gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-02 03:38:42 -07:00
Code Issues Packages Projects Releases Wiki Activity

[UPDATED] golang.org/x/crypto dependency

Browse Source 
They just released some fix that is not affecting the NATS Server
but could cause some security vulnerability reports.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
This commit is contained in:
Ivan Kozlovic
2021-12-02 13:47:00 -07:00
parent 878afadcf0
commit cbfa93e4a8
17 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -10,7 +10,7 @@ require (
github.com/nats-io/nats.go v1.13.1-0.20211122170419-d7c1d78a50fc
github.com/nats-io/nkeys v0.3.0
github.com/nats-io/nuid v1.0.1
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1
)

7
go.sum
View File

@@ -23,15 +23,18 @@ github.com/nats-io/nkeys v0.3.0/go.mod h1:gvUNGjVcM2IPr5rCsRsC6Wb3Hr2CQAm08dsxtV
github.com/nats-io/nuid v1.0.1 h1:5iA8DT8V7q8WK2EScv2padNa/rTESc1KdnPw4TC2paw=
github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
golang.org/x/crypto v0.0.0-20210314154223-e6e6c4f2bb5b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e h1:gsTQYXdTw2Gq7RBsWvlQ91b+aEQ6bXFUngBGuR8sPpI=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e h1:MUP6MR3rJ7Gk9LEia0LP2ytiH6MuCfs7qYz+47jGdD8=
golang.org/x/crypto v0.0.0-20211202192323-5770296d904e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/sys v0.0.0-20190130150945-aca44879d564/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1 h1:NusfzzA6yGQ+ua51ck7E3omNUX/JuqbFSaRGqU8CcLI=
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

6
vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305.go generated vendored
View File

@@ -26,6 +26,10 @@ const (
// NonceSizeX is the size of the nonce used with the XChaCha20-Poly1305
// variant of this AEAD, in bytes.
NonceSizeX = 24
// Overhead is the size of the Poly1305 authentication tag, and the
// difference between a ciphertext length and its plaintext.
Overhead = 16
)
type chacha20poly1305 struct {
@@ -47,7 +51,7 @@ func (c *chacha20poly1305) NonceSize() int {
}
func (c *chacha20poly1305) Overhead() int {
return 16
return Overhead
}
func (c *chacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {

2
vendor/golang.org/x/crypto/chacha20poly1305/chacha20poly1305_generic.go generated vendored
View File

@@ -8,8 +8,8 @@ import (
"encoding/binary"
"golang.org/x/crypto/chacha20"
"golang.org/x/crypto/internal/poly1305"
"golang.org/x/crypto/internal/subtle"
"golang.org/x/crypto/poly1305"
)
func writeWithPadding(p *poly1305.MAC, b []byte) {

2
vendor/golang.org/x/crypto/chacha20poly1305/xchacha20poly1305.go generated vendored
View File

@@ -35,7 +35,7 @@ func (*xchacha20poly1305) NonceSize() int {
}
func (*xchacha20poly1305) Overhead() int {
return 16
return Overhead
}
func (x *xchacha20poly1305) Seal(dst, nonce, plaintext, additionalData []byte) []byte {

0
vendor/golang.org/x/crypto/poly1305/bits_compat.go → vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/bits_go1.13.go → vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/mac_noasm.go → vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go generated vendored
View File

2
vendor/golang.org/x/crypto/poly1305/poly1305.go → vendor/golang.org/x/crypto/internal/poly1305/poly1305.go generated vendored
View File

@@ -15,7 +15,7 @@
// used with a fixed key in order to generate one-time keys from an nonce.
// However, in this package AES isn't used and the one-time key is specified
// directly.
package poly1305 // import "golang.org/x/crypto/poly1305"
package poly1305
import "crypto/subtle"

0
vendor/golang.org/x/crypto/poly1305/sum_amd64.go → vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.go generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/sum_amd64.s → vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/sum_generic.go → vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/sum_ppc64le.go → vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/sum_ppc64le.s → vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s generated vendored
View File

0
vendor/golang.org/x/crypto/poly1305/sum_s390x.go → vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.go generated vendored
View File

2
vendor/golang.org/x/crypto/poly1305/sum_s390x.s → vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.s generated vendored
View File

@@ -18,7 +18,7 @@
// value. These limbs are, for the most part, zero extended and
// placed into 64-bit vector register elements. Each vector
// register is 128-bits wide and so holds 2 of these elements.
// Using 26-bit limbs allows us plenty of headroom to accomodate
// Using 26-bit limbs allows us plenty of headroom to accommodate
// accumulations before and after multiplication without
// overflowing either 32-bits (before multiplication) or 64-bits
// (after multiplication).

4
vendor/modules.txt vendored
View File

@@ -20,7 +20,7 @@ github.com/nats-io/nkeys
# github.com/nats-io/nuid v1.0.1
## explicit
github.com/nats-io/nuid
# golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
# golang.org/x/crypto v0.0.0-20211202192323-5770296d904e
## explicit
golang.org/x/crypto/bcrypt
golang.org/x/crypto/blowfish
@@ -28,9 +28,9 @@ golang.org/x/crypto/chacha20
golang.org/x/crypto/chacha20poly1305
golang.org/x/crypto/ed25519
golang.org/x/crypto/ed25519/internal/edwards25519
golang.org/x/crypto/internal/poly1305
golang.org/x/crypto/internal/subtle
golang.org/x/crypto/ocsp
golang.org/x/crypto/poly1305
# golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1
## explicit
golang.org/x/sys/cpu