Browse Source

go mod vendor

master
Teran McKinney 9 months ago
parent
commit
cfb521bdd3
  1. 7
      vendor/github.com/GehirnInc/crypt/.travis.yml
  2. 8
      vendor/github.com/GehirnInc/crypt/AUTHORS.md
  3. 26
      vendor/github.com/GehirnInc/crypt/LICENSE
  4. 61
      vendor/github.com/GehirnInc/crypt/README.rst
  5. 59
      vendor/github.com/GehirnInc/crypt/common/base64.go
  6. 10
      vendor/github.com/GehirnInc/crypt/common/doc.go
  7. 148
      vendor/github.com/GehirnInc/crypt/common/salt.go
  8. 108
      vendor/github.com/GehirnInc/crypt/crypt.go
  9. 41
      vendor/github.com/GehirnInc/crypt/internal/utils.go
  10. 188
      vendor/github.com/GehirnInc/crypt/sha512_crypt/sha512_crypt.go
  11. 24
      vendor/github.com/teran-mckinney/burnpaste/LICENSE.md
  12. 22
      vendor/github.com/teran-mckinney/burnpaste/README.md
  13. 102
      vendor/github.com/teran-mckinney/burnpaste/burnpaste.go
  14. 13
      vendor/github.com/teran-mckinney/burnpaste/burnpaste.service
  15. 8
      vendor/github.com/teran-mckinney/burnpaste/go.mod
  16. 7
      vendor/github.com/teran-mckinney/burnpaste/go.sum
  17. 116
      vendor/github.com/teran-mckinney/burnpaste/test.sh
  18. 3
      vendor/golang.org/x/net/AUTHORS
  19. 3
      vendor/golang.org/x/net/CONTRIBUTORS
  20. 27
      vendor/golang.org/x/net/LICENSE
  21. 22
      vendor/golang.org/x/net/PATENTS
  22. 168
      vendor/golang.org/x/net/internal/socks/client.go
  23. 317
      vendor/golang.org/x/net/internal/socks/socks.go
  24. 54
      vendor/golang.org/x/net/proxy/dial.go
  25. 31
      vendor/golang.org/x/net/proxy/direct.go
  26. 155
      vendor/golang.org/x/net/proxy/per_host.go
  27. 149
      vendor/golang.org/x/net/proxy/proxy.go
  28. 42
      vendor/golang.org/x/net/proxy/socks5.go
  29. 9
      vendor/gopkg.in/alexcesaro/statsd.v2/.travis.yml
  30. 64
      vendor/gopkg.in/alexcesaro/statsd.v2/CHANGELOG.md
  31. 20
      vendor/gopkg.in/alexcesaro/statsd.v2/LICENSE
  32. 50
      vendor/gopkg.in/alexcesaro/statsd.v2/README.md
  33. 270
      vendor/gopkg.in/alexcesaro/statsd.v2/conn.go
  34. 29
      vendor/gopkg.in/alexcesaro/statsd.v2/doc.go
  35. 250
      vendor/gopkg.in/alexcesaro/statsd.v2/options.go
  36. 169
      vendor/gopkg.in/alexcesaro/statsd.v2/statsd.go
  37. 12
      vendor/modules.txt

7
vendor/github.com/GehirnInc/crypt/.travis.yml

@ -0,0 +1,7 @@
language: go
go:
- 1.6.x
- 1.7.x
- master
script:
- go test -v -race ./...

8
vendor/github.com/GehirnInc/crypt/AUTHORS.md

@ -0,0 +1,8 @@
### Initial author
[Jeramey Crawford](https://github.com/jeramey)
### Other authors
- [Jonas mg](https://github.com/kless)
- [Kohei YOSHIDA](https://github.com/yosida95)

26
vendor/github.com/GehirnInc/crypt/LICENSE

@ -0,0 +1,26 @@
Copyright (c) 2012, Jeramey Crawford <jeramey@antihe.ro>
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in
the documentation and/or other materials provided with the
distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

61
vendor/github.com/GehirnInc/crypt/README.rst

@ -0,0 +1,61 @@
.. image:: https://travis-ci.org/GehirnInc/crypt.svg?branch=master
:target: https://travis-ci.org/GehirnInc/crypt
crypt - A password hashing library for Go
=========================================
crypt provides pure golang implementations of UNIX's crypt(3).
The goal of crypt is to bring a library of many common and popular password
hashing algorithms to Go and to provide a simple and consistent interface to
each of them. As every hashing method is implemented in pure Go, this library
should be as portable as Go itself.
All hashing methods come with a test suite which verifies their operation
against itself as well as the output of other password hashing implementations
to ensure compatibility with them.
I hope you find this library to be useful and easy to use!
Install
-------
To install crypt, use the *go get* command.
.. code-block:: sh
go get github.com/GehirnInc/crypt
Usage
-----
.. code-block:: go
package main
import (
"fmt"
"github.com/GehirnInc/crypt"
_ "github.com/GehirnInc/crypt/sha256_crypt"
)
func main() {
crypt := crypt.SHA256.New()
ret, _ := crypt.Generate([]byte("secret"), []byte("$5$salt"))
fmt.Println(ret)
err := crypt.Verify(ret, []byte("secret"))
fmt.Println(err)
// Output:
// $5$salt$kpa26zwgX83BPSR8d7w93OIXbFt/d3UOTZaAu5vsTM6
// <nil>
}
Documentation
-------------
The documentation is available on GoDoc_.
.. _GoDoc: https://godoc.org/github.com/GehirnInc/crypt

59
vendor/github.com/GehirnInc/crypt/common/base64.go

@ -0,0 +1,59 @@
// (C) Copyright 2012, Jeramey Crawford <jeramey@antihe.ro>. All
// rights reserved. Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package common
const (
alphabet = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
)
// Base64_24Bit is a variant of Base64 encoding, commonly used with password
// hashing algorithms to encode the result of their checksum output.
//
// The algorithm operates on up to 3 bytes at a time, encoding the following
// 6-bit sequences into up to 4 hash64 ASCII bytes.
//
// 1. Bottom 6 bits of the first byte
// 2. Top 2 bits of the first byte, and bottom 4 bits of the second byte.
// 3. Top 4 bits of the second byte, and bottom 2 bits of the third byte.
// 4. Top 6 bits of the third byte.
//
// This encoding method does not emit padding bytes as Base64 does.
func Base64_24Bit(src []byte) []byte {
if len(src) == 0 {
return []byte{} // TODO: return nil
}
dstlen := (len(src)*8 + 5) / 6
dst := make([]byte, dstlen)
di, si := 0, 0
n := len(src) / 3 * 3
for si < n {
val := uint(src[si+2])<<16 | uint(src[si+1])<<8 | uint(src[si])
dst[di+0] = alphabet[val&0x3f]
dst[di+1] = alphabet[val>>6&0x3f]
dst[di+2] = alphabet[val>>12&0x3f]
dst[di+3] = alphabet[val>>18]
di += 4
si += 3
}
rem := len(src) - si
if rem == 0 {
return dst
}
val := uint(src[si+0])
if rem == 2 {
val |= uint(src[si+1]) << 8
}
dst[di+0] = alphabet[val&0x3f]
dst[di+1] = alphabet[val>>6&0x3f]
if rem == 2 {
dst[di+2] = alphabet[val>>12]
}
return dst
}

10
vendor/github.com/GehirnInc/crypt/common/doc.go

@ -0,0 +1,10 @@
// (C) Copyright 2012, Jeramey Crawford <jeramey@antihe.ro>. All
// rights reserved. Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package common contains routines used by multiple password hashing
// algorithms.
//
// Generally, you will never import this package directly. Many of the
// *_crypt packages will import this package if they require it.
package common

148
vendor/github.com/GehirnInc/crypt/common/salt.go

@ -0,0 +1,148 @@
// (C) Copyright 2012, Jeramey Crawford <jeramey@antihe.ro>. All
// rights reserved. Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package common
import (
"bytes"
"crypto/rand"
"errors"
"strconv"
)
var (
ErrSaltPrefix = errors.New("invalid magic prefix")
ErrSaltFormat = errors.New("invalid salt format")
ErrSaltRounds = errors.New("invalid rounds")
)
const (
roundsPrefix = "rounds="
)
// Salt represents a salt.
type Salt struct {
MagicPrefix []byte
SaltLenMin int
SaltLenMax int
RoundsMin int
RoundsMax int
RoundsDefault int
}
// Generate generates a random salt of a given length.
//
// The length is set thus:
//
// length > SaltLenMax: length = SaltLenMax
// length < SaltLenMin: length = SaltLenMin
func (s *Salt) Generate(length int) []byte {
if length > s.SaltLenMax {
length = s.SaltLenMax
} else if length < s.SaltLenMin {
length = s.SaltLenMin
}
saltLen := (length * 6 / 8)
if (length*6)%8 != 0 {
saltLen += 1
}
salt := make([]byte, saltLen)
rand.Read(salt)
out := make([]byte, len(s.MagicPrefix)+length)
copy(out, s.MagicPrefix)
copy(out[len(s.MagicPrefix):], Base64_24Bit(salt))
return out
}
// GenerateWRounds creates a random salt with the random bytes being of the
// length provided, and the rounds parameter set as specified.
//
// The parameters are set thus:
//
// length > SaltLenMax: length = SaltLenMax
// length < SaltLenMin: length = SaltLenMin
//
// rounds < 0: rounds = RoundsDefault
// rounds < RoundsMin: rounds = RoundsMin
// rounds > RoundsMax: rounds = RoundsMax
//
// If rounds is equal to RoundsDefault, then the "rounds=" part of the salt is
// removed.
func (s *Salt) GenerateWRounds(length, rounds int) []byte {
if length > s.SaltLenMax {
length = s.SaltLenMax
} else if length < s.SaltLenMin {
length = s.SaltLenMin
}
if rounds < 0 {
rounds = s.RoundsDefault
} else if rounds < s.RoundsMin {
rounds = s.RoundsMin
} else if rounds > s.RoundsMax {
rounds = s.RoundsMax
}
saltLen := (length * 6 / 8)
if (length*6)%8 != 0 {
saltLen += 1
}
salt := make([]byte, saltLen)
rand.Read(salt)
roundsText := ""
if rounds != s.RoundsDefault {
roundsText = roundsPrefix + strconv.Itoa(rounds) + "$"
}
out := make([]byte, len(s.MagicPrefix)+len(roundsText)+length)
copy(out, s.MagicPrefix)
copy(out[len(s.MagicPrefix):], []byte(roundsText))
copy(out[len(s.MagicPrefix)+len(roundsText):], Base64_24Bit(salt))
return out
}
func (s *Salt) Decode(raw []byte) (salt []byte, rounds int, isRoundsDef bool, rest []byte, err error) {
tokens := bytes.SplitN(raw, []byte{'$'}, 4)
if len(tokens) < 3 {
err = ErrSaltFormat
return
}
if !bytes.HasPrefix(raw, s.MagicPrefix) {
err = ErrSaltPrefix
return
}
if bytes.HasPrefix(tokens[2], []byte(roundsPrefix)) {
if len(tokens) < 4 {
err = ErrSaltFormat
return
}
salt = tokens[3]
rounds, err = strconv.Atoi(string(tokens[2][len(roundsPrefix):]))
if err != nil {
err = ErrSaltRounds
return
}
if rounds < s.RoundsMin {
rounds = s.RoundsMin
}
if rounds > s.RoundsMax {
rounds = s.RoundsMax
}
isRoundsDef = true
} else {
salt = tokens[2]
rounds = s.RoundsDefault
}
if len(salt) > s.SaltLenMax {
salt = salt[0:s.SaltLenMax]
}
return
}

108
vendor/github.com/GehirnInc/crypt/crypt.go

@ -0,0 +1,108 @@
// (C) Copyright 2013, Jonas mg. All rights reserved.
// Use of this source code is governed by a BSD-style license
// that can be found in the LICENSE file.
// Package crypt provides interface for password crypt functions and collects
// common constants.
package crypt
import (
"errors"
"strings"
"github.com/GehirnInc/crypt/common"
)
var ErrKeyMismatch = errors.New("hashed value is not the hash of the given password")
// Crypter is the common interface implemented by all crypt functions.
type Crypter interface {
// Generate performs the hashing algorithm, returning a full hash suitable
// for storage and later password verification.
//
// If the salt is empty, a randomly-generated salt will be generated with a
// length of SaltLenMax and number RoundsDefault of rounds.
//
// Any error only can be got when the salt argument is not empty.
Generate(key, salt []byte) (string, error)
// Verify compares a hashed key with its possible key equivalent.
// Returns nil on success, or an error on failure; if the hashed key is
// diffrent, the error is "ErrKeyMismatch".
Verify(hashedKey string, key []byte) error
// Cost returns the hashing cost (in rounds) used to create the given hashed
// key.
//
// When, in the future, the hashing cost of a key needs to be increased in
// order to adjust for greater computational power, this function allows one
// to establish which keys need to be updated.
//
// The algorithms based in MD5-crypt use a fixed value of rounds.
Cost(hashedKey string) (int, error)
// SetSalt sets a different salt. It is used to easily create derivated
// algorithms, i.e. "apr1_crypt" from "md5_crypt".
SetSalt(salt common.Salt)
}
// Crypt identifies a crypt function that is implemented in another package.
type Crypt uint
const (
APR1 Crypt = 1 + iota // import github.com/GehirnInc/crypt/apr1_crypt
MD5 // import github.com/GehirnInc/crypt/md5_crypt
SHA256 // import github.com/GehirnInc/crypt/sha256_crypt
SHA512 // import github.com/GehirnInc/crypt/sha512_crypt
maxCrypt
)
var crypts = make([]func() Crypter, maxCrypt)
// New returns new Crypter making the Crypt c.
// New panics if the Crypt c is unavailable.
func (c Crypt) New() Crypter {
if c > 0 && c < maxCrypt {
f := crypts[c]
if f != nil {
return f()
}
}
panic("crypt: requested crypt function is unavailable")
}
// Available reports whether the Crypt c is available.
func (c Crypt) Available() bool {
return c > 0 && c < maxCrypt && crypts[c] != nil
}
var cryptPrefixes = make([]string, maxCrypt)
// RegisterCrypt registers a function that returns a new instance of the given
// crypt function. This is intended to be called from the init function in
// packages that implement crypt functions.
func RegisterCrypt(c Crypt, f func() Crypter, prefix string) {
if c >= maxCrypt {
panic("crypt: RegisterHash of unknown crypt function")
}
crypts[c] = f
cryptPrefixes[c] = prefix
}
// New returns a new crypter.
func New(c Crypt) Crypter {
return c.New()
}
// NewFromHash returns a new Crypter using the prefix in the given hashed key.
func NewFromHash(hashedKey string) Crypter {
for i := range cryptPrefixes {
prefix := cryptPrefixes[i]
if crypts[i] != nil && strings.HasPrefix(hashedKey, prefix) {
crypt := Crypt(uint(i))
return crypt.New()
}
}
panic("crypt: unknown crypt function")
}

41
vendor/github.com/GehirnInc/crypt/internal/utils.go

@ -0,0 +1,41 @@
// Copyright (c) 2015 Kohei YOSHIDA. All rights reserved.
// This software is licensed under the 3-Clause BSD License
// that can be found in LICENSE file.
package internal
const (
cleanBytesLen = 64
)
var (
cleanBytes = make([]byte, cleanBytesLen)
)
func CleanSensitiveData(b []byte) {
l := len(b)
for ; l > cleanBytesLen; l -= cleanBytesLen {
copy(b[l-cleanBytesLen:l], cleanBytes)
}
if l > 0 {
copy(b[0:l], cleanBytes[0:l])
}
}
func RepeatByteSequence(input []byte, length int) []byte {
var (
sequence = make([]byte, length)
unit = len(input)
)
j := length / unit * unit
for i := 0; i < j; i += unit {
copy(sequence[i:length], input)
}
if j < length {
copy(sequence[j:length], input[0:length-j])
}
return sequence
}

188
vendor/github.com/GehirnInc/crypt/sha512_crypt/sha512_crypt.go

@ -0,0 +1,188 @@
// (C) Copyright 2012, Jeramey Crawford <jeramey@antihe.ro>. All
// rights reserved. Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package sha512_crypt implements Ulrich Drepper's SHA512-crypt password
// hashing algorithm.
//
// The specification for this algorithm can be found here:
// http://www.akkadia.org/drepper/SHA-crypt.txt
package sha512_crypt
import (
"bytes"
"crypto/sha512"
"crypto/subtle"
"strconv"
"github.com/GehirnInc/crypt"
"github.com/GehirnInc/crypt/common"
"github.com/GehirnInc/crypt/internal"
)
func init() {
crypt.RegisterCrypt(crypt.SHA512, New, MagicPrefix)
}
const (
MagicPrefix = "$6$"
SaltLenMin = 1
SaltLenMax = 16
RoundsMin = 1000
RoundsMax = 999999999
RoundsDefault = 5000
)
var _rounds = []byte("rounds=")
type crypter struct{ Salt common.Salt }
// New returns a new crypt.Crypter computing the SHA512-crypt password hashing.
func New() crypt.Crypter {
return &crypter{
common.Salt{
MagicPrefix: []byte(MagicPrefix),
SaltLenMin: SaltLenMin,
SaltLenMax: SaltLenMax,
RoundsDefault: RoundsDefault,
RoundsMin: RoundsMin,
RoundsMax: RoundsMax,
},
}
}
func (c *crypter) Generate(key, salt []byte) (string, error) {
if len(salt) == 0 {
salt = c.Salt.GenerateWRounds(SaltLenMax, RoundsDefault)
}
salt, rounds, isRoundsDef, _, err := c.Salt.Decode(salt)
if err != nil {
return "", err
}
keyLen := len(key)
saltLen := len(salt)
h := sha512.New()
// compute sumB
// step 4-8
h.Write(key)
h.Write(salt)
h.Write(key)
sumB := h.Sum(nil)
// Compute sumA
// step 1-3, 9-12
h.Reset()
h.Write(key)
h.Write(salt)
h.Write(internal.RepeatByteSequence(sumB, keyLen))
for i := keyLen; i > 0; i >>= 1 {
if i%2 == 0 {
h.Write(key)
} else {
h.Write(sumB)
}
}
sumA := h.Sum(nil)
internal.CleanSensitiveData(sumB)
// Compute seqP
// step 13-16
h.Reset()
for i := 0; i < keyLen; i++ {
h.Write(key)
}
seqP := internal.RepeatByteSequence(h.Sum(nil), keyLen)
// Compute seqS
// step 17-20
h.Reset()
for i := 0; i < 16+int(sumA[0]); i++ {
h.Write(salt)
}
seqS := internal.RepeatByteSequence(h.Sum(nil), saltLen)
// step 21
for i := 0; i < rounds; i++ {
h.Reset()
if i&1 != 0 {
h.Write(seqP)
} else {
h.Write(sumA)
}
if i%3 != 0 {
h.Write(seqS)
}
if i%7 != 0 {
h.Write(seqP)
}
if i&1 != 0 {
h.Write(sumA)
} else {
h.Write(seqP)
}
copy(sumA, h.Sum(nil))
}
internal.CleanSensitiveData(seqP)
internal.CleanSensitiveData(seqS)
// make output
buf := bytes.Buffer{}
buf.Grow(len(c.Salt.MagicPrefix) + len(_rounds) + 9 + 1 + len(salt) + 1 + 86)
buf.Write(c.Salt.MagicPrefix)
if isRoundsDef {
buf.Write(_rounds)
buf.WriteString(strconv.Itoa(rounds))
buf.WriteByte('$')
}
buf.Write(salt)
buf.WriteByte('$')
buf.Write(common.Base64_24Bit([]byte{
sumA[42], sumA[21], sumA[0],
sumA[1], sumA[43], sumA[22],
sumA[23], sumA[2], sumA[44],
sumA[45], sumA[24], sumA[3],
sumA[4], sumA[46], sumA[25],
sumA[26], sumA[5], sumA[47],
sumA[48], sumA[27], sumA[6],
sumA[7], sumA[49], sumA[28],
sumA[29], sumA[8], sumA[50],
sumA[51], sumA[30], sumA[9],
sumA[10], sumA[52], sumA[31],
sumA[32], sumA[11], sumA[53],
sumA[54], sumA[33], sumA[12],
sumA[13], sumA[55], sumA[34],
sumA[35], sumA[14], sumA[56],
sumA[57], sumA[36], sumA[15],
sumA[16], sumA[58], sumA[37],
sumA[38], sumA[17], sumA[59],
sumA[60], sumA[39], sumA[18],
sumA[19], sumA[61], sumA[40],
sumA[41], sumA[20], sumA[62],
sumA[63],
}))
return buf.String(), nil
}
func (c *crypter) Verify(hashedKey string, key []byte) error {
newHash, err := c.Generate(key, []byte(hashedKey))
if err != nil {
return err
}
if subtle.ConstantTimeCompare([]byte(newHash), []byte(hashedKey)) != 1 {
return crypt.ErrKeyMismatch
}
return nil
}
func (c *crypter) Cost(hashedKey string) (int, error) {
_, rounds, _, _, err := c.Salt.Decode([]byte(hashedKey))
if err != nil {
return 0, err
}
return rounds, nil
}
func (c *crypter) SetSalt(salt common.Salt) { c.Salt = salt }

24
vendor/github.com/teran-mckinney/burnpaste/LICENSE.md

@ -0,0 +1,24 @@
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <http://unlicense.org>

22
vendor/github.com/teran-mckinney/burnpaste/README.md

@ -0,0 +1,22 @@
# burnpaste
Burn-on-reading pastebin. Also has a client library.
## Install
* `go get github.com/teran-mckinney/burnpaste/...`
## Usage
* run: `burnpaste`
* Write: `curl --data-urlencode data@burnpaste.go localhost:2323/write # Grab the returned hash from this.`
* Read: `curl localhost:2323/read/(hash)`
* Try another read: `curl localhost:2323/read/(hash)` (Nope, it was deleted)
## Note
Listens globally on port 2323 by default, can be overridden.
## License
Public domain / Unlicense

102
vendor/github.com/teran-mckinney/burnpaste/burnpaste.go

@ -0,0 +1,102 @@
package burnpaste
import (
"crypto/sha256"
"encoding/hex"
"errors"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"strings"
"golang.org/x/net/proxy"
)
func isOnion(someURL string) (bool, error) {
parsedURL, err := url.Parse(someURL)
if err != nil {
return true, err
}
urlParts := strings.Split(parsedURL.Host, ".")
tld := urlParts[len(urlParts)-1]
if tld == "onion" {
return true, err
} else {
return false, err
}
}
func Hash(data []byte) string {
hash := sha256.Sum256(data)
return hex.EncodeToString(hash[:])
}
func onionHTTP() (client *http.Client, err error) {
torProxyURL, err := url.Parse("socks5://127.0.0.1:9050")
if err != nil {
return
}
torDialer, err := proxy.FromURL(torProxyURL, proxy.Direct)
if err != nil {
return
}
torTransport := &http.Transport{Dial: torDialer.Dial}
client = &http.Client{Transport: torTransport}
return
}
func clearnetOrOnionHTTP(url string) (client *http.Client, err error) {
// Returns a http.Client using a local Tor SOCKS proxy if .onion,
// plain old http.Client if not.
reallyIsOnion, err := isOnion(url)
if err != nil {
return
}
if reallyIsOnion {
client, err = onionHTTP()
} else {
client = &http.Client{}
}
return
}
func Write(endpoint string, paste []byte) (string, error) {
var burnpasteURL string
var err error
hash := Hash(paste)
ourURL := endpoint + "write"
ourHTTP, err := clearnetOrOnionHTTP(ourURL)
response, err := ourHTTP.PostForm(ourURL, url.Values{"data": {string(paste)}})
if err != nil {
return burnpasteURL, err
}
defer response.Body.Close()
// Returns just the hash in the response
body, err := ioutil.ReadAll(response.Body)
urlHash := string(body)
if urlHash != hash {
errorMsg := fmt.Sprintf("Hash mismatch. Ours: %s Theirs: %s", hash, urlHash)
return "", errors.New(errorMsg)
}
burnpasteURL = endpoint + "read/" + hash
return burnpasteURL, err
}
func Read(burnpasteURL string) ([]byte, error) {
urlParts := strings.Split(burnpasteURL, "/")
urlHash := urlParts[len(urlParts)-1]
ourHTTP, err := clearnetOrOnionHTTP(burnpasteURL)
response, err := ourHTTP.Get(burnpasteURL)
if err != nil {
return []byte(""), err
}
defer response.Body.Close()
body, err := ioutil.ReadAll(response.Body)
hash := Hash(body)
if hash != urlHash {
errorMsg := fmt.Sprintf("Returned hash %s does not match URL hash %s.", hash, urlHash)
return []byte(""), errors.New(errorMsg)
}
return body, err
}

13
vendor/github.com/teran-mckinney/burnpaste/burnpaste.service

@ -0,0 +1,13 @@
[Unit]
Description=burnpaste burn-on-reading pastebin
[Service]
DynamicUser=yes
ExecStart=/usr/local/bin/burnpaste
RuntimeDirectory=burnpaste
WorkingDirectory=/run/burnpaste
ProtectSystem=strict
NoNewPrivileges=yes
UMask=0077
Restart=on-failure
[Install]
WantedBy=multi-user.target

8
vendor/github.com/teran-mckinney/burnpaste/go.mod

@ -0,0 +1,8 @@
module github.com/teran-mckinney/burnpaste
go 1.12
require (
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80
gopkg.in/alexcesaro/statsd.v2 v2.0.0
)

7
vendor/github.com/teran-mckinney/burnpaste/go.sum

@ -0,0 +1,7 @@
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80 h1:Ao/3l156eZf2AW5wK8a7/smtodRU+gha3+BeqJ69lRk=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
gopkg.in/alexcesaro/statsd.v2 v2.0.0 h1:FXkZSCZIH17vLCO5sO2UucTHsH9pc+17F6pl3JVCwMc=
gopkg.in/alexcesaro/statsd.v2 v2.0.0/go.mod h1:i0ubccKGzBVNBpdGV5MocxyA/XlLUJzA7SLonnE4drU=

116
vendor/github.com/teran-mckinney/burnpaste/test.sh

@ -0,0 +1,116 @@
#!/usr/bin/env bash
# No real need to use stderr here since it's just tests.
set -eE
shellcheck "$0"
# Before we build...
go fmt
go doc
# This comes later because it requires a running daemon
# go test
go fmt ./cmd/burnpaste/
go test ./cmd/burnpaste/ -v
go doc ./cmd/burnpaste/
go build
go build ./cmd/burnpaste/
strip -s burnpaste
mkdir test_dir
cd test_dir
../burnpaste &
PID=$!
# So, there's a bug in shellcheck where disabling SC2103 doesn't work.
# shellcheck disable=SC2103
# cd ..
cd "$(echo .. | grep .)"
cleanup() {
echo "Cleaning up."
kill "$PID"
rm -r test_dir
}
trap cleanup $(seq 1 64)
fail() {
echo "FAIL: $1"
cleanup
exit 1
}
sha256() {
sha256sum "$1" | cut -d ' ' -f 1
}
# Be sure we are running.
sleep 2
go test
# Test security, slightly.
echo 'This should give a 400.'
output=$(curl -s --show-error --fail "http://localhost:2323/read/README.md" || true)
[ ! -f 'README.md' ] && fail 'Whoops, we deleted README.md'
# Functional tests.
pasteid=$(echo test | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write)
[ -z "$pasteid" ] && fail 'pasteid empty.'
[ "$pasteid" != "f2ca1bb6c7e907d06dafe4687e579fce76b37e4e93b7605022da52e6ccc26fd2" ] && fail 'pasteid does not match.'
output=$(curl -s --show-error --fail "http://localhost:2323/read/$pasteid")
[ "$output" != 'test' ] && fail 'Paste output inconsistent.'
echo 'This should give a 404.'
output=$(curl -s --show-error --fail "http://localhost:2323/read/$pasteid" || true)
[ "$output" = 'test' ] && fail 'Paste not deleted.'
# Now test with burnpaste.go
pasteid=$(curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write < burnpaste.go)
[ "$pasteid" != "$(sha256 burnpaste.go)" ] && fail 'pasteid does not match for burnpaste.go.'
output_checksum=$(curl -s --show-error --fail "http://localhost:2323/read/$pasteid" | sha256 -)
[ "$pasteid" != "$output_checksum" ] && fail 'output does not match for burnpaste.go.'
echo -n | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write && fail "Should error on empty input."
# This is.. approximate because it's URL encoded.
yes | head -c 4096 | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write || fail "Should allow a 4096 byte post."
yes | head -c 4097 | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write && fail "Should fail on anything greater than 4096 bytes."
[ "$(wc -l test_dir/309a1668b23adc98b0ec1b67d55bdca1e89e9d81c0930d5baf9b85df85d76ee0)" != "4096" ] || fail "4096 byte file wrong length or checksum???"
output_checksum=$(curl -s --show-error --fail "http://localhost:2323/read/309a1668b23adc98b0ec1b67d55bdca1e89e9d81c0930d5baf9b85df85d76ee0" | sha256 -)
[ "309a1668b23adc98b0ec1b67d55bdca1e89e9d81c0930d5baf9b85df85d76ee0" != "$output_checksum" ] && fail 'output does not match for 4096 byte paste'
for i in $(seq 1 128); do
yes | head -c "$i" | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/write || fail "Should be able to add paste number $i"
done
echo test | curl -s --show-error --fail --data-urlencode data@- "http://localhost:2323"/feedback && fail "Should not be able to make more than 128 feedbacks."
[ "$(find test_dir/ -type f | wc -l)" -ne 128 ] && fail "We don't have exactly 128 pastes??"
cleanup
sleep 0.1
echo "burnpaste.go sha256: $pasteid"
echo
echo Success.

3
vendor/golang.org/x/net/AUTHORS

@ -0,0 +1,3 @@
# This source code refers to The Go Authors for copyright purposes.
# The master list of authors is in the main Go distribution,
# visible at http://tip.golang.org/AUTHORS.

3
vendor/golang.org/x/net/CONTRIBUTORS

@ -0,0 +1,3 @@
# This source code was written by the Go contributors.
# The master list of contributors is in the main Go distribution,
# visible at http://tip.golang.org/CONTRIBUTORS.

27
vendor/golang.org/x/net/LICENSE

@ -0,0 +1,27 @@
Copyright (c) 2009 The Go Authors. All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer
in the documentation and/or other materials provided with the
distribution.
* Neither the name of Google Inc. nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

22
vendor/golang.org/x/net/PATENTS

@ -0,0 +1,22 @@
Additional IP Rights Grant (Patents)
"This implementation" means the copyrightable works distributed by
Google as part of the Go project.
Google hereby grants to You a perpetual, worldwide, non-exclusive,
no-charge, royalty-free, irrevocable (except as stated in this section)
patent license to make, have made, use, offer to sell, sell, import,
transfer and otherwise run, modify and propagate the contents of this
implementation of Go, where such license applies only to those patent
claims, both currently owned or controlled by Google and acquired in
the future, licensable by Google that are necessarily infringed by this
implementation of Go. This grant does not include claims that would be
infringed only as a consequence of further modification of this
implementation. If you or your agent or exclusive licensee institute or
order or agree to the institution of patent litigation against any
entity (including a cross-claim or counterclaim in a lawsuit) alleging
that this implementation of Go or any code incorporated within this
implementation of Go constitutes direct or contributory patent
infringement, or inducement of patent infringement, then any patent
rights granted to you under this License for this implementation of Go
shall terminate as of the date such litigation is filed.

168
vendor/golang.org/x/net/internal/socks/client.go

@ -0,0 +1,168 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package socks
import (
"context"
"errors"
"io"
"net"
"strconv"
"time"
)
var (
noDeadline = time.Time{}
aLongTimeAgo = time.Unix(1, 0)
)
func (d *Dialer) connect(ctx context.Context, c net.Conn, address string) (_ net.Addr, ctxErr error) {
host, port, err := splitHostPort(address)
if err != nil {
return nil, err
}
if deadline, ok := ctx.Deadline(); ok && !deadline.IsZero() {
c.SetDeadline(deadline)
defer c.SetDeadline(noDeadline)
}
if ctx != context.Background() {
errCh := make(chan error, 1)
done := make(chan struct{})
defer func() {
close(done)
if ctxErr == nil {
ctxErr = <-errCh
}
}()
go func() {
select {
case <-ctx.Done():
c.SetDeadline(aLongTimeAgo)
errCh <- ctx.Err()
case <-done:
errCh <- nil
}
}()
}
b := make([]byte, 0, 6+len(host)) // the size here is just an estimate
b = append(b, Version5)
if len(d.AuthMethods) == 0 || d.Authenticate == nil {
b = append(b, 1, byte(AuthMethodNotRequired))
} else {
ams := d.AuthMethods
if len(ams) > 255 {
return nil, errors.New("too many authentication methods")
}
b = append(b, byte(len(ams)))
for _, am := range ams {
b = append(b, byte(am))
}
}
if _, ctxErr = c.Write(b); ctxErr != nil {
return
}
if _, ctxErr = io.ReadFull(c, b[:2]); ctxErr != nil {
return
}
if b[0] != Version5 {
return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
}
am := AuthMethod(b[1])
if am == AuthMethodNoAcceptableMethods {
return nil, errors.New("no acceptable authentication methods")
}
if d.Authenticate != nil {
if ctxErr = d.Authenticate(ctx, c, am); ctxErr != nil {
return
}
}
b = b[:0]
b = append(b, Version5, byte(d.cmd), 0)
if ip := net.ParseIP(host); ip != nil {
if ip4 := ip.To4(); ip4 != nil {
b = append(b, AddrTypeIPv4)
b = append(b, ip4...)
} else if ip6 := ip.To16(); ip6 != nil {
b = append(b, AddrTypeIPv6)
b = append(b, ip6...)
} else {
return nil, errors.New("unknown address type")
}
} else {
if len(host) > 255 {
return nil, errors.New("FQDN too long")
}
b = append(b, AddrTypeFQDN)
b = append(b, byte(len(host)))
b = append(b, host...)
}
b = append(b, byte(port>>8), byte(port))
if _, ctxErr = c.Write(b); ctxErr != nil {
return
}
if _, ctxErr = io.ReadFull(c, b[:4]); ctxErr != nil {
return
}
if b[0] != Version5 {
return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
}
if cmdErr := Reply(b[1]); cmdErr != StatusSucceeded {
return nil, errors.New("unknown error " + cmdErr.String())
}
if b[2] != 0 {
return nil, errors.New("non-zero reserved field")
}
l := 2
var a Addr
switch b[3] {
case AddrTypeIPv4:
l += net.IPv4len
a.IP = make(net.IP, net.IPv4len)
case AddrTypeIPv6:
l += net.IPv6len
a.IP = make(net.IP, net.IPv6len)
case AddrTypeFQDN:
if _, err := io.ReadFull(c, b[:1]); err != nil {
return nil, err
}
l += int(b[0])
default:
return nil, errors.New("unknown address type " + strconv.Itoa(int(b[3])))
}
if cap(b) < l {
b = make([]byte, l)
} else {
b = b[:l]
}
if _, ctxErr = io.ReadFull(c, b); ctxErr != nil {
return
}
if a.IP != nil {
copy(a.IP, b)
} else {
a.Name = string(b[:len(b)-2])
}
a.Port = int(b[len(b)-2])<<8 | int(b[len(b)-1])
return &a, nil
}
func splitHostPort(address string) (string, int, error) {
host, port, err := net.SplitHostPort(address)
if err != nil {
return "", 0, err
}
portnum, err := strconv.Atoi(port)
if err != nil {
return "", 0, err
}
if 1 > portnum || portnum > 0xffff {
return "", 0, errors.New("port number out of range " + port)
}
return host, portnum, nil
}

317
vendor/golang.org/x/net/internal/socks/socks.go

@ -0,0 +1,317 @@
// Copyright 2018 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package socks provides a SOCKS version 5 client implementation.
//
// SOCKS protocol version 5 is defined in RFC 1928.
// Username/Password authentication for SOCKS version 5 is defined in
// RFC 1929.
package socks
import (
"context"
"errors"
"io"
"net"
"strconv"
)
// A Command represents a SOCKS command.
type Command int
func (cmd Command) String() string {
switch cmd {
case CmdConnect:
return "socks connect"
case cmdBind:
return "socks bind"
default:
return "socks " + strconv.Itoa(int(cmd))
}
}
// An AuthMethod represents a SOCKS authentication method.
type AuthMethod int
// A Reply represents a SOCKS command reply code.
type Reply int
func (code Reply) String() string {
switch code {
case StatusSucceeded:
return "succeeded"
case 0x01:
return "general SOCKS server failure"
case 0x02:
return "connection not allowed by ruleset"
case 0x03:
return "network unreachable"
case 0x04:
return "host unreachable"
case 0x05:
return "connection refused"
case 0x06:
return "TTL expired"
case 0x07:
return "command not supported"
case 0x08:
return "address type not supported"
default:
return "unknown code: " + strconv.Itoa(int(code))
}
}
// Wire protocol constants.
const (
Version5 = 0x05
AddrTypeIPv4 = 0x01
AddrTypeFQDN = 0x03
AddrTypeIPv6 = 0x04
CmdConnect Command = 0x01 // establishes an active-open forward proxy connection
cmdBind Command = 0x02 // establishes a passive-open forward proxy connection
AuthMethodNotRequired AuthMethod = 0x00 // no authentication required
AuthMethodUsernamePassword AuthMethod = 0x02 // use username/password
AuthMethodNoAcceptableMethods AuthMethod = 0xff // no acceptable authentication methods
StatusSucceeded Reply = 0x00
)
// An Addr represents a SOCKS-specific address.
// Either Name or IP is used exclusively.
type Addr struct {
Name string // fully-qualified domain name
IP net.IP
Port int
}
func (a *Addr) Network() string { return "socks" }
func (a *Addr) String() string {
if a == nil {
return "<nil>"
}
port := strconv.Itoa(a.Port)
if a.IP == nil {
return net.JoinHostPort(a.Name, port)
}
return net.JoinHostPort(a.IP.String(), port)
}
// A Conn represents a forward proxy connection.
type Conn struct {
net.Conn
boundAddr net.Addr
}
// BoundAddr returns the address assigned by the proxy server for
// connecting to the command target address from the proxy server.
func (c *Conn) BoundAddr() net.Addr {
if c == nil {
return nil
}
return c.boundAddr
}
// A Dialer holds SOCKS-specific options.
type Dialer struct {
cmd Command // either CmdConnect or cmdBind
proxyNetwork string // network between a proxy server and a client
proxyAddress string // proxy server address
// ProxyDial specifies the optional dial function for
// establishing the transport connection.
ProxyDial func(context.Context, string, string) (net.Conn, error)
// AuthMethods specifies the list of request authention
// methods.
// If empty, SOCKS client requests only AuthMethodNotRequired.
AuthMethods []AuthMethod
// Authenticate specifies the optional authentication
// function. It must be non-nil when AuthMethods is not empty.
// It must return an error when the authentication is failed.
Authenticate func(context.Context, io.ReadWriter, AuthMethod) error
}
// DialContext connects to the provided address on the provided
// network.
//
// The returned error value may be a net.OpError. When the Op field of
// net.OpError contains "socks", the Source field contains a proxy
// server address and the Addr field contains a command target
// address.
//
// See func Dial of the net package of standard library for a
// description of the network and address parameters.
func (d *Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
if err := d.validateTarget(network, address); err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
if ctx == nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
}
var err error
var c net.Conn
if d.ProxyDial != nil {
c, err = d.ProxyDial(ctx, d.proxyNetwork, d.proxyAddress)
} else {
var dd net.Dialer
c, err = dd.DialContext(ctx, d.proxyNetwork, d.proxyAddress)
}
if err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
a, err := d.connect(ctx, c, address)
if err != nil {
c.Close()
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
return &Conn{Conn: c, boundAddr: a}, nil
}
// DialWithConn initiates a connection from SOCKS server to the target
// network and address using the connection c that is already
// connected to the SOCKS server.
//
// It returns the connection's local address assigned by the SOCKS
// server.
func (d *Dialer) DialWithConn(ctx context.Context, c net.Conn, network, address string) (net.Addr, error) {
if err := d.validateTarget(network, address); err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
if ctx == nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
}
a, err := d.connect(ctx, c, address)
if err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
return a, nil
}
// Dial connects to the provided address on the provided network.
//
// Unlike DialContext, it returns a raw transport connection instead
// of a forward proxy connection.
//
// Deprecated: Use DialContext or DialWithConn instead.
func (d *Dialer) Dial(network, address string) (net.Conn, error) {
if err := d.validateTarget(network, address); err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
var err error
var c net.Conn
if d.ProxyDial != nil {
c, err = d.ProxyDial(context.Background(), d.proxyNetwork, d.proxyAddress)
} else {
c, err = net.Dial(d.proxyNetwork, d.proxyAddress)
}
if err != nil {
proxy, dst, _ := d.pathAddrs(address)
return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
}
if _, err := d.DialWithConn(context.Background(), c, network, address); err != nil {
c.Close()
return nil, err
}
return c, nil
}
func (d *Dialer) validateTarget(network, address string) error {
switch network {
case "tcp", "tcp6", "tcp4":
default:
return errors.New("network not implemented")
}
switch d.cmd {
case CmdConnect, cmdBind:
default:
return errors.New("command not implemented")
}
return nil
}
func (d *Dialer) pathAddrs(address string) (proxy, dst net.Addr, err error) {
for i, s := range []string{d.proxyAddress, address} {
host, port, err := splitHostPort(s)
if err != nil {
return nil, nil, err
}
a := &Addr{Port: port}
a.IP = net.ParseIP(host)
if a.IP == nil {
a.Name = host
}
if i == 0 {
proxy = a
} else {
dst = a
}
}
return
}
// NewDialer returns a new Dialer that dials through the provided
// proxy server's network and address.
func NewDialer(network, address string) *Dialer {
return &Dialer{proxyNetwork: network, proxyAddress: address, cmd: CmdConnect}
}
const (
authUsernamePasswordVersion = 0x01
authStatusSucceeded = 0x00
)
// UsernamePassword are the credentials for the username/password
// authentication method.
type UsernamePassword struct {
Username string
Password string
}
// Authenticate authenticates a pair of username and password with the
// proxy server.
func (up *UsernamePassword) Authenticate(ctx context.Context, rw io.ReadWriter, auth AuthMethod) error {
switch auth {
case AuthMethodNotRequired:
return nil
case AuthMethodUsernamePassword:
if len(up.Username) == 0 || len(up.Username) > 255 || len(up.Password) == 0 || len(up.Password) > 255 {
return errors.New("invalid username/password")
}
b := []byte{authUsernamePasswordVersion}
b = append(b, byte(len(up.Username)))
b = append(b, up.Username...)
b = append(b, byte(len(up.Password)))
b = append(b, up.Password...)
// TODO(mikio): handle IO deadlines and cancelation if
// necessary
if _, err := rw.Write(b); err != nil {
return err
}
if _, err := io.ReadFull(rw, b[:2]); err != nil {
return err
}
if b[0] != authUsernamePasswordVersion {
return errors.New("invalid username/password version")
}
if b[1] != authStatusSucceeded {
return errors.New("username/password authentication failed")
}
return nil
}
return errors.New("unsupported authentication method " + strconv.Itoa(int(auth)))
}

54
vendor/golang.org/x/net/proxy/dial.go

@ -0,0 +1,54 @@
// Copyright 2019 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package proxy
import (
"context"
"net"
)
// A ContextDialer dials using a context.
type ContextDialer interface {
DialContext(ctx context.Context, network, address string) (net.Conn, error)
}
// Dial works like DialContext on net.Dialer but using a dialer returned by FromEnvironment.
//
// The passed ctx is only used for returning the Conn, not the lifetime of the Conn.
//
// Custom dialers (registered via RegisterDialerType) that do not implement ContextDialer
// can leak a goroutine for as long as it takes the underlying Dialer implementation to timeout.
//
// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
func Dial(ctx context.Context, network, address string) (net.Conn, error) {
d := FromEnvironment()
if xd, ok := d.(ContextDialer); ok {
return xd.DialContext(ctx, network, address)
}
return dialContext(ctx, d, network, address)
}
// WARNING: this can leak a goroutine for as long as the underlying Dialer implementation takes to timeout
// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
func dialContext(ctx context.Context, d Dialer, network, address string) (net.Conn, error) {
var (
conn net.Conn
done = make(chan struct{}, 1)
err error
)
go func() {
conn, err = d.Dial(network, address)
close(done)
if conn != nil && ctx.Err() != nil {
conn.Close()
}
}()
select {
case <-ctx.Done():
err = ctx.Err()
case <-done:
}
return conn, err
}

31
vendor/golang.org/x/net/proxy/direct.go

@ -0,0 +1,31 @@
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package proxy
import (
"context"
"net"
)
type direct struct{}
// Direct implements Dialer by making network connections directly using net.Dial or net.DialContext.
var Direct = direct{}
var (
_ Dialer = Direct
_ ContextDialer = Direct
)
// Dial directly invokes net.Dial with the supplied parameters.
func (direct) Dial(network, addr string) (net.Conn, error) {
return net.Dial(network, addr)
}
// DialContext instantiates a net.Dialer and invokes its DialContext receiver with the supplied parameters.
func (direct) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
var d net.Dialer
return d.DialContext(ctx, network, addr)
}

155
vendor/golang.org/x/net/proxy/per_host.go

@ -0,0 +1,155 @@
// Copyright 2011 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package proxy
import (
"context"
"net"
"strings"