35ab6278d
GitHub-Pull-Request: golang/net#48
Reviewed-on: https://go-review.googlesource.com/c/net/+/187958
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Once the pipe is broken, any remaining data needs to be reported as well
as any data that is written but dropped.
The client side flow control can eventually run out of available bytes
to be sent since no WINDOW_UPDATE is sent to reflect the data that is
never read in the pipe.
Updates golang/go#28634
Change-Id: I83f3c9d3614cd92517af2687489d2ccbf3a65456
Reviewed-on: https://go-review.googlesource.com/c/net/+/187377
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
In certain shutdown cases (from the client and/or server), the http2
Server can Push stream-specific frames on closed streams. This caused
memory leaks in the random write scheduler.
As a conservative fix for backporting, just clear the map element
whenever its queue value is empty. The map entry is re-created as
needed anyway. This isn't perfectly ideal (it adds a map+delete and
free queue put+get) in the case where a stream is open & actively
writing, but it's an easy fix for now. A future CL can optimize all
this code. It looks like there are some other good optimization
opportunities in related code anyway. But I'd rather that happen on
master and not be done in a backported change.
Fixesgolang/go#33812
Change-Id: I21508ba2ebc361e8b8532d0d1cebf882e82c473c
Reviewed-on: https://go-review.googlesource.com/c/net/+/198462
Reviewed-by: Bryan C. Mills <bcmills@google.com>
- DragonFly BSD removed RTM_OLDADD and RTM_OLDDEL
constants on Aug 4th, 2017 and are now gone in both master
branch and RELEASE 5.6. It also removed IPV6_IPSEC_POLICY
constant since IPSEC was removed from base and kernel.
Change-Id: I99fbdfcb95fb276374f7b2dbd5fa30fe3f30f709
GitHub-Last-Rev: 1f27a0e26e
GitHub-Pull-Request: golang/net#54
Reviewed-on: https://go-review.googlesource.com/c/net/+/197599
Reviewed-by: Benny Siegert <bsiegert@gmail.com>
Run-TryBot: Benny Siegert <bsiegert@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Update the base image to Go 1.13. It is the latest Go release and
it has TLS 1.3 on by default.
Remove the explicit setting of GOPROXY to https://proxy.golang.org,
since that value is already the default in Go 1.13.
Change-Id: I0d9b684a7f53d27d21b0f92b300ec64d4d47e1fe
Reviewed-on: https://go-review.googlesource.com/c/net/+/196139
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
The current clean() replaces : with _ (colons are internally used as
separators).
This produce can produce same output for different inputs, for example
the user _foo_ can obtain valid tokens for user :foo:.
This CL replace colons with double colons instead of replacing them
with underscores.
Fixesgolang/go#34308
Change-Id: I3e4148a0836e62fda1a5f0ba32b375121368afd3
Reviewed-on: https://go-review.googlesource.com/c/net/+/196457
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The build constraint is no longer useful. It doesn't prevent this
package contributing module requirements to x/net, that was already
resolved by carving h2demo into its own module in golang/go#30685.
Few people do go get -u golang.org/x/net/... in GOPATH mode by now,
so there's no need to optimize for avoiding polluting GOPATH/bin.
Removing the build constraint allows the package to be visible and
tested by trybots and builders. It's also simpler.
Fixesgolang/go#34361
Change-Id: I84b5d70aab210ca8e4f5494160ae4d9049ef08ad
Reviewed-on: https://go-review.googlesource.com/c/net/+/196036
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Check EOF eagerly on the request body when its content-length
is specified and it is expected to end. Thus, the data frame
containing the last chunk of data of the body will be marked with
END_STREAM eagerly.
In case the request body is larger than the specified content-length,
the request will be aborted and returned with an error.
Fixesgolang/go#32254
Change-Id: Id24c043c7cc3a41421dfd099a139f1b1e08056b9
Reviewed-on: https://go-review.googlesource.com/c/net/+/181157
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
An attacker could cause servers to queue an unlimited number of PING
ACKs or RST_STREAM frames by soliciting them and not reading them, until
the program runs out of memory.
Limit control frames in the queue to a few thousands (matching the limit
imposed by other vendors) by counting as they enter and exit the scheduler,
so the protection will work with any WriteScheduler.
Once the limit is exceeded, close the connection, as we have no way to
communicate with the peer.
This addresses CVE-2019-9512 and CVE-2019-9514.
Fixesgolang/go#33606
Change-Id: I842968fc6ed3eac654b497ade8cea86f7267886b
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/525552
Reviewed-by: Brad Fitzpatrick <bradfitz@google.com>
Modified `TestDial` to emulate `internal/socks/dial_test.go` and leverage `nettest#NetLocalListener()` while also honoring the returned `net.Listener` address. It seems that the wasm/js runtime doesn't like dialing addresses with no host.
Fixesgolang/go#32842
Change-Id: I1915f2ebac773f24a5b37ab7c09a52137abe758d
GitHub-Last-Rev: 8f2967fa7d
GitHub-Pull-Request: golang/net#45
Reviewed-on: https://go-review.googlesource.com/c/net/+/184178
Reviewed-by: Bryan C. Mills <bcmills@google.com>
Run-TryBot: Bryan C. Mills <bcmills@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
The bpf VM did not correctly check the bounds of LoadMemShift
instructions, as it used a size of 0 instead of the correct 1.
A LoadMemShift instruction 1 past the end of the input resulted in a
runtime panic:
panic(0x5c1d40, 0x7cec00)
/usr/local/go/src/runtime/panic.go:522 +0x1b5
golang.org/x/net/bpf.loadMemShift(...)
/home/afabre/go/pkg/mod/golang.org/x/net@v0.0.0-20190603091049-60506f45cf65/bpf/vm_instructions.go:137
golang.org/x/net/bpf.(*VM).Run(0xc00000ec40, 0xc0000173c8, 0x2, 0x8, 0x2, 0xc0000173c8, 0x0)
/home/afabre/go/pkg/mod/golang.org/x/net@v0.0.0-20190603091049-60506f45cf65/bpf/vm.go:131 +0xb0a
Fix this, and rework the out of bounds tests for load instructions to:
* Use an offset one past the end of the input, to catch this
* Use a filter that returns 1, to catch cases were the out of bounds
load does not cause a panic, but does not cause the VM to return 0.
Change-Id: I1e68886915207a34f59765805f907f36dc031f70
Reviewed-on: https://go-review.googlesource.com/c/net/+/180979
Run-TryBot: Matt Layher <mdlayher@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Matt Layher <mdlayher@gmail.com>
Use the AF_UNSPEC, AF_INET, AF_INET6 and SOCK_RAW constants from
golang.org/x/sys instead of locally deriving them from the C headers (or
hard coding them in the case of Windows).
Change-Id: I37fe61d0435b6c615cd767eef38380db4b4af7b1
Reviewed-on: https://go-review.googlesource.com/c/net/+/53310
Run-TryBot: Tobias Klauser <tobias.klauser@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
nextStreamID was used as a means to determine if the connection was
being reused. Multiple requests can see a new connection because the
nextStreamID is updated after a ClientTrace reports it is being reused.
Updates golang/go#31982
Change-Id: Iaa4b62b217f015423cddb99fd86de75a352f8320
Reviewed-on: https://go-review.googlesource.com/c/net/+/176720
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
This commit newly introduces a type for configuring a parser
called ParseOption, and implements two functions depending on it.
Along with that, this introduces ParseOptionEnableScripting to
enable setting of the scripting flag.
Fixesgolang/go#16318
Change-Id: Ie7fd7d8ce286e22e7f57182fc2ce353bce578db6
Reviewed-on: https://go-review.googlesource.com/c/net/+/174157
Reviewed-by: Nigel Tao <nigeltao@golang.org>
EffectiveTLDPlusOne hands it argument to PublicSuffix which produces
output for all its arguments, even for non-domain names like ".com.au"
and does not report an error.
This CL captures this type of malformed input to EffectiveTLDPlusOne
and returns an error if any label in the domain name is empty (or the
domain is fully qualified).
This is still not a proper input validation e.g. IP addresses can
still be fed into EffectiveTLDPlusOne without error.
Fixesgolang/go#30652
Change-Id: I12b0945bc3c7e5d192a71c5488361a60a48454b1
Reviewed-on: https://go-review.googlesource.com/c/net/+/172537
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Reviewed-by: Nigel Tao <nigeltao@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
In the spec 12.2.6.4.5, the "in head noscript" insertion mode is defined.
However, this package and its parser doesn't have the insertion mode,
because the scripting=false case is not considered currently.
This commit adds a test and a support for the "in head noscript"
insertion mode. This change has no effect on the actual behavior.
Updates golang/go#16318
Change-Id: I9314c3342bea27fa2acf2fa7d980a127ee0fbf91
Reviewed-on: https://go-review.googlesource.com/c/net/+/172557
Reviewed-by: Nigel Tao <nigeltao@golang.org>
