1. 28 Apr, 2015 1 commit
  2. 27 Apr, 2015 24 commits
  3. 26 Apr, 2015 11 commits
    • Adam Langley's avatar
      crypto/tls: call GetCertificate if Certificates is empty. · cba882ea
      Adam Langley authored
      This change causes the GetCertificate callback to be called if
      Certificates is empty. Previously this configuration would result in an
      error.
      
      This allows people to have servers that depend entirely on dynamic
      certificate selection, even when the client doesn't send SNI.
      
      Fixes #9208.
      
      Change-Id: I2f5a5551215958b88b154c64a114590300dfc461
      Reviewed-on: https://go-review.googlesource.com/8792Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      Run-TryBot: Adam Langley <agl@golang.org>
      cba882ea
    • Jonathan Rudenberg's avatar
      crypto/tls: add OCSP response to ConnectionState · ac2bf8ad
      Jonathan Rudenberg authored
      The OCSP response is currently only exposed via a method on Conn,
      which makes it inaccessible when using wrappers like net/http. The
      ConnectionState structure is typically available even when using
      wrappers and contains many of the other handshake details, so this
      change exposes the stapled OCSP response in that structure.
      
      Change-Id: If8dab49292566912c615d816321b4353e711f71f
      Reviewed-on: https://go-review.googlesource.com/9361Reviewed-by: default avatarAdam Langley <agl@golang.org>
      Run-TryBot: Adam Langley <agl@golang.org>
      ac2bf8ad
    • David Leon Gil's avatar
      crypto/elliptic: don't unmarshal points that are off the curve · d86b8d34
      David Leon Gil authored
      At present, Unmarshal does not check that the point it unmarshals
      is actually *on* the curve. (It may be on the curve's twist.)
      
      This can, as Daniel Bernstein has pointed out at great length,
      lead to quite devastating attacks. And 3 out of the 4 curves
      supported by crypto/elliptic have twists with cofactor != 1;
      P-224, in particular, has a sufficiently large cofactor that it
      is likely that conventional dlog attacks might be useful.
      
      This closes #2445, filed by Watson Ladd.
      
      To explain why this was (partially) rejected before being accepted:
      
      In the general case, for curves with cofactor != 1, verifying subgroup
      membership is required. (This is expensive and hard-to-implement.)
      But, as recent discussion during the CFRG standardization process
      has brought out, small-subgroup attacks are much less damaging than
      a twist attack.
      
      Change-Id: I284042eb9954ff9b7cde80b8b693b1d468c7e1e8
      Reviewed-on: https://go-review.googlesource.com/2421Reviewed-by: default avatarAdam Langley <agl@golang.org>
      d86b8d34
    • Paul van Brouwershaven's avatar
      crypto/x509: CertificateRequest signature verification · 54bb4b9f
      Paul van Brouwershaven authored
      This implements a method for x509.CertificateRequest to prevent
      certain attacks and to allow a CA/RA to properly check the validity
      of the binding between an end entity and a key pair, to prove that
      it has possession of (i.e., is able to use) the private key
      corresponding to the public key for which a certificate is requested.
      
      RFC 2986 section 3 states:
      
      "A certification authority fulfills the request by authenticating the
      requesting entity and verifying the entity's signature, and, if the
      request is valid, constructing an X.509 certificate from the
      distinguished name and public key, the issuer name, and the
      certification authority's choice of serial number, validity period,
      and signature algorithm."
      
      Change-Id: I37795c3b1dfdfdd455d870e499b63885eb9bda4f
      Reviewed-on: https://go-review.googlesource.com/7371Reviewed-by: default avatarAdam Langley <agl@golang.org>
      54bb4b9f
    • Jonathan Rudenberg's avatar
      crypto/tls: add support for session ticket key rotation · bff14175
      Jonathan Rudenberg authored
      This change adds a new method to tls.Config, SetSessionTicketKeys, that
      changes the key used to encrypt session tickets while the server is
      running. Additional keys may be provided that will be used to maintain
      continuity while rotating keys. If a ticket encrypted with an old key is
      provided by the client, the server will resume the session and provide
      the client with a ticket encrypted using the new key.
      
      Fixes #9994
      
      Change-Id: Idbc16b10ff39616109a51ed39a6fa208faad5b4e
      Reviewed-on: https://go-review.googlesource.com/9072Reviewed-by: default avatarJonathan Rudenberg <jonathan@titanous.com>
      Reviewed-by: default avatarAdam Langley <agl@golang.org>
      bff14175
    • Håvard Haugen's avatar
      cmd/pprof: handle empty profile gracefully · 14a4649f
      Håvard Haugen authored
      The command "go tool pprof -top $GOROOT/bin/go /dev/null" now logs that
      profile is empty instead of panicking.
      
      Fixes #9207
      
      Change-Id: I3d55c179277cb19ad52c8f24f1aca85db53ee08d
      Reviewed-on: https://go-review.googlesource.com/2571
      Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
      Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      14a4649f
    • Jonathan Rudenberg's avatar
      crypto/tls: add support for Certificate Transparency · 02e69c4b
      Jonathan Rudenberg authored
      This change adds support for serving and receiving Signed Certificate
      Timestamps as described in RFC 6962.
      
      The server is now capable of serving SCTs listed in the Certificate
      structure. The client now asks for SCTs and, if any are received,
      they are exposed in the ConnectionState structure.
      
      Fixes #10201
      
      Change-Id: Ib3adae98cb4f173bc85cec04d2bdd3aa0fec70bb
      Reviewed-on: https://go-review.googlesource.com/8988Reviewed-by: default avatarAdam Langley <agl@golang.org>
      Run-TryBot: Adam Langley <agl@golang.org>
      Reviewed-by: default avatarJonathan Rudenberg <jonathan@titanous.com>
      02e69c4b
    • Justin Nuß's avatar
      encoding/csv: Preallocate records slice · 2db58f8f
      Justin Nuß authored
      Currently parseRecord will always start with a nil
      slice and then resize the slice on append. For input
      with a fixed number of fields per record we can preallocate
      the slice to avoid having to resize the slice.
      
      This change implements this optimization by using
      FieldsPerRecord as capacity if it's > 0 and also adds a
      benchmark to better show the differences.
      
      benchmark         old ns/op     new ns/op     delta
      BenchmarkRead     19741         17909         -9.28%
      
      benchmark         old allocs     new allocs     delta
      BenchmarkRead     59             41             -30.51%
      
      benchmark         old bytes     new bytes     delta
      BenchmarkRead     6276          5844          -6.88%
      
      Change-Id: I7c2abc9c80a23571369bcfcc99a8ffc474eae7ab
      Reviewed-on: https://go-review.googlesource.com/8880Reviewed-by: default avatarBrad Fitzpatrick <bradfitz@golang.org>
      Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      2db58f8f
    • David Crawshaw's avatar
      runtime: signal forwarding for darwin/amd64 · a5b693b4
      David Crawshaw authored
      Follows the linux signal forwarding semantics from
      http://golang.org/cl/8712, sharing the implementation of sigfwdgo.
      Forwarding for 386, arm, and arm64 will follow.
      
      Change-Id: I6bf30d563d19da39b6aec6900c7fe12d82ed4f62
      Reviewed-on: https://go-review.googlesource.com/9302Reviewed-by: default avatarIan Lance Taylor <iant@golang.org>
      a5b693b4
    • Michael Hudson-Doyle's avatar
      cmd/internal/ld: R_TLS_LE is fine on Darwin too · c20ff36f
      Michael Hudson-Doyle authored
      Sorry about this.
      
      Fixes #10575
      
      Change-Id: I2de23be68e7d822d182e5a0d6a00c607448d861e
      Reviewed-on: https://go-review.googlesource.com/9341Reviewed-by: default avatarMinux Ma <minux@golang.org>
      c20ff36f
    • Matt T. Proud's avatar
      testing/quick: align tests with reflect.Kind. · b6a0450b
      Matt T. Proud authored
      This commit is largely cosmetic in the sense that it is the remnants
      of a change proposal I had prepared for testing/quick, until I
      discovered that 3e9ed273 already implemented the feature I was looking
      for: quick.Value() for reflect.Kind Array.  What you see is a merger
      and manual cleanup; the cosmetic cleanups are as follows:
      
      (1.) Keeping the TestCheckEqual and its associated input functions
      in the same order as type kinds defined in reflect.Kind.  Since
      3e9ed273 was committed, the test case began to diverge from the
      constant's ordering.
      
      (2.) The `Intptr` derivatives existed to exercise quick.Value with
      reflect.Kind's `Ptr` constant.  All `Intptr` (unrelated to `uintptr`)
      in the test have been migrated to ensure the parallelism of the
      listings and to convey that `Intptr` is not special.
      
      (3.) Correct a misspelling (transposition) of "alias", whereby it is
      named as "Alais".
      
      Change-Id: I441450db16b8bb1272c52b0abcda3794dcd0599d
      Reviewed-on: https://go-review.googlesource.com/8804Reviewed-by: default avatarRuss Cox <rsc@golang.org>
      b6a0450b
  4. 25 Apr, 2015 1 commit
    • Michael Hudson-Doyle's avatar
      cmd/8l, cmd/internal/ld, cmd/internal/obj/x86: stop incorrectly using the term "inital exec" · 264858c4
      Michael Hudson-Doyle authored
      The long comment block in obj6.go:progedit talked about the two code sequences
      for accessing g as "local exec" and "initial exec", but really they are both forms
      of local exec. This stuff is confusing enough without using the wrong words for
      things, so rewrite it to talk about 2-instruction and 1-instruction sequences.
      Unfortunately the confusion has made it into code, with the R_TLS_IE relocation
      now doing double duty as meaning actual initial exec when externally linking and
      boring old local exec when linking internally (half of this is my fault). So this
      stops using R_TLS_IE in the local exec case. There is a chance this might break
      plan9 or windows, but I don't think so. Next step is working out what the heck is
      going on on ARM...
      
      Change-Id: I09da4388210cf49dbc99fd25f5172bbe517cee57
      Reviewed-on: https://go-review.googlesource.com/9273Reviewed-by: default avatarIan Lance Taylor <iant@golang.org>
      Run-TryBot: Ian Lance Taylor <iant@golang.org>
      264858c4
  5. 24 Apr, 2015 3 commits
    • Rick Hudson's avatar
      runtime: Fix bug due to elided return. · ada8cdb9
      Rick Hudson authored
      A previous change to mbitmap.go dropped a return on a
      path the seems not to be excersized. This was a mistake that
      this CL fixes.
      
      Change-Id: I715ee4ef08f5bf8d9f53cee84e8fb31a237e2d43
      Reviewed-on: https://go-review.googlesource.com/9295Reviewed-by: default avatarAustin Clements <austin@google.com>
      ada8cdb9
    • Michael Hudson-Doyle's avatar
      cmd/internal/ld: fix R_TLS handling now Xsym is not read from object file · ccc76dba
      Michael Hudson-Doyle authored
      I think this should fix the arm build. A proper fix involves making the handling
      of tlsg less fragile, I'll try that tomorrow.
      
      Update #10557
      
      Change-Id: I9b1b666737fb40aebb6f284748509afa8483cce5
      Reviewed-on: https://go-review.googlesource.com/9272Reviewed-by: default avatarDave Cheney <dave@cheney.net>
      Run-TryBot: Dave Cheney <dave@cheney.net>
      ccc76dba
    • Austin Clements's avatar
      runtime: replace per-M workbuf cache with per-P gcWork cache · 1b4025f4
      Austin Clements authored
      Currently, each M has a cache of the most recently used *workbuf. This
      is used primarily by the write barrier so it doesn't have to access
      the global workbuf lists on every write barrier. It's also used by
      stack scanning because it's convenient.
      
      This cache is important for write barrier performance, but this
      particular approach has several downsides. It's faster than no cache,
      but far from optimal (as the benchmarks below show). It's complex:
      access to the cache is sprinkled through most of the workbuf list
      operations and it requires special care to transform into and back out
      of the gcWork cache that's actually used for scanning and marking. It
      requires atomic exchanges to take ownership of the cached workbuf and
      to return it to the M's cache even though it's almost always used by
      only the current M. Since it's per-M, flushing these caches is O(# of
      Ms), which may be high. And it has some significant subtleties: for
      example, in general the cache shouldn't be used after the
      harvestwbufs() in mark termination because it could hide work from
      mark termination, but stack scanning can happen after this and *will*
      use the cache (but it turns out this is okay because it will always be
      followed by a getfull(), which drains the cache).
      
      This change replaces this cache with a per-P gcWork object. This
      gcWork cache can be used directly by scanning and marking (as long as
      preemption is disabled, which is a general requirement of gcWork).
      Since it's per-P, it doesn't require synchronization, which simplifies
      things and means the only atomic operations in the write barrier are
      occasionally fetching new work buffers and setting a mark bit if the
      object isn't already marked. This cache can be flushed in O(# of Ps),
      which is generally small. It follows a simple flushing rule: the cache
      can be used during any phase, but during mark termination it must be
      flushed before allowing preemption. This also makes the dispose during
      mutator assist no longer necessary, which eliminates the vast majority
      of gcWork dispose calls and reduces contention on the global workbuf
      lists. And it's a lot faster on some benchmarks:
      
      benchmark                          old ns/op       new ns/op       delta
      BenchmarkBinaryTree17              11963668673     11206112763     -6.33%
      BenchmarkFannkuch11                2643217136      2649182499      +0.23%
      BenchmarkFmtFprintfEmpty           70.4            70.2            -0.28%
      BenchmarkFmtFprintfString          364             307             -15.66%
      BenchmarkFmtFprintfInt             317             282             -11.04%
      BenchmarkFmtFprintfIntInt          512             483             -5.66%
      BenchmarkFmtFprintfPrefixedInt     404             380             -5.94%
      BenchmarkFmtFprintfFloat           521             479             -8.06%
      BenchmarkFmtManyArgs               2164            1894            -12.48%
      BenchmarkGobDecode                 30366146        22429593        -26.14%
      BenchmarkGobEncode                 29867472        26663152        -10.73%
      BenchmarkGzip                      391236616       396779490       +1.42%
      BenchmarkGunzip                    96639491        96297024        -0.35%
      BenchmarkHTTPClientServer          100110          70763           -29.31%
      BenchmarkJSONEncode                51866051        52511382        +1.24%
      BenchmarkJSONDecode                103813138       86094963        -17.07%
      BenchmarkMandelbrot200             4121834         4120886         -0.02%
      BenchmarkGoParse                   16472789        5879949         -64.31%
      BenchmarkRegexpMatchEasy0_32       140             140             +0.00%
      BenchmarkRegexpMatchEasy0_1K       394             394             +0.00%
      BenchmarkRegexpMatchEasy1_32       120             120             +0.00%
      BenchmarkRegexpMatchEasy1_1K       621             614             -1.13%
      BenchmarkRegexpMatchMedium_32      209             202             -3.35%
      BenchmarkRegexpMatchMedium_1K      54889           55175           +0.52%
      BenchmarkRegexpMatchHard_32        2682            2675            -0.26%
      BenchmarkRegexpMatchHard_1K        79383           79524           +0.18%
      BenchmarkRevcomp                   584116718       584595320       +0.08%
      BenchmarkTemplate                  125400565       109620196       -12.58%
      BenchmarkTimeParse                 386             387             +0.26%
      BenchmarkTimeFormat                580             447             -22.93%
      
      (Best out of 10 runs. The delta of averages is similar.)
      
      This also puts us in a good position to flush these caches when
      nearing the end of concurrent marking, which will let us increase the
      size of the work buffers while still controlling mark termination
      pause time.
      
      Change-Id: I2dd94c8517a19297a98ec280203cccaa58792522
      Reviewed-on: https://go-review.googlesource.com/9178
      Run-TryBot: Austin Clements <austin@google.com>
      TryBot-Result: Gobot Gobot <gobot@golang.org>
      Reviewed-by: default avatarRuss Cox <rsc@golang.org>
      1b4025f4